From de286e9b8c27a7c0f89b9beaf04b80a6dd928801 Mon Sep 17 00:00:00 2001
From: Aidan Skinner <aidan@apache.org>
Date: Wed, 11 Nov 2009 22:59:29 +0000
Subject: QPID-2184: make sure global security plugins are reconfigured
 properly

ServerConfigurationTest: add test for reloading firewall config in main section,
not just as a combined file

FirewallConfigTest: add a systest for firewalls with real broker

QpidTestCase: add a reloadBroker() method

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@835115 13f79535-47bb-0310-9956-ffa450edef68
---
 .../configuration/ServerConfigurationTest.java     | 98 +++++++++++++++-------
 1 file changed, 66 insertions(+), 32 deletions(-)

(limited to 'java/broker/src/test')

diff --git a/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java b/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
index 5bd739c0af..23041061be 100644
--- a/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
+++ b/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
@@ -760,38 +760,8 @@ public class ServerConfigurationTest extends TestCase
      // Write out config
         File mainFile = File.createTempFile(getClass().getName(), null);
         mainFile.deleteOnExit();
-        FileWriter out = new FileWriter(mainFile);
-
-        out.write("<broker>\n");
-        out.write("\t<management><enabled>false</enabled></management>\n");
-        out.write("\t<security>\n");
-        out.write("\t\t<principal-databases>\n");
-        out.write("\t\t\t<principal-database>\n");
-        out.write("\t\t\t\t<name>passwordfile</name>\n");
-        out.write("\t\t\t\t<class>org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase</class>\n");
-        out.write("\t\t\t\t<attributes>\n");
-        out.write("\t\t\t\t\t<attribute>\n");
-        out.write("\t\t\t\t\t\t<name>passwordFile</name>\n");
-        out.write("\t\t\t\t\t\t<value>/dev/null</value>\n");
-        out.write("\t\t\t\t\t</attribute>\n");
-        out.write("\t\t\t\t</attributes>\n");
-        out.write("\t\t\t</principal-database>\n");
-        out.write("\t\t</principal-databases>\n");
-        out.write("\t\t<jmx>\n");
-        out.write("\t\t\t<access>/dev/null</access>\n");
-        out.write("\t\t\t<principal-database>passwordfile</principal-database>\n");
-        out.write("\t\t</jmx>\n");
-        out.write("\t\t<firewall>\n");
-        out.write("\t\t\t<rule access=\"deny\" network=\"127.0.0.1\"/>");
-        out.write("\t\t</firewall>\n");
-        out.write("\t</security>\n");
-        out.write("\t<virtualhosts>\n");
-        out.write("\t\t<virtualhost>\n");
-        out.write("\t\t\t<name>test</name>\n");
-        out.write("\t\t</virtualhost>\n");
-        out.write("\t</virtualhosts>\n");
-        out.write("</broker>\n");
-        out.close();
+        FileWriter out;
+        writeConfigFile(mainFile, false);
 
         // Load config
         ApplicationRegistry reg = new ConfigurationFileApplicationRegistry(mainFile);
@@ -882,6 +852,70 @@ public class ServerConfigurationTest extends TestCase
         session.setNetworkDriver(testDriver);
         assertFalse(reg.getAccessManager().authoriseConnect(session, virtualHost));
     }
+    
+    public void testConfigurationFirewallReload() throws Exception
+    {
+        // Write out config
+        File mainFile = File.createTempFile(getClass().getName(), null);
+
+        mainFile.deleteOnExit();        
+        writeConfigFile(mainFile, false);
+
+        // Load config
+        ApplicationRegistry reg = new ConfigurationFileApplicationRegistry(mainFile);
+        ApplicationRegistry.initialise(reg, 1);
+
+        // Test config
+        TestNetworkDriver testDriver = new TestNetworkDriver();
+        testDriver.setRemoteAddress("127.0.0.1");
+        VirtualHostRegistry virtualHostRegistry = reg.getVirtualHostRegistry();
+        VirtualHost virtualHost = virtualHostRegistry.getVirtualHost("test");
+        AMQProtocolSession session = new AMQProtocolEngine(virtualHostRegistry, testDriver);
+        
+        assertFalse(reg.getAccessManager().authoriseConnect(session, virtualHost));
+       
+        // Switch to deny the connection
+        writeConfigFile(mainFile, true);
+        
+        reg.getConfiguration().reparseConfigFile();
+
+        assertTrue(reg.getAccessManager().authoriseConnect(session, virtualHost));
+
+    }
+
+    private void writeConfigFile(File mainFile, boolean allow) throws IOException {
+        FileWriter out = new FileWriter(mainFile);
+        out.write("<broker>\n");
+        out.write("\t<management><enabled>false</enabled></management>\n");
+        out.write("\t<security>\n");
+        out.write("\t\t<principal-databases>\n");
+        out.write("\t\t\t<principal-database>\n");
+        out.write("\t\t\t\t<name>passwordfile</name>\n");
+        out.write("\t\t\t\t<class>org.apache.qpid.server.security.auth.database.PlainPasswordFilePrincipalDatabase</class>\n");
+        out.write("\t\t\t\t<attributes>\n");
+        out.write("\t\t\t\t\t<attribute>\n");
+        out.write("\t\t\t\t\t\t<name>passwordFile</name>\n");
+        out.write("\t\t\t\t\t\t<value>/dev/null</value>\n");
+        out.write("\t\t\t\t\t</attribute>\n");
+        out.write("\t\t\t\t</attributes>\n");
+        out.write("\t\t\t</principal-database>\n");
+        out.write("\t\t</principal-databases>\n");
+        out.write("\t\t<jmx>\n");
+        out.write("\t\t\t<access>/dev/null</access>\n");
+        out.write("\t\t\t<principal-database>passwordfile</principal-database>\n");
+        out.write("\t\t</jmx>\n");
+        out.write("\t\t<firewall>\n");
+        out.write("\t\t\t<rule access=\""+ ((allow) ? "allow" : "deny") +"\" network=\"127.0.0.1\"/>");
+        out.write("\t\t</firewall>\n");
+        out.write("\t</security>\n");
+        out.write("\t<virtualhosts>\n");
+        out.write("\t\t<virtualhost>\n");
+        out.write("\t\t\t<name>test</name>\n");
+        out.write("\t\t</virtualhost>\n");
+        out.write("\t</virtualhosts>\n");
+        out.write("</broker>\n");
+        out.close();
+    }
 
     public void testCombinedConfigurationFirewallReload() throws Exception
     {
-- 
cgit v1.2.1