Google Git
Sign in
apache / knox / 16dd645efeb6a51f840858339430c438490593df / . / gateway-test / src / test / java / org / apache / knox / gateway / deploy / DeploymentFactoryFuncTest.java
blob: 49824427d5e6390a3ca66be24db9dca6610f8ede [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.knox.gateway.deploy;
import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.apache.commons.io.FileUtils;
import org.apache.knox.gateway.GatewayTestConfig;
import org.apache.knox.gateway.config.GatewayConfig;
import org.apache.knox.gateway.filter.XForwardedHeaderFilter;
import org.apache.knox.gateway.filter.rewrite.api.UrlRewriteServletFilter;
import org.apache.knox.gateway.services.DefaultGatewayServices;
import org.apache.knox.gateway.services.ServiceLifecycleException;
import org.apache.knox.gateway.topology.Application;
import org.apache.knox.gateway.topology.Param;
import org.apache.knox.gateway.topology.Provider;
import org.apache.knox.gateway.topology.Service;
import org.apache.knox.gateway.topology.Topology;
import org.apache.knox.gateway.util.XmlUtils;
import org.apache.knox.test.TestUtils;
import org.apache.knox.test.log.NoOpAppender;
import org.apache.log4j.Appender;
import org.jboss.shrinkwrap.api.spec.EnterpriseArchive;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Test;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
import static org.apache.knox.test.TestUtils.LOG_ENTER;
import static org.apache.knox.test.TestUtils.LOG_EXIT;
import static org.apache.knox.test.TestUtils.LONG_TIMEOUT;
import static org.apache.knox.test.TestUtils.MEDIUM_TIMEOUT;
import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.CoreMatchers.notNullValue;
import static org.hamcrest.CoreMatchers.nullValue;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.core.IsEqual.equalTo;
import static org.hamcrest.core.IsNot.not;
import static org.hamcrest.xml.HasXPath.hasXPath;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.fail;
public class DeploymentFactoryFuncTest {
@Test( timeout = LONG_TIMEOUT )
public void testGenericProviderDeploymentContributor() throws ParserConfigurationException, SAXException, IOException {
LOG_ENTER();
GatewayTestConfig config = new GatewayTestConfig();
File targetDir = new File( System.getProperty( "user.dir" ), "target" );
File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
gatewayDir.mkdirs();
config.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
File deployDir = new File( config.getGatewayDeploymentDir() );
deployDir.mkdirs();
// ((GatewayTestConfig) config).setDeploymentDir( "clusters" );
DefaultGatewayServices srvcs = new DefaultGatewayServices();
Map<String,String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
try {
DeploymentFactory.setGatewayServices(srvcs);
srvcs.init(config, options);
} catch (ServiceLifecycleException e) {
e.printStackTrace(); // I18N not required.
}
Topology topology = new Topology();
topology.setName( "test-cluster" );
Service service = new Service();
service.setRole( "WEBHDFS" );
service.addUrl( "http://localhost:50070/test-service-url" );
topology.addService( service );
Provider provider = new Provider();
provider.setRole( "federation" );
provider.setName( "HeaderPreAuth" );
provider.setEnabled( true );
Param param = new Param();
param.setName( "filter" );
param.setValue( "org.opensource.ExistingFilter" );
provider.addParam( param );
param = new Param();
param.setName( "test-param-name" );
param.setValue( "test-param-value" );
provider.addParam( param );
topology.addProvider( provider );
EnterpriseArchive war = DeploymentFactory.createDeployment( config, topology );
Document gateway = XmlUtils.readXml( war.get( "%2F/WEB-INF/gateway.xml" ).getAsset().openStream() );
//by default the first filter will be the X-Forwarded header filter
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[1]/role", equalTo( "xforwardedheaders" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[1]/name", equalTo( "XForwardedHeaderFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[1]/class", equalTo( "org.apache.knox.gateway.filter.XForwardedHeaderFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[2]/role", equalTo( "federation" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[2]/name", equalTo( "HeaderPreAuth" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[2]/class", equalTo( "org.apache.knox.gateway.preauth.filter.HeaderPreAuthFederationFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[2]/param[1]/name", equalTo( "filter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[2]/param[1]/value", equalTo( "org.opensource.ExistingFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[2]/param[2]/name", equalTo( "test-param-name" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[2]/param[2]/value", equalTo( "test-param-value" ) ) );
// testing for the adding of missing identity assertion provider - since it isn't explicitly added above
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[4]/role", equalTo( "identity-assertion" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[4]/name", equalTo( "Default" ) ) );
LOG_EXIT();
}
@Test( timeout = LONG_TIMEOUT )
public void testInvalidGenericProviderDeploymentContributor() {
LOG_ENTER();
GatewayTestConfig config = new GatewayTestConfig();
File targetDir = new File( System.getProperty( "user.dir" ), "target" );
File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
gatewayDir.mkdirs();
config.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
File deployDir = new File( config.getGatewayDeploymentDir() );
deployDir.mkdirs();
DefaultGatewayServices srvcs = new DefaultGatewayServices();
Map<String,String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
try {
DeploymentFactory.setGatewayServices(srvcs);
srvcs.init(config, options);
} catch (ServiceLifecycleException e) {
e.printStackTrace(); // I18N not required.
}
Topology topology = new Topology();
topology.setName( "test-cluster" );
Service service = new Service();
service.setRole( "WEBHDFS" );
service.addUrl( "http://localhost:50070/test-service-url" );
topology.addService( service );
Provider provider = new Provider();
provider.setRole( "authentication" );
provider.setName( "generic" );
provider.setEnabled( true );
Param param = new Param();
param.setName( "test-param-name" );
param.setValue( "test-param-value" );
provider.addParam( param );
topology.addProvider( provider );
Enumeration<Appender> appenders = NoOpAppender.setUpAndReturnOriginalAppenders();
try {
DeploymentFactory.createDeployment( config, topology );
fail( "Should have throws IllegalArgumentException" );
} catch ( DeploymentException e ) {
// Expected.
assertEquals("Failed to contribute provider. Role: authentication Name: generic. " +
"Please check the topology for errors in name and role and that " +
"the provider is on the classpath.",
e.getMessage());
} finally {
NoOpAppender.resetOriginalAppenders( appenders );
}
LOG_EXIT();
}
@Test( timeout = LONG_TIMEOUT )
public void testSimpleTopology() throws IOException, SAXException, ParserConfigurationException {
LOG_ENTER();
GatewayTestConfig config = new GatewayTestConfig();
//Testing without x-forwarded headers filter
config.setXForwardedEnabled(false);
File targetDir = new File( System.getProperty( "user.dir" ), "target" );
File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
gatewayDir.mkdirs();
config.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
File deployDir = new File( config.getGatewayDeploymentDir() );
deployDir.mkdirs();
DefaultGatewayServices srvcs = new DefaultGatewayServices();
Map<String,String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
try {
DeploymentFactory.setGatewayServices(srvcs);
srvcs.init(config, options);
} catch (ServiceLifecycleException e) {
e.printStackTrace(); // I18N not required.
}
Topology topology = new Topology();
topology.setName( "test-cluster" );
Service service = new Service();
service.setRole( "WEBHDFS" );
service.addUrl( "http://localhost:50070/webhdfs" );
topology.addService( service );
Provider provider = new Provider();
provider.setRole( "authentication" );
provider.setName( "ShiroProvider" );
provider.setEnabled( true );
Param param = new Param();
param.setName( "contextConfigLocation" );
param.setValue( "classpath:app-context-security.xml" );
provider.addParam( param );
topology.addProvider( provider );
Provider asserter = new Provider();
asserter.setRole( "identity-assertion" );
asserter.setName("Default");
asserter.setEnabled( true );
topology.addProvider( asserter );
Provider authorizer = new Provider();
authorizer.setRole( "authorization" );
authorizer.setName("AclsAuthz");
authorizer.setEnabled( true );
topology.addProvider( authorizer );
EnterpriseArchive war = DeploymentFactory.createDeployment( config, topology );
// File dir = new File( System.getProperty( "user.dir" ) );
// File file = war.as( ExplodedExporter.class ).exportExploded( dir, "test-cluster.war" );
Document web = XmlUtils.readXml( war.get( "%2F/WEB-INF/web.xml" ).getAsset().openStream() );
assertThat( web, hasXPath( "/web-app" ) );
assertThat( web, hasXPath( "/web-app/servlet" ) );
assertThat( web, hasXPath( "/web-app/servlet/servlet-name" ) );
assertThat( web, hasXPath( "/web-app/servlet/servlet-name", equalTo( "test-cluster-knox-gateway-servlet" ) ) );
assertThat( web, hasXPath( "/web-app/servlet/servlet-class", equalTo( "org.apache.knox.gateway.GatewayServlet" ) ) );
assertThat( web, hasXPath( "/web-app/servlet/init-param/param-name", equalTo( "gatewayDescriptorLocation" ) ) );
assertThat( web, hasXPath( "/web-app/servlet/init-param/param-value", equalTo( "/WEB-INF/gateway.xml" ) ) );
assertThat( web, hasXPath( "/web-app/servlet-mapping/servlet-name", equalTo( "test-cluster-knox-gateway-servlet" ) ) );
assertThat( web, hasXPath( "/web-app/servlet-mapping/url-pattern", equalTo( "/*" ) ) );
Document gateway = XmlUtils.readXml( war.get( "%2F/WEB-INF/gateway.xml" ).getAsset().openStream() );
assertThat( gateway, hasXPath( "/gateway/resource[1]/pattern", equalTo( "/webhdfs/v1/?**" ) ) );
//assertThat( gateway, hasXPath( "/gateway/resource[1]/target", equalTo( "http://localhost:50070/webhdfs/v1/?{**}" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[1]/role", equalTo( "authentication" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[1]/class", equalTo( "org.apache.knox.gateway.filter.ResponseCookieFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[2]/role", equalTo( "authentication" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[2]/class", equalTo( "org.apache.shiro.web.servlet.ShiroFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[3]/role", equalTo( "authentication" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[3]/class", equalTo( "org.apache.knox.gateway.filter.ShiroSubjectIdentityAdapter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[4]/role", equalTo( "rewrite" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[4]/class", equalTo( "org.apache.knox.gateway.filter.rewrite.api.UrlRewriteServletFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[5]/role", equalTo( "identity-assertion" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[5]/class", equalTo( "org.apache.knox.gateway.identityasserter.filter.IdentityAsserterFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[6]/role", equalTo( "authorization" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[6]/name", equalTo( "AclsAuthz" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[6]/class", equalTo( "org.apache.knox.gateway.filter.AclsAuthorizationFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[7]/role", equalTo( "dispatch" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[7]/name", equalTo( "webhdfs" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[7]/class", equalTo( "org.apache.knox.gateway.dispatch.GatewayDispatchFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/pattern", equalTo( "/webhdfs/v1/**?**" ) ) );
//assertThat( gateway, hasXPath( "/gateway/resource[2]/target", equalTo( "http://localhost:50070/webhdfs/v1/{path=**}?{**}" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[1]/role", equalTo( "authentication" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[1]/class", equalTo( "org.apache.knox.gateway.filter.ResponseCookieFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[2]/role", equalTo( "authentication" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[2]/class", equalTo( "org.apache.shiro.web.servlet.ShiroFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[3]/role", equalTo( "authentication" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[3]/class", equalTo( "org.apache.knox.gateway.filter.ShiroSubjectIdentityAdapter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[4]/role", equalTo( "rewrite" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[4]/class", equalTo( "org.apache.knox.gateway.filter.rewrite.api.UrlRewriteServletFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[5]/role", equalTo( "identity-assertion" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[5]/class", equalTo( "org.apache.knox.gateway.identityasserter.filter.IdentityAsserterFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[6]/role", equalTo( "authorization" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[6]/name", equalTo( "AclsAuthz" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[6]/class", equalTo( "org.apache.knox.gateway.filter.AclsAuthorizationFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[7]/role", equalTo( "dispatch" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[7]/name", equalTo( "webhdfs" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[2]/filter[7]/class", equalTo( "org.apache.knox.gateway.dispatch.GatewayDispatchFilter" ) ) );
LOG_EXIT();
}
@Test( timeout = LONG_TIMEOUT )
public void testWebXmlGeneration() throws IOException, SAXException, ParserConfigurationException {
LOG_ENTER();
GatewayTestConfig config = new GatewayTestConfig();
File targetDir = new File(System.getProperty("user.dir"), "target");
File gatewayDir = new File(targetDir, "gateway-home-" + UUID.randomUUID());
gatewayDir.mkdirs();
config.setGatewayHomeDir(gatewayDir.getAbsolutePath());
File deployDir = new File(config.getGatewayDeploymentDir());
deployDir.mkdirs();
DefaultGatewayServices srvcs = new DefaultGatewayServices();
Map<String, String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
try {
DeploymentFactory.setGatewayServices(srvcs);
srvcs.init(config, options);
} catch (ServiceLifecycleException e) {
e.printStackTrace(); // I18N not required.
}
Topology topology = new Topology();
topology.setName("test-cluster");
Service service = new Service();
service.setRole("WEBHDFS");
service.addUrl("http://localhost:50070/webhdfs");
topology.addService(service);
Provider provider = new Provider();
provider.setRole("authentication");
provider.setName("ShiroProvider");
provider.setEnabled(true);
Param param = new Param();
param.setName("contextConfigLocation");
param.setValue("classpath:app-context-security.xml");
provider.addParam(param);
topology.addProvider(provider);
Provider asserter = new Provider();
asserter.setRole("identity-assertion");
asserter.setName("Default");
asserter.setEnabled(true);
topology.addProvider(asserter);
Provider authorizer = new Provider();
authorizer.setRole("authorization");
authorizer.setName("AclsAuthz");
authorizer.setEnabled(true);
topology.addProvider(authorizer);
Provider ha = new Provider();
ha.setRole("ha");
ha.setName("HaProvider");
ha.setEnabled(true);
topology.addProvider(ha);
for (int i = 0; i < 10; i++) {
createAndTestDeployment(config, topology);
}
LOG_EXIT();
}
private void createAndTestDeployment(GatewayConfig config, Topology topology) throws IOException, SAXException, ParserConfigurationException {
EnterpriseArchive war = DeploymentFactory.createDeployment(config, topology);
// File dir = new File( System.getProperty( "user.dir" ) );
// File file = war.as( ExplodedExporter.class ).exportExploded( dir, "test-cluster.war" );
Document web = XmlUtils.readXml(war.get("%2F/WEB-INF/web.xml").getAsset().openStream());
assertThat(web, hasXPath("/web-app/servlet/servlet-class", equalTo("org.apache.knox.gateway.GatewayServlet")));
assertThat(web, hasXPath("/web-app/servlet/init-param/param-name", equalTo("gatewayDescriptorLocation")));
assertThat(web, hasXPath("/web-app/servlet/init-param/param-value", equalTo("/WEB-INF/gateway.xml")));
assertThat(web, hasXPath("/web-app/servlet-mapping/servlet-name", equalTo("test-cluster-knox-gateway-servlet")));
assertThat(web, hasXPath("/web-app/servlet-mapping/url-pattern", equalTo("/*")));
//testing the order of listener classes generated
assertThat(web, hasXPath("/web-app/listener[2]/listener-class", equalTo("org.apache.knox.gateway.services.GatewayServicesContextListener")));
assertThat(web, hasXPath("/web-app/listener[3]/listener-class", equalTo("org.apache.knox.gateway.services.GatewayMetricsServletContextListener")));
assertThat(web, hasXPath("/web-app/listener[4]/listener-class", equalTo("org.apache.knox.gateway.ha.provider" +
".HaServletContextListener")));
assertThat(web, hasXPath("/web-app/listener[5]/listener-class", equalTo("org.apache.knox.gateway.filter" +
".rewrite.api.UrlRewriteServletContextListener")));
}
@Test( timeout = LONG_TIMEOUT )
public void testDeploymentWithServiceParams() throws Exception {
LOG_ENTER();
GatewayTestConfig config = new GatewayTestConfig();
File targetDir = new File(System.getProperty("user.dir"), "target");
File gatewayDir = new File(targetDir, "gateway-home-" + UUID.randomUUID());
gatewayDir.mkdirs();
config.setGatewayHomeDir(gatewayDir.getAbsolutePath());
File deployDir = new File(config.getGatewayDeploymentDir());
deployDir.mkdirs();
DefaultGatewayServices srvcs = new DefaultGatewayServices();
Map<String, String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
try {
DeploymentFactory.setGatewayServices(srvcs);
srvcs.init(config, options);
} catch (ServiceLifecycleException e) {
e.printStackTrace(); // I18N not required.
}
Service service;
Param param;
Topology topology = new Topology();
topology.setName( "test-cluster" );
service = new Service();
service.setRole( "HIVE" );
service.setUrls(Collections.singletonList("http://hive-host:50001/"));
param = new Param();
param.setName( "someparam" );
param.setValue( "somevalue" );
service.addParam( param );
topology.addService( service );
service = new Service();
service.setRole( "WEBHBASE" );
service.setUrls(Collections.singletonList("http://hbase-host:50002/"));
param = new Param();
param.setName( "replayBufferSize" );
param.setValue( "33" );
service.addParam( param );
topology.addService( service );
service = new Service();
service.setRole( "OOZIE" );
service.setUrls(Collections.singletonList("http://hbase-host:50003/"));
param = new Param();
param.setName( "otherparam" );
param.setValue( "65" );
service.addParam( param );
topology.addService( service );
EnterpriseArchive war = DeploymentFactory.createDeployment( config, topology );
Document doc = XmlUtils.readXml( war.get( "%2F/WEB-INF/gateway.xml" ).getAsset().openStream() );
Node resourceNode, filterNode, paramNode;
String value;
resourceNode = node( doc, "gateway/resource[role/text()='HIVE']" );
assertThat( resourceNode, is(not(nullValue())));
filterNode = node( resourceNode, "filter[role/text()='dispatch']" );
assertThat( filterNode, is(not(nullValue())));
paramNode = node( filterNode, "param[name/text()='someparam']" );
value = value( paramNode, "value/text()" );
assertThat( value, is( "somevalue" ) ) ;
resourceNode = node( doc, "gateway/resource[role/text()='WEBHBASE']" );
assertThat( resourceNode, is(not(nullValue())));
filterNode = node( resourceNode, "filter[role/text()='dispatch']" );
assertThat( filterNode, is(not(nullValue())));
paramNode = node( filterNode, "param[name/text()='replayBufferSize']" );
value = value( paramNode, "value/text()" );
assertThat( value, is( "33" ) ) ;
resourceNode = node( doc, "gateway/resource[role/text()='OOZIE']" );
assertThat( resourceNode, is(not(nullValue())));
filterNode = node( resourceNode, "filter[role/text()='dispatch']" );
assertThat( filterNode, is(not(nullValue())));
paramNode = node( filterNode, "param[name/text()='otherparam']" );
value = value( paramNode, "value/text()" );
assertThat( value, is( "65" ) ) ;
FileUtils.deleteQuietly( deployDir );
LOG_EXIT();
}
@Test( timeout = MEDIUM_TIMEOUT )
public void testDeploymentWithApplication() throws Exception {
LOG_ENTER();
GatewayTestConfig config = new GatewayTestConfig();
File targetDir = new File(System.getProperty("user.dir"), "target");
File gatewayDir = new File(targetDir, "gateway-home-" + UUID.randomUUID());
gatewayDir.mkdirs();
config.setGatewayHomeDir(gatewayDir.getAbsolutePath());
File deployDir = new File(config.getGatewayDeploymentDir());
deployDir.mkdirs();
URL serviceUrl = TestUtils.getResourceUrl( DeploymentFactoryFuncTest.class, "test-apps/minimal-test-app/service.xml" );
File serviceFile = new File( serviceUrl.toURI() );
File appsDir = serviceFile.getParentFile().getParentFile();
config.setGatewayApplicationsDir(appsDir.getAbsolutePath());
DefaultGatewayServices srvcs = new DefaultGatewayServices();
Map<String, String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
try {
DeploymentFactory.setGatewayServices(srvcs);
srvcs.init(config, options);
} catch (ServiceLifecycleException e) {
e.printStackTrace(); // I18N not required.
}
Topology topology = new Topology();
topology.setName( "test-topology" );
Application app;
app = new Application();
app.setName( "minimal-test-app" );
app.addUrl( "/minimal-test-app-path" );
topology.addApplication( app );
EnterpriseArchive archive = DeploymentFactory.createDeployment( config, topology );
assertThat( archive, notNullValue() );
Document doc;
doc = XmlUtils.readXml( archive.get( "META-INF/topology.xml" ).getAsset().openStream() );
assertThat( doc, notNullValue() );
doc = XmlUtils.readXml( archive.get( "%2Fminimal-test-app-path/WEB-INF/gateway.xml" ).getAsset().openStream() );
assertThat( doc, notNullValue() );
assertThat( doc, hasXPath("/gateway/resource/pattern", equalTo("/**?**")));
assertThat( doc, hasXPath("/gateway/resource/filter[1]/role", equalTo("xforwardedheaders")));
assertThat( doc, hasXPath("/gateway/resource/filter[1]/name", equalTo("XForwardedHeaderFilter")));
assertThat( doc, hasXPath("/gateway/resource/filter[1]/class", equalTo(XForwardedHeaderFilter.class.getName())));
assertThat( doc, hasXPath("/gateway/resource/filter[2]/role", equalTo("rewrite")));
assertThat( doc, hasXPath("/gateway/resource/filter[2]/name", equalTo("url-rewrite")));
assertThat( doc, hasXPath("/gateway/resource/filter[2]/class", equalTo(UrlRewriteServletFilter.class.getName())));
LOG_EXIT();
}
@Test( timeout = MEDIUM_TIMEOUT )
public void testDeploymentWithServicesAndApplications() throws Exception {
LOG_ENTER();
GatewayTestConfig config = new GatewayTestConfig();
File targetDir = new File(System.getProperty("user.dir"), "target");
File gatewayDir = new File(targetDir, "gateway-home-" + UUID.randomUUID());
gatewayDir.mkdirs();
config.setGatewayHomeDir(gatewayDir.getAbsolutePath());
File deployDir = new File(config.getGatewayDeploymentDir());
deployDir.mkdirs();
URL serviceUrl = TestUtils.getResourceUrl( DeploymentFactoryFuncTest.class, "test-apps/minimal-test-app/service.xml" );
File serviceFile = new File( serviceUrl.toURI() );
File appsDir = serviceFile.getParentFile().getParentFile();
config.setGatewayApplicationsDir(appsDir.getAbsolutePath());
DefaultGatewayServices srvcs = new DefaultGatewayServices();
Map<String, String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
try {
DeploymentFactory.setGatewayServices(srvcs);
srvcs.init(config, options);
} catch (ServiceLifecycleException e) {
e.printStackTrace(); // I18N not required.
}
Topology topology = new Topology();
topology.setName( "test-topology" );
Application app;
topology.setName( "test-cluster" );
Service service = new Service();
service.setRole( "WEBHDFS" );
service.addUrl( "http://localhost:50070/test-service-url" );
topology.addService( service );
app = new Application();
app.setName( "minimal-test-app" );
app.addUrl( "/minimal-test-app-path-one" );
topology.addApplication( app );
app.setName( "minimal-test-app" );
app.addUrl( "/minimal-test-app-path-two" );
topology.addApplication( app );
EnterpriseArchive archive = DeploymentFactory.createDeployment( config, topology );
assertThat( archive, notNullValue() );
Document doc;
org.jboss.shrinkwrap.api.Node node;
node = archive.get( "META-INF/topology.xml" );
assertThat( "Find META-INF/topology.xml", node, notNullValue() );
doc = XmlUtils.readXml( node.getAsset().openStream() );
assertThat( "Parse META-INF/topology.xml", doc, notNullValue() );
node = archive.get( "%2F" );
assertThat( "Find %2F", node, notNullValue() );
node = archive.get( "%2F/WEB-INF/gateway.xml" );
assertThat( "Find %2F/WEB-INF/gateway.xml", node, notNullValue() );
doc = XmlUtils.readXml( node.getAsset().openStream() );
assertThat( "Parse %2F/WEB-INF/gateway.xml", doc, notNullValue() );
WebArchive war = archive.getAsType( WebArchive.class, "%2Fminimal-test-app-path-one" );
assertThat( "Find %2Fminimal-test-app-path-one", war, notNullValue() );
node = war.get( "/WEB-INF/gateway.xml" );
assertThat( "Find %2Fminimal-test-app-path-one/WEB-INF/gateway.xml", node, notNullValue() );
doc = XmlUtils.readXml( node.getAsset().openStream() );
assertThat( "Parse %2Fminimal-test-app-path-one/WEB-INF/gateway.xml", doc, notNullValue() );
war = archive.getAsType( WebArchive.class, "%2Fminimal-test-app-path-two" );
assertThat( "Find %2Fminimal-test-app-path-two", war, notNullValue() );
node = war.get( "/WEB-INF/gateway.xml" );
assertThat( "Find %2Fminimal-test-app-path-two/WEB-INF/gateway.xml", node, notNullValue() );
doc = XmlUtils.readXml( node.getAsset().openStream() );
assertThat( "Parse %2Fminimal-test-app-path-two/WEB-INF/gateway.xml", doc, notNullValue() );
LOG_EXIT();
}
/*
* Test the case where topology has federation provider configured
* and service uses anonymous authentication in which case we should
* add AnonymousFilter to the filter chain.
*/
@Test( timeout = LONG_TIMEOUT )
public void testServiceAnonAuth() throws IOException, SAXException, ParserConfigurationException {
LOG_ENTER();
final GatewayTestConfig config = new GatewayTestConfig();
config.setXForwardedEnabled(false);
final File targetDir = new File( System.getProperty( "user.dir" ), "target" );
final File gatewayDir = new File( targetDir, "gateway-home-" + UUID.randomUUID() );
gatewayDir.mkdirs();
config.setGatewayHomeDir( gatewayDir.getAbsolutePath() );
final File deployDir = new File( config.getGatewayDeploymentDir() );
deployDir.mkdirs();
final DefaultGatewayServices srvcs = new DefaultGatewayServices();
final Map<String,String> options = new HashMap<>();
options.put("persist-master", "false");
options.put("master", "password");
try {
DeploymentFactory.setGatewayServices(srvcs);
srvcs.init(config, options);
} catch (ServiceLifecycleException e) {
e.printStackTrace(); // I18N not required.
}
final Topology federationTopology = new Topology();
final Topology authenticationTopology = new Topology();
federationTopology.setName( "test-cluster" );
authenticationTopology.setName( "test-cluster" );
final Service service = new Service();
service.setRole( "AMBARIUI" );
service.addUrl( "http://localhost:50070/" );
federationTopology.addService( service );
authenticationTopology.addService( service );
/* Add federation provider to first topology */
final Provider provider = new Provider();
provider.setRole( "federation" );
provider.setName( "SSOCookieProvider" );
provider.setEnabled( true );
Param param = new Param();
param.setName( "sso.authentication.provider.url" );
param.setValue( "https://www.local.com:8443/gateway/knoxsso/api/v1/websso" );
provider.addParam( param );
federationTopology.addProvider( provider );
/* Add authentication provider to second topology */
final Provider provider2 = new Provider();
provider2.setRole( "authentication" );
provider2.setName( "ShiroProvider" );
provider2.setEnabled( true );
Param param2 = new Param();
param2.setName( "contextConfigLocation" );
param2.setValue( "classpath:app-context-security.xml" );
provider2.addParam( param2 );
authenticationTopology.addProvider( provider2 );
final Provider asserter = new Provider();
asserter.setRole( "identity-assertion" );
asserter.setName("Default");
asserter.setEnabled( true );
federationTopology.addProvider( asserter );
Provider authorizer = new Provider();
authorizer.setRole( "authorization" );
authorizer.setName("AclsAuthz");
authorizer.setEnabled( true );
federationTopology.addProvider( authorizer );
authenticationTopology.addProvider( authorizer );
final EnterpriseArchive war = DeploymentFactory.createDeployment( config, federationTopology );
final EnterpriseArchive war2 = DeploymentFactory.createDeployment( config, federationTopology );
final Document web = XmlUtils.readXml( war.get( "%2F/WEB-INF/web.xml" ).getAsset().openStream() );
assertNotNull(web);
final Document web2 = XmlUtils.readXml( war2.get( "%2F/WEB-INF/web.xml" ).getAsset().openStream() );
assertNotNull(web2);
/* Make sure AnonymousAuthFilter is added to the chain */
final Document gateway = XmlUtils.readXml( war.get( "%2F/WEB-INF/gateway.xml" ).getAsset().openStream() );
assertThat( gateway, hasXPath( "/gateway/resource[1]/pattern", equalTo( "/ambari" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[1]/role", equalTo( "authentication" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[1]/class", equalTo( "org.apache.knox.gateway.filter.AnonymousAuthFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[2]/role", equalTo( "rewrite" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[2]/class", equalTo( "org.apache.knox.gateway.filter.rewrite.api.UrlRewriteServletFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[3]/role", equalTo( "authorization" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[3]/class", equalTo( "org.apache.knox.gateway.filter.AclsAuthorizationFilter" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[4]/role", equalTo( "dispatch" ) ) );
assertThat( gateway, hasXPath( "/gateway/resource[1]/filter[4]/class", equalTo( "org.apache.knox.gateway.dispatch.GatewayDispatchFilter" ) ) );
final Document gateway2 = XmlUtils.readXml( war.get( "%2F/WEB-INF/gateway.xml" ).getAsset().openStream() );
assertThat( gateway2, hasXPath( "/gateway/resource[1]/pattern", equalTo( "/ambari" ) ) );
assertThat( gateway2, hasXPath( "/gateway/resource[1]/filter[1]/role", equalTo( "authentication" ) ) );
assertThat( gateway2, hasXPath( "/gateway/resource[1]/filter[1]/class", equalTo( "org.apache.knox.gateway.filter.AnonymousAuthFilter" ) ) );
assertThat( gateway2, hasXPath( "/gateway/resource[1]/filter[2]/role", equalTo( "rewrite" ) ) );
assertThat( gateway2, hasXPath( "/gateway/resource[1]/filter[2]/class", equalTo( "org.apache.knox.gateway.filter.rewrite.api.UrlRewriteServletFilter" ) ) );
assertThat( gateway2, hasXPath( "/gateway/resource[1]/filter[3]/role", equalTo( "authorization" ) ) );
assertThat( gateway2, hasXPath( "/gateway/resource[1]/filter[3]/class", equalTo( "org.apache.knox.gateway.filter.AclsAuthorizationFilter" ) ) );
assertThat( gateway2, hasXPath( "/gateway/resource[1]/filter[4]/role", equalTo( "dispatch" ) ) );
assertThat( gateway2, hasXPath( "/gateway/resource[1]/filter[4]/class", equalTo( "org.apache.knox.gateway.dispatch.GatewayDispatchFilter" ) ) );
LOG_EXIT();
}
private Node node( Node scope, String expression ) throws XPathExpressionException {
return (Node)XPathFactory.newInstance().newXPath().compile( expression ).evaluate( scope, XPathConstants.NODE );
}
private String value( Node scope, String expression ) throws XPathExpressionException {
return XPathFactory.newInstance().newXPath().compile( expression ).evaluate( scope );
}
}