private String getServerUser(Server server) throws Exception { HttpClient client = httpClientBuilder() .uri(getBaseUri(server)) .credentials(TestSecurityProvider.CREDENTIAL) .build(); HttpToolResponse response = HttpTool.httpGet( client, URI.create(getBaseUri(server) + "/v1/server/user"), ImmutableMap.<String, String>of()); HttpTestUtils.assertHealthyStatusCode(response.getResponseCode()); return response.getContentAsString(); }
/** * [sam] Other tests rely on brooklyn.properties not containing security properties so .. I think * the best way to test this is to set a security provider, then reload properties and check no * authentication is required. * * <p>[aled] Changing this test so doesn't rely on brooklyn.properties having no security provider * (that can lead to failures locally when running just this test). Asserts */ @Test(groups = "Integration") public void testSecurityProviderUpdatesWhenPropertiesReloaded() { BrooklynProperties brooklynProperties = BrooklynProperties.Factory.newEmpty(); brooklynProperties.put("brooklyn.webconsole.security.users", "admin"); brooklynProperties.put("brooklyn.webconsole.security.user.admin.password", "mypassword"); UsernamePasswordCredentials defaultCredential = new UsernamePasswordCredentials("admin", "mypassword"); ManagementContext mgmt = new LocalManagementContext(brooklynProperties); try { Server server = useServerForTest( BrooklynRestApiLauncher.launcher() .managementContext(mgmt) .withoutJsgui() .securityProvider(TestSecurityProvider.class) .start()); String baseUri = getBaseUri(server); HttpToolResponse response; final URI uri = URI.create(getBaseUri() + "/v1/server/properties/reload"); final Map<String, String> args = Collections.emptyMap(); // Unauthorised when no credentials, and when default credentials. response = HttpTool.httpPost(httpClientBuilder().uri(baseUri).build(), uri, args, args); assertEquals(response.getResponseCode(), HttpStatus.SC_UNAUTHORIZED); response = HttpTool.httpPost( httpClientBuilder().uri(baseUri).credentials(defaultCredential).build(), uri, args, args); assertEquals(response.getResponseCode(), HttpStatus.SC_UNAUTHORIZED); // Accepts TestSecurityProvider credentials, and we reload. response = HttpTool.httpPost( httpClientBuilder().uri(baseUri).credentials(TestSecurityProvider.CREDENTIAL).build(), uri, args, args); HttpTestUtils.assertHealthyStatusCode(response.getResponseCode()); // Has no gone back to credentials from brooklynProperties; TestSecurityProvider credentials // no longer work response = HttpTool.httpPost( httpClientBuilder().uri(baseUri).credentials(defaultCredential).build(), uri, args, args); HttpTestUtils.assertHealthyStatusCode(response.getResponseCode()); response = HttpTool.httpPost( httpClientBuilder().uri(baseUri).credentials(TestSecurityProvider.CREDENTIAL).build(), uri, args, args); assertEquals(response.getResponseCode(), HttpStatus.SC_UNAUTHORIZED); } finally { ((ManagementContextInternal) mgmt).terminate(); } }