geode-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jensde...@apache.org
Subject [geode] branch develop updated: GEODE-6525: Add a SSL component to StandaloneClientManagementAPIAcceptanceTest (#3302)
Date Mon, 18 Mar 2019 12:57:41 GMT
This is an automated email from the ASF dual-hosted git repository.

jensdeppe pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/geode.git


The following commit(s) were added to refs/heads/develop by this push:
     new 6d7e625  GEODE-6525: Add a SSL component to StandaloneClientManagementAPIAcceptanceTest
(#3302)
6d7e625 is described below

commit 6d7e6256a66212f4ab879c6109e9a955669488bf
Author: Jens Deppe <jdeppe@pivotal.io>
AuthorDate: Mon Mar 18 05:57:28 2019 -0700

    GEODE-6525: Add a SSL component to StandaloneClientManagementAPIAcceptanceTest (#3302)
---
 ...tandaloneClientManagementAPIAcceptanceTest.java |  73 ++++++++++++++++++++-
 .../resources/ManagementClientCreateRegion.java    |  18 +++--
 .../acceptanceTest/resources/ssl/trusted.keystore  | Bin 0 -> 547 bytes
 3 files changed, 84 insertions(+), 7 deletions(-)

diff --git a/geode-assembly/src/acceptanceTest/java/org/apache/geode/management/internal/rest/StandaloneClientManagementAPIAcceptanceTest.java
b/geode-assembly/src/acceptanceTest/java/org/apache/geode/management/internal/rest/StandaloneClientManagementAPIAcceptanceTest.java
index f2210e6..e929168 100644
--- a/geode-assembly/src/acceptanceTest/java/org/apache/geode/management/internal/rest/StandaloneClientManagementAPIAcceptanceTest.java
+++ b/geode-assembly/src/acceptanceTest/java/org/apache/geode/management/internal/rest/StandaloneClientManagementAPIAcceptanceTest.java
@@ -21,21 +21,33 @@ import java.io.File;
 import java.io.IOException;
 import java.nio.file.Path;
 import java.nio.file.Paths;
+import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collection;
+import java.util.List;
 import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 
+import org.junit.BeforeClass;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.TemporaryFolder;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+import org.junit.runners.Parameterized.Parameter;
+import org.junit.runners.Parameterized.Parameters;
+import org.junit.runners.Parameterized.UseParametersRunnerFactory;
 
 import org.apache.geode.test.compiler.JarBuilder;
 import org.apache.geode.test.junit.rules.gfsh.GfshExecution;
 import org.apache.geode.test.junit.rules.gfsh.GfshRule;
 import org.apache.geode.test.junit.rules.gfsh.GfshScript;
 import org.apache.geode.test.junit.rules.gfsh.internal.ProcessLogger;
+import org.apache.geode.test.junit.runners.CategoryWithParameterizedRunnerFactory;
 import org.apache.geode.util.test.TestUtil;
 
+@RunWith(Parameterized.class)
+@UseParametersRunnerFactory(CategoryWithParameterizedRunnerFactory.class)
 public class StandaloneClientManagementAPIAcceptanceTest {
 
   @Rule
@@ -44,7 +56,31 @@ public class StandaloneClientManagementAPIAcceptanceTest {
   @Rule
   public TemporaryFolder tempDir = new TemporaryFolder();
 
+  private static String trustStorePath;
+
+  @Parameter
+  public Boolean useSsl;
+
+  @Parameters
+  public static Collection<Boolean> data() {
+    return Arrays.asList(true, false);
+  }
+
+  @BeforeClass
+  public static void beforeClass() {
+    /**
+     * This file was generated with:
+     * keytool -genkey -dname "CN=localhost" -alias self -validity 3650 -keyalg EC \
+     * -keystore trusted.keystore -keypass password -storepass password \
+     * -ext san=ip:127.0.0.1,dns:localhost -storetype jks
+     */
+    trustStorePath = TestUtil.getResourcePath(StandaloneClientManagementAPIAcceptanceTest.class,
+        "/ssl/trusted.keystore");
+    assertThat(trustStorePath).as("java file resource not found").isNotBlank();
+  }
+
   @Test
+  @Parameterized.Parameters
   public void clientCreatesRegionUsingClusterManagementService() throws Exception {
     JarBuilder jarBuilder = new JarBuilder();
     String filePath =
@@ -55,7 +91,8 @@ public class StandaloneClientManagementAPIAcceptanceTest {
     jarBuilder.buildJar(outputJar, new File(filePath));
 
     GfshExecution startCluster =
-        GfshScript.of("start locator", "start server --locators=localhost[10334]")
+        GfshScript.of("start locator " + getSslParameters(),
+            "start server --locators=localhost[10334] " + getSslParameters())
             .withName("startCluster").execute(gfsh);
 
     assertThat(startCluster.getProcess().exitValue())
@@ -99,14 +136,44 @@ public class StandaloneClientManagementAPIAcceptanceTest {
     classPath.append(File.pathSeparator);
     classPath.append(outputJar.getAbsolutePath());
 
-    pBuilder.command(javaBin.toString(), "-classpath", classPath.toString(),
-        "ManagementClientTestCreateRegion", "REGION1");
+    List<String> command = new ArrayList<>();
+    command.add(javaBin.toString());
+
+    if (useSsl) {
+      command.add("-Djavax.net.ssl.keyStore=" + trustStorePath);
+      command.add("-Djavax.net.ssl.keyStorePassword=password");
+      command.add("-Djavax.net.ssl.trustStore=" + trustStorePath);
+      command.add("-Djavax.net.ssl.trustStorePassword=password");
+    }
+
+    command.add("-classpath");
+    command.add(classPath.toString());
+    command.add("ManagementClientCreateRegion");
+    command.add("REGION1");
+    command.add(useSsl.toString());
+
+    pBuilder.command(command);
+
+    System.out.format("Launching client command: %s\n", command);
 
     Process process = pBuilder.start();
     new ProcessLogger(process, "clientCreateRegion");
     return process;
   }
 
+  private String getSslParameters() {
+    if (useSsl) {
+      return String.format(" --J=-Dgemfire.ssl-keystore=%1$s"
+          + " --J=-Dgemfire.ssl-keystore-password=%2$s"
+          + " --J=-Dgemfire.ssl-truststore=%1$s"
+          + " --J=-Dgemfire.ssl-truststore-password=%2$s"
+          + " --J=-Dgemfire.ssl-enabled-components=web",
+          trustStorePath, "password");
+    }
+
+    return "";
+  }
+
   private String getJarOrClassesForModule(String module) {
     String classPath = Arrays.stream(System.getProperty("java.class.path")
         .split(File.pathSeparator))
diff --git a/geode-assembly/src/acceptanceTest/resources/ManagementClientCreateRegion.java
b/geode-assembly/src/acceptanceTest/resources/ManagementClientCreateRegion.java
index c6c23b2..2ddae41 100644
--- a/geode-assembly/src/acceptanceTest/resources/ManagementClientCreateRegion.java
+++ b/geode-assembly/src/acceptanceTest/resources/ManagementClientCreateRegion.java
@@ -13,18 +13,27 @@
  * the License.
  */
 
+import javax.net.ssl.SSLContext;
+
 import org.apache.geode.cache.RegionShortcut;
 import org.apache.geode.cache.configuration.RegionConfig;
 import org.apache.geode.management.api.ClusterManagementResult;
 import org.apache.geode.management.api.ClusterManagementService;
 import org.apache.geode.management.client.ClusterManagementServiceProvider;
 
-public class ManagementClientTestCreateRegion {
-  public static void main(String[] args) {
+public class ManagementClientCreateRegion {
+  public static void main(String[] args) throws Exception {
     String regionName = args[0];
+    boolean useSsl = Boolean.parseBoolean(args[1]);
 
-    ClusterManagementService cms =
-        ClusterManagementServiceProvider.getService("localhost", 7070);
+    ClusterManagementService cms;
+    if (useSsl) {
+      // The default SSLContext will pull in all necessary javax.net.ssl properties
+      cms = ClusterManagementServiceProvider.getService("localhost", 7070,
+          SSLContext.getDefault(), null, null, null);
+    } else {
+      cms = ClusterManagementServiceProvider.getService("localhost", 7070);
+    }
 
     RegionConfig config = new RegionConfig();
     config.setName(regionName);
@@ -39,4 +48,5 @@ public class ManagementClientTestCreateRegion {
 
     System.out.println("Successfully created region: " + regionName);
   }
+
 }
diff --git a/geode-assembly/src/acceptanceTest/resources/ssl/trusted.keystore b/geode-assembly/src/acceptanceTest/resources/ssl/trusted.keystore
new file mode 100644
index 0000000..1f0de7c
Binary files /dev/null and b/geode-assembly/src/acceptanceTest/resources/ssl/trusted.keystore
differ


Mime
View raw message