CapturingLogAppender cla = new CapturingLogAppender(); try (Closeable c = cla.attach()){ Stopwatch s = Stopwatch.createStarted(); while (s.elapsed(TimeUnit.SECONDS) < secondsToRun && cla.getAppendedText().contains("NullPointerException")); assertFalse("log contained SSLException", cla.getAppendedText().contains("SSLException")); assertFalse("log contained IllegalStateException", cla.getAppendedText().contains("IllegalStateException"));
/** * Test that, if the ticket cache is refreshed but contains a different principal * from the original one, we will not accept it. */ @Test(timeout=300000) public void testDoNotSwitchPrincipalsInExistingClient() throws Exception { startCluster(ImmutableSet.of(Option.SHORT_TOKENS_AND_TICKETS)); // Switch the ticket cache to a different user. miniCluster.kinit("test-user"); try (Closeable c = cla.attach()) { // We should eventually fail to connect because the initial credentials will // have expired and the client should refuse to refresh credentials with a // different principal. assertEventualAuthenticationFailure(client, "server requires authentication, but " + "client Kerberos credentials (TGT) have expired"); } Assert.assertThat(cla.getAppendedText(), CoreMatchers.containsString( "found that the new Kerberos principal test-user@KRBTEST.COM " + "did not match the original principal test-admin@KRBTEST.COM")); }
@After public void checkLogs() throws IOException { claAttach.close(); String log = cla.getAppendedText(); assertFalse("Log should not contain Netty internals", log.contains("socket.nio.AbstractNioSelector")); }
@Before public void setUp() { client = harness.getClient(); asyncClient = harness.getAsyncClient(); claAttach = cla.attach(); }
startCluster(ImmutableSet.of(Option.SHORT_TOKENS_AND_TICKETS)); Stopwatch timeSinceKinit = Stopwatch.createStarted(); try (Closeable c = cla.attach()) { for (Stopwatch sw = Stopwatch.createStarted(); sw.elapsed(TimeUnit.SECONDS) < RENEWABLE_LIFETIME_SECS * 2;) { Assert.assertThat(cla.getAppendedText(), CoreMatchers.containsString( "Successfully refreshed Kerberos credentials from ticket cache"));
/** * Regression test for some log spew which occurred in short-lived client instances which * had outbound connections. */ @Test(timeout = 100000) public void testCloseShortlyAfterOpen() throws Exception { CapturingLogAppender cla = new CapturingLogAppender(); try (Closeable c = cla.attach()) { try (KuduClient localClient = new KuduClient.KuduClientBuilder(harness.getMasterAddressesAsString()).build()) { // Force the client to connect to the masters. localClient.exportAuthenticationCredentials(); } } // Ensure there is no log spew due to an unexpected lost connection. String exception_text = cla.getAppendedText(); assertFalse("Unexpected exception:\n" + exception_text, exception_text.contains("lost connection to peer")); }
try (Closeable c = cla.attach()) { Assert.assertThat(cla.getAppendedText(), CoreMatchers.containsString( "Using caller-provided subject with Kerberos principal test-admin@KRBTEST.COM."));
.addMasterServerFlag("--user-acl=*"); CapturingLogAppender cla = new CapturingLogAppender(); try (MiniKuduCluster cluster = clusterBuilder.build()) { cluster.kdestroy(); try (Closeable c = cla.attach(); KuduClient client = new KuduClient.KuduClientBuilder(cluster.getMasterAddressesAsString()) .build() assertTrue(cla.getAppendedText(), cla.getAppendedText().contains("Client requested to use mechanism: PLAIN"));
/** * Test that, if an externally-provided subject is used when the client * is created, the client will not attempt to refresh anything, and will * eventually fail with appropriate warnings in the log. */ @Test(timeout=300000) public void testExternallyProvidedSubjectExpires() throws Exception { startCluster(ImmutableSet.of(Option.SHORT_TOKENS_AND_TICKETS)); Subject subject = SecurityUtil.getSubjectFromTicketCacheOrNull(); Assert.assertNotNull(subject); try (Closeable c = cla.attach()) { // Create a client attached to our own subject. KuduClient newClient = createClientFromSubject(subject); // It should not get auto-refreshed. try { assertEventualAuthenticationFailure(newClient, "server requires authentication, but " + "client Kerberos credentials (TGT) have expired"); } finally { newClient.close(); } } Assert.assertThat(cla.getAppendedText(), CoreMatchers.containsString( "Using caller-provided subject with Kerberos principal test-admin@KRBTEST.COM.")); Assert.assertThat(cla.getAppendedText(), CoreMatchers.containsString( "Caller-provided Subject has a Kerberos ticket that is about to expire")); }
/** * Test that, if the masters are down when we attempt to connect, we don't end up * logging any nonsensical stack traces including Netty internals. */ @Test(timeout = 100000) public void testNoLogSpewOnConnectionRefused() throws Exception { CapturingLogAppender cla = new CapturingLogAppender(); try (Closeable c = cla.attach()) { harness.killAllMasterServers(); try (KuduClient localClient = new KuduClient.KuduClientBuilder(harness.getMasterAddressesAsString()).build()) { // Force the client to connect to the masters. localClient.exportAuthenticationCredentials(); fail("Should have failed to connect."); } catch (NoLeaderFoundException e) { assertTrue("Bad exception string: " + e.getMessage(), e.getMessage().matches(".*Master config .+ has no leader. " + "Exceptions received:.*Connection refused.*Connection refused" + ".*Connection refused.*")); } } finally { harness.startAllMasterServers(); } // Ensure there is no log spew due to an unexpected lost connection. String logText = cla.getAppendedText(); assertFalse("Should not claim to have lost a connection in the log", logText.contains("lost connection to peer")); assertFalse("Should not have netty spew in log", logText.contains("socket.nio.AbstractNioSelector")); }