Esempio n. 1
0
    def setUp(self):
        super(CompatTestCase, self).setUp()

        # FIXME(morganfainberg): Since we are running tests through the
        # controllers and some internal api drivers are SQL-only, the correct
        # approach is to ensure we have the correct backing store. The
        # credential api makes some very SQL specific assumptions that should
        # be addressed allowing for non-SQL based testing to occur.
        self.useFixture(database.Database())
        self.load_backends()

        self.load_fixtures(default_fixtures)

        # TODO(termie): add an admin user to the fixtures and use that user
        # override the fixtures, for now
        self.assignment_api.add_role_to_user_and_project(
            self.user_foo['id'], self.tenant_bar['id'], self.role_admin['id'])

        conf = self._paste_config('keystone')
        fixture = self.useFixture(appserver.AppServer(conf, appserver.MAIN))
        self.public_server = fixture.server
        fixture = self.useFixture(appserver.AppServer(conf, appserver.ADMIN))
        self.admin_server = fixture.server

        self.addCleanup(self.cleanup_instance('public_server', 'admin_server'))

        if isinstance(self.checkout_info, str):
            revdir = self.checkout_info
        else:
            revdir = tests.checkout_vendor(*self.checkout_info)
        self.add_path(revdir)
        self.clear_module('keystoneclient')
Esempio n. 2
0
    def test_2way_ssl_ok(self):
        """Make sure both public and admin API work with 2-way SSL.

        Requires client certificate.
        """
        paste_conf = self._paste_config('keystone')
        ssl_kwargs = dict(cert=CERT, key=KEY, ca=CA, cert_required=True)

        # Verify Admin
        with appserver.AppServer(paste_conf, appserver.ADMIN, **ssl_kwargs):
            conn = environment.httplib.HTTPSConnection('127.0.0.1',
                                                       CONF.admin_port, CLIENT,
                                                       CLIENT)
            conn.request('GET', '/')
            resp = conn.getresponse()
            self.assertEqual(300, resp.status)

        # Verify Public
        with appserver.AppServer(paste_conf, appserver.MAIN, **ssl_kwargs):
            conn = environment.httplib.HTTPSConnection('127.0.0.1',
                                                       CONF.public_port,
                                                       CLIENT, CLIENT)
            conn.request('GET', '/')
            resp = conn.getresponse()
            self.assertEqual(300, resp.status)
Esempio n. 3
0
    def test_ipv6_ok(self):
        """Make sure both public and admin API work with ipv6."""
        paste_conf = self._paste_config('keystone')

        # Verify Admin
        with appserver.AppServer(paste_conf, appserver.ADMIN, host="::1"):
            conn = environment.httplib.HTTPConnection('::1', CONF.admin_port)
            conn.request('GET', '/')
            resp = conn.getresponse()
            self.assertEqual(resp.status, 300)

        # Verify Public
        with appserver.AppServer(paste_conf, appserver.MAIN, host="::1"):
            conn = environment.httplib.HTTPConnection('::1', CONF.public_port)
            conn.request('GET', '/')
            resp = conn.getresponse()
            self.assertEqual(resp.status, 300)
Esempio n. 4
0
    def test_1way_ssl_with_ipv6_ok(self):
        """Make sure both public and admin API work with 1-way ipv6 & SSL."""
        self.skip_if_no_ipv6()

        paste_conf = self._paste_config('keystone')
        ssl_kwargs = dict(cert=CERT, key=KEY, ca=CA, host="::1")

        # Verify Admin
        with appserver.AppServer(paste_conf, appserver.ADMIN, **ssl_kwargs):
            conn = environment.httplib.HTTPSConnection('::1', CONF.admin_port)
            conn.request('GET', '/')
            resp = conn.getresponse()
            self.assertEqual(300, resp.status)

        # Verify Public
        with appserver.AppServer(paste_conf, appserver.MAIN, **ssl_kwargs):
            conn = environment.httplib.HTTPSConnection('::1', CONF.public_port)
            conn.request('GET', '/')
            resp = conn.getresponse()
            self.assertEqual(300, resp.status)
Esempio n. 5
0
    def test_2way_ssl_fail(self):
        """Expect to fail when client does not present proper certificate."""
        paste_conf = self._paste_config('keystone')
        ssl_kwargs = dict(cert=CERT, key=KEY, ca=CA, cert_required=True)

        # Verify Admin
        with appserver.AppServer(paste_conf, appserver.ADMIN, **ssl_kwargs):
            conn = environment.httplib.HTTPSConnection('127.0.0.1',
                                                       CONF.admin_port)
            try:
                conn.request('GET', '/')
                self.fail('Admin API shoulda failed with SSL handshake!')
            except ssl.SSLError:
                pass

        # Verify Public
        with appserver.AppServer(paste_conf, appserver.MAIN, **ssl_kwargs):
            conn = environment.httplib.HTTPSConnection('127.0.0.1',
                                                       CONF.public_port)
            try:
                conn.request('GET', '/')
                self.fail('Public API shoulda failed with SSL handshake!')
            except ssl.SSLError:
                pass