DATAGEODE-93 - Realign SSL configuration using @EnableSsl with Apache Geode's SSL configuration properties.

This commit is contained in:
John Blum
2018-03-30 13:36:26 -07:00
parent cf02f3cfbb
commit 54a1883e4a
18 changed files with 829 additions and 421 deletions

View File

@@ -42,20 +42,20 @@ import org.springframework.data.gemfire.process.ProcessWrapper;
import org.springframework.data.gemfire.test.support.FileSystemUtils;
import org.springframework.data.gemfire.test.support.ThreadUtils;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.util.Assert;
/**
* The ClientCacheSecurityTest class is a test suite with test cases testing SSL configuration between a GemFire client
* and server using the cluster-ssl-* GemFire System properties.
* Integration tests to test SSL configuration between a Pivotal GemFire or Apache Geode client and server
* using GemFire/Geode System properties.
*
* @author John Blum
* @see org.junit.Test
* @see org.springframework.test.context.ContextConfiguration
* @see org.springframework.test.context.junit4.SpringJUnit4ClassRunner
* @see org.springframework.test.context.junit4.SpringRunner
* @since 1.7.0
*/
@RunWith(SpringJUnit4ClassRunner.class)
@RunWith(SpringRunner.class)
@ContextConfiguration
@SuppressWarnings("all")
public class ClientCacheSecurityTest {
@@ -67,6 +67,7 @@ public class ClientCacheSecurityTest {
@BeforeClass
public static void setup() throws IOException {
String serverName = "GemFireSecurityCacheServer";
File serverWorkingDirectory = new File(FileSystemUtils.WORKING_DIRECTORY, serverName.toLowerCase());
@@ -88,6 +89,7 @@ public class ClientCacheSecurityTest {
}
private static void waitForServerStart(final long milliseconds) {
ThreadUtils.timedWait(milliseconds, TimeUnit.MILLISECONDS.toMillis(500), new ThreadUtils.WaitCondition() {
private File serverPidControlFile = new File(serverProcess.getWorkingDirectory(),
ServerProcess.getServerProcessControlFilename());
@@ -100,6 +102,7 @@ public class ClientCacheSecurityTest {
@AfterClass
public static void tearDown() {
serverProcess.shutdown();
if (Boolean.valueOf(System.getProperty("spring.gemfire.fork.clean", Boolean.TRUE.toString()))) {
@@ -115,12 +118,13 @@ public class ClientCacheSecurityTest {
@SuppressWarnings("unused")
public static class TestCacheLoader implements CacheLoader<String, String> {
@Override public String load(final LoaderHelper<String, String> helper) throws CacheLoaderException {
@Override
public String load(LoaderHelper<String, String> helper) throws CacheLoaderException {
return "TestValue";
}
@Override public void close() {
}
@Override
public void close() { }
}
}

View File

@@ -213,7 +213,7 @@ public abstract class AbstractGeodeSecurityIntegrationTests extends ClientServer
}
}
@ClientCacheApplication(name = "GeodeSecurityIntegrationTestsClient", logLevel = TEST_GEMFIRE_LOG_LEVEL,
@ClientCacheApplication(name = "GeodeSecurityIntegrationTestsClient", logLevel = "error",
servers = { @ClientCacheApplication.Server(port = CACHE_SERVER_PORT) })
@EnableAuth(clientAuthenticationInitializer =
"org.springframework.data.gemfire.config.annotation.AbstractGeodeSecurityIntegrationTests$GeodeClientAuthInitialize.create")
@@ -233,7 +233,7 @@ public abstract class AbstractGeodeSecurityIntegrationTests extends ClientServer
}
}
@CacheServerApplication(name = "GeodeSecurityIntegrationTestsServer", logLevel = TEST_GEMFIRE_LOG_LEVEL,
@CacheServerApplication(name = "GeodeSecurityIntegrationTestsServer", logLevel = "error",
port = CACHE_SERVER_PORT)
@Import({
ApacheShiroIniSecurityIntegrationTests.ApacheShiroIniConfiguration.class,

View File

@@ -0,0 +1,94 @@
/*
* Copyright 2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.data.gemfire.config.annotation;
import static org.assertj.core.api.Assertions.assertThat;
import javax.annotation.Resource;
import org.apache.geode.cache.CacheLoader;
import org.apache.geode.cache.CacheLoaderException;
import org.apache.geode.cache.GemFireCache;
import org.apache.geode.cache.LoaderHelper;
import org.apache.geode.cache.Region;
import org.apache.geode.cache.client.ClientRegionShortcut;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.context.annotation.Bean;
import org.springframework.data.gemfire.client.ClientRegionFactoryBean;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringRunner;
/**
* Integration tests for {@link ClientCacheApplication}.
*
* @author John Blum
* @see org.junit.Test
* @see org.apache.geode.cache.GemFireCache
* @see org.apache.geode.cache.Region
* @see org.springframework.data.gemfire.config.annotation.ClientCacheApplication
* @see org.springframework.test.context.ContextConfiguration
* @see org.springframework.test.context.junit4.SpringRunner
* @since 2.1.0
*/
@RunWith(SpringRunner.class)
@ContextConfiguration
@SuppressWarnings("all")
public class ClientCacheApplicationIntegrationTests {
@Resource(name = "Echo")
private Region<String, String> echo;
@Test
public void echoClientRegionEchoesKeysAsValues() {
assertThat(this.echo.get("hello")).isEqualTo("hello");
assertThat(this.echo.get("test")).isEqualTo("test");
assertThat(this.echo.get("good-bye")).isEqualTo("good-bye");
}
@ClientCacheApplication(name = "ClientCacheApplicationIntegrationTests", logLevel = "error")
static class TestConfiguration {
@Bean("Echo")
public ClientRegionFactoryBean<String, String> echoRegion(GemFireCache gemfireCache) {
ClientRegionFactoryBean<String, String> echoRegion = new ClientRegionFactoryBean<>();
echoRegion.setCache(gemfireCache);
echoRegion.setCacheLoader(echoCacheLoader());
echoRegion.setClose(false);
echoRegion.setShortcut(ClientRegionShortcut.LOCAL);
return echoRegion;
}
CacheLoader<String, String> echoCacheLoader() {
return new CacheLoader<String, String>() {
@Override
public String load(LoaderHelper<String, String> helper) throws CacheLoaderException {
return helper.getKey();
}
@Override
public void close() {
}
};
}
}
}

View File

@@ -31,7 +31,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.data.gemfire.client.ClientCacheFactoryBean;
import org.springframework.data.gemfire.test.GemfireTestBeanPostProcessor;
import org.springframework.data.gemfire.test.mock.annotation.EnableGemFireMockObjects;
import org.springframework.test.context.junit4.SpringRunner;
/**
@@ -86,14 +86,10 @@ public class ClientCacheConfigurerIntegrationTests {
assertClientCacheConfigurerInvokedSuccessfully(this.configurerTwo, "gemfireCache");
}
@ClientCacheApplication
@EnableGemFireMockObjects
@ClientCacheApplication(logLevel = "error")
static class TestConfiguration {
@Bean
GemfireTestBeanPostProcessor testBeanPostProcessor() {
return new GemfireTestBeanPostProcessor();
}
@Bean
TestClientCacheConfigurer testClientCacheConfigurerOne() {
return new TestClientCacheConfigurer();

View File

@@ -42,8 +42,12 @@ import org.springframework.mock.env.MockPropertySource;
* Integration tests for {@link ClientCacheApplication}.
*
* @author John Blum
* @see java.util.Properties
* @see org.junit.Test
* @see org.springframework.core.env.PropertySource
* @see org.springframework.data.gemfire.client.ClientCacheFactoryBean
* @see org.springframework.data.gemfire.config.annotation.ClientCacheApplication
* @see org.springframework.data.gemfire.test.mock.annotation.EnableGemFireMockObjects
* @since 2.0.0
*/
public class ClientCachePropertiesIntegrationTests {
@@ -56,7 +60,7 @@ public class ClientCachePropertiesIntegrationTests {
}
private ConfigurableApplicationContext newApplicationContext(PropertySource<?> testPropertySource,
Class<?>... annotatedClasses) {
Class<?>... annotatedClasses) {
AnnotationConfigApplicationContext applicationContext = new AnnotationConfigApplicationContext();
@@ -64,8 +68,8 @@ public class ClientCachePropertiesIntegrationTests {
propertySources.addFirst(testPropertySource);
applicationContext.registerShutdownHook();
applicationContext.register(annotatedClasses);
applicationContext.registerShutdownHook();
applicationContext.refresh();
return applicationContext;
@@ -99,6 +103,8 @@ public class ClientCachePropertiesIntegrationTests {
ClientCache testClientCache = this.applicationContext.getBean("gemfireCache", ClientCache.class);
assertThat(testClientCache).isNotNull();
PdxSerializer mockPdxSerializer = this.applicationContext.getBean("mockPdxSerializer", PdxSerializer.class);
assertThat(mockPdxSerializer).isNotNull();
@@ -271,8 +277,8 @@ public class ClientCachePropertiesIntegrationTests {
}
@EnableGemFireMockObjects
@EnablePdx(serializerBeanName = "mockPdxSerializer")
@ClientCacheApplication(name = "TestClientCache")
@EnablePdx(serializerBeanName = "mockPdxSerializer")
@SuppressWarnings("unused")
static class TestDynamicClientCacheConfiguration {

View File

@@ -43,8 +43,8 @@ import org.springframework.test.context.junit4.SpringRunner;
/**
* Test suite of test cases testing the contract and functionality of the {@link CacheServerApplication}
* and {@link ClientCacheApplication} SDG annotation for configuring and bootstrapping the Pivotal GemFire
* client/server topology
* and {@link ClientCacheApplication} SDG annotations for configuring and bootstrapping a Pivotal GemFire
* or Apache Geode client/server topology
*
* @author John Blum
* @see org.junit.Test
@@ -57,7 +57,7 @@ import org.springframework.test.context.junit4.SpringRunner;
* @since 1.9.0
*/
@RunWith(SpringRunner.class)
@ContextConfiguration(classes = ClientServerCacheApplicationIntegrationTests.ClientCacheApplicationConfiguration.class)
@ContextConfiguration(classes = ClientServerCacheApplicationIntegrationTests.ClientTestConfiguration.class)
@SuppressWarnings("all")
public class ClientServerCacheApplicationIntegrationTests extends ClientServerIntegrationTestsSupport {
@@ -68,7 +68,7 @@ public class ClientServerCacheApplicationIntegrationTests extends ClientServerIn
@BeforeClass
public static void setupGemFireServer() throws Exception {
gemfireServerProcess = run(CacheServerApplicationConfiguration.class, String.format("-Dgemfire.name=%1$s",
gemfireServerProcess = run(ServerTestConfiguration.class, String.format("-Dgemfire.name=%1$s",
asApplicationName(ClientServerCacheApplicationIntegrationTests.class)));
waitForServerToStart("localhost", PORT);
@@ -91,11 +91,28 @@ public class ClientServerCacheApplicationIntegrationTests extends ClientServerIn
assertThat(echo.get("Test")).isEqualTo("Test");
}
@CacheServerApplication(name = "ClientServerCacheApplicationIntegrationTests", logLevel = "warn", port = PORT)
public static class CacheServerApplicationConfiguration {
@ClientCacheApplication(logLevel = TEST_GEMFIRE_LOG_LEVEL, servers = { @ClientCacheApplication.Server(port = PORT)})
static class ClientTestConfiguration {
@Bean(name = "Echo")
ClientRegionFactoryBean<String, String> echoRegion(ClientCache gemfireCache) {
ClientRegionFactoryBean<String, String> echoRegion = new ClientRegionFactoryBean<String, String>();
echoRegion.setCache(gemfireCache);
echoRegion.setClose(false);
echoRegion.setShortcut(ClientRegionShortcut.PROXY);
return echoRegion;
}
}
@CacheServerApplication(name = "ClientServerCacheApplicationIntegrationTests",
logLevel = TEST_GEMFIRE_LOG_LEVEL, port = PORT)
public static class ServerTestConfiguration {
public static void main(String[] args) {
runSpringApplication(CacheServerApplicationConfiguration.class, args);
runSpringApplication(ServerTestConfiguration.class, args);
}
@Bean("Echo")
@@ -126,20 +143,4 @@ public class ClientServerCacheApplicationIntegrationTests extends ClientServerIn
};
}
}
@ClientCacheApplication(logLevel = "warn", servers = { @ClientCacheApplication.Server(port = PORT)})
static class ClientCacheApplicationConfiguration {
@Bean(name = "Echo")
ClientRegionFactoryBean<String, String> echoRegion(ClientCache gemfireCache) {
ClientRegionFactoryBean<String, String> echoRegion = new ClientRegionFactoryBean<String, String>();
echoRegion.setCache(gemfireCache);
echoRegion.setClose(false);
echoRegion.setShortcut(ClientRegionShortcut.PROXY);
return echoRegion;
}
}
}

View File

@@ -74,8 +74,6 @@ import org.springframework.test.context.junit4.SpringRunner;
@SuppressWarnings("unused")
public class EnableClusterConfigurationIntegrationTests extends ClientServerIntegrationTestsSupport {
private static final String LOG_LEVEL = "warning";
private static ProcessWrapper gemfireServer;
@Autowired
@@ -88,7 +86,7 @@ public class EnableClusterConfigurationIntegrationTests extends ClientServerInte
int availablePort = findAvailablePort();
gemfireServer = run(GemFireServerConfiguration.class,
gemfireServer = run(ServerTestConfiguration.class,
String.format("-D%s=%d", GEMFIRE_CACHE_SERVER_PORT_PROPERTY, availablePort));
waitForServerToStart("localhost", availablePort);
@@ -122,12 +120,12 @@ public class EnableClusterConfigurationIntegrationTests extends ClientServerInte
@Configuration
@EnableClusterConfiguration
@Import(GemFireClientConfiguration.class)
@Import(ClientTestConfiguration.class)
static class TestConfiguration {
}
@ClientCacheApplication(logLevel = LOG_LEVEL, subscriptionEnabled = true)
static class GemFireClientConfiguration {
@ClientCacheApplication(logLevel = TEST_GEMFIRE_LOG_LEVEL, subscriptionEnabled = true)
static class ClientTestConfiguration {
@Bean
ClientCacheConfigurer clientCachePoolPortConfigurer(
@@ -188,13 +186,13 @@ public class EnableClusterConfigurationIntegrationTests extends ClientServerInte
}
}
@CacheServerApplication(name = "EnableClusterConfigurationIntegrationTests", logLevel = LOG_LEVEL)
static class GemFireServerConfiguration {
@CacheServerApplication(name = "EnableClusterConfigurationIntegrationTests", logLevel = TEST_GEMFIRE_LOG_LEVEL)
static class ServerTestConfiguration {
public static void main(String[] args) {
AnnotationConfigApplicationContext applicationContext = new AnnotationConfigApplicationContext(
EnableClusterConfigurationIntegrationTests.GemFireServerConfiguration.class);
AnnotationConfigApplicationContext applicationContext =
new AnnotationConfigApplicationContext(ServerTestConfiguration.class);
applicationContext.registerShutdownHook();
}

View File

@@ -17,7 +17,6 @@
package org.springframework.data.gemfire.config.annotation;
import static org.assertj.core.api.Assertions.assertThat;
import static org.springframework.data.gemfire.util.ArrayUtils.asArray;
import java.util.Optional;
import java.util.Properties;
@@ -30,7 +29,9 @@ import org.springframework.context.annotation.AnnotationConfigApplicationContext
import org.springframework.core.env.MutablePropertySources;
import org.springframework.core.env.PropertySource;
import org.springframework.data.gemfire.test.mock.annotation.EnableGemFireMockObjects;
import org.springframework.data.gemfire.util.ArrayUtils;
import org.springframework.mock.env.MockPropertySource;
import org.springframework.util.StringUtils;
/**
* Integration tests for {@link EnableAuth}, {@link EnableGemFireProperties}, {@link EnableHttpService},
@@ -57,7 +58,7 @@ public class EnableGemFirePropertiesIntegrationTests {
}
private ConfigurableApplicationContext newApplicationContext(PropertySource<?> testPropertySource,
Class<?>... annotatedClasses) {
Class<?>... annotatedClasses) {
AnnotationConfigApplicationContext applicationContext = new AnnotationConfigApplicationContext();
@@ -75,7 +76,7 @@ public class EnableGemFirePropertiesIntegrationTests {
@Test
public void authGemFirePropertiesConfiguration() {
MockPropertySource testPropertySource = new MockPropertySource()
PropertySource testPropertySource = new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.security.client.accessor", "example.client.AccessController")
.withProperty("spring.data.gemfire.security.client.accessor-post-processor", "example.client.AccessControllerPostProcessor")
.withProperty("spring.data.gemfire.security.client.authentication-initializer", "example.client.AuthenticationInitializer")
@@ -88,7 +89,8 @@ public class EnableGemFirePropertiesIntegrationTests {
.withProperty("spring.data.gemfire.security.log.level", "info")
.withProperty("spring.data.gemfire.security.properties-file", "/path/to/security.properties");
this.applicationContext = newApplicationContext(testPropertySource, TestAuthGemFirePropertiesConfiguration.class);
this.applicationContext =
newApplicationContext(testPropertySource, TestAuthGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
@@ -117,13 +119,14 @@ public class EnableGemFirePropertiesIntegrationTests {
@Test
public void httpGemFirePropertiesConfiguration() {
MockPropertySource testPropertySource = new MockPropertySource()
PropertySource testPropertySource = new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.service.http.bind-address", "10.128.64.32")
.withProperty("spring.data.gemfire.service.http.port", "8181")
.withProperty("spring.data.gemfire.service.http.ssl-require-authentication", "true")
.withProperty("spring.data.gemfire.service.http.dev-rest-api.start", "true");
this.applicationContext = newApplicationContext(testPropertySource, TestHttpGemFirePropertiesConfiguration.class);
this.applicationContext =
newApplicationContext(testPropertySource, TestHttpGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
@@ -145,11 +148,12 @@ public class EnableGemFirePropertiesIntegrationTests {
@Test
public void locatorGemFirePropertiesConfiguration() {
MockPropertySource testPropertySource = new MockPropertySource()
PropertySource testPropertySource = new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.locator.host", "10.64.32.16")
.withProperty("spring.data.gemfire.locator.port", "11235");
this.applicationContext = newApplicationContext(testPropertySource, TestLocatorGemFirePropertiesConfiguration.class);
this.applicationContext =
newApplicationContext(testPropertySource, TestLocatorGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
@@ -168,13 +172,14 @@ public class EnableGemFirePropertiesIntegrationTests {
@Test
public void loggingGemFirePropertiesConfiguration() {
MockPropertySource testPropertySource = new MockPropertySource()
PropertySource testPropertySource = new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.logging.log-disk-space-limit", "100")
.withProperty("spring.data.gemfire.logging.log-file", "/path/to/file.log")
.withProperty("spring.data.gemfire.logging.log-file-size-limit", "10")
.withProperty("spring.data.gemfire.logging.level", "info");
this.applicationContext = newApplicationContext(testPropertySource, TestLoggingGemFirePropertiesConfiguration.class);
this.applicationContext =
newApplicationContext(testPropertySource, TestLoggingGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
@@ -196,7 +201,7 @@ public class EnableGemFirePropertiesIntegrationTests {
@Test
public void managerGemFirePropertiesConfiguration() {
MockPropertySource testPropertySource = new MockPropertySource()
PropertySource testPropertySource = new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.manager.access-file", "/path/to/access.control")
.withProperty("spring.data.gemfire.manager.bind-address", "10.32.16.8")
.withProperty("spring.data.gemfire.manager.hostname-for-clients", "skullbox")
@@ -205,7 +210,8 @@ public class EnableGemFirePropertiesIntegrationTests {
.withProperty("spring.data.gemfire.manager.start", "true")
.withProperty("spring.data.gemfire.manager.update-rate", "1000");
this.applicationContext = newApplicationContext(testPropertySource, TestManagerGemFirePropertiesConfiguration.class);
this.applicationContext =
newApplicationContext(testPropertySource, TestManagerGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
@@ -231,11 +237,12 @@ public class EnableGemFirePropertiesIntegrationTests {
@Test
public void memcachedServerGemFirePropertiesConfiguration() {
MockPropertySource testPropertySource = new MockPropertySource()
PropertySource testPropertySource = new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.service.memcached.port", "2468")
.withProperty("spring.data.gemfire.service.memcached.protocol", "BINARY");
this.applicationContext = newApplicationContext(testPropertySource, TestMemcachedServerGemFirePropertiesConfiguration.class);
this.applicationContext =
newApplicationContext(testPropertySource, TestMemcachedServerGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
@@ -255,10 +262,11 @@ public class EnableGemFirePropertiesIntegrationTests {
@Test
public void offHeapGemFirePropertiesConfiguration() {
MockPropertySource testPropertySource = new MockPropertySource()
PropertySource testPropertySource = new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.cache.off-heap.memory-size", "1024g");
this.applicationContext = newApplicationContext(testPropertySource, TestOffHeapGemFirePropertiesConfiguration.class);
this.applicationContext =
newApplicationContext(testPropertySource, TestOffHeapGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
@@ -277,11 +285,12 @@ public class EnableGemFirePropertiesIntegrationTests {
@Test
public void redisServerGemFirePropertiesConfiguration() {
MockPropertySource testPropertySource = new MockPropertySource()
PropertySource testPropertySource = new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.service.redis.bind-address", "10.16.8.4")
.withProperty("spring.data.gemfire.service.redis.port", "13579");
this.applicationContext = newApplicationContext(testPropertySource, TestRedisServerGemFirePropertiesConfiguration.class);
this.applicationContext =
newApplicationContext(testPropertySource, TestRedisServerGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
@@ -301,14 +310,15 @@ public class EnableGemFirePropertiesIntegrationTests {
@Test
public void securityGemFirePropertiesConfiguration() {
MockPropertySource testPropertySource = new MockPropertySource()
PropertySource testPropertySource = new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.security.client.authentication-initializer", "example.security.client.AuthenticationInitializer")
.withProperty("spring.data.gemfire.security.peer.authentication-initializer", "example.security.peer.AuthenticationInitializer")
.withProperty("spring.data.gemfire.security.manager.class-name", "example.security.SecurityManager")
.withProperty("spring.data.gemfire.security.postprocessor.class-name", "example.security.PostProcessor")
.withProperty("spring.data.gemfire.security.shiro.ini-resource-path", "/path/to/shiro.ini");
this.applicationContext = newApplicationContext(testPropertySource, TestSecurityGemFirePropertiesConfiguration.class);
this.applicationContext =
newApplicationContext(testPropertySource, TestSecurityGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
@@ -331,68 +341,25 @@ public class EnableGemFirePropertiesIntegrationTests {
@Test
public void sslGemFirePropertiesConfiguration() {
MockPropertySource testPropertySource = new MockPropertySource()
.withProperty("spring.data.gemfire.security.ssl.ciphers", "DSA")
PropertySource testPropertySource = new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.security.ssl.ciphers", "DSA, RSA")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.default", "TestCert")
.withProperty("spring.data.gemfire.security.ssl.keystore", "/path/to/keystore")
.withProperty("spring.data.gemfire.security.ssl.keystore-password", "p@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.keystore-type", "JKS")
.withProperty("spring.data.gemfire.security.ssl.protocols", "TLS")
.withProperty("spring.data.gemfire.security.ssl.keystore.password", "p@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.keystore.type", "JKS")
.withProperty("spring.data.gemfire.security.ssl.protocols", "IP, TCP/IP, UDP")
.withProperty("spring.data.gemfire.security.ssl.require-authentication", "false")
.withProperty("spring.data.gemfire.security.ssl.truststore", "/path/to/truststore")
.withProperty("spring.data.gemfire.security.ssl.truststore-password", "p@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.cluster.ciphers", "RSA")
.withProperty("spring.data.gemfire.security.ssl.cluster.keystore", "/path/to/cluster/keystore")
.withProperty("spring.data.gemfire.security.ssl.cluster.keystore-password", "clusterP@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.cluster.keystore-type", "PKCS11")
.withProperty("spring.data.gemfire.security.ssl.cluster.protocols", "TLS")
.withProperty("spring.data.gemfire.security.ssl.cluster.require-authentication", "true")
.withProperty("spring.data.gemfire.security.ssl.cluster.truststore", "/path/to/cluster/truststore")
.withProperty("spring.data.gemfire.security.ssl.cluster.truststore-password", "clusterP@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.gateway.ciphers", "AES")
.withProperty("spring.data.gemfire.security.ssl.gateway.keystore", "/path/to/gateway/keystore")
.withProperty("spring.data.gemfire.security.ssl.gateway.keystore-password", "gatewayP@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.gateway.keystore-type", "PKCS11")
.withProperty("spring.data.gemfire.security.ssl.gateway.protocols", "TLS")
.withProperty("spring.data.gemfire.security.ssl.gateway.require-authentication", "true")
.withProperty("spring.data.gemfire.security.ssl.gateway.truststore", "/path/to/gateway/truststore")
.withProperty("spring.data.gemfire.security.ssl.gateway.truststore-password", "gatewayP@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.http-service.ciphers", "DES")
.withProperty("spring.data.gemfire.security.ssl.http-service.keystore", "/path/to/http/keystore")
.withProperty("spring.data.gemfire.security.ssl.http-service.keystore-password", "httpP@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.http-service.keystore-type", "JKS")
.withProperty("spring.data.gemfire.security.ssl.http-service.protocols", "TLS")
.withProperty("spring.data.gemfire.security.ssl.http-service.require-authentication", "true")
.withProperty("spring.data.gemfire.security.ssl.http-service.truststore", "/path/to/http/truststore")
.withProperty("spring.data.gemfire.security.ssl.http-service.truststore-password", "httpP@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.jmx-manager.ciphers", "RC4")
.withProperty("spring.data.gemfire.security.ssl.jmx-manager.keystore", "/path/to/jmx/keystore")
.withProperty("spring.data.gemfire.security.ssl.jmx-manager.keystore-password", "jmxP@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.jmx-manager.keystore-type", "PKCS11")
.withProperty("spring.data.gemfire.security.ssl.jmx-manager.protocols", "TLS")
.withProperty("spring.data.gemfire.security.ssl.jmx-manager.require-authentication", "true")
.withProperty("spring.data.gemfire.security.ssl.jmx-manager.truststore", "/path/to/jmx/truststore")
.withProperty("spring.data.gemfire.security.ssl.jmx-manager.truststore-password", "jmxP@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.locator.ciphers", "IDEA")
.withProperty("spring.data.gemfire.security.ssl.locator.keystore", "/path/to/locator/keystore")
.withProperty("spring.data.gemfire.security.ssl.locator.keystore-password", "locatorP@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.locator.keystore-type", "PKCS11")
.withProperty("spring.data.gemfire.security.ssl.locator.protocols", "TLS")
.withProperty("spring.data.gemfire.security.ssl.locator.require-authentication", "true")
.withProperty("spring.data.gemfire.security.ssl.locator.truststore", "/path/to/locator/truststore")
.withProperty("spring.data.gemfire.security.ssl.locator.truststore-password", "locatorP@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.server.ciphers", "TSA")
.withProperty("spring.data.gemfire.security.ssl.server.keystore", "/path/to/server/keystore")
.withProperty("spring.data.gemfire.security.ssl.server.keystore-password", "serverP@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.server.keystore-type", "PKCS11")
.withProperty("spring.data.gemfire.security.ssl.server.protocols", "TLS")
.withProperty("spring.data.gemfire.security.ssl.server.require-authentication", "true")
.withProperty("spring.data.gemfire.security.ssl.server.truststore", "/path/to/server/truststore")
.withProperty("spring.data.gemfire.security.ssl.server.truststore-password", "serverP@55w0rd");
.withProperty("spring.data.gemfire.security.ssl.truststore.password", "p@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.truststore.type", "PKCS11")
.withProperty("spring.data.gemfire.security.ssl.web-require-authentication", "true");
this.applicationContext = newApplicationContext(testPropertySource, TestSslGemFirePropertiesConfiguration.class);
this.applicationContext =
newApplicationContext(testPropertySource, TestSslGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
assertThat(this.applicationContext.containsBean("gemfireProperties")).isTrue();
GemFireCache gemfireCache = this.applicationContext.getBean("gemfireCache", GemFireCache.class);
@@ -401,123 +368,24 @@ public class EnableGemFirePropertiesIntegrationTests {
Properties gemfireProperties = gemfireCache.getDistributedSystem().getProperties();
assertThat(gemfireProperties).isNotNull();
assertThat(gemfireProperties.contains("ssl-ciphers")).isFalse();
assertThat(gemfireProperties.contains("ssl-keystore")).isFalse();
assertThat(gemfireProperties.contains("ssl-keystore-password")).isFalse();
assertThat(gemfireProperties.contains("ssl-keystore-type")).isFalse();
assertThat(gemfireProperties.contains("ssl-protocols")).isFalse();
assertThat(gemfireProperties.contains("ssl-require-authentication")).isFalse();
assertThat(gemfireProperties.contains("ssl-truststore")).isFalse();
assertThat(gemfireProperties.contains("ssl-truststore-password")).isFalse();
assertThat(gemfireProperties.getProperty("cluster-ssl-ciphers")).isEqualTo("RSA");
assertThat(gemfireProperties.getProperty("cluster-ssl-keystore")).isEqualTo("/path/to/cluster/keystore");
assertThat(gemfireProperties.getProperty("cluster-ssl-keystore-password")).isEqualTo("clusterP@55w0rd");
assertThat(gemfireProperties.getProperty("cluster-ssl-keystore-type")).isEqualTo("PKCS11");
assertThat(gemfireProperties.getProperty("cluster-ssl-protocols")).isEqualTo("TLS");
assertThat(gemfireProperties.getProperty("cluster-ssl-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("cluster-ssl-truststore")).isEqualTo("/path/to/cluster/truststore");
assertThat(gemfireProperties.getProperty("cluster-ssl-truststore-password")).isEqualTo("clusterP@55w0rd");
assertThat(gemfireProperties.getProperty("gateway-ssl-ciphers")).isEqualTo("AES");
assertThat(gemfireProperties.getProperty("gateway-ssl-keystore")).isEqualTo("/path/to/gateway/keystore");
assertThat(gemfireProperties.getProperty("gateway-ssl-keystore-password")).isEqualTo("gatewayP@55w0rd");
assertThat(gemfireProperties.getProperty("gateway-ssl-keystore-type")).isEqualTo("PKCS11");
assertThat(gemfireProperties.getProperty("gateway-ssl-protocols")).isEqualTo("TLS");
assertThat(gemfireProperties.getProperty("gateway-ssl-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("gateway-ssl-truststore")).isEqualTo("/path/to/gateway/truststore");
assertThat(gemfireProperties.getProperty("gateway-ssl-truststore-password")).isEqualTo("gatewayP@55w0rd");
assertThat(gemfireProperties.getProperty("http-service-ssl-ciphers")).isEqualTo("DES");
assertThat(gemfireProperties.getProperty("http-service-ssl-keystore")).isEqualTo("/path/to/http/keystore");
assertThat(gemfireProperties.getProperty("http-service-ssl-keystore-password")).isEqualTo("httpP@55w0rd");
assertThat(gemfireProperties.getProperty("http-service-ssl-keystore-type")).isEqualTo("JKS");
assertThat(gemfireProperties.getProperty("http-service-ssl-protocols")).isEqualTo("TLS");
assertThat(gemfireProperties.getProperty("http-service-ssl-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("http-service-ssl-truststore")).isEqualTo("/path/to/http/truststore");
assertThat(gemfireProperties.getProperty("http-service-ssl-truststore-password")).isEqualTo("httpP@55w0rd");
assertThat(gemfireProperties.getProperty("jmx-manager-ssl-ciphers")).isEqualTo("RC4");
assertThat(gemfireProperties.getProperty("jmx-manager-ssl-keystore")).isEqualTo("/path/to/jmx/keystore");
assertThat(gemfireProperties.getProperty("jmx-manager-ssl-keystore-password")).isEqualTo("jmxP@55w0rd");
assertThat(gemfireProperties.getProperty("jmx-manager-ssl-keystore-type")).isEqualTo("PKCS11");
assertThat(gemfireProperties.getProperty("jmx-manager-ssl-protocols")).isEqualTo("TLS");
assertThat(gemfireProperties.getProperty("jmx-manager-ssl-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("jmx-manager-ssl-truststore")).isEqualTo("/path/to/jmx/truststore");
assertThat(gemfireProperties.getProperty("jmx-manager-ssl-truststore-password")).isEqualTo("jmxP@55w0rd");
assertThat(gemfireProperties.getProperty("locator-ssl-ciphers")).isEqualTo("IDEA");
assertThat(gemfireProperties.getProperty("locator-ssl-keystore")).isEqualTo("/path/to/locator/keystore");
assertThat(gemfireProperties.getProperty("locator-ssl-keystore-password")).isEqualTo("locatorP@55w0rd");
assertThat(gemfireProperties.getProperty("locator-ssl-keystore-type")).isEqualTo("PKCS11");
assertThat(gemfireProperties.getProperty("locator-ssl-protocols")).isEqualTo("TLS");
assertThat(gemfireProperties.getProperty("locator-ssl-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("locator-ssl-truststore")).isEqualTo("/path/to/locator/truststore");
assertThat(gemfireProperties.getProperty("locator-ssl-truststore-password")).isEqualTo("locatorP@55w0rd");
assertThat(gemfireProperties.getProperty("server-ssl-ciphers")).isEqualTo("TSA");
assertThat(gemfireProperties.getProperty("server-ssl-keystore")).isEqualTo("/path/to/server/keystore");
assertThat(gemfireProperties.getProperty("server-ssl-keystore-password")).isEqualTo("serverP@55w0rd");
assertThat(gemfireProperties.getProperty("server-ssl-keystore-type")).isEqualTo("PKCS11");
assertThat(gemfireProperties.getProperty("server-ssl-protocols")).isEqualTo("TLS");
assertThat(gemfireProperties.getProperty("server-ssl-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("server-ssl-truststore")).isEqualTo("/path/to/server/truststore");
assertThat(gemfireProperties.getProperty("server-ssl-truststore-password")).isEqualTo("serverP@55w0rd");
}
@Test
public void inheritedSslGemFirePropertiesConfiguration() {
MockPropertySource testPropertySource = new MockPropertySource()
.withProperty("spring.data.gemfire.security.ssl.ciphers", "DSA")
.withProperty("spring.data.gemfire.security.ssl.keystore", "/path/to/keystore")
.withProperty("spring.data.gemfire.security.ssl.keystore-password", "p@55w0rd")
.withProperty("spring.data.gemfire.security.ssl.keystore-type", "JKS")
.withProperty("spring.data.gemfire.security.ssl.protocols", "TLS")
.withProperty("spring.data.gemfire.security.ssl.require-authentication", "false")
.withProperty("spring.data.gemfire.security.ssl.truststore", "/path/to/truststore")
.withProperty("spring.data.gemfire.security.ssl.truststore-password", "p@55w0rd");
this.applicationContext = newApplicationContext(testPropertySource, TestInheritedSslGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
GemFireCache gemfireCache = this.applicationContext.getBean("gemfireCache", GemFireCache.class);
assertThat(gemfireCache).isNotNull();
assertThat(gemfireCache.getDistributedSystem()).isNotNull();
Properties gemfireProperties = gemfireCache.getDistributedSystem().getProperties();
String sslEnabledComponents = Optional.ofNullable(gemfireProperties.getProperty("ssl-enabled-components"))
.filter(StringUtils::hasText)
.map(it -> StringUtils.arrayToCommaDelimitedString(ArrayUtils.sort(
StringUtils.commaDelimitedListToStringArray(it))))
.orElse(null);
assertThat(gemfireProperties).isNotNull();
assertThat(gemfireProperties.contains("ssl-ciphers")).isFalse();
assertThat(gemfireProperties.contains("ssl-keystore")).isFalse();
assertThat(gemfireProperties.contains("ssl-keystore-password")).isFalse();
assertThat(gemfireProperties.contains("ssl-keystore-type")).isFalse();
assertThat(gemfireProperties.contains("ssl-protocols")).isFalse();
assertThat(gemfireProperties.contains("ssl-require-authentication")).isFalse();
assertThat(gemfireProperties.contains("ssl-truststore")).isFalse();
assertThat(gemfireProperties.contains("ssl-truststore-password")).isFalse();
for (EnableSsl.Component component : asArray(EnableSsl.Component.CLUSTER, EnableSsl.Component.HTTP)) {
assertThat(gemfireProperties.contains(String.format("%s-ssl-ciphers", component))).isFalse();
assertThat(gemfireProperties.contains(String.format("%s-ssl-keystore", component))).isFalse();
assertThat(gemfireProperties.contains(String.format("%s-ssl-keystore-password", component))).isFalse();
assertThat(gemfireProperties.contains(String.format("%s-ssl-keystore-type", component))).isFalse();
assertThat(gemfireProperties.contains(String.format("%s-ssl-protocols", component))).isFalse();
assertThat(gemfireProperties.contains(String.format("%s-ssl-require-authentication", component))).isFalse();
assertThat(gemfireProperties.contains(String.format("%s-ssl-truststore", component))).isFalse();
assertThat(gemfireProperties.contains(String.format("%s-ssl-truststore-password", component))).isFalse();
}
for (EnableSsl.Component component : asArray(EnableSsl.Component.GATEWAY, EnableSsl.Component.JMX,
EnableSsl.Component.LOCATOR, EnableSsl.Component.SERVER)) {
assertThat(gemfireProperties.getProperty(String.format("%s-ssl-ciphers", component))).isEqualTo("DSA");
assertThat(gemfireProperties.getProperty(String.format("%s-ssl-keystore", component))).isEqualTo("/path/to/keystore");
assertThat(gemfireProperties.getProperty(String.format("%s-ssl-keystore-password", component))).isEqualTo("p@55w0rd");
assertThat(gemfireProperties.getProperty(String.format("%s-ssl-keystore-type", component))).isEqualTo("JKS");
assertThat(gemfireProperties.getProperty(String.format("%s-ssl-protocols", component))).isEqualTo("TLS");
assertThat(gemfireProperties.getProperty(String.format("%s-ssl-require-authentication", component))).isEqualTo("false");
assertThat(gemfireProperties.getProperty(String.format("%s-ssl-truststore", component))).isEqualTo("/path/to/truststore");
assertThat(gemfireProperties.getProperty(String.format("%s-ssl-truststore-password", component))).isEqualTo("p@55w0rd");
}
assertThat(gemfireProperties.getProperty("ssl-ciphers")).isEqualTo("DSA, RSA");
assertThat(sslEnabledComponents).isEqualTo("cluster,gateway,jmx,locator,server,web");
assertThat(gemfireProperties.getProperty("ssl-default-alias")).isEqualTo("TestCert");
assertThat(gemfireProperties.getProperty("ssl-keystore")).isEqualTo("/path/to/keystore");
assertThat(gemfireProperties.getProperty("ssl-keystore-password")).isEqualTo("p@55w0rd");
assertThat(gemfireProperties.getProperty("ssl-keystore-type")).isEqualTo("JKS");
assertThat(gemfireProperties.getProperty("ssl-protocols")).isEqualTo("IP, TCP/IP, UDP");
assertThat(gemfireProperties.getProperty("ssl-require-authentication")).isEqualTo("false");
assertThat(gemfireProperties.getProperty("ssl-truststore")).isEqualTo("/path/to/truststore");
assertThat(gemfireProperties.getProperty("ssl-truststore-password")).isEqualTo("p@55w0rd");
assertThat(gemfireProperties.getProperty("ssl-truststore-type")).isEqualTo("PKCS11");
}
@Test
@@ -530,7 +398,8 @@ public class EnableGemFirePropertiesIntegrationTests {
.withProperty("spring.data.gemfire.stats.enable-time-statistics", "true")
.withProperty("spring.data.gemfire.stats.sample-rate", "100");
this.applicationContext = newApplicationContext(testPropertySource, TestStatisticsGemFirePropertiesConfiguration.class);
this.applicationContext =
newApplicationContext(testPropertySource, TestStatisticsGemFirePropertiesConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache")).isTrue();
@@ -617,19 +486,16 @@ public class EnableGemFirePropertiesIntegrationTests {
@EnableGemFireMockObjects
@PeerCacheApplication
@EnableGemFireProperties
@EnableSsl(components = { EnableSsl.Component.CLUSTER, EnableSsl.Component.GATEWAY, EnableSsl.Component.HTTP,
EnableSsl.Component.JMX, EnableSsl.Component.LOCATOR, EnableSsl.Component.SERVER })
@EnableSsl(ciphers = "FISH", components = {
EnableSsl.Component.CLUSTER, EnableSsl.Component.GATEWAY, EnableSsl.Component.JMX,
EnableSsl.Component.LOCATOR, EnableSsl.Component.SERVER, EnableSsl.Component.WEB
}, componentCertificateAliases = {
@EnableSsl.ComponentAlias(component = EnableSsl.Component.GATEWAY, alias = "WanCert"),
@EnableSsl.ComponentAlias(component = EnableSsl.Component.WEB, alias = "HttpCert")
}, defaultCertificateAlias = "MockCert", protocols = "HTTP")
static class TestSslGemFirePropertiesConfiguration {
}
@EnableGemFireMockObjects
@PeerCacheApplication
@EnableGemFireProperties
@EnableSsl(components = { EnableSsl.Component.GATEWAY, EnableSsl.Component.JMX, EnableSsl.Component.LOCATOR,
EnableSsl.Component.SERVER })
static class TestInheritedSslGemFirePropertiesConfiguration {
}
@EnableGemFireMockObjects
@PeerCacheApplication
@EnableGemFireProperties

View File

@@ -0,0 +1,172 @@
/*
* Copyright 2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.data.gemfire.config.annotation;
import static org.assertj.core.api.Assertions.assertThat;
import javax.annotation.Resource;
import org.apache.geode.cache.CacheLoader;
import org.apache.geode.cache.CacheLoaderException;
import org.apache.geode.cache.GemFireCache;
import org.apache.geode.cache.LoaderHelper;
import org.apache.geode.cache.Region;
import org.apache.geode.cache.client.ClientRegionShortcut;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.data.gemfire.PartitionedRegionFactoryBean;
import org.springframework.data.gemfire.client.ClientRegionFactoryBean;
import org.springframework.data.gemfire.process.ProcessWrapper;
import org.springframework.data.gemfire.test.support.ClientServerIntegrationTestsSupport;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringRunner;
/**
* Integration tests for {@link EnableSsl} and {@link SslConfiguration}.
*
* @author John Blum
* @see org.junit.Test
* @see org.springframework.data.gemfire.config.annotation.ClientCacheApplication
* @see org.springframework.data.gemfire.config.annotation.EnableSsl
* @see org.springframework.data.gemfire.config.annotation.SslConfiguration
* @since 2.1.0
*/
@RunWith(SpringRunner.class)
@ContextConfiguration(classes = EnableSslConfigurationIntegrationTests.ClientTestConfiguration.class)
@SuppressWarnings("all")
public class EnableSslConfigurationIntegrationTests extends ClientServerIntegrationTestsSupport {
private static final String LOG_LEVEL = "error";
private static ProcessWrapper gemfireServer;
@Resource(name = "Echo")
private Region<String, String> echo;
@BeforeClass
public static void setupGemFireServer() throws Exception {
String hostname = "localhost";
int availablePort = findAvailablePort();
gemfireServer = run(ServerTestConfiguration.class,
String.format("-Dgemfire.name=%s", asApplicationName(EnableSslConfigurationIntegrationTests.class)),
String.format("-Djavax.net.ssl.keyStore=%s", System.getProperty("javax.net.ssl.keyStore")),
String.format("-D%s=%d", GEMFIRE_CACHE_SERVER_PORT_PROPERTY, availablePort));
waitForServerToStart("localhost", availablePort);
System.setProperty(GEMFIRE_CACHE_SERVER_PORT_PROPERTY, String.format("%s[%d]", hostname, availablePort));
System.setProperty(GEMFIRE_POOL_SERVERS_PROPERTY, String.format("%s[%d]", hostname, availablePort));
}
@AfterClass
public static void tearDownGemFireServer() {
stop(gemfireServer);
}
@Test
public void clientServerWithSslEnabledWorks() {
assertThat(this.echo.get("testing123")).isEqualTo("testing123");
}
@ClientCacheApplication(logLevel = LOG_LEVEL)
@EnableSsl(keystorePassword = "s3cr3t", truststorePassword = "s3cr3t")
static class ClientTestConfiguration {
@Bean
ClientCacheConfigurer clientCacheSslConfigurer(
@Value("${javax.net.ssl.keyStore:trusted.keystore}") String keystoreLocation) {
return (beanName, bean) -> {
bean.getProperties().setProperty("ssl-keystore", keystoreLocation);
bean.getProperties().setProperty("ssl-truststore", keystoreLocation);
};
}
@Bean("Echo")
ClientRegionFactoryBean<String, String> echoRegion(GemFireCache gemfireCache) {
ClientRegionFactoryBean<String, String> echoRegion = new ClientRegionFactoryBean<>();
echoRegion.setCache(gemfireCache);
echoRegion.setClose(false);
echoRegion.setShortcut(ClientRegionShortcut.PROXY);
return echoRegion;
}
}
@CacheServerApplication(name = "EnableSslConfigurationIntegrationTests", logLevel = LOG_LEVEL)
@EnableSsl(keystorePassword = "s3cr3t", truststorePassword = "s3cr3t")
static class ServerTestConfiguration {
public static void main(String[] args) {
AnnotationConfigApplicationContext applicationContext =
new AnnotationConfigApplicationContext(ServerTestConfiguration.class);
applicationContext.registerShutdownHook();
}
@Bean
PeerCacheConfigurer cacheServerSslConfigurer(
@Value("${javax.net.ssl.keyStore:trusted.keystore}") String keystoreLocation) {
return (beanName, bean) -> {
bean.getProperties().setProperty("ssl-keystore", keystoreLocation);
bean.getProperties().setProperty("ssl-truststore", keystoreLocation);
};
}
@Bean("Echo")
PartitionedRegionFactoryBean<String, String> echoRegion(GemFireCache gemfireCache) {
PartitionedRegionFactoryBean<String, String> echoRegion = new PartitionedRegionFactoryBean<>();
echoRegion.setCache(gemfireCache);
echoRegion.setCacheLoader(echoCacheLoader());
echoRegion.setClose(false);
echoRegion.setPersistent(false);
return echoRegion;
}
@Bean
CacheLoader<String, String> echoCacheLoader() {
return new CacheLoader<String, String>() {
@Override
public String load(LoaderHelper<String, String> helper) throws CacheLoaderException {
return helper.getKey();
}
@Override
public void close() {
}
};
}
}
}

View File

@@ -0,0 +1,183 @@
/*
* Copyright 2018 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.data.gemfire.config.annotation;
import static org.assertj.core.api.Assertions.assertThat;
import java.util.Optional;
import java.util.Properties;
import org.junit.After;
import org.junit.Test;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
import org.springframework.core.env.MutablePropertySources;
import org.springframework.core.env.PropertySource;
import org.springframework.data.gemfire.client.ClientCacheFactoryBean;
import org.springframework.data.gemfire.test.mock.annotation.EnableGemFireMockObjects;
import org.springframework.data.gemfire.util.ArrayUtils;
import org.springframework.mock.env.MockPropertySource;
import org.springframework.util.StringUtils;
/**
* Unit tests for {@link EnableSsl} and {@link SslConfiguration}.
*
* @author John Blum
* @see org.junit.Test
* @see org.apache.geode.cache.GemFireCache
* @see org.springframework.data.gemfire.config.annotation.EnableSsl
* @see org.springframework.data.gemfire.config.annotation.SslConfiguration
* @since 2.1.0
*/
public class EnableSslConfigurationUnitTests {
private ConfigurableApplicationContext applicationContext;
@After
public void tearDown() {
Optional.ofNullable(this.applicationContext).ifPresent(ConfigurableApplicationContext::close);
}
private ConfigurableApplicationContext newApplicationContext(PropertySource<?> testPropertySource,
Class<?>... annotatedClasses) {
AnnotationConfigApplicationContext applicationContext = new AnnotationConfigApplicationContext();
MutablePropertySources propertySources = applicationContext.getEnvironment().getPropertySources();
propertySources.addFirst(testPropertySource);
applicationContext.register(annotatedClasses);
applicationContext.registerShutdownHook();
applicationContext.refresh();
return applicationContext;
}
@Test
public void sslAnnotationBasedConfigurationIsCorrect() {
this.applicationContext = newApplicationContext(new MockPropertySource("TestPropertySource"),
SslAnnotationBasedConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache"));
assertThat(this.applicationContext.containsBean("gemfireProperties"));
ClientCacheFactoryBean clientCache =
this.applicationContext.getBean("&gemfireCache", ClientCacheFactoryBean.class);
assertThat(clientCache).isNotNull();
Properties gemfireProperties = clientCache.getProperties();
assertThat(gemfireProperties).isNotNull();
assertThat(gemfireProperties.getProperty("ssl-ciphers")).isEqualTo("FISH,Scream,SEAL,SNOW");
assertThat(gemfireProperties.getProperty("ssl-enabled-components")).isEqualTo("server,gateway");
assertThat(gemfireProperties.getProperty("ssl-default-alias")).isEqualTo("TestCert");
assertThat(gemfireProperties.getProperty("ssl-gateway-alias")).isEqualTo("WanCert");
assertThat(gemfireProperties.getProperty("ssl-keystore")).isEqualTo("/path/to/keystore.jks");
assertThat(gemfireProperties.getProperty("ssl-keystore-password")).isEqualTo("s3cr3t!");
assertThat(gemfireProperties.getProperty("ssl-keystore-type")).isEqualTo("JKS");
assertThat(gemfireProperties.getProperty("ssl-protocols")).isEqualTo("TCP/IP,HTTP");
assertThat(gemfireProperties.getProperty("ssl-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-truststore")).isEqualTo("/path/to/truststore.jks");
assertThat(gemfireProperties.getProperty("ssl-truststore-password")).isEqualTo("p@55w0rd!");
assertThat(gemfireProperties.getProperty("ssl-truststore-type")).isEqualTo("PKCS11");
assertThat(gemfireProperties.getProperty("ssl-web-require-authentication")).isEqualTo("true");
}
@Test
public void sslPropertyBasedConfigurationIsCorrect() {
PropertySource testPropertySource = new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.security.ssl.ciphers", "Scream, SEAL, SNOW")
.withProperty("spring.data.gemfire.security.ssl.components", "locator, server, gateway")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.default", "MockCert")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.gateway", "WanCert")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.server", "ServerCert")
.withProperty("spring.data.gemfire.security.ssl.keystore", "~/test/app/keystore.jks")
.withProperty("spring.data.gemfire.security.ssl.keystore.password", "0p3nS@y5M3")
.withProperty("spring.data.gemfire.security.ssl.keystore.type", "R2D2")
.withProperty("spring.data.gemfire.security.ssl.protocols", "IP, TCP/IP, UDP")
.withProperty("spring.data.gemfire.security.ssl.require-authentication", "false")
.withProperty("spring.data.gemfire.security.ssl.truststore", "relative/path/to/trusted.keystore")
.withProperty("spring.data.gemfire.security.ssl.truststore.password", "kn0ckKn0ck")
.withProperty("spring.data.gemfire.security.ssl.truststore.type", "C3PO")
.withProperty("spring.data.gemfire.security.ssl.web-require-authentication", "true");
this.applicationContext = newApplicationContext(testPropertySource, SslPropertyBasedConfiguration.class);
assertThat(this.applicationContext).isNotNull();
assertThat(this.applicationContext.containsBean("gemfireCache"));
assertThat(this.applicationContext.containsBean("gemfireProperties"));
ClientCacheFactoryBean clientCache =
this.applicationContext.getBean("&gemfireCache", ClientCacheFactoryBean.class);
assertThat(clientCache).isNotNull();
Properties gemfireProperties = clientCache.getProperties();
String sslEnabledComponents = Optional.ofNullable(gemfireProperties.getProperty("ssl-enabled-components"))
.filter(StringUtils::hasText)
.map(it -> StringUtils.arrayToCommaDelimitedString(
ArrayUtils.sort(StringUtils.commaDelimitedListToStringArray(it))))
.orElse(null);
assertThat(gemfireProperties).isNotNull();
assertThat(gemfireProperties.getProperty("ssl-ciphers")).isEqualTo("Scream, SEAL, SNOW");
assertThat(sslEnabledComponents).isEqualTo("gateway,locator,server");
assertThat(gemfireProperties.getProperty("ssl-default-alias")).isEqualTo("MockCert");
assertThat(gemfireProperties.getProperty("ssl-gateway-alias")).isEqualTo("WanCert");
assertThat(gemfireProperties.getProperty("ssl-server-alias")).isEqualTo("ServerCert");
assertThat(gemfireProperties.getProperty("ssl-keystore")).isEqualTo("~/test/app/keystore.jks");
assertThat(gemfireProperties.getProperty("ssl-keystore-password")).isEqualTo("0p3nS@y5M3");
assertThat(gemfireProperties.getProperty("ssl-keystore-type")).isEqualTo("R2D2");
assertThat(gemfireProperties.getProperty("ssl-protocols")).isEqualTo("IP, TCP/IP, UDP");
assertThat(gemfireProperties.getProperty("ssl-require-authentication")).isEqualTo("false");
assertThat(gemfireProperties.getProperty("ssl-truststore")).isEqualTo("relative/path/to/trusted.keystore");
assertThat(gemfireProperties.getProperty("ssl-truststore-password")).isEqualTo("kn0ckKn0ck");
assertThat(gemfireProperties.getProperty("ssl-truststore-type")).isEqualTo("C3PO");
assertThat(gemfireProperties.getProperty("ssl-web-require-authentication")).isEqualTo("true");
}
@EnableGemFireMockObjects
@ClientCacheApplication(logLevel = "error")
@EnableSsl(
ciphers = { "FISH", "Scream", "SEAL", "SNOW" },
components = { EnableSsl.Component.SERVER, EnableSsl.Component.GATEWAY },
componentCertificateAliases = {
@EnableSsl.ComponentAlias(component = EnableSsl.Component.GATEWAY, alias = "WanCert")
},
defaultCertificateAlias = "TestCert",
keystore = "/path/to/keystore.jks",
keystorePassword = "s3cr3t!",
protocols = { "TCP/IP", "HTTP" },
truststore = "/path/to/truststore.jks",
truststorePassword = "p@55w0rd!",
truststoreType = "PKCS11",
webRequireAuthentication = true
)
static class SslAnnotationBasedConfiguration { }
@EnableGemFireMockObjects
@ClientCacheApplication(logLevel = "error")
@EnableSsl
static class SslPropertyBasedConfiguration { }
}

View File

@@ -45,7 +45,7 @@ import org.springframework.test.context.junit4.SpringRunner;
* @since 1.9.0
*/
@RunWith(SpringRunner.class)
@ContextConfiguration(classes = PeerCacheApplicationIntegrationTests.PeerCacheApplicationConfiguration.class)
@ContextConfiguration
@SuppressWarnings("all")
public class PeerCacheApplicationIntegrationTests {
@@ -54,11 +54,12 @@ public class PeerCacheApplicationIntegrationTests {
@Test
public void echoPartitionRegionEchoesKeysAsValues() {
assertThat(echo.get("Hello")).isEqualTo("Hello");
assertThat(echo.get("Test")).isEqualTo("Test");
assertThat(this.echo.get("hello")).isEqualTo("hello");
assertThat(this.echo.get("test")).isEqualTo("test");
assertThat(this.echo.get("good-bye")).isEqualTo("good-bye");
}
@PeerCacheApplication(name = "PeerCacheApplicationIntegrationTests", logLevel="warn")
@PeerCacheApplication(name = "PeerCacheApplicationIntegrationTests", logLevel="error")
static class PeerCacheApplicationConfiguration {
@Bean("Echo")

View File

@@ -64,13 +64,15 @@ public class ClientServerIntegrationTestsSupport {
protected static final String DEFAULT_HOSTNAME = "localhost";
protected static final String DIRECTORY_DELETE_ON_EXIT_PROPERTY = "spring.data.gemfire.directory.delete-on-exit";
protected static final String GEMFIRE_CACHE_SERVER_PORT_PROPERTY = "spring.data.gemfire.cache.server.port";
protected static final String GEMFIRE_POOL_LOCATORS_PROPERTY = "spring.data.gemfire.pool.locators";
protected static final String GEMFIRE_POOL_SERVERS_PROPERTY = "spring.data.gemfire.pool.servers";
protected static final String GEMFIRE_LOG_FILE = "gemfire-server.log";
protected static final String GEMFIRE_LOG_FILE_PROPERTY = "spring.data.gemfire.log.file";
protected static final String GEMFIRE_LOG_LEVEL = "warning";
protected static final String GEMFIRE_LOG_LEVEL = "error";
protected static final String GEMFIRE_LOG_LEVEL_PROPERTY = "spring.data.gemfire.log.level";
protected static final String PROCESS_RUN_MANUAL_PROPERTY = "spring.data.gemfire.process.run-manual";
protected static final String SYSTEM_PROPERTIES_LOG_FILE = "system-properties.log";
protected static final String TEST_GEMFIRE_LOG_LEVEL = "warning";
protected static final String TEST_GEMFIRE_LOG_LEVEL = "error";
/* (non-Javadoc) */
protected static String asApplicationName(Class<?> type) {