You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ja...@apache.org on 2023/04/06 12:34:12 UTC
[camel-quarkus] 06/06: Cxf-soap: Extend test coverage with Ssl scenario #4679
This is an automated email from the ASF dual-hosted git repository.
jamesnetherton pushed a commit to branch 2.13.x
in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
commit 9373d7615ca0ba6c2e1a53b49cf5ed38f8827194
Author: JiriOndrusek <on...@gmail.com>
AuthorDate: Tue Mar 21 14:10:10 2023 +0100
Cxf-soap: Extend test coverage with Ssl scenario #4679
---
.../cxf-soap/cxf-soap-ssl/pom.xml | 236 ++++++++++++++++
.../cxf/soap/ssl/it/CxfSoapSslResource.java | 84 ++++++
.../cxf/soap/ssl/it/CxfSoapSslRoutes.java | 210 ++++++++++++++
.../component/cxf/soap/ssl/it/GreeterImpl.java | 24 ++
.../component/cxf/soap/ssl/it/GreeterService.java | 27 ++
.../src/main/resources/application.properties | 23 ++
.../cxf/soap/ssl/it/CxfSoapGlobalTrustedSslIT.java | 23 ++
.../soap/ssl/it/CxfSoapGlobalTrustedSslTest.java | 43 +++
.../soap/ssl/it/CxfSoapGlobalUntrustedSslIT.java | 23 ++
.../soap/ssl/it/CxfSoapGlobalUntrustedSslTest.java | 43 +++
.../component/cxf/soap/ssl/it/CxfSoapSslIT.java | 23 ++
.../component/cxf/soap/ssl/it/CxfSoapSslTest.java | 65 +++++
integration-test-groups/cxf-soap/pom.xml | 1 +
integration-tests/cxf-soap-grouped/pom.xml | 302 +++++++++++++++++++++
14 files changed, 1127 insertions(+)
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/pom.xml b/integration-test-groups/cxf-soap/cxf-soap-ssl/pom.xml
new file mode 100644
index 0000000000..cf690898f5
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/pom.xml
@@ -0,0 +1,236 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-build-parent-it</artifactId>
+ <version>2.13.3-SNAPSHOT</version>
+ <relativePath>../../../poms/build-parent-it/pom.xml</relativePath>
+ </parent>
+
+ <artifactId>camel-quarkus-integration-test-cxf-soap-ssl</artifactId>
+ <name>Camel Quarkus :: Integration Tests :: Cxf Soap Ssl</name>
+ <description>Integration tests for Camel Quarkus CXF extension ssl part</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-cxf-soap</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>io.quarkus</groupId>
+ <artifactId>quarkus-resteasy</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-direct</artifactId>
+ </dependency>
+ <!-- test dependencies -->
+ <dependency>
+ <groupId>io.quarkus</groupId>
+ <artifactId>quarkus-junit5</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>io.rest-assured</groupId>
+ <artifactId>rest-assured</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>io.quarkiverse.cxf</groupId>
+ <artifactId>quarkus-cxf-test-util</artifactId>
+ <scope>test</scope>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>${quarkus.platform.group-id}</groupId>
+ <artifactId>quarkus-maven-plugin</artifactId>
+ <version>${quarkus.platform.version}</version>
+ <extensions>true</extensions><!-- Workaround for https://github.com/quarkusio/quarkus/issues/21718 -->
+ <executions>
+ <execution>
+ <id>generate-code</id>
+ <goals>
+ <goal>generate-code</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+
+ <profiles>
+ <profile>
+ <id>native</id>
+ <activation>
+ <property>
+ <name>native</name>
+ </property>
+ </activation>
+ <properties>
+ <quarkus.package.type>native</quarkus.package.type>
+ </properties>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-failsafe-plugin</artifactId>
+ <executions>
+ <execution>
+ <goals>
+ <goal>integration-test</goal>
+ <goal>verify</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ <profile>
+ <id>full</id>
+ <activation>
+ <property>
+ <name>!quickly</name>
+ </property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>keytool-maven-plugin</artifactId>
+ <configuration>
+ <keypass>password</keypass>
+ <validity>365</validity>
+ <keyalg>RSA</keyalg>
+ <storepass>password</storepass>
+ </configuration>
+ <executions>
+ <execution>
+ <id>generate-server-keypair</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>clean</goal>
+ <goal>generateKeyPair</goal>
+ </goals>
+ <configuration>
+ <alias>localhost</alias>
+ <dname>CN=localhost, OU=eng, O=apache.org</dname>
+ <exts>
+ <ext>bc:c=ca:true,pathlen:2147483647</ext>
+ <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext>
+ </exts>
+ <keystore>${project.build.outputDirectory}/truststore-server.jks</keystore>
+ </configuration>
+ </execution>
+ <execution>
+ <id>export-server-certificate</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>exportCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>localhost</alias>
+ <keystore>${project.build.outputDirectory}/truststore-server.jks</keystore>
+ <rfc>true</rfc>
+ <file>${project.build.outputDirectory}/localhost.pem</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>create-client-trusstore</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>clean</goal>
+ <goal>importCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>localhost</alias>
+ <trustcacerts>true</trustcacerts>
+ <noprompt>true</noprompt>
+ <keystore>${project.build.outputDirectory}/truststore-client.jks</keystore>
+ <file>${project.build.outputDirectory}/localhost.pem</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>generate-wrong-trusstore</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>clean</goal>
+ <goal>generateKeyPair</goal>
+ </goals>
+ <configuration>
+ <alias>localhost</alias>
+ <dname>CN=localhost, OU=eng, O=apache.org</dname>
+ <exts>
+ <ext>bc:c=ca:true,pathlen:2147483647</ext>
+ <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext>
+ </exts>
+ <keystore>${project.build.outputDirectory}/truststore-wrong.jks</keystore>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ <profile>
+ <id>virtualDependencies</id>
+ <activation>
+ <property>
+ <name>!noVirtualDependencies</name>
+ </property>
+ </activation>
+ <dependencies>
+ <!-- The following dependencies guarantee that this module is built after them. You can update them by running `mvn process-resources -Pformat -N` from the source tree root directory -->
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-cxf-soap-deployment</artifactId>
+ <version>${project.version}</version>
+ <type>pom</type>
+ <scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>*</groupId>
+ <artifactId>*</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.camel.quarkus</groupId>
+ <artifactId>camel-quarkus-direct-deployment</artifactId>
+ <version>${project.version}</version>
+ <type>pom</type>
+ <scope>test</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>*</groupId>
+ <artifactId>*</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ </dependencies>
+ </profile>
+ </profiles>
+
+</project>
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslResource.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslResource.java
new file mode 100644
index 0000000000..41aaa270bb
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslResource.java
@@ -0,0 +1,84 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.cxf.soap.ssl.it;
+
+import java.net.URI;
+import java.util.Map;
+
+import javax.enterprise.context.ApplicationScoped;
+import javax.inject.Inject;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
+
+import org.apache.camel.ProducerTemplate;
+
+@Path("/cxf-soap/ssl")
+@ApplicationScoped
+public class CxfSoapSslResource {
+
+ @Inject
+ ProducerTemplate producerTemplate;
+
+ @Path("/trusted/{global}")
+ @POST
+ @Consumes(MediaType.WILDCARD)
+ @Produces(MediaType.TEXT_PLAIN)
+ public Response trusted(@PathParam("global") String global, String msg) throws Exception {
+ return invoke("true", String.valueOf(global), msg);
+ }
+
+ @Path("/untrusted/{global}")
+ @POST
+ @Consumes(MediaType.WILDCARD)
+ @Produces(MediaType.TEXT_PLAIN)
+ public Response untrusted(@PathParam("global") String global, String msg) throws Exception {
+ return invoke("false", String.valueOf(global), msg);
+ }
+
+ @Path("/notrust")
+ @POST
+ @Consumes(MediaType.WILDCARD)
+ @Produces(MediaType.TEXT_PLAIN)
+ public Response notrust(String msg) throws Exception {
+ return invoke("notrust", "", msg);
+ }
+
+ private Response invoke(String trust, String global, String msg) throws Exception {
+ String response;
+ try {
+ response = producerTemplate.requestBodyAndHeaders("direct:sslInvoker", msg,
+ Map.of("global", global, "trust", trust),
+ String.class);
+ } catch (Exception e) {
+ return Response
+ .created(new URI("https://camel.apache.org/"))
+ .entity(e.getCause().getCause().getMessage())
+ .status(500)
+ .build();
+ }
+
+ return Response
+ .created(new URI("https://camel.apache.org/"))
+ .entity(response)
+ .build();
+ }
+}
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslRoutes.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslRoutes.java
new file mode 100644
index 0000000000..e45dcf5ed8
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslRoutes.java
@@ -0,0 +1,210 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.cxf.soap.ssl.it;
+
+import java.util.Map;
+
+import javax.enterprise.context.ApplicationScoped;
+import javax.enterprise.context.SessionScoped;
+import javax.enterprise.inject.Produces;
+import javax.inject.Inject;
+import javax.inject.Named;
+
+import io.quarkus.runtime.LaunchMode;
+import org.apache.camel.CamelContext;
+import org.apache.camel.Processor;
+import org.apache.camel.SSLContextParametersAware;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.cxf.jaxws.CxfEndpoint;
+import org.apache.camel.support.jsse.KeyStoreParameters;
+import org.apache.camel.support.jsse.SSLContextParameters;
+import org.apache.camel.support.jsse.TrustManagersParameters;
+import org.apache.cxf.ext.logging.LoggingFeature;
+import org.apache.cxf.transport.https.httpclient.DefaultHostnameVerifier;
+import org.eclipse.microprofile.config.Config;
+import org.eclipse.microprofile.config.ConfigProvider;
+
+@ApplicationScoped
+public class CxfSoapSslRoutes extends RouteBuilder {
+
+ @Inject
+ @Named("loggingFeatureSsl")
+ LoggingFeature loggingFeature;
+
+ @Inject
+ CamelContext camelContext;
+
+ @Inject
+ @Named("rightSslContext")
+ SSLContextParameters correctSslContext;
+
+ @Inject
+ @Named("wrongSslContext")
+ SSLContextParameters wrongSslContext;
+
+ @Override
+ public void configure() {
+
+ from("direct:sslInvoker")
+ .process(exchange -> {
+ Map<String, Object> headers = exchange.getIn().getHeaders();
+ headers.put("address", getServerUrl() + "/soapservice/Ssl/RouterPort");
+
+ String global = exchange.getIn().getHeader("global", String.class);
+ String trust = exchange.getIn().getHeader("trust", String.class);
+
+ if ("notrust".equals(trust)) {
+ camelContext.setSSLContextParameters(null);
+ //router endpoint does not contain ssl configuration, therefore can be used for notrust test case
+ headers.put("endpoint", "soapSslRouter");
+ } else if ("true".equals(global)) {
+ camelContext.setSSLContextParameters("true".equals(trust) ? correctSslContext : wrongSslContext);
+ headers.put("endpoint", "soapSslGlobal");
+ } else {
+ camelContext.setSSLContextParameters(null);
+ headers.put("endpoint", "soapSslLocal" + ("true".equals(trust) ? "Correct" : "Wrong"));
+ }
+ ((SSLContextParametersAware) camelContext.getComponent("cxf"))
+ .setUseGlobalSslContextParameters(Boolean.parseBoolean(global));
+ })
+ .toD("cxf:bean:${header.endpoint}?address=${header.address}");
+
+ from("cxf:bean:soapSslRouter")
+ .process("responseProcessor");
+
+ }
+
+ @Produces
+ @SessionScoped
+ @Named("soapSslLocalCorrect")
+ CxfEndpoint soapSslLocalCorrect(DefaultHostnameVerifier defaultHostnameVerifier) {
+ final CxfEndpoint result = new CxfEndpoint();
+ result.getFeatures().add(loggingFeature);
+ result.setServiceClass(GreeterService.class);
+ result.setAddress("/Ssl/RouterPort");
+ result.setSslContextParameters(correctSslContext);
+ result.setHostnameVerifier(defaultHostnameVerifier);
+ return result;
+ }
+
+ @Produces
+ @SessionScoped
+ @Named("soapSslLocalWrong")
+ CxfEndpoint soapSslLocalWrong(DefaultHostnameVerifier defaultHostnameVerifier) {
+ final CxfEndpoint result = new CxfEndpoint();
+ result.getFeatures().add(loggingFeature);
+ result.setServiceClass(GreeterService.class);
+ result.setAddress("/Ssl/RouterPort");
+ result.setSslContextParameters(wrongSslContext);
+ result.setHostnameVerifier(defaultHostnameVerifier);
+ return result;
+ }
+
+ @Produces
+ @SessionScoped
+ @Named("soapSslGlobal")
+ CxfEndpoint soapSslGlobal() {
+ final CxfEndpoint result = new CxfEndpoint();
+ result.getFeatures().add(loggingFeature);
+ result.setServiceClass(GreeterService.class);
+ result.setAddress("/Ssl/RouterPort");
+ return result;
+ }
+
+ @Produces
+ @SessionScoped
+ @Named("soapSslRouter")
+ CxfEndpoint soapSslRouter() {
+ final CxfEndpoint result = new CxfEndpoint();
+ result.getFeatures().add(loggingFeature);
+ result.setServiceClass(GreeterService.class);
+ result.setAddress("/Ssl/RouterPort");
+ return result;
+ }
+
+ @Produces
+ @SessionScoped
+ @Named
+ GreeterService greeterService() {
+ return new GreeterImpl();
+ }
+
+ @Produces
+ @ApplicationScoped
+ @Named("loggingFeatureSsl")
+ public LoggingFeature loggingFeature() {
+ final LoggingFeature result = new LoggingFeature();
+ result.setPrettyLogging(true);
+ return result;
+ }
+
+ @ApplicationScoped
+ @Named("responseProcessor")
+ Processor responseProcessor(GreeterService greeterService) {
+
+ return exchange -> {
+ String resp = greeterService.greetMe(exchange.getIn().getBody(String.class));
+ exchange.getIn().setBody(resp);
+ };
+ }
+
+ private static String getServerUrl() {
+ Config config = ConfigProvider.getConfig();
+ final int port = LaunchMode.current().equals(LaunchMode.TEST)
+ ? config.getValue("quarkus.http.test-ssl-port", Integer.class)
+ : config.getValue("quarkus.http.ssl-port", Integer.class);
+ return String.format("https://localhost:%d", port);
+ }
+
+ @Produces
+ @ApplicationScoped
+ @Named("rightSslContext")
+ SSLContextParameters rightSslContext() {
+ SSLContextParameters sslContext = new SSLContextParameters();
+ TrustManagersParameters trustManager = new TrustManagersParameters();
+ KeyStoreParameters keyStore = new KeyStoreParameters();
+ keyStore.setType("PKCS12");
+ keyStore.setPassword("password");
+ keyStore.setResource("truststore-client.jks");
+ trustManager.setKeyStore(keyStore);
+ sslContext.setTrustManagers(trustManager);
+ return sslContext;
+ }
+
+ @Produces
+ @ApplicationScoped
+ @Named("wrongSslContext")
+ SSLContextParameters wrongSslContext() {
+ SSLContextParameters sslContext = new SSLContextParameters();
+ TrustManagersParameters trustManager = new TrustManagersParameters();
+ KeyStoreParameters keyStore = new KeyStoreParameters();
+ keyStore.setType("PKCS12");
+ keyStore.setPassword("password");
+ keyStore.setResource("truststore-wrong.jks");
+ trustManager.setKeyStore(keyStore);
+ sslContext.setTrustManagers(trustManager);
+ return sslContext;
+ }
+
+ @Produces
+ @ApplicationScoped
+ @Named("defaultHostnameVerifier")
+ DefaultHostnameVerifier defaultHostnameVerifier() {
+ return new DefaultHostnameVerifier();
+ }
+
+}
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterImpl.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterImpl.java
new file mode 100644
index 0000000000..9ac037bb75
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterImpl.java
@@ -0,0 +1,24 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.cxf.soap.ssl.it;
+
+public class GreeterImpl implements GreeterService {
+ @Override
+ public String greetMe(String name) {
+ return "Hello " + name + "!";
+ }
+}
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterService.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterService.java
new file mode 100644
index 0000000000..a6f595bec1
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/GreeterService.java
@@ -0,0 +1,27 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.cxf.soap.ssl.it;
+
+import javax.jws.WebMethod;
+import javax.jws.WebService;
+
+@WebService
+public interface GreeterService {
+
+ @WebMethod
+ String greetMe(String name);
+}
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/resources/application.properties b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/resources/application.properties
new file mode 100644
index 0000000000..936c13706f
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/main/resources/application.properties
@@ -0,0 +1,23 @@
+## ---------------------------------------------------------------------------
+## Licensed to the Apache Software Foundation (ASF) under one or more
+## contributor license agreements. See the NOTICE file distributed with
+## this work for additional information regarding copyright ownership.
+## The ASF licenses this file to You under the Apache License, Version 2.0
+## (the "License"); you may not use this file except in compliance with
+## the License. You may obtain a copy of the License at
+##
+## http://www.apache.org/licenses/LICENSE-2.0
+##
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS,
+## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+## ---------------------------------------------------------------------------
+
+quarkus.cxf.path=/soapservice
+quarkus.native.resources.includes=truststore-client.jks,truststore-server.jks,truststore-wrong.jks
+
+quarkus.http.ssl.certificate.key-store-file-type=PKCS12
+quarkus.http.ssl.certificate.key-store-file=truststore-server.jks
+quarkus.http.ssl.certificate.key-store-password=password
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslIT.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslIT.java
new file mode 100644
index 0000000000..d3642b9d3b
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslIT.java
@@ -0,0 +1,23 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.cxf.soap.ssl.it;
+
+import io.quarkus.test.junit.QuarkusIntegrationTest;
+
+@QuarkusIntegrationTest
+class CxfSoapGlobalTrustedSslIT extends CxfSoapGlobalTrustedSslTest {
+}
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslTest.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslTest.java
new file mode 100644
index 0000000000..8fccffa4be
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalTrustedSslTest.java
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.cxf.soap.ssl.it;
+
+import io.quarkus.test.junit.QuarkusTest;
+import io.quarkus.test.junit.QuarkusTestProfile;
+import io.quarkus.test.junit.TestProfile;
+import io.restassured.RestAssured;
+import org.junit.jupiter.api.Test;
+
+import static org.hamcrest.Matchers.equalTo;
+
+@QuarkusTest
+@TestProfile(CxfSoapGlobalTrustedSslTest.class)
+public class CxfSoapGlobalTrustedSslTest implements QuarkusTestProfile {
+
+ // Test is ported from SslTest in Camel-spring-boot/components-starter/camel-cxf-soap-starter
+ // Test requires restart of Quarkus to avoid persisting of globalssl context.
+ @Test
+ public void testInvokingTrustedRoute() {
+ RestAssured.given()
+ .body("ssl")
+ .post("/cxf-soap/ssl/trusted/global")
+ .then()
+ .statusCode(201)
+ .body(equalTo("Hello ssl!"));
+ }
+
+}
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslIT.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslIT.java
new file mode 100644
index 0000000000..821865c669
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslIT.java
@@ -0,0 +1,23 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.cxf.soap.ssl.it;
+
+import io.quarkus.test.junit.QuarkusIntegrationTest;
+
+@QuarkusIntegrationTest
+class CxfSoapGlobalUntrustedSslIT extends CxfSoapGlobalUntrustedSslTest {
+}
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslTest.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslTest.java
new file mode 100644
index 0000000000..d19ba9aaaa
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapGlobalUntrustedSslTest.java
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.cxf.soap.ssl.it;
+
+import io.quarkus.test.junit.QuarkusTest;
+import io.quarkus.test.junit.QuarkusTestProfile;
+import io.quarkus.test.junit.TestProfile;
+import io.restassured.RestAssured;
+import org.junit.jupiter.api.Test;
+
+import static org.hamcrest.Matchers.containsString;
+
+@QuarkusTest
+@TestProfile(CxfSoapGlobalUntrustedSslTest.class)
+public class CxfSoapGlobalUntrustedSslTest implements QuarkusTestProfile {
+
+ // Test is ported from SslTest in Camel-spring-boot/components-starter/camel-cxf-soap-starter
+ // Test requires restart of Quarkus to avoid persisting of global ssl context.
+ @Test
+ public void testInvokingUntrustedRoute() {
+ RestAssured.given()
+ .body("ssl")
+ .post("/cxf-soap/ssl/untrusted/global")
+ .then()
+ .statusCode(500)
+ .body(containsString("signature check failed"));
+ }
+
+}
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslIT.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslIT.java
new file mode 100644
index 0000000000..b8b5fc9bf1
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslIT.java
@@ -0,0 +1,23 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.cxf.soap.ssl.it;
+
+import io.quarkus.test.junit.QuarkusIntegrationTest;
+
+@QuarkusIntegrationTest
+class CxfSoapSslIT extends CxfSoapSslTest {
+}
diff --git a/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslTest.java b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslTest.java
new file mode 100644
index 0000000000..9e632978c5
--- /dev/null
+++ b/integration-test-groups/cxf-soap/cxf-soap-ssl/src/test/java/org/apache/camel/quarkus/component/cxf/soap/ssl/it/CxfSoapSslTest.java
@@ -0,0 +1,65 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.quarkus.component.cxf.soap.ssl.it;
+
+import io.quarkus.test.junit.QuarkusTest;
+import io.quarkus.test.junit.QuarkusTestProfile;
+import io.quarkus.test.junit.TestProfile;
+import io.restassured.RestAssured;
+import org.junit.jupiter.api.Test;
+
+import static org.hamcrest.Matchers.containsString;
+import static org.hamcrest.Matchers.equalTo;
+
+// Tests require restart of Quarkus to avoid persisting of global ssl context.
+@QuarkusTest
+@TestProfile(CxfSoapSslTest.class)
+public class CxfSoapSslTest implements QuarkusTestProfile {
+
+ // Test is ported from SslTest in Camel-spring-boot/components-starter/camel-cxf-soap-starter
+ @Test
+ public void testInvokingTrustedRoute() {
+ RestAssured.given()
+ .body("ssl")
+ .post("/cxf-soap/ssl/trusted/local")
+ .then()
+ .statusCode(201)
+ .body(equalTo("Hello ssl!"));
+ }
+
+ // Test is ported from SslTest in Camel-spring-boot/components-starter/camel-cxf-soap-starter
+ @Test
+ public void testInvokingUntrustedRoute() {
+ RestAssured.given()
+ .body("ssl")
+ .post("/cxf-soap/ssl/untrusted/local")
+ .then()
+ .statusCode(500)
+ .body(containsString("signature check failed"));
+ }
+
+ // Test is ported from SslTest in Camel-spring-boot/components-starter/camel-cxf-soap-starter
+ @Test
+ public void testInvokingNotrustRoute() {
+ RestAssured.given()
+ .body("ssl")
+ .post("/cxf-soap/ssl/notrust")
+ .then()
+ .statusCode(500)
+ .body(containsString("unable to find valid certification path to requested target"));
+ }
+}
diff --git a/integration-test-groups/cxf-soap/pom.xml b/integration-test-groups/cxf-soap/pom.xml
index 527f12c48e..eab1e401da 100644
--- a/integration-test-groups/cxf-soap/pom.xml
+++ b/integration-test-groups/cxf-soap/pom.xml
@@ -41,6 +41,7 @@
<module>cxf-soap-mtom</module>
<module>cxf-soap-mtom-awt</module>
<module>cxf-soap-server</module>
+ <module>cxf-soap-ssl</module>
<module>cxf-soap-ws-security-client</module>
<module>cxf-soap-ws-security-server</module>
<module>cxf-soap-ws-trust</module>
diff --git a/integration-tests/cxf-soap-grouped/pom.xml b/integration-tests/cxf-soap-grouped/pom.xml
index 868f1107dc..6eac44d9de 100644
--- a/integration-tests/cxf-soap-grouped/pom.xml
+++ b/integration-tests/cxf-soap-grouped/pom.xml
@@ -403,6 +403,10 @@
<wsdl>${basedir}/target/classes/wsdl/CalculatorService.wsdl</wsdl>
<wsdlLocation>classpath:wsdl/CalculatorService.wsdl</wsdlLocation>
</wsdlOption>
+ <wsdlOption>
+ <wsdl>${basedir}/target/classes/wsdl/BasicAuthCalculatorService.wsdl</wsdl>
+ <wsdlLocation>classpath:wsdl/BasicAuthCalculatorService.wsdl</wsdlLocation>
+ </wsdlOption>
<wsdlOption>
<wsdl>${basedir}/target/classes/wsdl/HelloService.wsdl</wsdl>
<wsdlLocation>classpath:wsdl/HelloService.wsdl</wsdlLocation>
@@ -504,6 +508,304 @@
</dependency>
</dependencies>
</profile>
+ <profile>
+ <id>full</id>
+ <activation>
+ <property>
+ <name>!quickly</name>
+ </property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>keytool-maven-plugin</artifactId>
+ <configuration>
+ <keypass>password</keypass>
+ <validity>365</validity>
+ <keyalg>RSA</keyalg>
+ <storepass>password</storepass>
+ </configuration>
+ <executions>
+ <execution>
+ <id>generate-cxfca-keypair</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>clean</goal>
+ <goal>generateKeyPair</goal>
+ </goals>
+ <configuration>
+ <alias>cxfca</alias>
+ <dname>CN=cxfca, OU=eng, O=apache.org</dname>
+ <exts>
+ <ext>bc:c=ca:true,pathlen:2147483647</ext>
+ <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext>
+ </exts>
+ <keystore>${project.build.outputDirectory}/cxfca.jks</keystore>
+ </configuration>
+ </execution>
+ <execution>
+ <id>export-cxfca-certificate</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>exportCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>cxfca</alias>
+ <keystore>${project.build.outputDirectory}/cxfca.jks</keystore>
+ <rfc>true</rfc>
+ <file>${project.build.outputDirectory}/cxfca.pem</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>generate-alice-keypair</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>clean</goal>
+ <goal>generateKeyPair</goal>
+ </goals>
+ <configuration>
+ <alias>alice</alias>
+ <dname>CN=alice, OU=eng, O=apache.org</dname>
+ <exts>
+ <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext>
+ <ext>SubjectAlternativeName=DNS:localhost,IP:127.0.0.1</ext>
+ </exts>
+ <keystore>${project.build.outputDirectory}/alice.jks</keystore>
+ </configuration>
+ </execution>
+ <execution>
+ <id>generate-bob-keypair</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>clean</goal>
+ <goal>generateKeyPair</goal>
+ </goals>
+ <configuration>
+ <alias>bob</alias>
+ <dname>CN=bob, OU=eng, O=apache.org</dname>
+ <exts>
+ <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext>
+ <ext>SubjectAlternativeName=DNS:localhost,IP:127.0.0.1</ext>
+ </exts>
+ <keystore>${project.build.outputDirectory}/bob.jks</keystore>
+ </configuration>
+ </execution>
+ <execution>
+ <id>generate-alice-certificate-request</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>generateCertificateRequest</goal>
+ </goals>
+ <configuration>
+ <alias>alice</alias>
+ <keystore>${project.build.outputDirectory}/alice.jks</keystore>
+ <file>${project.build.outputDirectory}/alice.csr</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>generate-alice-certificate</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>generateCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>cxfca</alias>
+ <keystore>${project.build.outputDirectory}/cxfca.jks</keystore>
+ <rfc>true</rfc>
+ <infile>${project.build.outputDirectory}/alice.csr</infile>
+ <outfile>${project.build.outputDirectory}/alice.pem</outfile>
+ </configuration>
+ </execution>
+ <execution>
+ <id>generate-bob-certificate-request</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>generateCertificateRequest</goal>
+ </goals>
+ <configuration>
+ <alias>bob</alias>
+ <keystore>${project.build.outputDirectory}/bob.jks</keystore>
+ <file>${project.build.outputDirectory}/bob.csr</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>generate-bob-certificate</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>generateCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>cxfca</alias>
+ <keystore>${project.build.outputDirectory}/cxfca.jks</keystore>
+ <rfc>true</rfc>
+ <infile>${project.build.outputDirectory}/bob.csr</infile>
+ <outfile>${project.build.outputDirectory}/bob.pem</outfile>
+ </configuration>
+ </execution>
+ <execution>
+ <id>import-cxfca-certificate-to-alice</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>importCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>cxfca</alias>
+ <trustcacerts>true</trustcacerts>
+ <noprompt>true</noprompt>
+ <keystore>${project.build.outputDirectory}/alice.jks</keystore>
+ <file>${project.build.outputDirectory}/cxfca.pem</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>import-cxfca-certificate-to-bob</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>importCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>cxfca</alias>
+ <trustcacerts>true</trustcacerts>
+ <noprompt>true</noprompt>
+ <keystore>${project.build.outputDirectory}/bob.jks</keystore>
+ <file>${project.build.outputDirectory}/cxfca.pem</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>import-alice-certificate</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>importCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>alice</alias>
+ <trustcacerts>true</trustcacerts>
+ <noprompt>true</noprompt>
+ <keystore>${project.build.outputDirectory}/alice.jks</keystore>
+ <file>${project.build.outputDirectory}/alice.pem</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>import-bob-certificate</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>importCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>bob</alias>
+ <trustcacerts>true</trustcacerts>
+ <noprompt>true</noprompt>
+ <keystore>${project.build.outputDirectory}/bob.jks</keystore>
+ <file>${project.build.outputDirectory}/bob.pem</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>import-bob-certificate-to-alice</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>importCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>bob</alias>
+ <trustcacerts>true</trustcacerts>
+ <noprompt>true</noprompt>
+ <keystore>${project.build.outputDirectory}/alice.jks</keystore>
+ <file>${project.build.outputDirectory}/bob.pem</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>import-alice-certificate-to-bob</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>importCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>alice</alias>
+ <trustcacerts>true</trustcacerts>
+ <noprompt>true</noprompt>
+ <keystore>${project.build.outputDirectory}/bob.jks</keystore>
+ <file>${project.build.outputDirectory}/alice.pem</file>
+ </configuration>
+ </execution>
+ <!-- Uncomment execution block below for local testing -->
+ <!-- <execution>-->
+ <!-- <id>list</id>-->
+ <!-- <phase>generate-sources</phase>-->
+ <!-- <goals>-->
+ <!-- <goal>list</goal>-->
+ <!-- </goals>-->
+ <!-- <configuration>-->
+ <!-- <verbose>true</verbose>-->
+ <!-- <keystore>${project.build.outputDirectory}/bob.jks</keystore>-->
+ <!-- </configuration>-->
+ <!-- </execution>-->
+ <execution>
+ <id>generate-server-keypair</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>clean</goal>
+ <goal>generateKeyPair</goal>
+ </goals>
+ <configuration>
+ <alias>localhost</alias>
+ <dname>CN=localhost, OU=eng, O=apache.org</dname>
+ <exts>
+ <ext>bc:c=ca:true,pathlen:2147483647</ext>
+ <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext>
+ </exts>
+ <keystore>${project.build.outputDirectory}/truststore-server.jks</keystore>
+ </configuration>
+ </execution>
+ <execution>
+ <id>export-server-certificate</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>exportCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>localhost</alias>
+ <keystore>${project.build.outputDirectory}/truststore-server.jks</keystore>
+ <rfc>true</rfc>
+ <file>${project.build.outputDirectory}/localhost.pem</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>create-client-trusstore</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>clean</goal>
+ <goal>importCertificate</goal>
+ </goals>
+ <configuration>
+ <alias>localhost</alias>
+ <trustcacerts>true</trustcacerts>
+ <noprompt>true</noprompt>
+ <keystore>${project.build.outputDirectory}/truststore-client.jks</keystore>
+ <file>${project.build.outputDirectory}/localhost.pem</file>
+ </configuration>
+ </execution>
+ <execution>
+ <id>generate-wrong-trusstore</id>
+ <phase>generate-sources</phase>
+ <goals>
+ <goal>clean</goal>
+ <goal>generateKeyPair</goal>
+ </goals>
+ <configuration>
+ <alias>localhost</alias>
+ <dname>CN=localhost, OU=eng, O=apache.org</dname>
+ <exts>
+ <ext>bc:c=ca:true,pathlen:2147483647</ext>
+ <ext>IssuerAlternativeName=DNS:NOT-FOR-PRODUCTION-USE</ext>
+ </exts>
+ <keystore>${project.build.outputDirectory}/truststore-wrong.jks</keystore>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
<profile>
<id>skip-testcontainers-tests</id>
<activation>