コード例 #1
0
 @Test(groups = "Integration")
 public void testGetUser() throws Exception {
   Server server =
       useServerForTest(
           BrooklynRestApiLauncher.launcher()
               .securityProvider(TestSecurityProvider.class)
               .withoutJsgui()
               .start());
   assertEquals(getServerUser(server), TestSecurityProvider.USER);
 }
コード例 #2
0
  @BeforeClass(groups = "Integration")
  public void setUp() throws Exception {
    WebAppContext context;

    // running in source mode; need to use special classpath
    context = new WebAppContext("src/test/webapp", "/");
    context.setExtraClasspath("./target/test-rest-server/");
    context.setAttribute(
        BrooklynServiceAttributes.BROOKLYN_MANAGEMENT_CONTEXT, getManagementContext());

    Server server =
        BrooklynRestApiLauncher.launcher()
            .managementContext(manager)
            .customContext(context)
            .start();

    api = new BrooklynApi("http://localhost:" + server.getConnectors()[0].getPort() + "/");
  }
コード例 #3
0
  /**
   * [sam] Other tests rely on brooklyn.properties not containing security properties so .. I think
   * the best way to test this is to set a security provider, then reload properties and check no
   * authentication is required.
   *
   * <p>[aled] Changing this test so doesn't rely on brooklyn.properties having no security provider
   * (that can lead to failures locally when running just this test). Asserts
   */
  @Test(groups = "Integration")
  public void testSecurityProviderUpdatesWhenPropertiesReloaded() {
    BrooklynProperties brooklynProperties = BrooklynProperties.Factory.newEmpty();
    brooklynProperties.put("brooklyn.webconsole.security.users", "admin");
    brooklynProperties.put("brooklyn.webconsole.security.user.admin.password", "mypassword");
    UsernamePasswordCredentials defaultCredential =
        new UsernamePasswordCredentials("admin", "mypassword");

    ManagementContext mgmt = new LocalManagementContext(brooklynProperties);

    try {
      Server server =
          useServerForTest(
              BrooklynRestApiLauncher.launcher()
                  .managementContext(mgmt)
                  .withoutJsgui()
                  .securityProvider(TestSecurityProvider.class)
                  .start());
      String baseUri = getBaseUri(server);

      HttpToolResponse response;
      final URI uri = URI.create(getBaseUri() + "/v1/server/properties/reload");
      final Map<String, String> args = Collections.emptyMap();

      // Unauthorised when no credentials, and when default credentials.
      response = HttpTool.httpPost(httpClientBuilder().uri(baseUri).build(), uri, args, args);
      assertEquals(response.getResponseCode(), HttpStatus.SC_UNAUTHORIZED);

      response =
          HttpTool.httpPost(
              httpClientBuilder().uri(baseUri).credentials(defaultCredential).build(),
              uri,
              args,
              args);
      assertEquals(response.getResponseCode(), HttpStatus.SC_UNAUTHORIZED);

      // Accepts TestSecurityProvider credentials, and we reload.
      response =
          HttpTool.httpPost(
              httpClientBuilder().uri(baseUri).credentials(TestSecurityProvider.CREDENTIAL).build(),
              uri,
              args,
              args);
      HttpTestUtils.assertHealthyStatusCode(response.getResponseCode());

      // Has no gone back to credentials from brooklynProperties; TestSecurityProvider credentials
      // no longer work
      response =
          HttpTool.httpPost(
              httpClientBuilder().uri(baseUri).credentials(defaultCredential).build(),
              uri,
              args,
              args);
      HttpTestUtils.assertHealthyStatusCode(response.getResponseCode());

      response =
          HttpTool.httpPost(
              httpClientBuilder().uri(baseUri).credentials(TestSecurityProvider.CREDENTIAL).build(),
              uri,
              args,
              args);
      assertEquals(response.getResponseCode(), HttpStatus.SC_UNAUTHORIZED);

    } finally {
      ((ManagementContextInternal) mgmt).terminate();
    }
  }