cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a.@apache.org
Subject svn commit: r1363882 - in /cxf/branches/2.6.x-fixes: ./ api/src/main/java/org/apache/cxf/configuration/jsse/ rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/ systests/transports/src/test/java/org/apache/cxf/systest/htt...
Date Fri, 20 Jul 2012 18:05:05 GMT
Author: ay
Date: Fri Jul 20 18:05:05 2012
New Revision: 1363882

URL: http://svn.apache.org/viewvc?rev=1363882&view=rev
Log:
Merged revisions 1363879 via  svn merge from
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1363879 | ay | 2012-07-20 19:37:18 +0200 (Fri, 20 Jul 2012) | 1 line
  
  [CXF-4438] more flexibility in configuring tlsServerParameters in spring and blueprint
........

Modified:
    cxf/branches/2.6.x-fixes/   (props changed)
    cxf/branches/2.6.x-fixes/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
    cxf/branches/2.6.x-fixes/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettyHTTPServerEngineBeanDefinitionParser.java
    cxf/branches/2.6.x-fixes/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPSClientTest.java
    cxf/branches/2.6.x-fixes/systests/transports/src/test/java/org/apache/cxf/systest/http/resources/jaxws-tlsrefs-publish.xml

Propchange: cxf/branches/2.6.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.6.x-fixes/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java?rev=1363882&r1=1363881&r2=1363882&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
(original)
+++ cxf/branches/2.6.x-fixes/api/src/main/java/org/apache/cxf/configuration/jsse/TLSServerParametersConfig.java
Fri Jul 20 18:05:05 2012
@@ -21,6 +21,9 @@ package org.apache.cxf.configuration.jss
 import java.io.IOException;
 import java.security.GeneralSecurityException;
 
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.TrustManager;
+
 import org.apache.cxf.common.injection.NoJSR250Annotations;
 import org.apache.cxf.configuration.security.TLSServerParametersType;
 
@@ -36,6 +39,12 @@ public class TLSServerParametersConfig 
     public TLSServerParametersConfig(TLSServerParametersType params) 
         throws GeneralSecurityException,
                IOException {
+        
+        TLSServerParametersTypeInternal iparams = null;
+        if (params instanceof TLSServerParametersTypeInternal) {
+            iparams = (TLSServerParametersTypeInternal)params;
+        }
+        
         if (params.isSetSecureSocketProtocol()) {
             this.setSecureSocketProtocol(params.getSecureSocketProtocol());
         }
@@ -71,5 +80,42 @@ public class TLSServerParametersConfig 
         if (params.isSetCertAlias()) {
             this.setCertAlias(params.getCertAlias());
         }
+        if (iparams != null && iparams.isSetKeyManagersRef()) {
+            this.setKeyManagers(iparams.getKeyManagersRef());
+        }
+        if (iparams != null && iparams.isSetTrustManagersRef()) {
+            this.setTrustManagers(iparams.getTrustManagersRef());
+        }
+    }
+
+    public static class TLSServerParametersTypeInternal extends TLSServerParametersType {
+        private KeyManager[] keyManagersRef;
+        private TrustManager[] trustManagersRef;
+
+        public KeyManager[] getKeyManagersRef() {
+            return keyManagersRef;
+        }
+
+        public void setKeyManagersRef(KeyManager[] keyManagersRef) {
+            this.keyManagersRef = keyManagersRef;
+        }
+        
+        public boolean isSetKeyManagersRef() {
+            return this.keyManagersRef != null;
+        }
+
+        public TrustManager[] getTrustManagersRef() {
+            return trustManagersRef;
+        }
+
+        public void setTrustManagersRef(TrustManager[] trustManagersRef) {
+            this.trustManagersRef = trustManagersRef;
+        }
+        
+        public boolean isSetTrustManagersRef() {
+            return this.trustManagersRef != null;
+        }
+
     }
+    
 }

Modified: cxf/branches/2.6.x-fixes/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettyHTTPServerEngineBeanDefinitionParser.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettyHTTPServerEngineBeanDefinitionParser.java?rev=1363882&r1=1363881&r2=1363882&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettyHTTPServerEngineBeanDefinitionParser.java
(original)
+++ cxf/branches/2.6.x-fixes/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/spring/JettyHTTPServerEngineBeanDefinitionParser.java
Fri Jul 20 18:05:05 2012
@@ -27,13 +27,23 @@ import java.util.List;
 import javax.annotation.PostConstruct;
 import javax.xml.bind.JAXBContext;
 
+import org.w3c.dom.Attr;
 import org.w3c.dom.Element;
+import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
 
 import org.apache.cxf.Bus;
 import org.apache.cxf.bus.spring.BusWiringBeanFactoryPostProcessor;
 import org.apache.cxf.common.injection.NoJSR250Annotations;
 import org.apache.cxf.configuration.jsse.TLSServerParametersConfig;
+import org.apache.cxf.configuration.security.CertificateConstraintsType;
+import org.apache.cxf.configuration.security.CipherSuites;
+import org.apache.cxf.configuration.security.ClientAuthentication;
+import org.apache.cxf.configuration.security.FiltersType;
+import org.apache.cxf.configuration.security.KeyManagersType;
+import org.apache.cxf.configuration.security.SecureRandomParameters;
 import org.apache.cxf.configuration.security.TLSServerParametersType;
+import org.apache.cxf.configuration.security.TrustManagersType;
 import org.apache.cxf.configuration.spring.AbstractBeanDefinitionParser;
 import org.apache.cxf.helpers.DOMUtils;
 import org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine;
@@ -55,6 +65,8 @@ import org.springframework.context.Appli
 
 
 public class JettyHTTPServerEngineBeanDefinitionParser extends AbstractBeanDefinitionParser
{
+    private static final String SECURITY_NS =
+        "http://cxf.apache.org/configuration/security";
 
     public void doParse(Element element, ParserContext ctx, BeanDefinitionBuilder bean) {
         
@@ -89,12 +101,7 @@ public class JettyHTTPServerEngineBeanDe
             while (elem != null) {
                 String name = elem.getLocalName();
                 if ("tlsServerParameters".equals(name)) {
-                    mapElementToJaxbPropertyFactory(elem,
-                                                    bean,
-                                                    "tlsServerParameters",
-                                                    TLSServerParametersType.class,
-                                                    JettyHTTPServerEngineBeanDefinitionParser.class,
-                                                    "createTLSServerParametersConfig");
+                    mapTLSServerParameters(elem, bean);
                 } else if ("threadingParameters".equals(name)) {
                     mapElementToJaxbPropertyFactory(elem,
                                                     bean,
@@ -140,6 +147,76 @@ public class JettyHTTPServerEngineBeanDe
         bean.setLazyInit(false);
     }
     
+    private void mapTLSServerParameters(Element e, BeanDefinitionBuilder bean) {
+        BeanDefinitionBuilder paramsbean 
+            = BeanDefinitionBuilder.rootBeanDefinition(TLSServerParametersConfig.TLSServerParametersTypeInternal.class);
+        
+        // read the attributes
+        NamedNodeMap as = e.getAttributes();
+        for (int i = 0; i < as.getLength(); i++) {
+            Attr a = (Attr) as.item(i);
+            if (a.getNamespaceURI() == null) {
+                String aname = a.getLocalName();
+                if ("jsseProvider".equals(aname) 
+                    || "secureSocketProtocol".equals(aname)) {
+                    paramsbean.addPropertyValue(aname, a.getValue());
+                }
+            }
+        }
+        
+        // read the child elements
+        Node n = e.getFirstChild();
+        while (n != null) {
+            if (Node.ELEMENT_NODE != n.getNodeType() 
+                || !SECURITY_NS.equals(n.getNamespaceURI())) {
+                n = n.getNextSibling();
+                continue;
+            }
+            String ename = n.getLocalName();
+            // Schema should require that no more than one each of these exist.
+            String ref = ((Element)n).getAttribute("ref");
+
+            if ("keyManagers".equals(ename)) {
+                if (ref != null && ref.length() > 0) {
+                    paramsbean.addPropertyReference("keyManagersRef", ref);
+                } else {
+                    mapElementToJaxbProperty((Element)n, paramsbean, ename, 
+                                             KeyManagersType.class);
+                }
+            } else if ("trustManagers".equals(ename)) {
+                if (ref != null && ref.length() > 0) {
+                    paramsbean.addPropertyReference("trustManagersRef", ref);
+                } else {
+                    mapElementToJaxbProperty((Element)n, paramsbean, ename, 
+                                             TrustManagersType.class);
+                }
+            } else if ("cipherSuites".equals(ename)) {
+                mapElementToJaxbProperty((Element)n, paramsbean, ename,
+                                         CipherSuites.class);
+            } else if ("cipherSuitesFilter".equals(ename)) {
+                mapElementToJaxbProperty((Element)n, paramsbean, ename,
+                                         FiltersType.class);
+            } else if ("secureRandomParameters".equals(ename)) {
+                mapElementToJaxbProperty((Element)n, paramsbean, ename,
+                                         SecureRandomParameters.class);
+            } else if ("clientAuthentication".equals(ename)) {
+                mapElementToJaxbProperty((Element)n, paramsbean, ename,
+                                         ClientAuthentication.class);
+            } else if ("certConstraints".equals(ename)) {
+                mapElementToJaxbProperty((Element)n, paramsbean, ename,
+                                         CertificateConstraintsType.class);
+            } else if ("certAlias".equals(ename)) {
+                paramsbean.addPropertyValue(ename, n.getTextContent());
+            }
+            n = n.getNextSibling();
+        }
+
+        BeanDefinitionBuilder jaxbbean 
+            = BeanDefinitionBuilder.rootBeanDefinition(TLSServerParametersConfig.class);
+        jaxbbean.addConstructorArg(paramsbean.getBeanDefinition());
+        bean.addPropertyValue("tlsServerParameters", jaxbbean.getBeanDefinition());
+    }
+
     private static ThreadingParameters toThreadingParameters(
                                     ThreadingParametersType paramtype) {
         ThreadingParameters params = new ThreadingParameters();

Modified: cxf/branches/2.6.x-fixes/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPSClientTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPSClientTest.java?rev=1363882&r1=1363881&r2=1363882&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPSClientTest.java
(original)
+++ cxf/branches/2.6.x-fixes/systests/transports/src/test/java/org/apache/cxf/systest/http/HTTPSClientTest.java
Fri Jul 20 18:05:05 2012
@@ -174,7 +174,7 @@ public class HTTPSClientTest extends Abs
         
     }
     
-    public static class ClientManagersFactory {
+    public static class ServerManagersFactory {
         public static KeyManager[] getKeyManagers() {
             KeyManagersType kmt = new KeyManagersType();
             KeyStoreType kst = new KeyStoreType();
@@ -206,4 +206,37 @@ public class HTTPSClientTest extends Abs
             }
         }
     }
+
+    public static class ClientManagersFactory {
+        public static KeyManager[] getKeyManagers() {
+            KeyManagersType kmt = new KeyManagersType();
+            KeyStoreType kst = new KeyStoreType();
+            kst.setFile("src/test/java/org/apache/cxf/systest/http/resources/Morpit.jks");
+            kst.setPassword("password");
+            kst.setType("JKS");
+        
+            kmt.setKeyStore(kst);
+            kmt.setKeyPassword("password");
+            try {
+                return TLSParameterJaxBUtils.getKeyManagers(kmt);
+            } catch (Exception e) {
+                throw new RuntimeException("failed to retrieve key managers", e);
+            }
+        }
+    
+        public static TrustManager[] getTrustManagers() {
+            TrustManagersType tmt = new TrustManagersType();
+            KeyStoreType kst = new KeyStoreType();
+            kst.setFile("src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks");
+            kst.setPassword("password");
+            kst.setType("JKS");
+        
+            tmt.setKeyStore(kst);
+            try {
+                return TLSParameterJaxBUtils.getTrustManagers(tmt);
+            } catch (Exception e) {
+                throw new RuntimeException("failed to retrieve trust managers", e);
+            }
+        }
+    }
 }

Modified: cxf/branches/2.6.x-fixes/systests/transports/src/test/java/org/apache/cxf/systest/http/resources/jaxws-tlsrefs-publish.xml
URL: http://svn.apache.org/viewvc/cxf/branches/2.6.x-fixes/systests/transports/src/test/java/org/apache/cxf/systest/http/resources/jaxws-tlsrefs-publish.xml?rev=1363882&r1=1363881&r2=1363882&view=diff
==============================================================================
--- cxf/branches/2.6.x-fixes/systests/transports/src/test/java/org/apache/cxf/systest/http/resources/jaxws-tlsrefs-publish.xml
(original)
+++ cxf/branches/2.6.x-fixes/systests/transports/src/test/java/org/apache/cxf/systest/http/resources/jaxws-tlsrefs-publish.xml
Fri Jul 20 18:05:05 2012
@@ -59,17 +59,14 @@ under the License.
     <!-- -->
     <!-- TLS Port configuration parameters for port 9001 -->
     <!-- -->
+    <bean id="serverKeyManagers" class="org.apache.cxf.systest.http.HTTPSClientTest$ServerManagersFactory"
factory-method="getKeyManagers"/>
+    <bean id="serverTrustManagers" class="org.apache.cxf.systest.http.HTTPSClientTest$ServerManagersFactory"
factory-method="getTrustManagers"/>
+
     <httpj:engine-factory id="port-9001-tls-config">
         <httpj:engine port="${testutil.ports.BusServer.1}">
             <httpj:tlsServerParameters>
-               <sec:keyManagers keyPassword="password">
-               <sec:keyStore type="JKS" password="password" 
-                    file="src/test/java/org/apache/cxf/systest/http/resources/Bethal.jks"/>
-                </sec:keyManagers>
-                <sec:trustManagers>
-                <sec:keyStore type="JKS" password="password"
-                   file="src/test/java/org/apache/cxf/systest/http/resources/Truststore.jks"/>
-                </sec:trustManagers>
+                <sec:keyManagers ref="serverKeyManagers"/>
+                <sec:trustManagers ref="serverTrustManagers"/>
             </httpj:tlsServerParameters>
         </httpj:engine>
     </httpj:engine-factory>



Mime
View raw message