Example 16 with DummyCredentialGenerator
use of org.apache.geode.security.generator.DummyCredentialGenerator in project geode by apache.
the class ClientAuthorizationDUnitTest method testUnregisterInterestWithFailover.
@Test
public void testUnregisterInterestWithFailover() throws InterruptedException {
OperationWithAction[] unregisterOps = unregisterOpsForTestUnregisterInterestWithFailover();
AuthzCredentialGenerator gen = new XmlAuthzCredentialGenerator();
CredentialGenerator cGen = new DummyCredentialGenerator();
cGen.init();
gen.init(cGen);
Properties extraAuthProps = cGen.getSystemProperties();
Properties javaProps = cGen.getJavaProperties();
Properties extraAuthzProps = gen.getSystemProperties();
String authenticator = cGen.getAuthenticator();
String authInit = cGen.getAuthInit();
String accessor = gen.getAuthorizationCallback();
getLogWriter().info("testAllOpsWithFailover: Using authinit: " + authInit);
getLogWriter().info("testAllOpsWithFailover: Using authenticator: " + authenticator);
getLogWriter().info("testAllOpsWithFailover: Using accessor: " + accessor);
// Start servers with all required properties
Properties serverProps = buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
// Get ports for the servers
int[] randomAvailableTCPPorts = AvailablePortHelper.getRandomAvailableTCPPorts(2);
int port1 = randomAvailableTCPPorts[0];
int port2 = randomAvailableTCPPorts[1];
// Perform all the ops on the clients
List opBlock = new ArrayList();
for (int opNum = 0; opNum < unregisterOps.length; ++opNum) {
// Start client with valid credentials as specified in OperationWithAction
OperationWithAction currentOp = unregisterOps[opNum];
if (currentOp.equals(OperationWithAction.OPBLOCK_END) || currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
// failover
if (opBlock.size() > 0) {
// Start the first server and execute the operation block
server1.invoke(() -> ClientAuthorizationTestCase.createCacheServer(getLocatorPort(), port1, serverProps, javaProps));
server2.invoke(() -> closeCache());
executeRIOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, javaProps);
if (!currentOp.equals(OperationWithAction.OPBLOCK_NO_FAILOVER)) {
createServer2(javaProps, serverProps, port2);
server1.invoke(() -> closeCache());
executeRIOpBlock(opBlock, port1, port2, authInit, extraAuthProps, extraAuthzProps, javaProps);
}
opBlock.clear();
}
} else {
currentOp.setOpNum(opNum);
opBlock.add(currentOp);
}
}
}
Also used :
ArrayList(java.util.ArrayList)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator)
ArrayList(java.util.ArrayList)
List(java.util.List)
XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator)
CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator)
Properties(java.util.Properties)
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
SecurityTest(org.apache.geode.test.junit.categories.SecurityTest)
Test(org.junit.Test)
DistributedTest(org.apache.geode.test.junit.categories.DistributedTest)
Example 17 with DummyCredentialGenerator
use of org.apache.geode.security.generator.DummyCredentialGenerator in project geode by apache.
the class ClientAuthorizationTestCase method getXmlAuthzGenerator.
protected AuthzCredentialGenerator getXmlAuthzGenerator() {
AuthzCredentialGenerator authzGen = new XmlAuthzCredentialGenerator();
CredentialGenerator cGen = new DummyCredentialGenerator();
cGen.init();
authzGen.init(cGen);
return authzGen;
}
Also used :
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator)
XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator)
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
AuthzCredentialGenerator(org.apache.geode.security.generator.AuthzCredentialGenerator)
XmlAuthzCredentialGenerator(org.apache.geode.security.generator.XmlAuthzCredentialGenerator)
CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator)
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
Example 18 with DummyCredentialGenerator
use of org.apache.geode.security.generator.DummyCredentialGenerator in project geode by apache.
the class ClientAuthenticationTestCase method doTestCredentialsForNotifications.
protected void doTestCredentialsForNotifications(final boolean multiUser) throws Exception {
CredentialGenerator gen = new DummyCredentialGenerator();
Properties extraProps = gen.getSystemProperties();
Properties javaProps = gen.getJavaProperties();
String authenticator = gen.getAuthenticator();
String authInit = gen.getAuthInit();
getLogWriter().info("testCredentialsForNotifications: Using scheme: " + gen.classCode());
getLogWriter().info("testCredentialsForNotifications: Using authenticator: " + authenticator);
getLogWriter().info("testCredentialsForNotifications: Using authinit: " + authInit);
// Start the first server
int locPort1 = getLocatorPort();
int locPort2 = getLocatorPort();
String locString = getAndClearLocatorString();
int port1 = server1.invoke(() -> createCacheServer(locPort1, locString, authenticator, extraProps, javaProps));
// Get a port for second server but do not start it
// This forces the clients to connect to the first server
int port2 = getRandomAvailablePort(SOCKET);
// Start the clients with valid credentials
Properties credentials1 = gen.getValidCredentials(3);
Properties javaProps1 = gen.getJavaProperties();
getLogWriter().info("testCredentialsForNotifications: For first client credentials: " + credentials1 + " : " + javaProps1);
Properties credentials2 = gen.getValidCredentials(4);
Properties javaProps2 = gen.getJavaProperties();
getLogWriter().info("testCredentialsForNotifications: For second client credentials: " + credentials2 + " : " + javaProps2);
createClient1NoException(multiUser, authInit, port1, port2, credentials1, javaProps1);
// Set up zero forward connections to check notification handshake only
int zeroConns = 0;
createClient2NoException(multiUser, authInit, port1, port2, credentials2, javaProps2, zeroConns);
// Register interest on all keys on second client
client2.invoke(() -> registerAllInterest());
// Perform some put operations from client1
client1.invoke(() -> doPuts(2));
// Verify that the puts succeeded
client2.invoke(() -> doLocalGets(2));
// start the second one and stop the first server to force a failover
server2.invoke(() -> createCacheServer(locPort2, locString, port2, authenticator, extraProps, javaProps));
server1.invoke(() -> closeCache());
// Wait for failover to complete
pause(500);
// Perform some create/update operations from client1
client1.invoke(() -> doNPuts(4));
// Verify that the creates/updates succeeded
client2.invoke(() -> doNLocalGets(4));
// Try to connect client1 with no credentials
// Verify that the creation of region throws security exception
final int p = server1.invoke(() -> createCacheServer(locPort1, locString, 0, authenticator, extraProps, javaProps));
if (gen.classCode().equals(CredentialGenerator.ClassCode.SSL)) {
// For SSL the exception may not come since the server can close socket
// before handshake message is sent from client. However exception
// should come in any region operations.
client1.invoke(() -> createCacheClient(null, null, null, p, port2, zeroConns, multiUser, NOFORCE_AUTHREQ_EXCEPTION));
client1.invoke(() -> doPuts(2, OTHER_EXCEPTION));
} else {
client1.invoke(() -> createCacheClient(null, null, null, p, port2, zeroConns, multiUser, AUTHREQ_EXCEPTION));
}
// Now try to connect client2 with invalid credentials
// Verify that the creation of region throws security exception
credentials2 = gen.getInvalidCredentials(3);
javaProps2 = gen.getJavaProperties();
getLogWriter().info("testCredentialsForNotifications: For second client invalid credentials: " + credentials2 + " : " + javaProps2);
createClient2WithException(multiUser, authInit, p, port2, credentials2, javaProps2, zeroConns);
// Now try to connect client2 with invalid auth-init method
// Trying to create the region on client with valid credentials should
// throw a security exception
client2.invoke(() -> createCacheClient("org.apache.none", credentials1, javaProps1, p, port2, zeroConns, multiUser, SECURITY_EXCEPTION));
// first place (e.g. SSL).
if (authInit != null && authInit.length() > 0) {
final int p1 = server1.invoke(() -> createCacheServer(locPort1, locString, 0, authenticator, extraProps, javaProps));
final int p2 = server2.invoke(() -> createCacheServer(locPort2, locString, 0, authenticator, extraProps, javaProps));
client1.invoke(() -> createCacheClient(null, credentials1, javaProps1, p1, p2, 0, multiUser, AUTHREQ_EXCEPTION));
createClient2AuthReqException(multiUser, p1, p2, credentials2, javaProps2, zeroConns);
createClient2AuthReqException(multiUser, p1, p2, credentials2, javaProps2, zeroConns);
} else {
getLogWriter().info("testCredentialsForNotifications: Skipping null authInit for scheme [" + gen.classCode() + "] which has no authInit");
}
// SSL) then skip it since this test is useless.
if (authenticator != null && authenticator.length() > 0) {
final int p1 = server1.invoke(() -> createCacheServer(locPort1, locString, 0, null, extraProps, javaProps));
final int p2 = server2.invoke(() -> createCacheServer(locPort2, locString, 0, null, extraProps, javaProps));
createClient1NoException(multiUser, authInit, p1, p2, credentials1, javaProps1);
createClient2NoException(multiUser, authInit, p1, p2, credentials2, javaProps2, zeroConns);
// Register interest on all keys on second client
client2.invoke(() -> registerAllInterest());
// Perform some put operations from client1
client1.invoke(() -> doPuts(4));
// Verify that the puts succeeded
client2.invoke(() -> doLocalGets(4));
// Now also try with valid credentials on client2
createClient1NoException(multiUser, authInit, p1, p2, credentials2, javaProps2);
createClient2NoException(multiUser, authInit, p1, p2, credentials1, javaProps1, zeroConns);
// Register interest on all keys on second client
client2.invoke(() -> registerAllInterest());
// Perform some put operations from client1
client1.invoke(() -> doNPuts(4));
// Verify that the puts succeeded
client2.invoke(() -> doNLocalGets(4));
} else {
getLogWriter().info("testCredentialsForNotifications: Skipping scheme [" + gen.classCode() + "] which has no authenticator");
}
}
Also used :
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator)
Properties(java.util.Properties)
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
Example 19 with DummyCredentialGenerator
use of org.apache.geode.security.generator.DummyCredentialGenerator in project geode by apache.
the class ClientAuthenticationTestCase method doTestInvalidAuthInit.
protected void doTestInvalidAuthInit(final boolean multiUser) throws Exception {
CredentialGenerator gen = new DummyCredentialGenerator();
Properties extraProps = gen.getSystemProperties();
final Properties javaProps = gen.getJavaProperties();
String authenticator = gen.getAuthenticator();
getLogWriter().info("testInvalidAuthInit: Using scheme: " + gen.classCode());
getLogWriter().info("testInvalidAuthInit: Using authenticator: " + authenticator);
// Start the server
int locPort1 = getLocatorPort();
String locString = getAndClearLocatorString();
int port1 = createServer1(extraProps, javaProps, authenticator, locPort1, locString);
Properties credentials = gen.getValidCredentials(1);
getLogWriter().info("testInvalidAuthInit: For first client credentials: " + credentials + " : " + javaProps);
client1.invoke(() -> createCacheClient("org.apache.none", credentials, javaProps, new int[] { port1 }, 0, false, multiUser, true, SECURITY_EXCEPTION));
}
Also used :
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator)
Properties(java.util.Properties)
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
Example 20 with DummyCredentialGenerator
use of org.apache.geode.security.generator.DummyCredentialGenerator in project geode by apache.
the class ClientAuthenticationTestCase method doTestValidCredentials.
protected void doTestValidCredentials(final boolean multiUser) throws Exception {
CredentialGenerator gen = new DummyCredentialGenerator();
Properties extraProps = gen.getSystemProperties();
Properties javaProps = gen.getJavaProperties();
String authenticator = gen.getAuthenticator();
String authInit = gen.getAuthInit();
getLogWriter().info("testValidCredentials: Using scheme: " + gen.classCode());
getLogWriter().info("testValidCredentials: Using authenticator: " + authenticator);
getLogWriter().info("testValidCredentials: Using authinit: " + authInit);
// Start the servers
int locPort1 = getLocatorPort();
int locPort2 = getLocatorPort();
String locString = getAndClearLocatorString();
int port1 = server1.invoke(() -> createCacheServer(locPort1, locString, authenticator, extraProps, javaProps));
int port2 = server2.invoke(() -> createCacheServer(locPort2, locString, authenticator, extraProps, javaProps));
// Start the clients with valid credentials
Properties credentials1 = gen.getValidCredentials(1);
Properties javaProps1 = gen.getJavaProperties();
getLogWriter().info("testValidCredentials: For first client credentials: " + credentials1 + " : " + javaProps1);
Properties credentials2 = gen.getValidCredentials(2);
Properties javaProps2 = gen.getJavaProperties();
getLogWriter().info("testValidCredentials: For second client credentials: " + credentials2 + " : " + javaProps2);
createClientsNoException(multiUser, authInit, port1, port2, credentials1, javaProps1, credentials2, javaProps2);
// Perform some put operations from client1
client1.invoke(() -> doPuts(2));
// Verify that the puts succeeded
client2.invoke(() -> doGets(2));
// Verify sizeOnServer is correct
client1.invoke(() -> verifySizeOnServer(2));
client1.invoke(() -> verifyIsEmptyOnServer(false));
client2.invoke(() -> verifySizeOnServer(2));
client2.invoke(() -> verifyIsEmptyOnServer(false));
if (multiUser) {
client1.invoke(() -> doProxyCacheClose());
client2.invoke(() -> doProxyCacheClose());
client1.invoke(() -> doSimplePut("CacheClosedException"));
client2.invoke(() -> doSimpleGet("CacheClosedException"));
}
}
Also used :
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
CredentialGenerator(org.apache.geode.security.generator.CredentialGenerator)
Properties(java.util.Properties)
DummyCredentialGenerator(org.apache.geode.security.generator.DummyCredentialGenerator)
Aggregations
DummyCredentialGenerator (org.apache.geode.security.generator.DummyCredentialGenerator)24
CredentialGenerator (org.apache.geode.security.generator.CredentialGenerator)22
Properties (java.util.Properties)20
DistributedTest (org.apache.geode.test.junit.categories.DistributedTest)13
Test (org.junit.Test)13
SecurityTest (org.apache.geode.test.junit.categories.SecurityTest)11
ConfigurationProperties (org.apache.geode.distributed.ConfigurationProperties)10
FlakyTest (org.apache.geode.test.junit.categories.FlakyTest)8
LdapUserCredentialGenerator (org.apache.geode.security.generator.LdapUserCredentialGenerator)7
SecurityTestUtils (org.apache.geode.security.SecurityTestUtils)4
ArrayList (java.util.ArrayList)3
AuthzCredentialGenerator (org.apache.geode.security.generator.AuthzCredentialGenerator)3
XmlAuthzCredentialGenerator (org.apache.geode.security.generator.XmlAuthzCredentialGenerator)3
Category (org.junit.experimental.categories.Category)3
Host (org.apache.geode.test.dunit.Host)2
VM (org.apache.geode.test.dunit.VM)2
Iterator (java.util.Iterator)1
List (java.util.List)1
Random (java.util.Random)1
Region (org.apache.geode.cache.Region)1
