You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ni...@apache.org on 2013/07/12 11:42:22 UTC
svn commit: r1502497 - in
/cxf/trunk/rt/transports/http-netty/netty-server/src:
main/java/org/apache/cxf/transport/http/netty/server/
main/java/org/apache/cxf/transport/http/netty/server/servlet/
test/java/org/apache/cxf/transport/http/netty/server/int...
Author: ningjiang
Date: Fri Jul 12 09:42:22 2013
New Revision: 1502497
URL: http://svn.apache.org/r1502497
Log:
CXF-5120 supports the TLSSessionInfo generation inside of netty-server
Modified:
cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/NettyHttpServletHandler.java
cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/servlet/NettyHttpServletRequest.java
cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java
Modified: cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/NettyHttpServletHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/NettyHttpServletHandler.java?rev=1502497&r1=1502496&r2=1502497&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/NettyHttpServletHandler.java (original)
+++ cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/NettyHttpServletHandler.java Fri Jul 12 09:42:22 2013
@@ -121,7 +121,7 @@ public class NettyHttpServletHandler ext
NettyServletResponse nettyServletResponse = buildHttpServletResponse(response);
NettyHttpServletRequest nettyServletRequest =
- buildHttpServletRequest(request, nettyHttpContextHandler.getContextPath());
+ buildHttpServletRequest(request, nettyHttpContextHandler.getContextPath(), ctx);
nettyHttpContextHandler.handle(request.getUri(), nettyServletRequest, nettyServletResponse);
interceptOnRequestSuccessed(ctx, e, response);
@@ -223,8 +223,8 @@ public class NettyHttpServletHandler ext
}
protected NettyHttpServletRequest buildHttpServletRequest(
- HttpRequest request, String contextPath) {
- return new NettyHttpServletRequest(request, contextPath);
+ HttpRequest request, String contextPath, ChannelHandlerContext ctx) {
+ return new NettyHttpServletRequest(request, contextPath, ctx);
}
}
Modified: cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/servlet/NettyHttpServletRequest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/servlet/NettyHttpServletRequest.java?rev=1502497&r1=1502496&r2=1502497&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/servlet/NettyHttpServletRequest.java (original)
+++ cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/servlet/NettyHttpServletRequest.java Fri Jul 12 09:42:22 2013
@@ -28,12 +28,14 @@ import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
-import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.SSLSession;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletInputStream;
import javax.servlet.http.Cookie;
@@ -41,6 +43,7 @@ import javax.servlet.http.HttpServletReq
import javax.servlet.http.HttpSession;
import org.apache.cxf.transport.http.netty.server.util.Utils;
+import org.jboss.netty.channel.ChannelHandlerContext;
import org.jboss.netty.handler.codec.http.CookieDecoder;
import org.jboss.netty.handler.codec.http.HttpHeaders;
import org.jboss.netty.handler.codec.http.HttpHeaders.Names;
@@ -51,6 +54,9 @@ import org.jboss.netty.handler.ssl.SslHa
import static org.jboss.netty.handler.codec.http.HttpHeaders.Names.COOKIE;
public class NettyHttpServletRequest implements HttpServletRequest {
+
+ private static final String SSL_CIPHER_SUITE_ATTRIBUTE = "javax.servlet.request.cipher_suite";
+ private static final String SSL_PEER_CERT_CHAIN_ATTRIBUTE = "javax.servlet.request.X509Certificate";
private static final Locale DEFAULT_LOCALE = Locale.getDefault();
@@ -64,22 +70,37 @@ public class NettyHttpServletRequest imp
private QueryStringDecoder queryStringDecoder;
- private Map<String, Object> attributes;
+ private Map<String, Object> attributes = new ConcurrentHashMap<String, Object>();
private CookieDecoder cookieDecoder = new CookieDecoder();
private String characterEncoding;
private String contextPath;
+
+ private ChannelHandlerContext channelHandlerContext;
- public NettyHttpServletRequest(HttpRequest request, String contextPath) {
+ public NettyHttpServletRequest(HttpRequest request, String contextPath, ChannelHandlerContext ctx) {
this.originalRequest = request;
this.contextPath = contextPath;
this.uriParser = new URIParser(contextPath);
this.inputStream = new NettyServletInputStream(request);
this.reader = new BufferedReader(new InputStreamReader(inputStream));
this.queryStringDecoder = new QueryStringDecoder(request.getUri());
-
+ // setup the SSL security attributes
+ this.channelHandlerContext = ctx;
+ SslHandler sslHandler = channelHandlerContext.getPipeline().get(SslHandler.class);
+ if (sslHandler != null) {
+ SSLSession session = sslHandler.getEngine().getSession();
+ if (session != null) {
+ attributes.put(SSL_CIPHER_SUITE_ATTRIBUTE, session.getCipherSuite());
+ try {
+ attributes.put(SSL_PEER_CERT_CHAIN_ATTRIBUTE, session.getPeerCertificates());
+ } catch (SSLPeerUnverifiedException ex) {
+ // do nothing here
+ }
+ }
+ }
}
public HttpRequest getOriginalRequest() {
@@ -266,9 +287,6 @@ public class NettyHttpServletRequest imp
@Override
public void setAttribute(String name, Object o) {
- if (this.attributes == null) {
- this.attributes = new HashMap<String, Object>();
- }
this.attributes.put(name, o);
}
Modified: cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java?rev=1502497&r1=1502496&r2=1502497&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java (original)
+++ cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java Fri Jul 12 09:42:22 2013
@@ -37,6 +37,12 @@ import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.apache.cxf.security.transport.TLSSessionInfo;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.hello_world_soap_http.Greeter;
@@ -63,7 +69,11 @@ public class SSLNettyServerTest extends
@BeforeClass
public static void start() throws Exception {
Bus b = createStaticBus("/org/apache/cxf/transport/http/netty/server/integration/ServerConfig.xml");
+ // setup the ssl interceptor
+ MySSLInterceptor myInterceptor = new MySSLInterceptor();
+ b.getInInterceptors().add(myInterceptor);
BusFactory.setThreadDefaultBus(b);
+
address = "https://localhost:" + PORT + "/SoapContext/SoapPort";
ep = Endpoint.publish(address ,
new org.apache.hello_world_soap_http.GreeterImpl());
@@ -138,5 +148,22 @@ public class SSLNettyServerTest extends
return fac.getKeyManagers();
}
+ public static class MySSLInterceptor extends AbstractPhaseInterceptor<Message> {
+
+ public MySSLInterceptor() {
+ super(Phase.READ);
+ }
+
+ @Override
+ public void handleMessage(Message message) throws Fault {
+ if (!MessageUtils.isRequestor(message)) {
+ // just check the request message
+ TLSSessionInfo info = message.get(TLSSessionInfo.class);
+ assertNotNull(info);
+ }
+ }
+
+ }
+
}