You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tuscany.apache.org by sl...@apache.org on 2010/02/26 14:44:41 UTC

svn commit: r916679 - in /tuscany/sca-java-2.x/trunk/itest/ws: ./ http-ssl/ http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/

Author: slaws
Date: Fri Feb 26 13:44:40 2010
New Revision: 916679

URL: http://svn.apache.org/viewvc?rev=916679&view=rev
Log:
Create a new key store and enable the test. Using a ws binding without an explicit HTTPS url doesn't work at the moment. The providers need to do more work based on the the security configuration. 

Added:
    tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/README   (with props)
    tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/tuscany.jks   (with props)
Removed:
    tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/tuscany.keyStore
Modified:
    tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/definitions.xml
    tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/helloworld.composite
    tuscany/sca-java-2.x/trunk/itest/ws/pom.xml

Added: tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/README
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/README?rev=916679&view=auto
==============================================================================
--- tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/README (added)
+++ tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/README Fri Feb 26 13:44:40 2010
@@ -0,0 +1,68 @@
+The module tests web service communications running over HTTPS. HTTPS is configured
+in this embedded test environment by adding the confidentiality intent to both
+reference and service and by configuring reference and service side policy sets
+to configure the web service binding appropriately to enable SSL. 
+
+When running the web service binding in a container that itself is configured
+to provide SSL support these policy sets are not required. TODO can they themselves
+detect that they are not required.
+
+The SSL configuration depends on public/private key pairs and a keystore. This is how
+they are organized and generated
+
+
+Generate Private/Public keys into a keystore for use at the server
+------------------------------------------------------------------
+
+keytool -genkey -keyalg RSA -sigalg MD5withRSA -keysize 1024 -alias TuscanyUser -dname "CN=Tuscany Service, OU=Tuscany, O=Apache, L=Hursley, S=Hampshire, C=UK" -storetype JKS -keystore tuscany.jks -validity 9999 -keypass tuscany -storepass tuscany
+
+View the contents of the key store that result
+----------------------------------------------
+
+keytool -list -v -keystore tuscany.jks -storepass tuscany
+
+Keystore type: JKS
+Keystore provider: SUN
+
+Your keystore contains 1 entry
+
+Alias name: tuscanyuser
+Creation date: 26-Feb-2010
+Entry type: PrivateKeyEntry
+Certificate chain length: 1
+Certificate[1]:
+Owner: CN=Tuscany Service, OU=Tuscany, O=Apache, L=Hursley, ST=Hampshire, C=UK
+Issuer: CN=Tuscany Service, OU=Tuscany, O=Apache, L=Hursley, ST=Hampshire, C=UK
+Serial number: 4b87b4d7
+Valid from: Fri Feb 26 11:47:35 GMT 2010 until: Mon Jul 13 12:47:35 BST 2037
+Certificate fingerprints:
+         MD5:  C3:0C:D6:DF:F6:27:26:47:AD:41:44:CA:D7:98:FA:41
+         SHA1: 2E:82:AD:F6:54:E0:C6:A5:47:5C:8C:9F:3B:5A:65:8E:F9:5A:40:07
+         Signature algorithm name: MD5withRSA
+         Version: 3
+         
+         
+IN THIS EMBEDDED TEST THE FOLLOWING ARE NOT REQUIRED AS BOTH REFERENCE AND SERVICES         
+ARE RUNNING IN THE SAME JVM AND HAVE ACCESS TO THE SERVICE SIDE KEY STORE
+
+Generate the client side certificate
+------------------------------------
+
+keytool -export -alias TuscanyUser -file tuscany.cer -keystore tuscany.jks -storepass tuscany
+
+Print the contents of the generated certificate file
+----------------------------------------------------
+
+keytool -printcert -v -file tuscany.cer
+
+Owner: CN=Tuscany Service, OU=Tuscany, O=Apache, L=Hursley, ST=Hampshire, C=UK
+Issuer: CN=Tuscany Service, OU=Tuscany, O=Apache, L=Hursley, ST=Hampshire, C=UK
+Serial number: 4b87b4d7
+Valid from: Fri Feb 26 11:47:35 GMT 2010 until: Mon Jul 13 12:47:35 BST 2037
+Certificate fingerprints:
+         MD5:  C3:0C:D6:DF:F6:27:26:47:AD:41:44:CA:D7:98:FA:41
+         SHA1: 2E:82:AD:F6:54:E0:C6:A5:47:5C:8C:9F:3B:5A:65:8E:F9:5A:40:07
+         Signature algorithm name: MD5withRSA
+         Version: 3
+         
+         
\ No newline at end of file

Propchange: tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/README
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/README
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/definitions.xml
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/definitions.xml?rev=916679&r1=916678&r2=916679&view=diff
==============================================================================
--- tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/definitions.xml (original)
+++ tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/definitions.xml Fri Feb 26 13:44:40 2010
@@ -27,8 +27,8 @@
                    provides="confidentiality.transport"
                    appliesTo="sca:binding.ws">
         <tuscany:https>
-          <tuscany:keyStore type="JKS" file="target/classes/org/apache/tuscany/sca/binding/ws/axis2/helloworld/tuscany.keyStore" password="apache"/>
-          <tuscany:trustStore type="JKS" file="target/classes/org/apache/tuscany/sca/binding/ws/axis2/helloworld/tuscany.keyStore" password="apache"/>
+          <tuscany:keyStore type="JKS" file="target/classes/org/apache/tuscany/sca/binding/ws/axis2/helloworld/tuscany.jks" password="tuscany"/>
+          <tuscany:trustStore type="JKS" file="target/classes/org/apache/tuscany/sca/binding/ws/axis2/helloworld/tuscany.jks" password="tuscany"/>
         </tuscany:https>
     </sca:policySet>
       

Modified: tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/helloworld.composite
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/helloworld.composite?rev=916679&r1=916678&r2=916679&view=diff
==============================================================================
--- tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/helloworld.composite (original)
+++ tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/helloworld.composite Fri Feb 26 13:44:40 2010
@@ -25,14 +25,14 @@
     <component name="HelloWorldClient">
         <implementation.java class="org.apache.tuscany.sca.binding.ws.axis2.helloworld.HelloWorldClient"/>
         <reference name="helloWorldWS" requires="confidentiality">
-            <binding.ws uri="https://localhost:443/HelloWorld" />
+            <binding.ws uri="https://localhost:8443/HelloWorld" />
         </reference>
     </component>
     
     <component name="HelloWorldService">
 		<implementation.java class="org.apache.tuscany.sca.binding.ws.axis2.helloworld.HelloWorldService"/>
 	    <service name="HelloWorld" requires="confidentiality">
-	        <binding.ws uri="https://localhost:443/HelloWorld" />
+	        <binding.ws uri="https://localhost:8443/HelloWorld" />
 	    </service>		
     </component>
     

Added: tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/tuscany.jks
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/tuscany.jks?rev=916679&view=auto
==============================================================================
Binary file - no diff available.

Propchange: tuscany/sca-java-2.x/trunk/itest/ws/http-ssl/src/main/resources/org/apache/tuscany/sca/binding/ws/axis2/helloworld/tuscany.jks
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream

Modified: tuscany/sca-java-2.x/trunk/itest/ws/pom.xml
URL: http://svn.apache.org/viewvc/tuscany/sca-java-2.x/trunk/itest/ws/pom.xml?rev=916679&r1=916678&r2=916679&view=diff
==============================================================================
--- tuscany/sca-java-2.x/trunk/itest/ws/pom.xml (original)
+++ tuscany/sca-java-2.x/trunk/itest/ws/pom.xml Fri Feb 26 13:44:40 2010
@@ -32,8 +32,8 @@
   <modules>
     <module>defaults</module>
     <module>authentication-basic</module>
+    <module>http-ssl</module>
 <!--
-    <module>https</module>
     <module>jms</module>
     <module>mtom</module>
     <module>authentication-wssecurity</module>