1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 * See the License for the specific language governing permissions and 16 * limitations under the License. 17 */ 18 19 package org.apache.zookeeper.test; 20 21 import static org.junit.jupiter.api.Assertions.assertEquals; 22 import static org.junit.jupiter.api.Assertions.fail; 23 import java.util.concurrent.CountDownLatch; 24 import java.util.concurrent.TimeUnit; 25 import java.util.concurrent.atomic.AtomicInteger; 26 import org.apache.zookeeper.CreateMode; 27 import org.apache.zookeeper.JaasConfiguration; 28 import org.apache.zookeeper.KeeperException; 29 import org.apache.zookeeper.WatchedEvent; 30 import org.apache.zookeeper.Watcher.Event.KeeperState; 31 import org.apache.zookeeper.ZooDefs.Ids; 32 import org.apache.zookeeper.ZooKeeper; 33 import org.apache.zookeeper.server.ZooKeeperSaslServer; 34 import org.junit.jupiter.api.Test; 35 36 public class SaslAuthDesignatedServerTest extends ClientBase { 37 38 public static int AUTHENTICATION_TIMEOUT = 30000; 39 40 static { 41 System.setProperty("zookeeper.authProvider.1", "org.apache.zookeeper.server.auth.SASLAuthenticationProvider"); System.setProperty(ZooKeeperSaslServer.LOGIN_CONTEXT_NAME_KEY, R)42 System.setProperty(ZooKeeperSaslServer.LOGIN_CONTEXT_NAME_KEY, "MyZookeeperServer"); 43 44 JaasConfiguration conf = new JaasConfiguration(); 45 46 /* this 'Server' section has an incorrect password, but we're not configured 47 * to use it (we're configured by the above System.setProperty(...LOGIN_CONTEXT_NAME_KEY...) 48 * to use the 'MyZookeeperServer' section below, which has the correct password). 49 */ 50 conf.addSection("Server", "org.apache.zookeeper.server.auth.DigestLoginModule", "user_myuser", "wrongpassword"); 51 52 conf.addSection("MyZookeeperServer", "org.apache.zookeeper.server.auth.DigestLoginModule", "user_myuser", "mypassword"); 53 54 conf.addSection("Client", "org.apache.zookeeper.server.auth.DigestLoginModule", "username", "myuser", "password", "mypassword"); 55 56 javax.security.auth.login.Configuration.setConfiguration(conf); 57 } 58 59 private AtomicInteger authFailed = new AtomicInteger(0); 60 61 private class MyWatcher extends CountdownWatcher { 62 63 volatile CountDownLatch authCompleted; 64 65 @Override reset()66 public synchronized void reset() { 67 authCompleted = new CountDownLatch(1); 68 super.reset(); 69 } 70 71 @Override process(WatchedEvent event)72 public synchronized void process(WatchedEvent event) { 73 if (event.getState() == KeeperState.AuthFailed) { 74 authFailed.incrementAndGet(); 75 authCompleted.countDown(); 76 } else if (event.getState() == KeeperState.SaslAuthenticated) { 77 authCompleted.countDown(); 78 } else { 79 super.process(event); 80 } 81 } 82 83 } 84 85 @Test testAuth()86 public void testAuth() throws Exception { 87 MyWatcher watcher = new MyWatcher(); 88 ZooKeeper zk = createClient(watcher); 89 watcher.authCompleted.await(AUTHENTICATION_TIMEOUT, TimeUnit.MILLISECONDS); 90 assertEquals(authFailed.get(), 0); 91 92 try { 93 zk.create("/path1", null, Ids.CREATOR_ALL_ACL, CreateMode.PERSISTENT); 94 } catch (KeeperException e) { 95 fail("test failed :" + e); 96 } finally { 97 zk.close(); 98 } 99 } 100 101 } 102