[GitHub] [ignite] SomeFire commented on a change in pull request #7375: PoC security context spread

Mon, 10 Feb 2020 03:05:56 -0800 

SomeFire commented on a change in pull request #7375: PoC security context 
spread
URL: https://github.com/apache/ignite/pull/7375#discussion_r376275549
 
 

 ##########
 File path: 
modules/core/src/test/java/org/apache/ignite/internal/processors/security/InvalidServerTest.java
 ##########
 @@ -37,29 +39,43 @@
     /** Test server name. */
     private static final String TEST_SERVER_NAME = "test_server";
 
-    /** {@inheritDoc} */
-    @Override protected IgniteConfiguration getConfiguration(String 
instanceName,
-            AbstractTestSecurityPluginProvider pluginProv) throws Exception {
-        IgniteConfiguration cfg = super.getConfiguration(instanceName, 
pluginProv);
+    /** */
+    @Test
+    public void testInvalidServer() throws Exception {
+        globalAuth = true;
+
+        startServerNode("server1");
+        startServerNode("server2");
+
+        assertThrowsWithCause(() -> startServerNode(TEST_SERVER_NAME), 
IgniteAuthenticationException.class);
+    }
 
-        cfg.setDiscoverySpi(new TcpDiscoverySpi() {
-            @Override protected void 
startMessageProcess(TcpDiscoveryAbstractMessage msg) {
-                if (msg instanceof TcpDiscoveryNodeAddedMessage && 
msg.verified())
-                    TestSecurityProcessor.PERMS.remove(new 
SecurityCredentials(TEST_SERVER_NAME, ""));
+    private IgniteEx startServerNode(String login) throws Exception {
+        TestSecurityPluginProvider provider = new 
TestSecurityPluginProvider(login, "",
+            ALLOW_ALL, null, globalAuth){
+            @Override protected GridSecurityProcessor 
securityProcessor(GridKernalContext ctx) {
+                return new InvalidServerSecurityProcessor(ctx, 
super.securityProcessor(ctx));
             }
-        }.setIpFinder(LOCAL_IP_FINDER));
+        };
 
-        return cfg;
+        return startGrid(getConfiguration(login, provider)
+            .setClientMode(false));
     }
 
-    /** */
-    @Test
-    public void testInvalidServer() throws Exception {
-        globalAuth = true;
+    /* */
+    static class InvalidServerSecurityProcessor extends 
TestSecurityProcessor.TestSecurityProcessorDelegator {
+
+        public InvalidServerSecurityProcessor(GridKernalContext ctx,
+            GridSecurityProcessor original) {
+            super(ctx, original);
+        }
 
-        startGridAllowAll("server1");
-        startGridAllowAll("server2");
+        @Override public SecurityContext authenticateNode(ClusterNode node,
+            SecurityCredentials cred) throws IgniteCheckedException {
+            if(TEST_SERVER_NAME.equals(cred.getLogin()) && 
!TEST_SERVER_NAME.equals(ctx.igniteInstanceName()))
 
 Review comment:
   Missed space after `if`.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

Reply via email to