You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ni...@apache.org on 2013/07/12 11:42:22 UTC
svn commit: r1502497 - in /cxf/trunk/rt/transports/http-netty/netty-server/src: main/java/org/apache/cxf/transport/http/netty/server/ main/java/org/apache/cxf/transport/http/netty/server/servlet/ test/java/org/apache/cxf/transport/http/netty/server/int...

Author: ningjiang
Date: Fri Jul 12 09:42:22 2013
New Revision: 1502497

URL: http://svn.apache.org/r1502497
Log:
CXF-5120 supports the TLSSessionInfo generation inside of  netty-server

Modified:
    cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/NettyHttpServletHandler.java
    cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/servlet/NettyHttpServletRequest.java
    cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java

Modified: cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/NettyHttpServletHandler.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/NettyHttpServletHandler.java?rev=1502497&r1=1502496&r2=1502497&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/NettyHttpServletHandler.java (original)
+++ cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/NettyHttpServletHandler.java Fri Jul 12 09:42:22 2013
@@ -121,7 +121,7 @@ public class NettyHttpServletHandler ext
 
         NettyServletResponse nettyServletResponse = buildHttpServletResponse(response);
         NettyHttpServletRequest nettyServletRequest = 
-            buildHttpServletRequest(request, nettyHttpContextHandler.getContextPath());
+            buildHttpServletRequest(request, nettyHttpContextHandler.getContextPath(), ctx);
 
         nettyHttpContextHandler.handle(request.getUri(), nettyServletRequest, nettyServletResponse);
         interceptOnRequestSuccessed(ctx, e, response);
@@ -223,8 +223,8 @@ public class NettyHttpServletHandler ext
     }
 
     protected NettyHttpServletRequest buildHttpServletRequest(
-            HttpRequest request, String contextPath) {
-        return new NettyHttpServletRequest(request, contextPath);
+            HttpRequest request, String contextPath, ChannelHandlerContext ctx) {
+        return new NettyHttpServletRequest(request, contextPath, ctx);
     }
     
 }

Modified: cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/servlet/NettyHttpServletRequest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/servlet/NettyHttpServletRequest.java?rev=1502497&r1=1502496&r2=1502497&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/servlet/NettyHttpServletRequest.java (original)
+++ cxf/trunk/rt/transports/http-netty/netty-server/src/main/java/org/apache/cxf/transport/http/netty/server/servlet/NettyHttpServletRequest.java Fri Jul 12 09:42:22 2013
@@ -28,12 +28,14 @@ import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Enumeration;
-import java.util.HashMap;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
 import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
 
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.SSLSession;
 import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletInputStream;
 import javax.servlet.http.Cookie;
@@ -41,6 +43,7 @@ import javax.servlet.http.HttpServletReq
 import javax.servlet.http.HttpSession;
 
 import org.apache.cxf.transport.http.netty.server.util.Utils;
+import org.jboss.netty.channel.ChannelHandlerContext;
 import org.jboss.netty.handler.codec.http.CookieDecoder;
 import org.jboss.netty.handler.codec.http.HttpHeaders;
 import org.jboss.netty.handler.codec.http.HttpHeaders.Names;
@@ -51,6 +54,9 @@ import org.jboss.netty.handler.ssl.SslHa
 import static org.jboss.netty.handler.codec.http.HttpHeaders.Names.COOKIE;
 
 public class NettyHttpServletRequest implements HttpServletRequest {
+    
+    private static final String SSL_CIPHER_SUITE_ATTRIBUTE = "javax.servlet.request.cipher_suite";
+    private static final String SSL_PEER_CERT_CHAIN_ATTRIBUTE = "javax.servlet.request.X509Certificate";
 
     private static final Locale DEFAULT_LOCALE = Locale.getDefault();
 
@@ -64,22 +70,37 @@ public class NettyHttpServletRequest imp
 
     private QueryStringDecoder queryStringDecoder;
 
-    private Map<String, Object> attributes;
+    private Map<String, Object> attributes = new ConcurrentHashMap<String, Object>();
 
     private CookieDecoder cookieDecoder = new CookieDecoder();
 
     private String characterEncoding;
 
     private String contextPath;
+    
+    private ChannelHandlerContext channelHandlerContext;
 
-    public NettyHttpServletRequest(HttpRequest request, String contextPath) {
+    public NettyHttpServletRequest(HttpRequest request, String contextPath, ChannelHandlerContext ctx) {
         this.originalRequest = request;
         this.contextPath = contextPath;
         this.uriParser = new URIParser(contextPath);
         this.inputStream = new NettyServletInputStream(request);
         this.reader = new BufferedReader(new InputStreamReader(inputStream));
         this.queryStringDecoder = new QueryStringDecoder(request.getUri());
-        
+        // setup the SSL security attributes
+        this.channelHandlerContext = ctx;
+        SslHandler sslHandler = channelHandlerContext.getPipeline().get(SslHandler.class);
+        if (sslHandler != null) {
+            SSLSession session = sslHandler.getEngine().getSession();
+            if (session != null) {
+                attributes.put(SSL_CIPHER_SUITE_ATTRIBUTE, session.getCipherSuite());
+                try {
+                    attributes.put(SSL_PEER_CERT_CHAIN_ATTRIBUTE, session.getPeerCertificates());
+                } catch (SSLPeerUnverifiedException ex) {
+                    // do nothing here
+                }
+            }
+        }
     }
 
     public HttpRequest getOriginalRequest() {
@@ -266,9 +287,6 @@ public class NettyHttpServletRequest imp
 
     @Override
     public void setAttribute(String name, Object o) {
-        if (this.attributes == null) {
-            this.attributes = new HashMap<String, Object>();
-        }
         this.attributes.put(name, o);
     }
 

Modified: cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java?rev=1502497&r1=1502496&r2=1502497&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java (original)
+++ cxf/trunk/rt/transports/http-netty/netty-server/src/test/java/org/apache/cxf/transport/http/netty/server/integration/SSLNettyServerTest.java Fri Jul 12 09:42:22 2013
@@ -37,6 +37,12 @@ import org.apache.cxf.Bus;
 import org.apache.cxf.BusFactory;
 import org.apache.cxf.configuration.jsse.TLSClientParameters;
 import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.interceptor.Fault;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.message.MessageUtils;
+import org.apache.cxf.phase.AbstractPhaseInterceptor;
+import org.apache.cxf.phase.Phase;
+import org.apache.cxf.security.transport.TLSSessionInfo;
 import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
 import org.apache.cxf.transport.http.HTTPConduit;
 import org.apache.hello_world_soap_http.Greeter;
@@ -63,7 +69,11 @@ public class SSLNettyServerTest extends 
     @BeforeClass
     public static void start() throws Exception {
         Bus b = createStaticBus("/org/apache/cxf/transport/http/netty/server/integration/ServerConfig.xml");
+        // setup the ssl interceptor
+        MySSLInterceptor myInterceptor = new MySSLInterceptor();
+        b.getInInterceptors().add(myInterceptor);
         BusFactory.setThreadDefaultBus(b);
+        
         address = "https://localhost:" + PORT + "/SoapContext/SoapPort";
         ep = Endpoint.publish(address ,
                 new org.apache.hello_world_soap_http.GreeterImpl());
@@ -138,5 +148,22 @@ public class SSLNettyServerTest extends 
         return fac.getKeyManagers();
     }
     
+    public static class MySSLInterceptor extends AbstractPhaseInterceptor<Message> {
+
+        public MySSLInterceptor() {
+            super(Phase.READ);
+        }
+
+        @Override
+        public void handleMessage(Message message) throws Fault {
+            if (!MessageUtils.isRequestor(message)) {
+                // just check the request message
+                TLSSessionInfo info = message.get(TLSSessionInfo.class);
+                assertNotNull(info);
+            }
+        }
+        
+    }
+    
 
 }