ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mpapirkovs...@apache.org
Subject [4/4] ambari git commit: AMBARI-17481. Incorrect error message on login page. (mpapirkovskyy)
Date Wed, 29 Jun 2016 16:23:12 GMT
AMBARI-17481. Incorrect error message on login page. (mpapirkovskyy)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/661c2623
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/661c2623
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/661c2623

Branch: refs/heads/branch-2.4
Commit: 661c262394e0c7e2d1aac0518dfef4ca62b28094
Parents: be17fbe
Author: Myroslav Papirkovskyi <mpapyrkovskyy@hortonworks.com>
Authored: Wed Jun 29 18:09:53 2016 +0300
Committer: Myroslav Papirkovskyi <mpapyrkovskyy@hortonworks.com>
Committed: Wed Jun 29 19:22:24 2016 +0300

----------------------------------------------------------------------
 .../AmbariLdapAuthenticationProvider.java       |  7 ++--
 .../AmbariLdapAuthoritiesPopulator.java         |  3 +-
 .../authorization/AmbariLocalUserProvider.java  | 16 +++-----
 ...lidUsernamePasswordCombinationException.java | 34 +++++++++++++++++
 .../server/security/authorization/Users.java    |  6 +--
 .../AmbariInternalAuthenticationProvider.java   |  5 +--
 .../ambari/server/state/ConfigHelper.java       |  8 +++-
 ...ariAuthorizationProviderDisableUserTest.java | 13 +++----
 ...uthenticationProviderForDNWithSpaceTest.java |  4 +-
 .../AmbariLdapAuthenticationProviderTest.java   | 18 +++------
 .../AmbariLocalUserProviderTest.java            |  8 ++--
 .../svccomphost/ServiceComponentHostTest.java   | 40 ++++++++++++++++++++
 12 files changed, 108 insertions(+), 54 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
index 0bf7ec2..6be7e10 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProvider.java
@@ -30,7 +30,6 @@ import org.slf4j.LoggerFactory;
 import org.springframework.dao.IncorrectResultSizeDataAccessException;
 import org.springframework.ldap.core.support.LdapContextSource;
 import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@@ -86,7 +85,7 @@ public class AmbariLdapAuthenticationProvider implements AuthenticationProvider
                     "connecting to LDAP server) are invalid.", e);
           }
         }
-        throw e;
+        throw new InvalidUsernamePasswordCombinationException(e);
       } catch (IncorrectResultSizeDataAccessException multipleUsersFound) {
         String message = configuration.isLdapAlternateUserSearchEnabled() ?
           String.format("Login Failed: Please append your domain to your username and try
again.  Example: %s@domain", username) :
@@ -197,13 +196,13 @@ public class AmbariLdapAuthenticationProvider implements AuthenticationProvider
 
     if (userEntity == null || !StringUtils.equals(userEntity.getUserName(), userName)) {
       LOG.info("user not found ");
-      throw new UsernameNotFoundException("Username " + userName + " not found");
+      throw new InvalidUsernamePasswordCombinationException();
     }
 
     if (!userEntity.getActive()) {
       LOG.debug("User account is disabled");
 
-      throw new DisabledException("Username " + userName + " is disabled");
+      throw new InvalidUsernamePasswordCombinationException();
     }
 
     return userEntity.getUserId();

http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
index 7df8dc3..b3be046 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthoritiesPopulator.java
@@ -32,7 +32,6 @@ import org.apache.ambari.server.orm.entities.UserEntity;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.ldap.core.DirContextOperations;
-import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.ldap.userdetails.LdapAuthoritiesPopulator;
 
@@ -73,7 +72,7 @@ public class AmbariLdapAuthoritiesPopulator implements LdapAuthoritiesPopulator
       return Collections.emptyList();
     }
     if(!user.getActive()){
-      throw new DisabledException("User is disabled");
+      throw new InvalidUsernamePasswordCombinationException();
     }
     // get all of the privileges for the user
     List<PrincipalEntity> principalEntities = new LinkedList<PrincipalEntity>();

http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
index a8c9b19..e225f5a 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProvider.java
@@ -23,15 +23,12 @@ import org.apache.ambari.server.orm.entities.UserEntity;
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
 import java.util.Collection;
 
@@ -65,22 +62,20 @@ public class AmbariLocalUserProvider extends AbstractUserDetailsAuthenticationPr
 
     if (userEntity == null || !StringUtils.equals(userEntity.getUserName(), userName)) {
       //TODO case insensitive name comparison is a temporary solution, until users API will
change to use id as PK
-      LOG.info("user not found ");
-      throw new UsernameNotFoundException("Username " + userName + " not found");
+      LOG.info("user not found");
+      throw new InvalidUsernamePasswordCombinationException();
     }
 
     if (!userEntity.getActive()) {
       logger.debug("User account is disabled");
 
-      throw new DisabledException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.disabled",
-        "User is disabled"));
+      throw new InvalidUsernamePasswordCombinationException();
     }
 
     if (authentication.getCredentials() == null) {
       logger.debug("Authentication failed: no credentials provided");
 
-      throw new BadCredentialsException(messages.getMessage(
-        "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
+      throw new InvalidUsernamePasswordCombinationException();
     }
 
     String password = userEntity.getUserPassword();
@@ -89,8 +84,7 @@ public class AmbariLocalUserProvider extends AbstractUserDetailsAuthenticationPr
     if (!passwordEncoder.matches(presentedPassword, password)) {
       logger.debug("Authentication failed: password does not match stored value");
 
-      throw new BadCredentialsException(messages.getMessage(
-        "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
+      throw new InvalidUsernamePasswordCombinationException();
     }
     Collection<AmbariGrantedAuthority> userAuthorities =
       users.getUserAuthorities(userEntity.getUserName(), userEntity.getUserType());

http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/InvalidUsernamePasswordCombinationException.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/InvalidUsernamePasswordCombinationException.java
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/InvalidUsernamePasswordCombinationException.java
new file mode 100644
index 0000000..db82381
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/InvalidUsernamePasswordCombinationException.java
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.security.authorization;
+
+import org.springframework.security.core.AuthenticationException;
+
+public class InvalidUsernamePasswordCombinationException extends AuthenticationException
{
+
+  public static final String MESSAGE = "Unable to sign in. Invalid username/password combination.";
+
+  public InvalidUsernamePasswordCombinationException() {
+    super(MESSAGE);
+  }
+
+  public InvalidUsernamePasswordCombinationException(Throwable t) {
+    super(MESSAGE, t);
+  }
+}

http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
index 1a7b58d..0d4267e 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/Users.java
@@ -42,7 +42,6 @@ import org.apache.ambari.server.security.ldap.LdapUserGroupMemberDto;
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -168,9 +167,8 @@ public class Users {
         ldapAuthenticationProvider.authenticate(
             new UsernamePasswordAuthenticationToken(currentUserName, currentUserPassword));
       isLdapUser = true;
-      } catch (BadCredentialsException ex) {
-        throw new AmbariException("Incorrect password provided for LDAP user " +
-            currentUserName);
+      } catch (InvalidUsernamePasswordCombinationException ex) {
+        throw new AmbariException(ex.getMessage());
       }
     }
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/AmbariInternalAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/AmbariInternalAuthenticationProvider.java
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/AmbariInternalAuthenticationProvider.java
index 243c843..dd21aaf 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/AmbariInternalAuthenticationProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/AmbariInternalAuthenticationProvider.java
@@ -19,8 +19,8 @@
 package org.apache.ambari.server.security.authorization.internal;
 
 import com.google.inject.Inject;
+import org.apache.ambari.server.security.authorization.InvalidUsernamePasswordCombinationException;
 import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 
@@ -39,8 +39,7 @@ public class AmbariInternalAuthenticationProvider implements AuthenticationProvi
     if (internalTokenStorage.isValidInternalToken(token.getCredentials())) {
       token.setAuthenticated(true);
     } else {
-      String message = "Bad credentials";
-      throw new BadCredentialsException(message);
+      throw new InvalidUsernamePasswordCombinationException();
     }
     return token;
   }

http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/main/java/org/apache/ambari/server/state/ConfigHelper.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/state/ConfigHelper.java
b/ambari-server/src/main/java/org/apache/ambari/server/state/ConfigHelper.java
index 4feba62..ecb4a75 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/state/ConfigHelper.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/state/ConfigHelper.java
@@ -128,8 +128,7 @@ public class ConfigHelper {
    * has completed, otherwise it's possible to cache invalid data before the
    * transaction is committed.
    */
-  private final ExecutorService cacheInvalidationExecutor = Executors.newSingleThreadExecutor(
-      cacheInvalidationThreadFactory);
+  private final ExecutorService cacheInvalidationExecutor = createCacheInvalidationExecutor();
 
   /**
    * Used to ensure that methods which rely on the completion of
@@ -1369,4 +1368,9 @@ public class ConfigHelper {
     }
   }
 
+  private ExecutorService createCacheInvalidationExecutor() {
+    return Executors.newSingleThreadExecutor(
+      cacheInvalidationThreadFactory);
+  }
+
 }

http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java
index 16cba8b..90d4be0 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationProviderDisableUserTest.java
@@ -27,7 +27,6 @@ import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
 import org.mockito.Mockito;
-import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -64,12 +63,12 @@ public class AmbariAuthorizationProviderDisableUserTest {
   }
   
   @Test public void testDisabledUserViaDaoProvider(){
-    try{
+    try {
       alup.authenticate(new UsernamePasswordAuthenticationToken("disabledUser","pwd"));
       Assert.fail("Disabled user passes authentication");
-    }catch(DisabledException e){
+    } catch (InvalidUsernamePasswordCombinationException e){
       //expected
-      Assert.assertEquals("User is disabled", e.getMessage());//UI depends on this
+      Assert.assertEquals(InvalidUsernamePasswordCombinationException.MESSAGE, e.getMessage());//UI
depends on this
     }
     Authentication auth = alup.authenticate(new UsernamePasswordAuthenticationToken("activeUser","pwd"));
     Assert.assertNotNull(auth);
@@ -77,12 +76,12 @@ public class AmbariAuthorizationProviderDisableUserTest {
   }
 
   @Test public void testDisabledUserViaLdapProvider(){
-    try{
+    try {
       ldapPopulator.getGrantedAuthorities(null, "disabledUser");
       Assert.fail("Disabled user passes authentication");
-    }catch(DisabledException e){
+    } catch (InvalidUsernamePasswordCombinationException e) {
       //expected
-      Assert.assertEquals("User is disabled", e.getMessage());//UI depends on this
+      Assert.assertEquals(InvalidUsernamePasswordCombinationException.MESSAGE, e.getMessage());//UI
depends on this
     }
   }
   

http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderForDNWithSpaceTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderForDNWithSpaceTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderForDNWithSpaceTest.java
index ece3dab..1a18ff2 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderForDNWithSpaceTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderForDNWithSpaceTest.java
@@ -33,11 +33,9 @@ import org.apache.directory.server.core.annotations.ApplyLdifFiles;
 import org.apache.directory.server.core.annotations.ContextEntry;
 import org.apache.directory.server.core.annotations.CreateDS;
 import org.apache.directory.server.core.annotations.CreatePartition;
-import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
 import org.apache.directory.server.core.integ.FrameworkRunner;
 import org.junit.*;
 import org.junit.runner.RunWith;
-import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 
@@ -89,7 +87,7 @@ public class AmbariLdapAuthenticationProviderForDNWithSpaceTest extends
AmbariLd
     injector.getInstance(PersistService.class).stop();
   }
 
-  @Test(expected = BadCredentialsException.class)
+  @Test(expected = InvalidUsernamePasswordCombinationException.class)
   public void testBadCredential() throws Exception {
     Authentication authentication = new UsernamePasswordAuthenticationToken("notFound", "wrong");
     authenticationProvider.authenticate(authentication);

http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderTest.java
index 9392910..c011fc8 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderTest.java
@@ -36,23 +36,15 @@ import org.apache.directory.server.core.annotations.ApplyLdifFiles;
 import org.apache.directory.server.core.annotations.ContextEntry;
 import org.apache.directory.server.core.annotations.CreateDS;
 import org.apache.directory.server.core.annotations.CreatePartition;
-import org.apache.directory.server.core.api.DirectoryService;
-import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
 import org.apache.directory.server.core.integ.FrameworkRunner;
-import org.apache.directory.server.kerberos.kdc.KdcServer;
-import org.apache.directory.server.ldap.LdapServer;
-import org.easymock.EasyMockSupport;
 import org.easymock.IAnswer;
 import org.junit.After;
-import org.junit.AfterClass;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.slf4j.Logger;
-import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
-import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
 
 import static org.easymock.EasyMock.*;
 
@@ -106,7 +98,7 @@ public class AmbariLdapAuthenticationProviderTest extends AmbariLdapAuthenticati
     injector.getInstance(PersistService.class).stop();
   }
 
-  @Test(expected = BadCredentialsException.class)
+  @Test(expected = InvalidUsernamePasswordCombinationException.class)
   public void testBadCredential() throws Exception {
     Authentication authentication = new UsernamePasswordAuthenticationToken("notFound", "wrong");
     authenticationProvider.authenticate(authentication);
@@ -220,7 +212,7 @@ public class AmbariLdapAuthenticationProviderTest extends AmbariLdapAuthenticati
     assertTrue(result.isAuthenticated());
   }
 
-  @Test(expected = BadCredentialsException.class)
+  @Test(expected = InvalidUsernamePasswordCombinationException.class)
   public void testBadCredentialsForMissingLoginAlias() throws Exception {
     // Given
     assertNull("User already exists in DB", userDAO.findLdapUserByName("allowedUser"));
@@ -232,11 +224,11 @@ public class AmbariLdapAuthenticationProviderTest extends AmbariLdapAuthenticati
     authenticationProvider.authenticate(authentication);
 
     // Then
-    // BadCredentialsException should be thrown due to no user with 'missingloginalias@ambari.apache.org'
 is found in ldap
+    // InvalidUsernamePasswordCombinationException should be thrown due to no user with 'missingloginalias@ambari.apache.org'
 is found in ldap
   }
 
 
-  @Test(expected = BadCredentialsException.class)
+  @Test(expected = InvalidUsernamePasswordCombinationException.class)
   public void testBadCredentialsBadPasswordForLoginAlias() throws Exception {
     // Given
     assertNull("User already exists in DB", userDAO.findLdapUserByName("allowedUser"));
@@ -248,6 +240,6 @@ public class AmbariLdapAuthenticationProviderTest extends AmbariLdapAuthenticati
     authenticationProvider.authenticate(authentication);
 
     // Then
-    // BadCredentialsException should be thrown due to wrong password
+    // InvalidUsernamePasswordCombinationException should be thrown due to wrong password
   }
 }

http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java
index 6dda3f2..f3fcca4 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariLocalUserProviderTest.java
@@ -29,10 +29,8 @@ import org.apache.ambari.server.orm.entities.UserEntity;
 import org.junit.Before;
 import org.junit.BeforeClass;
 import org.junit.Test;
-import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.password.PasswordEncoder;
 
 import static org.easymock.EasyMock.createMock;
@@ -92,7 +90,7 @@ public class AmbariLocalUserProviderTest {
     assertEquals(1, ((User) resultedAuth.getPrincipal()).getUserId());
   }
 
-  @Test(expected = UsernameNotFoundException.class)
+  @Test(expected = InvalidUsernamePasswordCombinationException.class)
   public void testAuthWithIncorrectName() {
     Users users = createMock(Users.class);
     UserDAO userDAO = createMock(UserDAO.class);
@@ -107,7 +105,7 @@ public class AmbariLocalUserProviderTest {
     ambariLocalUserProvider.authenticate(authentication);
   }
 
-  @Test(expected = BadCredentialsException.class)
+  @Test(expected = InvalidUsernamePasswordCombinationException.class)
   public void testAuthWithoutPass() {
     Users users = createMock(Users.class);
     UserDAO userDAO = createMock(UserDAO.class);
@@ -125,7 +123,7 @@ public class AmbariLocalUserProviderTest {
     ambariLocalUserProvider.authenticate(authentication);
   }
 
-  @Test(expected = BadCredentialsException.class)
+  @Test(expected = InvalidUsernamePasswordCombinationException.class)
   public void testAuthWithIncorrectPass() {
     Users users = createMock(Users.class);
     UserDAO userDAO = createMock(UserDAO.class);

http://git-wip-us.apache.org/repos/asf/ambari/blob/661c2623/ambari-server/src/test/java/org/apache/ambari/server/state/svccomphost/ServiceComponentHostTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/state/svccomphost/ServiceComponentHostTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/state/svccomphost/ServiceComponentHostTest.java
index ffde57f..44afdaa 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/state/svccomphost/ServiceComponentHostTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/state/svccomphost/ServiceComponentHostTest.java
@@ -18,6 +18,9 @@
 
 package org.apache.ambari.server.state.svccomphost;
 
+import java.lang.reflect.Field;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
@@ -25,6 +28,8 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.TimeUnit;
 
 import javax.persistence.EntityManager;
 
@@ -790,6 +795,7 @@ public class ServiceComponentHostTest {
 
     makeConfig(cluster, "foo", "version1",
         new HashMap<String,String>() {{ put("a", "c"); }}, new HashMap<String, Map<String,String>>());
+    waitToStaleConfigsCacheClear();
 
     // HDP-x/HDFS does not define type 'foo', so changes do not count to stale
     Assert.assertFalse(sch1.convertToResponse(null).isStaleConfig());
@@ -797,6 +803,7 @@ public class ServiceComponentHostTest {
 
     makeConfig(cluster, "hdfs-site", "version1",
         new HashMap<String,String>() {{ put("a", "b"); }}, new HashMap<String, Map<String,String>>());
+    waitToStaleConfigsCacheClear();
 
     // HDP-x/HDFS/hdfs-site is not on the actual, but it is defined, so it is stale
     Assert.assertTrue(sch1.convertToResponse(null).isStaleConfig());
@@ -810,6 +817,7 @@ public class ServiceComponentHostTest {
     //reset restartRequired flag + invalidating isStale cache
     // after start/restart command execution completed
     sch1.setRestartRequired(false);
+    waitToStaleConfigsCacheClear();
     // HDP-x/HDFS/hdfs-site up to date, only for sch1
     Assert.assertFalse(sch1.convertToResponse(null).isStaleConfig());
     Assert.assertTrue(sch2.convertToResponse(null).isStaleConfig());
@@ -820,6 +828,7 @@ public class ServiceComponentHostTest {
     //reset restartRequired flag + invalidating isStale cache(
     // after start/restart command execution completed)
     sch2.setRestartRequired(false);
+    waitToStaleConfigsCacheClear();
     // HDP-x/HDFS/hdfs-site up to date for both
     Assert.assertFalse(sch1.convertToResponse(null).isStaleConfig());
     Assert.assertFalse(sch2.convertToResponse(null).isStaleConfig());
@@ -827,6 +836,7 @@ public class ServiceComponentHostTest {
     makeConfig(cluster, "hdfs-site", "version2",
         new HashMap<String, String>() {{ put("dfs.journalnode.http-address", "http://foo");
}},
         new HashMap<String, Map<String,String>>());
+    waitToStaleConfigsCacheClear();
 
     // HDP-x/HDFS/hdfs-site updated to changed property
     Assert.assertTrue(sch1.convertToResponse(null).isStaleConfig());
@@ -839,6 +849,7 @@ public class ServiceComponentHostTest {
     // after start/restart command execution completed
     sch1.setRestartRequired(false);
     sch2.setRestartRequired(false);
+    waitToStaleConfigsCacheClear();
     // HDP-x/HDFS/hdfs-site updated to changed property
     Assert.assertFalse(sch1.convertToResponse(null).isStaleConfig());
     Assert.assertFalse(sch2.convertToResponse(null).isStaleConfig());
@@ -859,6 +870,7 @@ public class ServiceComponentHostTest {
       new HashMap<Long, Host>() {{ put(hostEntity.getHostId(), host); }});
     configGroup.persist();
     cluster.addConfigGroup(configGroup);
+    waitToStaleConfigsCacheClear();
 
     // HDP-x/HDFS/hdfs-site updated host to changed property
     Assert.assertTrue(sch1.convertToResponse(null).isStaleConfig());
@@ -871,6 +883,7 @@ public class ServiceComponentHostTest {
     //reset restartRequired flag + invalidating isStale cache
     // after start/restart command execution completed
     sch2.setRestartRequired(false);
+    waitToStaleConfigsCacheClear();
     // HDP-x/HDFS/hdfs-site updated host to changed property
     Assert.assertTrue(sch1.convertToResponse(null).isStaleConfig());
     Assert.assertFalse(sch2.convertToResponse(null).isStaleConfig());
@@ -881,6 +894,7 @@ public class ServiceComponentHostTest {
     //reset restartRequired flag + invalidating isStale cache
     // after start/restart command execution completed
     sch1.setRestartRequired(false);
+    waitToStaleConfigsCacheClear();
     // HDP-x/HDFS/hdfs-site updated host to changed property
     Assert.assertFalse(sch1.convertToResponse(null).isStaleConfig());
     Assert.assertFalse(sch2.convertToResponse(null).isStaleConfig());
@@ -892,6 +906,7 @@ public class ServiceComponentHostTest {
         put("dfs_namenode_name_dir", "/foo3"); // HDFS only
         put("mapred_log_dir_prefix", "/foo2"); // MR2 only
       }}, new HashMap<String, Map<String,String>>());
+    waitToStaleConfigsCacheClear();
 
     Assert.assertTrue(sch1.convertToResponse(null).isStaleConfig());
     Assert.assertTrue(sch2.convertToResponse(null).isStaleConfig());
@@ -903,6 +918,7 @@ public class ServiceComponentHostTest {
         put("a", "b");
         put("fs.trash.interval", "360"); // HDFS only
       }}, new HashMap<String, Map<String,String>>());
+    waitToStaleConfigsCacheClear();
 
     Assert.assertTrue(sch1.convertToResponse(null).isStaleConfig());
     Assert.assertTrue(sch2.convertToResponse(null).isStaleConfig());
@@ -942,10 +958,12 @@ public class ServiceComponentHostTest {
     //reset restartRequired flag + invalidating isStale cache
     // after start/restart command execution completed
     sch3.setRestartRequired(false);
+    waitToStaleConfigsCacheClear();
 
     Assert.assertFalse(sch3.convertToResponse(null).isStaleConfig());
 
     cluster.deleteConfigGroup(id);
+    waitToStaleConfigsCacheClear();
     Assert.assertNull(cluster.getConfigGroups().get(id));
 
     sch3.updateActualConfigs(actual);
@@ -958,6 +976,7 @@ public class ServiceComponentHostTest {
     //reset restartRequired flag + invalidating isStale cache
     // after start/restart command execution completed
     sch3.setRestartRequired(false);
+    waitToStaleConfigsCacheClear();
     Assert.assertFalse(sch3.convertToResponse(null).isStaleConfig());
   }
 
@@ -1023,6 +1042,7 @@ public class ServiceComponentHostTest {
          put("a", "true");
        }});
       }});
+    waitToStaleConfigsCacheClear();
     // HDP-x/HDFS does not define type 'foo', so changes do not count to stale
     Assert.assertFalse(sch1.convertToResponse(null).isStaleConfig());
     Assert.assertFalse(sch2.convertToResponse(null).isStaleConfig());
@@ -1032,6 +1052,7 @@ public class ServiceComponentHostTest {
       put("mapred-site", new HashMap<String,String>() {{ put("tag", "version1"); }});
     }};
     sch3.setRestartRequired(false);
+    waitToStaleConfigsCacheClear();
     sch3.updateActualConfigs(actual);
     Assert.assertFalse(sch3.convertToResponse(null).isStaleConfig());
 
@@ -1046,6 +1067,7 @@ public class ServiceComponentHostTest {
     sch1.setRestartRequired(false);
     sch2.setRestartRequired(false);
     sch3.setRestartRequired(false);
+    waitToStaleConfigsCacheClear();
     Assert.assertTrue(sch1.convertToResponse(null).isStaleConfig());
     Assert.assertTrue(sch2.convertToResponse(null).isStaleConfig());
     Assert.assertFalse(sch3.convertToResponse(null).isStaleConfig());
@@ -1061,6 +1083,7 @@ public class ServiceComponentHostTest {
     sch1.setRestartRequired(false);
     sch2.setRestartRequired(false);
     sch3.setRestartRequired(false);
+    waitToStaleConfigsCacheClear();
     Assert.assertTrue(sch1.convertToResponse(null).isStaleConfig());
     Assert.assertTrue(sch2.convertToResponse(null).isStaleConfig());
     Assert.assertFalse(sch3.convertToResponse(null).isStaleConfig());
@@ -1073,6 +1096,7 @@ public class ServiceComponentHostTest {
     sch1.setRestartRequired(false);
     sch2.setRestartRequired(false);
     sch3.setRestartRequired(false);
+    waitToStaleConfigsCacheClear();
     Assert.assertTrue(sch1.convertToResponse(null).isStaleConfig());
     Assert.assertTrue(sch2.convertToResponse(null).isStaleConfig());
     Assert.assertFalse(sch3.convertToResponse(null).isStaleConfig());
@@ -1188,4 +1212,20 @@ public class ServiceComponentHostTest {
       }
     }
   }
+
+  /*
+  Stale configs cache invalidating in separate thread, so sometimes it can not be cleared
in time before check.
+  So it is needed to wait until thread with cache invalidating complete his work.
+   */
+  private void waitToStaleConfigsCacheClear() throws NoSuchFieldException, InterruptedException,
IllegalAccessException, NoSuchMethodException, InvocationTargetException {
+    Field f = ConfigHelper.class.getDeclaredField("cacheInvalidationExecutor");
+    f.setAccessible(true);
+    ExecutorService configHelperExecutor = (ExecutorService) f.get(configHelper);
+    configHelperExecutor.shutdown();
+    configHelperExecutor.awaitTermination(10, TimeUnit.SECONDS);
+
+    Method m = ConfigHelper.class.getDeclaredMethod("createCacheInvalidationExecutor");
+    m.setAccessible(true);
+    f.set(configHelper, m.invoke(configHelper));
+  }
 }


Mime
View raw message