qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From oru...@apache.org
Subject [3/4] qpid-broker-j git commit: QPID-6933: [System Tests] Refactor TLS tests as JMS 1.1 system test
Date Thu, 04 Jan 2018 23:44:11 GMT
http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java b/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java
deleted file mode 100644
index edd96b9..0000000
--- a/systests/src/test/java/org/apache/qpid/client/ssl/SSLTest.java
+++ /dev/null
@@ -1,769 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.client.ssl;
-
-import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE;
-import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE_PASSWORD;
-import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE;
-import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE_PASSWORD;
-
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.InputStream;
-import java.io.PrintStream;
-import java.io.UnsupportedEncodingException;
-import java.net.URLEncoder;
-import java.nio.charset.StandardCharsets;
-import java.security.Key;
-import java.security.cert.Certificate;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.jms.Connection;
-import javax.jms.JMSException;
-import javax.jms.Session;
-import javax.xml.bind.DatatypeConverter;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import org.apache.qpid.client.AMQTestConnection_0_10;
-import org.apache.qpid.jms.ConnectionURL;
-import org.apache.qpid.server.model.DefaultVirtualHostAlias;
-import org.apache.qpid.server.model.Port;
-import org.apache.qpid.server.model.Transport;
-import org.apache.qpid.server.model.VirtualHostAlias;
-import org.apache.qpid.server.model.VirtualHostNameAlias;
-import org.apache.qpid.test.utils.QpidBrokerTestCase;
-import org.apache.qpid.test.utils.TestBrokerConfiguration;
-import org.apache.qpid.test.utils.TestFileUtils;
-import org.apache.qpid.test.utils.TestSSLConstants;
-
-public class SSLTest extends QpidBrokerTestCase
-{
-    private static final Logger LOGGER = LoggerFactory.getLogger(SSLTest.class);
-
-    @Override
-    protected void setUp() throws Exception
-    {
-        setSystemProperty("javax.net.debug", "ssl");
-
-        setSslStoreSystemProperties();
-
-        super.setUp();
-    }
-
-    @Override
-    public void startDefaultBroker() throws Exception
-    {
-        // noop; we do not need to start broker in setUp
-    }
-
-    private void startBroker() throws Exception
-    {
-        super.startDefaultBroker();
-        System.setProperty("test.port.ssl", ""+getDefaultBroker().getAmqpTlsPort());
-
-    }
-
-    public void testCreateSSLConnectionUsingConnectionURLParams() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            clearSslStoreSystemProperties();
-
-            //Start the broker (NEEDing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, true, false, false);
-            startBroker();
-
-            final Connection con;
-            if (isBroker10())
-            {
-                final Map<String, String> options = new HashMap<>();
-                options.put("transport.keyStoreLocation", KEYSTORE);
-                options.put("transport.keyStorePassword", KEYSTORE_PASSWORD);
-                options.put("transport.trustStoreLocation", TRUSTSTORE);
-                options.put("transport.trustStorePassword", TRUSTSTORE_PASSWORD);
-
-                con = getConnectionBuilder().setTls(true).setOptions(options).build();
-            }
-            else
-            {
-                String url = "amqp://guest:guest@test/?brokerlist='tcp://localhost:%s" +
-                             "?ssl='true'" +
-                             "&key_store='%s'&key_store_password='%s'" +
-                             "&trust_store='%s'&trust_store_password='%s'" +
-                             "'";
-
-                url = String.format(url, getDefaultBroker().getAmqpTlsPort(),
-                                    KEYSTORE, KEYSTORE_PASSWORD, TRUSTSTORE, TRUSTSTORE_PASSWORD);
-
-                con = getConnection(url);
-            }
-            assertNotNull("connection should be successful", con);
-            Session ssn = con.createSession(false,Session.AUTO_ACKNOWLEDGE);
-            assertNotNull("create session should be successful", ssn);
-        }
-    }
-
-    public void testCreateSSLConnectionWithCertificateTrust() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            clearSslStoreSystemProperties();
-
-            //Start the broker (NEEDing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, false, false, false);
-            startBroker();
-
-            Connection con;
-            File trustCertFile = extractCertFileFromTestTrustStore();
-
-            if (isBroker10())
-            {
-                fail("Qpid JMS Client does not support trusting of a certificate");
-            }
-
-            String url = "amqp://guest:guest@test/?brokerlist='tcp://localhost:%s" +
-                         "?ssl='true'" +
-                         "&trusted_certs_path='%s'" +
-                         "'";
-
-            url = String.format(url, getDefaultBroker().getAmqpTlsPort(), encode(trustCertFile.getCanonicalPath()));
-
-            con = getConnection(url);
-            assertNotNull("connection should be successful", con);
-            Session ssn = con.createSession(false,Session.AUTO_ACKNOWLEDGE);
-            assertNotNull("create session should be successful", ssn);
-        }
-    }
-
-    public void testSSLConnectionToPlainPortRejected() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            startBroker();
-
-
-            try
-            {
-                if (isBroker10())
-                {
-                    System.setProperty("test.port.ssl", ""+getDefaultBroker().getAmqpPort());
-                    getConnection();
-                }
-                else
-                {
-
-                    String url = "amqp://guest:guest@test/?brokerlist='tcp://localhost:%s"
+
-                                 "?ssl='true''";
-
-                    url = String.format(url, getDefaultBroker().getAmqpPort());
-                    getConnection(url);
-                }
-                fail("Exception not thrown");
-            }
-            catch (JMSException e)
-            {
-                // PASS
-                if (!isBroker10())
-                {
-                    assertTrue("Unexpected exception message : " + e.getMessage(),
-                               e.getMessage().contains("Unrecognized SSL message, plaintext
connection?"));
-                }
-            }
-        }
-    }
-
-    public void testHostVerificationIsOnByDefault() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            clearSslStoreSystemProperties();
-
-            //Start the broker (NEEDing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, true, false, false);
-            startBroker();
-
-            if (isBroker10())
-            {
-                fail("Can't configured the host name");
-            }
-
-            String url = "amqp://guest:guest@test/?brokerlist='tcp://127.0.0.1:%s" +
-                         "?ssl='true'" +
-                         "&key_store='%s'&key_store_password='%s'" +
-                         "&trust_store='%s'&trust_store_password='%s'" +
-                         "'";
-
-            url = String.format(url, getDefaultBroker().getAmqpTlsPort(),
-                                KEYSTORE,KEYSTORE_PASSWORD,TRUSTSTORE,TRUSTSTORE_PASSWORD);
-            try
-            {
-                getConnection(url);
-                fail("Exception not thrown");
-            }
-            catch(JMSException e)
-            {
-                assertTrue("Unexpected exception message", e.getMessage().contains("SSL hostname
verification failed"));
-            }
-
-            url = "amqp://guest:guest@test/?brokerlist='tcp://127.0.0.1:%s" +
-                    "?ssl='true'&ssl_verify_hostname='false'" +
-                    "&key_store='%s'&key_store_password='%s'" +
-                    "&trust_store='%s'&trust_store_password='%s'" +
-                    "'";
-            url = String.format(url, getDefaultBroker().getAmqpTlsPort(),
-                    KEYSTORE,KEYSTORE_PASSWORD,TRUSTSTORE,TRUSTSTORE_PASSWORD);
-
-            Connection con = getConnection(url);
-            assertNotNull("connection should be successful", con);
-            Session ssn = con.createSession(false,Session.AUTO_ACKNOWLEDGE);
-            assertNotNull("create session should be successful", ssn);
-        }
-    }
-
-    /**
-     * Create an SSL connection using the SSL system properties for the trust and key store,
but using
-     * the {@link ConnectionURL} ssl='true' option to indicate use of SSL at a Connection
level,
-     * without specifying anything at the {@link ConnectionURL#OPTIONS_BROKERLIST} level.
-     */
-    public void testSslConnectionOption() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            //Start the broker (NEEDing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, true, false, false);
-            startBroker();
-
-            //Create URL enabling SSL at the connection rather than brokerlist level
-            String url = "amqp://guest:guest@test/?ssl='true'&brokerlist='tcp://localhost:%s'";
-            url = String.format(url, getDefaultBroker().getAmqpTlsPort());
-
-            Connection con = getConnection(url);
-            assertNotNull("connection should be successful", con);
-            Session ssn = con.createSession(false,Session.AUTO_ACKNOWLEDGE);
-            assertNotNull("create session should be successful", ssn);
-        }
-    }
-
-    /**
-     * Create an SSL connection using the SSL system properties for the trust and key store,
but using
-     * the {@link ConnectionURL} ssl='true' option to indicate use of SSL at a Connection
level,
-     * overriding the false setting at the {@link ConnectionURL#OPTIONS_BROKERLIST} level.
-     */
-    public void testSslConnectionOptionOverridesBrokerlistOption() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            //Start the broker (NEEDing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, true, false, false);
-            startBroker();
-
-            //Create URL enabling SSL at the connection, overriding the false at the brokerlist
level
-            String url = "amqp://guest:guest@test/?ssl='true'&brokerlist='tcp://localhost:%s?ssl='false''";
-            url = String.format(url, getDefaultBroker().getAmqpTlsPort());
-
-            Connection con = getConnection(url);
-            assertNotNull("connection should be successful", con);
-            Session ssn = con.createSession(false,Session.AUTO_ACKNOWLEDGE);
-            assertNotNull("create session should be successful", ssn);
-        }
-    }
-
-    public void testCreateSSLConnectionUsingSystemProperties() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            //Start the broker (NEEDing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, true, false, false);
-            startBroker();
-
-            Connection con;
-            if (isBroker10())
-            {
-                con = getConnection();
-            }
-            else
-            {
-
-                String url = "amqp://guest:guest@test/?brokerlist='tcp://localhost:%s?ssl='true''";
-
-                url = String.format(url, getDefaultBroker().getAmqpTlsPort());
-
-                con = getConnection(url);
-            }
-            assertNotNull("connection should be successful", con);
-            Session ssn = con.createSession(false,Session.AUTO_ACKNOWLEDGE);
-            assertNotNull("create session should be successful", ssn);
-        }
-    }
-
-    public void testMultipleCertsInSingleStore() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            //Start the broker (NEEDing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, true, false, false);
-            startBroker();
-
-            String url = "amqp://guest:guest@test/?brokerlist='tcp://localhost:" +
-                         getDefaultBroker().getAmqpTlsPort() +
-                         "?ssl='true'&ssl_cert_alias='" + TestSSLConstants.CERT_ALIAS_APP1
+ "''";
-
-            AMQTestConnection_0_10 con = new AMQTestConnection_0_10(url);
-            org.apache.qpid.transport.Connection transportCon = con.getConnection();
-            String userID = transportCon.getSecurityLayer().getUserID();
-            assertEquals("The correct certificate was not chosen","app1@acme.org",userID);
-            con.close();
-
-            url = "amqp://guest:guest@test/?brokerlist='tcp://localhost:" +
-                  getDefaultBroker().getAmqpTlsPort() +
-                  "?ssl='true'&ssl_cert_alias='" + TestSSLConstants.CERT_ALIAS_APP2 +
"''";
-
-            con = new AMQTestConnection_0_10(url);
-            transportCon = con.getConnection();
-            userID = transportCon.getSecurityLayer().getUserID();
-            assertEquals("The correct certificate was not chosen","app2@acme.org",userID);
-            con.close();
-        }
-    }
-
-    public void testVerifyHostNameWithIncorrectHostname() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            //Start the broker (WANTing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, false, true, false);
-            startBroker();
-
-            String url = "amqp://guest:guest@test/?brokerlist='tcp://127.0.0.1:" +
-                         getDefaultBroker().getAmqpTlsPort() + "?ssl='true''";
-
-            try
-            {
-                getConnection(url);
-                fail("Hostname verification failed. No exception was thrown");
-            }
-            catch (Exception e)
-            {
-                verifyExceptionCausesContains(e, "SSL hostname verification failed");
-            }
-        }
-    }
-
-    private void verifyExceptionCausesContains(Exception e, String expectedString)
-    {
-        LOGGER.debug("verifying that the following exception contains " + expectedString,
e);
-        ByteArrayOutputStream bout = new ByteArrayOutputStream();
-        e.printStackTrace(new PrintStream(bout));
-        String strace = bout.toString();
-        assertTrue("Correct exception not thrown, expecting : " + expectedString + " got
: " +e,
-                   strace.contains(expectedString));
-    }
-
-    public void testVerifyLocalHost() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            //Start the broker (WANTing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, false, true, false);
-            startBroker();
-
-            String url = "amqp://guest:guest@test/?brokerlist='tcp://localhost:" +
-                         getDefaultBroker().getAmqpTlsPort() + "?ssl='true''";
-
-            Connection con = getConnection(url);
-            assertNotNull("connection should have been created", con);
-        }
-    }
-
-    public void testVerifyLocalHostLocalDomain() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            //Start the broker (WANTing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, false, true, false);
-            startBroker();
-
-            String url = "amqp://guest:guest@test/?brokerlist='tcp://localhost.localdomain:"
+
-                         getDefaultBroker().getAmqpTlsPort() + "?ssl='true''";
-
-            Connection con = getConnection(url);
-            assertNotNull("connection should have been created", con);
-        }
-    }
-
-    public void testCreateSSLConnectionUsingConnectionURLParamsTrustStoreOnly() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            clearSslStoreSystemProperties();
-
-            //Start the broker (WANTing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, false, true, false);
-            startBroker();
-
-            Connection con;
-            if (isBroker10())
-            {
-                final Map<String, String> options = new HashMap<>();
-                options.put("transport.trustStoreLocation", TRUSTSTORE);
-                options.put("transport.trustStorePassword", TRUSTSTORE_PASSWORD);
-                con = getConnectionBuilder().setTls(true).setOptions(options).build();
-            }
-            else
-            {
-
-                String url = "amqp://guest:guest@test/?brokerlist='tcp://localhost:%s" +
-                             "?ssl='true'" +
-                             "&trust_store='%s'&trust_store_password='%s'" +
-                             "'";
-
-                url = String.format(url, getDefaultBroker().getAmqpTlsPort(), TRUSTSTORE,
TRUSTSTORE_PASSWORD);
-
-                con = getConnection(url);
-            }
-            assertNotNull("connection should be successful", con);
-            Session ssn = con.createSession(false,Session.AUTO_ACKNOWLEDGE);
-            assertNotNull("create session should be successful", ssn);
-        }
-    }
-
-    /**
-     * Verifies that when the broker is configured to NEED client certificates,
-     * a client which doesn't supply one fails to connect.
-     */
-    public void testClientCertMissingWhilstNeeding() throws Exception
-    {
-        missingClientCertWhileNeedingOrWantingTestImpl(true, false, false);
-    }
-
-    /**
-     * Verifies that when the broker is configured to WANT client certificates,
-     * a client which doesn't supply one succeeds in connecting.
-     */
-    public void testClientCertMissingWhilstWanting() throws Exception
-    {
-        missingClientCertWhileNeedingOrWantingTestImpl(false, true, true);
-    }
-
-    /**
-     * Verifies that when the broker is configured to WANT and NEED client certificates
-     * that a client which doesn't supply one fails to connect.
-     */
-    public void testClientCertMissingWhilstWantingAndNeeding() throws Exception
-    {
-        missingClientCertWhileNeedingOrWantingTestImpl(true, true, false);
-    }
-
-    private void missingClientCertWhileNeedingOrWantingTestImpl(boolean needClientCerts,
-                            boolean wantClientCerts, boolean shouldSucceed) throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            clearSslStoreSystemProperties();
-
-            //Start the broker
-            configureJavaBrokerIfNecessary(true, true, needClientCerts, wantClientCerts,
false);
-            startBroker();
-
-            try
-            {
-                Connection con = null;
-                if (isBroker10())
-                {
-                    final Map<String, String> options = new HashMap<>();
-                    options.put("transport.trustStoreLocation", TRUSTSTORE);
-                    options.put("transport.trustStorePassword", TRUSTSTORE_PASSWORD);
-
-                    con = getConnectionBuilder().setTls(true).setOptions(options).build();
-
-
-                }
-                else
-                {
-                    String url = "amqp://guest:guest@test/?brokerlist='tcp://localhost:%s"
+
-                                 "?ssl='true'&trust_store='%s'&trust_store_password='%s''";
-
-                    url = String.format(url, getDefaultBroker().getAmqpTlsPort(), TRUSTSTORE,
TRUSTSTORE_PASSWORD);
-                    con = getConnection(url);
-
-                }
-
-                if(!shouldSucceed)
-                {
-                    fail("Connection succeeded, expected exception was not thrown");
-                }
-                else
-                {
-                    //Use the connection to verify it works
-                    con.createSession(true, Session.SESSION_TRANSACTED);
-                }
-            }
-            catch(JMSException e)
-            {
-                if(shouldSucceed)
-                {
-                    LOGGER.error("Caught unexpected exception",e);
-                    fail("Connection failed, unexpected exception thrown");
-                }
-                else
-                {
-                    //expected
-                    verifyExceptionCausesContains(e, "Caused by: javax.net.ssl.SSLException:");
-                }
-            }
-        }
-    }
-
-    /**
-     * Test running TLS and unencrypted on the same port works and both TLS and non-TLS connections
can be established
-     *
-     */
-    public void testCreateSSLandTCPonSamePort() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            clearSslStoreSystemProperties();
-
-            //Start the broker (NEEDing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, false, false, false, true);
-            startBroker();
-
-            Connection con;
-            if (isBroker10())
-            {
-                final Map<String, String> options = new HashMap<>();
-                options.put("transport.keyStoreLocation", KEYSTORE);
-                options.put("transport.keyStorePassword", KEYSTORE_PASSWORD);
-                options.put("transport.trustStoreLocation", TRUSTSTORE);
-                options.put("transport.trustStorePassword", TRUSTSTORE_PASSWORD);
-
-                con = getConnectionBuilder().setTls(true).setOptions(options).build();
-            }
-            else
-            {
-                String url = "amqp://guest:guest@test/?brokerlist='tcp://localhost:%s" +
-                             "?ssl='true'" +
-                             "&key_store='%s'&key_store_password='%s'" +
-                             "&trust_store='%s'&trust_store_password='%s'" +
-                             "'";
-
-                url = String.format(url, getDefaultBroker().getAmqpTlsPort(),
-                                    KEYSTORE,KEYSTORE_PASSWORD,TRUSTSTORE,TRUSTSTORE_PASSWORD);
-
-                con = getConnection(url);
-            }
-            assertNotNull("connection should be successful", con);
-            Session ssn = con.createSession(false,Session.AUTO_ACKNOWLEDGE);
-            assertNotNull("create session should be successful", ssn);
-
-        }
-    }
-
-    public void testCreateSSLWithCertFileAndPrivateKey() throws Exception
-    {
-        if (shouldPerformTest())
-        {
-            clearSslStoreSystemProperties();
-            File[] certAndKeyFiles = extractResourcesFromTestKeyStore();
-            //Start the broker (WANTing client certificate authentication)
-            configureJavaBrokerIfNecessary(true, true, true, false, false);
-            startBroker();
-
-            String url = "amqp://guest:guest@test/?brokerlist='tcp://localhost:%s" +
-                         "?ssl='true'" +
-                         "&trust_store='%s'&ssl_verify_hostname='false'&trust_store_password='%s'"
+
-                         "&client_cert_path='%s'&client_cert_priv_key_path='%s''";
-
-            url = String.format(url,
-                                getDefaultBroker().getAmqpTlsPort(),
-                                TRUSTSTORE,
-                                TRUSTSTORE_PASSWORD,
-                                encode(certAndKeyFiles[1].getCanonicalPath()),
-                                encode(certAndKeyFiles[0].getCanonicalPath()));
-
-            Connection con = getConnection(url);
-            assertNotNull("connection should be successful", con);
-            Session ssn = con.createSession(false,Session.AUTO_ACKNOWLEDGE);
-            assertNotNull("create session should be successful", ssn);
-        }
-    }
-    private boolean shouldPerformTest()
-    {
-        // We run the SSL tests on all profiles for the Apache Qpid Broker-J
-        if(isJavaBroker())
-        {
-            setTestClientSystemProperty(PROFILE_USE_SSL, "true");
-        }
-
-        return Boolean.getBoolean(PROFILE_USE_SSL);
-    }
-
-    private void configureJavaBrokerIfNecessary(boolean sslEnabled,
-                                                boolean sslOnly,
-                                                boolean needClientAuth,
-                                                boolean wantClientAuth,
-                                                boolean samePort) throws Exception
-    {
-        if(isJavaBroker())
-        {
-            Map<String, Object> sslPortAttributes = new HashMap<String, Object>();
-            sslPortAttributes.put(Port.TRANSPORTS, samePort ? Arrays.asList(Transport.SSL,
Transport.TCP)
-                                                            : Collections.singleton(Transport.SSL));
-            sslPortAttributes.put(Port.PORT, DEFAULT_SSL_PORT);
-            sslPortAttributes.put(Port.AUTHENTICATION_PROVIDER, TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER);
-            sslPortAttributes.put(Port.NEED_CLIENT_AUTH, needClientAuth);
-            sslPortAttributes.put(Port.WANT_CLIENT_AUTH, wantClientAuth);
-            sslPortAttributes.put(Port.NAME, TestBrokerConfiguration.ENTRY_NAME_SSL_PORT);
-            sslPortAttributes.put(Port.KEY_STORE, TestBrokerConfiguration.ENTRY_NAME_SSL_KEYSTORE);
-            sslPortAttributes.put(Port.TRUST_STORES, Collections.singleton(TestBrokerConfiguration.ENTRY_NAME_SSL_TRUSTSTORE));
-            sslPortAttributes.put(Port.PROTOCOLS, System.getProperty(TEST_AMQP_PORT_PROTOCOLS_PROPERTY));
-            getDefaultBrokerConfiguration().addObjectConfiguration(Port.class, sslPortAttributes);
-
-            Map<String, Object> aliasAttributes = new HashMap<>();
-            aliasAttributes.put(VirtualHostAlias.NAME, "defaultAlias");
-            aliasAttributes.put(VirtualHostAlias.TYPE, DefaultVirtualHostAlias.TYPE_NAME);
-            getDefaultBrokerConfiguration().addObjectConfiguration(Port.class, TestBrokerConfiguration.ENTRY_NAME_SSL_PORT,
VirtualHostAlias.class, aliasAttributes);
-
-            aliasAttributes = new HashMap<>();
-            aliasAttributes.put(VirtualHostAlias.NAME, "nameAlias");
-            aliasAttributes.put(VirtualHostAlias.TYPE, VirtualHostNameAlias.TYPE_NAME);
-            getDefaultBrokerConfiguration().addObjectConfiguration(Port.class, TestBrokerConfiguration.ENTRY_NAME_SSL_PORT,
VirtualHostAlias.class, aliasAttributes);
-
-        }
-    }
-
-    private void setSslStoreSystemProperties()
-    {
-        setSystemProperty("javax.net.ssl.keyStore", KEYSTORE);
-        setSystemProperty("javax.net.ssl.keyStorePassword", KEYSTORE_PASSWORD);
-        setSystemProperty("javax.net.ssl.trustStore", TRUSTSTORE);
-        setSystemProperty("javax.net.ssl.trustStorePassword", TRUSTSTORE_PASSWORD);
-    }
-
-    private void clearSslStoreSystemProperties()
-    {
-        setSystemProperty("javax.net.ssl.keyStore", null);
-        setSystemProperty("javax.net.ssl.keyStorePassword", null);
-        setSystemProperty("javax.net.ssl.trustStore", null);
-        setSystemProperty("javax.net.ssl.trustStorePassword", null);
-    }
-
-    private File[] extractResourcesFromTestKeyStore() throws Exception
-    {
-        java.security.KeyStore ks = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
-        try(InputStream is = new FileInputStream(KEYSTORE))
-        {
-            ks.load(is, KEYSTORE_PASSWORD.toCharArray() );
-        }
-
-
-        File privateKeyFile = TestFileUtils.createTempFile(this, ".private-key.der");
-        try(FileOutputStream kos = new FileOutputStream(privateKeyFile))
-        {
-            Key pvt = ks.getKey(TestSSLConstants.CERT_ALIAS_APP1, KEYSTORE_PASSWORD.toCharArray());
-            kos.write("-----BEGIN PRIVATE KEY-----\n".getBytes());
-            String base64encoded = DatatypeConverter.printBase64Binary(pvt.getEncoded());
-            while(base64encoded.length() > 76)
-            {
-                kos.write(base64encoded.substring(0,76).getBytes());
-                kos.write("\n".getBytes());
-                base64encoded = base64encoded.substring(76);
-            }
-
-            kos.write(base64encoded.getBytes());
-            kos.write("\n-----END PRIVATE KEY-----".getBytes());
-            kos.flush();
-        }
-
-        File certificateFile = TestFileUtils.createTempFile(this, ".certificate.der");
-
-        try(FileOutputStream cos = new FileOutputStream(certificateFile))
-        {
-            Certificate[] chain = ks.getCertificateChain(TestSSLConstants.CERT_ALIAS_APP1);
-            for(Certificate pub : chain)
-            {
-                cos.write("-----BEGIN CERTIFICATE-----\n".getBytes());
-                String base64encoded = DatatypeConverter.printBase64Binary(pub.getEncoded());
-                while (base64encoded.length() > 76)
-                {
-                    cos.write(base64encoded.substring(0, 76).getBytes());
-                    cos.write("\n".getBytes());
-                    base64encoded = base64encoded.substring(76);
-                }
-                cos.write(base64encoded.getBytes());
-
-                cos.write("\n-----END CERTIFICATE-----\n".getBytes());
-            }
-            cos.flush();
-        }
-
-        return new File[]{privateKeyFile,certificateFile};
-    }
-
-    private File extractCertFileFromTestTrustStore() throws Exception
-    {
-        java.security.KeyStore ks = java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
-        try(InputStream is = new FileInputStream(TRUSTSTORE))
-        {
-            ks.load(is, TRUSTSTORE_PASSWORD.toCharArray() );
-        }
-
-
-
-        File certificateFile = TestFileUtils.createTempFile(this, ".crt");
-
-        try(FileOutputStream cos = new FileOutputStream(certificateFile))
-        {
-
-            for(String alias : Collections.list(ks.aliases()))
-            {
-                Certificate pub = ks.getCertificate(alias);
-                cos.write("-----BEGIN CERTIFICATE-----\n".getBytes());
-                String base64encoded = DatatypeConverter.printBase64Binary(pub.getEncoded());
-                while (base64encoded.length() > 76)
-                {
-                    cos.write(base64encoded.substring(0, 76).getBytes());
-                    cos.write("\n".getBytes());
-                    base64encoded = base64encoded.substring(76);
-                }
-                cos.write(base64encoded.getBytes());
-
-                cos.write("\n-----END CERTIFICATE-----\n".getBytes());
-            }
-            cos.flush();
-        }
-
-        return certificateFile;
-    }
-
-    private String encode(final String canonicalPath) throws UnsupportedEncodingException
-    {
-        return URLEncoder.encode(URLEncoder.encode(canonicalPath, StandardCharsets.UTF_8.name()).replace("+",
"%20"),
-                                 StandardCharsets.UTF_8.name());
-    }
-}

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/src/test/java/org/apache/qpid/server/queue/NodeAutoCreationPolicyTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/server/queue/NodeAutoCreationPolicyTest.java
b/systests/src/test/java/org/apache/qpid/server/queue/NodeAutoCreationPolicyTest.java
index 336ea74..608f54d 100644
--- a/systests/src/test/java/org/apache/qpid/server/queue/NodeAutoCreationPolicyTest.java
+++ b/systests/src/test/java/org/apache/qpid/server/queue/NodeAutoCreationPolicyTest.java
@@ -360,7 +360,7 @@ public class NodeAutoCreationPolicyTest extends QpidBrokerTestCase
                                         "org.apache.qpid.Queue", attributes);
 
         Map<String, Object> queueAttributes =
-                managementReadObject(session, "org.apache.qpid.Queue", queueName, true);
+                managementReadObject(connection.createSession(false, Session.AUTO_ACKNOWLEDGE),
"org.apache.qpid.Queue", queueName, true);
 
         Object actualAlternateBinding = queueAttributes.get(org.apache.qpid.server.model.Queue.ALTERNATE_BINDING);
         Map<String, Object> actualAlternateBindingMap = convertIfNecessary(actualAlternateBinding);
@@ -369,7 +369,7 @@ public class NodeAutoCreationPolicyTest extends QpidBrokerTestCase
                      new HashMap<>(actualAlternateBindingMap));
 
         assertNotNull("Cannot get dead letter queue",
-                      managementReadObject(session, "org.apache.qpid.Queue", deadLetterQueueName,
true));
+                      managementReadObject(connection.createSession(false, Session.AUTO_ACKNOWLEDGE),
"org.apache.qpid.Queue", deadLetterQueueName, true));
     }
 
     public void testExchangeAlternateBindingCreation() throws Exception
@@ -391,7 +391,7 @@ public class NodeAutoCreationPolicyTest extends QpidBrokerTestCase
                                         "org.apache.qpid.DirectExchange", attributes);
 
         Map<String, Object> exchangeAttributes =
-                managementReadObject(session, "org.apache.qpid.Exchange", exchangeName, true);
+                managementReadObject(connection.createSession(false, Session.AUTO_ACKNOWLEDGE),
"org.apache.qpid.Exchange", exchangeName, true);
 
         Object actualAlternateBinding = exchangeAttributes.get(Exchange.ALTERNATE_BINDING);
         Map<String, Object> actualAlternateBindingMap = convertIfNecessary(actualAlternateBinding);
@@ -400,7 +400,7 @@ public class NodeAutoCreationPolicyTest extends QpidBrokerTestCase
                      new HashMap<>(actualAlternateBindingMap));
 
         assertNotNull("Cannot get dead letter exchange",
-                      managementReadObject(session, "org.apache.qpid.FanoutExchange", deadLetterExchangeName,
true));
+                      managementReadObject(connection.createSession(false, Session.AUTO_ACKNOWLEDGE),
"org.apache.qpid.FanoutExchange", deadLetterExchangeName, true));
     }
 
     public void testLegacyQueueDeclareArgumentAlternateBindingCreation() throws Exception
@@ -415,14 +415,14 @@ public class NodeAutoCreationPolicyTest extends QpidBrokerTestCase
 
 
         Map<String, Object> queueAttributes =
-                managementReadObject(session, "org.apache.qpid.Queue", testQueueName, true);
+                managementReadObject(connection.createSession(false, Session.AUTO_ACKNOWLEDGE),
"org.apache.qpid.Queue", testQueueName, true);
 
         Object actualAlternateBinding = queueAttributes.get(Exchange.ALTERNATE_BINDING);
         assertTrue("Unexpected alternate binding", actualAlternateBinding instanceof Map);
         Object deadLetterQueueName = ((Map<String, Object>) actualAlternateBinding).get(AlternateBinding.DESTINATION);
 
         assertNotNull("Cannot get dead letter queue",
-                      managementReadObject(session, "org.apache.qpid.Queue", String.valueOf(deadLetterQueueName),
true));
+                      managementReadObject(connection.createSession(false, Session.AUTO_ACKNOWLEDGE),
"org.apache.qpid.Queue", String.valueOf(deadLetterQueueName), true));
     }
 
     private Map<String, Object> convertIfNecessary(final Object actualAlternateBinding)
throws IOException

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/src/test/java/org/apache/qpid/server/queue/QueueMessageDurabilityTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/server/queue/QueueMessageDurabilityTest.java
b/systests/src/test/java/org/apache/qpid/server/queue/QueueMessageDurabilityTest.java
index 8ed84eb..7237561 100644
--- a/systests/src/test/java/org/apache/qpid/server/queue/QueueMessageDurabilityTest.java
+++ b/systests/src/test/java/org/apache/qpid/server/queue/QueueMessageDurabilityTest.java
@@ -77,10 +77,10 @@ public class QueueMessageDurabilityTest extends QpidBrokerTestCase
         arguments.put(org.apache.qpid.server.model.Queue.DURABLE, false);
         _nonDurableAlwaysPersist = createQueueWithArguments(session, NONDURABLE_ALWAYS_PERSIST_NAME,
arguments);
 
-        bindQueue(session, "amq.topic", DURABLE_ALWAYS_PERSIST_NAME, "Y.*.*.*");
-        bindQueue(session, "amq.topic", DURABLE_NEVER_PERSIST_NAME, "*.Y.*.*");
-        bindQueue(session, "amq.topic", DURABLE_DEFAULT_PERSIST_NAME, "*.*.Y.*");
-        bindQueue(session, "amq.topic", NONDURABLE_ALWAYS_PERSIST_NAME, "*.*.*.Y");
+        bindQueue(conn.createSession(false, Session.AUTO_ACKNOWLEDGE), "amq.topic", DURABLE_ALWAYS_PERSIST_NAME,
"Y.*.*.*");
+        bindQueue(conn.createSession(false, Session.AUTO_ACKNOWLEDGE), "amq.topic", DURABLE_NEVER_PERSIST_NAME,
"*.Y.*.*");
+        bindQueue(conn.createSession(false, Session.AUTO_ACKNOWLEDGE), "amq.topic", DURABLE_DEFAULT_PERSIST_NAME,
"*.*.Y.*");
+        bindQueue(conn.createSession(false, Session.AUTO_ACKNOWLEDGE), "amq.topic", NONDURABLE_ALWAYS_PERSIST_NAME,
"*.*.*.Y");
 
         _topicNameFormat = isBroker10() ? "amq.topic/%s" : "%s";
 

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/src/test/java/org/apache/qpid/server/routing/ExchangeRoutingTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/server/routing/ExchangeRoutingTest.java
b/systests/src/test/java/org/apache/qpid/server/routing/ExchangeRoutingTest.java
index 7370328..55e1640 100644
--- a/systests/src/test/java/org/apache/qpid/server/routing/ExchangeRoutingTest.java
+++ b/systests/src/test/java/org/apache/qpid/server/routing/ExchangeRoutingTest.java
@@ -89,7 +89,7 @@ public class ExchangeRoutingTest extends QpidBrokerTestCase
 
         performOperationUsingAmqpManagement(_exchName1,
                                             "bind",
-                                            _session,
+                                            _connection.createSession(false, Session.AUTO_ACKNOWLEDGE),
                                             "org.apache.qpid.Exchange",
                                             bindingArguments);
 
@@ -110,7 +110,7 @@ public class ExchangeRoutingTest extends QpidBrokerTestCase
 
         performOperationUsingAmqpManagement(_exchName1,
                                             "bind",
-                                            _session,
+                                            _connection.createSession(false, Session.AUTO_ACKNOWLEDGE),
                                             "org.apache.qpid.Exchange",
                                             binding1Arguments);
 
@@ -120,7 +120,7 @@ public class ExchangeRoutingTest extends QpidBrokerTestCase
 
         performOperationUsingAmqpManagement(_exchName2,
                                             "bind",
-                                            _session,
+                                            _connection.createSession(false, Session.AUTO_ACKNOWLEDGE),
                                             "org.apache.qpid.Exchange",
                                             binding2Arguments);
 
@@ -144,7 +144,7 @@ public class ExchangeRoutingTest extends QpidBrokerTestCase
 
         performOperationUsingAmqpManagement(_exchName1,
                                             "bind",
-                                            _session,
+                                            _connection.createSession(false, Session.AUTO_ACKNOWLEDGE),
                                             "org.apache.qpid.Exchange",
                                             binding1Arguments);
 
@@ -155,7 +155,7 @@ public class ExchangeRoutingTest extends QpidBrokerTestCase
 
         performOperationUsingAmqpManagement(_exchName2,
                                             "bind",
-                                            _session,
+                                            _connection.createSession(false, Session.AUTO_ACKNOWLEDGE),
                                             "org.apache.qpid.Exchange",
                                             binding2Arguments);
 

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/src/test/java/org/apache/qpid/server/security/acl/AbstractACLTestCase.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/server/security/acl/AbstractACLTestCase.java
b/systests/src/test/java/org/apache/qpid/server/security/acl/AbstractACLTestCase.java
index ca66488..3491215 100644
--- a/systests/src/test/java/org/apache/qpid/server/security/acl/AbstractACLTestCase.java
+++ b/systests/src/test/java/org/apache/qpid/server/security/acl/AbstractACLTestCase.java
@@ -141,7 +141,7 @@ public abstract class AbstractACLTestCase extends QpidBrokerTestCase
 
         performOperationUsingAmqpManagement(exchangeName,
                                             "bind",
-                                            getAdminSession(),
+                                            _adminConnection.createSession(false, Session.AUTO_ACKNOWLEDGE),
                                             "org.apache.qpid.Exchange",
                                             bindingArguments);
     }

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/src/test/java/org/apache/qpid/systest/MessageRoutingTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/systest/MessageRoutingTest.java b/systests/src/test/java/org/apache/qpid/systest/MessageRoutingTest.java
index d8de19b..f2f6b4a 100644
--- a/systests/src/test/java/org/apache/qpid/systest/MessageRoutingTest.java
+++ b/systests/src/test/java/org/apache/qpid/systest/MessageRoutingTest.java
@@ -58,7 +58,7 @@ public class MessageRoutingTest extends QpidBrokerTestCase
         final Map<String, Object> arguments = new HashMap<>();
         arguments.put("destination", QUEUE_NAME);
         arguments.put("bindingKey", ROUTING_KEY);
-        performOperationUsingAmqpManagement(EXCHANGE_NAME, "bind", _session, "org.apache.qpid.Exchange",
+        performOperationUsingAmqpManagement(EXCHANGE_NAME, "bind", _connection.createSession(false,
Session.AUTO_ACKNOWLEDGE), "org.apache.qpid.Exchange",
                                             arguments);
     }
 

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/test-profiles/CPPExcludes
----------------------------------------------------------------------
diff --git a/test-profiles/CPPExcludes b/test-profiles/CPPExcludes
index c1a59a9..8d0f750 100755
--- a/test-profiles/CPPExcludes
+++ b/test-profiles/CPPExcludes
@@ -132,11 +132,6 @@ org.apache.qpid.systest.rest.acl.*
 // Exclude failover tests requiring virtual host functionality
 org.apache.qpid.client.failover.MultipleBrokersFailoverTest#*
 
-// Uses Qpid Broker-J specific configuration
-org.apache.qpid.client.ssl.SSLTest#testClientCertMissingWhilstWanting
-org.apache.qpid.client.ssl.SSLTest#testCreateSSLandTCPonSamePort
-
-
 // QPID-2796 : JMS client for AMQP 0-10 only sends heartbeats in response to heartbeats from
the server, not timeout based
 org.apache.qpid.client.HeartbeatTest#testUnidirectionalHeartbeating
 org.apache.qpid.client.HeartbeatTest#testHeartbeatsEnabledBrokerSide

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/test-profiles/Excludes
----------------------------------------------------------------------
diff --git a/test-profiles/Excludes b/test-profiles/Excludes
index 7a60890..4a2bdfc 100644
--- a/test-profiles/Excludes
+++ b/test-profiles/Excludes
@@ -16,5 +16,3 @@
 // specific language governing permissions and limitations
 // under the License.
 //
-
-org.apache.qpid.client.ssl.SSLTest#testVerifyLocalHostLocalDomain

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/test-profiles/Java10Excludes
----------------------------------------------------------------------
diff --git a/test-profiles/Java10Excludes b/test-profiles/Java10Excludes
index c7711a3..eb7f81f 100644
--- a/test-profiles/Java10Excludes
+++ b/test-profiles/Java10Excludes
@@ -107,22 +107,6 @@ org.apache.qpid.test.client.message.JMSDestinationTest#testQueueWithBindingUrlUs
 org.apache.qpid.server.logging.ConsumerLoggingTest#testSubscriptionCreateDurable
 org.apache.qpid.server.logging.ConsumerLoggingTest#testSubscriptionCreateDurableWithArguments
 
-// Qpid JMS Client does not accept key material in forms apart from JKS and PKCS
-org.apache.qpid.client.ssl.SSLTest#testCreateSSLConnectionWithCertificateTrust
-org.apache.qpid.client.ssl.SSLTest#testCreateSSLWithCertFileAndPrivateKey
-// Test requires modification of javax.net.ssl system properties but Qpid JMS Client reads
them only once
-org.apache.qpid.client.ssl.SSLTest#testCreateSSLConnectionUsingSystemProperties
-org.apache.qpid.client.ssl.SSLTest#testSslConnectionOption
-org.apache.qpid.client.ssl.SSLTest#testVerifyLocalHost
-org.apache.qpid.server.security.auth.manager.MultipleAuthenticationManagersTest#testMultipleAuthenticationManagers
-// Test framework does not allow us to override hostname
-org.apache.qpid.client.ssl.SSLTest#testHostVerificationIsOnByDefault
-org.apache.qpid.client.ssl.SSLTest#testVerifyHostNameWithIncorrectHostname
-// 0-x client specific feature
-org.apache.qpid.client.ssl.SSLTest#testSslConnectionOptionOverridesBrokerlistOption
-/ Test is 0-10 specific
-org.apache.qpid.client.ssl.SSLTest#testMultipleCertsInSingleStore
-
 // Tests assume BURL and/or Connection URL formats
 org.apache.qpid.server.store.berkeleydb.replication.MultiNodeTest#*
 org.apache.qpid.server.store.berkeleydb.replication.TwoNodeTest#*

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/test-profiles/JavaPre010Excludes
----------------------------------------------------------------------
diff --git a/test-profiles/JavaPre010Excludes b/test-profiles/JavaPre010Excludes
index 7c78ca5..42f007d 100644
--- a/test-profiles/JavaPre010Excludes
+++ b/test-profiles/JavaPre010Excludes
@@ -44,9 +44,6 @@ org.apache.qpid.client.failover.AddressBasedFailoverBehaviourTest#*
 org.apache.qpid.client.SynchReceiveTest#testReceiveNoWait
 org.apache.qpid.server.logging.ChannelLoggingTest#testChannelClosedOnExclusiveQueueDeclaredOnDifferentSession
 
-// Makes explicit use of 0-10 connection object
-org.apache.qpid.client.ssl.SSLTest#testMultipleCertsInSingleStore
-
 // Tests 0.10 client feature
 org.apache.qpid.test.unit.client.connection.ConnectionTest#testUnsupportedSASLMechanism
 

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/test-profiles/cpp.ssl.excludes
----------------------------------------------------------------------
diff --git a/test-profiles/cpp.ssl.excludes b/test-profiles/cpp.ssl.excludes
index c2e8cfe..bfb2d30 100644
--- a/test-profiles/cpp.ssl.excludes
+++ b/test-profiles/cpp.ssl.excludes
@@ -17,7 +17,4 @@
 // under the License.
 //
 
-//This test does not supply a client keystore, therefore it cant login to the C++ broker
-//in this test profile as it demands client certificate authentication
-org.apache.qpid.client.ssl.SSLTest#testCreateSSLConnectionUsingConnectionURLParamsTrustStoreOnly
 


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org


Mime
View raw message