diff options
Diffstat (limited to 'qpid/java/broker-plugins/firewall/src/test/java/org/apache/qpid/server/security/access/FirewallConfigurationTest.java')
-rw-r--r-- | qpid/java/broker-plugins/firewall/src/test/java/org/apache/qpid/server/security/access/FirewallConfigurationTest.java | 148 |
1 files changed, 92 insertions, 56 deletions
diff --git a/qpid/java/broker-plugins/firewall/src/test/java/org/apache/qpid/server/security/access/FirewallConfigurationTest.java b/qpid/java/broker-plugins/firewall/src/test/java/org/apache/qpid/server/security/access/FirewallConfigurationTest.java index e078675efc..ab8957e7ef 100644 --- a/qpid/java/broker-plugins/firewall/src/test/java/org/apache/qpid/server/security/access/FirewallConfigurationTest.java +++ b/qpid/java/broker-plugins/firewall/src/test/java/org/apache/qpid/server/security/access/FirewallConfigurationTest.java @@ -28,19 +28,12 @@ import java.net.InetSocketAddress; import org.apache.qpid.server.registry.ApplicationRegistry; import org.apache.qpid.server.registry.ConfigurationFileApplicationRegistry; +import org.apache.qpid.server.util.InternalBrokerBaseCase; import org.apache.qpid.server.virtualhost.VirtualHost; import org.apache.qpid.server.virtualhost.VirtualHostRegistry; -import org.apache.qpid.test.utils.QpidTestCase; -public class FirewallConfigurationTest extends QpidTestCase +public class FirewallConfigurationTest extends InternalBrokerBaseCase { - @Override - protected void tearDown() throws Exception - { - super.tearDown(); - ApplicationRegistry.remove(); - } - public void testFirewallConfiguration() throws Exception { // Write out config @@ -50,11 +43,18 @@ public class FirewallConfigurationTest extends QpidTestCase // Load config ApplicationRegistry reg = new ConfigurationFileApplicationRegistry(mainFile); - ApplicationRegistry.initialise(reg); + try + { + ApplicationRegistry.initialise(reg, 1); - // Test config - assertFalse(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); - assertTrue(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.1.2.3", 65535))); + // Test config + assertFalse(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); + assertTrue(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.1.2.3", 65535))); + } + finally + { + ApplicationRegistry.remove(1); + } } public void testCombinedConfigurationFirewall() throws Exception @@ -80,8 +80,9 @@ public class FirewallConfigurationTest extends QpidTestCase out.write("\t<cache-directory>${QPID_WORK}/cache</cache-directory>\n"); out.write("\t<management><enabled>false</enabled></management>\n"); out.write("\t<security>\n"); - out.write("\t\t<pd-auth-manager>\n"); + out.write("\t\t<principal-databases>\n"); out.write("\t\t\t<principal-database>\n"); + out.write("\t\t\t\t<name>passwordfile</name>\n"); out.write("\t\t\t\t<class>org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase</class>\n"); out.write("\t\t\t\t<attributes>\n"); out.write("\t\t\t\t\t<attribute>\n"); @@ -90,7 +91,11 @@ public class FirewallConfigurationTest extends QpidTestCase out.write("\t\t\t\t\t</attribute>\n"); out.write("\t\t\t\t</attributes>\n"); out.write("\t\t\t</principal-database>\n"); - out.write("\t\t</pd-auth-manager>\n"); + out.write("\t\t</principal-databases>\n"); + out.write("\t\t<jmx>\n"); + out.write("\t\t\t<access>/dev/null</access>\n"); + out.write("\t\t\t<principal-database>passwordfile</principal-database>\n"); + out.write("\t\t</jmx>\n"); out.write("\t\t<firewall>\n"); out.write("\t\t\t<xml fileName=\"" + fileB.getAbsolutePath() + "\"/>"); out.write("\t\t</firewall>\n"); @@ -111,10 +116,17 @@ public class FirewallConfigurationTest extends QpidTestCase // Load config ApplicationRegistry reg = new ConfigurationFileApplicationRegistry(mainFile); - ApplicationRegistry.initialise(reg); + try + { + ApplicationRegistry.initialise(reg, 1); - // Test config - assertFalse(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); + // Test config + assertFalse(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); + } + finally + { + ApplicationRegistry.remove(1); + } } public void testConfigurationFirewallReload() throws Exception @@ -127,17 +139,24 @@ public class FirewallConfigurationTest extends QpidTestCase // Load config ApplicationRegistry reg = new ConfigurationFileApplicationRegistry(mainFile); - ApplicationRegistry.initialise(reg); + try + { + ApplicationRegistry.initialise(reg, 1); - // Test config - assertFalse(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); + // Test config + assertFalse(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); - // Switch to deny the connection - writeConfigFile(mainFile, true); + // Switch to deny the connection + writeConfigFile(mainFile, true); - reg.getConfiguration().reparseConfigFileSecuritySections(); + reg.getConfiguration().reparseConfigFileSecuritySections(); - assertTrue(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); + assertTrue(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); + } + finally + { + ApplicationRegistry.remove(1); + } } public void testCombinedConfigurationFirewallReload() throws Exception @@ -162,8 +181,9 @@ public class FirewallConfigurationTest extends QpidTestCase out.write("\t<plugin-directory>${QPID_HOME}/lib/plugins</plugin-directory>\n"); out.write("\t<management><enabled>false</enabled></management>\n"); out.write("\t<security>\n"); - out.write("\t\t<pd-auth-manager>\n"); + out.write("\t\t<principal-databases>\n"); out.write("\t\t\t<principal-database>\n"); + out.write("\t\t\t\t<name>passwordfile</name>\n"); out.write("\t\t\t\t<class>org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase</class>\n"); out.write("\t\t\t\t<attributes>\n"); out.write("\t\t\t\t\t<attribute>\n"); @@ -172,7 +192,11 @@ public class FirewallConfigurationTest extends QpidTestCase out.write("\t\t\t\t\t</attribute>\n"); out.write("\t\t\t\t</attributes>\n"); out.write("\t\t\t</principal-database>\n"); - out.write("\t\t</pd-auth-manager>\n"); + out.write("\t\t</principal-databases>\n"); + out.write("\t\t<jmx>\n"); + out.write("\t\t\t<access>/dev/null</access>\n"); + out.write("\t\t\t<principal-database>passwordfile</principal-database>\n"); + out.write("\t\t</jmx>\n"); out.write("\t\t<firewall>\n"); out.write("\t\t\t<xml fileName=\"" + fileB.getAbsolutePath() + "\"/>"); out.write("\t\t</firewall>\n"); @@ -193,40 +217,47 @@ public class FirewallConfigurationTest extends QpidTestCase // Load config ApplicationRegistry reg = new ConfigurationFileApplicationRegistry(mainFile); - ApplicationRegistry.initialise(reg); + try + { + ApplicationRegistry.initialise(reg, 1); - // Test config - assertFalse(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); + // Test config + assertFalse(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); - RandomAccessFile fileBRandom = new RandomAccessFile(fileB, "rw"); - fileBRandom.setLength(0); - fileBRandom.seek(0); - fileBRandom.close(); + RandomAccessFile fileBRandom = new RandomAccessFile(fileB, "rw"); + fileBRandom.setLength(0); + fileBRandom.seek(0); + fileBRandom.close(); - out = new FileWriter(fileB); - out.write("<firewall>\n"); - out.write("\t<rule access=\"allow\" network=\"127.0.0.1\"/>"); - out.write("</firewall>\n"); - out.close(); + out = new FileWriter(fileB); + out.write("<firewall>\n"); + out.write("\t<rule access=\"allow\" network=\"127.0.0.1\"/>"); + out.write("</firewall>\n"); + out.close(); - reg.getConfiguration().reparseConfigFileSecuritySections(); + reg.getConfiguration().reparseConfigFileSecuritySections(); - assertTrue(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); + assertTrue(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); - fileBRandom = new RandomAccessFile(fileB, "rw"); - fileBRandom.setLength(0); - fileBRandom.seek(0); - fileBRandom.close(); + fileBRandom = new RandomAccessFile(fileB, "rw"); + fileBRandom.setLength(0); + fileBRandom.seek(0); + fileBRandom.close(); - out = new FileWriter(fileB); - out.write("<firewall>\n"); - out.write("\t<rule access=\"deny\" network=\"127.0.0.1\"/>"); - out.write("</firewall>\n"); - out.close(); + out = new FileWriter(fileB); + out.write("<firewall>\n"); + out.write("\t<rule access=\"deny\" network=\"127.0.0.1\"/>"); + out.write("</firewall>\n"); + out.close(); - reg.getConfiguration().reparseConfigFileSecuritySections(); + reg.getConfiguration().reparseConfigFileSecuritySections(); - assertFalse(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); + assertFalse(reg.getSecurityManager().accessVirtualhost("test", new InetSocketAddress("127.0.0.1", 65535))); + } + finally + { + ApplicationRegistry.remove(1); + } } private void writeFirewallVhostsFile(File vhostsFile, boolean allow) throws IOException @@ -260,8 +291,9 @@ public class FirewallConfigurationTest extends QpidTestCase out.write("\t<plugin-directory>${QPID_HOME}/lib/plugins</plugin-directory>\n"); out.write("\t<management><enabled>false</enabled></management>\n"); out.write("\t<security>\n"); - out.write("\t\t<pd-auth-manager>\n"); + out.write("\t\t<principal-databases>\n"); out.write("\t\t\t<principal-database>\n"); + out.write("\t\t\t\t<name>passwordfile</name>\n"); out.write("\t\t\t\t<class>org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase</class>\n"); out.write("\t\t\t\t<attributes>\n"); out.write("\t\t\t\t\t<attribute>\n"); @@ -270,7 +302,11 @@ public class FirewallConfigurationTest extends QpidTestCase out.write("\t\t\t\t\t</attribute>\n"); out.write("\t\t\t\t</attributes>\n"); out.write("\t\t\t</principal-database>\n"); - out.write("\t\t</pd-auth-manager>\n"); + out.write("\t\t</principal-databases>\n"); + out.write("\t\t<jmx>\n"); + out.write("\t\t\t<access>/dev/null</access>\n"); + out.write("\t\t\t<principal-database>passwordfile</principal-database>\n"); + out.write("\t\t</jmx>\n"); out.write("\t\t<firewall>\n"); out.write("\t\t\t<rule access=\""+ ((allow) ? "allow" : "deny") +"\" network=\"127.0.0.1\"/>"); out.write("\t\t</firewall>\n"); @@ -310,8 +346,8 @@ public class FirewallConfigurationTest extends QpidTestCase // Load config ApplicationRegistry reg = new ConfigurationFileApplicationRegistry(mainFile); - ApplicationRegistry.initialise(reg); - + ApplicationRegistry.initialise(reg, 1); + // Test config VirtualHostRegistry virtualHostRegistry = reg.getVirtualHostRegistry(); VirtualHost virtualHost = virtualHostRegistry.getVirtualHost("test"); |