Examples with IpFilterRule org.infinispan.client.rest.IpFilterRule used on opensource projects

Example 1 with IpFilterRule

use of org.infinispan.client.rest.IpFilterRule in project infinispan by infinispan.

the class RestServerClientOkHttp method connectorIpFilterSet.

@Override
public CompletionStage<RestResponse> connectorIpFilterSet(String name, List<IpFilterRule> rules) {
    String url = String.format("%s/connectors/%s/ip-filter", baseServerURL, name);
    Json json = Json.array();
    for (IpFilterRule rule : rules) {
        json.add(Json.object().set("type", rule.getType().name()).set("cidr", rule.getCidr()));
    }
    Request.Builder builder = new Request.Builder().url(url).post(new StringRestEntityOkHttp(MediaType.APPLICATION_JSON, json.toString()).toRequestBody());
    return client.execute(builder);
}

Example 2 with IpFilterRule

use of org.infinispan.client.rest.IpFilterRule in project infinispan by infinispan.

the class ProtocolManagementIT method testIpFilter.

@Test
public void testIpFilter() throws IOException {
    NetworkAddress loopback = NetworkAddress.loopback("loopback");
    RestClientConfigurationBuilder loopbackBuilder = new RestClientConfigurationBuilder();
    loopbackBuilder.addServer().host(loopback.getAddress().getHostAddress()).port(11222);
    RestClient loopbackClient = SERVER_TEST.rest().withClientConfiguration(loopbackBuilder).get();
    assertStatus(200, loopbackClient.server().connectorNames());
    NetworkAddress siteLocal = NetworkAddress.match("sitelocal", iF -> !iF.getName().startsWith("docker"), InetAddress::isSiteLocalAddress);
    RestClientConfigurationBuilder siteLocalBuilder0 = new RestClientConfigurationBuilder();
    siteLocalBuilder0.addServer().host(siteLocal.getAddress().getHostAddress()).port(11222);
    RestClient siteLocalClient0 = SERVER_TEST.rest().withClientConfiguration(siteLocalBuilder0).get();
    assertStatus(200, siteLocalClient0.server().connectorNames());
    RestClientConfigurationBuilder siteLocalBuilder1 = new RestClientConfigurationBuilder();
    siteLocalBuilder1.addServer().host(siteLocal.getAddress().getHostAddress()).port(11322);
    RestClient siteLocalClient1 = SERVER_TEST.rest().withClientConfiguration(siteLocalBuilder1).get();
    assertStatus(200, siteLocalClient1.server().connectorNames());
    List<IpFilterRule> rules = new ArrayList<>();
    rules.add(new IpFilterRule(IpFilterRule.RuleType.REJECT, siteLocal.cidr()));
    assertStatus(204, loopbackClient.server().connectorIpFilterSet("endpoint-default", rules));
    Exceptions.expectException(RuntimeException.class, ExecutionException.class, SocketException.class, () -> sync(siteLocalClient0.server().connectorNames()));
    Exceptions.expectException(RuntimeException.class, ExecutionException.class, SocketException.class, () -> sync(siteLocalClient1.server().connectorNames()));
    assertStatus(204, loopbackClient.server().connectorIpFiltersClear("endpoint-default"));
    assertStatus(200, siteLocalClient0.server().connectorNames());
    assertStatus(200, siteLocalClient1.server().connectorNames());
    // Attempt to lock ourselves out
    assertStatus(409, siteLocalClient0.server().connectorIpFilterSet("endpoint-default", rules));
    // Apply the filter just on the Hot Rod endpoint
    assertStatus(204, loopbackClient.server().connectorIpFilterSet("HotRod-hotrod", rules));
    ConfigurationBuilder hotRodSiteLocalBuilder = new ConfigurationBuilder();
    hotRodSiteLocalBuilder.addServer().host(siteLocal.getAddress().getHostAddress()).port(11222).clientIntelligence(ClientIntelligence.BASIC);
    RemoteCacheManager siteLocalRemoteCacheManager = SERVER_TEST.hotrod().withClientConfiguration(hotRodSiteLocalBuilder).createRemoteCacheManager();
    Exceptions.expectException(TransportException.class, siteLocalRemoteCacheManager::getCacheNames);
    // REST should still work, so let's clear the rules
    assertStatus(204, siteLocalClient0.server().connectorIpFiltersClear("HotRod-hotrod"));
    // And retry
    assertNotNull(siteLocalRemoteCacheManager.getCacheNames());
}