kirklund commented on a change in pull request #7063:
URL: https://github.com/apache/geode/pull/7063#discussion_r743222129
##########
File path:
geode-core/src/distributedTest/java/org/apache/geode/internal/cache/tier/sockets/ClientServerConnectDisconnectDistributedTest.java
##########
@@ -151,9 +151,9 @@ private void
verifyServerConnectionSubjectsAreLoggedIn(AcceptorImpl acceptor) {
authorizations = new ArrayList<>();
for (ServerConnection sc : acceptor.getAllServerConnections()) {
ClientUserAuths auth = sc.getClientUserAuths();
- assertThat(auth.getSubjects().size()).isNotEqualTo(0);
+ assertThat(auth.getAllSubjects().size()).isNotEqualTo(0);
Review comment:
The failure message will show the contents of the collection if you
change to:
```
assertThat(auth.getAllSubjects()).isEmpty();
```
##########
File path:
geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientProxy.java
##########
@@ -973,6 +979,8 @@ private void closeOtherTransientFields() {
// Logout the subject
if (subject != null) {
+ logger.info(
+ "CacheClientProxy.closeOtherTransientFields, logging out: " +
subject.getPrincipal());
Review comment:
This should use SECURITY_LOGGER_NAME.
##########
File path:
geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/CacheClientProxy.java
##########
@@ -774,14 +770,23 @@ protected boolean close(boolean checkQueue, boolean
stoppedNormally) {
connected = false;
- // Close the Authorization callback (if any)
+ // Close the Authorization callback or subject if we are not keeping the
proxy
try {
if (!pauseDurable) {
- if (postAuthzCallback != null) {// for single user
+ // single user case -- old security
+ if (postAuthzCallback != null) {
postAuthzCallback.close();
postAuthzCallback = null;
}
- if (clientUserAuths != null) {// for multiple users
+ // single user case -- integrated security
+ // connection is closed, so we can log out this subject
+ else if (subject != null) {
+ logger.debug("CacheClientProxy.close, logging out: " +
subject.getPrincipal());
Review comment:
This is probably exposing sensitive data to the log even though it's not
the password. The User can set the log-level to debug which turns on these log
statements.
Also, all security related logging in the product should use the
SECURITY_LOGGER_NAME:
```
private static final Logger logger =
LogService.getLogger(SECURITY_LOGGER_NAME);
```
The SECURITY_LOGGER_NAME gets redirected to the
`ConfigurationProperties.SECURITY_LOG_FILE` if the user has set it.
Don't forget, the log4j2 uses `{}` in the syntax:
```
logger.debug("CacheClientProxy.close, logging out: {}",
subject.getPrincipal());
```
##########
File path:
geode-core/src/main/java/org/apache/geode/internal/cache/tier/sockets/ClientUserAuths.java
##########
@@ -90,28 +120,29 @@ public UserAuthAttributes getUserAuthAttributes(final Long
userId) {
}
@VisibleForTesting
- protected Collection<Subject> getSubjects() {
- return Collections.unmodifiableCollection(uniqueIdVsSubject.values());
- }
-
- public Subject getSubject(final Long userId) {
- return uniqueIdVsSubject.get(userId);
- }
-
- public void removeSubject(final Long userId) {
- logger.debug("Subject of {} removed.", userId);
- removeSubject(uniqueIdVsSubject.remove(userId));
+ @TestOnly
Review comment:
We should probably have some sort of discussion or tech talk about when
`@VisibleForTesting` or `@TestOnly` should be used. Someone needs to own
introducing `@TestOnly` and should add a wiki page or other info about when to
use these annotations. They should also submit a PR to remove
`@VisibleForTesting` and convert all uses to `@TestOnly`. Right now, we're just
introducing a mess by using both annotations without any documented guidelines.
##########
File path:
geode-core/src/distributedTest/java/org/apache/geode/internal/cache/tier/sockets/ClientServerConnectDisconnectDistributedTest.java
##########
@@ -204,7 +204,7 @@ private void verifyServerConnectionSubjectsAreLoggedOut() {
}
for (ClientUserAuths auth : authorizations) {
- assertThat(auth.getSubjects().size()).isEqualTo(0);
+ assertThat(auth.getAllSubjects().size()).isEqualTo(0);
Review comment:
```
assertThat(auth.getAllSubjects()).isEmpty();
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
