ARTEMIS-2813 Fix SaslKrb5LDAPSecurityTest failing on JDK 11

Fixes issues with SaslKrb5LDAPSecurityTest by updating to latest Apache Directory
release which required some updates to the test to fix deprecation warnings and an
updates to commons.lang to fix issues with new namespace for StringUtils that will
work on JDK 8+ only.
This commit is contained in:
Timothy Bish 2021-05-13 17:23:42 -04:00 committed by Robbie Gemmell
parent 9513405020
commit 9e70b26368
5 changed files with 42 additions and 42 deletions

View File

@ -82,7 +82,7 @@
<karaf.version>4.3.0</karaf.version>
<pax.exam.version>4.9.1</pax.exam.version>
<commons.config.version>2.7</commons.config.version>
<commons.lang.version>3.0</commons.lang.version>
<commons.lang.version>3.12.0</commons.lang.version>
<activemq5-version>5.16.0</activemq5-version>
<apache.derby.version>10.11.1.1</apache.derby.version>
<commons.beanutils.version>1.9.4</commons.beanutils.version>
@ -199,7 +199,7 @@
<skipStyleCheck>true</skipStyleCheck>
<skipOWASP>true</skipOWASP>
<directory-version>2.0.0-M15</directory-version>
<directory-version>2.0.0.AM26</directory-version>
<directory-jdbm2-version>2.0.0-M1</directory-jdbm2-version>
<netty-transport-native-epoll-classifier>linux-x86_64</netty-transport-native-epoll-classifier>

View File

@ -335,6 +335,11 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<scope>test</scope>
</dependency>
<!-- karaf test -->
@ -560,9 +565,6 @@
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<excludes combine.children="append">
<!-- This fails, likely due to due to issues of compatibility with newer KDC updates -->
<exclude>**/SaslKrb5LDAPSecurityTest.java</exclude>
<!-- This is no longer possible on JDK11 because the old KRB5 cipher suites it requires were
removed from JDK11 while adding TLS 1.3 support http://openjdk.java.net/jeps/332 -->
<exclude>**/CoreClientOverOneWaySSLKerb5Test.java</exclude>

View File

@ -30,6 +30,7 @@ import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.StringReader;
@ -58,10 +59,8 @@ import org.apache.activemq.artemis.core.server.ActiveMQServer;
import org.apache.activemq.artemis.core.server.ActiveMQServers;
import org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager;
import org.apache.activemq.artemis.tests.util.ActiveMQTestBase;
import org.apache.activemq.artemis.tests.util.JavaVersionUtil;
import org.apache.activemq.artemis.utils.RandomUtil;
import org.apache.commons.io.FileUtils;
import org.apache.commons.io.IOUtils;
import org.apache.directory.api.ldap.model.constants.SupportedSaslMechanisms;
import org.apache.directory.api.ldap.model.entry.DefaultEntry;
import org.apache.directory.api.ldap.model.entry.Entry;
@ -95,9 +94,7 @@ import org.apache.directory.shared.kerberos.components.EncryptionKey;
import org.apache.qpid.jms.JmsConnectionFactory;
import org.junit.After;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;
@ -122,9 +119,8 @@ import static org.apache.activemq.artemis.tests.util.ActiveMQTestBase.NETTY_ACCE
@CreateKdcServer(transports = {@CreateTransport(protocol = "TCP", port = 0)})
@ApplyLdifFiles("SaslKrb5LDAPSecurityTest.ldif")
public class SaslKrb5LDAPSecurityTest extends AbstractLdapTestUnit {
private static final org.jboss.logging.Logger log = org.jboss.logging.Logger.getLogger(SaslKrb5LDAPSecurityTest.class);
protected static final Logger LOG = LoggerFactory.getLogger(SaslKrb5LDAPSecurityTest.class);
public static final String QUEUE_NAME = "some_queue";
static {
@ -155,14 +151,8 @@ public class SaslKrb5LDAPSecurityTest extends AbstractLdapTestUnit {
public TemporaryFolder temporaryFolder;
private String testDir;
@BeforeClass
public static void checkAssumptions() throws Exception {
Assume.assumeTrue("Test only runs on JDK 8", JavaVersionUtil.isJava8());
}
@Before
public void setUp() throws Exception {
if (debug) {
initLogging();
}
@ -196,27 +186,24 @@ public class SaslKrb5LDAPSecurityTest extends AbstractLdapTestUnit {
private void rewriteKerb5Conf() throws Exception {
StringBuilder sb = new StringBuilder();
InputStream is2 = this.getClass().getClassLoader().getResourceAsStream("minikdc-krb5.conf");
BufferedReader r = null;
try {
r = new BufferedReader(new InputStreamReader(is2, StandardCharsets.UTF_8));
String line = r.readLine();
try (InputStream inputStream = this.getClass().getClassLoader().getResourceAsStream("minikdc-krb5.conf");
BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8))) {
String line = reader.readLine();
while (line != null) {
sb.append(line).append("{3}");
line = r.readLine();
line = reader.readLine();
}
} finally {
IOUtils.closeQuietly(r);
IOUtils.closeQuietly(is2);
}
InetSocketAddress addr =
(InetSocketAddress)kdcServer.getTransports()[0].getAcceptor().getLocalAddress();
int port = addr.getPort();
File krb5conf = new File(testDir, "krb5.conf").getAbsoluteFile();
FileUtils.writeStringToFile(krb5conf, MessageFormat.format(sb.toString(), getRealm(), "localhost", Integer.toString(port), System.getProperty("line.separator")));
String krb5confBody = MessageFormat.format(sb.toString(), getRealm(), "localhost", Integer.toString(port), System.getProperty("line.separator"));
FileUtils.writeStringToFile(krb5conf, krb5confBody, StandardCharsets.UTF_8);
System.setProperty("java.security.krb5.conf", krb5conf.getAbsolutePath());
System.setProperty("sun.security.krb5.debug", "true");
@ -232,10 +219,16 @@ public class SaslKrb5LDAPSecurityTest extends AbstractLdapTestUnit {
refreshMethod.invoke(classRef, new Object[0]);
LOG.debug("krb5.conf to: {}", krb5conf.getAbsolutePath());
if (debug) {
LOG.debug("java.security.krb5.conf='{}'", System.getProperty("java.security.krb5.conf"));
try (BufferedReader br = new BufferedReader(new FileReader(System.getProperty("java.security.krb5.conf")))) {
br.lines().forEach(line -> LOG.debug(line));
}
}
}
private void dumpLdapContents() throws Exception {
EntryFilteringCursor cursor = getService().getAdminSession().search(new Dn("ou=system"), SearchScope.SUBTREE, new PresenceNode("ObjectClass"), AliasDerefMode.DEREF_ALWAYS);
EntryFilteringCursor cursor = (EntryFilteringCursor) getService().getAdminSession().search(new Dn("ou=system"), SearchScope.SUBTREE, new PresenceNode("ObjectClass"), AliasDerefMode.DEREF_ALWAYS);
String st = "";
while (cursor.next()) {
@ -243,9 +236,9 @@ public class SaslKrb5LDAPSecurityTest extends AbstractLdapTestUnit {
String ss = LdifUtils.convertToLdif(entry);
st += ss + "\n";
}
log.debug(st);
LOG.debug(st);
cursor = getService().getAdminSession().search(new Dn("dc=example,dc=com"), SearchScope.SUBTREE, new PresenceNode("ObjectClass"), AliasDerefMode.DEREF_ALWAYS);
cursor = (EntryFilteringCursor) getService().getAdminSession().search(new Dn("dc=example,dc=com"), SearchScope.SUBTREE, new PresenceNode("ObjectClass"), AliasDerefMode.DEREF_ALWAYS);
st = "";
while (cursor.next()) {
@ -253,17 +246,20 @@ public class SaslKrb5LDAPSecurityTest extends AbstractLdapTestUnit {
String ss = LdifUtils.convertToLdif(entry);
st += ss + "\n";
}
log.debug(st);
LOG.debug(st);
}
private void initLogging() {
java.util.logging.Logger logger = java.util.logging.Logger.getLogger("javax.security.sasl");
for (java.util.logging.Logger logger : new java.util.logging.Logger[] {java.util.logging.Logger.getLogger("logincontext"),
java.util.logging.Logger.getLogger("javax.security.sasl"),
java.util.logging.Logger.getLogger("org.apache.qpid.proton")}) {
logger.setLevel(java.util.logging.Level.FINEST);
logger.addHandler(new java.util.logging.ConsoleHandler());
for (java.util.logging.Handler handler: logger.getHandlers()) {
for (java.util.logging.Handler handler : logger.getHandlers()) {
handler.setLevel(java.util.logging.Level.FINEST);
}
}
}
public synchronized void createPrincipal(String principal, String password) throws Exception {
String baseDn = getKdcServer().getSearchBaseDn();
@ -276,10 +272,12 @@ public class SaslKrb5LDAPSecurityTest extends AbstractLdapTestUnit {
+ "krb5PrincipalName: " + principal + "@" + getRealm() + "\n"
+ "krb5KeyVersionNumber: 0";
for (LdifEntry ldifEntry : new LdifReader(new StringReader(content))) {
try (LdifReader ldifReader = new LdifReader(new StringReader(content))) {
for (LdifEntry ldifEntry : ldifReader) {
service.getAdminSession().add(new DefaultEntry(service.getSchemaManager(), ldifEntry.getEntry()));
}
}
}
public void createPrincipal(File keytabFile, String... principals) throws Exception {
String generatedPassword = "notSecret!";
@ -292,7 +290,7 @@ public class SaslKrb5LDAPSecurityTest extends AbstractLdapTestUnit {
for (Map.Entry<EncryptionType, EncryptionKey> entry : KerberosKeyFactory.getKerberosKeys(principal, generatedPassword).entrySet()) {
EncryptionKey ekey = entry.getValue();
byte keyVersion = (byte) ekey.getKeyVersion();
entries.add(new KeytabEntry(principal, 1L, timestamp, keyVersion, ekey));
entries.add(new KeytabEntry(principal, 1, timestamp, keyVersion, ekey));
}
}
keytab.setEntries(entries);

View File

@ -42,7 +42,7 @@ import org.apache.activemq.artemis.jms.client.ActiveMQConnectionFactory;
import org.apache.activemq.artemis.jms.client.ActiveMQTextMessage;
import org.apache.activemq.artemis.utils.Wait;
import org.apache.activemq.artemis.utils.Wait.Condition;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang3.StringUtils;
import org.junit.Before;
import org.junit.Test;
import org.slf4j.Logger;

View File

@ -24,7 +24,7 @@ import org.apache.activemq.artemis.tests.util.Wait;
import org.apache.activemq.artemis.tests.integration.stomp.util.ClientStompFrame;
import org.apache.activemq.artemis.tests.integration.stomp.util.StompClientConnection;
import org.apache.activemq.artemis.tests.integration.stomp.util.StompClientConnectionFactory;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.commons.lang3.RandomStringUtils;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;