Skip to content

Commit

Permalink
GEODE-2092 - Security examples should not be in the product code
Browse files Browse the repository at this point in the history
* Moved examples to geode-core/src/main/java/org/apache/geode/examples/security/
* Renamed them from Sample to Example (e.g., ExampleSecurityManager)
* Copied old sample code to TestSecurityManager, SimpleTestSecurityManager, TestPostProcessor and SimpleTestSecurityManager
* This closes apache#290
  • Loading branch information
Kevin J. Duling authored and jinmeiliao committed Nov 29, 2016
1 parent 440e165 commit 115a2f8
Show file tree
Hide file tree
Showing 34 changed files with 422 additions and 128 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@

import org.apache.geode.cache.RegionShortcut;
import org.apache.geode.internal.AvailablePortHelper;
import org.apache.geode.security.templates.SampleSecurityManager;
import org.apache.geode.security.TestSecurityManager;
import org.apache.geode.test.dunit.rules.ServerStarterRule;
import org.apache.geode.test.junit.categories.IntegrationTest;
import org.apache.geode.test.junit.categories.SecurityTest;
Expand All @@ -48,9 +48,9 @@ public class RestSecurityIntegrationTest {
private static int restPort = AvailablePortHelper.getRandomAvailableTCPPort();
static Properties properties = new Properties() {
{
setProperty(SampleSecurityManager.SECURITY_JSON,
setProperty(TestSecurityManager.SECURITY_JSON,
"org/apache/geode/management/internal/security/clientServer.json");
setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
setProperty(SECURITY_MANAGER, TestSecurityManager.class.getName());
setProperty(START_DEV_REST_API, "true");
setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
setProperty(HTTP_SERVICE_PORT, restPort + "");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
import org.apache.geode.internal.AvailablePortHelper;
import org.apache.geode.rest.internal.web.controllers.Customer;
import org.apache.geode.rest.internal.web.controllers.RedactingPostProcessor;
import org.apache.geode.security.templates.SampleSecurityManager;
import org.apache.geode.security.TestSecurityManager;
import org.apache.geode.test.dunit.rules.ServerStarterRule;
import org.apache.geode.test.junit.categories.IntegrationTest;
import org.apache.geode.test.junit.categories.SecurityTest;
Expand All @@ -54,9 +54,9 @@ public class RestSecurityPostProcessorTest {
static int restPort = AvailablePortHelper.getRandomAvailableTCPPort();
static Properties properties = new Properties() {
{
setProperty(SampleSecurityManager.SECURITY_JSON,
setProperty(TestSecurityManager.SECURITY_JSON,
"org/apache/geode/management/internal/security/clientServer.json");
setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
setProperty(SECURITY_MANAGER, TestSecurityManager.class.getName());
setProperty(START_DEV_REST_API, "true");
setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
setProperty(HTTP_SERVICE_PORT, restPort + "");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@

import org.apache.geode.internal.AvailablePortHelper;
import org.apache.geode.internal.security.SecurableCommunicationChannel;
import org.apache.geode.security.templates.SimpleSecurityManager;
import org.apache.geode.security.SimpleTestSecurityManager;
import org.apache.geode.test.dunit.rules.ServerStarterRule;
import org.apache.geode.test.junit.categories.IntegrationTest;
import org.apache.geode.test.junit.categories.SecurityTest;
Expand All @@ -54,7 +54,7 @@ public void testRestSecurityWithSSL() throws Exception {
RestSecurityWithSSLTest.class.getClassLoader().getResource("ssl/trusted.keystore");

Properties properties = new Properties();
properties.setProperty(SECURITY_MANAGER, SimpleSecurityManager.class.getName());
properties.setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
properties.setProperty(START_DEV_REST_API, "true");
properties.setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
properties.setProperty(HTTP_SERVICE_PORT, restPort + "");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
import org.apache.geode.internal.AvailablePortHelper;
import org.apache.geode.internal.i18n.LocalizedStrings;
import org.apache.geode.test.dunit.rules.ServerStarterRule;
import org.apache.geode.security.templates.SimpleSecurityManager;
import org.apache.geode.security.SimpleTestSecurityManager;
import org.apache.geode.test.junit.categories.IntegrationTest;
import org.apache.geode.test.junit.categories.RestAPITest;
import org.apache.http.HttpResponse;
Expand All @@ -43,7 +43,7 @@ public class SwaggerVerificationTest {
static Properties properties = new Properties() {
{
setProperty(START_DEV_REST_API, "true");
setProperty(SECURITY_MANAGER, SimpleSecurityManager.class.getName());
setProperty(SECURITY_MANAGER, SimpleTestSecurityManager.class.getName());
setProperty(HTTP_SERVICE_BIND_ADDRESS, "localhost");
setProperty(HTTP_SERVICE_PORT, restPort + "");
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,17 +12,17 @@
* or implied. See the License for the specific language governing permissions and limitations under
* the License.
*/
package org.apache.geode.security.templates;
package org.apache.geode.examples.security;

import org.apache.geode.security.PostProcessor;

import java.security.Principal;
import java.util.Properties;

import org.apache.geode.security.PostProcessor;

/**
* This is example that implements PostProcessor
*/
public class SamplePostProcessor implements PostProcessor {
public class ExamplePostProcessor implements PostProcessor {

@Override
public void init(final Properties securityProps) {}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,17 @@
* or implied. See the License for the specific language governing permissions and limitations under
* the License.
*/
package org.apache.geode.security.templates;
package org.apache.geode.examples.security;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.io.IOUtils;
import org.apache.geode.management.internal.security.ResourceConstants;
import org.apache.geode.security.AuthenticationFailedException;
import org.apache.geode.security.NotAuthorizedException;
import org.apache.geode.security.ResourcePermission;
import org.apache.geode.security.SecurityManager;
import org.apache.shiro.authz.Permission;

import java.io.IOException;
import java.io.InputStream;
Expand All @@ -28,17 +38,6 @@
import java.util.stream.Collectors;
import java.util.stream.StreamSupport;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.io.IOUtils;
import org.apache.geode.security.ResourcePermission;
import org.apache.geode.security.SecurityManager;
import org.apache.shiro.authz.Permission;

import org.apache.geode.management.internal.security.ResourceConstants;
import org.apache.geode.security.AuthenticationFailedException;
import org.apache.geode.security.NotAuthorizedException;

/**
* This class provides a sample implementation of {@link SecurityManager} for authentication and
* authorization initialized from data provided as JSON.
Expand Down Expand Up @@ -92,7 +91,7 @@
* </code>
* </pre>
*/
public class SampleSecurityManager implements SecurityManager {
public class ExampleSecurityManager implements SecurityManager {

public static final String SECURITY_JSON = "security-json";

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@
import org.apache.geode.InternalGemFireException;
import org.apache.geode.UnmodifiableException;
import org.apache.geode.internal.ConfigSource;
import org.apache.geode.security.templates.SamplePostProcessor;
import org.apache.geode.security.templates.SampleSecurityManager;
import org.apache.geode.security.TestPostProcessor;
import org.apache.geode.security.TestSecurityManager;
import org.apache.geode.test.junit.categories.MembershipTest;
import org.apache.geode.test.junit.categories.UnitTest;
import org.junit.Before;
Expand Down Expand Up @@ -334,8 +334,8 @@ public void testAttributesAlwaysModifiable() {
@Test
public void testSecurityProps() {
Properties props = new Properties();
props.put(SECURITY_MANAGER, SampleSecurityManager.class.getName());
props.put(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName());
props.put(SECURITY_MANAGER, TestSecurityManager.class.getName());
props.put(SECURITY_POST_PROCESSOR, TestPostProcessor.class.getName());
props.put(SECURITY_LOG_LEVEL, "config");
// add another non-security property to verify it won't get put in the security properties
props.put(ACK_WAIT_THRESHOLD, 2);
Expand All @@ -348,8 +348,8 @@ public void testSecurityProps() {
@Test
public void testSecurityPropsWithNoSetter() {
Properties props = new Properties();
props.put(SECURITY_MANAGER, SampleSecurityManager.class.getName());
props.put(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName());
props.put(SECURITY_MANAGER, TestSecurityManager.class.getName());
props.put(SECURITY_POST_PROCESSOR, TestPostProcessor.class.getName());
props.put(SECURITY_LOG_LEVEL, "config");
// add another non-security property to verify it won't get put in the security properties
props.put(ACK_WAIT_THRESHOLD, 2);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,9 @@
import static org.junit.Assert.assertTrue;

import org.apache.geode.security.GemFireSecurityException;
import org.apache.geode.security.templates.SamplePostProcessor;
import org.apache.geode.security.templates.SampleSecurityManager;
import org.apache.geode.security.templates.SimpleSecurityManager;
import org.apache.geode.security.TestPostProcessor;
import org.apache.geode.security.TestSecurityManager;
import org.apache.geode.security.SimpleTestSecurityManager;
import org.apache.geode.test.junit.categories.UnitTest;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.mgt.DefaultSecurityManager;
Expand Down Expand Up @@ -104,9 +104,8 @@ public void testInitialSecurityFlags() {

@Test
public void testInitWithSecurityManager() {
properties.setProperty(SECURITY_MANAGER,
"org.apache.geode.security.templates.SampleSecurityManager");
properties.setProperty(SampleSecurityManager.SECURITY_JSON,
properties.setProperty(SECURITY_MANAGER, "org.apache.geode.security.TestSecurityManager");
properties.setProperty(TestSecurityManager.SECURITY_JSON,
"org/apache/geode/security/templates/security.json");

securityService.initSecurity(properties);
Expand Down Expand Up @@ -185,14 +184,14 @@ public void testSetSecurityManager() {
assertFalse(securityService.isPeerSecurityRequired());

// set a security manager
securityService.setSecurityManager(new SimpleSecurityManager());
securityService.setSecurityManager(new SimpleTestSecurityManager());
assertTrue(securityService.isIntegratedSecurity());
assertTrue(securityService.isClientSecurityRequired());
assertTrue(securityService.isPeerSecurityRequired());
assertFalse(securityService.needPostProcess());

// set a post processor
securityService.setPostProcessor(new SamplePostProcessor());
securityService.setPostProcessor(new TestPostProcessor());
assertTrue(securityService.isIntegratedSecurity());
assertTrue(securityService.needPostProcess());
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
import java.util.regex.Matcher;
import java.util.regex.Pattern;

import org.apache.geode.security.templates.SampleSecurityManager;
import org.apache.geode.security.TestSecurityManager;
import org.junit.Rule;
import org.junit.rules.TemporaryFolder;

Expand Down Expand Up @@ -136,7 +136,7 @@ protected Object[] setUpJMXManagerOnVM(int vm, final Properties props, String js
}

if (jsonFile != null) {
localProps.setProperty(SampleSecurityManager.SECURITY_JSON, jsonFile);
localProps.setProperty(TestSecurityManager.SECURITY_JSON, jsonFile);
}

final int[] ports = AvailablePortHelper.getRandomAvailableTCPPorts(2);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
import org.junit.rules.ExternalResource;

import org.apache.geode.cache.Cache;
import org.apache.geode.security.templates.SampleSecurityManager;
import org.apache.geode.security.TestSecurityManager;
import org.apache.geode.test.dunit.rules.ServerStarterRule;

/**
Expand All @@ -46,8 +46,8 @@ public CacheServerStartupRule(int jmxManagerPort, String jsonFile) {
properties.put(JMX_MANAGER_PORT, String.valueOf(jmxManagerPort));
}
if (jsonFile != null) {
properties.put(SECURITY_MANAGER, SampleSecurityManager.class.getName());
properties.put(SampleSecurityManager.SECURITY_JSON, jsonFile);
properties.put(SECURITY_MANAGER, TestSecurityManager.class.getName());
properties.put(TestSecurityManager.SECURITY_JSON, jsonFile);
}
serverStarter = new ServerStarterRule(properties);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@
import org.apache.geode.cache.RegionShortcut;
import org.apache.geode.internal.AvailablePortHelper;
import org.apache.geode.management.internal.cli.HeadlessGfsh;
import org.apache.geode.security.templates.SamplePostProcessor;
import org.apache.geode.security.templates.SampleSecurityManager;
import org.apache.geode.security.TestPostProcessor;
import org.apache.geode.security.TestSecurityManager;
import org.apache.geode.test.dunit.rules.ConnectionConfiguration;
import org.apache.geode.test.dunit.rules.GfshShellConnectionRule;
import org.apache.geode.test.dunit.rules.ServerStarterRule;
Expand All @@ -44,8 +44,8 @@ public class GfshCommandsPostProcessorTest {
static Properties properties = new Properties() {
{
setProperty(JMX_MANAGER_PORT, jmxPort + "");
setProperty(SECURITY_POST_PROCESSOR, SamplePostProcessor.class.getName());
setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
setProperty(SECURITY_POST_PROCESSOR, TestPostProcessor.class.getName());
setProperty(SECURITY_MANAGER, TestSecurityManager.class.getName());
setProperty("security-json",
"org/apache/geode/management/internal/security/cacheServer.json");
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
import org.apache.geode.management.internal.cli.result.CommandResult;
import org.apache.geode.management.internal.cli.result.ErrorResultData;
import org.apache.geode.management.internal.cli.result.ResultBuilder;
import org.apache.geode.security.templates.SampleSecurityManager;
import org.apache.geode.security.TestSecurityManager;
import org.apache.geode.test.dunit.rules.ConnectionConfiguration;
import org.apache.geode.test.dunit.rules.GfshShellConnectionRule;
import org.apache.geode.test.dunit.rules.ServerStarterRule;
Expand Down Expand Up @@ -69,7 +69,7 @@ public class GfshCommandsSecurityTest {
{
setProperty(JMX_MANAGER_PORT, jmxPort + "");
setProperty(HTTP_SERVICE_PORT, httpPort + "");
setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
setProperty(SECURITY_MANAGER, TestSecurityManager.class.getName());
setProperty("security-json",
"org/apache/geode/management/internal/security/cacheServer.json");
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@

import static org.apache.geode.distributed.ConfigurationProperties.*;

import org.apache.geode.security.templates.SampleSecurityManager;
import org.apache.geode.security.TestSecurityManager;
import org.junit.BeforeClass;
import org.junit.experimental.categories.Category;

Expand All @@ -35,9 +35,9 @@ public class IntegratedSecurityServiceCustomRealmJUnitTest

@BeforeClass
public static void beforeClass() throws Exception {
props.put(SampleSecurityManager.SECURITY_JSON,
props.put(TestSecurityManager.SECURITY_JSON,
"org/apache/geode/management/internal/security/shiro-ini.json");
props.put(SECURITY_MANAGER, SampleSecurityManager.class.getName());
props.put(SECURITY_MANAGER, TestSecurityManager.class.getName());
IntegratedSecurityService.getSecurityService().initSecurity(props);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
import java.util.concurrent.TimeUnit;

import com.jayway.awaitility.Awaitility;
import org.apache.geode.security.templates.SampleSecurityManager;
import org.apache.geode.security.TestSecurityManager;
import org.json.JSONException;
import org.junit.Test;
import org.junit.experimental.categories.Category;
Expand Down Expand Up @@ -51,7 +51,7 @@ public class MultiUserDUnitTest extends CliCommandTestBase {
public void testMultiUser() throws IOException, JSONException, InterruptedException {
Properties properties = new Properties();
properties.put(NAME, MultiUserDUnitTest.class.getSimpleName());
properties.put(SECURITY_MANAGER, SampleSecurityManager.class.getName());
properties.put(SECURITY_MANAGER, TestSecurityManager.class.getName());

// set up vm_0 the secure jmx manager
Object[] results = setUpJMXManagerOnVM(0, properties,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@
import org.apache.geode.cache.client.ClientCache;
import org.apache.geode.cache.client.ClientCacheFactory;
import org.apache.geode.cache.client.ClientRegionShortcut;
import org.apache.geode.security.templates.SampleSecurityManager;
import org.apache.geode.security.templates.UserPasswordAuthInit;
import org.apache.geode.test.dunit.Host;
import org.apache.geode.test.dunit.IgnoredException;
Expand Down Expand Up @@ -56,8 +55,8 @@ public abstract class AbstractSecureServerDUnitTest extends JUnit4DistributedTes
public Properties getProperties() {
return new Properties() {
{
setProperty(SECURITY_MANAGER, SampleSecurityManager.class.getName());
setProperty(SampleSecurityManager.SECURITY_JSON,
setProperty(SECURITY_MANAGER, TestSecurityManager.class.getName());
setProperty(TestSecurityManager.SECURITY_JSON,
"org/apache/geode/management/internal/security/clientServer.json");
}
};
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,6 @@
import org.apache.geode.distributed.ConfigurationProperties;
import org.apache.geode.internal.security.SecurityService;
import org.apache.geode.security.templates.DummyAuthenticator;
import org.apache.geode.security.templates.SamplePostProcessor;
import org.apache.geode.security.templates.SimpleSecurityManager;
import org.apache.geode.test.junit.categories.IntegrationTest;
import org.apache.geode.test.junit.categories.SecurityTest;
import org.junit.After;
Expand All @@ -46,7 +44,7 @@ public class CacheFactoryWithSecurityObjectTest {
@Before
public void before() throws Exception {
securityService = SecurityService.getSecurityService();
simpleSecurityManager = new SimpleSecurityManager();
simpleSecurityManager = new SimpleTestSecurityManager();
properties.setProperty("mcast-port", "0");
}

Expand All @@ -61,7 +59,7 @@ public void testCreateCacheWithSecurityManager() throws Exception {

@Test
public void testCreateCacheWithPostProcessor() throws Exception {
cache = new CacheFactory(properties).setPostProcessor(new SamplePostProcessor())
cache = new CacheFactory(properties).setPostProcessor(new TestPostProcessor())
.setSecurityManager(null).create();
assertFalse(securityService.isIntegratedSecurity());
assertFalse(securityService.needPostProcess());
Expand All @@ -74,7 +72,7 @@ public void testOverride() throws Exception {
DummyAuthenticator.class.getName());

cache = new CacheFactory(properties).setSecurityManager(simpleSecurityManager)
.setPostProcessor(new SamplePostProcessor()).create();
.setPostProcessor(new TestPostProcessor()).create();

assertTrue(securityService.isIntegratedSecurity());
assertTrue(securityService.isClientSecurityRequired());
Expand Down
Loading

0 comments on commit 115a2f8

Please sign in to comment.