Example 1 with TestUser
use of org.infinispan.server.test.api.TestUser in project infinispan by infinispan.
the class AbstractInfinispanServerDriver method createUserFile.
protected void createUserFile(String realm) {
// Create users and groups for individual permissions
UserTool userTool = new UserTool(rootDir.getAbsolutePath());
for (AuthorizationPermission permission : AuthorizationPermission.values()) {
String name = permission.name().toLowerCase();
userTool.createUser(name + "_user", name, realm, UserTool.Encryption.DEFAULT, Collections.singletonList(name), null);
}
// Create users with composite roles
for (TestUser user : TestUser.values()) {
if (user != TestUser.ANONYMOUS) {
userTool.createUser(user.getUser(), user.getPassword(), realm, UserTool.Encryption.DEFAULT, user.getRoles(), null);
}
}
}
Also used :
AuthorizationPermission(org.infinispan.security.AuthorizationPermission)
UserTool(org.infinispan.cli.user.UserTool)
TestUser(org.infinispan.server.test.api.TestUser)
Example 2 with TestUser
use of org.infinispan.server.test.api.TestUser in project infinispan by infinispan.
the class AbstractAuthorization method testHotRodWriterCannotRead.
private void testHotRodWriterCannotRead(String... explicitRoles) {
hotRodCreateAuthzCache(explicitRoles);
RemoteCache<String, String> writerCache = getServerTest().hotrod().withClientConfiguration(hotRodBuilders.get(TestUser.WRITER)).get();
writerCache.put("k1", "v1");
Exceptions.expectException(HotRodClientException.class, "(?s).*ISPN000287.*", () -> writerCache.get("k1"));
for (TestUser user : EnumSet.complementOf(EnumSet.of(TestUser.WRITER, TestUser.MONITOR, TestUser.ANONYMOUS))) {
RemoteCache<String, String> userCache = getServerTest().hotrod().withClientConfiguration(hotRodBuilders.get(user)).get();
assertEquals("v1", userCache.get("k1"));
}
}
Also used :
TestUser(org.infinispan.server.test.api.TestUser)
Example 3 with TestUser
use of org.infinispan.server.test.api.TestUser in project infinispan by infinispan.
the class AbstractAuthorization method testRestWriterCannotRead.
private void testRestWriterCannotRead(String... explicitRoles) {
restCreateAuthzCache(explicitRoles);
RestCacheClient writerCache = getServerTest().rest().withClientConfiguration(restBuilders.get(TestUser.WRITER)).get().cache(getServerTest().getMethodName());
sync(writerCache.put("k1", "v1"));
assertStatus(FORBIDDEN, writerCache.get("k1"));
for (TestUser user : EnumSet.of(TestUser.OBSERVER, TestUser.DEPLOYER)) {
RestCacheClient userCache = getServerTest().rest().withClientConfiguration(restBuilders.get(user)).get().cache(getServerTest().getMethodName());
assertEquals("v1", sync(userCache.get("k1")).getBody());
}
}
Also used :
RestCacheClient(org.infinispan.client.rest.RestCacheClient)
TestUser(org.infinispan.server.test.api.TestUser)
Example 4 with TestUser
use of org.infinispan.server.test.api.TestUser in project infinispan by infinispan.
the class AbstractAuthorization method testRestNonAdminsMustNotModifyLoggers.
@Test
public void testRestNonAdminsMustNotModifyLoggers() {
for (TestUser user : TestUser.NON_ADMINS) {
assertStatus(FORBIDDEN, getServerTest().rest().withClientConfiguration(restBuilders.get(user)).get().server().logging().setLogger("org.infinispan.TEST_LOGGER", "ERROR", "STDOUT"));
assertStatus(FORBIDDEN, getServerTest().rest().withClientConfiguration(restBuilders.get(user)).get().server().logging().removeLogger("org.infinispan.TEST_LOGGER"));
}
}Example 5 with TestUser
use of org.infinispan.server.test.api.TestUser in project infinispan by infinispan.
the class AbstractAuthorization method testRestNonAdminsMustNotAdminServer.
@Test
public void testRestNonAdminsMustNotAdminServer() {
for (TestUser user : TestUser.NON_ADMINS) {
RestClientConfigurationBuilder userConfig = restBuilders.get(user);
RestClient client = getServerTest().rest().withClientConfiguration(userConfig).get();
assertStatus(FORBIDDEN, client.server().report());
assertStatus(FORBIDDEN, client.server().connectorStop("endpoint-default"));
assertStatus(FORBIDDEN, client.server().connectorStart("endpoint-default"));
assertStatus(FORBIDDEN, client.server().connectorIpFilterSet("endpoint-default", Collections.emptyList()));
assertStatus(FORBIDDEN, client.server().connectorIpFiltersClear("endpoint-default"));
assertStatus(FORBIDDEN, client.server().memory());
assertStatus(FORBIDDEN, client.server().env());
assertStatus(FORBIDDEN, client.server().configuration());
}
}
Also used :
RestClientConfigurationBuilder(org.infinispan.client.rest.configuration.RestClientConfigurationBuilder)
RestClient(org.infinispan.client.rest.RestClient)
TestUser(org.infinispan.server.test.api.TestUser)
Test(org.junit.Test)
Aggregations
TestUser (org.infinispan.server.test.api.TestUser)19
Test (org.junit.Test)12
RestCacheClient (org.infinispan.client.rest.RestCacheClient)5
RemoteCacheManager (org.infinispan.client.hotrod.RemoteCacheManager)3
RestClient (org.infinispan.client.rest.RestClient)3
UserTool (org.infinispan.cli.user.UserTool)2
RestClientConfigurationBuilder (org.infinispan.client.rest.configuration.RestClientConfigurationBuilder)2
User (org.infinispan.protostream.sampledomain.User)2
QueryFactory (org.infinispan.query.dsl.QueryFactory)2
AuthorizationPermission (org.infinispan.security.AuthorizationPermission)2
InfinispanServerTestMethodRule (org.infinispan.server.test.junit4.InfinispanServerTestMethodRule)2
FileOutputStream (java.io.FileOutputStream)1
IOException (java.io.IOException)1
KeyPair (java.security.KeyPair)1
KeyPairGenerator (java.security.KeyPairGenerator)1
KeyStore (java.security.KeyStore)1
KeyStoreException (java.security.KeyStoreException)1
PrivateKey (java.security.PrivateKey)1
PublicKey (java.security.PublicKey)1
CertificateException (java.security.cert.CertificateException)1
