-
Notifications
You must be signed in to change notification settings - Fork 685
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
GEODE-9758: Add internal serial filter API (#7217)
GEODE-9758: Add internal serial filter API #7217 Expand ObjectInputStreamFilterWrapper to be an internal API which supports all of Geode's uses of Java's ObjectInputFilter. Introduce a new system property, geode.enableGlobalSerialFilter, to enable a process-wide filter with all serializable Geode classes on the classpath and the value of serializable-object-filter accept-listed. To enable the process-wide filter with GFSH start commands, add: * --J=-Dgeode.enableGlobalSerialFilter=true Functional Capabilities The internal API lives in geode-serialization and works on OpenJDK based JREs providing a facade for Java's ObjectInputFilter in Java 8 and Java 9 or greater using reflection. The API provides the following capabilities: * creating an ObjectInputFilter * setting an ObjectInputFilter on an ObjectInputStream * getting an ObjectInputFilter from a ObjectInputStream * setting a process-wide ObjectInputFilter * getting a process-wide ObjectInputFilter Design Notes The API defines the following primary interface types: * factory interfaces for creating instances of types within the API * filter interfaces to split out single ops from Java's ObjectInputFilter * configuration interfaces for handling system properties, logging, and config validation The concrete classes in the API receive parameters injected via a constructor for any collaborators that are not specified by the interfaces. This is intentional even when the instance is only used once before de-referencing it. All collaborators that are defined in the interface are passed in as parameters to the implementing method; all others are passed in via the constructor and stored as fields.
- Loading branch information
Showing
101 changed files
with
6,070 additions
and
1,392 deletions.
There are no files selected for viewing
138 changes: 138 additions & 0 deletions
138
...a/org/apache/geode/serialization/filter/StartLocatorGlobalSerialFilterAcceptanceTest.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,138 @@ | ||
| /* | ||
| * Licensed to the Apache Software Foundation (ASF) under one or more contributor license | ||
| * agreements. See the NOTICE file distributed with this work for additional information regarding | ||
| * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the | ||
| * "License"); you may not use this file except in compliance with the License. You may obtain a | ||
| * copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software distributed under the License | ||
| * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express | ||
| * or implied. See the License for the specific language governing permissions and limitations under | ||
| * the License. | ||
| */ | ||
| package org.apache.geode.serialization.filter; | ||
|
|
||
| import static org.apache.geode.internal.AvailablePortHelper.getRandomAvailableTCPPorts; | ||
| import static org.apache.geode.test.assertj.LogFileAssert.assertThat; | ||
| import static org.apache.geode.test.awaitility.GeodeAwaitility.await; | ||
|
|
||
| import java.nio.file.Path; | ||
|
|
||
| import org.junit.Before; | ||
| import org.junit.Rule; | ||
| import org.junit.Test; | ||
|
|
||
| import org.apache.geode.test.junit.rules.RequiresGeodeHome; | ||
| import org.apache.geode.test.junit.rules.gfsh.GfshRule; | ||
|
|
||
| public class StartLocatorGlobalSerialFilterAcceptanceTest { | ||
|
|
||
| @Rule | ||
| public RequiresGeodeHome requiresGeodeHome = new RequiresGeodeHome(); | ||
| @Rule | ||
| public GfshRule gfshRule = new GfshRule(); | ||
|
|
||
| private Path locatorFolder; | ||
| private int locatorPort; | ||
| private int locatorJmxPort; | ||
| private Path locatorLogFile; | ||
|
|
||
| @Before | ||
| public void setUpFiles() { | ||
| locatorFolder = gfshRule.getTemporaryFolder().getRoot().toPath().toAbsolutePath(); | ||
| locatorLogFile = locatorFolder.resolve("locator.log"); | ||
| } | ||
|
|
||
| @Before | ||
| public void setUpPorts() { | ||
| int[] ports = getRandomAvailableTCPPorts(2); | ||
| locatorPort = ports[0]; | ||
| locatorJmxPort = ports[1]; | ||
| } | ||
|
|
||
| @Test | ||
| public void startDoesNotConfigureGlobalSerialFilter_byDefault() { | ||
| String startLocatorCommand = String.join(" ", | ||
| "start locator", | ||
| "--name=locator", | ||
| "--dir=" + locatorFolder, | ||
| "--port=" + locatorPort, | ||
| "--J=-Dgemfire.jmx-manager-port=" + locatorJmxPort); | ||
|
|
||
| gfshRule.execute(startLocatorCommand); | ||
|
|
||
| await().untilAsserted(() -> { | ||
| assertThat(locatorLogFile.toFile()) | ||
| .as(locatorLogFile.toFile().getAbsolutePath()) | ||
| .exists() | ||
| .doesNotContain("Global serial filter is now configured.") | ||
| .doesNotContain("jdk.serialFilter"); | ||
| }); | ||
| } | ||
|
|
||
| @Test | ||
| public void startDoesNotConfigureGlobalSerialFilter_whenJdkSerialFilterIsNotBlank() { | ||
| String startLocatorCommand = String.join(" ", | ||
| "start locator", | ||
| "--name=locator", | ||
| "--dir=" + locatorFolder, | ||
| "--port=" + locatorPort, | ||
| "--J=-Dgemfire.jmx-manager-port=" + locatorJmxPort, | ||
| "--J=-Djdk.serialFilter=*"); | ||
|
|
||
| gfshRule.execute(startLocatorCommand); | ||
|
|
||
| await().untilAsserted(() -> { | ||
| assertThat(locatorLogFile.toFile()) | ||
| .as(locatorLogFile.toFile().getAbsolutePath()) | ||
| .exists() | ||
| .doesNotContain("Global serial filter is now configured.") | ||
| .contains("jdk.serialFilter"); | ||
| }); | ||
| } | ||
|
|
||
| @Test | ||
| public void startConfiguresGlobalSerialFilter_whenEnableGlobalSerialFilterIsTrue() { | ||
| String startLocatorCommand = String.join(" ", | ||
| "start locator", | ||
| "--name=locator", | ||
| "--dir=" + locatorFolder, | ||
| "--port=" + locatorPort, | ||
| "--J=-Dgemfire.jmx-manager-port=" + locatorJmxPort, | ||
| "--J=-Dgeode.enableGlobalSerialFilter=true"); | ||
|
|
||
| gfshRule.execute(startLocatorCommand); | ||
|
|
||
| await().untilAsserted(() -> { | ||
| assertThat(locatorLogFile.toFile()) | ||
| .as(locatorLogFile.toFile().getAbsolutePath()) | ||
| .exists() | ||
| .contains("Global serial filter is now configured.") | ||
| .doesNotContain("jdk.serialFilter"); | ||
| }); | ||
| } | ||
|
|
||
| @Test | ||
| public void startDoesNotConfigureGlobalSerialFilter_whenEnableGlobalSerialFilterIsTrue_andJdkSerialFilterIsNotBlank() { | ||
| String startLocatorCommand = String.join(" ", | ||
| "start locator", | ||
| "--name=locator", | ||
| "--dir=" + locatorFolder, | ||
| "--port=" + locatorPort, | ||
| "--J=-Dgemfire.jmx-manager-port=" + locatorJmxPort, | ||
| "--J=-Dgeode.enableGlobalSerialFilter=true", | ||
| "--J=-Djdk.serialFilter=*"); | ||
|
|
||
| gfshRule.execute(startLocatorCommand); | ||
|
|
||
| await().untilAsserted(() -> { | ||
| assertThat(locatorLogFile.toFile()) | ||
| .as(locatorLogFile.toFile().getAbsolutePath()) | ||
| .exists() | ||
| .doesNotContain("Global serial filter is now configured.") | ||
| .contains("jdk.serialFilter"); | ||
| }); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.