KEYCLOAK-4148 Instantiate XMLInputFactory in singleton-like manner
This commit is contained in:
parent
32f8fd4b9f
commit
1eb0cde74f
2 changed files with 159 additions and 8 deletions
|
@ -239,15 +239,10 @@ public class StaxParserUtil {
|
|||
* @return
|
||||
*/
|
||||
public static XMLEventReader getXMLEventReader(InputStream is) {
|
||||
XMLInputFactory xmlInputFactory = null;
|
||||
XMLInputFactory xmlInputFactory;
|
||||
XMLEventReader xmlEventReader = null;
|
||||
try {
|
||||
xmlInputFactory = getXMLInputFactory();
|
||||
xmlInputFactory.setProperty(XMLInputFactory.IS_REPLACING_ENTITY_REFERENCES, Boolean.TRUE);
|
||||
xmlInputFactory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, Boolean.FALSE);
|
||||
xmlInputFactory.setProperty(XMLInputFactory.IS_NAMESPACE_AWARE, Boolean.TRUE);
|
||||
xmlInputFactory.setProperty(XMLInputFactory.IS_COALESCING, Boolean.TRUE);
|
||||
|
||||
xmlInputFactory = XML_INPUT_FACTORY.get();
|
||||
xmlEventReader = xmlInputFactory.createXMLEventReader(is);
|
||||
} catch (Exception ex) {
|
||||
throw new RuntimeException(ex);
|
||||
|
@ -518,6 +513,13 @@ public class StaxParserUtil {
|
|||
throw new RuntimeException(logger.parserExpectedEndTag("</" + tag + ">. Found </" + elementTag + ">"));
|
||||
}
|
||||
|
||||
private static final ThreadLocal<XMLInputFactory> XML_INPUT_FACTORY = new ThreadLocal<XMLInputFactory>() {
|
||||
@Override
|
||||
protected XMLInputFactory initialValue() {
|
||||
return getXMLInputFactory();
|
||||
}
|
||||
};
|
||||
|
||||
private static XMLInputFactory getXMLInputFactory() {
|
||||
boolean tccl_jaxp = SystemPropertiesUtil.getSystemProperty(GeneralConstants.TCCL_JAXP, "false")
|
||||
.equalsIgnoreCase("true");
|
||||
|
@ -526,7 +528,14 @@ public class StaxParserUtil {
|
|||
if (tccl_jaxp) {
|
||||
SecurityActions.setTCCL(StaxParserUtil.class.getClassLoader());
|
||||
}
|
||||
return XMLInputFactory.newInstance();
|
||||
XMLInputFactory xmlInputFactory = XMLInputFactory.newInstance();
|
||||
|
||||
xmlInputFactory.setProperty(XMLInputFactory.IS_REPLACING_ENTITY_REFERENCES, Boolean.TRUE);
|
||||
xmlInputFactory.setProperty(XMLInputFactory.IS_SUPPORTING_EXTERNAL_ENTITIES, Boolean.FALSE);
|
||||
xmlInputFactory.setProperty(XMLInputFactory.IS_NAMESPACE_AWARE, Boolean.TRUE);
|
||||
xmlInputFactory.setProperty(XMLInputFactory.IS_COALESCING, Boolean.TRUE);
|
||||
|
||||
return xmlInputFactory;
|
||||
} finally {
|
||||
if (tccl_jaxp) {
|
||||
SecurityActions.setTCCL(prevTCCL);
|
||||
|
|
|
@ -0,0 +1,142 @@
|
|||
/*
|
||||
* Copyright 2017 Red Hat, Inc. and/or its affiliates
|
||||
* and other contributors as indicated by the @author tags.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.keycloak.testsuite.saml;
|
||||
|
||||
import org.keycloak.dom.saml.v2.protocol.AuthnRequestType;
|
||||
import org.keycloak.protocol.saml.SamlProtocol;
|
||||
import org.keycloak.representations.idm.RealmRepresentation;
|
||||
import org.keycloak.representations.idm.UserRepresentation;
|
||||
import org.keycloak.saml.processing.api.saml.v2.request.SAML2Request;
|
||||
import org.keycloak.services.resources.RealmsResource;
|
||||
import org.keycloak.testsuite.AbstractAuthTest;
|
||||
import org.keycloak.testsuite.util.SamlClient;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.URI;
|
||||
import java.util.Collection;
|
||||
import java.util.LinkedList;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.Callable;
|
||||
import java.util.concurrent.ExecutorService;
|
||||
import java.util.concurrent.Executors;
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
import javax.ws.rs.core.UriBuilderException;
|
||||
import org.apache.http.client.methods.CloseableHttpResponse;
|
||||
import org.apache.http.client.methods.HttpUriRequest;
|
||||
import org.apache.http.client.protocol.HttpClientContext;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClientBuilder;
|
||||
import org.apache.http.util.EntityUtils;
|
||||
import org.junit.Ignore;
|
||||
import org.junit.Test;
|
||||
import org.w3c.dom.Document;
|
||||
|
||||
import static org.keycloak.testsuite.util.SamlClient.*;
|
||||
import static org.keycloak.testsuite.util.IOUtil.loadRealm;
|
||||
|
||||
/**
|
||||
*
|
||||
* @author hmlnarik
|
||||
*/
|
||||
@Ignore
|
||||
public class ConcurrentAuthnRequestTest extends AbstractAuthTest {
|
||||
|
||||
private static final String REALM_NAME = "demo";
|
||||
|
||||
private static final String SAML_ASSERTION_CONSUMER_URL_SALES_POST = "http://localhost:8080/sales-post/";
|
||||
private static final String SAML_CLIENT_ID_SALES_POST = "http://localhost:8081/sales-post/";
|
||||
|
||||
public static final int ITERATIONS = 10000;
|
||||
public static final int CONCURRENT_THREADS = 5;
|
||||
|
||||
private static void loginRepeatedly(UserRepresentation user, URI samlEndpoint,
|
||||
Document samlRequest, String relayState, Binding requestBinding) {
|
||||
CloseableHttpResponse response = null;
|
||||
SamlClient.RedirectStrategyWithSwitchableFollowRedirect strategy = new SamlClient.RedirectStrategyWithSwitchableFollowRedirect();
|
||||
ExecutorService threadPool = Executors.newFixedThreadPool(CONCURRENT_THREADS);
|
||||
|
||||
try (CloseableHttpClient client = HttpClientBuilder.create().setRedirectStrategy(strategy).build()) {
|
||||
HttpUriRequest post = requestBinding.createSamlRequest(samlEndpoint, relayState, samlRequest);
|
||||
|
||||
Collection<Callable<Void>> futures = new LinkedList<>();
|
||||
for (int i = 0; i < ITERATIONS; i ++) {
|
||||
final int j = i;
|
||||
Callable<Void> f = () -> {
|
||||
performLogin(post, samlEndpoint, relayState, samlRequest, response, client, user, strategy);
|
||||
return null;
|
||||
};
|
||||
futures.add(f);
|
||||
}
|
||||
|
||||
threadPool.invokeAll(futures);
|
||||
} catch (Exception ex) {
|
||||
throw new RuntimeException(ex);
|
||||
}
|
||||
}
|
||||
|
||||
public static void performLogin(HttpUriRequest post, URI samlEndpoint, String relayState,
|
||||
Document samlRequest, CloseableHttpResponse response, final CloseableHttpClient client,
|
||||
UserRepresentation user,
|
||||
RedirectStrategyWithSwitchableFollowRedirect strategy) {
|
||||
try {
|
||||
HttpClientContext context = HttpClientContext.create();
|
||||
response = client.execute(post, context);
|
||||
|
||||
String loginPageText = EntityUtils.toString(response.getEntity(), "UTF-8");
|
||||
response.close();
|
||||
|
||||
HttpUriRequest loginRequest = handleLoginPage(user, loginPageText);
|
||||
|
||||
strategy.setRedirectable(false);
|
||||
response = client.execute(loginRequest, context);
|
||||
response.close();
|
||||
} catch (Exception ex) {
|
||||
throw new RuntimeException(ex);
|
||||
} finally {
|
||||
if (response != null) {
|
||||
EntityUtils.consumeQuietly(response.getEntity());
|
||||
try { response.close(); } catch (IOException ex) { }
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addTestRealms(List<RealmRepresentation> testRealms) {
|
||||
testRealms.add(loadRealm("/adapter-test/keycloak-saml/testsaml.json"));
|
||||
}
|
||||
|
||||
public AuthnRequestType createLoginRequestDocument(String issuer, String assertionConsumerURL, String realmName) {
|
||||
return SamlClient.createLoginRequestDocument(issuer, assertionConsumerURL, getAuthServerSamlEndpoint(realmName));
|
||||
}
|
||||
|
||||
private URI getAuthServerSamlEndpoint(String realm) throws IllegalArgumentException, UriBuilderException {
|
||||
return RealmsResource
|
||||
.protocolUrl(UriBuilder.fromUri(getAuthServerRoot()))
|
||||
.build(realm, SamlProtocol.LOGIN_PROTOCOL);
|
||||
}
|
||||
|
||||
private void testLogin(Binding requestBinding) throws Exception {
|
||||
AuthnRequestType loginRep = createLoginRequestDocument(SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, REALM_NAME);
|
||||
Document samlRequest = SAML2Request.convert(loginRep);
|
||||
loginRepeatedly(bburkeUser, getAuthServerSamlEndpoint(REALM_NAME), samlRequest, null, requestBinding);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testConcurrentPostLogins() throws Exception {
|
||||
testLogin(Binding.POST);
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue