geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dschnei...@apache.org
Subject [04/24] incubator-geode git commit: GEODE-1673: Use security.json as default
Date Tue, 16 Aug 2016 21:33:52 GMT
GEODE-1673: Use security.json as default


Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/332521a6
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/332521a6
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/332521a6

Branch: refs/heads/feature/GEODE-1691
Commit: 332521a6fc34dc2755a70c3a2b67efd38e2649da
Parents: 1a5a6fe
Author: gmeilen <gracemeilen@gmail.com>
Authored: Tue Aug 9 09:47:40 2016 -0700
Committer: Kirk Lund <klund@apache.org>
Committed: Fri Aug 12 15:04:30 2016 -0700

----------------------------------------------------------------------
 .../templates/SampleSecurityManager.java        | 50 ++++----------------
 .../templates/SampleSecurityManagerTest.java    | 28 +++--------
 geode-core/src/test/resources/security.json     | 30 ++++++++++++
 3 files changed, 45 insertions(+), 63 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/332521a6/geode-core/src/main/java/org/apache/geode/security/templates/SampleSecurityManager.java
----------------------------------------------------------------------
diff --git a/geode-core/src/main/java/org/apache/geode/security/templates/SampleSecurityManager.java
b/geode-core/src/main/java/org/apache/geode/security/templates/SampleSecurityManager.java
index 6845647..5948527 100644
--- a/geode-core/src/main/java/org/apache/geode/security/templates/SampleSecurityManager.java
+++ b/geode-core/src/main/java/org/apache/geode/security/templates/SampleSecurityManager.java
@@ -16,8 +16,6 @@
  */
 package org.apache.geode.security.templates;
 
-import java.io.File;
-import java.io.FileInputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.Serializable;
@@ -52,14 +50,9 @@ import com.gemstone.gemfire.security.NotAuthorizedException;
  *
  * <p>{@code security-manager = com.gemstone.gemfire.security.examples.SampleSecurityManager}
  *
- * <p>The class can be initialized with from either a JSON string or a JSON
- * file
- *
- * <p>TODO: example of configuring from in-memory JSON string specified in securityProperties
- *
- * <p>TODO: example of configuring from a JSON file specified in securityProperties<br/>
- * ...called {@code security.json}. This file must exist on the classpath,
- * so members should be started with an appropriate {@code --classpath} option.
+ * <p>The class can be initialized with from a JSON resource called
+ * {@code security.json}. This file must exist on the classpath, so members
+ * should be started with an appropriate {@code --classpath} option.
  *
  * <p>The format of the JSON for configuration is as follows:
  * <pre><code>
@@ -124,26 +117,13 @@ public class SampleSecurityManager implements SecurityManager {
 
   @Override
   public void init(final Properties securityProperties) throws NotAuthorizedException {
-    String jsonPropertyValue = securityProperties.getProperty(SECURITY_JSON);
+    String jsonPropertyValue = securityProperties != null ? securityProperties.getProperty(SECURITY_JSON)
: null;
     if (jsonPropertyValue == null) {
-      throw new AuthenticationFailedException("SampleSecurityManager: property [" + SECURITY_JSON
+ "] must be set.");
-    }
-
-    // 1st try to load value as a json resource
-    boolean initialized = initializeFromJsonResource(jsonPropertyValue);
-
-    // 2nd try to load value as a json file
-    if (!initialized) {
-      initialized = initializeFromJsonFile(new File(jsonPropertyValue));
+      jsonPropertyValue = DEFAULT_JSON_FILE_NAME;
     }
 
-    // 3rd try to use value as a json string
-    if (!initialized) {
-      initialized = initializeFromJson(jsonPropertyValue);
-    }
-
-    if (!initialized) {
-      throw new AuthenticationFailedException("SampleSecurityManager: unable to read json
from \"" + jsonPropertyValue + "\" as specified by [" + SECURITY_JSON + "].");
+    if (!initializeFromJsonResource(jsonPropertyValue)) {
+      throw new AuthenticationFailedException("SampleSecurityManager: unable to find json
resource \"" + jsonPropertyValue + "\" as specified by [" + SECURITY_JSON + "].");
     }
   }
 
@@ -164,7 +144,7 @@ public class SampleSecurityManager implements SecurityManager {
     return user;
   }
 
-  boolean initializeFromJson(final String json) {//throws IOException {
+  boolean initializeFromJson(final String json) {
     try {
       ObjectMapper mapper = new ObjectMapper();
       JsonNode jsonNode = mapper.readTree(json);
@@ -177,19 +157,7 @@ public class SampleSecurityManager implements SecurityManager {
     }
   }
 
-  boolean initializeFromJsonFile(final File jsonFile) {//throws IOException {
-    try {
-      InputStream input = new FileInputStream(jsonFile);
-      if (input != null) {
-        initializeFromJson(readJsonFromInputStream(input));
-        return true;
-      }
-    } catch (IOException ex) {
-    }
-    return false;
-  }
-
-  boolean initializeFromJsonResource(final String jsonResource) {//throws IOException {
+  boolean initializeFromJsonResource(final String jsonResource) {
     try {
       InputStream input = ClassLoader.getSystemResourceAsStream(jsonResource);
       if (input != null) {

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/332521a6/geode-core/src/test/java/org/apache/geode/security/templates/SampleSecurityManagerTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/security/templates/SampleSecurityManagerTest.java
b/geode-core/src/test/java/org/apache/geode/security/templates/SampleSecurityManagerTest.java
index c810cb0..131f382 100644
--- a/geode-core/src/test/java/org/apache/geode/security/templates/SampleSecurityManagerTest.java
+++ b/geode-core/src/test/java/org/apache/geode/security/templates/SampleSecurityManagerTest.java
@@ -65,36 +65,20 @@ public class SampleSecurityManagerTest {
   }
 
   @Test
-  public void shouldInitializeFromJsonString() throws Exception {
-    this.sampleSecurityManager.initializeFromJson(this.json);
+  public void shouldDefaultToSecurityJsonInClasspathIfNullProperties() throws Exception {
+    this.sampleSecurityManager.init(null);
     verifySecurityManagerState();
   }
 
   @Test
-  public void shouldInitializeFromJsonResource() throws Exception {
-    this.sampleSecurityManager.initializeFromJsonResource(this.jsonResource);
-    verifySecurityManagerState();
-  }
-
-  @Test
-  public void shouldInitializeFromJsonFile() throws Exception {
-    this.sampleSecurityManager.initializeFromJsonFile(this.jsonFile);
-    verifySecurityManagerState();
-  }
-
-  @Test
-  public void initShouldUsePropertyAsJsonString() throws Exception {
-    Properties securityProperties = new Properties();
-    securityProperties.setProperty(SampleSecurityManager.SECURITY_JSON, this.json);
-    this.sampleSecurityManager.init(securityProperties);
+  public void shouldDefaultToSecurityJsonInClasspathIfEmptyProperties() throws Exception
{
+    this.sampleSecurityManager.init(new Properties());
     verifySecurityManagerState();
   }
 
   @Test
-  public void initShouldUsePropertyAsJsonFile() throws Exception {
-    Properties securityProperties = new Properties();
-    securityProperties.setProperty(SampleSecurityManager.SECURITY_JSON, this.jsonFile.getAbsolutePath());
-    this.sampleSecurityManager.init(securityProperties);
+  public void shouldInitializeFromJsonResource() throws Exception {
+    this.sampleSecurityManager.initializeFromJsonResource(this.jsonResource);
     verifySecurityManagerState();
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/332521a6/geode-core/src/test/resources/security.json
----------------------------------------------------------------------
diff --git a/geode-core/src/test/resources/security.json b/geode-core/src/test/resources/security.json
new file mode 100644
index 0000000..c1ee9fc
--- /dev/null
+++ b/geode-core/src/test/resources/security.json
@@ -0,0 +1,30 @@
+{
+  "roles": [
+    {
+      "name": "admin",
+      "operationsAllowed": [
+        "CLUSTER:MANAGE",
+        "DATA:MANAGE"
+      ]
+    },
+    {
+      "name": "readRegionA",
+      "operationsAllowed": [
+        "DATA:READ"
+      ],
+      "regions": ["RegionA", "RegionB"]
+    }
+  ],
+  "users": [
+    {
+      "name": "admin",
+      "password": "secret",
+      "roles": ["admin"]
+    },
+    {
+      "name": "guest",
+      "password": "guest",
+      "roles": ["readRegionA"]
+    }
+  ]
+}


Mime
View raw message