qpid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From kw...@apache.org
Subject qpid-broker-j git commit: QPID-8083: [System Tests] [REST/HTTP] Factor out AnonymousAccessRestTest, PreemtiveAuthRestTest, BrokerRestHttpAndHttpsTest
Date Sun, 25 Feb 2018 16:03:27 GMT
Repository: qpid-broker-j
Updated Branches:
  refs/heads/master 7dbb88471 -> 8c88850ee


QPID-8083: [System Tests] [REST/HTTP] Factor out AnonymousAccessRestTest, PreemtiveAuthRestTest, BrokerRestHttpAndHttpsTest


Project: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/commit/8c88850e
Tree: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/tree/8c88850e
Diff: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/diff/8c88850e

Branch: refs/heads/master
Commit: 8c88850ee77e49292d6dbd00dfa105ca348c7e60
Parents: 7dbb884
Author: Keith Wall <kwall@apache.org>
Authored: Sat Feb 24 16:32:56 2018 +0000
Committer: Keith Wall <kwall@apache.org>
Committed: Sun Feb 25 07:02:58 2018 +0000

----------------------------------------------------------------------
 .../apache/qpid/tests/http/HttpTestHelper.java  |  14 +-
 .../PreemptiveAuthenticationTest.java           | 328 +++++++++++++++++++
 .../TlsClientAuthenticationTest.java            | 210 ------------
 .../tests/http/transport/UnifiedPortTest.java   | 113 +++++++
 .../systest/rest/AnonymousAccessRestTest.java   | 116 -------
 .../rest/BrokerRestHttpAndHttpsTest.java        | 168 ----------
 .../qpid/systest/rest/BrokerRestHttpsTest.java  |  78 -----
 .../systest/rest/PreemtiveAuthRestTest.java     | 207 ------------
 8 files changed, 453 insertions(+), 781 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/8c88850e/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java
----------------------------------------------------------------------
diff --git a/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java b/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java
index a2bb3b8..00eb60d 100644
--- a/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java
+++ b/systests/qpid-systests-http-management/src/main/java/org/apache/qpid/tests/http/HttpTestHelper.java
@@ -75,8 +75,8 @@ public class HttpTestHelper
     private static final String API_BASE = "/api/latest/";
     private final BrokerAdmin _admin;
     private final int _httpPort;
-    private final String _username;
-    private final String _password;
+    private String _username;
+    private String _password;
     private final String _requestHostName;
     private final int _connectTimeout = Integer.getInteger("qpid.resttest_connection_timeout", 30000);
 
@@ -456,6 +456,16 @@ public class HttpTestHelper
         }
     }
 
+    public void setPassword(final String password)
+    {
+        _password = password;
+    }
+
+    public void setUserName(final String username)
+    {
+        _username = username;
+    }
+
     private static class TrustAllTrustManager implements X509TrustManager
     {
         public X509Certificate[] getAcceptedIssuers()

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/8c88850e/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/PreemptiveAuthenticationTest.java
----------------------------------------------------------------------
diff --git a/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/PreemptiveAuthenticationTest.java b/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/PreemptiveAuthenticationTest.java
new file mode 100644
index 0000000..40c655c
--- /dev/null
+++ b/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/PreemptiveAuthenticationTest.java
@@ -0,0 +1,328 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.tests.http.authentication;
+
+import static javax.servlet.http.HttpServletResponse.SC_CREATED;
+import static javax.servlet.http.HttpServletResponse.SC_OK;
+import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
+import static org.apache.qpid.server.transport.network.security.ssl.SSLUtil.generateSelfSignedCertificate;
+import static org.hamcrest.Matchers.equalTo;
+import static org.hamcrest.Matchers.greaterThan;
+import static org.hamcrest.Matchers.hasKey;
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.not;
+import static org.hamcrest.Matchers.startsWith;
+import static org.junit.Assert.assertThat;
+import static org.junit.Assert.fail;
+
+import java.io.ByteArrayOutputStream;
+import java.net.HttpURLConnection;
+import java.net.SocketException;
+import java.security.KeyStore;
+import java.security.cert.Certificate;
+import java.time.Duration;
+import java.time.Instant;
+import java.time.temporal.ChronoUnit;
+import java.util.ArrayDeque;
+import java.util.Base64;
+import java.util.Collections;
+import java.util.Deque;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.net.ssl.SSLHandshakeException;
+import javax.servlet.http.HttpServletResponse;
+
+import com.fasterxml.jackson.core.type.TypeReference;
+import org.junit.After;
+import org.junit.Test;
+
+import org.apache.qpid.server.management.plugin.HttpManagement;
+import org.apache.qpid.server.model.Port;
+import org.apache.qpid.server.model.Protocol;
+import org.apache.qpid.server.model.Transport;
+import org.apache.qpid.server.security.FileKeyStore;
+import org.apache.qpid.server.security.ManagedPeerCertificateTrustStore;
+import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManager;
+import org.apache.qpid.server.security.auth.manager.ExternalAuthenticationManager;
+import org.apache.qpid.server.transport.network.security.ssl.SSLUtil.KeyCertPair;
+import org.apache.qpid.server.util.BaseAction;
+import org.apache.qpid.server.util.DataUrlUtils;
+import org.apache.qpid.tests.http.HttpTestBase;
+import org.apache.qpid.tests.http.HttpTestHelper;
+
+public class PreemptiveAuthenticationTest extends HttpTestBase
+{
+    private static final TypeReference<String> STRING_TYPE_REF = new TypeReference<String>() {};
+    private static final String STORE_PASSWORD = "password";
+
+    private Deque<BaseAction<Void, Exception>> _tearDownActions;
+    private String _keyStore;
+
+    @After
+    public void tearDown() throws Exception
+    {
+        if (_tearDownActions != null)
+        {
+            Exception exception = null;
+            while(!_tearDownActions.isEmpty())
+            {
+                try
+                {
+                    _tearDownActions.removeLast().performAction(null);
+                }
+                catch (Exception e)
+                {
+                    exception = e;
+                }
+            }
+
+            if (exception != null)
+            {
+                throw exception;
+            }
+        }
+    }
+
+    @Test
+    public void clientAuthSuccess() throws Exception
+    {
+        HttpTestHelper helper = configForClientAuth("CN=foo");
+
+        String userId = helper.getJson("broker/getUser", STRING_TYPE_REF, SC_OK);
+        assertThat(userId, startsWith("foo@"));
+    }
+
+    @Test
+    public void clientAuthUnrecognisedCert() throws Exception
+    {
+        HttpTestHelper helper = configForClientAuth("CN=foo");
+
+        String keyStore = createKeyStoreDataUrl(getKeyCertPair("CN=bar"), STORE_PASSWORD);
+        helper.setKeyStore(keyStore, STORE_PASSWORD);
+
+        try
+        {
+            helper.getJson("broker/getUser", STRING_TYPE_REF, SC_OK);
+            fail("Exception not thrown");
+        }
+        catch (SSLHandshakeException e)
+        {
+            // PASS
+        }
+        catch (SocketException e)
+        {
+            // TODO - defect - we are not always seeing the SSL handshake exception
+        }
+    }
+
+    @Test
+    public void basicAuth() throws Exception
+    {
+        verifyGetBroker(SC_OK);
+    }
+
+    @Test
+    public void basicAuthWrongPassword() throws Exception
+    {
+        getHelper().setPassword("badpassword");
+
+        verifyGetBroker(HttpServletResponse.SC_UNAUTHORIZED);
+    }
+
+    @Test
+    public void httpBasicAuthDisabled() throws Exception
+    {
+        doBasicAuthDisabledTest(false);
+    }
+
+    @Test
+    public void httpsBasicAuthDisabled() throws Exception
+    {
+        doBasicAuthDisabledTest(true);
+    }
+
+    @Test
+    public void anonymousTest() throws Exception
+    {
+        HttpTestHelper helper = configForAnonymous();
+
+        String userId = helper.getJson("broker/getUser", STRING_TYPE_REF, SC_OK);
+        assertThat(userId, startsWith("ANONYMOUS@"));
+    }
+
+    @Test
+    public void noSessionCreated() throws Exception
+    {
+        final HttpURLConnection conn = getHelper().openManagementConnection("broker", "GET");
+        assertThat("Unexpected server response", conn.getResponseCode(), is(equalTo(SC_OK)));
+        assertThat("Unexpected cookie", conn.getHeaderFields(), not(hasKey("Set-Cookie")));
+    }
+
+    private void verifyGetBroker(int expectedResponseCode) throws Exception
+    {
+        assertThat(getHelper().submitRequest("broker", "GET"), is(equalTo(expectedResponseCode)));
+    }
+
+    private void doBasicAuthDisabledTest(final boolean tls) throws Exception
+    {
+        HttpTestHelper configHelper = new HttpTestHelper(getBrokerAdmin());
+        configHelper.setTls(!tls);
+        final String authEnabledAttrName = tls ? HttpManagement.HTTPS_BASIC_AUTHENTICATION_ENABLED : HttpManagement.HTTP_BASIC_AUTHENTICATION_ENABLED;
+        try
+        {
+            HttpTestHelper helper = new HttpTestHelper(getBrokerAdmin());
+            helper.setTls(tls);
+            assertThat(helper.submitRequest("broker", "GET"), is(equalTo(SC_OK)));
+
+            configHelper.submitRequest("plugin/httpManagement", "POST",
+                                       Collections.<String, Object>singletonMap(authEnabledAttrName, Boolean.FALSE), SC_OK);
+
+            assertThat(helper.submitRequest("broker", "GET"), is(equalTo(SC_UNAUTHORIZED)));
+        }
+        finally
+        {
+            configHelper.submitRequest("plugin/httpManagement", "POST",
+                                       Collections.<String, Object>singletonMap(authEnabledAttrName, Boolean.TRUE), SC_OK);
+
+        }
+    }
+
+    private HttpTestHelper configForClientAuth(final String x500Name) throws Exception
+    {
+        final KeyCertPair keyCertPair = getKeyCertPair(x500Name);
+        final byte[] cert = keyCertPair.getCertificate().getEncoded();
+
+        _keyStore = createKeyStoreDataUrl(keyCertPair, STORE_PASSWORD);
+
+        final Deque<BaseAction<Void,Exception>> deleteActions = new ArrayDeque<>();
+
+        final Map<String, Object> authAttr = new HashMap<>();
+        authAttr.put(ExternalAuthenticationManager.TYPE, "External");
+        authAttr.put(ExternalAuthenticationManager.ATTRIBUTE_USE_FULL_DN, false);
+
+        getHelper().submitRequest("authenticationprovider/myexternal","PUT", authAttr, SC_CREATED);
+
+        deleteActions.add(object -> getHelper().submitRequest("authenticationprovider/myexternal", "DELETE", SC_OK));
+
+        final Map<String, Object> keystoreAttr = new HashMap<>();
+        keystoreAttr.put(FileKeyStore.TYPE, "FileKeyStore");
+        keystoreAttr.put(FileKeyStore.STORE_URL, "classpath:java_broker_keystore.jks");
+        keystoreAttr.put(FileKeyStore.PASSWORD, STORE_PASSWORD);
+
+        getHelper().submitRequest("keystore/mykeystore","PUT", keystoreAttr, SC_CREATED);
+        deleteActions.add(object -> getHelper().submitRequest("keystore/mykeystore", "DELETE", SC_OK));
+
+        final Map<String, Object> truststoreAttr = new HashMap<>();
+        truststoreAttr.put(ManagedPeerCertificateTrustStore.TYPE, ManagedPeerCertificateTrustStore.TYPE_NAME);
+        truststoreAttr.put(ManagedPeerCertificateTrustStore.STORED_CERTIFICATES, Collections.singletonList(Base64.getEncoder().encodeToString(cert)));
+
+
+        getHelper().submitRequest("truststore/mytruststore","PUT", truststoreAttr, SC_CREATED);
+        deleteActions.add(object -> getHelper().submitRequest("truststore/mytruststore", "DELETE", SC_OK));
+
+        final Map<String, Object> portAttr = new HashMap<>();
+        portAttr.put(Port.TYPE, "HTTP");
+        portAttr.put(Port.PORT, 0);
+        portAttr.put(Port.AUTHENTICATION_PROVIDER, "myexternal");
+        portAttr.put(Port.PROTOCOLS, Collections.singleton(Protocol.HTTP));
+        portAttr.put(Port.TRANSPORTS, Collections.singleton(Transport.SSL));
+        portAttr.put(Port.NEED_CLIENT_AUTH, true);
+        portAttr.put(Port.KEY_STORE, "mykeystore");
+        portAttr.put(Port.TRUST_STORES, Collections.singletonList("mytruststore"));
+
+        getHelper().submitRequest("port/myport","PUT", portAttr, SC_CREATED);
+        deleteActions.add(object -> getHelper().submitRequest("port/myport", "DELETE", SC_OK));
+
+        Map<String, Object> clientAuthPort = getHelper().getJsonAsMap("port/myport");
+        int boundPort = Integer.parseInt(String.valueOf(clientAuthPort.get("boundPort")));
+
+        assertThat(boundPort, is(greaterThan(0)));
+
+        _tearDownActions = deleteActions;
+
+        HttpTestHelper helper = new HttpTestHelper(getBrokerAdmin(), null, boundPort);
+        helper.setTls(true);
+        helper.setKeyStore(_keyStore, STORE_PASSWORD);
+        return helper;
+    }
+
+    private HttpTestHelper configForAnonymous() throws Exception
+    {
+        final Deque<BaseAction<Void,Exception>> deleteActions = new ArrayDeque<>();
+
+        final Map<String, Object> authAttr = new HashMap<>();
+        authAttr.put(AnonymousAuthenticationManager.TYPE, AnonymousAuthenticationManager.PROVIDER_TYPE);
+
+        getHelper().submitRequest("authenticationprovider/myanon","PUT", authAttr, SC_CREATED);
+
+        deleteActions.add(object -> getHelper().submitRequest("authenticationprovider/myanon", "DELETE", SC_OK));
+
+        final Map<String, Object> portAttr = new HashMap<>();
+        portAttr.put(Port.TYPE, "HTTP");
+        portAttr.put(Port.PORT, 0);
+        portAttr.put(Port.AUTHENTICATION_PROVIDER, "myanon");
+        portAttr.put(Port.PROTOCOLS, Collections.singleton(Protocol.HTTP));
+        portAttr.put(Port.TRANSPORTS, Collections.singleton(Transport.TCP));
+
+        getHelper().submitRequest("port/myport","PUT", portAttr, SC_CREATED);
+        deleteActions.add(object -> getHelper().submitRequest("port/myport", "DELETE", SC_OK));
+
+        Map<String, Object> clientAuthPort = getHelper().getJsonAsMap("port/myport");
+        int boundPort = Integer.parseInt(String.valueOf(clientAuthPort.get("boundPort")));
+
+        assertThat(boundPort, is(greaterThan(0)));
+
+        _tearDownActions = deleteActions;
+
+        HttpTestHelper helper = new HttpTestHelper(getBrokerAdmin(), null, boundPort);
+        helper.setKeyStore(_keyStore, STORE_PASSWORD);
+        helper.setPassword(null);
+        helper.setUserName(null);
+        return helper;
+
+    }
+
+    private String createKeyStoreDataUrl(final KeyCertPair keyCertPair, final String password) throws Exception
+    {
+        final KeyStore keyStore = KeyStore.getInstance("JKS");
+        keyStore.load(null, null);
+        Certificate[] certChain = new Certificate[] {keyCertPair.getCertificate()};
+        keyStore.setKeyEntry("key1", keyCertPair.getPrivateKey(), password.toCharArray(), certChain);
+        try (ByteArrayOutputStream bos = new ByteArrayOutputStream())
+        {
+            keyStore.store(bos, password.toCharArray());
+            bos.toByteArray();
+            return DataUrlUtils.getDataUrlForBytes(bos.toByteArray());
+        }
+    }
+
+    private KeyCertPair getKeyCertPair(final String x500Name) throws Exception
+    {
+        return generateSelfSignedCertificate("RSA", "SHA256WithRSA",
+                                             2048, Instant.now().toEpochMilli(),
+                                             Duration.of(365, ChronoUnit.DAYS).getSeconds(),
+                                             x500Name,
+                                             Collections.emptySet(),
+                                             Collections.emptySet());
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/8c88850e/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/TlsClientAuthenticationTest.java
----------------------------------------------------------------------
diff --git a/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/TlsClientAuthenticationTest.java b/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/TlsClientAuthenticationTest.java
deleted file mode 100644
index 7d14ff8..0000000
--- a/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/authentication/TlsClientAuthenticationTest.java
+++ /dev/null
@@ -1,210 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.tests.http.authentication;
-
-import static javax.servlet.http.HttpServletResponse.SC_CREATED;
-import static javax.servlet.http.HttpServletResponse.SC_OK;
-import static org.apache.qpid.server.transport.network.security.ssl.SSLUtil.generateSelfSignedCertificate;
-import static org.hamcrest.Matchers.greaterThan;
-import static org.hamcrest.Matchers.is;
-import static org.hamcrest.Matchers.startsWith;
-import static org.junit.Assert.assertThat;
-import static org.junit.Assert.fail;
-
-import java.io.ByteArrayOutputStream;
-import java.security.KeyStore;
-import java.security.cert.Certificate;
-import java.time.Duration;
-import java.time.Instant;
-import java.time.temporal.ChronoUnit;
-import java.util.ArrayDeque;
-import java.util.Base64;
-import java.util.Collections;
-import java.util.Deque;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.net.ssl.SSLHandshakeException;
-
-import com.fasterxml.jackson.core.type.TypeReference;
-import org.junit.After;
-import org.junit.Test;
-
-import org.apache.qpid.server.model.Port;
-import org.apache.qpid.server.model.Protocol;
-import org.apache.qpid.server.model.Transport;
-import org.apache.qpid.server.security.FileKeyStore;
-import org.apache.qpid.server.security.ManagedPeerCertificateTrustStore;
-import org.apache.qpid.server.security.auth.manager.ExternalAuthenticationManager;
-import org.apache.qpid.server.transport.network.security.ssl.SSLUtil.KeyCertPair;
-import org.apache.qpid.server.util.BaseAction;
-import org.apache.qpid.server.util.DataUrlUtils;
-import org.apache.qpid.tests.http.HttpTestBase;
-import org.apache.qpid.tests.http.HttpTestHelper;
-
-public class TlsClientAuthenticationTest extends HttpTestBase
-{
-
-    private Deque<BaseAction<Void, Exception>> _tearDownActions;
-    private int _clientAuthPort;
-    private String _keyStore;
-
-    @After
-    public void tearDown() throws Exception
-    {
-        if (_tearDownActions != null)
-        {
-            Exception exception = null;
-            while(!_tearDownActions.isEmpty())
-            {
-                try
-                {
-                    _tearDownActions.removeLast().performAction(null);
-                }
-                catch (Exception e)
-                {
-                    exception = e;
-                }
-            }
-
-            if (exception != null)
-            {
-                throw exception;
-            }
-        }
-    }
-
-    @Test
-    public void clientAuthenticationSuccess() throws Exception
-    {
-        configPortAndAuthProvider("CN=foo");
-
-        HttpTestHelper helper = new HttpTestHelper(getBrokerAdmin(), null, _clientAuthPort);
-        helper.setTls(true);
-        helper.setKeyStore(_keyStore, "password");
-
-        String userId = helper.getJson("broker/getUser", new TypeReference<String>() {}, SC_OK);
-        assertThat(userId, startsWith("foo@"));
-    }
-
-    @Test
-    public void unrecognisedCertification() throws Exception
-    {
-        configPortAndAuthProvider("CN=foo");
-
-        String keyStore = createKeyStoreDataUrl(getKeyCertPair("CN=bar"), "password");
-
-        HttpTestHelper helper = new HttpTestHelper(getBrokerAdmin(), null, _clientAuthPort);
-        helper.setTls(true);
-        helper.setKeyStore(keyStore, "password");
-
-        try
-        {
-            helper.getJson("broker/getUser", new TypeReference<String>() {}, SC_OK);
-            fail("Exception not thrown");
-        }
-        catch (SSLHandshakeException e)
-        {
-            // PASS
-        }
-    }
-
-    private void configPortAndAuthProvider(final String x500Name) throws Exception
-    {
-
-        final KeyCertPair keyCertPair = getKeyCertPair(x500Name);
-        final byte[] cert = keyCertPair.getCertificate().getEncoded();
-
-        _keyStore = createKeyStoreDataUrl(keyCertPair, "password");
-
-
-        final Deque<BaseAction<Void,Exception>> deleteActions = new ArrayDeque<>();
-
-        final Map<String, Object> authAttr = new HashMap<>();
-        authAttr.put(ExternalAuthenticationManager.TYPE, "External");
-        authAttr.put(ExternalAuthenticationManager.ATTRIBUTE_USE_FULL_DN, false);
-
-        getHelper().submitRequest("authenticationprovider/myexternal","PUT", authAttr, SC_CREATED);
-
-        deleteActions.add(object -> getHelper().submitRequest("authenticationprovider/myexternal", "DELETE", SC_OK));
-
-        final Map<String, Object> keystoreAttr = new HashMap<>();
-        keystoreAttr.put(FileKeyStore.TYPE, "FileKeyStore");
-        keystoreAttr.put(FileKeyStore.STORE_URL, "classpath:java_broker_keystore.jks");
-        keystoreAttr.put(FileKeyStore.PASSWORD, "password");
-
-        getHelper().submitRequest("keystore/mykeystore","PUT", keystoreAttr, SC_CREATED);
-        deleteActions.add(object -> getHelper().submitRequest("keystore/mykeystore", "DELETE", SC_OK));
-
-        final Map<String, Object> truststoreAttr = new HashMap<>();
-        truststoreAttr.put(ManagedPeerCertificateTrustStore.TYPE, ManagedPeerCertificateTrustStore.TYPE_NAME);
-        truststoreAttr.put(ManagedPeerCertificateTrustStore.STORED_CERTIFICATES, Collections.singletonList(Base64.getEncoder().encodeToString(cert)));
-
-        getHelper().submitRequest("truststore/mytruststore","PUT", truststoreAttr, SC_CREATED);
-        deleteActions.add(object -> getHelper().submitRequest("truststore/mytruststore", "DELETE", SC_OK));
-
-        final Map<String, Object> portAttr = new HashMap<>();
-        portAttr.put(Port.TYPE, "HTTP");
-        portAttr.put(Port.PORT, 0);
-        portAttr.put(Port.AUTHENTICATION_PROVIDER, "myexternal");
-        portAttr.put(Port.PROTOCOLS, Collections.singleton(Protocol.HTTP));
-        portAttr.put(Port.TRANSPORTS, Collections.singleton(Transport.SSL));
-        portAttr.put(Port.NEED_CLIENT_AUTH, true);
-        portAttr.put(Port.KEY_STORE, "mykeystore");
-        portAttr.put(Port.TRUST_STORES, Collections.singletonList("mytruststore"));
-
-        getHelper().submitRequest("port/myport","PUT", portAttr, SC_CREATED);
-        deleteActions.add(object -> getHelper().submitRequest("port/myport", "DELETE", SC_OK));
-
-        Map<String, Object> clientAuthPort = getHelper().getJsonAsMap("port/myport");
-        int boundPort = Integer.parseInt(String.valueOf(clientAuthPort.get("boundPort")));
-
-        assertThat(boundPort, is(greaterThan(0)));
-
-        _tearDownActions = deleteActions;
-        _clientAuthPort = boundPort;
-    }
-
-    private String createKeyStoreDataUrl(final KeyCertPair keyCertPair, final String password) throws Exception
-    {
-        final KeyStore keyStore = KeyStore.getInstance("JKS");
-        keyStore.load(null, null);
-        Certificate[] certChain = new Certificate[] {keyCertPair.getCertificate()};
-        keyStore.setKeyEntry("key1", keyCertPair.getPrivateKey(), password.toCharArray(), certChain);
-        try (ByteArrayOutputStream bos = new ByteArrayOutputStream())
-        {
-            keyStore.store(bos, password.toCharArray());
-            bos.toByteArray();
-            return DataUrlUtils.getDataUrlForBytes(bos.toByteArray());
-        }
-    }
-
-    private KeyCertPair getKeyCertPair(final String x500Name) throws Exception
-    {
-        return generateSelfSignedCertificate("RSA", "SHA256WithRSA",
-                                             2048, Instant.now().toEpochMilli(),
-                                             Duration.of(365, ChronoUnit.DAYS).getSeconds(),
-                                             x500Name,
-                                             Collections.emptySet(),
-                                             Collections.emptySet());
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/8c88850e/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/transport/UnifiedPortTest.java
----------------------------------------------------------------------
diff --git a/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/transport/UnifiedPortTest.java b/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/transport/UnifiedPortTest.java
new file mode 100644
index 0000000..349bb10
--- /dev/null
+++ b/systests/qpid-systests-http-management/src/test/java/org/apache/qpid/tests/http/transport/UnifiedPortTest.java
@@ -0,0 +1,113 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.tests.http.transport;
+
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.junit.Assert.assertThat;
+
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.util.Map;
+
+import org.hamcrest.CoreMatchers;
+import org.junit.Test;
+
+import org.apache.qpid.test.utils.TCPTunneler;
+import org.apache.qpid.tests.http.HttpTestBase;
+import org.apache.qpid.tests.http.HttpTestHelper;
+import org.apache.qpid.tests.utils.BrokerAdmin;
+
+public class UnifiedPortTest extends HttpTestBase
+{
+    @Test
+    public void slowConnectHttp() throws Exception
+    {
+        doTestSlowConnect(false);
+    }
+
+    @Test
+    public void slowConnectHttps() throws Exception
+    {
+        doTestSlowConnect(true);
+    }
+
+    private void doTestSlowConnect(final boolean useTls) throws Exception
+    {
+        final int port = getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.HTTP).getPort();
+        try(TCPTunneler tunneler = new TCPTunneler(0, "localhost",
+                                                   port, 1, 2))
+        {
+            // Hopes to exercise the code path where too few bytes arrive with Jetty for it to make an PLAIN/TLS
+            // determination and needs to await more bytes.
+            tunneler.addClientListener(new PreambleDelayingListener());
+            tunneler.start();
+
+            HttpTestHelper _restTestHelper = new HttpTestHelper(getBrokerAdmin(), null, tunneler.getLocalPort());
+            _restTestHelper.setTls(useTls);
+
+            Map<String, Object> metadata = _restTestHelper.getJsonAsMap("broker/getConnectionMetaData");
+            String transport = String.valueOf(metadata.get("transport"));
+            final String expected = useTls ? "SSL" : "TCP";
+            assertThat("Unexpected protocol", transport, CoreMatchers.is(equalTo(expected)));
+        }
+    }
+
+    private static class PreambleDelayingListener implements TCPTunneler.TunnelListener
+    {
+        private int _totalBytes;
+
+        @Override
+        public void clientConnected(final InetSocketAddress clientAddress)
+        {
+
+        }
+
+        @Override
+        public void clientDisconnected(final InetSocketAddress clientAddress)
+        {
+
+        }
+
+        @Override
+        public void notifyClientToServerBytesDelivered(final InetAddress inetAddress,
+                                                       final int numberOfBytesForwarded)
+        {
+            _totalBytes += numberOfBytesForwarded;
+            if (_totalBytes < 10)
+            {
+                try
+                {
+                    Thread.sleep(10);
+                }
+                catch (InterruptedException e)
+                {
+                    Thread.currentThread().interrupt();
+                }
+            }
+        }
+
+        @Override
+        public void notifyServerToClientBytesDelivered(final InetAddress inetAddress,
+                                                       final int numberOfBytesForwarded)
+        {
+
+        }
+    }
+}

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/8c88850e/systests/src/test/java/org/apache/qpid/systest/rest/AnonymousAccessRestTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/AnonymousAccessRestTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/AnonymousAccessRestTest.java
deleted file mode 100644
index 2de5117..0000000
--- a/systests/src/test/java/org/apache/qpid/systest/rest/AnonymousAccessRestTest.java
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.systest.rest;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.qpid.server.management.plugin.HttpManagement;
-import org.apache.qpid.server.model.AuthenticationProvider;
-import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.model.Plugin;
-import org.apache.qpid.server.model.Port;
-import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManager;
-import org.apache.qpid.test.utils.TestBrokerConfiguration;
-
-public class AnonymousAccessRestTest extends QpidRestTestCase
-{
-    @Override
-    public void startDefaultBroker()
-    {
-        // prevent broker from starting in setUp
-    }
-
-    public void startBrokerNow() throws Exception
-    {
-        super.startDefaultBroker();
-
-        // reset credentials
-        getRestTestHelper().setUsernameAndPassword(null, null);
-    }
-
-    @Override
-    protected void customizeConfiguration() throws Exception
-    {
-        super.customizeConfiguration();
-        TestBrokerConfiguration config = getDefaultBrokerConfiguration();
-
-        Map<String, Object> anonymousAuthProviderAttributes = new HashMap<String, Object>();
-        anonymousAuthProviderAttributes.put(AuthenticationProvider.TYPE, AnonymousAuthenticationManager.PROVIDER_TYPE);
-        anonymousAuthProviderAttributes.put(AuthenticationProvider.NAME, TestBrokerConfiguration.ENTRY_NAME_ANONYMOUS_PROVIDER);
-        config.addObjectConfiguration(AuthenticationProvider.class, anonymousAuthProviderAttributes);
-
-        // set anonymous authentication provider on http port for the tests
-        config.setObjectAttribute(Port.class, TestBrokerConfiguration.ENTRY_NAME_HTTP_PORT, Port.AUTHENTICATION_PROVIDER,
-                TestBrokerConfiguration.ENTRY_NAME_ANONYMOUS_PROVIDER);
-        config.setObjectAttribute(Plugin.class, TestBrokerConfiguration.ENTRY_NAME_HTTP_MANAGEMENT, HttpManagement.HTTP_BASIC_AUTHENTICATION_ENABLED, false);
-
-    }
-
-    public void testGetWithAnonymousProvider() throws Exception
-    {
-        startBrokerNow();
-
-        Map<String, Object> brokerDetails = getRestTestHelper().getJsonAsMap("broker");
-        assertNotNull("Unexpected broker attributes", brokerDetails);
-        assertNotNull("Unexpected value of attribute " + Broker.ID, brokerDetails.get(Broker.ID));
-    }
-
-    public void testPutAnonymousProvider() throws Exception
-    {
-        startBrokerNow();
-
-        Map<String, Object> brokerAttributes = new HashMap<String, Object>();
-        String newBrokerName = getName();
-        brokerAttributes.put(Broker.NAME, newBrokerName);
-
-        getRestTestHelper().submitRequest("broker", "PUT", brokerAttributes, HttpServletResponse.SC_OK);
-
-        Map<String, Object> brokerDetails = getRestTestHelper().getJsonAsMap("broker");
-        assertNotNull("Unexpected broker attributes", brokerDetails);
-        assertNotNull("Unexpected value of attribute " + Broker.ID, brokerDetails.get(Broker.ID));
-        assertEquals("Unexpected default virtual host", newBrokerName, brokerDetails.get(Broker.NAME));
-    }
-
-    public void testGetWithPasswordAuthProvider() throws Exception
-    {
-        getDefaultBrokerConfiguration().setObjectAttribute(Port.class, TestBrokerConfiguration.ENTRY_NAME_HTTP_PORT, Port.AUTHENTICATION_PROVIDER,
-                                                           TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER);
-        startBrokerNow();
-
-        getRestTestHelper().submitRequest("broker", "GET", HttpServletResponse.SC_UNAUTHORIZED);
-    }
-
-    public void testPutWithPasswordAuthProvider() throws Exception
-    {
-        String newBrokerName = getName();
-        getDefaultBrokerConfiguration().setObjectAttribute(Port.class, TestBrokerConfiguration.ENTRY_NAME_HTTP_PORT, Port.AUTHENTICATION_PROVIDER,
-                                                           TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER);
-        startBrokerNow();
-
-        Map<String, Object> brokerAttributes = new HashMap<String, Object>();
-        brokerAttributes.put(Broker.NAME, newBrokerName);
-
-        getRestTestHelper().submitRequest("broker", "PUT", brokerAttributes, HttpServletResponse.SC_UNAUTHORIZED);
-    }
-}

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/8c88850e/systests/src/test/java/org/apache/qpid/systest/rest/BrokerRestHttpAndHttpsTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/BrokerRestHttpAndHttpsTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/BrokerRestHttpAndHttpsTest.java
deleted file mode 100644
index 7bad826..0000000
--- a/systests/src/test/java/org/apache/qpid/systest/rest/BrokerRestHttpAndHttpsTest.java
+++ /dev/null
@@ -1,168 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.systest.rest;
-
-import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE;
-import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE_PASSWORD;
-
-import java.io.IOException;
-import java.net.InetAddress;
-import java.net.InetSocketAddress;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.qpid.server.model.AuthenticationProvider;
-import org.apache.qpid.server.model.Port;
-import org.apache.qpid.server.model.Protocol;
-import org.apache.qpid.server.model.Transport;
-import org.apache.qpid.test.utils.TCPTunneler;
-import org.apache.qpid.test.utils.TestBrokerConfiguration;
-
-public class BrokerRestHttpAndHttpsTest extends QpidRestTestCase
-{
-    @Override
-    public void setUp() throws Exception
-    {
-        setSystemProperty("javax.net.debug", "ssl");
-        super.setUp();
-        setSystemProperty("javax.net.ssl.trustStore", TRUSTSTORE);
-        setSystemProperty("javax.net.ssl.trustStorePassword", TRUSTSTORE_PASSWORD);
-    }
-
-    @Override
-    protected void customizeConfiguration() throws Exception
-    {
-        super.customizeConfiguration();
-        Map<String, Object> newAttributes = new HashMap<>();
-        newAttributes.put(Port.PROTOCOLS, Collections.singleton(Protocol.HTTP));
-        newAttributes.put(Port.TRANSPORTS, Arrays.asList(Transport.SSL, Transport.TCP));
-        newAttributes.put(Port.KEY_STORE, TestBrokerConfiguration.ENTRY_NAME_SSL_KEYSTORE);
-        getDefaultBrokerConfiguration().setObjectAttributes(Port.class, TestBrokerConfiguration.ENTRY_NAME_HTTP_PORT, newAttributes);
-        getDefaultBrokerConfiguration().setObjectAttribute(AuthenticationProvider.class, TestBrokerConfiguration.ENTRY_NAME_AUTHENTICATION_PROVIDER,
-                                                           "secureOnlyMechanisms",
-                                                           "[\"PLAIN\"]");
-
-    }
-
-    public void testGetWithHttps() throws Exception
-    {
-        Collection<String> results = getMechanisms(true);
-        assertTrue("mechanisms did not contain PLAIN: " + results, results.contains("PLAIN"));
-    }
-
-
-    public void testGetWithHttp() throws Exception
-    {
-        Collection<String> results = getMechanisms(false);
-        assertFalse("mechanisms incorrectly contains PLAIN: " + results, results.contains("PLAIN"));
-    }
-
-    public void testSlowConnectHttp() throws Exception
-    {
-        doTestSlowConnect(false);
-    }
-
-    public void testSlowConnectHttps() throws Exception
-    {
-        doTestSlowConnect(true);
-    }
-
-    private void doTestSlowConnect(final boolean useSsl) throws Exception
-    {
-        try(TCPTunneler tunneler = new TCPTunneler(0, "localhost", getDefaultBroker().getHttpPort(), 1, 2))
-        {
-            // Hopes to exercise the code path where too few bytes arrive with Jetty for it to make an PLAIN/TLS
-            // determination and needs to await more bytes.
-            tunneler.addClientListener(new PreambleDelayingListener());
-            tunneler.start();
-
-            _restTestHelper = configureRestHelper(useSsl, tunneler.getLocalPort());
-            Map<String, Object> metadata = _restTestHelper.getJsonAsMap("/api/latest/broker/getConnectionMetaData");
-            String transport = String.valueOf(metadata.get("transport"));
-            assertEquals("Unexpected protocol", useSsl ? "SSL" : "TCP", transport);
-        }
-    }
-
-    private Collection<String> getMechanisms(final boolean useSsl) throws IOException
-    {
-        int port = getDefaultBroker().getHttpPort();
-        _restTestHelper = configureRestHelper(useSsl, port);
-
-        Map<String, Object> mechanisms = _restTestHelper.getJsonAsMap("/service/sasl");
-        return (Collection<String>) mechanisms.get("mechanisms");
-    }
-
-    private RestTestHelper configureRestHelper(final boolean useSsl, final int port)
-    {
-        RestTestHelper restTestHelper = new RestTestHelper(port);
-        restTestHelper.setUseSsl(useSsl);
-        if (useSsl)
-        {
-            restTestHelper.setTruststore(TRUSTSTORE, TRUSTSTORE_PASSWORD);
-        }
-        return restTestHelper;
-    }
-
-    private static class PreambleDelayingListener implements TCPTunneler.TunnelListener
-    {
-        private int _totalBytes;
-
-        @Override
-        public void clientConnected(final InetSocketAddress clientAddress)
-        {
-
-        }
-
-        @Override
-        public void clientDisconnected(final InetSocketAddress clientAddress)
-        {
-
-        }
-
-        @Override
-        public void notifyClientToServerBytesDelivered(final InetAddress inetAddress,
-                                                       final int numberOfBytesForwarded)
-        {
-            _totalBytes += numberOfBytesForwarded;
-            if (_totalBytes < 10)
-            {
-                try
-                {
-                    Thread.sleep(10);
-                }
-                catch (InterruptedException e)
-                {
-                    Thread.currentThread().interrupt();
-                }
-            }
-        }
-
-        @Override
-        public void notifyServerToClientBytesDelivered(final InetAddress inetAddress,
-                                                       final int numberOfBytesForwarded)
-        {
-
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/8c88850e/systests/src/test/java/org/apache/qpid/systest/rest/BrokerRestHttpsTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/BrokerRestHttpsTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/BrokerRestHttpsTest.java
deleted file mode 100644
index 8a96747..0000000
--- a/systests/src/test/java/org/apache/qpid/systest/rest/BrokerRestHttpsTest.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.systest.rest;
-
-import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE;
-import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE_PASSWORD;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.qpid.server.model.Broker;
-import org.apache.qpid.server.model.BrokerModel;
-import org.apache.qpid.server.model.ConfiguredObject;
-import org.apache.qpid.server.model.Port;
-import org.apache.qpid.server.model.Protocol;
-import org.apache.qpid.server.model.Transport;
-import org.apache.qpid.test.utils.TestBrokerConfiguration;
-
-public class BrokerRestHttpsTest extends QpidRestTestCase
-{
-    @Override
-    public void setUp() throws Exception
-    {
-        setSystemProperty("javax.net.debug", "ssl");
-        super.setUp();
-        _restTestHelper = new RestTestHelper(getDefaultBroker().getHttpsPort());
-        _restTestHelper.setUseSsl(true);
-        _restTestHelper.setTruststore(TRUSTSTORE, TRUSTSTORE_PASSWORD);
-    }
-
-    @Override
-    protected void customizeConfiguration() throws Exception
-    {
-        super.customizeConfiguration();
-        Map<String, Object> newAttributes = new HashMap<String, Object>();
-        newAttributes.put(Port.PROTOCOLS, Collections.singleton(Protocol.HTTP));
-        newAttributes.put(Port.TRANSPORTS, Collections.singleton(Transport.SSL));
-        newAttributes.put(Port.KEY_STORE, TestBrokerConfiguration.ENTRY_NAME_SSL_KEYSTORE);
-        getDefaultBrokerConfiguration().setObjectAttributes(Port.class, TestBrokerConfiguration.ENTRY_NAME_HTTP_PORT, newAttributes);
-    }
-
-    public void testGetWithHttps() throws Exception
-    {
-        Map<String, Object> brokerDetails = getRestTestHelper().getJsonAsMap("broker");
-
-        Asserts.assertAttributesPresent(brokerDetails, BrokerModel.getInstance().getTypeRegistry().getAttributeNames(Broker.class),
-                Broker.PROCESS_PID,
-                Broker.CONFIDENTIAL_CONFIGURATION_ENCRYPTION_PROVIDER,
-                ConfiguredObject.TYPE,
-                ConfiguredObject.CREATED_BY,
-                ConfiguredObject.CREATED_TIME,
-                ConfiguredObject.LAST_UPDATED_BY,
-                ConfiguredObject.LAST_UPDATED_TIME,
-                ConfiguredObject.DESCRIPTION,
-                ConfiguredObject.CONTEXT,
-                ConfiguredObject.DESIRED_STATE,
-                Broker.PREFERENCE_STORE_ATTRIBUTES);
-    }
-}

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/8c88850e/systests/src/test/java/org/apache/qpid/systest/rest/PreemtiveAuthRestTest.java
----------------------------------------------------------------------
diff --git a/systests/src/test/java/org/apache/qpid/systest/rest/PreemtiveAuthRestTest.java b/systests/src/test/java/org/apache/qpid/systest/rest/PreemtiveAuthRestTest.java
deleted file mode 100644
index 3864fab..0000000
--- a/systests/src/test/java/org/apache/qpid/systest/rest/PreemtiveAuthRestTest.java
+++ /dev/null
@@ -1,207 +0,0 @@
-/*
- *
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
- */
-package org.apache.qpid.systest.rest;
-
-import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE;
-import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE_PASSWORD;
-import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE;
-import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE_PASSWORD;
-import static org.apache.qpid.test.utils.TestSSLConstants.UNTRUSTED_KEYSTORE;
-
-import java.io.IOException;
-import java.net.HttpURLConnection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.qpid.server.management.plugin.HttpManagement;
-import org.apache.qpid.server.model.AuthenticationProvider;
-import org.apache.qpid.server.model.Plugin;
-import org.apache.qpid.server.model.Port;
-import org.apache.qpid.server.model.Protocol;
-import org.apache.qpid.server.model.Transport;
-import org.apache.qpid.server.security.auth.manager.ExternalAuthenticationManager;
-import org.apache.qpid.test.utils.TestBrokerConfiguration;
-import org.apache.qpid.test.utils.TestSSLConstants;
-
-public class PreemtiveAuthRestTest extends QpidRestTestCase
-{
-    private static final String USERNAME = "admin";
-    private static final String PASSWORD = "admin";
-
-    @Override
-    public void startDefaultBroker() throws Exception
-    {
-        //don't call super method, we will configure the broker in the test before doing so
-    }
-
-    @Override
-    protected void customizeConfiguration() throws Exception
-    {
-        //do nothing, we will configure this locally
-    }
-
-    private void configure(boolean useSsl, final boolean useClientAuth) throws Exception
-    {
-        super.customizeConfiguration();
-
-        setSystemProperty("javax.net.debug", "ssl");
-        if (useSsl)
-        {
-            Map<String, Object> portAttributes = new HashMap<>();
-            portAttributes.put(Port.PROTOCOLS, Collections.singleton(Protocol.HTTP));
-            portAttributes.put(Port.TRANSPORTS, Collections.singleton(Transport.SSL));
-            portAttributes.put(Port.KEY_STORE, TestBrokerConfiguration.ENTRY_NAME_SSL_KEYSTORE);
-
-            if (useClientAuth)
-            {
-                portAttributes.put(Port.TRUST_STORES, Collections.singleton(TestBrokerConfiguration.ENTRY_NAME_SSL_TRUSTSTORE));
-                portAttributes.put(Port.NEED_CLIENT_AUTH, "true");
-                portAttributes.put(Port.AUTHENTICATION_PROVIDER, EXTERNAL_AUTHENTICATION_PROVIDER);
-
-                Map<String, Object> externalProviderAttributes = new HashMap<>();
-                externalProviderAttributes.put(AuthenticationProvider.TYPE, ExternalAuthenticationManager.PROVIDER_TYPE);
-                externalProviderAttributes.put(AuthenticationProvider.NAME, EXTERNAL_AUTHENTICATION_PROVIDER);
-                getDefaultBrokerConfiguration().addObjectConfiguration(AuthenticationProvider.class, externalProviderAttributes);
-            }
-
-            getDefaultBrokerConfiguration().setObjectAttributes(Port.class, TestBrokerConfiguration.ENTRY_NAME_HTTP_PORT, portAttributes);
-        }
-    }
-
-    private void verifyGetBrokerAttempt(int responseCode) throws IOException
-    {
-        assertEquals(responseCode, getRestTestHelper().submitRequest("broker", "GET"));
-    }
-
-    public void testBasicAuth() throws Exception
-    {
-        configure(false, false);
-        super.startDefaultBroker();
-
-        _restTestHelper.setUsernameAndPassword(USERNAME, PASSWORD);
-        verifyGetBrokerAttempt(HttpServletResponse.SC_OK);
-    }
-
-    public void testBasicAuth_WrongPassword() throws Exception
-    {
-        configure(false, false);
-        super.startDefaultBroker();
-
-        _restTestHelper.setUsernameAndPassword(USERNAME, "badpassword");
-        verifyGetBrokerAttempt(HttpServletResponse.SC_UNAUTHORIZED);
-    }
-
-    public void testBasicAuthWhenDisabled() throws Exception
-    {
-        configure(false, false);
-        getDefaultBrokerConfiguration().setObjectAttribute(Plugin.class, TestBrokerConfiguration.ENTRY_NAME_HTTP_MANAGEMENT, HttpManagement.HTTP_BASIC_AUTHENTICATION_ENABLED, false);
-        super.startDefaultBroker();
-        getRestTestHelper().setUseSsl(false);
-        // Try the attempt with authentication, it should fail because
-        // BASIC auth is disabled by default on non-secure connections.
-        getRestTestHelper().setUsernameAndPassword(USERNAME, PASSWORD);
-        verifyGetBrokerAttempt(HttpServletResponse.SC_UNAUTHORIZED);
-    }
-
-    public void testBasicAuth_Https() throws Exception
-    {
-        configure(true, false);
-        super.startDefaultBroker();
-        _restTestHelper = new RestTestHelper(getDefaultBroker().getHttpsPort());
-        _restTestHelper.setUseSsl(true);
-        _restTestHelper.setTruststore(TRUSTSTORE, TRUSTSTORE_PASSWORD);
-
-        // Try the attempt with authentication, it should succeed because
-        // BASIC auth is enabled by default on secure connections.
-        _restTestHelper.setUsernameAndPassword(USERNAME, PASSWORD);
-        verifyGetBrokerAttempt(HttpServletResponse.SC_OK);
-    }
-
-    public void testBasicAuthWhenDisabled_Https() throws Exception
-    {
-        configure(true, false);
-        getDefaultBrokerConfiguration().setObjectAttribute(Plugin.class, TestBrokerConfiguration.ENTRY_NAME_HTTP_MANAGEMENT, HttpManagement.HTTPS_BASIC_AUTHENTICATION_ENABLED, false);
-        super.startDefaultBroker();
-        _restTestHelper = new RestTestHelper(getDefaultBroker().getHttpsPort());
-        _restTestHelper.setUseSsl(true);
-        _restTestHelper.setTruststore(TRUSTSTORE, TRUSTSTORE_PASSWORD);
-
-        // Try the attempt with authentication, it should fail because
-        // BASIC auth is now disabled on secure connections.
-        _restTestHelper.setUsernameAndPassword(USERNAME, PASSWORD);
-        verifyGetBrokerAttempt(HttpServletResponse.SC_UNAUTHORIZED);
-    }
-
-    public void testClientCertAuth() throws Exception
-    {
-        configure(true, true);
-        super.startDefaultBroker();
-        _restTestHelper = new RestTestHelper(getDefaultBroker().getHttpsPort());
-        _restTestHelper.setUseSsl(true);
-        _restTestHelper.setUseSslAuth(true);
-        _restTestHelper.setTruststore(TRUSTSTORE, TRUSTSTORE_PASSWORD);
-        _restTestHelper.setKeystore(KEYSTORE, KEYSTORE_PASSWORD);
-
-        _restTestHelper.setUsernameAndPassword(null, null);
-        verifyGetBrokerAttempt(HttpServletResponse.SC_OK);
-    }
-
-    public void testClientCertAuth_UntrustedClientCert() throws Exception
-    {
-        configure(true, true);
-        super.startDefaultBroker();
-        _restTestHelper = new RestTestHelper(getDefaultBroker().getHttpsPort());
-        _restTestHelper.setUseSsl(true);
-        _restTestHelper.setUseSslAuth(true);
-        _restTestHelper.setTruststore(TRUSTSTORE, TRUSTSTORE_PASSWORD);
-        _restTestHelper.setKeystore(UNTRUSTED_KEYSTORE, KEYSTORE_PASSWORD);
-        _restTestHelper.setClientAuthAlias(TestSSLConstants.CERT_ALIAS_UNTRUSTED_CLIENT);
-
-        _restTestHelper.setUsernameAndPassword(null, null);
-
-        try
-        {
-            getRestTestHelper().submitRequest("broker", "GET");
-            fail("Exception not thrown");
-        }
-        catch (IOException e)
-        {
-            e.printStackTrace();
-        }
-    }
-
-    public void testPreemptiveDoesNotCreateSession() throws Exception
-    {
-        configure(false, false);
-        super.startDefaultBroker();
-        _restTestHelper = new RestTestHelper(getDefaultBroker().getHttpPort());
-
-        _restTestHelper.setUsernameAndPassword(USERNAME, PASSWORD);
-        final HttpURLConnection firstConnection = _restTestHelper.openManagementConnection("broker", "GET");
-        assertEquals("Unexpected server response", HttpServletResponse.SC_OK, firstConnection.getResponseCode());
-        List<String> cookies = firstConnection.getHeaderFields().get("Set-Cookie");
-        assertNull("Should not create session cookies", cookies);
-    }
-}


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org


Mime
View raw message