Example 21 with CredentialGenerator
use of org.apache.geode.security.generator.CredentialGenerator in project geode by apache.
the class ClientPostAuthorizationDUnitTest method testAllOpsNotifications.
// GEODE-1009: random ports, uses Random, time sensitive,
@Category(FlakyTest.class)
// waitForCondition (waitForCriterion)
@Test
public void testAllOpsNotifications() throws Exception {
OperationWithAction[] allOps = allOpsForTestAllOpsNotifications();
AuthzCredentialGenerator authzGenerator = getXmlAuthzGenerator();
getLogWriter().info("Executing opblocks with credential generator " + authzGenerator);
CredentialGenerator credentialGenerator = authzGenerator.getCredentialGenerator();
Properties extraAuthProps = credentialGenerator.getSystemProperties();
Properties javaProps = credentialGenerator.getJavaProperties();
Properties extraAuthzProps = authzGenerator.getSystemProperties();
String authenticator = credentialGenerator.getAuthenticator();
String authInit = credentialGenerator.getAuthInit();
String accessor = authzGenerator.getAuthorizationCallback();
TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(authzGenerator);
getLogWriter().info("testAllOpsNotifications: Using authinit: " + authInit);
getLogWriter().info("testAllOpsNotifications: Using authenticator: " + authenticator);
getLogWriter().info("testAllOpsNotifications: Using accessor: " + accessor);
// Start servers with all required properties
Properties serverProps = buildProperties(authenticator, accessor, true, extraAuthProps, extraAuthzProps);
// Get ports for the servers
int[] randomAvailableTCPPorts = AvailablePortHelper.getRandomAvailableTCPPorts(2);
int port1 = randomAvailableTCPPorts[0];
int port2 = randomAvailableTCPPorts[1];
// Perform all the ops on the clients
List opBlock = new ArrayList();
Random rnd = new Random();
for (int opNum = 0; opNum < allOps.length; ++opNum) {
// Start client with valid credentials as specified in OperationWithAction
OperationWithAction currentOp = allOps[opNum];
if (currentOp.equals(OperationWithAction.OPBLOCK_END) || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
// End of current operation block; execute all the operations on the servers with failover
if (opBlock.size() > 0) {
// Start the first server and execute the operation block
server1.invoke(() -> createCacheServer(getLocatorPort(), port1, serverProps, javaProps));
server2.invoke(() -> closeCache());
executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd);
if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
// Failover to the second server and run the block again
server2.invoke(() -> createCacheServer(getLocatorPort(), port2, serverProps, javaProps));
server1.invoke(() -> closeCache());
executeOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, tgen, rnd);
}
opBlock.clear();
}
} else {
currentOp.setOpNum(opNum);
opBlock.add(currentOp);
}
}
}
Also used :
Random(java.util.Random)
ArrayList(java.util.ArrayList)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
ArrayList(java.util.ArrayList)
List(java.util.List)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator)
Properties(java.util.Properties)
Category(org.junit.experimental.categories.Category)
SecurityTest(org.apache.geode.test.junit.categories.SecurityTest)
Test(org.junit.Test)
DistributedTest(org.apache.geode.test.junit.categories.DistributedTest)
FlakyTest(org.apache.geode.test.junit.categories.FlakyTest)
Example 22 with CredentialGenerator
use of org.apache.geode.security.generator.CredentialGenerator in project geode by apache.
the class ClientMultiUserAuthzDUnitTest method testOps1.
/**
* Tests with one user authorized to do puts/gets/containsKey/destroys and another not authorized
* for the same.
*/
@Test
public void testOps1() throws Exception {
for (Iterator<AuthzCredentialGenerator> iter = getDummyGeneratorCombos().iterator(); iter.hasNext(); ) {
AuthzCredentialGenerator gen = iter.next();
CredentialGenerator cGen = gen.getCredentialGenerator();
Properties extraAuthProps = cGen.getSystemProperties();
Properties javaProps = cGen.getJavaProperties();
Properties extraAuthzProps = gen.getSystemProperties();
String authenticator = cGen.getAuthenticator();
String authInit = cGen.getAuthInit();
String accessor = gen.getAuthorizationCallback();
getLogWriter().info("testOps1: Using authinit: " + authInit);
getLogWriter().info("testOps1: Using authenticator: " + authenticator);
getLogWriter().info("testOps1: Using accessor: " + accessor);
// Start servers with all required properties
Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
int port1 = createCacheServerOnVM(server1, javaProps, serverProps);
int port2 = createCacheServerOnVM(server2, javaProps, serverProps);
if (!prepareClientsForOps(gen, cGen, new OperationCode[] { OperationCode.PUT, OperationCode.PUT }, new OperationCode[] { OperationCode.GET, OperationCode.GET }, javaProps, authInit, port1, port2)) {
continue;
}
verifyPutsGets();
if (!prepareClientsForOps(gen, cGen, new OperationCode[] { OperationCode.PUT, OperationCode.CONTAINS_KEY }, new OperationCode[] { OperationCode.DESTROY, OperationCode.DESTROY }, javaProps, authInit, port1, port2)) {
continue;
}
verifyContainsKeyDestroys();
if (!prepareClientsForOps(gen, cGen, new OperationCode[] { OperationCode.PUT, OperationCode.CONTAINS_KEY }, new OperationCode[] { OperationCode.INVALIDATE, OperationCode.INVALIDATE }, javaProps, authInit, port1, port2)) {
continue;
}
verifyContainsKeyInvalidates();
if (!prepareClientsForOps(gen, cGen, new OperationCode[] { OperationCode.GET, OperationCode.GET }, new OperationCode[] { OperationCode.REGION_DESTROY, OperationCode.REGION_DESTROY }, javaProps, authInit, port1, port2)) {
continue;
}
verifyGetAllInTX();
verifyGetAllRegionDestroys();
}
}
Also used :
OperationCode(org.apache.geode.cache.operations.OperationContext.OperationCode)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator)
Properties(java.util.Properties)
SecurityTest(org.apache.geode.test.junit.categories.SecurityTest)
Test(org.junit.Test)
DistributedTest(org.apache.geode.test.junit.categories.DistributedTest)
Example 23 with CredentialGenerator
use of org.apache.geode.security.generator.CredentialGenerator in project geode by apache.
the class ClientMultiUserAuthzDUnitTest method testOps2.
/**
* Test query/function execute
*/
@Test
public void testOps2() throws Exception {
AuthzCredentialGenerator gen = getXmlAuthzGenerator();
CredentialGenerator cGen = gen.getCredentialGenerator();
Properties extraAuthProps = cGen.getSystemProperties();
Properties javaProps = cGen.getJavaProperties();
Properties extraAuthzProps = gen.getSystemProperties();
String authenticator = cGen.getAuthenticator();
String authInit = cGen.getAuthInit();
String accessor = gen.getAuthorizationCallback();
getLogWriter().info("testOps2: Using authinit: " + authInit);
getLogWriter().info("testOps2: Using authenticator: " + authenticator);
getLogWriter().info("testOps2: Using accessor: " + accessor);
// Start servers with all required properties
Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
int port1 = createCacheServerOnVM(server1, javaProps, serverProps);
int port2 = createCacheServerOnVM(server2, javaProps, serverProps);
// Start client1 with valid/invalid QUERY credentials
Properties[] client1Credentials = new Properties[] { gen.getAllowedCredentials(new OperationCode[] { OperationCode.PUT, OperationCode.QUERY }, new String[] { regionName }, 1), gen.getDisallowedCredentials(new OperationCode[] { OperationCode.PUT, OperationCode.QUERY }, new String[] { regionName }, 1) };
javaProps = cGen.getJavaProperties();
getLogWriter().info("testOps2: For first client credentials: " + client1Credentials[0] + "\n" + client1Credentials[1]);
final Properties finalJavaProps = javaProps;
client1.invoke(() -> createCacheClientForMultiUserMode(2, authInit, client1Credentials, finalJavaProps, new int[] { port1, port2 }, -1, false, NO_EXCEPTION));
// Start client2 with valid/invalid EXECUTE_FUNCTION credentials
Properties[] client2Credentials = new Properties[] { gen.getAllowedCredentials(new OperationCode[] { OperationCode.EXECUTE_FUNCTION }, new String[] { regionName }, 2), gen.getDisallowedCredentials(new OperationCode[] { OperationCode.EXECUTE_FUNCTION }, new String[] { regionName }, 9) };
javaProps = cGen.getJavaProperties();
getLogWriter().info("testOps2: For second client credentials: " + client2Credentials[0] + "\n" + client2Credentials[1]);
final Properties finalJavaProps2 = javaProps;
client2.invoke(() -> createCacheClientForMultiUserMode(2, authInit, client2Credentials, finalJavaProps2, new int[] { port1, port2 }, -1, false, NO_EXCEPTION));
Function function = new TestFunction(true, TestFunction.TEST_FUNCTION1);
server1.invoke(() -> PRClientServerTestBase.registerFunction(function));
server2.invoke(() -> PRClientServerTestBase.registerFunction(function));
// Perform some put operations before verifying queries
client1.invoke(() -> doMultiUserPuts(4, 2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }));
client1.invoke(() -> doMultiUserQueries(2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, 4));
client1.invoke(() -> doMultiUserQueryExecute(2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, 4));
// Verify that the FE succeeds/fails
client2.invoke(() -> doMultiUserFE(2, function, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, false));
// Failover
server1.invoke(() -> closeCache());
Thread.sleep(2000);
client1.invoke(() -> doMultiUserPuts(4, 2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }));
client1.invoke(() -> doMultiUserQueries(2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, 4));
client1.invoke(() -> doMultiUserQueryExecute(2, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, 4));
// Verify that the FE succeeds/fails
client2.invoke(() -> doMultiUserFE(2, function, new int[] { NO_EXCEPTION, NOTAUTHZ_EXCEPTION }, true));
}
Also used :
Function(org.apache.geode.cache.execute.Function)
TestFunction(org.apache.geode.internal.cache.functions.TestFunction)
TestFunction(org.apache.geode.internal.cache.functions.TestFunction)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator)
Properties(java.util.Properties)
SecurityTest(org.apache.geode.test.junit.categories.SecurityTest)
Test(org.junit.Test)
DistributedTest(org.apache.geode.test.junit.categories.DistributedTest)
Example 24 with CredentialGenerator
use of org.apache.geode.security.generator.CredentialGenerator in project geode by apache.
the class ClientMultiUserAuthzDUnitTest method testOpsWithClientsInDifferentModes.
@Test
public void testOpsWithClientsInDifferentModes() throws Exception {
for (Iterator<AuthzCredentialGenerator> iter = getDummyGeneratorCombos().iterator(); iter.hasNext(); ) {
AuthzCredentialGenerator gen = iter.next();
CredentialGenerator cGen = gen.getCredentialGenerator();
Properties extraAuthProps = cGen.getSystemProperties();
Properties javaProps = cGen.getJavaProperties();
Properties extraAuthzProps = gen.getSystemProperties();
String authenticator = cGen.getAuthenticator();
String authInit = cGen.getAuthInit();
String accessor = gen.getAuthorizationCallback();
getLogWriter().info("testOpsWithClientsInDifferentModes: Using authinit: " + authInit);
getLogWriter().info("testOpsWithClientsInDifferentModes: Using authenticator: " + authenticator);
getLogWriter().info("testOpsWithClientsInDifferentModes: Using accessor: " + accessor);
// Start servers with all required properties
Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
int port1 = createCacheServerOnVM(server1, javaProps, serverProps);
int port2 = createCacheServerOnVM(server2, javaProps, serverProps);
if (!prepareClientsForOps(gen, cGen, new OperationCode[] { OperationCode.PUT, OperationCode.PUT }, new OperationCode[] { OperationCode.GET, OperationCode.GET }, javaProps, authInit, port1, port2, false, true)) {
continue;
}
verifyPutsGets(false, true);
if (!prepareClientsForOps(gen, cGen, new OperationCode[] { OperationCode.PUT, OperationCode.CONTAINS_KEY }, new OperationCode[] { OperationCode.DESTROY, OperationCode.DESTROY }, javaProps, authInit, port1, port2, false, false)) {
continue;
}
verifyContainsKeyDestroys(false, false);
}
}
Also used :
OperationCode(org.apache.geode.cache.operations.OperationContext.OperationCode)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator)
Properties(java.util.Properties)
SecurityTest(org.apache.geode.test.junit.categories.SecurityTest)
Test(org.junit.Test)
DistributedTest(org.apache.geode.test.junit.categories.DistributedTest)
Example 25 with CredentialGenerator
use of org.apache.geode.security.generator.CredentialGenerator in project geode by apache.
the class ClientAuthorizationDUnitTest method testUnregisterInterestWithFailover.
@Test
public void testUnregisterInterestWithFailover() throws InterruptedException {
OperationWithAction[] unregisterOps = unregisterOpsForTestUnregisterInterestWithFailover();
AuthzCredentialGenerator gen = new XmlAuthzCredentialGenerator();
CredentialGenerator cGen = new DummyCredentialGenerator();
cGen.init();
gen.init(cGen);
Properties extraAuthProps = cGen.getSystemProperties();
Properties javaProps = cGen.getJavaProperties();
Properties extraAuthzProps = gen.getSystemProperties();
String authenticator = cGen.getAuthenticator();
String authInit = cGen.getAuthInit();
String accessor = gen.getAuthorizationCallback();
getLogWriter().info("testAllOpsWithFailover: Using authinit: " + authInit);
getLogWriter().info("testAllOpsWithFailover: Using authenticator: " + authenticator);
getLogWriter().info("testAllOpsWithFailover: Using accessor: " + accessor);
// Start servers with all required properties
Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
// Get ports for the servers
int[] randomAvailableTCPPorts = AvailablePortHelper.getRandomAvailableTCPPorts(2);
int port1 = randomAvailableTCPPorts[0];
int port2 = randomAvailableTCPPorts[1];
// Perform all the ops on the clients
List opBlock = new ArrayList();
for (int opNum = 0; opNum < unregisterOps.length; ++opNum) {
// Start client with valid credentials as specified in OperationWithAction
OperationWithAction currentOp = unregisterOps[opNum];
if (currentOp.equals(OperationWithAction.OPBLOCK_END) || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
// failover
if (opBlock.size() > 0) {
// Start the first server and execute the operation block
server1.invoke(() -> ClientAuthorizationTestCase.createCacheServer(getLocatorPort(), port1, serverProps, javaProps));
server2.invoke(() -> closeCache());
executeRIOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, javaProps);
if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
createServer2(javaProps, serverProps, port2);
server1.invoke(() -> closeCache());
executeRIOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, javaProps);
}
opBlock.clear();
}
} else {
currentOp.setOpNum(opNum);
opBlock.add(currentOp);
}
}
}
Also used :
ArrayList(java.util.ArrayList)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator)
ArrayList(java.util.ArrayList)
List(java.util.List)
XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator)
CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator)
Properties(java.util.Properties)
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
SecurityTest(org.apache.geode.test.junit.categories.SecurityTest)
Test(org.junit.Test)
DistributedTest(org.apache.geode.test.junit.categories.DistributedTest)
Aggregations
CredentialGenerator (org.apache.geode.security.generator.CredentialGenerator)39
Properties (java.util.Properties)37
DummyCredentialGenerator (org.apache.geode.security.generator.DummyCredentialGenerator)29
DistributedTest (org.apache.geode.test.junit.categories.DistributedTest)23
Test (org.junit.Test)23
SecurityTest (org.apache.geode.test.junit.categories.SecurityTest)21
AuthzCredentialGenerator (org.apache.geode.security.generator.AuthzCredentialGenerator)20
ConfigurationProperties (org.apache.geode.distributed.ConfigurationProperties)12
FlakyTest (org.apache.geode.test.junit.categories.FlakyTest)11
XmlAuthzCredentialGenerator (org.apache.geode.security.generator.XmlAuthzCredentialGenerator)10
ArrayList (java.util.ArrayList)7
Random (java.util.Random)7
OperationCode (org.apache.geode.cache.operations.OperationContext.OperationCode)7
LdapUserCredentialGenerator (org.apache.geode.security.generator.LdapUserCredentialGenerator)7
Category (org.junit.experimental.categories.Category)6
List (java.util.List)5
SecurityTestUtils (org.apache.geode.security.SecurityTestUtils)4
VM (org.apache.geode.test.dunit.VM)4
Host (org.apache.geode.test.dunit.Host)2
Iterator (java.util.Iterator)1
