You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@geode.apache.org by ud...@apache.org on 2016/09/20 06:58:39 UTC
[2/2] incubator-geode git commit: GEODE-420: Renaming
SSLConfigurationFactoryTest.java to SSLConfigurationFactoryJUnitTest.java
GEODE-420: Renaming SSLConfigurationFactoryTest.java to SSLConfigurationFactoryJUnitTest.java
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/61c6ae03
Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/61c6ae03
Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/61c6ae03
Branch: refs/heads/develop
Commit: 61c6ae0378310b970ecd5cd826f9bc3af8dde13e
Parents: ccb514c
Author: Udo Kohlmeyer <uk...@pivotal.io>
Authored: Tue Sep 20 16:58:05 2016 +1000
Committer: Udo Kohlmeyer <uk...@pivotal.io>
Committed: Tue Sep 20 16:58:05 2016 +1000
----------------------------------------------------------------------
.../net/SSLConfigurationFactoryJUnitTest.java | 220 +++++++++++++++++++
.../net/SSLConfigurationFactoryTest.java | 220 -------------------
2 files changed, 220 insertions(+), 220 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/61c6ae03/geode-core/src/test/java/org/apache/geode/internal/net/SSLConfigurationFactoryJUnitTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/net/SSLConfigurationFactoryJUnitTest.java b/geode-core/src/test/java/org/apache/geode/internal/net/SSLConfigurationFactoryJUnitTest.java
new file mode 100644
index 0000000..a0c2ef7
--- /dev/null
+++ b/geode-core/src/test/java/org/apache/geode/internal/net/SSLConfigurationFactoryJUnitTest.java
@@ -0,0 +1,220 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geode.internal.net;
+
+import static org.apache.geode.distributed.ConfigurationProperties.*;
+import static org.junit.Assert.*;
+
+import java.util.Properties;
+
+import org.apache.commons.lang.StringUtils;
+import org.junit.After;
+import org.junit.Test;
+import org.junit.experimental.categories.Category;
+
+import org.apache.geode.distributed.internal.DistributionConfig;
+import org.apache.geode.distributed.internal.DistributionConfigImpl;
+import org.apache.geode.internal.admin.SSLConfig;
+import org.apache.geode.internal.security.SecurableCommunicationChannel;
+import org.apache.geode.test.dunit.internal.JUnit4DistributedTestCase;
+import org.apache.geode.test.junit.categories.UnitTest;
+
+@Category(UnitTest.class)
+public class SSLConfigurationFactoryJUnitTest extends JUnit4DistributedTestCase {
+
+ @After
+ public void tearDownTest() {
+ SSLConfigurationFactory.close();
+ }
+
+ @Test
+ public void getSSLConfigWithCommaDelimitedProtocols() throws Exception {
+ Properties properties = new Properties();
+ properties.setProperty(SSL_ENABLED_COMPONENTS, "all");
+ properties.setProperty(SSL_KEYSTORE, "someKeyStore");
+ properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
+ properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
+ properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
+ properties.setProperty(SSL_CIPHERS, "Cipher1,Cipher2");
+ properties.setProperty(SSL_PROTOCOLS, "Protocol1,Protocol2");
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SSLConfigurationFactory.setDistributionConfig(distributionConfig);
+ for (SecurableCommunicationChannel securableComponent : SecurableCommunicationChannel.values()) {
+ assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableComponent), securableComponent, distributionConfig);
+ }
+ }
+
+ @Test
+ public void getSSLConfigWithCommaDelimitedCiphers() throws Exception {
+ Properties properties = new Properties();
+ properties.setProperty(SSL_ENABLED_COMPONENTS, "all");
+ properties.setProperty(SSL_KEYSTORE, "someKeyStore");
+ properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
+ properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
+ properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
+ properties.setProperty(SSL_CIPHERS, "Cipher1,Cipher2");
+ properties.setProperty(SSL_PROTOCOLS, "any");
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SSLConfigurationFactory.setDistributionConfig(distributionConfig);
+ for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
+ assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
+ }
+ }
+
+ @Test
+ public void getSSLConfigForComponentALL() throws Exception {
+ Properties properties = new Properties();
+ properties.setProperty(SSL_ENABLED_COMPONENTS, "all");
+ properties.setProperty(SSL_KEYSTORE, "someKeyStore");
+ properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
+ properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
+ properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
+ properties.setProperty(SSL_CIPHERS, "any");
+ properties.setProperty(SSL_PROTOCOLS, "any");
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SSLConfigurationFactory.setDistributionConfig(distributionConfig);
+ for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
+ assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
+ }
+ }
+
+ @Test
+ public void getSSLConfigForComponentHTTPService() throws Exception {
+ Properties properties = new Properties();
+ properties.setProperty(SSL_ENABLED_COMPONENTS, SecurableCommunicationChannel.WEB.getConstant());
+ properties.setProperty(SSL_KEYSTORE, "someKeyStore");
+ properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
+ properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
+ properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
+ properties.setProperty(SSL_CIPHERS, "any");
+ properties.setProperty(SSL_PROTOCOLS, "any");
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SSLConfigurationFactory.setDistributionConfig(distributionConfig);
+ for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
+ assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
+ }
+ }
+
+ @Test
+ public void getSSLConfigForComponentHTTPServiceWithAlias() throws Exception {
+ Properties properties = new Properties();
+ properties.setProperty(SSL_ENABLED_COMPONENTS, SecurableCommunicationChannel.WEB.getConstant());
+ properties.setProperty(SSL_KEYSTORE, "someKeyStore");
+ properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
+ properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
+ properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
+ properties.setProperty(SSL_WEB_ALIAS, "httpAlias");
+ properties.setProperty(SSL_CIPHERS, "any");
+ properties.setProperty(SSL_PROTOCOLS, "any");
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SSLConfigurationFactory.setDistributionConfig(distributionConfig);
+ for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
+ assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
+ }
+ }
+
+ @Test
+ public void getSSLConfigForComponentHTTPServiceWithMutualAuth() throws Exception {
+ Properties properties = new Properties();
+ properties.setProperty(SSL_ENABLED_COMPONENTS, SecurableCommunicationChannel.WEB.getConstant());
+ properties.setProperty(SSL_KEYSTORE, "someKeyStore");
+ properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
+ properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
+ properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
+ properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
+ properties.setProperty(SSL_WEB_ALIAS, "httpAlias");
+ properties.setProperty(SSL_HTTP_SERVICE_REQUIRE_AUTHENTICATION, "true");
+ properties.setProperty(SSL_CIPHERS, "any");
+ properties.setProperty(SSL_PROTOCOLS, "any");
+ DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
+ SSLConfigurationFactory.setDistributionConfig(distributionConfig);
+ for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
+ assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
+ }
+ }
+
+ private void assertSSLConfig(final Properties properties,
+ final SSLConfig sslConfig,
+ final SecurableCommunicationChannel expectedSecurableComponent,
+ final DistributionConfigImpl distributionConfig) {
+ assertEquals(isSSLComponentEnabled(expectedSecurableComponent, distributionConfig.getSecurableCommunicationChannels()), sslConfig.isEnabled());
+ assertEquals(properties.getProperty(SSL_KEYSTORE), sslConfig.getKeystore());
+ assertEquals(properties.getProperty(SSL_KEYSTORE_PASSWORD), sslConfig.getKeystorePassword());
+ assertEquals(properties.getProperty(SSL_KEYSTORE_TYPE), sslConfig.getKeystoreType());
+ assertEquals(properties.getProperty(SSL_TRUSTSTORE), sslConfig.getTruststore());
+ assertEquals(properties.getProperty(SSL_TRUSTSTORE_PASSWORD), sslConfig.getTruststorePassword());
+ assertEquals(properties.getProperty(SSL_CIPHERS).replace(","," "), sslConfig.getCiphers());
+ assertEquals(properties.getProperty(SSL_PROTOCOLS).replace(","," "), sslConfig.getProtocols());
+ assertEquals(getCorrectAlias(expectedSecurableComponent, properties), sslConfig.getAlias());
+ assertEquals(requiresAuthentication(properties, expectedSecurableComponent), sslConfig.isRequireAuth());
+ assertEquals(expectedSecurableComponent, sslConfig.getSecuredCommunicationChannel());
+ }
+
+ private boolean requiresAuthentication(final Properties properties, final SecurableCommunicationChannel expectedSecurableComponent) {
+ boolean defaultAuthentication = expectedSecurableComponent.equals(SecurableCommunicationChannel.WEB) ? DistributionConfig.DEFAULT_SSL_HTTP_SERVICE_REQUIRE_AUTHENTICATION : DistributionConfig.DEFAULT_SSL_REQUIRE_AUTHENTICATION;
+ String httpRequiresAuthentication = properties.getProperty(SSL_HTTP_SERVICE_REQUIRE_AUTHENTICATION);
+
+ return httpRequiresAuthentication == null ? defaultAuthentication : Boolean.parseBoolean(httpRequiresAuthentication);
+ }
+
+ private String getCorrectAlias(final SecurableCommunicationChannel expectedSecurableComponent, final Properties properties) {
+ switch (expectedSecurableComponent) {
+ case ALL:
+ return properties.getProperty(SSL_DEFAULT_ALIAS);
+ case CLUSTER:
+ return getAliasForComponent(properties, SSL_CLUSTER_ALIAS);
+ case GATEWAY:
+ return getAliasForComponent(properties, SSL_GATEWAY_ALIAS);
+ case WEB:
+ return getAliasForComponent(properties, SSL_WEB_ALIAS);
+ case JMX:
+ return getAliasForComponent(properties, SSL_JMX_ALIAS);
+ case LOCATOR:
+ return getAliasForComponent(properties, SSL_LOCATOR_ALIAS);
+ case SERVER:
+ return getAliasForComponent(properties, SSL_SERVER_ALIAS);
+ default:
+ return properties.getProperty(SSL_DEFAULT_ALIAS);
+ }
+ }
+
+ private String getAliasForComponent(final Properties properties, final String componentAliasProperty) {
+ String aliasProperty = properties.getProperty(componentAliasProperty);
+ return !StringUtils.isEmpty(aliasProperty) ? aliasProperty : properties.getProperty(SSL_DEFAULT_ALIAS);
+ }
+
+ private boolean isSSLComponentEnabled(final SecurableCommunicationChannel expectedSecurableComponent, final SecurableCommunicationChannel[] SecurableComponents) {
+ for (SecurableCommunicationChannel securableCommunicationChannel : SecurableComponents) {
+ if (securableCommunicationChannel.ALL.equals(securableCommunicationChannel) || securableCommunicationChannel.equals(expectedSecurableComponent)) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/61c6ae03/geode-core/src/test/java/org/apache/geode/internal/net/SSLConfigurationFactoryTest.java
----------------------------------------------------------------------
diff --git a/geode-core/src/test/java/org/apache/geode/internal/net/SSLConfigurationFactoryTest.java b/geode-core/src/test/java/org/apache/geode/internal/net/SSLConfigurationFactoryTest.java
deleted file mode 100644
index 47c5c18..0000000
--- a/geode-core/src/test/java/org/apache/geode/internal/net/SSLConfigurationFactoryTest.java
+++ /dev/null
@@ -1,220 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.geode.internal.net;
-
-import static org.apache.geode.distributed.ConfigurationProperties.*;
-import static org.junit.Assert.*;
-
-import java.util.Properties;
-
-import org.apache.commons.lang.StringUtils;
-import org.junit.After;
-import org.junit.Test;
-import org.junit.experimental.categories.Category;
-
-import org.apache.geode.distributed.internal.DistributionConfig;
-import org.apache.geode.distributed.internal.DistributionConfigImpl;
-import org.apache.geode.internal.admin.SSLConfig;
-import org.apache.geode.internal.security.SecurableCommunicationChannel;
-import org.apache.geode.test.dunit.internal.JUnit4DistributedTestCase;
-import org.apache.geode.test.junit.categories.UnitTest;
-
-@Category(UnitTest.class)
-public class SSLConfigurationFactoryTest extends JUnit4DistributedTestCase {
-
- @After
- public void tearDownTest() {
- SSLConfigurationFactory.close();
- }
-
- @Test
- public void getSSLConfigWithCommaDelimitedProtocols() throws Exception {
- Properties properties = new Properties();
- properties.setProperty(SSL_ENABLED_COMPONENTS, "all");
- properties.setProperty(SSL_KEYSTORE, "someKeyStore");
- properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
- properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
- properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
- properties.setProperty(SSL_CIPHERS, "Cipher1,Cipher2");
- properties.setProperty(SSL_PROTOCOLS, "Protocol1,Protocol2");
- DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- SSLConfigurationFactory.setDistributionConfig(distributionConfig);
- for (SecurableCommunicationChannel securableComponent : SecurableCommunicationChannel.values()) {
- assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableComponent), securableComponent, distributionConfig);
- }
- }
-
- @Test
- public void getSSLConfigWithCommaDelimitedCiphers() throws Exception {
- Properties properties = new Properties();
- properties.setProperty(SSL_ENABLED_COMPONENTS, "all");
- properties.setProperty(SSL_KEYSTORE, "someKeyStore");
- properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
- properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
- properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
- properties.setProperty(SSL_CIPHERS, "Cipher1,Cipher2");
- properties.setProperty(SSL_PROTOCOLS, "any");
- DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- SSLConfigurationFactory.setDistributionConfig(distributionConfig);
- for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
- assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
- }
- }
-
- @Test
- public void getSSLConfigForComponentALL() throws Exception {
- Properties properties = new Properties();
- properties.setProperty(SSL_ENABLED_COMPONENTS, "all");
- properties.setProperty(SSL_KEYSTORE, "someKeyStore");
- properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
- properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
- properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
- properties.setProperty(SSL_CIPHERS, "any");
- properties.setProperty(SSL_PROTOCOLS, "any");
- DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- SSLConfigurationFactory.setDistributionConfig(distributionConfig);
- for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
- assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
- }
- }
-
- @Test
- public void getSSLConfigForComponentHTTPService() throws Exception {
- Properties properties = new Properties();
- properties.setProperty(SSL_ENABLED_COMPONENTS, SecurableCommunicationChannel.WEB.getConstant());
- properties.setProperty(SSL_KEYSTORE, "someKeyStore");
- properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
- properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
- properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
- properties.setProperty(SSL_CIPHERS, "any");
- properties.setProperty(SSL_PROTOCOLS, "any");
- DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- SSLConfigurationFactory.setDistributionConfig(distributionConfig);
- for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
- assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
- }
- }
-
- @Test
- public void getSSLConfigForComponentHTTPServiceWithAlias() throws Exception {
- Properties properties = new Properties();
- properties.setProperty(SSL_ENABLED_COMPONENTS, SecurableCommunicationChannel.WEB.getConstant());
- properties.setProperty(SSL_KEYSTORE, "someKeyStore");
- properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
- properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
- properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
- properties.setProperty(SSL_WEB_ALIAS, "httpAlias");
- properties.setProperty(SSL_CIPHERS, "any");
- properties.setProperty(SSL_PROTOCOLS, "any");
- DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- SSLConfigurationFactory.setDistributionConfig(distributionConfig);
- for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
- assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
- }
- }
-
- @Test
- public void getSSLConfigForComponentHTTPServiceWithMutualAuth() throws Exception {
- Properties properties = new Properties();
- properties.setProperty(SSL_ENABLED_COMPONENTS, SecurableCommunicationChannel.WEB.getConstant());
- properties.setProperty(SSL_KEYSTORE, "someKeyStore");
- properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
- properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
- properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
- properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
- properties.setProperty(SSL_WEB_ALIAS, "httpAlias");
- properties.setProperty(SSL_HTTP_SERVICE_REQUIRE_AUTHENTICATION, "true");
- properties.setProperty(SSL_CIPHERS, "any");
- properties.setProperty(SSL_PROTOCOLS, "any");
- DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
- SSLConfigurationFactory.setDistributionConfig(distributionConfig);
- for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
- assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
- }
- }
-
- private void assertSSLConfig(final Properties properties,
- final SSLConfig sslConfig,
- final SecurableCommunicationChannel expectedSecurableComponent,
- final DistributionConfigImpl distributionConfig) {
- assertEquals(isSSLComponentEnabled(expectedSecurableComponent, distributionConfig.getSecurableCommunicationChannels()), sslConfig.isEnabled());
- assertEquals(properties.getProperty(SSL_KEYSTORE), sslConfig.getKeystore());
- assertEquals(properties.getProperty(SSL_KEYSTORE_PASSWORD), sslConfig.getKeystorePassword());
- assertEquals(properties.getProperty(SSL_KEYSTORE_TYPE), sslConfig.getKeystoreType());
- assertEquals(properties.getProperty(SSL_TRUSTSTORE), sslConfig.getTruststore());
- assertEquals(properties.getProperty(SSL_TRUSTSTORE_PASSWORD), sslConfig.getTruststorePassword());
- assertEquals(properties.getProperty(SSL_CIPHERS).replace(","," "), sslConfig.getCiphers());
- assertEquals(properties.getProperty(SSL_PROTOCOLS).replace(","," "), sslConfig.getProtocols());
- assertEquals(getCorrectAlias(expectedSecurableComponent, properties), sslConfig.getAlias());
- assertEquals(requiresAuthentication(properties, expectedSecurableComponent), sslConfig.isRequireAuth());
- assertEquals(expectedSecurableComponent, sslConfig.getSecuredCommunicationChannel());
- }
-
- private boolean requiresAuthentication(final Properties properties, final SecurableCommunicationChannel expectedSecurableComponent) {
- boolean defaultAuthentication = expectedSecurableComponent.equals(SecurableCommunicationChannel.WEB) ? DistributionConfig.DEFAULT_SSL_HTTP_SERVICE_REQUIRE_AUTHENTICATION : DistributionConfig.DEFAULT_SSL_REQUIRE_AUTHENTICATION;
- String httpRequiresAuthentication = properties.getProperty(SSL_HTTP_SERVICE_REQUIRE_AUTHENTICATION);
-
- return httpRequiresAuthentication == null ? defaultAuthentication : Boolean.parseBoolean(httpRequiresAuthentication);
- }
-
- private String getCorrectAlias(final SecurableCommunicationChannel expectedSecurableComponent, final Properties properties) {
- switch (expectedSecurableComponent) {
- case ALL:
- return properties.getProperty(SSL_DEFAULT_ALIAS);
- case CLUSTER:
- return getAliasForComponent(properties, SSL_CLUSTER_ALIAS);
- case GATEWAY:
- return getAliasForComponent(properties, SSL_GATEWAY_ALIAS);
- case WEB:
- return getAliasForComponent(properties, SSL_WEB_ALIAS);
- case JMX:
- return getAliasForComponent(properties, SSL_JMX_ALIAS);
- case LOCATOR:
- return getAliasForComponent(properties, SSL_LOCATOR_ALIAS);
- case SERVER:
- return getAliasForComponent(properties, SSL_SERVER_ALIAS);
- default:
- return properties.getProperty(SSL_DEFAULT_ALIAS);
- }
- }
-
- private String getAliasForComponent(final Properties properties, final String componentAliasProperty) {
- String aliasProperty = properties.getProperty(componentAliasProperty);
- return !StringUtils.isEmpty(aliasProperty) ? aliasProperty : properties.getProperty(SSL_DEFAULT_ALIAS);
- }
-
- private boolean isSSLComponentEnabled(final SecurableCommunicationChannel expectedSecurableComponent, final SecurableCommunicationChannel[] SecurableComponents) {
- for (SecurableCommunicationChannel securableCommunicationChannel : SecurableComponents) {
- if (securableCommunicationChannel.ALL.equals(securableCommunicationChannel) || securableCommunicationChannel.equals(expectedSecurableComponent)) {
- return true;
- }
- }
- return false;
- }
-
-}
\ No newline at end of file