geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kl...@apache.org
Subject [19/63] [abbrv] incubator-geode git commit: GEODE-1258: Added tests for WAN authentication.
Date Wed, 04 May 2016 22:57:19 GMT
GEODE-1258: Added tests for WAN authentication.

* Created tests for checking WAN authentication using valid and invalid credentials.

This closes #131


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/6b4cdb1c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/6b4cdb1c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/6b4cdb1c

Branch: refs/heads/feature/GEODE-1276
Commit: 6b4cdb1c46cd5c72a074fb908c9ed791e7219677
Parents: 46535f2
Author: nabarun <nnag@pivotal.io>
Authored: Tue Apr 19 14:15:10 2016 -0700
Committer: Dan Smith <upthewaterspout@apache.org>
Committed: Wed Apr 27 15:57:50 2016 -0700

----------------------------------------------------------------------
 .../gemfire/internal/cache/wan/WANTestBase.java |  17 +
 .../wan/misc/NewWanAuthenticationDUnitTest.java | 309 +++++++++++++++++++
 2 files changed, 326 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/6b4cdb1c/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/WANTestBase.java
----------------------------------------------------------------------
diff --git a/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/WANTestBase.java
b/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/WANTestBase.java
index 39154b2..09ec3e1 100644
--- a/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/WANTestBase.java
+++ b/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/WANTestBase.java
@@ -356,6 +356,23 @@ public class WANTestBase extends DistributedTestCase{
     return port;
   }
 
+  public static int createReceiverInSecuredCache() {
+    GatewayReceiverFactory fact = WANTestBase.cache.createGatewayReceiverFactory();
+    int port = AvailablePortHelper.getRandomAvailablePortForDUnitSite();
+    fact.setStartPort(port);
+    fact.setEndPort(port);
+    fact.setManualStart(true);
+    GatewayReceiver receiver = fact.create();
+    try {
+      receiver.start();
+    }
+    catch (IOException e) {
+      e.printStackTrace();
+      com.gemstone.gemfire.test.dunit.Assert.fail("Failed to start GatewayRecevier on port
" + port, e);
+    }
+    return port;
+  }
+
   public static void createReplicatedRegion(String regionName, String senderIds, Boolean
offHeap){
     IgnoredException exp = IgnoredException.addIgnoredException(ForceReattemptException.class
         .getName());

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/6b4cdb1c/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/misc/NewWanAuthenticationDUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/misc/NewWanAuthenticationDUnitTest.java
b/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/misc/NewWanAuthenticationDUnitTest.java
new file mode 100644
index 0000000..f0303b9
--- /dev/null
+++ b/geode-wan/src/test/java/com/gemstone/gemfire/internal/cache/wan/misc/NewWanAuthenticationDUnitTest.java
@@ -0,0 +1,309 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.gemstone.gemfire.internal.cache.wan.misc;
+
+import java.util.Properties;
+
+import com.gemstone.gemfire.internal.logging.LogService;
+import com.gemstone.gemfire.security.AuthInitialize;
+import com.gemstone.gemfire.security.AuthenticationFailedException;
+import com.gemstone.gemfire.security.SecurityTestUtils;
+import com.gemstone.gemfire.security.generator.CredentialGenerator;
+
+import com.gemstone.gemfire.cache.CacheFactory;
+import com.gemstone.gemfire.distributed.DistributedMember;
+import com.gemstone.gemfire.distributed.DistributedSystem;
+import com.gemstone.gemfire.distributed.internal.DistributionConfig;
+import com.gemstone.gemfire.internal.Assert;
+import com.gemstone.gemfire.internal.cache.wan.WANTestBase;
+
+import com.gemstone.gemfire.security.generator.DummyCredentialGenerator;
+import com.gemstone.gemfire.security.templates.UserPasswordAuthInit;
+
+import org.apache.logging.log4j.Logger;
+
+public class NewWanAuthenticationDUnitTest extends WANTestBase {
+
+  private static final long serialVersionUID = 1L;
+
+  public static final Logger logger = LogService.getLogger();
+
+  public NewWanAuthenticationDUnitTest(String name) {
+    super(name);
+  }
+
+  /**
+   * Authentication test for new WAN with valid credentials. Although, nothing
+   * related to authentication has been changed in new WAN, this test case is
+   * added on request from QA for defect 44650.
+   */
+  public void testWanAuthValidCredentials() {
+    Integer lnPort = (Integer)vm0.invoke(() -> WANTestBase.createFirstLocatorWithDSId(
1 ));
+    logger.info("Created locator on local site");
+
+    Integer nyPort = (Integer)vm1.invoke(() -> WANTestBase.createFirstRemoteLocator( 2,
lnPort ));
+    logger.info("Created locator on remote site");
+
+
+    CredentialGenerator gen = new DummyCredentialGenerator();
+    Properties extraProps = gen.getSystemProperties();
+
+    String clientauthenticator = gen.getAuthenticator();
+    String clientauthInit = gen.getAuthInit();
+
+    Properties credentials1 = gen.getValidCredentials(1);
+    if (extraProps != null) {
+      credentials1.putAll(extraProps);
+    }
+    Properties javaProps1 = gen.getJavaProperties();
+
+    Properties credentials2 = gen.getValidCredentials(2);
+    if (extraProps != null) {
+      credentials2.putAll(extraProps);
+    }
+    Properties javaProps2 = gen.getJavaProperties();
+
+    Properties props1 = buildProperties(clientauthenticator, clientauthInit,
+      null, credentials1, null);
+    Properties props2 = buildProperties(clientauthenticator, clientauthInit,
+      null, credentials2, null);
+
+    vm2.invoke(() -> NewWanAuthenticationDUnitTest.createSecuredCache(
+      props1, javaProps1, lnPort ));
+    logger.info("Created secured cache in vm2");
+
+    vm3.invoke(() -> NewWanAuthenticationDUnitTest.createSecuredCache(
+      props2, javaProps2, nyPort ));
+    logger.info("Created secured cache in vm3");
+
+    vm2.invoke(() -> WANTestBase.createSender( "ln", 2,
+      false, 100, 10, false, false, null, true ));
+    logger.info("Created sender in vm2");
+
+    vm3.invoke(() -> createReceiverInSecuredCache());
+    logger.info("Created receiver in vm3");
+
+    vm2.invoke(() -> WANTestBase.createReplicatedRegion(
+      getTestMethodName() + "_RR", "ln", isOffHeap()  ));
+    logger.info("Created RR in vm2");
+    vm3.invoke(() -> WANTestBase.createReplicatedRegion(
+      getTestMethodName() + "_RR", null, isOffHeap()  ));
+    logger.info("Created RR in vm3");
+
+    vm2.invoke(() -> WANTestBase.startSender( "ln" ));
+    vm2.invoke(() -> WANTestBase.waitForSenderRunningState( "ln" ));
+    logger.info("Done successfully.");
+
+  }
+
+  /**
+   * Test authentication with new WAN with invalid credentials. Although,
+   * nothing related to authentication has been changed in new WAN, this test
+   * case is added on request from QA for defect 44650.
+   */
+  public void testWanAuthInvalidCredentials() {
+    Integer lnPort = (Integer)vm0.invoke(() -> WANTestBase.createFirstLocatorWithDSId(
1 ));
+    logger.info("Created locator on local site");
+
+    Integer nyPort = (Integer)vm1.invoke(() -> WANTestBase.createFirstRemoteLocator( 2,
lnPort ));
+    logger.info("Created locator on remote site");
+
+
+    CredentialGenerator gen = new DummyCredentialGenerator();
+    logger.info("Picked up credential: " + gen);
+
+    Properties extraProps = gen.getSystemProperties();
+
+    String clientauthenticator = gen.getAuthenticator();
+    String clientauthInit = gen.getAuthInit();
+
+    Properties credentials1 = gen.getInvalidCredentials(1);
+    if (extraProps != null) {
+      credentials1.putAll(extraProps);
+    }
+    Properties javaProps1 = gen.getJavaProperties();
+    Properties credentials2 = gen.getInvalidCredentials(2);
+    if (extraProps != null) {
+      credentials2.putAll(extraProps);
+    }
+    Properties javaProps2 = gen.getJavaProperties();
+
+    Properties props1 = buildProperties(clientauthenticator, clientauthInit,
+      null, credentials1, null);
+    Properties props2 = buildProperties(clientauthenticator, clientauthInit,
+      null, credentials2, null);
+
+    logger.info("Done building auth properties");
+
+    vm2.invoke(() -> NewWanAuthenticationDUnitTest.createSecuredCache(
+      props1, javaProps1, lnPort ));
+    logger.info("Created secured cache in vm2");
+
+    vm3.invoke(() -> NewWanAuthenticationDUnitTest.createSecuredCache(
+      props2, javaProps2, nyPort ));
+    logger.info("Created secured cache in vm3");
+
+    vm2.invoke(() -> WANTestBase.createSender( "ln", 2,
+      false, 100, 10, false, false, null, true ));
+    logger.info("Created sender in vm2");
+
+    vm3.invoke(() -> createReceiverInSecuredCache());
+    logger.info("Created receiver in vm3");
+
+    vm2.invoke(() -> WANTestBase.createReplicatedRegion(
+      getTestMethodName() + "_RR", "ln", isOffHeap()  ));
+    logger.info("Created RR in vm2");
+    vm3.invoke(() -> WANTestBase.createReplicatedRegion(
+      getTestMethodName() + "_RR", null, isOffHeap()  ));
+    logger.info("Created RR in vm3");
+
+    try {
+      vm2.invoke(() -> WANTestBase.startSender( "ln" ));
+      fail("Authentication Failed: While starting the sender, an exception should have been
thrown");
+    } catch (Exception e) {
+      if (!(e.getCause().getCause() instanceof AuthenticationFailedException)) {
+        fail("Authentication is not working as expected");
+      }
+    }
+  }
+
+  private static Properties buildProperties(String clientauthenticator,
+                                            String clientAuthInit, String accessor, Properties
extraAuthProps,
+                                            Properties extraAuthzProps) {
+
+    Properties authProps = new Properties();
+    if (clientauthenticator != null) {
+      authProps.setProperty(
+        DistributionConfig.SECURITY_CLIENT_AUTHENTICATOR_NAME,
+        clientauthenticator);
+    }
+    if (accessor != null) {
+      authProps.setProperty(DistributionConfig.SECURITY_CLIENT_ACCESSOR_NAME,
+        accessor);
+    }
+    if (clientAuthInit != null) {
+      authProps.setProperty(DistributionConfig.SECURITY_CLIENT_AUTH_INIT_NAME,
+        clientAuthInit);
+    }
+    if (extraAuthProps != null) {
+      authProps.putAll(extraAuthProps);
+    }
+    if (extraAuthzProps != null) {
+      authProps.putAll(extraAuthzProps);
+    }
+    return authProps;
+  }
+
+  public static void createSecuredCache(Properties authProps, Object javaProps, Integer locPort)
{
+    authProps.setProperty(DistributionConfig.MCAST_PORT_NAME, "0");
+    authProps.setProperty(DistributionConfig.LOCATORS_NAME, "localhost[" + locPort + "]");
+
+    logger.info("Set the server properties to: " + authProps);
+    logger.info("Set the java properties to: " + javaProps);
+
+    SecurityTestUtils tmpInstance = new SecurityTestUtils("temp");
+    DistributedSystem ds = tmpInstance.createSystem(authProps, (Properties)javaProps);
+    assertNotNull(ds);
+    assertTrue(ds.isConnected());
+    cache = CacheFactory.create(ds);
+    assertNotNull(cache);
+  }
+
+  public static boolean isDifferentServerInGetCredentialCall = false;
+  public static class UserPasswdAI extends UserPasswordAuthInit {
+    public static AuthInitialize createAI() {
+      return new UserPasswdAI();
+    }
+    @Override
+    public Properties getCredentials(Properties props,
+                                     DistributedMember server, boolean isPeer)
+      throws AuthenticationFailedException {
+      boolean val = ( CacheFactory.getAnyInstance().getDistributedSystem().getDistributedMember().getProcessId()
!= server.getProcessId());
+      Assert.assertTrue(val, "getCredentials: Server should be different");
+      Properties p = super.getCredentials(props, server, isPeer);
+      if(val) {
+        isDifferentServerInGetCredentialCall = true;
+        CacheFactory.getAnyInstance().getLoggerI18n().convertToLogWriter().config("setting
 isDifferentServerInGetCredentialCall " + isDifferentServerInGetCredentialCall);
+      } else {
+        CacheFactory.getAnyInstance().getLoggerI18n().convertToLogWriter().config("setting22
 isDifferentServerInGetCredentialCall " + isDifferentServerInGetCredentialCall);
+      }
+      return p;
+    }
+  }
+
+  public static void verifyDifferentServerInGetCredentialCall(){
+    Assert.assertTrue(isDifferentServerInGetCredentialCall, "verifyDifferentServerInGetCredentialCall:
Server should be different");
+    isDifferentServerInGetCredentialCall = false;
+  }
+
+  public void testWanAuthValidCredentialsWithServer() {
+    disconnectAllFromDS();
+    {
+      Integer lnPort = (Integer)vm0.invoke(() -> WANTestBase.createFirstLocatorWithDSId(
1 ));
+      logger.info("Created locator on local site");
+
+      Integer nyPort = (Integer)vm1.invoke(() -> WANTestBase.createFirstRemoteLocator(
2, lnPort ));
+      logger.info("Created locator on remote site");
+
+      DummyCredentialGenerator gen = new DummyCredentialGenerator();
+      gen.init();
+      Properties extraProps = gen.getSystemProperties();
+
+      String clientauthenticator = gen.getAuthenticator();
+      String clientauthInit = UserPasswdAI.class.getName() + ".createAI";
+
+      Properties credentials1 = gen.getValidCredentials(1);
+      if (extraProps != null) {
+        credentials1.putAll(extraProps);
+      }
+      Properties javaProps1 = gen.getJavaProperties();
+
+      Properties credentials2 = gen.getValidCredentials(2);
+      if (extraProps != null) {
+        credentials2.putAll(extraProps);
+      }
+      Properties javaProps2 = gen.getJavaProperties();
+
+      Properties props1 = buildProperties(clientauthenticator, clientauthInit,
+        null, credentials1, null);
+      Properties props2 = buildProperties(clientauthenticator, clientauthInit,
+        null, credentials2, null);
+
+      vm2.invoke(() -> NewWanAuthenticationDUnitTest.createSecuredCache(
+        props1, javaProps1, lnPort ));
+      logger.info("Created secured cache in vm2");
+
+      vm3.invoke(() -> NewWanAuthenticationDUnitTest.createSecuredCache(
+        props2, javaProps2, nyPort ));
+      logger.info("Created secured cache in vm3");
+
+      vm2.invoke(() -> WANTestBase.createSender( "ln", 2,
+        false, 100, 10, false, false, null, true ));
+      logger.info("Created sender in vm2");
+
+      vm3.invoke(() -> createReceiverInSecuredCache());
+      logger.info("Created receiver in vm3");
+
+      vm2.invoke(() -> WANTestBase.startSender( "ln" ));
+      vm2.invoke(() -> WANTestBase.waitForSenderRunningState( "ln" ));
+
+      vm2.invoke(() -> verifyDifferentServerInGetCredentialCall());
+      vm3.invoke(() -> verifyDifferentServerInGetCredentialCall());
+
+    }
+  }
+}


Mime
View raw message