You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2013/06/14 09:33:51 UTC

git commit: CAMEL-6453: Only get SSLSession if SSL enabled. Added unit test with client auth enabled to get the client cert from SSLSession from the Camel route on the server side.

Updated Branches:
  refs/heads/master 7078d8bcd -> 3c59d3f2a


CAMEL-6453: Only get SSLSession if SSL enabled. Added unit test with client auth enabled to get the client cert from SSLSession from the Camel route on the server side.


Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/3c59d3f2
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/3c59d3f2
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/3c59d3f2

Branch: refs/heads/master
Commit: 3c59d3f2af3ca01591e08ba8e2002b7ecc75b8dc
Parents: 7078d8b
Author: Claus Ibsen <da...@apache.org>
Authored: Fri Jun 14 09:32:27 2013 +0200
Committer: Claus Ibsen <da...@apache.org>
Committed: Fri Jun 14 09:32:27 2013 +0200

----------------------------------------------------------------------
 .../org/apache/camel/component/netty/NettyEndpoint.java  |  7 +++++--
 .../org/apache/camel/component/netty/NettySSLTest.java   | 11 +++++++----
 2 files changed, 12 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/camel/blob/3c59d3f2/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
index 3247a34..a712b7e 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
@@ -112,8 +112,11 @@ public class NettyEndpoint extends DefaultEndpoint {
         in.setHeader(NettyConstants.NETTY_MESSAGE_EVENT, messageEvent);
         in.setHeader(NettyConstants.NETTY_REMOTE_ADDRESS, messageEvent.getRemoteAddress());
         in.setHeader(NettyConstants.NETTY_LOCAL_ADDRESS, messageEvent.getChannel().getLocalAddress());
-        // setup the SslSession header
-        in.setHeader(NettyConstants.NETTY_SSL_SESSION, getSSLSession(ctx)); 
+
+        if (configuration.isSsl()) {
+            // setup the SslSession header
+            in.setHeader(NettyConstants.NETTY_SSL_SESSION, getSSLSession(ctx));
+        }
     }
 
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/camel/blob/3c59d3f2/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java b/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
index 5196464..5670546 100644
--- a/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
+++ b/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
@@ -14,11 +14,10 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
 package org.apache.camel.component.netty;
 
 import java.io.File;
-
+import java.security.Principal;
 import javax.net.ssl.SSLSession;
 
 import org.apache.camel.Exchange;
@@ -51,12 +50,16 @@ public class NettySSLTest extends BaseNettyTest {
 
         context.addRoutes(new RouteBuilder() {
             public void configure() {
-                from("netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=changeit&keyStoreFile=#ksf&trustStoreFile=#tsf")
+                // needClientAuth=true so we can get the client certificate details
+                from("netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=changeit&keyStoreFile=#ksf&trustStoreFile=#tsf&needClientAuth=true")
                     .process(new Processor() {
                         public void process(Exchange exchange) throws Exception {
                             SSLSession session = exchange.getIn().getHeader(NettyConstants.NETTY_SSL_SESSION, SSLSession.class);
                             if (session != null) {
-                                exchange.getOut().setBody("When You Go Home, Tell Them Of Us And Say, For Your Tomorrow, We Gave Our Today.");  
+                                javax.security.cert.X509Certificate cert = session.getPeerCertificateChain()[0];
+                                Principal principal = cert.getSubjectDN();
+                                log.info("Client Cert SubjectDN: {}", principal.getName());
+                                exchange.getOut().setBody("When You Go Home, Tell Them Of Us And Say, For Your Tomorrow, We Gave Our Today.");
                             } else {
                                 exchange.getOut().setBody("Cannot start conversion without SSLSession");
                             }