You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by co...@apache.org on 2019/06/17 09:03:37 UTC
[camel] branch camel-2.24.x updated: CAMEL-13563 - Backport Jetty
client authn fix only (and not the Jetty upgrade)
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch camel-2.24.x
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/camel-2.24.x by this push:
new 64dc3ed CAMEL-13563 - Backport Jetty client authn fix only (and not the Jetty upgrade)
64dc3ed is described below
commit 64dc3ede3f697074224afdefb0e0d642eb954d33
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Mon Jun 17 10:03:13 2019 +0100
CAMEL-13563 - Backport Jetty client authn fix only (and not the Jetty upgrade)
---
.../camel/component/cometd/CometdComponent.java | 28 ++--
.../camel/component/jetty/JettyHttpComponent.java | 12 +-
.../jetty/rest/RestHttpsClientAuthRouteTest.java | 141 +++++++++++++++++++++
.../camel-jetty9/src/test/resources/service.jks | Bin 0 -> 1969 bytes
.../camel-jetty9/src/test/resources/truststore.jks | Bin 0 -> 582 bytes
.../internal/client/SalesforceHttpRequest.java | 2 +-
.../component/websocket/WebsocketComponent.java | 10 +-
...=> WebsocketSSLClientAuthRouteExampleTest.java} | 38 +++---
.../WebsocketSSLContextGlobalRouteExampleTest.java | 25 ++--
.../WebsocketSSLContextInUriRouteExampleTest.java | 25 ++--
.../websocket/WebsocketSSLRouteExampleTest.java | 24 ++--
11 files changed, 222 insertions(+), 83 deletions(-)
diff --git a/components/camel-cometd/src/main/java/org/apache/camel/component/cometd/CometdComponent.java b/components/camel-cometd/src/main/java/org/apache/camel/component/cometd/CometdComponent.java
index 474d70b..995632a 100644
--- a/components/camel-cometd/src/main/java/org/apache/camel/component/cometd/CometdComponent.java
+++ b/components/camel-cometd/src/main/java/org/apache/camel/component/cometd/CometdComponent.java
@@ -22,7 +22,6 @@ import java.util.EnumSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
-import javax.net.ssl.SSLContext;
import javax.servlet.DispatcherType;
import org.apache.camel.Endpoint;
@@ -130,7 +129,7 @@ public class CometdComponent extends UriEndpointComponent implements SSLContextP
LOG.warn("You use localhost interface! It means that no external connections will be available."
+ " Don't you want to use 0.0.0.0 instead (all network interfaces)?");
}
-
+
server.addConnector(connector);
CometDServlet servlet = createServletForConnector(server, connector, endpoint);
@@ -231,20 +230,19 @@ public class CometdComponent extends UriEndpointComponent implements SSLContextP
if (sslParams == null) {
sslParams = retrieveGlobalSslContextParameters();
}
+
+ SslContextFactory sslContextFactory = new SslContextFactory();
+ sslContextFactory.setEndpointIdentificationAlgorithm(null);
if (sslParams != null) {
- SslContextFactory sslContextFactory = new CometdComponentSslContextFactory();
sslContextFactory.setSslContext(sslParams.createSSLContext(getCamelContext()));
- sslSocketConnector = new ServerConnector(server, sslContextFactory);
} else {
- SslContextFactory sslContextFactory = new SslContextFactory();
sslContextFactory.setKeyStorePassword(sslKeyPassword);
sslContextFactory.setKeyManagerPassword(sslPassword);
if (sslKeystore != null) {
sslContextFactory.setKeyStorePath(sslKeystore);
}
- sslSocketConnector = new ServerConnector(server, sslContextFactory);
-
}
+ sslSocketConnector = new ServerConnector(server, sslContextFactory);
return sslSocketConnector;
}
@@ -309,14 +307,14 @@ public class CometdComponent extends UriEndpointComponent implements SSLContextP
}
extensions.add(extension);
}
-
+
public void addServerListener(BayeuxServer.BayeuxServerListener serverListener) {
if (serverListeners == null) {
serverListeners = new ArrayList<>();
}
serverListeners.add(serverListener);
}
-
+
public SSLContextParameters getSslContextParameters() {
return sslContextParameters;
}
@@ -354,7 +352,7 @@ public class CometdComponent extends UriEndpointComponent implements SSLContextP
connectorRef.connector.stop();
}
connectors.clear();
-
+
super.doStop();
}
@@ -373,14 +371,4 @@ public class CometdComponent extends UriEndpointComponent implements SSLContextP
}
}
- /**
- * Override the key/trust store check method as it does not account for a factory that has
- * a pre-configured {@link SSLContext}.
- */
- private static final class CometdComponentSslContextFactory extends SslContextFactory {
- // to support jetty 9.2.
- // TODO: remove this class when we have upgraded to jetty 9.3
- public void checkKeyStore() {
- }
- }
}
diff --git a/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java b/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java
index dfe3071..b07e74c 100644
--- a/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java
+++ b/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java
@@ -627,12 +627,13 @@ public abstract class JettyHttpComponent extends HttpCommonComponent implements
if (endpointSslContextParameters != null) {
try {
- sslcf = createSslContextFactory(endpointSslContextParameters);
+ sslcf = createSslContextFactory(endpointSslContextParameters, false);
} catch (Exception e) {
throw new RuntimeCamelException(e);
}
} else if ("https".equals(endpoint.getProtocol())) {
sslcf = new SslContextFactory();
+ sslcf.setEndpointIdentificationAlgorithm(null);
String keystoreProperty = System.getProperty(JETTY_SSL_KEYSTORE);
if (keystoreProperty != null) {
sslcf.setKeyStorePath(keystoreProperty);
@@ -660,8 +661,11 @@ public abstract class JettyHttpComponent extends HttpCommonComponent implements
protected abstract AbstractConnector createConnectorJettyInternal(Server server, JettyHttpEndpoint endpoint, SslContextFactory sslcf);
- private SslContextFactory createSslContextFactory(SSLContextParameters ssl) throws GeneralSecurityException, IOException {
+ private SslContextFactory createSslContextFactory(SSLContextParameters ssl, boolean client) throws GeneralSecurityException, IOException {
SslContextFactory answer = new SslContextFactory();
+ if (!client) {
+ answer.setEndpointIdentificationAlgorithm(null);
+ }
if (ssl != null) {
answer.setSslContext(ssl.createSSLContext(getCamelContext()));
}
@@ -749,7 +753,7 @@ public abstract class JettyHttpComponent extends HttpCommonComponent implements
* @param ssl option SSL parameters
*/
public CamelHttpClient createHttpClient(JettyHttpEndpoint endpoint, Integer minThreads, Integer maxThreads, SSLContextParameters ssl) throws Exception {
- SslContextFactory sslContextFactory = createSslContextFactory(ssl);
+ SslContextFactory sslContextFactory = createSslContextFactory(ssl, true);
HttpClientTransport transport = createHttpClientTransport(maxThreads);
CamelHttpClient httpClient = createCamelHttpClient(transport, sslContextFactory);
@@ -1432,7 +1436,7 @@ public abstract class JettyHttpComponent extends HttpCommonComponent implements
if (getErrorHandler() != null) {
s.addBean(getErrorHandler());
} else if (!Server.getVersion().startsWith("8")) {
- //need an error handler that won't leak information about the exception
+ //need an error handler that won't leak information about the exception
//back to the client.
ErrorHandler eh = new ErrorHandler() {
public void handle(String target, Request baseRequest,
diff --git a/components/camel-jetty9/src/test/java/org/apache/camel/component/jetty/rest/RestHttpsClientAuthRouteTest.java b/components/camel-jetty9/src/test/java/org/apache/camel/component/jetty/rest/RestHttpsClientAuthRouteTest.java
new file mode 100644
index 0000000..80aa831
--- /dev/null
+++ b/components/camel-jetty9/src/test/java/org/apache/camel/component/jetty/rest/RestHttpsClientAuthRouteTest.java
@@ -0,0 +1,141 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.jetty.rest;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.Processor;
+import org.apache.camel.Produce;
+import org.apache.camel.ProducerTemplate;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.mock.MockEndpoint;
+import org.apache.camel.impl.JndiRegistry;
+import org.apache.camel.model.rest.RestConfigurationDefinition;
+import org.apache.camel.test.AvailablePortFinder;
+import org.apache.camel.test.junit4.CamelTestSupport;
+import org.apache.camel.util.jsse.KeyManagersParameters;
+import org.apache.camel.util.jsse.KeyStoreParameters;
+import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.SSLContextServerParameters;
+import org.apache.camel.util.jsse.TrustManagersParameters;
+import org.junit.Test;
+
+public class RestHttpsClientAuthRouteTest extends CamelTestSupport {
+ static int port = AvailablePortFinder.getNextAvailable();
+
+ @Produce(uri = "direct:start")
+ protected ProducerTemplate sender;
+
+
+ @Test
+ public void testGETClientRoute() throws Exception {
+ MockEndpoint mock = getMockEndpoint("mock:result");
+ mock.expectedMinimumMessageCount(1);
+ mock.expectedBodiesReceived("Hello some-id");
+ sender.sendBody(null);
+ assertMockEndpointsSatisfied();
+ }
+
+ protected String getClientURI() {
+ return "http4://localhost:%d/TestResource/some-id?sslContextParameters=#clientSSLContextParameters";
+ }
+
+ @Override
+ protected JndiRegistry createRegistry() throws Exception {
+ JndiRegistry registry = super.createRegistry();
+
+ KeyStoreParameters keystoreParameters = new KeyStoreParameters();
+ keystoreParameters.setResource("service.jks");
+ keystoreParameters.setPassword("security");
+
+ SSLContextParameters serviceSSLContextParameters = new SSLContextParameters();
+ KeyManagersParameters serviceSSLKeyManagers = new KeyManagersParameters();
+ serviceSSLKeyManagers.setKeyPassword("security");
+ serviceSSLKeyManagers.setKeyStore(keystoreParameters);
+ serviceSSLContextParameters.setKeyManagers(serviceSSLKeyManagers);
+
+ KeyStoreParameters truststoreParameters = new KeyStoreParameters();
+ truststoreParameters.setResource("truststore.jks");
+ truststoreParameters.setPassword("storepass");
+
+ TrustManagersParameters clientAuthServiceSSLTrustManagers = new TrustManagersParameters();
+ clientAuthServiceSSLTrustManagers.setKeyStore(truststoreParameters);
+ serviceSSLContextParameters.setTrustManagers(clientAuthServiceSSLTrustManagers);
+ SSLContextServerParameters clientAuthSSLContextServerParameters = new SSLContextServerParameters();
+ clientAuthSSLContextServerParameters.setClientAuthentication("REQUIRE");
+ serviceSSLContextParameters.setServerParameters(clientAuthSSLContextServerParameters);
+
+ SSLContextParameters clientSSLContextParameters = new SSLContextParameters();
+ TrustManagersParameters clientSSLTrustManagers = new TrustManagersParameters();
+ clientSSLTrustManagers.setKeyStore(truststoreParameters);
+ clientSSLContextParameters.setTrustManagers(clientSSLTrustManagers);
+
+ KeyManagersParameters clientAuthClientSSLKeyManagers = new KeyManagersParameters();
+ clientAuthClientSSLKeyManagers.setKeyPassword("security");
+ clientAuthClientSSLKeyManagers.setKeyStore(keystoreParameters);
+ clientSSLContextParameters.setKeyManagers(clientAuthClientSSLKeyManagers);
+
+ registry.bind("serviceSSLContextParameters", serviceSSLContextParameters);
+ registry.bind("clientSSLContextParameters", clientSSLContextParameters);
+
+ return registry;
+ }
+
+ protected void decorateRestConfiguration(RestConfigurationDefinition restConfig) {
+ restConfig.endpointProperty("sslContextParameters", "#serviceSSLContextParameters");
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() throws Exception {
+ return new RouteBuilder() {
+ @Override
+ public void configure() throws Exception {
+ RestConfigurationDefinition restConfig =
+ restConfiguration("jetty").scheme("https").host("localhost").port(port);
+ decorateRestConfiguration(restConfig);
+
+ rest("/TestParams")
+ .get().to("direct:get1")
+ .post().to("direct:post1");
+
+ rest("/TestResource")
+ .get("/{id}").to("direct:get1")
+ .post("/{id}").to("direct:post1");
+
+ from("direct:get1").process(new Processor() {
+ public void process(Exchange exchange) throws Exception {
+ String id = exchange.getIn().getHeader("id", String.class);
+ exchange.getOut().setBody("Hello " + id);
+ }
+ });
+
+ from("direct:post1").process(new Processor() {
+ public void process(Exchange exchange) throws Exception {
+ String id = exchange.getIn().getHeader("id", String.class);
+ String ct = exchange.getIn().getHeader(Exchange.CONTENT_TYPE, String.class);
+ exchange.getOut().setBody("Hello " + id + ": " + exchange.getIn().getBody(String.class));
+ exchange.getOut().setHeader(Exchange.CONTENT_TYPE, ct);
+ }
+ });
+
+ from("direct:start")
+ .toF(getClientURI(), port)
+ .to("mock:result");
+ }
+ };
+ }
+
+}
diff --git a/components/camel-jetty9/src/test/resources/service.jks b/components/camel-jetty9/src/test/resources/service.jks
new file mode 100644
index 0000000..52321ad
Binary files /dev/null and b/components/camel-jetty9/src/test/resources/service.jks differ
diff --git a/components/camel-jetty9/src/test/resources/truststore.jks b/components/camel-jetty9/src/test/resources/truststore.jks
new file mode 100644
index 0000000..44d82a85
Binary files /dev/null and b/components/camel-jetty9/src/test/resources/truststore.jks differ
diff --git a/components/camel-salesforce/camel-salesforce-component/src/main/java/org/apache/camel/component/salesforce/internal/client/SalesforceHttpRequest.java b/components/camel-salesforce/camel-salesforce-component/src/main/java/org/apache/camel/component/salesforce/internal/client/SalesforceHttpRequest.java
index 743ec32..19985ed 100644
--- a/components/camel-salesforce/camel-salesforce-component/src/main/java/org/apache/camel/component/salesforce/internal/client/SalesforceHttpRequest.java
+++ b/components/camel-salesforce/camel-salesforce-component/src/main/java/org/apache/camel/component/salesforce/internal/client/SalesforceHttpRequest.java
@@ -32,7 +32,7 @@ public class SalesforceHttpRequest extends HttpRequest {
}
@Override
- protected HttpConversation getConversation() {
+ public HttpConversation getConversation() {
return super.getConversation();
}
}
diff --git a/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketComponent.java b/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketComponent.java
index a49a25e..dd12764 100644
--- a/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketComponent.java
+++ b/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketComponent.java
@@ -176,7 +176,7 @@ public class WebsocketComponent extends UriEndpointComponent implements SSLConte
// Create ServletContextHandler
ServletContextHandler context = createContext(server, connector, endpoint.getHandlers());
- // setup the WebSocketComponentServlet initial parameters
+ // setup the WebSocketComponentServlet initial parameters
setWebSocketComponentServletInitialParameter(context, endpoint);
server.setHandler(context);
@@ -189,7 +189,7 @@ public class WebsocketComponent extends UriEndpointComponent implements SSLConte
}
MemoryWebsocketStore memoryStore = new MemoryWebsocketStore();
-
+
// Don't provide a Servlet object as Producer/Consumer will create them later on
connectorRef = new ConnectorRef(server, connector, null, memoryStore);
@@ -226,7 +226,7 @@ public class WebsocketComponent extends UriEndpointComponent implements SSLConte
WebsocketProducer producer = WebsocketProducer.class.cast(prodcon);
producer.setStore(connectorRef.memoryStore);
}
-
+
}
}
@@ -322,7 +322,7 @@ public class WebsocketComponent extends UriEndpointComponent implements SSLConte
setProperties(endpoint, parameters);
return endpoint;
}
-
+
protected void setWebSocketComponentServletInitialParameter(ServletContextHandler context, WebsocketEndpoint endpoint) {
if (endpoint.getBufferSize() != null) {
context.setInitParameter("bufferSize", endpoint.getBufferSize().toString());
@@ -497,10 +497,12 @@ public class WebsocketComponent extends UriEndpointComponent implements SSLConte
ServerConnector sslSocketConnector = null;
if (sslContextParameters != null) {
SslContextFactory sslContextFactory = new WebSocketComponentSslContextFactory();
+ sslContextFactory.setEndpointIdentificationAlgorithm(null);
sslContextFactory.setSslContext(sslContextParameters.createSSLContext(getCamelContext()));
sslSocketConnector = new ServerConnector(server, sslContextFactory);
} else {
SslContextFactory sslContextFactory = new SslContextFactory();
+ sslContextFactory.setEndpointIdentificationAlgorithm(null);
sslContextFactory.setKeyStorePassword(sslKeyPassword);
sslContextFactory.setKeyManagerPassword(sslPassword);
if (sslKeystore != null) {
diff --git a/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLRouteExampleTest.java b/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLClientAuthRouteExampleTest.java
similarity index 84%
copy from components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLRouteExampleTest.java
copy to components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLClientAuthRouteExampleTest.java
index a666e77..dc98826 100644
--- a/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLRouteExampleTest.java
+++ b/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLClientAuthRouteExampleTest.java
@@ -17,7 +17,6 @@
package org.apache.camel.component.websocket;
import java.io.IOException;
-import java.net.URL;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.List;
@@ -47,9 +46,8 @@ import org.asynchttpclient.ws.WebSocketUpgradeHandler;
import org.junit.Before;
import org.junit.Test;
-public class WebsocketSSLRouteExampleTest extends CamelTestSupport {
+public class WebsocketSSLClientAuthRouteExampleTest extends CamelTestSupport {
- private static final String NULL_VALUE_MARKER = CamelTestSupport.class.getCanonicalName();
private static List<String> received = new ArrayList<>();
private static CountDownLatch latch = new CountDownLatch(10);
protected Properties originalValues = new Properties();
@@ -62,14 +60,6 @@ public class WebsocketSSLRouteExampleTest extends CamelTestSupport {
port = AvailablePortFinder.getNextAvailable(16200);
super.setUp();
-
- URL trustStoreUrl = this.getClass().getClassLoader().getResource("jsse/localhost.ks");
- setSystemProp("javax.net.ssl.trustStore", trustStoreUrl.toURI().getPath());
- }
-
- protected void setSystemProp(String key, String value) {
- String originalValue = System.setProperty(key, value);
- originalValues.put(key, originalValue != null ? originalValue : NULL_VALUE_MARKER);
}
protected AsyncHttpClient createAsyncHttpSSLClient() throws IOException, GeneralSecurityException {
@@ -80,7 +70,25 @@ public class WebsocketSSLRouteExampleTest extends CamelTestSupport {
DefaultAsyncHttpClientConfig.Builder builder =
new DefaultAsyncHttpClientConfig.Builder();
- SSLContext sslContext = new SSLContextParameters().createSSLContext(context());
+ SSLContextParameters sslContextParameters = new SSLContextParameters();
+
+ KeyStoreParameters truststoreParameters = new KeyStoreParameters();
+ truststoreParameters.setResource("jsse/localhost.ks");
+ truststoreParameters.setPassword(pwd);
+
+ TrustManagersParameters clientSSLTrustManagers = new TrustManagersParameters();
+ clientSSLTrustManagers.setKeyStore(truststoreParameters);
+ sslContextParameters.setTrustManagers(clientSSLTrustManagers);
+
+ KeyStoreParameters keystoreParameters = new KeyStoreParameters();
+ keystoreParameters.setResource("jsse/localhost.ks");
+ keystoreParameters.setPassword(pwd);
+ KeyManagersParameters clientAuthClientSSLKeyManagers = new KeyManagersParameters();
+ clientAuthClientSSLKeyManagers.setKeyPassword(pwd);
+ clientAuthClientSSLKeyManagers.setKeyStore(keystoreParameters);
+ sslContextParameters.setKeyManagers(clientAuthClientSSLKeyManagers);
+
+ SSLContext sslContext = sslContextParameters.createSSLContext(context());
JdkSslContext ssl = new JdkSslContext(sslContext, true, ClientAuth.REQUIRE);
builder.setSslContext(ssl);
builder.setAcceptAnyCertificate(true);
@@ -93,7 +101,6 @@ public class WebsocketSSLRouteExampleTest extends CamelTestSupport {
protected SSLContextParameters defineSSLContextParameters() {
KeyStoreParameters ksp = new KeyStoreParameters();
- // ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").toString());
ksp.setResource("jsse/localhost.ks");
ksp.setPassword(pwd);
@@ -104,9 +111,8 @@ public class WebsocketSSLRouteExampleTest extends CamelTestSupport {
TrustManagersParameters tmp = new TrustManagersParameters();
tmp.setKeyStore(ksp);
- // NOTE: Needed since the client uses a loose trust configuration when no ssl context
- // is provided. We turn on WANT client-auth to prefer using authentication
SSLContextServerParameters scsp = new SSLContextServerParameters();
+ scsp.setClientAuthentication("REQUIRE");
SSLContextParameters sslContextParameters = new SSLContextParameters();
sslContextParameters.setKeyManagers(kmp);
@@ -130,7 +136,7 @@ public class WebsocketSSLRouteExampleTest extends CamelTestSupport {
latch.countDown();
}
-
+
@Override
public void onOpen(WebSocket websocket) {
}
diff --git a/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLContextGlobalRouteExampleTest.java b/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLContextGlobalRouteExampleTest.java
index 972988c..c696ea5 100644
--- a/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLContextGlobalRouteExampleTest.java
+++ b/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLContextGlobalRouteExampleTest.java
@@ -17,11 +17,9 @@
package org.apache.camel.component.websocket;
import java.io.IOException;
-import java.net.URL;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.List;
-import java.util.Properties;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
@@ -51,10 +49,8 @@ import org.junit.Test;
public class WebsocketSSLContextGlobalRouteExampleTest extends CamelTestSupport {
- private static final String NULL_VALUE_MARKER = CamelTestSupport.class.getCanonicalName();
private static List<String> received = new ArrayList<>();
private static CountDownLatch latch = new CountDownLatch(10);
- private Properties originalValues = new Properties();
private String pwd = "changeit";
private String uri;
private String server = "127.0.0.1";
@@ -65,8 +61,6 @@ public class WebsocketSSLContextGlobalRouteExampleTest extends CamelTestSupport
public void setUp() throws Exception {
port = AvailablePortFinder.getNextAvailable(16300);
- URL trustStoreUrl = this.getClass().getClassLoader().getResource("jsse/localhost.ks");
- setSystemProp("javax.net.ssl.trustStore", trustStoreUrl.toURI().getPath());
uri = "websocket://" + server + ":" + port + "/test";
super.setUp();
@@ -100,11 +94,6 @@ public class WebsocketSSLContextGlobalRouteExampleTest extends CamelTestSupport
return context;
}
- protected void setSystemProp(String key, String value) {
- String originalValue = System.setProperty(key, value);
- originalValues.put(key, originalValue != null ? originalValue : NULL_VALUE_MARKER);
- }
-
protected AsyncHttpClient createAsyncHttpSSLClient() throws IOException, GeneralSecurityException {
AsyncHttpClient c;
@@ -113,7 +102,17 @@ public class WebsocketSSLContextGlobalRouteExampleTest extends CamelTestSupport
DefaultAsyncHttpClientConfig.Builder builder =
new DefaultAsyncHttpClientConfig.Builder();
- SSLContext sslContext = new SSLContextParameters().createSSLContext(context());
+ SSLContextParameters sslContextParameters = new SSLContextParameters();
+
+ KeyStoreParameters truststoreParameters = new KeyStoreParameters();
+ truststoreParameters.setResource("jsse/localhost.ks");
+ truststoreParameters.setPassword(pwd);
+
+ TrustManagersParameters clientSSLTrustManagers = new TrustManagersParameters();
+ clientSSLTrustManagers.setKeyStore(truststoreParameters);
+ sslContextParameters.setTrustManagers(clientSSLTrustManagers);
+
+ SSLContext sslContext = sslContextParameters.createSSLContext(context());
JdkSslContext ssl = new JdkSslContext(sslContext, true, ClientAuth.REQUIRE);
builder.setSslContext(ssl);
builder.setAcceptAnyCertificate(true);
@@ -137,7 +136,7 @@ public class WebsocketSSLContextGlobalRouteExampleTest extends CamelTestSupport
latch.countDown();
}
-
+
@Override
public void onOpen(WebSocket websocket) {
diff --git a/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLContextInUriRouteExampleTest.java b/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLContextInUriRouteExampleTest.java
index f501915..b9ff3b3 100644
--- a/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLContextInUriRouteExampleTest.java
+++ b/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLContextInUriRouteExampleTest.java
@@ -17,11 +17,9 @@
package org.apache.camel.component.websocket;
import java.io.IOException;
-import java.net.URL;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.List;
-import java.util.Properties;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
@@ -50,10 +48,8 @@ import org.junit.Test;
public class WebsocketSSLContextInUriRouteExampleTest extends CamelTestSupport {
- private static final String NULL_VALUE_MARKER = CamelTestSupport.class.getCanonicalName();
private static List<String> received = new ArrayList<>();
private static CountDownLatch latch = new CountDownLatch(10);
- private Properties originalValues = new Properties();
private String pwd = "changeit";
private String uri;
private String server = "127.0.0.1";
@@ -64,8 +60,6 @@ public class WebsocketSSLContextInUriRouteExampleTest extends CamelTestSupport {
public void setUp() throws Exception {
port = AvailablePortFinder.getNextAvailable(16300);
- URL trustStoreUrl = this.getClass().getClassLoader().getResource("jsse/localhost.ks");
- setSystemProp("javax.net.ssl.trustStore", trustStoreUrl.toURI().getPath());
uri = "websocket://" + server + ":" + port + "/test?sslContextParameters=#sslContextParameters";
super.setUp();
@@ -98,11 +92,6 @@ public class WebsocketSSLContextInUriRouteExampleTest extends CamelTestSupport {
return registry;
}
- protected void setSystemProp(String key, String value) {
- String originalValue = System.setProperty(key, value);
- originalValues.put(key, originalValue != null ? originalValue : NULL_VALUE_MARKER);
- }
-
protected AsyncHttpClient createAsyncHttpSSLClient() throws IOException, GeneralSecurityException {
AsyncHttpClient c;
@@ -111,7 +100,17 @@ public class WebsocketSSLContextInUriRouteExampleTest extends CamelTestSupport {
DefaultAsyncHttpClientConfig.Builder builder =
new DefaultAsyncHttpClientConfig.Builder();
- SSLContext sslContext = new SSLContextParameters().createSSLContext(context());
+ SSLContextParameters sslContextParameters = new SSLContextParameters();
+
+ KeyStoreParameters truststoreParameters = new KeyStoreParameters();
+ truststoreParameters.setResource("jsse/localhost.ks");
+ truststoreParameters.setPassword(pwd);
+
+ TrustManagersParameters clientSSLTrustManagers = new TrustManagersParameters();
+ clientSSLTrustManagers.setKeyStore(truststoreParameters);
+ sslContextParameters.setTrustManagers(clientSSLTrustManagers);
+
+ SSLContext sslContext = sslContextParameters.createSSLContext(context());
JdkSslContext ssl = new JdkSslContext(sslContext, true, ClientAuth.REQUIRE);
builder.setSslContext(ssl);
builder.setAcceptAnyCertificate(true);
@@ -135,7 +134,7 @@ public class WebsocketSSLContextInUriRouteExampleTest extends CamelTestSupport {
latch.countDown();
}
-
+
@Override
public void onOpen(WebSocket websocket) {
diff --git a/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLRouteExampleTest.java b/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLRouteExampleTest.java
index a666e77..3e8a107 100644
--- a/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLRouteExampleTest.java
+++ b/components/camel-websocket/src/test/java/org/apache/camel/component/websocket/WebsocketSSLRouteExampleTest.java
@@ -17,7 +17,6 @@
package org.apache.camel.component.websocket;
import java.io.IOException;
-import java.net.URL;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.List;
@@ -49,7 +48,6 @@ import org.junit.Test;
public class WebsocketSSLRouteExampleTest extends CamelTestSupport {
- private static final String NULL_VALUE_MARKER = CamelTestSupport.class.getCanonicalName();
private static List<String> received = new ArrayList<>();
private static CountDownLatch latch = new CountDownLatch(10);
protected Properties originalValues = new Properties();
@@ -62,14 +60,6 @@ public class WebsocketSSLRouteExampleTest extends CamelTestSupport {
port = AvailablePortFinder.getNextAvailable(16200);
super.setUp();
-
- URL trustStoreUrl = this.getClass().getClassLoader().getResource("jsse/localhost.ks");
- setSystemProp("javax.net.ssl.trustStore", trustStoreUrl.toURI().getPath());
- }
-
- protected void setSystemProp(String key, String value) {
- String originalValue = System.setProperty(key, value);
- originalValues.put(key, originalValue != null ? originalValue : NULL_VALUE_MARKER);
}
protected AsyncHttpClient createAsyncHttpSSLClient() throws IOException, GeneralSecurityException {
@@ -80,7 +70,17 @@ public class WebsocketSSLRouteExampleTest extends CamelTestSupport {
DefaultAsyncHttpClientConfig.Builder builder =
new DefaultAsyncHttpClientConfig.Builder();
- SSLContext sslContext = new SSLContextParameters().createSSLContext(context());
+ SSLContextParameters sslContextParameters = new SSLContextParameters();
+
+ KeyStoreParameters truststoreParameters = new KeyStoreParameters();
+ truststoreParameters.setResource("jsse/localhost.ks");
+ truststoreParameters.setPassword(pwd);
+
+ TrustManagersParameters clientSSLTrustManagers = new TrustManagersParameters();
+ clientSSLTrustManagers.setKeyStore(truststoreParameters);
+ sslContextParameters.setTrustManagers(clientSSLTrustManagers);
+
+ SSLContext sslContext = sslContextParameters.createSSLContext(context());
JdkSslContext ssl = new JdkSslContext(sslContext, true, ClientAuth.REQUIRE);
builder.setSslContext(ssl);
builder.setAcceptAnyCertificate(true);
@@ -130,7 +130,7 @@ public class WebsocketSSLRouteExampleTest extends CamelTestSupport {
latch.countDown();
}
-
+
@Override
public void onOpen(WebSocket websocket) {
}