diff options
| author | Alan Conway <aconway@apache.org> | 2010-06-10 21:01:40 +0000 |
|---|---|---|
| committer | Alan Conway <aconway@apache.org> | 2010-06-10 21:01:40 +0000 |
| commit | 933658193bf2856c0709bf4265d41e7651ff5fe9 (patch) | |
| tree | f35dd0eccbe9bc509c85390b9fad83643aba7f47 /cpp | |
| parent | b2143428187d4f7e98054fb647500ac0691cb76b (diff) | |
| download | qpid-python-933658193bf2856c0709bf4265d41e7651ff5fe9.tar.gz | |
Extended tests for cluster and security.
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@953453 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'cpp')
| -rwxr-xr-x | cpp/src/tests/cluster_tests.py | 50 |
1 files changed, 47 insertions, 3 deletions
diff --git a/cpp/src/tests/cluster_tests.py b/cpp/src/tests/cluster_tests.py index 3fb184c282..974c00b4dc 100755 --- a/cpp/src/tests/cluster_tests.py +++ b/cpp/src/tests/cluster_tests.py @@ -105,14 +105,58 @@ class ShortTests(BrokerTest): def test_sasl(self): """Test SASL authentication and encryption in a cluster""" sasl_config=os.path.join(self.rootdir, "sasl_config") - cluster = self.cluster(3, ["--auth", "yes", "--sasl-config", sasl_config]) - # Try a bad user ID + acl=os.path.join(os.getcwd(), "policy.acl") + aclf=file(acl,"w") + aclf.write(""" +acl deny zag@QPID create queue +acl allow all all +""") + aclf.close() + cluster = self.cluster(2, args=["--auth", "yes", + "--sasl-config", sasl_config, + "--load-module", os.getenv("ACL_LIB"), + "--acl-file", acl]) + + # Valid user/password, ensure queue is created. + c = cluster[0].connect(username="zig", password="zig") + c.session().sender("ziggy;{create:always}") + c.close() + c = cluster[1].connect(username="zig", password="zig") + c.session().receiver("ziggy;{assert:always}") + c.close() + for b in cluster: b.ready() # Make sure all brokers still running. + + # Valid user, bad password + try: + cluster[0].connect(username="zig", password="foo").close() + self.fail("Expected exception") + except messaging.exceptions.ConnectionError: pass + for b in cluster: b.ready() # Make sure all brokers still running. + + # Bad user ID try: - c = messaging.Connection.establish("nosuch/user@%s"%(cluster[0].host_port())) + cluster[0].connect(username="foo", password="bar").close() self.fail("Expected exception") except messaging.exceptions.ConnectionError: pass for b in cluster: b.ready() # Make sure all brokers still running. + # Action disallowed by ACL + c = cluster[0].connect(username="zag", password="zag") + try: + s = c.session() + s.sender("zaggy;{create:always}") + s.close() + self.fail("Expected exception") + except messaging.exceptions.UnauthorizedAccess: pass + # make sure the queue was not created at the other node. + c = cluster[0].connect(username="zag", password="zag") + try: + s = c.session() + s.sender("zaggy;{assert:always}") + s.close() + self.fail("Expected exception") + except messaging.exceptions.NotFound: pass + class LongTests(BrokerTest): """Tests that can run for a long time if -DDURATION=<minutes> is set""" |