/**
* Usual constructor, takes a set of properties; also (experimental) permits defining a
* brooklynProperties source
*/
public AbstractApplication(Map properties) {
super(properties);
if (properties.containsKey("mgmt")) {
mgmt = (ManagementContext) properties.remove("mgmt");
}
// TODO decide whether this is the best way to inject properties like this
Object propsSource = null;
if (properties.containsKey("brooklynProperties")) {
propsSource = properties.remove("brooklynProperties");
} else if (properties.containsKey("brooklyn.properties")) {
propsSource = properties.remove("brooklyn.properties");
}
if (propsSource instanceof String) {
Properties p = new Properties();
try {
p.load(new ResourceUtils(this).getResourceFromUrl((String) propsSource));
} catch (IOException e) {
throw new IllegalArgumentException(
"Invalid brooklyn properties source " + propsSource + ": " + e, e);
}
propsSource = p;
}
if (propsSource instanceof BrooklynProperties) {
brooklynProperties = (BrooklynProperties) propsSource;
} else if (propsSource instanceof Map) {
brooklynProperties = BrooklynProperties.Factory.newEmpty().addFromMap((Map) propsSource);
} else {
if (propsSource != null)
throw new IllegalArgumentException("Invalid brooklyn properties source " + propsSource);
brooklynProperties = BrooklynProperties.Factory.newDefault();
}
setAttribute(SERVICE_UP, false);
setAttribute(Attributes.SERVICE_STATE, Lifecycle.CREATED);
}
private static BrooklynProperties emptyIfNull(BrooklynProperties bp) {
if (bp != null) return bp;
return BrooklynProperties.Factory.newEmpty();
}
/**
* [sam] Other tests rely on brooklyn.properties not containing security properties so .. I think
* the best way to test this is to set a security provider, then reload properties and check no
* authentication is required.
*
* <p>[aled] Changing this test so doesn't rely on brooklyn.properties having no security provider
* (that can lead to failures locally when running just this test). Asserts
*/
@Test(groups = "Integration")
public void testSecurityProviderUpdatesWhenPropertiesReloaded() {
BrooklynProperties brooklynProperties = BrooklynProperties.Factory.newEmpty();
brooklynProperties.put("brooklyn.webconsole.security.users", "admin");
brooklynProperties.put("brooklyn.webconsole.security.user.admin.password", "mypassword");
UsernamePasswordCredentials defaultCredential =
new UsernamePasswordCredentials("admin", "mypassword");
ManagementContext mgmt = new LocalManagementContext(brooklynProperties);
try {
Server server =
useServerForTest(
BrooklynRestApiLauncher.launcher()
.managementContext(mgmt)
.withoutJsgui()
.securityProvider(TestSecurityProvider.class)
.start());
String baseUri = getBaseUri(server);
HttpToolResponse response;
final URI uri = URI.create(getBaseUri() + "/v1/server/properties/reload");
final Map<String, String> args = Collections.emptyMap();
// Unauthorised when no credentials, and when default credentials.
response = HttpTool.httpPost(httpClientBuilder().uri(baseUri).build(), uri, args, args);
assertEquals(response.getResponseCode(), HttpStatus.SC_UNAUTHORIZED);
response =
HttpTool.httpPost(
httpClientBuilder().uri(baseUri).credentials(defaultCredential).build(),
uri,
args,
args);
assertEquals(response.getResponseCode(), HttpStatus.SC_UNAUTHORIZED);
// Accepts TestSecurityProvider credentials, and we reload.
response =
HttpTool.httpPost(
httpClientBuilder().uri(baseUri).credentials(TestSecurityProvider.CREDENTIAL).build(),
uri,
args,
args);
HttpTestUtils.assertHealthyStatusCode(response.getResponseCode());
// Has no gone back to credentials from brooklynProperties; TestSecurityProvider credentials
// no longer work
response =
HttpTool.httpPost(
httpClientBuilder().uri(baseUri).credentials(defaultCredential).build(),
uri,
args,
args);
HttpTestUtils.assertHealthyStatusCode(response.getResponseCode());
response =
HttpTool.httpPost(
httpClientBuilder().uri(baseUri).credentials(TestSecurityProvider.CREDENTIAL).build(),
uri,
args,
args);
assertEquals(response.getResponseCode(), HttpStatus.SC_UNAUTHORIZED);
} finally {
((ManagementContextInternal) mgmt).terminate();
}
}
