geode-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (GEODE-3827) SecurityManager is leaked from one Cache to another
Date Tue, 17 Oct 2017 17:22:01 GMT

    [ https://issues.apache.org/jira/browse/GEODE-3827?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16207974#comment-16207974
] 

ASF subversion and git services commented on GEODE-3827:
--------------------------------------------------------

Commit 0f72bef2a152b670868f582d9dfeafd794bed871 in geode's branch refs/heads/feature/GEODE-3727
from [~jstewart]
[ https://gitbox.apache.org/repos/asf?p=geode.git;h=0f72bef ]

GEODE-3827: SecurityManager does not leak between separate CacheFactory's


> SecurityManager is leaked from one Cache to another
> ---------------------------------------------------
>
>                 Key: GEODE-3827
>                 URL: https://issues.apache.org/jira/browse/GEODE-3827
>             Project: Geode
>          Issue Type: Bug
>          Components: configuration, security
>            Reporter: Galen O'Sullivan
>            Assignee: Jared Stewart
>             Fix For: 1.4.0
>
>
> After creating and closing Cache, the SecurityManager is visible to the next Cache created.
This only happens if CacheServer.setSecurityManager is called, not if the class is specified
via property. This is causing failure of some integration tests we'd like to add.
> I've created a minimal working example, also visible on branch {{SecurityManager-integration-test}}
of https://github.com/galen-pivotal/geode
> {code}
> package org.apache.geode.security;
> import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS;
> import static org.apache.geode.distributed.ConfigurationProperties.MCAST_PORT;
> import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
> import static org.assertj.core.api.Assertions.assertThat;
> import java.util.Properties;
> import org.junit.Test;
> import org.apache.geode.cache.CacheFactory;
> import org.apache.geode.examples.SimpleSecurityManager;
> import org.apache.geode.internal.cache.InternalCache;
> import org.apache.geode.internal.security.SecurityService;
> /**
>  * This test verifies that when a SecurityManager is set, it does not persist between
Cache
>  * creations.
>  *
>  * We had seen this issue, and it broke integration tests.
>  */
> public class SecurityManagerPersistenceIntegrationTest {
>   private static final Properties defaultProperties;
>   static {
>     Properties properties = new Properties();
>     properties.setProperty(MCAST_PORT, "0");
>     properties.setProperty(LOCATORS, "");
>     defaultProperties = properties;
>   }
>   @Test
>   public void doesNotPersistWhenSetViaCacheFactoryJavaApi() {
>     CacheFactory firstCacheFactory = new CacheFactory(new Properties(defaultProperties));
>     SecurityManager securityManager = new SimpleSecurityManager();
>     firstCacheFactory.setSecurityManager(securityManager);
>     InternalCache firstCache = (InternalCache) firstCacheFactory.create();
>       firstCache.close();
>     CacheFactory cacheFactory = new CacheFactory(new Properties(defaultProperties));
>     try (InternalCache cache = (InternalCache) cacheFactory.create()) {
>       assertCacheHasNoSecurity(cache);
>     }
>   }
>   @Test
>   public void doesNotPersistWhenSetWithProperty() {
>     Properties properties = new Properties(defaultProperties);
>     properties.setProperty(SECURITY_MANAGER, SimpleSecurityManager.class.getName());
>     CacheFactory firstCacheFactory = new CacheFactory(properties);
>     InternalCache firstCache = (InternalCache) firstCacheFactory.create();
>     firstCache.close();
>     // Make sure we're using a fresh CacheFactory, so the test is valid.
>     CacheFactory cacheFactory = new CacheFactory(new Properties(defaultProperties));
>     try (InternalCache cache = (InternalCache) cacheFactory.create()) {
>       assertCacheHasNoSecurity(cache);
>     }
>   }
>   private void assertCacheHasNoSecurity(InternalCache cache) {
>     SecurityService securityService = cache.getSecurityService();
>     assertThat(securityService.isIntegratedSecurity()).isFalse();
>     assertThat(securityService.isClientSecurityRequired()).isFalse();
>     assertThat(securityService.isPeerSecurityRequired()).isFalse();
>     // We expect null if it's not set, but there could be a default security manager
if
>     // implementation details change.
>     if (securityService.getSecurityManager() != null) {
>       assertThat(securityService.getSecurityManager())
>           .describedAs("Security manager is not the same as the previously existing Cache")
>           .isNotInstanceOf(SpySecurityManager.class);
>     }
>   }
> }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message