This is an automated email from the ASF dual-hosted git repository. jamesnetherton pushed a commit to branch 2.13.x in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
commit 9373d7615ca0ba6c2e1a53b49cf5ed38f8827194 Author: JiriOndrusek <[email protected]> AuthorDate: Tue Mar 21 14:10:10 2023 +0100 Cxf-soap: Extend test coverage with Ssl scenario #4679 --- .../cxf-soap/cxf-soap-ssl/pom.xml | 236 ++++++++++++++++ .../cxf/soap/ssl/it/CxfSoapSslResource.java | 84 ++++++ .../cxf/soap/ssl/it/CxfSoapSslRoutes.java | 210 ++++++++++++++ .../component/cxf/soap/ssl/it/GreeterImpl.java | 24 ++ .../component/cxf/soap/ssl/it/GreeterService.java | 27 ++ .../src/main/resources/application.properties | 23 ++ .../cxf/soap/ssl/it/CxfSoapGlobalTrustedSslIT.java | 23 ++ .../soap/ssl/it/CxfSoapGlobalTrustedSslTest.java | 43 +++ .../soap/ssl/it/CxfSoapGlobalUntrustedSslIT.java | 23 ++ .../soap/ssl/it/CxfSoapGlobalUntrustedSslTest.java | 43 +++ .../component/cxf/soap/ssl/it/CxfSoapSslIT.java | 23 ++ .../component/cxf/soap/ssl/it/CxfSoapSslTest.java | 65 +++++ integration-test-groups/cxf-soap/pom.xml | 1 + integration-tests/cxf-soap-grouped/pom.xml | 302 +++++++++++++++++++++ 14 files changed, 1127 insertions(+) diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/pom.xml b/integration-test-groups/cxf-soap/cxf-soap-ssl/pom.xml new file mode 100644 index 0000000000..cf690898f5 --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/pom.xml @@ -0,0 +1,236 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +--> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.apache.camel.quarkus</groupId> + <artifactId>camel-quarkus-build-parent-it</artifactId> + <version>2.13.3-SNAPSHOT</version> + <relativePath>../../../poms/build-parent-it/pom.xml</relativePath> + </parent> + + <artifactId>camel-quarkus-integration-test-cxf-soap-ssl</artifactId> + <name>Camel Quarkus :: Integration Tests :: Cxf Soap Ssl</name> + <description>Integration tests for Camel Quarkus CXF extension ssl part</description> + + <dependencies> + <dependency> + <groupId>org.apache.camel.quarkus</groupId> + <artifactId>camel-quarkus-cxf-soap</artifactId> + </dependency> + <dependency> + <groupId>io.quarkus</groupId> + <artifactId>quarkus-resteasy</artifactId> + </dependency> + <dependency> + <groupId>org.apache.camel.quarkus</groupId> + <artifactId>camel-quarkus-direct</artifactId> + </dependency> + <!-- test dependencies --> + <dependency> + <groupId>io.quarkus</groupId> + <artifactId>quarkus-junit5</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>io.rest-assured</groupId> + <artifactId>rest-assured</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>io.quarkiverse.cxf</groupId> + <artifactId>quarkus-cxf-test-util</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <build> + <plugins> + <plugin> + <groupId>${quarkus.platform.group-id}</groupId> + <artifactId>quarkus-maven-plugin</artifactId> + <version>${quarkus.platform.version}</version> + <extensions>true</extensions><!-- Workaround for https://github.com/quarkusio/quarkus/issues/21718 --> + <executions> + <execution> + <id>generate-code</id> + <goals> + <goal>generate-code</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> + + <profiles> + <profile> + <id>native</id> + <activation> + <property> + <name>native</name> + </property> + </activation> + <properties> + <quarkus.package.type>native</quarkus.package.type> + </properties> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-failsafe-plugin</artifactId> + <executions> + <execution> + <goals> + <goal>integration-test</goal> + <goal>verify</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> + </profile> + <profile> + <id>full</id> + <activation> + <property> + <name>!quickly</name> + </property> + </activation> + <build> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>keytool-maven-plugin</artifactId> + <configuration> + <keypass>password</keypass> + <validity>365</validity> + <keyalg>RSA</keyalg> + <storepass>password</storepass> + </configuration> + <executions> + <execution> + <id>generate-server-keypair</id> + <phase>generate-sources</phase> + <goals> + <goal>clean</goal> + <goal>generateKeyPair</goal> + </goals> + <configuration> + <alias>localhost</alias> + <dname>CN=localhost, OU=eng, O=apache.org</dname> + <exts> + <ext>bc:c=ca:true,pathlen:2147483647</ext> + <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext> + </exts> + <keystore>${project.build.outputDirectory}/truststore-server.jks</keystore> + </configuration> + </execution> + <execution> + <id>export-server-certificate</id> + <phase>generate-sources</phase> + <goals> + <goal>exportCertificate</goal> + </goals> + <configuration> + <alias>localhost</alias> + <keystore>${project.build.outputDirectory}/truststore-server.jks</keystore> + <rfc>true</rfc> + <file>${project.build.outputDirectory}/localhost.pem</file> + </configuration> + </execution> + <execution> + <id>create-client-trusstore</id> + <phase>generate-sources</phase> + <goals> + <goal>clean</goal> + <goal>importCertificate</goal> + </goals> + <configuration> + <alias>localhost</alias> + <trustcacerts>true</trustcacerts> + <noprompt>true</noprompt> + <keystore>${project.build.outputDirectory}/truststore-client.jks</keystore> + <file>${project.build.outputDirectory}/localhost.pem</file> + </configuration> + </execution> + <execution> + <id>generate-wrong-trusstore</id> + <phase>generate-sources</phase> + <goals> + <goal>clean</goal> + <goal>generateKeyPair</goal> + </goals> + <configuration> + <alias>localhost</alias> + <dname>CN=localhost, OU=eng, O=apache.org</dname> + <exts> + <ext>bc:c=ca:true,pathlen:2147483647</ext> + <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext> + </exts> + <keystore>${project.build.outputDirectory}/truststore-wrong.jks</keystore> + </configuration> + </execution> + </executions> + </plugin> + </plugins> + </build> + </profile> + <profile> + <id>virtualDependencies</id> + <activation> + <property> + <name>!noVirtualDependencies</name> + </property> + </activation> + <dependencies> + <!-- The following dependencies guarantee that this module is built after them. You can update them by running `mvn process-resources -Pformat -N` from the source tree root directory --> + <dependency> + <groupId>org.apache.camel.quarkus</groupId> + <artifactId>camel-quarkus-cxf-soap-deployment</artifactId> + <version>${project.version}</version> + <type>pom</type> + <scope>test</scope> + <exclusions> + <exclusion> + <groupId>*</groupId> + <artifactId>*</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.apache.camel.quarkus</groupId> + <artifactId>camel-quarkus-direct-deployment</artifactId> + <version>${project.version}</version> + <type>pom</type> + <scope>test</scope> + <exclusions> + <exclusion> + <groupId>*</groupId> + <artifactId>*</artifactId> + </exclusion> + </exclusions> + </dependency> + </dependencies> + </profile> + </profiles> + +</project> diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslResource.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslResource.java new file mode 100644 index 0000000000..41aaa270bb --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslResource.java @@ -0,0 +1,84 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.ssl.it; + +import java.net.URI; +import java.util.Map; + +import javax.enterprise.context.ApplicationScoped; +import javax.inject.Inject; +import javax.ws.rs.Consumes; +import javax.ws.rs.POST; +import javax.ws.rs.Path; +import javax.ws.rs.PathParam; +import javax.ws.rs.Produces; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; + +import org.apache.camel.ProducerTemplate; + +@Path("/cxf-soap/ssl") +@ApplicationScoped +public class CxfSoapSslResource { + + @Inject + ProducerTemplate producerTemplate; + + @Path("/trusted/{global}") + @POST + @Consumes(MediaType.WILDCARD) + @Produces(MediaType.TEXT_PLAIN) + public Response trusted(@PathParam("global") String global, String msg) throws Exception { + return invoke("true", String.valueOf(global), msg); + } + + @Path("/untrusted/{global}") + @POST + @Consumes(MediaType.WILDCARD) + @Produces(MediaType.TEXT_PLAIN) + public Response untrusted(@PathParam("global") String global, String msg) throws Exception { + return invoke("false", String.valueOf(global), msg); + } + + @Path("/notrust") + @POST + @Consumes(MediaType.WILDCARD) + @Produces(MediaType.TEXT_PLAIN) + public Response notrust(String msg) throws Exception { + return invoke("notrust", "", msg); + } + + private Response invoke(String trust, String global, String msg) throws Exception { + String response; + try { + response = producerTemplate.requestBodyAndHeaders("direct:sslInvoker", msg, + Map.of("global", global, "trust", trust), + String.class); + } catch (Exception e) { + return Response + .created(new URI("https://camel.apache.org/";)) + .entity(e.getCause().getCause().getMessage()) + .status(500) + .build(); + } + + return Response + .created(new URI("https://camel.apache.org/";)) + .entity(response) + .build(); + } +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslRoutes.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslRoutes.java new file mode 100644 index 0000000000..e45dcf5ed8 --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslRoutes.java @@ -0,0 +1,210 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.ssl.it; + +import java.util.Map; + +import javax.enterprise.context.ApplicationScoped; +import javax.enterprise.context.SessionScoped; +import javax.enterprise.inject.Produces; +import javax.inject.Inject; +import javax.inject.Named; + +import io.quarkus.runtime.LaunchMode; +import org.apache.camel.CamelContext; +import org.apache.camel.Processor; +import org.apache.camel.SSLContextParametersAware; +import org.apache.camel.builder.RouteBuilder; +import org.apache.camel.component.cxf.jaxws.CxfEndpoint; +import org.apache.camel.support.jsse.KeyStoreParameters; +import org.apache.camel.support.jsse.SSLContextParameters; +import org.apache.camel.support.jsse.TrustManagersParameters; +import org.apache.cxf.ext.logging.LoggingFeature; +import org.apache.cxf.transport.https.httpclient.DefaultHostnameVerifier; +import org.eclipse.microprofile.config.Config; +import org.eclipse.microprofile.config.ConfigProvider; + +@ApplicationScoped +public class CxfSoapSslRoutes extends RouteBuilder { + + @Inject + @Named("loggingFeatureSsl") + LoggingFeature loggingFeature; + + @Inject + CamelContext camelContext; + + @Inject + @Named("rightSslContext") + SSLContextParameters correctSslContext; + + @Inject + @Named("wrongSslContext") + SSLContextParameters wrongSslContext; + + @Override + public void configure() { + + from("direct:sslInvoker") + .process(exchange -> { + Map<String, Object> headers = exchange.getIn().getHeaders(); + headers.put("address", getServerUrl() + "/soapservice/Ssl/RouterPort"); + + String global = exchange.getIn().getHeader("global", String.class); + String trust = exchange.getIn().getHeader("trust", String.class); + + if ("notrust".equals(trust)) { + camelContext.setSSLContextParameters(null); + //router endpoint does not contain ssl configuration, therefore can be used for notrust test case + headers.put("endpoint", "soapSslRouter"); + } else if ("true".equals(global)) { + camelContext.setSSLContextParameters("true".equals(trust) ? correctSslContext : wrongSslContext); + headers.put("endpoint", "soapSslGlobal"); + } else { + camelContext.setSSLContextParameters(null); + headers.put("endpoint", "soapSslLocal" + ("true".equals(trust) ? "Correct" : "Wrong")); + } + ((SSLContextParametersAware) camelContext.getComponent("cxf")) + .setUseGlobalSslContextParameters(Boolean.parseBoolean(global)); + }) + .toD("cxf:bean:${header.endpoint}?address=${header.address}"); + + from("cxf:bean:soapSslRouter") + .process("responseProcessor"); + + } + + @Produces + @SessionScoped + @Named("soapSslLocalCorrect") + CxfEndpoint soapSslLocalCorrect(DefaultHostnameVerifier defaultHostnameVerifier) { + final CxfEndpoint result = new CxfEndpoint(); + result.getFeatures().add(loggingFeature); + result.setServiceClass(GreeterService.class); + result.setAddress("/Ssl/RouterPort"); + result.setSslContextParameters(correctSslContext); + result.setHostnameVerifier(defaultHostnameVerifier); + return result; + } + + @Produces + @SessionScoped + @Named("soapSslLocalWrong") + CxfEndpoint soapSslLocalWrong(DefaultHostnameVerifier defaultHostnameVerifier) { + final CxfEndpoint result = new CxfEndpoint(); + result.getFeatures().add(loggingFeature); + result.setServiceClass(GreeterService.class); + result.setAddress("/Ssl/RouterPort"); + result.setSslContextParameters(wrongSslContext); + result.setHostnameVerifier(defaultHostnameVerifier); + return result; + } + + @Produces + @SessionScoped + @Named("soapSslGlobal") + CxfEndpoint soapSslGlobal() { + final CxfEndpoint result = new CxfEndpoint(); + result.getFeatures().add(loggingFeature); + result.setServiceClass(GreeterService.class); + result.setAddress("/Ssl/RouterPort"); + return result; + } + + @Produces + @SessionScoped + @Named("soapSslRouter") + CxfEndpoint soapSslRouter() { + final CxfEndpoint result = new CxfEndpoint(); + result.getFeatures().add(loggingFeature); + result.setServiceClass(GreeterService.class); + result.setAddress("/Ssl/RouterPort"); + return result; + } + + @Produces + @SessionScoped + @Named + GreeterService greeterService() { + return new GreeterImpl(); + } + + @Produces + @ApplicationScoped + @Named("loggingFeatureSsl") + public LoggingFeature loggingFeature() { + final LoggingFeature result = new LoggingFeature(); + result.setPrettyLogging(true); + return result; + } + + @ApplicationScoped + @Named("responseProcessor") + Processor responseProcessor(GreeterService greeterService) { + + return exchange -> { + String resp = greeterService.greetMe(exchange.getIn().getBody(String.class)); + exchange.getIn().setBody(resp); + }; + } + + private static String getServerUrl() { + Config config = ConfigProvider.getConfig(); + final int port = LaunchMode.current().equals(LaunchMode.TEST) + ? config.getValue("quarkus.http.test-ssl-port", Integer.class) + : config.getValue("quarkus.http.ssl-port", Integer.class); + return String.format("https://localhost:%d";, port); + } + + @Produces + @ApplicationScoped + @Named("rightSslContext") + SSLContextParameters rightSslContext() { + SSLContextParameters sslContext = new SSLContextParameters(); + TrustManagersParameters trustManager = new TrustManagersParameters(); + KeyStoreParameters keyStore = new KeyStoreParameters(); + keyStore.setType("PKCS12"); + keyStore.setPassword("password"); + keyStore.setResource("truststore-client.jks"); + trustManager.setKeyStore(keyStore); + sslContext.setTrustManagers(trustManager); + return sslContext; + } + + @Produces + @ApplicationScoped + @Named("wrongSslContext") + SSLContextParameters wrongSslContext() { + SSLContextParameters sslContext = new SSLContextParameters(); + TrustManagersParameters trustManager = new TrustManagersParameters(); + KeyStoreParameters keyStore = new KeyStoreParameters(); + keyStore.setType("PKCS12"); + keyStore.setPassword("password"); + keyStore.setResource("truststore-wrong.jks"); + trustManager.setKeyStore(keyStore); + sslContext.setTrustManagers(trustManager); + return sslContext; + } + + @Produces + @ApplicationScoped + @Named("defaultHostnameVerifier") + DefaultHostnameVerifier defaultHostnameVerifier() { + return new DefaultHostnameVerifier(); + } + +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterImpl.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterImpl.java new file mode 100644 index 0000000000..9ac037bb75 --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterImpl.java @@ -0,0 +1,24 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.ssl.it; + +public class GreeterImpl implements GreeterService { + @Override + public String greetMe(String name) { + return "Hello " + name + "!"; + } +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterService.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterService.java new file mode 100644 index 0000000000..a6f595bec1 --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterService.java @@ -0,0 +1,27 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.ssl.it; + +import javax.jws.WebMethod; +import javax.jws.WebService; + +@WebService +public interface GreeterService { + + @WebMethod + String greetMe(String name); +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/resources/application.properties b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/resources/application.properties new file mode 100644 index 0000000000..936c13706f --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/resources/application.properties @@ -0,0 +1,23 @@ +## --------------------------------------------------------------------------- +## Licensed to the Apache Software Foundation (ASF) under one or more +## contributor license agreements. See the NOTICE file distributed with +## this work for additional information regarding copyright ownership. +## The ASF licenses this file to You under the Apache License, Version 2.0 +## (the "License"); you may not use this file except in compliance with +## the License. You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## --------------------------------------------------------------------------- + +quarkus.cxf.path=/soapservice +quarkus.native.resources.includes=truststore-client.jks,truststore-server.jks,truststore-wrong.jks + +quarkus.http.ssl.certificate.key-store-file-type=PKCS12 +quarkus.http.ssl.certificate.key-store-file=truststore-server.jks +quarkus.http.ssl.certificate.key-store-password=password diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslIT.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslIT.java new file mode 100644 index 0000000000..d3642b9d3b --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslIT.java @@ -0,0 +1,23 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.ssl.it; + +import io.quarkus.test.junit.QuarkusIntegrationTest; + +@QuarkusIntegrationTest +class CxfSoapGlobalTrustedSslIT extends CxfSoapGlobalTrustedSslTest { +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslTest.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslTest.java new file mode 100644 index 0000000000..8fccffa4be --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslTest.java @@ -0,0 +1,43 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.ssl.it; + +import io.quarkus.test.junit.QuarkusTest; +import io.quarkus.test.junit.QuarkusTestProfile; +import io.quarkus.test.junit.TestProfile; +import io.restassured.RestAssured; +import org.junit.jupiter.api.Test; + +import static org.hamcrest.Matchers.equalTo; + +@QuarkusTest +@TestProfile(CxfSoapGlobalTrustedSslTest.class) +public class CxfSoapGlobalTrustedSslTest implements QuarkusTestProfile { + + // Test is ported from SslTest in Camel-spring-boot/components-starter/camel-cxf-soap-starter + // Test requires restart of Quarkus to avoid persisting of globalssl context. + @Test + public void testInvokingTrustedRoute() { + RestAssured.given() + .body("ssl") + .post("/cxf-soap/ssl/trusted/global") + .then() + .statusCode(201) + .body(equalTo("Hello ssl!")); + } + +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslIT.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslIT.java new file mode 100644 index 0000000000..821865c669 --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslIT.java @@ -0,0 +1,23 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.ssl.it; + +import io.quarkus.test.junit.QuarkusIntegrationTest; + +@QuarkusIntegrationTest +class CxfSoapGlobalUntrustedSslIT extends CxfSoapGlobalUntrustedSslTest { +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslTest.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslTest.java new file mode 100644 index 0000000000..d19ba9aaaa --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslTest.java @@ -0,0 +1,43 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.ssl.it; + +import io.quarkus.test.junit.QuarkusTest; +import io.quarkus.test.junit.QuarkusTestProfile; +import io.quarkus.test.junit.TestProfile; +import io.restassured.RestAssured; +import org.junit.jupiter.api.Test; + +import static org.hamcrest.Matchers.containsString; + +@QuarkusTest +@TestProfile(CxfSoapGlobalUntrustedSslTest.class) +public class CxfSoapGlobalUntrustedSslTest implements QuarkusTestProfile { + + // Test is ported from SslTest in Camel-spring-boot/components-starter/camel-cxf-soap-starter + // Test requires restart of Quarkus to avoid persisting of global ssl context. + @Test + public void testInvokingUntrustedRoute() { + RestAssured.given() + .body("ssl") + .post("/cxf-soap/ssl/untrusted/global") + .then() + .statusCode(500) + .body(containsString("signature check failed")); + } + +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslIT.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslIT.java new file mode 100644 index 0000000000..b8b5fc9bf1 --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslIT.java @@ -0,0 +1,23 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.ssl.it; + +import io.quarkus.test.junit.QuarkusIntegrationTest; + +@QuarkusIntegrationTest +class CxfSoapSslIT extends CxfSoapSslTest { +} diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslTest.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslTest.java new file mode 100644 index 0000000000..9e632978c5 --- /dev/null +++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslTest.java @@ -0,0 +1,65 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.cxf.soap.ssl.it; + +import io.quarkus.test.junit.QuarkusTest; +import io.quarkus.test.junit.QuarkusTestProfile; +import io.quarkus.test.junit.TestProfile; +import io.restassured.RestAssured; +import org.junit.jupiter.api.Test; + +import static org.hamcrest.Matchers.containsString; +import static org.hamcrest.Matchers.equalTo; + +// Tests require restart of Quarkus to avoid persisting of global ssl context. +@QuarkusTest +@TestProfile(CxfSoapSslTest.class) +public class CxfSoapSslTest implements QuarkusTestProfile { + + // Test is ported from SslTest in Camel-spring-boot/components-starter/camel-cxf-soap-starter + @Test + public void testInvokingTrustedRoute() { + RestAssured.given() + .body("ssl") + .post("/cxf-soap/ssl/trusted/local") + .then() + .statusCode(201) + .body(equalTo("Hello ssl!")); + } + + // Test is ported from SslTest in Camel-spring-boot/components-starter/camel-cxf-soap-starter + @Test + public void testInvokingUntrustedRoute() { + RestAssured.given() + .body("ssl") + .post("/cxf-soap/ssl/untrusted/local") + .then() + .statusCode(500) + .body(containsString("signature check failed")); + } + + // Test is ported from SslTest in Camel-spring-boot/components-starter/camel-cxf-soap-starter + @Test + public void testInvokingNotrustRoute() { + RestAssured.given() + .body("ssl") + .post("/cxf-soap/ssl/notrust") + .then() + .statusCode(500) + .body(containsString("unable to find valid certification path to requested target")); + } +} diff --git a/integration-test-groups/cxf-soap/pom.xml b/integration-test-groups/cxf-soap/pom.xml index 527f12c48e..eab1e401da 100644 --- a/integration-test-groups/cxf-soap/pom.xml +++ b/integration-test-groups/cxf-soap/pom.xml @@ -41,6 +41,7 @@ <module>cxf-soap-mtom</module> <module>cxf-soap-mtom-awt</module> <module>cxf-soap-server</module> + <module>cxf-soap-ssl</module> <module>cxf-soap-ws-security-client</module> <module>cxf-soap-ws-security-server</module> <module>cxf-soap-ws-trust</module> diff --git a/integration-tests/cxf-soap-grouped/pom.xml b/integration-tests/cxf-soap-grouped/pom.xml index 868f1107dc..6eac44d9de 100644 --- a/integration-tests/cxf-soap-grouped/pom.xml +++ b/integration-tests/cxf-soap-grouped/pom.xml @@ -403,6 +403,10 @@ <wsdl>${basedir}/target/classes/wsdl/CalculatorService.wsdl</wsdl> <wsdlLocation>classpath:wsdl/CalculatorService.wsdl</wsdlLocation> </wsdlOption> + <wsdlOption> + <wsdl>${basedir}/target/classes/wsdl/BasicAuthCalculatorService.wsdl</wsdl> + <wsdlLocation>classpath:wsdl/BasicAuthCalculatorService.wsdl</wsdlLocation> + </wsdlOption> <wsdlOption> <wsdl>${basedir}/target/classes/wsdl/HelloService.wsdl</wsdl> <wsdlLocation>classpath:wsdl/HelloService.wsdl</wsdlLocation> @@ -504,6 +508,304 @@ </dependency> </dependencies> </profile> + <profile> + <id>full</id> + <activation> + <property> + <name>!quickly</name> + </property> + </activation> + <build> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>keytool-maven-plugin</artifactId> + <configuration> + <keypass>password</keypass> + <validity>365</validity> + <keyalg>RSA</keyalg> + <storepass>password</storepass> + </configuration> + <executions> + <execution> + <id>generate-cxfca-keypair</id> + <phase>generate-sources</phase> + <goals> + <goal>clean</goal> + <goal>generateKeyPair</goal> + </goals> + <configuration> + <alias>cxfca</alias> + <dname>CN=cxfca, OU=eng, O=apache.org</dname> + <exts> + <ext>bc:c=ca:true,pathlen:2147483647</ext> + <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext> + </exts> + <keystore>${project.build.outputDirectory}/cxfca.jks</keystore> + </configuration> + </execution> + <execution> + <id>export-cxfca-certificate</id> + <phase>generate-sources</phase> + <goals> + <goal>exportCertificate</goal> + </goals> + <configuration> + <alias>cxfca</alias> + <keystore>${project.build.outputDirectory}/cxfca.jks</keystore> + <rfc>true</rfc> + <file>${project.build.outputDirectory}/cxfca.pem</file> + </configuration> + </execution> + <execution> + <id>generate-alice-keypair</id> + <phase>generate-sources</phase> + <goals> + <goal>clean</goal> + <goal>generateKeyPair</goal> + </goals> + <configuration> + <alias>alice</alias> + <dname>CN=alice, OU=eng, O=apache.org</dname> + <exts> + <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext> + <ext>SubjectAlternativeName=DNS:localhost,IP:127.0.0.1</ext> + </exts> + <keystore>${project.build.outputDirectory}/alice.jks</keystore> + </configuration> + </execution> + <execution> + <id>generate-bob-keypair</id> + <phase>generate-sources</phase> + <goals> + <goal>clean</goal> + <goal>generateKeyPair</goal> + </goals> + <configuration> + <alias>bob</alias> + <dname>CN=bob, OU=eng, O=apache.org</dname> + <exts> + <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext> + <ext>SubjectAlternativeName=DNS:localhost,IP:127.0.0.1</ext> + </exts> + <keystore>${project.build.outputDirectory}/bob.jks</keystore> + </configuration> + </execution> + <execution> + <id>generate-alice-certificate-request</id> + <phase>generate-sources</phase> + <goals> + <goal>generateCertificateRequest</goal> + </goals> + <configuration> + <alias>alice</alias> + <keystore>${project.build.outputDirectory}/alice.jks</keystore> + <file>${project.build.outputDirectory}/alice.csr</file> + </configuration> + </execution> + <execution> + <id>generate-alice-certificate</id> + <phase>generate-sources</phase> + <goals> + <goal>generateCertificate</goal> + </goals> + <configuration> + <alias>cxfca</alias> + <keystore>${project.build.outputDirectory}/cxfca.jks</keystore> + <rfc>true</rfc> + <infile>${project.build.outputDirectory}/alice.csr</infile> + <outfile>${project.build.outputDirectory}/alice.pem</outfile> + </configuration> + </execution> + <execution> + <id>generate-bob-certificate-request</id> + <phase>generate-sources</phase> + <goals> + <goal>generateCertificateRequest</goal> + </goals> + <configuration> + <alias>bob</alias> + <keystore>${project.build.outputDirectory}/bob.jks</keystore> + <file>${project.build.outputDirectory}/bob.csr</file> + </configuration> + </execution> + <execution> + <id>generate-bob-certificate</id> + <phase>generate-sources</phase> + <goals> + <goal>generateCertificate</goal> + </goals> + <configuration> + <alias>cxfca</alias> + <keystore>${project.build.outputDirectory}/cxfca.jks</keystore> + <rfc>true</rfc> + <infile>${project.build.outputDirectory}/bob.csr</infile> + <outfile>${project.build.outputDirectory}/bob.pem</outfile> + </configuration> + </execution> + <execution> + <id>import-cxfca-certificate-to-alice</id> + <phase>generate-sources</phase> + <goals> + <goal>importCertificate</goal> + </goals> + <configuration> + <alias>cxfca</alias> + <trustcacerts>true</trustcacerts> + <noprompt>true</noprompt> + <keystore>${project.build.outputDirectory}/alice.jks</keystore> + <file>${project.build.outputDirectory}/cxfca.pem</file> + </configuration> + </execution> + <execution> + <id>import-cxfca-certificate-to-bob</id> + <phase>generate-sources</phase> + <goals> + <goal>importCertificate</goal> + </goals> + <configuration> + <alias>cxfca</alias> + <trustcacerts>true</trustcacerts> + <noprompt>true</noprompt> + <keystore>${project.build.outputDirectory}/bob.jks</keystore> + <file>${project.build.outputDirectory}/cxfca.pem</file> + </configuration> + </execution> + <execution> + <id>import-alice-certificate</id> + <phase>generate-sources</phase> + <goals> + <goal>importCertificate</goal> + </goals> + <configuration> + <alias>alice</alias> + <trustcacerts>true</trustcacerts> + <noprompt>true</noprompt> + <keystore>${project.build.outputDirectory}/alice.jks</keystore> + <file>${project.build.outputDirectory}/alice.pem</file> + </configuration> + </execution> + <execution> + <id>import-bob-certificate</id> + <phase>generate-sources</phase> + <goals> + <goal>importCertificate</goal> + </goals> + <configuration> + <alias>bob</alias> + <trustcacerts>true</trustcacerts> + <noprompt>true</noprompt> + <keystore>${project.build.outputDirectory}/bob.jks</keystore> + <file>${project.build.outputDirectory}/bob.pem</file> + </configuration> + </execution> + <execution> + <id>import-bob-certificate-to-alice</id> + <phase>generate-sources</phase> + <goals> + <goal>importCertificate</goal> + </goals> + <configuration> + <alias>bob</alias> + <trustcacerts>true</trustcacerts> + <noprompt>true</noprompt> + <keystore>${project.build.outputDirectory}/alice.jks</keystore> + <file>${project.build.outputDirectory}/bob.pem</file> + </configuration> + </execution> + <execution> + <id>import-alice-certificate-to-bob</id> + <phase>generate-sources</phase> + <goals> + <goal>importCertificate</goal> + </goals> + <configuration> + <alias>alice</alias> + <trustcacerts>true</trustcacerts> + <noprompt>true</noprompt> + <keystore>${project.build.outputDirectory}/bob.jks</keystore> + <file>${project.build.outputDirectory}/alice.pem</file> + </configuration> + </execution> + <!-- Uncomment execution block below for local testing --> + <!-- <execution>--> + <!-- <id>list</id>--> + <!-- <phase>generate-sources</phase>--> + <!-- <goals>--> + <!-- <goal>list</goal>--> + <!-- </goals>--> + <!-- <configuration>--> + <!-- <verbose>true</verbose>--> + <!-- <keystore>${project.build.outputDirectory}/bob.jks</keystore>--> + <!-- </configuration>--> + <!-- </execution>--> + <execution> + <id>generate-server-keypair</id> + <phase>generate-sources</phase> + <goals> + <goal>clean</goal> + <goal>generateKeyPair</goal> + </goals> + <configuration> + <alias>localhost</alias> + <dname>CN=localhost, OU=eng, O=apache.org</dname> + <exts> + <ext>bc:c=ca:true,pathlen:2147483647</ext> + <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext> + </exts> + <keystore>${project.build.outputDirectory}/truststore-server.jks</keystore> + </configuration> + </execution> + <execution> + <id>export-server-certificate</id> + <phase>generate-sources</phase> + <goals> + <goal>exportCertificate</goal> + </goals> + <configuration> + <alias>localhost</alias> + <keystore>${project.build.outputDirectory}/truststore-server.jks</keystore> + <rfc>true</rfc> + <file>${project.build.outputDirectory}/localhost.pem</file> + </configuration> + </execution> + <execution> + <id>create-client-trusstore</id> + <phase>generate-sources</phase> + <goals> + <goal>clean</goal> + <goal>importCertificate</goal> + </goals> + <configuration> + <alias>localhost</alias> + <trustcacerts>true</trustcacerts> + <noprompt>true</noprompt> + <keystore>${project.build.outputDirectory}/truststore-client.jks</keystore> + <file>${project.build.outputDirectory}/localhost.pem</file> + </configuration> + </execution> + <execution> + <id>generate-wrong-trusstore</id> + <phase>generate-sources</phase> + <goals> + <goal>clean</goal> + <goal>generateKeyPair</goal> + </goals> + <configuration> + <alias>localhost</alias> + <dname>CN=localhost, OU=eng, O=apache.org</dname> + <exts> + <ext>bc:c=ca:true,pathlen:2147483647</ext> + <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext> + </exts> + <keystore>${project.build.outputDirectory}/truststore-wrong.jks</keystore> + </configuration> + </execution> + </executions> + </plugin> + </plugins> + </build> + </profile> <profile> <id>skip-testcontainers-tests</id> <activation>
