Repository: cxf Updated Branches: refs/heads/master 1dec7e3bd -> 6ebf6a89d
[CXF-6294] - Adding test via code Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6ebf6a89 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6ebf6a89 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6ebf6a89 Branch: refs/heads/master Commit: 6ebf6a89d75de31bb35906e0b2062c435f872b6a Parents: 1dec7e3 Author: Colm O hEigeartaigh <[email protected]> Authored: Wed Mar 18 14:02:44 2015 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Wed Mar 18 14:02:44 2015 +0000 ---------------------------------------------------------------------- .../https/ciphersuites/CipherSuitesTest.java | 69 ++++++++++++++++++++ .../ciphersuites-client-noconfig.xml | 27 ++++++++ 2 files changed, 96 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/6ebf6a89/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java index 3c85e31..1f59ff0 100644 --- a/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java +++ b/systests/transports/src/test/java/org/apache/cxf/systest/https/ciphersuites/CipherSuitesTest.java @@ -20,15 +20,24 @@ package org.apache.cxf.systest.https.ciphersuites; import java.net.URL; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.util.Collections; import javax.crypto.Cipher; import javax.crypto.SecretKey; import javax.crypto.spec.SecretKeySpec; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; import javax.xml.ws.BindingProvider; import org.apache.cxf.Bus; import org.apache.cxf.bus.spring.SpringBusFactory; +import org.apache.cxf.configuration.jsse.TLSClientParameters; +import org.apache.cxf.endpoint.Client; +import org.apache.cxf.frontend.ClientProxy; import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; +import org.apache.cxf.transport.http.HTTPConduit; import org.apache.hello_world.Greeter; import org.apache.hello_world.services.SOAPService; import org.junit.AfterClass; @@ -466,4 +475,64 @@ public class CipherSuitesTest extends AbstractBusClientServerTestBase { ((java.io.Closeable)port).close(); bus.shutdown(true); } + + // Both client + server include AES, client enables a TLS v1.2 CipherSuite + @org.junit.Test + public void testAESIncludedTLSv12ViaCode() throws Exception { + SpringBusFactory bf = new SpringBusFactory(); + URL busFile = CipherSuitesTest.class.getResource("ciphersuites-client-noconfig.xml"); + + Bus bus = bf.createBus(busFile.toString()); + SpringBusFactory.setDefaultBus(bus); + SpringBusFactory.setThreadDefaultBus(bus); + + URL url = SOAPService.WSDL_LOCATION; + SOAPService service = new SOAPService(url, SOAPService.SERVICE); + assertNotNull("Service is null", service); + final Greeter port = service.getHttpsPort(); + assertNotNull("Port is null", port); + + updateAddressPort(port, PORT); + + Client client = ClientProxy.getClient(port); + HTTPConduit conduit = (HTTPConduit) client.getConduit(); + + TLSClientParameters tlsParams = new TLSClientParameters(); + X509TrustManager trustManager = new NoOpX509TrustManager(); + TrustManager[] trustManagers = new TrustManager[1]; + trustManagers[0] = trustManager; + tlsParams.setTrustManagers(trustManagers); + tlsParams.setDisableCNCheck(true); + + tlsParams.setSecureSocketProtocol("TLSv1.2"); + tlsParams.setCipherSuites(Collections.singletonList("TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256")); + + conduit.setTlsClientParameters(tlsParams); + + assertEquals(port.greetMe("Kitty"), "Hello Kitty"); + + ((java.io.Closeable)port).close(); + bus.shutdown(true); + } + + private static class NoOpX509TrustManager implements X509TrustManager { + + public NoOpX509TrustManager() { + + } + + @Override + public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException { + } + + @Override + public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException { + } + + @Override + public X509Certificate[] getAcceptedIssuers() { + return null; + } + + } } http://git-wip-us.apache.org/repos/asf/cxf/blob/6ebf6a89/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client-noconfig.xml ---------------------------------------------------------------------- diff --git a/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client-noconfig.xml b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client-noconfig.xml new file mode 100644 index 0000000..99cf2e0 --- /dev/null +++ b/systests/transports/src/test/resources/org/apache/cxf/systest/https/ciphersuites/ciphersuites-client-noconfig.xml @@ -0,0 +1,27 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one + or more contributor license agreements. See the NOTICE file + distributed with this work for additional information + regarding copyright ownership. The ASF licenses this file + to you under the Apache License, Version 2.0 (the + "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, + software distributed under the License is distributed on an + "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + KIND, either express or implied. See the License for the + specific language governing permissions and limitations + under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:http="http://cxf.apache.org/transports/http/configuration"; xmlns:jaxws="http://cxf.apache.org/jaxws"; xmlns:cxf="http://cxf.apache.org/core"; xmlns:p="http://cxf.apache.org/policy"; xmlns:sec="http://cxf.apache.org/configuration/security"; xsi:schemaLocation=" http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd http://cxf.apache.org/transports/http/configuration http://cxf.apache.org/schemas/configuration/http-conf.xsd http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd http://cxf.apache.org/policy http://cxf.apache.org/schemas/poli cy.xsd"> + + <cxf:bus> + <cxf:features> + <cxf:logging/> + </cxf:features> + </cxf:bus> +</beans>
