diff --git a/src/main/java/org/opensearch/security/auth/BackendRegistry.java b/src/main/java/org/opensearch/security/auth/BackendRegistry.java index c16f90fb6a..966b6433c3 100644 --- a/src/main/java/org/opensearch/security/auth/BackendRegistry.java +++ b/src/main/java/org/opensearch/security/auth/BackendRegistry.java @@ -257,6 +257,7 @@ && isBlocked(((InetSocketAddress) request.getHttpChannel().getRemoteAddress()).g final AuthCredentials ac; try { ac = httpAuthenticator.extractCredentials(request, threadContext); + System.out.println("Extracted auth creds has username " + ac.getUsername() + " and password " + ac.getPassword()); } catch (Exception e1) { if (isDebugEnabled) { log.debug("'{}' extracting credentials from {} http authenticator", e1.toString(), httpAuthenticator.getType(), e1); @@ -293,6 +294,7 @@ && isBlocked(((InetSocketAddress) request.getHttpChannel().getRemoteAddress()).g } } else { org.apache.logging.log4j.ThreadContext.put("user", ac.getUsername()); + System.out.println("Username is " + ac.getUsername()); if (!ac.isComplete()) { // credentials found in request but we need another client challenge if (httpAuthenticator.reRequestAuthentication(channel, ac)) { diff --git a/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java b/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java index 98443a2902..e97c26b3bc 100644 --- a/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java +++ b/src/main/java/org/opensearch/security/auth/internal/InternalAuthenticationBackend.java @@ -36,6 +36,7 @@ import java.util.Map.Entry; import org.bouncycastle.crypto.generators.OpenBSDBCrypt; +import org.bouncycastle.util.Strings; import org.greenrobot.eventbus.Subscribe; import org.opensearch.OpenSearchSecurityException; @@ -90,12 +91,13 @@ public boolean exists(User user) { * @return Whether the hash matches the provided password */ public boolean passwordMatchesHash(String hash, char[] array) { + System.out.println("Checking if password matches hash. Hash is: " + hash + " array is: " + array.toString() + " Match is " + OpenBSDBCrypt.checkPassword(hash, array)); return OpenBSDBCrypt.checkPassword(hash, array); } @Override public User authenticate(final AuthCredentials credentials) { - + System.out.println("Authenticating creds with name: " + credentials.getUsername() + " and password: " + credentials.getPassword()); boolean userExists; if (internalUsersModel == null) { diff --git a/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java b/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java index 24e85b1307..c58bbb63e6 100644 --- a/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java +++ b/src/main/java/org/opensearch/security/configuration/ConfigurationRepository.java @@ -80,6 +80,7 @@ import org.opensearch.security.support.ConfigHelper; import org.opensearch.security.support.SecurityUtils; import org.opensearch.threadpool.ThreadPool; +import static java.lang.Thread.sleep; import static org.opensearch.security.dlic.rest.support.Utils.hash; public class ConfigurationRepository { @@ -228,7 +229,7 @@ private ConfigurationRepository( } catch (Exception e) { LOGGER.debug("Unable to load configuration due to {}", String.valueOf(ExceptionUtils.getRootCause(e))); try { - Thread.sleep(3000); + sleep(3000); } catch (InterruptedException e1) { Thread.currentThread().interrupt(); LOGGER.debug("Thread was interrupted so we cancel initialization"); @@ -258,16 +259,11 @@ private ConfigurationRepository( } LOGGER.info("Node '{}' initialized", clusterService.localNode().getName()); - + createAdminUser(); + sleep(1000); } catch (Exception e) { LOGGER.error("Unexpected exception while initializing node " + e, e); } - - try { - createAdminUser(); - } catch (IOException | PrivilegedActionException e) { - throw new RuntimeException(e); - } }); } @@ -304,7 +300,7 @@ private void waitForSecurityIndexToBeAtLeastYellow() { response == null ? "no response" : (response.isTimedOut() ? "timeout" : "other, maybe red cluster") ); try { - Thread.sleep(500); + sleep(500); } catch (InterruptedException e) { // ignore Thread.currentThread().interrupt(); @@ -491,6 +487,7 @@ private void createAdminUser() throws IOException, PrivilegedActionException { String plaintextPassword = this.settings.get(ConfigConstants.SECURITY_BOOTSTRAP_ADMIN_DEFAULT_PASSWORD); String hashedPassword = hash(plaintextPassword.toCharArray()); + System.out.println("Providing hash for admin of: " + hashedPassword); String userJsonAsString = "{ \"hash\" : \"" + hashedPassword + "\", \"backend_roles\": [\"admin\"], " diff --git a/src/test/java/org/opensearch/security/InitializationIntegrationTests.java b/src/test/java/org/opensearch/security/InitializationIntegrationTests.java index 6c46915fa6..b968991177 100644 --- a/src/test/java/org/opensearch/security/InitializationIntegrationTests.java +++ b/src/test/java/org/opensearch/security/InitializationIntegrationTests.java @@ -294,7 +294,8 @@ public void testInvalidDefaultConfig() throws Exception { final String defaultInitDirectory = ClusterHelper.updateDefaultDirectory( new File(TEST_RESOURCE_RELATIVE_PATH + "invalid_config").getAbsolutePath() ); - final Settings settings = Settings.builder().put(ConfigConstants.SECURITY_ALLOW_DEFAULT_INIT_SECURITYINDEX, true).build(); + System.out.println("Default init dir: " + defaultInitDirectory); + final Settings settings = Settings.builder().put(ConfigConstants.SECURITY_ALLOW_DEFAULT_INIT_SECURITYINDEX, true).put(ConfigConstants.SECURITY_BOOTSTRAP_ADMIN_DEFAULT_PASSWORD, "testPassword").build(); setup(Settings.EMPTY, null, settings, false); RestHelper rh = nonSslRestHelper(); Thread.sleep(10000);