cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r745655 - in /cxf/branches/2.0.x-fixes: ./ rt/transports/http/src/main/java/org/apache/cxf/transport/https/ rt/transports/http/src/test/java/org/apache/cxf/transport/http/
Date Wed, 18 Feb 2009 21:15:38 GMT
Author: dkulp
Date: Wed Feb 18 21:15:37 2009
New Revision: 745655

URL: http://svn.apache.org/viewvc?rev=745655&view=rev
Log:
Merged revisions 745604 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/branches/2.1.x-fixes

................
  r745604 | dkulp | 2009-02-18 13:43:13 -0500 (Wed, 18 Feb 2009) | 9 lines
  
  Merged revisions 745560 via svnmerge from 
  https://svn.apache.org/repos/asf/cxf/trunk
  
  ........
    r745560 | seanoc | 2009-02-18 11:28:31 -0500 (Wed, 18 Feb 2009) | 1 line
    
    Fix fox CXF-2048 (patch provided by Ron Gavlin)
  ........
................

Modified:
    cxf/branches/2.0.x-fixes/   (props changed)
    cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
    cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionInfo.java
    cxf/branches/2.0.x-fixes/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HTTPConduitURLConnectionTest.java

Propchange: cxf/branches/2.0.x-fixes/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Feb 18 21:15:37 2009
@@ -1,3 +1,3 @@
-/cxf/branches/2.1.x-fixes:673548,674485,674547,674551,674562,674601,674649,674764,674887,675644,675653,677048,677385,678004,678009,678559,678629,678808,678852,678891,678893,679248,679597,680435,681060,681165,681813,681816,682902,682951,683089,683290,683318,684099,684790-684793,684842,684862,684895-684918,685205,685253,686237,686283,686299,686333-686364,686765,686827,687097,687464-687465,689109,689112,689122,691316,691357,691491,691711,691715,691745,692162-692163,692468,692500,694466-694469,694472,694717,694748-694749,694870,695503,695509,695553,695555,695563,695875-695877,695940,695980,696436,696455,696721,697086,698129,701526,701634,702275,702443,702527,702582,702604,702610,702642-702643,702649,702760,702870,702873,702959,703193,703242,703523,704303,704587,704738,704998,705153,705280-705449,705455,709357,709641,709644,710177,710184,711736,712199,712225,712275,712600,712896,713083,713410,713413,713594,713599,713808,713901,714169-714171,718622,718929,719211,719221-719223,7192
 96,719300-719301,719303,719308,719332,719356,719363,719369-719383,719650,719695,720124,723545,724403-724404,724421,724448,724451,724486-724487,724714,725367,725371,725763,725774,726045,726048,726106,726123,726745-726746,726749,726754,726756-726758,726995,727794,727797-727798,727800,731676,731684,731686-731688,731690,733587,733873,733876,733884,733891,733893,733915,735132,735136,735789,736451,736453,736456,736761,736765,736771,736827,736853,737126,737706,737714,737716,737726,737729-737730,737732,737734,737737,737861,738167,738181,738202,738206,738208,738243,738245,738588-738594,739379,739916,739920-739921,739930,740043,740190,740195,740326,740328,740959,741153-741156,741159,741163,741190,743496,743498-743499,743501-743502,743504,743512,743516,743968,744173,744181,745593,745596,745598,745600
-/cxf/trunk:651669-686342,686344-686363,686764,686820,687096,687387,687463,688086,688102,688735,691271,691355,691488,691602,691706,691728,692116,692157,692466,692499,693653,693819,694179,694263,694417,694716,694744,694747,694869,695396,695484,695537,695552,695561,695619,695684,695835,695935,695977,696094,696433,696720,697085,698128,700261,700602,701783,701830,701862,702267,702580,702602,702609,702616,702656,702957,703191,703239,703501,704584,704997,705150,705274,705340,705446,708550,708554,709353-709354,709425,710150,712194,712198,712272,712312,712670,712893,713082,713584,713597,713804,713899,714167-714168,718281,718565,718620,718640,718665,719017,719210,719215-719218,719222,719273,719327-719354,719362,719368,719382,719649,719680,720119-720217,723338,723717-723791,724334-724371,724433-724438,724449,724481,724485,724668,724782,724795,725754,725773,725799,725839,726342,726524,726631,726637,726639,726692,726724,726992,727445,727692,727754,727792,730139,731598,731604,731615,73163
 1,731635,732320,732363,732411,732710,732773,732827,732829,733582,734666,734836,735734,736332,736343,736352,736408,736423,736491,736738,736766,736825,736852,737032,737069,737124,737237,737299,737356,737494,737498,737855,738166,738178,738201,738242,738244,739367,739799-739800,739876-739877,739922,739937,740154,740186,740197,740255,740810,740844,740886,740902,740923,741124,741152,741188,741521,741529,741879,743087,743439,743441,743459,743469,743965,743967,744175,744195,744756,745214,745243
+/cxf/branches/2.1.x-fixes:673548,674485,674547,674551,674562,674601,674649,674764,674887,675644,675653,677048,677385,678004,678009,678559,678629,678808,678852,678891,678893,679248,679597,680435,681060,681165,681813,681816,682902,682951,683089,683290,683318,684099,684790-684793,684842,684862,684895-684918,685205,685253,686237,686283,686299,686333-686364,686765,686827,687097,687464-687465,689109,689112,689122,691316,691357,691491,691711,691715,691745,692162-692163,692468,692500,694466-694469,694472,694717,694748-694749,694870,695503,695509,695553,695555,695563,695875-695877,695940,695980,696436,696455,696721,697086,698129,701526,701634,702275,702443,702527,702582,702604,702610,702642-702643,702649,702760,702870,702873,702959,703193,703242,703523,704303,704587,704738,704998,705153,705280-705449,705455,709357,709641,709644,710177,710184,711736,712199,712225,712275,712600,712896,713083,713410,713413,713594,713599,713808,713901,714169-714171,718622,718929,719211,719221-719223,7192
 96,719300-719301,719303,719308,719332,719356,719363,719369-719383,719650,719695,720124,723545,724403-724404,724421,724448,724451,724486-724487,724714,725367,725371,725763,725774,726045,726048,726106,726123,726745-726746,726749,726754,726756-726758,726995,727794,727797-727798,727800,731676,731684,731686-731688,731690,733587,733873,733876,733884,733891,733893,733915,735132,735136,735789,736451,736453,736456,736761,736765,736771,736827,736853,737126,737706,737714,737716,737726,737729-737730,737732,737734,737737,737861,738167,738181,738202,738206,738208,738243,738245,738588-738594,739379,739916,739920-739921,739930,740043,740190,740195,740326,740328,740959,741153-741156,741159,741163,741190,743496,743498-743499,743501-743502,743504,743512,743516,743968,744173,744181,745593,745596,745598,745600,745604
+/cxf/trunk:651669-686342,686344-686363,686764,686820,687096,687387,687463,688086,688102,688735,691271,691355,691488,691602,691706,691728,692116,692157,692466,692499,693653,693819,694179,694263,694417,694716,694744,694747,694869,695396,695484,695537,695552,695561,695619,695684,695835,695935,695977,696094,696433,696720,697085,698128,700261,700602,701783,701830,701862,702267,702580,702602,702609,702616,702656,702957,703191,703239,703501,704584,704997,705150,705274,705340,705446,708550,708554,709353-709354,709425,710150,712194,712198,712272,712312,712670,712893,713082,713584,713597,713804,713899,714167-714168,718281,718565,718620,718640,718665,719017,719210,719215-719218,719222,719273,719327-719354,719362,719368,719382,719649,719680,720119-720217,723338,723717-723791,724334-724371,724433-724438,724449,724481,724485,724668,724782,724795,725754,725773,725799,725839,726342,726524,726631,726637,726639,726692,726724,726992,727445,727692,727754,727792,730139,731598,731604,731615,73163
 1,731635,732320,732363,732411,732710,732773,732827,732829,733582,734666,734836,735734,736332,736343,736352,736408,736423,736491,736738,736766,736825,736852,737032,737069,737124,737237,737299,737356,737494,737498,737855,738166,738178,738201,738242,738244,739367,739799-739800,739876-739877,739922,739937,740154,740186,740197,740255,740810,740844,740886,740902,740923,741124,741152,741188,741521,741529,741879,743087,743439,743441,743459,743469,743965,743967,744175,744195,744756,745214,745243,745560
 /incubator/cxf/trunk:434594-651668

Propchange: cxf/branches/2.0.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java?rev=745655&r1=745654&r2=745655&view=diff
==============================================================================
--- cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
(original)
+++ cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionFactory.java
Wed Feb 18 21:15:37 2009
@@ -20,6 +20,8 @@
 package org.apache.cxf.transport.https;
 
 import java.io.IOException;
+import java.lang.reflect.InvocationHandler;
+import java.lang.reflect.Method;
 import java.net.HttpURLConnection;
 import java.net.Proxy;
 import java.net.URL;
@@ -57,7 +59,7 @@
     private static final long serialVersionUID = 1L;
     private static final Logger LOG =
         LogUtils.getL7dLogger(HttpsURLConnectionFactory.class);
-    
+
     /*
      *  For development and testing only
      */
@@ -88,6 +90,10 @@
      */
     SSLSocketFactory socketFactory;
 
+    private Class deprecatedSunHttpsURLConnectionClass;
+
+    private Class deprecatedSunHostnameVerifierClass;
+    
     /**
      * This constructor initialized the factory with the configured TLS
      * Client Parameters for the HTTPConduit for which this factory is used.
@@ -122,8 +128,8 @@
                     + " for HTTPS URLConnection Factory.");
         }
         
-        HttpsURLConnection connection =
-            (HttpsURLConnection) (proxy != null 
+        HttpURLConnection connection =
+            (HttpURLConnection) (proxy != null 
                                    ? url.openConnection(proxy)
                                    : url.openConnection());
                                    
@@ -150,9 +156,11 @@
     
     /**
      * This method assigns the various TLS parameters on the HttpsURLConnection
-     * from the TLS Client Parameters.
+     * from the TLS Client Parameters. Connection parameter is of supertype HttpURLConnection,

+     * which allows internal cast to potentially divergent subtype (https) implementations.
      */
-    protected synchronized void decorateWithTLS(HttpsURLConnection connection)
+    @SuppressWarnings("deprecation")
+    protected synchronized void decorateWithTLS(HttpURLConnection connection)
         throws NoSuchAlgorithmException,
                NoSuchProviderException,
                KeyManagementException {
@@ -197,12 +205,55 @@
                                                         cipherSuites,
                                                         tlsClientParameters.getSecureSocketProtocol());
         }
-        if (tlsClientParameters.isDisableCNCheck()) {
-            connection.setHostnameVerifier(CertificateHostnameVerifier.ALLOW_ALL);
+        
+        if (connection instanceof HttpsURLConnection) {
+            // handle the expected case (javax.net.ssl)
+            HttpsURLConnection conn = (HttpsURLConnection) connection;
+            if (tlsClientParameters.isDisableCNCheck()) {
+                conn.setHostnameVerifier(CertificateHostnameVerifier.ALLOW_ALL);
+            } else {
+                conn.setHostnameVerifier(CertificateHostnameVerifier.DEFAULT);
+            }
+            conn.setSSLSocketFactory(socketFactory);
         } else {
-            connection.setHostnameVerifier(CertificateHostnameVerifier.DEFAULT);
+            // handle the deprecated sun case
+            try {
+                Class connectionClass = getDeprecatedSunHttpsURLConnectionClass();
+                Class verifierClass = getDeprecatedSunHostnameVerifierClass();
+                Method setHostnameVerifier = connectionClass.getMethod("setHostnameVerifier",
verifierClass);
+                InvocationHandler handler = new InvocationHandler() {
+                    public Object invoke(Object proxy, 
+                                         Method method, 
+                                         Object[] args) throws Throwable {
+                        return true;
+                    }
+                };
+                Object proxy = java.lang.reflect.Proxy.newProxyInstance(this.getClass().getClassLoader(),
+                                                                          new Class[] {verifierClass},
+                                                                          handler);
+                setHostnameVerifier.invoke(connectionClass.cast(connection), verifierClass.cast(proxy));
+                Method setSSLSocketFactory = connectionClass.getMethod("setSSLSocketFactory",

+                                                                       SSLSocketFactory.class);
+                setSSLSocketFactory.invoke(connectionClass.cast(connection), socketFactory);
+            } catch (Exception ex) {
+                throw new IllegalArgumentException("Error decorating connection class " 
+                        + connection.getClass().getName(), ex);
+            }
+        }
+    }
+
+    private Class getDeprecatedSunHttpsURLConnectionClass() throws ClassNotFoundException
{
+        if (deprecatedSunHttpsURLConnectionClass == null) {
+            deprecatedSunHttpsURLConnectionClass = Class.forName("com.sun.net.ssl.HttpsURLConnection");
         }
-        connection.setSSLSocketFactory(socketFactory);
+        return deprecatedSunHttpsURLConnectionClass;
+    }
+
+    private Class getDeprecatedSunHostnameVerifierClass() throws ClassNotFoundException {
+        if (deprecatedSunHostnameVerifierClass == null) {
+            deprecatedSunHostnameVerifierClass = Class.forName("com.sun.net.ssl.HostnameVerifier");
+        }
+        return deprecatedSunHostnameVerifierClass;
     }
 
     /*
@@ -228,13 +279,15 @@
      * @return The HttpsURLConnectionInfo object for the given 
      *         HttpsURLConnection.
      * @throws IOException Normal IO Exceptions.
-     * @throws ClassCastException If "connection" is not an HttpsURLConnection.
+     * @throws ClassCastException If "connection" is not an HttpsURLConnection 
+     *         (or a supported subtype of HttpURLConnection)
      */
     public HttpURLConnectionInfo getConnectionInfo(
             HttpURLConnection connection
     ) throws IOException {  
-        return new HttpsURLConnectionInfo((HttpsURLConnection)connection);
+        return new HttpsURLConnectionInfo(connection);
     }
 }
 
 
+

Modified: cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionInfo.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionInfo.java?rev=745655&r1=745654&r2=745655&view=diff
==============================================================================
--- cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionInfo.java
(original)
+++ cxf/branches/2.0.x-fixes/rt/transports/http/src/main/java/org/apache/cxf/transport/https/HttpsURLConnectionInfo.java
Wed Feb 18 21:15:37 2009
@@ -20,9 +20,12 @@
 package org.apache.cxf.transport.https;
 
 import java.io.IOException;
+import java.lang.reflect.Method;
+import java.net.HttpURLConnection;
 import java.security.Principal;
 import java.security.cert.Certificate;
 
+import javax.imageio.IIOException;
 import javax.net.ssl.HttpsURLConnection;
 
 import org.apache.cxf.transport.http.HttpURLConnectionInfo;
@@ -37,47 +40,85 @@
      * This field contains the cipherSuite enabled in the 
      * HTTPS URLconnection.
      */
-    protected final String enabledCipherSuite;
+    protected String enabledCipherSuite;
     
     /**
      * This field contains the certificates that were used to
      * authenticate the connection to the peer.
      */
-    protected final Certificate[] localCertificates;
+    protected Certificate[] localCertificates;
     
     /**
      * This field contains the Principal that authenticated to the
      * peer.
      */
-    protected final Principal localPrincipal;
+    protected Principal localPrincipal;
     
     /**
      * This field contains the certificates the server presented
      * to authenticate.
      */
-    protected final Certificate[] serverCertificates;
+    protected Certificate[] serverCertificates;
     
     /**
      * This field contains the Principal that represents the 
      * authenticated peer.
      */
-    protected final Principal peerPrincipal;
+    protected Principal peerPrincipal;
+
+    private Class deprecatedSunHttpsURLConnectionOldImplClass;
     
     /**
      * This constructor is used to create the info object
-     * representing the this HttpsURLConnection.
+     * representing the this HttpsURLConnection. Connection parameter is 
+     * of supertype HttpURLConnection, which allows internal cast to 
+     * potentially divergent subtype (Https) implementations.
      */
-    HttpsURLConnectionInfo(HttpsURLConnection connection)
+    HttpsURLConnectionInfo(HttpURLConnection connection)
         throws IOException {
         super(connection);
-        
-        enabledCipherSuite = connection.getCipherSuite();
-        localCertificates  = connection.getLocalCertificates();
-        localPrincipal     = connection.getLocalPrincipal();
-        serverCertificates = connection.getServerCertificates();
-        peerPrincipal      = connection.getPeerPrincipal();
+        if (connection instanceof HttpsURLConnection) {
+            HttpsURLConnection conn = (HttpsURLConnection) connection;
+            enabledCipherSuite = conn.getCipherSuite();
+            localCertificates  = conn.getLocalCertificates();
+            localPrincipal     = conn.getLocalPrincipal();
+            serverCertificates = conn.getServerCertificates();
+            peerPrincipal      = conn.getPeerPrincipal();
+        } else {
+            Exception ex = null;
+            try {
+                Class deprecatedSunClass = getDeprecatedSunHttpsURLConnectionOldImplClass();
+                Method method = null;
+                method = deprecatedSunClass.getMethod("getCipherSuite", (Class[]) null);
+                enabledCipherSuite = (String) method.invoke(connection, (Object[]) null);
+                method = deprecatedSunClass.getMethod("getLocalCertificates", (Class[]) null);
+                localCertificates = (Certificate[]) method.invoke(connection, (Object[])
null);
+                method = deprecatedSunClass.getMethod("getServerCertificates", (Class[])
null);
+                serverCertificates = (Certificate[]) method.invoke(connection, (Object[])
null);
+                
+                //TODO Obtain localPrincipal and peerPrincipal using the com.sun.net.ssl
api
+            } catch (Exception e) {
+                ex = e;
+            } finally {
+                if (ex != null) {
+                    if (ex instanceof IOException) {
+                        throw (IOException) ex;
+                    }
+                    throw new IIOException("Error constructing HttpsURLConnectionInfo for
connection class "
+                            + connection.getClass().getName(), ex);
+                }
+            }
+        }
+    }
+
+    private Class getDeprecatedSunHttpsURLConnectionOldImplClass() throws ClassNotFoundException
{
+        if (deprecatedSunHttpsURLConnectionOldImplClass == null) {
+            deprecatedSunHttpsURLConnectionOldImplClass = 
+                    Class.forName("com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl");
+        }
+        return deprecatedSunHttpsURLConnectionOldImplClass;
     }
-
+        
     /**
      * This method returns the cipher suite employed in this
      * HttpsURLConnection.

Modified: cxf/branches/2.0.x-fixes/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HTTPConduitURLConnectionTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.0.x-fixes/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HTTPConduitURLConnectionTest.java?rev=745655&r1=745654&r2=745655&view=diff
==============================================================================
--- cxf/branches/2.0.x-fixes/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HTTPConduitURLConnectionTest.java
(original)
+++ cxf/branches/2.0.x-fixes/rt/transports/http/src/test/java/org/apache/cxf/transport/http/HTTPConduitURLConnectionTest.java
Wed Feb 18 21:15:37 2009
@@ -122,6 +122,36 @@
      */
     @Test
     public void testTLSServerParameters() throws Exception {
+        Object connection = doTestTLSServerParameters();
+        assertTrue("TLS Client Parameters should generate an HttpsURLConnection",
+                HttpsURLConnection.class.isInstance(connection));
+    }
+
+    /**
+     * This verifys that the underlying connection is an HttpsURLConnection.
+     */
+    @Test
+    public void testTLSServerParametersWithDeprecatedSunSSLProtocol() throws Exception {
+        if (!System.getProperty("java.vm.vendor").toLowerCase().contains("sun")) {
+            return;
+        }
+        String javaProtocolHandlerPkgsKey = "java.protocol.handler.pkgs";
+        String javaProtocolHandlerPkgsValue = System.getProperty(javaProtocolHandlerPkgsKey);
+        try {
+            System.setProperty(javaProtocolHandlerPkgsKey, "com.sun.net.ssl.internal.www.protocol");
+            Object connection = doTestTLSServerParameters();
+            assertTrue("TLS Client Parameters should generate an HttpsURLConnection",
+                    connection.getClass().getName().contains("HttpsURLConnection"));
+        } finally {
+            if (javaProtocolHandlerPkgsValue == null) {
+                System.clearProperty(javaProtocolHandlerPkgsKey);
+            } else {
+                System.setProperty(javaProtocolHandlerPkgsKey, javaProtocolHandlerPkgsValue);
+            }
+        }
+    }
+    
+    private Object doTestTLSServerParameters() throws Exception {
         Bus bus = new CXFBusImpl();
         EndpointInfo ei = new EndpointInfo();
         ei.setAddress("https://secure.nowhere.null/" + "bar/foo");
@@ -135,9 +165,7 @@
         // Test call
         conduit.prepare(message);
         
-        assertTrue("TLS Client Parameters should generate an HttpsURLConnection",
-                HttpsURLConnection.class.isInstance(
-                        message.get("http.connection")));
+        return message.get("http.connection");
     }
 
 



Mime
View raw message