Skip to content

[Kerberos] Move tests based on SimpleKdc to evil-tests #33492

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Sep 14, 2018
Merged

[Kerberos] Move tests based on SimpleKdc to evil-tests #33492

merged 3 commits into from
Sep 14, 2018

Conversation

bizybot
Copy link
Contributor

@bizybot bizybot commented Sep 7, 2018
edited
Loading

We have a test dependency on Apache Mina when using SimpleKdcServer
for testing Kerberos. When checking for LDAP backend connectivity,
the code checks for deadlocks which require additional security
permissions accessClassInPackage.sun.reflect. As this is only for
test and we do not want to add security permissions to production,
this commit moves these tests and related classes to
x-pack evil-tests where they can run with security manager disabled.
The plan is to handle the security manager exception in the upstream issue
DIRMINA-1093
and then once the release is available to run these tests with security
manager enabled.

Closes #32739

[Kerberos] Move tests based on SimpleKdc to evil-tests
1a125e6 
We have a test dependency on Apache Mina when using SimpleKdcServer
for testing Kerberos. When checking for ldap backend connectivity,
the code checks for deadlocks which require additional security
permissions `accessClassInPackage.sun.reflect`. As this is only for
test and we do not want to add security permissions to production,
this commit moves these tests and related classes to
x-pack evil-tests where they can run with security manager disabled.
The plan is to handle the security manager exception in the upstream
and then once the release is available run these tests with security
manager enabled.

Closes#32739
@bizybot bizybot added >test Issues or PRs that are addressing/adding tests v7.0.0 :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) v6.5.0 labels Sep 7, 2018
@bizybot bizybot requested review from tvernum and jaymode September 7, 2018 05:02
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security

@jaymode
Copy link
Member

jaymode commented Sep 7, 2018

The plan is to handle the security manager exception in the upstream

Has an issue / patch been raised for this yet?

Also it looks like there are unused imports that need to be addressed.

@bizybot
Copy link
Contributor Author

bizybot commented Sep 10, 2018

Thanks, @jaymode, updated the PR with information of issue created Apache Mina (DIRMINA-1093). Addressed the ci failure.

@jaymode
Copy link
Member

jaymode commented Sep 13, 2018

created Apache Mina (DIRMINA-1093).

Looks like they are requesting a patch; can you please make sure to get that for them?

jaymode
jaymode approved these changes Sep 13, 2018
View reviewed changes
Copy link
Member

@jaymode jaymode left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@bizybot bizybot merged commit d3e27ff into elastic:master Sep 14, 2018
@bizybot bizybot deleted the move-simplekdc-tests-to-evil-tests branch September 14, 2018 00:07
bizybot added a commit to bizybot/elasticsearch that referenced this pull request Sep 14, 2018
@bizybot
[Kerberos] Move tests based on SimpleKdc to evil-tests (elastic#33492)
5155846 
We have a test dependency on Apache Mina when using SimpleKdcServer
for testing Kerberos. When checking for LDAP backend connectivity,
the code checks for deadlocks which require additional security
permissions accessClassInPackage.sun.reflect. As this is only for
test and we do not want to add security permissions to production,
this commit moves these tests and related classes to
x-pack evil-tests where they can run with security manager disabled.
The plan is to handle the security manager exception in the upstream issue
DIRMINA-1093
and then once the release is available to run these tests with security
manager enabled.

Closes elastic#32739
bizybot added a commit that referenced this pull request Oct 16, 2018
@bizybot
[Kerberos] Move tests based on SimpleKdc to evil-tests (#33492)
e4184bc 
We have a test dependency on Apache Mina when using SimpleKdcServer
for testing Kerberos. When checking for LDAP backend connectivity,
the code checks for deadlocks which require additional security
permissions accessClassInPackage.sun.reflect. As this is only for
test and we do not want to add security permissions to production,
this commit moves these tests and related classes to
x-pack evil-tests where they can run with security manager disabled.
The plan is to handle the security manager exception in the upstream issue
DIRMINA-1093
and then once the release is available to run these tests with security
manager enabled.

Closes #32739
@jimczi jimczi added v7.0.0-beta1 and removed v7.0.0 labels Feb 7, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jaymode jaymode jaymode approved these changes

@tvernum tvernum Awaiting requested review from tvernum

Assignees
No one assigned
Labels
:Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) >test Issues or PRs that are addressing/adding tests v6.5.0 v7.0.0-beta1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@bizybot @elasticmachine @jaymode @jimczi