geode-assembly/src/acceptanceTest/java/org/apache/geode/management/internal/cli/commands/LogsAndDescribeConfigAreFullyRedactedAcceptanceTest.java - geode - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
  * agreements. See the NOTICE file distributed with this work for additional information regarding
  * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance with the License. You may obtain a
  * copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software distributed under the License
  * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
  * or implied. See the License for the specific language governing permissions and limitations under
  * the License.
  */
 package org.apache.geode.management.internal.cli.commands;

 import static org.apache.geode.distributed.ConfigurationProperties.LOG_LEVEL;
 import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
 import static org.apache.geode.test.util.ResourceUtils.getResource;
 import static org.assertj.core.api.Assertions.assertThat;

 import java.io.File;
 import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
 import java.util.Collection;
 import java.util.Properties;
 import java.util.Scanner;

 import org.apache.commons.io.FileUtils;
 import org.assertj.core.api.SoftAssertions;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;

 import org.apache.geode.examples.security.ExampleSecurityManager;
 import org.apache.geode.management.internal.cli.util.CommandStringBuilder;
 import org.apache.geode.test.junit.categories.LoggingTest;
 import org.apache.geode.test.junit.categories.SecurityTest;
 import org.apache.geode.test.junit.rules.RequiresGeodeHome;
 import org.apache.geode.test.junit.rules.gfsh.GfshExecution;
 import org.apache.geode.test.junit.rules.gfsh.GfshRule;

 /**
  * This test class expects a "security.json" file to be visible on the member classpath. The
  * security.json is consumed by {@link ExampleSecurityManager} and should contain each
  * username/password combination present (even though not all will actually be consumed by the
  * Security Manager).
  *
  * <p>
  * Each password shares the string below for easier log scanning.
  */
 @Category({SecurityTest.class, LoggingTest.class})
 public class LogsAndDescribeConfigAreFullyRedactedAcceptanceTest {

   private static final String sharedPasswordString = "abcdefg";

   private File propertyFile;
   private File securityPropertyFile;

   @Rule
   public GfshRule gfsh = new GfshRule();

   @Rule
   public RequiresGeodeHome geodeHome = new RequiresGeodeHome();

   @Before
   public void createDirectoriesAndFiles() throws Exception {
     propertyFile = gfsh.getTemporaryFolder().newFile("geode.properties");
     securityPropertyFile = gfsh.getTemporaryFolder().newFile("security.properties");

     Properties properties = new Properties();
     properties.setProperty(LOG_LEVEL, "debug");
     properties.setProperty("security-username", "propertyFileUser");
     properties.setProperty("security-password", sharedPasswordString + "-propertyFile");
     try (FileOutputStream fileOutputStream = new FileOutputStream(propertyFile)) {
       properties.store(fileOutputStream, null);
     }

     Properties securityProperties = new Properties();
     securityProperties.setProperty(SECURITY_MANAGER, ExampleSecurityManager.class.getName());
     securityProperties.setProperty(ExampleSecurityManager.SECURITY_JSON, "security.json");
     securityProperties.setProperty("security-file-username", "securityPropertyFileUser");
     securityProperties.setProperty("security-file-password",
         sharedPasswordString + "-securityPropertyFile");
     try (FileOutputStream fileOutputStream = new FileOutputStream(securityPropertyFile)) {
       securityProperties.store(fileOutputStream, null);
     }

     startSecureLocatorAndServer();
   }

   private void startSecureLocatorAndServer() {
     // The json is in the root resource directory.
     String securityJson =
         getResource(LogsAndDescribeConfigAreFullyRedactedAcceptanceTest.class,
             "/security.json").getPath();
     // We want to add the folder to the classpath, so we strip off the filename.
     securityJson = securityJson.substring(0, securityJson.length() - "security.json".length());
     String startLocatorCmd =
         new CommandStringBuilder("start locator").addOption("name", "test-locator")
             .addOption("properties-file", propertyFile.getAbsolutePath())
             .addOption("security-properties-file", securityPropertyFile.getAbsolutePath())
             .addOption("J", "-Dsecure-username-jd=user-jd")
             .addOption("J", "-Dsecure-password-jd=password-jd")
             .addOption("classpath", securityJson).getCommandString();

     String startServerCmd = new CommandStringBuilder("start server")
         .addOption("name", "test-server").addOption("user", "viaStartMemberOptions")
         .addOption("password", sharedPasswordString + "-viaStartMemberOptions")
         .addOption("properties-file", propertyFile.getAbsolutePath())
         .addOption("security-properties-file", securityPropertyFile.getAbsolutePath())
         .addOption("J", "-Dsecure-username-jd=user-jd")
         .addOption("J", "-Dsecure-password-jd=" + sharedPasswordString + "-password-jd")
         .addOption("server-port", "0")
         .addOption("classpath", securityJson).getCommandString();

     gfsh.execute(startLocatorCmd, startServerCmd);
   }

   @Test
   public void logsDoNotContainStringThatShouldBeRedacted() throws FileNotFoundException {
     Collection<File> logs =
         FileUtils.listFiles(gfsh.getTemporaryFolder().getRoot(), new String[] {"log"}, true);

     // Use soft assertions to report all redaction failures, not just the first one.
     SoftAssertions softly = new SoftAssertions();
     for (File logFile : logs) {
       Scanner scanner = new Scanner(logFile);
       while (scanner.hasNextLine()) {
         String line = scanner.nextLine();
         softly.assertThat(line).describedAs("File: %s, Line: %s", logFile.getAbsolutePath(), line)
             .doesNotContain(sharedPasswordString);
       }
     }
     softly.assertAll();
   }

   @Test
   public void describeConfigRedactsJvmArguments() {
     String connectCommand = new CommandStringBuilder("connect")
         .addOption("user", "viaStartMemberOptions")
         .addOption("password", sharedPasswordString + "-viaStartMemberOptions").getCommandString();

     String describeLocatorConfigCommand = new CommandStringBuilder("describe config")
         .addOption("hide-defaults", "false").addOption("member", "test-locator").getCommandString();

     String describeServerConfigCommand = new CommandStringBuilder("describe config")
         .addOption("hide-defaults", "false").addOption("member", "test-server").getCommandString();

     GfshExecution execution =
         gfsh.execute(connectCommand, describeLocatorConfigCommand, describeServerConfigCommand);
     assertThat(execution.getOutputText()).doesNotContain(sharedPasswordString);
   }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more contributor license
	* agreements. See the NOTICE file distributed with this work for additional information regarding
	* copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance with the License. You may obtain a
	* copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software distributed under the License
	* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
	* or implied. See the License for the specific language governing permissions and limitations under
	* the License.
	*/
	package org.apache.geode.management.internal.cli.commands;

	import static org.apache.geode.distributed.ConfigurationProperties.LOG_LEVEL;
	import static org.apache.geode.distributed.ConfigurationProperties.SECURITY_MANAGER;
	import static org.apache.geode.test.util.ResourceUtils.getResource;
	import static org.assertj.core.api.Assertions.assertThat;

	import java.io.File;
	import java.io.FileNotFoundException;
	import java.io.FileOutputStream;
	import java.util.Collection;
	import java.util.Properties;
	import java.util.Scanner;

	import org.apache.commons.io.FileUtils;
	import org.assertj.core.api.SoftAssertions;
	import org.junit.Before;
	import org.junit.Rule;
	import org.junit.Test;
	import org.junit.experimental.categories.Category;

	import org.apache.geode.examples.security.ExampleSecurityManager;
	import org.apache.geode.management.internal.cli.util.CommandStringBuilder;
	import org.apache.geode.test.junit.categories.LoggingTest;
	import org.apache.geode.test.junit.categories.SecurityTest;
	import org.apache.geode.test.junit.rules.RequiresGeodeHome;
	import org.apache.geode.test.junit.rules.gfsh.GfshExecution;
	import org.apache.geode.test.junit.rules.gfsh.GfshRule;

	/**
	* This test class expects a "security.json" file to be visible on the member classpath. The
	* security.json is consumed by {@link ExampleSecurityManager} and should contain each
	* username/password combination present (even though not all will actually be consumed by the
	* Security Manager).
	*
	* <p>
	* Each password shares the string below for easier log scanning.
	*/
	@Category({SecurityTest.class, LoggingTest.class})
	public class LogsAndDescribeConfigAreFullyRedactedAcceptanceTest {

	private static final String sharedPasswordString = "abcdefg";

	private File propertyFile;
	private File securityPropertyFile;

	@Rule
	public GfshRule gfsh = new GfshRule();

	@Rule
	public RequiresGeodeHome geodeHome = new RequiresGeodeHome();

	@Before
	public void createDirectoriesAndFiles() throws Exception {
	propertyFile = gfsh.getTemporaryFolder().newFile("geode.properties");
	securityPropertyFile = gfsh.getTemporaryFolder().newFile("security.properties");

	Properties properties = new Properties();
	properties.setProperty(LOG_LEVEL, "debug");
	properties.setProperty("security-username", "propertyFileUser");
	properties.setProperty("security-password", sharedPasswordString + "-propertyFile");
	try (FileOutputStream fileOutputStream = new FileOutputStream(propertyFile)) {
	properties.store(fileOutputStream, null);
	}

	Properties securityProperties = new Properties();
	securityProperties.setProperty(SECURITY_MANAGER, ExampleSecurityManager.class.getName());
	securityProperties.setProperty(ExampleSecurityManager.SECURITY_JSON, "security.json");
	securityProperties.setProperty("security-file-username", "securityPropertyFileUser");
	securityProperties.setProperty("security-file-password",
	sharedPasswordString + "-securityPropertyFile");
	try (FileOutputStream fileOutputStream = new FileOutputStream(securityPropertyFile)) {
	securityProperties.store(fileOutputStream, null);
	}

	startSecureLocatorAndServer();
	}

	private void startSecureLocatorAndServer() {
	// The json is in the root resource directory.
	String securityJson =
	getResource(LogsAndDescribeConfigAreFullyRedactedAcceptanceTest.class,
	"/security.json").getPath();
	// We want to add the folder to the classpath, so we strip off the filename.
	securityJson = securityJson.substring(0, securityJson.length() - "security.json".length());
	String startLocatorCmd =
	new CommandStringBuilder("start locator").addOption("name", "test-locator")
	.addOption("properties-file", propertyFile.getAbsolutePath())
	.addOption("security-properties-file", securityPropertyFile.getAbsolutePath())
	.addOption("J", "-Dsecure-username-jd=user-jd")
	.addOption("J", "-Dsecure-password-jd=password-jd")
	.addOption("classpath", securityJson).getCommandString();

	String startServerCmd = new CommandStringBuilder("start server")
	.addOption("name", "test-server").addOption("user", "viaStartMemberOptions")
	.addOption("password", sharedPasswordString + "-viaStartMemberOptions")
	.addOption("properties-file", propertyFile.getAbsolutePath())
	.addOption("security-properties-file", securityPropertyFile.getAbsolutePath())
	.addOption("J", "-Dsecure-username-jd=user-jd")
	.addOption("J", "-Dsecure-password-jd=" + sharedPasswordString + "-password-jd")
	.addOption("server-port", "0")
	.addOption("classpath", securityJson).getCommandString();

	gfsh.execute(startLocatorCmd, startServerCmd);
	}

	@Test
	public void logsDoNotContainStringThatShouldBeRedacted() throws FileNotFoundException {
	Collection<File> logs =
	FileUtils.listFiles(gfsh.getTemporaryFolder().getRoot(), new String[] {"log"}, true);

	// Use soft assertions to report all redaction failures, not just the first one.
	SoftAssertions softly = new SoftAssertions();
	for (File logFile : logs) {
	Scanner scanner = new Scanner(logFile);
	while (scanner.hasNextLine()) {
	String line = scanner.nextLine();
	softly.assertThat(line).describedAs("File: %s, Line: %s", logFile.getAbsolutePath(), line)
	.doesNotContain(sharedPasswordString);
	}
	}
	softly.assertAll();
	}

	@Test
	public void describeConfigRedactsJvmArguments() {
	String connectCommand = new CommandStringBuilder("connect")
	.addOption("user", "viaStartMemberOptions")
	.addOption("password", sharedPasswordString + "-viaStartMemberOptions").getCommandString();

	String describeLocatorConfigCommand = new CommandStringBuilder("describe config")
	.addOption("hide-defaults", "false").addOption("member", "test-locator").getCommandString();

	String describeServerConfigCommand = new CommandStringBuilder("describe config")
	.addOption("hide-defaults", "false").addOption("member", "test-server").getCommandString();

	GfshExecution execution =
	gfsh.execute(connectCommand, describeLocatorConfigCommand, describeServerConfigCommand);
	assertThat(execution.getOutputText()).doesNotContain(sharedPasswordString);
	}
	}