support client security root directory

src/main/java/org/terracotta/tinypounder/CacheManagerBusiness.java

@@ -34,7 +34,7 @@ public interface CacheManagerBusiness {
 
   String retrieveHumanReadableConfiguration();
 
-  void initializeCacheManager(String terracottaServerUrl, String cmName, String tinyPounderDiskPersistenceLocation, String defaultOffheapResource, String diskResource);
+  void initializeCacheManager(String terracottaServerUrl, String cmName, String tinyPounderDiskPersistenceLocation, String defaultOffheapResource, String diskResource, String securityPath);
 
   boolean isCacheManagerAlive();
 

src/main/java/org/terracotta/tinypounder/CacheManagerBusinessReflectionImpl.java

@@ -17,6 +17,8 @@
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import static org.terracotta.tinypounder.CacheConfiguration.ClusterTierType.DEDICATED;
+import static org.terracotta.tinypounder.CacheConfiguration.ClusterTierType.SHARED;
 
 import java.io.File;
 import java.io.IOException;
@@ -41,9 +43,6 @@
 import java.util.concurrent.TimeUnit;
 import java.util.stream.IntStream;
 
-import static org.terracotta.tinypounder.CacheConfiguration.ClusterTierType.DEDICATED;
-import static org.terracotta.tinypounder.CacheConfiguration.ClusterTierType.SHARED;
-
 @Service
 public class CacheManagerBusinessReflectionImpl implements CacheManagerBusiness {
 
@@ -238,13 +237,13 @@ public String retrieveHumanReadableConfiguration() {
   }
 
   @Override
-  public void initializeCacheManager(String terracottaServerUrl, String cmName, String diskPersistenceLocation, String defaultOffheapResource, String serverDiskResource) {
+  public void initializeCacheManager(String terracottaServerUrl, String cmName, String diskPersistenceLocation, String defaultOffheapResource, String serverDiskResource, String securityPath) {
     try {
       Thread.currentThread().setContextClassLoader(kitAwareClassLoaderDelegator.getUrlClassLoader());
       Object clusteringServiceConfigurationBuilder;
       if (terracottaServerUrl != null) {
         URI clusterUri = URI.create("terracotta://" + terracottaServerUrl + "/" + cmName);
-        clusteringServiceConfigurationBuilder = constructClusteringServiceConfigurationBuilder(cmName, clusterUri, kitAwareClassLoaderDelegator.isEEKit(), defaultOffheapResource, serverDiskResource);
+        clusteringServiceConfigurationBuilder = constructClusteringServiceConfigurationBuilder(cmName, clusterUri, kitAwareClassLoaderDelegator.isEEKit(), defaultOffheapResource, serverDiskResource, securityPath);
       } else {
         clusteringServiceConfigurationBuilder = null;
       }
@@ -329,7 +328,7 @@ private Object constructCacheManagerBuilder(Object enterpriseClusteringServiceCo
     return buildMethod.invoke(cacheManagerBuilder);
   }
 
-  private Object constructClusteringServiceConfigurationBuilder(String clusterTierManagerName, URI clusterUri, boolean eeKit, String defaultOffheapResource, String serverDiskResource) throws IllegalAccessException, InvocationTargetException, ClassNotFoundException, NoSuchMethodException {
+  private Object constructClusteringServiceConfigurationBuilder(String clusterTierManagerName, URI clusterUri, boolean eeKit, String defaultOffheapResource, String serverDiskResource, String securityPath) throws IllegalAccessException, InvocationTargetException, ClassNotFoundException, NoSuchMethodException {
 
     Class<?> memoryUnitClass = loadClass("org.ehcache.config.units.MemoryUnit");
     Method valueOfMethod = memoryUnitClass.getMethod("valueOf", String.class);
@@ -351,16 +350,23 @@ private Object constructClusteringServiceConfigurationBuilder(String clusterTier
 
 
       Class<?> enterpriseClusteringServiceConfigurationBuilderClass = loadClass("com.terracottatech.ehcache.clustered.client.config.builders.EnterpriseClusteringServiceConfigurationBuilder");
-      Method enterpriseClusterMethod = enterpriseClusteringServiceConfigurationBuilderClass.getMethod("enterpriseCluster", URI.class);
+
 
       Method autoCreateMethod = enterpriseClusteringServiceConfigurationBuilderClass.getMethod("autoCreate");
       Method defaultServerResourceMethod = enterpriseServerSideConfigurationBuilderClass.getMethod("defaultServerResource", String.class);
       Method resourcePoolMethod4 = enterpriseServerSideConfigurationBuilderClass.getMethod("resourcePool", String.class, long.class, memoryUnitClass, String.class);
       Method resourcePoolMethod3 = enterpriseServerSideConfigurationBuilderClass.getMethod("resourcePool", String.class, long.class, memoryUnitClass);
       Method restartableMethod = enterpriseServerSideConfigurationBuilderClass.getMethod("restartable", String.class);
 
+      Object enterpriseClusteringServiceConfigurationBuilder;
+      if (securityPath != null) {
+        Method enterpriseClusterMethod = enterpriseClusteringServiceConfigurationBuilderClass.getMethod("enterpriseSecureCluster", URI.class, Path.class);
+        enterpriseClusteringServiceConfigurationBuilder = enterpriseClusterMethod.invoke(null, clusterUri.resolve(clusterTierManagerName), Paths.get(securityPath));
+      } else {
+        Method enterpriseClusterMethod = enterpriseClusteringServiceConfigurationBuilderClass.getMethod("enterpriseCluster", URI.class);
+        enterpriseClusteringServiceConfigurationBuilder = enterpriseClusterMethod.invoke(null, clusterUri.resolve(clusterTierManagerName));
+      }
 
-      Object enterpriseClusteringServiceConfigurationBuilder = enterpriseClusterMethod.invoke(null, clusterUri.resolve(clusterTierManagerName));
       if (timeoutsClass != null && timeoutsInstance != null) {
         Method timeoutsMethod = enterpriseClusteringServiceConfigurationBuilderClass.getMethod("timeouts", timeoutsClass);
         enterpriseClusteringServiceConfigurationBuilder = timeoutsMethod.invoke(enterpriseClusteringServiceConfigurationBuilder, timeoutsInstance);

src/main/java/org/terracotta/tinypounder/DatasetManagerBusinessReflectionImpl.java

@@ -9,6 +9,8 @@
 import java.lang.reflect.Method;
 import java.math.BigInteger;
 import java.net.URI;
+import java.nio.file.Path;
+import java.nio.file.Paths;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
@@ -401,17 +403,22 @@ public String getStatus() {
     return "AVAILABLE";
   }
 
-  public void initializeDatasetManager(String terracottaServerUrl) {
+  public void initializeDatasetManager(String terracottaServerUrl, String securityPath) {
     try {
       Thread.currentThread().setContextClassLoader(kitAwareClassLoaderDelegator.getUrlClassLoader());
       initCommonObjectsAndClasses();
       if (terracottaServerUrl != null) {
         URI clusterUri = URI.create("terracotta://" + terracottaServerUrl);
 
-        // DatasetManager.clustered(URI.create(uri)).build()
         datasetManagerClass = loadClass("com.terracottatech.store.manager.DatasetManager");
-        Method clusteredMethod = datasetManagerClass.getMethod("clustered", URI.class);
-        Object clusteredDatasetManagerBuilder = clusteredMethod.invoke(null, clusterUri);
+        Object clusteredDatasetManagerBuilder;
+        if (securityPath != null) {
+          Method clusteredMethod = datasetManagerClass.getMethod("secureClustered", URI.class, Path.class);
+          clusteredDatasetManagerBuilder = clusteredMethod.invoke(null, clusterUri, Paths.get(securityPath));
+        } else {
+          Method clusteredMethod = datasetManagerClass.getMethod("clustered", URI.class);
+          clusteredDatasetManagerBuilder = clusteredMethod.invoke(null, clusterUri);
+        }
 
         Class<?> clusteredDatasetManagerBuilderClass = loadClass("com.terracottatech.store.client.builder.datasetmanager.clustered.ClusteredDatasetManagerBuilderImpl");
 

src/main/java/org/terracotta/tinypounder/KitAwareClassLoaderDelegator.java

@@ -30,6 +30,7 @@
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.security.MessageDigest;
+import java.util.Arrays;
 import java.util.LinkedHashMap;
 import java.util.Map;
 
@@ -134,7 +135,18 @@ public boolean isEEKit() {
     }
   }
 
-  public void setKitPath(String kitPath) {
+  public boolean verifySecurityPath(String securityPath) {
+    if (securityPath != null && !securityPath.isEmpty()) {
+      Path path = Paths.get(securityPath);
+      File securityDirectory = path.toFile();
+      return securityDirectory.exists()
+          && securityDirectory.isDirectory()
+          && Arrays.stream(securityDirectory.list()).anyMatch(s -> s.contains("access-control") || s.contains("identity") || s.contains("trusted-authority"));
+    }
+    return false;
+  }
+
+  public void setAndVerifyKitPathAndClassLoader(String kitPath) {
     settings.setKitPath(kitPath);
     if (kitPath != null && !kitPath.isEmpty()) {
       try {

src/main/java/org/terracotta/tinypounder/Settings.java

@@ -23,8 +23,11 @@ public class Settings {
   @Value("${kitPath}")
   private String kitPath;
 
-  @Value("${securityPath}")
-  private String securityPath;
+  @Value("${serverSecurityPath}")
+  private String serverSecurityPath;
+
+  @Value("${clientSecurityPath}")
+  private String clientSecurityPath;
 
   @Value("${licensePath}")
   private String licensePath;
@@ -58,12 +61,22 @@ public void load() {
       }
     }
     // always prefer system props over saved config
-    if (securityPath == null || securityPath.isEmpty()) {
-      securityPath = properties.getProperty("securityPath");
-      if (securityPath != null) {
-        File folder = new File(securityPath);
+    if (serverSecurityPath == null || serverSecurityPath.isEmpty()) {
+      serverSecurityPath = properties.getProperty("serverSecurityPath");
+      if (serverSecurityPath != null) {
+        File folder = new File(serverSecurityPath);
+        if (!folder.exists() || !folder.isDirectory()) {
+          serverSecurityPath = null;
+        }
+      }
+    }
+
+    if (clientSecurityPath == null || clientSecurityPath.isEmpty()) {
+      clientSecurityPath = properties.getProperty("clientSecurityPath");
+      if (clientSecurityPath != null) {
+        File folder = new File(clientSecurityPath);
         if (!folder.exists() || !folder.isDirectory()) {
-          securityPath = null;
+          clientSecurityPath = null;
         }
       }
     }
@@ -124,8 +137,11 @@ public void save() {
     if (kitPath != null) {
       properties.setProperty("kitPath", kitPath);
     }
-    if (securityPath != null) {
-      properties.setProperty("securityPath", securityPath);
+    if (serverSecurityPath != null) {
+      properties.setProperty("serverSecurityPath", serverSecurityPath);
+    }
+    if (clientSecurityPath != null) {
+      properties.setProperty("clientSecurityPath", clientSecurityPath);
     }
     if (licensePath != null) {
       properties.setProperty("licensePath", licensePath);
@@ -152,12 +168,20 @@ public void save() {
     }
   }
 
-  public String getSecurityPath() {
-    return securityPath;
+  public String getServerSecurityPath() {
+    return serverSecurityPath;
+  }
+
+  public void setServerSecurityPath(String serverSecurityPath) {
+    this.serverSecurityPath = serverSecurityPath;
+  }
+
+  public String getClientSecurityPath() {
+    return clientSecurityPath;
   }
 
-  public void setSecurityPath(String securityPath) {
-    this.securityPath = securityPath;
+  public void setClientSecurityPath(String clientSecurityPath) {
+    this.clientSecurityPath = clientSecurityPath;
   }
 
   public String getKitPath() {