cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r987603 - in /cxf/trunk: rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/ rt/transports/http/src/main/java/org/apache/cxf/transport/https/ systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/conti...
Date Fri, 20 Aug 2010 18:57:25 GMT
Author: dkulp
Date: Fri Aug 20 18:57:25 2010
New Revision: 987603

URL: http://svn.apache.org/viewvc?rev=987603&view=rev
Log:
[CXF-1913] Implement asynchronous support for HTTPS transport in CXF Server
Change to using the new Channel SSL stuff in Jetty 7

Added:
    cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/cxf_https.xml
  (with props)
Modified:
    cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
    cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/ClientServerWrappedContinuationTest.java
    cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/jaxws-server.xml

Modified: cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java?rev=987603&r1=987602&r2=987603&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
(original)
+++ cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/https_jetty/CXFJettySslSocketConnector.java
Fri Aug 20 18:57:25 2010
@@ -19,25 +19,19 @@
 package org.apache.cxf.transport.https_jetty;
 
 
-import java.io.IOException;
-import java.net.ServerSocket;
 import java.security.SecureRandom;
-import java.util.Arrays;
 import java.util.List;
-import java.util.logging.Level;
 import java.util.logging.Logger;
 
 import javax.net.ssl.KeyManager;
 import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLServerSocket;
-import javax.net.ssl.SSLServerSocketFactory;
 import javax.net.ssl.TrustManager;
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.configuration.security.ClientAuthentication;
 import org.apache.cxf.configuration.security.FiltersType;
 import org.apache.cxf.transport.https.SSLUtils;
-import org.eclipse.jetty.server.ssl.SslSocketConnector;
+import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
 
 /**
  * This class extends the Jetty SslSocketConnector, which allows
@@ -45,7 +39,7 @@ import org.eclipse.jetty.server.ssl.SslS
  * and TrustManagers. Also, Jetty version 6.1.3 has a bug where
  * the Trust store needs a password.
  */
-public class CXFJettySslSocketConnector extends SslSocketConnector {
+public class CXFJettySslSocketConnector extends SslSelectChannelConnector {
     private static final Logger LOG = LogUtils.getL7dLogger(CXFJettySslSocketConnector.class);
   
     
     protected KeyManager[]   keyManagers;
@@ -104,27 +98,17 @@ public class CXFJettySslSocketConnector 
             }
         }
     }
-    
-    /**
-     * We create our own socket factory.
-     */
-    @Override
-    protected SSLServerSocketFactory createFactory()
-        throws Exception {
-    
+    protected SSLContext createSSLContext() throws Exception  {
         String proto = getProtocol() == null
-               ? "TLS"
-               : getProtocol();
-        
+            ? "TLS"
+                : getProtocol();
+ 
         SSLContext context = getProvider() == null
-               ? SSLContext.getInstance(proto)
-               : SSLContext.getInstance(proto, getProvider());
-
+            ? SSLContext.getInstance(proto)
+                : SSLContext.getInstance(proto, getProvider());
+            
         context.init(keyManagers, trustManagers, secureRandom);
 
-        SSLServerSocketFactory con = context.getServerSocketFactory();
-
-        
         String[] cs = 
             SSLUtils.getCiphersuites(
                     cipherSuites,
@@ -133,15 +117,7 @@ public class CXFJettySslSocketConnector 
                     LOG, true);
         
         setExcludeCipherSuites(cs);
-        return con;
-    }
-    protected ServerSocket newServerSocket(String host, int port, int backlog) throws IOException
{
-        ServerSocket sock = super.newServerSocket(host, port, backlog);
-        if (sock instanceof SSLServerSocket && LOG.isLoggable(Level.INFO)) {
-            SSLServerSocket sslSock = (SSLServerSocket)sock;
-            LOG.log(Level.INFO, "CIPHERSUITES_SET", Arrays.asList(sslSock.getEnabledCipherSuites()));
-        }
-        return sock;
+        
+        return context;
     }
-
 }

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java?rev=987603&r1=987602&r2=987603&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
Fri Aug 20 18:57:25 2010
@@ -153,7 +153,7 @@ public final class SSLUtils {
             kmf.init(ks, keyStorePassword.toCharArray());
             keystoreManagers = kmf.getKeyManagers();
             LogUtils.log(log,
-                         Level.INFO,
+                         Level.FINE,
                          "LOADED_KEYSTORE",
                          keyStoreLocation);
         } catch (Exception e) {
@@ -202,7 +202,7 @@ public final class SSLUtils {
         TrustManagerFactory tmf  = 
             TrustManagerFactory.getInstance(trustStoreMgrFactoryAlgorithm);
         tmf.init(trustedCertStore);
-        LogUtils.log(log, Level.INFO, "LOADED_TRUST_STORE", trustStoreLocation);
+        LogUtils.log(log, Level.FINE, "LOADED_TRUST_STORE", trustStoreLocation);
         trustStoreManagers = tmf.getTrustManagers();
 
         return trustStoreManagers;
@@ -255,7 +255,7 @@ public final class SSLUtils {
                 logMsg = "KEY_STORE_NOT_SET";
             }
         }
-        LogUtils.log(log, Level.INFO, logMsg, keyStoreLocation);
+        LogUtils.log(log, Level.FINE, logMsg, keyStoreLocation);
         return keyStoreLocation;
     }
     
@@ -267,7 +267,7 @@ public final class SSLUtils {
             keyStoreType = DEFAULT_KEYSTORE_TYPE;
             logMsg = "KEY_STORE_TYPE_NOT_SET";
         }
-        LogUtils.log(log, Level.INFO, logMsg, keyStoreType);
+        LogUtils.log(log, Level.FINE, logMsg, keyStoreType);
         return keyStoreType;
     }  
     
@@ -283,7 +283,7 @@ public final class SSLUtils {
                      ? "KEY_STORE_PASSWORD_SYSTEM_PROPERTY_SET"
                      : "KEY_STORE_PASSWORD_NOT_SET";
         }
-        LogUtils.log(log, Level.INFO, logMsg);
+        LogUtils.log(log, Level.FINE, logMsg);
         return keyStorePassword;        
     }
     
@@ -298,7 +298,7 @@ public final class SSLUtils {
                      ? "KEY_PASSWORD_SYSTEM_PROPERTY_SET"
                      : "KEY_PASSWORD_NOT_SET";
         }
-        LogUtils.log(log, Level.INFO, logMsg);
+        LogUtils.log(log, Level.FINE, logMsg);
         return keyPassword;
     }
 
@@ -313,7 +313,7 @@ public final class SSLUtils {
                 KeyManagerFactory.getDefaultAlgorithm();
             logMsg = "KEY_STORE_ALGORITHM_NOT_SET";
         }
-        LogUtils.log(log, Level.INFO, logMsg, keyStoreMgrFactoryAlgorithm);
+        LogUtils.log(log, Level.FINE, logMsg, keyStoreMgrFactoryAlgorithm);
         return keyStoreMgrFactoryAlgorithm;
     } 
     
@@ -328,7 +328,7 @@ public final class SSLUtils {
                 TrustManagerFactory.getDefaultAlgorithm();
             logMsg = "TRUST_STORE_ALGORITHM_NOT_SET";
         }
-        LogUtils.log(log, Level.INFO, logMsg, trustStoreMgrFactoryAlgorithm);
+        LogUtils.log(log, Level.FINE, logMsg, trustStoreMgrFactoryAlgorithm);
         return trustStoreMgrFactoryAlgorithm;
     }    
     
@@ -357,9 +357,9 @@ public final class SSLUtils {
         if (!(cipherSuitesList == null || cipherSuitesList.isEmpty())) {
             cipherSuites = getCiphersFromList(cipherSuitesList, log, exclude);
         } else {
-            LogUtils.log(log, Level.INFO, "CIPHERSUITES_NOT_SET");
+            LogUtils.log(log, Level.FINE, "CIPHERSUITES_NOT_SET");
             if (filters == null) {
-                LogUtils.log(log, Level.INFO, "CIPHERSUITE_FILTERS_NOT_SET");           
    
+                LogUtils.log(log, Level.FINE, "CIPHERSUITE_FILTERS_NOT_SET");           
    
             }
             List<String> filteredCipherSuites = new ArrayList<String>();
             List<String> excludedCipherSuites = new ArrayList<String>();
@@ -439,7 +439,7 @@ public final class SSLUtils {
                                                boolean exclude) {
         int numCipherSuites = cipherSuitesList.size();
         String[] cipherSuites = cipherSuitesList.toArray(new String[numCipherSuites]);
-        if (log.isLoggable(exclude ? Level.FINE : Level.INFO)) {
+        if (log.isLoggable(Level.FINE)) {
             StringBuilder ciphsStr = new StringBuilder();
             for (String s : cipherSuites) {
                 if (ciphsStr.length() != 0) {
@@ -447,7 +447,7 @@ public final class SSLUtils {
                 }
                 ciphsStr.append(s);
             }
-            LogUtils.log(log, exclude ? Level.FINE : Level.INFO, 
+            LogUtils.log(log, Level.FINE, 
                 exclude ? "CIPHERSUITES_EXCLUDED" : "CIPHERSUITES_SET", ciphsStr.toString());
           
         }
         return cipherSuites;
@@ -467,7 +467,7 @@ public final class SSLUtils {
                 logMsg = "TRUST_STORE_NOT_SET";
             }
         }
-        LogUtils.log(log, Level.INFO, logMsg, trustStoreLocation);
+        LogUtils.log(log, Level.FINE, logMsg, trustStoreLocation);
         return trustStoreLocation;
     }
     
@@ -480,7 +480,7 @@ public final class SSLUtils {
             trustStoreType = DEFAULT_TRUST_STORE_TYPE;
             logMsg = "TRUST_STORE_TYPE_NOT_SET";
         }
-        LogUtils.log(log, Level.INFO, logMsg, trustStoreType);
+        LogUtils.log(log, Level.FINE, logMsg, trustStoreType);
         return trustStoreType;
     }
     
@@ -488,11 +488,11 @@ public final class SSLUtils {
                                                  Logger log) {
         if (secureSocketProtocol != null) {
             LogUtils.log(log,
-                         Level.INFO,
+                         Level.FINE,
                          "SECURE_SOCKET_PROTOCOL_SET",
                          secureSocketProtocol);
         } else {
-            LogUtils.log(log, Level.INFO, "SECURE_SOCKET_PROTOCOL_NOT_SET");
+            LogUtils.log(log, Level.FINE, "SECURE_SOCKET_PROTOCOL_NOT_SET");
             secureSocketProtocol = DEFAULT_SECURE_SOCKET_PROTOCOL;
         }
         return secureSocketProtocol;
@@ -508,7 +508,7 @@ public final class SSLUtils {
             requireClientAuthentication =
                 isRequireClientAuthentication.booleanValue();
             LogUtils.log(log,
-                         Level.INFO,
+                         Level.FINE,
                          "REQUIRE_CLIENT_AUTHENTICATION_SET", 
                          requireClientAuthentication);
         } else {
@@ -529,7 +529,7 @@ public final class SSLUtils {
             wantClientAuthentication =
                 isWantClientAuthentication.booleanValue();
             LogUtils.log(log,
-                         Level.INFO,
+                         Level.FINE,
                          "WANT_CLIENT_AUTHENTICATION_SET", 
                          wantClientAuthentication);
         } else {

Modified: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/ClientServerWrappedContinuationTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/ClientServerWrappedContinuationTest.java?rev=987603&r1=987602&r2=987603&view=diff
==============================================================================
--- cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/ClientServerWrappedContinuationTest.java
(original)
+++ cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/ClientServerWrappedContinuationTest.java
Fri Aug 20 18:57:25 2010
@@ -38,9 +38,12 @@ import org.junit.Test;
 
 public class ClientServerWrappedContinuationTest extends AbstractClientServerTestBase {
     public static final String PORT = allocatePort(Server.class);
+    public static final String HTTPS_PORT = allocatePort(Server.class, 1);
     
     private static final String CLIENT_CONFIG_FILE =
         "org/apache/cxf/systest/http_jetty/continuations/cxf.xml";
+    private static final String CLIENT_HTTPS_CONFIG_FILE =
+        "org/apache/cxf/systest/http_jetty/continuations/cxf_https.xml";
     private static final String SERVER_CONFIG_FILE =
         "org/apache/cxf/systest/http_jetty/continuations/jaxws-server.xml";
     
@@ -54,6 +57,8 @@ public class ClientServerWrappedContinua
             Object implementor = new HelloImplWithWrapppedContinuation();
             String address = "http://localhost:" + PORT + "/hellocontinuation";
             Endpoint.publish(address, implementor);
+            address = "https://localhost:" + HTTPS_PORT + "/securecontinuation";
+            Endpoint.publish(address, implementor);
         }
 
         public static void main(String[] args) {
@@ -87,7 +92,26 @@ public class ClientServerWrappedContinua
         HelloContinuationService service = new HelloContinuationService(wsdlURL, serviceName);
         assertNotNull(service);
         final HelloContinuation helloPort = service.getHelloContinuationPort();
+        doTest(helloPort);
+    }
+        
+    @Test
+    public void testHttpsWrappedContinuations() throws Exception {
+        SpringBusFactory bf = new SpringBusFactory();
+        Bus bus = bf.createBus(CLIENT_HTTPS_CONFIG_FILE);
+        BusFactory.setDefaultBus(bus);
+        
+        QName serviceName = new QName("http://cxf.apache.org/systest/jaxws", "HelloContinuationService");
+        
+        URL wsdlURL = new URL("https://localhost:" + HTTPS_PORT + "/securecontinuation?wsdl");
         
+        HelloContinuationService service = new HelloContinuationService(wsdlURL, serviceName);
+        assertNotNull(service);
+        final HelloContinuation helloPort = service.getHelloContinuationPort();
+        doTest(helloPort);
+    }
+
+    private void doTest(final HelloContinuation helloPort) throws Exception {
         ThreadPoolExecutor executor = new ThreadPoolExecutor(10, 10, 0, TimeUnit.SECONDS,
                                                              new ArrayBlockingQueue<Runnable>(6));
         CountDownLatch startSignal = new CountDownLatch(1);

Added: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/cxf_https.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/cxf_https.xml?rev=987603&view=auto
==============================================================================
--- cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/cxf_https.xml
(added)
+++ cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/cxf_https.xml
Fri Aug 20 18:57:25 2010
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:http="http://cxf.apache.org/transports/http/configuration"
+       xmlns:jaxws="http://cxf.apache.org/jaxws"
+       xmlns:sec="http://cxf.apache.org/configuration/security"
+       xsi:schemaLocation="
+        http://www.springframework.org/schema/beans                 http://www.springframework.org/schema/beans/spring-beans.xsd
+        http://cxf.apache.org/transports/http/configuration         http://cxf.apache.org/schemas/configuration/http-conf.xsd
+        http://cxf.apache.org/transports/http-jetty/configuration   http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+        http://cxf.apache.org/configuration/security                http://cxf.apache.org/schemas/configuration/security.xsd
+">
+    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+
+    <!-- -->
+    <!-- HTTP/S configuration for clients -->
+    <!-- -->
+    <http:conduit name="https://localhost:.*">
+        <http:client ConnectionTimeout="3000000" ReceiveTimeout="3000000"/>
+        <http:tlsClientParameters disableCNCheck="true">
+            <sec:keyManagers keyPassword="password">
+               <sec:keyStore type="JKS" password="password" 
+                    file="src/test/java/org/apache/cxf/systest/http/resources/Morpit.jks"/>
+               </sec:keyManagers>
+            <sec:trustManagers>
+               <sec:keyStore type="JKS" password="password"
+                   file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
+            </sec:trustManagers>
+        </http:tlsClientParameters>
+    </http:conduit>
+</beans>

Propchange: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/cxf_https.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/cxf_https.xml
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Propchange: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/cxf_https.xml
------------------------------------------------------------------------------
    svn:mime-type = text/xml

Modified: cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/jaxws-server.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/jaxws-server.xml?rev=987603&r1=987602&r2=987603&view=diff
==============================================================================
--- cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/jaxws-server.xml
(original)
+++ cxf/trunk/systests/transports/src/test/java/org/apache/cxf/systest/http_jetty/continuations/jaxws-server.xml
Fri Aug 20 18:57:25 2010
@@ -28,6 +28,7 @@ under the License.
         http://cxf.apache.org/transports/http-jetty/configuration   http://cxf.apache.org/schemas/configuration/http-jetty.xsd
         http://cxf.apache.org/configuration/security                http://cxf.apache.org/schemas/configuration/security.xsd
         ">
+    <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
 
     <!-- -->
     <!-- This Spring config file is designed to represent a minimal -->
@@ -44,8 +45,8 @@ under the License.
     <!-- -->
     <!-- TLS Port configuration parameters for port 9091 -->
     <!-- -->
-    <httpj:engine-factory id="port-9091-tls-config">
-        <httpj:engine port="9091">
+    <httpj:engine-factory>
+        <httpj:engine port="${testutil.ports.Server.1}">
             <httpj:tlsServerParameters>
                <sec:keyManagers keyPassword="password">
 	           <sec:keyStore type="JKS" password="password" 
@@ -59,21 +60,6 @@ under the License.
         </httpj:engine>
     </httpj:engine-factory>
 
-    <!-- -->
-    <!-- HTTP/S configuration for clients -->
-    <!-- -->
-    <http:conduit name="{http://cxf.apache.org/systest/jaxws}HelloContinuationPort.http-conduit">
-        <http:client ConnectionTimeout="3000000" ReceiveTimeout="3000000"/>
-        <http:tlsClientParameters disableCNCheck="true">
-            <sec:keyManagers keyPassword="password">
-	           <sec:keyStore type="JKS" password="password" 
-	                file="src/test/java/org/apache/cxf/systest/http/resources/Morpit.jks"/>
-	           </sec:keyManagers>
-	        <sec:trustManagers>
-	           <sec:keyStore type="JKS" password="password"
-	               file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
-	        </sec:trustManagers>
-        </http:tlsClientParameters>
-    </http:conduit>
+
 
 </beans>
\ No newline at end of file



Mime
View raw message