qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From oru...@apache.org
Subject svn commit: r1464485 - in /qpid/branches/0.22/qpid/java: ./ broker-plugins/management-http/src/main/java/resources/ broker-plugins/management-http/src/main/java/resources/js/qpid/common/ broker-plugins/management-http/src/main/java/resources/js/qpid/ma...
Date Thu, 04 Apr 2013 12:03:12 GMT
Author: orudyy
Date: Thu Apr  4 12:03:11 2013
New Revision: 1464485

URL: http://svn.apache.org/r1464485
Log:
QPID-4691: Fix validation and UI for setting of keystore/truststore/peerstore dependant attributes
on broker and ports

merged from trunk r1463626

Modified:
    qpid/branches/0.22/qpid/java/   (props changed)
    qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/addPort.html
    qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/util.js
    qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js
    qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js
    qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractAdapter.java
    qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
    qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/PortAdapter.java
    qpid/branches/0.22/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/PortRestTest.java

Propchange: qpid/branches/0.22/qpid/java/
------------------------------------------------------------------------------
  Merged /qpid/trunk/qpid/java:r1463626

Modified: qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/addPort.html
URL: http://svn.apache.org/viewvc/qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/addPort.html?rev=1464485&r1=1464484&r2=1464485&view=diff
==============================================================================
--- qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/addPort.html
(original)
+++ qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/addPort.html
Thu Apr  4 12:03:11 2013
@@ -21,6 +21,7 @@
 <div class="dijitHidden">
     <div data-dojo-type="dijit.Dialog" style="width:600px;" data-dojo-props="title:'Port'"
id="addPort">
         <form id="formAddPort" method="post" dojoType="dijit.form.Form">
+            <div class="dijitDialogPaneContentArea">
             <div id="formAddPort:fields">
                 <input type="text" required="true" name="name" id="formAddPort.name" placeholder="Name"
                     data-dojo-props="label: 'Name*:'" dojoType="dijit.form.ValidationTextBox"
@@ -53,7 +54,7 @@
             <div id="formAddPort:fieldsAMQP">
                 <input id="formAddPort.bindingAddress" type="text" name="bindingAddress"
placeholder="*"
                    dojoType="dijit.form.TextBox" data-dojo-props="label: 'Binding address:'"/>
-                <input id="formAddPort.protocolsDefault" type="checkbox" name="protocolsDefault"
checked="checked"
+                <input id="formAddPort.protocolsDefault" type="checkbox" checked="checked"
                    dojoType="dijit.form.CheckBox" data-dojo-props="label: 'Support broker
default AMQP versions:'"/>
                 <select id="formAddPort.protocolsAMQP" name="protocols" data-dojo-type="dijit.form.MultiSelect"
multiple="true"
                     data-dojo-props="name: 'protocols', value: '', placeHolder: 'Select AMQP
versions', label: 'AMQP versions:'"
@@ -80,8 +81,11 @@
                 </select>
             </div>
             <input type="hidden" id="formAddPort.id" name="id"/>
+            </div>
+            <div class="dijitDialogPaneActionBar">
             <!-- submit buttons -->
             <input type="submit" value="Save Port" label="Save Port" dojoType="dijit.form.Button"
/>
+            </div>
         </form>
     </div>
 </div>

Modified: qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/util.js
URL: http://svn.apache.org/viewvc/qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/util.js?rev=1464485&r1=1464484&r2=1464485&view=diff
==============================================================================
--- qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/util.js
(original)
+++ qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/util.js
Thu Apr  4 12:03:11 2013
@@ -171,7 +171,7 @@ define(["dojo/_base/xhr",
                  widgets[name] = widget;
                  widget.initialValue = widget.value;
                  layout.addChild(widget);
-                 if (attributeWidgetFactory.hasOwnProperty("requiredFor"))
+                 if (attributeWidgetFactory.hasOwnProperty("requiredFor") && !data[name])
                  {
                    requiredFor[attributeWidgetFactory.requiredFor] = widget;
                  }

Modified: qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js
URL: http://svn.apache.org/viewvc/qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js?rev=1464485&r1=1464484&r2=1464485&view=diff
==============================================================================
--- qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js
(original)
+++ qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js
Thu Apr  4 12:03:11 2013
@@ -141,7 +141,9 @@ define(["dojo/_base/xhr",
                              required: false,
                              label: "Keystore password:",
                              invalidMessage: "Missed keystore password",
-                             name: "keyStorePassword"});
+                             name: "keyStorePassword",
+                             placeholder: brokerData["keyStorePassword"] ? brokerData["keyStorePassword"]
: ""
+                             });
                        }
                }, {
                        name: "trustStorePath",
@@ -161,7 +163,9 @@ define(["dojo/_base/xhr",
                            required: false,
                            label: "Truststore password:",
                            invalidMessage: "Missed trustore password",
-                           name: "trustStorePassword"});
+                           name: "trustStorePassword",
+                           placeholder: brokerData["trustStorePassword"] ? brokerData["trustStorePassword"]
: ""
+                           });
                        }
                }, {
                        name: "peerStorePath",
@@ -180,7 +184,9 @@ define(["dojo/_base/xhr",
                            required: false,
                            label: "Peerstore password:",
                            invalidMessage: "Missed peerstore password",
-                           name: "peerStorePassword"});
+                           name: "peerStorePassword",
+                           placeholder: brokerData["peerStorePassword"] ? brokerData["peerStorePassword"]
: ""
+                         });
                        }
                }, {
                        name: "queue.alertThresholdQueueDepthMessages",

Modified: qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js
URL: http://svn.apache.org/viewvc/qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js?rev=1464485&r1=1464484&r2=1464485&view=diff
==============================================================================
--- qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js
(original)
+++ qpid/branches/0.22/qpid/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js
Thu Apr  4 12:03:11 2013
@@ -71,7 +71,7 @@ define(["dojo/_base/xhr",
                 {
                     if(formValues.hasOwnProperty(propName))
                     {
-                        if (propName === "type" || propName === "protocolsDefault")
+                        if (propName == "needClientAuth" || propName == "wantClientAuth")
                         {
                             continue;
                         }
@@ -107,18 +107,37 @@ define(["dojo/_base/xhr",
                     }
                 }
 
-                var needClientAuth = dijit.byId("formAddPort.needClientAuth");
-                var wantClientAuth = dijit.byId("formAddPort.wantClientAuth");
-                if(!needClientAuth.disabled)
+                var type = dijit.byId("formAddPort.type").value;
+                if (type == "AMQP")
                 {
-                    newPort.needClientAuth = needClientAuth.checked;
+                    var needClientAuth = dijit.byId("formAddPort.needClientAuth");
+                    var wantClientAuth = dijit.byId("formAddPort.wantClientAuth");
+                    newPort.needClientAuth = needClientAuth.disabled ? false : needClientAuth.checked;
+                    newPort.wantClientAuth = wantClientAuth.disabled ? false : wantClientAuth.checked
                 }
-                if(!wantClientAuth.disabled)
+                return newPort;
+            };
+
+            var toggleCertificateWidgets = function toggleCertificateWidgets(protocolType,
transportType)
+            {
+                var clientAuthPanel = registry.byId("formAddPort:fieldsClientAuth");
+                var display = clientAuthPanel.domNode.style.display;
+                if (transportType == "SSL" && protocolType == "AMQP")
                 {
-                    newPort.wantClientAuth = wantClientAuth.checked;
+                    clientAuthPanel.domNode.style.display = "block";
+                    registry.byId("formAddPort.needClientAuth").set("disabled", false);
+                    registry.byId("formAddPort.wantClientAuth").set("disabled", false);
+                }
+                else
+                {
+                    clientAuthPanel.domNode.style.display = "none";
+                    registry.byId("formAddPort.needClientAuth").set("disabled", true);
+                    registry.byId("formAddPort.wantClientAuth").set("disabled", true);
+                }
+                if (clientAuthPanel.domNode.style.display != display)
+                {
+                    clientAuthPanel.resize();
                 }
-
-                return newPort;
             };
 
 
@@ -134,6 +153,11 @@ define(["dojo/_base/xhr",
                                 dijit.byId("formAddPort.protocolsAMQP").set("disabled", isChecked);
                             });
 
+                            registry.byId("formAddPort.transports").on("change", function(newValue){
+                                var protocolType = registry.byId("formAddPort.type").value;
+                                toggleCertificateWidgets(protocolType, newValue);
+                            });
+
                             registry.byId("formAddPort.type").on("change", function(newValue)
{
                                 var typeWidget = registry.byId("formAddPort.type");
                                 var store = typeWidget.store;
@@ -142,20 +166,8 @@ define(["dojo/_base/xhr",
                                     registry.byId("formAddPort:fields" + option.value).domNode.style.display
= "none";
                                 });
 
-                                if ("AMQP" == newValue)
-                                {
-                                    registry.byId("formAddPort:fieldsClientAuth").domNode.style.display
= "block";
-                                    registry.byId("formAddPort.needClientAuth").set("disabled",
false);
-                                    registry.byId("formAddPort.wantClientAuth").set("disabled",
false);
-                                }
-                                else
-                                {
-                                    registry.byId("formAddPort:fieldsClientAuth").domNode.style.display
= "none";
-                                    registry.byId("formAddPort.needClientAuth").set("checked",
false);
-                                    registry.byId("formAddPort.wantClientAuth").set("checked",
false);
-                                    registry.byId("formAddPort.needClientAuth").set("disabled",
true);
-                                    registry.byId("formAddPort.wantClientAuth").set("disabled",
true);
-                                }
+                                registry.byId("formAddPort.needClientAuth").set("enabled",
("AMQP" == newValue));
+                                registry.byId("formAddPort.wantClientAuth").set("enabled",
("AMQP" == newValue));
 
                                 registry.byId("formAddPort:fields" + newValue).domNode.style.display
= "block";
                                 var defaultsAMQPProtocols = registry.byId("formAddPort.protocolsDefault");
@@ -163,20 +175,10 @@ define(["dojo/_base/xhr",
                                 var protocolsWidget = registry.byId("formAddPort.protocols"
+ newValue);
                                 if (protocolsWidget)
                                 {
-                                    if ("AMQP" == newValue && defaultsAMQPProtocols.checked)
-                                    {
-                                        protocolsWidget.set("disabled", true);
-                                    }
-                                    else
-                                    {
-                                        protocolsWidget.set("disabled", false);
-                                    }
-                                }
-                                var transportsWidget = registry.byId("formAddPort.transports");
-                                if (transportsWidget)
-                                {
-                                    transportsWidget.startup();
+                                    protocolsWidget.set("disabled", ("AMQP" == newValue &&
defaultsAMQPProtocols.checked));
                                 }
+                                var transport = registry.byId("formAddPort.transports").value;
+                                toggleCertificateWidgets(newValue, transport);
                             });
                             theForm = registry.byId("formAddPort");
 
@@ -289,7 +291,8 @@ define(["dojo/_base/xhr",
                        nameField.set("disabled", true);
                        dom.byId("formAddPort.id").value=port.id;
                        providerWidget.set("value", port.authenticationProvider ? port.authenticationProvider
: "");
-                       registry.byId("formAddPort.transports").set("value", port.transports
? port.transports[0] : "");
+                       var transportWidget = registry.byId("formAddPort.transports");
+                       transportWidget.set("value", port.transports ? port.transports[0]
: "");
                        registry.byId("formAddPort.port").set("value", port.port);
                        var protocols = port.protocols;
                        var typeWidget = registry.byId("formAddPort.type");
@@ -299,12 +302,6 @@ define(["dojo/_base/xhr",
                            registry.byId("formAddPort:fields" + option.value).domNode.style.display
= "none";
                        });
 
-                       registry.byId("formAddPort.needClientAuth").set("checked", false);
-                       registry.byId("formAddPort.wantClientAuth").set("checked", false);
-                       registry.byId("formAddPort.needClientAuth").set("disabled", true);
-                       registry.byId("formAddPort.wantClientAuth").set("disabled", true);
-                       registry.byId("formAddPort:fieldsClientAuth").domNode.style.display
= "none";
-
                        // identify the type of port using first protocol specified in protocol
field if provided
                        if ( !protocols || protocols.length == 0 || protocols[0].indexOf("AMQP")
== 0)
                        {
@@ -326,11 +323,8 @@ define(["dojo/_base/xhr",
                                amqpProtocolsWidget.set("disabled", true)
                            }
 
-                           registry.byId("formAddPort.needClientAuth").set("disabled", false);
-                           registry.byId("formAddPort.wantClientAuth").set("disabled", false);
                            registry.byId("formAddPort.needClientAuth").set("checked", port.needClientAuth);
                            registry.byId("formAddPort.wantClientAuth").set("checked", port.wantClientAuth);
-                           registry.byId("formAddPort:fieldsClientAuth").domNode.style.display
= "block";
                        }
                        else if (protocols[0].indexOf("RMI") != -1)
                        {
@@ -348,6 +342,8 @@ define(["dojo/_base/xhr",
                        }
                        registry.byId("formAddPort:fields" + typeWidget.value).domNode.style.display
= "block";
                        typeWidget.set("disabled", true);
+
+                       toggleCertificateWidgets(typeWidget.value, transportWidget.value);
                        registry.byId("addPort").show();
                });
             }

Modified: qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractAdapter.java
URL: http://svn.apache.org/viewvc/qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractAdapter.java?rev=1464485&r1=1464484&r2=1464485&view=diff
==============================================================================
--- qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractAdapter.java
(original)
+++ qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractAdapter.java
Thu Apr  4 12:03:11 2013
@@ -381,4 +381,9 @@ abstract class AbstractAdapter implement
     {
         // allowed by default
     }
+
+    protected Map<String, Object> getDefaultAttributes()
+    {
+        return _defaultAttributes;
+    }
 }

Modified: qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
URL: http://svn.apache.org/viewvc/qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java?rev=1464485&r1=1464484&r2=1464485&view=diff
==============================================================================
--- qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
(original)
+++ qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java
Thu Apr  4 12:03:11 2013
@@ -1182,9 +1182,14 @@ public class BrokerAdapter extends Abstr
             String passwordAttribute, String aliasAttribute)
     {
         String keyStoreFile = (String) convertedAttributes.get(pathAttribute);
-        if (keyStoreFile != null)
+        String password = (String) convertedAttributes.get(passwordAttribute);
+        String alias = aliasAttribute!= null? (String) convertedAttributes.get(aliasAttribute)
: null;
+        if (keyStoreFile != null || password != null || alias != null)
         {
-            String password = (String) convertedAttributes.get(passwordAttribute);
+            if (keyStoreFile == null)
+            {
+                keyStoreFile  = (String) getActualAttributes().get(pathAttribute);
+            }
             if (password == null)
             {
                 password = (String) getActualAttributes().get(passwordAttribute);
@@ -1200,7 +1205,10 @@ public class BrokerAdapter extends Abstr
             }
             if (aliasAttribute != null)
             {
-                String alias = (String) convertedAttributes.get(aliasAttribute);
+                if (alias == null)
+                {
+                    alias  = (String) getActualAttributes().get(aliasAttribute);
+                }
                 if (alias != null)
                 {
                     Certificate cert = null;

Modified: qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/PortAdapter.java
URL: http://svn.apache.org/viewvc/qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/PortAdapter.java?rev=1464485&r1=1464484&r2=1464485&view=diff
==============================================================================
--- qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/PortAdapter.java
(original)
+++ qpid/branches/0.22/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/PortAdapter.java
Thu Apr  4 12:03:11 2013
@@ -48,6 +48,7 @@ import org.apache.qpid.server.model.Virt
 import org.apache.qpid.server.security.access.Operation;
 import org.apache.qpid.server.util.MapValueConverter;
 import org.apache.qpid.server.util.ParameterizedTypeImpl;
+import org.apache.qpid.server.configuration.IllegalConfigurationException;
 import org.apache.qpid.server.configuration.updater.TaskExecutor;
 
 public class PortAdapter extends AbstractAdapter implements Port
@@ -362,7 +363,67 @@ public class PortAdapter extends Abstrac
         {
             throw new IllegalStateException("Cannot change attributes for an active port
outside of Management Mode");
         }
-        super.changeAttributes(MapValueConverter.convert(attributes, ATTRIBUTE_TYPES));
+        Map<String, Object> converted = MapValueConverter.convert(attributes, ATTRIBUTE_TYPES);
+
+        Map<String, Object> merged =  new HashMap<String, Object>(getDefaultAttributes());
+        merged.putAll(getActualAttributes());
+        merged.putAll(converted);
+
+        @SuppressWarnings("unchecked")
+        Collection<Transport> transports = (Collection<Transport>)merged.get(TRANSPORTS);
+        @SuppressWarnings("unchecked")
+        Collection<Protocol> protocols = (Collection<Protocol>)merged.get(PROTOCOLS);
+        Boolean needClientCertificate = (Boolean)merged.get(NEED_CLIENT_AUTH);
+        Boolean wantClientCertificate = (Boolean)merged.get(WANT_CLIENT_AUTH);
+        boolean requiresCertificate = (needClientCertificate != null && needClientCertificate.booleanValue())
+                || (wantClientCertificate != null && wantClientCertificate.booleanValue());
+
+        if (transports != null && transports.contains(Transport.SSL))
+        {
+            if (_broker.getKeyStores().isEmpty())
+            {
+                throw new IllegalConfigurationException("Can't create port which requires
SSL as the broker has no keystore configured.");
+            }
+
+            if (_broker.getTrustStores().isEmpty() && requiresCertificate)
+            {
+                throw new IllegalConfigurationException("Can't create port which requests
SSL client certificates as the broker has no trust/peer stores configured.");
+            }
+        }
+        else
+        {
+            if (requiresCertificate)
+            {
+                throw new IllegalConfigurationException("Can't create port which requests
SSL client certificates but doesn't use SSL transport.");
+            }
+        }
+
+        if (protocols != null && protocols.contains(Protocol.HTTPS) && _broker.getKeyStores().isEmpty())
+        {
+            throw new IllegalConfigurationException("Can't create port which requires SSL
as the broker has no keystore configured.");
+        }
+
+        String authenticationProviderName = (String)merged.get(AUTHENTICATION_PROVIDER);
+        if (authenticationProviderName != null)
+        {
+            Collection<AuthenticationProvider> providers = _broker.getAuthenticationProviders();
+            AuthenticationProvider provider = null;
+            for (AuthenticationProvider p : providers)
+            {
+                if (p.getName().equals(authenticationProviderName))
+                {
+                    provider = p;
+                    break;
+                }
+            }
+
+            if (provider == null)
+            {
+                throw new IllegalConfigurationException("Cannot find authentication provider
with name '"
+                        + authenticationProviderName + "'");
+            }
+        }
+        super.changeAttributes(converted);
     }
 
     @Override

Modified: qpid/branches/0.22/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/PortRestTest.java
URL: http://svn.apache.org/viewvc/qpid/branches/0.22/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/PortRestTest.java?rev=1464485&r1=1464484&r2=1464485&view=diff
==============================================================================
--- qpid/branches/0.22/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/PortRestTest.java
(original)
+++ qpid/branches/0.22/qpid/java/systests/src/main/java/org/apache/qpid/systest/rest/PortRestTest.java
Thu Apr  4 12:03:11 2013
@@ -21,16 +21,20 @@
 package org.apache.qpid.systest.rest;
 
 import java.net.URLDecoder;
+import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 
 import org.apache.qpid.server.model.AuthenticationProvider;
+import org.apache.qpid.server.model.Broker;
 import org.apache.qpid.server.model.Port;
 import org.apache.qpid.server.model.Protocol;
 import org.apache.qpid.server.model.State;
+import org.apache.qpid.server.model.Transport;
 import org.apache.qpid.server.plugin.AuthenticationManagerFactory;
 import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManagerFactory;
 import org.apache.qpid.test.utils.TestBrokerConfiguration;
@@ -159,8 +163,7 @@ public class PortRestTest extends QpidRe
         responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
         assertEquals("Port cannot be updated in non management mode", 409, responseCode);
 
-        stopBroker();
-        startBroker(DEFAULT_PORT, true);
+        restartBrokerInManagementMode();
 
         responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
         assertEquals("Port should be allwed to update in a management mode", 200, responseCode);
@@ -193,4 +196,133 @@ public class PortRestTest extends QpidRe
         port = getRestTestHelper().getJsonAsSingletonList("/rest/port/" + TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT);
         assertEquals("Port has been changed", portValue, port.get(Port.PORT));
     }
+
+    public void testUpdatePortTransportFromTCPToSSLWhenKeystoreIsConfigured() throws Exception
+    {
+        restartBrokerInManagementMode();
+
+        String portName = TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT;
+        Map<String, Object> attributes = new HashMap<String, Object>();
+        attributes.put(Port.NAME, portName);
+        attributes.put(Port.TRANSPORTS, Collections.singleton(Transport.SSL));
+
+        int responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
+        assertEquals("Transport has not been changed to SSL " , 200, responseCode);
+
+        restartBroker();
+
+        Map<String, Object> port = getRestTestHelper().getJsonAsSingletonList("/rest/port/"
+ portName);
+
+        @SuppressWarnings("unchecked")
+        Collection<String> transports = (Collection<String>) port.get(Port.TRANSPORTS);
+        assertEquals("Unexpected auth provider", new HashSet<String>(Arrays.asList(Transport.SSL.name())),
+                new HashSet<String>(transports));
+    }
+
+    public void testUpdateTransportFromTCPToSSLWithoutKeystoreConfiguredFails() throws Exception
+    {
+        getBrokerConfiguration().setBrokerAttribute(Broker.KEY_STORE_PATH, null);
+        getBrokerConfiguration().setSaved(false);
+        restartBrokerInManagementMode();
+
+        String portName = TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT;
+        Map<String, Object> attributes = new HashMap<String, Object>();
+        attributes.put(Port.NAME, portName);
+        attributes.put(Port.TRANSPORTS, Collections.singleton(Transport.SSL));
+
+        int responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
+        assertEquals("Creation of SSL port without keystore should fail", 409, responseCode);
+    }
+
+    public void testUpdateWantNeedClientAuth() throws Exception
+    {
+        String portName = TestBrokerConfiguration.ENTRY_NAME_SSL_PORT;
+        Map<String, Object> attributes = new HashMap<String, Object>();
+        attributes.put(Port.NAME, portName);
+        attributes.put(Port.PORT, DEFAULT_SSL_PORT);
+        attributes.put(Port.TRANSPORTS, Collections.singleton(Transport.SSL));
+
+        int responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
+        assertEquals("SSL port was not added", 201, responseCode);
+
+        restartBrokerInManagementMode();
+
+        attributes.put(Port.NEED_CLIENT_AUTH, true);
+        attributes.put(Port.WANT_CLIENT_AUTH, true);
+
+        responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
+        assertEquals("Attributes for need/want client auth are not set", 200, responseCode);
+
+        restartBroker();
+        Map<String, Object> port = getRestTestHelper().getJsonAsSingletonList("/rest/port/"
+ portName);
+        assertEquals("Unexpected " + Port.NEED_CLIENT_AUTH, true, port.get(Port.NEED_CLIENT_AUTH));
+        assertEquals("Unexpected " + Port.WANT_CLIENT_AUTH, true, port.get(Port.WANT_CLIENT_AUTH));
+
+        restartBrokerInManagementMode();
+
+        attributes = new HashMap<String, Object>();
+        attributes.put(Port.NAME, portName);
+        attributes.put(Port.TRANSPORTS, Collections.singleton(Transport.TCP));
+
+        responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
+        assertEquals("Should not be able to change transport to SSL without reseting of attributes
for need/want client auth", 409, responseCode);
+
+        attributes = new HashMap<String, Object>();
+        attributes.put(Port.NAME, portName);
+        attributes.put(Port.TRANSPORTS, Collections.singleton(Transport.TCP));
+        attributes.put(Port.NEED_CLIENT_AUTH, false);
+        attributes.put(Port.WANT_CLIENT_AUTH, false);
+
+        responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
+        assertEquals("Should be able to change transport to TCP ", 200, responseCode);
+
+        restartBroker();
+        port = getRestTestHelper().getJsonAsSingletonList("/rest/port/" + portName);
+        assertEquals("Unexpected " + Port.NEED_CLIENT_AUTH, false, port.get(Port.NEED_CLIENT_AUTH));
+        assertEquals("Unexpected " + Port.WANT_CLIENT_AUTH, false, port.get(Port.WANT_CLIENT_AUTH));
+
+        @SuppressWarnings("unchecked")
+        Collection<String> transports = (Collection<String>) port.get(Port.TRANSPORTS);
+        assertEquals("Unexpected auth provider", new HashSet<String>(Arrays.asList(Transport.TCP.name())),
+                new HashSet<String>(transports));
+    }
+
+    public void testUpdateSettingWantNeedCertificateFailsForNonSSLPort() throws Exception
+    {
+        restartBrokerInManagementMode();
+
+        String portName = TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT;
+        Map<String, Object> attributes = new HashMap<String, Object>();
+        attributes.put(Port.NAME, portName);
+        attributes.put(Port.NEED_CLIENT_AUTH, true);
+        int responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
+        assertEquals("Unexpected response when trying to set 'needClientAuth' on non-SSL
port", 409, responseCode);
+
+        attributes = new HashMap<String, Object>();
+        attributes.put(Port.NAME, portName);
+        attributes.put(Port.WANT_CLIENT_AUTH, true);
+        responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
+        assertEquals("Unexpected response when trying to set 'wantClientAuth' on non-SSL
port", 409, responseCode);
+    }
+
+    public void testUpdatePortAuthenticationProvider() throws Exception
+    {
+        restartBrokerInManagementMode();
+
+        String portName = TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT;
+        Map<String, Object> attributes = new HashMap<String, Object>();
+        attributes.put(Port.NAME, portName);
+        attributes.put(Port.AUTHENTICATION_PROVIDER, "non-existing");
+        int responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
+        assertEquals("Unexpected response when trying to change auth provider to non-existing
one", 409, responseCode);
+
+        attributes = new HashMap<String, Object>();
+        attributes.put(Port.NAME, portName);
+        attributes.put(Port.AUTHENTICATION_PROVIDER, ANONYMOUS_AUTHENTICATION_PROVIDER);
+        responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT",
attributes);
+        assertEquals("Unexpected response when trying to change auth provider to existing
one", 200, responseCode);
+
+        Map<String, Object> port = getRestTestHelper().getJsonAsSingletonList("/rest/port/"
+ portName);
+        assertEquals("Unexpected auth provider", ANONYMOUS_AUTHENTICATION_PROVIDER, port.get(Port.AUTHENTICATION_PROVIDER));
+    }
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org


Mime
View raw message