Author: rajith
Date: Fri Mar 19 15:56:03 2010
New Revision: 925289
URL: http://svn.apache.org/viewvc?rev=925289&view=rev
Log:
Added support for QPID-2444 QPID-2446
1. You could specify ssl_verify_hostname as a Broker argument in the Connection
URL to explicitly enable SSL hostname verification.
2. You could specify a per connection trust store and key store to allow each
connection to use it's own client certificate.
trust_store,trust_store_passowrd, key_store, key_store_password could be
specified as Broker arguments in the Connection URL.
Modified:
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/jms/BrokerDetails.java
Modified:
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java?rev=925289&r1=925288&r2=925289&view=diff
==============================================================================
---
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java
(original)
+++
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java
Fri Mar 19 15:56:03 2010
@@ -157,45 +157,9 @@ public class AMQConnectionDelegate_0_10
+ _conn.getPassword());
}
- String saslMechs =
brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_MECHS) != null ?
-
brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_MECHS):
- System.getProperty("qpid.sasl_mechs", "PLAIN");
-
- // Sun SASL Kerberos client uses the
- // protocol + servername as the service key.
- String protocol =
brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_PROTOCOL_NAME) != null ?
-
brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_PROTOCOL_NAME):
- System.getProperty("qpid.sasl_protocol", "AMQP");
-
- String saslServerName =
brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_SERVER_NAME) != null ?
-
brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_SERVER_NAME):
- System.getProperty("qpid.sasl_server_name",
"localhost");
-
- boolean useSSL =
brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SSL);
-
- boolean useSASLEncryption =
brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SASL_ENCRYPTION)?
-
brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SASL_ENCRYPTION):
-
Boolean.getBoolean("qpid.sasl_encryption");
-
- boolean useTcpNodelay =
brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_TCP_NO_DELAY)?
-
brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_TCP_NO_DELAY):
- Boolean.getBoolean("amqj.tcp_nodelay");
-
-
ConnectionSettings conSettings = new ConnectionSettings();
- conSettings.setHost(brokerDetail.getHost());
- conSettings.setPort(brokerDetail.getPort());
- conSettings.setVhost(_conn.getVirtualHost());
- conSettings.setUsername(_conn.getUsername());
- conSettings.setPassword(_conn.getPassword());
- conSettings.setUseSASLEncryption(useSASLEncryption);
- conSettings.setUseSSL(useSSL);
- conSettings.setSaslMechs(saslMechs);
- conSettings.setTcpNodelay(useTcpNodelay);
- conSettings.setSaslProtocol(protocol);
- conSettings.setSaslServerName(saslServerName);
-
conSettings.setHeartbeatInterval(getHeartbeatInterval(brokerDetail));
-
+ retriveConnectionSettings(conSettings,brokerDetail);
+
_qpidConnection.connect(conSettings);
_conn._connected = true;
@@ -328,6 +292,87 @@ public class AMQConnectionDelegate_0_10
return ProtocolVersion.v0_10;
}
+ private void retriveConnectionSettings(ConnectionSettings conSettings,
BrokerDetails brokerDetail)
+ {
+
+ conSettings.setHost(brokerDetail.getHost());
+ conSettings.setPort(brokerDetail.getPort());
+ conSettings.setVhost(_conn.getVirtualHost());
+ conSettings.setUsername(_conn.getUsername());
+ conSettings.setPassword(_conn.getPassword());
+
+ // ------------ sasl options ---------------
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_MECHS) != null)
+ {
+ conSettings.setSaslMechs(
+
brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_MECHS));
+ }
+
+ // Sun SASL Kerberos client uses the
+ // protocol + servername as the service key.
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_PROTOCOL_NAME)
!= null)
+ {
+ conSettings.setSaslProtocol(
+
brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_PROTOCOL_NAME));
+ }
+
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_SERVER_NAME)
!= null)
+ {
+ conSettings.setSaslServerName(
+
brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_SERVER_NAME));
+ }
+
+ conSettings.setUseSASLEncryption(
+
brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SASL_ENCRYPTION));
+
+ // ------------- ssl options ---------------------
+
conSettings.setUseSSL(brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SSL));
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_TRUST_STORE) !=
null)
+ {
+ conSettings.setTrustStorePath(
+
brokerDetail.getProperty(BrokerDetails.OPTIONS_TRUST_STORE));
+ }
+
+ if
(brokerDetail.getProperty(BrokerDetails.OPTIONS_TRUST_STORE_PASSWORD) != null)
+ {
+ conSettings.setTrustStorePassword(
+
brokerDetail.getProperty(BrokerDetails.OPTIONS_TRUST_STORE_PASSWORD));
+ }
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_KEY_STORE) != null)
+ {
+ conSettings.setKeyStorePath(
+ brokerDetail.getProperty(BrokerDetails.OPTIONS_KEY_STORE));
+ }
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_KEY_STORE_PASSWORD)
!= null)
+ {
+ conSettings.setKeyStorePassword(
+
brokerDetail.getProperty(BrokerDetails.OPTIONS_KEY_STORE_PASSWORD));
+ }
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_SSL_CERT_ALIAS) !=
null)
+ {
+ conSettings.setCertAlias(
+
brokerDetail.getProperty(BrokerDetails.OPTIONS_SSL_CERT_ALIAS));
+ }
+ // ----------------------------
+
+
conSettings.setVerifyHostname(brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SSL_VERIFY_HOSTNAME));
+
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_TCP_NO_DELAY) !=
null)
+ {
+ conSettings.setTcpNodelay(
+
brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_TCP_NO_DELAY));
+ }
+
+ conSettings.setHeartbeatInterval(getHeartbeatInterval(brokerDetail));
+ }
+
// The idle_timeout prop is in milisecs while
// the new heartbeat prop is in secs
private int getHeartbeatInterval(BrokerDetails brokerDetail)
Modified:
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/jms/BrokerDetails.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/jms/BrokerDetails.java?rev=925289&r1=925288&r2=925289&view=diff
==============================================================================
---
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/jms/BrokerDetails.java
(original)
+++
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/jms/BrokerDetails.java
Fri Mar 19 15:56:03 2010
@@ -42,6 +42,14 @@ public interface BrokerDetails
public static final String OPTIONS_TCP_NO_DELAY = "tcp_nodelay";
public static final String OPTIONS_SASL_PROTOCOL_NAME = "sasl_protocol";
public static final String OPTIONS_SASL_SERVER_NAME = "sasl_server";
+
+ public static final String OPTIONS_TRUST_STORE = "trust_store";
+ public static final String OPTIONS_TRUST_STORE_PASSWORD =
"trust_store_password";
+ public static final String OPTIONS_KEY_STORE = "key_store";
+ public static final String OPTIONS_KEY_STORE_PASSWORD =
"key_store_password";
+ public static final String OPTIONS_SSL_VERIFY_HOSTNAME =
"ssl_verify_hostname";
+ public static final String OPTIONS_SSL_CERT_ALIAS = "ssl_cert_alias";
+
public static final int DEFAULT_PORT = 5672;
public static final String SOCKET = "socket";
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
