You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by se...@apache.org on 2016/06/05 20:40:35 UTC
svn commit: r1746949 [1/2] - in
/directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui:
./ bots/
Author: seelmann
Date: Sun Jun 5 20:40:34 2016
New Revision: 1746949
URL: http://svn.apache.org/viewvc?rev=1746949&view=rev
Log:
Refactor and enable certificate validation tests.
Added:
directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateUtils.java (with props)
directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java (with props)
directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateViewerDialogBot.java (with props)
directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CheckAuthenticationDialogBot.java (with props)
Modified:
directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/NewConnectionWizardTest.java
directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/ApacheDSConfigurationEditorBot.java
directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateTrustDialogBot.java
directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateValidationPreferencePageBot.java
directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/ErrorDialogBot.java
directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/NewConnectionWizardBot.java
Added: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateUtils.java
URL: http://svn.apache.org/viewvc/directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateUtils.java?rev=1746949&view=auto
==============================================================================
--- directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateUtils.java (added)
+++ directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateUtils.java Sun Jun 5 20:40:34 2016
@@ -0,0 +1,98 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.directory.studio.test.integration.ui;
+
+
+import java.io.File;
+import java.io.FileOutputStream;
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.SignatureException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+import java.util.Date;
+
+import javax.security.auth.x500.X500Principal;
+
+import org.bouncycastle.x509.X509V1CertificateGenerator;
+
+
+/**
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+public class CertificateUtils
+{
+
+ public static File createCertificateInKeyStoreFile( String issuerDN, String subjectDN, Date startDate,
+ Date expiryDate ) throws Exception
+ {
+ KeyPair keypair = createKeyPair();
+ X509Certificate cert = createCertificate( issuerDN, subjectDN, startDate, expiryDate, keypair );
+
+ // write key store file
+ File ksFile = File.createTempFile( "testStore", "ks" );
+ KeyStore ks = KeyStore.getInstance( KeyStore.getDefaultType() );
+ ks.load( null, null );
+ ks.setCertificateEntry( "apacheds", cert );
+ ks.setKeyEntry( "apacheds", keypair.getPrivate(), "changeit".toCharArray(), new Certificate[]
+ { cert } );
+ ks.store( new FileOutputStream( ksFile ), "changeit".toCharArray() );
+
+ return ksFile;
+ }
+
+
+ public static X509Certificate createCertificate( String issuerDN, String subjectDN, Date startDate, Date expiryDate,
+ KeyPair keypair ) throws CertificateEncodingException, NoSuchProviderException, NoSuchAlgorithmException,
+ SignatureException, InvalidKeyException
+ {
+ BigInteger serialNumber = BigInteger.valueOf( System.currentTimeMillis() );
+ X509V1CertificateGenerator certGen = new X509V1CertificateGenerator();
+ X500Principal issuerName = new X500Principal( issuerDN );
+ X500Principal subjectName = new X500Principal( subjectDN );
+ certGen.setSerialNumber( serialNumber );
+ certGen.setIssuerDN( issuerName );
+ certGen.setNotBefore( startDate );
+ certGen.setNotAfter( expiryDate );
+ certGen.setSubjectDN( subjectName );
+ certGen.setPublicKey( keypair.getPublic() );
+ certGen.setSignatureAlgorithm( "SHA1WithRSA" );
+ X509Certificate cert = certGen.generate( keypair.getPrivate(), "BC" );
+ return cert;
+ }
+
+
+ public static KeyPair createKeyPair() throws NoSuchAlgorithmException
+ {
+ KeyPairGenerator generator = KeyPairGenerator.getInstance( "RSA" );
+ generator.initialize( 1024 );
+ KeyPair keypair = generator.genKeyPair();
+ return keypair;
+ }
+
+}
Propchange: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateUtils.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java
URL: http://svn.apache.org/viewvc/directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java?rev=1746949&view=auto
==============================================================================
--- directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java (added)
+++ directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java Sun Jun 5 20:40:34 2016
@@ -0,0 +1,820 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.directory.studio.test.integration.ui;
+
+
+import static org.apache.directory.studio.test.integration.ui.Constants.LOCALHOST;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.File;
+import java.security.cert.X509Certificate;
+import java.util.Date;
+
+import org.apache.directory.studio.connection.core.ConnectionCorePlugin;
+import org.apache.directory.studio.test.integration.ui.bots.ApacheDSConfigurationEditorBot;
+import org.apache.directory.studio.test.integration.ui.bots.ApacheDSServersViewBot;
+import org.apache.directory.studio.test.integration.ui.bots.CertificateTrustDialogBot;
+import org.apache.directory.studio.test.integration.ui.bots.CertificateValidationPreferencePageBot;
+import org.apache.directory.studio.test.integration.ui.bots.CheckAuthenticationDialogBot;
+import org.apache.directory.studio.test.integration.ui.bots.ConnectionsViewBot;
+import org.apache.directory.studio.test.integration.ui.bots.DeleteDialogBot;
+import org.apache.directory.studio.test.integration.ui.bots.ErrorDialogBot;
+import org.apache.directory.studio.test.integration.ui.bots.NewApacheDSServerWizardBot;
+import org.apache.directory.studio.test.integration.ui.bots.NewConnectionWizardBot;
+import org.apache.directory.studio.test.integration.ui.bots.PreferencesBot;
+import org.apache.directory.studio.test.integration.ui.bots.StudioBot;
+import org.apache.directory.studio.test.integration.ui.bots.utils.FrameworkRunnerWithScreenshotCaptureListener;
+import org.apache.mina.util.AvailablePortFinder;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TestName;
+import org.junit.runner.RunWith;
+
+
+/**
+ * Tests secure connection handling.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$, $Date$
+ */
+@RunWith(FrameworkRunnerWithScreenshotCaptureListener.class)
+public class CertificateValidationTest
+{
+ private static final String serverName = "CertificateValidationTest";
+
+ static final long YEAR_MILLIS = 365L * 24L * 3600L * 1000L;
+
+ @Rule
+ public TestName name = new TestName();
+
+ private File ksFile;
+
+ private static int ldapPort;
+ private static int ldapsPort;
+
+ private static StudioBot studioBot;
+ private static ApacheDSServersViewBot serversViewBot;
+ private static ConnectionsViewBot connectionsViewBot;
+ private static NewConnectionWizardBot wizardBot;
+
+
+ @BeforeClass
+ public static void setUpClass() throws Exception
+ {
+ studioBot = new StudioBot();
+ studioBot.resetLdapPerspective();
+ serversViewBot = studioBot.getApacheDSServersViewBot();
+ connectionsViewBot = studioBot.getConnectionView();
+
+ // create the server
+ createServer( serverName );
+ setAvailablePorts( serverName );
+
+ // ErrorDialog.AUTOMATED_MODE = false;
+ }
+
+
+ @AfterClass
+ public static void tearDownClass() throws Exception
+ {
+ deleteServer( serverName );
+ }
+
+
+ @Before
+ public void setUp() throws Exception
+ {
+ studioBot.resetLdapPerspective();
+ }
+
+
+ @After
+ public void tearDown() throws Exception
+ {
+ connectionsViewBot.deleteTestConnections();
+
+ // stop ApacheDS
+ serversViewBot.stopServer( serverName );
+ serversViewBot.waitForServerStop( serverName );
+
+ // delete old key store
+ if ( ksFile != null && ksFile.exists() )
+ {
+ ksFile.delete();
+ }
+
+ // delete custom trust stores
+ X509Certificate[] permanentCertificates = ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager()
+ .getCertificates();
+ for ( X509Certificate certificate : permanentCertificates )
+ {
+ ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().removeCertificate( certificate );
+ }
+ X509Certificate[] temporaryCertificates = ConnectionCorePlugin.getDefault().getSessionTrustStoreManager()
+ .getCertificates();
+ for ( X509Certificate certificate : temporaryCertificates )
+ {
+ ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().removeCertificate( certificate );
+ }
+
+ // delete custom Java key store settings
+ System.getProperties().remove( "javax.net.ssl.trustStore" );
+ System.getProperties().remove( "javax.net.ssl.keyStore" );
+ System.getProperties().remove( "javax.net.ssl.keyStorePassword" );
+ }
+
+
+ private String getConnectionName()
+ {
+ return "NewConnectionWizardTest." + name.getMethodName();
+ }
+
+
+ /**
+ * Tests ldaps:// with an valid certificate. This is simulated
+ * by putting the self-signed certificate into a temporary key store.
+ */
+ @Test
+ public void testLdapsCertificateValidationOK() throws Exception
+ {
+ // create certificate
+ Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=localhost", "cn=localhost", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // let Java use the key store
+ System.setProperty( "javax.net.ssl.trustStore", ksFile.getAbsolutePath() );
+ System.setProperty( "javax.net.ssl.keyStore", ksFile.getAbsolutePath() );
+ System.setProperty( "javax.net.ssl.keyStorePassword", "changeit" );
+
+ // enter connection parameter and authentication parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapsPort );
+ wizardBot.selectLdapsEncryption();
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check the certificate, should be OK
+ String result = wizardBot.clickCheckAuthenticationButton();
+ assertNull( "Expected OK, valid and trusted certificate", result );
+
+ wizardBot.clickCancelButton();
+ }
+
+
+ /**
+ * Tests ldaps:// with an expired certificate.
+ */
+ @Test
+ public void testLdapsCertificateValidationNotOK() throws Exception
+ {
+ // prepare certificate
+ Date startDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS + YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=localhost", "cn=localhost", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // enter connection parameter and authentication parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapsPort );
+ wizardBot.selectLdapsEncryption();
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check the certificate, expecting the trust dialog
+ CertificateTrustDialogBot trustDialogBot = wizardBot
+ .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isSelfSigned() );
+ assertTrue( trustDialogBot.isNotYetValid() );
+ assertFalse( trustDialogBot.isExpired() );
+ assertFalse( trustDialogBot.isHostNameMismatch() );
+ assertFalse( trustDialogBot.isIssuerUnkown() );
+ trustDialogBot.selectDontTrust();
+ ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
+ assertTrue( errorBot.getErrorMessage().contains( "failed" ) );
+ errorBot.clickOkButton();
+
+ wizardBot.clickCancelButton();
+ }
+
+
+ /**
+ * Tests that when selecting "Don't trust" the certificate is not trusted
+ * and not added to any key store.
+ */
+ @Test
+ public void testLdapsCertificateDoNotTrust() throws Exception
+ {
+ // prepare certificate
+ Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=TheUnknownStuntman", "cn=localhost1", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // enter connection parameter and authentication parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapsPort );
+ wizardBot.selectLdapsEncryption();
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check trust, expect trust dialog, select don't trust
+ CertificateTrustDialogBot trustDialogBot = wizardBot
+ .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isVisible() );
+ trustDialogBot.selectDontTrust();
+ ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
+ errorBot.clickOkButton();
+
+ // check trust again, expect trust dialog, select don't trust
+ wizardBot.activate();
+ trustDialogBot = wizardBot.clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isVisible() );
+ trustDialogBot.selectDontTrust();
+ errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
+ errorBot.clickOkButton();
+
+ // certificate must not be added to a trust store
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
+
+ // click finish, that opens the connection
+ wizardBot.clickFinishButton( false );
+
+ // expecting trust dialog again.
+ trustDialogBot = new CertificateTrustDialogBot();
+ assertTrue( trustDialogBot.isVisible() );
+ trustDialogBot.selectDontTrust();
+ errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
+ errorBot.clickOkButton();
+
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
+ }
+
+
+ /**
+ * Tests that when selecting "Trust temporary" the certificate is trusted
+ * and added to the session key store.
+ */
+ @Test
+ public void testLdapsCertificateTrustTemporary() throws Exception
+ {
+ // prepare certificate
+ Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=TheUnknownStuntman", "cn=localhost2", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // enter connection parameter and authentication parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapsPort );
+ wizardBot.selectLdapsEncryption();
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check trust, expect trust dialog, select trust temporary
+ CertificateTrustDialogBot trustDialogBot = wizardBot
+ .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isVisible() );
+ trustDialogBot.selectTrustTemporary();
+ trustDialogBot.clickOkButton();
+
+ // expect ok dialog
+ new CheckAuthenticationDialogBot().clickOkButton();
+
+ // certificate must be added to the temporary trust store
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
+ assertEquals( 1, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
+
+ // check trust again, now the certificate is already trusted
+ wizardBot.activate();
+ String result = wizardBot.clickCheckAuthenticationButton();
+ assertNull( "Expected OK, valid and trusted certificate", result );
+
+ wizardBot.clickCancelButton();
+ }
+
+
+ /**
+ * Tests that when selecting "Trust permanent" the certificate is trusted
+ * and added to the permanent key store.
+ */
+ @Test
+ public void testLdapsCertificateTrustPermanent() throws Exception
+ {
+ // prepare certificate
+ Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=TheUnknownStuntman", "cn=localhost3", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // enter connection parameter and authentication parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapsPort );
+ wizardBot.selectLdapsEncryption();
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check trust, expect trust dialog, select trust temporary
+ CertificateTrustDialogBot trustDialogBot = wizardBot
+ .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isVisible() );
+ trustDialogBot.selectTrustPermanent();
+ trustDialogBot.clickOkButton();
+
+ // expect ok dialog
+ new CheckAuthenticationDialogBot().clickOkButton();
+
+ // certificate must be added to the temporary trust store
+ assertEquals( 1, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
+
+ // check trust again, now the certificate is already trusted
+ wizardBot.activate();
+ String result = wizardBot.clickCheckAuthenticationButton();
+ assertNull( "Expected OK, valid and trusted certificate", result );
+
+ wizardBot.clickCancelButton();
+ }
+
+
+ /**
+ * Tests StartTLS with an valid certificate. This is simulated
+ * by putting the self-signed certificate into a temporary key store.
+ */
+ @Test
+ public void testStartTlsCertificateValidationOK() throws Exception
+ {
+ // create certificate
+ Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=localhost", "cn=localhost", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // let Java use the key store
+ System.setProperty( "javax.net.ssl.trustStore", ksFile.getAbsolutePath() );
+ System.setProperty( "javax.net.ssl.keyStore", ksFile.getAbsolutePath() );
+ System.setProperty( "javax.net.ssl.keyStorePassword", "changeit" );
+
+ // enter connection parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapPort );
+ wizardBot.selectStartTlsEncryption();
+
+ // check the certificate, should be OK
+ String result = wizardBot.clickCheckNetworkParameterButton();
+ assertNull( "Expected OK, valid and trusted certificate", result );
+
+ // enter correct authentication parameter
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check the certificate again, should be OK
+ String result2 = wizardBot.clickCheckAuthenticationButton();
+ assertNull( "Expected OK, valid and trusted certificate", result2 );
+
+ wizardBot.clickCancelButton();
+ }
+
+
+ /**
+ * Tests StartTLS with an expired certificate.
+ */
+ @Test
+ public void testStartTlsCertificateValidationExpired() throws Exception
+ {
+ // prepare certificate
+ Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS - YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=localhost", "cn=localhost", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // enter connection parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapPort );
+ wizardBot.selectStartTlsEncryption();
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check the certificate, expecting the trust dialog
+ CertificateTrustDialogBot trustDialogBot = wizardBot
+ .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isSelfSigned() );
+ assertTrue( trustDialogBot.isExpired() );
+ assertFalse( trustDialogBot.isNotYetValid() );
+ assertFalse( trustDialogBot.isHostNameMismatch() );
+ assertFalse( trustDialogBot.isIssuerUnkown() );
+ trustDialogBot.selectDontTrust();
+ ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
+ assertTrue( errorBot.getErrorMessage().contains( "SSL handshake failed" ) );
+ errorBot.clickOkButton();
+
+ wizardBot.clickCancelButton();
+ }
+
+
+ /**
+ * Tests SSL with an not yet valid certificate.
+ */
+ @Test
+ public void testStartTlsCertificateValidationNotYetValid() throws Exception
+ {
+ // prepare certificate
+ Date startDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS + YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=localhost", "cn=localhost", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // enter connection parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapPort );
+ wizardBot.selectStartTlsEncryption();
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check the certificate, expecting the trust dialog
+ CertificateTrustDialogBot trustDialogBot = wizardBot
+ .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isSelfSigned() );
+ assertTrue( trustDialogBot.isNotYetValid() );
+ assertFalse( trustDialogBot.isExpired() );
+ assertFalse( trustDialogBot.isHostNameMismatch() );
+ assertFalse( trustDialogBot.isIssuerUnkown() );
+ trustDialogBot.selectDontTrust();
+ ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
+ assertTrue( errorBot.getErrorMessage().contains( "SSL handshake failed" ) );
+ errorBot.clickOkButton();
+
+ wizardBot.clickCancelButton();
+ }
+
+
+ /**
+ * Tests StartTLS with an invalid certificate (unknown issuer) and
+ * with an certificate, where the certificate's host name
+ * doesn't match the server's host name (localhost)
+ */
+ @Test
+ public void testStartTlsCertificateValidationHostnameMismatch() throws Exception
+ {
+ // prepare certificate
+ Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=TheUnknownStuntman", "cn=ldap.example.com", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // enter connection parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapPort );
+ wizardBot.selectStartTlsEncryption();
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check the certificate, expecting the trust dialog
+ CertificateTrustDialogBot trustDialogBot = wizardBot
+ .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isHostNameMismatch() );
+ assertTrue( trustDialogBot.isIssuerUnkown() );
+ assertFalse( trustDialogBot.isSelfSigned() );
+ assertFalse( trustDialogBot.isNotYetValid() );
+ assertFalse( trustDialogBot.isExpired() );
+ trustDialogBot.selectDontTrust();
+ ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
+ assertTrue( errorBot.getErrorMessage().contains( "SSL handshake failed" ) );
+ errorBot.clickOkButton();
+
+ wizardBot.clickCancelButton();
+ }
+
+
+ /**
+ * Tests that when selecting "Don't trust" the certificate is not trusted
+ * and not added to any key store.
+ */
+ @Test
+ public void testStartTlsCertificateDoNotTrust() throws Exception
+ {
+ // prepare certificate
+ Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=TheUnknownStuntman", "cn=localhost4", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // enter connection parameter and authentication parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapPort );
+ wizardBot.selectStartTlsEncryption();
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check trust, expect trust dialog, select don't trust
+ CertificateTrustDialogBot trustDialogBot = wizardBot
+ .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isVisible() );
+ trustDialogBot.selectDontTrust();
+ ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
+ errorBot.clickOkButton();
+
+ // check trust again, expect trust dialog, select don't trust
+ wizardBot.activate();
+ trustDialogBot = wizardBot.clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isVisible() );
+ trustDialogBot.selectDontTrust();
+ errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
+ errorBot.clickOkButton();
+
+ // certificate must not be added to a trust store
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
+
+ // click finish, that opens the connection
+ wizardBot.clickFinishButton( false );
+
+ // expecting trust dialog again.
+ trustDialogBot = new CertificateTrustDialogBot();
+ assertTrue( trustDialogBot.isVisible() );
+ trustDialogBot.selectDontTrust();
+ errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
+ errorBot.clickOkButton();
+
+ // no trusted certificates expected
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
+
+ // no trusted certificates expected
+ PreferencesBot preferencesBot = studioBot.openPreferences();
+ CertificateValidationPreferencePageBot pageBot = preferencesBot.openCertificatValidationPage();
+ pageBot.activatePermanentTab();
+ assertEquals( 0, pageBot.getCertificateCount() );
+ pageBot.activateTemporaryTab();
+ assertEquals( 0, pageBot.getCertificateCount() );
+ preferencesBot.clickCancelButton();
+ }
+
+
+ /**
+ * Tests that when selecting "Trust temporary" the certificate is trusted
+ * and added to the session key store.
+ */
+ @Test
+ public void testStartTlsCertificateTrustTemporary() throws Exception
+ {
+ // prepare certificate
+ Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=TheUnknownStuntman", "cn=localhost5", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // enter connection parameter and authentication parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapPort );
+ wizardBot.selectStartTlsEncryption();
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check trust, expect trust dialog, select trust temporary
+ CertificateTrustDialogBot trustDialogBot = wizardBot
+ .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isVisible() );
+ trustDialogBot.selectTrustTemporary();
+ trustDialogBot.clickOkButton();
+
+ // expect ok dialog
+ new CheckAuthenticationDialogBot().clickOkButton();
+
+ // certificate must be added to the temporary trust store
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
+ assertEquals( 1, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
+
+ // check trust again, now the certificate is already trusted
+ wizardBot.activate();
+ String result = wizardBot.clickCheckAuthenticationButton();
+ assertNull( "Expected OK, valid and trusted certificate", result );
+
+ wizardBot.clickCancelButton();
+
+ // certificate must be added to the temporary trust store
+ PreferencesBot preferencesBot = studioBot.openPreferences();
+ CertificateValidationPreferencePageBot pageBot = preferencesBot.openCertificatValidationPage();
+ pageBot.activatePermanentTab();
+ assertEquals( 0, pageBot.getCertificateCount() );
+ pageBot.activateTemporaryTab();
+ assertEquals( 1, pageBot.getCertificateCount() );
+ preferencesBot.clickCancelButton();
+ }
+
+
+ /**
+ * Tests that when selecting "Trust permanent" the certificate is trusted
+ * and added to the permanent key store.
+ */
+ @Test
+ public void testStartTlsCertificateTrustPermanent() throws Exception
+ {
+ // prepare certificate
+ Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
+ Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
+ createCertificateAndUpdateInApacheDS( "cn=TheUnknownStuntman", "cn=localhost6", startDate, endDate );
+
+ // start ApacheDS
+ serversViewBot.runServer( serverName );
+ serversViewBot.waitForServerStart( serverName );
+
+ // enter connection parameter and authentication parameter
+ wizardBot = connectionsViewBot.openNewConnectionWizard();
+ wizardBot.typeConnectionName( getConnectionName() );
+ wizardBot.typeHost( LOCALHOST );
+ wizardBot.typePort( ldapPort );
+ wizardBot.selectStartTlsEncryption();
+ wizardBot.clickNextButton();
+ wizardBot.typeUser( "uid=admin,ou=system" );
+ wizardBot.typePassword( "secret" );
+
+ // check trust, expect trust dialog, select trust temporary
+ CertificateTrustDialogBot trustDialogBot = wizardBot
+ .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
+ assertTrue( trustDialogBot.isVisible() );
+ trustDialogBot.selectTrustPermanent();
+ trustDialogBot.clickOkButton();
+
+ // expect ok dialog
+ new CheckAuthenticationDialogBot().clickOkButton();
+
+ // certificate must be added to the permanent trust store
+ assertEquals( 1, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
+ assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
+
+ // check trust again, now the certificate is already trusted
+ wizardBot.activate();
+ String result = wizardBot.clickCheckAuthenticationButton();
+ assertNull( "Expected OK, valid and trusted certificate", result );
+
+ wizardBot.clickCancelButton();
+
+ // certificate must be added to the permanent trust store
+ PreferencesBot preferencesBot = studioBot.openPreferences();
+ CertificateValidationPreferencePageBot pageBot = preferencesBot.openCertificatValidationPage();
+ pageBot.activatePermanentTab();
+ assertEquals( 1, pageBot.getCertificateCount() );
+ pageBot.activateTemporaryTab();
+ assertEquals( 0, pageBot.getCertificateCount() );
+ preferencesBot.clickCancelButton();
+ }
+
+
+ private static void createServer( String serverName )
+ {
+ // Showing view
+ serversViewBot.show();
+
+ // Opening wizard
+ NewApacheDSServerWizardBot wizardBot = serversViewBot.openNewServerWizard();
+
+ // Filling fields of the wizard
+ wizardBot.selectApacheDS200();
+ wizardBot.typeServerName( serverName );
+
+ // Closing wizard
+ wizardBot.clickFinishButton();
+ serversViewBot.waitForServer( serverName );
+ }
+
+
+ private static void setAvailablePorts( String serverName )
+ {
+ ApacheDSConfigurationEditorBot editorBot = serversViewBot.openConfigurationEditor( serverName );
+
+ ldapPort = AvailablePortFinder.getNextAvailable( 1024 );
+ editorBot.setLdapPort( ldapPort );
+
+ ldapsPort = AvailablePortFinder.getNextAvailable( ldapPort + 1 );
+ editorBot.setLdapsPort( ldapsPort );
+
+ editorBot.save();
+ editorBot.close();
+ }
+
+
+ private static void deleteServer( String serverName )
+ {
+ // Stopping the server
+ serversViewBot.stopServer( serverName );
+ serversViewBot.waitForServerStop( serverName );
+
+ // Deleting the server
+ DeleteDialogBot deleteDialogBot = serversViewBot.openDeleteServerDialog();
+ deleteDialogBot.clickOkButton();
+ }
+
+
+ private void createCertificateAndUpdateInApacheDS( String issuerDN, String subjectDN, Date startDate,
+ Date expiryDate ) throws Exception
+ {
+ // create certificate in key store file
+ if ( ksFile != null && ksFile.exists() )
+ {
+ ksFile.delete();
+ }
+ ksFile = CertificateUtils.createCertificateInKeyStoreFile( issuerDN, subjectDN, startDate, expiryDate );
+
+ // configure certificate in ApacheDS
+ ApacheDSConfigurationEditorBot editorBot = serversViewBot.openConfigurationEditor( serverName );
+ editorBot.setKeystore( ksFile.getAbsolutePath(), "changeit" );
+ editorBot.save();
+ editorBot.close();
+ }
+
+}
Propchange: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/CertificateValidationTest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/NewConnectionWizardTest.java
URL: http://svn.apache.org/viewvc/directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/NewConnectionWizardTest.java?rev=1746949&r1=1746948&r2=1746949&view=diff
==============================================================================
--- directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/NewConnectionWizardTest.java (original)
+++ directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/NewConnectionWizardTest.java Sun Jun 5 20:40:34 2016
@@ -28,51 +28,24 @@ import static org.hamcrest.MatcherAssert
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertTrue;
import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
-import java.io.ByteArrayInputStream;
-import java.io.File;
-import java.io.FileOutputStream;
-import java.math.BigInteger;
import java.net.UnknownHostException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-
-import javax.security.auth.x500.X500Principal;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
-import org.apache.directory.server.core.api.CoreSession;
import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
-import org.apache.directory.api.ldap.model.entry.Entry;
-import org.apache.directory.api.ldap.model.entry.Modification;
-import org.apache.directory.api.ldap.model.message.ModifyRequest;
-import org.apache.directory.api.ldap.model.message.ModifyRequestImpl;
-import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.studio.connection.core.Connection;
import org.apache.directory.studio.connection.core.ConnectionCorePlugin;
import org.apache.directory.studio.connection.core.ConnectionManager;
import org.apache.directory.studio.connection.core.ConnectionParameter.AuthenticationMethod;
-import org.apache.directory.studio.test.integration.ui.bots.CertificateTrustDialogBot;
import org.apache.directory.studio.test.integration.ui.bots.ConnectionsViewBot;
-import org.apache.directory.studio.test.integration.ui.bots.ErrorDialogBot;
import org.apache.directory.studio.test.integration.ui.bots.NewConnectionWizardBot;
import org.apache.directory.studio.test.integration.ui.bots.StudioBot;
import org.apache.directory.studio.test.integration.ui.bots.utils.FrameworkRunnerWithScreenshotCaptureListener;
-import org.bouncycastle.x509.X509V1CertificateGenerator;
import org.junit.After;
import org.junit.Before;
-import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TestName;
@@ -92,32 +65,12 @@ public class NewConnectionWizardTest ext
{
@Rule public TestName name = new TestName();
- private File ksFile;
-
private StudioBot studioBot;
private ConnectionsViewBot connectionsViewBot;
private NewConnectionWizardBot wizardBot;
@Before
- public void setUpLdaps() throws Exception
- {
- // TODO: setup LDAPS
- // if ( ldapsService == null )
- // {
- // ldapsService = new LdapServer();
- // ldapsService.setDirectoryService( ldapService.getDirectoryService() );
- // int port = AvailablePortFinder.getNextAvailable( ldapService.getPort() + 10 );
- // ldapsService.setTcpTransport( new TcpTransport( port ) );
- // ldapsService.setEnabled( true );
- // ldapsService.setEnableLdaps( true );
- // ldapsService.setConfidentialityRequired( true );
- // ldapsService.start();
- // }
- }
-
-
- @Before
public void setUp() throws Exception
{
studioBot = new StudioBot();
@@ -138,31 +91,6 @@ public class NewConnectionWizardTest ext
studioBot = null;
connectionsViewBot = null;
wizardBot = null;
-
- // delete old key store
- if ( ksFile != null && ksFile.exists() )
- {
- ksFile.delete();
- }
-
- // delete custom trust stores
- X509Certificate[] permanentCertificates = ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager()
- .getCertificates();
- for ( X509Certificate certificate : permanentCertificates )
- {
- ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().removeCertificate( certificate );
- }
- X509Certificate[] temporaryCertificates = ConnectionCorePlugin.getDefault().getSessionTrustStoreManager()
- .getCertificates();
- for ( X509Certificate certificate : temporaryCertificates )
- {
- ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().removeCertificate( certificate );
- }
-
- // delete custom JNDI key store settings
- System.getProperties().remove( "javax.net.ssl.trustStore" );
- System.getProperties().remove( "javax.net.ssl.keyStore" );
- System.getProperties().remove( "javax.net.ssl.keyStorePassword" );
}
@@ -353,7 +281,7 @@ public class NewConnectionWizardTest ext
wizardBot.typePassword( "secret" );
// finish dialog
- wizardBot.clickFinishButton();
+ wizardBot.clickFinishButton(true);
connectionsViewBot.waitForConnection( getConnectionName() );
// ensure connection was created
@@ -511,687 +439,4 @@ public class NewConnectionWizardTest ext
wizardBot.clickCancelButton();
}
-
- /**
- * Tests StartTLS with an valid certificate. This is simulated
- * by putting the self-signed certificate into a temporary key store
- * and using this key store for JNDI
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testStartTlsCertificateValidationOK() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- updateCertificate( "cn=localhost", "cn=localhost", startDate, endDate );
-
- // prepare key store
- installKeyStoreWithCertificate();
-
- // let JNDI use the key store
- System.setProperty( "javax.net.ssl.trustStore", ksFile.getAbsolutePath() );
- System.setProperty( "javax.net.ssl.keyStore", ksFile.getAbsolutePath() );
- System.setProperty( "javax.net.ssl.keyStorePassword", "changeit" );
-
- // enter connection parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPort() );
- wizardBot.selectStartTlsEncryption();
-
- // check the certificate, should be OK
- String result = wizardBot.clickCheckNetworkParameterButton();
- assertNull( "Expected OK, valid and trusted certificate", result );
-
- // enter correct authentication parameter
- wizardBot.clickNextButton();
- wizardBot.typeUser( "uid=admin,ou=system" );
- wizardBot.typePassword( "secret" );
-
- // check the certificate again, should be OK
- String result2 = wizardBot.clickCheckAuthenticationButton();
- assertNull( "Expected OK, valid and trusted certificate", result2 );
-
- wizardBot.clickCancelButton();
- }
-
-
- /**
- * Tests StartTLS with an expired certificate.
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testStartTlsCertificateValidationExpired() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS - YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
- updateCertificate( "cn=localhost", "cn=localhost", startDate, endDate );
-
- // enter connection parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPort() );
- wizardBot.selectStartTlsEncryption();
-
- // check the certificate, expecting the trust dialog
- CertificateTrustDialogBot trustDialogBot = wizardBot
- .clickCheckNetworkParameterButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isSelfSigned() );
- assertTrue( trustDialogBot.isExpired() );
- assertFalse( trustDialogBot.isNotYetValid() );
- assertFalse( trustDialogBot.isHostNameMismatch() );
- assertFalse( trustDialogBot.isIssuerUnkown() );
- trustDialogBot.selectDontTrust();
- ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- assertTrue( errorBot.getErrorMessage().contains( "Untrusted certificate" ) );
- errorBot.clickOkButton();
-
- wizardBot.clickCancelButton();
- }
-
-
- /**
- * Tests SSL with an not yet valid certificate.
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testStartTlsCertificateValidationNotYetValid() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS + YEAR_MILLIS );
- updateCertificate( "cn=localhost", "cn=localhost", startDate, endDate );
-
- // enter connection parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPort() );
- wizardBot.selectStartTlsEncryption();
-
- // check the certificate, expecting the trust dialog
- CertificateTrustDialogBot trustDialogBot = wizardBot
- .clickCheckNetworkParameterButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isSelfSigned() );
- assertTrue( trustDialogBot.isNotYetValid() );
- assertFalse( trustDialogBot.isExpired() );
- assertFalse( trustDialogBot.isHostNameMismatch() );
- assertFalse( trustDialogBot.isIssuerUnkown() );
- trustDialogBot.selectDontTrust();
- ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- assertTrue( errorBot.getErrorMessage().contains( "Untrusted certificate" ) );
- errorBot.clickOkButton();
-
- wizardBot.clickCancelButton();
- }
-
-
- /**
- * Tests StartTLS with an invalid certificate (unknown issuer).
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testStartTlsCertificateValidationIssuerUnknown() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- updateCertificate( "cn=TheUnknownStuntman", "cn=localhost", startDate, endDate );
-
- // enter connection parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPort() );
- wizardBot.selectStartTlsEncryption();
-
- // check the certificate, expecting the trust dialog
- CertificateTrustDialogBot trustDialogBot = wizardBot
- .clickCheckNetworkParameterButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isIssuerUnkown() );
- assertFalse( trustDialogBot.isHostNameMismatch() );
- assertFalse( trustDialogBot.isSelfSigned() );
- assertFalse( trustDialogBot.isNotYetValid() );
- assertFalse( trustDialogBot.isExpired() );
- trustDialogBot.selectDontTrust();
- ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- assertTrue( errorBot.getErrorMessage().contains( "Untrusted certificate" ) );
- errorBot.clickOkButton();
-
- wizardBot.clickCancelButton();
- }
-
-
- /**
- * Tests StartTLS with an certificate, where the certificate's host name
- * doesn't match the server's host name (localhost)
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testStartTlsCertificateValidationHostnameMismatch() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- updateCertificate( "cn=TheUnknownStuntman", "cn=ldap.example.com", startDate, endDate );
-
- // enter connection parameter and authentication parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPort() );
- wizardBot.selectStartTlsEncryption();
- wizardBot.clickNextButton();
- wizardBot.typeUser( "uid=admin,ou=system" );
- wizardBot.typePassword( "secret" );
-
- // check the certificate, expecting the trust dialog
- CertificateTrustDialogBot trustDialogBot = wizardBot
- .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isHostNameMismatch() );
- assertTrue( trustDialogBot.isIssuerUnkown() );
- assertFalse( trustDialogBot.isSelfSigned() );
- assertFalse( trustDialogBot.isNotYetValid() );
- assertFalse( trustDialogBot.isExpired() );
- trustDialogBot.selectDontTrust();
- ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- assertTrue( errorBot.getErrorMessage().contains( "Untrusted certificate" ) );
- errorBot.clickOkButton();
-
- wizardBot.clickCancelButton();
- }
-
-
- /**
- * Tests that when selecting "Don't trust" the certificate is not trusted
- * and not added to any key store.
- *
- * @throws Exception
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testStartTlsCertificateDontTrust() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- updateCertificate( "cn=TheUnknownStuntman", "cn=localhost", startDate, endDate );
-
- // enter connection parameter and authentication parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPort() );
- wizardBot.selectStartTlsEncryption();
-
- // check trust, expect trust dialog, select don't trust
- CertificateTrustDialogBot trustDialogBot = wizardBot
- .clickCheckNetworkParameterButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isVisible() );
- trustDialogBot.selectDontTrust();
- ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- errorBot.clickOkButton();
-
- // check trust again, expect trust dialog, select don't trust
- trustDialogBot = wizardBot.clickCheckNetworkParameterButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isVisible() );
- trustDialogBot.selectDontTrust();
- errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- errorBot.clickOkButton();
-
- // certificate must not be added to a trust store
- assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
- assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
-
- // enter authentication parameter
- wizardBot.clickNextButton();
- wizardBot.typeUser( "uid=admin,ou=system" );
- wizardBot.typePassword( "secret" );
-
- // check trust again, expect trust dialog, select don't trust
- trustDialogBot = wizardBot.clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isVisible() );
- trustDialogBot.selectDontTrust();
- errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- errorBot.clickOkButton();
-
- // click finish, that opens the connection
- wizardBot.clickFinishButton();
-
- // expecting trust dialog again.
- trustDialogBot = new CertificateTrustDialogBot();
- assertTrue( trustDialogBot.isVisible() );
- trustDialogBot.selectDontTrust();
- errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- errorBot.clickOkButton();
-
- assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
- assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
- }
-
-
- /**
- * Tests that when selecting "Trust temporary" the certificate is trusted
- * and added to the session key store.
- *
- * @throws Exception
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testStartTlsCertificateTrustTemporary() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- updateCertificate( "cn=TheUnknownStuntman", "cn=localhost2", startDate, endDate );
-
- // enter connection parameter and authentication parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPort() );
- wizardBot.selectStartTlsEncryption();
- wizardBot.clickNextButton();
- wizardBot.typeUser( "uid=admin,ou=system" );
- wizardBot.typePassword( "secret" );
-
- // check trust, expect trust dialog, select trust temporary
- CertificateTrustDialogBot trustDialogBot = wizardBot
- .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isVisible() );
- trustDialogBot.selectTrustTemporary();
- trustDialogBot.clickOkButton();
-
- // TODO: expect ok dialog
- trustDialogBot.clickOkButton();
-
- // certificate must be added to the temporary trust store
- assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
- assertEquals( 1, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
-
- // check trust again, now the certificate is already trusted
- String result = wizardBot.clickCheckAuthenticationButton();
- assertNull( "Expected OK, valid and trusted certificate", result );
-
- wizardBot.clickCancelButton();
- }
-
-
- /**
- * Tests that when selecting "Trust permanent" the certificate is trusted
- * and added to the permanent key store.
- *
- * @throws Exception
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testStartTlsCertificateTrustPermanent() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- updateCertificate( "cn=TheUnknownStuntman", "cn=localhost3", startDate, endDate );
-
- // enter connection parameter and authentication parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPort() );
- wizardBot.selectStartTlsEncryption();
-
- // check trust, expect trust dialog, select trust temporary
- CertificateTrustDialogBot trustDialogBot = wizardBot
- .clickCheckNetworkParameterButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isVisible() );
- trustDialogBot.selectTrustPermanent();
- trustDialogBot.clickOkButton();
-
- // TODO: expect ok dialog
- trustDialogBot.clickOkButton();
-
- // certificate must be added to the temporary trust store
- assertEquals( 1, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
- assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
-
- // check trust again, now the certificate is already trusted
- String result = wizardBot.clickCheckNetworkParameterButton();
- assertNull( "Expected OK, valid and trusted certificate", result );
-
- wizardBot.clickCancelButton();
- }
-
-
- /**
- * Tests ldaps:// with an valid certificate. This is simulated
- * by putting the self-signed certificate into a temporary key store
- * and using this key store for JNDI
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testLdapsCertificateValidationOK() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- updateCertificate( "cn=localhost", "cn=localhost", startDate, endDate );
-
- // prepare key store
- installKeyStoreWithCertificate();
-
- // let JNDI use the key store
- System.setProperty( "javax.net.ssl.trustStore", ksFile.getAbsolutePath() );
- System.setProperty( "javax.net.ssl.keyStore", ksFile.getAbsolutePath() );
- System.setProperty( "javax.net.ssl.keyStorePassword", "changeit" );
-
- // enter connection parameter and authentication parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPortSSL() );
- wizardBot.selectLdapsEncryption();
- wizardBot.clickNextButton();
- wizardBot.typeUser( "uid=admin,ou=system" );
- wizardBot.typePassword( "secret" );
-
- // check the certificate, should be OK
- String result = wizardBot.clickCheckAuthenticationButton();
- assertNull( "Expected OK, valid and trusted certificate", result );
-
- wizardBot.clickCancelButton();
- }
-
-
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testLdapsCertificateValidationNotOK() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS + YEAR_MILLIS );
- updateCertificate( "cn=localhost", "cn=localhost", startDate, endDate );
-
- // enter connection parameter and authentication parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPortSSL() );
- wizardBot.selectLdapsEncryption();
- wizardBot.clickNextButton();
- wizardBot.typeUser( "uid=admin,ou=system" );
- wizardBot.typePassword( "secret" );
-
- // check the certificate, expecting the trust dialog
- CertificateTrustDialogBot trustDialogBot = wizardBot
- .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isSelfSigned() );
- assertTrue( trustDialogBot.isNotYetValid() );
- assertFalse( trustDialogBot.isExpired() );
- assertFalse( trustDialogBot.isHostNameMismatch() );
- assertFalse( trustDialogBot.isIssuerUnkown() );
- trustDialogBot.selectDontTrust();
- ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- assertTrue( errorBot.getErrorMessage().contains( "failed" ) );
- errorBot.clickOkButton();
-
- wizardBot.clickCancelButton();
- }
-
-
- /**
- * Tests that when selecting "Don't trust" the certificate is not trusted
- * and not added to any key store.
- *
- * @throws Exception
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testLdapsCertificateDontTrust() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- updateCertificate( "cn=TheUnknownStuntman", "cn=localhost4", startDate, endDate );
-
- // enter connection parameter and authentication parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPortSSL() );
- wizardBot.selectLdapsEncryption();
- wizardBot.clickNextButton();
- wizardBot.typeUser( "uid=admin,ou=system" );
- wizardBot.typePassword( "secret" );
-
- // check trust, expect trust dialog, select don't trust
- CertificateTrustDialogBot trustDialogBot = wizardBot
- .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isVisible() );
- trustDialogBot.selectDontTrust();
- ErrorDialogBot errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- errorBot.clickOkButton();
-
- // check trust again, expect trust dialog, select don't trust
- trustDialogBot = wizardBot.clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isVisible() );
- trustDialogBot.selectDontTrust();
- errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- errorBot.clickOkButton();
-
- // certificate must not be added to a trust store
- assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
- assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
-
- // click finish, that opens the connection
- wizardBot.clickFinishButton();
-
- // expecting trust dialog again.
- trustDialogBot = new CertificateTrustDialogBot();
- assertTrue( trustDialogBot.isVisible() );
- trustDialogBot.selectDontTrust();
- errorBot = trustDialogBot.clickOkButtonExpectingErrorDialog();
- errorBot.clickOkButton();
-
- assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
- assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
- }
-
-
- /**
- * Tests that when selecting "Trust temporary" the certificate is trusted
- * and added to the session key store.
- *
- * @throws Exception
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testLdapsCertificateTrustTemporary() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- updateCertificate( "cn=TheUnknownStuntman", "cn=localhost5", startDate, endDate );
-
- // enter connection parameter and authentication parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPortSSL() );
- wizardBot.selectLdapsEncryption();
- wizardBot.clickNextButton();
- wizardBot.typeUser( "uid=admin,ou=system" );
- wizardBot.typePassword( "secret" );
-
- // check trust, expect trust dialog, select trust temporary
- CertificateTrustDialogBot trustDialogBot = wizardBot
- .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isVisible() );
- trustDialogBot.selectTrustTemporary();
- trustDialogBot.clickOkButton();
-
- // TODO: expect ok dialog
- trustDialogBot.clickOkButton();
-
- // certificate must be added to the temporary trust store
- assertEquals( 0, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
- assertEquals( 1, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
-
- // check trust again, now the certificate is already trusted
- String result = wizardBot.clickCheckAuthenticationButton();
- assertNull( "Expected OK, valid and trusted certificate", result );
-
- wizardBot.clickCancelButton();
- }
-
-
- /**
- * Tests that when selecting "Trust permanent" the certificate is trusted
- * and added to the permanent key store.
- *
- * @throws Exception
- */
- @Test
- @Ignore
- // till DIRSERVER-1373 is fixed
- public void testLdapsCertificateTrustPermanent() throws Exception
- {
- // prepare certificate
- Date startDate = new Date( System.currentTimeMillis() - YEAR_MILLIS );
- Date endDate = new Date( System.currentTimeMillis() + YEAR_MILLIS );
- updateCertificate( "cn=TheUnknownStuntman", "cn=localhost6", startDate, endDate );
-
- // enter connection parameter and authentication parameter
- wizardBot.typeConnectionName( getConnectionName() );
- wizardBot.typeHost( LOCALHOST );
- wizardBot.typePort( ldapServer.getPortSSL() );
- wizardBot.selectLdapsEncryption();
- wizardBot.clickNextButton();
- wizardBot.typeUser( "uid=admin,ou=system" );
- wizardBot.typePassword( "secret" );
-
- // check trust, expect trust dialog, select trust temporary
- CertificateTrustDialogBot trustDialogBot = wizardBot
- .clickCheckAuthenticationButtonExpectingCertificateTrustDialog();
- assertTrue( trustDialogBot.isVisible() );
- trustDialogBot.selectTrustPermanent();
- trustDialogBot.clickOkButton();
-
- // TODO: expect ok dialog
- trustDialogBot.clickOkButton();
-
- // certificate must be added to the temporary trust store
- assertEquals( 1, ConnectionCorePlugin.getDefault().getPermanentTrustStoreManager().getCertificates().length );
- assertEquals( 0, ConnectionCorePlugin.getDefault().getSessionTrustStoreManager().getCertificates().length );
-
- // check trust again, now the certificate is already trusted
- String result = wizardBot.clickCheckAuthenticationButton();
- assertNull( "Expected OK, valid and trusted certificate", result );
-
- wizardBot.clickCancelButton();
- }
-
- /*
- * Eventually we have to make several of these parameters configurable,
- * however note to pass export restrictions we must use a key size of
- * 512 or less here as the default. Users can configure this setting
- * later based on their own legal situations. This is required to
- * classify ApacheDS in the ECCN 5D002 category. Please see the following
- * page for more information:
- *
- * http://www.apache.org/dev/crypto.html
- *
- * Also ApacheDS must be classified on the following page:
- *
- * http://www.apache.org/licenses/exports
- */
- private static final int KEY_SIZE = 512;
- private static final long YEAR_MILLIS = 365L * 24L * 3600L * 1000L;
- private static final String PRIVATE_KEY_AT = "privateKey";
- private static final String PUBLIC_KEY_AT = "publicKey";
- private static final String KEY_ALGORITHM_AT = "keyAlgorithm";
- private static final String PRIVATE_KEY_FORMAT_AT = "privateKeyFormat";
- private static final String PUBLIC_KEY_FORMAT_AT = "publicKeyFormat";
- private static final String USER_CERTIFICATE_AT = "userCertificate";
- private static final String PRINCIPAL = "uid=admin,ou=system";
-
-
- /**
- *
- */
- private void updateCertificate( String issuerDN, String subjectDN, Date startDate, Date expiryDate )
- throws Exception
- {
- Dn dn = new Dn( PRINCIPAL );
- List<Modification> modifications = new ArrayList<Modification>();
-
- // Get old key algorithm
- Entry entry = service.getAdminSession().lookup( dn );
- String keyAlgo = entry.get( KEY_ALGORITHM_AT ).getString();
-
- // Generate key pair
- KeyPairGenerator generator = KeyPairGenerator.getInstance( keyAlgo );
- generator.initialize( KEY_SIZE );
- KeyPair keypair = generator.genKeyPair();
-
- // Generate the private key attributes
- PrivateKey privateKey = keypair.getPrivate();
-
- // Generate public key
- PublicKey publicKey = keypair.getPublic();
-
- // Generate the self-signed certificate
- BigInteger serialNumber = BigInteger.valueOf( System.currentTimeMillis() );
- X509V1CertificateGenerator certGen = new X509V1CertificateGenerator();
- X500Principal issuerName = new X500Principal( issuerDN );
- X500Principal subjectName = new X500Principal( subjectDN );
- certGen.setSerialNumber( serialNumber );
- certGen.setIssuerDN( issuerName );
- certGen.setNotBefore( startDate );
- certGen.setNotAfter( expiryDate );
- certGen.setSubjectDN( subjectName );
- certGen.setPublicKey( publicKey );
- certGen.setSignatureAlgorithm( "SHA1With" + keyAlgo );
- X509Certificate cert = certGen.generate( privateKey, "BC" );
-
- // Write the modifications
- ModifyRequest request = new ModifyRequestImpl();
- request.setName( dn );
- request.replace( PRIVATE_KEY_AT, privateKey.getEncoded() );
- request.replace( PRIVATE_KEY_FORMAT_AT, privateKey.getFormat() );
- request.replace( PUBLIC_KEY_AT, publicKey.getEncoded() );
- request.replace( PUBLIC_KEY_FORMAT_AT, publicKey.getFormat() );
- request.replace( USER_CERTIFICATE_AT, cert.getEncoded() );
- service.getAdminSession().modify( dn, modifications );
-
- // TODO: activate when DIRSERVER-1373 is fixed
- //ldapService.reloadSslContext();
- //ldapsService.reloadSslContext();
- }
-
-
- private void installKeyStoreWithCertificate() throws Exception
- {
- if ( ksFile != null && ksFile.exists() )
- {
- ksFile.delete();
- }
- ksFile = File.createTempFile( "testStore", "ks" );
-
- CoreSession session = service.getAdminSession();
- Entry entry = session.lookup( new Dn( "uid=admin,ou=system" ), new String[]
- { USER_CERTIFICATE_AT } );
- byte[] userCertificate = entry.get( USER_CERTIFICATE_AT ).getBytes();
- assertNotNull( userCertificate );
-
- ByteArrayInputStream in = new ByteArrayInputStream( userCertificate );
- CertificateFactory factory = CertificateFactory.getInstance( "X.509" );
- Certificate cert = factory.generateCertificate( in );
- KeyStore ks = KeyStore.getInstance( KeyStore.getDefaultType() );
- ks.load( null, null );
- ks.setCertificateEntry( "apacheds", cert );
- ks.store( new FileOutputStream( ksFile ), "changeit".toCharArray() );
- }
}
Modified: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/ApacheDSConfigurationEditorBot.java
URL: http://svn.apache.org/viewvc/directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/ApacheDSConfigurationEditorBot.java?rev=1746949&r1=1746948&r2=1746949&view=diff
==============================================================================
--- directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/ApacheDSConfigurationEditorBot.java (original)
+++ directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/ApacheDSConfigurationEditorBot.java Sun Jun 5 20:40:34 2016
@@ -82,6 +82,14 @@ public class ApacheDSConfigurationEditor
}
+ public void setKeystore( String keyStoreFilePath, String keyStorePassword )
+ {
+ editor.activatePage( "LDAP/LDAPS Servers" );
+ editor.bot().text( 11 ).setText( keyStoreFilePath );
+ editor.bot().text( 12 ).setText( keyStorePassword );
+ }
+
+
public void save()
{
editor.save();
@@ -93,4 +101,5 @@ public class ApacheDSConfigurationEditor
editor.close();
}
+
}
Modified: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateTrustDialogBot.java
URL: http://svn.apache.org/viewvc/directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateTrustDialogBot.java?rev=1746949&r1=1746948&r2=1746949&view=diff
==============================================================================
--- directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateTrustDialogBot.java (original)
+++ directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateTrustDialogBot.java Sun Jun 5 20:40:34 2016
@@ -24,6 +24,7 @@ import java.util.ArrayList;
import java.util.List;
import org.eclipse.swtbot.swt.finder.widgets.SWTBotLabel;
+import org.eclipse.swtbot.swt.finder.widgets.SWTBotShell;
public class CertificateTrustDialogBot extends DialogBot
@@ -125,14 +126,15 @@ public class CertificateTrustDialogBot e
public ErrorDialogBot clickOkButtonExpectingErrorDialog()
{
- BotUtils.shell( new Runnable()
+ SWTBotShell shell = BotUtils.shell( new Runnable()
{
public void run()
{
clickOkButton();
}
}, "Error", "Problem Occurred" );
+ String shellText = shell.getText();
- return new ErrorDialogBot();
+ return new ErrorDialogBot(shellText);
}
}
Modified: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateValidationPreferencePageBot.java
URL: http://svn.apache.org/viewvc/directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateValidationPreferencePageBot.java?rev=1746949&r1=1746948&r2=1746949&view=diff
==============================================================================
--- directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateValidationPreferencePageBot.java (original)
+++ directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateValidationPreferencePageBot.java Sun Jun 5 20:40:34 2016
@@ -31,6 +31,7 @@ public class CertificateValidationPrefer
super( "Preferences" );
}
+
public void clickApplyButton()
{
super.clickButton( "Apply" );
@@ -61,4 +62,41 @@ public class CertificateValidationPrefer
}
}
+
+ public void activatePermanentTab()
+ {
+ bot.tabItem( "Permanent Trusted" ).activate();
+ }
+
+
+ public void activateTemporaryTab()
+ {
+ bot.tabItem( "Temporary Trusted" ).activate();
+ }
+
+
+ public int getCertificateCount()
+ {
+ return bot.table().rowCount();
+ }
+
+
+ public void selectCertificate( int index )
+ {
+ bot.table().select( index );
+ }
+
+
+ public CertificateViewerDialogBot clickViewButton()
+ {
+ clickButton( "View..." );
+ return new CertificateViewerDialogBot();
+ }
+
+
+ public void clickRemoveButton()
+ {
+ clickButton( "Remove" );
+ }
+
}
Added: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateViewerDialogBot.java
URL: http://svn.apache.org/viewvc/directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateViewerDialogBot.java?rev=1746949&view=auto
==============================================================================
--- directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateViewerDialogBot.java (added)
+++ directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateViewerDialogBot.java Sun Jun 5 20:40:34 2016
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.studio.test.integration.ui.bots;
+
+
+public class CertificateViewerDialogBot extends DialogBot
+{
+ public CertificateViewerDialogBot()
+ {
+ super( "Certificate Viewer" );
+ }
+
+
+ public void clickCloseButton()
+ {
+ clickButton( "Close" );
+ }
+
+}
Propchange: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CertificateViewerDialogBot.java
------------------------------------------------------------------------------
svn:eol-style = native
Added: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CheckAuthenticationDialogBot.java
URL: http://svn.apache.org/viewvc/directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CheckAuthenticationDialogBot.java?rev=1746949&view=auto
==============================================================================
--- directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CheckAuthenticationDialogBot.java (added)
+++ directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CheckAuthenticationDialogBot.java Sun Jun 5 20:40:34 2016
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.directory.studio.test.integration.ui.bots;
+
+
+public class CheckAuthenticationDialogBot extends DialogBot
+{
+
+ public CheckAuthenticationDialogBot()
+ {
+ super( "Check Authentication" );
+ }
+
+}
Propchange: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/CheckAuthenticationDialogBot.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/ErrorDialogBot.java
URL: http://svn.apache.org/viewvc/directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/ErrorDialogBot.java?rev=1746949&r1=1746948&r2=1746949&view=diff
==============================================================================
--- directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/ErrorDialogBot.java (original)
+++ directory/studio/trunk/tests/test.integration.ui/src/main/java/org/apache/directory/studio/test/integration/ui/bots/ErrorDialogBot.java Sun Jun 5 20:40:34 2016
@@ -25,7 +25,13 @@ public class ErrorDialogBot extends Dial
public ErrorDialogBot()
{
- super("Error");
+ this( "Error" );
+ }
+
+
+ public ErrorDialogBot( String title )
+ {
+ super( title );
}