You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@solr.apache.org by ho...@apache.org on 2024/03/20 16:49:32 UTC
(solr) branch main updated: SOLR-17207: Refactor logic from LocaleTest into new "assume" check in KerberosTestServices
This is an automated email from the ASF dual-hosted git repository.
hossman pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr.git
The following commit(s) were added to refs/heads/main by this push:
new 946c23db1cc SOLR-17207: Refactor logic from LocaleTest into new "assume" check in KerberosTestServices
946c23db1cc is described below
commit 946c23db1cc60c9337daf97810449bf774fc6cb5
Author: Chris Hostetter <ho...@apache.org>
AuthorDate: Wed Mar 20 09:49:19 2024 -0700
SOLR-17207: Refactor logic from LocaleTest into new "assume" check in KerberosTestServices
---
.../solr/security/hadoop/KerberosTestServices.java | 70 ++++++++++---
.../apache/solr/security/hadoop/LocaleTest.java | 113 ---------------------
.../security/hadoop/SaslZkACLProviderTest.java | 2 +
3 files changed, 56 insertions(+), 129 deletions(-)
diff --git a/solr/modules/hadoop-auth/src/test/org/apache/solr/security/hadoop/KerberosTestServices.java b/solr/modules/hadoop-auth/src/test/org/apache/solr/security/hadoop/KerberosTestServices.java
index d67b13f82fa..9d205f0f5f1 100644
--- a/solr/modules/hadoop-auth/src/test/org/apache/solr/security/hadoop/KerberosTestServices.java
+++ b/solr/modules/hadoop-auth/src/test/org/apache/solr/security/hadoop/KerberosTestServices.java
@@ -19,19 +19,23 @@ package org.apache.solr.security.hadoop;
import java.io.File;
import java.lang.invoke.MethodHandles;
import java.net.BindException;
+import java.nio.file.Path;
import java.util.HashMap;
-import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Objects;
import java.util.Properties;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
import org.apache.commons.io.file.PathUtils;
import org.apache.hadoop.minikdc.MiniKdc;
+import org.apache.lucene.tests.util.LuceneTestCase;
import org.apache.solr.client.solrj.impl.Krb5HttpClientBuilder;
import org.apache.solr.client.solrj.util.Constants;
import org.apache.solr.common.util.EnvUtils;
+import org.junit.Assume;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -41,11 +45,58 @@ public class KerberosTestServices {
private volatile MiniKdc kdc;
private final JaasConfiguration jaasConfiguration;
private final Configuration savedConfig;
- private volatile Locale savedLocale;
private final boolean debug;
private final File workDir;
+ public static void assumeMiniKdcWorksWithDefaultLocale() throws Exception {
+ final String principal = "server";
+
+ Path kdcDir = LuceneTestCase.createTempDir().resolve("miniKdc");
+ File keytabFile = kdcDir.resolve("keytabs").toFile();
+
+ Properties conf = MiniKdc.createConf();
+ conf.setProperty("kdc.port", "0");
+ MiniKdc kdc = new MiniKdc(conf, kdcDir.toFile());
+ kdc.start();
+ kdc.createPrincipal(keytabFile, principal);
+
+ AppConfigurationEntry appConfigEntry =
+ new AppConfigurationEntry(
+ KerberosTestServices.krb5LoginModuleName,
+ AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
+ Map.of(
+ "principal",
+ principal,
+ "storeKey",
+ "true",
+ "useKeyTab",
+ "true",
+ "useTicketCache",
+ "false",
+ "refreshKrb5Config",
+ "true",
+ "keyTab",
+ keytabFile.getAbsolutePath(),
+ "keytab",
+ keytabFile.getAbsolutePath()));
+ Configuration configuration =
+ new Configuration() {
+ @Override
+ public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
+ return new AppConfigurationEntry[] {appConfigEntry};
+ }
+ };
+
+ try {
+ new LoginContext("Server", null, null, configuration).login();
+ } catch (LoginException e) {
+ Assume.assumeNoException(Locale.getDefault() + " appears to be incompatible with MiniKdc", e);
+ } finally {
+ kdc.stop();
+ }
+ }
+
private KerberosTestServices(
File workDir, JaasConfiguration jaasConfiguration, Configuration savedConfig, boolean debug) {
this.jaasConfiguration = jaasConfiguration;
@@ -59,10 +110,7 @@ public class KerberosTestServices {
}
public void start() throws Exception {
- if (incompatibleLanguagesWithMiniKdc.contains(Locale.getDefault().getLanguage())) {
- savedLocale = Locale.getDefault();
- Locale.setDefault(Locale.US);
- }
+ assumeMiniKdcWorksWithDefaultLocale();
// There is time lag between selecting a port and trying to bind with it. It's possible that
// another service captures the port in between which'll result in BindException.
@@ -94,7 +142,6 @@ public class KerberosTestServices {
if (kdc != null) kdc.stop();
Configuration.setConfiguration(savedConfig);
Krb5HttpClientBuilder.regenerateJaasConfiguration();
- if (savedLocale != null) Locale.setDefault(savedLocale);
}
public static Builder builder() {
@@ -195,15 +242,6 @@ public class KerberosTestServices {
? "com.ibm.security.auth.module.Krb5LoginModule"
: "com.sun.security.auth.module.Krb5LoginModule";
- /**
- * These Locales don't generate dates that are compatible with Hadoop MiniKdc. See LocaleTest.java
- * and https://issues.apache.org/jira/browse/DIRKRB-753
- */
- static final List<String> incompatibleLanguagesWithMiniKdc =
- List.of(
- "mzn", "ps", "mr", "uz", "ks", "bn", "my", "sd", "pa", "ar", "th", "dz", "ja", "ne",
- "ckb", "fa", "lrc", "ur", "ig", "sat", "mni", "sa", "as", "raj", "bho", "bgc");
-
public static class Builder {
private File kdcWorkDir;
private String clientPrincipal;
diff --git a/solr/modules/hadoop-auth/src/test/org/apache/solr/security/hadoop/LocaleTest.java b/solr/modules/hadoop-auth/src/test/org/apache/solr/security/hadoop/LocaleTest.java
deleted file mode 100644
index bf59b3d6ae6..00000000000
--- a/solr/modules/hadoop-auth/src/test/org/apache/solr/security/hadoop/LocaleTest.java
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.solr.security.hadoop;
-
-import java.io.File;
-import java.lang.invoke.MethodHandles;
-import java.nio.file.Path;
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Locale;
-import java.util.Map;
-import java.util.Properties;
-import java.util.Set;
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.Configuration;
-import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
-import org.apache.hadoop.minikdc.MiniKdc;
-import org.apache.lucene.tests.util.LuceneTestCase;
-import org.apache.solr.SolrTestCase;
-import org.apache.solr.util.LogLevel;
-import org.junit.Test;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@LuceneTestCase.SuppressSysoutChecks(bugUrl = "https://issues.apache.org/jira/browse/DIRKRB-753")
-@LuceneTestCase.AwaitsFix(bugUrl = "https://issues.apache.org/jira/browse/SOLR-17207")
-@LogLevel("org.apache.kerby=WARN")
-public class LocaleTest extends SolrTestCase {
- private static final Logger log = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
-
- @Test
- public void testWithKdc() throws Exception {
- final String principal = "server";
-
- Path kdcDir = createTempDir().resolve("miniKdc");
- File keytabFile = kdcDir.resolve("keytabs").toFile();
-
- Properties conf = MiniKdc.createConf();
- conf.setProperty("kdc.port", "0");
- MiniKdc kdc = new MiniKdc(conf, kdcDir.toFile());
- kdc.start();
- kdc.createPrincipal(keytabFile, principal);
-
- AppConfigurationEntry appConfigEntry =
- new AppConfigurationEntry(
- KerberosTestServices.krb5LoginModuleName,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
- Map.of(
- "principal",
- principal,
- "storeKey",
- "true",
- "useKeyTab",
- "true",
- "useTicketCache",
- "false",
- "refreshKrb5Config",
- "true",
- "keyTab",
- keytabFile.getAbsolutePath(),
- "keytab",
- keytabFile.getAbsolutePath()));
- Configuration configuration =
- new Configuration() {
- @Override
- public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
- return new AppConfigurationEntry[] {appConfigEntry};
- }
- };
-
- Set<String> locales = new HashSet<>();
- for (Locale locale : Locale.getAvailableLocales()) {
- try {
- Locale.setDefault(locale);
- new LoginContext("Server", null, null, configuration).login();
- } catch (LoginException e) {
- locales.add(locale.getLanguage());
- }
- }
-
- kdc.stop();
-
- log.info("Could not login with locales {}", locales);
-
- List<String> missingLanguages = new ArrayList<>();
- for (String locale : locales) {
- if (!KerberosTestServices.incompatibleLanguagesWithMiniKdc.contains(locale)) {
- missingLanguages.add(locale);
- }
- }
-
- assertTrue(
- "KerberosTestServices#incompatibleLanguagesWithMiniKdc is missing languages: "
- + missingLanguages,
- missingLanguages.isEmpty());
- }
-}
diff --git a/solr/modules/hadoop-auth/src/test/org/apache/solr/security/hadoop/SaslZkACLProviderTest.java b/solr/modules/hadoop-auth/src/test/org/apache/solr/security/hadoop/SaslZkACLProviderTest.java
index 0dbfee03cb5..fc39eb0aad8 100644
--- a/solr/modules/hadoop-auth/src/test/org/apache/solr/security/hadoop/SaslZkACLProviderTest.java
+++ b/solr/modules/hadoop-auth/src/test/org/apache/solr/security/hadoop/SaslZkACLProviderTest.java
@@ -242,6 +242,8 @@ public class SaslZkACLProviderTest extends SolrTestCaseJ4 {
kerberosTestServices
.getKdc()
.createPrincipal(keytabFile, zkClientPrincipal, zkServerPrincipal);
+ } catch (RuntimeException rex) {
+ throw rex;
} catch (Exception ex) {
throw new RuntimeException(ex);
}