Return-Path: <commits-return-80556-archive-asf-public=cust-asf.ponee.io@lucene.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id 3A17F200B4B
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Thu, 21 Jul 2016 15:37:30 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id 38B50160A7C; Thu, 21 Jul 2016 13:37:30 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 5EE68160A87
	for <archive-asf-public@cust-asf.ponee.io>; Thu, 21 Jul 2016 15:37:29 +0200 (CEST)
Received: (qmail 83080 invoked by uid 500); 21 Jul 2016 13:37:25 -0000
Mailing-List: contact commits-help@lucene.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@lucene.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@lucene.apache.org>
List-Post: <mailto:commits@lucene.apache.org>
List-Id: <commits.lucene.apache.org>
Reply-To: dev@lucene.apache.org
Delivered-To: mailing list commits@lucene.apache.org
Received: (qmail 81643 invoked by uid 99); 21 Jul 2016 13:37:25 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 Jul 2016 13:37:25 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33)
	id F401FDFB74; Thu, 21 Jul 2016 13:37:24 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: sarowe@apache.org
To: commits@lucene.apache.org
Date: Thu, 21 Jul 2016 13:38:12 -0000
Message-Id: <a7aef0c3768b4aaaa7289707a3132bad@git.apache.org>
In-Reply-To: <e49258a0e748431bb6b7dd6825723bb3@git.apache.org>
References: <e49258a0e748431bb6b7dd6825723bb3@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: [50/51] [abbrv] lucene-solr:apiv2: SOLR-8029: merge master into apiv2
archived-at: Thu, 21 Jul 2016 13:37:30 -0000

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/49a09217/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
----------------------------------------------------------------------
diff --cc solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
index cad1fad,8a5483a..33756f4
--- a/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
+++ b/solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
@@@ -89,86 -85,98 +89,98 @@@ public class BasicAuthIntegrationTest e
      cloudSolrClient.setDefaultCollection(null);
  
      NamedList<Object> rsp;
-     HttpClient cl = HttpClientUtil.createClient(null);
-     String baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
-     verifySecurityStatus(cl, baseUrl + authcPrefix, "/errorMessages", null, 20);
-     zkClient.setData("/security.json", STD_CONF.replaceAll("'", "\"").getBytes(UTF_8), true);
-     verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin", 20);
- 
-     boolean found = false;
-     for (JettySolrRunner jettySolrRunner : miniCluster.getJettySolrRunners()) {
-       if(baseUrl.contains(String.valueOf(jettySolrRunner.getLocalPort()))){
-         found = true;
-         jettySolrRunner.stop();
-         jettySolrRunner.start();
-         verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin", 20);
-         break;
-       }
-     }
- 
-     assertTrue("No server found to restart , looking for : "+baseUrl , found);
- 
-     String command = "{\n" +
-         "'set-user': {'harry':'HarryIsCool'}\n" +
-         "}";
- 
-     GenericSolrRequest genericReq = new GenericSolrRequest(SolrRequest.METHOD.POST, authcPrefix, new ModifiableSolrParams());
-     genericReq.setContentStreams(Collections.singletonList(new ContentStreamBase.ByteArrayStream(command.getBytes(UTF_8), "")));
+     HttpClient cl = null;
      try {
-       rsp = cloudSolrClient.request(genericReq);
-       fail("Should have failed with a 401,  got :" + rsp);
-     } catch (HttpSolrClient.RemoteSolrException e) {
-     }
-     command = "{\n" +
-         "'set-user': {'harry':'HarryIsUberCool'}\n" +
-         "}";
- 
-     HttpPost httpPost = new HttpPost(baseUrl + authcPrefix);
-     setBasicAuthHeader(httpPost, "solr", "SolrRocks");
-     httpPost.setEntity(new ByteArrayEntity(command.getBytes(UTF_8)));
-     httpPost.addHeader("Content-Type", "application/json; charset=UTF-8");
-     verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication.enabled", "true", 20);
-     HttpResponse r = cl.execute(httpPost);
-     int statusCode = r.getStatusLine().getStatusCode();
-     Utils.consumeFully(r.getEntity());
-     assertEquals("proper_cred sent, but access denied", 200, statusCode);
-     baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
- 
-     verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/credentials/harry", NOT_NULL_PREDICATE, 20);
-     command = "{\n" +
-         "'set-user-role': {'harry':'admin'}\n" +
-         "}";
- 
-     executeCommand(baseUrl + authzPrefix, cl,command, "solr", "SolrRocks");
- 
-     baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
-     verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/user-role/harry", NOT_NULL_PREDICATE, 20);
- 
-     executeCommand(baseUrl + authzPrefix, cl, Utils.toJSONString(singletonMap("set-permission", Utils.makeMap
-         ("collection", "x",
-             "path", "/update/*",
-             "role", "dev"))), "harry", "HarryIsUberCool" );
- 
-     verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[1]/collection", "x", 20);
+       cl = HttpClientUtil.createClient(null);
+       String baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
+       verifySecurityStatus(cl, baseUrl + authcPrefix, "/errorMessages", null, 20);
+       zkClient.setData("/security.json", STD_CONF.replaceAll("'", "\"").getBytes(UTF_8), true);
+       verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin", 20);
+ 
+       boolean found = false;
+       for (JettySolrRunner jettySolrRunner : miniCluster.getJettySolrRunners()) {
+         if(baseUrl.contains(String.valueOf(jettySolrRunner.getLocalPort()))){
+           found = true;
+           jettySolrRunner.stop();
+           jettySolrRunner.start();
+           verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin", 20);
+           break;
+         }
+       }
  
-     executeCommand(baseUrl + authzPrefix, cl,Utils.toJSONString(singletonMap("set-permission", Utils.makeMap
-         ("name", "collection-admin-edit", "role", "admin"))), "harry", "HarryIsUberCool"  );
-     verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[2]/name", "collection-admin-edit", 20);
+       assertTrue("No server found to restart , looking for : "+baseUrl , found);
  
-     CollectionAdminRequest.Reload reload = new CollectionAdminRequest.Reload();
-     reload.setCollectionName(defaultCollName);
+       String command = "{\n" +
+           "'set-user': {'harry':'HarryIsCool'}\n" +
+           "}";
  
-     try (HttpSolrClient solrClient = getHttpSolrClient(baseUrl)) {
+       GenericSolrRequest genericReq = new GenericSolrRequest(SolrRequest.METHOD.POST, authcPrefix, new ModifiableSolrParams());
+       genericReq.setContentStreams(Collections.singletonList(new ContentStreamBase.ByteArrayStream(command.getBytes(UTF_8), "")));
        try {
-         rsp = solrClient.request(reload);
-         fail("must have failed");
 -        cloudSolrClient.request(genericReq);
 -        fail("Should have failed with a 401");
++        rsp = cloudSolrClient.request(genericReq);
++        fail("Should have failed with a 401,  got :" + rsp);
        } catch (HttpSolrClient.RemoteSolrException e) {
- 
        }
-       reload.setMethod(SolrRequest.METHOD.POST);
+       command = "{\n" +
+           "'set-user': {'harry':'HarryIsUberCool'}\n" +
+           "}";
+ 
+       HttpPost httpPost = new HttpPost(baseUrl + authcPrefix);
+       setBasicAuthHeader(httpPost, "solr", "SolrRocks");
+       httpPost.setEntity(new ByteArrayEntity(command.getBytes(UTF_8)));
+       httpPost.addHeader("Content-Type", "application/json; charset=UTF-8");
+       verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication.enabled", "true", 20);
+       HttpResponse r = cl.execute(httpPost);
+       int statusCode = r.getStatusLine().getStatusCode();
+       Utils.consumeFully(r.getEntity());
+       assertEquals("proper_cred sent, but access denied", 200, statusCode);
+       baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
+ 
+       verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/credentials/harry", NOT_NULL_PREDICATE, 20);
+       command = "{\n" +
+           "'set-user-role': {'harry':'admin'}\n" +
+           "}";
+ 
+       executeCommand(baseUrl + authzPrefix, cl,command, "solr", "SolrRocks");
+ 
+       baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
+       verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/user-role/harry", NOT_NULL_PREDICATE, 20);
+ 
+       executeCommand(baseUrl + authzPrefix, cl, Utils.toJSONString(singletonMap("set-permission", Utils.makeMap
+           ("collection", "x",
+               "path", "/update/*",
+               "role", "dev"))), "harry", "HarryIsUberCool" );
+ 
+       verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[1]/collection", "x", 20);
+ 
+       executeCommand(baseUrl + authzPrefix, cl,Utils.toJSONString(singletonMap("set-permission", Utils.makeMap
+           ("name", "collection-admin-edit", "role", "admin"))), "harry", "HarryIsUberCool"  );
+       verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[2]/name", "collection-admin-edit", 20);
+ 
+       CollectionAdminRequest.Reload reload = CollectionAdminRequest.reloadCollection(defaultCollName);
+ 
+       try (HttpSolrClient solrClient = getHttpSolrClient(baseUrl)) {
+         try {
+           rsp = solrClient.request(reload);
+           fail("must have failed");
+         } catch (HttpSolrClient.RemoteSolrException e) {
+ 
+         }
+         reload.setMethod(SolrRequest.METHOD.POST);
+         try {
+           rsp = solrClient.request(reload);
+           fail("must have failed");
+         } catch (HttpSolrClient.RemoteSolrException e) {
+ 
+         }
+       }
+       cloudSolrClient.request(CollectionAdminRequest.reloadCollection(defaultCollName)
+           .setBasicAuthCredentials("harry", "HarryIsUberCool"));
+ 
        try {
-         rsp = solrClient.request(reload);
-         fail("must have failed");
+         cloudSolrClient.request(CollectionAdminRequest.reloadCollection(defaultCollName)
+             .setBasicAuthCredentials("harry", "Cool12345"));
+         fail("This should not succeed");
        } catch (HttpSolrClient.RemoteSolrException e) {
  
        }

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/49a09217/solr/solrj/src/java/org/apache/solr/client/solrj/impl/CloudSolrClient.java
----------------------------------------------------------------------

http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/49a09217/solr/solrj/src/java/org/apache/solr/common/cloud/ZkStateReader.java
----------------------------------------------------------------------