Examples with TestDeserialized example.serialization.TestDeserialized used on opensource projects

Search in sources :

Example 1 with TestDeserialized

use of example.serialization.TestDeserialized in project hazelcast by hazelcast.

the class ClientDeserializationProtectionTest method testClassBlacklisted.

/**
 * <pre>
 * When: Default Whitelist is disabled and classname of the test serialized object is blacklisted. The object is read from client.
 * Then: Deserialization fails.
 * </pre>
 */
@Test
public void testClassBlacklisted() {
    ClassFilter blacklist = new ClassFilter().addClasses(TestDeserialized.class.getName());
    JavaSerializationFilterConfig filterConfig = new JavaSerializationFilterConfig().setDefaultsDisabled(true).setBlacklist(blacklist);
    Config config = new Config();
    config.getSerializationConfig().setJavaSerializationFilterConfig(filterConfig);
    HazelcastInstance member = hazelcastFactory.newInstances(config, 1)[0];
    ClientConfig clientConfig = new ClientConfig();
    clientConfig.getSerializationConfig().setJavaSerializationFilterConfig(filterConfig);
    HazelcastInstance client = hazelcastFactory.newHazelcastClient(clientConfig);
    member.getMap("test").put("key", new TestDeserialized());
    try {
        client.getMap("test").get("key");
        fail("Deserialization should have failed");
    } catch (HazelcastSerializationException e) {
        assertFalse(TestDeserialized.isDeserialized);
    }
}
Also used : HazelcastSerializationException(com.hazelcast.nio.serialization.HazelcastSerializationException) TestDeserialized(example.serialization.TestDeserialized) HazelcastInstance(com.hazelcast.core.HazelcastInstance) ClassFilter(com.hazelcast.config.ClassFilter) Config(com.hazelcast.config.Config) JavaSerializationFilterConfig(com.hazelcast.config.JavaSerializationFilterConfig) ClientConfig(com.hazelcast.client.config.ClientConfig) ClientConfig(com.hazelcast.client.config.ClientConfig) JavaSerializationFilterConfig(com.hazelcast.config.JavaSerializationFilterConfig) QuickTest(com.hazelcast.test.annotation.QuickTest) Test(org.junit.Test)

Example 2 with TestDeserialized

use of example.serialization.TestDeserialized in project hazelcast by hazelcast.

the class MulticastDeserializationTest method testWithoutFilter.

@Test
public void testWithoutFilter() throws Exception {
    Config config = createConfig(false);
    Hazelcast.newHazelcastInstance(config);
    sendJoinDatagram(new TestDeserialized());
    assertTrueEventually(() -> assertTrue("Object was not deserialized", TestDeserialized.isDeserialized));
}
Also used : TestDeserialized(example.serialization.TestDeserialized) JavaSerializationFilterConfig(com.hazelcast.config.JavaSerializationFilterConfig) HazelcastTestSupport.smallInstanceConfig(com.hazelcast.test.HazelcastTestSupport.smallInstanceConfig) JoinConfig(com.hazelcast.config.JoinConfig) Config(com.hazelcast.config.Config) QuickTest(com.hazelcast.test.annotation.QuickTest) Test(org.junit.Test)

Example 3 with TestDeserialized

use of example.serialization.TestDeserialized in project hazelcast by hazelcast.

the class MulticastDiscoveryStrategyDeserializationTest method sendDatagrams.

private void sendDatagrams() {
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    MulticastSocket multicastSocket = null;
    try {
        try (ObjectOutputStream oos = new ObjectOutputStream(bos)) {
            oos.writeObject(new TestDeserialized());
        }
        byte[] data = bos.toByteArray();
        multicastSocket = new MulticastSocket(PORT);
        multicastSocket.setTimeToLive(0);
        if (OsHelper.isMac()) {
            multicastSocket.setInterface(InetAddress.getByName("127.0.0.1"));
        }
        InetAddress group = InetAddress.getByName(GROUP);
        multicastSocket.joinGroup(group);
        DatagramPacket packet = new DatagramPacket(data, data.length, group, PORT);
        while (!stop) {
            try {
                multicastSocket.send(packet);
                TimeUnit.SECONDS.sleep(1);
            } catch (Exception e) {
            }
        }
        multicastSocket.leaveGroup(group);
    } catch (Exception e) {
        datagramsThreadException = e;
        e.printStackTrace();
    } finally {
        if (multicastSocket != null) {
            multicastSocket.close();
        }
    }
}
Also used : MulticastSocket(java.net.MulticastSocket) TestDeserialized(example.serialization.TestDeserialized) DatagramPacket(java.net.DatagramPacket) ByteArrayOutputStream(java.io.ByteArrayOutputStream) ObjectOutputStream(java.io.ObjectOutputStream) InetAddress(java.net.InetAddress)

Example 4 with TestDeserialized

use of example.serialization.TestDeserialized in project hazelcast by hazelcast.

the class DeserializationProtectionTest method assertDeserializationFails.

private void assertDeserializationFails(JavaSerializationFilterConfig javaSerializationFilterConfig, boolean keyOwnedByTarget) {
    TestHazelcastInstanceFactory factory = createHazelcastInstanceFactory(2);
    Config config = new Config();
    config.getSerializationConfig().setJavaSerializationFilterConfig(javaSerializationFilterConfig);
    HazelcastInstance[] instances = factory.newInstances(config);
    String key = generateKeyOwnedBy(instances[keyOwnedByTarget ? 1 : 0]);
    instances[0].getMap("test").put(key, new TestDeserialized());
    try {
        instances[1].getMap("test").get(key);
        fail("Deserialization should have failed");
    } catch (HazelcastSerializationException e) {
        assertFalse(TestDeserialized.isDeserialized);
    }
}
Also used : HazelcastSerializationException(com.hazelcast.nio.serialization.HazelcastSerializationException) HazelcastInstance(com.hazelcast.core.HazelcastInstance) TestDeserialized(example.serialization.TestDeserialized) Config(com.hazelcast.config.Config) JavaSerializationFilterConfig(com.hazelcast.config.JavaSerializationFilterConfig) TestHazelcastInstanceFactory(com.hazelcast.test.TestHazelcastInstanceFactory)

Example 5 with TestDeserialized

use of example.serialization.TestDeserialized in project hazelcast by hazelcast.

the class MulticastDeserializationTest method test.

/**
 * Given: Multicast is configured.
 * When: DatagramPacket with a correct Packet comes. The Packet references
 * Java serializer and the serialized object is not a Join message.
 * Then: The object from the Packet is not deserialized.
 */
@Test
public void test() throws Exception {
    Config config = createConfig(true);
    Hazelcast.newHazelcastInstance(config);
    sendJoinDatagram(new TestDeserialized());
    Thread.sleep(500L);
    assertFalse("Untrusted deserialization is possible", TestDeserialized.isDeserialized);
}
Also used : TestDeserialized(example.serialization.TestDeserialized) JavaSerializationFilterConfig(com.hazelcast.config.JavaSerializationFilterConfig) HazelcastTestSupport.smallInstanceConfig(com.hazelcast.test.HazelcastTestSupport.smallInstanceConfig) JoinConfig(com.hazelcast.config.JoinConfig) Config(com.hazelcast.config.Config) QuickTest(com.hazelcast.test.annotation.QuickTest) Test(org.junit.Test)

Aggregations

TestDeserialized (example.serialization.TestDeserialized)10 Config (com.hazelcast.config.Config)9 JavaSerializationFilterConfig (com.hazelcast.config.JavaSerializationFilterConfig)9 HazelcastInstance (com.hazelcast.core.HazelcastInstance)7 QuickTest (com.hazelcast.test.annotation.QuickTest)7 Test (org.junit.Test)7 ClientConfig (com.hazelcast.client.config.ClientConfig)5 HazelcastSerializationException (com.hazelcast.nio.serialization.HazelcastSerializationException)4 JoinConfig (com.hazelcast.config.JoinConfig)2 HazelcastTestSupport.smallInstanceConfig (com.hazelcast.test.HazelcastTestSupport.smallInstanceConfig)2 TestHazelcastInstanceFactory (com.hazelcast.test.TestHazelcastInstanceFactory)2 ClassFilter (com.hazelcast.config.ClassFilter)1 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 ObjectOutputStream (java.io.ObjectOutputStream)1 DatagramPacket (java.net.DatagramPacket)1 InetAddress (java.net.InetAddress)1 MulticastSocket (java.net.MulticastSocket)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial