You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ud...@apache.org on 2016/09/28 18:53:00 UTC
incubator-geode git commit: GEODE-1941: Added tests for SSL config
for SocketFactory
Repository: incubator-geode
Updated Branches:
refs/heads/develop 8c7efba86 -> 7254cf3fb
GEODE-1941: Added tests for SSL config for SocketFactory
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/7254cf3f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/7254cf3f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/7254cf3f
Branch: refs/heads/develop
Commit: 7254cf3fb0ceb2255650d96f2b0ed615118ef700
Parents: 8c7efba
Author: Udo Kohlmeyer <uk...@pivotal.io>
Authored: Thu Sep 29 04:52:54 2016 +1000
Committer: Udo Kohlmeyer <uk...@pivotal.io>
Committed: Thu Sep 29 04:52:54 2016 +1000
----------------------------------------------------------------------
.../net/SocketCreatorFactoryJUnitTest.java | 340 +++++++++++++------
1 file changed, 237 insertions(+), 103 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7254cf3f/geode-core/src/test/java/org/apache/geode/internal/net/SocketCreatorFactoryJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/net/SocketCreatorFactoryJUnitTest.java b/geode-core/src/test/java/org/apache/geode/internal/net/SocketCreatorFactoryJUnitTest.java
index 7405eae..232eb61 100644
--- a/geode-core/src/test/java/org/apache/geode/internal/net/SocketCreatorFactoryJUnitTest.java
+++ b/geode-core/src/test/java/org/apache/geode/internal/net/SocketCreatorFactoryJUnitTest.java
@@ -17,169 +17,168 @@
package org.apache.geode.internal.net;
import static org.apache.geode.distributed.ConfigurationProperties.*;
-import static org.apache.geode.internal.net.SocketCreatorFactory.*;
-import static org.apache.geode.internal.security.SecurableCommunicationChannel.*;
import static org.junit.Assert.*;
import java.io.File;
import java.io.IOException;
import java.util.Properties;
+import org.apache.geode.internal.security.SecurableCommunicationChannel;
+import org.apache.geode.test.junit.categories.UnitTest;
import org.junit.After;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.apache.geode.distributed.internal.DistributionConfigImpl;
-import org.apache.geode.test.junit.categories.IntegrationTest;
import org.apache.geode.util.test.TestUtil;
-@Category(IntegrationTest.class)
+@Category(UnitTest.class)
public class SocketCreatorFactoryJUnitTest {
@After
public void tearDown() throws Exception {
- close();
+ SocketCreatorFactory.close();
}
@Test
public void testNewSSLConfigSSLComponentLocator() throws Exception {
- Properties properties = configureSSLProperties(LOCATOR.getConstant());
+ Properties properties = configureSSLProperties(SecurableCommunicationChannel.LOCATOR.getConstant());
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- setDistributionConfig(distributionConfig);
-
- assertTrue(getSocketCreatorForComponent(LOCATOR).useSSL());
- assertFalse(getSocketCreatorForComponent(CLUSTER).useSSL());
- assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL());
- assertFalse(getSocketCreatorForComponent(JMX).useSSL());
- assertFalse(getSocketCreatorForComponent(SERVER).useSSL());
- assertFalse(getSocketCreatorForComponent(WEB).useSSL());
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
}
@Test
public void testNewSSLConfigSSLComponentALL() throws Exception {
- Properties properties = configureSSLProperties(ALL.getConstant());
+ Properties properties = configureSSLProperties(SecurableCommunicationChannel.ALL.getConstant());
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- setDistributionConfig(distributionConfig);
-
- assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL());
- assertTrue(getSocketCreatorForComponent(LOCATOR).useSSL());
- assertTrue(getSocketCreatorForComponent(GATEWAY).useSSL());
- assertTrue(getSocketCreatorForComponent(JMX).useSSL());
- assertTrue(getSocketCreatorForComponent(SERVER).useSSL());
- assertTrue(getSocketCreatorForComponent(WEB).useSSL());
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
}
@Test
public void testNewSSLConfigSSLComponentCLUSTER() throws Exception {
- Properties properties = configureSSLProperties(CLUSTER.getConstant());
+ Properties properties = configureSSLProperties(SecurableCommunicationChannel.CLUSTER.getConstant());
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- setDistributionConfig(distributionConfig);
-
- assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL());
- assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL());
- assertFalse(getSocketCreatorForComponent(JMX).useSSL());
- assertFalse(getSocketCreatorForComponent(SERVER).useSSL());
- assertFalse(getSocketCreatorForComponent(WEB).useSSL());
- assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL());
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
}
@Test
public void testNewSSLConfigSSLComponentGATEWAY() throws Exception {
- Properties properties = configureSSLProperties(GATEWAY.getConstant());
+ Properties properties = configureSSLProperties(SecurableCommunicationChannel.GATEWAY.getConstant());
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- setDistributionConfig(distributionConfig);
-
- assertFalse(getSocketCreatorForComponent(CLUSTER).useSSL());
- assertTrue(getSocketCreatorForComponent(GATEWAY).useSSL());
- assertFalse(getSocketCreatorForComponent(JMX).useSSL());
- assertFalse(getSocketCreatorForComponent(SERVER).useSSL());
- assertFalse(getSocketCreatorForComponent(WEB).useSSL());
- assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL());
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
}
@Test
public void testNewSSLConfigSSLComponentHTTP_SERVICE() throws Exception {
- Properties properties = configureSSLProperties(WEB.getConstant());
+ Properties properties = configureSSLProperties(SecurableCommunicationChannel.WEB.getConstant());
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- setDistributionConfig(distributionConfig);
-
- assertFalse(getSocketCreatorForComponent(CLUSTER).useSSL());
- assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL());
- assertFalse(getSocketCreatorForComponent(JMX).useSSL());
- assertFalse(getSocketCreatorForComponent(SERVER).useSSL());
- assertTrue(getSocketCreatorForComponent(WEB).useSSL());
- assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL());
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
}
@Test
public void testNewSSLConfigSSLComponentJMX() throws Exception {
- Properties properties = configureSSLProperties(JMX.getConstant());
+ Properties properties = configureSSLProperties(SecurableCommunicationChannel.JMX.getConstant());
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- setDistributionConfig(distributionConfig);
-
- assertFalse(getSocketCreatorForComponent(CLUSTER).useSSL());
- assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL());
- assertTrue(getSocketCreatorForComponent(JMX).useSSL());
- assertFalse(getSocketCreatorForComponent(SERVER).useSSL());
- assertFalse(getSocketCreatorForComponent(WEB).useSSL());
- assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL());
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
}
@Test
public void testNewSSLConfigSSLComponentSERVER() throws Exception {
- Properties properties = configureSSLProperties(SERVER.getConstant());
+ Properties properties = configureSSLProperties(SecurableCommunicationChannel.SERVER.getConstant());
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- setDistributionConfig(distributionConfig);
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
- assertFalse(getSocketCreatorForComponent(CLUSTER).useSSL());
- assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL());
- assertFalse(getSocketCreatorForComponent(JMX).useSSL());
- assertTrue(getSocketCreatorForComponent(SERVER).useSSL());
- assertFalse(getSocketCreatorForComponent(WEB).useSSL());
- assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
}
@Test
public void testNewSSLConfigSSLComponentCombinations1() throws Exception {
- Properties properties = configureSSLProperties(commaDelimitedString(CLUSTER.getConstant(), SERVER.getConstant()));
+ Properties properties = configureSSLProperties(commaDelimitedString(SecurableCommunicationChannel.CLUSTER.getConstant(), SecurableCommunicationChannel.SERVER.getConstant()));
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- setDistributionConfig(distributionConfig);
-
- assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL());
- assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL());
- assertFalse(getSocketCreatorForComponent(JMX).useSSL());
- assertTrue(getSocketCreatorForComponent(SERVER).useSSL());
- assertFalse(getSocketCreatorForComponent(WEB).useSSL());
- assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL());
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
}
@Test
public void testNewSSLConfigSSLComponentCombinations2() throws Exception {
- Properties properties = configureSSLProperties(commaDelimitedString(CLUSTER.getConstant(), SERVER.getConstant(), WEB.getConstant(), JMX.getConstant()));
+ Properties properties = configureSSLProperties(commaDelimitedString(SecurableCommunicationChannel.CLUSTER.getConstant(), SecurableCommunicationChannel.SERVER.getConstant(), SecurableCommunicationChannel.WEB.getConstant(), SecurableCommunicationChannel.JMX.getConstant()));
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- setDistributionConfig(distributionConfig);
-
- assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL());
- assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL());
- assertTrue(getSocketCreatorForComponent(JMX).useSSL());
- assertTrue(getSocketCreatorForComponent(SERVER).useSSL());
- assertTrue(getSocketCreatorForComponent(WEB).useSSL());
- assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL());
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
}
@Test
public void testNewSSLConfigSSLComponentAliasWithMultiKeyStore() throws Exception {
- Properties properties = configureSSLProperties(ALL.getConstant());
+ Properties properties = configureSSLProperties(SecurableCommunicationChannel.ALL.getConstant());
properties.setProperty(SSL_KEYSTORE, TestUtil.getResourcePath(getClass(), "/org/apache/geode/internal/net/multiKey.jks"));
properties.setProperty(SSL_TRUSTSTORE, TestUtil.getResourcePath(getClass(), "/org/apache/geode/internal/net/multiKeyTrust.jks"));
@@ -188,32 +187,32 @@ public class SocketCreatorFactoryJUnitTest {
properties.setProperty(SSL_DEFAULT_ALIAS, "serverKey");
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- setDistributionConfig(distributionConfig);
-
- assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL());
- assertTrue(getSocketCreatorForComponent(GATEWAY).useSSL());
- assertTrue(getSocketCreatorForComponent(JMX).useSSL());
- assertTrue(getSocketCreatorForComponent(SERVER).useSSL());
- assertTrue(getSocketCreatorForComponent(WEB).useSSL());
- assertTrue(getSocketCreatorForComponent(LOCATOR).useSSL());
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
}
@Test
public void testNewSSLConfigSSLComponentWithoutAliasWithMultiKeyStore() throws Exception {
- Properties properties = configureSSLProperties(ALL.getConstant());
+ Properties properties = configureSSLProperties(SecurableCommunicationChannel.ALL.getConstant());
properties.setProperty(SSL_KEYSTORE, TestUtil.getResourcePath(getClass(), "/org/apache/geode/internal/net/multiKey.jks"));
properties.setProperty(SSL_TRUSTSTORE, TestUtil.getResourcePath(getClass(), "/org/apache/geode/internal/net/multiKeyTrust.jks"));
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- setDistributionConfig(distributionConfig);
-
- assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL());
- assertTrue(getSocketCreatorForComponent(GATEWAY).useSSL());
- assertTrue(getSocketCreatorForComponent(JMX).useSSL());
- assertTrue(getSocketCreatorForComponent(SERVER).useSSL());
- assertTrue(getSocketCreatorForComponent(WEB).useSSL());
- assertTrue(getSocketCreatorForComponent(LOCATOR).useSSL());
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
}
private Properties configureSSLProperties(String sslComponents) throws IOException {
@@ -243,6 +242,141 @@ public class SocketCreatorFactoryJUnitTest {
return stringBuilder.substring(0, stringBuilder.length() - 1);
}
+ @Test
+ public void testLegacyServerSSLConfig() throws IOException {
+ File jks = findTestJKS();
+
+ Properties properties = new Properties();
+ properties.setProperty(MCAST_PORT, "0");
+ properties.setProperty(SERVER_SSL_REQUIRE_AUTHENTICATION, "true");
+ properties.setProperty(SERVER_SSL_ENABLED, "true");
+ properties.setProperty(SERVER_SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
+ properties.setProperty(SERVER_SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2");
+ properties.setProperty(SERVER_SSL_KEYSTORE, jks.getCanonicalPath());
+ properties.setProperty(SERVER_SSL_KEYSTORE_PASSWORD, "password");
+ properties.setProperty(SERVER_SSL_KEYSTORE_TYPE, "JKS");
+ properties.setProperty(SERVER_SSL_TRUSTSTORE, jks.getCanonicalPath());
+ properties.setProperty(SERVER_SSL_TRUSTSTORE_PASSWORD, "password");
+
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
+ }
+
+ @Test
+ public void testLegacyClusterSSLConfig() throws IOException {
+ File jks = findTestJKS();
+
+ Properties properties = new Properties();
+ properties.setProperty(MCAST_PORT, "0");
+ properties.setProperty(CLUSTER_SSL_REQUIRE_AUTHENTICATION, "true");
+ properties.setProperty(CLUSTER_SSL_ENABLED, "true");
+ properties.setProperty(CLUSTER_SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
+ properties.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2");
+ properties.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
+ properties.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
+ properties.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
+ properties.setProperty(CLUSTER_SSL_TRUSTSTORE, jks.getCanonicalPath());
+ properties.setProperty(CLUSTER_SSL_TRUSTSTORE_PASSWORD, "password");
+
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
+ }
+
+ @Test
+ public void testLegacyJMXSSLConfig() throws IOException {
+ File jks = findTestJKS();
+
+ Properties properties = new Properties();
+ properties.setProperty(MCAST_PORT, "0");
+ properties.setProperty(JMX_MANAGER_SSL_REQUIRE_AUTHENTICATION, "true");
+ properties.setProperty(JMX_MANAGER_SSL_ENABLED, "true");
+ properties.setProperty(JMX_MANAGER_SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
+ properties.setProperty(JMX_MANAGER_SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2");
+ properties.setProperty(JMX_MANAGER_SSL_KEYSTORE, jks.getCanonicalPath());
+ properties.setProperty(JMX_MANAGER_SSL_KEYSTORE_PASSWORD, "password");
+ properties.setProperty(JMX_MANAGER_SSL_KEYSTORE_TYPE, "JKS");
+ properties.setProperty(JMX_MANAGER_SSL_TRUSTSTORE, jks.getCanonicalPath());
+ properties.setProperty(JMX_MANAGER_SSL_TRUSTSTORE_PASSWORD, "password");
+
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
+ }
+
+ @Test
+ public void testLegacyGatewaySSLConfig() throws IOException {
+ File jks = findTestJKS();
+
+ Properties properties = new Properties();
+ properties.setProperty(MCAST_PORT, "0");
+ properties.setProperty(GATEWAY_SSL_REQUIRE_AUTHENTICATION, "true");
+ properties.setProperty(GATEWAY_SSL_ENABLED, "true");
+ properties.setProperty(GATEWAY_SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
+ properties.setProperty(GATEWAY_SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2");
+ properties.setProperty(GATEWAY_SSL_KEYSTORE, jks.getCanonicalPath());
+ properties.setProperty(GATEWAY_SSL_KEYSTORE_PASSWORD, "password");
+ properties.setProperty(GATEWAY_SSL_KEYSTORE_TYPE, "JKS");
+ properties.setProperty(GATEWAY_SSL_TRUSTSTORE, jks.getCanonicalPath());
+ properties.setProperty(GATEWAY_SSL_TRUSTSTORE_PASSWORD, "password");
+
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
+ }
+
+ @Test
+ public void testLegacyHttpServiceSSLConfig() throws IOException {
+ File jks = findTestJKS();
+
+ Properties properties = new Properties();
+ properties.setProperty(MCAST_PORT, "0");
+ properties.setProperty(HTTP_SERVICE_SSL_REQUIRE_AUTHENTICATION, "true");
+ properties.setProperty(HTTP_SERVICE_SSL_ENABLED, "true");
+ properties.setProperty(HTTP_SERVICE_SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
+ properties.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2");
+ properties.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath());
+ properties.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password");
+ properties.setProperty(HTTP_SERVICE_SSL_KEYSTORE_TYPE, "JKS");
+ properties.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE, jks.getCanonicalPath());
+ properties.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE_PASSWORD, "password");
+
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SocketCreatorFactory.setDistributionConfig(distributionConfig);
+
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
+ assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
+ assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
+ }
+
private File findTestJKS() {
return new File(TestUtil.getResourcePath(getClass(), "/ssl/trusted.keystore"));
}