Repository: ambari Updated Branches: refs/heads/branch-dev-logsearch d3f1aed5b -> f6972cbde (forced update)
http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProviderTest.java b/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProviderTest.java new file mode 100644 index 0000000..c6a5ba5 --- /dev/null +++ b/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchAuthenticationProviderTest.java @@ -0,0 +1,205 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.ambari.logsearch.web.security; + +import org.junit.Before; +import org.junit.Test; +import org.springframework.security.authentication.TestingAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.AuthenticationException; + +import static junit.framework.Assert.assertEquals; +import static junit.framework.Assert.assertSame; +import static junit.framework.Assert.assertTrue; +import static org.easymock.EasyMock.strictMock; +import static org.easymock.EasyMock.expect; +import static org.easymock.EasyMock.replay; +import static org.easymock.EasyMock.verify; + +import java.lang.reflect.Field; + +public class LogsearchAuthenticationProviderTest { + private static final Authentication SUCCESSFUL_AUTHENTICATION = new TestingAuthenticationToken("principal", "credentials"); + private static final Authentication FAILED_AUTHENTICATION = new TestingAuthenticationToken("principal", "credentials"); + static { + SUCCESSFUL_AUTHENTICATION.setAuthenticated(true); + FAILED_AUTHENTICATION.setAuthenticated(false); + } + + private LogsearchAuthenticationProvider provider; + + private LogsearchLdapAuthenticationProvider mockLdapProvider; + private LogsearchFileAuthenticationProvider mockFileProvider; + private LogsearchExternalServerAuthenticationProvider mockExternalServerProvider; + private LogsearchSimpleAuthenticationProvider mockSimpleProvider; + + @Before + public void resetContext() throws Exception { + provider = new LogsearchAuthenticationProvider(); + + mockLdapProvider = strictMock(LogsearchLdapAuthenticationProvider.class); + mockFileProvider = strictMock(LogsearchFileAuthenticationProvider.class); + mockExternalServerProvider = strictMock(LogsearchExternalServerAuthenticationProvider.class); + mockSimpleProvider = strictMock(LogsearchSimpleAuthenticationProvider.class); + + Field ldapProviderField = LogsearchAuthenticationProvider.class.getDeclaredField("ldapAuthenticationProvider"); + ldapProviderField.setAccessible(true); + ldapProviderField.set(provider, mockLdapProvider); + + Field fileProviderField = LogsearchAuthenticationProvider.class.getDeclaredField("fileAuthenticationProvider"); + fileProviderField.setAccessible(true); + fileProviderField.set(provider, mockFileProvider); + + Field extarnalProviderField = LogsearchAuthenticationProvider.class.getDeclaredField("externalServerAuthenticationProvider"); + extarnalProviderField.setAccessible(true); + extarnalProviderField.set(provider, mockExternalServerProvider); + + Field simpleProviderField = LogsearchAuthenticationProvider.class.getDeclaredField("simpleAuthenticationProvider"); + simpleProviderField.setAccessible(true); + simpleProviderField.set(provider, mockSimpleProvider); + } + + @Test + public void testLdapAuthenticates() { + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + expect(mockLdapProvider.authenticate(authentication)).andReturn(SUCCESSFUL_AUTHENTICATION); + + replay(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + + Authentication authenticationResult = provider.authenticate(authentication); + assertSame(authenticationResult, SUCCESSFUL_AUTHENTICATION); + + verify(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + } + + @Test + public void testFileAuthenticates() { + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + expect(mockLdapProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockFileProvider.authenticate(authentication)).andReturn(SUCCESSFUL_AUTHENTICATION); + + replay(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + + Authentication authenticationResult = provider.authenticate(authentication); + assertSame(authenticationResult, SUCCESSFUL_AUTHENTICATION); + + verify(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + } + + @Test + public void testExternalAuthenticates() { + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + expect(mockLdapProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockFileProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockExternalServerProvider.authenticate(authentication)).andReturn(SUCCESSFUL_AUTHENTICATION); + + replay(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + + Authentication authenticationResult = provider.authenticate(authentication); + assertSame(authenticationResult, SUCCESSFUL_AUTHENTICATION); + + verify(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + } + + @Test + public void testSimpleAuthenticates() { + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + expect(mockLdapProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockFileProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockExternalServerProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockSimpleProvider.authenticate(authentication)).andReturn(SUCCESSFUL_AUTHENTICATION); + + replay(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + + Authentication authenticationResult = provider.authenticate(authentication); + assertSame(authenticationResult, SUCCESSFUL_AUTHENTICATION); + + verify(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + } + + @Test + public void testNoOneAuthenticates() { + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + expect(mockLdapProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockFileProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockExternalServerProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockSimpleProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + + replay(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + + Authentication authenticationResult = provider.authenticate(authentication); + assertSame(authenticationResult, FAILED_AUTHENTICATION); + + verify(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + } + + @Test + public void testOneExceptionAndAuthenticates() { + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + expect(mockLdapProvider.authenticate(authentication)).andThrow(new AuthenticationException("") {}); + expect(mockFileProvider.authenticate(authentication)).andReturn(SUCCESSFUL_AUTHENTICATION); + + replay(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + + Authentication authenticationResult = provider.authenticate(authentication); + assertSame(authenticationResult, SUCCESSFUL_AUTHENTICATION); + + verify(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + } + + @Test + public void testOneExceptionNoOneAuthenticates() { + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + expect(mockLdapProvider.authenticate(authentication)).andThrow(new AuthenticationException("msg1") {}); + expect(mockFileProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockExternalServerProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockSimpleProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + + replay(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown AuthenticationException", false); + } catch(AuthenticationException e) { + assertEquals(e.getMessage(), "msg1"); + } + + verify(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + } + + @Test + public void testTwoExceptionNoOneAuthenticates() { + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + expect(mockLdapProvider.authenticate(authentication)).andThrow(new AuthenticationException("msg1") {}); + expect(mockFileProvider.authenticate(authentication)).andThrow(new AuthenticationException("msg2") {}); + expect(mockExternalServerProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + expect(mockSimpleProvider.authenticate(authentication)).andReturn(FAILED_AUTHENTICATION); + + replay(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown AuthenticationException", false); + } catch(AuthenticationException e) { + assertEquals(e.getMessage(), "msg1"); + } + + verify(mockLdapProvider, mockFileProvider, mockSimpleProvider, mockExternalServerProvider); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProviderTest.java b/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProviderTest.java new file mode 100644 index 0000000..d6247a1 --- /dev/null +++ b/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchExternalServerAuthenticationProviderTest.java @@ -0,0 +1,185 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.ambari.logsearch.web.security; + +import org.apache.ambari.logsearch.common.ExternalServerClient; +import org.apache.ambari.logsearch.conf.AuthPropsConfig; +import org.junit.Before; +import org.junit.Test; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.TestingAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.authority.SimpleGrantedAuthority; + +import static junit.framework.Assert.assertEquals; +import static junit.framework.Assert.assertSame; +import static junit.framework.Assert.assertTrue; +import static org.easymock.EasyMock.strictMock; +import static org.easymock.EasyMock.expect; +import static org.easymock.EasyMock.replay; +import static org.easymock.EasyMock.verify; + +import java.lang.reflect.Field; + +public class LogsearchExternalServerAuthenticationProviderTest { + + private LogsearchExternalServerAuthenticationProvider provider; + private AuthPropsConfig mockAuthPropsConfig; + private ExternalServerClient mockExternalServerClient; + + @Before + public void init() throws Exception { + provider = new LogsearchExternalServerAuthenticationProvider(); + mockAuthPropsConfig = strictMock(AuthPropsConfig.class); + mockExternalServerClient = strictMock(ExternalServerClient.class); + + Field authPropsConfigField = LogsearchExternalServerAuthenticationProvider.class.getDeclaredField("authPropsConfig"); + authPropsConfigField.setAccessible(true); + authPropsConfigField.set(provider, mockAuthPropsConfig); + + Field externalServerClientField = LogsearchExternalServerAuthenticationProvider.class.getDeclaredField("externalServerClient"); + externalServerClientField.setAccessible(true); + externalServerClientField.set(provider, mockExternalServerClient); + } + + @Test + public void testAuthenticationDisabled() { + expect(mockAuthPropsConfig.isAuthExternalEnabled()).andReturn(false); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + assertSame(provider.authenticate(authentication), authentication); + + verify(mockAuthPropsConfig); + } + + @Test + public void testAuthenticationEmptyUser() { + expect(mockAuthPropsConfig.isAuthExternalEnabled()).andReturn(true); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("", "credentials"); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch(BadCredentialsException e) { + assertEquals("Username can't be null or empty.", e.getMessage()); + } + + verify(mockAuthPropsConfig); + } + + @Test + public void testAuthenticationNullUser() { + expect(mockAuthPropsConfig.isAuthExternalEnabled()).andReturn(true); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken(null, "credentials"); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch(BadCredentialsException e) { + assertEquals("Username can't be null or empty.", e.getMessage()); + } + + verify(mockAuthPropsConfig); + } + + + @Test + public void testAuthenticationEmptyPassword() { + expect(mockAuthPropsConfig.isAuthExternalEnabled()).andReturn(true); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("principal", ""); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch(BadCredentialsException e) { + assertEquals("Password can't be null or empty.", e.getMessage()); + } + + verify(mockAuthPropsConfig); + } + + @Test + public void testAuthenticationNullPassword() { + expect(mockAuthPropsConfig.isAuthExternalEnabled()).andReturn(true); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("principal", null); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch(BadCredentialsException e) { + assertEquals("Password can't be null or empty.", e.getMessage()); + } + + verify(mockAuthPropsConfig); + } + + @Test + public void testAuthenticationUnsuccessful() throws Exception { + expect(mockAuthPropsConfig.isAuthExternalEnabled()).andReturn(true); + expect(mockAuthPropsConfig.getExternalAuthLoginUrl()).andReturn("http://server.com?userName=$USERNAME";); + expect(mockExternalServerClient.sendGETRequest("http://server.com?userName=principal";, String.class, "principal", "credentials")) + .andReturn("{\"permission_name\": \"NOT.AMBARI.ADMINISTRATOR\" }"); + + replay(mockAuthPropsConfig, mockExternalServerClient); + + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch (BadCredentialsException e) { + assertEquals("Bad credentials", e.getMessage()); + } + + verify(mockAuthPropsConfig, mockExternalServerClient); + } + + @Test + public void testAuthenticationSuccessful() throws Exception { + expect(mockAuthPropsConfig.isAuthExternalEnabled()).andReturn(true); + expect(mockAuthPropsConfig.getExternalAuthLoginUrl()).andReturn("http://server.com?userName=$USERNAME";); + expect(mockExternalServerClient.sendGETRequest("http://server.com?userName=principal";, String.class, "principal", "credentials")) + .andReturn("{\"permission_name\": \"AMBARI.ADMINISTRATOR\" }"); + + replay(mockAuthPropsConfig, mockExternalServerClient); + + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + Authentication authenticationResult = provider.authenticate(authentication); + + assertEquals("principal", authenticationResult.getName()); + assertEquals("credentials", authenticationResult.getCredentials()); + assertEquals(1, authenticationResult.getAuthorities().size()); + assertEquals(new SimpleGrantedAuthority("ROLE_USER"), authenticationResult.getAuthorities().iterator().next()); + + verify(mockAuthPropsConfig, mockExternalServerClient); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProviderTest.java b/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProviderTest.java new file mode 100644 index 0000000..407cc83 --- /dev/null +++ b/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchFileAuthenticationProviderTest.java @@ -0,0 +1,231 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.ambari.logsearch.web.security; + +import org.apache.ambari.logsearch.conf.AuthPropsConfig; +import org.apache.ambari.logsearch.util.CommonUtil; +import org.apache.ambari.logsearch.web.model.User; +import org.junit.Before; +import org.junit.Test; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.TestingAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.userdetails.UserDetailsService; + +import static junit.framework.Assert.assertEquals; +import static junit.framework.Assert.assertSame; +import static junit.framework.Assert.assertTrue; +import static org.easymock.EasyMock.strictMock; +import static org.easymock.EasyMock.expect; +import static org.easymock.EasyMock.replay; +import static org.easymock.EasyMock.verify; + +import java.lang.reflect.Field; +import java.util.Arrays; +import java.util.List; + +public class LogsearchFileAuthenticationProviderTest { + + private LogsearchFileAuthenticationProvider provider; + private AuthPropsConfig mockAuthPropsConfig; + private UserDetailsService mockUserDetailsService; + + @Before + public void init() throws Exception { + provider = new LogsearchFileAuthenticationProvider(); + mockAuthPropsConfig = strictMock(AuthPropsConfig.class); + mockUserDetailsService = strictMock(UserDetailsService.class); + + Field authPropsConfigField = LogsearchFileAuthenticationProvider.class.getDeclaredField("authPropsConfig"); + authPropsConfigField.setAccessible(true); + authPropsConfigField.set(provider, mockAuthPropsConfig); + + Field userDetailsServiceField = LogsearchFileAuthenticationProvider.class.getDeclaredField("userDetailsService"); + userDetailsServiceField.setAccessible(true); + userDetailsServiceField.set(provider, mockUserDetailsService); + } + + @Test + public void testAuthenticationDisabled() { + expect(mockAuthPropsConfig.isAuthFileEnabled()).andReturn(false); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + assertSame(provider.authenticate(authentication), authentication); + + verify(mockAuthPropsConfig); + } + + @Test + public void testAuthenticationEmptyUser() { + expect(mockAuthPropsConfig.isAuthFileEnabled()).andReturn(true); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("", "credentials"); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch(BadCredentialsException e) { + assertEquals("Username can't be null or empty.", e.getMessage()); + } + + verify(mockAuthPropsConfig); + } + + @Test + public void testAuthenticationNullUser() { + expect(mockAuthPropsConfig.isAuthFileEnabled()).andReturn(true); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken(null, "credentials"); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch(BadCredentialsException e) { + assertEquals("Username can't be null or empty.", e.getMessage()); + } + + verify(mockAuthPropsConfig); + } + + + @Test + public void testAuthenticationEmptyPassword() { + expect(mockAuthPropsConfig.isAuthFileEnabled()).andReturn(true); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("principal", ""); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch(BadCredentialsException e) { + assertEquals("Password can't be null or empty.", e.getMessage()); + } + + verify(mockAuthPropsConfig); + } + + @Test + public void testAuthenticationNullPassword() { + expect(mockAuthPropsConfig.isAuthFileEnabled()).andReturn(true); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("principal", null); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch(BadCredentialsException e) { + assertEquals("Password can't be null or empty.", e.getMessage()); + } + + verify(mockAuthPropsConfig); + } + + @Test + public void testAuthenticationUnknownUser() { + expect(mockAuthPropsConfig.isAuthFileEnabled()).andReturn(true); + expect(mockUserDetailsService.loadUserByUsername("principal")).andReturn(null); + + replay(mockAuthPropsConfig, mockUserDetailsService); + + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch (BadCredentialsException e) { + assertEquals("User not found.", e.getMessage()); + } + + verify(mockAuthPropsConfig, mockUserDetailsService); + } + + @Test + public void testAuthenticationNoPassword() { + List<GrantedAuthority> grantedAuths = Arrays.<GrantedAuthority>asList(new SimpleGrantedAuthority("ROLE_USER")); + User user = new User("principal", null, grantedAuths); + + expect(mockAuthPropsConfig.isAuthFileEnabled()).andReturn(true); + expect(mockUserDetailsService.loadUserByUsername("principal")).andReturn(user); + + replay(mockAuthPropsConfig, mockUserDetailsService); + + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch (BadCredentialsException e) { + assertEquals("Password can't be null or empty.", e.getMessage()); + } + + verify(mockAuthPropsConfig, mockUserDetailsService); + } + + @Test + public void testAuthenticationWrongPassword() { + List<GrantedAuthority> grantedAuths = Arrays.<GrantedAuthority>asList(new SimpleGrantedAuthority("ROLE_USER")); + User user = new User("principal", CommonUtil.encryptPassword("principal", "notCredentials"), grantedAuths); + + expect(mockAuthPropsConfig.isAuthFileEnabled()).andReturn(true); + expect(mockUserDetailsService.loadUserByUsername("principal")).andReturn(user); + + replay(mockAuthPropsConfig, mockUserDetailsService); + + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch (BadCredentialsException e) { + assertEquals("Wrong password.", e.getMessage()); + } + + verify(mockAuthPropsConfig, mockUserDetailsService); + } + + @Test + public void testAuthenticationSuccessful() { + List<GrantedAuthority> grantedAuths = Arrays.<GrantedAuthority>asList(new SimpleGrantedAuthority("ROLE_USER")); + User user = new User("principal", CommonUtil.encryptPassword("principal", "credentials"), grantedAuths); + + expect(mockAuthPropsConfig.isAuthFileEnabled()).andReturn(true); + expect(mockUserDetailsService.loadUserByUsername("principal")).andReturn(user); + + replay(mockAuthPropsConfig, mockUserDetailsService); + + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + + Authentication authenticationResult = provider.authenticate(authentication); + assertEquals("principal", authenticationResult.getName()); + assertEquals(CommonUtil.encryptPassword("principal", "credentials"), authenticationResult.getCredentials()); + assertEquals(1, authenticationResult.getAuthorities().size()); + assertEquals(new SimpleGrantedAuthority("ROLE_USER"), authenticationResult.getAuthorities().iterator().next()); + + verify(mockAuthPropsConfig, mockUserDetailsService); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchLdapAuthenticationProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchLdapAuthenticationProviderTest.java b/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchLdapAuthenticationProviderTest.java new file mode 100644 index 0000000..c6af3e2 --- /dev/null +++ b/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchLdapAuthenticationProviderTest.java @@ -0,0 +1,61 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.ambari.logsearch.web.security; + +import org.apache.ambari.logsearch.conf.AuthPropsConfig; +import org.junit.Before; +import org.junit.Test; +import org.springframework.security.authentication.TestingAuthenticationToken; +import org.springframework.security.core.Authentication; + +import static junit.framework.Assert.assertSame; +import static org.easymock.EasyMock.strictMock; +import static org.easymock.EasyMock.expect; +import static org.easymock.EasyMock.replay; +import static org.easymock.EasyMock.verify; + +import java.lang.reflect.Field; + +public class LogsearchLdapAuthenticationProviderTest { + + private LogsearchLdapAuthenticationProvider provider; + private AuthPropsConfig mockAuthPropsConfig; + + @Before + public void init() throws Exception { + provider = new LogsearchLdapAuthenticationProvider(); + mockAuthPropsConfig = strictMock(AuthPropsConfig.class); + + Field f = LogsearchLdapAuthenticationProvider.class.getDeclaredField("authPropsConfig"); + f.setAccessible(true); + f.set(provider, mockAuthPropsConfig); + } + + @Test + public void testAuthenticationDisabled() { + expect(mockAuthPropsConfig.isAuthLdapEnabled()).andReturn(false); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + assertSame(provider.authenticate(authentication), authentication); + + verify(mockAuthPropsConfig); + } +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProviderTest.java b/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProviderTest.java new file mode 100644 index 0000000..7287012 --- /dev/null +++ b/ambari-logsearch/ambari-logsearch-server/src/test/java/org/apache/ambari/logsearch/web/security/LogsearchSimpleAuthenticationProviderTest.java @@ -0,0 +1,118 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.ambari.logsearch.web.security; + +import org.apache.ambari.logsearch.conf.AuthPropsConfig; +import org.junit.Before; +import org.junit.Test; +import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authentication.TestingAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.authority.SimpleGrantedAuthority; + +import static junit.framework.Assert.assertEquals; +import static junit.framework.Assert.assertSame; +import static junit.framework.Assert.assertTrue; +import static org.easymock.EasyMock.strictMock; +import static org.easymock.EasyMock.expect; +import static org.easymock.EasyMock.replay; +import static org.easymock.EasyMock.verify; + +import java.lang.reflect.Field; + +public class LogsearchSimpleAuthenticationProviderTest { + + private LogsearchSimpleAuthenticationProvider provider; + private AuthPropsConfig mockAuthPropsConfig; + + @Before + public void init() throws Exception { + provider = new LogsearchSimpleAuthenticationProvider(); + mockAuthPropsConfig = strictMock(AuthPropsConfig.class); + + Field f = LogsearchSimpleAuthenticationProvider.class.getDeclaredField("authPropsConfig"); + f.setAccessible(true); + f.set(provider, mockAuthPropsConfig); + } + + @Test + public void testAuthenticationDisabled() { + expect(mockAuthPropsConfig.isAuthSimpleEnabled()).andReturn(false); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + assertSame(provider.authenticate(authentication), authentication); + + verify(mockAuthPropsConfig); + } + + @Test + public void testAuthenticationEmptyUser() { + expect(mockAuthPropsConfig.isAuthSimpleEnabled()).andReturn(true); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("", "credentials"); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch(BadCredentialsException e) { + assertEquals("Username can't be null or empty.", e.getMessage()); + } + + verify(mockAuthPropsConfig); + } + + @Test + public void testAuthenticationNullUser() { + expect(mockAuthPropsConfig.isAuthSimpleEnabled()).andReturn(true); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken(null, "credentials"); + + try { + provider.authenticate(authentication); + assertTrue("Should have thrown BadCredentialsException", false); + } catch(BadCredentialsException e) { + assertEquals("Username can't be null or empty.", e.getMessage()); + } + + verify(mockAuthPropsConfig); + } + + @Test + public void testAuthenticationSuccessful() { + expect(mockAuthPropsConfig.isAuthSimpleEnabled()).andReturn(true); + + replay(mockAuthPropsConfig); + + Authentication authentication = new TestingAuthenticationToken("principal", "credentials"); + + Authentication authenticationResult = provider.authenticate(authentication); + assertEquals("principal", authenticationResult.getName()); + assertEquals("credentials", authenticationResult.getCredentials()); + assertEquals(1, authenticationResult.getAuthorities().size()); + assertEquals(new SimpleGrantedAuthority("ROLE_USER"), authenticationResult.getAuthorities().iterator().next()); + + verify(mockAuthPropsConfig); + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-server/src/test/resources/HadoopServiceConfig.json ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-server/src/test/resources/HadoopServiceConfig.json b/ambari-logsearch/ambari-logsearch-server/src/test/resources/HadoopServiceConfig.json new file mode 100644 index 0000000..344dc3d --- /dev/null +++ b/ambari-logsearch/ambari-logsearch-server/src/test/resources/HadoopServiceConfig.json @@ -0,0 +1,17 @@ +{ + "service": { + "accumulo": { + "label": "TestService", + "components": [ + { + "name": "test_component1" + }, + { + "name": "test_component2" + } + ], + "dependencies": [ + ] + } + } +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-server/src/test/resources/logsearch.properties ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-server/src/test/resources/logsearch.properties b/ambari-logsearch/ambari-logsearch-server/src/test/resources/logsearch.properties new file mode 100755 index 0000000..2715d1f --- /dev/null +++ b/ambari-logsearch/ambari-logsearch-server/src/test/resources/logsearch.properties @@ -0,0 +1,33 @@ +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +logsearch.solr.audit.logs.config.name=test_audit_logs_config_name +logsearch.collection.audit.logs.numshards=123 +logsearch.collection.audit.logs.replication.factor=456 +logsearch.solr.collection.audit.logs=test_audit_logs_collection + +logsearch.solr.service.logs.config.name=test_service_logs_config_name +logsearch.collection.service.logs.numshards=789 +logsearch.collection.service.logs.replication.factor=987 +logsearch.solr.collection.service.logs=test_service_logs_collection +logsearch.service.logs.split.interval.mins=1 + +logsearch.solr.history.config.name=test_history_logs_config_name +logsearch.collection.history.replication.factor=234 +logsearch.solr.collection.history=test_history_logs_collection + +logsearch.auth.file.enable=true +logsearch.login.credentials.file=user_pass.json +logsearch.roles.allowed=AMBARI.ADMINISTRATOR http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/ambari-logsearch-server/src/test/resources/user_pass.json ---------------------------------------------------------------------- diff --git a/ambari-logsearch/ambari-logsearch-server/src/test/resources/user_pass.json b/ambari-logsearch/ambari-logsearch-server/src/test/resources/user_pass.json new file mode 100644 index 0000000..0a04afe --- /dev/null +++ b/ambari-logsearch/ambari-logsearch-server/src/test/resources/user_pass.json @@ -0,0 +1,8 @@ +{ + "users": [{ + "name": "Test User Name", + "username": "testUserName", + "password": "testUserPassword", + "en_password": "" + }] +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/docker/bin/start.sh ---------------------------------------------------------------------- diff --git a/ambari-logsearch/docker/bin/start.sh b/ambari-logsearch/docker/bin/start.sh index f9e0e8d..1efc85c 100644 --- a/ambari-logsearch/docker/bin/start.sh +++ b/ambari-logsearch/docker/bin/start.sh @@ -15,7 +15,7 @@ # limitations under the License AMBARI_PATH=/root/ambari -LOGSEARCH_SERVER_PATH=$AMBARI_PATH/ambari-logsearch/ambari-logsearch-portal/target/package +LOGSEARCH_SERVER_PATH=$AMBARI_PATH/ambari-logsearch/ambari-logsearch-server/target/package LOGFEEDER_PATH=$AMBARI_PATH/ambari-logsearch/ambari-logsearch-logfeeder/target/package SOLR_LOCATION=/root/solr-$SOLR_VERSION.tgz SOLR_SERVER_LOCATION=/root/solr-$SOLR_VERSION http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/docker/logsearch-docker.sh ---------------------------------------------------------------------- diff --git a/ambari-logsearch/docker/logsearch-docker.sh b/ambari-logsearch/docker/logsearch-docker.sh index 9ccb344..1fdcd8c 100755 --- a/ambari-logsearch/docker/logsearch-docker.sh +++ b/ambari-logsearch/docker/logsearch-docker.sh @@ -40,9 +40,9 @@ function start_logsearch_container() { docker run -d --name logsearch --hostname logsearch.apache.org \ -v $AMBARI_LOCATION:/root/ambari -v $MAVEN_REPOSITORY_LOCATION:/root/.m2 $LOGSEARCH_EXPOSED_PORTS $LOGSEARCH_ENV_OPTS $LOGSEARCH_EXTRA_OPTS $LOGSEARCH_VOLUME_OPTS \ -v $AMBARI_LOCATION/ambari-logsearch/ambari-logsearch-logfeeder/target/classes:/root/ambari/ambari-logsearch/ambari-logsearch-logfeeder/target/package/classes \ - -v $AMBARI_LOCATION/ambari-logsearch/ambari-logsearch-portal/target/classes:/root/ambari/ambari-logsearch/ambari-logsearch-portal/target/package/classes \ - -v $AMBARI_LOCATION/ambari-logsearch/ambari-logsearch-web/src/main/webapp:/root/ambari/ambari-logsearch/ambari-logsearch-portal/target/package/classes/webapps/app \ - -v $AMBARI_LOCATION/ambari-logsearch/ambari-logsearch-web/target/libs:/root/ambari/ambari-logsearch/ambari-logsearch-portal/target/package/classes/webapps/app/libs/bower \ + -v $AMBARI_LOCATION/ambari-logsearch/ambari-logsearch-server/target/classes:/root/ambari/ambari-logsearch/ambari-logsearch-server/target/package/classes \ + -v $AMBARI_LOCATION/ambari-logsearch/ambari-logsearch-web/src/main/webapp:/root/ambari/ambari-logsearch/ambari-logsearch-server/target/package/classes/webapps/app \ + -v $AMBARI_LOCATION/ambari-logsearch/ambari-logsearch-web/target/libs:/root/ambari/ambari-logsearch/ambari-logsearch-server/target/package/classes/webapps/app/libs/bower \ ambari-logsearch:v1.0 ip_address=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' logsearch) echo "Log Search container started on $ip_address (for Mac OSX route to boot2docker/docker-machine VM address, e.g.: 'sudo route add -net 172.17.0.0/16 192.168.59.103')" http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/docker/test-config/logsearch/logsearch-env.sh ---------------------------------------------------------------------- diff --git a/ambari-logsearch/docker/test-config/logsearch/logsearch-env.sh b/ambari-logsearch/docker/test-config/logsearch/logsearch-env.sh index 0565bd7..6409f0f 100644 --- a/ambari-logsearch/docker/test-config/logsearch/logsearch-env.sh +++ b/ambari-logsearch/docker/test-config/logsearch/logsearch-env.sh @@ -19,7 +19,7 @@ set -e export LOGSEARCH_PORT=61888 # path containing LogSearch.jar file -export LOGSEARCH_PATH=/root/ambari/ambari-logsearch/ambari-logsearch-portal/target/package +export LOGSEARCH_PATH=/root/ambari/ambari-logsearch/ambari-logsearch-server/target/package export LOGSEARCH_CONF_DIR=/root/config/logsearch http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/docker/test-config/logsearch/logsearch-https.properties ---------------------------------------------------------------------- diff --git a/ambari-logsearch/docker/test-config/logsearch/logsearch-https.properties b/ambari-logsearch/docker/test-config/logsearch/logsearch-https.properties index 39c0dac..82339b2 100644 --- a/ambari-logsearch/docker/test-config/logsearch/logsearch-https.properties +++ b/ambari-logsearch/docker/test-config/logsearch/logsearch-https.properties @@ -36,8 +36,8 @@ logsearch.solr.collection.history=history logsearch.solr.history.config.name=history logsearch.collection.history.replication.factor=1 -logsearch.solr.config_set.folder=/root/ambari/ambari-logsearch/ambari-logsearch-portal/target/package/solr_configsets -logsearch.solr.audit.logs.config_set.folder=/root/ambari/ambari-logsearch/ambari-logsearch-portal/target/package/solr_configsets +logsearch.solr.config_set.folder=/root/ambari/ambari-logsearch/ambari-logsearch-server/target/package/solr_configsets +logsearch.solr.audit.logs.config_set.folder=/root/ambari/ambari-logsearch/ambari-logsearch-server/target/package/solr_configsets # Metrics logsearch.solr.metrics.collector.hosts= http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/docker/test-config/logsearch/logsearch.properties ---------------------------------------------------------------------- diff --git a/ambari-logsearch/docker/test-config/logsearch/logsearch.properties b/ambari-logsearch/docker/test-config/logsearch/logsearch.properties index 6a97efc..cfa985d 100644 --- a/ambari-logsearch/docker/test-config/logsearch/logsearch.properties +++ b/ambari-logsearch/docker/test-config/logsearch/logsearch.properties @@ -31,8 +31,8 @@ logsearch.audit.logs.split.interval.mins=15 logsearch.collection.audit.logs.numshards=3 logsearch.collection.audit.logs.replication.factor=2 -logsearch.solr.config_set.folder=/root/ambari/ambari-logsearch/ambari-logsearch-portal/target/package/solr_configsets -logsearch.solr.audit.logs.config_set.folder=/root/ambari/ambari-logsearch/ambari-logsearch-portal/target/package/solr_configsets +logsearch.solr.config_set.folder=/root/ambari/ambari-logsearch/ambari-logsearch-server/target/package/solr_configsets +logsearch.solr.audit.logs.config_set.folder=/root/ambari/ambari-logsearch/ambari-logsearch-server/target/package/solr_configsets # History logs logsearch.solr.collection.history=history http://git-wip-us.apache.org/repos/asf/ambari/blob/b0f1e340/ambari-logsearch/pom.xml ---------------------------------------------------------------------- diff --git a/ambari-logsearch/pom.xml b/ambari-logsearch/pom.xml index 22fd800..2846f5f 100644 --- a/ambari-logsearch/pom.xml +++ b/ambari-logsearch/pom.xml @@ -31,7 +31,7 @@ <modules> <module>ambari-logsearch-assembly</module> <module>ambari-logsearch-appender</module> - <module>ambari-logsearch-portal</module> + <module>ambari-logsearch-server</module> <module>ambari-logsearch-web</module> <module>ambari-logsearch-logfeeder</module> <module>ambari-logsearch-solr-client</module>
