svn commit: r953453 - /qpid/trunk/qpid/cpp/src/tests/cluster_tests.py

Thu, 10 Jun 2010 16:22:34 -0700 

Author: aconway
Date: Thu Jun 10 21:01:40 2010
New Revision: 953453

URL: http://svn.apache.org/viewvc?rev=953453&view=rev
Log:
Extended tests for cluster and security.

Modified:
    qpid/trunk/qpid/cpp/src/tests/cluster_tests.py

Modified: qpid/trunk/qpid/cpp/src/tests/cluster_tests.py
URL: 
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/tests/cluster_tests.py?rev=953453&r1=953452&r2=953453&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/tests/cluster_tests.py (original)
+++ qpid/trunk/qpid/cpp/src/tests/cluster_tests.py Thu Jun 10 21:01:40 2010
@@ -105,14 +105,58 @@ class ShortTests(BrokerTest):
     def test_sasl(self):
         """Test SASL authentication and encryption in a cluster"""
         sasl_config=os.path.join(self.rootdir, "sasl_config")
-        cluster = self.cluster(3, ["--auth", "yes", "--sasl-config", 
sasl_config])
-        # Try a bad user ID
+        acl=os.path.join(os.getcwd(), "policy.acl")
+        aclf=file(acl,"w")
+        aclf.write("""
+acl deny z...@qpid create queue
+acl allow all all
+""")
+        aclf.close()
+        cluster = self.cluster(2, args=["--auth", "yes",
+                                        "--sasl-config", sasl_config,
+                                        "--load-module", os.getenv("ACL_LIB"),
+                                        "--acl-file", acl])
+
+        # Valid user/password, ensure queue is created.
+        c = cluster[0].connect(username="zig", password="zig")
+        c.session().sender("ziggy;{create:always}")
+        c.close()
+        c = cluster[1].connect(username="zig", password="zig")
+        c.session().receiver("ziggy;{assert:always}")
+        c.close()
+        for b in cluster: b.ready()     # Make sure all brokers still running.
+
+        # Valid user, bad password
+        try:
+            cluster[0].connect(username="zig", password="foo").close()
+            self.fail("Expected exception")
+        except messaging.exceptions.ConnectionError: pass
+        for b in cluster: b.ready()     # Make sure all brokers still running.
+
+        # Bad user ID
         try:
-            c = 
messaging.Connection.establish("nosuch/u...@%s"%(cluster[0].host_port()))
+            cluster[0].connect(username="foo", password="bar").close()
             self.fail("Expected exception")
         except messaging.exceptions.ConnectionError: pass
         for b in cluster: b.ready()     # Make sure all brokers still running.
 
+        # Action disallowed by ACL
+        c = cluster[0].connect(username="zag", password="zag")
+        try:
+            s = c.session()
+            s.sender("zaggy;{create:always}")
+            s.close()
+            self.fail("Expected exception")
+        except messaging.exceptions.UnauthorizedAccess: pass
+        # make sure the queue was not created at the other node.
+        c = cluster[0].connect(username="zag", password="zag")
+        try:
+            s = c.session()
+            s.sender("zaggy;{assert:always}")
+            s.close()
+            self.fail("Expected exception")
+        except messaging.exceptions.NotFound: pass
+
         
 class LongTests(BrokerTest):
     """Tests that can run for a long time if -DDURATION=<minutes> is set"""



---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:[email protected]

Reply via email to