From 85a29bf3767ca1c96a5f690e892b1f80b06a2403 Mon Sep 17 00:00:00 2001 From: Pontus Melke Date: Wed, 17 Feb 2016 10:10:17 +0100 Subject: [PATCH] Refactor how AuthManager is intitialized --- .../org/neo4j/bolt/BoltKernelExtension.java | 3 +- .../factory/GraphDatabaseSettings.java | 9 ++++- .../impl/factory/CommunityEditionModule.java | 34 ++++++++++--------- .../AbstractInProcessServerBuilder.java | 2 +- .../org/neo4j/server/AbstractNeoServer.java | 34 +++++++++++-------- .../java/org/neo4j/server/Bootstrapper.java | 2 +- .../org/neo4j/server/CommunityNeoServer.java | 2 +- .../server/configuration/ServerSettings.java | 6 ---- .../server/modules/AuthorizationModule.java | 13 +++---- .../server/rest/dbms/AuthorizationFilter.java | 9 ++--- .../neo4j/server/BaseBootstrapperTest.java | 6 ++-- .../org/neo4j/server/ServerTestUtils.java | 5 +-- .../helpers/CommunityServerBuilder.java | 3 +- .../rest/dbms/AuthorizationFilterTest.java | 20 +++++------ .../rest/discovery/DiscoveryServiceTest.java | 3 +- .../rest/security/AuthenticationDocIT.java | 6 ++-- .../server/rest/security/UsersDocIT.java | 7 ++-- .../auth/AuthorizationDisabledIT.java | 7 ++-- .../auth/AuthorizationWhitelistIT.java | 8 ++--- 19 files changed, 94 insertions(+), 85 deletions(-) diff --git a/community/bolt/src/main/java/org/neo4j/bolt/BoltKernelExtension.java b/community/bolt/src/main/java/org/neo4j/bolt/BoltKernelExtension.java index 617ee50f58ecd..45f8de3c1c878 100644 --- a/community/bolt/src/main/java/org/neo4j/bolt/BoltKernelExtension.java +++ b/community/bolt/src/main/java/org/neo4j/bolt/BoltKernelExtension.java @@ -88,8 +88,7 @@ public static class Settings public static final Function> connector_group = Config.groups( "dbms.connector" ); @Description( "Enable Neo4j Bolt" ) - public static final Setting enabled = - setting( "enabled", BOOLEAN, "false" ); + public static final Setting enabled = setting( "enabled", BOOLEAN, "false" ); @Description( "Set the encryption level for Neo4j Bolt protocol ports" ) public static final Setting tls_level = diff --git a/community/kernel/src/main/java/org/neo4j/graphdb/factory/GraphDatabaseSettings.java b/community/kernel/src/main/java/org/neo4j/graphdb/factory/GraphDatabaseSettings.java index 6859cd3083939..81ff01c27416a 100644 --- a/community/kernel/src/main/java/org/neo4j/graphdb/factory/GraphDatabaseSettings.java +++ b/community/kernel/src/main/java/org/neo4j/graphdb/factory/GraphDatabaseSettings.java @@ -257,7 +257,7 @@ public abstract class GraphDatabaseSettings @Description("Size of buffer used by index sampling") public static final Setting index_sampling_buffer_size = setting("index_sampling_buffer_size", BYTES, "64m", - min( /* 1m */ 1048576l ), max( (long) Integer.MAX_VALUE ) ); + min( /* 1m */ 1048576L ), max( (long) Integer.MAX_VALUE ) ); @Description("Percentage of index updates of total index size required before sampling of a given index is triggered") public static final Setting index_sampling_update_percentage = @@ -426,4 +426,11 @@ private static String defaultPageCacheMemory() @Internal public static final Setting batch_inserter_batch_size = setting( "batch_inserter_batch_size", INTEGER, "10000" ); + + @Description("Enable auth requirement to access Neo4j.") + public static final Setting auth_enabled = setting( "dbms.security.auth_enabled", BOOLEAN, "true" ); + + @Internal + public static final Setting auth_store = setting("dbms.security.auth_store.location", PATH, "data/dbms/auth"); + } diff --git a/community/kernel/src/main/java/org/neo4j/kernel/impl/factory/CommunityEditionModule.java b/community/kernel/src/main/java/org/neo4j/kernel/impl/factory/CommunityEditionModule.java index e9cf9636162ec..5e4744f505eb9 100644 --- a/community/kernel/src/main/java/org/neo4j/kernel/impl/factory/CommunityEditionModule.java +++ b/community/kernel/src/main/java/org/neo4j/kernel/impl/factory/CommunityEditionModule.java @@ -31,7 +31,6 @@ import org.neo4j.kernel.KernelData; import org.neo4j.kernel.NeoStoreDataSource; import org.neo4j.kernel.Version; -import org.neo4j.kernel.api.exceptions.InvalidTransactionTypeKernelException; import org.neo4j.kernel.configuration.Config; import org.neo4j.kernel.impl.api.SchemaWriteGuard; import org.neo4j.kernel.impl.api.index.RemoveOrphanConstraintIndexesOnStartup; @@ -56,10 +55,14 @@ import org.neo4j.kernel.impl.transaction.state.DataSourceManager; import org.neo4j.kernel.lifecycle.LifeSupport; import org.neo4j.kernel.lifecycle.Lifecycle; -import org.neo4j.kernel.lifecycle.LifecycleListener; import org.neo4j.kernel.lifecycle.LifecycleStatus; +import org.neo4j.logging.LogProvider; +import org.neo4j.server.security.auth.AuthManager; +import org.neo4j.server.security.auth.FileUserRepository; import org.neo4j.udc.UsageData; +import static java.time.Clock.systemUTC; + /** * This implementation of {@link org.neo4j.kernel.impl.factory.EditionModule} creates the implementations of services @@ -96,6 +99,7 @@ public CommunityEditionModule( PlatformModule platformModule ) dependencies.satisfyDependency( createKernelData( fileSystem, pageCache, storeDir, config, graphDatabaseFacade, life ) ); + dependencies.satisfyDependencies( createAuthManager(config, life, logging.getUserLogProvider()) ); commitProcessFactory = new CommunityCommitProcessFactory(); headerInformationFactory = createHeaderInformationFactory(); @@ -120,12 +124,7 @@ protected ConstraintSemantics createSchemaRuleVerifier() protected SchemaWriteGuard createSchemaWriteGuard() { - return new SchemaWriteGuard() - { - @Override - public void assertSchemaWritesAllowed() throws InvalidTransactionTypeKernelException - { - } + return () -> { }; } @@ -174,6 +173,14 @@ protected KernelData createKernelData( FileSystemAbstraction fileSystem, PageCac return life.add( new DefaultKernelData( fileSystem, pageCache, storeDir, config, graphAPI ) ); } + private AuthManager createAuthManager(Config config, LifeSupport life, LogProvider logProvider) + { + FileUserRepository users = life.add( new FileUserRepository( config.get( GraphDatabaseSettings.auth_store ).toPath(), logProvider ) ); + + return life.add(new AuthManager( users, systemUTC(), config.get( GraphDatabaseSettings.auth_enabled ))); + + } + protected IdGeneratorFactory createIdGeneratorFactory( FileSystemAbstraction fs ) { return new DefaultIdGeneratorFactory( fs ); @@ -219,15 +226,10 @@ protected TransactionHeaderInformationFactory createHeaderInformationFactory() protected void registerRecovery( final DatabaseInfo databaseInfo, LifeSupport life, final DependencyResolver dependencyResolver ) { - life.addLifecycleListener( new LifecycleListener() - { - @Override - public void notifyStatusChanged( Object instance, LifecycleStatus from, LifecycleStatus to ) + life.addLifecycleListener( ( instance, from, to ) -> { + if ( instance instanceof DatabaseAvailability && to.equals( LifecycleStatus.STARTED ) ) { - if ( instance instanceof DatabaseAvailability && to.equals( LifecycleStatus.STARTED ) ) - { - doAfterRecoveryAndStartup( databaseInfo, dependencyResolver ); - } + doAfterRecoveryAndStartup( databaseInfo, dependencyResolver ); } } ); } diff --git a/community/neo4j-harness/src/main/java/org/neo4j/harness/internal/AbstractInProcessServerBuilder.java b/community/neo4j-harness/src/main/java/org/neo4j/harness/internal/AbstractInProcessServerBuilder.java index 4523e03c10e75..53d1c22ecf897 100644 --- a/community/neo4j-harness/src/main/java/org/neo4j/harness/internal/AbstractInProcessServerBuilder.java +++ b/community/neo4j-harness/src/main/java/org/neo4j/harness/internal/AbstractInProcessServerBuilder.java @@ -74,7 +74,7 @@ public AbstractInProcessServerBuilder( File workingDir ) private void init( File workingDir ) { setDirectory( workingDir ); - withConfig( ServerSettings.auth_enabled, "false" ); + withConfig( GraphDatabaseSettings.auth_enabled, "false" ); withConfig( GraphDatabaseSettings.pagecache_memory, "8m" ); withConfig( ServerSettings.webserver_port.name(), Integer.toString( freePort(7474, 10000) ) ); diff --git a/community/server/src/main/java/org/neo4j/server/AbstractNeoServer.java b/community/server/src/main/java/org/neo4j/server/AbstractNeoServer.java index 6540d50e15525..cbdf3662d6d92 100644 --- a/community/server/src/main/java/org/neo4j/server/AbstractNeoServer.java +++ b/community/server/src/main/java/org/neo4j/server/AbstractNeoServer.java @@ -19,6 +19,7 @@ */ package org.neo4j.server; +import com.sun.jersey.api.core.HttpContext; import org.apache.commons.configuration.Configuration; import org.bouncycastle.operator.OperatorCreationException; @@ -75,14 +76,12 @@ import org.neo4j.server.rest.transactional.TransitionalPeriodTransactionMessContainer; import org.neo4j.server.rest.web.DatabaseActions; import org.neo4j.server.security.auth.AuthManager; -import org.neo4j.server.security.auth.FileUserRepository; import org.neo4j.server.web.SimpleUriBuilder; import org.neo4j.server.web.WebServer; import org.neo4j.server.web.WebServerProvider; import static java.lang.Math.round; import static java.lang.String.format; -import static java.time.Clock.systemUTC; import static java.util.concurrent.TimeUnit.MILLISECONDS; import static org.neo4j.helpers.Clock.SYSTEM_CLOCK; import static org.neo4j.helpers.collection.Iterables.map; @@ -127,7 +126,7 @@ public abstract class AbstractNeoServer implements NeoServer protected CypherExecutor cypherExecutor; protected WebServer webServer; - protected AuthManager authManager; + protected Supplier authManagerSupplier; protected KeyStoreInformation keyStoreInfo; private DatabaseActions databaseActions; @@ -161,16 +160,7 @@ public void init() this.database = life.add( dependencyResolver.satisfyDependency(dbFactory.newDatabase( config, dependencies)) ); - FileUserRepository users = life.add( new FileUserRepository( config.get( ServerSettings.auth_store ).toPath(), logProvider ) ); - - // Since we are not (yet) using the AuthManager anywhere but here, we still - // instantiate it here. As we refactor, this should probably become an interface, - // with appropriate implementations created in CommunityModule and EnterpriseModule, - // respectively. To get a hold of AuthManager here, we're likely best of using - // DependencyResolver or similar, until the unfortunate problem of both this class - // and GraphDatabaseFacadeFactory implementing two different schemes of application - // assembly has been resolved. - this.authManager = life.add(new AuthManager( users, systemUTC(), config.get( ServerSettings.auth_enabled ))); + this.authManagerSupplier = dependencyResolver.provideDependency( AuthManager.class ); this.webServer = createWebServer(); this.keyStoreInfo = createKeyStore(); @@ -543,7 +533,7 @@ protected Collection> createDefaultInjectables() singletons.add( new CypherExecutorProvider( cypherExecutor ) ); singletons.add( providerForSingleton( transactionFacade, TransactionFacade.class ) ); - singletons.add( providerForSingleton( authManager, AuthManager.class ) ); + singletons.add( new AuthManagerProvider(authManagerSupplier ) ); singletons.add( new TransactionFilter( database ) ); singletons.add( new LoggingProvider( logProvider ) ); singletons.add( providerForSingleton( logProvider.getLog( NeoServer.class ), Log.class ) ); @@ -551,6 +541,22 @@ protected Collection> createDefaultInjectables() return singletons; } + private static class AuthManagerProvider extends InjectableProvider + { + private final Supplier authManagerSupplier; + private AuthManagerProvider( Supplier authManagerSupplier ) + { + super(AuthManager.class); + this.authManagerSupplier = authManagerSupplier; + } + + @Override + public AuthManager getValue( HttpContext httpContext ) + { + return authManagerSupplier.get(); + } + } + private boolean hasModule( Class clazz ) { for ( ServerModule sm : serverModules ) diff --git a/community/server/src/main/java/org/neo4j/server/Bootstrapper.java b/community/server/src/main/java/org/neo4j/server/Bootstrapper.java index 31719f433c41e..a4aeae2924a64 100644 --- a/community/server/src/main/java/org/neo4j/server/Bootstrapper.java +++ b/community/server/src/main/java/org/neo4j/server/Bootstrapper.java @@ -39,6 +39,7 @@ import org.neo4j.server.logging.JULBridge; import org.neo4j.server.logging.JettyLogBridge; import org.neo4j.server.logging.Netty4LogBridge; + import static java.lang.String.format; import static org.neo4j.server.configuration.ServerSettings.SERVER_CONFIG_FILE; import static org.neo4j.server.configuration.ServerSettings.SERVER_CONFIG_FILE_KEY; @@ -88,7 +89,6 @@ public int start( File configFile, Pair ... configOverrides ) config = createConfig( log, configFile, configOverrides ); serverPort = String.valueOf( config.get( ServerSettings.webserver_port ) ); dependencies = dependencies.userLogProvider( userLogProvider ); - life.start(); checkCompatibility(); diff --git a/community/server/src/main/java/org/neo4j/server/CommunityNeoServer.java b/community/server/src/main/java/org/neo4j/server/CommunityNeoServer.java index aa252af338d3b..d6c9393ac8dc2 100644 --- a/community/server/src/main/java/org/neo4j/server/CommunityNeoServer.java +++ b/community/server/src/main/java/org/neo4j/server/CommunityNeoServer.java @@ -82,7 +82,7 @@ protected Iterable createServerModules() new ThirdPartyJAXRSModule( webServer, getConfig(), logProvider, this ), new WebAdminModule( webServer, getConfig() ), new Neo4jBrowserModule( webServer ), - new AuthorizationModule( webServer, authManager, logProvider, getConfig(), getUriWhitelist() ), + new AuthorizationModule( webServer, authManagerSupplier, logProvider, getConfig(), getUriWhitelist() ), new SecurityRulesModule( webServer, getConfig(), logProvider ) ); } diff --git a/community/server/src/main/java/org/neo4j/server/configuration/ServerSettings.java b/community/server/src/main/java/org/neo4j/server/configuration/ServerSettings.java index 5b3329f1bc09a..8dd0ec06f39b2 100644 --- a/community/server/src/main/java/org/neo4j/server/configuration/ServerSettings.java +++ b/community/server/src/main/java/org/neo4j/server/configuration/ServerSettings.java @@ -163,9 +163,6 @@ private ThirdPartyJaxRsPackage createThirdPartyJaxRsPackage( String packageAndMo @Description("Timeout for idle transactions.") Setting transaction_timeout = setting( "org.neo4j.server.transaction.timeout", DURATION, "60s" ); - @Description("Enable auth requirement to access Neo4j.") - Setting auth_enabled = setting( "dbms.security.auth_enabled", BOOLEAN, TRUE ); - @Description("Enable the Bolt protocol") Setting bolt_enabled = BoltKernelExtension.Settings.enabled; @@ -200,9 +197,6 @@ private ThirdPartyJaxRsPackage createThirdPartyJaxRsPackage( String packageAndMo Setting wadl_enabled = setting( "unsupported_wadl_generation_enabled", BOOLEAN, FALSE ); - @Internal - Setting auth_store = setting("dbms.security.auth_store.location", PATH, "data/dbms/auth"); - @Internal Setting legacy_db_location = setting( "org.neo4j.server.database.location", PATH, "data/graph.db" ); diff --git a/community/server/src/main/java/org/neo4j/server/modules/AuthorizationModule.java b/community/server/src/main/java/org/neo4j/server/modules/AuthorizationModule.java index eeff818d7911e..53d35d0e0bbd0 100644 --- a/community/server/src/main/java/org/neo4j/server/modules/AuthorizationModule.java +++ b/community/server/src/main/java/org/neo4j/server/modules/AuthorizationModule.java @@ -19,11 +19,12 @@ */ package org.neo4j.server.modules; +import java.util.function.Supplier; import java.util.regex.Pattern; +import org.neo4j.graphdb.factory.GraphDatabaseSettings; import org.neo4j.kernel.configuration.Config; import org.neo4j.logging.LogProvider; -import org.neo4j.server.configuration.ServerSettings; import org.neo4j.server.rest.dbms.AuthorizationFilter; import org.neo4j.server.security.auth.AuthManager; import org.neo4j.server.web.WebServer; @@ -32,15 +33,15 @@ public class AuthorizationModule implements ServerModule { private final WebServer webServer; private final Config config; - private final AuthManager authManager; + private final Supplier authManagerSupplier; private final LogProvider logProvider; private final Pattern[] uriWhitelist; - public AuthorizationModule( WebServer webServer, AuthManager authManager, LogProvider logProvider, Config config, Pattern[] uriWhitelist ) + public AuthorizationModule( WebServer webServer, Supplier authManager, LogProvider logProvider, Config config, Pattern[] uriWhitelist ) { this.webServer = webServer; this.config = config; - this.authManager = authManager; + this.authManagerSupplier = authManager; this.logProvider = logProvider; this.uriWhitelist = uriWhitelist; } @@ -48,9 +49,9 @@ public AuthorizationModule( WebServer webServer, AuthManager authManager, LogPro @Override public void start() { - if ( config.get( ServerSettings.auth_enabled ) ) + if ( config.get( GraphDatabaseSettings.auth_enabled ) ) { - final AuthorizationFilter authorizationFilter = new AuthorizationFilter( authManager, logProvider, uriWhitelist ); + final AuthorizationFilter authorizationFilter = new AuthorizationFilter( authManagerSupplier, logProvider, uriWhitelist ); webServer.addFilter( authorizationFilter, "/*" ); } } diff --git a/community/server/src/main/java/org/neo4j/server/rest/dbms/AuthorizationFilter.java b/community/server/src/main/java/org/neo4j/server/rest/dbms/AuthorizationFilter.java index 126a24614e7a2..b3865eb3ae8a3 100644 --- a/community/server/src/main/java/org/neo4j/server/rest/dbms/AuthorizationFilter.java +++ b/community/server/src/main/java/org/neo4j/server/rest/dbms/AuthorizationFilter.java @@ -22,6 +22,7 @@ import java.io.IOException; import java.net.URI; import java.nio.charset.StandardCharsets; +import java.util.function.Supplier; import java.util.regex.Pattern; import javax.servlet.Filter; import javax.servlet.FilterChain; @@ -53,13 +54,13 @@ public class AuthorizationFilter implements Filter { private static final Pattern PASSWORD_CHANGE_WHITELIST = Pattern.compile( "/user/.*" ); - private final AuthManager authManager; + private final Supplier authManagerSupplier; private final Log log; private final Pattern[] uriWhitelist; - public AuthorizationFilter( AuthManager authManager, LogProvider logProvider, Pattern... uriWhitelist ) + public AuthorizationFilter( Supplier authManager, LogProvider logProvider, Pattern... uriWhitelist ) { - this.authManager = authManager; + this.authManagerSupplier = authManager; this.log = logProvider.getLog( getClass() ); this.uriWhitelist = uriWhitelist; } @@ -103,6 +104,7 @@ public void doFilter( ServletRequest servletRequest, ServletResponse servletResp final String username = usernameAndPassword[0]; final String password = usernameAndPassword[1]; + AuthManager authManager = authManagerSupplier.get(); switch ( authManager.authenticate( username, password ) ) { case PASSWORD_CHANGE_REQUIRED: @@ -121,7 +123,6 @@ public void doFilter( ServletRequest servletRequest, ServletResponse servletResp default: log.warn( "Failed authentication attempt for '%s' from %s", username, request.getRemoteAddr() ); requestAuthentication( request, invalidCredential ).accept( response ); - return; } } diff --git a/community/server/src/test/java/org/neo4j/server/BaseBootstrapperTest.java b/community/server/src/test/java/org/neo4j/server/BaseBootstrapperTest.java index 048116cdedb73..17a82b461639c 100644 --- a/community/server/src/test/java/org/neo4j/server/BaseBootstrapperTest.java +++ b/community/server/src/test/java/org/neo4j/server/BaseBootstrapperTest.java @@ -28,6 +28,7 @@ import java.io.File; import java.io.IOException; import java.util.ArrayList; +import java.util.Collections; import java.util.List; import java.util.Map; @@ -54,10 +55,7 @@ protected String[] commandLineConfig( String... params ) { ArrayList config = new ArrayList<>(); - for ( String param : params ) - { - config.add( param ); - } + Collections.addAll( config, params ); return config.toArray( new String[config.size()] ); } diff --git a/community/server/src/test/java/org/neo4j/server/ServerTestUtils.java b/community/server/src/test/java/org/neo4j/server/ServerTestUtils.java index 49f20358ca748..ef54f55037359 100644 --- a/community/server/src/test/java/org/neo4j/server/ServerTestUtils.java +++ b/community/server/src/test/java/org/neo4j/server/ServerTestUtils.java @@ -34,6 +34,7 @@ import java.util.Random; import org.neo4j.graphdb.config.Setting; +import org.neo4j.graphdb.factory.GraphDatabaseSettings; import org.neo4j.server.configuration.ServerSettings; public class ServerTestUtils @@ -85,7 +86,7 @@ public static Map getDefaultRelativeProperties() throws IOExcepti public static void addDefaultRelativeProperties( Map properties, File temporaryFolder ) { addRelativeProperty( temporaryFolder, properties, ServerSettings.legacy_db_location ); - addRelativeProperty( temporaryFolder, properties, ServerSettings.auth_store ); + addRelativeProperty( temporaryFolder, properties, GraphDatabaseSettings.auth_store ); addRelativeProperty( temporaryFolder, properties, ServerSettings.tls_certificate_file ); addRelativeProperty( temporaryFolder, properties, ServerSettings.tls_key_file ); } @@ -112,7 +113,7 @@ public static String asOneLine( Map properties ) for ( Map.Entry property : properties.entrySet() ) { builder.append( ( builder.length() > 0 ? "," : "" ) ); - builder.append( property.getKey() + "=" + property.getValue() ); + builder.append( property.getKey() ).append( "=" ).append( property.getValue() ); } return builder.toString(); } diff --git a/community/server/src/test/java/org/neo4j/server/helpers/CommunityServerBuilder.java b/community/server/src/test/java/org/neo4j/server/helpers/CommunityServerBuilder.java index aad678f7cd8ec..e6d94b7db5dd1 100644 --- a/community/server/src/test/java/org/neo4j/server/helpers/CommunityServerBuilder.java +++ b/community/server/src/test/java/org/neo4j/server/helpers/CommunityServerBuilder.java @@ -51,7 +51,6 @@ import static java.lang.Boolean.FALSE; import static java.lang.Boolean.TRUE; - import static org.neo4j.helpers.Clock.SYSTEM_CLOCK; import static org.neo4j.helpers.collection.MapUtil.stringMap; import static org.neo4j.server.ServerTestUtils.asOneLine; @@ -194,7 +193,7 @@ private Map createConfiguration( File temporaryFolder ) } } - properties.put( ServerSettings.auth_enabled.name(), "false" ); + properties.put( GraphDatabaseSettings.auth_enabled.name(), "false" ); properties.put( GraphDatabaseSettings.pagecache_memory.name(), "8m" ); for ( Object key : arbitraryProperties.keySet() ) diff --git a/community/server/src/test/java/org/neo4j/server/rest/dbms/AuthorizationFilterTest.java b/community/server/src/test/java/org/neo4j/server/rest/dbms/AuthorizationFilterTest.java index 2e7e8ba2db840..06f60b20a34cc 100644 --- a/community/server/src/test/java/org/neo4j/server/rest/dbms/AuthorizationFilterTest.java +++ b/community/server/src/test/java/org/neo4j/server/rest/dbms/AuthorizationFilterTest.java @@ -88,7 +88,7 @@ public void setWriteListener( WriteListener writeListener ) public void shouldAllowOptionsRequests() throws Exception { // Given - final AuthorizationFilter filter = new AuthorizationFilter( authManager, logProvider ); + final AuthorizationFilter filter = new AuthorizationFilter( () -> authManager, logProvider ); when( servletRequest.getMethod() ).thenReturn( "OPTIONS" ); // When @@ -102,7 +102,7 @@ public void shouldAllowOptionsRequests() throws Exception public void shouldWhitelistMatchingUris() throws Exception { // Given - final AuthorizationFilter filter = new AuthorizationFilter( authManager, logProvider, + final AuthorizationFilter filter = new AuthorizationFilter( () -> authManager, logProvider, Pattern.compile( "/" ), Pattern.compile( "/webadmin.*" ), Pattern.compile( "/browser.*" ) ); when( servletRequest.getMethod() ).thenReturn( "GET" ); when( servletRequest.getContextPath() ).thenReturn( "/", "/webadmin/index.html", "/browser/index.html" ); @@ -120,7 +120,7 @@ public void shouldWhitelistMatchingUris() throws Exception public void shouldRequireAuthorizationForNonWhitelistedUris() throws Exception { // Given - final AuthorizationFilter filter = new AuthorizationFilter( authManager, logProvider, Pattern.compile( "/" ), Pattern.compile( "/browser.*" ) ); + final AuthorizationFilter filter = new AuthorizationFilter( () -> authManager, logProvider, Pattern.compile( "/" ), Pattern.compile( "/browser.*" ) ); when( servletRequest.getMethod() ).thenReturn( "GET" ); when( servletRequest.getContextPath() ).thenReturn( "/db/data" ); @@ -140,7 +140,7 @@ public void shouldRequireAuthorizationForNonWhitelistedUris() throws Exception public void shouldRequireValidAuthorizationHeader() throws Exception { // Given - final AuthorizationFilter filter = new AuthorizationFilter( authManager, logProvider ); + final AuthorizationFilter filter = new AuthorizationFilter( () -> authManager, logProvider ); when( servletRequest.getMethod() ).thenReturn( "GET" ); when( servletRequest.getContextPath() ).thenReturn( "/db/data" ); when( servletRequest.getHeader( HttpHeaders.AUTHORIZATION ) ).thenReturn( "NOT A VALID VALUE" ); @@ -160,7 +160,7 @@ public void shouldRequireValidAuthorizationHeader() throws Exception public void shouldNotAuthorizeInvalidCredentials() throws Exception { // Given - final AuthorizationFilter filter = new AuthorizationFilter( authManager, logProvider ); + final AuthorizationFilter filter = new AuthorizationFilter( () -> authManager, logProvider ); String credentials = Base64.encodeBase64String( "foo:bar".getBytes( StandardCharsets.UTF_8 ) ); when( servletRequest.getMethod() ).thenReturn( "GET" ); when( servletRequest.getContextPath() ).thenReturn( "/db/data" ); @@ -186,7 +186,7 @@ public void shouldNotAuthorizeInvalidCredentials() throws Exception public void shouldAuthorizeWhenPasswordChangeRequiredForWhitelistedPath() throws Exception { // Given - final AuthorizationFilter filter = new AuthorizationFilter( authManager, logProvider ); + final AuthorizationFilter filter = new AuthorizationFilter( () -> authManager, logProvider ); String credentials = Base64.encodeBase64String( "foo:bar".getBytes( StandardCharsets.UTF_8 ) ); when( servletRequest.getMethod() ).thenReturn( "GET" ); when( servletRequest.getContextPath() ).thenReturn( "/user/foo" ); @@ -204,7 +204,7 @@ public void shouldAuthorizeWhenPasswordChangeRequiredForWhitelistedPath() throws public void shouldNotAuthorizeWhenPasswordChangeRequired() throws Exception { // Given - final AuthorizationFilter filter = new AuthorizationFilter( authManager, logProvider ); + final AuthorizationFilter filter = new AuthorizationFilter( () -> authManager, logProvider ); String credentials = Base64.encodeBase64String( "foo:bar".getBytes( StandardCharsets.UTF_8 ) ); when( servletRequest.getMethod() ).thenReturn( "GET" ); when( servletRequest.getContextPath() ).thenReturn( "/db/data" ); @@ -229,7 +229,7 @@ public void shouldNotAuthorizeWhenPasswordChangeRequired() throws Exception public void shouldNotAuthorizeWhenTooManyAttemptsMade() throws Exception { // Given - final AuthorizationFilter filter = new AuthorizationFilter( authManager, logProvider ); + final AuthorizationFilter filter = new AuthorizationFilter( () -> authManager, logProvider ); String credentials = Base64.encodeBase64String( "foo:bar".getBytes( StandardCharsets.UTF_8 ) ); when( servletRequest.getMethod() ).thenReturn( "GET" ); when( servletRequest.getContextPath() ).thenReturn( "/db/data" ); @@ -251,7 +251,7 @@ public void shouldNotAuthorizeWhenTooManyAttemptsMade() throws Exception public void shouldAuthorizeWhenValidCredentialsSupplied() throws Exception { // Given - final AuthorizationFilter filter = new AuthorizationFilter( authManager, logProvider ); + final AuthorizationFilter filter = new AuthorizationFilter( () -> authManager, logProvider ); String credentials = Base64.encodeBase64String( "foo:bar".getBytes( StandardCharsets.UTF_8 ) ); when( servletRequest.getMethod() ).thenReturn( "GET" ); when( servletRequest.getContextPath() ).thenReturn( "/db/data" ); @@ -269,7 +269,7 @@ public void shouldAuthorizeWhenValidCredentialsSupplied() throws Exception public void shouldIncludeCrippledAuthHeaderIfBrowserIsTheOneCalling() throws Throwable { // Given - final AuthorizationFilter filter = new AuthorizationFilter( authManager, logProvider, Pattern.compile( "/" ), Pattern.compile( "/browser.*" ) ); + final AuthorizationFilter filter = new AuthorizationFilter( () -> authManager, logProvider, Pattern.compile( "/" ), Pattern.compile( "/browser.*" ) ); when( servletRequest.getMethod() ).thenReturn( "GET" ); when( servletRequest.getContextPath() ).thenReturn( "/db/data" ); when( servletRequest.getHeader( "X-Ajax-Browser-Auth" )).thenReturn( "true" ); diff --git a/community/server/src/test/java/org/neo4j/server/rest/discovery/DiscoveryServiceTest.java b/community/server/src/test/java/org/neo4j/server/rest/discovery/DiscoveryServiceTest.java index 51def011012ab..7c1b924b89756 100644 --- a/community/server/src/test/java/org/neo4j/server/rest/discovery/DiscoveryServiceTest.java +++ b/community/server/src/test/java/org/neo4j/server/rest/discovery/DiscoveryServiceTest.java @@ -24,6 +24,7 @@ import java.net.URI; import javax.ws.rs.core.Response; +import org.neo4j.graphdb.factory.GraphDatabaseSettings; import org.neo4j.kernel.configuration.Config; import org.neo4j.server.configuration.ServerSettings; import org.neo4j.server.rest.repr.formats.JsonFormat; @@ -48,7 +49,7 @@ public void shouldReturnValidJSONWithDataAndManagementUris() throws Exception when( mockConfig.get( ServerSettings.management_api_path ) ).thenReturn( managementUri ); URI dataUri = new URI( "/data" ); when( mockConfig.get( ServerSettings.rest_api_path ) ).thenReturn( dataUri ); - when(mockConfig.get( ServerSettings.auth_enabled )).thenReturn( false ); + when(mockConfig.get( GraphDatabaseSettings.auth_enabled )).thenReturn( false ); String baseUri = "http://www.example.com"; DiscoveryService ds = new DiscoveryService( mockConfig, new EntityOutputFormat( new JsonFormat(), new URI( diff --git a/community/server/src/test/java/org/neo4j/server/rest/security/AuthenticationDocIT.java b/community/server/src/test/java/org/neo4j/server/rest/security/AuthenticationDocIT.java index 774fa622f9a7e..c91e8a3029b04 100644 --- a/community/server/src/test/java/org/neo4j/server/rest/security/AuthenticationDocIT.java +++ b/community/server/src/test/java/org/neo4j/server/rest/security/AuthenticationDocIT.java @@ -30,12 +30,12 @@ import java.io.IOException; import javax.ws.rs.core.HttpHeaders; +import org.neo4j.graphdb.factory.GraphDatabaseSettings; import org.neo4j.helpers.UTF8; import org.neo4j.io.fs.FileUtils; import org.neo4j.kernel.impl.annotations.Documented; import org.neo4j.server.CommunityNeoServer; import org.neo4j.server.ServerTestUtils; -import org.neo4j.server.configuration.ServerSettings; import org.neo4j.server.helpers.CommunityServerBuilder; import org.neo4j.server.rest.RESTDocsGenerator; import org.neo4j.server.rest.domain.JsonHelper; @@ -300,10 +300,10 @@ public void startServerWithConfiguredUser() throws IOException public void startServer( boolean authEnabled ) throws IOException { - File authStore = ServerTestUtils.getRelativeFile( ServerSettings.auth_store ); + File authStore = ServerTestUtils.getRelativeFile( GraphDatabaseSettings.auth_store ); FileUtils.deleteFile( authStore); server = CommunityServerBuilder.server() - .withProperty( ServerSettings.auth_enabled.name(), Boolean.toString( authEnabled ) ) + .withProperty( GraphDatabaseSettings.auth_enabled.name(), Boolean.toString( authEnabled ) ) .build(); server.start(); } diff --git a/community/server/src/test/java/org/neo4j/server/rest/security/UsersDocIT.java b/community/server/src/test/java/org/neo4j/server/rest/security/UsersDocIT.java index 9ceae2f354a3d..bc1dae12bf9e3 100644 --- a/community/server/src/test/java/org/neo4j/server/rest/security/UsersDocIT.java +++ b/community/server/src/test/java/org/neo4j/server/rest/security/UsersDocIT.java @@ -28,15 +28,14 @@ import java.io.File; import java.io.IOException; - import javax.ws.rs.core.HttpHeaders; +import org.neo4j.graphdb.factory.GraphDatabaseSettings; import org.neo4j.helpers.UTF8; import org.neo4j.io.fs.FileUtils; import org.neo4j.kernel.impl.annotations.Documented; import org.neo4j.server.CommunityNeoServer; import org.neo4j.server.ServerTestUtils; -import org.neo4j.server.configuration.ServerSettings; import org.neo4j.server.helpers.CommunityServerBuilder; import org.neo4j.server.rest.RESTDocsGenerator; import org.neo4j.server.rest.domain.JsonHelper; @@ -154,9 +153,9 @@ public void cleanup() public void startServer(boolean authEnabled) throws IOException { - File file = ServerTestUtils.getRelativeFile( ServerSettings.auth_store ); + File file = ServerTestUtils.getRelativeFile( GraphDatabaseSettings.auth_store ); FileUtils.deleteFile( file ); - server = CommunityServerBuilder.server().withProperty( ServerSettings.auth_enabled.name(), + server = CommunityServerBuilder.server().withProperty( GraphDatabaseSettings.auth_enabled.name(), Boolean.toString( authEnabled ) ).build(); server.start(); } diff --git a/community/server/src/test/java/org/neo4j/server/security/auth/AuthorizationDisabledIT.java b/community/server/src/test/java/org/neo4j/server/security/auth/AuthorizationDisabledIT.java index e37a6e45f14db..9c1021254f82e 100644 --- a/community/server/src/test/java/org/neo4j/server/security/auth/AuthorizationDisabledIT.java +++ b/community/server/src/test/java/org/neo4j/server/security/auth/AuthorizationDisabledIT.java @@ -21,14 +21,15 @@ import org.junit.After; import org.junit.Test; + +import org.neo4j.graphdb.factory.GraphDatabaseSettings; import org.neo4j.server.CommunityNeoServer; -import org.neo4j.server.configuration.ServerSettings; import org.neo4j.server.helpers.CommunityServerBuilder; import org.neo4j.test.server.ExclusiveServerTestBase; import org.neo4j.test.server.HTTP; import static org.hamcrest.Matchers.equalTo; -import static org.junit.Assert.*; +import static org.junit.Assert.assertThat; import static org.neo4j.test.server.HTTP.RawPayload.quotedJson; public class AuthorizationDisabledIT extends ExclusiveServerTestBase @@ -40,7 +41,7 @@ public class AuthorizationDisabledIT extends ExclusiveServerTestBase public void shouldAllowDisablingAuthorization() throws Exception { // Given - server = CommunityServerBuilder.server().withProperty( ServerSettings.auth_enabled.name(), "false" ).build(); + server = CommunityServerBuilder.server().withProperty( GraphDatabaseSettings.auth_enabled.name(), "false" ).build(); // When server.start(); diff --git a/community/server/src/test/java/org/neo4j/server/security/auth/AuthorizationWhitelistIT.java b/community/server/src/test/java/org/neo4j/server/security/auth/AuthorizationWhitelistIT.java index 113ab8a2a51c9..4dc2b98e08e4e 100644 --- a/community/server/src/test/java/org/neo4j/server/security/auth/AuthorizationWhitelistIT.java +++ b/community/server/src/test/java/org/neo4j/server/security/auth/AuthorizationWhitelistIT.java @@ -24,8 +24,8 @@ import java.io.IOException; +import org.neo4j.graphdb.factory.GraphDatabaseSettings; import org.neo4j.server.CommunityNeoServer; -import org.neo4j.server.configuration.ServerSettings; import org.neo4j.server.helpers.CommunityServerBuilder; import org.neo4j.test.server.ExclusiveServerTestBase; import org.neo4j.test.server.HTTP; @@ -43,7 +43,7 @@ public void shouldWhitelistBrowser() throws Exception { // Given assumeTrue( browserIsLoaded() ); - server = CommunityServerBuilder.server().withProperty( ServerSettings.auth_enabled.name(), "true" ).build(); + server = CommunityServerBuilder.server().withProperty( GraphDatabaseSettings.auth_enabled.name(), "true" ).build(); // When server.start(); @@ -57,7 +57,7 @@ public void shouldWhitelistBrowser() throws Exception public void shouldWhitelistWebadmin() throws Exception { // Given - server = CommunityServerBuilder.server().withProperty( ServerSettings.auth_enabled.name(), "true" ).build(); + server = CommunityServerBuilder.server().withProperty( GraphDatabaseSettings.auth_enabled.name(), "true" ).build(); // When server.start(); @@ -71,7 +71,7 @@ public void shouldWhitelistWebadmin() throws Exception public void shouldNotWhitelistDB() throws Exception { // Given - server = CommunityServerBuilder.server().withProperty( ServerSettings.auth_enabled.name(), "true" ).build(); + server = CommunityServerBuilder.server().withProperty( GraphDatabaseSettings.auth_enabled.name(), "true" ).build(); // When server.start();