Examples with AuthzCredentialGenerator org.apache.geode.security.generator.AuthzCredentialGenerator used on opensource projects

Search in sources :

Example 11 with AuthzCredentialGenerator

use of org.apache.geode.security.generator.AuthzCredentialGenerator in project geode by apache.

the class ClientMultiUserAuthzDUnitTest method testOps2.

/**
   * Test query/function execute
   */
@Test
public void testOps2() throws Exception {
    AuthzCredentialGenerator gen = getXmlAuthzGenerator();
    CredentialGenerator cGen = gen.getCredentialGenerator();
    Properties extraAuthProps = cGen.getSystemProperties();
    Properties javaProps = cGen.getJavaProperties();
    Properties extraAuthzProps = gen.getSystemProperties();
    String authenticator = cGen.getAuthenticator();
    String authInit = cGen.getAuthInit();
    String accessor = gen.getAuthorizationCallback();
    getLogWriter().info("testOps2: Using authinit: " + authInit);
    getLogWriter().info("testOps2: Using authenticator: " + authenticator);
    getLogWriter().info("testOps2: Using accessor: " + accessor);
    // Start servers with all required properties
    Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
    int port1 = createCacheServerOnVM(server1, javaProps, serverProps);
    int port2 = createCacheServerOnVM(server2, javaProps, serverProps);
    // Start client1 with valid/invalid QUERY credentials
    Properties[] client1Credentials = new Properties[] { gen.getAllowedCredentials(new OperationCode[] { OperationCode.PUT, OperationCode.QUERY }, new String[] { regionName }, 1), gen.getDisallowedCredentials(new OperationCode[] { OperationCode.PUT, OperationCode.QUERY }, new String[] { regionName }, 1) };
    javaProps = cGen.getJavaProperties();
    getLogWriter().info("testOps2: For first client credentials: " + client1Credentials[0] + "\n" + client1Credentials[1]);
    final Properties finalJavaProps = javaProps;
    client1.invoke(() -> createCacheClientForMultiUserMode(2, authInit, client1Credentials, finalJavaProps, new int[] { port1, port2 }, -1, false, NO_EXCEPTION));
    // Start client2 with valid/invalid EXECUTE_FUNCTION credentials
    Properties[] client2Credentials = new Properties[] { gen.getAllowedCredentials(new OperationCode[] { OperationCode.EXECUTE_FUNCTION }, new String[] { regionName }, 2), gen.getDisallowedCredentials(new OperationCode[] { OperationCode.EXECUTE_FUNCTION }, new String[] { regionName }, 9) };
    javaProps = cGen.getJavaProperties();
    getLogWriter().info("testOps2: For second client credentials: " + client2Credentials[0] + "\n" + client2Credentials[1]);
    final Properties finalJavaProps2 = javaProps;
    client2.invoke(() -> createCacheClientForMultiUserMode(2, authInit, client2Credentials, finalJavaProps2, new int[] { port1, port2 }, -1, false, NO_EXCEPTION));
    Function function = new TestFunction(true, TestFunction.TEST_FUNCTION1);
    server1.invoke(() -> PRClientServerTestBase.registerFunction(function));
    server2.invoke(() -> PRClientServerTestBase.registerFunction(function));
    // Perform some put operations before verifying queries
    client1.invoke(() -> doMultiUserPuts(4, 2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }));
    client1.invoke(() -> doMultiUserQueries(2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, 4));
    client1.invoke(() -> doMultiUserQueryExecute(2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, 4));
    // Verify that the FE succeeds/fails
    client2.invoke(() -> doMultiUserFE(2, function, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, false));
    // Failover
    server1.invoke(() -> closeCache());
    Thread.sleep(2000);
    client1.invoke(() -> doMultiUserPuts(4, 2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }));
    client1.invoke(() -> doMultiUserQueries(2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, 4));
    client1.invoke(() -> doMultiUserQueryExecute(2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, 4));
    // Verify that the FE succeeds/fails
    client2.invoke(() -> doMultiUserFE(2, function, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, true));
}
Also used : Function(org.apache.geode.cache.execute.Function) TestFunction(org.apache.geode.internal.cache.functions.TestFunction) TestFunction(org.apache.geode.internal.cache.functions.TestFunction) AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator) AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator) CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator) Properties(java.util.Properties) SecurityTest(org.apache.geode.test.junit.categories.SecurityTest) Test(org.junit.Test) DistributedTest(org.apache.geode.test.junit.categories.DistributedTest)

Example 12 with AuthzCredentialGenerator

use of org.apache.geode.security.generator.AuthzCredentialGenerator in project geode by apache.

the class ClientMultiUserAuthzDUnitTest method testOpsWithClientsInDifferentModes.

@Test
public void testOpsWithClientsInDifferentModes() throws Exception {
    for (Iterator<AuthzCredentialGenerator> iter = getDummyGeneratorCombos().iterator(); iter.hasNext(); ) {
        AuthzCredentialGenerator gen = iter.next();
        CredentialGenerator cGen = gen.getCredentialGenerator();
        Properties extraAuthProps = cGen.getSystemProperties();
        Properties javaProps = cGen.getJavaProperties();
        Properties extraAuthzProps = gen.getSystemProperties();
        String authenticator = cGen.getAuthenticator();
        String authInit = cGen.getAuthInit();
        String accessor = gen.getAuthorizationCallback();
        getLogWriter().info("testOpsWithClientsInDifferentModes: Using authinit: " + authInit);
        getLogWriter().info("testOpsWithClientsInDifferentModes: Using authenticator: " + authenticator);
        getLogWriter().info("testOpsWithClientsInDifferentModes: Using accessor: " + accessor);
        // Start servers with all required properties
        Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
        int port1 = createCacheServerOnVM(server1, javaProps, serverProps);
        int port2 = createCacheServerOnVM(server2, javaProps, serverProps);
        if (!prepareClientsForOps(gen, cGen, new OperationCode[] { OperationCode.PUT, OperationCode.PUT }, new OperationCode[] { OperationCode.GET, OperationCode.GET }, javaProps, authInit, port1, port2, false, true)) {
            continue;
        }
        verifyPutsGets(false, true);
        if (!prepareClientsForOps(gen, cGen, new OperationCode[] { OperationCode.PUT, OperationCode.CONTAINS_KEY }, new OperationCode[] { OperationCode.DESTROY, OperationCode.DESTROY }, javaProps, authInit, port1, port2, false, false)) {
            continue;
        }
        verifyContainsKeyDestroys(false, false);
    }
}
Also used : OperationCode(org.apache.geode.cache.operations.OperationContext.OperationCode) AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator) AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator) CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator) Properties(java.util.Properties) SecurityTest(org.apache.geode.test.junit.categories.SecurityTest) Test(org.junit.Test) DistributedTest(org.apache.geode.test.junit.categories.DistributedTest)

Example 13 with AuthzCredentialGenerator

use of org.apache.geode.security.generator.AuthzCredentialGenerator in project geode by apache.

the class ClientAuthorizationDUnitTest method testUnregisterInterestWithFailover.

@Test
public void testUnregisterInterestWithFailover() throws InterruptedException {
    OperationWithAction[] unregisterOps = unregisterOpsForTestUnregisterInterestWithFailover();
    AuthzCredentialGenerator gen = new XmlAuthzCredentialGenerator();
    CredentialGenerator cGen = new DummyCredentialGenerator();
    cGen.init();
    gen.init(cGen);
    Properties extraAuthProps = cGen.getSystemProperties();
    Properties javaProps = cGen.getJavaProperties();
    Properties extraAuthzProps = gen.getSystemProperties();
    String authenticator = cGen.getAuthenticator();
    String authInit = cGen.getAuthInit();
    String accessor = gen.getAuthorizationCallback();
    getLogWriter().info("testAllOpsWithFailover: Using authinit: " + authInit);
    getLogWriter().info("testAllOpsWithFailover: Using authenticator: " + authenticator);
    getLogWriter().info("testAllOpsWithFailover: Using accessor: " + accessor);
    // Start servers with all required properties
    Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
    // Get ports for the servers
    int[] randomAvailableTCPPorts = AvailablePortHelper.getRandomAvailableTCPPorts(2);
    int port1 = randomAvailableTCPPorts[0];
    int port2 = randomAvailableTCPPorts[1];
    // Perform all the ops on the clients
    List opBlock = new ArrayList();
    for (int opNum = 0; opNum < unregisterOps.length; ++opNum) {
        // Start client with valid credentials as specified in OperationWithAction
        OperationWithAction currentOp = unregisterOps[opNum];
        if (currentOp.equals(OperationWithAction.OPBLOCK_END) || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
            // failover
            if (opBlock.size() > 0) {
                // Start the first server and execute the operation block
                server1.invoke(() -> ClientAuthorizationTestCase.createCacheServer(getLocatorPort(), port1, serverProps, javaProps));
                server2.invoke(() -> closeCache());
                executeRIOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, javaProps);
                if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
                    createServer2(javaProps, serverProps, port2);
                    server1.invoke(() -> closeCache());
                    executeRIOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, javaProps);
                }
                opBlock.clear();
            }
        } else {
            currentOp.setOpNum(opNum);
            opBlock.add(currentOp);
        }
    }
}
Also used : ArrayList(java.util.ArrayList) AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator) XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator) ArrayList(java.util.ArrayList) List(java.util.List) XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator) AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator) DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator) XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator) CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator) Properties(java.util.Properties) DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator) SecurityTest(org.apache.geode.test.junit.categories.SecurityTest) Test(org.junit.Test) DistributedTest(org.apache.geode.test.junit.categories.DistributedTest)

Example 14 with AuthzCredentialGenerator

use of org.apache.geode.security.generator.AuthzCredentialGenerator in project geode by apache.

the class ClientAuthorizationDUnitTest method testDisallowPutsGets.

@Test
public void testDisallowPutsGets() {
    AuthzCredentialGenerator gen = getXmlAuthzGenerator();
    CredentialGenerator cGen = gen.getCredentialGenerator();
    Properties extraAuthProps = cGen.getSystemProperties();
    Properties javaProps = cGen.getJavaProperties();
    Properties extraAuthzProps = gen.getSystemProperties();
    String authenticator = cGen.getAuthenticator();
    String authInit = cGen.getAuthInit();
    String accessor = gen.getAuthorizationCallback();
    getLogWriter().info("testDisallowPutsGets: Using authinit: " + authInit);
    getLogWriter().info("testDisallowPutsGets: Using authenticator: " + authenticator);
    getLogWriter().info("testDisallowPutsGets: Using accessor: " + accessor);
    // Check that we indeed can obtain valid credentials not allowed to do gets
    Properties createCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.PUT }, new String[] { regionName }, 1);
    Properties createJavaProps = cGen.getJavaProperties();
    getLogWriter().info("testDisallowPutsGets: For first client credentials: " + createCredentials);
    Properties getCredentials = gen.getDisallowedCredentials(new OperationCode[] { OperationCode.GET }, new String[] { regionName }, 2);
    Properties getJavaProps = cGen.getJavaProperties();
    getLogWriter().info("testDisallowPutsGets: For second client disallowed GET credentials: " + getCredentials);
    // Start servers with all required properties
    Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
    int port1 = createServer1(javaProps, serverProps);
    int port2 = createServer2(javaProps, serverProps);
    createClient1NoException(createJavaProps, authInit, port1, port2, createCredentials);
    createClient2NoException(getJavaProps, authInit, port1, port2, getCredentials);
    // Perform some put operations from client1
    client1.invoke(() -> doPuts(2, NO_EXCEPTION));
    // Gets as normal user should throw exception
    client2.invoke(() -> doGets(2, NOTAUTHZ_EXCEPTION));
    // Try to connect client2 with reader credentials
    getCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.GET }, new String[] { regionName }, 5);
    getJavaProps = cGen.getJavaProperties();
    getLogWriter().info("testDisallowPutsGets: For second client with GET credentials: " + getCredentials);
    createClient2NoException(getJavaProps, authInit, port1, port2, getCredentials);
    // Verify that the gets succeed
    client2.invoke(() -> doGets(2, NO_EXCEPTION));
    // Verify that the puts throw exception
    client2.invoke(() -> doNPuts(2, NOTAUTHZ_EXCEPTION));
}
Also used : OperationCode(org.apache.geode.cache.operations.OperationContext.OperationCode) AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator) XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator) AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator) DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator) XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator) CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator) Properties(java.util.Properties) SecurityTest(org.apache.geode.test.junit.categories.SecurityTest) Test(org.junit.Test) DistributedTest(org.apache.geode.test.junit.categories.DistributedTest)

Example 15 with AuthzCredentialGenerator

use of org.apache.geode.security.generator.AuthzCredentialGenerator in project geode by apache.

the class ClientAuthorizationDUnitTest method testInvalidAccessor.

@Test
public void testInvalidAccessor() {
    AuthzCredentialGenerator gen = getXmlAuthzGenerator();
    CredentialGenerator cGen = gen.getCredentialGenerator();
    Properties extraAuthProps = cGen.getSystemProperties();
    Properties javaProps = cGen.getJavaProperties();
    Properties extraAuthzProps = gen.getSystemProperties();
    String authenticator = cGen.getAuthenticator();
    String authInit = cGen.getAuthInit();
    String accessor = gen.getAuthorizationCallback();
    getLogWriter().info("testInvalidAccessor: Using authinit: " + authInit);
    getLogWriter().info("testInvalidAccessor: Using authenticator: " + authenticator);
    // Start server1 with invalid accessor
    Properties serverProps = buildProperties(authenticator, "org.apache.none", false, extraAuthProps, extraAuthzProps);
    int port1 = createServer1(javaProps, serverProps);
    int port2 = getRandomAvailablePort(SOCKET);
    // Client creation should throw exceptions
    Properties createCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.PUT }, new String[] { regionName }, 3);
    Properties createJavaProps = cGen.getJavaProperties();
    getLogWriter().info("testInvalidAccessor: For first client CREATE credentials: " + createCredentials);
    Properties getCredentials = gen.getAllowedCredentials(new OperationCode[] { OperationCode.GET }, new String[] { regionName }, 7);
    Properties getJavaProps = cGen.getJavaProperties();
    getLogWriter().info("testInvalidAccessor: For second client GET credentials: " + getCredentials);
    client1.invoke(() -> ClientAuthenticationTestUtils.createCacheClient(authInit, createCredentials, createJavaProps, port1, port2, 0, false, false, NO_EXCEPTION));
    client1.invoke(() -> doPuts(1, AUTHFAIL_EXCEPTION));
    client2.invoke(() -> ClientAuthenticationTestUtils.createCacheClient(authInit, getCredentials, getJavaProps, port1, port2, 0, false, false, NO_EXCEPTION));
    client2.invoke(() -> doPuts(1, AUTHFAIL_EXCEPTION));
    // Now start server2 that has valid accessor
    getLogWriter().info("testInvalidAccessor: Using accessor: " + accessor);
    serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
    createServer2(javaProps, serverProps, port2);
    server1.invoke(() -> closeCache());
    createClient1NoException(createJavaProps, authInit, port1, port2, createCredentials);
    createClient2NoException(getJavaProps, authInit, port1, port2, getCredentials);
    // Now perform some put operations from client1
    client1.invoke(() -> doPuts(4, NO_EXCEPTION));
    // Verify that the gets succeed
    client2.invoke(() -> doGets(4, NO_EXCEPTION));
}
Also used : AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator) XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator) AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator) DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator) XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator) CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator) Properties(java.util.Properties) SecurityTest(org.apache.geode.test.junit.categories.SecurityTest) Test(org.junit.Test) DistributedTest(org.apache.geode.test.junit.categories.DistributedTest)

Aggregations

AuthzCredentialGenerator (org.apache.geode.security.generator.AuthzCredentialGenerator)18 CredentialGenerator (org.apache.geode.security.generator.CredentialGenerator)18 Properties (java.util.Properties)16 DistributedTest (org.apache.geode.test.junit.categories.DistributedTest)13 SecurityTest (org.apache.geode.test.junit.categories.SecurityTest)13 Test (org.junit.Test)13 DummyCredentialGenerator (org.apache.geode.security.generator.DummyCredentialGenerator)9 XmlAuthzCredentialGenerator (org.apache.geode.security.generator.XmlAuthzCredentialGenerator)9 ArrayList (java.util.ArrayList)6 Random (java.util.Random)6 List (java.util.List)5 OperationCode (org.apache.geode.cache.operations.OperationContext.OperationCode)5 FlakyTest (org.apache.geode.test.junit.categories.FlakyTest)3 Category (org.junit.experimental.categories.Category)3 Iterator (java.util.Iterator)1 Function (org.apache.geode.cache.execute.Function)1 ConfigurationProperties (org.apache.geode.distributed.ConfigurationProperties)1 PartitionedRegionLocalMaxMemoryDUnitTest (org.apache.geode.internal.cache.PartitionedRegionLocalMaxMemoryDUnitTest)1 TestFunction (org.apache.geode.internal.cache.functions.TestFunction)1 ClassCode (org.apache.geode.security.generator.AuthzCredentialGenerator.ClassCode)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial