Fixing SslContextNBrokerServiceTest (one of the two)
Project: http://git-wip-us.apache.org/repos/asf/activemq-artemis/repo Commit: http://git-wip-us.apache.org/repos/asf/activemq-artemis/commit/bc0b37f1 Tree: http://git-wip-us.apache.org/repos/asf/activemq-artemis/tree/bc0b37f1 Diff: http://git-wip-us.apache.org/repos/asf/activemq-artemis/diff/bc0b37f1 Branch: refs/heads/refactor-openwire Commit: bc0b37f16d8180b37d338ba2c4af4e9d8bfb90db Parents: 610174b Author: Howard Gao <howard....@gmail.com> Authored: Fri Feb 19 21:32:14 2016 +0800 Committer: Clebert Suconic <clebertsuco...@apache.org> Committed: Thu Feb 25 18:10:23 2016 -0500 ---------------------------------------------------------------------- .../apache/activemq/broker/BrokerService.java | 19 ++++++++ .../artemiswrapper/ArtemisBrokerWrapper.java | 46 ++++++++++-------- .../activemq/transport/tcp/n-brokers-ssl.xml | 51 ++++++++++++++++++++ 3 files changed, 97 insertions(+), 19 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/bc0b37f1/tests/activemq5-unit-tests/src/main/java/org/apache/activemq/broker/BrokerService.java ---------------------------------------------------------------------- diff --git a/tests/activemq5-unit-tests/src/main/java/org/apache/activemq/broker/BrokerService.java b/tests/activemq5-unit-tests/src/main/java/org/apache/activemq/broker/BrokerService.java index b7b02b3..99de104 100644 --- a/tests/activemq5-unit-tests/src/main/java/org/apache/activemq/broker/BrokerService.java +++ b/tests/activemq5-unit-tests/src/main/java/org/apache/activemq/broker/BrokerService.java @@ -53,6 +53,7 @@ import org.apache.activemq.network.NetworkConnector; import org.apache.activemq.network.jms.JmsConnector; import org.apache.activemq.proxy.ProxyConnector; import org.apache.activemq.security.MessageAuthorizationPolicy; +import org.apache.activemq.spring.SpringSslContext; import org.apache.activemq.store.PListStore; import org.apache.activemq.store.PersistenceAdapter; import org.apache.activemq.store.PersistenceAdapterFactory; @@ -100,6 +101,7 @@ public class BrokerService implements Service { private Throwable startException = null; private boolean startAsync = false; public Set<Integer> extraConnectors = new HashSet<>(); + public Set<Integer> sslConnectors = new HashSet<>(); private List<TransportConnector> transportConnectors = new ArrayList<>(); private File dataDirectoryFile; @@ -491,6 +493,15 @@ public class BrokerService implements Service { public void setTransportConnectors(List<TransportConnector> transportConnectors) throws Exception { this.transportConnectors = transportConnectors; + for (TransportConnector connector : transportConnectors) { + if (connector.getUri().getScheme().equals("ssl")) { + this.sslConnectors.add(connector.getUri().getPort()); + System.out.println(this + " added ssl connector: " + connector.getUri().getPort()); + } + else { + this.extraConnectors.add(connector.getUri().getPort()); + } + } } public NetworkConnector addNetworkConnector(NetworkConnector connector) throws Exception { @@ -698,6 +709,14 @@ public class BrokerService implements Service { public void setSslContext(SslContext sslContext) { this.sslContext = sslContext; + if (sslContext instanceof SpringSslContext) { + SpringSslContext springContext = (SpringSslContext)sslContext; + this.SERVER_SIDE_KEYSTORE = springContext.getKeyStore(); + this.KEYSTORE_PASSWORD = springContext.getKeyStorePassword(); + this.SERVER_SIDE_TRUSTSTORE = springContext.getTrustStore(); + this.TRUSTSTORE_PASSWORD = springContext.getTrustStorePassword(); + this.storeType = springContext.getKeyStoreType(); + } } public void setPersistenceFactory(PersistenceAdapterFactory persistenceFactory) { http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/bc0b37f1/tests/activemq5-unit-tests/src/main/java/org/apache/activemq/broker/artemiswrapper/ArtemisBrokerWrapper.java ---------------------------------------------------------------------- diff --git a/tests/activemq5-unit-tests/src/main/java/org/apache/activemq/broker/artemiswrapper/ArtemisBrokerWrapper.java b/tests/activemq5-unit-tests/src/main/java/org/apache/activemq/broker/artemiswrapper/ArtemisBrokerWrapper.java index 5cb5048..1c8ce9b 100644 --- a/tests/activemq5-unit-tests/src/main/java/org/apache/activemq/broker/artemiswrapper/ArtemisBrokerWrapper.java +++ b/tests/activemq5-unit-tests/src/main/java/org/apache/activemq/broker/artemiswrapper/ArtemisBrokerWrapper.java @@ -33,13 +33,12 @@ import org.apache.activemq.artemis.core.postoffice.Binding; import org.apache.activemq.artemis.core.registry.JndiBindingRegistry; import org.apache.activemq.artemis.core.remoting.impl.netty.TransportConstants; import org.apache.activemq.artemis.core.security.Role; -import org.apache.activemq.artemis.core.server.Queue; import org.apache.activemq.artemis.core.server.impl.QueueImpl; import org.apache.activemq.artemis.core.settings.impl.AddressFullMessagePolicy; import org.apache.activemq.artemis.core.settings.impl.AddressSettings; import org.apache.activemq.artemis.core.settings.impl.SlowConsumerPolicy; import org.apache.activemq.artemis.jms.server.impl.JMSServerManagerImpl; -import org.apache.activemq.artemis.spi.core.security.ActiveMQSecurityManagerImpl; +import org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager; import org.apache.activemq.artemiswrapper.ArtemisBrokerHelper; import org.apache.activemq.broker.BrokerService; import org.apache.activemq.broker.region.policy.PolicyEntry; @@ -82,25 +81,16 @@ public class ArtemisBrokerWrapper extends ArtemisBrokerBase { commonSettings.setDeadLetterAddress(dla); commonSettings.setAutoCreateJmsQueues(true); - HashMap<String, Object> params = new HashMap<String, Object>(); if (bservice.extraConnectors.size() == 0) { serverConfig.addAcceptorConfiguration("home", "tcp://localhost:61616?protocols=OPENWIRE,CORE"); } - if (this.bservice.enableSsl()) { - params.put(TransportConstants.SSL_ENABLED_PROP_NAME, true); - params.put(TransportConstants.PORT_PROP_NAME, 61611); - params.put(TransportConstants.PROTOCOLS_PROP_NAME, "OPENWIRE"); - params.put(TransportConstants.KEYSTORE_PATH_PROP_NAME, bservice.SERVER_SIDE_KEYSTORE); - params.put(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME, bservice.KEYSTORE_PASSWORD); - params.put(TransportConstants.KEYSTORE_PROVIDER_PROP_NAME, bservice.storeType); - if (bservice.SERVER_SIDE_TRUSTSTORE != null) { - params.put(TransportConstants.NEED_CLIENT_AUTH_PROP_NAME, true); - params.put(TransportConstants.TRUSTSTORE_PATH_PROP_NAME, bservice.SERVER_SIDE_TRUSTSTORE); - params.put(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME, bservice.TRUSTSTORE_PASSWORD); - params.put(TransportConstants.TRUSTSTORE_PROVIDER_PROP_NAME, bservice.storeType); - } - TransportConfiguration sslTransportConfig = new TransportConfiguration(NETTY_ACCEPTOR_FACTORY, params); - serverConfig.getAcceptorConfigurations().add(sslTransportConfig); + if (this.bservice.enableSsl() && bservice.sslConnectors.size() == 0) { + //default + addSSLAcceptor(serverConfig, 61611); + } + + for (Integer port : bservice.sslConnectors) { + addSSLAcceptor(serverConfig, port); } for (Integer port : bservice.extraConnectors) { @@ -112,7 +102,7 @@ public class ArtemisBrokerWrapper extends ArtemisBrokerBase { //extraServerConfig(serverConfig); if (enableSecurity) { - ActiveMQSecurityManagerImpl sm = (ActiveMQSecurityManagerImpl) server.getSecurityManager(); + ActiveMQJAASSecurityManager sm = (ActiveMQJAASSecurityManager) server.getSecurityManager(); SecurityConfiguration securityConfig = sm.getConfiguration(); securityConfig.addRole("openwireSender", "sender"); securityConfig.addUser("openwireSender", "SeNdEr"); @@ -175,6 +165,24 @@ public class ArtemisBrokerWrapper extends ArtemisBrokerBase { } + private void addSSLAcceptor(Configuration serverConfig, Integer port) { + HashMap<String, Object> params = new HashMap<String, Object>(); + params.put(TransportConstants.SSL_ENABLED_PROP_NAME, true); + params.put(TransportConstants.PORT_PROP_NAME, port); + params.put(TransportConstants.PROTOCOLS_PROP_NAME, "OPENWIRE"); + params.put(TransportConstants.KEYSTORE_PATH_PROP_NAME, bservice.SERVER_SIDE_KEYSTORE); + params.put(TransportConstants.KEYSTORE_PASSWORD_PROP_NAME, bservice.KEYSTORE_PASSWORD); + params.put(TransportConstants.KEYSTORE_PROVIDER_PROP_NAME, bservice.storeType); + if (bservice.SERVER_SIDE_TRUSTSTORE != null) { + params.put(TransportConstants.NEED_CLIENT_AUTH_PROP_NAME, true); + params.put(TransportConstants.TRUSTSTORE_PATH_PROP_NAME, bservice.SERVER_SIDE_TRUSTSTORE); + params.put(TransportConstants.TRUSTSTORE_PASSWORD_PROP_NAME, bservice.TRUSTSTORE_PASSWORD); + params.put(TransportConstants.TRUSTSTORE_PROVIDER_PROP_NAME, bservice.storeType); + } + TransportConfiguration sslTransportConfig = new TransportConfiguration(NETTY_ACCEPTOR_FACTORY, params); + serverConfig.getAcceptorConfigurations().add(sslTransportConfig); + } + private void translatePolicyMap(Configuration serverConfig, PolicyMap policyMap) { List allEntries = policyMap.getAllEntries(); Map<String, AddressSettings> settingsMap = serverConfig.getAddressesSettings(); http://git-wip-us.apache.org/repos/asf/activemq-artemis/blob/bc0b37f1/tests/activemq5-unit-tests/src/test/resources/org/apache/activemq/transport/tcp/n-brokers-ssl.xml ---------------------------------------------------------------------- diff --git a/tests/activemq5-unit-tests/src/test/resources/org/apache/activemq/transport/tcp/n-brokers-ssl.xml b/tests/activemq5-unit-tests/src/test/resources/org/apache/activemq/transport/tcp/n-brokers-ssl.xml new file mode 100644 index 0000000..4bd5fc7 --- /dev/null +++ b/tests/activemq5-unit-tests/src/test/resources/org/apache/activemq/transport/tcp/n-brokers-ssl.xml @@ -0,0 +1,51 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> + +<beans + xmlns="http://www.springframework.org/schema/beans" + xmlns:amq="http://activemq.apache.org/schema/core" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd + http://activemq.apache.org/schema/core http://activemq.apache.org/schema/core/activemq-core.xsd"> + + <amq:broker useJmx="false" persistent="false" start="false" brokerName="dummy"> + + <amq:sslContext> + <amq:sslContext + keyStore="dummy.keystore" keyStorePassword="password"/> + </amq:sslContext> + + <amq:transportConnectors> + <amq:transportConnector uri="ssl://localhost:62616" /> + </amq:transportConnectors> + + </amq:broker> + + <amq:broker useJmx="false" persistent="false" start="false" brokerName="activemq.org"> + <amq:sslContext> + <amq:sslContext + keyStore="server.keystore" keyStorePassword="password" + trustStore="client.keystore" trustStorePassword="password"/> + </amq:sslContext> + + <amq:transportConnectors> + <amq:transportConnector uri="ssl://localhost:63616" /> + </amq:transportConnectors> + + </amq:broker> +</beans>