DATAREDIS-1060 - Polishing.
Remove data node password reuse for sentinel as we favor explicit configuration over implicit. Use RedisURI builder and not sentinel URI builder to configure the SentinelURI correctly. Associate masterId with outermost RedisURI. Original pull request: #495.
This commit is contained in:
@@ -120,41 +120,6 @@ public class RedisSentinelConfigurationUnitTests {
|
||||
new RedisNode("localhost", 789));
|
||||
}
|
||||
|
||||
@Test // DATAREDIS-1060
|
||||
public void throwsExceptionOnSentinelPasswordAlreadySetWhenTryingToReuseDataNodePassword() {
|
||||
|
||||
RedisSentinelConfiguration configuration = new RedisSentinelConfiguration("myMaster",
|
||||
Collections.singleton(HOST_AND_PORT_1));
|
||||
configuration.setSentinelPassword(RedisPassword.of("so-secret-you'll-never-guess-123"));
|
||||
|
||||
assertThatExceptionOfType(IllegalStateException.class)
|
||||
.isThrownBy(() -> configuration.useDataNodeAuthenticationForSentinel(true));
|
||||
}
|
||||
|
||||
@Test // DATAREDIS-1060
|
||||
public void throwsExceptionOnSettingSentinelPasswordWhenAlreadyReusingDataNodePassword() {
|
||||
|
||||
RedisSentinelConfiguration configuration = new RedisSentinelConfiguration("myMaster",
|
||||
Collections.singleton(HOST_AND_PORT_1));
|
||||
configuration.setPassword(RedisPassword.of("qwerty"));
|
||||
configuration.useDataNodeAuthenticationForSentinel(true);
|
||||
|
||||
assertThatExceptionOfType(IllegalStateException.class)
|
||||
.isThrownBy(() -> configuration.setSentinelPassword(RedisPassword.of("who-needs-security-anyway")));
|
||||
}
|
||||
|
||||
@Test // DATAREDIS-1060
|
||||
public void settingSentinelPasswordReturnsDataNodePasswordIfUseDataNodeAuthIsTrue() {
|
||||
|
||||
RedisPassword password = RedisPassword.of("monkey-dragon->yeah-getting-better-combining-trivial-ones");
|
||||
RedisSentinelConfiguration configuration = new RedisSentinelConfiguration("myMaster",
|
||||
Collections.singleton(HOST_AND_PORT_1));
|
||||
configuration.setPassword(password);
|
||||
configuration.useDataNodeAuthenticationForSentinel(true);
|
||||
|
||||
assertThat(configuration.getSentinelPassword()).isEqualTo(password);
|
||||
}
|
||||
|
||||
@Test // DATAREDIS-1060
|
||||
public void dataNodePasswordDoesNotAffectSentinelPassword() {
|
||||
|
||||
@@ -177,7 +142,6 @@ public class RedisSentinelConfigurationUnitTests {
|
||||
RedisSentinelConfiguration config = new RedisSentinelConfiguration(propertySource);
|
||||
|
||||
assertThat(config.getSentinelPassword()).isEqualTo(RedisPassword.of("computer-says-no"));
|
||||
assertThat(config.getSentinels().size()).isEqualTo(1);
|
||||
assertThat(config.getSentinels()).contains(new RedisNode("127.0.0.1", 123));
|
||||
assertThat(config.getSentinels()).hasSize(1).contains(new RedisNode("127.0.0.1", 123));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -224,30 +224,6 @@ public class LettuceConnectionFactoryUnitTests {
|
||||
}
|
||||
}
|
||||
|
||||
@Test // DATAREDIS-1060
|
||||
public void redisPasswordShouldBeSetOnSentinelClientIfItShouldBeReused() {
|
||||
|
||||
RedisSentinelConfiguration config = new RedisSentinelConfiguration("mymaster", Collections.singleton("host:1234"));
|
||||
config.useDataNodeAuthenticationForSentinel(true);
|
||||
|
||||
LettuceConnectionFactory connectionFactory = new LettuceConnectionFactory(config);
|
||||
connectionFactory.setClientResources(getSharedClientResources());
|
||||
connectionFactory.setPassword("o_O");
|
||||
connectionFactory.afterPropertiesSet();
|
||||
ConnectionFactoryTracker.add(connectionFactory);
|
||||
|
||||
AbstractRedisClient client = (AbstractRedisClient) getField(connectionFactory, "client");
|
||||
assertThat(client).isInstanceOf(RedisClient.class);
|
||||
|
||||
RedisURI redisUri = (RedisURI) getField(client, "redisURI");
|
||||
|
||||
assertThat(redisUri.getPassword()).isEqualTo(connectionFactory.getPassword().toCharArray());
|
||||
|
||||
for (RedisURI sentinel : redisUri.getSentinels()) {
|
||||
assertThat(sentinel.getPassword()).isEqualTo("o_O".toCharArray());
|
||||
}
|
||||
}
|
||||
|
||||
@Test // DATAREDIS-1060
|
||||
public void sentinelPasswordShouldNotLeakIntoDataNodeClient() {
|
||||
|
||||
|
||||
Reference in New Issue
Block a user