cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From egl...@apache.org
Subject svn commit: r522837 - in /incubator/cxf/trunk/rt/transports/http/src: main/java/org/apache/cxf/transport/https/SSLUtils.java test/java/org/apache/cxf/transport/http/JettyHTTPDestinationTest.java
Date Tue, 27 Mar 2007 09:30:33 GMT
Author: eglynn
Date: Tue Mar 27 02:30:32 2007
New Revision: 522837

URL: http://svn.apache.org/viewvc?view=rev&rev=522837
Log:
Fix to receiver-side SSL context retrieval logic, committed on behalf of Fred Dushin.
  

Modified:
    incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
    incubator/cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/JettyHTTPDestinationTest.java

Modified: incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
URL: http://svn.apache.org/viewvc/incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java?view=diff&rev=522837&r1=522836&r2=522837
==============================================================================
--- incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
(original)
+++ incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
Tue Mar 27 02:30:32 2007
@@ -42,8 +42,6 @@
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLPeerUnverifiedException;
-import javax.net.ssl.SSLSession;
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.TrustManagerFactory;
 import javax.servlet.http.HttpServletRequest;
@@ -66,7 +64,8 @@
     private static final String DEFAULT_TRUST_STORE_TYPE = "JKS";
     private static final String DEFAULT_SECURE_SOCKET_PROTOCOL = "TLSv1";
     private static final String CERTIFICATE_FACTORY_TYPE = "X.509";
-    private static final String SSL_SESSION_ATTRIBUTE = "javax.net.ssl.session";
+    private static final String SSL_CIPHER_SUITE_ATTRIBUTE = "javax.servlet.request.cipher_suite";
+    private static final String SSL_PEER_CERT_CHAIN_ATTRIBUTE = "javax.servlet.request.X509Certificate";
     
     private static final boolean DEFAULT_REQUIRE_CLIENT_AUTHENTICATION = false;
     private static final boolean DEFAULT_WANT_CLIENT_AUTHENTICATION = true;
@@ -549,46 +548,17 @@
      */
     public static void propogateSecureSession(HttpServletRequest request,
                                               Message message) {    
-        SSLSession session = 
-            (SSLSession) request.getAttribute(SSL_SESSION_ATTRIBUTE);
-        if (session != null) {
-            Certificate[] certs = null;
-            try {
-                certs = session.getPeerCertificates();
-            } catch (final SSLPeerUnverifiedException e) {
-                // peer has not been verified
-            }
+        final String cipherSuite = 
+            (String) request.getAttribute(SSL_CIPHER_SUITE_ATTRIBUTE);
+        if (cipherSuite != null) {
+            final Certificate[] certs = 
+                (Certificate[]) request.getAttribute(SSL_PEER_CERT_CHAIN_ATTRIBUTE);
             message.put(TLSSessionInfo.class,
-                        new TLSSessionInfo(session.getCipherSuite(),
-                                           session,
+                        new TLSSessionInfo(cipherSuite,
+                                           null,
                                            certs));
         }
     }
-
-    /**
-     * Propogate in the message a TLSSessionInfo instance representative  
-     * of the TLS-specific information in the HTTP request.
-     * 
-     * @param req the servlet request
-     * @param message the Message
-     
-    public static void propogateSecureServletSession(HttpServletRequest request,
-                                                     Message message) {
-        SSLSession session = 
-            (SSLSession) request.getAttribute(SERVLET_SSL_SESSION_ATTRIBUTE);
-        if (session != null) {
-            Certificate[] certs = null;
-            try {
-                certs = session.getPeerCertificates();
-            } catch (final SSLPeerUnverifiedException e) {
-                // peer has not been verified
-            }
-            message.put(TLSSessionInfo.class,
-                        new TLSSessionInfo(session.getCipherSuite(),
-                                           session,
-                                           certs));
-        }
-    }*/
     
     protected static void logUnSupportedPolicies(Object policy,
                                                  boolean client,

Modified: incubator/cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/JettyHTTPDestinationTest.java
URL: http://svn.apache.org/viewvc/incubator/cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/JettyHTTPDestinationTest.java?view=diff&rev=522837&r1=522836&r2=522837
==============================================================================
--- incubator/cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/JettyHTTPDestinationTest.java
(original)
+++ incubator/cxf/trunk/rt/transports/http/src/test/java/org/apache/cxf/transport/http/JettyHTTPDestinationTest.java
Tue Mar 27 02:30:32 2007
@@ -445,8 +445,12 @@
                     response.flushBuffer();
                     EasyMock.expectLastCall();                
                 }
+                request.getAttribute("javax.servlet.request.cipher_suite");
+                EasyMock.expectLastCall().andReturn("anythingwilldoreally");
                 request.getAttribute("javax.net.ssl.session");
                 EasyMock.expectLastCall().andReturn(null);
+                request.getAttribute("javax.servlet.request.X509Certificate");
+                EasyMock.expectLastCall().andReturn(null);
             }
         }
         
@@ -537,7 +541,7 @@
         assertEquals("unexpected query",
                      inMessage.get(Message.QUERY_STRING),
                      "?name");        
-        assertNull("unexpected query",
+        assertNotNull("unexpected query",
                    inMessage.get(TLSSessionInfo.class));
         verifyRequestHeaders();
                 



Mime
View raw message