You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by ra...@apache.org on 2010/03/19 16:56:03 UTC
svn commit: r925289 - in
/qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid:
client/AMQConnectionDelegate_0_10.java jms/BrokerDetails.java
Author: rajith
Date: Fri Mar 19 15:56:03 2010
New Revision: 925289
URL: http://svn.apache.org/viewvc?rev=925289&view=rev
Log:
Added support for QPID-2444 QPID-2446
1. You could specify ssl_verify_hostname as a Broker argument in the Connection URL to explicitly enable SSL hostname verification.
2. You could specify a per connection trust store and key store to allow each connection to use it's own client certificate.
trust_store,trust_store_passowrd, key_store, key_store_password could be specified as Broker arguments in the Connection URL.
Modified:
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java
qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/jms/BrokerDetails.java
Modified: qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java?rev=925289&r1=925288&r2=925289&view=diff
==============================================================================
--- qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java (original)
+++ qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/client/AMQConnectionDelegate_0_10.java Fri Mar 19 15:56:03 2010
@@ -157,45 +157,9 @@ public class AMQConnectionDelegate_0_10
+ _conn.getPassword());
}
- String saslMechs = brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_MECHS) != null ?
- brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_MECHS):
- System.getProperty("qpid.sasl_mechs", "PLAIN");
-
- // Sun SASL Kerberos client uses the
- // protocol + servername as the service key.
- String protocol = brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_PROTOCOL_NAME) != null ?
- brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_PROTOCOL_NAME):
- System.getProperty("qpid.sasl_protocol", "AMQP");
-
- String saslServerName = brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_SERVER_NAME) != null ?
- brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_SERVER_NAME):
- System.getProperty("qpid.sasl_server_name", "localhost");
-
- boolean useSSL = brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SSL);
-
- boolean useSASLEncryption = brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SASL_ENCRYPTION)?
- brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SASL_ENCRYPTION):
- Boolean.getBoolean("qpid.sasl_encryption");
-
- boolean useTcpNodelay = brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_TCP_NO_DELAY)?
- brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_TCP_NO_DELAY):
- Boolean.getBoolean("amqj.tcp_nodelay");
-
-
ConnectionSettings conSettings = new ConnectionSettings();
- conSettings.setHost(brokerDetail.getHost());
- conSettings.setPort(brokerDetail.getPort());
- conSettings.setVhost(_conn.getVirtualHost());
- conSettings.setUsername(_conn.getUsername());
- conSettings.setPassword(_conn.getPassword());
- conSettings.setUseSASLEncryption(useSASLEncryption);
- conSettings.setUseSSL(useSSL);
- conSettings.setSaslMechs(saslMechs);
- conSettings.setTcpNodelay(useTcpNodelay);
- conSettings.setSaslProtocol(protocol);
- conSettings.setSaslServerName(saslServerName);
- conSettings.setHeartbeatInterval(getHeartbeatInterval(brokerDetail));
-
+ retriveConnectionSettings(conSettings,brokerDetail);
+
_qpidConnection.connect(conSettings);
_conn._connected = true;
@@ -328,6 +292,87 @@ public class AMQConnectionDelegate_0_10
return ProtocolVersion.v0_10;
}
+ private void retriveConnectionSettings(ConnectionSettings conSettings, BrokerDetails brokerDetail)
+ {
+
+ conSettings.setHost(brokerDetail.getHost());
+ conSettings.setPort(brokerDetail.getPort());
+ conSettings.setVhost(_conn.getVirtualHost());
+ conSettings.setUsername(_conn.getUsername());
+ conSettings.setPassword(_conn.getPassword());
+
+ // ------------ sasl options ---------------
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_MECHS) != null)
+ {
+ conSettings.setSaslMechs(
+ brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_MECHS));
+ }
+
+ // Sun SASL Kerberos client uses the
+ // protocol + servername as the service key.
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_PROTOCOL_NAME) != null)
+ {
+ conSettings.setSaslProtocol(
+ brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_PROTOCOL_NAME));
+ }
+
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_SERVER_NAME) != null)
+ {
+ conSettings.setSaslServerName(
+ brokerDetail.getProperty(BrokerDetails.OPTIONS_SASL_SERVER_NAME));
+ }
+
+ conSettings.setUseSASLEncryption(
+ brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SASL_ENCRYPTION));
+
+ // ------------- ssl options ---------------------
+ conSettings.setUseSSL(brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SSL));
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_TRUST_STORE) != null)
+ {
+ conSettings.setTrustStorePath(
+ brokerDetail.getProperty(BrokerDetails.OPTIONS_TRUST_STORE));
+ }
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_TRUST_STORE_PASSWORD) != null)
+ {
+ conSettings.setTrustStorePassword(
+ brokerDetail.getProperty(BrokerDetails.OPTIONS_TRUST_STORE_PASSWORD));
+ }
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_KEY_STORE) != null)
+ {
+ conSettings.setKeyStorePath(
+ brokerDetail.getProperty(BrokerDetails.OPTIONS_KEY_STORE));
+ }
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_KEY_STORE_PASSWORD) != null)
+ {
+ conSettings.setKeyStorePassword(
+ brokerDetail.getProperty(BrokerDetails.OPTIONS_KEY_STORE_PASSWORD));
+ }
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_SSL_CERT_ALIAS) != null)
+ {
+ conSettings.setCertAlias(
+ brokerDetail.getProperty(BrokerDetails.OPTIONS_SSL_CERT_ALIAS));
+ }
+ // ----------------------------
+
+ conSettings.setVerifyHostname(brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_SSL_VERIFY_HOSTNAME));
+
+
+ if (brokerDetail.getProperty(BrokerDetails.OPTIONS_TCP_NO_DELAY) != null)
+ {
+ conSettings.setTcpNodelay(
+ brokerDetail.getBooleanProperty(BrokerDetails.OPTIONS_TCP_NO_DELAY));
+ }
+
+ conSettings.setHeartbeatInterval(getHeartbeatInterval(brokerDetail));
+ }
+
// The idle_timeout prop is in milisecs while
// the new heartbeat prop is in secs
private int getHeartbeatInterval(BrokerDetails brokerDetail)
Modified: qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/jms/BrokerDetails.java
URL: http://svn.apache.org/viewvc/qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/jms/BrokerDetails.java?rev=925289&r1=925288&r2=925289&view=diff
==============================================================================
--- qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/jms/BrokerDetails.java (original)
+++ qpid/trunk/qpid/java/client/src/main/java/org/apache/qpid/jms/BrokerDetails.java Fri Mar 19 15:56:03 2010
@@ -42,6 +42,14 @@ public interface BrokerDetails
public static final String OPTIONS_TCP_NO_DELAY = "tcp_nodelay";
public static final String OPTIONS_SASL_PROTOCOL_NAME = "sasl_protocol";
public static final String OPTIONS_SASL_SERVER_NAME = "sasl_server";
+
+ public static final String OPTIONS_TRUST_STORE = "trust_store";
+ public static final String OPTIONS_TRUST_STORE_PASSWORD = "trust_store_password";
+ public static final String OPTIONS_KEY_STORE = "key_store";
+ public static final String OPTIONS_KEY_STORE_PASSWORD = "key_store_password";
+ public static final String OPTIONS_SSL_VERIFY_HOSTNAME = "ssl_verify_hostname";
+ public static final String OPTIONS_SSL_CERT_ALIAS = "ssl_cert_alias";
+
public static final int DEFAULT_PORT = 5672;
public static final String SOCKET = "socket";
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:commits-subscribe@qpid.apache.org