Repository: incubator-brooklyn Updated Branches: refs/heads/master 78776caca -> d0cbcf36c
Support URLs in brooklyn.webconsole.security.keystore.url property Even though the property is named url it supported local files only. Project: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/commit/c2724cef Tree: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/tree/c2724cef Diff: http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/diff/c2724cef Branch: refs/heads/master Commit: c2724cefb043706bc27d5a29fa7ef7fc0480ecae Parents: d8a9a6f Author: Svetoslav Neykov <[email protected]> Authored: Mon May 4 18:31:37 2015 +0300 Committer: Svetoslav Neykov <[email protected]> Committed: Mon May 4 18:31:37 2015 +0300 ---------------------------------------------------------------------- .../brooklyn/launcher/BrooklynWebServer.java | 26 +++++++++++++++++++- .../launcher/BrooklynWebServerTest.java | 15 ++++++++--- 2 files changed, 37 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/c2724cef/usage/launcher/src/main/java/brooklyn/launcher/BrooklynWebServer.java ---------------------------------------------------------------------- diff --git a/usage/launcher/src/main/java/brooklyn/launcher/BrooklynWebServer.java b/usage/launcher/src/main/java/brooklyn/launcher/BrooklynWebServer.java index eaa1209..8112b13 100644 --- a/usage/launcher/src/main/java/brooklyn/launcher/BrooklynWebServer.java +++ b/usage/launcher/src/main/java/brooklyn/launcher/BrooklynWebServer.java @@ -19,6 +19,7 @@ package brooklyn.launcher; import java.io.File; +import java.io.InputStream; import java.net.InetAddress; import java.net.URI; import java.security.KeyPair; @@ -75,9 +76,11 @@ import brooklyn.util.exceptions.Exceptions; import brooklyn.util.flags.FlagUtils; import brooklyn.util.flags.SetFromFlag; import brooklyn.util.flags.TypeCoercions; +import brooklyn.util.io.FileUtil; import brooklyn.util.javalang.Threads; import brooklyn.util.logging.LoggingSetup; import brooklyn.util.os.Os; +import brooklyn.util.stream.Streams; import brooklyn.util.text.Identifiers; import brooklyn.util.text.Strings; import brooklyn.util.web.ContextHandlerCollectionHotSwappable; @@ -441,7 +444,7 @@ public class BrooklynWebServer { if (keystoreCertAlias==null) keystoreCertAlias = managementContext.getConfig().getConfig(BrooklynWebConfig.KEYSTORE_CERTIFICATE_ALIAS); if (keystoreUrl!=null) { - sslContextFactory.setKeyStorePath(ResourceUtils.create(this).checkUrlExists(keystoreUrl, BrooklynWebConfig.KEYSTORE_URL.getName())); + sslContextFactory.setKeyStorePath(getLocalKeyStorePath(keystoreUrl)); if (Strings.isEmpty(keystorePassword)) throw new IllegalArgumentException("Keystore password is required and non-empty if keystore is specified."); sslContextFactory.setKeyStorePassword(keystorePassword); @@ -478,6 +481,27 @@ public class BrooklynWebServer { return sslContextFactory; } + private String getLocalKeyStorePath(String keystoreUrl) { + ResourceUtils res = ResourceUtils.create(this); + res.checkUrlExists(keystoreUrl, BrooklynWebConfig.KEYSTORE_URL.getName()); + if (new File(keystoreUrl).exists()) { + return keystoreUrl; + } else { + InputStream keystoreStream; + try { + keystoreStream = res.getResourceFromUrl(keystoreUrl); + } catch (Exception e) { + Exceptions.propagateIfFatal(e); + throw new IllegalArgumentException("Unable to access URL: "+keystoreUrl, e); + } + File tmp = Os.newTempFile("brooklyn-keystore", "ks"); + tmp.deleteOnExit(); + FileUtil.copyTo(keystoreStream, tmp); + Streams.closeQuietly(keystoreStream); + return tmp.getAbsolutePath(); + } + } + private String newTimestampedDirName(String prefix, int randomSuffixLength) { return prefix + "-" + new SimpleDateFormat("yyyyMMdd-HHmmss").format(new Date()) + "-" + Identifiers.makeRandomId(randomSuffixLength); } http://git-wip-us.apache.org/repos/asf/incubator-brooklyn/blob/c2724cef/usage/launcher/src/test/java/brooklyn/launcher/BrooklynWebServerTest.java ---------------------------------------------------------------------- diff --git a/usage/launcher/src/test/java/brooklyn/launcher/BrooklynWebServerTest.java b/usage/launcher/src/test/java/brooklyn/launcher/BrooklynWebServerTest.java index d40d1a4..3b7e8f6 100644 --- a/usage/launcher/src/test/java/brooklyn/launcher/BrooklynWebServerTest.java +++ b/usage/launcher/src/test/java/brooklyn/launcher/BrooklynWebServerTest.java @@ -34,6 +34,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.testng.annotations.AfterMethod; import org.testng.annotations.BeforeMethod; +import org.testng.annotations.DataProvider; import org.testng.annotations.Test; import brooklyn.config.BrooklynProperties; @@ -89,11 +90,19 @@ public class BrooklynWebServerTest { } } - @Test - public void verifyHttps() throws Exception { + @DataProvider(name="keystorePaths") + public Object[][] getKeystorePaths() { + return new Object[][] { + {getFile("server.ks")}, + {new File(getFile("server.ks")).toURI().toString()}, + {"classpath://server.ks"}}; + } + + @Test(dataProvider="keystorePaths") + public void verifyHttps(String keystoreUrl) throws Exception { Map<String,?> flags = ImmutableMap.<String,Object>builder() .put("httpsEnabled", true) - .put("keystoreUrl", getFile("server.ks")) + .put("keystoreUrl", keystoreUrl) .put("keystorePassword", "password") .build(); webServer = new BrooklynWebServer(flags, newManagementContext(brooklynProperties));
