DATAGEODE-190 - Polish.

This commit is contained in:
John Blum
2019-05-30 02:08:44 -07:00
parent 7adf99d788
commit 7d9f90fef0
4 changed files with 168 additions and 170 deletions

View File

@@ -13,7 +13,6 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.data.gemfire.config.annotation;
import static org.assertj.core.api.Assertions.assertThat;
@@ -23,6 +22,11 @@ import java.util.Properties;
import org.junit.After;
import org.junit.Test;
import org.apache.geode.cache.Cache;
import org.apache.geode.cache.GemFireCache;
import org.apache.geode.cache.client.ClientCache;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
import org.springframework.core.env.MutablePropertySources;
@@ -31,27 +35,56 @@ import org.springframework.data.gemfire.util.ArrayUtils;
import org.springframework.mock.env.MockPropertySource;
import org.springframework.util.StringUtils;
import org.apache.geode.cache.GemFireCache;
/**
* Integration tests for {@link EnableSsl} and {@link SslConfiguration}.
*
* Integration tests in this class create a ClientCache or PeerCache and query Gemfire
* to see if the GemFire properties set via spring-data-geode are correctly set in GemFire.
* Integration tests in this class create a {@link ClientCache} or peer {@link Cache} and query Apache Geode
* to see if the GemFire properties set with spring-data-geode are correctly set in Apache Geode.
*
* @see Test
* @author Srikanth Manvi
* @author John Blum
* @see java.util.Properties
* @see org.junit.Test
* @see org.apache.geode.cache.Cache
* @see org.apache.geode.cache.GemFireCache
* @see EnableSsl
* @see SslConfiguration
* @since 2.1.0
* @see org.apache.geode.cache.client.ClientCache
* @see org.springframework.context.ConfigurableApplicationContext
* @see org.springframework.core.env.PropertySource
* @see org.springframework.data.gemfire.config.annotation.EnableSsl
* @see org.springframework.data.gemfire.config.annotation.SslConfiguration
* @since 2.2.0
*/
public class EnableSslConfigurationDefaultContextIntegrationTests {
private static final String GEMFIRE_LOG_LEVEL = "error";
private ConfigurableApplicationContext applicationContext;
@After
public void tearDown() {
Optional.ofNullable(this.applicationContext).ifPresent(ConfigurableApplicationContext::close);
Optional.ofNullable(this.applicationContext)
.ifPresent(ConfigurableApplicationContext::close);
}
private void assertGemFirePropertiesCorrectlySet(Properties gemfireProperties) {
assertThat(gemfireProperties).isNotNull();
assertThat(gemfireProperties.getProperty("ssl-ciphers")).isEqualTo("FISH Scream SEAL SNOW");
assertThat(gemfireProperties.getProperty("ssl-enabled-components")).isEqualTo("server,gateway");
assertThat(gemfireProperties.getProperty("ssl-default-alias")).isEqualTo("TestCert");
assertThat(gemfireProperties.getProperty("ssl-gateway-alias")).isEqualTo("WanCert");
assertThat(gemfireProperties.getProperty("ssl-keystore")).isEqualTo("/path/to/keystore.jks");
assertThat(gemfireProperties.getProperty("ssl-keystore-password")).isEqualTo("s3cr3t!");
assertThat(gemfireProperties.getProperty("ssl-keystore-type")).isEqualTo("JKS");
assertThat(gemfireProperties.getProperty("ssl-protocols")).isEqualTo("TCP/IP HTTP");
assertThat(gemfireProperties.getProperty("ssl-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-truststore")).isEqualTo("/path/to/truststore.jks");
assertThat(gemfireProperties.getProperty("ssl-truststore-password")).isEqualTo("p@55w0rd!");
assertThat(gemfireProperties.getProperty("ssl-truststore-type")).isEqualTo("PKCS11");
assertThat(gemfireProperties.getProperty("ssl-web-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-use-default-context")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-endpoint-identification-enabled")).isEqualTo("true");
}
private ConfigurableApplicationContext newApplicationContext(PropertySource<?> testPropertySource,
@@ -70,6 +103,27 @@ public class EnableSslConfigurationDefaultContextIntegrationTests {
return applicationContext;
}
private PropertySource setSpringDataGemFireProperties() {
return new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.security.ssl.ciphers", "Scream,SEAL,SNOW")
.withProperty("spring.data.gemfire.security.ssl.components", "locator, server, gateway")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.default", "MockCert")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.gateway", "WanCert")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.server", "ServerCert")
.withProperty("spring.data.gemfire.security.ssl.enable-endpoint-identification", "true")
.withProperty("spring.data.gemfire.security.ssl.keystore", "~/test/app/keystore.jks")
.withProperty("spring.data.gemfire.security.ssl.keystore.password", "0p3nS@y5M3")
.withProperty("spring.data.gemfire.security.ssl.keystore.type", "R2D2")
.withProperty("spring.data.gemfire.security.ssl.protocols", "IP,TCP/IP,UDP")
.withProperty("spring.data.gemfire.security.ssl.require-authentication", "false")
.withProperty("spring.data.gemfire.security.ssl.truststore", "relative/path/to/trusted.keystore")
.withProperty("spring.data.gemfire.security.ssl.truststore.password", "kn0ckKn0ck")
.withProperty("spring.data.gemfire.security.ssl.truststore.type", "C3PO")
.withProperty("spring.data.gemfire.security.ssl.web-require-authentication", "true")
.withProperty("spring.data.gemfire.security.ssl.use-default-context", "true");
}
@Test
public void sslAnnotationBasedClientConfigurationIsCorrect() {
@@ -94,7 +148,7 @@ public class EnableSslConfigurationDefaultContextIntegrationTests {
@Test
public void sslPropertyBasedClientConfigurationIsCorrect() {
PropertySource testPropertySource = setSdgProperties();
PropertySource testPropertySource = setSpringDataGemFireProperties();
this.applicationContext = newApplicationContext(testPropertySource, SslPropertyBasedClientConfiguration.class);
@@ -107,13 +161,12 @@ public class EnableSslConfigurationDefaultContextIntegrationTests {
assertThat(clientCache).isNotNull();
//Get Properties from GemFire
Properties gemfireProperties = clientCache.getDistributedSystem().getProperties();
String sslEnabledComponents = Optional.ofNullable(gemfireProperties.getProperty("ssl-enabled-components"))
.filter(StringUtils::hasText)
.map(it -> StringUtils.arrayToCommaDelimitedString(
ArrayUtils.sort(StringUtils.commaDelimitedListToStringArray(it))))
ArrayUtils.sort(StringUtils.commaDelimitedListToStringArray(it))))
.orElse(null);
assertThat(gemfireProperties).isNotNull();
@@ -122,6 +175,7 @@ public class EnableSslConfigurationDefaultContextIntegrationTests {
assertThat(gemfireProperties.getProperty("ssl-default-alias")).isEqualTo("MockCert");
assertThat(gemfireProperties.getProperty("ssl-gateway-alias")).isEqualTo("WanCert");
assertThat(gemfireProperties.getProperty("ssl-server-alias")).isEqualTo("ServerCert");
assertThat(gemfireProperties.getProperty("ssl-endpoint-identification-enabled")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-keystore")).isEqualTo("~/test/app/keystore.jks");
assertThat(gemfireProperties.getProperty("ssl-keystore-password")).isEqualTo("0p3nS@y5M3");
assertThat(gemfireProperties.getProperty("ssl-keystore-type")).isEqualTo("R2D2");
@@ -132,13 +186,13 @@ public class EnableSslConfigurationDefaultContextIntegrationTests {
assertThat(gemfireProperties.getProperty("ssl-truststore-type")).isEqualTo("C3PO");
assertThat(gemfireProperties.getProperty("ssl-web-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-use-default-context")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-endpoint-identification-enabled")).isEqualTo("true");
}
@Test
public void sslAnnotationBasedPeerConfigurationIsCorrect(){
public void sslAnnotationBasedPeerConfigurationIsCorrect(){
this.applicationContext = newApplicationContext(new MockPropertySource("TestPropertySource"),
this.applicationContext =
newApplicationContext(new MockPropertySource("TestPropertySource"),
SslAnnotationBasedPeerConfiguration.class);
assertThat(this.applicationContext).isNotNull();
@@ -149,15 +203,15 @@ public class EnableSslConfigurationDefaultContextIntegrationTests {
this.applicationContext.getBean("gemfireCache", GemFireCache.class);
assertThat(peerCache).isNotNull();
//Get Properties from GemFire
Properties gemfireProperties = peerCache.getDistributedSystem().getProperties();
assertGemFirePropertiesCorrectlySet(gemfireProperties);
}
@Test
public void sslPropertyBasedPeerConfigurationIsCorrect() {
PropertySource testPropertySource = setSdgProperties();
PropertySource testPropertySource = setSpringDataGemFireProperties();
this.applicationContext = newApplicationContext(testPropertySource, SslPropertyBasedPeerConfiguration.class);
@@ -170,13 +224,12 @@ public class EnableSslConfigurationDefaultContextIntegrationTests {
assertThat(peerCache).isNotNull();
//Get Properties from GemFire
Properties gemfireProperties = peerCache.getDistributedSystem().getProperties();
String sslEnabledComponents = Optional.ofNullable(gemfireProperties.getProperty("ssl-enabled-components"))
.filter(StringUtils::hasText)
.map(it -> StringUtils.arrayToCommaDelimitedString(
ArrayUtils.sort(StringUtils.commaDelimitedListToStringArray(it))))
ArrayUtils.sort(StringUtils.commaDelimitedListToStringArray(it))))
.orElse(null);
assertThat(gemfireProperties).isNotNull();
@@ -198,8 +251,7 @@ public class EnableSslConfigurationDefaultContextIntegrationTests {
assertThat(gemfireProperties.getProperty("ssl-endpoint-identification-enabled")).isEqualTo("true");
}
@ClientCacheApplication(logLevel = "error")
@ClientCacheApplication(logLevel = GEMFIRE_LOG_LEVEL)
@EnableSsl(
ciphers = { "FISH", "Scream", "SEAL", "SNOW" },
components = { EnableSsl.Component.SERVER, EnableSsl.Component.GATEWAY },
@@ -207,109 +259,44 @@ public class EnableSslConfigurationDefaultContextIntegrationTests {
@EnableSsl.ComponentAlias(component = EnableSsl.Component.GATEWAY, alias = "WanCert")
},
defaultCertificateAlias = "TestCert",
enableEndpointIdentification = true,
keystore = "/path/to/keystore.jks",
keystorePassword = "s3cr3t!",
protocols = { "TCP/IP", "HTTP" },
truststore = "/path/to/truststore.jks",
truststorePassword = "p@55w0rd!",
truststoreType = "PKCS11",
webRequireAuthentication = true,
sslUseDefaultContext = true,
sslEndpointIdentificationEnabled = true)
useDefaultContext = true,
webRequireAuthentication = true
)
static class SslAnnotationBasedClientConfiguration { }
@ClientCacheApplication(logLevel = "error")
@ClientCacheApplication(logLevel = GEMFIRE_LOG_LEVEL)
@EnableSsl
static class SslPropertyBasedClientConfiguration { }
@PeerCacheApplication(logLevel = "error")
@EnableSsl(
ciphers = { "FISH", "Scream", "SEAL", "SNOW" },
components = { EnableSsl.Component.SERVER, EnableSsl.Component.GATEWAY },
componentCertificateAliases = {
@EnableSsl.ComponentAlias(component = EnableSsl.Component.GATEWAY, alias = "WanCert")
},
defaultCertificateAlias = "TestCert",
keystore = "/path/to/keystore.jks",
keystorePassword = "s3cr3t!",
protocols = { "TCP/IP", "HTTP" },
truststore = "/path/to/truststore.jks",
truststorePassword = "p@55w0rd!",
truststoreType = "PKCS11",
webRequireAuthentication = true,
sslUseDefaultContext = true,
sslEndpointIdentificationEnabled = true)
static class SslAnnotationBasedPeerConfiguration{ }
@PeerCacheApplication(logLevel = GEMFIRE_LOG_LEVEL)
@EnableSsl(
ciphers = { "FISH", "Scream", "SEAL", "SNOW" },
components = { EnableSsl.Component.SERVER, EnableSsl.Component.GATEWAY },
componentCertificateAliases = {
@EnableSsl.ComponentAlias(component = EnableSsl.Component.GATEWAY, alias = "WanCert")
},
defaultCertificateAlias = "TestCert",
enableEndpointIdentification = true,
keystore = "/path/to/keystore.jks",
keystorePassword = "s3cr3t!",
protocols = { "TCP/IP", "HTTP" },
truststore = "/path/to/truststore.jks",
truststorePassword = "p@55w0rd!",
truststoreType = "PKCS11",
useDefaultContext = true,
webRequireAuthentication = true
)
static class SslAnnotationBasedPeerConfiguration { }
@PeerCacheApplication(logLevel = "error")
@PeerCacheApplication(logLevel = GEMFIRE_LOG_LEVEL)
@EnableSsl
static class SslPropertyBasedPeerConfiguration { }
private void assertGemFirePropertiesCorrectlySet(Properties gemfireProperties) {
assertThat(gemfireProperties).isNotNull();
assertThat(gemfireProperties.getProperty("ssl-ciphers"))
.isEqualTo("FISH Scream SEAL SNOW");
assertThat(gemfireProperties.getProperty("ssl-enabled-components"))
.isEqualTo("server,gateway");
assertThat(gemfireProperties.getProperty("ssl-default-alias"))
.isEqualTo("TestCert");
assertThat(gemfireProperties.getProperty("ssl-gateway-alias")).isEqualTo("WanCert");
assertThat(gemfireProperties.getProperty("ssl-keystore"))
.isEqualTo("/path/to/keystore.jks");
assertThat(gemfireProperties.getProperty("ssl-keystore-password"))
.isEqualTo("s3cr3t!");
assertThat(gemfireProperties.getProperty("ssl-keystore-type")).isEqualTo("JKS");
assertThat(gemfireProperties.getProperty("ssl-protocols")).isEqualTo("TCP/IP HTTP");
assertThat(gemfireProperties.getProperty("ssl-require-authentication"))
.isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-truststore"))
.isEqualTo("/path/to/truststore.jks");
assertThat(gemfireProperties.getProperty("ssl-truststore-password"))
.isEqualTo("p@55w0rd!");
assertThat(gemfireProperties.getProperty("ssl-truststore-type"))
.isEqualTo("PKCS11");
assertThat(gemfireProperties.getProperty("ssl-web-require-authentication"))
.isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-use-default-context"))
.isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-endpoint-identification-enabled"))
.isEqualTo("true");
}
private PropertySource setSdgProperties() {
return new MockPropertySource("TestPropertySource")
.withProperty("spring.data.gemfire.security.ssl.ciphers",
"Scream,SEAL,SNOW")
.withProperty("spring.data.gemfire.security.ssl.components",
"locator, server, gateway")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.default",
"MockCert")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.gateway",
"WanCert")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.server",
"ServerCert")
.withProperty("spring.data.gemfire.security.ssl.keystore",
"~/test/app/keystore.jks")
.withProperty("spring.data.gemfire.security.ssl.keystore.password",
"0p3nS@y5M3")
.withProperty("spring.data.gemfire.security.ssl.keystore.type",
"R2D2")
.withProperty("spring.data.gemfire.security.ssl.protocols",
"IP,TCP/IP,UDP")
.withProperty("spring.data.gemfire.security.ssl.require-authentication",
"false")
.withProperty("spring.data.gemfire.security.ssl.truststore",
"relative/path/to/trusted.keystore")
.withProperty("spring.data.gemfire.security.ssl.truststore.password",
"kn0ckKn0ck")
.withProperty("spring.data.gemfire.security.ssl.truststore.type",
"C3PO")
.withProperty("spring.data.gemfire.security.ssl.web-require-authentication",
"true")
.withProperty("spring.data.gemfire.security.ssl.use-default-context",
"true")
.withProperty("spring.data.gemfire.security.ssl.endpoint-identification-enabled",
"true");
}
}

View File

@@ -37,6 +37,7 @@ import org.springframework.util.StringUtils;
* Unit tests for {@link EnableSsl} and {@link SslConfiguration}.
*
* @author John Blum
* @author Srikanth Manvi
* @see org.junit.Test
* @see org.apache.geode.cache.GemFireCache
* @see org.springframework.data.gemfire.config.annotation.EnableSsl
@@ -90,6 +91,7 @@ public class EnableSslConfigurationUnitTests {
assertThat(gemfireProperties.getProperty("ssl-enabled-components")).isEqualTo("server,gateway");
assertThat(gemfireProperties.getProperty("ssl-default-alias")).isEqualTo("TestCert");
assertThat(gemfireProperties.getProperty("ssl-gateway-alias")).isEqualTo("WanCert");
assertThat(gemfireProperties.getProperty("ssl-endpoint-identification-enabled")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-keystore")).isEqualTo("/path/to/keystore.jks");
assertThat(gemfireProperties.getProperty("ssl-keystore-password")).isEqualTo("s3cr3t!");
assertThat(gemfireProperties.getProperty("ssl-keystore-type")).isEqualTo("JKS");
@@ -98,9 +100,8 @@ public class EnableSslConfigurationUnitTests {
assertThat(gemfireProperties.getProperty("ssl-truststore")).isEqualTo("/path/to/truststore.jks");
assertThat(gemfireProperties.getProperty("ssl-truststore-password")).isEqualTo("p@55w0rd!");
assertThat(gemfireProperties.getProperty("ssl-truststore-type")).isEqualTo("PKCS11");
assertThat(gemfireProperties.getProperty("ssl-web-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-use-default-context")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-endpoint-identification-enabled")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-web-require-authentication")).isEqualTo("true");
}
@Test
@@ -112,6 +113,7 @@ public class EnableSslConfigurationUnitTests {
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.default", "MockCert")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.gateway", "WanCert")
.withProperty("spring.data.gemfire.security.ssl.certificate.alias.server", "ServerCert")
.withProperty("spring.data.gemfire.security.ssl.enable-endpoint-identification", "true")
.withProperty("spring.data.gemfire.security.ssl.keystore", "~/test/app/keystore.jks")
.withProperty("spring.data.gemfire.security.ssl.keystore.password", "0p3nS@y5M3")
.withProperty("spring.data.gemfire.security.ssl.keystore.type", "R2D2")
@@ -120,9 +122,8 @@ public class EnableSslConfigurationUnitTests {
.withProperty("spring.data.gemfire.security.ssl.truststore", "relative/path/to/trusted.keystore")
.withProperty("spring.data.gemfire.security.ssl.truststore.password", "kn0ckKn0ck")
.withProperty("spring.data.gemfire.security.ssl.truststore.type", "C3PO")
.withProperty("spring.data.gemfire.security.ssl.web-require-authentication", "true")
.withProperty("spring.data.gemfire.security.ssl.use-default-context", "true")
.withProperty("spring.data.gemfire.security.ssl.endpoint-identification-enabled", "true");
.withProperty("spring.data.gemfire.security.ssl.web-require-authentication", "true");
this.applicationContext = newApplicationContext(testPropertySource, SslPropertyBasedConfiguration.class);
@@ -150,6 +151,7 @@ public class EnableSslConfigurationUnitTests {
assertThat(gemfireProperties.getProperty("ssl-default-alias")).isEqualTo("MockCert");
assertThat(gemfireProperties.getProperty("ssl-gateway-alias")).isEqualTo("WanCert");
assertThat(gemfireProperties.getProperty("ssl-server-alias")).isEqualTo("ServerCert");
assertThat(gemfireProperties.getProperty("ssl-endpoint-identification-enabled")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-keystore")).isEqualTo("~/test/app/keystore.jks");
assertThat(gemfireProperties.getProperty("ssl-keystore-password")).isEqualTo("0p3nS@y5M3");
assertThat(gemfireProperties.getProperty("ssl-keystore-type")).isEqualTo("R2D2");
@@ -158,9 +160,8 @@ public class EnableSslConfigurationUnitTests {
assertThat(gemfireProperties.getProperty("ssl-truststore")).isEqualTo("relative/path/to/trusted.keystore");
assertThat(gemfireProperties.getProperty("ssl-truststore-password")).isEqualTo("kn0ckKn0ck");
assertThat(gemfireProperties.getProperty("ssl-truststore-type")).isEqualTo("C3PO");
assertThat(gemfireProperties.getProperty("ssl-web-require-authentication")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-use-default-context")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-endpoint-identification-enabled")).isEqualTo("true");
assertThat(gemfireProperties.getProperty("ssl-web-require-authentication")).isEqualTo("true");
}
@EnableGemFireMockObjects
@@ -172,15 +173,15 @@ public class EnableSslConfigurationUnitTests {
@EnableSsl.ComponentAlias(component = EnableSsl.Component.GATEWAY, alias = "WanCert")
},
defaultCertificateAlias = "TestCert",
enableEndpointIdentification = true,
keystore = "/path/to/keystore.jks",
keystorePassword = "s3cr3t!",
protocols = { "TCP/IP", "HTTP" },
truststore = "/path/to/truststore.jks",
truststorePassword = "p@55w0rd!",
truststoreType = "PKCS11",
webRequireAuthentication = true,
sslUseDefaultContext = true,
sslEndpointIdentificationEnabled = true
useDefaultContext = true,
webRequireAuthentication = true
)
static class SslAnnotationBasedConfiguration { }