void runNoAuthInitWithCredentials() { foreach (CredentialGenerator gen in SecurityTestUtil.getAllGenerators(false)) { Properties <string, string> extraProps = gen.SystemProperties; Properties <string, string> javaProps = gen.JavaProperties; string authenticator = gen.Authenticator; string authInit = gen.AuthInit; if (authInit == null || authInit.Length == 0) { // If the scheme does not have an authInit in the first place // (e.g. SSL) then skip it Util.Log("NoAuthInitWithCredentials: Skipping scheme [" + gen.GetClassCode() + "] which has no authInit"); continue; } Util.Log("NoAuthInitWithCredentials: Using scheme: " + gen.GetClassCode()); Util.Log("NoAuthInitWithCredentials: Using authenticator: " + authenticator); // Start the server CacheHelper.SetupJavaServers(true, CacheXml1); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, SecurityTestUtil.GetServerArgs( authenticator, extraProps, javaProps)); Util.Log("Cacheserver 1 started."); // Start client1 with valid credentials and client2 with invalid // credentials; both should fail without an authInit Properties <string, string> credentials1 = gen.GetValidCredentials(6); Properties <string, string> javaProps1 = gen.JavaProperties; Util.Log("NoAuthInitWithCredentials: For first client valid " + "credentials: " + credentials1 + " : " + javaProps1); Properties <string, string> credentials2 = gen.GetInvalidCredentials(2); Properties <string, string> javaProps2 = gen.JavaProperties; Util.Log("NoAuthInitWithCredentials: For second client invalid " + "credentials: " + credentials2 + " : " + javaProps2); m_client1.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, (string)null, credentials1, ExpectedResult.AuthRequiredException); m_client2.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, (string)null, credentials2, ExpectedResult.AuthRequiredException); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); } }
void runCQTest() { CacheHelper.SetupJavaServers(true, "remotequeryN.xml"); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); DummyAuthorization3 da = new DummyAuthorization3(); string authenticator = da.Authenticator; string authInit = da.AuthInit; string accessorPP = da.AuthenticatorPP; Util.Log("testAllowPutsGets: Using authinit: " + authInit); Util.Log("testAllowPutsGets: Using authenticator: " + authenticator); Util.Log("testAllowPutsGets: Using accessorPP: " + accessorPP); // Start servers with all required properties string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, null, accessorPP, null, null); // Start the two servers. CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs); Util.Log("Cacheserver 1 started."); CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs); Util.Log("Cacheserver 2 started."); // Start client1 with valid CREATE credentials, this index will be used to authorzie the user Properties <string, string> createCredentials = da.GetValidCredentials(4); Util.Log("runCQTest: "); m_client1.Call(SecurityTestUtil.CreateClientMU2, RegionName_CQ, CacheHelper.Locators, authInit, (Properties <string, string>)null, true, true); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName_CQ, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Perform some put operations from client1 m_client1.Call(registerCQ, createCredentials, false); // Verify that the gets succeed m_client2.Call(doCQPut, createCredentials); m_client1.Call(verifyCQEvents, true, CqOperationType.OP_TYPE_CREATE); m_client1.Call(CloseUserCache, false); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(1); // CacheHelper.StopJavaServer(2); CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
void runInvalidAuthenticator() { foreach (CredentialGenerator gen in SecurityTestUtil.getAllGenerators(false)) { Properties <string, string> extraProps = gen.SystemProperties; Properties <string, string> javaProps = gen.JavaProperties; string authInit = gen.AuthInit; if (authInit == null || authInit.Length == 0) { // Skip a scheme which does not have an authInit in the first place // (e.g. SSL) since that will fail with AuthReqEx before // authenticator is even invoked Util.Log("InvalidAuthenticator: Skipping scheme [" + gen.GetClassCode() + "] which has no authInit"); continue; } Util.Log("InvalidAuthenticator: Using scheme: " + gen.GetClassCode()); Util.Log("InvalidAuthenticator: Using authinit: " + authInit); // Start the server with invalid authenticator CacheHelper.SetupJavaServers(true, CacheXml1); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, SecurityTestUtil.GetServerArgs( "org.apache.geode.none", extraProps, javaProps)); Util.Log("Cacheserver 1 started."); // Starting the client with valid credentials should throw // authentication failed exception Properties <string, string> credentials1 = gen.GetValidCredentials(1); Properties <string, string> javaProps1 = gen.JavaProperties; Util.Log("InvalidAuthenticator: For first client valid credentials: " + credentials1 + " : " + javaProps1); m_client1.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials1, ExpectedResult.AuthFailedException); // Also try with invalid credentials Properties <string, string> credentials2 = gen.GetInvalidCredentials(1); Properties <string, string> javaProps2 = gen.JavaProperties; Util.Log("InvalidAuthenticator: For first client invalid " + "credentials: " + credentials2 + " : " + javaProps2); m_client1.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials2, ExpectedResult.AuthFailedException); m_client1.Call(Close); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); } }
void runValidCredentials() { foreach (CredentialGenerator gen in SecurityTestUtil.getAllGenerators(false)) { Properties <string, string> extraProps = gen.SystemProperties; Properties <string, string> javaProps = gen.JavaProperties; string authenticator = gen.Authenticator; string authInit = gen.AuthInit; Util.Log("ValidCredentials: Using scheme: " + gen.GetClassCode()); Util.Log("ValidCredentials: Using authenticator: " + authenticator); Util.Log("ValidCredentials: Using authinit: " + authInit); // Start the server CacheHelper.SetupJavaServers(true, CacheXml1); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, SecurityTestUtil.GetServerArgs( authenticator, extraProps, javaProps)); Util.Log("Cacheserver 1 started."); // Start the clients with valid credentials Properties <string, string> credentials1 = gen.GetValidCredentials(1); Properties <string, string> javaProps1 = gen.JavaProperties; Util.Log("ValidCredentials: For first client credentials: " + credentials1 + " : " + javaProps1); Properties <string, string> credentials2 = gen.GetValidCredentials(2); Properties <string, string> javaProps2 = gen.JavaProperties; Util.Log("ValidCredentials: For second client credentials: " + credentials2 + " : " + javaProps2); m_client1.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials1); m_client2.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials2); // Perform some put operations from client1 m_client1.Call(DoPuts, 4); m_client1.Call(DoTxPuts); // Verify that the puts succeeded m_client2.Call(DoGets, 4); m_client2.Call(DoGetsTx); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); } }
void runInvalidCredentials() { foreach (CredentialGenerator gen in SecurityTestUtil.getAllGenerators(true)) { Properties <string, string> extraProps = gen.SystemProperties; Properties <string, string> javaProps = gen.JavaProperties; string authenticator = gen.Authenticator; string authInit = gen.AuthInit; Util.Log("InvalidCredentials: Using scheme: " + gen.GetClassCode()); Util.Log("InvalidCredentials: Using authenticator: " + authenticator); Util.Log("InvalidCredentials: Using authinit: " + authInit); // Start the server CacheHelper.SetupJavaServers(true, CacheXml1); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, SecurityTestUtil.GetServerArgs( authenticator, extraProps, javaProps)); Util.Log("Cacheserver 1 started."); // Start the clients with valid credentials Properties <string, string> credentials1 = gen.GetValidCredentials(8); Properties <string, string> javaProps1 = gen.JavaProperties; Util.Log("InvalidCredentials: For first client credentials: " + credentials1 + " : " + javaProps1); Properties <string, string> credentials2 = gen.GetInvalidCredentials(7); Properties <string, string> javaProps2 = gen.JavaProperties; Util.Log("InvalidCredentials: For second client credentials: " + credentials2 + " : " + javaProps2); m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Perform some put operations from client1 m_client1.Call(DoPutsMU, 4, credentials1, true); // Creating region on client2 should throw authentication // failure exception m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Perform some put operations from client1 m_client2.Call(DoPutsMU, 4, credentials2, true, ExpectedResult.AuthFailedException); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); } }
void runInvalidAuthInit() { foreach (CredentialGenerator gen in SecurityTestUtil.getAllGenerators(true)) { Properties <string, string> extraProps = gen.SystemProperties; Properties <string, string> javaProps = gen.JavaProperties; string authenticator = gen.Authenticator; Util.Log("InvalidAuthInit: Using scheme: " + gen.GetClassCode()); Util.Log("InvalidAuthInit: Using authenticator: " + authenticator); // Start the server CacheHelper.SetupJavaServers(true, CacheXml1); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, SecurityTestUtil.GetServerArgs( authenticator, extraProps, javaProps)); Util.Log("Cacheserver 1 started."); // Creating region on client1 with invalid authInit callback should // throw authentication required exception Properties <string, string> credentials = gen.GetValidCredentials(5); javaProps = gen.JavaProperties; Util.Log("InvalidAuthInit: For first client credentials: " + credentials + " : " + javaProps); m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, "Apache.Geode.Templates.Cache.Security.none", (Properties <string, string>)null, true); // Perform some put operations from client1 m_client1.Call(DoPutsMU, 20, credentials, true); m_client1.Call(Close); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); } }
void runValidCredentials() { var dataDir = Util.GetEnvironmentVariable("TESTSRC"); Properties <string, string> javaProps = new Properties <string, string>(); javaProps.Insert("gemfire.security-authz-xml-uri", dataDir + "\\..\\..\\templates\\security\\authz-dummy.xml"); string authenticator = "javaobject.DummyAuthenticator.create"; // Start the server CacheHelper.SetupJavaServers(true, CacheXml1); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, SecurityTestUtil.GetServerArgs( authenticator, null, javaProps)); Util.Log("Cacheserver 1 started."); AssertAuthInitializeCalled(false); CreateClient(RegionName, CacheHelper.Locators); // Perform some put operations from client1 DoPuts(4); AssertAuthInitializeCalled(true); // Verify that the puts succeeded DoGets(4); Close(); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
void runCredentialsForNotifications() { foreach (CredentialGenerator gen in SecurityTestUtil.getAllGenerators(false)) { Properties <string, string> extraProps = gen.SystemProperties; Properties <string, string> javaProps = gen.JavaProperties; string authenticator = gen.Authenticator; string authInit = gen.AuthInit; Util.Log("CredentialsForNotifications: Using scheme: " + gen.GetClassCode()); Util.Log("CredentialsForNotifications: Using authenticator: " + authenticator); Util.Log("CredentialsForNotifications: Using authinit: " + authInit); // Start the two servers. CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, SecurityTestUtil.GetServerArgs( authenticator, extraProps, javaProps)); Util.Log("Cacheserver 1 started."); CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, SecurityTestUtil.GetServerArgs( authenticator, extraProps, javaProps)); Util.Log("Cacheserver 2 started."); // Start the clients with valid credentials Properties <string, string> credentials1 = gen.GetValidCredentials(5); Properties <string, string> javaProps1 = gen.JavaProperties; Util.Log("CredentialsForNotifications: For first client valid " + "credentials: " + credentials1 + " : " + javaProps1); Properties <string, string> credentials2 = gen.GetValidCredentials(6); Properties <string, string> javaProps2 = gen.JavaProperties; Util.Log("CredentialsForNotifications: For second client valid " + "credentials: " + credentials2 + " : " + javaProps2); m_client1.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials1); // Set up zero forward connections to check notification handshake only m_client2.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials2, 0, ExpectedResult.Success); m_client1.Call(registerPdxType8); m_client2.Call(registerPdxType8); // Register interest for all keys on second client m_client2.Call(RegisterAllKeys, new string[] { RegionName }); // Wait for secondary server to see second client Thread.Sleep(1000); // Perform some put operations from client1 m_client1.Call(DoPuts, 2); // Verify that the puts succeeded m_client2.Call(DoLocalGets, 2); // Stop the first server CacheHelper.StopJavaServer(1); // Perform some create/update operations from client1 m_client1.Call(DoPuts, 4, true, ExpectedResult.Success); // Verify that the creates/updates succeeded m_client2.Call(DoLocalGets, 4, true); // Start server1 again and try to connect client1 using zero forward // connections with no credentials. // Verify that the creation of region throws authentication // required exception CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, SecurityTestUtil.GetServerArgs( authenticator, extraProps, javaProps)); Util.Log("Cacheserver 1 started."); m_client1.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, (string)null, (Properties <string, string>)null, 0, ExpectedResult.AuthRequiredException); // Now try to connect client2 using zero forward connections // with invalid credentials. // Verify that the creation of region throws security exception credentials2 = gen.GetInvalidCredentials(3); javaProps2 = gen.JavaProperties; Util.Log("CredentialsForNotifications: For second client invalid " + "credentials: " + credentials2 + " : " + javaProps2); m_client2.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials2, 0, ExpectedResult.AuthFailedException); // Now try to connect client2 with invalid auth-init method // Trying to create the region on client with valid credentials should // throw an authentication failed exception m_client2.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, "Apache.Geode.Templates.Cache.Security.none", credentials1, 0, ExpectedResult.AuthRequiredException); // Try connection with null auth-init on clients. m_client1.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, (string)null, credentials1, 0, ExpectedResult.AuthRequiredException); m_client2.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, (string)null, credentials2, 0, ExpectedResult.AuthRequiredException); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaServer(2); CacheHelper.StopJavaLocator(1); CacheHelper.ClearLocators(); CacheHelper.ClearEndpoints(); } }
void runCredentialsWithFailover() { foreach (CredentialGenerator gen in SecurityTestUtil.getAllGenerators(false)) { Properties <string, string> extraProps = gen.SystemProperties; Properties <string, string> javaProps = gen.JavaProperties; string authenticator = gen.Authenticator; string authInit = gen.AuthInit; Util.Log("CredentialsWithFailover: Using scheme: " + gen.GetClassCode()); Util.Log("CredentialsWithFailover: Using authenticator: " + authenticator); Util.Log("CredentialsWithFailover: Using authinit: " + authInit); // Start the first server; do not start second server yet to force // the clients to connect to the first server. CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, SecurityTestUtil.GetServerArgs( authenticator, extraProps, javaProps)); Util.Log("Cacheserver 1 started."); // Start the clients with valid credentials Properties <string, string> credentials1 = gen.GetValidCredentials(5); Properties <string, string> javaProps1 = gen.JavaProperties; Util.Log("CredentialsWithFailover: For first client valid " + "credentials: " + credentials1 + " : " + javaProps1); Properties <string, string> credentials2 = gen.GetValidCredentials(6); Properties <string, string> javaProps2 = gen.JavaProperties; Util.Log("CredentialsWithFailover: For second client valid " + "credentials: " + credentials2 + " : " + javaProps2); m_client1.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials1); m_client2.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials2); // Perform some put operations from client1 m_client1.Call(DoPuts, 2); // Verify that the puts succeeded m_client2.Call(DoGets, 2); // Start the second server and stop the first one to force a failover CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, SecurityTestUtil.GetServerArgs( authenticator, extraProps, javaProps)); Util.Log("Cacheserver 2 started."); CacheHelper.StopJavaServer(1); // Perform some create/update operations from client1 // and verify from client2 m_client1.Call(DoPuts, 4, true, ExpectedResult.Success); m_client2.Call(DoGets, 4, true); // Try to connect client2 with no credentials // Verify that the creation of region throws security exception m_client2.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, (string)null, (Properties <string, string>)null, ExpectedResult.AuthRequiredException); // Now try to connect client1 with invalid credentials // Verify that the creation of region throws security exception credentials1 = gen.GetInvalidCredentials(7); javaProps1 = gen.JavaProperties; Util.Log("CredentialsWithFailover: For first client invalid " + "credentials: " + credentials1 + " : " + javaProps1); m_client1.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials1, ExpectedResult.AuthFailedException); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(2); CacheHelper.StopJavaLocator(1); CacheHelper.ClearLocators(); CacheHelper.ClearEndpoints(); } }
void runNoAuthenticatorWithCredentials() { foreach (CredentialGenerator gen in SecurityTestUtil.getAllGenerators(false)) { Properties <string, string> extraProps = gen.SystemProperties; Properties <string, string> javaProps = gen.JavaProperties; string authenticator = gen.Authenticator; string authInit = gen.AuthInit; if (authenticator == null || authenticator.Length == 0) { // If the scheme does not have an authenticator in the first place // (e.g. SSL) then skip it since this test is useless Util.Log("NoAuthenticatorWithCredentials: Skipping scheme [" + gen.GetClassCode() + "] which has no authenticator"); continue; } Util.Log("NoAuthenticatorWithCredentials: Using scheme: " + gen.GetClassCode()); Util.Log("NoAuthenticatorWithCredentials: Using authinit: " + authInit); // Start the servers CacheHelper.SetupJavaServers(true, CacheXml1); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, SecurityTestUtil.GetServerArgs( null, extraProps, javaProps)); Util.Log("Cacheserver 1 started."); // Start client1 with valid credentials and client2 with invalid // credentials; both should succeed with no authenticator on server Properties <string, string> credentials1 = gen.GetValidCredentials(3); Properties <string, string> javaProps1 = gen.JavaProperties; Util.Log("NoAuthenticatorWithCredentials: For first client valid " + "credentials: " + credentials1 + " : " + javaProps1); Properties <string, string> credentials2 = gen.GetInvalidCredentials(12); Properties <string, string> javaProps2 = gen.JavaProperties; Util.Log("NoAuthenticatorWithCredentials: For second client invalid " + "credentials: " + credentials2 + " : " + javaProps2); m_client1.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials1); m_client2.Call(SecurityTestUtil.CreateClient, RegionName, CacheHelper.Locators, authInit, credentials2); // Perform some put operations from client1 m_client1.Call(DoPuts, 4); // Verify that the puts succeeded m_client2.Call(DoGets, 4); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); } }
void runThinClientWriterExceptionTest() { CacheHelper.SetupJavaServers(true, CacheXml1); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true)) { for (int i = 1; i <= 2; ++i) { CredentialGenerator cGen = authzGen.GetCredentialGenerator(); //TODO: its not working for multiuser mode.. need to fix later if (cGen.GetClassCode() == CredentialGenerator.ClassCode.PKCS) { continue; } Properties <string, string> extraAuthProps = cGen.SystemProperties; Properties <string, string> javaProps = cGen.JavaProperties; Properties <string, string> extraAuthzProps = authzGen.SystemProperties; string authenticator = cGen.Authenticator; string authInit = cGen.AuthInit; string accessor = authzGen.AccessControl; Util.Log("ThinClientWriterException: Using authinit: " + authInit); Util.Log("ThinClientWriterException: Using authenticator: " + authenticator); Util.Log("ThinClientWriterException: Using accessor: " + accessor); // Start servers with all required properties string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); // Start the server. CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs); Util.Log("Cacheserver 1 started."); // Start client1 with valid CREATE credentials Properties <string, string> createCredentials = authzGen.GetDisallowedCredentials( new OperationCode[] { OperationCode.Put }, new string[] { RegionName }, 1); javaProps = cGen.JavaProperties; Util.Log("DisallowPuts: For first client PUT credentials: " + createCredentials); m_client1.Call(SecurityTestUtil.CreateClientR0, RegionName, CacheHelper.Locators, authInit, createCredentials); Util.Log("Creating region in client1 , no-ack, no-cache, with listener and writer"); m_client1.Call(CreateRegion, CacheHelper.Locators, true, true, true); m_client1.Call(RegisterAllKeys, new string[] { RegionName }); try { Util.Log("Trying put Operation"); m_client1.Call(DoPut); Util.Log(" Put Operation Successful"); Assert.Fail("Should have got NotAuthorizedException during put"); } catch (NotAuthorizedException) { Util.Log("NotAuthorizedException Caught"); Util.Log("Success"); } catch (Exception other) { Util.Log("Stack trace: {0} ", other.StackTrace); Util.Log("Got exception : {0}", other.Message); } m_client1.Call(CheckAssert); // Do LocalPut m_client1.Call(DoLocalPut); m_client1.Call(Close); CacheHelper.StopJavaServer(1); } } CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
void runInvalidAccessor() { CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true)) { CredentialGenerator cGen = authzGen.GetCredentialGenerator(); Util.Log("NIl:792:Current credential is = {0}", cGen); //if (cGen.GetClassCode() == CredentialGenerator.ClassCode.LDAP) // continue; Properties <string, string> extraAuthProps = cGen.SystemProperties; Properties <string, string> javaProps = cGen.JavaProperties; Properties <string, string> extraAuthzProps = authzGen.SystemProperties; string authenticator = cGen.Authenticator; string authInit = cGen.AuthInit; string accessor = authzGen.AccessControl; Util.Log("InvalidAccessor: Using authinit: " + authInit); Util.Log("InvalidAccessor: Using authenticator: " + authenticator); // Start server1 with invalid accessor string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, "com.gemstone.none", null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs); Util.Log("Cacheserver 1 started."); // Client creation should throw exceptions Properties <string, string> createCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Put }, new string[] { RegionName }, 3); javaProps = cGen.JavaProperties; Util.Log("InvalidAccessor: For first client PUT credentials: " + createCredentials); m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Now perform some put operations from client1 m_client1.Call(DoPutsMU, 10, createCredentials, true, ExpectedResult.OtherException); Properties <string, string> getCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Get }, new string[] { RegionName }, 7); javaProps = cGen.JavaProperties; Util.Log("InvalidAccessor: For second client GET credentials: " + getCredentials); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Now perform some put operations from client1 m_client2.Call(DoGetsMU, 10, getCredentials, true, ExpectedResult.OtherException); // Now start server2 that has valid accessor Util.Log("InvalidAccessor: Using accessor: " + accessor); serverArgs = SecurityTestUtil.GetServerArgs(authenticator, accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs); Util.Log("Cacheserver 2 started."); CacheHelper.StopJavaServer(1); // Client creation should be successful now m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Now perform some put operations from client1 m_client1.Call(DoPutsMU, 10, createCredentials, true); // Verify that the gets succeed m_client2.Call(DoGetsMU, 10, getCredentials, true); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(2); } CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
void runDisallowPutsGets() { CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true)) { CredentialGenerator cGen = authzGen.GetCredentialGenerator(); Properties <string, string> extraAuthProps = cGen.SystemProperties; Properties <string, string> javaProps = cGen.JavaProperties; Properties <string, string> extraAuthzProps = authzGen.SystemProperties; string authenticator = cGen.Authenticator; string authInit = cGen.AuthInit; string accessor = authzGen.AccessControl; Util.Log("DisallowPutsGets: Using authinit: " + authInit); Util.Log("DisallowPutsGets: Using authenticator: " + authenticator); Util.Log("DisallowPutsGets: Using accessor: " + accessor); // Check that we indeed can obtain valid credentials not allowed to do // gets Properties <string, string> createCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Put }, new string[] { RegionName }, 1); Properties <string, string> createJavaProps = cGen.JavaProperties; Properties <string, string> getCredentials = authzGen.GetDisallowedCredentials( new OperationCode[] { OperationCode.Get }, new string[] { RegionName }, 2); Properties <string, string> getJavaProps = cGen.JavaProperties; if (getCredentials == null || getCredentials.Size == 0) { Util.Log("DisallowPutsGets: Unable to obtain valid credentials " + "with no GET permission; skipping this combination."); continue; } // Start servers with all required properties string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); // Start the two servers. CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs); Util.Log("Cacheserver 1 started."); CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs); Util.Log("Cacheserver 2 started."); // Start client1 with valid CREATE credentials createCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Put }, new string[] { RegionName }, 1); javaProps = cGen.JavaProperties; Util.Log("DisallowPutsGets: For first client PUT credentials: " + createCredentials); m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Start client2 with invalid GET credentials getCredentials = authzGen.GetDisallowedCredentials( new OperationCode[] { OperationCode.Get }, new string[] { RegionName }, 2); javaProps = cGen.JavaProperties; Util.Log("DisallowPutsGets: For second client invalid GET " + "credentials: " + getCredentials); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Perform some put operations from client1 m_client1.Call(DoPutsMU, 10, createCredentials, true); // Verify that the gets throw exception m_client2.Call(DoGetsMU, 10, getCredentials, true, ExpectedResult.NotAuthorizedException); // Try to connect client2 with reader credentials getCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Get }, new string[] { RegionName }, 5); javaProps = cGen.JavaProperties; Util.Log("DisallowPutsGets: For second client valid GET " + "credentials: " + getCredentials); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Verify that the gets succeed m_client2.Call(DoGetsMU, 10, getCredentials, true); // Verify that the puts throw exception m_client2.Call(DoPutsMU, 10, getCredentials, true, ExpectedResult.NotAuthorizedException); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaServer(2); } CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
void runAllowPutsGets() { CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(true)) { CredentialGenerator cGen = authzGen.GetCredentialGenerator(); Properties <string, string> extraAuthProps = cGen.SystemProperties; Properties <string, string> javaProps = cGen.JavaProperties; Properties <string, string> extraAuthzProps = authzGen.SystemProperties; string authenticator = cGen.Authenticator; string authInit = cGen.AuthInit; string accessor = authzGen.AccessControl; Util.Log("testAllowPutsGets: Using authinit: " + authInit); Util.Log("testAllowPutsGets: Using authenticator: " + authenticator); Util.Log("testAllowPutsGets: Using accessor: " + accessor); // Start servers with all required properties string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); // Start the two servers. CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs); Util.Log("Cacheserver 1 started."); CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs); Util.Log("Cacheserver 2 started."); // Start client1 with valid CREATE credentials Properties <string, string> createCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Put }, new string[] { RegionName }, 1); javaProps = cGen.JavaProperties; Util.Log("AllowPutsGets: For first client PUT credentials: " + createCredentials); m_client1.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Start client2 with valid GET credentials Properties <string, string> getCredentials = authzGen.GetAllowedCredentials( new OperationCode[] { OperationCode.Get }, new string[] { RegionName }, 2); javaProps = cGen.JavaProperties; Util.Log("AllowPutsGets: For second client GET credentials: " + getCredentials); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); // Perform some put operations from client1 m_client1.Call(DoPutsMU, 10, createCredentials, true); // Verify that the gets succeed m_client2.Call(DoGetsMU, 10, getCredentials, true); m_client1.Call(DoPutsTx, 10, true, ExpectedResult.Success, getCredentials, true); m_client2.Call(DoGets, 10, true, ExpectedResult.Success, getCredentials, true); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(1); CacheHelper.StopJavaServer(2); } CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
//private static string DurableClientId2 = "DurableClientId2"; void runDurableCQTest(bool logicalCacheClose, bool durableCQ, bool whetherResult) { CacheHelper.SetupJavaServers(true, "remotequeryN.xml"); CacheHelper.StartJavaLocator(1, "GFELOC"); Util.Log("Locator started"); DummyAuthorization3 da = new DummyAuthorization3(); string authenticator = da.Authenticator; string authInit = da.AuthInit; string accessorPP = da.AuthenticatorPP; Util.Log("testAllowPutsGets: Using authinit: " + authInit); Util.Log("testAllowPutsGets: Using authenticator: " + authenticator); Util.Log("testAllowPutsGets: Using accessorPP: " + accessorPP); // Start servers with all required properties string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, null, accessorPP, null, null); // Start the two servers. CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs); Util.Log("Cacheserver 1 started."); CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs); Util.Log("Cacheserver 2 started."); // Start client1 with valid CREATE credentials, this index will be used to authorzie the user Properties <string, string> createCredentials = da.GetValidCredentials(4); Util.Log("runCQTest: "); /* * regionName, string endpoints, string locators, * authInit, Properties credentials, bool pool, bool locator, bool isMultiuser, bool notificationEnabled, string durableClientId) */ m_client1.Call(SecurityTestUtil.CreateMUDurableClient, RegionName_CQ, CacheHelper.Locators, authInit, DurableClientId1, true, true); m_client2.Call(SecurityTestUtil.CreateClientMU, RegionName_CQ, CacheHelper.Locators, authInit, (Properties <string, string>)null, true); m_client1.Call(ReadyForEvents2); // Perform some put operations from client1 m_client1.Call(registerCQ, createCredentials, durableCQ); Properties <string, string> createCredentials2 = da.GetValidCredentials(3); // Verify that the gets succeed m_client2.Call(doCQPut, createCredentials2); //close cache client-1 m_client1.Call(verifyCQEvents, true, CqOperationType.OP_TYPE_CREATE); Thread.Sleep(10000); Util.Log("Before calling CloseUserCache: " + logicalCacheClose); if (logicalCacheClose) { m_client1.Call(CloseUserCache, logicalCacheClose); } m_client1.Call(CloseKeepAlive); //put again from other client m_client2.Call(doCQPut, createCredentials2); //client-1 will up again m_client1.Call(SecurityTestUtil.CreateMUDurableClient, RegionName_CQ, CacheHelper.Locators, authInit, DurableClientId1, true, true); // Perform some put operations from client1 m_client1.Call(registerCQ, createCredentials, durableCQ); m_client1.Call(ReadyForEvents2); Thread.Sleep(20000); m_client1.Call(verifyCQEvents, whetherResult, CqOperationType.OP_TYPE_UPDATE); m_client1.Call(Close); m_client2.Call(Close); CacheHelper.StopJavaServer(1); // CacheHelper.StopJavaServer(2); CacheHelper.StopJavaLocator(1); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }
protected void RunOpsWithFailover(OperationWithAction[] opCodes, string testName, bool isMultiUser, bool ssl, bool withPassword) { CacheHelper.SetupJavaServers(true, CacheXml1, CacheXml2); CacheHelper.StartJavaLocator(1, "GFELOC", null, ssl); Util.Log("Locator started"); foreach (AuthzCredentialGenerator authzGen in GetAllGeneratorCombos(isMultiUser)) { CredentialGenerator cGen = authzGen.GetCredentialGenerator(); Properties <string, string> extraAuthProps = cGen.SystemProperties; Properties <string, string> javaProps = cGen.JavaProperties; Properties <string, string> extraAuthzProps = authzGen.SystemProperties; string authenticator = cGen.Authenticator; string authInit = cGen.AuthInit; string accessor = authzGen.AccessControl; TestAuthzCredentialGenerator tgen = new TestAuthzCredentialGenerator(authzGen); Util.Log(testName + ": Using authinit: " + authInit); Util.Log(testName + ": Using authenticator: " + authenticator); Util.Log(testName + ": Using accessor: " + accessor); // Start servers with all required properties string serverArgs = SecurityTestUtil.GetServerArgs(authenticator, accessor, null, SecurityTestUtil.ConcatProperties(extraAuthProps, extraAuthzProps), javaProps); // Perform all the ops on the clients List <OperationWithAction> opBlock = new List <OperationWithAction>(); Random rnd = new Random(); for (int opNum = 0; opNum < opCodes.Length; ++opNum) { // Start client with valid credentials as specified in // OperationWithAction OperationWithAction currentOp = opCodes[opNum]; if (currentOp == OperationWithAction.OpBlockEnd || currentOp == OperationWithAction.OpBlockNoFailover) { // End of current operation block; execute all the operations // on the servers with/without failover if (opBlock.Count > 0) { // Start the first server and execute the operation block CacheHelper.StartJavaServerWithLocators(1, "GFECS1", 1, serverArgs, ssl); Util.Log("Cacheserver 1 started."); CacheHelper.StopJavaServer(2, false); ExecuteOpBlock(opBlock, authInit, extraAuthProps, extraAuthzProps, tgen, rnd, isMultiUser, ssl, withPassword); if (currentOp == OperationWithAction.OpBlockNoFailover) { CacheHelper.StopJavaServer(1); } else { // Failover to the second server and run the block again CacheHelper.StartJavaServerWithLocators(2, "GFECS2", 1, serverArgs, ssl); Util.Log("Cacheserver 2 started."); CacheHelper.StopJavaServer(1); ExecuteOpBlock(opBlock, authInit, extraAuthProps, extraAuthzProps, tgen, rnd, isMultiUser, ssl, withPassword); } opBlock.Clear(); } } else { currentOp.OpNum = opNum; opBlock.Add(currentOp); } } // Close all clients here since we run multiple iterations for pool and non pool configs foreach (ClientBase client in m_clients) { client.Call(Close); } } CacheHelper.StopJavaLocator(1, true, ssl); CacheHelper.ClearEndpoints(); CacheHelper.ClearLocators(); }