Skip to content

Commit

Permalink
Support using DIGEST-MD5 as the SASL mechanism for ElasticJob `Coordi…
Browse files Browse the repository at this point in the history
…natorRegistryCenter` under GraalVM Native Image
  • Loading branch information
linghengqian committed Oct 10, 2024
1 parent b03ad56 commit bc9d023
Show file tree
Hide file tree
Showing 8 changed files with 200 additions and 20 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -48,16 +48,15 @@ public class ExampleUtils {
Configuration configuration = new Configuration() {
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(final String name) {
Map<String, String> options = new HashMap<>();
options.put("username", "bob");
options.put("password", "bobsecret");
AppConfigurationEntry entry = new AppConfigurationEntry(
Map<String, String> conf = new HashMap<>();
conf.put("username", "bob");
conf.put("password", "bobsecret");
AppConfigurationEntry[] entries = new AppConfigurationEntry[1];
entries[0] = new AppConfigurationEntry(
"org.apache.zookeeper.server.auth.DigestLoginModule",
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
options);
AppConfigurationEntry[] array = new AppConfigurationEntry[1];
array[0] = entry;
return array;
conf);
return entries;
}
};
Configuration.setConfiguration(configuration);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -52,16 +52,15 @@ public class ExampleUtils {
Configuration configuration = new Configuration() {
@Override
public AppConfigurationEntry[] getAppConfigurationEntry(final String name) {
Map<String, String> options = new HashMap<>();
options.put("username", "bob");
options.put("password", "bobsecret");
AppConfigurationEntry entry = new AppConfigurationEntry(
Map<String, String> conf = new HashMap<>();
conf.put("username", "bob");
conf.put("password", "bobsecret");
AppConfigurationEntry[] entries = new AppConfigurationEntry[1];
entries[0] = new AppConfigurationEntry(
"org.apache.zookeeper.server.auth.DigestLoginModule",
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
options);
AppConfigurationEntry[] array = new AppConfigurationEntry[1];
array[0] = entry;
return array;
conf);
return entries;
}
};
Configuration.setConfiguration(configuration);
Expand Down
23 changes: 19 additions & 4 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,7 @@
<mockito.version>4.11.0</mockito.version>
<awaitility.version>4.2.0</awaitility.version>
<bytebuddy.version>1.14.18</bytebuddy.version>
<testcontainers-bom.version>1.20.1</testcontainers-bom.version>

<h2.version>2.2.224</h2.version>
<hikari-cp.version>4.0.3</hikari-cp.version>
Expand Down Expand Up @@ -350,6 +351,13 @@
<version>${awaitility.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.testcontainers</groupId>
<artifactId>testcontainers-bom</artifactId>
<version>${testcontainers-bom.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>

<dependency>
<groupId>com.h2database</groupId>
Expand Down Expand Up @@ -951,8 +959,8 @@
<defaultMode>Conditional</defaultMode>
<modes>
<conditional>
<userCodeFilterPath>${user.dir}/test/native/native-image-filter/user-code-filter.json</userCodeFilterPath>
<extraFilterPath>${user.dir}/test/native/native-image-filter/extra-filter.json</extraFilterPath>
<userCodeFilterPath>${user.dir}/test/native/native-image-filter/user-code-filter-zookeeper.json</userCodeFilterPath>
<extraFilterPath>${user.dir}/test/native/native-image-filter/extra-filter-zookeeper.json</extraFilterPath>
<parallel>true</parallel>
</conditional>
</modes>
Expand All @@ -961,7 +969,7 @@
<stage>main</stage>
</disabledStages>
<merge>false</merge>
<outputDirectory>${user.dir}/reachability-metadata/src/main/resources/META-INF/native-image/org.apache.shardingsphere.elasticjob/generated-reachability-metadata/</outputDirectory>
<outputDirectory>${user.dir}/reachability-metadata/src/main/resources/META-INF/native-image/org.apache.zookeeper/zookeeper/3.9.2/</outputDirectory>
</metadataCopy>
</agent>
</configuration>
Expand Down Expand Up @@ -995,7 +1003,7 @@
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<includes>
<include>org.apache.shardingsphere.elasticjob.test.natived.**</include>
<include>org.apache.shardingsphere.elasticjob.test.natived.it.staticd.ZookeeperAuthTest</include>
</includes>
</configuration>
</plugin>
Expand All @@ -1006,6 +1014,13 @@
<extensions>true</extensions>
<configuration>
<quickBuild>true</quickBuild>
<buildArgs>
<buildArg>-H:AdditionalSecurityProviders=com.sun.security.sasl.Provider</buildArg>
<buildArg>-H:AdditionalSecurityProviders=com.sun.security.sasl.gsskerb.JdkSASL</buildArg>
<buildArg>-H:+UnlockExperimentalVMOptions</buildArg>
<buildArg>-H:ThrowMissingRegistrationErrors=</buildArg>
<buildArg>-H:MissingRegistrationReportingMode=Warn</buildArg>
</buildArgs>
</configuration>
<executions>
<execution>
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
[
{
"condition":{"typeReachable":"com.github.dockerjava.api.model.RuntimeInfo"},
"name":"com.github.dockerjava.api.model.RuntimeInfo",
"allPublicConstructors": true
}
]
5 changes: 5 additions & 0 deletions test/native/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,11 @@
<artifactId>curator-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.testcontainers</groupId>
<artifactId>junit-jupiter</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,126 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership.
* The ASF licenses this file to You under the Apache License, Version 2.0
* (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

package org.apache.shardingsphere.elasticjob.test.natived.it.staticd;

import com.zaxxer.hikari.HikariConfig;
import com.zaxxer.hikari.HikariDataSource;
import org.apache.shardingsphere.elasticjob.api.JobConfiguration;
import org.apache.shardingsphere.elasticjob.bootstrap.type.ScheduleJobBootstrap;
import org.apache.shardingsphere.elasticjob.kernel.tracing.config.TracingConfiguration;
import org.apache.shardingsphere.elasticjob.reg.base.CoordinatorRegistryCenter;
import org.apache.shardingsphere.elasticjob.reg.zookeeper.ZookeeperConfiguration;
import org.apache.shardingsphere.elasticjob.reg.zookeeper.ZookeeperRegistryCenter;
import org.apache.shardingsphere.elasticjob.test.natived.commons.job.simple.JavaSimpleJob;
import org.junit.jupiter.api.AfterAll;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.condition.EnabledInNativeImage;
import org.testcontainers.containers.GenericContainer;
import org.testcontainers.images.builder.Transferable;
import org.testcontainers.junit.jupiter.Container;
import org.testcontainers.junit.jupiter.Testcontainers;
import org.testcontainers.utility.MountableFile;

import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.sql.DataSource;
import java.time.Duration;
import java.util.HashMap;
import java.util.Map;

import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;

@EnabledInNativeImage
@Testcontainers
public class ZookeeperAuthTest {

@SuppressWarnings("resource")
@Container
private static final GenericContainer<?> CONTAINER = new GenericContainer<>("zookeeper:3.9.2")
.withCopyFileToContainer(
MountableFile.forClasspathResource("test-native/conf/jaas-server-test-native.conf", Transferable.DEFAULT_FILE_MODE),
"/jaas-server-test-native.conf")
.withEnv("JVMFLAGS", "-Djava.security.auth.login.config=/jaas-server-test-native.conf")
.withEnv("ZOO_CFG_EXTRA", "authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider sessionRequireClientSASLAuth=true")
.withExposedPorts(2181);

@BeforeAll
static void beforeAll() {
Configuration.setConfiguration(new Configuration() {

@Override
public AppConfigurationEntry[] getAppConfigurationEntry(final String name) {
Map<String, String> conf = new HashMap<>();
conf.put("username", "bob");
conf.put("password", "bobsecret");
AppConfigurationEntry[] entries = new AppConfigurationEntry[1];
entries[0] = new AppConfigurationEntry(
"org.apache.zookeeper.server.auth.DigestLoginModule",
AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
conf);
return entries;
}
});
}

@AfterAll
static void afterAll() {
Configuration.setConfiguration(null);
}

/**
* For {@link org.apache.curator.test.TestingServer}, a lot of system properties are set in the background,
* refer to
* <a href="https://github.com/apache/zookeeper/blob/release-3.9.2/zookeeper-server/src/test/java/org/apache/zookeeper/test/SaslDigestAuthOverSSLTest.java">SaslDigestAuthOverSSLTest.java</a> .
* Therefore, in order to test Zookeeper Server with SASL mechanism enabled under ElasticJob {@link CoordinatorRegistryCenter},
* ElasticJob should never start Zookeeper Server through {@link org.apache.curator.test.TestingServer}.
* Running Zookeeper Server and Curator Client in the same JVM process will pollute system properties.
* For more information on this unit test,
* refer to <a href="https://zookeeper.apache.org/doc/r3.9.2/zookeeperAdmin.html">ZooKeeper Administrator's Guide</a> and
* <a href="https://cwiki.apache.org/confluence/display/ZOOKEEPER/ZooKeeper+and+SASL">ZooKeeper and SASL</a> .
*
* @throws Exception exception
*/
@Test
void testSaslDigestMd5() throws Exception {
String connectionString = CONTAINER.getHost() + ":" + CONTAINER.getMappedPort(2181);
Thread.sleep(Duration.ofSeconds(5L).toMillis());
CoordinatorRegistryCenter regCenter = new ZookeeperRegistryCenter(
new ZookeeperConfiguration(connectionString, "elasticjob-test-native-sasl-digest-md5"));
regCenter.init();
HikariConfig hikariConfig = new HikariConfig();
hikariConfig.setDriverClassName("org.h2.Driver");
hikariConfig.setJdbcUrl("jdbc:h2:mem:job_event_storage");
hikariConfig.setUsername("sa");
hikariConfig.setPassword("");
TracingConfiguration<DataSource> tracingConfig = new TracingConfiguration<>("RDB", new HikariDataSource(hikariConfig));
ScheduleJobBootstrap jobBootstrap = new ScheduleJobBootstrap(
regCenter,
new JavaSimpleJob(),
JobConfiguration.newBuilder("testSaslDigestMd5", 3)
.cron("0/5 * * * * ?")
.shardingItemParameters("0=Norddorf,1=Bordeaux,2=Somerset")
.addExtraConfigurations(tracingConfig)
.build());
assertDoesNotThrow(() -> {
jobBootstrap.schedule();
jobBootstrap.shutdown();
});
regCenter.close();
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
{
"resources":{
"includes":[{
"condition":{"typeReachable":"org.apache.shardingsphere.elasticjob.test.natived.it.staticd.ZookeeperAuthTest"},
"pattern":".*test-native/conf/.+\\.conf$"
}]},
"bundles":[]
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
//
// Licensed to the Apache Software Foundation (ASF) under one or more
// contributor license agreements. See the NOTICE file distributed with
// this work for additional information regarding copyright ownership.
// The ASF licenses this file to You under the Apache License, Version 2.0
// (the "License"); you may not use this file except in compliance with
// the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//

Server {
org.apache.zookeeper.server.auth.DigestLoginModule required
user_bob="bobsecret";
};

0 comments on commit bc9d023

Please sign in to comment.