You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by go...@apache.org on 2018/05/14 23:55:57 UTC

[geode] 02/07: GEODE-5085 authentication failure when auto-reconnecting

This is an automated email from the ASF dual-hosted git repository.

gosullivan pushed a commit to branch support/9.5
in repository https://gitbox.apache.org/repos/asf/geode.git

commit 3c9cc64ca28d5533c1c5e8f66cb245a1b0ee9f81
Author: Bruce Schuchardt <bs...@pivotal.io>
AuthorDate: Wed Apr 18 13:45:33 2018 -0700

    GEODE-5085 authentication failure when auto-reconnecting
    
    Modified auto-reconnect to gather the security properties from the
    DistributionConfig and to use the non-parsed values of properties
    instead of the parsed versions.
    
    Modified unit tests to gather the security properties and use the
    non-parsed values when deciding whether to create a new distributed system.
    
    Added a security manager to all of the ReconnectDUnitTest test cases.
    
    This closes #1807
    
    (cherry picked from commit 08ec4af911baa9eaca05f2aaf5d021618734bfe1)
---
 .../internal/DistributionConfigImpl.java           | 18 +++++++++++++++-
 .../internal/InternalDistributedSystem.java        |  4 +++-
 .../java/org/apache/geode/internal/Config.java     |  9 +++++++-
 .../apache/geode/cache30/ReconnectDUnitTest.java   | 12 ++++++++---
 .../dunit/internal/JUnit4DistributedTestCase.java  | 25 +++++++++++++++++++++-
 5 files changed, 61 insertions(+), 7 deletions(-)

diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfigImpl.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfigImpl.java
index 4fe0b5a..7f1071d 100644
--- a/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfigImpl.java
+++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/DistributionConfigImpl.java
@@ -2339,8 +2339,24 @@ public class DistributionConfigImpl extends AbstractDistributionConfig implement
     securityPeerMembershipTimeout = (Integer) value;
   }
 
+  @Override
   public Properties getSecurityProps() {
-    return security;
+    Properties result = new Properties();
+    result.putAll(security);
+    return result;
+  }
+
+  @Override
+  public Properties toSecurityProperties() {
+    Properties result = new Properties();
+    for (Object attName : security.keySet()) {
+      if (attName instanceof String) {
+        result.put(attName, getAttribute((String) attName));
+      } else {
+        result.put(attName, security.get(attName));
+      }
+    }
+    return result;
   }
 
   public String getSecurity(String attName) {
diff --git a/geode-core/src/main/java/org/apache/geode/distributed/internal/InternalDistributedSystem.java b/geode-core/src/main/java/org/apache/geode/distributed/internal/InternalDistributedSystem.java
index 4992038..adf2821 100644
--- a/geode-core/src/main/java/org/apache/geode/distributed/internal/InternalDistributedSystem.java
+++ b/geode-core/src/main/java/org/apache/geode/distributed/internal/InternalDistributedSystem.java
@@ -2611,7 +2611,9 @@ public class InternalDistributedSystem extends DistributedSystem
     }
 
     DistributionConfig oldConfig = ids.getConfig();
-    Properties configProps = getProperties();
+    Properties configProps = this.config.toProperties();
+    configProps.putAll(this.config.toSecurityProperties());
+
     int timeOut = oldConfig.getMaxWaitTimeForReconnect();
     int maxTries = oldConfig.getMaxNumReconnectTries();
 
diff --git a/geode-core/src/main/java/org/apache/geode/internal/Config.java b/geode-core/src/main/java/org/apache/geode/internal/Config.java
index 1f69f64..890eb2a 100644
--- a/geode-core/src/main/java/org/apache/geode/internal/Config.java
+++ b/geode-core/src/main/java/org/apache/geode/internal/Config.java
@@ -105,13 +105,20 @@ public interface Config {
   boolean sameAs(Config v);
 
   /**
-   * Converts the contents of this config to a property instance.
+   * Converts the non-secure contents of this config to a property instance.
    *
    * @since GemFire 3.5
    */
   Properties toProperties();
 
   /**
+   * Converts the secure contents of this config to a property instance.
+   *
+   * @since Geode 1.6
+   */
+  Properties toSecurityProperties();
+
+  /**
    * Writes this config to the specified file.
    *
    * @since GemFire 3.5
diff --git a/geode-core/src/test/java/org/apache/geode/cache30/ReconnectDUnitTest.java b/geode-core/src/test/java/org/apache/geode/cache30/ReconnectDUnitTest.java
index e36dabb..f16bf4b 100755
--- a/geode-core/src/test/java/org/apache/geode/cache30/ReconnectDUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/cache30/ReconnectDUnitTest.java
@@ -46,6 +46,7 @@ import org.apache.geode.distributed.internal.ServerLocator;
 import org.apache.geode.distributed.internal.membership.InternalDistributedMember;
 import org.apache.geode.distributed.internal.membership.gms.MembershipManagerHelper;
 import org.apache.geode.distributed.internal.membership.gms.mgr.GMSMembershipManager;
+import org.apache.geode.examples.SimpleSecurityManager;
 import org.apache.geode.internal.AvailablePort;
 import org.apache.geode.internal.AvailablePortHelper;
 import org.apache.geode.internal.cache.GemFireCacheImpl;
@@ -111,7 +112,7 @@ public class ReconnectDUnitTest extends JUnit4CacheTestCase {
     finishCacheXml("MyDisconnect");
     // Cache cache = getCache();
     closeCache();
-    getSystem().disconnect();
+    basicGetSystem().disconnect();
     LogWriterUtils.getLogWriter().fine("Cache Closed ");
   }
 
@@ -127,6 +128,9 @@ public class ReconnectDUnitTest extends JUnit4CacheTestCase {
       dsProperties.put(MCAST_PORT, "0");
       dsProperties.put(MEMBER_TIMEOUT, "1000");
       dsProperties.put(LOG_LEVEL, LogWriterUtils.getDUnitLogLevel());
+      dsProperties.put(SECURITY_MANAGER, SimpleSecurityManager.class.getName());
+      dsProperties.put("security-username", "clusterManage");
+      dsProperties.put("security-password", "clusterManage");
       addDSProps(dsProperties);
     }
     return dsProperties;
@@ -632,7 +636,7 @@ public class ReconnectDUnitTest extends JUnit4CacheTestCase {
       Assert.fail("IOException during cache.xml generation to " + file, ex);
     }
     closeCache();
-    getSystem().disconnect();
+    basicGetSystem().disconnect();
 
     LogWriterUtils.getLogWriter().info("disconnected from the system...");
     Host host = Host.getHost(0);
@@ -644,7 +648,9 @@ public class ReconnectDUnitTest extends JUnit4CacheTestCase {
     SerializableRunnable roleLoss = new CacheSerializableRunnable("ROLERECONNECTTESTS") {
       public void run2() throws RuntimeException {
         LogWriterUtils.getLogWriter().info("####### STARTING THE REAL TEST ##########");
+
         locatorPort = locPort;
+        dsProperties = null;
         Properties props = getDistributedSystemProperties();
         props.put(CACHE_XML_FILE, xmlFileLoc + fileSeparator + "RoleReconnect-cache.xml");
         props.put(MAX_WAIT_TIME_RECONNECT, "200");
@@ -660,7 +666,7 @@ public class ReconnectDUnitTest extends JUnit4CacheTestCase {
         basicGetSystem().getLogWriter().info(
             "<ExpectedException action=add>" + "CacheClosedException" + "</ExpectedException");
         try {
-          getCache();
+          getCache(props);
           throw new RuntimeException("The test should throw a CancelException ");
         } catch (CancelException ignor) { // can be caused by role loss during intialization.
           LogWriterUtils.getLogWriter().info("Got Expected CancelException ");
diff --git a/geode-core/src/test/java/org/apache/geode/test/dunit/internal/JUnit4DistributedTestCase.java b/geode-core/src/test/java/org/apache/geode/test/dunit/internal/JUnit4DistributedTestCase.java
index 5b38fdb..1ecbefe 100644
--- a/geode-core/src/test/java/org/apache/geode/test/dunit/internal/JUnit4DistributedTestCase.java
+++ b/geode-core/src/test/java/org/apache/geode/test/dunit/internal/JUnit4DistributedTestCase.java
@@ -216,9 +216,12 @@ public abstract class JUnit4DistributedTestCase implements DistributedTestFixtur
         }
 
       } else {
-        Properties activeProps = system.getProperties();
+        Properties activeProps = system.getConfig().toProperties();
         for (Entry<Object, Object> entry : props.entrySet()) {
           String key = (String) entry.getKey();
+          if (key.startsWith("security-")) {
+            continue;
+          }
           String value = (String) entry.getValue();
           if (!value.equals(activeProps.getProperty(key))) {
             needNewSystem = true;
@@ -227,6 +230,26 @@ public abstract class JUnit4DistributedTestCase implements DistributedTestFixtur
             break;
           }
         }
+        try {
+          activeProps = system.getConfig().toSecurityProperties();
+          for (Entry<Object, Object> entry : props.entrySet()) {
+            String key = (String) entry.getKey();
+            if (!key.startsWith("security-")) {
+              continue;
+            }
+            String value = (String) entry.getValue();
+            if (!value.equals(activeProps.getProperty(key))) {
+              needNewSystem = true;
+              getLogWriter().info("Forcing DS disconnect. For property " + key + " old value = "
+                  + activeProps.getProperty(key) + " new value = " + value);
+              break;
+            }
+          }
+        } catch (NoSuchMethodError e) {
+          if (Version.CURRENT_ORDINAL >= 85) {
+            throw new IllegalStateException("missing method", e);
+          }
+        }
       }
 
       if (needNewSystem) {

-- 
To stop receiving notification emails like this one, please contact
gosullivan@apache.org.