You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by ni...@apache.org on 2013/07/02 10:39:24 UTC
svn commit: r1498836 - in /cxf/trunk/rt/transports/http-netty/netty-client/src/test: java/org/apache/cxf/transport/http/netty/client/integration/ resources/ resources/org/ resources/org/apache/ resources/org/apache/cxf/ resources/org/apache/cxf/transpo...

Author: ningjiang
Date: Tue Jul  2 08:39:23 2013
New Revision: 1498836

URL: http://svn.apache.org/r1498836
Log:
CXF-5042 Added SSLNettyClientTest for unit test

Added:
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/java/org/apache/cxf/transport/http/netty/client/integration/SSLNettyClientTest.java
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/ServerConfig.xml
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/clientKeystore.jks
    cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/serviceKeystore.jks

Added: cxf/trunk/rt/transports/http-netty/netty-client/src/test/java/org/apache/cxf/transport/http/netty/client/integration/SSLNettyClientTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-client/src/test/java/org/apache/cxf/transport/http/netty/client/integration/SSLNettyClientTest.java?rev=1498836&view=auto
==============================================================================
--- cxf/trunk/rt/transports/http-netty/netty-client/src/test/java/org/apache/cxf/transport/http/netty/client/integration/SSLNettyClientTest.java (added)
+++ cxf/trunk/rt/transports/http-netty/netty-client/src/test/java/org/apache/cxf/transport/http/netty/client/integration/SSLNettyClientTest.java Tue Jul  2 08:39:23 2013
@@ -0,0 +1,142 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.transport.http.netty.client.integration;
+
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.net.URL;
+import java.security.GeneralSecurityException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.xml.ws.Endpoint;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.configuration.jsse.TLSClientParameters;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
+import org.apache.cxf.transport.http.netty.client.NettyHttpConduit;
+import org.apache.hello_world_soap_http.Greeter;
+import org.apache.hello_world_soap_http.SOAPService;
+
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+public class SSLNettyClientTest extends AbstractBusClientServerTestBase {
+    
+    public static final String PORT = allocatePort(SSLNettyClientTest.class);
+    
+    static {
+        System.setProperty("SSLNettyClientTest.port", PORT);
+    }
+    
+    static Endpoint ep;
+
+    static Greeter g;
+    
+    static String address;
+
+    @BeforeClass
+    public static void start() throws Exception {
+        Bus b = createStaticBus("/org/apache/cxf/transport/http/netty/client/integration/ServerConfig.xml");
+        BusFactory.setThreadDefaultBus(b);
+        address = "https://localhost:" + PORT + "/SoapContext/SoapPort";
+        ep = Endpoint.publish(address ,
+                new org.apache.hello_world_soap_http.GreeterImpl());
+        
+        URL wsdl = SSLNettyClientTest.class.getResource("/wsdl/hello_world.wsdl");
+        assertNotNull("WSDL is null", wsdl);
+
+        SOAPService service = new SOAPService(wsdl);
+        assertNotNull("Service is null", service);
+
+        g = service.getSoapPort();
+        assertNotNull("Port is null", g);
+    }
+
+    @AfterClass
+    public static void stop() throws Exception {
+        if (g != null) {
+            ((java.io.Closeable)g).close();
+        }
+        if (ep != null) {
+            ep.stop();
+        }
+        ep = null;
+    }
+    
+    @Test
+    public void testInvocation() throws Exception {
+        setupTLS(g);
+        setAddress(g, address);
+        String response = g.greetMe("test");
+        assertEquals("Get a wrong response", "Hello test", response);
+    }
+    
+    private static void setupTLS(Greeter port)
+        throws FileNotFoundException, IOException, GeneralSecurityException {
+        String keyStoreLoc = 
+            "src/test/resources/org/apache/cxf/transport/http/netty/client/integration/clientKeystore.jks";
+        NettyHttpConduit httpConduit = (NettyHttpConduit) ClientProxy.getClient(port).getConduit();
+
+        TLSClientParameters tlsCP = new TLSClientParameters();
+        String keyPassword = "ckpass";
+        KeyStore keyStore = KeyStore.getInstance("JKS");
+        keyStore.load(new FileInputStream(keyStoreLoc), "cspass".toCharArray());
+        KeyManager[] myKeyManagers = getKeyManagers(keyStore, keyPassword);
+        tlsCP.setKeyManagers(myKeyManagers);
+
+
+        KeyStore trustStore = KeyStore.getInstance("JKS");
+        trustStore.load(new FileInputStream(keyStoreLoc), "cspass".toCharArray());
+        TrustManager[] myTrustStoreKeyManagers = getTrustManagers(trustStore);
+        tlsCP.setTrustManagers(myTrustStoreKeyManagers);
+
+        httpConduit.setTlsClientParameters(tlsCP);
+    }
+
+    private static TrustManager[] getTrustManagers(KeyStore trustStore)
+        throws NoSuchAlgorithmException, KeyStoreException {
+        String alg = KeyManagerFactory.getDefaultAlgorithm();
+        TrustManagerFactory fac = TrustManagerFactory.getInstance(alg);
+        fac.init(trustStore);
+        return fac.getTrustManagers();
+    }
+    
+    private static KeyManager[] getKeyManagers(KeyStore keyStore, String keyPassword)
+        throws GeneralSecurityException, IOException {
+        String alg = KeyManagerFactory.getDefaultAlgorithm();
+        char[] keyPass = keyPassword != null
+                     ? keyPassword.toCharArray()
+                     : null;
+        KeyManagerFactory fac = KeyManagerFactory.getInstance(alg);
+        fac.init(keyStore, keyPass);
+        return fac.getKeyManagers();
+    }
+    
+
+}

Added: cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/ServerConfig.xml
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/ServerConfig.xml?rev=1498836&view=auto
==============================================================================
--- cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/ServerConfig.xml (added)
+++ cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/ServerConfig.xml Tue Jul  2 08:39:23 2013
@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one
+  or more contributor license agreements. See the NOTICE file
+  distributed with this work for additional information
+  regarding copyright ownership. The ASF licenses this file
+  to you under the Apache License, Version 2.0 (the
+  "License"); you may not use this file except in compliance
+  with the License. You may obtain a copy of the License at
+  
+  http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing,
+  software distributed under the License is distributed on an
+  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  KIND, either express or implied. See the License for the
+  specific language governing permissions and limitations
+  under the License.
+-->
+
+<!-- 
+  ** This file configures the Server which runs the web service.
+-->
+
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:sec="http://cxf.apache.org/configuration/security"
+  xmlns:http="http://cxf.apache.org/transports/http/configuration"
+  xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+  xsi:schemaLocation="
+            http://cxf.apache.org/configuration/security  		      
+            http://cxf.apache.org/schemas/configuration/security.xsd
+            http://cxf.apache.org/transports/http/configuration
+            http://cxf.apache.org/schemas/configuration/http-conf.xsd
+            http://cxf.apache.org/transports/http-jetty/configuration
+            http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+            http://www.springframework.org/schema/beans
+            http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+  <http:destination name="{http://apache.org/hello_world_soap_http}GreeterPort.http-destination"> 
+  </http:destination>
+  <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+  
+  <httpj:engine-factory>
+   <httpj:engine port="${SSLNettyClientTest.port}">
+    <httpj:tlsServerParameters>
+      <sec:keyManagers keyPassword="skpass">
+           <sec:keyStore file="src/test/resources/org/apache/cxf/transport/http/netty/client/integration/serviceKeystore.jks" password="sspass" type="JKS"/>
+      </sec:keyManagers>
+      <sec:trustManagers>
+           <sec:keyStore file="src/test/resources/org/apache/cxf/transport/http/netty/client/integration/serviceKeystore.jks" password="sspass" type="JKS"/>
+      </sec:trustManagers>
+      <sec:cipherSuitesFilter>
+        <!-- these filters ensure that a ciphersuite with
+          export-suitable or null encryption is used,
+          but exclude anonymous Diffie-Hellman key change as
+          this is vulnerable to man-in-the-middle attacks -->
+        <sec:include>.*_EXPORT_.*</sec:include>
+        <sec:include>.*_EXPORT1024_.*</sec:include>
+        <sec:include>.*_WITH_DES_.*</sec:include>
+        <sec:include>.*_WITH_AES_.*</sec:include>
+        <sec:include>.*_WITH_NULL_.*</sec:include>
+        <sec:exclude>.*_DH_anon_.*</sec:exclude>
+      </sec:cipherSuitesFilter>
+      <sec:clientAuthentication want="true" required="true"/>
+    </httpj:tlsServerParameters>
+   </httpj:engine>
+  </httpj:engine-factory>
+</beans>

Added: cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/clientKeystore.jks
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/clientKeystore.jks?rev=1498836&view=auto
==============================================================================
Files cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/clientKeystore.jks (added) and cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/clientKeystore.jks Tue Jul  2 08:39:23 2013 differ

Added: cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/serviceKeystore.jks
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/serviceKeystore.jks?rev=1498836&view=auto
==============================================================================
Files cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/serviceKeystore.jks (added) and cxf/trunk/rt/transports/http-netty/netty-client/src/test/resources/org/apache/cxf/transport/http/netty/client/integration/serviceKeystore.jks Tue Jul  2 08:39:23 2013 differ