/*
* Licensed to the Apache Software Foundation (ASF) under one or more contributor license
* agreements. See the NOTICE file distributed with this work for additional information regarding
* copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance with the License. You may obtain a
* copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed under the License
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
* or implied. See the License for the specific language governing permissions and limitations under
* the License.
*/
package org.apache.geode.security;
import static org.apache.geode.security.ClientAuthenticationTestUtils.createCacheClient;
import static org.apache.geode.security.SecurityTestUtils.*;
import static org.apache.geode.test.dunit.Assert.*;
import static org.apache.geode.test.dunit.LogWriterUtils.*;
import java.util.Properties;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.apache.geode.DeltaTestImpl;
import org.apache.geode.cache.Region;
import org.apache.geode.cache.operations.OperationContext.OperationCode;
import org.apache.geode.internal.cache.PartitionedRegionLocalMaxMemoryDUnitTest.TestObject1;
import org.apache.geode.security.generator.AuthzCredentialGenerator;
import org.apache.geode.security.generator.CredentialGenerator;
import org.apache.geode.test.junit.categories.DistributedTest;
import org.apache.geode.test.junit.categories.SecurityTest;
/**
* @since GemFire 6.1
*/
@Category({DistributedTest.class, SecurityTest.class})
public final class DeltaClientAuthorizationDUnitTest extends ClientAuthorizationTestCase {
private DeltaTestImpl[] deltas = new DeltaTestImpl[8];
@Override
protected final void preSetUpClientAuthorizationTestBase() throws Exception {
setUpDeltas();
}
@Override
public final void preTearDownClientAuthorizationTestBase() throws Exception {
closeCache();
}
@Test
public void testAllowPutsGets() throws Exception {
AuthzCredentialGenerator gen = this.getXmlAuthzGenerator();
CredentialGenerator cGen = gen.getCredentialGenerator();
Properties extraAuthProps = cGen.getSystemProperties();
Properties javaProps = cGen.getJavaProperties();
Properties extraAuthzProps = gen.getSystemProperties();
String authenticator = cGen.getAuthenticator();
String authInit = cGen.getAuthInit();
String accessor = gen.getAuthorizationCallback();
getLogWriter().info("testAllowPutsGets: Using authinit: " + authInit);
getLogWriter().info("testAllowPutsGets: Using authenticator: " + authenticator);
getLogWriter().info("testAllowPutsGets: Using accessor: " + accessor);
// Start servers with all required properties
Properties serverProps =
buildProperties(authenticator, accessor, false, extraAuthProps, extraAuthzProps);
int port1 = createServer1(javaProps, serverProps);
int port2 = createServer2(javaProps, serverProps);
// Start client1 with valid CREATE credentials
Properties createCredentials = gen.getAllowedCredentials(
new OperationCode[] {OperationCode.PUT}, new String[] {REGION_NAME}, 1);
javaProps = cGen.getJavaProperties();
getLogWriter().info("testAllowPutsGets: For first client credentials: " + createCredentials);
createClient1(javaProps, authInit, port1, port2, createCredentials);
// Start client2 with valid GET credentials
Properties getCredentials = gen.getAllowedCredentials(new OperationCode[] {OperationCode.GET},
new String[] {REGION_NAME}, 2);
javaProps = cGen.getJavaProperties();
getLogWriter().info("testAllowPutsGets: For second client credentials: " + getCredentials);
createClient2(javaProps, authInit, port1, port2, getCredentials);
// Perform some put operations from client1
client1.invoke(() -> doPuts(2, NO_EXCEPTION));
Thread.sleep(5000);
assertTrue("Delta feature NOT used", client1.invoke(() -> DeltaTestImpl.toDeltaFeatureUsed()));
// Verify that the gets succeed
client2.invoke(() -> doGets(2, NO_EXCEPTION));
}
private void createClient2(final Properties javaProps, final String authInit, final int port1,
final int port2, final Properties getCredentials) {
client2.invoke(() -> createCacheClient(authInit, getCredentials, javaProps, port1, port2, 0,
NO_EXCEPTION));
}
private void createClient1(final Properties javaProps, final String authInit, final int port1,
final int port2, final Properties createCredentials) {
client1.invoke(() -> createCacheClient(authInit, createCredentials, javaProps, port1, port2, 0,
NO_EXCEPTION));
}
private int createServer2(final Properties javaProps, final Properties serverProps) {
return server2.invoke(() -> createCacheServer(getLocatorPort(), serverProps, javaProps));
}
private int createServer1(final Properties javaProps, final Properties serverProps) {
return server1.invoke(() -> createCacheServer(getLocatorPort(), serverProps, javaProps));
}
private void doPuts(final int num, final int expectedResult) {
assertTrue(num <= KEYS.length);
Region region = getCache().getRegion(REGION_NAME);
assertNotNull(region);
for (int index = 0; index < num; ++index) {
region.put(KEYS[index], deltas[0]);
}
for (int index = 0; index < num; ++index) {
region.put(KEYS[index], deltas[index]);
if (expectedResult != NO_EXCEPTION) {
fail("Expected a NotAuthorizedException while doing puts");
}
}
}
private void doGets(final int num, final int expectedResult) {
assertTrue(num <= KEYS.length);
Region region = getCache().getRegion(REGION_NAME);
assertNotNull(region);
for (int index = 0; index < num; ++index) {
region.localInvalidate(KEYS[index]);
Object value = region.get(KEYS[index]);
if (expectedResult != NO_EXCEPTION) {
fail("Expected a NotAuthorizedException while doing gets");
}
assertNotNull(value);
assertEquals(deltas[index], value);
}
}
private final void setUpDeltas() {
for (int i = 0; i < 8; i++) {
deltas[i] = new DeltaTestImpl(0, "0", new Double(0), new byte[0], new TestObject1("0", 0));
}
deltas[1].setIntVar(5);
deltas[2].setIntVar(5);
deltas[3].setIntVar(5);
deltas[4].setIntVar(5);
deltas[5].setIntVar(5);
deltas[6].setIntVar(5);
deltas[7].setIntVar(5);
deltas[2].resetDeltaStatus();
deltas[2].setByteArr(new byte[] {1, 2, 3, 4, 5});
deltas[3].setByteArr(new byte[] {1, 2, 3, 4, 5});
deltas[4].setByteArr(new byte[] {1, 2, 3, 4, 5});
deltas[5].setByteArr(new byte[] {1, 2, 3, 4, 5});
// deltas[6].setByteArr(new byte[] { 1, 2, 3, 4, 5 });
// deltas[7].setByteArr(new byte[] { 1, 2, 3, 4, 5 });
deltas[3].resetDeltaStatus();
deltas[3].setDoubleVar(new Double(5));
deltas[4].setDoubleVar(new Double(5));
deltas[5].setDoubleVar(new Double(5));
deltas[6].setDoubleVar(new Double(5));
deltas[7].setDoubleVar(new Double(5));
deltas[4].resetDeltaStatus();
deltas[4].setStr("str changed");
deltas[5].setStr("str changed");
deltas[6].setStr("str changed");
// deltas[7].setStr("str changed");
deltas[5].resetDeltaStatus();
deltas[5].setIntVar(100);
deltas[5].setTestObj(new TestObject1("CHANGED", 100));
deltas[6].setTestObj(new TestObject1("CHANGED", 100));
deltas[7].setTestObj(new TestObject1("CHANGED", 100));
deltas[6].resetDeltaStatus();
deltas[6].setByteArr(new byte[] {1, 2, 3});
deltas[7].setByteArr(new byte[] {1, 2, 3});
deltas[7].resetDeltaStatus();
deltas[7].setStr("delta string");
}
}