transpo...

ningjiang Tue, 02 Jul 2013 01:39:04 -0700

Author: ningjiang
Date: Tue Jul  2 08:38:20 2013
New Revision: 1498833

URL: http://svn.apache.org/r1498833
Log:
CXF-5042 Added unit test of SSL on netty-server


Added:
    
cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java
    cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/
    cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/
    
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/
    
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/
    
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/
    
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/
    
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/
    
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/
    
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/
    
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/ServerConfig.xml
    
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/clientKeystore.jks
    
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/serviceKeystore.jks

Added: 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java?rev=1498833&view=auto
==============================================================================
--- 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java
 (added)
+++ 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java
 Tue Jul  2 08:38:20 2013
@@ -0,0 +1,142 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.transport.http.netty.server.integration;
+
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.net.URL;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.xml.ws.Endpoint;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.configuration.jsse.TLSClientParameters;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.hello_world_soap_http.Greeter;
+import org.apache.hello_world_soap_http.SOAPService;
+
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class SSLNettyServerTest extends AbstractBusClientServerTestBase {
+    
+    public static final String PORT = allocatePort(SSLNettyServerTest.class);
+    
+    static {
+        System.setProperty("SSLNettyServerTest.port", PORT);
+    }
+    
+    static Endpoint ep;
+
+    static Greeter g;
+    
+    static String address;
+
+    @BeforeClass
+    public static void start() throws Exception {
+        Bus b = 
createStaticBus("/org/apache/cxf/transport/http/netty/server/integration/ServerConfig.xml");
+        BusFactory.setThreadDefaultBus(b);
+        address = "https://localhost:"; + PORT + "/SoapContext/SoapPort";
+        ep = Endpoint.publish(address ,
+                new org.apache.hello_world_soap_http.GreeterImpl());
+        
+        URL wsdl = NettyServerTest.class.getResource("/wsdl/hello_world.wsdl");
+        assertNotNull("WSDL is null", wsdl);
+
+        SOAPService service = new SOAPService(wsdl);
+        assertNotNull("Service is null", service);
+
+        g = service.getSoapPort();
+        assertNotNull("Port is null", g);
+    }
+
+    @AfterClass
+    public static void stop() throws Exception {
+        if (g != null) {
+            ((java.io.Closeable)g).close();
+        }
+        if (ep != null) {
+            ep.stop();
+        }
+        ep = null;
+    }
+    
+    @Test
+    public void testInvocation() throws Exception {
+        setupTLS(g);
+        setAddress(g, address);
+        String response = g.greetMe("test");
+        assertEquals("Get a wrong response", "Hello test", response);
+    }
+    
+    private static void setupTLS(Greeter port)
+        throws FileNotFoundException, IOException, GeneralSecurityException {
+        String keyStoreLoc = 
+            
"src/test/resources/org/apache/cxf/transport/http/netty/server/integration/clientKeystore.jks";
+        HTTPConduit httpConduit = (HTTPConduit) 
ClientProxy.getClient(port).getConduit();
+
+        TLSClientParameters tlsCP = new TLSClientParameters();
+        String keyPassword = "ckpass";
+        KeyStore keyStore = KeyStore.getInstance("JKS");
+        keyStore.load(new FileInputStream(keyStoreLoc), 
"cspass".toCharArray());
+        KeyManager[] myKeyManagers = getKeyManagers(keyStore, keyPassword);
+        tlsCP.setKeyManagers(myKeyManagers);
+
+
+        KeyStore trustStore = KeyStore.getInstance("JKS");
+        trustStore.load(new FileInputStream(keyStoreLoc), 
"cspass".toCharArray());
+        TrustManager[] myTrustStoreKeyManagers = getTrustManagers(trustStore);
+        tlsCP.setTrustManagers(myTrustStoreKeyManagers);
+
+        httpConduit.setTlsClientParameters(tlsCP);
+    }
+
+    private static TrustManager[] getTrustManagers(KeyStore trustStore)
+        throws NoSuchAlgorithmException, KeyStoreException {
+        String alg = KeyManagerFactory.getDefaultAlgorithm();
+        TrustManagerFactory fac = TrustManagerFactory.getInstance(alg);
+        fac.init(trustStore);
+        return fac.getTrustManagers();
+    }
+    
+    private static KeyManager[] getKeyManagers(KeyStore keyStore, String 
keyPassword)
+        throws GeneralSecurityException, IOException {
+        String alg = KeyManagerFactory.getDefaultAlgorithm();
+        char[] keyPass = keyPassword != null
+                     ? keyPassword.toCharArray()
+                     : null;
+        KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
+        fac.init(keyStore, keyPass);
+        return fac.getKeyManagers();
+    }
+    
+
+}

Added: 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/ServerConfig.xml
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/ServerConfig.xml?rev=1498833&view=auto
==============================================================================
--- 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/ServerConfig.xml
 (added)
+++ 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/ServerConfig.xml
 Tue Jul  2 08:38:20 2013
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+  
+  http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+<!-- 
+  ** This file configures the Server which runs the web service.
+-->
+
+<beans xmlns="http://www.springframework.org/schema/beans";
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+  xmlns:sec="http://cxf.apache.org/configuration/security";
+  xmlns:http="http://cxf.apache.org/transports/http/configuration";
+  
xmlns:httpn="http://cxf.apache.org/transports/http-netty-server/configuration";
+  xsi:schemaLocation="
+            http://cxf.apache.org/configuration/security                     
+            http://cxf.apache.org/schemas/configuration/security.xsd
+            http://cxf.apache.org/transports/http/configuration
+            http://cxf.apache.org/schemas/configuration/http-conf.xsd
+            http://cxf.apache.org/transports/http-netty-server/configuration 
+                   
http://cxf.apache.org/schemas/configuration/http-netty-server.xsd
+            http://www.springframework.org/schema/beans
+            http://www.springframework.org/schema/beans/spring-beans.xsd";>
+
+  <http:destination 
name="{http://apache.org/hello_world_soap_http}GreeterPort.http-destination";> 
+  </http:destination>
+  <bean 
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+  
+  <httpn:engine-factory>
+   <httpn:engine port="${SSLNettyServerTest.port}">
+    <httpn:tlsServerParameters>
+      <sec:keyManagers keyPassword="skpass">
+           <sec:keyStore 
file="src/test/resources/org/apache/cxf/transport/http/netty/server/integration/serviceKeystore.jks"
 password="sspass" type="JKS"/>
+      </sec:keyManagers>
+      <sec:trustManagers>
+           <sec:keyStore 
file="src/test/resources/org/apache/cxf/transport/http/netty/server/integration/serviceKeystore.jks"
 password="sspass" type="JKS"/>
+      </sec:trustManagers>
+      <sec:cipherSuitesFilter>
+        <!-- these filters ensure that a ciphersuite with
+          export-suitable or null encryption is used,
+          but exclude anonymous Diffie-Hellman key change as
+          this is vulnerable to man-in-the-middle attacks -->
+        <sec:include>.*_EXPORT_.*</sec:include>
+        <sec:include>.*_EXPORT1024_.*</sec:include>
+        <sec:include>.*_WITH_DES_.*</sec:include>
+        <sec:include>.*_WITH_AES_.*</sec:include>
+        <sec:include>.*_WITH_NULL_.*</sec:include>
+        <sec:exclude>.*_DH_anon_.*</sec:exclude>
+      </sec:cipherSuitesFilter>
+      <sec:clientAuthentication want="true" required="true"/>
+    </httpn:tlsServerParameters>
+   </httpn:engine>
+  </httpn:engine-factory>
+</beans>

Added: 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/clientKeystore.jks
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/clientKeystore.jks?rev=1498833&view=auto
==============================================================================
Files 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/clientKeystore.jks
 (added) and 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/clientKeystore.jks
 Tue Jul  2 08:38:20 2013 differ

Added: 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/serviceKeystore.jks
URL: 
http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/serviceKeystore.jks?rev=1498833&view=auto
==============================================================================
Files 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/serviceKeystore.jks
 (added) and 
cxf/trunk/rt/transports/http-netty/netty-server/src/test/resources/org/apache/cxf/transport/http/netty/server/integration/serviceKeystore.jks
 Tue Jul  2 08:38:20 2013 differ

svn commit: r1498833 - in /cxf/trunk/rt/transports/http-netty/netty-server/src/test: java/org/apache/cxf/transport/http/netty/server/integration/ resources/ resources/org/ resources/org/apache/ resources/org/apache/cxf/ resources/org/apache/cxf/transpo...

Reply via email to