Apache
/
lucene
mirror of https://github.com/apache/lucene.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SOLR-9401: NPE in TestPKIAuthenticationPlugin. tests would retry for timeout

This commit is contained in:
Noble Paul 2017-03-02 20:50:06 +10:30
parent d1d73bfbea
commit f57d829fa0
1 changed files with 84 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

131
solr/core/src/test/org/apache/solr/security/TestPKIAuthenticationPlugin.java
View File

@ -38,10 +38,18 @@ import org.apache.solr.util.CryptoKeys;
import static org.mockito.Mockito.*; import static org.mockito.Mockito.*;
public class TestPKIAuthenticationPlugin extends SolrTestCaseJ4 { public class TestPKIAuthenticationPlugin extends SolrTestCaseJ4 {
HttpServletRequest mockReq;
FilterChain filterChain;
final AtomicReference<ServletRequest> wrappedRequestByFilter = new AtomicReference<>();
final AtomicReference<Header> header = new AtomicReference<>();
AtomicReference<Principal> principal = new AtomicReference<>();
BasicHttpRequest request;
static class MockPKIAuthenticationPlugin extends PKIAuthenticationPlugin { static class MockPKIAuthenticationPlugin extends PKIAuthenticationPlugin {
SolrRequestInfo solrRequestInfo; SolrRequestInfo solrRequestInfo;
Map<String, PublicKey> remoteKeys = new HashMap<>(); Map<String, PublicKey> remoteKeys = new HashMap<>();
public MockPKIAuthenticationPlugin(CoreContainer cores, String node) { public MockPKIAuthenticationPlugin(CoreContainer cores, String node) {
@ -70,7 +78,6 @@ public class TestPKIAuthenticationPlugin extends SolrTestCaseJ4 {
} }
public void test() throws Exception { public void test() throws Exception {
AtomicReference<Principal> principal = new AtomicReference<>();
String nodeName = "node_x_233"; String nodeName = "node_x_233";
final MockPKIAuthenticationPlugin mock = new MockPKIAuthenticationPlugin(null, nodeName); final MockPKIAuthenticationPlugin mock = new MockPKIAuthenticationPlugin(null, nodeName);
@ -85,66 +92,96 @@ public class TestPKIAuthenticationPlugin extends SolrTestCaseJ4 {
principal.set(new BasicUserPrincipal("solr")); principal.set(new BasicUserPrincipal("solr"));
mock.solrRequestInfo = new SolrRequestInfo(localSolrQueryRequest, new SolrQueryResponse()); mock.solrRequestInfo = new SolrRequestInfo(localSolrQueryRequest, new SolrQueryResponse());
BasicHttpRequest request = new BasicHttpRequest("GET", "http://localhost:56565"); request = new BasicHttpRequest("GET", "http://localhost:56565");
mock.setHeader(request); mock.setHeader(request);
final AtomicReference<Header> header = new AtomicReference<>();
header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER)); header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER));
assertNotNull(header.get()); assertNotNull(header.get());
assertTrue(header.get().getValue().startsWith(nodeName)); assertTrue(header.get().getValue().startsWith(nodeName));
final AtomicReference<ServletRequest> wrappedRequestByFilter = new AtomicReference<>(); mockReq = createMockRequest(header);
HttpServletRequest mockReq = createMockRequest(header); filterChain = (servletRequest, servletResponse) -> wrappedRequestByFilter.set(servletRequest);
FilterChain filterChain = (servletRequest, servletResponse) -> wrappedRequestByFilter.set(servletRequest);
mock.doAuthenticate(mockReq, null, filterChain);
run("solr", () -> {
mock.doAuthenticate(mockReq, null, filterChain);
});
assertNotNull(wrappedRequestByFilter.get());
assertEquals("solr", ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName());
//test 2 //test 2
principal.set(null); // no user
header.set(null); run(null, () -> {
wrappedRequestByFilter.set(null);// principal.set(null); // no user
request = new BasicHttpRequest("GET", "http://localhost:56565"); header.set(null);
mock.setHeader(request); wrappedRequestByFilter.set(null);//
assertNull(request.getFirstHeader(PKIAuthenticationPlugin.HEADER)); request = new BasicHttpRequest("GET", "http://localhost:56565");
mock.doAuthenticate(mockReq, null, filterChain); mock.setHeader(request);
assertNotNull(wrappedRequestByFilter.get()); assertNull(request.getFirstHeader(PKIAuthenticationPlugin.HEADER));
assertNull(((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal()); mock.doAuthenticate(mockReq, null, filterChain);
});
//test 3 . No user request . Request originated from Solr //test 3 . No user request . Request originated from Solr
mock.solrRequestInfo = null; run("$", () -> {
header.set(null); mock.solrRequestInfo = null;
wrappedRequestByFilter.set(null); header.set(null);
request = new BasicHttpRequest("GET", "http://localhost:56565"); wrappedRequestByFilter.set(null);
mock.setHeader(request); request = new BasicHttpRequest("GET", "http://localhost:56565");
header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER)); mock.setHeader(request);
assertNotNull(header.get()); header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER));
assertTrue(header.get().getValue().startsWith(nodeName)); assertNotNull(header.get());
assertTrue(header.get().getValue().startsWith(nodeName));
mock.doAuthenticate(mockReq, null, filterChain);
});
mock.doAuthenticate(mockReq, null, filterChain); run("$", () -> {
assertNotNull(wrappedRequestByFilter.get()); mock.solrRequestInfo = null;
assertEquals("$", ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName()); header.set(null);
wrappedRequestByFilter.set(null);
request = new BasicHttpRequest("GET", "http://localhost:56565");
mock.setHeader(request);
header.set(request.getFirstHeader(PKIAuthenticationPlugin.HEADER));
assertNotNull(header.get());
assertTrue(header.get().getValue().startsWith(nodeName));
MockPKIAuthenticationPlugin mock1 = new MockPKIAuthenticationPlugin(null, nodeName) {
int called = 0;
@Override
PublicKey getRemotePublicKey(String nodename) {
MockPKIAuthenticationPlugin mock1 = new MockPKIAuthenticationPlugin(null, nodeName) { try {
int called = 0; return called == 0 ? new CryptoKeys.RSAKeyPair().getPublicKey() : correctKey;
@Override } finally {
PublicKey getRemotePublicKey(String nodename) { called++;
try { }
return called == 0 ? new CryptoKeys.RSAKeyPair().getPublicKey() : correctKey;
} finally {
called++;
} }
};
mock1.doAuthenticate(mockReq, null, filterChain);
});
}
interface Runnable {
void run() throws Exception;
}
private void run(String expected, Runnable r) throws Exception {
int failures = 0;
for (; ; ) {
r.run();
if (expected == null) {
assertTrue(wrappedRequestByFilter.get() == null || ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal() == null);
} else {
assertNotNull(wrappedRequestByFilter.get());
if (((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal() == null) {
//may be timed out
if (++failures < 3) continue;
else
fail("No principal obtained");
}
assertEquals(expected, ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName());
} }
}; return;
mock1.doAuthenticate(mockReq, null,filterChain );
assertNotNull(wrappedRequestByFilter.get());
assertEquals("$", ((HttpServletRequest) wrappedRequestByFilter.get()).getUserPrincipal().getName());
}
} }
private HttpServletRequest createMockRequest(final AtomicReference<Header> header) { private HttpServletRequest createMockRequest(final AtomicReference<Header> header) {