Apache
/
lucene
mirror of https://github.com/apache/lucene.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SOLR-8048: Close the http client in a finally clause at the end of the test

This commit is contained in:
Shalin Shekhar Mangar 2016-07-05 12:48:04 +05:30
parent 32e0f5fd25
commit 2d6b7ea966
1 changed files with 124 additions and 118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

242
solr/core/src/test/org/apache/solr/security/BasicAuthIntegrationTest.java
View File

@ -85,135 +85,141 @@ public class BasicAuthIntegrationTest extends TestMiniSolrCloudClusterBase {
cloudSolrClient.setDefaultCollection(null); cloudSolrClient.setDefaultCollection(null);
NamedList<Object> rsp; NamedList<Object> rsp;
HttpClient cl = HttpClientUtil.createClient(null); HttpClient cl = null;
String baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
verifySecurityStatus(cl, baseUrl + authcPrefix, "/errorMessages", null, 20);
zkClient.setData("/security.json", STD_CONF.replaceAll("'", "\"").getBytes(UTF_8), true);
verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin", 20);
boolean found = false;
for (JettySolrRunner jettySolrRunner : miniCluster.getJettySolrRunners()) {
if(baseUrl.contains(String.valueOf(jettySolrRunner.getLocalPort()))){
found = true;
jettySolrRunner.stop();
jettySolrRunner.start();
verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin", 20);
break;
}
}
assertTrue("No server found to restart , looking for : "+baseUrl , found);
String command = "{\n" +
"'set-user': {'harry':'HarryIsCool'}\n" +
"}";
GenericSolrRequest genericReq = new GenericSolrRequest(SolrRequest.METHOD.POST, authcPrefix, new ModifiableSolrParams());
genericReq.setContentStreams(Collections.singletonList(new ContentStreamBase.ByteArrayStream(command.getBytes(UTF_8), "")));
try { try {
cloudSolrClient.request(genericReq); cl = HttpClientUtil.createClient(null);
fail("Should have failed with a 401"); String baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
} catch (HttpSolrClient.RemoteSolrException e) { verifySecurityStatus(cl, baseUrl + authcPrefix, "/errorMessages", null, 20);
} zkClient.setData("/security.json", STD_CONF.replaceAll("'", "\"").getBytes(UTF_8), true);
command = "{\n" + verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin", 20);
"'set-user': {'harry':'HarryIsUberCool'}\n" +
"}";
HttpPost httpPost = new HttpPost(baseUrl + authcPrefix);
setBasicAuthHeader(httpPost, "solr", "SolrRocks");
httpPost.setEntity(new ByteArrayEntity(command.getBytes(UTF_8)));
httpPost.addHeader("Content-Type", "application/json; charset=UTF-8");
verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication.enabled", "true", 20);
HttpResponse r = cl.execute(httpPost);
int statusCode = r.getStatusLine().getStatusCode();
Utils.consumeFully(r.getEntity());
assertEquals("proper_cred sent, but access denied", 200, statusCode);
baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/credentials/harry", NOT_NULL_PREDICATE, 20);
command = "{\n" +
"'set-user-role': {'harry':'admin'}\n" +
"}";
executeCommand(baseUrl + authzPrefix, cl,command, "solr", "SolrRocks");
baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/user-role/harry", NOT_NULL_PREDICATE, 20);
executeCommand(baseUrl + authzPrefix, cl, Utils.toJSONString(singletonMap("set-permission", Utils.makeMap
("collection", "x",
"path", "/update/*",
"role", "dev"))), "harry", "HarryIsUberCool" );
verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[1]/collection", "x", 20);
executeCommand(baseUrl + authzPrefix, cl,Utils.toJSONString(singletonMap("set-permission", Utils.makeMap
("name", "collection-admin-edit", "role", "admin"))), "harry", "HarryIsUberCool" );
verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[2]/name", "collection-admin-edit", 20);
CollectionAdminRequest.Reload reload = new CollectionAdminRequest.Reload();
reload.setCollectionName(defaultCollName);
try (HttpSolrClient solrClient = getHttpSolrClient(baseUrl)) {
try {
rsp = solrClient.request(reload);
fail("must have failed");
} catch (HttpSolrClient.RemoteSolrException e) {
boolean found = false;
for (JettySolrRunner jettySolrRunner : miniCluster.getJettySolrRunners()) {
if(baseUrl.contains(String.valueOf(jettySolrRunner.getLocalPort()))){
found = true;
jettySolrRunner.stop();
jettySolrRunner.start();
verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/class", "solr.BasicAuthPlugin", 20);
break;
}
} }
reload.setMethod(SolrRequest.METHOD.POST);
assertTrue("No server found to restart , looking for : "+baseUrl , found);
String command = "{\n" +
"'set-user': {'harry':'HarryIsCool'}\n" +
"}";
GenericSolrRequest genericReq = new GenericSolrRequest(SolrRequest.METHOD.POST, authcPrefix, new ModifiableSolrParams());
genericReq.setContentStreams(Collections.singletonList(new ContentStreamBase.ByteArrayStream(command.getBytes(UTF_8), "")));
try { try {
rsp = solrClient.request(reload); cloudSolrClient.request(genericReq);
fail("must have failed"); fail("Should have failed with a 401");
} catch (HttpSolrClient.RemoteSolrException e) { } catch (HttpSolrClient.RemoteSolrException e) {
} }
} command = "{\n" +
cloudSolrClient.request(new CollectionAdminRequest.Reload() "'set-user': {'harry':'HarryIsUberCool'}\n" +
.setCollectionName(defaultCollName) "}";
.setBasicAuthCredentials("harry", "HarryIsUberCool"));
try { HttpPost httpPost = new HttpPost(baseUrl + authcPrefix);
setBasicAuthHeader(httpPost, "solr", "SolrRocks");
httpPost.setEntity(new ByteArrayEntity(command.getBytes(UTF_8)));
httpPost.addHeader("Content-Type", "application/json; charset=UTF-8");
verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication.enabled", "true", 20);
HttpResponse r = cl.execute(httpPost);
int statusCode = r.getStatusLine().getStatusCode();
Utils.consumeFully(r.getEntity());
assertEquals("proper_cred sent, but access denied", 200, statusCode);
baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
verifySecurityStatus(cl, baseUrl + authcPrefix, "authentication/credentials/harry", NOT_NULL_PREDICATE, 20);
command = "{\n" +
"'set-user-role': {'harry':'admin'}\n" +
"}";
executeCommand(baseUrl + authzPrefix, cl,command, "solr", "SolrRocks");
baseUrl = getRandomReplica(zkStateReader.getClusterState().getCollection(defaultCollName), random()).getStr(BASE_URL_PROP);
verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/user-role/harry", NOT_NULL_PREDICATE, 20);
executeCommand(baseUrl + authzPrefix, cl, Utils.toJSONString(singletonMap("set-permission", Utils.makeMap
("collection", "x",
"path", "/update/*",
"role", "dev"))), "harry", "HarryIsUberCool" );
verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[1]/collection", "x", 20);
executeCommand(baseUrl + authzPrefix, cl,Utils.toJSONString(singletonMap("set-permission", Utils.makeMap
("name", "collection-admin-edit", "role", "admin"))), "harry", "HarryIsUberCool" );
verifySecurityStatus(cl, baseUrl + authzPrefix, "authorization/permissions[2]/name", "collection-admin-edit", 20);
CollectionAdminRequest.Reload reload = new CollectionAdminRequest.Reload();
reload.setCollectionName(defaultCollName);
try (HttpSolrClient solrClient = getHttpSolrClient(baseUrl)) {
try {
rsp = solrClient.request(reload);
fail("must have failed");
} catch (HttpSolrClient.RemoteSolrException e) {
}
reload.setMethod(SolrRequest.METHOD.POST);
try {
rsp = solrClient.request(reload);
fail("must have failed");
} catch (HttpSolrClient.RemoteSolrException e) {
}
}
cloudSolrClient.request(new CollectionAdminRequest.Reload() cloudSolrClient.request(new CollectionAdminRequest.Reload()
.setCollectionName(defaultCollName) .setCollectionName(defaultCollName)
.setBasicAuthCredentials("harry", "Cool12345")); .setBasicAuthCredentials("harry", "HarryIsUberCool"));
fail("This should not succeed");
} catch (HttpSolrClient.RemoteSolrException e) {
try {
cloudSolrClient.request(new CollectionAdminRequest.Reload()
.setCollectionName(defaultCollName)
.setBasicAuthCredentials("harry", "Cool12345"));
fail("This should not succeed");
} catch (HttpSolrClient.RemoteSolrException e) {
}
cloudSolrClient.setDefaultCollection(old);
executeCommand(baseUrl + authzPrefix, cl,"{set-permission : { name : update , role : admin}}", "harry", "HarryIsUberCool");
SolrInputDocument doc = new SolrInputDocument();
doc.setField("id","4");
UpdateRequest update = new UpdateRequest();
update.setBasicAuthCredentials("harry","HarryIsUberCool");
update.add(doc);
update.setCommitWithin(100);
cloudSolrClient.request(update);
executeCommand(baseUrl + authzPrefix, cl, "{set-property : { blockUnknown: true}}", "harry", "HarryIsUberCool");
String[] toolArgs = new String[]{
"status", "-solr", baseUrl};
ByteArrayOutputStream baos = new ByteArrayOutputStream();
PrintStream stdoutSim = new PrintStream(baos, true, StandardCharsets.UTF_8.name());
SolrCLI.StatusTool tool = new SolrCLI.StatusTool(stdoutSim);
try {
System.setProperty("basicauth", "harry:HarryIsUberCool");
tool.runTool(SolrCLI.processCommandLineArgs(SolrCLI.joinCommonAndToolOptions(tool.getOptions()), toolArgs));
Map obj = (Map) Utils.fromJSON(new ByteArrayInputStream(baos.toByteArray()));
assertTrue(obj.containsKey("version"));
assertTrue(obj.containsKey("startTime"));
assertTrue(obj.containsKey("uptime"));
assertTrue(obj.containsKey("memory"));
} catch (Exception e) {
log.error("RunExampleTool failed due to: " + e +
"; stdout from tool prior to failure: " + baos.toString(StandardCharsets.UTF_8.name()));
}
executeCommand(baseUrl + authzPrefix, cl, "{set-property : { blockUnknown: false}}", "harry", "HarryIsUberCool");
} finally {
if (cl != null) {
HttpClientUtil.close(cl);
}
} }
cloudSolrClient.setDefaultCollection(old);
executeCommand(baseUrl + authzPrefix, cl,"{set-permission : { name : update , role : admin}}", "harry", "HarryIsUberCool");
SolrInputDocument doc = new SolrInputDocument();
doc.setField("id","4");
UpdateRequest update = new UpdateRequest();
update.setBasicAuthCredentials("harry","HarryIsUberCool");
update.add(doc);
update.setCommitWithin(100);
cloudSolrClient.request(update);
executeCommand(baseUrl + authzPrefix, cl, "{set-property : { blockUnknown: true}}", "harry", "HarryIsUberCool");
String[] toolArgs = new String[]{
"status", "-solr", baseUrl};
ByteArrayOutputStream baos = new ByteArrayOutputStream();
PrintStream stdoutSim = new PrintStream(baos, true, StandardCharsets.UTF_8.name());
SolrCLI.StatusTool tool = new SolrCLI.StatusTool(stdoutSim);
try {
System.setProperty("basicauth", "harry:HarryIsUberCool");
tool.runTool(SolrCLI.processCommandLineArgs(SolrCLI.joinCommonAndToolOptions(tool.getOptions()), toolArgs));
Map obj = (Map) Utils.fromJSON(new ByteArrayInputStream(baos.toByteArray()));
assertTrue(obj.containsKey("version"));
assertTrue(obj.containsKey("startTime"));
assertTrue(obj.containsKey("uptime"));
assertTrue(obj.containsKey("memory"));
} catch (Exception e) {
log.error("RunExampleTool failed due to: " + e +
"; stdout from tool prior to failure: " + baos.toString(StandardCharsets.UTF_8.name()));
}
executeCommand(baseUrl + authzPrefix, cl, "{set-property : { blockUnknown: false}}", "harry", "HarryIsUberCool");
HttpClientUtil.close(cl);
} }
public static void executeCommand(String url, HttpClient cl, String payload, String user, String pwd) throws IOException { public static void executeCommand(String url, HttpClient cl, String payload, String user, String pwd) throws IOException {