Google Git
Sign in
apache / geode / 7038f08ea88ec42f6c58764525460a1c7fe1abcf / . / geode-core / src / distributedTest / java / org / apache / geode / cache / client / internal / SSLNoClientAuthDUnitTest.java
blob: 54f1aa31530a31ade9a015b01025ed538e238c0d [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one or more contributor license
* agreements. See the NOTICE file distributed with this work for additional information regarding
* copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance with the License. You may obtain a
* copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed under the License
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
* or implied. See the License for the specific language governing permissions and limitations under
* the License.
*/
package org.apache.geode.cache.client.internal;
import static org.apache.geode.distributed.ConfigurationProperties.LOCATORS;
import static org.apache.geode.distributed.ConfigurationProperties.MCAST_PORT;
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_CIPHERS;
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_ENABLED;
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_KEYSTORE;
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_KEYSTORE_PASSWORD;
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_KEYSTORE_TYPE;
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_PROTOCOLS;
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_REQUIRE_AUTHENTICATION;
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_TRUSTSTORE;
import static org.apache.geode.distributed.ConfigurationProperties.SERVER_SSL_TRUSTSTORE_PASSWORD;
import static org.apache.geode.test.dunit.VM.getVM;
import static org.apache.geode.test.util.ResourceUtils.createTempFileFromResource;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.Properties;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.apache.geode.cache.Cache;
import org.apache.geode.cache.CacheFactory;
import org.apache.geode.cache.Region;
import org.apache.geode.cache.RegionFactory;
import org.apache.geode.cache.RegionShortcut;
import org.apache.geode.cache.client.ClientCache;
import org.apache.geode.cache.client.ClientCacheFactory;
import org.apache.geode.cache.client.ClientRegionFactory;
import org.apache.geode.cache.client.ClientRegionShortcut;
import org.apache.geode.cache.server.CacheServer;
import org.apache.geode.internal.AvailablePortHelper;
import org.apache.geode.test.dunit.VM;
import org.apache.geode.test.dunit.internal.JUnit4DistributedTestCase;
import org.apache.geode.test.junit.categories.MembershipTest;
@Category(MembershipTest.class)
public class SSLNoClientAuthDUnitTest extends JUnit4DistributedTestCase {
private Cache cache;
private CacheServer cacheServer;
private ClientCache clientCache;
private int cacheServerPort;
private String hostName;
private static final String DEFAULT_STORE = "default.keystore";
private static SSLNoClientAuthDUnitTest instance = new SSLNoClientAuthDUnitTest();
@Before
public void setUp() {
disconnectAllFromDS();
}
@After
public void tearDown() {
VM serverVM = getVM(1);
VM clientVM = getVM(2);
clientVM.invoke(() -> closeClientCacheTask());
serverVM.invoke(() -> closeCacheTask());
}
@Test
public void testSSLServerWithNoAuth() {
VM serverVM = getVM(1);
VM clientVM = getVM(2);
boolean cacheServerSslenabled = true;
boolean cacheClientSslenabled = true;
boolean cacheClientSslRequireAuth = true;
serverVM.invoke(() -> setUpServerVMTask(cacheServerSslenabled));
serverVM.invoke(() -> createServerTask());
Object array[] = serverVM.invoke(() -> getCacheServerEndPointTask());
String hostName = (String) array[0];
int port = (Integer) array[1];
Object params[] = new Object[6];
params[0] = hostName;
params[1] = port;
params[2] = cacheClientSslenabled;
params[3] = cacheClientSslRequireAuth;
params[4] = DEFAULT_STORE;
params[5] = DEFAULT_STORE;
clientVM.invoke(() -> setUpClientVMTask(hostName, port,
cacheClientSslenabled, cacheClientSslRequireAuth, DEFAULT_STORE, DEFAULT_STORE));
clientVM.invoke(() -> doClientRegionTestTask());
serverVM.invoke(() -> doServerRegionTestTask());
}
private void createCache(Properties props) throws Exception {
props.setProperty(MCAST_PORT, "0");
props.setProperty(LOCATORS, "");
cache = new CacheFactory(props).create();
if (cache == null) {
throw new Exception("CacheFactory.create() returned null ");
}
}
private void createServer() throws IOException {
cacheServerPort = AvailablePortHelper.getRandomAvailableTCPPort();
cacheServer = cache.addCacheServer();
cacheServer.setPort(cacheServerPort);
cacheServer.start();
hostName = cacheServer.getHostnameForClients();
}
private int getCacheServerPort() {
return cacheServerPort;
}
private String getCacheServerHost() {
return hostName;
}
private void setUpServerVM(boolean cacheServerSslenabled) throws Exception {
Properties gemFireProps = new Properties();
String cacheServerSslprotocols = "any";
String cacheServerSslciphers = "any";
boolean cacheServerSslRequireAuth = false;
gemFireProps.setProperty(SERVER_SSL_ENABLED, String.valueOf(cacheServerSslenabled));
gemFireProps.setProperty(SERVER_SSL_PROTOCOLS, cacheServerSslprotocols);
gemFireProps.setProperty(SERVER_SSL_CIPHERS, cacheServerSslciphers);
gemFireProps
.setProperty(SERVER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(cacheServerSslRequireAuth));
String keyStore =
createTempFileFromResource(SSLNoClientAuthDUnitTest.class, DEFAULT_STORE)
.getAbsolutePath();
String trustStore =
createTempFileFromResource(SSLNoClientAuthDUnitTest.class, DEFAULT_STORE)
.getAbsolutePath();
gemFireProps.setProperty(SERVER_SSL_KEYSTORE_TYPE, "jks");
gemFireProps.setProperty(SERVER_SSL_KEYSTORE, keyStore);
gemFireProps.setProperty(SERVER_SSL_KEYSTORE_PASSWORD, "password");
gemFireProps.setProperty(SERVER_SSL_TRUSTSTORE, trustStore);
gemFireProps.setProperty(SERVER_SSL_TRUSTSTORE_PASSWORD, "password");
StringWriter sw = new StringWriter();
PrintWriter writer = new PrintWriter(sw);
gemFireProps.list(writer);
createCache(gemFireProps);
RegionFactory factory = cache.createRegionFactory(RegionShortcut.REPLICATE);
Region r = factory.create("serverRegion");
r.put("serverkey", "servervalue");
}
private void setUpClientVM(String host, int port, boolean cacheServerSslenabled,
boolean cacheServerSslRequireAuth, String keyStore, String trustStore) {
Properties gemFireProps = new Properties();
String cacheServerSslprotocols = "any";
String cacheServerSslciphers = "any";
String keyStorePath =
createTempFileFromResource(SSLNoClientAuthDUnitTest.class, keyStore)
.getAbsolutePath();
String trustStorePath =
createTempFileFromResource(SSLNoClientAuthDUnitTest.class, trustStore)
.getAbsolutePath();
// using new server-ssl-* properties
gemFireProps.setProperty(SERVER_SSL_ENABLED, String.valueOf(cacheServerSslenabled));
gemFireProps.setProperty(SERVER_SSL_PROTOCOLS, cacheServerSslprotocols);
gemFireProps.setProperty(SERVER_SSL_CIPHERS, cacheServerSslciphers);
gemFireProps
.setProperty(SERVER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(cacheServerSslRequireAuth));
gemFireProps.setProperty(SERVER_SSL_KEYSTORE_TYPE, "jks");
gemFireProps.setProperty(SERVER_SSL_KEYSTORE, keyStorePath);
gemFireProps.setProperty(SERVER_SSL_KEYSTORE_PASSWORD, "password");
gemFireProps.setProperty(SERVER_SSL_TRUSTSTORE, trustStorePath);
gemFireProps.setProperty(SERVER_SSL_TRUSTSTORE_PASSWORD, "password");
StringWriter sw = new StringWriter();
PrintWriter writer = new PrintWriter(sw);
gemFireProps.list(writer);
ClientCacheFactory clientCacheFactory = new ClientCacheFactory(gemFireProps);
clientCacheFactory.addPoolServer(host, port);
clientCache = clientCacheFactory.create();
ClientRegionFactory<String, String> regionFactory =
clientCache.createClientRegionFactory(ClientRegionShortcut.PROXY);
Region<String, String> region = regionFactory.create("serverRegion");
assertNotNull(region);
}
private void doClientRegionTest() {
Region<String, String> region = clientCache.getRegion("serverRegion");
assertEquals("servervalue", region.get("serverkey"));
region.put("clientkey", "clientvalue");
assertEquals("clientvalue", region.get("clientkey"));
}
private void doServerRegionTest() {
Region<String, String> region = cache.getRegion("serverRegion");
assertEquals("servervalue", region.get("serverkey"));
assertEquals("clientvalue", region.get("clientkey"));
}
private static void setUpServerVMTask(boolean cacheServerSslenabled) throws Exception {
instance.setUpServerVM(cacheServerSslenabled);
}
private static void createServerTask() throws Exception {
instance.createServer();
}
private static void setUpClientVMTask(String host, int port, boolean cacheServerSslenabled,
boolean cacheServerSslRequireAuth, String keyStore, String trustStore) {
instance.setUpClientVM(host, port, cacheServerSslenabled, cacheServerSslRequireAuth, keyStore,
trustStore);
}
private static void doClientRegionTestTask() {
instance.doClientRegionTest();
}
private static void doServerRegionTestTask() {
instance.doServerRegionTest();
}
private static Object[] getCacheServerEndPointTask() {
Object[] array = new Object[2];
array[0] = instance.getCacheServerHost();
array[1] = instance.getCacheServerPort();
return array;
}
private static void closeCacheTask() {
if (instance != null && instance.cache != null) {
instance.cache.close();
}
}
private static void closeClientCacheTask() {
if (instance != null && instance.clientCache != null) {
instance.clientCache.close();
}
}
}