camel-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From davscl...@apache.org
Subject git commit: CAMEL-6453: Only get SSLSession if SSL enabled. Added unit test with client auth enabled to get the client cert from SSLSession from the Camel route on the server side.
Date Fri, 14 Jun 2013 07:33:51 GMT
Updated Branches:
  refs/heads/master 7078d8bcd -> 3c59d3f2a


CAMEL-6453: Only get SSLSession if SSL enabled. Added unit test with client auth enabled to
get the client cert from SSLSession from the Camel route on the server side.


Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/3c59d3f2
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/3c59d3f2
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/3c59d3f2

Branch: refs/heads/master
Commit: 3c59d3f2af3ca01591e08ba8e2002b7ecc75b8dc
Parents: 7078d8b
Author: Claus Ibsen <davsclaus@apache.org>
Authored: Fri Jun 14 09:32:27 2013 +0200
Committer: Claus Ibsen <davsclaus@apache.org>
Committed: Fri Jun 14 09:32:27 2013 +0200

----------------------------------------------------------------------
 .../org/apache/camel/component/netty/NettyEndpoint.java  |  7 +++++--
 .../org/apache/camel/component/netty/NettySSLTest.java   | 11 +++++++----
 2 files changed, 12 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/camel/blob/3c59d3f2/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
index 3247a34..a712b7e 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
@@ -112,8 +112,11 @@ public class NettyEndpoint extends DefaultEndpoint {
         in.setHeader(NettyConstants.NETTY_MESSAGE_EVENT, messageEvent);
         in.setHeader(NettyConstants.NETTY_REMOTE_ADDRESS, messageEvent.getRemoteAddress());
         in.setHeader(NettyConstants.NETTY_LOCAL_ADDRESS, messageEvent.getChannel().getLocalAddress());
-        // setup the SslSession header
-        in.setHeader(NettyConstants.NETTY_SSL_SESSION, getSSLSession(ctx)); 
+
+        if (configuration.isSsl()) {
+            // setup the SslSession header
+            in.setHeader(NettyConstants.NETTY_SSL_SESSION, getSSLSession(ctx));
+        }
     }
 
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/camel/blob/3c59d3f2/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
b/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
index 5196464..5670546 100644
--- a/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
+++ b/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
@@ -14,11 +14,10 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
 package org.apache.camel.component.netty;
 
 import java.io.File;
-
+import java.security.Principal;
 import javax.net.ssl.SSLSession;
 
 import org.apache.camel.Exchange;
@@ -51,12 +50,16 @@ public class NettySSLTest extends BaseNettyTest {
 
         context.addRoutes(new RouteBuilder() {
             public void configure() {
-                from("netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=changeit&keyStoreFile=#ksf&trustStoreFile=#tsf")
+                // needClientAuth=true so we can get the client certificate details
+                from("netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=changeit&keyStoreFile=#ksf&trustStoreFile=#tsf&needClientAuth=true")
                     .process(new Processor() {
                         public void process(Exchange exchange) throws Exception {
                             SSLSession session = exchange.getIn().getHeader(NettyConstants.NETTY_SSL_SESSION,
SSLSession.class);
                             if (session != null) {
-                                exchange.getOut().setBody("When You Go Home, Tell Them Of
Us And Say, For Your Tomorrow, We Gave Our Today.");  
+                                javax.security.cert.X509Certificate cert = session.getPeerCertificateChain()[0];
+                                Principal principal = cert.getSubjectDN();
+                                log.info("Client Cert SubjectDN: {}", principal.getName());
+                                exchange.getOut().setBody("When You Go Home, Tell Them Of
Us And Say, For Your Tomorrow, We Gave Our Today.");
                             } else {
                                 exchange.getOut().setBody("Cannot start conversion without
SSLSession");
                             }


Mime
View raw message