lucene-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sar...@apache.org
Subject [50/51] [abbrv] lucene-solr:apiv2: SOLR-8029: merge master into apiv2
Date Thu, 21 Jul 2016 13:38:12 GMT
http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/49a09217/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
----------------------------------------------------------------------
diff --cc solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
index cad1fad,8a5483a..33756f4
--- a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
+++ b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
@@@ -89,86 -85,98 +89,98 @@@ public class BasicAuthIntegrationTest e
      cloudSolrClient.setDefaultCollection(null);
  
      NamedList<Object> rsp;
-     HttpClient cl = HttpClientUtil.createClient(null);
-     String baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName),
random()).getStr(BASE_URL_PROP);
-     verifySecurityStatus(cl, baseUrl + authcPrefix, "/errorMessages", null, 20);
-     zkClient.setData("/security.json", STD_CONF.replaceAll("'", "\"").getBytes(UTF_8), true);
-     verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin",
20);
- 
-     boolean found = false;
-     for (JettySolrRunner jettySolrRunner : miniCluster.getJettySolrRunners()) {
-       if(baseUrl.contains(String.valueOf(jettySolrRunner.getLocalPort()))){
-         found = true;
-         jettySolrRunner.stop();
-         jettySolrRunner.start();
-         verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin",
20);
-         break;
-       }
-     }
- 
-     assertTrue("No server found to restart , looking for : "+baseUrl , found);
- 
-     String command = "{\n" +
-         "'set-user': {'harry':'HarryIsCool'}\n" +
-         "}";
- 
-     GenericSolrRequest genericReq = new GenericSolrRequest(SolrRequest.METHOD.POST, authcPrefix,
new ModifiableSolrParams());
-     genericReq.setContentStreams(Collections.singletonList(new ContentStreamBase.ByteArrayStream(command.getBytes(UTF_8),
"")));
+     HttpClient cl = null;
      try {
-       rsp = cloudSolrClient.request(genericReq);
-       fail("Should have failed with a 401,  got :" + rsp);
-     } catch (HttpSolrClient.RemoteSolrException e) {
-     }
-     command = "{\n" +
-         "'set-user': {'harry':'HarryIsUberCool'}\n" +
-         "}";
- 
-     HttpPost httpPost = new HttpPost(baseUrl + authcPrefix);
-     setBasicAuthHeader(httpPost, "solr", "SolrRocks");
-     httpPost.setEntity(new ByteArrayEntity(command.getBytes(UTF_8)));
-     httpPost.addHeader("Content-Type", "application/json; charset=UTF-8");
-     verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication.enabled", "true", 20);
-     HttpResponse r = cl.execute(httpPost);
-     int statusCode = r.getStatusLine().getStatusCode();
-     Utils.consumeFully(r.getEntity());
-     assertEquals("proper_cred sent, but access denied", 200, statusCode);
-     baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName),
random()).getStr(BASE_URL_PROP);
- 
-     verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/credentials/harry",
NOT_NULL_PREDICATE, 20);
-     command = "{\n" +
-         "'set-user-role': {'harry':'admin'}\n" +
-         "}";
- 
-     executeCommand(baseUrl + authzPrefix, cl,command, "solr", "SolrRocks");
- 
-     baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName),
random()).getStr(BASE_URL_PROP);
-     verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/user-role/harry", NOT_NULL_PREDICATE,
20);
- 
-     executeCommand(baseUrl + authzPrefix, cl, Utils.toJSONString(singletonMap("set-permission",
Utils.makeMap
-         ("collection", "x",
-             "path", "/update/*",
-             "role", "dev"))), "harry", "HarryIsUberCool" );
- 
-     verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[1]/collection",
"x", 20);
+       cl = HttpClientUtil.createClient(null);
+       String baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName),
random()).getStr(BASE_URL_PROP);
+       verifySecurityStatus(cl, baseUrl + authcPrefix, "/errorMessages", null, 20);
+       zkClient.setData("/security.json", STD_CONF.replaceAll("'", "\"").getBytes(UTF_8),
true);
+       verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin",
20);
+ 
+       boolean found = false;
+       for (JettySolrRunner jettySolrRunner : miniCluster.getJettySolrRunners()) {
+         if(baseUrl.contains(String.valueOf(jettySolrRunner.getLocalPort()))){
+           found = true;
+           jettySolrRunner.stop();
+           jettySolrRunner.start();
+           verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin",
20);
+           break;
+         }
+       }
  
-     executeCommand(baseUrl + authzPrefix, cl,Utils.toJSONString(singletonMap("set-permission",
Utils.makeMap
-         ("name", "collection-admin-edit", "role", "admin"))), "harry", "HarryIsUberCool"
 );
-     verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[2]/name",
"collection-admin-edit", 20);
+       assertTrue("No server found to restart , looking for : "+baseUrl , found);
  
-     CollectionAdminRequest.Reload reload = new CollectionAdminRequest.Reload();
-     reload.setCollectionName(defaultCollName);
+       String command = "{\n" +
+           "'set-user': {'harry':'HarryIsCool'}\n" +
+           "}";
  
-     try (HttpSolrClient solrClient = getHttpSolrClient(baseUrl)) {
+       GenericSolrRequest genericReq = new GenericSolrRequest(SolrRequest.METHOD.POST, authcPrefix,
new ModifiableSolrParams());
+       genericReq.setContentStreams(Collections.singletonList(new ContentStreamBase.ByteArrayStream(command.getBytes(UTF_8),
"")));
        try {
-         rsp = solrClient.request(reload);
-         fail("must have failed");
 -        cloudSolrClient.request(genericReq);
 -        fail("Should have failed with a 401");
++        rsp = cloudSolrClient.request(genericReq);
++        fail("Should have failed with a 401,  got :" + rsp);
        } catch (HttpSolrClient.RemoteSolrException e) {
- 
        }
-       reload.setMethod(SolrRequest.METHOD.POST);
+       command = "{\n" +
+           "'set-user': {'harry':'HarryIsUberCool'}\n" +
+           "}";
+ 
+       HttpPost httpPost = new HttpPost(baseUrl + authcPrefix);
+       setBasicAuthHeader(httpPost, "solr", "SolrRocks");
+       httpPost.setEntity(new ByteArrayEntity(command.getBytes(UTF_8)));
+       httpPost.addHeader("Content-Type", "application/json; charset=UTF-8");
+       verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication.enabled", "true",
20);
+       HttpResponse r = cl.execute(httpPost);
+       int statusCode = r.getStatusLine().getStatusCode();
+       Utils.consumeFully(r.getEntity());
+       assertEquals("proper_cred sent, but access denied", 200, statusCode);
+       baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName),
random()).getStr(BASE_URL_PROP);
+ 
+       verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/credentials/harry",
NOT_NULL_PREDICATE, 20);
+       command = "{\n" +
+           "'set-user-role': {'harry':'admin'}\n" +
+           "}";
+ 
+       executeCommand(baseUrl + authzPrefix, cl,command, "solr", "SolrRocks");
+ 
+       baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName),
random()).getStr(BASE_URL_PROP);
+       verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/user-role/harry", NOT_NULL_PREDICATE,
20);
+ 
+       executeCommand(baseUrl + authzPrefix, cl, Utils.toJSONString(singletonMap("set-permission",
Utils.makeMap
+           ("collection", "x",
+               "path", "/update/*",
+               "role", "dev"))), "harry", "HarryIsUberCool" );
+ 
+       verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[1]/collection",
"x", 20);
+ 
+       executeCommand(baseUrl + authzPrefix, cl,Utils.toJSONString(singletonMap("set-permission",
Utils.makeMap
+           ("name", "collection-admin-edit", "role", "admin"))), "harry", "HarryIsUberCool"
 );
+       verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[2]/name",
"collection-admin-edit", 20);
+ 
+       CollectionAdminRequest.Reload reload = CollectionAdminRequest.reloadCollection(defaultCollName);
+ 
+       try (HttpSolrClient solrClient = getHttpSolrClient(baseUrl)) {
+         try {
+           rsp = solrClient.request(reload);
+           fail("must have failed");
+         } catch (HttpSolrClient.RemoteSolrException e) {
+ 
+         }
+         reload.setMethod(SolrRequest.METHOD.POST);
+         try {
+           rsp = solrClient.request(reload);
+           fail("must have failed");
+         } catch (HttpSolrClient.RemoteSolrException e) {
+ 
+         }
+       }
+       cloudSolrClient.request(CollectionAdminRequest.reloadCollection(defaultCollName)
+           .setBasicAuthCredentials("harry", "HarryIsUberCool"));
+ 
        try {
-         rsp = solrClient.request(reload);
-         fail("must have failed");
+         cloudSolrClient.request(CollectionAdminRequest.reloadCollection(defaultCollName)
+             .setBasicAuthCredentials("harry", "Cool12345"));
+         fail("This should not succeed");
        } catch (HttpSolrClient.RemoteSolrException e) {
  
        }

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/49a09217/solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudSolrClient.java
----------------------------------------------------------------------

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/49a09217/solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java
----------------------------------------------------------------------


Mime
View raw message