geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jinmeil...@apache.org
Subject incubator-geode git commit: GEODE-17: refactor JSONAuthorization, MBeanServerConnectionRule and added some tests
Date Wed, 09 Mar 2016 19:33:04 GMT
Repository: incubator-geode
Updated Branches:
  refs/heads/feature/GEODE-17-2 dc7d73e71 -> 8ab9c82c7


GEODE-17: refactor JSONAuthorization, MBeanServerConnectionRule and added some tests


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/8ab9c82c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/8ab9c82c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/8ab9c82c

Branch: refs/heads/feature/GEODE-17-2
Commit: 8ab9c82c7b45f14fb96bc3795fb397fdeb888069
Parents: dc7d73e
Author: Jinmei Liao <jiliao@pivotal.io>
Authored: Wed Mar 9 11:32:31 2016 -0800
Committer: Jinmei Liao <jiliao@pivotal.io>
Committed: Wed Mar 9 11:32:31 2016 -0800

----------------------------------------------------------------------
 .../internal/security/MBeanServerWrapper.java   |  8 +-
 ...rDistributedSystemMXBeanIntegrationTest.java | 18 ++--
 .../CacheServerMBeanSecurityJUnitTest.java      | 37 ++++++--
 .../security/JMXConnectionConfiguration.java    |  2 +-
 .../internal/security/JSONAuthorization.java    | 62 ++++---------
 .../security/MBeanServerConnectionRule.java     | 92 ++++++++++++++++++++
 .../internal/security/MXBeanCreationRule.java   | 91 -------------------
 .../internal/security/cacheServer.json          | 18 +++-
 8 files changed, 169 insertions(+), 159 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/8ab9c82c/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
index 6c25102..fd1750d 100644
--- a/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
+++ b/geode-core/src/main/java/com/gemstone/gemfire/management/internal/security/MBeanServerWrapper.java
@@ -16,10 +16,6 @@
  */
 package com.gemstone.gemfire.management.internal.security;
 
-import java.io.ObjectInputStream;
-import java.util.HashSet;
-import java.util.Set;
-
 import javax.management.Attribute;
 import javax.management.AttributeList;
 import javax.management.AttributeNotFoundException;
@@ -42,6 +38,10 @@ import javax.management.QueryExp;
 import javax.management.ReflectionException;
 import javax.management.loading.ClassLoaderRepository;
 import javax.management.remote.MBeanServerForwarder;
+import java.io.ObjectInputStream;
+import java.util.HashSet;
+import java.util.Set;
+
 import static com.gemstone.gemfire.management.internal.security.ResourceConstants.*;
 
 /**

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/8ab9c82c/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForDistributedSystemMXBeanIntegrationTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForDistributedSystemMXBeanIntegrationTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForDistributedSystemMXBeanIntegrationTest.java
index 4ae0107..72ca7a7 100755
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForDistributedSystemMXBeanIntegrationTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/AuthorizeOperationForDistributedSystemMXBeanIntegrationTest.java
@@ -16,16 +16,14 @@
  */
 package com.gemstone.gemfire.management.internal.security;
 
-import static org.junit.Assert.*;
-
-import javax.management.remote.JMXPrincipal;
-
+import com.gemstone.gemfire.management.internal.MBeanJMXAdapter;
+import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
 
-import com.gemstone.gemfire.management.internal.MBeanJMXAdapter;
-import com.gemstone.gemfire.test.junit.categories.IntegrationTest;
-import com.gemstone.gemfire.util.test.TestUtil;
+import javax.management.remote.JMXPrincipal;
+
+import static org.junit.Assert.assertFalse;
 
 /**
  * Tests <code>JSONAuthorization.authorizeOperation(...)</code> for <code>DistributedSystemMXBean</code>
operations.
@@ -34,9 +32,9 @@ import com.gemstone.gemfire.util.test.TestUtil;
 public class AuthorizeOperationForDistributedSystemMXBeanIntegrationTest {
 
   @Test
-  public void returnsFalseForUnauthorizedUser() throws Exception {    
-    System.setProperty("resource.secDescriptor", TestUtil.getResourcePath(getClass(), "auth1.json"));

-    JSONAuthorization authorization = JSONAuthorization.create();        
+  public void returnsFalseForUnauthorizedUser() throws Exception {
+    JSONAuthorization.setUpWithJsonFile("auth1.json");
+    JSONAuthorization authorization = JSONAuthorization.create();
     authorization.init(new JMXPrincipal("tushark"), null, null);
     
     JMXOperationContext context = new JMXOperationContext(MBeanJMXAdapter.getDistributedSystemName(),
"queryData");

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/8ab9c82c/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanSecurityJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanSecurityJUnitTest.java
b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanSecurityJUnitTest.java
index ee388e1..ec47a09 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanSecurityJUnitTest.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/CacheServerMBeanSecurityJUnitTest.java
@@ -21,7 +21,6 @@ import com.gemstone.gemfire.cache.CacheFactory;
 import com.gemstone.gemfire.distributed.internal.DistributionConfig;
 import com.gemstone.gemfire.internal.AvailablePort;
 import com.gemstone.gemfire.management.CacheServerMXBean;
-import com.gemstone.gemfire.util.test.TestUtil;
 import org.junit.AfterClass;
 import org.junit.Before;
 import org.junit.BeforeClass;
@@ -30,6 +29,7 @@ import org.junit.Rule;
 import org.junit.Test;
 import org.junit.contrib.java.lang.system.RestoreSystemProperties;
 
+import javax.management.ObjectName;
 import java.util.Properties;
 
 import static org.assertj.core.api.Assertions.assertThat;
@@ -43,16 +43,13 @@ public class CacheServerMBeanSecurityJUnitTest {
   private CacheServerMXBean cacheServerMXBean;
 
   @Rule
-  public MXBeanCreationRule<CacheServerMXBean> mxRule = new MXBeanCreationRule(jmxManagerPort,
CacheServerMXBean.class, "GemFire:service=CacheServer,*");
+  public MBeanServerConnectionRule<CacheServerMXBean> mxRule = new MBeanServerConnectionRule(jmxManagerPort);
 
   @ClassRule
   public static RestoreSystemProperties restoreSystemProperties = new RestoreSystemProperties();
 
   @BeforeClass
   public static void beforeClassSetUp() throws Exception {
-    System.setProperty(ResourceConstants.RESOURCE_SEC_DESCRIPTOR,
-        TestUtil.getResourcePath(CacheServerMBeanSecurityJUnitTest.class, "cacheServer.json"));
-
     Properties properties = new Properties();
     properties.put(DistributionConfig.NAME_NAME, CacheServerMBeanSecurityJUnitTest.class.getSimpleName());
     properties.put(DistributionConfig.LOCATORS_NAME, "");
@@ -64,6 +61,7 @@ public class CacheServerMBeanSecurityJUnitTest {
     properties.put(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME, JSONAuthorization.class.getName()
+ ".create");
     properties.put(DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME,
         JSONAuthorization.class.getName() + ".create");
+    JSONAuthorization.setUpWithJsonFile("cacheServer.json");
 
     cache = new CacheFactory(properties).create();
     cache.addCacheServer().start();
@@ -72,7 +70,7 @@ public class CacheServerMBeanSecurityJUnitTest {
   @Before
   public void setUp() throws Exception {
     assertThat(cache.getCacheServers()).hasSize(1);
-    cacheServerMXBean = mxRule.getProxyMBean();
+    cacheServerMXBean = mxRule.getProxyMBean(CacheServerMXBean.class, "GemFire:service=CacheServer,*");
   }
 
   @AfterClass
@@ -81,11 +79,38 @@ public class CacheServerMBeanSecurityJUnitTest {
     cache = null;
   }
 
+
+
+  /**
+   * No user can call createBean or unregisterBean
+   */
+  @Test
+  @JMXConnectionConfiguration(user = "superuser", password = "1234567")
+  public void testNoAccessWithWhoever() throws Exception{
+    assertThatThrownBy(
+        () -> mxRule.getMBeanServerConnection().createMBean("FakeClassName", new ObjectName("GemFire",
"name", "foo"))
+    ).isInstanceOf(SecurityException.class);
+
+    assertThatThrownBy(
+        () -> mxRule.getMBeanServerConnection().unregisterMBean(new ObjectName("GemFire",
"name", "foo"))
+    ).isInstanceOf(SecurityException.class);
+  }
+
+
   @Test
   @JMXConnectionConfiguration(user = "superuser", password = "1234567")
   public void testAllAccess() throws Exception {
     cacheServerMXBean.removeIndex("foo");
     cacheServerMXBean.executeContinuousQuery("bar");
+    cacheServerMXBean.fetchLoadProbe();
+  }
+
+  @Test
+  @JMXConnectionConfiguration(user = "user", password = "1234567")
+  public void testSomeAccess() throws Exception {
+    assertThatThrownBy(() -> cacheServerMXBean.removeIndex("foo")).isInstanceOf(SecurityException.class);
+    assertThatThrownBy(() -> cacheServerMXBean.executeContinuousQuery("bar")).isInstanceOf(SecurityException.class);
+    cacheServerMXBean.fetchLoadProbe();
   }
 
   @Test

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/8ab9c82c/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JMXConnectionConfiguration.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JMXConnectionConfiguration.java
b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JMXConnectionConfiguration.java
index fbc9aa8..d61a7c5 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JMXConnectionConfiguration.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JMXConnectionConfiguration.java
@@ -22,7 +22,7 @@ import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;
 
 /**
- * This annotation is intended to be used with {@link MXBeanCreationRule} in order to configure
a per-test JMX
+ * This annotation is intended to be used with {@link MBeanServerConnectionRule} in order
to configure a per-test JMX
  * connection with a specific user and password.
  */
 @Retention(RetentionPolicy.RUNTIME)

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/8ab9c82c/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
index c1b26a1..8714429 100644
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/JSONAuthorization.java
@@ -16,7 +16,6 @@
  */
 package com.gemstone.gemfire.management.internal.security;
 
-import com.gemstone.gemfire.GemFireConfigException;
 import com.gemstone.gemfire.LogWriter;
 import com.gemstone.gemfire.cache.Cache;
 import com.gemstone.gemfire.cache.operations.OperationContext;
@@ -61,29 +60,33 @@ public class JSONAuthorization implements AccessControl, Authenticator
{
 	private static Map<String,User> acl = null;
 
 	public static JSONAuthorization create() throws IOException, JSONException {
-	  if(acl==null){
-	    readSecurityDescriptor(readDefault());
-	  }
 	  return new JSONAuthorization();
 	}
 
   public JSONAuthorization() {
-    if (acl == null) {
-      try {
-        readSecurityDescriptor(readDefault());
-      } catch (IOException e) {
-        throw new GemFireConfigException("Error creating JSONAuth", e);
-      } catch (JSONException e) {
-        throw new GemFireConfigException("Error creating JSONAuth", e);
-      }
-    }
   }
 
+	public JSONAuthorization(String jsonFileName) throws IOException, JSONException{
+		setUpWithJsonFile(jsonFileName);
+	}
+
+	public static void setUpWithJsonFile(String jsonFileName) throws IOException, JSONException
{
+		String json = readFile(TestUtil.getResourcePath(JSONAuthorization.class, jsonFileName));
+		readSecurityDescriptor(json);
+	}
+
+	private static void readSecurityDescriptor(String json) throws IOException, JSONException
{
+		JSONObject jsonBean = new JSONObject(json);
+		acl = new HashMap<String,User>();
+		Map<String,Role> roleMap = readRoles(jsonBean);
+		readUsers(acl,jsonBean,roleMap);
+	}
+
 	public static Set<ResourceOperationCode> getAuthorizedOps(User user, ResourceOperationContext
context) {
     Set<ResourceOperationCode> codeList = new HashSet<ResourceOperationCode>();
     for(Role role : user.roles) {
       for (String perm : role.permissions) {
-        ResourceOperationCode code = ResourceOperationCode.parse(perm);
+				ResourceOperationCode code = ResourceOperationCode.parse(perm);
         if (role.regionName == null && role.serverGroup == null) {
           addPermissions(code, codeList);
         } else if (role.regionName != null) {
@@ -109,38 +112,9 @@ public class JSONAuthorization implements AccessControl, Authenticator
{
     if (code == null) {
       return;
     }
-
     codeList.add(code);
-    if (code.getChildren() != null) {
-      for (ResourceOperationCode c : code.getChildren()) {
-        codeList.add(c);
-      }
-    }
   }
 
-  private static String readDefault() throws IOException, JSONException {
-	  String str = System.getProperty(ResourceConstants.RESOURCE_SEC_DESCRIPTOR, ResourceConstants.RESORUCE_DEFAULT_SEC_DESCRIPTOR);
-		File file = new File(str);
-		FileReader reader = new FileReader(file);
-		char[] buffer = new char[(int) file.length()];
-		reader.read(buffer);
-		String json = new String(buffer);
-		reader.close();
-		return json;
-	}
-
-	public JSONAuthorization(String jsonFileName) throws IOException, JSONException{
-    String json = readFile(TestUtil.getResourcePath(getClass(), jsonFileName));
-		readSecurityDescriptor(json);
-	}
-
-	private static void readSecurityDescriptor(String json) throws IOException, JSONException
{
-		JSONObject jsonBean = new JSONObject(json);
-		acl = new HashMap<String,User>();
-		Map<String,Role> roleMap = readRoles(jsonBean);
-		readUsers(acl,jsonBean,roleMap);
-	}
-
 	private static void readUsers(Map<String, User> acl, JSONObject jsonBean,
 			Map<String, Role> roleMap) throws JSONException {
 		JSONArray array = jsonBean.getJSONArray("users");
@@ -306,7 +280,7 @@ public class JSONAuthorization implements AccessControl, Authenticator
{
 
   }
 
-  private String readFile(String name) throws IOException, JSONException {
+  private static String readFile(String name) throws IOException, JSONException {
     File file = new File(name);
     FileReader reader = new FileReader(file);
     char[] buffer = new char[(int) file.length()];

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/8ab9c82c/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MBeanServerConnectionRule.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MBeanServerConnectionRule.java
b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MBeanServerConnectionRule.java
new file mode 100644
index 0000000..bb5feed
--- /dev/null
+++ b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MBeanServerConnectionRule.java
@@ -0,0 +1,92 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.management.internal.security;
+
+import com.gemstone.gemfire.test.junit.rules.DescribedExternalResource;
+import org.junit.runner.Description;
+
+import javax.management.JMX;
+import javax.management.MBeanServerConnection;
+import javax.management.MalformedObjectNameException;
+import javax.management.ObjectInstance;
+import javax.management.ObjectName;
+import javax.management.remote.JMXConnector;
+import javax.management.remote.JMXConnectorFactory;
+import javax.management.remote.JMXServiceURL;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Class which eases the creation of MBeans for security testing. When combined with {@link
JMXConnectionConfiguration}
+ * it allows for the creation of per-test connections with different user/password combinations.
+ *
+ * @param <T> The type of MBean which will be returned.
+ */
+public class MBeanServerConnectionRule<T> extends DescribedExternalResource {
+
+  private final int jmxServerPort;
+  private JMXConnector jmxConnector;
+  private MBeanServerConnection mbeanServer;
+
+
+  /**
+   * Rule constructor
+   * @param port The JMX server port to connect to
+   */
+  public MBeanServerConnectionRule(int port) {
+    this.jmxServerPort = port;
+  }
+
+  /**
+   * Retrieve a new proxy MBean
+   * @return A new proxy MBean of the same type with which the class was constructed
+   */
+  public T getProxyMBean(Class<T> proxyClass, String beanName) throws MalformedObjectNameException,
IOException {
+    ObjectInstance bean = (ObjectInstance) mbeanServer.queryMBeans(ObjectName.getInstance(beanName),
null).toArray()[0];
+    return JMX.newMXBeanProxy(mbeanServer, bean.getObjectName(), proxyClass);
+  }
+
+
+  public MBeanServerConnection getMBeanServerConnection() throws IOException {
+    return jmxConnector.getMBeanServerConnection();
+  }
+
+  protected void before(Description description) throws Throwable {
+    JMXConnectionConfiguration config = description.getAnnotation(JMXConnectionConfiguration.class);
+    Map<String, String[]> env = new HashMap<>();
+    if(config!=null) {
+      String user = config.user();
+      String password = config.password();
+      env.put(JMXConnector.CREDENTIALS, new String[] { user, password });
+    }
+    JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://:" + jmxServerPort
+ "/jmxrmi");
+
+    jmxConnector = JMXConnectorFactory.connect(url, env);
+    mbeanServer = jmxConnector.getMBeanServerConnection();
+  }
+
+  /**
+   * Override to tear down your specific external resource.
+   */
+  protected void after(Description description) throws Throwable {
+    jmxConnector.close();
+    jmxConnector = null;
+    mbeanServer = null;
+  }
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/8ab9c82c/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MXBeanCreationRule.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MXBeanCreationRule.java
b/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MXBeanCreationRule.java
deleted file mode 100644
index 03dcf9b..0000000
--- a/geode-core/src/test/java/com/gemstone/gemfire/management/internal/security/MXBeanCreationRule.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package com.gemstone.gemfire.management.internal.security;
-
-import com.gemstone.gemfire.test.junit.rules.DescribedExternalResource;
-import org.junit.runner.Description;
-
-import javax.management.JMX;
-import javax.management.MBeanServerConnection;
-import javax.management.ObjectInstance;
-import javax.management.ObjectName;
-import javax.management.remote.JMXConnector;
-import javax.management.remote.JMXConnectorFactory;
-import javax.management.remote.JMXServiceURL;
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * Class which eases the creation of MBeans for security testing. When combined with {@link
JMXConnectionConfiguration}
- * it allows for the creation of per-test connections with different user/password combinations.
- *
- * @param <T> The type of MBean which will be returned.
- */
-public class MXBeanCreationRule<T> extends DescribedExternalResource {
-
-  private final int jmxServerPort;
-  private final Class<T> proxyClass;
-  private final String objectName;
-  private JMXConnector jmxConnector;
-  private ObjectName beanObjectName;
-  private MBeanServerConnection mbeanServer;
-
-
-  /**
-   * Rule constructor
-   * @param port The JMX server port to connect to
-   * @param proxyClass The class for which a proxy MBean will be created
-   */
-  public MXBeanCreationRule(int port, Class<T> proxyClass, String objectName) {
-    this.jmxServerPort = port;
-    this.proxyClass = proxyClass;
-    this.objectName = objectName;
-  }
-
-  /**
-   * Retrieve a new proxy MBean
-   * @return A new proxy MBean of the same type with which the class was constructed
-   */
-  public T getProxyMBean() {
-    return JMX.newMBeanProxy(mbeanServer, beanObjectName, proxyClass);
-  }
-
-  protected void before(Description description) throws Throwable {
-    String user = description.getAnnotation(JMXConnectionConfiguration.class).user();
-    String password = description.getAnnotation(JMXConnectionConfiguration.class).password();
-    Map<String, String[]> env = new HashMap<>();
-    env.put(JMXConnector.CREDENTIALS, new String[] {user, password});
-    JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://:" + jmxServerPort
+ "/jmxrmi");
-
-    jmxConnector = JMXConnectorFactory.connect(url, env);
-    mbeanServer = jmxConnector.getMBeanServerConnection();
-
-    ObjectInstance bean = (ObjectInstance) mbeanServer.queryMBeans(ObjectName.getInstance(objectName),
null).toArray()[0];
-    beanObjectName = bean.getObjectName();
-  }
-
-  /**
-   * Override to tear down your specific external resource.
-   */
-  protected void after(Description description) throws Throwable {
-    jmxConnector.close();
-    jmxConnector = null;
-    mbeanServer = null;
-    beanObjectName = null;
-  }
-
-}

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/8ab9c82c/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
index 37295d5..7de666c 100644
--- a/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
+++ b/geode-core/src/test/resources/com/gemstone/gemfire/management/internal/security/cacheServer.json
@@ -3,7 +3,7 @@
     {
       "name": "everything",
       "operationsAllowed": [
-        "INDEX:DESTROY",
+        "LIST_DS",
         "DESTROY_INDEX",
         "LOCATE_ENTRY",
         "QUERY"
@@ -12,8 +12,13 @@
     {
       "name": "nothing",
       "operationsAllowed": [
-      ],
-      "region": "secureRegion"
+      ]
+    },
+    {
+      "name": "something",
+      "operationsAllowed": [
+        "LIST_DS"
+      ]
     }
   ],
   "users": [
@@ -30,6 +35,13 @@
       "roles": [
         "nothing"
       ]
+    },
+    {
+      "name": "user",
+      "password": "1234567",
+      "roles": [
+        "something"
+      ]
     }
   ]
 }


Mime
View raw message