[4/4] qpid-broker-j git commit: QPID-6933: [System Tests] Refactor TLS tests as JMS 1.1 system test

orudyy Thu, 04 Jan 2018 15:44:25 -0800

QPID-6933: [System Tests] Refactor TLS tests as JMS 1.1 system test


Project: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/commit/0904d669
Tree: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/tree/0904d669
Diff: http://git-wip-us.apache.org/repos/asf/qpid-broker-j/diff/0904d669

Branch: refs/heads/master
Commit: 0904d6691a0599de0f2f679439bfc4ccadb5d8a5
Parents: 99fa51f
Author: Alex Rudyy <[email protected]>
Authored: Thu Jan 4 22:21:07 2018 +0000
Committer: Alex Rudyy <[email protected]>
Committed: Thu Jan 4 23:43:53 2018 +0000

----------------------------------------------------------------------
 .../qpid/systests/AmqpManagementFacade.java     | 186 ++++-
 .../apache/qpid/systests/ConnectionBuilder.java |   6 +
 .../org/apache/qpid/systests/JmsTestBase.java   |  75 +-
 .../QpidJmsClient0xConnectionBuilder.java       |  87 ++-
 .../QpidJmsClientConnectionBuilder.java         |  42 +
 systests/qpid-systests-jms_1.1/pom.xml          |  24 +
 .../queue/ProducerFlowControlTest.java          |   4 +-
 .../jms_1_1/extensions/tls/TlsTest.java         | 694 +++++++++++++++++
 .../qpid/test/utils/QpidBrokerTestCase.java     |   2 +-
 .../org/apache/qpid/client/ssl/SSLTest.java     | 769 -------------------
 .../queue/NodeAutoCreationPolicyTest.java       |  12 +-
 .../queue/QueueMessageDurabilityTest.java       |   8 +-
 .../server/routing/ExchangeRoutingTest.java     |  10 +-
 .../security/acl/AbstractACLTestCase.java       |   2 +-
 .../apache/qpid/systest/MessageRoutingTest.java |   2 +-
 test-profiles/CPPExcludes                       |   5 -
 test-profiles/Excludes                          |   2 -
 test-profiles/Java10Excludes                    |  16 -
 test-profiles/JavaPre010Excludes                |   3 -
 test-profiles/cpp.ssl.excludes                  |   3 -
 20 files changed, 1097 insertions(+), 855 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/AmqpManagementFacade.java
----------------------------------------------------------------------
diff --git 
a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/AmqpManagementFacade.java
 
b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/AmqpManagementFacade.java
index 39707eb..7f789c6 100644
--- 
a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/AmqpManagementFacade.java
+++ 
b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/AmqpManagementFacade.java
@@ -29,6 +29,7 @@ import java.util.Map;
 import java.util.TreeMap;
 
 import javax.jms.BytesMessage;
+import javax.jms.Destination;
 import javax.jms.JMSException;
 import javax.jms.MapMessage;
 import javax.jms.Message;
@@ -42,13 +43,20 @@ import javax.jms.TemporaryQueue;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 
+import org.apache.qpid.server.model.Protocol;
+
 public class AmqpManagementFacade
 {
+    private static final String AMQP_0_X_REPLY_TO_DESTINATION = 
"ADDR:!response";
+    private static final String AMQP_0_X_CONSUMER_REPLY_DESTINATION =
+            "ADDR:$management ; {assert : never, node: { type: queue }, 
link:{name: \"!response\"}}";
     private final String _managementAddress;
+    private final Protocol _protocol;
 
-    public AmqpManagementFacade(final String managementAddress)
+    public AmqpManagementFacade(final Protocol protocol)
     {
-        _managementAddress = managementAddress;
+        _managementAddress = protocol == Protocol.AMQP_1_0 ? "$management" : 
"ADDR:$management";
+        _protocol = protocol;
     }
 
     public void createEntityUsingAmqpManagement(final String name, final 
Session session, final String type)
@@ -82,6 +90,96 @@ public class AmqpManagementFacade
         producer.close();
     }
 
+    public Map<String, Object> createEntityAndAssertResponse(final String name,
+                                            final String type,
+                                            final Map<String, Object> 
attributes,
+                                            final Session session)
+            throws JMSException
+    {
+        Destination replyToDestination;
+        Destination replyConsumerDestination;
+        if (_protocol == Protocol.AMQP_1_0)
+        {
+            replyToDestination = session.createTemporaryQueue();
+            replyConsumerDestination = replyToDestination;
+        }
+        else
+        {
+            replyToDestination = 
session.createQueue(AMQP_0_X_REPLY_TO_DESTINATION);
+            replyConsumerDestination = 
session.createQueue(AMQP_0_X_CONSUMER_REPLY_DESTINATION);
+        }
+
+        MessageConsumer consumer = 
session.createConsumer(replyConsumerDestination);
+
+        MessageProducer producer = 
session.createProducer(session.createQueue(_managementAddress));
+
+        MapMessage createMessage = session.createMapMessage();
+        createMessage.setStringProperty("type", type);
+        createMessage.setStringProperty("operation", "CREATE");
+        createMessage.setString("name", name);
+        createMessage.setString("object-path", name);
+        createMessage.setJMSReplyTo(replyToDestination);
+        for (Map.Entry<String, Object> entry : attributes.entrySet())
+        {
+            createMessage.setObject(entry.getKey(), entry.getValue());
+        }
+        producer.send(createMessage);
+        if (session.getTransacted())
+        {
+            session.commit();
+        }
+        producer.close();
+
+        Message response = consumer.receive(5000);
+        try
+        {
+            if (response != null)
+            {
+                int statusCode = response.getIntProperty("statusCode");
+                if (statusCode == 201)
+                {
+                    if (response instanceof MapMessage)
+                    {
+                        MapMessage bodyMap = (MapMessage) response;
+                        Map<String, Object> result = new HashMap<>();
+                        Enumeration keys = bodyMap.getMapNames();
+                        while (keys.hasMoreElements())
+                        {
+                            final String key = 
String.valueOf(keys.nextElement());
+                            Object value = bodyMap.getObject(key);
+                            result.put(key, value);
+                        }
+                        return result;
+                    }
+                    else if (response instanceof ObjectMessage)
+                    {
+                        Object body = ((ObjectMessage) response).getObject();
+                        if (body instanceof Map)
+                        {
+                            @SuppressWarnings("unchecked")
+                            Map<String, Object> bodyMap = (Map<String, 
Object>) body;
+                            return new HashMap<>(bodyMap);
+                        }
+                    }
+                }
+                else
+                {
+                    throw new 
OperationUnsuccessfulException(response.getStringProperty("statusDescription"), 
statusCode);
+                }
+            }
+
+            throw new IllegalArgumentException("Cannot parse the results from 
a management query");
+        }
+        finally
+        {
+            consumer.close();
+            if (_protocol == Protocol.AMQP_1_0)
+            {
+                ((TemporaryQueue) replyToDestination).delete();
+            }
+        }
+    }
+
     public void updateEntityUsingAmqpManagement(final String name,
                                                 final Session session,
                                                 final String type,
@@ -132,14 +230,28 @@ public class AmqpManagementFacade
                                                       Map<String, Object> 
arguments)
             throws JMSException
     {
+        Destination replyToDestination;
+        Destination replyConsumerDestination;
+        if (_protocol == Protocol.AMQP_1_0)
+        {
+            replyToDestination = session.createTemporaryQueue();
+            replyConsumerDestination = replyToDestination;
+        }
+        else
+        {
+            replyToDestination = 
session.createQueue(AMQP_0_X_REPLY_TO_DESTINATION);
+            replyConsumerDestination = 
session.createQueue(AMQP_0_X_CONSUMER_REPLY_DESTINATION);
+        }
+
+        MessageConsumer consumer = 
session.createConsumer(replyConsumerDestination);
+
         MessageProducer producer = 
session.createProducer(session.createQueue(_managementAddress));
-        final TemporaryQueue responseQ = session.createTemporaryQueue();
-        MessageConsumer consumer = session.createConsumer(responseQ);
+
         MapMessage opMessage = session.createMapMessage();
         opMessage.setStringProperty("type", type);
         opMessage.setStringProperty("operation", operation);
         opMessage.setStringProperty("index", "object-path");
-        opMessage.setJMSReplyTo(responseQ);
+        opMessage.setJMSReplyTo(replyToDestination);
 
         opMessage.setStringProperty("key", name);
         for (Map.Entry<String, Object> argument : arguments.entrySet())
@@ -179,7 +291,7 @@ public class AmqpManagementFacade
             int statusCode = response.getIntProperty("statusCode");
             if (statusCode < 200 || statusCode > 299)
             {
-                throw new OperationUnsuccessfulException(statusCode);
+                throw new 
OperationUnsuccessfulException(response.getStringProperty("statusDescription"), 
statusCode);
             }
             if (response instanceof MapMessage)
             {
@@ -221,24 +333,39 @@ public class AmqpManagementFacade
                 session.commit();
             }
             consumer.close();
-            responseQ.delete();
+            if(_protocol == Protocol.AMQP_1_0)
+            {
+                ((TemporaryQueue)replyToDestination).delete();
+            }
         }
     }
 
     public List<Map<String, Object>> managementQueryObjects(final Session 
session, final String type)
             throws JMSException
     {
-        MessageProducer producer = 
session.createProducer(session.createQueue("$management"));
-        final TemporaryQueue responseQ = session.createTemporaryQueue();
-        MessageConsumer consumer = session.createConsumer(responseQ);
+        Destination replyToDestination;
+        Destination replyConsumerDestination;
+        if(_protocol == Protocol.AMQP_1_0)
+        {
+            replyToDestination = session.createTemporaryQueue();
+            replyConsumerDestination = replyToDestination;
+        }
+        else
+        {
+            replyToDestination = 
session.createQueue(AMQP_0_X_REPLY_TO_DESTINATION);
+            replyConsumerDestination = 
session.createQueue(AMQP_0_X_CONSUMER_REPLY_DESTINATION);
+        }
+
+        MessageConsumer consumer = 
session.createConsumer(replyConsumerDestination);
         MapMessage message = session.createMapMessage();
         message.setStringProperty("identity", "self");
         message.setStringProperty("type", "org.amqp.management");
         message.setStringProperty("operation", "QUERY");
         message.setStringProperty("entityType", type);
         message.setString("attributeNames", "[]");
-        message.setJMSReplyTo(responseQ);
+        message.setJMSReplyTo(replyToDestination);
 
+        MessageProducer producer = 
session.createProducer(session.createQueue(_managementAddress));
         producer.send(message);
 
         Message response = consumer.receive(5000);
@@ -267,7 +394,10 @@ public class AmqpManagementFacade
         finally
         {
             consumer.close();
-            responseQ.delete();
+            if(_protocol == Protocol.AMQP_1_0)
+            {
+                ((TemporaryQueue)replyToDestination).delete();
+            }
         }
     }
 
@@ -276,10 +406,23 @@ public class AmqpManagementFacade
                                                              final String name,
                                                              final boolean 
actuals) throws JMSException
     {
+        Destination replyToDestination;
+        Destination replyConsumerDestination;
+        if(_protocol == Protocol.AMQP_1_0)
+        {
+            replyToDestination = session.createTemporaryQueue();
+            replyConsumerDestination = replyToDestination;
+        }
+        else
+        {
+            replyToDestination = 
session.createQueue(AMQP_0_X_REPLY_TO_DESTINATION);
+            replyConsumerDestination = 
session.createQueue(AMQP_0_X_CONSUMER_REPLY_DESTINATION);
+        }
+
+        MessageConsumer consumer = 
session.createConsumer(replyConsumerDestination);
+
         MessageProducer producer = 
session.createProducer(session.createQueue(_managementAddress));
 
-        final TemporaryQueue responseQueue = session.createTemporaryQueue();
-        MessageConsumer consumer = session.createConsumer(responseQueue);
 
         MapMessage request = session.createMapMessage();
         request.setStringProperty("type", type);
@@ -289,7 +432,7 @@ public class AmqpManagementFacade
         request.setStringProperty("index", "object-path");
         request.setStringProperty("key", name);
         request.setBooleanProperty("actuals", actuals);
-        request.setJMSReplyTo(responseQueue);
+        request.setJMSReplyTo(replyToDestination);
 
         producer.send(request);
         if (session.getTransacted())
@@ -308,6 +451,7 @@ public class AmqpManagementFacade
             {
                 MapMessage bodyMap = (MapMessage) response;
                 Map<String, Object> data = new HashMap<>();
+                @SuppressWarnings("unchecked")
                 Enumeration<String> keys = bodyMap.getMapNames();
                 while (keys.hasMoreElements())
                 {
@@ -321,6 +465,7 @@ public class AmqpManagementFacade
                 Object body = ((ObjectMessage) response).getObject();
                 if (body instanceof Map)
                 {
+                    @SuppressWarnings("unchecked")
                     Map<String, ?> bodyMap = (Map<String, ?>) body;
                     return new HashMap<>(bodyMap);
                 }
@@ -333,7 +478,10 @@ public class AmqpManagementFacade
         finally
         {
             consumer.close();
-            responseQueue.delete();
+            if(_protocol == Protocol.AMQP_1_0)
+            {
+                ((TemporaryQueue)replyToDestination).delete();
+            }
         }
     }
 
@@ -347,7 +495,7 @@ public class AmqpManagementFacade
                                                                 session,
                                                                 
"org.apache.qpid.Queue",
                                                                 arguments);
-
+        @SuppressWarnings("unchecked")
         Map<String, Object> statisticsMap = (Map<String, Object>) statistics;
         return ((Number) statisticsMap.get("queueDepthMessages")).intValue();
     }
@@ -402,9 +550,9 @@ public class AmqpManagementFacade
     {
         private final int _statusCode;
 
-        private OperationUnsuccessfulException(final int statusCode)
+        private OperationUnsuccessfulException(final String message, final int 
statusCode)
         {
-            super();
+            super(message == null ? String.format("Unexpected status code %d", 
statusCode): message);
             _statusCode = statusCode;
         }
 

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/ConnectionBuilder.java
----------------------------------------------------------------------
diff --git 
a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/ConnectionBuilder.java
 
b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/ConnectionBuilder.java
index 92454e9..e0bb609 100644
--- 
a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/ConnectionBuilder.java
+++ 
b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/ConnectionBuilder.java
@@ -49,6 +49,12 @@ public interface ConnectionBuilder
     ConnectionBuilder setMessageRedelivery(final boolean redelivery);
     ConnectionBuilder setDeserializationPolicyWhiteList(String whiteList);
     ConnectionBuilder setDeserializationPolicyBlackList(String blackList);
+    ConnectionBuilder setKeyStoreLocation(String keyStoreLocation);
+    ConnectionBuilder setKeyStorePassword(String keyStorePassword);
+    ConnectionBuilder setTrustStoreLocation(String trustStoreLocation);
+    ConnectionBuilder setTrustStorePassword(String trustStorePassword);
+    ConnectionBuilder setVerifyHostName(boolean verifyHostName);
+    ConnectionBuilder setKeyAlias(String alias);
 
     Connection build() throws NamingException, JMSException;
     ConnectionFactory buildConnectionFactory() throws NamingException;

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/JmsTestBase.java
----------------------------------------------------------------------
diff --git 
a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/JmsTestBase.java
 
b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/JmsTestBase.java
index a5c9553..c94ed67 100644
--- 
a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/JmsTestBase.java
+++ 
b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/JmsTestBase.java
@@ -26,6 +26,7 @@ import static org.junit.Assert.assertTrue;
 import java.net.InetSocketAddress;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.List;
 import java.util.Map;
 
 import javax.jms.Connection;
@@ -55,14 +56,14 @@ public abstract class JmsTestBase extends 
BrokerAdminUsingTestBase
     @BeforeClass
     public static void setUpTestBase()
     {
-        if ("1.0".equals(System.getProperty("broker.version", "1.0")))
+        Protocol protocol = getProtocol();
+        _managementFacade = new AmqpManagementFacade(protocol);
+        if (protocol == Protocol.AMQP_1_0)
         {
-            _managementFacade = new AmqpManagementFacade("$management");
             _jmsProvider = new QpidJmsClientProvider(_managementFacade);
         }
         else
         {
-            _managementFacade = new AmqpManagementFacade("ADDR:$management");
             _jmsProvider = new QpidJmsClient0xProvider();
         }
     }
@@ -119,7 +120,7 @@ public abstract class JmsTestBase extends 
BrokerAdminUsingTestBase
         return getConnectionBuilder().build();
     }
 
-    protected long getReceiveTimeout()
+    protected static long getReceiveTimeout()
     {
         return Long.getLong("qpid.test_receive_timeout", 1000L);
     }
@@ -236,21 +237,14 @@ public abstract class JmsTestBase extends 
BrokerAdminUsingTestBase
         }
     }
 
-    protected Map<String, Object> readEntityUsingAmqpManagement(String type, 
String name, boolean actuals) throws Exception
+    protected Map<String, Object> readEntityUsingAmqpManagement(String name, 
String type, boolean actuals)
+            throws Exception
     {
         Connection connection = getConnection();
         try
         {
             connection.start();
-            Session session = connection.createSession(false, 
Session.AUTO_ACKNOWLEDGE);
-            try
-            {
-                return 
_managementFacade.readEntityUsingAmqpManagement(session, type, name, actuals);
-            }
-            finally
-            {
-                session.close();
-            }
+            return readEntityUsingAmqpManagement(name, type, actuals, 
connection);
         }
         finally
         {
@@ -258,13 +252,62 @@ public abstract class JmsTestBase extends 
BrokerAdminUsingTestBase
         }
     }
 
+    protected Map<String, Object> readEntityUsingAmqpManagement(final String 
name,
+                                                                final String 
type,
+                                                                final boolean 
actuals,
+                                                                final 
Connection connection)
+            throws JMSException
+    {
+        Session session = connection.createSession(false, 
Session.AUTO_ACKNOWLEDGE);
+        try
+        {
+            return _managementFacade.readEntityUsingAmqpManagement(session, 
type, name, actuals);
+        }
+        finally
+        {
+            session.close();
+        }
+    }
+
+    protected List<Map<String, Object>> queryEntitiesUsingAmqpManagement(final 
String type, final Connection connection)
+            throws JMSException
+    {
+        Session session = connection.createSession(false, 
Session.AUTO_ACKNOWLEDGE);
+        try
+        {
+            return _managementFacade.managementQueryObjects(session, type);
+        }
+        finally
+        {
+            session.close();
+        }
+    }
+
+    protected Map<String, Object> createEntity(final String entityName,
+                                               final String entityType,
+                                               final Map<String, Object> 
attributes, final Connection connection)
+            throws Exception
+    {
+        Session session = connection.createSession(false, 
Session.AUTO_ACKNOWLEDGE);
+        try
+        {
+            return _managementFacade.createEntityAndAssertResponse(entityName, 
entityType, attributes, session);
+        }
+        finally
+        {
+            session.close();
+        }
+    }
+
     protected TopicConnection getTopicConnection() throws JMSException, 
NamingException
     {
         return (TopicConnection) getConnection();
     }
 
-    public Protocol getProtocol()
+    protected static Protocol getProtocol()
     {
-        return Protocol.valueOf("AMQP_" + System.getProperty("broker.version", 
"0-9-1").replace('-', '_').replace('.', '_'));
+        return Protocol.valueOf("AMQP_" + System.getProperty("broker.version", 
"0-9-1")
+                                                .replace('-', '_')
+                                                .replace('.', '_'));
     }
 }

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClient0xConnectionBuilder.java
----------------------------------------------------------------------
diff --git 
a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClient0xConnectionBuilder.java
 
b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClient0xConnectionBuilder.java
index eeb82ac..539f12e 100644
--- 
a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClient0xConnectionBuilder.java
+++ 
b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClient0xConnectionBuilder.java
@@ -20,6 +20,9 @@
 
 package org.apache.qpid.systests;
 
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
 import java.util.Hashtable;
 import java.util.Map;
 import java.util.TreeMap;
@@ -44,6 +47,12 @@ public class QpidJmsClient0xConnectionBuilder implements 
ConnectionBuilder
     private String _host = "localhost";
     private int _port;
     private int _sslPort;
+    private String _keyStoreLocation;
+    private String _keyStorePassword;
+    private String _trustStoreLocation;
+    private String _trustStorePassword;
+    private Boolean _verifyHostName;
+    private String _keyAlias;
 
     @Override
     public ConnectionBuilder setHost(final String host)
@@ -179,6 +188,48 @@ public class QpidJmsClient0xConnectionBuilder implements 
ConnectionBuilder
     }
 
     @Override
+    public ConnectionBuilder setKeyStoreLocation(final String keyStoreLocation)
+    {
+        _keyStoreLocation = keyStoreLocation;
+        return this;
+    }
+
+    @Override
+    public ConnectionBuilder setKeyStorePassword(final String keyStorePassword)
+    {
+        _keyStorePassword = keyStorePassword;
+        return this;
+    }
+
+    @Override
+    public ConnectionBuilder setTrustStoreLocation(final String 
trustStoreLocation)
+    {
+        _trustStoreLocation = trustStoreLocation;
+        return this;
+    }
+
+    @Override
+    public ConnectionBuilder setTrustStorePassword(final String 
trustStorePassword)
+    {
+        _trustStorePassword = trustStorePassword;
+        return this;
+    }
+
+    @Override
+    public ConnectionBuilder setVerifyHostName(final boolean verifyHostName)
+    {
+        _verifyHostName = verifyHostName;
+        return this;
+    }
+
+    @Override
+    public ConnectionBuilder setKeyAlias(final String alias)
+    {
+        _keyAlias = alias;
+        return this;
+    }
+
+    @Override
     public Connection build() throws JMSException, NamingException
     {
         return buildConnectionFactory().createConnection(_username, _password);
@@ -224,6 +275,30 @@ public class QpidJmsClient0xConnectionBuilder implements 
ConnectionBuilder
         if (_enableTls)
         {
             cUrlBuilder.append(_sslPort).append("?ssl='true'");
+            if (_keyStoreLocation != null)
+            {
+                
cUrlBuilder.append("&key_store='").append(encodePathOption(_keyStoreLocation)).append('\'');
+            }
+            if (_keyStorePassword != null)
+            {
+                
cUrlBuilder.append("&key_store_password='").append(_keyStorePassword).append('\'');
+            }
+            if (_trustStoreLocation != null)
+            {
+                
cUrlBuilder.append("&trust_store='").append(encodePathOption(_trustStoreLocation)).append('\'');
+            }
+            if (_trustStorePassword != null)
+            {
+                
cUrlBuilder.append("&trust_store_password='").append(_trustStorePassword).append('\'');
+            }
+            if (_verifyHostName != null)
+            {
+                
cUrlBuilder.append("&ssl_verify_hostname='").append(_verifyHostName).append('\'');
+            }
+            if (_keyAlias != null)
+            {
+                
cUrlBuilder.append("&ssl_cert_alias='").append(_keyAlias).append('\'');
+            }
         }
         else
         {
@@ -272,8 +347,16 @@ public class QpidJmsClient0xConnectionBuilder implements 
ConnectionBuilder
         }
     }
 
-    String getBrokerDetails()
+    private String encodePathOption(final String canonicalPath)
     {
-        return "tcp://" + _host + ":" + _port;
+        try
+        {
+            return URLEncoder.encode(URLEncoder.encode(canonicalPath, 
StandardCharsets.UTF_8.name()).replace("+", "%20"),
+                                     StandardCharsets.UTF_8.name());
+        }
+        catch (UnsupportedEncodingException e)
+        {
+            throw new RuntimeException(e);
+        }
     }
 }

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClientConnectionBuilder.java
----------------------------------------------------------------------
diff --git 
a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClientConnectionBuilder.java
 
b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClientConnectionBuilder.java
index 2db1746..9adf0fa 100644
--- 
a/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClientConnectionBuilder.java
+++ 
b/systests/qpid-systests-jms-core/src/main/java/org/apache/qpid/systests/QpidJmsClientConnectionBuilder.java
@@ -193,6 +193,48 @@ public class QpidJmsClientConnectionBuilder implements 
ConnectionBuilder
     }
 
     @Override
+    public ConnectionBuilder setKeyStoreLocation(final String keyStoreLocation)
+    {
+        _options.put("transport.keyStoreLocation", keyStoreLocation);
+        return this;
+    }
+
+    @Override
+    public ConnectionBuilder setKeyStorePassword(final String keyStorePassword)
+    {
+        _options.put("transport.keyStorePassword", keyStorePassword);
+        return this;
+    }
+
+    @Override
+    public ConnectionBuilder setTrustStoreLocation(final String 
trustStoreLocation)
+    {
+        _options.put("transport.trustStoreLocation", trustStoreLocation);
+        return this;
+    }
+
+    @Override
+    public ConnectionBuilder setTrustStorePassword(final String 
trustStorePassword)
+    {
+        _options.put("transport.trustStorePassword", trustStorePassword);
+        return this;
+    }
+
+    @Override
+    public ConnectionBuilder setVerifyHostName(final boolean verifyHostName)
+    {
+        _options.put("transport.verifyHost", verifyHostName);
+        return this;
+    }
+
+    @Override
+    public ConnectionBuilder setKeyAlias(final String alias)
+    {
+        _options.put("transport.keyAlias", alias);
+        return this;
+    }
+
+    @Override
     public Connection build() throws NamingException, JMSException
     {
         return buildConnectionFactory().createConnection();

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/qpid-systests-jms_1.1/pom.xml
----------------------------------------------------------------------
diff --git a/systests/qpid-systests-jms_1.1/pom.xml 
b/systests/qpid-systests-jms_1.1/pom.xml
index b853c1f..cc07920 100644
--- a/systests/qpid-systests-jms_1.1/pom.xml
+++ b/systests/qpid-systests-jms_1.1/pom.xml
@@ -104,6 +104,30 @@
                     </systemPropertyVariables>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-resources-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>copy-test-profile-resources</id>
+                        <phase>generate-resources</phase>
+                        <goals>
+                            <goal>copy-resources</goal>
+                        </goals>
+                        <configuration>
+                            
<outputDirectory>${java.io.tmpdir}</outputDirectory>
+                            <resources>
+                                <resource>
+                                    
<directory>${project.basedir}/../..</directory>
+                                    <includes>
+                                        <include>test-profiles/</include>
+                                    </includes>
+                                </resource>
+                            </resources>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
         </plugins>
     </build>
 

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/queue/ProducerFlowControlTest.java
----------------------------------------------------------------------
diff --git 
a/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/queue/ProducerFlowControlTest.java
 
b/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/queue/ProducerFlowControlTest.java
index 6f76755..c7362ff 100644
--- 
a/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/queue/ProducerFlowControlTest.java
+++ 
b/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/queue/ProducerFlowControlTest.java
@@ -407,7 +407,7 @@ public class ProducerFlowControlTest extends JmsTestBase
 
     private boolean isFlowStopped(final String queueName) throws Exception
     {
-        Map<String, Object> attributes = 
readEntityUsingAmqpManagement("org.apache.qpid.Queue", queueName, false);
+        Map<String, Object> attributes = 
readEntityUsingAmqpManagement(queueName, "org.apache.qpid.Queue", false);
         return Boolean.TRUE.equals(attributes.get("queueFlowStopped"));
     }
 
@@ -467,7 +467,7 @@ public class ProducerFlowControlTest extends JmsTestBase
         boolean found = false;
         do
         {
-            Map<String, Object> attributes = 
readEntityUsingAmqpManagement("org.apache.qpid.Queue", queueName, false);
+            Map<String, Object> attributes = 
readEntityUsingAmqpManagement(queueName, "org.apache.qpid.Queue", false);
             Object actualValue = attributes.get(attributeName);
             if (expectedValue == null)
             {

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/tls/TlsTest.java
----------------------------------------------------------------------
diff --git 
a/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/tls/TlsTest.java
 
b/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/tls/TlsTest.java
new file mode 100644
index 0000000..e10aecb
--- /dev/null
+++ 
b/systests/qpid-systests-jms_1.1/src/test/java/org/apache/qpid/systests/jms_1_1/extensions/tls/TlsTest.java
@@ -0,0 +1,694 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.qpid.systests.jms_1_1.extensions.tls;
+
+import static 
org.apache.qpid.test.utils.TestSSLConstants.BROKER_KEYSTORE_PASSWORD;
+import static 
org.apache.qpid.test.utils.TestSSLConstants.BROKER_TRUSTSTORE_PASSWORD;
+import static org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE_PASSWORD;
+import static org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE_PASSWORD;
+import static org.hamcrest.CoreMatchers.anyOf;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.CoreMatchers.not;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
+import static org.junit.Assume.assumeThat;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.InputStream;
+import java.net.InetSocketAddress;
+import java.nio.file.Files;
+import java.security.Key;
+import java.security.cert.Certificate;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.jms.Connection;
+import javax.jms.JMSException;
+import javax.jms.Session;
+import javax.xml.bind.DatatypeConverter;
+
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import org.apache.qpid.server.model.Port;
+import org.apache.qpid.server.model.Protocol;
+import org.apache.qpid.server.security.FileKeyStore;
+import org.apache.qpid.server.security.FileTrustStore;
+import org.apache.qpid.systests.JmsTestBase;
+import org.apache.qpid.test.utils.TestSSLConstants;
+import org.apache.qpid.tests.utils.BrokerAdmin;
+
+public class TlsTest extends JmsTestBase
+{
+    private static final String TEST_PROFILE_RESOURCE_BASE = 
System.getProperty("java.io.tmpdir") + "/";
+    private static final String BROKER_KEYSTORE =
+            TEST_PROFILE_RESOURCE_BASE + 
org.apache.qpid.test.utils.TestSSLConstants.BROKER_KEYSTORE;
+    private static final String BROKER_TRUSTSTORE =
+            TEST_PROFILE_RESOURCE_BASE + 
org.apache.qpid.test.utils.TestSSLConstants.BROKER_TRUSTSTORE;
+    private static final String KEYSTORE =
+            TEST_PROFILE_RESOURCE_BASE + 
org.apache.qpid.test.utils.TestSSLConstants.KEYSTORE;
+    private static final String TRUSTSTORE =
+            TEST_PROFILE_RESOURCE_BASE + 
org.apache.qpid.test.utils.TestSSLConstants.TRUSTSTORE;
+
+    @BeforeClass
+    public static void setUp() throws Exception
+    {
+        System.setProperty("javax.net.debug", "ssl");
+
+        // workaround for QPID-8069
+        if (getProtocol() != Protocol.AMQP_1_0 && getProtocol() != 
Protocol.AMQP_0_10)
+        {
+            System.setProperty("amqj.MaximumStateWait", "4000");
+        }
+    }
+
+    @AfterClass
+    public static void tearDown() throws Exception
+    {
+        System.clearProperty("javax.net.debug");
+        if (getProtocol() != Protocol.AMQP_1_0)
+        {
+            System.clearProperty("amqj.MaximumStateWait");
+        }
+    }
+
+    @Test
+    public void testCreateSSLConnectionUsingConnectionURLParams() throws 
Exception
+    {
+        //Start the broker (NEEDing client certificate authentication)
+        int port = configureTlsPort(getTestPortName(), true, false, false);
+
+        InetSocketAddress brokerAddress = 
getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
+        Connection connection = getConnectionBuilder().setSslPort(port)
+                                                      
.setHost(brokerAddress.getHostName())
+                                                      .setTls(true)
+                                                      
.setKeyStoreLocation(KEYSTORE)
+                                                      
.setKeyStorePassword(KEYSTORE_PASSWORD)
+                                                      
.setTrustStoreLocation(TRUSTSTORE)
+                                                      
.setTrustStorePassword(TRUSTSTORE_PASSWORD)
+                                                      .build();
+        try
+        {
+            assertConnection(connection);
+        }
+        finally
+        {
+            connection.close();
+        }
+    }
+
+    @Test
+    public void testCreateSSLConnectionWithCertificateTrust() throws Exception
+    {
+        assumeThat("Qpid JMS Client does not support trusting of a 
certificate",
+                   getProtocol(),
+                   is(not(equalTo(Protocol.AMQP_1_0))));
+
+        int port = configureTlsPort(getTestPortName(), false, false, false);
+        File trustCertFile = extractCertFileFromTestTrustStore();
+
+        InetSocketAddress brokerAddress = 
getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
+        Connection connection = getConnectionBuilder().setSslPort(port)
+                                                      
.setHost(brokerAddress.getHostName())
+                                                      .setTls(true)
+                                                      
.setOptions(Collections.singletonMap("trusted_certs_path",
+                                                                               
            trustCertFile.getCanonicalPath()))
+                                                      .build();
+        try
+        {
+            assertConnection(connection);
+        }
+        finally
+        {
+            connection.close();
+        }
+    }
+
+    @Test
+    public void testSSLConnectionToPlainPortRejected() throws Exception
+    {
+        assumeThat("QPID-8069", getProtocol(), 
is(anyOf(equalTo(Protocol.AMQP_1_0), equalTo(Protocol.AMQP_0_10))));
+
+        setSslStoreSystemProperties();
+        try
+        {
+            InetSocketAddress brokerAddress = 
getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
+            getConnectionBuilder().setSslPort(brokerAddress.getPort())
+                                  .setHost(brokerAddress.getHostName())
+                                  .setTls(true)
+                                  .build();
+
+            fail("Exception not thrown");
+        }
+        catch (JMSException e)
+        {
+            // PASS
+        }
+        finally
+        {
+            clearSslStoreSystemProperties();
+        }
+    }
+
+    @Test
+    public void testHostVerificationIsOnByDefault() throws Exception
+    {
+        assumeThat("QPID-8069", getProtocol(), 
is(anyOf(equalTo(Protocol.AMQP_1_0), equalTo(Protocol.AMQP_0_10))));
+
+        //Start the broker (NEEDing client certificate authentication)
+        int port = configureTlsPort(getTestPortName(), true, false, false);
+
+        try
+        {
+            getConnectionBuilder().setSslPort(port)
+                                  .setHost("127.0.0.1")
+                                  .setTls(true)
+                                  .setKeyStoreLocation(KEYSTORE)
+                                  .setKeyStorePassword(KEYSTORE_PASSWORD)
+                                  .setTrustStoreLocation(TRUSTSTORE)
+                                  .setTrustStorePassword(TRUSTSTORE_PASSWORD)
+                                  .build();
+            fail("Exception not thrown");
+        }
+        catch (JMSException e)
+        {
+            // PASS
+        }
+
+        Connection connection = getConnectionBuilder().setSslPort(port)
+                                                      .setHost("127.0.0.1")
+                                                      .setTls(true)
+                                                      
.setKeyStoreLocation(KEYSTORE)
+                                                      
.setKeyStorePassword(KEYSTORE_PASSWORD)
+                                                      
.setTrustStoreLocation(TRUSTSTORE)
+                                                      
.setTrustStorePassword(TRUSTSTORE_PASSWORD)
+                                                      .setVerifyHostName(false)
+                                                      .build();
+        try
+        {
+            assertConnection(connection);
+        }
+        finally
+        {
+            connection.close();
+        }
+    }
+
+    @Test
+    public void testCreateSslConnectionUsingJVMSettings() throws Exception
+    {
+        //Start the broker (NEEDing client certificate authentication)
+        int port = configureTlsPort(getTestPortName(), true, false, false);
+        setSslStoreSystemProperties();
+        try
+        {
+            Connection connection = getConnectionBuilder().setSslPort(port)
+                                                          .setTls(true)
+                                                          .build();
+            try
+            {
+                assertConnection(connection);
+            }
+            finally
+            {
+                connection.close();
+            }
+        }
+        finally
+        {
+            clearSslStoreSystemProperties();
+        }
+    }
+
+    @Test
+    public void testMultipleCertsInSingleStore() throws Exception
+    {
+        //Start the broker (NEEDing client certificate authentication)
+        int port = configureTlsPort(getTestPortName(), true, false, false);
+        setSslStoreSystemProperties();
+        try
+        {
+            Connection connection = 
getConnectionBuilder().setClientId(getTestName())
+                                                          .setSslPort(port)
+                                                          .setTls(true)
+                                                          
.setKeyAlias(TestSSLConstants.CERT_ALIAS_APP1)
+                                                          .build();
+            try
+            {
+                assertConnection(connection);
+            }
+            finally
+            {
+                connection.close();
+            }
+
+            Connection connection2 = getConnectionBuilder().setSslPort(port)
+                                                           .setTls(true)
+                                                           
.setKeyAlias(TestSSLConstants.CERT_ALIAS_APP2)
+                                                           .build();
+            try
+            {
+                assertConnection(connection2);
+            }
+            finally
+            {
+                connection2.close();
+            }
+        }
+        finally
+        {
+            clearSslStoreSystemProperties();
+        }
+    }
+
+    @Test
+    public void testVerifyHostNameWithIncorrectHostname() throws Exception
+    {
+        assumeThat("QPID-8069", getProtocol(), 
is(anyOf(equalTo(Protocol.AMQP_1_0), equalTo(Protocol.AMQP_0_10))));
+
+        //Start the broker (WANTing client certificate authentication)
+        int port = configureTlsPort(getTestPortName(), false, true, false);
+
+        setSslStoreSystemProperties();
+        try
+        {
+            getConnectionBuilder().setSslPort(port)
+                                  .setHost("127.0.0.1")
+                                  .setTls(true)
+                                  .setVerifyHostName(true)
+                                  .build();
+            fail("Exception not thrown");
+        }
+        catch (JMSException e)
+        {
+            // PASS
+        }
+        finally
+        {
+            clearSslStoreSystemProperties();
+        }
+    }
+
+    @Test
+    public void testVerifyLocalHost() throws Exception
+    {
+        //Start the broker (WANTing client certificate authentication)
+        int port = configureTlsPort(getTestPortName(), false, true, false);
+
+        setSslStoreSystemProperties();
+        try
+        {
+            Connection connection = getConnectionBuilder().setSslPort(port)
+                                                          .setHost("localhost")
+                                                          .setTls(true)
+                                                          .build();
+            try
+            {
+                assertConnection(connection);
+            }
+            finally
+            {
+                connection.close();
+            }
+        }
+        finally
+        {
+            clearSslStoreSystemProperties();
+        }
+    }
+
+    @Test
+    public void 
testCreateSSLConnectionUsingConnectionURLParamsTrustStoreOnly() throws Exception
+    {
+        //Start the broker (WANTing client certificate authentication)
+        int port = configureTlsPort(getTestPortName(), false, true, false);
+
+        InetSocketAddress brokerAddress = 
getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
+        Connection connection = getConnectionBuilder().setSslPort(port)
+                                                      
.setHost(brokerAddress.getHostName())
+                                                      .setTls(true)
+                                                      
.setTrustStoreLocation(TRUSTSTORE)
+                                                      
.setTrustStorePassword(TRUSTSTORE_PASSWORD)
+                                                      .build();
+        try
+        {
+            assertConnection(connection);
+        }
+        finally
+        {
+            connection.close();
+        }
+    }
+
+    @Test
+    public void testClientCertificateMissingWhilstNeeding() throws Exception
+    {
+        assumeThat("QPID-8069", getProtocol(), 
is(anyOf(equalTo(Protocol.AMQP_1_0), equalTo(Protocol.AMQP_0_10))));
+
+        //Start the broker (NEEDing client certificate authentication)
+        int port = configureTlsPort(getTestPortName(), true, false, false);
+
+        try
+        {
+            getConnectionBuilder().setSslPort(port)
+                                  
.setHost(getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP).getHostName())
+                                  .setTls(true)
+                                  .setTrustStoreLocation(TRUSTSTORE)
+                                  .setTrustStorePassword(TRUSTSTORE_PASSWORD)
+                                  .build();
+            fail("Connection was established successfully");
+        }
+        catch (JMSException e)
+        {
+            // PASS
+        }
+    }
+
+    @Test
+    public void testClientCertificateMissingWhilstWanting() throws Exception
+    {
+        //Start the broker (WANTing client certificate authentication)
+        int port = configureTlsPort(getTestPortName(), false, true, false);
+
+        InetSocketAddress brokerAddress = 
getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
+        Connection connection = getConnectionBuilder().setSslPort(port)
+                                                      
.setHost(brokerAddress.getHostName())
+                                                      .setTls(true)
+                                                      
.setTrustStoreLocation(TRUSTSTORE)
+                                                      
.setTrustStorePassword(TRUSTSTORE_PASSWORD)
+                                                      .build();
+        try
+        {
+            assertConnection(connection);
+        }
+        finally
+        {
+            connection.close();
+        }
+    }
+
+    @Test
+    public void testClientCertMissingWhilstWantingAndNeeding() throws Exception
+    {
+        assumeThat("QPID-8069", getProtocol(), 
is(anyOf(equalTo(Protocol.AMQP_1_0), equalTo(Protocol.AMQP_0_10))));
+        //Start the broker (NEEDing and WANTing client certificate 
authentication)
+        int port = configureTlsPort(getTestPortName(), true, true, false);
+
+        try
+        {
+            getConnectionBuilder().setSslPort(port)
+                                  
.setHost(getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP).getHostName())
+                                  .setTls(true)
+                                  .setTrustStoreLocation(TRUSTSTORE)
+                                  .setTrustStorePassword(TRUSTSTORE_PASSWORD)
+                                  .build();
+            fail("Connection was established successfully");
+        }
+        catch (JMSException e)
+        {
+            // PASS
+        }
+    }
+
+    @Test
+    public void testCreateSSLandTCPonSamePort() throws Exception
+    {
+
+        //Start the broker (WANTing client certificate authentication)
+        int port = configureTlsPort(getTestPortName(), false, true, true);
+
+        InetSocketAddress brokerAddress = 
getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
+        Connection connection = getConnectionBuilder().setSslPort(port)
+                                                      
.setHost(brokerAddress.getHostName())
+                                                      .setTls(true)
+                                                      
.setKeyStoreLocation(KEYSTORE)
+                                                      
.setKeyStorePassword(KEYSTORE_PASSWORD)
+                                                      
.setTrustStoreLocation(TRUSTSTORE)
+                                                      
.setTrustStorePassword(TRUSTSTORE_PASSWORD)
+                                                      .build();
+        try
+        {
+            assertConnection(connection);
+        }
+        finally
+        {
+            connection.close();
+        }
+
+        Connection connection2 = getConnectionBuilder().setPort(port)
+                                                       
.setHost(brokerAddress.getHostName())
+                                                       .build();
+        try
+        {
+            assertConnection(connection2);
+        }
+        finally
+        {
+            connection2.close();
+        }
+    }
+
+    @Test
+    public void testCreateSSLWithCertFileAndPrivateKey() throws Exception
+    {
+        assumeThat("Qpid JMS Client does not support trusting of a 
certificate",
+                   getProtocol(),
+                   is(not(equalTo(Protocol.AMQP_1_0))));
+
+        //Start the broker (NEEDing client certificate authentication)
+        int port = configureTlsPort(getTestPortName(), true, false, false);
+
+        clearSslStoreSystemProperties();
+        File[] certAndKeyFiles = extractResourcesFromTestKeyStore();
+        final Map<String, String> options = new HashMap<>();
+        options.put("client_cert_path", certAndKeyFiles[1].getCanonicalPath());
+        options.put("client_cert_priv_key_path", 
certAndKeyFiles[0].getCanonicalPath());
+        InetSocketAddress brokerAddress = 
getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP);
+        Connection connection = getConnectionBuilder().setSslPort(port)
+                                                      
.setHost(brokerAddress.getHostName())
+                                                      .setTls(true)
+                                                      
.setTrustStoreLocation(TRUSTSTORE)
+                                                      
.setTrustStorePassword(TRUSTSTORE_PASSWORD)
+                                                      .setVerifyHostName(false)
+                                                      .setOptions(options)
+                                                      .build();
+        try
+        {
+            assertConnection(connection);
+        }
+        finally
+        {
+            connection.close();
+        }
+    }
+
+
+    private int configureTlsPort(final String portName,
+                                 final boolean needClientAuth,
+                                 final boolean wantClientAuth,
+                                 final boolean samePort) throws Exception
+    {
+
+        Connection connection = 
getConnectionBuilder().setVirtualHost("$management").build();
+        try
+        {
+            connection.start();
+            return createPort(portName, needClientAuth, wantClientAuth, 
samePort, connection);
+        }
+        finally
+        {
+            connection.close();
+        }
+    }
+
+    private int createPort(final String portName,
+                           final boolean needClientAuth,
+                           final boolean wantClientAuth,
+                           final boolean plainAndSsl,
+                           Connection connection) throws Exception
+    {
+        String keyStoreName = portName + "KeyStore";
+        String trustStoreName = portName + "TrustStore";
+        String authenticationProvider = null;
+
+        List<Map<String, Object>> ports = 
queryEntitiesUsingAmqpManagement("org.apache.qpid.AmqpPort", connection);
+        for (Map<String, Object> port : ports)
+        {
+            String name = String.valueOf(port.get(Port.NAME));
+
+            Map<String, Object> attributes =
+                    readEntityUsingAmqpManagement(name, 
"org.apache.qpid.AmqpPort", false, connection);
+            if (attributes.get("boundPort")
+                          
.equals(getBrokerAdmin().getBrokerAddress(BrokerAdmin.PortType.AMQP).getPort()))
+            {
+                authenticationProvider = 
String.valueOf(attributes.get(Port.AUTHENTICATION_PROVIDER));
+                break;
+            }
+        }
+
+        final Map<String, Object> keyStoreAttributes = new HashMap<>();
+        keyStoreAttributes.put("storeUrl", BROKER_KEYSTORE);
+        keyStoreAttributes.put("password", BROKER_KEYSTORE_PASSWORD);
+        createEntity(keyStoreName, FileKeyStore.class.getName(), 
keyStoreAttributes, connection);
+
+        final Map<String, Object> trustStoreAttributes = new HashMap<>();
+        trustStoreAttributes.put("storeUrl", BROKER_TRUSTSTORE);
+        trustStoreAttributes.put("password", BROKER_TRUSTSTORE_PASSWORD);
+        createEntity(trustStoreName, FileTrustStore.class.getName(), 
trustStoreAttributes, connection);
+
+        Map<String, Object> sslPortAttributes = new HashMap<>();
+        sslPortAttributes.put(Port.TRANSPORTS, plainAndSsl ? 
"[\"SSL\",\"TCP\"]" : "[\"SSL\"]");
+        sslPortAttributes.put(Port.PORT, 0);
+        sslPortAttributes.put(Port.AUTHENTICATION_PROVIDER, 
authenticationProvider);
+        sslPortAttributes.put(Port.NEED_CLIENT_AUTH, needClientAuth);
+        sslPortAttributes.put(Port.WANT_CLIENT_AUTH, wantClientAuth);
+        sslPortAttributes.put(Port.NAME, portName);
+        sslPortAttributes.put(Port.KEY_STORE, keyStoreName);
+        sslPortAttributes.put(Port.TRUST_STORES, "[\"" + trustStoreName + 
"\"]");
+        createEntity(portName, "org.apache.qpid.AmqpPort", sslPortAttributes, 
connection);
+
+        Map<String, Object> portEffectiveAttributes =
+                readEntityUsingAmqpManagement(portName, 
"org.apache.qpid.AmqpPort", false, connection);
+        if (portEffectiveAttributes.containsKey("boundPort"))
+        {
+            return (int) portEffectiveAttributes.get("boundPort");
+        }
+        throw new RuntimeException("Bound port is not found");
+    }
+
+    private void setSslStoreSystemProperties()
+    {
+        System.setProperty("javax.net.ssl.keyStore", KEYSTORE);
+        System.setProperty("javax.net.ssl.keyStorePassword", 
KEYSTORE_PASSWORD);
+        System.setProperty("javax.net.ssl.trustStore", TRUSTSTORE);
+        System.setProperty("javax.net.ssl.trustStorePassword", 
TRUSTSTORE_PASSWORD);
+    }
+
+    private void clearSslStoreSystemProperties()
+    {
+        System.clearProperty("javax.net.ssl.keyStore");
+        System.clearProperty("javax.net.ssl.keyStorePassword");
+        System.clearProperty("javax.net.ssl.trustStore");
+        System.clearProperty("javax.net.ssl.trustStorePassword");
+    }
+
+    private File[] extractResourcesFromTestKeyStore() throws Exception
+    {
+        java.security.KeyStore ks = 
java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
+        try (InputStream is = new FileInputStream(KEYSTORE))
+        {
+            ks.load(is, KEYSTORE_PASSWORD.toCharArray());
+        }
+
+        File privateKeyFile = Files.createTempFile(getTestName(), 
".private-key.der").toFile();
+        try (FileOutputStream kos = new FileOutputStream(privateKeyFile))
+        {
+            Key pvt = ks.getKey(TestSSLConstants.CERT_ALIAS_APP1, 
KEYSTORE_PASSWORD.toCharArray());
+            kos.write("-----BEGIN PRIVATE KEY-----\n".getBytes());
+            String base64encoded = 
DatatypeConverter.printBase64Binary(pvt.getEncoded());
+            while (base64encoded.length() > 76)
+            {
+                kos.write(base64encoded.substring(0, 76).getBytes());
+                kos.write("\n".getBytes());
+                base64encoded = base64encoded.substring(76);
+            }
+
+            kos.write(base64encoded.getBytes());
+            kos.write("\n-----END PRIVATE KEY-----".getBytes());
+            kos.flush();
+        }
+
+        File certificateFile = Files.createTempFile(getTestName(), 
".certificate.der").toFile();
+        try (FileOutputStream cos = new FileOutputStream(certificateFile))
+        {
+            Certificate[] chain = 
ks.getCertificateChain(TestSSLConstants.CERT_ALIAS_APP1);
+            for (Certificate pub : chain)
+            {
+                cos.write("-----BEGIN CERTIFICATE-----\n".getBytes());
+                String base64encoded = 
DatatypeConverter.printBase64Binary(pub.getEncoded());
+                while (base64encoded.length() > 76)
+                {
+                    cos.write(base64encoded.substring(0, 76).getBytes());
+                    cos.write("\n".getBytes());
+                    base64encoded = base64encoded.substring(76);
+                }
+                cos.write(base64encoded.getBytes());
+
+                cos.write("\n-----END CERTIFICATE-----\n".getBytes());
+            }
+            cos.flush();
+        }
+
+        return new File[]{privateKeyFile, certificateFile};
+    }
+
+    private File extractCertFileFromTestTrustStore() throws Exception
+    {
+        java.security.KeyStore ks = 
java.security.KeyStore.getInstance(java.security.KeyStore.getDefaultType());
+        try (InputStream is = new FileInputStream(TRUSTSTORE))
+        {
+            ks.load(is, TRUSTSTORE_PASSWORD.toCharArray());
+        }
+
+        File certificateFile = Files.createTempFile(getTestName(), 
".crt").toFile();
+
+        try (FileOutputStream cos = new FileOutputStream(certificateFile))
+        {
+
+            for (String alias : Collections.list(ks.aliases()))
+            {
+                Certificate pub = ks.getCertificate(alias);
+                cos.write("-----BEGIN CERTIFICATE-----\n".getBytes());
+                String base64encoded = 
DatatypeConverter.printBase64Binary(pub.getEncoded());
+                while (base64encoded.length() > 76)
+                {
+                    cos.write(base64encoded.substring(0, 76).getBytes());
+                    cos.write("\n".getBytes());
+                    base64encoded = base64encoded.substring(76);
+                }
+                cos.write(base64encoded.getBytes());
+
+                cos.write("\n-----END CERTIFICATE-----\n".getBytes());
+            }
+            cos.flush();
+        }
+
+        return certificateFile;
+    }
+
+    private String getTestPortName()
+    {
+        return getTestName() + "TlsPort";
+    }
+
+    private void assertConnection(final Connection connection) throws 
JMSException
+    {
+        assertNotNull("connection should be successful", connection);
+        Session session = connection.createSession(false, 
Session.AUTO_ACKNOWLEDGE);
+        assertNotNull("create session should be successful", session);
+    }
+}

http://git-wip-us.apache.org/repos/asf/qpid-broker-j/blob/0904d669/systests/src/main/java/org/apache/qpid/test/utils/QpidBrokerTestCase.java
----------------------------------------------------------------------
diff --git 
a/systests/src/main/java/org/apache/qpid/test/utils/QpidBrokerTestCase.java 
b/systests/src/main/java/org/apache/qpid/test/utils/QpidBrokerTestCase.java
index 7c7aaa1..fe53a24 100755
--- a/systests/src/main/java/org/apache/qpid/test/utils/QpidBrokerTestCase.java
+++ b/systests/src/main/java/org/apache/qpid/test/utils/QpidBrokerTestCase.java
@@ -106,7 +106,7 @@ public class QpidBrokerTestCase extends QpidTestCase
     {
         try
         {
-            _managementFacade = new AmqpManagementFacade(isBroker10() ? 
"$management" : "ADDR:$management");
+            _managementFacade = new AmqpManagementFacade(BROKER_PROTOCOL);
             _jmsProvider = isBroker10() ? new 
QpidJmsClientProvider(_managementFacade) : new QpidJmsClient0xProvider();
 
             _defaultBroker = new 
BrokerHolderFactory().create(DEFAULT_BROKER_TYPE, DEFAULT_PORT, this);


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[4/4] qpid-broker-j git commit: QPID-6933: [System Tests] Refactor TLS tests as JMS 1.1 system test

Reply via email to