You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by nf...@apache.org on 2017/04/11 14:11:59 UTC
[03/13] camel git commit: CAMEL-10650: adding sslContextParameters to
spring-boot configuration
CAMEL-10650: adding sslContextParameters to spring-boot configuration
Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/ef916c22
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/ef916c22
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/ef916c22
Branch: refs/heads/master
Commit: ef916c22e02a6ff88be69568e6a9e89abfd747b3
Parents: 1fbc447
Author: Nicola Ferraro <ni...@gmail.com>
Authored: Thu Apr 6 14:52:06 2017 +0200
Committer: Nicola Ferraro <ni...@gmail.com>
Committed: Tue Apr 11 16:00:59 2017 +0200
----------------------------------------------------------------------
.../GlobalSSLContextParametersSupplier.java | 24 +++
.../camel/component/ahc/AhcComponent.java | 11 +-
...entConfigGlobalSslContextParametersTest.java | 41 ++++
.../camel/component/cometd/CometdComponent.java | 12 +-
...extParametersCometdProducerConsumerTest.java | 126 +++++++++++++
.../camel/component/consul/ConsulComponent.java | 8 +
.../component/consul/ConsulConfiguration.java | 13 ++
.../camel/component/cxf/CxfComponent.java | 8 +
.../component/cxf/jaxrs/CxfRsComponent.java | 9 +
.../cxf/jaxrs/CxfRsGlobalSslProducerTest.java | 105 +++++++++++
.../camel/component/cxf/ssl/SslGlobalTest.java | 91 +++++++++
.../util/CxfSSLContextParameterSupplier.java | 43 +++++
.../camel/component/cxf/CxfGlobalSslContext.xml | 94 ++++++++++
.../cxf/jaxrs/CxfRsSpringGlobalSslProducer.xml | 97 ++++++++++
.../src/main/docs/etcd-component.adoc | 3 +-
.../camel/component/etcd/EtcdComponent.java | 7 +
.../camel/component/etcd/EtcdConfiguration.java | 13 ++
.../component/file/remote/FtpsComponent.java | 10 +-
...ntAuthAndGlobalSSLContextParametersTest.java | 49 +++++
.../camel/component/http4/HttpComponent.java | 7 +-
.../camel/component/irc/IrcComponent.java | 20 +-
.../camel/component/irc/IrcConfiguration.java | 2 +-
.../component/jetty/JettyHttpComponent.java | 5 +
.../src/main/docs/kafka-component.adoc | 3 +-
.../camel/component/kafka/KafkaComponent.java | 9 +
.../component/kafka/KafkaConfiguration.java | 14 ++
.../src/main/docs/lumberjack-component.adoc | 3 +-
.../lumberjack/LumberjackComponent.java | 26 ++-
.../LumberjackComponentGlobalSSLTest.java | 113 +++++++++++
.../camel/component/mail/MailComponent.java | 9 +
.../src/main/docs/mina2-component.adoc | 3 +-
.../camel/component/mina2/Mina2Component.java | 8 +
.../component/mina2/Mina2Configuration.java | 13 ++
.../camel/component/mina2/BaseMina2Test.java | 9 +-
.../Mina2SslGlobalContextParametersTcpTest.java | 79 ++++++++
.../camel/component/nats/NatsComponent.java | 9 +
.../netty/http/NettyHttpComponent.java | 8 +
.../util/NettySSLContextParameterSupplier.java | 43 +++++
.../http/SpringNettyHttpGlobalSSLTest.java | 80 ++++++++
.../netty/http/SpringNettyHttpGlobalSSLTest.xml | 65 +++++++
.../camel/component/netty/NettyComponent.java | 8 +
.../NettyGlobalSSLContextParametersTest.java | 93 +++++++++
.../netty4/http/NettyHttpComponent.java | 9 +
.../camel/component/netty4/NettyComponent.java | 8 +
.../NettyGlobalSSLContextParametersTest.java | 93 +++++++++
.../component/olingo2/Olingo2Component.java | 8 +
.../component/olingo4/Olingo4Component.java | 8 +
.../component/restlet/RestletComponent.java | 8 +
...HttpsWithGlobalSSLContextParametersTest.java | 104 +++++++++++
.../salesforce/SalesforceComponent.java | 13 +-
.../src/main/docs/servicenow-component.adoc | 3 +-
.../servicenow/ServiceNowComponent.java | 8 +
.../servicenow/ServiceNowConfiguration.java | 13 ++
.../security/CamelSSLAutoConfiguration.java | 42 +++++
.../CamelSSLConfigurationProperties.java | 55 ++++++
.../main/resources/META-INF/spring.factories | 3 +-
.../spring/ws/SpringWebserviceComponent.java | 8 +
.../camel/component/stomp/StompComponent.java | 10 +
.../component/stomp/StompConfiguration.java | 12 ++
.../stomp/StompGlobalSslConsumerTest.java | 47 +++++
.../component/undertow/UndertowComponent.java | 12 +-
.../src/main/docs/websocket-component.adoc | 6 +-
.../component/websocket/WebsocketComponent.java | 28 ++-
.../component/websocket/WebsocketEndpoint.java | 13 ++
...bsocketSSLContextGlobalRouteExampleTest.java | 187 +++++++++++++++++++
.../ConsulComponentConfiguration.java | 13 ++
.../springboot/EtcdComponentConfiguration.java | 13 ++
.../HttpComponentSSLAutoConfiguration.java | 85 +++++++++
.../HttpComponentSSLConfiguration.java | 43 +++++
.../main/resources/META-INF/spring.factories | 3 +-
.../camel-jetty9-starter/pom.xml | 6 +
.../camel/component/jetty9/Jetty9SSLTest.java | 89 +++++++++
.../src/test/resources/cacerts | Bin 0 -> 109798 bytes
.../src/test/resources/keystore.p12 | Bin 0 -> 2574 bytes
.../springboot/KafkaComponentConfiguration.java | 13 ++
.../LumberjackComponentConfiguration.java | 13 ++
.../springboot/Mina2ComponentConfiguration.java | 13 ++
.../camel-netty4-http-starter/pom.xml | 2 +-
.../Netty4HttpAutoConfigurationTest.java | 4 +-
.../http/springboot/Netty4HttpSSLTest.java | 76 ++++++++
.../src/test/resources/cacerts | Bin 0 -> 109798 bytes
.../src/test/resources/keystore.p12 | Bin 0 -> 2574 bytes
.../ServiceNowComponentConfiguration.java | 13 ++
.../springboot/StompComponentConfiguration.java | 13 ++
.../component/undertow/UndertowSSLTest.java | 83 ++++++++
.../src/test/resources/cacerts | Bin 0 -> 109798 bytes
.../src/test/resources/keystore.p12 | Bin 0 -> 2574 bytes
.../WebsocketComponentConfiguration.java | 13 ++
88 files changed, 2552 insertions(+), 34 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/camel-core/src/main/java/org/apache/camel/util/jsse/GlobalSSLContextParametersSupplier.java
----------------------------------------------------------------------
diff --git a/camel-core/src/main/java/org/apache/camel/util/jsse/GlobalSSLContextParametersSupplier.java b/camel-core/src/main/java/org/apache/camel/util/jsse/GlobalSSLContextParametersSupplier.java
new file mode 100644
index 0000000..31c415d
--- /dev/null
+++ b/camel-core/src/main/java/org/apache/camel/util/jsse/GlobalSSLContextParametersSupplier.java
@@ -0,0 +1,24 @@
+/*
+ * Copyright 2016 Red Hat, Inc.
+ *
+ * Red Hat licenses this file to you under the Apache License, version
+ * 2.0 (the "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+package org.apache.camel.util.jsse;
+
+import java.util.function.Supplier;
+
+/**
+ * A global {@code Supplier} of {@code SSLContextParameters} to be used in Camel registry.
+ */
+public interface GlobalSSLContextParametersSupplier extends Supplier<SSLContextParameters> {
+}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-ahc/src/main/java/org/apache/camel/component/ahc/AhcComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-ahc/src/main/java/org/apache/camel/component/ahc/AhcComponent.java b/components/camel-ahc/src/main/java/org/apache/camel/component/ahc/AhcComponent.java
index b59268b..afb9308 100644
--- a/components/camel-ahc/src/main/java/org/apache/camel/component/ahc/AhcComponent.java
+++ b/components/camel-ahc/src/main/java/org/apache/camel/component/ahc/AhcComponent.java
@@ -19,15 +19,19 @@ package org.apache.camel.component.ahc;
import java.net.URI;
import java.util.LinkedHashMap;
import java.util.Map;
+import java.util.Optional;
+import java.util.function.Supplier;
import org.apache.camel.Endpoint;
import org.apache.camel.impl.HeaderFilterStrategyComponent;
import org.apache.camel.spi.Metadata;
+import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.IntrospectionSupport;
import org.apache.camel.util.ObjectHelper;
import org.apache.camel.util.URISupport;
import org.apache.camel.util.UnsafeUriCharactersEncoder;
import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
import org.asynchttpclient.AsyncHttpClient;
import org.asynchttpclient.AsyncHttpClientConfig;
import org.asynchttpclient.DefaultAsyncHttpClientConfig;
@@ -65,6 +69,11 @@ public class AhcComponent extends HeaderFilterStrategyComponent {
protected Endpoint createEndpoint(String uri, String remaining, Map<String, Object> parameters) throws Exception {
String addressUri = createAddressUri(uri, remaining);
+ SSLContextParameters ssl = getSslContextParameters();
+ if (ssl == null) {
+ ssl = Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null);
+ }
+
// Do not set the HTTP URI because we still have all of the Camel internal
// parameters in the URI at this point.
AhcEndpoint endpoint = createAhcEndpoint(uri, this, null);
@@ -72,7 +81,7 @@ public class AhcComponent extends HeaderFilterStrategyComponent {
endpoint.setClient(getClient());
endpoint.setClientConfig(getClientConfig());
endpoint.setBinding(getBinding());
- endpoint.setSslContextParameters(getSslContextParameters());
+ endpoint.setSslContextParameters(ssl);
setProperties(endpoint, parameters);
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-ahc/src/test/java/org/apache/camel/component/ahc/AhcComponentClientConfigGlobalSslContextParametersTest.java
----------------------------------------------------------------------
diff --git a/components/camel-ahc/src/test/java/org/apache/camel/component/ahc/AhcComponentClientConfigGlobalSslContextParametersTest.java b/components/camel-ahc/src/test/java/org/apache/camel/component/ahc/AhcComponentClientConfigGlobalSslContextParametersTest.java
new file mode 100644
index 0000000..4dd2b23
--- /dev/null
+++ b/components/camel-ahc/src/test/java/org/apache/camel/component/ahc/AhcComponentClientConfigGlobalSslContextParametersTest.java
@@ -0,0 +1,41 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.ahc;
+
+import org.apache.camel.impl.JndiRegistry;
+import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
+
+/**
+ * Lookup from the registry should work when only one set of context parameters is present.
+ */
+public class AhcComponentClientConfigGlobalSslContextParametersTest extends AhcComponentClientConfigTest {
+
+ @Override
+ protected JndiRegistry createRegistry() throws Exception {
+ JndiRegistry registry = super.createRegistry();
+ SSLContextParameters params = registry.lookup("sslContextParameters", SSLContextParameters.class);
+ registry.bind("sslContextParametersSupplier", (GlobalSSLContextParametersSupplier) () -> params);
+ return registry;
+ }
+
+ @Override
+ protected boolean isHttps() {
+ return true;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-cometd/src/main/java/org/apache/camel/component/cometd/CometdComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-cometd/src/main/java/org/apache/camel/component/cometd/CometdComponent.java b/components/camel-cometd/src/main/java/org/apache/camel/component/cometd/CometdComponent.java
index a221b3c..134611c 100644
--- a/components/camel-cometd/src/main/java/org/apache/camel/component/cometd/CometdComponent.java
+++ b/components/camel-cometd/src/main/java/org/apache/camel/component/cometd/CometdComponent.java
@@ -22,13 +22,17 @@ import java.util.EnumSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
+import java.util.Optional;
+import java.util.function.Supplier;
import javax.net.ssl.SSLContext;
import javax.servlet.DispatcherType;
import org.apache.camel.Endpoint;
import org.apache.camel.impl.UriEndpointComponent;
import org.apache.camel.spi.Metadata;
+import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
import org.cometd.bayeux.server.BayeuxServer;
import org.cometd.bayeux.server.SecurityPolicy;
import org.cometd.server.BayeuxServerImpl;
@@ -224,9 +228,13 @@ public class CometdComponent extends UriEndpointComponent {
protected ServerConnector getSslSocketConnector(Server server) throws Exception {
ServerConnector sslSocketConnector = null;
- if (sslContextParameters != null) {
+ SSLContextParameters sslParams = this.sslContextParameters;
+ if (sslParams == null) {
+ sslParams = Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null);
+ }
+ if (sslParams != null) {
SslContextFactory sslContextFactory = new CometdComponentSslContextFactory();
- sslContextFactory.setSslContext(sslContextParameters.createSSLContext(getCamelContext()));
+ sslContextFactory.setSslContext(sslParams.createSSLContext(getCamelContext()));
sslSocketConnector = new ServerConnector(server, sslContextFactory);
} else {
SslContextFactory sslContextFactory = new SslContextFactory();
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-cometd/src/test/java/org/apache/camel/component/cometd/SslGlobalContextParametersCometdProducerConsumerTest.java
----------------------------------------------------------------------
diff --git a/components/camel-cometd/src/test/java/org/apache/camel/component/cometd/SslGlobalContextParametersCometdProducerConsumerTest.java b/components/camel-cometd/src/test/java/org/apache/camel/component/cometd/SslGlobalContextParametersCometdProducerConsumerTest.java
new file mode 100644
index 0000000..0c2a010
--- /dev/null
+++ b/components/camel-cometd/src/test/java/org/apache/camel/component/cometd/SslGlobalContextParametersCometdProducerConsumerTest.java
@@ -0,0 +1,126 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.cometd;
+
+import java.util.List;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.mock.MockEndpoint;
+import org.apache.camel.impl.JndiRegistry;
+import org.apache.camel.test.AvailablePortFinder;
+import org.apache.camel.test.junit4.CamelTestSupport;
+import org.apache.camel.util.jsse.KeyManagersParameters;
+import org.apache.camel.util.jsse.KeyStoreParameters;
+import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
+import org.apache.camel.util.jsse.TrustManagersParameters;
+import org.junit.Before;
+import org.junit.Test;
+
+/**
+ * Unit testing for using a CometdProducer and a CometdConsumer
+ */
+public class SslGlobalContextParametersCometdProducerConsumerTest extends CamelTestSupport {
+
+ private int port;
+ private String uri;
+
+ @Test
+ public void testProducer() throws Exception {
+ Person person = new Person("David", "Greco");
+ template.requestBody("direct:input", person);
+ MockEndpoint ep = context.getEndpoint("mock:test", MockEndpoint.class);
+ List<Exchange> exchanges = ep.getReceivedExchanges();
+ for (Exchange exchange : exchanges) {
+ Person person1 = (Person) exchange.getIn().getBody();
+ assertEquals("David", person1.getName());
+ assertEquals("Greco", person1.getSurname());
+ }
+ }
+
+ @Override
+ @Before
+ public void setUp() throws Exception {
+ port = AvailablePortFinder.getNextAvailable(23500);
+ uri = "cometds://127.0.0.1:" + port + "/service/test?baseResource=file:./target/test-classes/webapp&"
+ + "timeout=240000&interval=0&maxInterval=30000&multiFrameInterval=1500&jsonCommented=true&logLevel=2";
+
+ super.setUp();
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() throws Exception {
+ return new RouteBuilder() {
+ @Override
+ public void configure() throws Exception {
+
+ from("direct:input").to(uri);
+
+ from(uri).to("mock:test");
+ }
+ };
+ }
+
+ @Override
+ protected JndiRegistry createRegistry() throws Exception {
+ JndiRegistry registry = super.createRegistry();
+ KeyStoreParameters ksp = new KeyStoreParameters();
+ ksp.setResource("jsse/localhost.ks");
+ ksp.setPassword("changeit");
+
+ KeyManagersParameters kmp = new KeyManagersParameters();
+ kmp.setKeyPassword("changeit");
+ kmp.setKeyStore(ksp);
+
+ TrustManagersParameters tmp = new TrustManagersParameters();
+ tmp.setKeyStore(ksp);
+
+ SSLContextParameters sslContextParameters = new SSLContextParameters();
+ sslContextParameters.setKeyManagers(kmp);
+ sslContextParameters.setTrustManagers(tmp);
+ registry.bind("sslContextParametersSupplier", (GlobalSSLContextParametersSupplier) () -> sslContextParameters);
+ return registry;
+ }
+
+ public static class Person {
+
+ private String name;
+ private String surname;
+
+ Person(String name, String surname) {
+ this.name = name;
+ this.surname = surname;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public String getSurname() {
+ return surname;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public void setSurname(String surname) {
+ this.surname = surname;
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-consul/src/main/java/org/apache/camel/component/consul/ConsulComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-consul/src/main/java/org/apache/camel/component/consul/ConsulComponent.java b/components/camel-consul/src/main/java/org/apache/camel/component/consul/ConsulComponent.java
index 4597cf7..c254f9d 100644
--- a/components/camel-consul/src/main/java/org/apache/camel/component/consul/ConsulComponent.java
+++ b/components/camel-consul/src/main/java/org/apache/camel/component/consul/ConsulComponent.java
@@ -18,6 +18,7 @@ package org.apache.camel.component.consul;
import java.util.Map;
import java.util.Optional;
+import java.util.function.Supplier;
import org.apache.camel.CamelContext;
import org.apache.camel.Endpoint;
@@ -34,7 +35,9 @@ import org.apache.camel.component.consul.enpoint.ConsulSessionProducer;
import org.apache.camel.component.consul.enpoint.ConsulStatusProducer;
import org.apache.camel.impl.DefaultComponent;
import org.apache.camel.spi.Metadata;
+import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
/**
* Represents the component that manages {@link ConsulEndpoint}.
@@ -146,6 +149,11 @@ public class ConsulComponent extends DefaultComponent {
ConsulConfiguration configuration = Optional.ofNullable(this.configuration).orElseGet(ConsulConfiguration::new).copy();
configuration.setCamelContext(getCamelContext());
+ // using global ssl context parameters if set
+ if (configuration.isUseGlobalSslContextParameters() && configuration.getSslContextParameters() == null) {
+ configuration.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null));
+ }
+
setProperties(configuration, parameters);
switch (remaining) {
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-consul/src/main/java/org/apache/camel/component/consul/ConsulConfiguration.java
----------------------------------------------------------------------
diff --git a/components/camel-consul/src/main/java/org/apache/camel/component/consul/ConsulConfiguration.java b/components/camel-consul/src/main/java/org/apache/camel/component/consul/ConsulConfiguration.java
index a385ffa..f28e9f4 100644
--- a/components/camel-consul/src/main/java/org/apache/camel/component/consul/ConsulConfiguration.java
+++ b/components/camel-consul/src/main/java/org/apache/camel/component/consul/ConsulConfiguration.java
@@ -48,6 +48,8 @@ public class ConsulConfiguration implements CamelContextAware, Cloneable {
@UriParam(label = "security")
private SSLContextParameters sslContextParameters;
+ @UriParam(label = "security", defaultValue = "false")
+ private boolean useGlobalSslContextParameters = false;
@UriParam(label = "security", secret = true)
private String aclToken;
@UriParam(label = "security", secret = true)
@@ -202,6 +204,17 @@ public class ConsulConfiguration implements CamelContextAware, Cloneable {
this.sslContextParameters = sslContextParameters;
}
+ public boolean isUseGlobalSslContextParameters() {
+ return useGlobalSslContextParameters;
+ }
+
+ /**
+ * Enable usage of Camel global SSL configuration
+ */
+ public void setUseGlobalSslContextParameters(boolean useGlobalSslContextParameters) {
+ this.useGlobalSslContextParameters = useGlobalSslContextParameters;
+ }
+
public String getAclToken() {
return aclToken;
}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-cxf/src/main/java/org/apache/camel/component/cxf/CxfComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/main/java/org/apache/camel/component/cxf/CxfComponent.java b/components/camel-cxf/src/main/java/org/apache/camel/component/cxf/CxfComponent.java
index ceadd41..fee389a 100644
--- a/components/camel-cxf/src/main/java/org/apache/camel/component/cxf/CxfComponent.java
+++ b/components/camel-cxf/src/main/java/org/apache/camel/component/cxf/CxfComponent.java
@@ -17,6 +17,8 @@
package org.apache.camel.component.cxf;
import java.util.Map;
+import java.util.Optional;
+import java.util.function.Supplier;
import org.apache.camel.CamelContext;
import org.apache.camel.Endpoint;
@@ -25,6 +27,7 @@ import org.apache.camel.impl.HeaderFilterStrategyComponent;
import org.apache.camel.spi.Metadata;
import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.IntrospectionSupport;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
import org.apache.cxf.message.Message;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -116,6 +119,11 @@ public class CxfComponent extends HeaderFilterStrategyComponent {
result.setMtomEnabled(Boolean.valueOf((String) result.getProperties().get(Message.MTOM_ENABLED)));
}
+ // use global ssl config if set
+ if (result.getSslContextParameters() == null) {
+ result.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null));
+ }
+
return result;
}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-cxf/src/main/java/org/apache/camel/component/cxf/jaxrs/CxfRsComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/main/java/org/apache/camel/component/cxf/jaxrs/CxfRsComponent.java b/components/camel-cxf/src/main/java/org/apache/camel/component/cxf/jaxrs/CxfRsComponent.java
index 228ea89..8a43055 100644
--- a/components/camel-cxf/src/main/java/org/apache/camel/component/cxf/jaxrs/CxfRsComponent.java
+++ b/components/camel-cxf/src/main/java/org/apache/camel/component/cxf/jaxrs/CxfRsComponent.java
@@ -19,6 +19,8 @@ package org.apache.camel.component.cxf.jaxrs;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
+import java.util.Optional;
+import java.util.function.Supplier;
import org.apache.camel.CamelContext;
import org.apache.camel.Endpoint;
@@ -28,6 +30,7 @@ import org.apache.camel.impl.HeaderFilterStrategyComponent;
import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.CastUtils;
import org.apache.camel.util.ObjectHelper;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
import org.apache.cxf.jaxrs.AbstractJAXRSFactoryBean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -111,6 +114,12 @@ public class CxfRsComponent extends HeaderFilterStrategyComponent {
Map<String, String> params = CastUtils.cast(parameters);
answer.setParameters(params);
setEndpointHeaderFilterStrategy(answer);
+
+ // use global ssl config if set
+ if (answer.getSslContextParameters() == null) {
+ answer.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null));
+ }
+
return answer;
}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/jaxrs/CxfRsGlobalSslProducerTest.java
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/jaxrs/CxfRsGlobalSslProducerTest.java b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/jaxrs/CxfRsGlobalSslProducerTest.java
new file mode 100644
index 0000000..556dc07
--- /dev/null
+++ b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/jaxrs/CxfRsGlobalSslProducerTest.java
@@ -0,0 +1,105 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.cxf.jaxrs;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.ExchangePattern;
+import org.apache.camel.Message;
+import org.apache.camel.Processor;
+import org.apache.camel.component.cxf.CXFTestSupport;
+import org.apache.camel.component.cxf.common.message.CxfConstants;
+import org.apache.camel.component.cxf.jaxrs.testbean.Customer;
+import org.apache.camel.test.spring.CamelSpringTestSupport;
+import org.junit.Test;
+import org.springframework.context.support.AbstractXmlApplicationContext;
+import org.springframework.context.support.ClassPathXmlApplicationContext;
+
+import static org.hamcrest.core.Is.is;
+
+public class CxfRsGlobalSslProducerTest extends CamelSpringTestSupport {
+ private static int port1 = CXFTestSupport.getSslPort();
+
+ @Override
+ public boolean isCreateCamelContextPerClass() {
+ return true;
+ }
+
+ public int getPort1() {
+ return port1;
+ }
+
+ @Override
+ protected AbstractXmlApplicationContext createApplicationContext() {
+ return new ClassPathXmlApplicationContext("org/apache/camel/component/cxf/jaxrs/CxfRsSpringGlobalSslProducer.xml");
+ }
+
+ protected void setupDestinationURL(Message inMessage) {
+ // do nothing here
+ }
+
+ @Test
+ public void testCorrectTrustStore() {
+ Exchange exchange = template.send("direct://trust", new CxfRsGlobalSslProducerTest.MyProcessor());
+
+ // get the response message
+ Customer response = (Customer) exchange.getOut().getBody();
+
+ assertNotNull("The response should not be null ", response);
+ assertEquals("Get a wrong customer id ", String.valueOf(response.getId()), "123");
+ assertEquals("Get a wrong customer name", response.getName(), "John");
+ assertEquals("Get a wrong response code", 200, exchange.getOut().getHeader(Exchange.HTTP_RESPONSE_CODE));
+ assertEquals("Get a wrong header value", "value", exchange.getOut().getHeader("key"));
+ }
+
+ @Test
+ public void testNoTrustStore() {
+ Exchange exchange = template.send("direct://noTrust", new CxfRsGlobalSslProducerTest.MyProcessor());
+ assertThat(exchange.isFailed(), is(true));
+ Exception e = exchange.getException();
+ assertThat(e.getCause().getClass().getCanonicalName(), is("javax.net.ssl.SSLHandshakeException"));
+ }
+
+ @Test
+ public void testWrongTrustStore() {
+ Exchange exchange = template.send("direct://wrongTrust", new CxfRsGlobalSslProducerTest.MyProcessor());
+ assertThat(exchange.isFailed(), is(true));
+ Exception e = exchange.getException();
+ assertThat(e.getCause().getClass().getCanonicalName(), is("javax.net.ssl.SSLHandshakeException"));
+ }
+
+ private class MyProcessor implements Processor {
+
+ @Override
+ public void process(Exchange exchange) throws Exception {
+ exchange.setPattern(ExchangePattern.InOut);
+ Message inMessage = exchange.getIn();
+ setupDestinationURL(inMessage);
+ // using the http central client API
+ inMessage.setHeader(CxfConstants.CAMEL_CXF_RS_USING_HTTP_API, Boolean.TRUE);
+ // set the Http method
+ inMessage.setHeader(Exchange.HTTP_METHOD, "GET");
+ // set the relative path
+ inMessage.setHeader(Exchange.HTTP_PATH, "/customerservice/customers/123");
+ // Specify the response class , cxfrs will use InputStream as the response object type
+ inMessage.setHeader(CxfConstants.CAMEL_CXF_RS_RESPONSE_CLASS, Customer.class);
+ // set a customer header
+ inMessage.setHeader("key", "value");
+ // since we use the Get method, so we don't need to set the message body
+ inMessage.setBody(null);
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/ssl/SslGlobalTest.java
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/ssl/SslGlobalTest.java b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/ssl/SslGlobalTest.java
new file mode 100644
index 0000000..a7ead6d
--- /dev/null
+++ b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/ssl/SslGlobalTest.java
@@ -0,0 +1,91 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.cxf.ssl;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.Processor;
+import org.apache.camel.component.cxf.CXFTestSupport;
+import org.apache.camel.component.cxf.common.message.CxfConstants;
+import org.apache.camel.test.spring.CamelSpringTestSupport;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.springframework.context.support.AbstractXmlApplicationContext;
+import org.springframework.context.support.ClassPathXmlApplicationContext;
+
+import static org.hamcrest.core.Is.is;
+
+public class SslGlobalTest extends CamelSpringTestSupport {
+
+ protected static final String GREET_ME_OPERATION = "greetMe";
+ protected static final String TEST_MESSAGE = "Hello World!";
+ protected static final String JAXWS_SERVER_ADDRESS
+ = "https://localhost:" + CXFTestSupport.getPort1() + "/CxfSslTest/SoapContext/SoapPort";
+
+ @Override
+ public boolean isCreateCamelContextPerClass() {
+ return true;
+ }
+
+ @AfterClass
+ public static void cleanUp() {
+ //System.clearProperty("cxf.config.file");
+ }
+
+ @BeforeClass
+ public static void startService() {
+ //System.getProperties().put("cxf.config.file", "/org/apache/camel/component/cxf/CxfSslContext.xml");
+ //Greeter implementor = new GreeterImpl();
+ //Endpoint.publish(JAXWS_SERVER_ADDRESS, implementor);
+ }
+
+ @Test
+ public void testInvokingTrustRoute() throws Exception {
+ Exchange reply = sendJaxWsMessage("direct:trust");
+ assertFalse("We expect no exception here", reply.isFailed());
+ }
+
+ @Test
+ public void testInvokingWrongTrustRoute() throws Exception {
+ Exchange reply = sendJaxWsMessage("direct:wrongTrust");
+ assertTrue("We expect the exception here", reply.isFailed());
+ Throwable e = reply.getException().getCause();
+ assertThat(e.getClass().getCanonicalName(), is("javax.net.ssl.SSLHandshakeException"));
+ }
+
+ protected Exchange sendJaxWsMessage(String endpointUri) throws InterruptedException {
+ Exchange exchange = template.send(endpointUri, new Processor() {
+ public void process(final Exchange exchange) {
+ final List<String> params = new ArrayList<String>();
+ params.add(TEST_MESSAGE);
+ exchange.getIn().setBody(params);
+ exchange.getIn().setHeader(CxfConstants.OPERATION_NAME, GREET_ME_OPERATION);
+ }
+ });
+ return exchange;
+ }
+
+ @Override
+ protected AbstractXmlApplicationContext createApplicationContext() {
+ // we can put the http conduit configuration here
+ return new ClassPathXmlApplicationContext("org/apache/camel/component/cxf/CxfGlobalSslContext.xml");
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/util/CxfSSLContextParameterSupplier.java
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/util/CxfSSLContextParameterSupplier.java b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/util/CxfSSLContextParameterSupplier.java
new file mode 100644
index 0000000..a75f956
--- /dev/null
+++ b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/util/CxfSSLContextParameterSupplier.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2016 Red Hat, Inc.
+ *
+ * Red Hat licenses this file to you under the Apache License, version
+ * 2.0 (the "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ * implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+package org.apache.camel.component.cxf.util;
+
+import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
+
+/**
+ * Class for binding a SSSLContextParametersSupplier to the registry.
+ */
+public class CxfSSLContextParameterSupplier implements GlobalSSLContextParametersSupplier {
+
+ private SSLContextParameters sslContextParameters;
+
+ public CxfSSLContextParameterSupplier() {
+ }
+
+ public SSLContextParameters getSslContextParameters() {
+ return sslContextParameters;
+ }
+
+ public void setSslContextParameters(SSLContextParameters sslContextParameters) {
+ this.sslContextParameters = sslContextParameters;
+ }
+
+ @Override
+ public SSLContextParameters get() {
+ return sslContextParameters;
+ }
+}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/CxfGlobalSslContext.xml
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/CxfGlobalSslContext.xml b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/CxfGlobalSslContext.xml
new file mode 100644
index 0000000..f1ac637
--- /dev/null
+++ b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/CxfGlobalSslContext.xml
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:cxf="http://camel.apache.org/schema/cxf"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
+ http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+">
+
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <httpj:engine-factory bus="cxf">
+ <!-- you just need to specify the TLS Server configuration for the certain port -->
+ <httpj:engine port="${CXFTestSupport.sslPort}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="changeit">
+ <sec:keyStore type="JKS" password="changeit"
+ resource="/ssl/keystore-server.jks"/>
+ </sec:keyManagers>
+ <sec:clientAuthentication want="false" required="false"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <import resource="classpath:META-INF/cxf/cxf.xml"/>
+
+ <sslContextParameters xmlns="http://camel.apache.org/schema/spring"
+ id="wrongSslContext">
+ <trustManagers>
+ <keyStore type="JKS" resource="/ssl/truststore-wrong.jks"
+ password="changeit"/>
+ </trustManagers>
+ </sslContextParameters>
+ <sslContextParameters xmlns="http://camel.apache.org/schema/spring"
+ id="mySslContext">
+ <trustManagers>
+ <keyStore type="JKS" resource="/ssl/truststore-client.jks"
+ password="changeit"/>
+ </trustManagers>
+ </sslContextParameters>
+ <bean id="sslContextParametersSupplier" class="org.apache.camel.component.cxf.util.CxfSSLContextParameterSupplier">
+ <property name="sslContextParameters" ref="mySslContext" />
+ </bean>
+
+ <bean id="defaultHostnameVerifier"
+ class="org.apache.cxf.transport.https.httpclient.DefaultHostnameVerifier"/>
+
+ <cxf:cxfEndpoint id="springEndpoint"
+ address="https://localhost:${CXFTestSupport.sslPort}/CxfSslTest/SoapContext/SoapPort"
+ serviceClass="org.apache.hello_world_soap_http.Greeter"/>
+
+ <bean id="greeter" class="org.apache.camel.component.cxf.GreeterImpl"/>
+ <camelContext id="camel" xmlns="http://camel.apache.org/schema/spring" errorHandlerRef="noErrorHandler">
+ <route errorHandlerRef="noErrorHandler">
+ <from uri="cxf:bean:springEndpoint"/>
+ <to uri="bean:greeter?method=greetMe"/>
+ </route>
+
+ <route errorHandlerRef="noErrorHandler">
+ <from uri="direct:trust"/>
+ <to uri="cxf:bean:springEndpoint?hostnameVerifier=#defaultHostnameVerifier"/>
+ </route>
+
+ <route errorHandlerRef="noErrorHandler">
+ <from uri="direct:wrongTrust"/>
+ <to uri="cxf:bean:springEndpoint?sslContextParameters=#wrongSslContext&hostnameVerifier=#defaultHostnameVerifier"/>
+ </route>
+
+ </camelContext>
+
+ <bean id="noErrorHandler" class="org.apache.camel.builder.NoErrorHandlerBuilder"/>
+
+</beans>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/jaxrs/CxfRsSpringGlobalSslProducer.xml
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/jaxrs/CxfRsSpringGlobalSslProducer.xml b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/jaxrs/CxfRsSpringGlobalSslProducer.xml
new file mode 100644
index 0000000..8d3c11f
--- /dev/null
+++ b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/jaxrs/CxfRsSpringGlobalSslProducer.xml
@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:cxf="http://camel.apache.org/schema/cxf"
+ xmlns:jaxrs="http://cxf.apache.org/jaxrs"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
+ http://cxf.apache.org/jaxrs http://cxf.apache.org/schemas/jaxrs.xsd
+ http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+ ">
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <import resource="classpath:META-INF/cxf/cxf.xml"/>
+
+ <httpj:engine-factory bus="cxf">
+ <!-- you just need to specify the TLS Server configuration for the certain port -->
+ <httpj:engine port="${CXFTestSupport.sslPort}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="changeit">
+ <sec:keyStore type="JKS" password="changeit"
+ resource="/ssl/keystore-server.jks"/>
+ </sec:keyManagers>
+ <sec:clientAuthentication want="false" required="false"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <jaxrs:server id="restService"
+ address="https://localhost:${CXFTestSupport.sslPort}/CxfRsProducerTest/"
+ staticSubresourceResolution="true">
+ <jaxrs:serviceBeans>
+ <ref bean="customerService"/>
+ </jaxrs:serviceBeans>
+ </jaxrs:server>
+
+ <sslContextParameters xmlns="http://camel.apache.org/schema/spring"
+ id="wrongSslContext">
+ <trustManagers>
+ <keyStore type="JKS" resource="/ssl/truststore-wrong.jks"
+ password="changeit"/>
+ </trustManagers>
+ </sslContextParameters>
+ <sslContextParameters xmlns="http://camel.apache.org/schema/spring"
+ id="mySslContext">
+ <trustManagers>
+ <keyStore type="JKS" resource="/ssl/truststore-client.jks"
+ password="changeit"/>
+ </trustManagers>
+ </sslContextParameters>
+ <bean id="sslContextParametersSupplier" class="org.apache.camel.component.cxf.util.CxfSSLContextParameterSupplier">
+ <property name="sslContextParameters" ref="mySslContext" />
+ </bean>
+
+ <bean id="defaultHostnameVerifier"
+ class="org.apache.cxf.transport.https.httpclient.DefaultHostnameVerifier"/>
+
+ <bean id="customerService" class="org.apache.camel.component.cxf.jaxrs.testbean.CustomerService"/>
+
+ <cxf:rsClient id="rsClientHttp" address="https://localhost:${CXFTestSupport.sslPort}/CxfRsProducerTest/"/>
+
+ <camelContext id="camel" xmlns="http://camel.apache.org/schema/spring">
+ <route>
+ <from uri="direct://trust"/>
+ <to uri="cxfrs://bean://rsClientHttp?hostnameVerifier=#defaultHostnameVerifier&synchronous=true"/>
+ </route>
+ <route>
+ <from uri="direct://wrongTrust"/>
+ <to uri="cxfrs://bean://rsClientHttp?sslContextParameters=#wrongSslContext&hostnameVerifier=#defaultHostnameVerifier&synchronous=true"/>
+ </route>
+ <route>
+ <from uri="direct://noTrust"/>
+ <to uri="cxfrs://bean://rsClientHttp?sslContextParameters=#wrongSslContext&hostnameVerifier=#defaultHostnameVerifier&synchronous=true"/>
+ </route>
+ </camelContext>
+
+</beans>
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-etcd/src/main/docs/etcd-component.adoc
----------------------------------------------------------------------
diff --git a/components/camel-etcd/src/main/docs/etcd-component.adoc b/components/camel-etcd/src/main/docs/etcd-component.adoc
index 9dd4c5f..519b7b6 100644
--- a/components/camel-etcd/src/main/docs/etcd-component.adoc
+++ b/components/camel-etcd/src/main/docs/etcd-component.adoc
@@ -46,7 +46,7 @@ with the following path and query parameters:
| **path** | The path the endpoint refers to | | String
|=======================================================================
-#### Query Parameters (29 parameters):
+#### Query Parameters (30 parameters):
[width="100%",cols="2,5,^1,2",options="header"]
|=======================================================================
@@ -79,6 +79,7 @@ with the following path and query parameters:
| **useFixedDelay** (scheduler) | Controls if fixed delay or fixed rate is used. See ScheduledExecutorService in JDK for details. | true | boolean
| **password** (security) | The password to use for basic authentication. | | String
| **sslContextParameters** (security) | To configure security using SSLContextParameters. | | SSLContextParameters
+| **useGlobalSslContext Parameters** (security) | Enable usage of Camel global SSL parameters. | false | boolean
| **userName** (security) | The user name to use for basic authentication. | | String
|=======================================================================
// endpoint options: END
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-etcd/src/main/java/org/apache/camel/component/etcd/EtcdComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-etcd/src/main/java/org/apache/camel/component/etcd/EtcdComponent.java b/components/camel-etcd/src/main/java/org/apache/camel/component/etcd/EtcdComponent.java
index fb41736..2a91147 100644
--- a/components/camel-etcd/src/main/java/org/apache/camel/component/etcd/EtcdComponent.java
+++ b/components/camel-etcd/src/main/java/org/apache/camel/component/etcd/EtcdComponent.java
@@ -18,13 +18,16 @@ package org.apache.camel.component.etcd;
import java.util.Map;
import java.util.Optional;
+import java.util.function.Supplier;
import org.apache.camel.CamelContext;
import org.apache.camel.Endpoint;
import org.apache.camel.impl.DefaultComponent;
import org.apache.camel.spi.Metadata;
+import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.StringHelper;
import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
/**
* Represents the component that manages {@link AbstractEtcdEndpoint}.
@@ -147,6 +150,10 @@ public class EtcdComponent extends DefaultComponent {
setProperties(configuration, parameters);
+ if (configuration.isUseGlobalSslContextParameters() && configuration.getSslContextParameters() == null) {
+ configuration.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null));
+ }
+
return configuration;
}
}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-etcd/src/main/java/org/apache/camel/component/etcd/EtcdConfiguration.java
----------------------------------------------------------------------
diff --git a/components/camel-etcd/src/main/java/org/apache/camel/component/etcd/EtcdConfiguration.java b/components/camel-etcd/src/main/java/org/apache/camel/component/etcd/EtcdConfiguration.java
index 21ca7f6..92ea889 100644
--- a/components/camel-etcd/src/main/java/org/apache/camel/component/etcd/EtcdConfiguration.java
+++ b/components/camel-etcd/src/main/java/org/apache/camel/component/etcd/EtcdConfiguration.java
@@ -32,6 +32,8 @@ public class EtcdConfiguration implements CamelContextAware, Cloneable {
private String uris = EtcdConstants.ETCD_DEFAULT_URIS;
@UriParam(label = "security")
private SSLContextParameters sslContextParameters;
+ @UriParam(label = "security", defaultValue = "false")
+ private boolean useGlobalSslContextParameters;
@UriParam(label = "security", secret = true)
private String userName;
@UriParam(label = "security", secret = true)
@@ -91,6 +93,17 @@ public class EtcdConfiguration implements CamelContextAware, Cloneable {
this.sslContextParameters = sslContextParameters;
}
+ public boolean isUseGlobalSslContextParameters() {
+ return useGlobalSslContextParameters;
+ }
+
+ /**
+ * Enable usage of Camel global SSL parameters.
+ */
+ public void setUseGlobalSslContextParameters(boolean useGlobalSslContextParameters) {
+ this.useGlobalSslContextParameters = useGlobalSslContextParameters;
+ }
+
public String getUserName() {
return userName;
}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/FtpsComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/FtpsComponent.java b/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/FtpsComponent.java
index 31f3c99..18db183 100644
--- a/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/FtpsComponent.java
+++ b/components/camel-ftp/src/main/java/org/apache/camel/component/file/remote/FtpsComponent.java
@@ -18,10 +18,14 @@ package org.apache.camel.component.file.remote;
import java.net.URI;
import java.util.Map;
+import java.util.Optional;
+import java.util.function.Supplier;
import org.apache.camel.CamelContext;
import org.apache.camel.component.file.GenericFileEndpoint;
+import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.IntrospectionSupport;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
import org.apache.commons.net.ftp.FTPFile;
/**
@@ -57,7 +61,11 @@ public class FtpsComponent extends FtpComponent {
extractAndSetFtpClientTrustStoreParameters(parameters, endpoint);
extractAndSetFtpClientConfigParameters(parameters, endpoint);
extractAndSetFtpClientParameters(parameters, endpoint);
-
+
+ if (endpoint.getSslContextParameters() == null) {
+ endpoint.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null));
+ }
+
return endpoint;
}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/FileToFtpsExplicitSSLWithoutClientAuthAndGlobalSSLContextParametersTest.java
----------------------------------------------------------------------
diff --git a/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/FileToFtpsExplicitSSLWithoutClientAuthAndGlobalSSLContextParametersTest.java b/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/FileToFtpsExplicitSSLWithoutClientAuthAndGlobalSSLContextParametersTest.java
new file mode 100644
index 0000000..0fddab2
--- /dev/null
+++ b/components/camel-ftp/src/test/java/org/apache/camel/component/file/remote/FileToFtpsExplicitSSLWithoutClientAuthAndGlobalSSLContextParametersTest.java
@@ -0,0 +1,49 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.file.remote;
+
+import org.apache.camel.impl.JndiRegistry;
+import org.apache.camel.util.jsse.KeyStoreParameters;
+import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
+import org.apache.camel.util.jsse.TrustManagersParameters;
+
+public class FileToFtpsExplicitSSLWithoutClientAuthAndGlobalSSLContextParametersTest extends FileToFtpsExplicitSSLWithoutClientAuthTest {
+
+ @Override
+ protected JndiRegistry createRegistry() throws Exception {
+ KeyStoreParameters ksp = new KeyStoreParameters();
+ ksp.setResource("server.jks");
+ ksp.setPassword("password");
+
+ TrustManagersParameters tmp = new TrustManagersParameters();
+ tmp.setKeyStore(ksp);
+
+ SSLContextParameters sslContextParameters = new SSLContextParameters();
+ sslContextParameters.setSecureSocketProtocol("SSL");
+ sslContextParameters.setTrustManagers(tmp);
+
+ JndiRegistry registry = super.createRegistry();
+ registry.bind("sslContextParametersSupplier", (GlobalSSLContextParametersSupplier) () -> sslContextParameters);
+ return registry;
+ }
+
+ protected String getFtpUrl() {
+ return "ftps://admin@localhost:" + getPort() + "/tmp2/camel?password=admin&consumer.initialDelay=2000&disableSecureDataChannelDefaults=true"
+ + "&isImplicit=false&delete=true";
+ }
+}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java b/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java
index 072d6f2..523031d 100644
--- a/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java
+++ b/components/camel-http4/src/main/java/org/apache/camel/component/http4/HttpComponent.java
@@ -23,7 +23,7 @@ import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
-
+import java.util.function.Supplier;
import javax.net.ssl.HostnameVerifier;
import org.apache.camel.CamelContext;
@@ -40,6 +40,7 @@ import org.apache.camel.http.common.UrlRewrite;
import org.apache.camel.spi.HeaderFilterStrategy;
import org.apache.camel.spi.Metadata;
import org.apache.camel.spi.RestProducerFactory;
+import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.FileUtil;
import org.apache.camel.util.IntrospectionSupport;
import org.apache.camel.util.ObjectHelper;
@@ -47,6 +48,7 @@ import org.apache.camel.util.ServiceHelper;
import org.apache.camel.util.URISupport;
import org.apache.camel.util.UnsafeUriCharactersEncoder;
import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
import org.apache.http.client.CookieStore;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.config.Registry;
@@ -185,6 +187,9 @@ public class HttpComponent extends HttpCommonComponent implements RestProducerFa
if (sslContextParameters == null) {
sslContextParameters = getSslContextParameters();
}
+ if (sslContextParameters == null) {
+ sslContextParameters = Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null);
+ }
String httpMethodRestrict = getAndRemoveParameter(parameters, "httpMethodRestrict", String.class);
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-irc/src/main/java/org/apache/camel/component/irc/IrcComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-irc/src/main/java/org/apache/camel/component/irc/IrcComponent.java b/components/camel-irc/src/main/java/org/apache/camel/component/irc/IrcComponent.java
index ef89aba..cee3886 100644
--- a/components/camel-irc/src/main/java/org/apache/camel/component/irc/IrcComponent.java
+++ b/components/camel-irc/src/main/java/org/apache/camel/component/irc/IrcComponent.java
@@ -18,9 +18,14 @@ package org.apache.camel.component.irc;
import java.util.HashMap;
import java.util.Map;
+import java.util.Optional;
+import java.util.function.Supplier;
import org.apache.camel.RuntimeCamelException;
import org.apache.camel.impl.UriEndpointComponent;
+import org.apache.camel.util.CamelContextHelper;
+import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
import org.schwering.irc.lib.IRCConnection;
import org.schwering.irc.lib.IRCEventListener;
import org.schwering.irc.lib.ssl.SSLIRCConnection;
@@ -30,7 +35,7 @@ import org.slf4j.LoggerFactory;
/**
* Defines the <a href="http://camel.apache.org/irc.html">IRC Component</a>
*
- * @version
+ * @version
*/
public class IrcComponent extends UriEndpointComponent {
private static final Logger LOG = LoggerFactory.getLogger(IrcComponent.class);
@@ -69,16 +74,21 @@ public class IrcComponent extends UriEndpointComponent {
IRCEventListener ircLogger;
if (configuration.getUsingSSL()) {
-
+
if (LOG.isDebugEnabled()) {
LOG.debug("Creating SSL Connection to {} destination(s): {} nick: {} user: {}",
new Object[]{configuration.getHostname(), configuration.getListOfChannels(), configuration.getNickname(), configuration.getUsername()});
}
-
- if (configuration.getSslContextParameters() != null) {
+
+ SSLContextParameters sslParams = configuration.getSslContextParameters();
+ if (sslParams == null) {
+ sslParams = Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null);
+ }
+
+ if (sslParams != null) {
conn = new CamelSSLIRCConnection(configuration.getHostname(), configuration.getPorts(), configuration.getPassword(),
configuration.getNickname(), configuration.getUsername(), configuration.getRealname(),
- configuration.getSslContextParameters(), getCamelContext());
+ sslParams, getCamelContext());
} else {
SSLIRCConnection sconn = new SSLIRCConnection(configuration.getHostname(), configuration.getPorts(), configuration.getPassword(),
configuration.getNickname(), configuration.getUsername(), configuration.getRealname());
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-irc/src/main/java/org/apache/camel/component/irc/IrcConfiguration.java
----------------------------------------------------------------------
diff --git a/components/camel-irc/src/main/java/org/apache/camel/component/irc/IrcConfiguration.java b/components/camel-irc/src/main/java/org/apache/camel/component/irc/IrcConfiguration.java
index abaeb65..a953abd 100644
--- a/components/camel-irc/src/main/java/org/apache/camel/component/irc/IrcConfiguration.java
+++ b/components/camel-irc/src/main/java/org/apache/camel/component/irc/IrcConfiguration.java
@@ -448,7 +448,7 @@ public class IrcConfiguration implements Cloneable {
public void setSslContextParameters(SSLContextParameters sslContextParameters) {
this.sslContextParameters = sslContextParameters;
}
-
+
/**
* Your IRC server nickname password.
*/
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java b/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java
index 6e7e667..3e16d04 100644
--- a/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java
+++ b/components/camel-jetty-common/src/main/java/org/apache/camel/component/jetty/JettyHttpComponent.java
@@ -29,6 +29,8 @@ import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
+import java.util.Optional;
+import java.util.function.Supplier;
import javax.management.MBeanServer;
import javax.servlet.Filter;
import javax.servlet.RequestDispatcher;
@@ -58,6 +60,7 @@ import org.apache.camel.spi.RestApiConsumerFactory;
import org.apache.camel.spi.RestConfiguration;
import org.apache.camel.spi.RestConsumerFactory;
import org.apache.camel.spi.RestProducerFactory;
+import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.FileUtil;
import org.apache.camel.util.HostUtils;
import org.apache.camel.util.IntrospectionSupport;
@@ -66,6 +69,7 @@ import org.apache.camel.util.ServiceHelper;
import org.apache.camel.util.URISupport;
import org.apache.camel.util.UnsafeUriCharactersEncoder;
import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.client.HttpClientTransport;
import org.eclipse.jetty.client.http.HttpClientTransportOverHTTP;
@@ -185,6 +189,7 @@ public abstract class JettyHttpComponent extends HttpCommonComponent implements
UrlRewrite urlRewrite = resolveAndRemoveReferenceParameter(parameters, "urlRewrite", UrlRewrite.class);
SSLContextParameters sslContextParameters = resolveAndRemoveReferenceParameter(parameters, "sslContextParameters", SSLContextParameters.class);
SSLContextParameters ssl = sslContextParameters != null ? sslContextParameters : this.sslContextParameters;
+ ssl = ssl != null ? ssl : Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null);
String proxyHost = getAndRemoveParameter(parameters, "proxyHost", String.class, getProxyHost());
Integer proxyPort = getAndRemoveParameter(parameters, "proxyPort", Integer.class, getProxyPort());
Integer httpClientMinThreads = getAndRemoveParameter(parameters, "httpClientMinThreads", Integer.class, this.httpClientMinThreads);
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-kafka/src/main/docs/kafka-component.adoc
----------------------------------------------------------------------
diff --git a/components/camel-kafka/src/main/docs/kafka-component.adoc b/components/camel-kafka/src/main/docs/kafka-component.adoc
index dcfe7c8..659bb9a 100644
--- a/components/camel-kafka/src/main/docs/kafka-component.adoc
+++ b/components/camel-kafka/src/main/docs/kafka-component.adoc
@@ -65,7 +65,7 @@ with the following path and query parameters:
| **topic** | *Required* Name of the topic to use. On the consumer you can use comma to separate multiple topics. A producer can only send a message to a single topic. | | String
|=======================================================================
-#### Query Parameters (82 parameters):
+#### Query Parameters (83 parameters):
[width="100%",cols="2,5,^1,2",options="header"]
|=======================================================================
@@ -152,6 +152,7 @@ with the following path and query parameters:
| **sslTruststoreLocation** (security) | The location of the trust store file. | | String
| **sslTruststorePassword** (security) | The password for the trust store file. | | String
| **sslTruststoreType** (security) | The file format of the trust store file. Default value is JKS. | JKS | String
+| **useGlobalSslContext Parameters** (security) | Enable usage of Camel global SSL config | false | boolean
|=======================================================================
// endpoint options: END
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-kafka/src/main/java/org/apache/camel/component/kafka/KafkaComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-kafka/src/main/java/org/apache/camel/component/kafka/KafkaComponent.java b/components/camel-kafka/src/main/java/org/apache/camel/component/kafka/KafkaComponent.java
index ca375df..f525b72 100644
--- a/components/camel-kafka/src/main/java/org/apache/camel/component/kafka/KafkaComponent.java
+++ b/components/camel-kafka/src/main/java/org/apache/camel/component/kafka/KafkaComponent.java
@@ -17,13 +17,17 @@
package org.apache.camel.component.kafka;
import java.util.Map;
+import java.util.Optional;
import java.util.concurrent.ExecutorService;
+import java.util.function.Supplier;
import org.apache.camel.CamelContext;
import org.apache.camel.Exchange;
import org.apache.camel.impl.UriEndpointComponent;
import org.apache.camel.spi.Metadata;
+import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.ObjectHelper;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
public class KafkaComponent extends UriEndpointComponent {
@@ -61,6 +65,11 @@ public class KafkaComponent extends UriEndpointComponent {
setProperties(endpoint.getConfiguration(), params);
setProperties(endpoint, params);
+
+ if (endpoint.getConfiguration().isUseGlobalSslContextParameters() && endpoint.getConfiguration().getSslContextParameters() == null) {
+ endpoint.getConfiguration().setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null));
+ }
+
return endpoint;
}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-kafka/src/main/java/org/apache/camel/component/kafka/KafkaConfiguration.java
----------------------------------------------------------------------
diff --git a/components/camel-kafka/src/main/java/org/apache/camel/component/kafka/KafkaConfiguration.java b/components/camel-kafka/src/main/java/org/apache/camel/component/kafka/KafkaConfiguration.java
index 0bf2135..65d2728 100644
--- a/components/camel-kafka/src/main/java/org/apache/camel/component/kafka/KafkaConfiguration.java
+++ b/components/camel-kafka/src/main/java/org/apache/camel/component/kafka/KafkaConfiguration.java
@@ -202,6 +202,8 @@ public class KafkaConfiguration implements Cloneable {
// SSL
@UriParam(label = "common,security")
private SSLContextParameters sslContextParameters;
+ @UriParam(label = "common,security", defaultValue = "false")
+ private boolean useGlobalSslContextParameters;
// SSL
// ssl.key.password
@UriParam(label = "producer,security", secret = true)
@@ -414,6 +416,7 @@ public class KafkaConfiguration implements Cloneable {
* @param sslContextParameters SSL configuration
*/
private void applySslConfiguration(Properties props, SSLContextParameters sslContextParameters) {
+
if (sslContextParameters != null) {
addPropertyIfNotNull(props, SslConfigs.SSL_PROTOCOL_CONFIG, sslContextParameters.getSecureSocketProtocol());
addPropertyIfNotNull(props, SslConfigs.SSL_PROVIDER_CONFIG, sslContextParameters.getProvider());
@@ -955,6 +958,17 @@ public class KafkaConfiguration implements Cloneable {
this.sslContextParameters = sslContextParameters;
}
+ public boolean isUseGlobalSslContextParameters() {
+ return useGlobalSslContextParameters;
+ }
+
+ /**
+ * Enable usage of Camel global SSL config
+ */
+ public void setUseGlobalSslContextParameters(boolean useGlobalSslContextParameters) {
+ this.useGlobalSslContextParameters = useGlobalSslContextParameters;
+ }
+
public String getSslKeyPassword() {
return sslKeyPassword;
}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-lumberjack/src/main/docs/lumberjack-component.adoc
----------------------------------------------------------------------
diff --git a/components/camel-lumberjack/src/main/docs/lumberjack-component.adoc b/components/camel-lumberjack/src/main/docs/lumberjack-component.adoc
index 4336d86..bbd89c2 100644
--- a/components/camel-lumberjack/src/main/docs/lumberjack-component.adoc
+++ b/components/camel-lumberjack/src/main/docs/lumberjack-component.adoc
@@ -37,7 +37,7 @@ You can append query options to the URI in the following format,
// component options: START
-The Lumberjack component supports 2 options which are listed below.
+The Lumberjack component supports 3 options which are listed below.
@@ -45,6 +45,7 @@ The Lumberjack component supports 2 options which are listed below.
|=======================================================================
| Name | Description | Default | Type
| **sslContextParameters** (security) | Sets the default SSL configuration to use for all the endpoints. You can also configure it directly at the endpoint level. | | SSLContextParameters
+| **useGlobalSslContext Parameters** (security) | Enable usage of Camel global SSL parameters | false | boolean
| **resolveProperty Placeholders** (advanced) | Whether the component should resolve property placeholders on itself when starting. Only properties which are of String type can use property placeholders. | true | boolean
|=======================================================================
// component options: END
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-lumberjack/src/main/java/org/apache/camel/component/lumberjack/LumberjackComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-lumberjack/src/main/java/org/apache/camel/component/lumberjack/LumberjackComponent.java b/components/camel-lumberjack/src/main/java/org/apache/camel/component/lumberjack/LumberjackComponent.java
index 6f01ea8..e7c3257 100644
--- a/components/camel-lumberjack/src/main/java/org/apache/camel/component/lumberjack/LumberjackComponent.java
+++ b/components/camel-lumberjack/src/main/java/org/apache/camel/component/lumberjack/LumberjackComponent.java
@@ -17,11 +17,15 @@
package org.apache.camel.component.lumberjack;
import java.util.Map;
+import java.util.Optional;
+import java.util.function.Supplier;
import org.apache.camel.Endpoint;
import org.apache.camel.impl.UriEndpointComponent;
import org.apache.camel.spi.Metadata;
+import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
/**
* The class is the Camel component for the Lumberjack server
@@ -32,6 +36,9 @@ public class LumberjackComponent extends UriEndpointComponent {
@Metadata(label = "security")
private SSLContextParameters sslContextParameters;
+ @Metadata(label = "security", defaultValue = "false")
+ private boolean useGlobalSslContextParameters;
+
public LumberjackComponent() {
this(LumberjackEndpoint.class);
}
@@ -55,8 +62,13 @@ public class LumberjackComponent extends UriEndpointComponent {
}
// Create the endpoint
- Endpoint answer = new LumberjackEndpoint(uri, this, host, port);
+ LumberjackEndpoint answer = new LumberjackEndpoint(uri, this, host, port);
setProperties(answer, parameters);
+
+ if (isUseGlobalSslContextParameters() && answer.getSslContextParameters() == null) {
+ answer.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null));
+ }
+
return answer;
}
@@ -71,4 +83,16 @@ public class LumberjackComponent extends UriEndpointComponent {
public void setSslContextParameters(SSLContextParameters sslContextParameters) {
this.sslContextParameters = sslContextParameters;
}
+
+ public boolean isUseGlobalSslContextParameters() {
+ return useGlobalSslContextParameters;
+ }
+
+ /**
+ * Enable usage of Camel global SSL parameters
+ */
+ public void setUseGlobalSslContextParameters(boolean useGlobalSslContextParameters) {
+ this.useGlobalSslContextParameters = useGlobalSslContextParameters;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-lumberjack/src/test/java/org/apache/camel/component/lumberjack/LumberjackComponentGlobalSSLTest.java
----------------------------------------------------------------------
diff --git a/components/camel-lumberjack/src/test/java/org/apache/camel/component/lumberjack/LumberjackComponentGlobalSSLTest.java b/components/camel-lumberjack/src/test/java/org/apache/camel/component/lumberjack/LumberjackComponentGlobalSSLTest.java
new file mode 100644
index 0000000..8709e86
--- /dev/null
+++ b/components/camel-lumberjack/src/test/java/org/apache/camel/component/lumberjack/LumberjackComponentGlobalSSLTest.java
@@ -0,0 +1,113 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.lumberjack;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.mock.MockEndpoint;
+import org.apache.camel.impl.JndiRegistry;
+import org.apache.camel.test.AvailablePortFinder;
+import org.apache.camel.test.junit4.CamelTestSupport;
+import org.apache.camel.util.jsse.KeyManagersParameters;
+import org.apache.camel.util.jsse.KeyStoreParameters;
+import org.apache.camel.util.jsse.SSLContextParameters;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
+import org.apache.camel.util.jsse.TrustManagersParameters;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class LumberjackComponentGlobalSSLTest extends CamelTestSupport {
+ private static int port;
+
+ @BeforeClass
+ public static void beforeClass() {
+ port = AvailablePortFinder.getNextAvailable();
+ }
+
+ @Override
+ protected JndiRegistry createRegistry() throws Exception {
+ JndiRegistry registry = super.createRegistry();
+ registry.bind("sslSupplier", (GlobalSSLContextParametersSupplier) () -> createServerSSLContextParameters());
+ return registry;
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() {
+ return new RouteBuilder() {
+ public void configure() {
+
+ LumberjackComponent component = (LumberjackComponent) context().getComponent("lumberjack");
+ component.setUseGlobalSslContextParameters(true);
+
+ // Lumberjack configured with SSL
+ from("lumberjack:0.0.0.0:" + port).to("mock:output");
+ }
+ };
+ }
+
+ @Test
+ public void shouldListenToMessagesOverSSL() throws Exception {
+ // We're expecting 25 messages with Maps
+ MockEndpoint mock = getMockEndpoint("mock:output");
+ mock.expectedMessageCount(25);
+ mock.allMessages().body().isInstanceOf(Map.class);
+
+ // When sending messages
+ List<Integer> responses = LumberjackUtil.sendMessages(port, createClientSSLContextParameters());
+
+ // Then we should have the messages we're expecting
+ mock.assertIsSatisfied();
+
+ // And we should have replied with 2 acknowledgments for each window frame
+ assertEquals(Arrays.asList(10, 15), responses);
+ }
+
+ /**
+ * Creates the {@link SSLContextParameters} Camel object for the Lumberjack component
+ *
+ * @return The {@link SSLContextParameters} Camel object for the Lumberjack component
+ */
+ private SSLContextParameters createServerSSLContextParameters() {
+ SSLContextParameters sslContextParameters = new SSLContextParameters();
+
+ KeyManagersParameters keyManagersParameters = new KeyManagersParameters();
+ KeyStoreParameters keyStore = new KeyStoreParameters();
+ keyStore.setPassword("changeit");
+ keyStore.setResource("org/apache/camel/component/lumberjack/keystore.jks");
+ keyManagersParameters.setKeyPassword("changeit");
+ keyManagersParameters.setKeyStore(keyStore);
+ sslContextParameters.setKeyManagers(keyManagersParameters);
+
+ return sslContextParameters;
+ }
+
+ private SSLContextParameters createClientSSLContextParameters() {
+ SSLContextParameters sslContextParameters = new SSLContextParameters();
+
+ TrustManagersParameters trustManagersParameters = new TrustManagersParameters();
+ KeyStoreParameters trustStore = new KeyStoreParameters();
+ trustStore.setPassword("changeit");
+ trustStore.setResource("org/apache/camel/component/lumberjack/keystore.jks");
+ trustManagersParameters.setKeyStore(trustStore);
+ sslContextParameters.setTrustManagers(trustManagersParameters);
+
+ return sslContextParameters;
+ }
+}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailComponent.java
----------------------------------------------------------------------
diff --git a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailComponent.java b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailComponent.java
index f0dce34..f08e68d 100644
--- a/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailComponent.java
+++ b/components/camel-mail/src/main/java/org/apache/camel/component/mail/MailComponent.java
@@ -19,15 +19,19 @@ package org.apache.camel.component.mail;
import java.net.URI;
import java.util.HashSet;
import java.util.Map;
+import java.util.Optional;
import java.util.Set;
+import java.util.function.Supplier;
import javax.mail.search.SearchTerm;
import org.apache.camel.CamelContext;
import org.apache.camel.Endpoint;
import org.apache.camel.impl.UriEndpointComponent;
import org.apache.camel.spi.Metadata;
+import org.apache.camel.util.CamelContextHelper;
import org.apache.camel.util.IntrospectionSupport;
import org.apache.camel.util.ObjectHelper;
+import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier;
/**
* Component for JavaMail.
@@ -98,6 +102,11 @@ public class MailComponent extends UriEndpointComponent {
ObjectHelper.notEmpty(config.getHost(), "host");
ObjectHelper.notEmpty(config.getProtocol(), "protocol");
+ // Use global ssl if present
+ if (endpoint.getConfiguration().getSslContextParameters() == null) {
+ endpoint.getConfiguration().setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null));
+ }
+
return endpoint;
}
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-mina2/src/main/docs/mina2-component.adoc
----------------------------------------------------------------------
diff --git a/components/camel-mina2/src/main/docs/mina2-component.adoc b/components/camel-mina2/src/main/docs/mina2-component.adoc
index f598fe3..900fcce 100644
--- a/components/camel-mina2/src/main/docs/mina2-component.adoc
+++ b/components/camel-mina2/src/main/docs/mina2-component.adoc
@@ -99,7 +99,7 @@ with the following path and query parameters:
| **port** | *Required* Port number | | int
|=======================================================================
-#### Query Parameters (26 parameters):
+#### Query Parameters (27 parameters):
[width="100%",cols="2,5,^1,2",options="header"]
|=======================================================================
@@ -130,6 +130,7 @@ with the following path and query parameters:
| **textlineDelimiter** (codec) | Only used for TCP and if textline=true. Sets the text line delimiter to use. If none provided Camel will use DEFAULT. This delimiter is used to mark the end of text. | | Mina2TextLineDelimiter
| **autoStartTls** (security) | Whether to auto start SSL handshake. | true | boolean
| **sslContextParameters** (security) | To configure SSL security. | | SSLContextParameters
+| **useGlobalSslContext Parameters** (security) | Enable usage of Camel global sslContextParameters. | true | boolean
|=======================================================================
// endpoint options: END