cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/3] cxf git commit: Adding Jetty programmatic tests
Date Thu, 30 Mar 2017 09:21:42 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes e24153bd6 -> 398a4988b


Adding Jetty programmatic tests

# Conflicts:
#	systests/transports/src/test/java/org/apache/cxf/systest/https/trust/TrustManagerTest.java


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2f219d0c
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2f219d0c
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2f219d0c

Branch: refs/heads/3.1.x-fixes
Commit: 2f219d0c7258b33cb72d49d19bfd991a2ef3264a
Parents: e24153b
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Mar 30 10:03:17 2017 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Mar 30 10:04:41 2017 +0100

----------------------------------------------------------------------
 .../systest/https/trust/TrustManagerTest.java   | 116 +++++++++++++++++++
 .../https/trust/TrustServerNoSpring.java        |  84 ++++++++++++++
 2 files changed, 200 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/2f219d0c/systests/transports/src/test/java/org/apache/cxf/systest/https/trust/TrustManagerTest.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/trust/TrustManagerTest.java
b/systests/transports/src/test/java/org/apache/cxf/systest/https/trust/TrustManagerTest.java
index 6264f44..89e6b89 100644
--- a/systests/transports/src/test/java/org/apache/cxf/systest/https/trust/TrustManagerTest.java
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/trust/TrustManagerTest.java
@@ -43,7 +43,13 @@ import org.junit.BeforeClass;
  */
 public class TrustManagerTest extends AbstractBusClientServerTestBase {
     static final String PORT = allocatePort(TrustServer.class);
+<<<<<<< HEAD
     
+=======
+    static final String PORT2 = allocatePort(TrustServer.class, 2);
+    static final String PORT3 = allocatePort(TrustServer.class, 3);
+
+>>>>>>> 16163d8... Adding Jetty programmatic tests
     @BeforeClass
     public static void startServers() throws Exception {
         assertTrue(
@@ -52,6 +58,12 @@ public class TrustManagerTest extends AbstractBusClientServerTestBase {
             // set this to false to fork
             launchServer(TrustServer.class, true)
         );
+        assertTrue(
+             "Server failed to launch",
+             // run the server in the same process
+             // set this to false to fork
+             launchServer(TrustServerNoSpring.class, true)
+        );
     }
     
     @AfterClass
@@ -131,7 +143,50 @@ public class TrustManagerTest extends AbstractBusClientServerTestBase
{
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }
+<<<<<<< HEAD
     
+=======
+
+    // Here the Trust Manager checks the server cert. this time we are invoking on the
+    // service that is configured in code (not by spring)
+    @org.junit.Test
+    public void testValidServerCertX509TrustManager2() throws Exception {
+        SpringBusFactory bf = new SpringBusFactory();
+        URL busFile = TrustManagerTest.class.getResource("client-trust.xml");
+
+        Bus bus = bf.createBus(busFile.toString());
+        SpringBusFactory.setDefaultBus(bus);
+        SpringBusFactory.setThreadDefaultBus(bus);
+
+        URL url = SOAPService.WSDL_LOCATION;
+        SOAPService service = new SOAPService(url, SOAPService.SERVICE);
+        assertNotNull("Service is null", service);
+        final Greeter port = service.getHttpsPort();
+        assertNotNull("Port is null", port);
+
+        updateAddressPort(port, PORT3);
+
+        String validPrincipalName = "CN=Bethal,OU=Bethal,O=ApacheTest,L=Syracuse,C=US";
+
+        TLSClientParameters tlsParams = new TLSClientParameters();
+        X509TrustManager trustManager =
+            new ServerCertX509TrustManager(validPrincipalName);
+        TrustManager[] trustManagers = new TrustManager[1];
+        trustManagers[0] = trustManager;
+        tlsParams.setTrustManagers(trustManagers);
+        tlsParams.setDisableCNCheck(true);
+
+        Client client = ClientProxy.getClient(port);
+        HTTPConduit http = (HTTPConduit) client.getConduit();
+        http.setTlsClientParameters(tlsParams);
+
+        assertEquals(port.greetMe("Kitty"), "Hello Kitty");
+
+        ((java.io.Closeable)port).close();
+        bus.shutdown(true);
+    }
+
+>>>>>>> 16163d8... Adding Jetty programmatic tests
     @org.junit.Test
     public void testInvalidServerCertX509TrustManager() throws Exception {
         SpringBusFactory bf = new SpringBusFactory();
@@ -169,7 +224,68 @@ public class TrustManagerTest extends AbstractBusClientServerTestBase
{
         } catch (Exception ex) {
             // expected
         }
+<<<<<<< HEAD
         
+=======
+
+        ((java.io.Closeable)port).close();
+        bus.shutdown(true);
+    }
+
+    @org.junit.Test
+    public void testOSCPOverride() throws Exception {
+        SpringBusFactory bf = new SpringBusFactory();
+        URL busFile = TrustManagerTest.class.getResource("client-trust.xml");
+
+        Bus bus = bf.createBus(busFile.toString());
+        SpringBusFactory.setDefaultBus(bus);
+        SpringBusFactory.setThreadDefaultBus(bus);
+
+        URL url = SOAPService.WSDL_LOCATION;
+        SOAPService service = new SOAPService(url, SOAPService.SERVICE);
+        assertNotNull("Service is null", service);
+        final Greeter port = service.getHttpsPort();
+        assertNotNull("Port is null", port);
+
+        updateAddressPort(port, PORT2);
+
+        // Read truststore
+        KeyStore ts = KeyStore.getInstance("JKS");
+        try (InputStream trustStore =
+            ClassLoaderUtils.getResourceAsStream("keys/cxfca.jks", TrustManagerTest.class))
{
+            ts.load(trustStore, "password".toCharArray());
+        }
+
+        try {
+            Security.setProperty("ocsp.enable", "true");
+
+            PKIXBuilderParameters param = new PKIXBuilderParameters(ts, new X509CertSelector());
+            param.setRevocationEnabled(true);
+
+            TrustManagerFactory tmf  =
+                TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+            tmf.init(new CertPathTrustManagerParameters(param));
+
+            TLSClientParameters tlsParams = new TLSClientParameters();
+            tlsParams.setTrustManagers(tmf.getTrustManagers());
+            tlsParams.setDisableCNCheck(true);
+
+            Client client = ClientProxy.getClient(port);
+            HTTPConduit http = (HTTPConduit) client.getConduit();
+            http.setTlsClientParameters(tlsParams);
+
+            try {
+                port.greetMe("Kitty");
+                fail("Failure expected on an invalid OCSP responder URL");
+            } catch (Exception ex) {
+                // expected
+            }
+
+        } finally {
+            Security.setProperty("ocsp.enable", "false");
+        }
+
+>>>>>>> 16163d8... Adding Jetty programmatic tests
         ((java.io.Closeable)port).close();
         bus.shutdown(true);
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/2f219d0c/systests/transports/src/test/java/org/apache/cxf/systest/https/trust/TrustServerNoSpring.java
----------------------------------------------------------------------
diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/trust/TrustServerNoSpring.java
b/systests/transports/src/test/java/org/apache/cxf/systest/https/trust/TrustServerNoSpring.java
new file mode 100644
index 0000000..305fd1d
--- /dev/null
+++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/trust/TrustServerNoSpring.java
@@ -0,0 +1,84 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.cxf.systest.https.trust;
+
+import java.security.KeyStore;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.net.ssl.KeyManagerFactory;
+import javax.xml.ws.Endpoint;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.configuration.jsse.TLSServerParameters;
+import org.apache.cxf.configuration.security.ClientAuthentication;
+import org.apache.cxf.systest.http.GreeterImpl;
+import org.apache.cxf.testutil.common.AbstractBusTestServerBase;
+import org.apache.cxf.transport.http_jetty.JettyHTTPServerEngineFactory;
+
+public class TrustServerNoSpring extends AbstractBusTestServerBase {
+
+    public TrustServerNoSpring() {
+
+    }
+
+    protected void run()  {
+        Bus busLocal = BusFactory.getDefaultBus(true);
+        setBus(busLocal);
+
+        String address = "https://localhost:" + TrustManagerTest.PORT3 + "/SoapContext/HttpsPort";
+
+        try {
+            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
+            keyStore.load(ClassLoaderUtils.getResourceAsStream("keys/Bethal.jks",
+                                                               this.getClass()),
+                          "password".toCharArray());
+
+            KeyManagerFactory kmf  =
+                KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
+            kmf.init(keyStore, "password".toCharArray());
+
+            TLSServerParameters tlsParams = new TLSServerParameters();
+            tlsParams.setKeyManagers(kmf.getKeyManagers());
+
+            ClientAuthentication clientAuthentication = new ClientAuthentication();
+            clientAuthentication.setRequired(false);
+            clientAuthentication.setWant(true);
+            tlsParams.setClientAuthentication(clientAuthentication);
+
+            Map<String, TLSServerParameters> map = new HashMap<>();
+            map.put("tlsId", tlsParams);
+
+            JettyHTTPServerEngineFactory factory =
+                busLocal.getExtension(JettyHTTPServerEngineFactory.class);
+            factory.setTlsServerParametersMap(map);
+            factory.createJettyHTTPServerEngine("localhost", Integer.parseInt(TrustManagerTest.PORT3),
+                                                "https", "tlsId");
+
+            factory.initComplete();
+        } catch (Exception ex) {
+            ex.printStackTrace();
+        }
+
+        Endpoint.publish(address, new GreeterImpl());
+    }
+}


Mime
View raw message