You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ji...@apache.org on 2021/08/19 17:16:14 UTC
[geode] branch expireAuthentication updated (340e8c6 -> 4be645b)
This is an automated email from the ASF dual-hosted git repository.
jinmeiliao pushed a change to branch expireAuthentication
in repository https://gitbox.apache.org/repos/asf/geode.git.
omit 340e8c6 GEODE-9456, GEODE-9452: Authentication Expiration (#6721)
add 138d5b8 add 1.13.4 to old versions and set as Benchmarks baseline on develop (#6728)
add f7cc081 GEODE-9185: Add ZPOPMAX Radish command (#6726)
add d58482b GEODE-4181: Add JUnit 5 Support (#6740)
add 32e5a5f GEODE-4181: Use new includeTags property name (#6742)
add d444b02 GEODE-9492: Ignore default port test in stress tests (#6748)
add b0a4783 GEODE-9491: Fix REST API test use of ephemeral ports (#6751)
add 5a6fe75 GEODE-9483: Make StartLocatorCommandIntegrationTest not start unneeded locator (#6731)
add 7f98970 GEODE-9463: Add SerializableRegionRedundancyStatusImpl to accept list (#6753)
add 645dd08 Changing the version with ordinal 121 to be 1.13.2 (#6729)
add 81523b7 GEODE-9488: Make CqQuery test assign port (#6741)
add 08a5d41 GEODE-9494: Security Properties for HTTP Module (#6754)
add bca2aeb GEODE-9489: Adjust assertion in GeodeRedisServerStartupDUnitTest to use class instead of message
add 8aeec39 GEODE-9338: Remove strong guarantees for Radish PUBLISH command (#6704)
add 88860d0 GEODE-9409: wait for PdxRegistry before executing create region (#6743)
add 8d455b4 GEODE-9379: Implement ZREVRANGEBYSCORE (#6715)
add 9bdfd13 Revert GEODE-4181: Add JUnit 5 Support (#6762)
add 1210cbc GEODE-9493: rework sizing of RedisString, RedisHash, RedisSet, and RedisSortedSet (#6727)
add f85bc83 GEODE-8870: Remove GFE_80
add 08c660e GEODE-6588: Cleanup ClientHealthStats
add b92a0f6 GEODE-6588: Cleanup GatewayReceiverCommand
add 4f8a6ca GEODE-6588: Cleanup RegisterInterest61
add 5d69c63 GEODE-6588: Cleanup RegisterInterestList66
add def8a1f GEODE-6588: Cleanup ServerSideHandshakeImpl
add 8e097c3 GEODE-6588: Cleanup VersionedObjectList
add fe190e6 GEODE-6588: Cleanup GatewaySenderAdvisor
add d136519 GEODE-6588: Cleanup DLockService
add 7e0888b GEODE-6588: Cleanup AbstractUpdateOperation
add e109e82 GEODE-6588: Cleanup EventID
add f410b7e GEODE-6588: Cleanup FilterRoutingInfo
add 5b544ff GEODE-6588: Cleanup InitialImageOperation
add c919e3f GEODE-6588: Cleanup Connection
add f63d19e GEODE-6588: Cleanup CliFunctionResult
add a5ad625 GEODE-6588: Cleanup RegisterInterest61Test
add 0827a38 GEODE-6588: Cleanup RegisterInterestList66Test
add 0d9e4bd GEODE-8870: Removes old unused classes.
add a10a56f GEODE-9074: Added update of messageQueueSize at putting message to qu… (#6445)
add 639c5f9 Added dschneider to redis apis as codeowner (#6769)
add a1df4b3 GEODE-9490: Correctly ignore RedisProxy exceptions in NativeRedisClusterTestRule (#6745)
add ed38145 GEODE-9169: remove netty context switch (#6725)
add befc7cc GEODE-9186: Add Radish ZPOPMIN command (#6738)
add 12e0b14 GEODE-9496: Enhance the usage of newly introduced system property (#6756)
add 6e7110f GEODE-8870: Removes GFE_8009
add 2a321cf GEODE-9500: clear deltaInfo even if delta not distributed
add 7835dc6 GEODE-9184: Add Radish ZLEXCOUNT command (#6735)
new 4be645b GEODE-9456, GEODE-9452: Authentication Expiration (#6721)
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (340e8c6)
\
N -- N -- N refs/heads/expireAuthentication (4be645b)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
CODEOWNERS | 2 +-
NOTICE | 4 +
.../src/test/resources/expected-pom.xml | 2 +-
.../gradle/plugins/DependencyConstraints.groovy | 2 +-
ci/pipelines/shared/jinja.variables.yml | 2 +-
.../modules/session/bootstrap/AbstractCache.java | 24 +-
.../session/bootstrap/AbstractCacheTest.java | 62 +
.../session/bootstrap/ClientServerCacheTest.java | 17 +-
.../session/bootstrap/PeerToPeerCacheTest.java | 17 +-
.../redis/GeodeRedisServerStartupDUnitTest.java | 6 +-
.../pubsub/PubSubNativeRedisAcceptanceTest.java | 19 +-
.../ZLexCountNativeRedisAcceptanceTest.java} | 15 +-
.../ZPopMaxNativeRedisAcceptanceTest.java} | 17 +-
.../ZPopMinNativeRedisAcceptanceTest.java} | 17 +-
...ZRevRangeByScoreNativeRedisAcceptanceTest.java} | 17 +-
.../resources/0001-configure-redis-tests.patch | 411 +------
.../geode/redis/NativeRedisClusterTestRule.java | 3 +-
.../apache/geode/redis/mocks/MockSubscriber.java | 31 +
.../internal/executor/key/RenameDUnitTest.java | 8 +-
.../internal/executor/pubsub/PubSubDUnitTest.java | 64 +-
.../AbstractCommandPipeliningIntegrationTest.java | 13 +-
.../executor/connection/QuitIntegrationTest.java | 2 +-
.../hash/MemoryOverheadIntegrationTest.java | 2 +-
.../key/AbstractRenameIntegrationTest.java | 18 +-
.../AbstractLettucePubSubIntegrationTest.java | 5 +-
.../pubsub/AbstractPubSubIntegrationTest.java | 142 ++-
.../server/AbstractHitsMissesIntegrationTest.java | 22 +-
.../AbstractZLexCountIntegrationTest.java | 247 ++++
.../sortedset/AbstractZPopMaxIntegrationTest.java | 163 +++
.../sortedset/AbstractZPopMinIntegrationTest.java | 176 +++
.../AbstractZRangeByScoreIntegrationTest.java | 13 +-
.../AbstractZRevRangeByScoreIntegrationTest.java | 388 +++++++
.../sortedset/ZLexCountIntegrationTest.java} | 13 +-
.../sortedset/ZPopMaxIntegrationTest.java} | 12 +-
.../sortedset/ZPopMinIntegrationTest.java} | 12 +-
.../ZRevRangeByScoreIntegrationTest.java} | 13 +-
.../geode/redis/mocks/DummySubscription.java | 4 +-
.../apache/geode/codeAnalysis/excludedClasses.txt | 4 +
.../codeAnalysis/sanctionedDataSerializables.txt | 6 +-
...orBenchmark.java => RedisHashMapBenchmark.java} | 10 +-
.../geode/redis/internal/GeodeRedisServer.java | 18 +-
.../geode/redis/internal/RedisCommandType.java | 10 +
.../geode/redis/internal/RegionProvider.java | 12 +-
.../internal/collections/OrderStatisticsTree.java | 39 +-
...leObject2ObjectOpenCustomHashMapWithCursor.java | 45 +-
.../SizeableObjectOpenCustomHashSet.java | 36 +-
.../redis/internal/data/AbstractRedisData.java | 18 +-
.../redis/internal/data/NullRedisSortedSet.java | 40 +-
.../geode/redis/internal/data/RedisHash.java | 47 +-
.../apache/geode/redis/internal/data/RedisSet.java | 39 +-
.../geode/redis/internal/data/RedisSortedSet.java | 235 ++--
.../RedisSortedSetCommandsFunctionExecutor.java | 25 +
.../geode/redis/internal/data/RedisString.java | 15 +-
.../internal/executor/connection/PingExecutor.java | 2 -
.../internal/executor/connection/QuitExecutor.java | 2 -
.../executor/pubsub/PsubscribeExecutor.java | 23 +-
.../internal/executor/pubsub/PublishExecutor.java | 2 +-
.../executor/pubsub/PunsubscribeExecutor.java | 2 -
.../executor/pubsub/SubscribeExecutor.java | 23 +-
.../executor/pubsub/UnsubscribeExecutor.java | 2 -
.../sortedset/AbstractSortedSetRangeOptions.java | 55 +-
...ountExecutor.java => AbstractZPopExecutor.java} | 38 +-
...tor.java => AbstractZRangeByScoreExecutor.java} | 52 +-
.../executor/sortedset/RedisSortedSetCommands.java | 10 +
.../sortedset/SortedSetLexRangeOptions.java | 88 +-
.../sortedset/SortedSetScoreRangeOptions.java | 40 +-
.../executor/sortedset/ZCountExecutor.java | 2 +-
...{ZCountExecutor.java => ZLexCountExecutor.java} | 22 +-
.../executor/sortedset/ZPopMaxExecutor.java} | 14 +-
.../executor/sortedset/ZPopMinExecutor.java} | 14 +-
.../executor/sortedset/ZRangeByLexExecutor.java | 2 +-
.../executor/sortedset/ZRangeByScoreExecutor.java | 63 +-
.../ZRevRangeByScoreExecutor.java} | 19 +-
.../internal/netty/ExecutionHandlerContext.java | 108 +-
.../redis/internal/netty/NettyRedisServer.java | 17 +-
.../internal/pubsub/AbstractSubscription.java | 38 +-
.../apache/geode/redis/internal/pubsub/PubSub.java | 15 +-
.../geode/redis/internal/pubsub/PubSubImpl.java | 94 +-
.../geode/redis/internal/pubsub/Subscription.java | 6 +-
.../redis/internal/services/StripedCallable.java | 30 +
.../StripedCoordinator.java} | 8 +-
.../internal/services/StripedExecutorService.java | 509 ++++++++
.../redis/internal/services/StripedObject.java | 31 +
.../redis/internal/services/StripedRunnable.java | 28 +
.../SynchronizedStripedCoordinator.java} | 11 +-
.../redis/internal/SupportedCommandsJUnitTest.java | 4 +
.../collections/OrderStatisticsTreeTest.java | 45 +-
.../OrderedStatisticTreeQuickCheckTest.java | 1 +
...tOpenCustomHashMapWithCursorQuickCheckTest.java | 24 +-
...ject2ObjectOpenCustomHashMapWithCursorTest.java | 175 ++-
.../SizeableObjectOpenCustomHashSetTest.java | 123 +-
.../geode/redis/internal/data/RedisHashTest.java | 82 +-
.../geode/redis/internal/data/RedisSetTest.java | 107 +-
.../redis/internal/data/RedisSortedSetTest.java | 370 +++++-
.../geode/redis/internal/data/RedisStringTest.java | 88 +-
...ava => SynchronizedStripedCoordinatorTest.java} | 9 +-
.../redis/internal/pubsub/PubSubImplJUnitTest.java | 11 +-
.../services/StripedExecutorServiceJUnitTest.java | 325 ++++++
.../rest/RestoreRedundancyManagementDUnitTest.java | 58 +-
.../StartLocatorCommandIntegrationTest.java | 16 +-
.../integrationTest/resources/assembly_content.txt | 2 +-
.../resources/dependency_classpath.txt | 2 +-
.../web/controllers/RestAPICompatibilityTest.java | 17 +-
.../cache30/MemLRUEvictionControllerDUnitTest.java | 18 +-
.../DistributedLockServiceDUnitTest.java | 4 +-
.../geode/internal/cache/MapClearGIIDUnitTest.java | 36 +-
.../eviction/EvictionObjectSizerDUnitTest.java | 12 +-
.../cache/tier/sockets/CacheClientProxyTest.java | 61 +
.../LockServiceMBeanAuthorizationJUnitTest.java | 2 +-
.../codeAnalysis/sanctionedDataSerializables.txt | 39 +-
.../client/internal/ClientSideHandshakeImpl.java | 6 +-
.../geode/cache/client/internal/QueryOp.java | 8 +-
.../geode/distributed/DistributedLockService.java | 3 +-
.../distributed/internal/locks/DLockService.java | 653 +++++------
.../org/apache/geode/internal/DSFIDFactory.java | 4 -
.../org/apache/geode/internal/JvmSizeUtils.java | 57 +
.../internal/admin/remote/ClientHealthStats.java | 84 +-
.../internal/cache/AbstractUpdateOperation.java | 66 +-
.../apache/geode/internal/cache/BucketAdvisor.java | 3 +-
.../internal/cache/CacheDistributionAdvisor.java | 34 +-
.../apache/geode/internal/cache/CacheObserver.java | 34 +-
.../geode/internal/cache/CacheObserverAdapter.java | 93 +-
.../apache/geode/internal/cache/DiskInitFile.java | 9 +-
.../apache/geode/internal/cache/DiskStoreImpl.java | 4 +-
.../internal/cache/DistributedCacheOperation.java | 387 +++----
.../geode/internal/cache/DistributedRegion.java | 2 +-
.../org/apache/geode/internal/cache/EventID.java | 188 ++-
.../geode/internal/cache/FilterRoutingInfo.java | 56 +-
.../geode/internal/cache/GemFireCacheImpl.java | 4 +-
.../internal/cache/InitialImageOperation.java | 1220 +++++++++-----------
.../geode/internal/cache/PartitionedRegion.java | 9 -
.../SerializableRegionRedundancyStatusImpl.java | 4 +-
.../entries/AbstractOplogDiskRegionEntry.java | 4 +-
.../cache/entries/AbstractRegionEntry.java | 2 +-
.../geode/internal/cache/entries/DiskEntry.java | 168 ++-
.../cache/execute/FunctionRemoteContext.java | 4 +-
.../internal/cache/locks/TXLockServiceImpl.java | 3 +-
.../geode/internal/cache/tier/Encryptor.java | 3 +
.../internal/cache/tier/ServerSideHandshake.java | 1 +
.../internal/cache/tier/sockets/BaseCommand.java | 6 +-
.../cache/tier/sockets/CacheClientProxyStats.java | 70 +-
.../cache/tier/sockets/CommandInitializer.java | 2 +-
.../cache/tier/sockets/MessageDispatcher.java | 7 +
.../cache/tier/sockets/ObjectPartList.java | 117 +-
.../cache/tier/sockets/ObjectPartList651.java | 153 ---
.../tier/sockets/SerializedObjectPartList.java | 127 --
.../tier/sockets/ServerSideHandshakeImpl.java | 8 +-
.../cache/tier/sockets/VersionedObjectList.java | 250 ++--
.../cache/tier/sockets/command/ClearRegion.java | 4 +-
.../cache/tier/sockets/command/Destroy70.java | 4 +-
.../cache/tier/sockets/command/DestroyRegion.java | 4 +-
.../tier/sockets/command/ExecuteFunction70.java | 4 +-
.../sockets/command/ExecuteRegionFunction66.java | 3 +-
.../command/ExecuteRegionFunctionSingleHop.java | 4 +-
.../sockets/command/GatewayReceiverCommand.java | 108 +-
.../cache/tier/sockets/command/Invalidate70.java | 4 +-
.../internal/cache/tier/sockets/command/Put70.java | 4 +-
.../cache/tier/sockets/command/PutAll80.java | 4 +-
.../sockets/command/RegisterDataSerializers.java | 4 +-
.../sockets/command/RegisterInstantiators.java | 4 +-
.../tier/sockets/command/RegisterInterest61.java | 13 +-
.../sockets/command/RegisterInterestList66.java | 19 +-
.../cache/tier/sockets/command/RemoveAll.java | 4 +-
.../internal/cache/wan/GatewayReceiverStats.java | 124 +-
.../internal/cache/wan/GatewaySenderAdvisor.java | 265 ++---
.../geode/internal/lang/SystemPropertyHelper.java | 12 +
.../internal/size/ReflectionSingleObjectSizer.java | 13 +-
.../geode/internal/size/WellKnownClassSizer.java | 8 +-
.../org/apache/geode/internal/tcp/Connection.java | 59 +-
.../geode/internal/tcp/DirectReplySender.java | 20 +-
.../org/apache/geode/internal/tcp/MsgStreamer.java | 337 +++---
.../geode/internal/tcp/VersionedMsgStreamer.java | 13 +-
.../internal/functions/CliFunctionResult.java | 120 +-
.../geode/pdx/internal/PeerTypeRegistration.java | 3 +-
.../sanctioned-geode-core-serializables.txt | 2 +
.../cache/DistributedCacheOperationTest.java | 11 +-
.../cache/ha/EventIdOptimizationJUnitTest.java | 4 +-
.../sockets/command/RegisterInterest61Test.java | 103 +-
.../command/RegisterInterestList66Test.java | 117 +-
.../internal/lang/SystemPropertyHelperTest.java | 11 +
.../cache/query/cq/dunit/CqQueryDUnitTest.java | 2 +-
.../query/cq/dunit/CqQueryUsingPoolDUnitTest.java | 2 +-
geode-docs/reference/statistics_list.html.md.erb | 1 +
.../cli/functions/RegionCreateFunction.java | 16 +-
.../functions/RegionCreateFunctionJUnitTest.java | 56 +-
.../junit/categories/IgnoreInRepeatTestTasks.java | 23 +-
.../org/apache/geode/cache/util/AutoBalancer.java | 2 +-
.../serialization/DataSerializableFixedID.java | 27 +-
.../geode/internal/serialization/KnownVersion.java | 25 +-
.../serialization/KnownVersionJUnitTest.java | 8 +-
settings.gradle | 3 +-
191 files changed, 6147 insertions(+), 4865 deletions(-)
create mode 100644 extensions/geode-modules/src/test/java/org/apache/geode/modules/session/bootstrap/AbstractCacheTest.java
copy geode-core/src/main/java/org/apache/geode/internal/cache/tier/Encryptor.java => extensions/geode-modules/src/test/java/org/apache/geode/modules/session/bootstrap/ClientServerCacheTest.java (73%)
copy geode-core/src/main/java/org/apache/geode/internal/cache/tier/Encryptor.java => extensions/geode-modules/src/test/java/org/apache/geode/modules/session/bootstrap/PeerToPeerCacheTest.java (73%)
rename geode-apis-compatible-with-redis/src/{distributedTest => acceptanceTest}/java/org/apache/geode/redis/GeodeRedisServerStartupDUnitTest.java (95%)
copy geode-apis-compatible-with-redis/src/acceptanceTest/java/org/apache/geode/redis/internal/executor/{pubsub/PubSubNativeRedisAcceptanceTest.java => sortedset/ZLexCountNativeRedisAcceptanceTest.java} (68%)
copy geode-apis-compatible-with-redis/src/acceptanceTest/java/org/apache/geode/redis/internal/executor/{pubsub/PubSubNativeRedisAcceptanceTest.java => sortedset/ZPopMaxNativeRedisAcceptanceTest.java} (68%)
mode change 100644 => 100755
copy geode-apis-compatible-with-redis/src/acceptanceTest/java/org/apache/geode/redis/internal/executor/{pubsub/PubSubNativeRedisAcceptanceTest.java => sortedset/ZPopMinNativeRedisAcceptanceTest.java} (68%)
mode change 100644 => 100755
copy geode-apis-compatible-with-redis/src/acceptanceTest/java/org/apache/geode/redis/internal/executor/{pubsub/PubSubNativeRedisAcceptanceTest.java => sortedset/ZRevRangeByScoreNativeRedisAcceptanceTest.java} (67%)
create mode 100644 geode-apis-compatible-with-redis/src/integrationTest/java/org/apache/geode/redis/internal/executor/sortedset/AbstractZLexCountIntegrationTest.java
create mode 100755 geode-apis-compatible-with-redis/src/integrationTest/java/org/apache/geode/redis/internal/executor/sortedset/AbstractZPopMaxIntegrationTest.java
create mode 100755 geode-apis-compatible-with-redis/src/integrationTest/java/org/apache/geode/redis/internal/executor/sortedset/AbstractZPopMinIntegrationTest.java
create mode 100644 geode-apis-compatible-with-redis/src/integrationTest/java/org/apache/geode/redis/internal/executor/sortedset/AbstractZRevRangeByScoreIntegrationTest.java
copy geode-apis-compatible-with-redis/src/{acceptanceTest/java/org/apache/geode/redis/internal/executor/pubsub/PubSubNativeRedisAcceptanceTest.java => integrationTest/java/org/apache/geode/redis/internal/executor/sortedset/ZLexCountIntegrationTest.java} (74%)
copy geode-apis-compatible-with-redis/src/{acceptanceTest/java/org/apache/geode/redis/internal/executor/pubsub/PubSubNativeRedisAcceptanceTest.java => integrationTest/java/org/apache/geode/redis/internal/executor/sortedset/ZPopMaxIntegrationTest.java} (75%)
mode change 100644 => 100755
copy geode-apis-compatible-with-redis/src/{acceptanceTest/java/org/apache/geode/redis/internal/executor/pubsub/PubSubNativeRedisAcceptanceTest.java => integrationTest/java/org/apache/geode/redis/internal/executor/sortedset/ZPopMinIntegrationTest.java} (75%)
mode change 100644 => 100755
copy geode-apis-compatible-with-redis/src/{acceptanceTest/java/org/apache/geode/redis/internal/executor/pubsub/PubSubNativeRedisAcceptanceTest.java => integrationTest/java/org/apache/geode/redis/internal/executor/sortedset/ZRevRangeByScoreIntegrationTest.java} (73%)
rename geode-apis-compatible-with-redis/src/jmh/java/org/apache/geode/redis/internal/collections/{SizeableObject2ObjectOpenCustomHashmapWithCursorBenchmark.java => RedisHashMapBenchmark.java} (86%)
copy geode-apis-compatible-with-redis/src/main/java/org/apache/geode/redis/internal/executor/sortedset/{ZCountExecutor.java => AbstractZPopExecutor.java} (60%)
copy geode-apis-compatible-with-redis/src/main/java/org/apache/geode/redis/internal/executor/sortedset/{ZRangeByScoreExecutor.java => AbstractZRangeByScoreExecutor.java} (60%)
copy geode-apis-compatible-with-redis/src/main/java/org/apache/geode/redis/internal/executor/sortedset/{ZCountExecutor.java => ZLexCountExecutor.java} (70%)
copy geode-apis-compatible-with-redis/src/{acceptanceTest/java/org/apache/geode/redis/internal/executor/pubsub/PubSubNativeRedisAcceptanceTest.java => main/java/org/apache/geode/redis/internal/executor/sortedset/ZPopMaxExecutor.java} (69%)
copy geode-apis-compatible-with-redis/src/{acceptanceTest/java/org/apache/geode/redis/internal/executor/pubsub/PubSubNativeRedisAcceptanceTest.java => main/java/org/apache/geode/redis/internal/executor/sortedset/ZPopMinExecutor.java} (69%)
copy geode-apis-compatible-with-redis/src/main/java/org/apache/geode/redis/internal/executor/{connection/QuitExecutor.java => sortedset/ZRevRangeByScoreExecutor.java} (74%)
mode change 100755 => 100644
create mode 100644 geode-apis-compatible-with-redis/src/main/java/org/apache/geode/redis/internal/services/StripedCallable.java
rename geode-apis-compatible-with-redis/src/main/java/org/apache/geode/redis/internal/{executor/StripedExecutor.java => services/StripedCoordinator.java} (91%)
create mode 100644 geode-apis-compatible-with-redis/src/main/java/org/apache/geode/redis/internal/services/StripedExecutorService.java
create mode 100644 geode-apis-compatible-with-redis/src/main/java/org/apache/geode/redis/internal/services/StripedObject.java
create mode 100644 geode-apis-compatible-with-redis/src/main/java/org/apache/geode/redis/internal/services/StripedRunnable.java
rename geode-apis-compatible-with-redis/src/main/java/org/apache/geode/redis/internal/{executor/SynchronizedStripedExecutor.java => services/SynchronizedStripedCoordinator.java} (86%)
rename geode-apis-compatible-with-redis/src/test/java/org/apache/geode/redis/internal/executor/{SynchronizedStripedExecutorTest.java => SynchronizedStripedCoordinatorTest.java} (81%)
create mode 100644 geode-apis-compatible-with-redis/src/test/java/org/apache/geode/redis/internal/services/StripedExecutorServiceJUnitTest.java
delete mode 100644 geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ObjectPartList651.java
delete mode 100644 geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/SerializedObjectPartList.java
rename geode-apis-compatible-with-redis/src/main/java/org/apache/geode/redis/internal/data/SizeableObjectSizer.java => geode-junit/src/main/java/org/apache/geode/test/junit/categories/IgnoreInRepeatTestTasks.java (50%)
[geode] 01/01: GEODE-9456,
GEODE-9452: Authentication Expiration (#6721)
Posted by ji...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
jinmeiliao pushed a commit to branch expireAuthentication
in repository https://gitbox.apache.org/repos/asf/geode.git
commit 4be645bccc9fed0fe8e796b0f9a9d3ff2437afff
Author: Jinmei Liao <ji...@pivotal.io>
AuthorDate: Fri Jul 30 12:33:54 2021 -0700
GEODE-9456, GEODE-9452: Authentication Expiration (#6721)
* Add tests and throw AuthenticationExpiredException
Co-authored-by: Joris Melchior <jo...@gmail.com>
---
.../integrationTest/resources/assembly_content.txt | 5 +-
geode-core/build.gradle | 2 +-
.../SecurityWithExpirationIntegrationTest.java | 66 ++++++++++++
geode-core/src/integrationTest/resources/shiro.ini | 40 ++++++++
.../cache/client/internal/OpExecutorImpl.java | 8 +-
.../cache/tier/sockets/ServerConnection.java | 6 +-
.../security/AuthenticationExpiredException.java | 32 ++++++
.../org/apache/geode/security/SecurityManager.java | 5 +-
.../sanctioned-geode-core-serializables.txt | 2 +-
.../geode/security/AuthExpirationDUnitTest.java | 112 +++++++++++++++++++++
.../geode/security/ExpirableSecurityManager.java | 56 +++++++++++
.../security/UpdatableUserAuthInitialize.java | 54 ++++++++++
.../gemstone/gemfire/OldClientSupportProvider.java | 16 ++-
13 files changed, 394 insertions(+), 10 deletions(-)
diff --git a/geode-assembly/src/integrationTest/resources/assembly_content.txt b/geode-assembly/src/integrationTest/resources/assembly_content.txt
index 27e3873..3de26d4 100644
--- a/geode-assembly/src/integrationTest/resources/assembly_content.txt
+++ b/geode-assembly/src/integrationTest/resources/assembly_content.txt
@@ -929,6 +929,7 @@ javadoc/org/apache/geode/ra/package-tree.html
javadoc/org/apache/geode/security/AccessControl.html
javadoc/org/apache/geode/security/AuthInitialize.html
javadoc/org/apache/geode/security/AuthTokenEnabledComponents.html
+javadoc/org/apache/geode/security/AuthenticationExpiredException.html
javadoc/org/apache/geode/security/AuthenticationFailedException.html
javadoc/org/apache/geode/security/AuthenticationRequiredException.html
javadoc/org/apache/geode/security/Authenticator.html
@@ -975,11 +976,12 @@ lib/commons-lang3-3.12.0.jar
lib/commons-logging-1.2.jar
lib/commons-modeler-2.0.1.jar
lib/commons-validator-1.7.jar
+lib/fastutil-8.5.4.jar
lib/fastutil-core-8.5.4.jar
lib/fastutil-extra-8.5.4.jar
-lib/fastutil-8.5.4.jar
lib/findbugs-annotations-1.3.9-1.jar
lib/geo-0.7.7.jar
+lib/geode-apis-compatible-with-redis-0.0.0.jar
lib/geode-common-0.0.0.jar
lib/geode-connectors-0.0.0.jar
lib/geode-core-0.0.0.jar
@@ -997,7 +999,6 @@ lib/geode-membership-0.0.0.jar
lib/geode-memcached-0.0.0.jar
lib/geode-old-client-support-0.0.0.jar
lib/geode-rebalancer-0.0.0.jar
-lib/geode-apis-compatible-with-redis-0.0.0.jar
lib/geode-serialization-0.0.0.jar
lib/geode-tcp-server-0.0.0.jar
lib/geode-unsafe-0.0.0.jar
diff --git a/geode-core/build.gradle b/geode-core/build.gradle
index ecb51b7..8035775 100755
--- a/geode-core/build.gradle
+++ b/geode-core/build.gradle
@@ -387,7 +387,7 @@ dependencies {
upgradeTestRuntimeOnly(project(path: ':geode-old-versions', configuration: 'classpathsOutput'))
upgradeTestRuntimeOnly(project(':geode-log4j'))
-
+ upgradeTestRuntimeOnly(project(':geode-old-client-support'))
performanceTestImplementation(project(':geode-junit')) {
exclude module: 'geode-core'
diff --git a/geode-core/src/integrationTest/java/org/apache/geode/management/internal/security/SecurityWithExpirationIntegrationTest.java b/geode-core/src/integrationTest/java/org/apache/geode/management/internal/security/SecurityWithExpirationIntegrationTest.java
new file mode 100644
index 0000000..cb0a24f
--- /dev/null
+++ b/geode-core/src/integrationTest/java/org/apache/geode/management/internal/security/SecurityWithExpirationIntegrationTest.java
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.management.internal.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static org.assertj.core.api.Assertions.assertThatThrownBy;
+
+import java.util.Properties;
+
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import org.apache.geode.internal.security.SecurityService;
+import org.apache.geode.internal.security.SecurityServiceFactory;
+import org.apache.geode.security.AuthenticationExpiredException;
+import org.apache.geode.security.ExpirableSecurityManager;
+import org.apache.geode.test.junit.categories.SecurityTest;
+
+@Category({SecurityTest.class})
+public class SecurityWithExpirationIntegrationTest {
+
+ protected Properties props = new Properties();
+
+ protected SecurityService securityService;
+
+ @Before
+ public void before() throws Exception {
+ props.setProperty(SECURITY_MANAGER, ExpirableSecurityManager.class.getName());
+ securityService = SecurityServiceFactory.create(this.props);
+ }
+
+ @After
+ public void after() throws Exception {
+ securityService.logout();
+ ExpirableSecurityManager.reset();
+ }
+
+ @Test
+ public void testThrowAuthenticationExpiredException() {
+ ExpirableSecurityManager.addExpiredUser("data");
+ this.securityService.login(loginCredentials("data", "data"));
+ assertThatThrownBy(() -> this.securityService.authorize(ResourcePermissions.DATA_READ))
+ .isInstanceOf(AuthenticationExpiredException.class);
+ }
+
+ private Properties loginCredentials(String username, String password) {
+ Properties credentials = new Properties();
+ credentials.put(ResourceConstants.USER_NAME, username);
+ credentials.put(ResourceConstants.PASSWORD, password);
+ return credentials;
+ }
+}
diff --git a/geode-core/src/integrationTest/resources/shiro.ini b/geode-core/src/integrationTest/resources/shiro.ini
new file mode 100644
index 0000000..a9746a5
--- /dev/null
+++ b/geode-core/src/integrationTest/resources/shiro.ini
@@ -0,0 +1,40 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# the users and roles in this file needs to be kept in sync with shiro.ini
+# since they are used by the same test to test ShiroUtil
+# -----------------------------------------------------------------------------
+# Users and their (optional) assigned roles
+# username = password, role1, role2, ..., roleN
+# -----------------------------------------------------------------------------
+[users]
+root = secret, admin
+guest = guest, guest
+regionAReader = password, readRegionA
+regionAUser = password, useRegionA
+dataReader = 12345, readData
+reader = 12345, readAll
+
+# -----------------------------------------------------------------------------
+# Roles with assigned permissions
+# roleName = perm1, perm2, ..., permN
+# -----------------------------------------------------------------------------
+[roles]
+admin = *
+guest = none
+readRegionA = DATA:READ:RegionA
+useRegionA = *:*:RegionA
+readData = DATA:READ
+readAll = *:READ
\ No newline at end of file
diff --git a/geode-core/src/main/java/org/apache/geode/cache/client/internal/OpExecutorImpl.java b/geode-core/src/main/java/org/apache/geode/cache/client/internal/OpExecutorImpl.java
index 69fb338..c5fe32a 100644
--- a/geode-core/src/main/java/org/apache/geode/cache/client/internal/OpExecutorImpl.java
+++ b/geode-core/src/main/java/org/apache/geode/cache/client/internal/OpExecutorImpl.java
@@ -15,6 +15,8 @@
package org.apache.geode.cache.client.internal;
+import static org.apache.geode.internal.cache.tier.sockets.ServerConnection.USER_NOT_FOUND;
+
import java.io.IOException;
import java.io.NotSerializableException;
import java.net.SocketException;
@@ -59,6 +61,7 @@ import org.apache.geode.internal.cache.tier.sockets.MessageTooLargeException;
import org.apache.geode.internal.cache.wan.BatchException70;
import org.apache.geode.internal.logging.log4j.LogMarker;
import org.apache.geode.logging.internal.log4j.api.LogService;
+import org.apache.geode.security.AuthenticationExpiredException;
import org.apache.geode.security.AuthenticationRequiredException;
import org.apache.geode.security.GemFireSecurityException;
import org.apache.geode.util.internal.GeodeGlossary;
@@ -740,8 +743,9 @@ public class OpExecutorImpl implements ExecutablePool {
} catch (final ServerConnectivityException sce) {
final Throwable cause = sce.getCause();
if ((cause instanceof AuthenticationRequiredException
- && "User authorization attributes not found.".equals(cause.getMessage()))
- || sce.getMessage().contains("Connection error while authenticating user")) {
+ && USER_NOT_FOUND.equals(cause.getMessage()))
+ || sce.getMessage().contains("Connection error while authenticating user")
+ || cause instanceof AuthenticationExpiredException) {
// 2nd exception-message above is from AbstractOp.sendMessage()
if (pool.getMultiuserAuthentication()) {
diff --git a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnection.java b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnection.java
index 8ee4993..5435f9b 100644
--- a/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnection.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ServerConnection.java
@@ -100,6 +100,8 @@ public class ServerConnection implements Runnable {
private static final String DISALLOW_INTERNAL_MESSAGES_WITHOUT_CREDENTIALS_NAME =
"geode.disallow-internal-messages-without-credentials";
+ public static final String USER_NOT_FOUND = "User authorization attributes not found.";
+
/**
* When true requires some formerly credential-less messages to carry credentials. See GEODE-3249
* and ServerConnection.isInternalMessage()
@@ -1774,7 +1776,7 @@ public class ServerConnection implements Runnable {
logger.debug("Unexpected exception {}", npe.toString());
}
if (uaa == null) {
- throw new AuthenticationRequiredException("User authorization attributes not found.");
+ throw new AuthenticationRequiredException(USER_NOT_FOUND);
}
return uaa;
}
@@ -1818,7 +1820,7 @@ public class ServerConnection implements Runnable {
logger.debug("Unexpected exception", npe);
}
if (uaa == null) {
- throw new AuthenticationRequiredException("User authorization attributes not found.");
+ throw new AuthenticationRequiredException(USER_NOT_FOUND);
}
return uaa.getPostAuthzRequest();
diff --git a/geode-core/src/main/java/org/apache/geode/security/AuthenticationExpiredException.java b/geode-core/src/main/java/org/apache/geode/security/AuthenticationExpiredException.java
new file mode 100644
index 0000000..d4ec79d
--- /dev/null
+++ b/geode-core/src/main/java/org/apache/geode/security/AuthenticationExpiredException.java
@@ -0,0 +1,32 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package org.apache.geode.security;
+
+/**
+ * This exception is thrown by the SecurityManager's authorize method to indicate that the
+ * authentication has expired.
+ */
+public class AuthenticationExpiredException extends GemFireSecurityException {
+ private static final long serialVersionUID = 1771792091260325297L;
+
+ public AuthenticationExpiredException(String message) {
+ super(message);
+ }
+
+ public AuthenticationExpiredException(String message, Throwable cause) {
+ super(message, cause);
+ }
+}
diff --git a/geode-core/src/main/java/org/apache/geode/security/SecurityManager.java b/geode-core/src/main/java/org/apache/geode/security/SecurityManager.java
index 301b3d5..7487d5f 100644
--- a/geode-core/src/main/java/org/apache/geode/security/SecurityManager.java
+++ b/geode-core/src/main/java/org/apache/geode/security/SecurityManager.java
@@ -74,8 +74,11 @@ public interface SecurityManager {
* @param principal The principal that's requesting the permission
* @param permission The permission requested
* @return true if authorized, false if not
+ *
+ * @throw AuthenticationExpiredException if the principal has expired.
*/
- default boolean authorize(Object principal, ResourcePermission permission) {
+ default boolean authorize(Object principal, ResourcePermission permission)
+ throws AuthenticationExpiredException {
return true;
}
diff --git a/geode-core/src/main/resources/org/apache/geode/internal/sanctioned-geode-core-serializables.txt b/geode-core/src/main/resources/org/apache/geode/internal/sanctioned-geode-core-serializables.txt
index 1953b1d..fd5f65f 100644
--- a/geode-core/src/main/resources/org/apache/geode/internal/sanctioned-geode-core-serializables.txt
+++ b/geode-core/src/main/resources/org/apache/geode/internal/sanctioned-geode-core-serializables.txt
@@ -464,7 +464,6 @@ org/apache/geode/management/internal/functions/RebalanceFunction,true,1
org/apache/geode/management/internal/functions/RestoreRedundancyFunction,true,-8991672237560920252
org/apache/geode/management/internal/operation/OperationState,true,8212319653561969588,locator:java/lang/String,opId:java/lang/String,operation:org/apache/geode/management/api/ClusterManagementOperation,operationEnd:java/util/Date,operationStart:java/util/Date,result:org/apache/geode/management/runtime/OperationResult,throwable:java/lang/Throwable
org/apache/geode/management/internal/web/domain/QueryParameterSource,true,34131123582155,objectName:javax/management/ObjectName,queryExpression:javax/management/QueryExp
-org/apache/geode/management/internal/web/shell/MBeanAccessException,true,813768898269516238
org/apache/geode/pdx/FieldType,false,defaultSerializedValue:java/nio/ByteBuffer,defaultValue:java/lang/Object,isFixedWidth:boolean,name:java/lang/String,width:int
org/apache/geode/pdx/JSONFormatter$states,false
org/apache/geode/pdx/JSONFormatterException,true,1
@@ -480,6 +479,7 @@ org/apache/geode/pdx/internal/EnumInfo$PdxInstanceEnumInfo,true,7907582104525106
org/apache/geode/pdx/internal/PdxInputStream,false
org/apache/geode/pdx/internal/PdxReaderImpl,true,-6094553093860427759,blobType:org/apache/geode/pdx/internal/PdxType,dis:org/apache/geode/pdx/internal/PdxInputStream
org/apache/geode/security/AuthTokenEnabledComponents,false
+org/apache/geode/security/AuthenticationExpiredException,true,1771792091260325297
org/apache/geode/security/AuthenticationFailedException,true,-8202866472279088879
org/apache/geode/security/AuthenticationRequiredException,true,4675976651103154919
org/apache/geode/security/GemFireSecurityException,true,3814254578203076926,cause:java/lang/Throwable
diff --git a/geode-core/src/upgradeTest/java/org/apache/geode/security/AuthExpirationDUnitTest.java b/geode-core/src/upgradeTest/java/org/apache/geode/security/AuthExpirationDUnitTest.java
new file mode 100644
index 0000000..117cc77
--- /dev/null
+++ b/geode-core/src/upgradeTest/java/org/apache/geode/security/AuthExpirationDUnitTest.java
@@ -0,0 +1,112 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.geode.security;
+
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_CLIENT_AUTH_INIT;
+import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
+import static org.apache.geode.test.version.VersionManager.CURRENT_VERSION;
+import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
+
+import java.util.Arrays;
+import java.util.Collection;
+
+import org.junit.After;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.contrib.java.lang.system.RestoreSystemProperties;
+import org.junit.experimental.categories.Category;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+
+import org.apache.geode.cache.Region;
+import org.apache.geode.cache.RegionShortcut;
+import org.apache.geode.cache.client.ClientCache;
+import org.apache.geode.cache.client.ClientRegionFactory;
+import org.apache.geode.cache.client.ClientRegionShortcut;
+import org.apache.geode.test.dunit.rules.ClientVM;
+import org.apache.geode.test.dunit.rules.ClusterStartupRule;
+import org.apache.geode.test.junit.categories.SecurityTest;
+import org.apache.geode.test.junit.rules.ServerStarterRule;
+import org.apache.geode.test.junit.runners.CategoryWithParameterizedRunnerFactory;
+
+@Category({SecurityTest.class})
+@RunWith(Parameterized.class)
+@Parameterized.UseParametersRunnerFactory(CategoryWithParameterizedRunnerFactory.class)
+public class AuthExpirationDUnitTest {
+
+ @Parameterized.Parameter
+ public String clientVersion;
+
+ @Parameterized.Parameters(name = "{0}")
+ public static Collection<String> data() {
+ // only test the current version and the latest released version
+ return Arrays.asList(CURRENT_VERSION, "1.13.3");
+ }
+
+ @Rule
+ public ClusterStartupRule lsRule = new ClusterStartupRule();
+
+
+ @Rule
+ public RestoreSystemProperties restore = new RestoreSystemProperties();
+
+ @Rule
+ public ServerStarterRule server = new ServerStarterRule()
+ .withProperty(SECURITY_MANAGER, ExpirableSecurityManager.class.getName())
+ .withRegion(RegionShortcut.REPLICATE, "region");
+
+ @After
+ public void after() {
+ // make sure after each test, the values of the ExpirationManager are reset
+ ExpirableSecurityManager.reset();
+ }
+
+ @Test
+ public void clientShouldReAuthenticateWhenCredentialExpiredAndOperationSucceed()
+ throws Exception {
+ int serverPort = server.getPort();
+ ClientVM clientVM = lsRule.startClientVM(0, clientVersion,
+ c -> c.withProperty(SECURITY_CLIENT_AUTH_INIT, UpdatableUserAuthInitialize.class.getName())
+ .withPoolSubscription(true)
+ .withServerConnection(serverPort));
+
+ clientVM.invoke(() -> {
+ ClientCache clientCache = ClusterStartupRule.getClientCache();
+ UpdatableUserAuthInitialize.setUser("user1");
+ ClientRegionFactory clientRegionFactory =
+ clientCache.createClientRegionFactory(ClientRegionShortcut.PROXY);
+ Region region = clientRegionFactory.create("region");
+ region.put(0, "value0");
+ });
+
+ // expire the current user
+ ExpirableSecurityManager.addExpiredUser("user1");
+
+ // do a second put, if this is successful, it means new credentials are provided
+ clientVM.invoke(() -> {
+ UpdatableUserAuthInitialize.setUser("user2");
+ ClientCache clientCache = ClusterStartupRule.getClientCache();
+ Region region = clientCache.getRegion("region");
+ region.put(1, "value1");
+ });
+
+ // all put operation succeeded
+ Region<Object, Object> region = server.getCache().getRegion("/region");
+ assertThat(ExpirableSecurityManager.getExpiredUsers().size()).isEqualTo(1);
+ assertThat(ExpirableSecurityManager.getExpiredUsers().contains("user1")).isTrue();
+ assertThat(region.size()).isEqualTo(2);
+ }
+
+}
diff --git a/geode-junit/src/main/java/org/apache/geode/security/ExpirableSecurityManager.java b/geode-junit/src/main/java/org/apache/geode/security/ExpirableSecurityManager.java
new file mode 100644
index 0000000..fc1021d
--- /dev/null
+++ b/geode-junit/src/main/java/org/apache/geode/security/ExpirableSecurityManager.java
@@ -0,0 +1,56 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package org.apache.geode.security;
+
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
+
+import org.apache.geode.examples.SimpleSecurityManager;
+
+/**
+ * this is a test security manager that will authenticate credentials when username matches the
+ * password. It will authorize all operations. It keeps a list of expired users, and will throw
+ * AuthenticationExpiredException if the user is in that list. This security manager is usually used
+ * with NewCredentialAuthInitialize.
+ *
+ * make sure to call reset after each test to clean things up.
+ */
+public class ExpirableSecurityManager extends SimpleSecurityManager {
+ // use static field for ease of testing since there is only one instance of this in each VM
+ // we only need ConcurrentHashSet here, but map is only construct available in the library
+ private static final Set<String> EXPIRED_USERS = ConcurrentHashMap.newKeySet();
+
+ @Override
+ public boolean authorize(Object principal, ResourcePermission permission) {
+ if (EXPIRED_USERS.contains(principal)) {
+ throw new AuthenticationExpiredException("User authentication expired.");
+ }
+ // always authorized
+ return true;
+ }
+
+ public static void addExpiredUser(String user) {
+ EXPIRED_USERS.add(user);
+ }
+
+ public static Set<String> getExpiredUsers() {
+ return EXPIRED_USERS;
+ }
+
+ public static void reset() {
+ EXPIRED_USERS.clear();
+ }
+}
diff --git a/geode-junit/src/main/java/org/apache/geode/security/UpdatableUserAuthInitialize.java b/geode-junit/src/main/java/org/apache/geode/security/UpdatableUserAuthInitialize.java
new file mode 100644
index 0000000..0a0e6b4
--- /dev/null
+++ b/geode-junit/src/main/java/org/apache/geode/security/UpdatableUserAuthInitialize.java
@@ -0,0 +1,54 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package org.apache.geode.security;
+
+import java.util.Properties;
+import java.util.concurrent.atomic.AtomicReference;
+
+import org.apache.geode.distributed.DistributedMember;
+
+/**
+ * this is used in conjunction with ExpirableSecurityManager. It will create a new set of
+ * credentials every time getCredentials are called, and they will always be authenticated
+ * and authorized by the ExpirableSecurityManager.
+ *
+ * make sure reset is called after each test to clean things up.
+ */
+public class UpdatableUserAuthInitialize implements AuthInitialize {
+ // use static field for ease of testing since there is only one instance of this in each VM
+ private static final AtomicReference<String> user = new AtomicReference<>();
+
+ @Override
+ public Properties getCredentials(Properties securityProps, DistributedMember server,
+ boolean isPeer) throws AuthenticationFailedException {
+ Properties credentials = new Properties();
+ credentials.put("security-username", user.get());
+ credentials.put("security-password", user.get());
+ return credentials;
+ }
+
+ public static String getUser() {
+ return user.get();
+ }
+
+ public static void setUser(String newValue) {
+ user.set(newValue);
+ }
+
+ public static void reset() {
+ user.set(null);
+ }
+}
diff --git a/geode-old-client-support/src/main/java/com/gemstone/gemfire/OldClientSupportProvider.java b/geode-old-client-support/src/main/java/com/gemstone/gemfire/OldClientSupportProvider.java
index ccf3c1a..581fc98 100644
--- a/geode-old-client-support/src/main/java/com/gemstone/gemfire/OldClientSupportProvider.java
+++ b/geode-old-client-support/src/main/java/com/gemstone/gemfire/OldClientSupportProvider.java
@@ -14,6 +14,8 @@
*/
package com.gemstone.gemfire;
+import static org.apache.geode.internal.cache.tier.sockets.ServerConnection.USER_NOT_FOUND;
+
import java.io.DataInput;
import java.io.DataOutput;
import java.util.Map;
@@ -27,6 +29,8 @@ import org.apache.geode.internal.cache.tier.sockets.OldClientSupportService;
import org.apache.geode.internal.serialization.KnownVersion;
import org.apache.geode.internal.serialization.VersionedDataOutputStream;
import org.apache.geode.management.internal.beans.CacheServiceMBeanBase;
+import org.apache.geode.security.AuthenticationExpiredException;
+import org.apache.geode.security.AuthenticationRequiredException;
import org.apache.geode.util.internal.GeodeGlossary;
import com.gemstone.gemfire.cache.execute.EmtpyRegionFunctionException;
@@ -121,11 +125,21 @@ public class OldClientSupportProvider implements OldClientSupportService {
if (theThrowable == null) {
return theThrowable;
}
+
+ String className = theThrowable.getClass().getName();
+
+ // backward compatibility for authentication expiration
+ if (clientVersion.isOlderThan(KnownVersion.GEODE_1_15_0)) {
+ if (className.equals(AuthenticationExpiredException.class.getName())) {
+ return new AuthenticationRequiredException(USER_NOT_FOUND);
+ }
+ }
+
if (clientVersion.isNotOlderThan(KnownVersion.GFE_90)) {
return theThrowable;
}
- String className = theThrowable.getClass().getName();
+
// this class has been renamed, so it cannot be automatically translated
// during java deserialization