Exemplo n.º 1
0
        public async Task <GeneratePasswordResetResponse> Handle(GeneratePasswordResetTokenRequest request, CancellationToken cancellationToken)
        {
            var user = await this.Database.PrepareAndExecute(new GetUserByEmailQuery(), request.User);

            if (user.Id == null)
            {
                // no user was found by that email, but we don't want the user to know that. The process still completes,
                // so it is a success, we just stop here.
                return(new GeneratePasswordResetResponse()
                {
                    IsSuccess = true
                });
            }

            var token      = Guid.NewGuid();
            var credential = CredentialGenerator.GenerateTokenCredential(token);

            credential.User      = user;
            credential.CreatedBy = user;

            await this.Database.PrepareAndExecute(new InsertNewCredentialQuery(), credential);

            // send email to user
            var message = EmailMessage.ResetPassword($"{context.Request.Host}/reset/{token}");

            Email.SendTo(this.credentials.Value, message, user);

            return(new GeneratePasswordResetResponse()
            {
                IsSuccess = true
            });
        }
Exemplo n.º 2
0
        public void Setup()
        {
            _awsCredentialProvider = A.Fake <IAWSCredentialProvider>();
            A.CallTo(() => _awsCredentialProvider.GetCredentials())
            .Returns(new AWSCredentials {
                AccessKey = "access_key", SecretKey = "secret_key"
            });

            _clock = A.Fake <IClock>();
            A.CallTo(() => _clock.UtcNow)
            .Returns(new DateTime(2021, 03, 20, 06, 11, 53, DateTimeKind.Utc));

            _generator = new CredentialGenerator(_awsCredentialProvider, _clock);
        }
Exemplo n.º 3
0
        public static List <CredentialGenerator> getAllGenerators(bool isMultiUser)
        {
            string dataDir = Util.GetEnvironmentVariable("CPP_TESTOUT");
            List <CredentialGenerator> generators = new List <CredentialGenerator>();

            foreach (CredentialGenerator.ClassCode code in Enum.GetValues(
                         typeof(CredentialGenerator.ClassCode)))
            {
                CredentialGenerator gen = CredentialGenerator.Create(code, isMultiUser);
                if (gen != null)
                {
                    gen.Init(dataDir, dataDir);
                    generators.Add(gen);
                }
            }
            return(generators);
        }
Exemplo n.º 4
0
        private static void InitUsers(IRepository repository)
        {
            Console.WriteLine("------------ Initializing users ------------");
            var users = Config.GetUsers();
            var role  = repository.Single <Role>(x => x.Name == "admin");

            foreach (var user in users)
            {
                var password = CredentialGenerator.GeneratePassword(10);
                user.RoleId   = role.Id;
                user.Password = BCrypt.Net.BCrypt.HashPassword(password);
                repository.Add(user);
                Console.WriteLine("New user added");
                Console.WriteLine($"Username: {user.Username}");
                Console.WriteLine($"Password: {password}");
                Console.WriteLine("");
            }
        }
Exemplo n.º 5
0
        static void Main(string[] args)
        {
            if (args.Length > 0 && args[0] == "get")
            {
                var parameters = ReadParameters();

                // In case the credential helper is accidentally used for a non-CodeCommit repo, not writing
                // anything will cause git to fall back.
                if (!parameters.Host.Contains("amazon.com", StringComparison.OrdinalIgnoreCase) &&
                    !parameters.Host.Contains("amazonaws.com", StringComparison.OrdinalIgnoreCase))
                {
                    return;
                }

                var(username, password) = new CredentialGenerator().GenerateCredentials(parameters);
                Console.Out.Write($"username={username}\npassword={password}\n");
                Console.Out.Flush();
            }
        }
Exemplo n.º 6
0
        private static void InitClient(IRepository repository)
        {
            Console.WriteLine("------------ Initializing clients ------------");
            var clients = Config.GetClients();

            foreach (var client in clients)
            {
                var secret = CredentialGenerator.GenerateClientSecret(40);
                client.ClientSecrets = new List <Secret>
                {
                    new Secret(secret.Sha256())
                };

                repository.Add(client);

                Console.WriteLine("New client added");
                Console.WriteLine($"ClientId: {client.ClientId}");
                Console.WriteLine($"ClientSecret: {secret}");
                Console.WriteLine("");
            }
        }
        void runThinClientWriterExceptionTest()
        {
            CacheHelper.SetupJavaServers(true, CacheXml1);
            CacheHelper.StartJavaLocator(1, "GFELOC");
            Util.Log("Locator started");

            foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true))
            {
                for (int i = 1; i <= 2; ++i)
                {
                    CredentialGenerator cGen = authzGen.GetCredentialGenerator();
                    //TODO: its not working for multiuser mode.. need to fix later
                    if (cGen.GetClassCode() == CredentialGenerator.ClassCode.PKCS)
                    {
                        continue;
                    }
                    Properties <string, string> extraAuthProps  = cGen.SystemProperties;
                    Properties <string, string> javaProps       = cGen.JavaProperties;
                    Properties <string, string> extraAuthzProps = authzGen.SystemProperties;
                    string authenticator = cGen.Authenticator;
                    string authInit      = cGen.AuthInit;
                    string accessor      = authzGen.AccessControl;

                    Util.Log("ThinClientWriterException: Using authinit: " + authInit);
                    Util.Log("ThinClientWriterException: Using authenticator: " + authenticator);
                    Util.Log("ThinClientWriterException: Using accessor: " + accessor);

                    // Start servers with all required properties
                    string serverArgs = SecurityTestUtil.GetServerArgs(authenticator,
                                                                       accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps,
                                                                                                                         extraAuthzProps), javaProps);

                    // Start the server.
                    CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs);
                    Util.Log("Cacheserver 1 started.");

                    // Start client1 with valid CREATE credentials
                    Properties <string, string> createCredentials = authzGen.GetDisallowedCredentials(
                        new OperationCode[] { OperationCode.Put },
                        new string[] { RegionName }, 1);
                    javaProps = cGen.JavaProperties;
                    Util.Log("DisallowPuts: For first client PUT credentials: " +
                             createCredentials);
                    m_client1.Call(SecurityTestUtil.CreateClientR0, RegionName,
                                   CacheHelper.Locators, authInit, createCredentials);

                    Util.Log("Creating region in client1 , no-ack, no-cache, with listener and writer");
                    m_client1.Call(CreateRegion, CacheHelper.Locators,
                                   true, true, true);
                    m_client1.Call(RegisterAllKeys, new string[] { RegionName });

                    try
                    {
                        Util.Log("Trying put Operation");
                        m_client1.Call(DoPut);
                        Util.Log(" Put Operation Successful");
                        Assert.Fail("Should have got NotAuthorizedException during put");
                    }
                    catch (NotAuthorizedException)
                    {
                        Util.Log("NotAuthorizedException Caught");
                        Util.Log("Success");
                    }
                    catch (Exception other)
                    {
                        Util.Log("Stack trace: {0} ", other.StackTrace);
                        Util.Log("Got  exception : {0}",
                                 other.Message);
                    }
                    m_client1.Call(CheckAssert);
                    // Do LocalPut
                    m_client1.Call(DoLocalPut);

                    m_client1.Call(Close);

                    CacheHelper.StopJavaServer(1);
                }
            }
            CacheHelper.StopJavaLocator(1);
            CacheHelper.ClearEndpoints();
            CacheHelper.ClearLocators();
        }
        void runInvalidAccessor()
        {
            CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2);
            CacheHelper.StartJavaLocator(1, "GFELOC");
            Util.Log("Locator started");

            foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true))
            {
                CredentialGenerator cGen = authzGen.GetCredentialGenerator();
                Util.Log("NIl:792:Current credential is = {0}", cGen);

                //if (cGen.GetClassCode() == CredentialGenerator.ClassCode.LDAP)
                //  continue;

                Properties <string, string> extraAuthProps  = cGen.SystemProperties;
                Properties <string, string> javaProps       = cGen.JavaProperties;
                Properties <string, string> extraAuthzProps = authzGen.SystemProperties;
                string authenticator = cGen.Authenticator;
                string authInit      = cGen.AuthInit;
                string accessor      = authzGen.AccessControl;

                Util.Log("InvalidAccessor: Using authinit: " + authInit);
                Util.Log("InvalidAccessor: Using authenticator: " + authenticator);

                // Start server1 with invalid accessor
                string serverArgs = SecurityTestUtil.GetServerArgs(authenticator,
                                                                   "com.gemstone.none", null, SecurityTestUtil.ConcatProperties(extraAuthProps,
                                                                                                                                extraAuthzProps), javaProps);
                CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs);
                Util.Log("Cacheserver 1 started.");

                // Client creation should throw exceptions
                Properties <string, string> createCredentials = authzGen.GetAllowedCredentials(
                    new OperationCode[] { OperationCode.Put },
                    new string[] { RegionName }, 3);
                javaProps = cGen.JavaProperties;
                Util.Log("InvalidAccessor: For first client PUT credentials: " +
                         createCredentials);
                m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName,
                               CacheHelper.Locators, authInit, (Properties <string, string>)null, true);

                // Now perform some put operations from client1
                m_client1.Call(DoPutsMU, 10, createCredentials, true, ExpectedResult.OtherException);

                Properties <string, string> getCredentials = authzGen.GetAllowedCredentials(
                    new OperationCode[] { OperationCode.Get },
                    new string[] { RegionName }, 7);
                javaProps = cGen.JavaProperties;
                Util.Log("InvalidAccessor: For second client GET credentials: " +
                         getCredentials);
                m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName,
                               CacheHelper.Locators, authInit, (Properties <string, string>)null, true);

                // Now perform some put operations from client1
                m_client2.Call(DoGetsMU, 10, getCredentials, true, ExpectedResult.OtherException);

                // Now start server2 that has valid accessor
                Util.Log("InvalidAccessor: Using accessor: " + accessor);
                serverArgs = SecurityTestUtil.GetServerArgs(authenticator,
                                                            accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps,
                                                                                                              extraAuthzProps), javaProps);
                CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs);
                Util.Log("Cacheserver 2 started.");
                CacheHelper.StopJavaServer(1);

                // Client creation should be successful now
                m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName,
                               CacheHelper.Locators, authInit, (Properties <string, string>)null, true);
                m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName,
                               CacheHelper.Locators, authInit, (Properties <string, string>)null, true);

                // Now perform some put operations from client1
                m_client1.Call(DoPutsMU, 10, createCredentials, true);

                // Verify that the gets succeed
                m_client2.Call(DoGetsMU, 10, getCredentials, true);

                m_client1.Call(Close);
                m_client2.Call(Close);

                CacheHelper.StopJavaServer(2);
            }

            CacheHelper.StopJavaLocator(1);

            CacheHelper.ClearEndpoints();
            CacheHelper.ClearLocators();
        }
        void runDisallowPutsGets()
        {
            CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2);

            CacheHelper.StartJavaLocator(1, "GFELOC");
            Util.Log("Locator started");

            foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true))
            {
                CredentialGenerator         cGen            = authzGen.GetCredentialGenerator();
                Properties <string, string> extraAuthProps  = cGen.SystemProperties;
                Properties <string, string> javaProps       = cGen.JavaProperties;
                Properties <string, string> extraAuthzProps = authzGen.SystemProperties;
                string authenticator = cGen.Authenticator;
                string authInit      = cGen.AuthInit;
                string accessor      = authzGen.AccessControl;

                Util.Log("DisallowPutsGets: Using authinit: " + authInit);
                Util.Log("DisallowPutsGets: Using authenticator: " + authenticator);
                Util.Log("DisallowPutsGets: Using accessor: " + accessor);

                // Check that we indeed can obtain valid credentials not allowed to do
                // gets
                Properties <string, string> createCredentials = authzGen.GetAllowedCredentials(
                    new OperationCode[] { OperationCode.Put },
                    new string[] { RegionName }, 1);
                Properties <string, string> createJavaProps = cGen.JavaProperties;
                Properties <string, string> getCredentials  = authzGen.GetDisallowedCredentials(
                    new OperationCode[] { OperationCode.Get },
                    new string[] { RegionName }, 2);
                Properties <string, string> getJavaProps = cGen.JavaProperties;
                if (getCredentials == null || getCredentials.Size == 0)
                {
                    Util.Log("DisallowPutsGets: Unable to obtain valid credentials " +
                             "with no GET permission; skipping this combination.");
                    continue;
                }

                // Start servers with all required properties
                string serverArgs = SecurityTestUtil.GetServerArgs(authenticator,
                                                                   accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps,
                                                                                                                     extraAuthzProps), javaProps);

                // Start the two servers.
                CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs);
                Util.Log("Cacheserver 1 started.");
                CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs);
                Util.Log("Cacheserver 2 started.");

                // Start client1 with valid CREATE credentials
                createCredentials = authzGen.GetAllowedCredentials(
                    new OperationCode[] { OperationCode.Put },
                    new string[] { RegionName }, 1);
                javaProps = cGen.JavaProperties;
                Util.Log("DisallowPutsGets: For first client PUT credentials: " +
                         createCredentials);
                m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName,
                               CacheHelper.Locators, authInit, (Properties <string, string>)null, true);

                // Start client2 with invalid GET credentials
                getCredentials = authzGen.GetDisallowedCredentials(
                    new OperationCode[] { OperationCode.Get },
                    new string[] { RegionName }, 2);
                javaProps = cGen.JavaProperties;
                Util.Log("DisallowPutsGets: For second client invalid GET " +
                         "credentials: " + getCredentials);
                m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName,
                               CacheHelper.Locators, authInit, (Properties <string, string>)null, true);

                // Perform some put operations from client1
                m_client1.Call(DoPutsMU, 10, createCredentials, true);

                // Verify that the gets throw exception
                m_client2.Call(DoGetsMU, 10, getCredentials, true, ExpectedResult.NotAuthorizedException);

                // Try to connect client2 with reader credentials
                getCredentials = authzGen.GetAllowedCredentials(
                    new OperationCode[] { OperationCode.Get },
                    new string[] { RegionName }, 5);
                javaProps = cGen.JavaProperties;
                Util.Log("DisallowPutsGets: For second client valid GET " +
                         "credentials: " + getCredentials);
                m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName,
                               CacheHelper.Locators, authInit, (Properties <string, string>)null, true);

                // Verify that the gets succeed
                m_client2.Call(DoGetsMU, 10, getCredentials, true);

                // Verify that the puts throw exception
                m_client2.Call(DoPutsMU, 10, getCredentials, true, ExpectedResult.NotAuthorizedException);

                m_client1.Call(Close);
                m_client2.Call(Close);

                CacheHelper.StopJavaServer(1);
                CacheHelper.StopJavaServer(2);
            }

            CacheHelper.StopJavaLocator(1);

            CacheHelper.ClearEndpoints();
            CacheHelper.ClearLocators();
        }
        void runAllowPutsGets()
        {
            CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2);

            CacheHelper.StartJavaLocator(1, "GFELOC");
            Util.Log("Locator started");

            foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true))
            {
                CredentialGenerator         cGen            = authzGen.GetCredentialGenerator();
                Properties <string, string> extraAuthProps  = cGen.SystemProperties;
                Properties <string, string> javaProps       = cGen.JavaProperties;
                Properties <string, string> extraAuthzProps = authzGen.SystemProperties;
                string authenticator = cGen.Authenticator;
                string authInit      = cGen.AuthInit;
                string accessor      = authzGen.AccessControl;

                Util.Log("testAllowPutsGets: Using authinit: " + authInit);
                Util.Log("testAllowPutsGets: Using authenticator: " + authenticator);
                Util.Log("testAllowPutsGets: Using accessor: " + accessor);

                // Start servers with all required properties
                string serverArgs = SecurityTestUtil.GetServerArgs(authenticator,
                                                                   accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps,
                                                                                                                     extraAuthzProps), javaProps);

                // Start the two servers.
                CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs);
                Util.Log("Cacheserver 1 started.");
                CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs);
                Util.Log("Cacheserver 2 started.");

                // Start client1 with valid CREATE credentials
                Properties <string, string> createCredentials = authzGen.GetAllowedCredentials(
                    new OperationCode[] { OperationCode.Put },
                    new string[] { RegionName }, 1);
                javaProps = cGen.JavaProperties;
                Util.Log("AllowPutsGets: For first client PUT credentials: " +
                         createCredentials);
                m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName,
                               CacheHelper.Locators, authInit, (Properties <string, string>)null, true);

                // Start client2 with valid GET credentials
                Properties <string, string> getCredentials = authzGen.GetAllowedCredentials(
                    new OperationCode[] { OperationCode.Get },
                    new string[] { RegionName }, 2);
                javaProps = cGen.JavaProperties;
                Util.Log("AllowPutsGets: For second client GET credentials: " +
                         getCredentials);
                m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName,
                               CacheHelper.Locators, authInit, (Properties <string, string>)null, true);

                // Perform some put operations from client1
                m_client1.Call(DoPutsMU, 10, createCredentials, true);

                // Verify that the gets succeed
                m_client2.Call(DoGetsMU, 10, getCredentials, true);

                m_client1.Call(DoPutsTx, 10, true, ExpectedResult.Success, getCredentials, true);

                m_client2.Call(DoGets, 10, true, ExpectedResult.Success, getCredentials, true);

                m_client1.Call(Close);
                m_client2.Call(Close);

                CacheHelper.StopJavaServer(1);
                CacheHelper.StopJavaServer(2);
            }

            CacheHelper.StopJavaLocator(1);

            CacheHelper.ClearEndpoints();
            CacheHelper.ClearLocators();
        }
Exemplo n.º 11
0
        protected void RunOpsWithFailover(OperationWithAction[] opCodes,
                                          string testName, bool isMultiUser, bool ssl, bool withPassword)
        {
            CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2);
            CacheHelper.StartJavaLocator(1, "GFELOC", null, ssl);
            Util.Log("Locator started");

            foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(isMultiUser))
            {
                CredentialGenerator         cGen            = authzGen.GetCredentialGenerator();
                Properties <string, string> extraAuthProps  = cGen.SystemProperties;
                Properties <string, string> javaProps       = cGen.JavaProperties;
                Properties <string, string> extraAuthzProps = authzGen.SystemProperties;
                string authenticator = cGen.Authenticator;
                string authInit      = cGen.AuthInit;
                string accessor      = authzGen.AccessControl;
                TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(authzGen);

                Util.Log(testName + ": Using authinit: " + authInit);
                Util.Log(testName + ": Using authenticator: " + authenticator);
                Util.Log(testName + ": Using accessor: " + accessor);

                // Start servers with all required properties
                string serverArgs = SecurityTestUtil.GetServerArgs(authenticator,
                                                                   accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps,
                                                                                                                     extraAuthzProps), javaProps);

                // Perform all the ops on the clients
                List <OperationWithAction> opBlock = new List <OperationWithAction>();
                Random rnd = new Random();
                for (int opNum = 0; opNum < opCodes.Length; ++opNum)
                {
                    // Start client with valid credentials as specified in
                    // OperationWithAction
                    OperationWithAction currentOp = opCodes[opNum];
                    if (currentOp == OperationWithAction.OpBlockEnd ||
                        currentOp == OperationWithAction.OpBlockNoFailover)
                    {
                        // End of current operation block; execute all the operations
                        // on the servers with/without failover
                        if (opBlock.Count > 0)
                        {
                            // Start the first server and execute the operation block
                            CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs, ssl);
                            Util.Log("Cacheserver 1 started.");
                            CacheHelper.StopJavaServer(2, false);
                            ExecuteOpBlock(opBlock, authInit, extraAuthProps,
                                           extraAuthzProps, tgen, rnd, isMultiUser, ssl, withPassword);
                            if (currentOp == OperationWithAction.OpBlockNoFailover)
                            {
                                CacheHelper.StopJavaServer(1);
                            }
                            else
                            {
                                // Failover to the second server and run the block again
                                CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs, ssl);
                                Util.Log("Cacheserver 2 started.");
                                CacheHelper.StopJavaServer(1);
                                ExecuteOpBlock(opBlock, authInit, extraAuthProps,
                                               extraAuthzProps, tgen, rnd, isMultiUser, ssl, withPassword);
                            }
                            opBlock.Clear();
                        }
                    }
                    else
                    {
                        currentOp.OpNum = opNum;
                        opBlock.Add(currentOp);
                    }
                }
                // Close all clients here since we run multiple iterations for pool and non pool configs
                foreach (ClientBase client in m_clients)
                {
                    client.Call(Close);
                }
            }
            CacheHelper.StopJavaLocator(1, true, ssl);
            CacheHelper.ClearEndpoints();
            CacheHelper.ClearLocators();
        }
Exemplo n.º 12
0
        protected void ExecuteOpBlock(List <OperationWithAction> opBlock,
                                      string authInit, Properties <string, string> extraAuthProps, Properties <string, string> extraAuthzProps,
                                      TestCredentialGenerator gen, Random rnd, bool isMultiuser, bool ssl, bool withPassword)
        {
            foreach (OperationWithAction currentOp in opBlock)
            {
                // Start client with valid credentials as specified in
                // OperationWithAction
                OperationCode opCode    = currentOp.OpCode;
                OpFlags       opFlags   = currentOp.Flags;
                int           clientNum = currentOp.ClientNum;
                if (clientNum > m_clients.Length)
                {
                    Assert.Fail("ExecuteOpBlock: Unknown client number " + clientNum);
                }
                ClientBase client = m_clients[clientNum - 1];
                Util.Log("ExecuteOpBlock: performing operation number [" +
                         currentOp.OpNum + "]: " + currentOp);
                Properties <string, string> clientProps = null;
                if (!CheckFlags(opFlags, OpFlags.UseOldConn))
                {
                    Properties <string, string> opCredentials;
                    int    newRnd            = rnd.Next(100) + 1;
                    string currentRegionName = '/' + RegionName;
                    if (CheckFlags(opFlags, OpFlags.UseSubRegion))
                    {
                        currentRegionName += ('/' + SubregionName);
                    }
                    string                      credentialsTypeStr;
                    OperationCode               authOpCode = currentOp.AuthzOperationCode;
                    int[]                       indices    = currentOp.Indices;
                    CredentialGenerator         cGen       = gen.GetCredentialGenerator();
                    Properties <string, string> javaProps  = null;
                    if (CheckFlags(opFlags, OpFlags.CheckNotAuthz) ||
                        CheckFlags(opFlags, OpFlags.UseNotAuthz))
                    {
                        opCredentials = gen.GetDisallowedCredentials(
                            new OperationCode[] { authOpCode },
                            new string[] { currentRegionName }, indices, newRnd);
                        credentialsTypeStr = " unauthorized " + authOpCode;
                    }
                    else
                    {
                        opCredentials = gen.GetAllowedCredentials(new OperationCode[] {
                            opCode, authOpCode
                        }, new string[] { currentRegionName },
                                                                  indices, newRnd);
                        credentialsTypeStr = " authorized " + authOpCode;
                    }
                    if (cGen != null)
                    {
                        javaProps = cGen.JavaProperties;
                    }
                    clientProps = SecurityTestUtil.ConcatProperties(
                        opCredentials, extraAuthProps, extraAuthzProps);
                    // Start the client with valid credentials but allowed or disallowed to
                    // perform an operation
                    Util.Log("ExecuteOpBlock: For client" + clientNum +
                             credentialsTypeStr + " credentials: " + opCredentials);

                    if (!isMultiuser)
                    {
                        client.Call(SecurityTestUtil.CreateClientSSL, RegionName,
                                    CacheHelper.Locators, authInit, clientProps, ssl, withPassword);
                    }
                    else
                    {
                        client.Call(SecurityTestUtil.CreateClientMU, RegionName,
                                    CacheHelper.Locators, authInit, (Properties <string, string>)null, true);
                    }
                }
                ExpectedResult expectedResult;
                if (CheckFlags(opFlags, OpFlags.CheckNotAuthz))
                {
                    expectedResult = ExpectedResult.NotAuthorizedException;
                }
                else if (CheckFlags(opFlags, OpFlags.CheckException))
                {
                    expectedResult = ExpectedResult.OtherException;
                }
                else
                {
                    expectedResult = ExpectedResult.Success;
                }

                // Perform the operation from selected client
                if (!isMultiuser)
                {
                    client.Call(DoOp, opCode, currentOp.Indices, opFlags, expectedResult);
                }
                else
                {
                    client.Call(DoOp, opCode, currentOp.Indices, opFlags, expectedResult, clientProps, true);
                }
            }
        }