[TEST] add a lot of forgotten try with resources to wrap ElasticsearchResponses

Original commit: elastic/x-pack-elasticsearch@e4634ea599
2016-06-03 16:42:06 +02:00 · 2016-06-03 16:42:06 +02:00 · ad9a64e854
parent 4e2766df11
commit ad9a64e854
16 changed files with 136 additions and 109 deletions
--- a/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java
+++ b/elasticsearch/qa/shield-audit-tests/src/test/java/org/elasticsearch/shield/audit/IndexAuditIT.java
@ -39,10 +39,11 @@ public class IndexAuditIT extends ESIntegTestCase {

    public void testShieldIndexAuditTrailWorking() throws Exception {
        try (RestClient restClient = restClient()) {
-            ElasticsearchResponse response = restClient.performRequest("GET", "/_cluster/health", Collections.emptyMap(), null,
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/_cluster/health", Collections.emptyMap(), null,
                    new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
-                            UsernamePasswordToken.basicAuthHeaderValue(USER, new SecuredString(PASS.toCharArray()))));
-            assertThat(response.getStatusLine().getStatusCode(), is(200));
+                            UsernamePasswordToken.basicAuthHeaderValue(USER, new SecuredString(PASS.toCharArray()))))) {
+                assertThat(response.getStatusLine().getStatusCode(), is(200));
+            }
        }

        final AtomicReference<ClusterState> lastClusterState = new AtomicReference<>();
--- a/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java
+++ b/elasticsearch/qa/shield-example-realm/src/test/java/org/elasticsearch/example/realm/CustomRealmIT.java
@ -59,10 +59,11 @@ public class CustomRealmIT extends ESIntegTestCase {

    public void testHttpAuthentication() throws Exception {
        try (RestClient restClient = restClient()) {
-            ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null,
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null,
                    new BasicHeader(CustomRealm.USER_HEADER, CustomRealm.KNOWN_USER),
-                    new BasicHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW));
-            assertThat(response.getStatusLine().getStatusCode(), is(200));
+                    new BasicHeader(CustomRealm.PW_HEADER, CustomRealm.KNOWN_PW))) {
+                assertThat(response.getStatusLine().getStatusCode(), is(200));
+            }
        }
    }

--- a/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java
+++ b/elasticsearch/x-pack/marvel/src/test/java/org/elasticsearch/marvel/shield/MarvelSettingsFilterTests.java
@ -54,20 +54,22 @@ public class MarvelSettingsFilterTests extends MarvelIntegTestCase {
            } else {
                headers = new Header[0];
            }
-            ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings", Collections.emptyMap(), null, headers);
-            Map<String, Object> responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map();
-            @SuppressWarnings("unchecked")
-            Map<String, Object> nodes = (Map<String, Object>) responseMap.get("nodes");
-            for (Object node : nodes.values()) {
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings",
+                    Collections.emptyMap(), null, headers)) {
+                Map<String, Object> responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map();
                @SuppressWarnings("unchecked")
-                Map<String, Object> settings = (Map<String, Object>) ((Map<String, Object>) node).get("settings");
-                assertThat(extractValue("xpack.monitoring.agent.exporters._http.type", settings), Matchers.<Object>equalTo("http"));
-                assertThat(extractValue("xpack.monitoring.agent.exporters._http.enabled", settings), Matchers.<Object>equalTo("false"));
-                assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.username");
-                assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.password");
-                assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.path");
-                assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.password");
-                assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.hostname_verification");
+                Map<String, Object> nodes = (Map<String, Object>) responseMap.get("nodes");
+                for (Object node : nodes.values()) {
+                    @SuppressWarnings("unchecked")
+                    Map<String, Object> settings = (Map<String, Object>) ((Map<String, Object>) node).get("settings");
+                    assertThat(extractValue("xpack.monitoring.agent.exporters._http.type", settings), Matchers.<Object>equalTo("http"));
+                    assertThat(extractValue("xpack.monitoring.agent.exporters._http.enabled", settings), Matchers.<Object>equalTo("false"));
+                    assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.username");
+                    assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.auth.password");
+                    assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.path");
+                    assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.truststore.password");
+                    assertNullSetting(settings, "xpack.monitoring.agent.exporters._http.ssl.hostname_verification");
+                }
            }
        }
    }
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/AbstractPrivilegeTestCase.java
@ -37,13 +37,14 @@ public abstract class AbstractPrivilegeTestCase extends ShieldIntegTestCase {
    protected void assertAccessIsAllowed(String user, String method, String uri, String body,
                                         Map<String, String> params) throws IOException {
        try (RestClient restClient = restClient()) {
-            ElasticsearchResponse response = restClient.performRequest(method, uri, params, entityOrNull(body),
+            try (ElasticsearchResponse response = restClient.performRequest(method, uri, params, entityOrNull(body),
                    new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
-                            UsernamePasswordToken.basicAuthHeaderValue(user, new SecuredString("passwd".toCharArray()))));
-            StatusLine statusLine = response.getStatusLine();
-            String message = String.format(Locale.ROOT, "%s %s: Expected no error got %s %s with body %s", method, uri,
-                    statusLine.getStatusCode(), statusLine.getReasonPhrase(), EntityUtils.toString(response.getEntity()));
-            assertThat(message, statusLine.getStatusCode(), is(not(greaterThanOrEqualTo(400))));
+                            UsernamePasswordToken.basicAuthHeaderValue(user, new SecuredString("passwd".toCharArray()))))) {
+                StatusLine statusLine = response.getStatusLine();
+                String message = String.format(Locale.ROOT, "%s %s: Expected no error got %s %s with body %s", method, uri,
+                        statusLine.getStatusCode(), statusLine.getReasonPhrase(), EntityUtils.toString(response.getEntity()));
+                assertThat(message, statusLine.getStatusCode(), is(not(greaterThanOrEqualTo(400))));
+            }
        }
    }

--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/BulkUpdateTests.java
@ -81,12 +81,15 @@ public class BulkUpdateTests extends ShieldIntegTestCase {

        try (RestClient restClient = restClient()) {
            StringEntity body = new StringEntity("{\"test\":\"test\"}", RestClient.JSON_CONTENT_TYPE);
-            ElasticsearchResponse response = restClient.performRequest("PUT", path, Collections.emptyMap(), body, basicAuthHeader);
-            assertThat(response.getStatusLine().getStatusCode(), equalTo(201));
+            try (ElasticsearchResponse response = restClient.performRequest("PUT", path, Collections.emptyMap(), body, basicAuthHeader)) {
+                assertThat(response.getStatusLine().getStatusCode(), equalTo(201));
+            }
+
+            try (ElasticsearchResponse response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) {
+                assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
+                assertThat(EntityUtils.toString(response.getEntity()), containsString("\"test\":\"test\""));
+            }

-            response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader);
-            assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
-            assertThat(EntityUtils.toString(response.getEntity()), containsString("\"test\":\"test\""));

            if (randomBoolean()) {
                flushAndRefresh();
@ -94,14 +97,17 @@ public class BulkUpdateTests extends ShieldIntegTestCase {

            //update with new field
            body = new StringEntity("{\"doc\": {\"not test\": \"not test\"}}", RestClient.JSON_CONTENT_TYPE);
-            response = restClient.performRequest("POST", path + "/_update", Collections.emptyMap(), body, basicAuthHeader);
-            assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
+            try (ElasticsearchResponse response = restClient.performRequest("POST", path + "/_update",
+                    Collections.emptyMap(), body, basicAuthHeader)) {
+                assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
+            }

-            response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader);
-            assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
-            String responseBody = EntityUtils.toString(response.getEntity());
-            assertThat(responseBody, containsString("\"test\":\"test\""));
-            assertThat(responseBody, containsString("\"not test\":\"not test\""));
+            try (ElasticsearchResponse response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) {
+                assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
+                String responseBody = EntityUtils.toString(response.getEntity());
+                assertThat(responseBody, containsString("\"test\":\"test\""));
+                assertThat(responseBody, containsString("\"not test\":\"not test\""));
+            }

            // this part is important. Without this, the document may be read from the translog which would bypass the bug where
            // FLS kicks in because the request can't be found and only returns meta fields
@ -109,14 +115,17 @@ public class BulkUpdateTests extends ShieldIntegTestCase {

            body = new StringEntity("{\"update\": {\"_index\": \"index1\", \"_type\": \"type\", \"_id\": \"1\"}}\n" +
                    "{\"doc\": {\"bulk updated\":\"bulk updated\"}}\n", RestClient.JSON_CONTENT_TYPE);
-            response = restClient.performRequest("POST", "/_bulk", Collections.emptyMap(), body, basicAuthHeader);
-            assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
+            try (ElasticsearchResponse response = restClient.performRequest("POST", "/_bulk",
+                    Collections.emptyMap(), body, basicAuthHeader)) {
+                assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
+            }

-            response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader);
-            responseBody = EntityUtils.toString(response.getEntity());
-            assertThat(responseBody, containsString("\"test\":\"test\""));
-            assertThat(responseBody, containsString("\"not test\":\"not test\""));
-            assertThat(responseBody, containsString("\"bulk updated\":\"bulk updated\""));
+            try (ElasticsearchResponse response = restClient.performRequest("GET", path, Collections.emptyMap(), null, basicAuthHeader)) {
+                String responseBody = EntityUtils.toString(response.getEntity());
+                assertThat(responseBody, containsString("\"test\":\"test\""));
+                assertThat(responseBody, containsString("\"not test\":\"not test\""));
+                assertThat(responseBody, containsString("\"bulk updated\":\"bulk updated\""));
+            }
        }
    }
 }
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRealmsCacheTests.java
@ -167,12 +167,13 @@ public class ClearRealmsCacheTests extends ShieldIntegTestCase {

        static void executeHttpRequest(String path, Map<String, String> params) throws Exception {
            try (RestClient restClient = restClient()) {
-                ElasticsearchResponse response = restClient.performRequest("POST", path, params, null,
+                try (ElasticsearchResponse response = restClient.performRequest("POST", path, params, null,
                        new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
                                UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME,
-                                        new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))));
-                assertNotNull(response.getEntity());
-                assertTrue(EntityUtils.toString(response.getEntity()).contains("cluster_name"));
+                                        new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) {
+                    assertNotNull(response.getEntity());
+                    assertTrue(EntityUtils.toString(response.getEntity()).contains("cluster_name"));
+                }
            }
        }
    }
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/ClearRolesCacheTests.java
@ -138,11 +138,12 @@ public class ClearRolesCacheTests extends NativeRealmIntegTestCase {
                path = "/_xpack/security/role/" + Strings.arrayToCommaDelimitedString(rolesToClear) + "/_clear_cache";
            }
            try (RestClient restClient = restClient()) {
-                ElasticsearchResponse response = restClient.performRequest("POST", path, Collections.emptyMap(), null,
+                try (ElasticsearchResponse response = restClient.performRequest("POST", path, Collections.emptyMap(), null,
                        new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
                                UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME,
-                                        new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))));
-                assertThat(response.getStatusLine().getStatusCode(), is(RestStatus.OK.getStatus()));
+                                        new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) {
+                    assertThat(response.getStatusLine().getStatusCode(), is(RestStatus.OK.getStatus()));
+                }
            }
        } else {
            securityClient.prepareClearRolesCache().names(rolesToClear).get();
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/integration/LicensingTests.java
@ -198,9 +198,10 @@ public class LicensingTests extends ShieldIntegTestCase {

    public void testRestAuthenticationByLicenseType() throws Exception {
        try (RestClient restClient = restClient()) {
-            ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null);
-            // the default of the licensing tests is basic
-            assertThat(response.getStatusLine().getStatusCode(), is(200));
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null)) {
+                // the default of the licensing tests is basic
+                assertThat(response.getStatusLine().getStatusCode(), is(200));
+            }

            // generate a new license with a mode that enables auth
            OperationMode mode = randomFrom(OperationMode.GOLD, OperationMode.TRIAL, OperationMode.PLATINUM, OperationMode.STANDARD);
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/ShieldPluginTests.java
@ -44,11 +44,12 @@ public class ShieldPluginTests extends ShieldIntegTestCase {
            }

            logger.info("executing authorized request to /_xpack infos");
-            ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack", Collections.emptyMap(), null,
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack", Collections.emptyMap(), null,
                    new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
                            basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME,
-                                    new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))));
-            assertThat(response.getStatusLine().getStatusCode(), is(OK.getStatus()));
+                                    new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) {
+                assertThat(response.getStatusLine().getStatusCode(), is(OK.getStatus()));
+            }
        }
    }
 }
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/RunAsIntegTests.java
@ -142,12 +142,13 @@ public class RunAsIntegTests extends ShieldIntegTestCase {
            }

            // but when running as a different user it should work
-            ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null,
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null,
                    new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
                            UsernamePasswordToken.basicAuthHeaderValue(RUN_AS_USER,
                                    SecuredStringTests.build(ShieldSettingsSource.DEFAULT_PASSWORD))),
-                    new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME));
-            assertThat(response.getStatusLine().getStatusCode(), is(200));
+                    new BasicHeader(InternalAuthenticationService.RUN_AS_USER_HEADER, ShieldSettingsSource.DEFAULT_USER_NAME))) {
+                assertThat(response.getStatusLine().getStatusCode(), is(200));
+            }
        }
    }

--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiOptionalClientAuthTests.java
@ -89,11 +89,12 @@ public class PkiOptionalClientAuthTests extends ShieldIntegTestCase {
                assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401));
            }

-            ElasticsearchResponse response = restClient.performRequest("GET", "_nodes", Collections.emptyMap(), null,
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "_nodes", Collections.emptyMap(), null,
                    new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
                            UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME,
-                                    new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))));
-            assertThat(response.getStatusLine().getStatusCode(), is(200));
+                                    new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) {
+                assertThat(response.getStatusLine().getStatusCode(), is(200));
+            }
        }
    }

--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutClientAuthenticationTests.java
@ -81,11 +81,12 @@ public class PkiWithoutClientAuthenticationTests extends ShieldIntegTestCase {
        sc.init(null, trustAllCerts, new SecureRandom());
        CloseableHttpClient httpClient = HttpClients.custom().setSslcontext(sc).build();
        try (RestClient restClient =  restClient(httpClient, "https")) {
-            ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null,
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null,
                    new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
                            UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME,
-                                    new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))));
-            assertThat(response.getStatusLine().getStatusCode(), is(200));
+                                    new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) {
+                assertThat(response.getStatusLine().getStatusCode(), is(200));
+            }
        }
    }
 }
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/authc/pki/PkiWithoutSSLTests.java
@ -45,11 +45,12 @@ public class PkiWithoutSSLTests extends ShieldIntegTestCase {

    public void testThatHttpWorks() throws Exception {
        try (RestClient restClient = restClient()) {
-            ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null,
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes", Collections.emptyMap(), null,
                    new BasicHeader(UsernamePasswordToken.BASIC_AUTH_HEADER,
                            UsernamePasswordToken.basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME,
-                                    new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))));
-            assertThat(response.getStatusLine().getStatusCode(), is(200));
+                                    new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) {
+                assertThat(response.getStatusLine().getStatusCode(), is(200));
+            }
        }
    }
 }
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/rest/action/RestAuthenticateActionTests.java
@ -53,39 +53,41 @@ public class RestAuthenticateActionTests extends ShieldIntegTestCase {

    public void testAuthenticateApi() throws Exception {
        try (RestClient restClient = restClient()) {
-            ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate", Collections.emptyMap(),
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate", Collections.emptyMap(),
                    null, new BasicHeader("Authorization", basicAuthHeaderValue(ShieldSettingsSource.DEFAULT_USER_NAME,
-                            new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))));
-            assertThat(response.getStatusLine().getStatusCode(), is(200));
-            JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity()));
-            assertThat(jsonPath.evaluate("username").toString(), equalTo(ShieldSettingsSource.DEFAULT_USER_NAME));
-            @SuppressWarnings("unchecked")
-            List<String> roles = (List<String>) jsonPath.evaluate("roles");
-            assertThat(roles.size(), is(1));
-            assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE));
+                            new SecuredString(ShieldSettingsSource.DEFAULT_PASSWORD.toCharArray()))))) {
+                assertThat(response.getStatusLine().getStatusCode(), is(200));
+                JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity()));
+                assertThat(jsonPath.evaluate("username").toString(), equalTo(ShieldSettingsSource.DEFAULT_USER_NAME));
+                @SuppressWarnings("unchecked")
+                List<String> roles = (List<String>) jsonPath.evaluate("roles");
+                assertThat(roles.size(), is(1));
+                assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE));
+            }
        }
    }

    public void testAuthenticateApiWithoutAuthentication() throws Exception {
        try (RestClient restClient = restClient()) {
-            ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate",
-                    Collections.emptyMap(), null);
-            if (anonymousEnabled) {
-                assertThat(response.getStatusLine().getStatusCode(), is(200));
-                JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity()));
-                assertThat(jsonPath.evaluate("username").toString(), equalTo("anon"));
-                @SuppressWarnings("unchecked")
-                List<String> roles = (List<String>) jsonPath.evaluate("roles");
-                assertThat(roles.size(), is(2));
-                assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE, "foo"));
-            } else {
-                fail("request should have failed");
-            }
-        } catch(ElasticsearchResponseException e) {
-            if (anonymousEnabled) {
-                fail("request should have succeeded");
-            } else {
-                assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401));
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/_xpack/security/_authenticate",
+                    Collections.emptyMap(), null)) {
+                if (anonymousEnabled) {
+                    assertThat(response.getStatusLine().getStatusCode(), is(200));
+                    JsonPath jsonPath = new JsonPath(EntityUtils.toString(response.getEntity()));
+                    assertThat(jsonPath.evaluate("username").toString(), equalTo("anon"));
+                    @SuppressWarnings("unchecked")
+                    List<String> roles = (List<String>) jsonPath.evaluate("roles");
+                    assertThat(roles.size(), is(2));
+                    assertThat(roles, contains(ShieldSettingsSource.DEFAULT_ROLE, "foo"));
+                } else {
+                    fail("request should have failed");
+                }
+            } catch(ElasticsearchResponseException e) {
+                if (anonymousEnabled) {
+                    fail("request should have succeeded");
+                } else {
+                    assertThat(e.getElasticsearchResponse().getStatusLine().getStatusCode(), is(401));
+                }
            }
        }
    }
--- a/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java
+++ b/elasticsearch/x-pack/shield/src/test/java/org/elasticsearch/shield/transport/ssl/SslClientAuthTests.java
@ -83,10 +83,11 @@ public class SslClientAuthTests extends ShieldIntegTestCase {
        CloseableHttpClient client = HttpClients.custom().setSSLSocketFactory(socketFactory).build();

        try (RestClient restClient = restClient(client, "https")) {
-            ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null,
-                    new BasicHeader("Authorization", basicAuthHeaderValue(transportClientUsername(), transportClientPassword())));
-            assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
-            assertThat(EntityUtils.toString(response.getEntity()), containsString("You Know, for Search"));
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/", Collections.emptyMap(), null,
+                    new BasicHeader("Authorization", basicAuthHeaderValue(transportClientUsername(), transportClientPassword())))) {
+                assertThat(response.getStatusLine().getStatusCode(), equalTo(200));
+                assertThat(EntityUtils.toString(response.getEntity()), containsString("You Know, for Search"));
+            }
        }
    }

--- a/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java
+++ b/elasticsearch/x-pack/watcher/src/test/java/org/elasticsearch/xpack/watcher/test/integration/WatcherSettingsFilterTests.java
@ -63,15 +63,17 @@ public class WatcherSettingsFilterTests extends AbstractWatcherIntegrationTestCa
            } else {
                headers = new Header[0];
            }
-            ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings", Collections.emptyMap(), null, headers);
-            Map<String, Object> responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map();
-            Map<String, Object> nodes = (Map<String, Object>) responseMap.get("nodes");
-            for (Object node : nodes.values()) {
-                Map<String, Object> settings = (Map<String, Object>) ((Map<String, Object>) node).get("settings");
-                assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.user", settings),
-                        is((Object) "_user"));
-                assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.password", settings),
-                        nullValue());
+            try (ElasticsearchResponse response = restClient.performRequest("GET", "/_nodes/settings",
+                    Collections.emptyMap(), null, headers)) {
+                Map<String, Object> responseMap = JsonXContent.jsonXContent.createParser(response.getEntity().getContent()).map();
+                Map<String, Object> nodes = (Map<String, Object>) responseMap.get("nodes");
+                for (Object node : nodes.values()) {
+                    Map<String, Object> settings = (Map<String, Object>) ((Map<String, Object>) node).get("settings");
+                    assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.user", settings),
+                            is((Object) "_user"));
+                    assertThat(XContentMapValues.extractValue("xpack.notification.email.account._email.smtp.password", settings),
+                            nullValue());
+                }
            }
        }
    }