You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2013/06/14 09:33:51 UTC
git commit: CAMEL-6453: Only get SSLSession if SSL enabled. Added
unit test with client auth enabled to get the client cert from SSLSession
from the Camel route on the server side.
Updated Branches:
refs/heads/master 7078d8bcd -> 3c59d3f2a
CAMEL-6453: Only get SSLSession if SSL enabled. Added unit test with client auth enabled to get the client cert from SSLSession from the Camel route on the server side.
Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/3c59d3f2
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/3c59d3f2
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/3c59d3f2
Branch: refs/heads/master
Commit: 3c59d3f2af3ca01591e08ba8e2002b7ecc75b8dc
Parents: 7078d8b
Author: Claus Ibsen <da...@apache.org>
Authored: Fri Jun 14 09:32:27 2013 +0200
Committer: Claus Ibsen <da...@apache.org>
Committed: Fri Jun 14 09:32:27 2013 +0200
----------------------------------------------------------------------
.../org/apache/camel/component/netty/NettyEndpoint.java | 7 +++++--
.../org/apache/camel/component/netty/NettySSLTest.java | 11 +++++++----
2 files changed, 12 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/camel/blob/3c59d3f2/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
index 3247a34..a712b7e 100644
--- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
+++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyEndpoint.java
@@ -112,8 +112,11 @@ public class NettyEndpoint extends DefaultEndpoint {
in.setHeader(NettyConstants.NETTY_MESSAGE_EVENT, messageEvent);
in.setHeader(NettyConstants.NETTY_REMOTE_ADDRESS, messageEvent.getRemoteAddress());
in.setHeader(NettyConstants.NETTY_LOCAL_ADDRESS, messageEvent.getChannel().getLocalAddress());
- // setup the SslSession header
- in.setHeader(NettyConstants.NETTY_SSL_SESSION, getSSLSession(ctx));
+
+ if (configuration.isSsl()) {
+ // setup the SslSession header
+ in.setHeader(NettyConstants.NETTY_SSL_SESSION, getSSLSession(ctx));
+ }
}
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/camel/blob/3c59d3f2/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
----------------------------------------------------------------------
diff --git a/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java b/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
index 5196464..5670546 100644
--- a/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
+++ b/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettySSLTest.java
@@ -14,11 +14,10 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-
package org.apache.camel.component.netty;
import java.io.File;
-
+import java.security.Principal;
import javax.net.ssl.SSLSession;
import org.apache.camel.Exchange;
@@ -51,12 +50,16 @@ public class NettySSLTest extends BaseNettyTest {
context.addRoutes(new RouteBuilder() {
public void configure() {
- from("netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=changeit&keyStoreFile=#ksf&trustStoreFile=#tsf")
+ // needClientAuth=true so we can get the client certificate details
+ from("netty:tcp://localhost:{{port}}?sync=true&ssl=true&passphrase=changeit&keyStoreFile=#ksf&trustStoreFile=#tsf&needClientAuth=true")
.process(new Processor() {
public void process(Exchange exchange) throws Exception {
SSLSession session = exchange.getIn().getHeader(NettyConstants.NETTY_SSL_SESSION, SSLSession.class);
if (session != null) {
- exchange.getOut().setBody("When You Go Home, Tell Them Of Us And Say, For Your Tomorrow, We Gave Our Today.");
+ javax.security.cert.X509Certificate cert = session.getPeerCertificateChain()[0];
+ Principal principal = cert.getSubjectDN();
+ log.info("Client Cert SubjectDN: {}", principal.getName());
+ exchange.getOut().setBody("When You Go Home, Tell Them Of Us And Say, For Your Tomorrow, We Gave Our Today.");
} else {
exchange.getOut().setBody("Cannot start conversion without SSLSession");
}