Example 1 with ConnectionConfiguration
use of org.apache.geode.test.dunit.rules.ConnectionConfiguration in project geode by apache.
the class MBeanSecurityJUnitTest method testNoAccessWithWhoever.
/**
* No user can call createBean or unregisterBean of GemFire Domain
*/
@Test
@ConnectionConfiguration(user = "super-user", password = "1234567")
public void testNoAccessWithWhoever() throws Exception {
MBeanServerConnection con = connectionRule.getMBeanServerConnection();
assertThatThrownBy(() -> con.createMBean("FakeClassName", new ObjectName("GemFire", "name", "foo"))).isInstanceOf(SecurityException.class);
assertThatThrownBy(() -> con.unregisterMBean(new ObjectName("GemFire", "name", "foo"))).isInstanceOf(SecurityException.class);
// user is allowed to create beans of other domains
assertThatThrownBy(() -> con.createMBean("FakeClassName", new ObjectName("OtherDomain", "name", "foo"))).isInstanceOf(ReflectionException.class);
}
Also used :
MBeanServerConnection(javax.management.MBeanServerConnection)
ObjectName(javax.management.ObjectName)
ConnectionConfiguration(org.apache.geode.test.dunit.rules.ConnectionConfiguration)
SecurityTest(org.apache.geode.test.junit.categories.SecurityTest)
Test(org.junit.Test)
IntegrationTest(org.apache.geode.test.junit.categories.IntegrationTest)
Example 2 with ConnectionConfiguration
use of org.apache.geode.test.dunit.rules.ConnectionConfiguration in project geode by apache.
the class MBeanSecurityJUnitTest method testQueryBean.
/**
* looks like everyone can query for beans, but the AccessControlMXBean is filtered from the
* result
*/
@Test
@ConnectionConfiguration(user = "stranger", password = "1234567")
public void testQueryBean() throws MalformedObjectNameException, IOException {
MBeanServerConnection con = connectionRule.getMBeanServerConnection();
Set<ObjectInstance> objects = con.queryMBeans(ObjectName.getInstance(ResourceConstants.OBJECT_NAME_ACCESSCONTROL), null);
// no AccessControlMBean in the query result
assertThat(objects.size()).isEqualTo(0);
objects = con.queryMBeans(ObjectName.getInstance("GemFire:service=CacheServer,*"), null);
assertThat(objects.size()).isEqualTo(1);
}
Also used :
ObjectInstance(javax.management.ObjectInstance)
MBeanServerConnection(javax.management.MBeanServerConnection)
ConnectionConfiguration(org.apache.geode.test.dunit.rules.ConnectionConfiguration)
SecurityTest(org.apache.geode.test.junit.categories.SecurityTest)
Test(org.junit.Test)
IntegrationTest(org.apache.geode.test.junit.categories.IntegrationTest)
Example 3 with ConnectionConfiguration
use of org.apache.geode.test.dunit.rules.ConnectionConfiguration in project geode by apache.
the class MBeanSecurityJUnitTest method testServerSideCalls.
@Test
@ConnectionConfiguration(user = "stranger", password = "1234567")
public void testServerSideCalls() {
// calls through ManagementService is not going through authorization checks
ManagementService service = ManagementService.getManagementService(server.getCache());
MemberMXBean bean = service.getMemberMXBean();
bean.compactAllDiskStores();
}
Also used :
ManagementService(org.apache.geode.management.ManagementService)
MemberMXBean(org.apache.geode.management.MemberMXBean)
ConnectionConfiguration(org.apache.geode.test.dunit.rules.ConnectionConfiguration)
SecurityTest(org.apache.geode.test.junit.categories.SecurityTest)
Test(org.junit.Test)
IntegrationTest(org.apache.geode.test.junit.categories.IntegrationTest)
Aggregations
ConnectionConfiguration (org.apache.geode.test.dunit.rules.ConnectionConfiguration)3
IntegrationTest (org.apache.geode.test.junit.categories.IntegrationTest)3
SecurityTest (org.apache.geode.test.junit.categories.SecurityTest)3
Test (org.junit.Test)3
MBeanServerConnection (javax.management.MBeanServerConnection)2
ObjectInstance (javax.management.ObjectInstance)1
ObjectName (javax.management.ObjectName)1
ManagementService (org.apache.geode.management.ManagementService)1
MemberMXBean (org.apache.geode.management.MemberMXBean)1
