ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jonathanhur...@apache.org
Subject [08/25] ambari git commit: AMBARI-21578. testBadCredential UT fails (rlevas)
Date Mon, 31 Jul 2017 14:10:23 GMT
AMBARI-21578. testBadCredential UT fails (rlevas)


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/41a1bc81
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/41a1bc81
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/41a1bc81

Branch: refs/heads/branch-feature-AMBARI-21450
Commit: 41a1bc81b7e05be9d3293cd7cab3076579bcad5c
Parents: fd8f801
Author: Robert Levas <rlevas@hortonworks.com>
Authored: Thu Jul 27 07:29:35 2017 -0400
Committer: Robert Levas <rlevas@hortonworks.com>
Committed: Thu Jul 27 07:29:35 2017 -0400

----------------------------------------------------------------------
 ambari-server/pom.xml                           |   2 +-
 .../pam/PamAuthenticationFactory.java           |  35 +++++
 .../AmbariPamAuthenticationProvider.java        |   5 +-
 .../AmbariPamAuthenticationProviderTest.java    | 147 +++++++++++--------
 4 files changed, 123 insertions(+), 66 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/41a1bc81/ambari-server/pom.xml
----------------------------------------------------------------------
diff --git a/ambari-server/pom.xml b/ambari-server/pom.xml
index b3e1e9f..3ff8218 100644
--- a/ambari-server/pom.xml
+++ b/ambari-server/pom.xml
@@ -1520,7 +1520,7 @@
     <dependency>
       <groupId>net.java.dev.jna</groupId>
       <artifactId>jna</artifactId>
-      <version>4.3.0</version>
+      <version>4.2.2</version>
     </dependency>
     <dependency>
       <groupId>io.dropwizard.metrics</groupId>

http://git-wip-us.apache.org/repos/asf/ambari/blob/41a1bc81/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/pam/PamAuthenticationFactory.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/pam/PamAuthenticationFactory.java
b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/pam/PamAuthenticationFactory.java
new file mode 100644
index 0000000..6f423c1
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authentication/pam/PamAuthenticationFactory.java
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.security.authentication.pam;
+
+import javax.inject.Singleton;
+
+import org.jvnet.libpam.PAM;
+import org.jvnet.libpam.PAMException;
+
+/**
+ * PamAuthenticationFactory returns Pam library instances.
+ */
+@Singleton
+public class PamAuthenticationFactory {
+
+  public PAM createInstance(String pamConfig) throws PAMException {
+    return new PAM(pamConfig);
+  }
+}

http://git-wip-us.apache.org/repos/asf/ambari/blob/41a1bc81/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
index 1626cd8..18bb510 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProvider.java
@@ -29,6 +29,7 @@ import org.apache.ambari.server.orm.entities.GroupEntity;
 import org.apache.ambari.server.orm.entities.MemberEntity;
 import org.apache.ambari.server.orm.entities.UserEntity;
 import org.apache.ambari.server.security.ClientSecurityType;
+import org.apache.ambari.server.security.authentication.pam.PamAuthenticationFactory;
 import org.jvnet.libpam.PAM;
 import org.jvnet.libpam.PAMException;
 import org.jvnet.libpam.UnixUser;
@@ -54,6 +55,8 @@ public class AmbariPamAuthenticationProvider implements AuthenticationProvider
{
   protected UserDAO userDAO;
   @Inject
   protected GroupDAO groupDAO;
+  @Inject
+  private PamAuthenticationFactory pamAuthenticationFactory;
 
   private static Logger LOG = LoggerFactory.getLogger(AmbariPamAuthenticationProvider.class);
 
@@ -85,7 +88,7 @@ public class AmbariPamAuthenticationProvider implements AuthenticationProvider
{
         try{
           //Set PAM configuration file (found under /etc/pam.d)
           String pamConfig = configuration.getPamConfigurationFile();
-          pam = new PAM(pamConfig);
+          pam = pamAuthenticationFactory.createInstance(pamConfig);
 
         } catch(PAMException ex) {
           LOG.error("Unable to Initialize PAM." + ex.getMessage());

http://git-wip-us.apache.org/repos/asf/ambari/blob/41a1bc81/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
index 59a0c7a..9cfd148 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariPamAuthenticationProviderTest.java
@@ -1,4 +1,4 @@
-/**
+/*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
@@ -17,91 +17,120 @@
  */
 package org.apache.ambari.server.security.authorization;
 
-import static org.easymock.EasyMock.createNiceMock;
+import static org.easymock.EasyMock.anyObject;
+import static org.easymock.EasyMock.eq;
 import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.expectLastCall;
 
-import java.util.Arrays;
-import java.util.Collection;
 import java.util.Collections;
-import java.util.HashSet;
 
-import org.apache.ambari.server.H2DatabaseCleaner;
-import org.apache.ambari.server.audit.AuditLoggerModule;
+import javax.persistence.EntityManager;
+
 import org.apache.ambari.server.configuration.Configuration;
-import org.apache.ambari.server.orm.GuiceJpaInitializer;
+import org.apache.ambari.server.hooks.HookContextFactory;
+import org.apache.ambari.server.hooks.HookService;
+import org.apache.ambari.server.orm.DBAccessor;
 import org.apache.ambari.server.orm.dao.UserDAO;
-import org.apache.ambari.server.orm.entities.PrincipalEntity;
-import org.apache.ambari.server.orm.entities.UserEntity;
 import org.apache.ambari.server.security.ClientSecurityType;
-import org.easymock.EasyMock;
-import org.junit.After;
+import org.apache.ambari.server.security.authentication.pam.PamAuthenticationFactory;
+import org.apache.ambari.server.state.stack.OsFamily;
+import org.easymock.EasyMockSupport;
 import org.junit.Before;
 import org.junit.Test;
 import org.jvnet.libpam.PAM;
+import org.jvnet.libpam.PAMException;
 import org.jvnet.libpam.UnixUser;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.crypto.password.StandardPasswordEncoder;
 
+import com.google.inject.AbstractModule;
 import com.google.inject.Guice;
-import com.google.inject.Inject;
 import com.google.inject.Injector;
 
 import junit.framework.Assert;
 
-public class AmbariPamAuthenticationProviderTest {
-
-  private static Injector injector;
-
-  @Inject
-  private AmbariPamAuthenticationProvider authenticationProvider;
-  @Inject
-  PasswordEncoder passwordEncoder;
-  @Inject
-  Configuration configuration;
+public class AmbariPamAuthenticationProviderTest extends EasyMockSupport {
 
   private static final String TEST_USER_NAME = "userName";
   private static final String TEST_USER_PASS = "userPass";
   private static final String TEST_USER_INCORRECT_PASS = "userIncorrectPass";
 
+  private Injector injector;
+
   @Before
-  public void setUp() {
-    injector = Guice.createInjector(new AuditLoggerModule(), new AuthorizationTestModule());
-    injector.injectMembers(this);
-    injector.getInstance(GuiceJpaInitializer.class);
+  public void setup() {
+    injector = Guice.createInjector(new AbstractModule() {
+
+      @Override
+      protected void configure() {
+        bind(EntityManager.class).toInstance(createNiceMock(EntityManager.class));
+        bind(DBAccessor.class).toInstance(createNiceMock(DBAccessor.class));
+        bind(HookContextFactory.class).toInstance(createNiceMock(HookContextFactory.class));
+        bind(HookService.class).toInstance(createNiceMock(HookService.class));
+        bind(OsFamily.class).toInstance(createNiceMock(OsFamily.class));
+        bind(UserDAO.class).toInstance(createNiceMock(UserDAO.class));
+        bind(PamAuthenticationFactory.class).toInstance(createMock(PamAuthenticationFactory.class));
+        bind(PasswordEncoder.class).toInstance(new StandardPasswordEncoder());
+      }
+    });
+
+    Configuration configuration = injector.getInstance(Configuration.class);
     configuration.setClientSecurityType(ClientSecurityType.PAM);
     configuration.setProperty(Configuration.PAM_CONFIGURATION_FILE, "ambari-pam");
   }
 
-  @After
-  public void tearDown() throws Exception {
-    H2DatabaseCleaner.clearDatabaseAndStopPersistenceService(injector);
-  }
-
   @Test(expected = AuthenticationException.class)
   public void testBadCredential() throws Exception {
-    UserEntity userEntity = combineUserEntity();
-    User user = new User(userEntity);
-    Collection<AmbariGrantedAuthority> userAuthorities = Collections.singletonList(createNiceMock(AmbariGrantedAuthority.class));
-    Authentication authentication = new AmbariUserAuthentication("wrong", user, userAuthorities);
+
+    PAM pam = createMock(PAM.class);
+    expect(pam.authenticate(eq(TEST_USER_NAME), eq(TEST_USER_INCORRECT_PASS)))
+        .andThrow(new PAMException())
+        .once();
+    pam.dispose();
+    expectLastCall().once();
+
+    PamAuthenticationFactory pamAuthenticationFactory = injector.getInstance(PamAuthenticationFactory.class);
+    expect(pamAuthenticationFactory.createInstance(anyObject(String.class))).andReturn(pam).once();
+
+    replayAll();
+
+    Authentication authentication = new UsernamePasswordAuthenticationToken(TEST_USER_NAME,
TEST_USER_INCORRECT_PASS);
+
+    AmbariPamAuthenticationProvider authenticationProvider = injector.getInstance(AmbariPamAuthenticationProvider.class);
     authenticationProvider.authenticate(authentication);
+
+    verifyAll();
   }
 
   @Test
   public void testAuthenticate() throws Exception {
-    PAM pam = createNiceMock(PAM.class);
+
     UnixUser unixUser = createNiceMock(UnixUser.class);
-    UserEntity userEntity = combineUserEntity();
-    User user = new User(userEntity);
-    UserDAO userDAO = createNiceMock(UserDAO.class);
-    Collection<AmbariGrantedAuthority> userAuthorities = Collections.singletonList(createNiceMock(AmbariGrantedAuthority.class));
-    expect(pam.authenticate(EasyMock.anyObject(String.class), EasyMock.anyObject(String.class))).andReturn(unixUser).atLeastOnce();
-    expect(unixUser.getGroups()).andReturn(new HashSet<String>(Arrays.asList("group"))).atLeastOnce();
-    EasyMock.replay(unixUser);
-    EasyMock.replay(pam);
-    Authentication authentication = new AmbariUserAuthentication("userPass", user, userAuthorities);
-    Authentication result = authenticationProvider.authenticateViaPam(pam,authentication);
-    expect(userDAO.findUserByName("userName")).andReturn(null).once();
+    expect(unixUser.getGroups()).andReturn(Collections.singleton("group")).atLeastOnce();
+
+    PAM pam = createMock(PAM.class);
+    expect(pam.authenticate(eq(TEST_USER_NAME), eq(TEST_USER_PASS)))
+        .andReturn(unixUser)
+        .once();
+    pam.dispose();
+    expectLastCall().once();
+
+    PamAuthenticationFactory pamAuthenticationFactory = injector.getInstance(PamAuthenticationFactory.class);
+    expect(pamAuthenticationFactory.createInstance(anyObject(String.class))).andReturn(pam).once();
+
+    replayAll();
+
+    Authentication authentication = new UsernamePasswordAuthenticationToken(TEST_USER_NAME,
TEST_USER_PASS);
+
+    AmbariPamAuthenticationProvider authenticationProvider = injector.getInstance(AmbariPamAuthenticationProvider.class);
+
+    Authentication result = authenticationProvider.authenticate(authentication);
+
+    verifyAll();
+
     Assert.assertNotNull(result);
     Assert.assertEquals(true, result.isAuthenticated());
     Assert.assertTrue(result instanceof AmbariUserAuthentication);
@@ -109,24 +138,14 @@ public class AmbariPamAuthenticationProviderTest {
 
   @Test
   public void testDisabled() throws Exception {
-    UserEntity userEntity = combineUserEntity();
-    User user = new User(userEntity);
-    Collection<AmbariGrantedAuthority> userAuthorities = Collections.singletonList(createNiceMock(AmbariGrantedAuthority.class));
+
+    Configuration configuration = injector.getInstance(Configuration.class);
     configuration.setClientSecurityType(ClientSecurityType.LOCAL);
-    Authentication authentication = new AmbariUserAuthentication("userPass", user, userAuthorities);
+
+    Authentication authentication = new UsernamePasswordAuthenticationToken(TEST_USER_NAME,
TEST_USER_PASS);
+
+    AmbariPamAuthenticationProvider authenticationProvider = injector.getInstance(AmbariPamAuthenticationProvider.class);
     Authentication auth = authenticationProvider.authenticate(authentication);
     Assert.assertTrue(auth == null);
   }
-
-  private UserEntity combineUserEntity() {
-    PrincipalEntity principalEntity = new PrincipalEntity();
-    UserEntity userEntity = new UserEntity();
-    userEntity.setUserId(1);
-    userEntity.setUserName(UserName.fromString(TEST_USER_NAME));
-    userEntity.setUserPassword(passwordEncoder.encode(TEST_USER_PASS));
-    userEntity.setUserType(UserType.PAM);
-    userEntity.setPrincipal(principalEntity);
-    return userEntity;
-  }
-
 }


Mime
View raw message