Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id CC1A6200C3B for ; Sat, 4 Mar 2017 06:43:07 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id CAA5E160B80; Sat, 4 Mar 2017 05:43:07 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id ED2D7160B6D for ; Sat, 4 Mar 2017 06:43:06 +0100 (CET) Received: (qmail 40127 invoked by uid 500); 4 Mar 2017 05:43:06 -0000 Mailing-List: contact commits-help@lucene.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@lucene.apache.org Delivered-To: mailing list commits@lucene.apache.org Received: (qmail 40118 invoked by uid 99); 4 Mar 2017 05:43:06 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 04 Mar 2017 05:43:06 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id E305DDFCA1; Sat, 4 Mar 2017 05:43:05 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: noble@apache.org To: commits@lucene.apache.org Message-Id: X-Mailer: ASF-Git Admin Mailer Subject: lucene-solr:master: SOLR-9401: TestPKIAuthenticationPlugin NPE. do the time consuming pub key creation before header is set Date: Sat, 4 Mar 2017 05:43:05 +0000 (UTC) archived-at: Sat, 04 Mar 2017 05:43:08 -0000 Repository: lucene-solr Updated Branches: refs/heads/master 5ae51d4dd -> b66d13398 SOLR-9401: TestPKIAuthenticationPlugin NPE. do the time consuming pub key creation before header is set Project: http://git-wip-us.apache.org/repos/asf/lucene-solr/repo Commit: http://git-wip-us.apache.org/repos/asf/lucene-solr/commit/b66d1339 Tree: http://git-wip-us.apache.org/repos/asf/lucene-solr/tree/b66d1339 Diff: http://git-wip-us.apache.org/repos/asf/lucene-solr/diff/b66d1339 Branch: refs/heads/master Commit: b66d13398aef416ec6b64dd5d3e5c00219ae5ce4 Parents: 5ae51d4 Author: Noble Paul Authored: Sat Mar 4 16:12:57 2017 +1030 Committer: Noble Paul Committed: Sat Mar 4 16:12:57 2017 +1030 ---------------------------------------------------------------------- .../security/TestPKIAuthenticationPlugin.java | 131 +++++++------------ 1 file changed, 47 insertions(+), 84 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/lucene-solr/blob/b66d1339/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java ---------------------------------------------------------------------- diff --git a/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java b/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java index 4eb0a80..2595277 100644 --- a/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java +++ b/solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java @@ -38,18 +38,10 @@ import org.apache.solr.util.CryptoKeys; import static org.mockito.Mockito.*; public class TestPKIAuthenticationPlugin extends SolrTestCaseJ4 { - HttpServletRequest mockReq; - FilterChain filterChain; - final AtomicReference wrappedRequestByFilter = new AtomicReference<>(); - final AtomicReference

header = new AtomicReference<>(); - AtomicReference principal = new AtomicReference<>(); - BasicHttpRequest request; - static class MockPKIAuthenticationPlugin extends PKIAuthenticationPlugin { SolrRequestInfo solrRequestInfo; - Map remoteKeys = new HashMap<>(); public MockPKIAuthenticationPlugin(CoreContainer cores, String node) { @@ -78,6 +70,7 @@ public class TestPKIAuthenticationPlugin extends SolrTestCaseJ4 { } public void test() throws Exception { + AtomicReference principal = new AtomicReference<>(); String nodeName = "node_x_233"; final MockPKIAuthenticationPlugin mock = new MockPKIAuthenticationPlugin(null, nodeName); @@ -92,96 +85,66 @@ public class TestPKIAuthenticationPlugin extends SolrTestCaseJ4 { principal.set(new BasicUserPrincipal("solr")); mock.solrRequestInfo = new SolrRequestInfo(localSolrQueryRequest, new SolrQueryResponse()); - request = new BasicHttpRequest("GET", "http://localhost:56565"); + BasicHttpRequest request = new BasicHttpRequest("GET", "http://localhost:56565"); mock.setHeader(request); + final AtomicReference

header = new AtomicReference<>(); header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER)); assertNotNull(header.get()); assertTrue(header.get().getValue().startsWith(nodeName)); - mockReq = createMockRequest(header); - filterChain = (servletRequest, servletResponse) -> wrappedRequestByFilter.set(servletRequest); - - - run("solr", () -> { - mock.doAuthenticate(mockReq, null, filterChain); - }); + final AtomicReference wrappedRequestByFilter = new AtomicReference<>(); + HttpServletRequest mockReq = createMockRequest(header); + FilterChain filterChain = (servletRequest, servletResponse) -> wrappedRequestByFilter.set(servletRequest); + mock.doAuthenticate(mockReq, null, filterChain); + assertNotNull(wrappedRequestByFilter.get()); + assertEquals("solr", ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName()); //test 2 - - run(null, () -> { - principal.set(null); // no user - header.set(null); - wrappedRequestByFilter.set(null);// - request = new BasicHttpRequest("GET", "http://localhost:56565"); - mock.setHeader(request); - assertNull(request.getFirstHeader(PKIAuthenticationPlugin.HEADER)); - mock.doAuthenticate(mockReq, null, filterChain); - }); + principal.set(null); // no user + header.set(null); + wrappedRequestByFilter.set(null);// + request = new BasicHttpRequest("GET", "http://localhost:56565"); + mock.setHeader(request); + assertNull(request.getFirstHeader(PKIAuthenticationPlugin.HEADER)); + mock.doAuthenticate(mockReq, null, filterChain); + assertNotNull(wrappedRequestByFilter.get()); + assertNull(((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal()); //test 3 . No user request . Request originated from Solr - run("$", () -> { - mock.solrRequestInfo = null; - header.set(null); - wrappedRequestByFilter.set(null); - request = new BasicHttpRequest("GET", "http://localhost:56565"); - mock.setHeader(request); - header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER)); - assertNotNull(header.get()); - assertTrue(header.get().getValue().startsWith(nodeName)); - mock.doAuthenticate(mockReq, null, filterChain); - }); - - run("$", () -> { - mock.solrRequestInfo = null; - header.set(null); - wrappedRequestByFilter.set(null); - request = new BasicHttpRequest("GET", "http://localhost:56565"); - mock.setHeader(request); - header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER)); - assertNotNull(header.get()); - assertTrue(header.get().getValue().startsWith(nodeName)); - MockPKIAuthenticationPlugin mock1 = new MockPKIAuthenticationPlugin(null, nodeName) { - int called = 0; - - @Override - PublicKey getRemotePublicKey(String nodename) { - try { - return called == 0 ? new CryptoKeys.RSAKeyPair().getPublicKey() : correctKey; - } finally { - called++; - } - } - }; - - mock1.doAuthenticate(mockReq, null, filterChain); - - }); - - } + //create pub key in advance because it can take time and it should be + //created before the header is set + PublicKey key = new CryptoKeys.RSAKeyPair().getPublicKey(); + mock.solrRequestInfo = null; + header.set(null); + wrappedRequestByFilter.set(null); + request = new BasicHttpRequest("GET", "http://localhost:56565"); + mock.setHeader(request); + header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER)); + assertNotNull(header.get()); + assertTrue(header.get().getValue().startsWith(nodeName)); - interface Runnable { - void run() throws Exception; - } + mock.doAuthenticate(mockReq, null, filterChain); + assertNotNull(wrappedRequestByFilter.get()); + assertEquals("$", ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName()); - private void run(String expected, Runnable r) throws Exception { - int failures = 0; - for (; ; ) { - r.run(); - if (expected == null) { - assertTrue(wrappedRequestByFilter.get() == null || ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal() == null); - } else { - assertNotNull(wrappedRequestByFilter.get()); - if (((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal() == null) { - //may be timed out - if (++failures < 3) continue; - else - fail("No principal obtained"); + /*test4 mock the restart of a node*/ + MockPKIAuthenticationPlugin mock1 = new MockPKIAuthenticationPlugin(null, nodeName) { + int called = 0; + @Override + PublicKey getRemotePublicKey(String nodename) { + try { + return called == 0 ? key : correctKey; + } finally { + called++; } - assertEquals(expected, ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName()); } - return; + }; + + mock1.doAuthenticate(mockReq, null,filterChain ); + assertNotNull(wrappedRequestByFilter.get()); + assertEquals("$", ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName()); + - } } private HttpServletRequest createMockRequest(final AtomicReference

header) {