Return-Path: X-Original-To: apmail-cxf-commits-archive@www.apache.org Delivered-To: apmail-cxf-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id DF4711940A for ; Thu, 21 Apr 2016 12:07:43 +0000 (UTC) Received: (qmail 25329 invoked by uid 500); 21 Apr 2016 12:07:43 -0000 Delivered-To: apmail-cxf-commits-archive@cxf.apache.org Received: (qmail 25270 invoked by uid 500); 21 Apr 2016 12:07:43 -0000 Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cxf.apache.org Delivered-To: mailing list commits@cxf.apache.org Received: (qmail 25261 invoked by uid 99); 21 Apr 2016 12:07:43 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 21 Apr 2016 12:07:43 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 93D7CDFDE0; Thu, 21 Apr 2016 12:07:43 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: coheigea@apache.org To: commits@cxf.apache.org Message-Id: X-Mailer: ASF-Git Admin Mailer Subject: cxf git commit: Adding a pure Java SSLContext test Date: Thu, 21 Apr 2016 12:07:43 +0000 (UTC) Repository: cxf Updated Branches: refs/heads/3.0.x-fixes f871f360e -> ac0b9cbb2 Adding a pure Java SSLContext test Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ac0b9cbb Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ac0b9cbb Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ac0b9cbb Branch: refs/heads/3.0.x-fixes Commit: ac0b9cbb2434f5e1b7ff4e275c438807d88c47ee Parents: f871f36 Author: Colm O hEigeartaigh Authored: Thu Apr 21 13:04:12 2016 +0100 Committer: Colm O hEigeartaigh Committed: Thu Apr 21 13:07:33 2016 +0100 ---------------------------------------------------------------------- .../https/clientauth/ClientAuthTest.java | 54 ++++++++++++++++++++ 1 file changed, 54 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/ac0b9cbb/systests/transports/src/test/java/org/apache/cxf/systest/https/clientauth/ClientAuthTest.java ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/clientauth/ClientAuthTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/clientauth/ClientAuthTest.java index 5e306a3..6afe893 100644 --- a/systests/transports/src/test/java/org/apache/cxf/systest/https/clientauth/ClientAuthTest.java +++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/clientauth/ClientAuthTest.java @@ -19,7 +19,16 @@ package org.apache.cxf.systest.https.clientauth; +import java.io.FileInputStream; import java.net.URL; +import java.security.KeyStore; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.KeyManagerFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManagerFactory; import org.apache.cxf.Bus; import org.apache.cxf.bus.spring.SpringBusFactory; @@ -243,4 +252,49 @@ public class ClientAuthTest extends AbstractBusClientServerTestBase { ((java.io.Closeable)port).close(); bus.shutdown(true); } + + @org.junit.Test + public void testSSLConnectionUsingJavaAPIs() throws Exception { + URL service = new URL("https://localhost:" + PORT); + HttpsURLConnection connection = (HttpsURLConnection) service.openConnection(); + + connection.setHostnameVerifier(new DisableCNCheckVerifier()); + + SSLContext sslContext = SSLContext.getInstance("TLS"); + + URL trustStore = ClientAuthTest.class.getResource("../../../../../../keys/Truststore.jks"); + KeyStore ts = KeyStore.getInstance("JKS"); + try (FileInputStream trustStoreInputStream = new FileInputStream(trustStore.getPath())) { + ts.load(trustStoreInputStream, "password".toCharArray()); + } + + TrustManagerFactory tmf = TrustManagerFactory.getInstance("PKIX"); + tmf.init(ts); + + URL keyStore = ClientAuthTest.class.getResource("../../../../../../keys/Morpit.jks"); + KeyStore ks = KeyStore.getInstance("JKS"); + try (FileInputStream keyStoreInputStream = new FileInputStream(keyStore.getPath())) { + ks.load(keyStoreInputStream, "password".toCharArray()); + } + + KeyManagerFactory kmf = KeyManagerFactory.getInstance("PKIX"); + kmf.init(ks, "password".toCharArray()); + + sslContext.init(kmf.getKeyManagers(), tmf.getTrustManagers(), new java.security.SecureRandom()); + + connection.setSSLSocketFactory(sslContext.getSocketFactory()); + + connection.connect(); + + connection.disconnect(); + } + + private static final class DisableCNCheckVerifier implements HostnameVerifier { + + @Override + public boolean verify(String arg0, SSLSession arg1) { + return true; + } + + }; }