diff --git a/storm-core/test/clj/backtype/storm/security/auth/auth_test.clj b/storm-core/test/clj/backtype/storm/security/auth/auth_test.clj index d21de1d09..ece0b8c0b 100644 --- a/storm-core/test/clj/backtype/storm/security/auth/auth_test.clj +++ b/storm-core/test/clj/backtype/storm/security/auth/auth_test.clj @@ -123,101 +123,105 @@ )) (deftest Simple-authentication-test - (with-server [6627 nil nil "backtype.storm.security.auth.SimpleTransportPlugin"] - (let [storm-conf (merge (read-storm-config) - {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.SimpleTransportPlugin"}) - client (NimbusClient. storm-conf "localhost" 6627 nimbus-timeout) - nimbus_client (.getClient client)] - (.activate nimbus_client "security_auth_test_topology") - (.close client)) - - (let [storm-conf (merge (read-storm-config) - {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" - "java.security.auth.login.config" "test/clj/backtype/storm/security/auth/jaas_digest.conf"})] - (testing "(Negative authentication) Server: Simple vs. Client: Digest" - (is (thrown-cause? java.net.SocketTimeoutException - (NimbusClient. storm-conf "localhost" 6627 nimbus-timeout))))))) + (let [a-port (available-port)] + (with-server [a-port nil nil "backtype.storm.security.auth.SimpleTransportPlugin"] + (let [storm-conf (merge (read-storm-config) + {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.SimpleTransportPlugin"}) + client (NimbusClient. storm-conf "localhost" a-port nimbus-timeout) + nimbus_client (.getClient client)] + (.activate nimbus_client "security_auth_test_topology") + (.close client)) + + (let [storm-conf (merge (read-storm-config) + {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" + "java.security.auth.login.config" "test/clj/backtype/storm/security/auth/jaas_digest.conf"})] + (testing "(Negative authentication) Server: Simple vs. Client: Digest" + (is (thrown-cause? java.net.SocketTimeoutException + (NimbusClient. storm-conf "localhost" a-port nimbus-timeout)))))))) (deftest positive-authorization-test - (with-server [6627 nil - "backtype.storm.security.auth.authorizer.NoopAuthorizer" - "backtype.storm.security.auth.SimpleTransportPlugin"] - (let [storm-conf (merge (read-storm-config) - {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.SimpleTransportPlugin"}) - client (NimbusClient. storm-conf "localhost" 6627 nimbus-timeout) - nimbus_client (.getClient client)] - (testing "(Positive authorization) Authorization plugin should accept client request" - (.activate nimbus_client "security_auth_test_topology")) - (.close client)))) + (let [a-port (available-port)] + (with-server [a-port nil + "backtype.storm.security.auth.authorizer.NoopAuthorizer" + "backtype.storm.security.auth.SimpleTransportPlugin"] + (let [storm-conf (merge (read-storm-config) + {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.SimpleTransportPlugin"}) + client (NimbusClient. storm-conf "localhost" a-port nimbus-timeout) + nimbus_client (.getClient client)] + (testing "(Positive authorization) Authorization plugin should accept client request" + (.activate nimbus_client "security_auth_test_topology")) + (.close client))))) (deftest deny-authorization-test - (with-server [6627 nil - "backtype.storm.security.auth.authorizer.DenyAuthorizer" - "backtype.storm.security.auth.SimpleTransportPlugin"] - (let [storm-conf (merge (read-storm-config) - {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.SimpleTransportPlugin" - Config/NIMBUS_HOST "localhost" - Config/NIMBUS_THRIFT_PORT 6627 - Config/NIMBUS_TASK_TIMEOUT_SECS nimbus-timeout}) - client (NimbusClient/getConfiguredClient storm-conf) - nimbus_client (.getClient client)] - (testing "(Negative authorization) Authorization plugin should reject client request" - (is (thrown? TTransportException - (.activate nimbus_client "security_auth_test_topology")))) - (.close client)))) + (let [a-port (available-port)] + (with-server [a-port nil + "backtype.storm.security.auth.authorizer.DenyAuthorizer" + "backtype.storm.security.auth.SimpleTransportPlugin"] + (let [storm-conf (merge (read-storm-config) + {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.SimpleTransportPlugin" + Config/NIMBUS_HOST "localhost" + Config/NIMBUS_THRIFT_PORT a-port + Config/NIMBUS_TASK_TIMEOUT_SECS nimbus-timeout}) + client (NimbusClient/getConfiguredClient storm-conf) + nimbus_client (.getClient client)] + (testing "(Negative authorization) Authorization plugin should reject client request" + (is (thrown? TTransportException + (.activate nimbus_client "security_auth_test_topology")))) + (.close client))))) (deftest digest-authentication-test - (with-server [6630 - "test/clj/backtype/storm/security/auth/jaas_digest.conf" - nil - "backtype.storm.security.auth.digest.DigestSaslTransportPlugin"] - (let [storm-conf (merge (read-storm-config) - {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" - "java.security.auth.login.config" "test/clj/backtype/storm/security/auth/jaas_digest.conf"}) - client (NimbusClient. storm-conf "localhost" 6630 nimbus-timeout) - nimbus_client (.getClient client)] - (testing "(Positive authentication) valid digest authentication" - (.activate nimbus_client "security_auth_test_topology")) - (.close client)) - - (let [storm-conf (merge (read-storm-config) - {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.SimpleTransportPlugin"}) - client (NimbusClient. storm-conf "localhost" 6630 nimbus-timeout) - nimbus_client (.getClient client)] - (testing "(Negative authentication) Server: Digest vs. Client: Simple" - (is (thrown-cause? java.net.SocketTimeoutException - (.activate nimbus_client "security_auth_test_topology")))) - (.close client)) + (let [a-port (available-port)] + (with-server [a-port + "test/clj/backtype/storm/security/auth/jaas_digest.conf" + nil + "backtype.storm.security.auth.digest.DigestSaslTransportPlugin"] + (let [storm-conf (merge (read-storm-config) + {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" + "java.security.auth.login.config" "test/clj/backtype/storm/security/auth/jaas_digest.conf"}) + client (NimbusClient. storm-conf "localhost" a-port nimbus-timeout) + nimbus_client (.getClient client)] + (testing "(Positive authentication) valid digest authentication" + (.activate nimbus_client "security_auth_test_topology")) + (.close client)) - (let [storm-conf (merge (read-storm-config) - {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" + (let [storm-conf (merge (read-storm-config) + {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.SimpleTransportPlugin"}) + client (NimbusClient. storm-conf "localhost" a-port nimbus-timeout) + nimbus_client (.getClient client)] + (testing "(Negative authentication) Server: Digest vs. Client: Simple" + (is (thrown-cause? java.net.SocketTimeoutException + (.activate nimbus_client "security_auth_test_topology")))) + (.close client)) + + (let [storm-conf (merge (read-storm-config) + {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" "java.security.auth.login.config" "test/clj/backtype/storm/security/auth/jaas_digest_bad_password.conf"})] - (testing "(Negative authentication) Invalid password" - (is (thrown? TTransportException - (NimbusClient. storm-conf "localhost" 6630 nimbus-timeout))))) + (testing "(Negative authentication) Invalid password" + (is (thrown? TTransportException + (NimbusClient. storm-conf "localhost" a-port nimbus-timeout))))) + + (let [storm-conf (merge (read-storm-config) + {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" + "java.security.auth.login.config" "test/clj/backtype/storm/security/auth/jaas_digest_unknown_user.conf"})] + (testing "(Negative authentication) Unknown user" + (is (thrown? TTransportException + (NimbusClient. storm-conf "localhost" a-port nimbus-timeout))))) + + (let [storm-conf (merge (read-storm-config) + {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" + "java.security.auth.login.config" "test/clj/backtype/storm/security/auth/nonexistent.conf"})] + (testing "(Negative authentication) nonexistent configuration file" + (is (thrown? RuntimeException + (NimbusClient. storm-conf "localhost" a-port nimbus-timeout))))) - (let [storm-conf (merge (read-storm-config) - {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" - "java.security.auth.login.config" "test/clj/backtype/storm/security/auth/jaas_digest_unknown_user.conf"})] - (testing "(Negative authentication) Unknown user" - (is (thrown? TTransportException - (NimbusClient. storm-conf "localhost" 6630 nimbus-timeout))))) - - (let [storm-conf (merge (read-storm-config) - {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" - "java.security.auth.login.config" "test/clj/backtype/storm/security/auth/nonexistent.conf"})] - (testing "(Negative authentication) nonexistent configuration file" - (is (thrown? RuntimeException - (NimbusClient. storm-conf "localhost" 6630 nimbus-timeout))))) - - (let [storm-conf (merge (read-storm-config) - {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" - "java.security.auth.login.config" "test/clj/backtype/storm/security/auth/jaas_digest_missing_client.conf"})] - (testing "(Negative authentication) Missing client" - (is (thrown-cause? java.io.IOException - (NimbusClient. storm-conf "localhost" 6630 nimbus-timeout))))))) - - + (let [storm-conf (merge (read-storm-config) + {STORM-THRIFT-TRANSPORT-PLUGIN "backtype.storm.security.auth.digest.DigestSaslTransportPlugin" + "java.security.auth.login.config" "test/clj/backtype/storm/security/auth/jaas_digest_missing_client.conf"})] + (testing "(Negative authentication) Missing client" + (is (thrown-cause? java.io.IOException + (NimbusClient. storm-conf "localhost" a-port nimbus-timeout)))))))) + + (deftest test-GetTransportPlugin-throws-RuntimeException (let [conf (merge (read-storm-config) {Config/STORM_THRIFT_TRANSPORT_PLUGIN "null.invalid"})]