Package org.apache.solr.cloud

Class SolrCloudAuthTestCase

java.lang.Object

org.junit.Assert

org.apache.lucene.tests.util.LuceneTestCase

org.apache.solr.SolrTestCase

org.apache.solr.SolrTestCaseJ4

org.apache.solr.cloud.SolrCloudTestCase

org.apache.solr.cloud.SolrCloudAuthTestCase

public class SolrCloudAuthTestCase
extends SolrCloudTestCase

Base test class for cloud tests wanting to track authentication metrics. The assertions provided by this base class require a *minimum* count, not exact count from metrics. Warning: Make sure that your test case does not break when beasting.

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.solr.SolrTestCaseJ4

SolrTestCaseJ4.BVal, SolrTestCaseJ4.Doc, SolrTestCaseJ4.Fld, SolrTestCaseJ4.FldType, SolrTestCaseJ4.FVal, SolrTestCaseJ4.IRange, SolrTestCaseJ4.IVals, SolrTestCaseJ4.IValsPercent, SolrTestCaseJ4.RandomizingCloudHttp2SolrClientBuilder, SolrTestCaseJ4.RandomizingCloudSolrClientBuilder, SolrTestCaseJ4.SuppressPointFields, SolrTestCaseJ4.SuppressSSL, SolrTestCaseJ4.SVal, SolrTestCaseJ4.Vals, SolrTestCaseJ4.XmlDoc

Nested classes/interfaces inherited from class org.apache.lucene.tests.util.LuceneTestCase

org.apache.lucene.tests.util.LuceneTestCase.AwaitsFix, org.apache.lucene.tests.util.LuceneTestCase.BadApple, org.apache.lucene.tests.util.LuceneTestCase.Monster, org.apache.lucene.tests.util.LuceneTestCase.Nightly, org.apache.lucene.tests.util.LuceneTestCase.SuppressCodecs, org.apache.lucene.tests.util.LuceneTestCase.SuppressFileSystems, org.apache.lucene.tests.util.LuceneTestCase.SuppressFsync, org.apache.lucene.tests.util.LuceneTestCase.SuppressReproduceLine, org.apache.lucene.tests.util.LuceneTestCase.SuppressSysoutChecks, org.apache.lucene.tests.util.LuceneTestCase.SuppressTempFileChecks, org.apache.lucene.tests.util.LuceneTestCase.ThrowingConsumer<T extends Object>, org.apache.lucene.tests.util.LuceneTestCase.ThrowingRunnable, org.apache.lucene.tests.util.LuceneTestCase.Weekly

Field Summary

Fields

Modifier and Type	Field	Description
static Predicate	NOT_NULL_PREDICATE

Fields inherited from class org.apache.solr.cloud.SolrCloudTestCase

cluster, DEFAULT_TIMEOUT, USE_PER_REPLICA_STATE

Fields inherited from class org.apache.solr.SolrTestCaseJ4

configString, CORE_PROPERTIES_FILENAME, coreName, DEAD_HOST_1, DEAD_HOST_2, DEAD_HOST_3, DEFAULT_CONNECTION_TIMEOUT, DEFAULT_TEST_COLLECTION_NAME, DEFAULT_TEST_CORENAME, h, hdfsDataDir, initCoreDataDir, lrf, NUMERIC_DOCVALUES_SYSPROP, NUMERIC_POINTS_SYSPROP, ONE_ONE, RANDOMIZED_NUMERIC_FIELDTYPES, schemaString, solrConfig, solrTestRules, sslConfig, SYSTEM_PROPERTY_SOLR_TESTS_MERGEPOLICYFACTORY, TEST_URL_ALLOW_LIST, testExecutor, testSolrHome, UPDATELOG_SYSPROP, USE_NUMERIC_POINTS_SYSPROP, ZERO_ONE, ZERO_TWO

Fields inherited from class org.apache.solr.SolrTestCase

solrClassRules

Fields inherited from class org.apache.lucene.tests.util.LuceneTestCase

assertsAreEnabled, classRules, DEFAULT_LINE_DOCS_FILE, INFOSTREAM, JENKINS_LARGE_LINE_DOCS_FILE, LEAVE_TEMPORARY, MAYBE_CACHE_POLICY, RANDOM_MULTIPLIER, ruleChain, suiteFailureMarker, SYSPROP_AWAITSFIX, SYSPROP_BADAPPLES, SYSPROP_FAILFAST, SYSPROP_MAXFAILURES, SYSPROP_MONSTER, SYSPROP_NIGHTLY, SYSPROP_WEEKLY, TEST_ASSERTS_ENABLED, TEST_AWAITSFIX, TEST_BADAPPLES, TEST_CODEC, TEST_DIRECTORY, TEST_DOCVALUESFORMAT, TEST_LINE_DOCS_FILE, TEST_MONSTER, TEST_NIGHTLY, TEST_POSTINGSFORMAT, TEST_THROTTLING, TEST_WEEKLY, VERBOSE

Constructor Summary

Constructors

Constructor	Description
SolrCloudAuthTestCase()

Method Summary

Modifier and Type	Method	Description
protected void	assertAuditMetricsMinimums(MiniSolrCloudCluster cluster, String className, int count, int errors)	Common test method to be able to check audit metrics
protected void	assertAuthMetricsMinimums(int requests, int authenticated, int passThrough, int failWrongCredentials, int failMissingCredentials, int errors)	Used to check metric counts for the AuthPlugin in use (except PKI)
protected void	assertPkiAuthMetricsMinimums(int requests, int authenticated, int passThrough, int failWrongCredentials, int failMissingCredentials, int errors)	Used to check metric counts for PKI auth
static void	disableMetrics()
static void	enableMetrics()
static Map<String,Object>	getAuthPluginsInUseForCluster(String url)	This helper method can be used by tests to monitor the current state of either "authentication" or "authorization" plugins in use each node of the current cluster.
protected static String	makeBasicAuthHeader(String user, String pwd)
static void	setAuthorizationHeader(org.apache.http.message.AbstractHttpMessage httpMsg, String headerString)
static void	verifySecurityStatus(org.apache.http.client.HttpClient cl, String url, String objPath, Object expected, int count)
protected static void	verifySecurityStatus(org.apache.http.client.HttpClient cl, String url, String objPath, Object expected, int count, String authHeader)
static void	verifySecurityStatus(org.apache.http.client.HttpClient cl, String url, String objPath, Object expected, int count, String user, String pwd)

Methods inherited from class org.apache.solr.cloud.SolrCloudTestCase

activeClusterShape, checkClusterConfiguration, clusterShape, configureCluster, containsLiveNode, ensureRunningJettys, getCollectionState, getCoreStatus, getRandomReplica, getRandomReplica, getRandomShard, mapReplicasToReplicaType, missingLiveNode, missingLiveNodes, shutdownCluster, waitForResponse, waitForState, waitForState, zkClient

Methods inherited from class org.apache.solr.SolrTestCaseJ4

add, addAndGetVersion, addDoc, adoc, adoc, assertExceptionThrownWithMessageContaining, assertFailedU, assertFailedU, assertFieldValues, assertJQ, assertJQ, assertNonBlockingRandomGeneratorAvailable, assertQ, assertQ, assertQEx, assertQEx, assertQEx, assertResponseValues, assertSolrInputFieldEquals, assertU, assertU, assertXmlFile, assumeWorkingMockito, buildJettyConfig, buildUrl, clearIndex, commit, compareSolrDocument, compareSolrDocumentList, compareSolrInputDocument, configset, copyMinConf, copyMinConf, copyMinConf, copyMinFullSetup, copySolrHomeToTemp, copyXmlToHome, createComparator, createComparator, createCore, createCoreContainer, createCoreContainer, createCoreContainer, createDefaultCoreContainer, createDistributedUpdateProcessor, createDoc, createSort, deleteAndGetVersion, deleteByQueryAndGetVersion, deleteCore, delI, delQ, doc, getClassName, getFile, getHttpClient, getHttpSolrClient, getRootCause, getSaferTestName, getSchemaFile, getSimpleClassName, getSolrConfigFile, getWrappedException, hasInitException, hasInitException, ignoreException, indexDocs, initAndGetDataDir, initClassLogLevels, initCore, initCore, initCore, initCore, initMethodLogLevels, invertField, isSSLMode, JQ, json, json, json, jsonAdd, jsonDelId, jsonDelQ, map, map, newRandomConfig, optimize, params, pickRandom, postSetUp, preTearDown, randomDate, randomSkewedDate, randomXmlUsableUnicodeString, req, req, req, resetExceptionIgnores, resetFactory, resetGlobalTracer, restoreMethodLogLevels, sdoc, sdocs, sdocWithChildren, sdocWithChildren, sdocWithChildren, setUp, setupNoCoreTest, setupTestCases, skewed, startTrackingSearchers, systemClearPropertySolrDisableUrlAllowList, systemClearPropertySolrTestsMergePolicyFactory, systemSetPropertySolrDisableUrlAllowList, systemSetPropertySolrTestsMergePolicyFactory, tearDown, teardownTestCases, TEST_COLL1_CONF, TEST_HOME, TEST_PATH, toJSON, unIgnoreException, updateJ, useFactory, waitForWarming, waitForWarming, whitespaceMockTokenizer, whitespaceMockTokenizer, writeCoreProperties, writeCoreProperties

Methods inherited from class org.apache.solr.SolrTestCase

assertJSONEquals, beforeSolrTestCase, checkSyspropForceBeforeAssumptionFailure, checkSyspropForceBeforeClassAssumptionFailure

Methods inherited from class org.apache.lucene.tests.util.LuceneTestCase

addVirusChecker, assertDeletedDocsEquals, assertDocsAndPositionsEnumEquals, assertDocsEnumEquals, assertDocsSkippingEquals, assertDocValuesEquals, assertDocValuesEquals, assertFieldInfosEquals, assertNormsEquals, assertPointsEquals, assertPositionsSkippingEquals, assertReaderEquals, assertReaderStatisticsEquals, assertStoredFieldEquals, assertStoredFieldsEquals, assertTermsEnumEquals, assertTermsEquals, assertTermsEquals, assertTermsStatisticsEquals, assertTermStatsEquals, assertTermVectorsEquals, asSet, assumeFalse, assumeNoException, assumeTrue, assumeWorkingMMapOnWindows, atLeast, atLeast, callStackContains, callStackContains, callStackContainsAnyOf, closeAfterSuite, closeAfterTest, collate, createTempDir, createTempDir, createTempFile, createTempFile, dumpArray, dumpIterator, ensureSaneIWCOnNightly, expectThrows, expectThrows, expectThrows, expectThrowsAnyOf, expectThrowsAnyOf, getDataInputStream, getDataPath, getJvmForkArguments, getOnlyLeafReader, getTestClass, getTestName, hasWorkingMMapOnWindows, isTestThread, localeForLanguageTag, maybeChangeLiveIndexWriterConfig, maybeWrapReader, newAlcoholicMergePolicy, newAlcoholicMergePolicy, newBytesRef, newBytesRef, newBytesRef, newBytesRef, newBytesRef, newBytesRef, newDirectory, newDirectory, newDirectory, newDirectory, newDirectory, newField, newField, newFSDirectory, newFSDirectory, newIndexWriterConfig, newIndexWriterConfig, newIndexWriterConfig, newIOContext, newIOContext, newLogMergePolicy, newLogMergePolicy, newLogMergePolicy, newLogMergePolicy, newLogMergePolicy, newMaybeVirusCheckingDirectory, newMaybeVirusCheckingFSDirectory, newMergePolicy, newMergePolicy, newMergePolicy, newMockDirectory, newMockDirectory, newMockDirectory, newMockFSDirectory, newMockFSDirectory, newSearcher, newSearcher, newSearcher, newSearcher, newStringField, newStringField, newStringField, newStringField, newTextField, newTextField, newTieredMergePolicy, newTieredMergePolicy, overrideDefaultQueryCache, overrideTestDefaultQueryCache, random, randomLocale, randomTimeZone, rarely, rarely, replaceMaxFailureRule, resetDefaultQueryCache, restoreCPUCoreCount, restoreIndexWriterMaxDocs, runWithRestrictedPermissions, setIndexWriterMaxDocs, setupCPUCoreCount, slowFileExists, usually, usually, wrapReader

Methods inherited from class org.junit.Assert

assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertArrayEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertEquals, assertFalse, assertFalse, assertNotEquals, assertNotEquals, assertNotEquals, assertNotEquals, assertNotEquals, assertNotEquals, assertNotEquals, assertNotEquals, assertNotNull, assertNotNull, assertNotSame, assertNotSame, assertNull, assertNull, assertSame, assertSame, assertThat, assertThat, assertThrows, assertThrows, assertTrue, assertTrue, fail, fail

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

NOT_NULL_PREDICATE

public static final Predicate NOT_NULL_PREDICATE

Constructor Detail

SolrCloudAuthTestCase

public SolrCloudAuthTestCase()

Method Detail

enableMetrics

public static void enableMetrics()

disableMetrics

public static void disableMetrics()

assertPkiAuthMetricsMinimums

protected void assertPkiAuthMetricsMinimums(int requests,
                                            int authenticated,
                                            int passThrough,
                                            int failWrongCredentials,
                                            int failMissingCredentials,
                                            int errors)
                                     throws InterruptedException

Used to check metric counts for PKI auth

Throws:

InterruptedException

assertAuthMetricsMinimums

protected void assertAuthMetricsMinimums(int requests,
                                         int authenticated,
                                         int passThrough,
                                         int failWrongCredentials,
                                         int failMissingCredentials,
                                         int errors)
                                  throws InterruptedException

Used to check metric counts for the AuthPlugin in use (except PKI)

TODO: many of these params have to be under specified - this should wait a bit to see the desired params and timeout

Throws:

InterruptedException

assertAuditMetricsMinimums

protected void assertAuditMetricsMinimums(MiniSolrCloudCluster cluster,
                                          String className,
                                          int count,
                                          int errors)
                                   throws InterruptedException

Common test method to be able to check audit metrics

Parameters:

className - the class name to be used for composing prefix, e.g. "SECURITY./auditlogging/SolrLogAuditLoggerPlugin"

Throws:

InterruptedException

verifySecurityStatus

public static void verifySecurityStatus(org.apache.http.client.HttpClient cl,
                                        String url,
                                        String objPath,
                                        Object expected,
                                        int count)
                                 throws Exception

Throws:

Exception

verifySecurityStatus

public static void verifySecurityStatus(org.apache.http.client.HttpClient cl,
                                        String url,
                                        String objPath,
                                        Object expected,
                                        int count,
                                        String user,
                                        String pwd)
                                 throws Exception

Throws:

Exception

verifySecurityStatus

protected static void verifySecurityStatus(org.apache.http.client.HttpClient cl,
                                           String url,
                                           String objPath,
                                           Object expected,
                                           int count,
                                           String authHeader)
                                    throws IOException,
                                           InterruptedException

Throws:

IOException

InterruptedException

makeBasicAuthHeader

protected static String makeBasicAuthHeader(String user,
                                            String pwd)

setAuthorizationHeader

public static void setAuthorizationHeader(org.apache.http.message.AbstractHttpMessage httpMsg,
                                          String headerString)

getAuthPluginsInUseForCluster

public static Map<String,Object> getAuthPluginsInUseForCluster(String url)

This helper method can be used by tests to monitor the current state of either "authentication" or "authorization" plugins in use each node of the current cluster.

This can be useful in a TimeOut.waitFor(java.lang.String, java.util.function.Supplier<java.lang.Boolean>) loop to monitor a cluster and "wait for" A change in security settings to affect all nodes by comparing the objects in the current Map with the one in use prior to executing some test command. (providing a work around for the security user experienence limitations identified in SOLR-13464 )

Parameters:

url - A REST url (or any arbitrary String) ending in "authentication" or "authorization" used to specify the type of plugins to introspect

Returns:

A Map from nodeName to auth plugin