Author: orudyy
Date: Wed Dec 12 17:41:39 2012
New Revision: 1420870
URL: http://svn.apache.org/viewvc?rev=1420870&view=rev
Log:
QPID-4390: Changes related to KeyStore and TrusStore configured objects: hide
password attribute add description attribute, update tests, update model
relationships
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/KeyStore.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Model.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/TrustStore.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractKeyStoreAdapter.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/KeyStoreAdapter.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/TrustStoreAdapter.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/transport/AmqpPortAdapter.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/KeyStoreRecovererTest.java
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/TrustStoreRecovererTest.java
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/KeyStore.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/KeyStore.java?rev=1420870&r1=1420869&r2=1420870&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/KeyStore.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/KeyStore.java
Wed Dec 12 17:41:39 2012
@@ -40,6 +40,7 @@ public interface KeyStore extends TrustS
TIME_TO_LIVE,
CREATED,
UPDATED,
+ DESCRIPTION,
PATH,
PASSWORD,
TYPE,
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Model.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Model.java?rev=1420870&r1=1420869&r2=1420870&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Model.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/Model.java
Wed Dec 12 17:41:39 2012
@@ -48,6 +48,8 @@ public class Model
addRelationship(Broker.class, Port.class);
addRelationship(Broker.class, AuthenticationProvider.class);
addRelationship(Broker.class, GroupProvider.class);
+ addRelationship(Broker.class, TrustStore.class);
+ addRelationship(Broker.class, KeyStore.class);
addRelationship(VirtualHost.class, Exchange.class);
addRelationship(VirtualHost.class, Queue.class);
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/TrustStore.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/TrustStore.java?rev=1420870&r1=1420869&r2=1420870&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/TrustStore.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/TrustStore.java
Wed Dec 12 17:41:39 2012
@@ -34,6 +34,7 @@ public interface TrustStore extends Conf
String TIME_TO_LIVE = "timeToLive";
String CREATED = "created";
String UPDATED = "updated";
+ String DESCRIPTION = "description";
String PATH = "path";
String PASSWORD = "password";
@@ -51,9 +52,14 @@ public interface TrustStore extends Conf
TIME_TO_LIVE,
CREATED,
UPDATED,
+ DESCRIPTION,
PATH,
PASSWORD,
TYPE,
KEY_MANAGER_FACTORY_ALGORITHM
));
+
+ public String getPassword();
+
+ public void setPassword(String password);
}
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractKeyStoreAdapter.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractKeyStoreAdapter.java?rev=1420870&r1=1420869&r2=1420870&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractKeyStoreAdapter.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractKeyStoreAdapter.java
Wed Dec 12 17:41:39 2012
@@ -34,25 +34,24 @@ import org.apache.qpid.server.model.KeyS
import org.apache.qpid.server.model.LifetimePolicy;
import org.apache.qpid.server.model.State;
import org.apache.qpid.server.model.Statistics;
+import org.apache.qpid.server.model.TrustStore;
import org.apache.qpid.server.util.MapValueConverter;
public abstract class AbstractKeyStoreAdapter extends AbstractAdapter
{
- protected final String _name;
- protected final String _path;
- protected final String _password;
- protected final String _type;
- protected final String _keyManagerFactoryAlgorithm;
+ private String _name;
+ private String _password;
- protected AbstractKeyStoreAdapter(UUID id, Broker broker, Map<String,
Object> attributes, String defaultName)
+ protected AbstractKeyStoreAdapter(UUID id, Broker broker, Map<String,
Object> attributes)
{
super(id);
addParent(Broker.class, broker);
- _name = MapValueConverter.getStringAttribute(KeyStore.NAME,
attributes, defaultName);
- _path = MapValueConverter.getStringAttribute(KeyStore.PATH,
attributes);
- _password = MapValueConverter.getStringAttribute(KeyStore.PASSWORD,
attributes);
- _type = MapValueConverter.getStringAttribute(KeyStore.TYPE,
attributes, java.security.KeyStore.getDefaultType());
- _keyManagerFactoryAlgorithm =
MapValueConverter.getStringAttribute(KeyStore.KEY_MANAGER_FACTORY_ALGORITHM,
attributes, KeyManagerFactory.getDefaultAlgorithm());
+ _name = MapValueConverter.getStringAttribute(TrustStore.NAME,
attributes);
+ _password = MapValueConverter.getStringAttribute(TrustStore.PASSWORD,
attributes);
+ setMandatoryAttribute(TrustStore.PATH, attributes);
+ setOptionalAttribute(TrustStore.TYPE, attributes,
java.security.KeyStore.getDefaultType());
+ setOptionalAttribute(TrustStore.KEY_MANAGER_FACTORY_ALGORITHM,
attributes, KeyManagerFactory.getDefaultAlgorithm());
+ setOptionalAttribute(TrustStore.DESCRIPTION, attributes, null);
}
@Override
@@ -135,7 +134,7 @@ public abstract class AbstractKeyStoreAd
{
return getId();
}
- else if(KeyStore.NAME.equals(name))
+ if(KeyStore.NAME.equals(name))
{
return getName();
}
@@ -163,21 +162,9 @@ public abstract class AbstractKeyStoreAd
{
}
- else if(KeyStore.PATH.equals(name))
- {
- return _path;
- }
else if(KeyStore.PASSWORD.equals(name))
{
- return _password;
- }
- else if(KeyStore.TYPE.equals(name))
- {
- return _type;
- }
- else if(KeyStore.KEY_MANAGER_FACTORY_ALGORITHM.equals(name))
- {
- return _keyManagerFactoryAlgorithm;
+ return null; // for security reasons we don't expose the password
}
return super.getAttribute(name);
}
@@ -187,4 +174,24 @@ public abstract class AbstractKeyStoreAd
{
return false;
}
+
+ public String getPassword()
+ {
+ return _password;
+ }
+
+ public void setPassword(String password)
+ {
+ _password = password;
+ }
+
+ protected void setMandatoryAttribute(String name, Map<String, Object>
attributes)
+ {
+ setAttribute(name, null, MapValueConverter.getStringAttribute(name,
attributes));
+ }
+
+ protected void setOptionalAttribute(String name, Map<String, Object>
attributes, String defaultValue)
+ {
+ setAttribute(name, null, MapValueConverter.getStringAttribute(name,
attributes, defaultValue));
+ }
}
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/KeyStoreAdapter.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/KeyStoreAdapter.java?rev=1420870&r1=1420869&r2=1420870&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/KeyStoreAdapter.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/KeyStoreAdapter.java
Wed Dec 12 17:41:39 2012
@@ -26,26 +26,14 @@ import java.util.UUID;
import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.KeyStore;
-import org.apache.qpid.server.util.MapValueConverter;
public class KeyStoreAdapter extends AbstractKeyStoreAdapter implements
KeyStore
{
- private final String _certificateAlias;
public KeyStoreAdapter(UUID id, Broker broker, Map<String, Object>
attributes)
{
- super(id, broker, attributes, KeyStore.class.getSimpleName());
- _certificateAlias =
MapValueConverter.getStringAttribute(CERTIFICATE_ALIAS, attributes, null);
- }
-
- @Override
- public Object getAttribute(String name)
- {
- if(CERTIFICATE_ALIAS.equals(name))
- {
- return _certificateAlias;
- }
- return super.getAttribute(name);
+ super(id, broker, attributes);
+ setOptionalAttribute(CERTIFICATE_ALIAS, attributes, null);
}
@Override
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/TrustStoreAdapter.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/TrustStoreAdapter.java?rev=1420870&r1=1420869&r2=1420870&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/TrustStoreAdapter.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/model/adapter/TrustStoreAdapter.java
Wed Dec 12 17:41:39 2012
@@ -31,7 +31,7 @@ public class TrustStoreAdapter extends A
{
public TrustStoreAdapter(UUID id, Broker broker, Map<String, Object>
attributes)
{
- super(id, broker, attributes, TrustStore.class.getSimpleName());
+ super(id, broker, attributes);
}
@Override
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/transport/AmqpPortAdapter.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/transport/AmqpPortAdapter.java?rev=1420870&r1=1420869&r2=1420870&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/transport/AmqpPortAdapter.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/main/java/org/apache/qpid/server/transport/AmqpPortAdapter.java
Wed Dec 12 17:41:39 2012
@@ -117,9 +117,9 @@ public class AmqpPortAdapter extends Por
// TODO: use correct key store and trust store for a port
// XXX: temporarily using first keystore and trustore
KeyStore keyStore = brokerKeyStores.iterator().next();
- TrustStore trustTore = brokerTrustStores.isEmpty() ? null :
brokerTrustStores.iterator().next();
+ TrustStore trustStore = brokerTrustStores.isEmpty() ? null :
brokerTrustStores.iterator().next();
String keystorePath = (String)keyStore.getAttribute(KeyStore.PATH);
- String keystorePassword =
(String)keyStore.getAttribute(KeyStore.PASSWORD);
+ String keystorePassword = keyStore.getPassword();
String keystoreType = (String)keyStore.getAttribute(KeyStore.TYPE);
String keyManagerFactoryAlgorithm =
(String)keyStore.getAttribute(KeyStore.KEY_MANAGER_FACTORY_ALGORITHM);
String certAlias =
(String)keyStore.getAttribute(KeyStore.CERTIFICATE_ALIAS);
@@ -127,12 +127,12 @@ public class AmqpPortAdapter extends Por
final SSLContext sslContext;
try
{
- if(trustTore != null)
+ if(trustStore != null)
{
- String trustStorePassword =
(String)trustTore.getAttribute(TrustStore.PASSWORD);
- String trustStoreType =
(String)trustTore.getAttribute(TrustStore.TYPE);
- String trustManagerFactoryAlgorithm =
(String)trustTore.getAttribute(TrustStore.KEY_MANAGER_FACTORY_ALGORITHM);
- String trustStorePath =
(String)trustTore.getAttribute(TrustStore.PATH);
+ String trustStorePassword = trustStore.getPassword();
+ String trustStoreType =
(String)trustStore.getAttribute(TrustStore.TYPE);
+ String trustManagerFactoryAlgorithm =
(String)trustStore.getAttribute(TrustStore.KEY_MANAGER_FACTORY_ALGORITHM);
+ String trustStorePath =
(String)trustStore.getAttribute(TrustStore.PATH);
sslContext =
SSLContextFactory.buildClientContext(trustStorePath,
trustStorePassword,
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/KeyStoreRecovererTest.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/KeyStoreRecovererTest.java?rev=1420870&r1=1420869&r2=1420870&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/KeyStoreRecovererTest.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/KeyStoreRecovererTest.java
Wed Dec 12 17:41:39 2012
@@ -38,13 +38,7 @@ public class KeyStoreRecovererTest exten
public void testCreateWithAllAttributesProvided()
{
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(KeyStore.NAME, getName());
- attributes.put(KeyStore.PATH, "/path/to/KeyStore");
- attributes.put(KeyStore.PASSWORD, "my-secret-password");
- attributes.put(KeyStore.TYPE, "NON-JKS");
- attributes.put(KeyStore.KEY_MANAGER_FACTORY_ALGORITHM, "NON-STANDARD");
- attributes.put(KeyStore.CERTIFICATE_ALIAS, "my-cert-alias");
+ Map<String, Object> attributes = getKeyStoreAttributes();
UUID id = UUID.randomUUID();
Broker broker = mock(Broker.class);
@@ -57,7 +51,10 @@ public class KeyStoreRecovererTest exten
KeyStore KeyStore = recovever.create(null, entry, broker);
assertNotNull("Key store configured object is not created", KeyStore);
assertEquals(id, KeyStore.getId());
+ assertEquals("my-secret-password", KeyStore.getPassword());
+ // password attribute should not be provided
+ attributes.put(KeyStore.PASSWORD, null);
for (Map.Entry<String, Object> attribute : attributes.entrySet())
{
Object attributeValue = KeyStore.getAttribute(attribute.getKey());
@@ -65,27 +62,45 @@ public class KeyStoreRecovererTest exten
}
}
- public void testCreateWithMissedRequiredAttributes()
+ private Map<String, Object> getKeyStoreAttributes()
{
Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(KeyStore.NAME, getName());
attributes.put(KeyStore.PATH, "/path/to/KeyStore");
+ attributes.put(KeyStore.PASSWORD, "my-secret-password");
+ attributes.put(KeyStore.TYPE, "NON-JKS");
+ attributes.put(KeyStore.KEY_MANAGER_FACTORY_ALGORITHM, "NON-STANDARD");
+ attributes.put(KeyStore.CERTIFICATE_ALIAS, "my-cert-alias");
+ attributes.put(KeyStore.DESCRIPTION, "description");
+ return attributes;
+ }
+
+ public void testCreateWithMissedRequiredAttributes()
+ {
+ Map<String, Object> attributes = getKeyStoreAttributes();
UUID id = UUID.randomUUID();
Broker broker = mock(Broker.class);
ConfigurationEntry entry = mock(ConfigurationEntry.class);
- when(entry.getAttributes()).thenReturn(attributes);
when(entry.getId()).thenReturn(id);
KeyStoreRecoverer recovever = new KeyStoreRecoverer();
- try
- {
- recovever.create(null, entry, broker);
- fail("Cannot create key store without a path");
- }
- catch(IllegalArgumentException e)
+ String[] mandatoryProperties = {KeyStore.NAME, KeyStore.PATH,
KeyStore.PASSWORD};
+ for (int i = 0; i < mandatoryProperties.length; i++)
{
- // pass
+ Map<String, Object> properties = new HashMap<String,
Object>(attributes);
+ properties.remove(mandatoryProperties[i]);
+ when(entry.getAttributes()).thenReturn(properties);
+ try
+ {
+ recovever.create(null, entry, broker);
+ fail("Cannot create key store without a " +
mandatoryProperties[i]);
+ }
+ catch(IllegalArgumentException e)
+ {
+ // pass
+ }
}
}
Modified:
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/TrustStoreRecovererTest.java
URL:
http://svn.apache.org/viewvc/qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/TrustStoreRecovererTest.java?rev=1420870&r1=1420869&r2=1420870&view=diff
==============================================================================
---
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/TrustStoreRecovererTest.java
(original)
+++
qpid/branches/java-broker-config-qpid-4390/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/startup/TrustStoreRecovererTest.java
Wed Dec 12 17:41:39 2012
@@ -36,12 +36,7 @@ public class TrustStoreRecovererTest ext
{
public void testCreateWithAllAttributesProvided()
{
- Map<String, Object> attributes = new HashMap<String, Object>();
- attributes.put(TrustStore.NAME, getName());
- attributes.put(TrustStore.PATH, "/path/to/truststore");
- attributes.put(TrustStore.PASSWORD, "my-secret-password");
- attributes.put(TrustStore.TYPE, "NON-JKS");
- attributes.put(TrustStore.KEY_MANAGER_FACTORY_ALGORITHM,
"NON-STANDARD");
+ Map<String, Object> attributes = getTrustStoreAttributes();
UUID id = UUID.randomUUID();
Broker broker = mock(Broker.class);
@@ -54,7 +49,10 @@ public class TrustStoreRecovererTest ext
TrustStore trustStore = recovever.create(null, entry, broker);
assertNotNull("Trust store configured object is not created",
trustStore);
assertEquals(id, trustStore.getId());
+ assertEquals("my-secret-password", trustStore.getPassword());
+ // password attribute should not be provided
+ attributes.put(TrustStore.PASSWORD, null);
for (Map.Entry<String, Object> attribute : attributes.entrySet())
{
Object attributeValue =
trustStore.getAttribute(attribute.getKey());
@@ -62,10 +60,21 @@ public class TrustStoreRecovererTest ext
}
}
- public void testCreateWithMissedRequiredAttributes()
+ private Map<String, Object> getTrustStoreAttributes()
{
Map<String, Object> attributes = new HashMap<String, Object>();
+ attributes.put(TrustStore.NAME, getName());
attributes.put(TrustStore.PATH, "/path/to/truststore");
+ attributes.put(TrustStore.PASSWORD, "my-secret-password");
+ attributes.put(TrustStore.TYPE, "NON-JKS");
+ attributes.put(TrustStore.KEY_MANAGER_FACTORY_ALGORITHM,
"NON-STANDARD");
+ attributes.put(TrustStore.DESCRIPTION, "Description");
+ return attributes;
+ }
+
+ public void testCreateWithMissedRequiredAttributes()
+ {
+ Map<String, Object> attributes = getTrustStoreAttributes();
UUID id = UUID.randomUUID();
Broker broker = mock(Broker.class);
@@ -75,14 +84,21 @@ public class TrustStoreRecovererTest ext
TrustStoreRecoverer recovever = new TrustStoreRecoverer();
- try
- {
- recovever.create(null, entry, broker);
- fail("Cannot create trustore without a path");
- }
- catch(IllegalArgumentException e)
+ String[] mandatoryProperties = {TrustStore.NAME, TrustStore.PATH,
TrustStore.PASSWORD};
+ for (int i = 0; i < mandatoryProperties.length; i++)
{
- // pass
+ Map<String, Object> properties = new HashMap<String,
Object>(attributes);
+ properties.remove(mandatoryProperties[i]);
+ when(entry.getAttributes()).thenReturn(properties);
+ try
+ {
+ recovever.create(null, entry, broker);
+ fail("Cannot create key store without a " +
mandatoryProperties[i]);
+ }
+ catch(IllegalArgumentException e)
+ {
+ // pass
+ }
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
