TP-325: Allow testing secured spaces

src/main/java/com/avanza/gs/test/PartitionedPu.java

@@ -15,18 +15,19 @@
  */
 package com.avanza.gs.test;
 
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
 import org.openspaces.core.GigaSpace;
 import org.openspaces.core.cluster.ClusterInfo;
 import org.openspaces.core.properties.BeanLevelProperties;
 import org.openspaces.pu.container.integrated.IntegratedProcessingUnitContainer;
 import org.openspaces.pu.container.integrated.IntegratedProcessingUnitContainerProvider;
 import org.openspaces.pu.container.support.CompoundProcessingUnitContainer;
 import org.springframework.context.ApplicationContext;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Properties;
+import com.gigaspaces.security.directory.DefaultCredentialsProvider;
 
 /**
  * 
@@ -45,6 +46,7 @@ public final class PartitionedPu implements PuRunner {
 	private final String lookupGroupName;
 	private final boolean autostart;
 	private final ApplicationContext parentContext;
+	private final boolean useAuthentication;
 
 	public PartitionedPu(PartitionedPuConfigurer configurer) {
 		this.puXmlPath = configurer.puXmlPath;
@@ -55,6 +57,7 @@ public PartitionedPu(PartitionedPuConfigurer configurer) {
 		this.lookupGroupName = configurer.lookupGroupName;
 		this.autostart = configurer.autostart;
 		this.parentContext = configurer.parentContext;
+		this.useAuthentication = configurer.useAuthentication;
 		this.contextProperties.put("spaceName", UniqueSpaceNameLookup.getSpaceNameWithSequence(configurer.spaceName));
 		this.contextProperties.put("gs.space.url.arg.groups", lookupGroupName);
 		this.contextProperties.put("gs.space.url.arg.timeout", "10");
@@ -77,9 +80,26 @@ private void startContainers() throws IOException {
 		if (parentContext != null) {
 			provider.setParentContext(parentContext);
 		}
+		if (useAuthentication) {
+			enableAuthentication(provider);
+		}
 		container = (CompoundProcessingUnitContainer) provider.createContainer();
 	}
 
+	private void enableAuthentication(IntegratedProcessingUnitContainerProvider provider) {
+		final Properties contextProperties = provider.getBeanLevelProperties().getContextProperties();
+		contextProperties.put("com.gs.security.security-manager.class", new SecurityManagerForTests());
+		// SecurityManagerForTests will accept all credentials, so these can be anything
+		provider.setCredentialsProvider(new DefaultCredentialsProvider("", ""));
+
+		// Override default timeouts that are being used when security is enabled
+		// during PU startup.
+		// SpaceRemoteOperationsExecutorsClusterConfig defaults to 20s
+		contextProperties.setProperty("space-config.proxy.router.active-server-lookup-timeout", "300");
+		// ClusterXML::createActiveElectConfig used by ActiveElectionManager::sleepYieldTime defaults to 1s
+		contextProperties.setProperty("cluster-config.groups.group.fail-over-policy.active-election.yield-time", "100");
+	}
+
 	private ClusterInfo createClusterInfo() {
 		ClusterInfo clusterInfo = new ClusterInfo();
 		clusterInfo.setSchema("partitioned-sync2backup");

src/main/java/com/avanza/gs/test/PartitionedPuConfigurer.java

@@ -33,6 +33,7 @@ public final class PartitionedPuConfigurer {
 	String spaceName = "test-space";
 	public boolean autostart = true;
 	ApplicationContext parentContext;
+	boolean useAuthentication;
 
 	public PartitionedPuConfigurer(String puXmlPath) {
 		this.puXmlPath = puXmlPath;
@@ -109,4 +110,8 @@ public PartitionedPuConfigurer spaceName(String spaceName) {
 		return this;
 	}
 
+	public PartitionedPuConfigurer withAuthentication() {
+		this.useAuthentication = true;
+		return this;
+	}
 }

src/main/java/com/avanza/gs/test/SecurityManagerForTests.java

@@ -0,0 +1,54 @@
+/*
+ * Copyright 2017 Avanza Bank AB
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.avanza.gs.test;
+
+import java.io.Serializable;
+import java.util.Properties;
+import java.util.stream.Stream;
+
+import com.gigaspaces.security.AccessDeniedException;
+import com.gigaspaces.security.Authentication;
+import com.gigaspaces.security.AuthenticationException;
+import com.gigaspaces.security.Authority;
+import com.gigaspaces.security.SecurityException;
+import com.gigaspaces.security.SecurityManager;
+import com.gigaspaces.security.authorities.SpaceAuthority;
+import com.gigaspaces.security.directory.DirectoryManager;
+import com.gigaspaces.security.directory.User;
+import com.gigaspaces.security.directory.UserDetails;
+
+public class SecurityManagerForTests implements SecurityManager, Serializable {
+	private static final Authority[] TEST_AUTHORITIES = Stream.of(SpaceAuthority.SpacePrivilege.values())
+			.map(SpaceAuthority::new)
+			.toArray(Authority[]::new);
+
+	@Override
+	public void init(Properties properties) throws SecurityException { }
+
+	@Override
+	public void close() { }
+
+	@Override
+	public DirectoryManager createDirectoryManager(UserDetails userDetails) throws AuthenticationException, AccessDeniedException {
+		throw new UnsupportedOperationException("DirectoryManager is not supported by SecurityManagerForTests");
+	}
+
+	@Override
+	public Authentication authenticate(UserDetails userDetails) throws AuthenticationException {
+		// During tests, we allow any username & password
+		return new Authentication(new User(userDetails.getUsername(), userDetails.getPassword(), TEST_AUTHORITIES));
+	}
+}