use of org.apache.solr.client.solrj.request.CoreAdminRequest in project lucene-solr by apache.
the class TestMiniSolrCloudClusterSSL method checkClusterJettys.
/**
* verify that we can query all of the Jetty instances the specified cluster using the expected
* options (based on the sslConfig), and that we can <b>NOT</b> query the Jetty instances in
* specified cluster in the ways that should fail (based on the sslConfig)
*
* @see #getRandomizedHttpSolrClient
*/
private static void checkClusterJettys(final MiniSolrCloudCluster cluster, final SSLTestConfig sslConfig) throws Exception {
final boolean ssl = sslConfig.isSSLMode();
List<JettySolrRunner> jettys = cluster.getJettySolrRunners();
for (JettySolrRunner jetty : jettys) {
final String baseURL = jetty.getBaseUrl().toString();
// basic base URL sanity checks
assertTrue("WTF baseURL: " + baseURL, null != baseURL && 10 < baseURL.length());
assertEquals("http vs https: " + baseURL, ssl ? "https" : "http:", baseURL.substring(0, 5));
// verify solr client success with expected protocol
try (HttpSolrClient client = getRandomizedHttpSolrClient(baseURL)) {
assertEquals(0, CoreAdminRequest.getStatus(/* all */
null, client).getStatus());
}
// sanity check the HttpClient used under the hood by our the cluster's CloudSolrClient
// ensure it has the necessary protocols/credentials for each jetty server
//
// NOTE: we're not responsible for closing the cloud client
final HttpClient cloudClient = cluster.getSolrClient().getLbClient().getHttpClient();
try (HttpSolrClient client = getRandomizedHttpSolrClient(baseURL)) {
assertEquals(0, CoreAdminRequest.getStatus(/* all */
null, client).getStatus());
}
final String wrongBaseURL = baseURL.replaceFirst((ssl ? "https://" : "http://"), (ssl ? "http://" : "https://"));
// verify solr client using wrong protocol can't talk to server
expectThrows(SolrServerException.class, () -> {
try (HttpSolrClient client = getRandomizedHttpSolrClient(wrongBaseURL)) {
CoreAdminRequest req = new CoreAdminRequest();
req.setAction(CoreAdminAction.STATUS);
client.request(req);
}
});
if (!sslConfig.isClientAuthMode()) {
// verify simple HTTP(S) client can't do HEAD request for URL with wrong protocol
try (CloseableHttpClient client = getSslAwareClientWithNoClientCerts()) {
final String wrongUrl = wrongBaseURL + "/admin/cores";
// vastly diff exception details between plain http vs https, not worried about details here
expectThrows(IOException.class, () -> {
doHeadRequest(client, wrongUrl);
});
}
}
if (ssl) {
// verify expected results for a HEAD request to valid URL from HTTP(S) client w/o client certs
try (CloseableHttpClient client = getSslAwareClientWithNoClientCerts()) {
final String url = baseURL + "/admin/cores";
if (sslConfig.isClientAuthMode()) {
// w/o a valid client cert, SSL connection should fail
expectThrows(IOException.class, () -> {
doHeadRequest(client, url);
});
} else {
assertEquals("Wrong status for head request (" + url + ") when clientAuth=" + sslConfig.isClientAuthMode(), 200, doHeadRequest(client, url));
}
}
}
}
}
Aggregations