You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kafka.apache.org by rs...@apache.org on 2019/03/07 13:28:53 UTC
[kafka] branch 2.2 updated: KAFKA-8039 - Use MockTime in fast
reauth test to avoid transient failures (#6383)
This is an automated email from the ASF dual-hosted git repository.
rsivaram pushed a commit to branch 2.2
in repository https://gitbox.apache.org/repos/asf/kafka.git
The following commit(s) were added to refs/heads/2.2 by this push:
new d738d2f KAFKA-8039 - Use MockTime in fast reauth test to avoid transient failures (#6383)
d738d2f is described below
commit d738d2feea2bfc43b4ba66b4904a96b2f5981bb4
Author: Rajini Sivaram <ra...@googlemail.com>
AuthorDate: Thu Mar 7 13:22:16 2019 +0000
KAFKA-8039 - Use MockTime in fast reauth test to avoid transient failures (#6383)
Test uses 100ms as connections.max.reauth.ms and checks that a second reauthentication doesn't occur within the hard-coded 1 second minimum interval. But since the interval is small, we cannot guarantee that the time between the two checks is not higher than 1 second. Change the test to use MockTime so that we can control the time.
Reviewers: Ron Dagostino <rn...@gmail.com>, Manikumar Reddy <ma...@gmail.com>
---
.../java/org/apache/kafka/common/network/NioEchoServer.java | 7 +++++--
.../security/authenticator/SaslAuthenticatorTest.java | 13 +++++++++----
2 files changed, 14 insertions(+), 6 deletions(-)
diff --git a/clients/src/test/java/org/apache/kafka/common/network/NioEchoServer.java b/clients/src/test/java/org/apache/kafka/common/network/NioEchoServer.java
index c6ef227..de73420 100644
--- a/clients/src/test/java/org/apache/kafka/common/network/NioEchoServer.java
+++ b/clients/src/test/java/org/apache/kafka/common/network/NioEchoServer.java
@@ -28,6 +28,7 @@ import org.apache.kafka.common.security.authenticator.CredentialCache;
import org.apache.kafka.common.security.scram.ScramCredential;
import org.apache.kafka.common.security.scram.internals.ScramMechanism;
import org.apache.kafka.common.utils.LogContext;
+import org.apache.kafka.common.utils.MockTime;
import org.apache.kafka.common.utils.Time;
import org.apache.kafka.test.TestUtils;
@@ -158,8 +159,10 @@ public class NioEchoServer extends Thread {
waitForMetrics("failed-reauthentication", failedReauthentications,
EnumSet.of(MetricType.TOTAL, MetricType.RATE));
waitForMetrics("successful-authentication-no-reauth", 0, EnumSet.of(MetricType.TOTAL));
- waitForMetrics("reauthentication-latency", Math.signum(successfulReauthentications),
- EnumSet.of(MetricType.MAX, MetricType.AVG));
+ if (!(time instanceof MockTime)) {
+ waitForMetrics("reauthentication-latency", Math.signum(successfulReauthentications),
+ EnumSet.of(MetricType.MAX, MetricType.AVG));
+ }
}
public void verifyAuthenticationNoReauthMetric(int successfulAuthenticationNoReauths) throws InterruptedException {
diff --git a/clients/src/test/java/org/apache/kafka/common/security/authenticator/SaslAuthenticatorTest.java b/clients/src/test/java/org/apache/kafka/common/security/authenticator/SaslAuthenticatorTest.java
index c139062..433091c 100644
--- a/clients/src/test/java/org/apache/kafka/common/security/authenticator/SaslAuthenticatorTest.java
+++ b/clients/src/test/java/org/apache/kafka/common/security/authenticator/SaslAuthenticatorTest.java
@@ -99,6 +99,7 @@ import org.apache.kafka.common.security.scram.ScramLoginModule;
import org.apache.kafka.common.security.scram.internals.ScramMechanism;
import org.apache.kafka.common.security.token.delegation.TokenInformation;
import org.apache.kafka.common.security.token.delegation.internals.DelegationTokenCache;
+import org.apache.kafka.common.utils.MockTime;
import org.apache.kafka.common.utils.SecurityUtils;
import org.apache.kafka.common.security.auth.AuthenticateCallbackHandler;
import org.apache.kafka.common.security.authenticator.TestDigestLoginModule.DigestServerCallbackHandler;
@@ -137,6 +138,7 @@ public class SaslAuthenticatorTest {
@Before
public void setup() throws Exception {
LoginManager.closeAll();
+ time = Time.SYSTEM;
serverCertStores = new CertStores(true, "localhost");
clientCertStores = new CertStores(false, "localhost");
saslServerConfigs = serverCertStores.getTrustingConfig(clientCertStores);
@@ -1470,6 +1472,7 @@ public class SaslAuthenticatorTest {
@Test
public void testCannotReauthenticateAgainFasterThanOneSecond() throws Exception {
String node = "0";
+ time = new MockTime();
SecurityProtocol securityProtocol = SecurityProtocol.SASL_SSL;
configureMechanisms(OAuthBearerLoginModule.OAUTHBEARER_MECHANISM,
Arrays.asList(OAuthBearerLoginModule.OAUTHBEARER_MECHANISM));
@@ -1483,7 +1486,7 @@ public class SaslAuthenticatorTest {
* Now sleep long enough so that the next write will cause re-authentication,
* which we expect to succeed.
*/
- delay((long) (CONNECTIONS_MAX_REAUTH_MS_VALUE * 1.1));
+ time.sleep((long) (CONNECTIONS_MAX_REAUTH_MS_VALUE * 1.1));
checkClientConnection(node);
server.verifyAuthenticationMetrics(1, 0);
server.verifyReauthenticationMetrics(1, 0);
@@ -1494,14 +1497,16 @@ public class SaslAuthenticatorTest {
* expected the one byte-plus-node response but got the SaslHandshakeRequest
* instead
*/
- delay((long) (CONNECTIONS_MAX_REAUTH_MS_VALUE * 1.1));
+ time.sleep((long) (CONNECTIONS_MAX_REAUTH_MS_VALUE * 1.1));
NetworkTestUtils.checkClientConnection(selector, node, 1, 1);
fail("Expected a failure when trying to re-authenticate to quickly, but that did not occur");
} catch (AssertionError e) {
String expectedResponseTextRegex = "\\w-" + node;
String receivedResponseTextRegex = ".*" + OAuthBearerLoginModule.OAUTHBEARER_MECHANISM;
assertTrue(
- "Should have received the SaslHandshakeRequest bytes back since we re-authenticated too quickly, but instead we got our generated message echoed back, implying re-auth succeeded when it should not have",
+ "Should have received the SaslHandshakeRequest bytes back since we re-authenticated too quickly, " +
+ "but instead we got our generated message echoed back, implying re-auth succeeded when it " +
+ "should not have: " + e,
e.getMessage().matches(
".*\\<\\[" + expectedResponseTextRegex + "]>.*\\<\\[" + receivedResponseTextRegex + "]>"));
server.verifyReauthenticationMetrics(1, 0); // unchanged
@@ -1900,7 +1905,7 @@ public class SaslAuthenticatorTest {
}
private void checkAuthenticationAndReauthentication(SecurityProtocol securityProtocol, String node)
- throws Exception, InterruptedException {
+ throws Exception {
try {
createClientConnection(securityProtocol, node);
checkClientConnection(node);