gresockj commented on a change in pull request #4976:
URL: https://github.com/apache/nifi/pull/4976#discussion_r608586502
##########
File path:
nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/test/java/org/apache/nifi/processors/standard/TestListenHTTP.java
##########
@@ -298,6 +299,56 @@ public void
testSecureTwoWaySslPOSTRequestsReceivedWithoutEL() throws Exception
testPOSTRequestsReceived(HttpServletResponse.SC_OK, true, true);
}
+ @Test
+ public void
testSecureTwoWaySslPOSTRequestsReceivedWithAuthorizedSubjectDn() throws
Exception {
+
configureProcessorSslContextService(ListenHTTP.ClientAuthentication.REQUIRED,
serverConfiguration);
+
+ runner.setProperty(ListenHTTP.PORT, Integer.toString(availablePort));
+ runner.setProperty(ListenHTTP.AUTHORIZED_DN_PATTERN, LOCALHOST_DN);
+ runner.setProperty(ListenHTTP.BASE_PATH, HTTP_BASE_PATH);
+ runner.assertValid();
+
+ testPOSTRequestsReceived(HttpServletResponse.SC_OK, true, true);
+ }
+
+ @Test
+ public void
testSecureTwoWaySslPOSTRequestsReceivedWithUnauthorizedSubjectDn() throws
Exception {
+
configureProcessorSslContextService(ListenHTTP.ClientAuthentication.REQUIRED,
serverConfiguration);
+
+ runner.setProperty(ListenHTTP.PORT, Integer.toString(availablePort));
+ runner.setProperty(ListenHTTP.AUTHORIZED_DN_PATTERN, "CN=other");
+ runner.setProperty(ListenHTTP.BASE_PATH, HTTP_BASE_PATH);
+ runner.assertValid();
+
+ testPOSTRequestsReceived(HttpServletResponse.SC_FORBIDDEN, true, true);
+ }
+
+ @Test
+ public void
testSecureTwoWaySslPOSTRequestsReceivedWithAuthorizedIssuerDn() throws
Exception {
Review comment:
I wanted to show that configuring the subject and issuer DN patterns to
something other than .* would actually work if the patterns matched, so I'd
like to keep this one.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
