Author: chirino
Date: Mon Dec 13 15:27:04 2010
New Revision: 1045169
URL: http://svn.apache.org/viewvc?rev=1045169&view=rev
Log:
Added test which authenticates the user via SSL certs.
Added:
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo-stomp-ssl-secure.xml
Modified:
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo.ks
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/client.ks
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/login.config
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/users.properties
activemq/activemq-apollo/trunk/apollo-stomp/src/test/scala/org/apache/activemq/apollo/stomp/StompClient.scala
activemq/activemq-apollo/trunk/apollo-stomp/src/test/scala/org/apache/activemq/apollo/stomp/StompTest.scala
Added:
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo-stomp-ssl-secure.xml
URL:
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo-stomp-ssl-secure.xml?rev=1045169&view=auto
==============================================================================
---
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo-stomp-ssl-secure.xml
(added)
+++
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo-stomp-ssl-secure.xml
Mon Dec 13 15:27:04 2010
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<broker id="default" rev="1"
xmlns="http://activemq.apache.org/schema/activemq/apollo";>
+
+
+ <authentication domain="StompSslSecurityTest"/>
+
+ <virtual-host id="default" purge-on-startup="true">
+ <host-name>localhost</host-name>
+ </virtual-host>
+
+ <key-storage file="${basedir}/src/test/resources/apollo.ks"
password="password" key-password="password"/>
+ <connector id="ssl" protocol="stomp" bind="ssl://0.0.0.0:0" />
+
+</broker>
\ No newline at end of file
Modified:
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo.ks
URL:
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo.ks?rev=1045169&r1=1045168&r2=1045169&view=diff
==============================================================================
Files activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo.ks
(original) and
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/apollo.ks Mon
Dec 13 15:27:04 2010 differ
Modified:
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/client.ks
URL:
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/client.ks?rev=1045169&r1=1045168&r2=1045169&view=diff
==============================================================================
Files activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/client.ks
(original) and
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/client.ks Mon
Dec 13 15:27:04 2010 differ
Modified:
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/login.config
URL:
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/login.config?rev=1045169&r1=1045168&r2=1045169&view=diff
==============================================================================
--- activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/login.config
(original)
+++ activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/login.config
Mon Dec 13 15:27:04 2010
@@ -26,4 +26,18 @@ StompSecurityTest {
groups_file="users.properties"
;
+};
+
+StompSslSecurityTest {
+
+ //
+ // For testing purposes, we do a funny thing where we set the user
+ // file to also be used as the groups file. This only works for the
+ // test since user==password==group for our tests.
+ //
+ org.apache.activemq.jaas.TextFileCertificateLoginModule required
+ org.apache.activemq.jaas.textfiledn.user="users.properties"
+ org.apache.activemq.jaas.textfiledn.group="users.properties"
+ ;
+
};
\ No newline at end of file
Modified:
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/users.properties
URL:
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/users.properties?rev=1045169&r1=1045168&r2=1045169&view=diff
==============================================================================
---
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/users.properties
(original)
+++
activemq/activemq-apollo/trunk/apollo-stomp/src/test/resources/users.properties
Mon Dec 13 15:27:04 2010
@@ -17,6 +17,8 @@
connect_group=can_only_connect,can_send_create_queue,can_send_queue,can_receive_queue,can_consume_queue,can_send_create_topic,can_send_topic,can_recieve_topic,can_consume_create_ds,can_consume_ds
+ssl_user=CN=ssl_user
+
can_not_connect=can_not_connect
can_only_connect=can_only_connect
Modified:
activemq/activemq-apollo/trunk/apollo-stomp/src/test/scala/org/apache/activemq/apollo/stomp/StompClient.scala
URL:
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-stomp/src/test/scala/org/apache/activemq/apollo/stomp/StompClient.scala?rev=1045169&r1=1045168&r2=1045169&view=diff
==============================================================================
---
activemq/activemq-apollo/trunk/apollo-stomp/src/test/scala/org/apache/activemq/apollo/stomp/StompClient.scala
(original)
+++
activemq/activemq-apollo/trunk/apollo-stomp/src/test/scala/org/apache/activemq/apollo/stomp/StompClient.scala
Mon Dec 13 15:27:04 2010
@@ -39,7 +39,7 @@ import javax.net.ssl.{SSLSocket, SSLCont
socket = if( key_storeage!=null ) {
val context = SSLContext.getInstance("TLS")
- context.init(null, key_storeage.create_trust_managers, null)
+ context.init(key_storeage.create_key_managers,
key_storeage.create_trust_managers, null)
context.getSocketFactory().createSocket()
//
socket.asInstanceOf[SSLSocket].setEnabledCipherSuites(Array("SSL_RSA_WITH_RC4_128_MD5"))
// socket
Modified:
activemq/activemq-apollo/trunk/apollo-stomp/src/test/scala/org/apache/activemq/apollo/stomp/StompTest.scala
URL:
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-stomp/src/test/scala/org/apache/activemq/apollo/stomp/StompTest.scala?rev=1045169&r1=1045168&r2=1045169&view=diff
==============================================================================
---
activemq/activemq-apollo/trunk/apollo-stomp/src/test/scala/org/apache/activemq/apollo/stomp/StompTest.scala
(original)
+++
activemq/activemq-apollo/trunk/apollo-stomp/src/test/scala/org/apache/activemq/apollo/stomp/StompTest.scala
Mon Dec 13 15:27:04 2010
@@ -417,6 +417,7 @@ class StompSslDestinationTest extends St
client.key_storeage = new KeyStorage
client.key_storeage.config.file =
basedir/"src"/"test"/"resources"/"client.ks"
client.key_storeage.config.password = "password"
+ client.key_storeage.config.key_password = "password"
}
@@ -870,3 +871,29 @@ class StompSecurityTest extends StompTes
// frame should include("JMSXUserID:can_send_create_queue\n")
// }
}
+
+class StompSslSecurityTest extends StompTestSupport {
+
+ override val broker_config_uri: String =
"xml:classpath:apollo-stomp-ssl-secure.xml"
+
+ client.key_storeage = new KeyStorage
+ client.key_storeage.config.file =
basedir/"src"/"test"/"resources"/"client.ks"
+ client.key_storeage.config.password = "password"
+ client.key_storeage.config.key_password = "password"
+
+ override protected def beforeAll = {
+ // System.setProperty("javax.net.debug", "all")
+ try {
+ val login_file = new
java.io.File(getClass.getClassLoader.getResource("login.config").getFile())
+ System.setProperty("java.security.auth.login.config",
login_file.getCanonicalPath)
+ } catch {
+ case x:Throwable => x.printStackTrace
+ }
+ super.beforeAll
+ }
+
+ test("Connect with no id password") {
+ connect("1.1", client)
+ }
+
+}
