use of org.apache.geode.security.generator.LdapUserCredentialGenerator in project geode by apache.
the class P2PAuthenticationDUnitTest method testP2PViewChangeReject.
/**
* The strategy is to test view change reject by having two different authenticators on different
* VMs.
*
* Here locator will accept the credentials from peer2 but the first peer will reject them due to
* different authenticator. Hence the number of members reported by the first peer should be only
* two while others will report as three.
*/
@Ignore("disabled for some reason?")
@Test
public void testP2PViewChangeReject() throws Exception {
final Host host = Host.getHost(0);
final VM peer2 = host.getVM(1);
final VM peer3 = host.getVM(2);
CredentialGenerator gen = new LdapUserCredentialGenerator();
gen.init();
Properties extraProps = gen.getSystemProperties();
String authenticator = gen.getAuthenticator();
String authInit = gen.getAuthInit();
if (extraProps == null) {
extraProps = new Properties();
}
CredentialGenerator gen2 = new DummyCredentialGenerator();
gen2.init();
Properties extraProps2 = gen2.getSystemProperties();
String authenticator2 = gen2.getAuthenticator();
if (extraProps2 == null) {
extraProps2 = new Properties();
}
// Start the locator with the LDAP authenticator
Properties props = new Properties();
int port = getRandomAvailablePort(SOCKET);
final String locators = getIPLiteral() + "[" + port + "]";
props.setProperty(SECURITY_PEER_AUTH_INIT, authInit);
props.setProperty(SECURITY_PEER_AUTHENTICATOR, authenticator);
Properties credentials = gen.getValidCredentials(1);
Properties javaProps = gen.getJavaProperties();
props.putAll(credentials);
props.putAll(extraProps);
startTheLocator(props, javaProps, port);
try {
// Start the first peer with different authenticator
props = new Properties();
props.setProperty(MCAST_PORT, "0");
props.setProperty(LOCATORS, locators);
props.setProperty(SECURITY_PEER_AUTH_INIT, authInit);
props.setProperty(SECURITY_PEER_AUTHENTICATOR, authenticator2);
credentials = gen.getValidCredentials(3);
Properties javaProps2 = gen2.getJavaProperties();
props.putAll(credentials);
props.putAll(extraProps2);
createDS(props, javaProps2);
// Start the second peer with the same authenticator as locator
props = new Properties();
props.setProperty(MCAST_PORT, "0");
props.setProperty(LOCATORS, locators);
props.setProperty(SECURITY_PEER_AUTH_INIT, authInit);
props.setProperty(SECURITY_PEER_AUTHENTICATOR, authenticator);
credentials = gen.getValidCredentials(7);
javaProps = gen.getJavaProperties();
props.putAll(credentials);
props.putAll(extraProps);
createDS(peer2, props, javaProps);
createDS(peer3, props, javaProps);
// wait for view propagation
pause(2000);
// Verify the number of members on all peers and locator
locatorVM.invoke(() -> verifyMembers(4));
verifyMembers(2);
peer2.invoke(() -> verifyMembers(4));
peer3.invoke(() -> verifyMembers(4));
// Disconnect the first peer and check again
disconnectFromDS();
pause(2000);
locatorVM.invoke(() -> verifyMembers(3));
peer2.invoke(() -> verifyMembers(3));
peer3.invoke(() -> verifyMembers(3));
// Disconnect the second peer and check again
peer2.invoke(() -> disconnectFromDS());
pause(2000);
locatorVM.invoke(() -> verifyMembers(2));
peer3.invoke(() -> verifyMembers(2));
// Same for last peer
peer3.invoke(() -> disconnectFromDS());
pause(2000);
locatorVM.invoke(() -> verifyMembers(1));
} finally {
locatorVM.invoke(() -> stopLocator(port, ignoredExceptions));
}
}
Aggregations