You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by rm...@apache.org on 2013/11/05 15:58:00 UTC
svn commit: r1539017 - in /tomee/tomee/trunk/server/openejb-client/src:
main/java/org/apache/openejb/client/ test/java/org/apache/openejb/client/
Author: rmannibucau
Date: Tue Nov 5 14:58:00 2013
New Revision: 1539017
URL: http://svn.apache.org/r1539017
Log:
TOMEE-1070 committing Loïc Rodier's patch to support client config of ssl on http
Added:
tomee/tomee/trunk/server/openejb-client/src/main/java/org/apache/openejb/client/SSLContextBuilder.java
tomee/tomee/trunk/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java
tomee/tomee/trunk/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsSimpleServer.java
Modified:
tomee/tomee/trunk/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java
Modified: tomee/tomee/trunk/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java?rev=1539017&r1=1539016&r2=1539017&view=diff
==============================================================================
--- tomee/tomee/trunk/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java (original)
+++ tomee/tomee/trunk/server/openejb-client/src/main/java/org/apache/openejb/client/HttpConnectionFactory.java Tue Nov 5 14:58:00 2013
@@ -17,6 +17,7 @@
*/
package org.apache.openejb.client;
+import javax.net.ssl.*;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
@@ -24,6 +25,8 @@ import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
import java.util.Map;
/**
@@ -65,6 +68,16 @@ public class HttpConnectionFactory imple
httpURLConnection.setReadTimeout(Integer.parseInt(params.get("readTimeout")));
}
+ if (params.containsKey("sslKeyStore") || params.containsKey("sslTrustStore")) {
+ try {
+ ( (HttpsURLConnection) httpURLConnection ).setSSLSocketFactory(new SSLContextBuilder(params).build().getSocketFactory());
+ } catch (NoSuchAlgorithmException e) {
+ throw new ClientRuntimeException(e.getMessage(), e);
+ } catch (KeyManagementException e) {
+ throw new ClientRuntimeException(e.getMessage(), e);
+ }
+ }
+
httpURLConnection.connect();
}
@@ -127,4 +140,5 @@ public class HttpConnectionFactory imple
return inputStream;
}
}
+
}
Added: tomee/tomee/trunk/server/openejb-client/src/main/java/org/apache/openejb/client/SSLContextBuilder.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/server/openejb-client/src/main/java/org/apache/openejb/client/SSLContextBuilder.java?rev=1539017&view=auto
==============================================================================
--- tomee/tomee/trunk/server/openejb-client/src/main/java/org/apache/openejb/client/SSLContextBuilder.java (added)
+++ tomee/tomee/trunk/server/openejb-client/src/main/java/org/apache/openejb/client/SSLContextBuilder.java Tue Nov 5 14:58:00 2013
@@ -0,0 +1,86 @@
+package org.apache.openejb.client;
+
+import javax.net.ssl.*;
+import java.io.FileInputStream;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
+import java.util.Map;
+
+public class SSLContextBuilder {
+ private Map<String, String> params;
+
+ public SSLContextBuilder(Map<String, String> params) {
+ this.params = params;
+ }
+
+ public SSLContext build() throws NoSuchAlgorithmException, KeyManagementException {
+ final KeyManager[] keyManagers = initKeyManager();
+ final TrustManager[] trustManagers = initTrustManager();
+ final SSLContext sslContext = SSLContext.getInstance("SSL");
+ sslContext.init(keyManagers, trustManagers, new java.security.SecureRandom());
+ return sslContext;
+ }
+
+ private TrustManager[] initTrustManager() {
+ final String trustStore = params.get("sslTrustStore");
+ if (trustStore == null) {
+ return null;
+ }
+
+ try {
+ String sslTrustStoreType = params.get("sslTrustStoreType");
+ KeyStore ks = KeyStore.getInstance(null == sslTrustStoreType ? KeyStore.getDefaultType() : sslTrustStoreType);
+ String trustStorePwd = params.get("sslTrustStorePassword");
+ char[] pwd;
+ if (trustStorePwd != null) {
+ pwd = trustStorePwd.toCharArray();
+ } else {
+ pwd = "changeit".toCharArray();
+ }
+ FileInputStream fis = new FileInputStream(trustStore);
+ try {
+ ks.load(fis, pwd);
+ } finally {
+ fis.close();
+ }
+ String sslTrustStoreProvider = params.get("sslTrustStoreProvider");
+ TrustManagerFactory tmf = TrustManagerFactory.getInstance(null == sslTrustStoreProvider ? TrustManagerFactory.getDefaultAlgorithm() : sslTrustStoreProvider);
+ tmf.init(ks);
+ return tmf.getTrustManagers();
+ } catch (final Exception e) {
+ throw new ClientRuntimeException(e.getMessage(), e);
+ }
+ }
+
+ private KeyManager[] initKeyManager() {
+ final String keyStore = params.get("sslKeyStore");
+ if (keyStore == null) {
+ return null;
+ }
+
+ try {
+ String sslKeyStoreType = params.get("sslKeyStoreType");
+ KeyStore ks = KeyStore.getInstance(null == sslKeyStoreType ? KeyStore.getDefaultType() : sslKeyStoreType);
+ String keyStorePassword = params.get("sslKeyStorePassword");
+ char[] pwd;
+ if (keyStorePassword != null) {
+ pwd = keyStorePassword.toCharArray();
+ } else {
+ pwd = "changeit".toCharArray();
+ }
+ FileInputStream fis = new FileInputStream(keyStore);
+ try {
+ ks.load(fis, pwd);
+ } finally {
+ fis.close();
+ }
+ String sslKeyStoreProvider = params.get("sslKeyStoreProvider");
+ KeyManagerFactory kmf = KeyManagerFactory.getInstance(null == sslKeyStoreProvider ? KeyManagerFactory.getDefaultAlgorithm() : sslKeyStoreProvider);
+ kmf.init(ks, pwd);
+ return kmf.getKeyManagers();
+ } catch (final Exception e) {
+ throw new ClientRuntimeException(e.getMessage(), e);
+ }
+ }
+}
\ No newline at end of file
Added: tomee/tomee/trunk/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java?rev=1539017&view=auto
==============================================================================
--- tomee/tomee/trunk/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java (added)
+++ tomee/tomee/trunk/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsConnectionTest.java Tue Nov 5 14:58:00 2013
@@ -0,0 +1,105 @@
+package org.apache.openejb.client;
+
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.lang.reflect.InvocationTargetException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ */
+public class HttpsConnectionTest {
+
+ private final String SERVER = "localhost";
+ private final int SERVER_PORT = 12345;
+ private HttpsSimpleServer httpsSimpleServer;
+ static final String STORE_PATH="target/keystore";
+ static final String STORE_PWD="changeit";
+
+ @Before
+ public void init() throws IOException, NoSuchAlgorithmException, KeyManagementException, ClassNotFoundException, NoSuchMethodException, IllegalAccessException, InvocationTargetException {
+ //create key
+ createKeyStore();
+ //start web server
+ httpsSimpleServer = new HttpsSimpleServer(SERVER_PORT,STORE_PATH, STORE_PWD);
+ }
+
+ @After
+ public void close(){
+ httpsSimpleServer = null;
+ dropKeyStore();
+ }
+
+ @Test
+ public void testHttps() throws URISyntaxException, IOException {
+ String url = "https://"+SERVER+":" + SERVER_PORT +"/secure"+
+ "?sslKeyStore=" +STORE_PATH+"&sslKeyStorePassword=" +STORE_PWD+"&sslKeyStoreProvider=SunX509&sslKeyStoreType=jks"+
+ "&sslTrustStore="+STORE_PATH+"&sslTrustStorePassword="+STORE_PWD+"&readTimeout=500";
+ Connection connection = new HttpConnectionFactory().getConnection(new URI(url));
+
+ BufferedReader br = null;
+ StringBuilder sb = new StringBuilder();
+ String line;
+ try {
+ br = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+ while ((line = br.readLine()) != null) {
+ sb.append(line);
+ }
+ } catch (IOException e) {
+ e.printStackTrace();
+ } finally {
+ if (br != null) {
+ try {
+ br.close();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+ }
+
+ Assert.assertTrue("should contain",sb.toString().contains("secure"));
+ }
+
+ private File createKeyStore() throws ClassNotFoundException, NoSuchMethodException, InvocationTargetException, IllegalAccessException {
+ dropKeyStore();
+ File keyStore = new File(STORE_PATH);
+
+ Class<?> keyToolClass;
+ try {
+ keyToolClass = Class.forName("sun.security.tools.KeyTool");
+ } catch (final ClassNotFoundException e) {
+ keyToolClass = Class.forName("com.ibm.crypto.tools.KeyTool");
+ }
+
+ final String[] args = {
+ "-genkey",
+ "-alias", SERVER,
+ "-keypass", STORE_PWD,
+ "-keystore", keyStore.getAbsolutePath(),
+ "-storepass", STORE_PWD,
+ "-dname", "cn="+SERVER,
+ "-keyalg", "RSA"
+ };
+ keyToolClass.getMethod("main", String[].class).invoke(null, new Object[]{args});
+
+ return keyStore;
+ }
+
+ private void dropKeyStore() {
+ File keyStore = new File(STORE_PATH);
+ if (keyStore.exists()){
+ keyStore.delete();
+ }
+ }
+
+
+}
Added: tomee/tomee/trunk/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsSimpleServer.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsSimpleServer.java?rev=1539017&view=auto
==============================================================================
--- tomee/tomee/trunk/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsSimpleServer.java (added)
+++ tomee/tomee/trunk/server/openejb-client/src/test/java/org/apache/openejb/client/HttpsSimpleServer.java Tue Nov 5 14:58:00 2013
@@ -0,0 +1,73 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.openejb.client;
+
+import com.sun.net.httpserver.*;
+
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLEngine;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.net.InetSocketAddress;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.concurrent.Executors;
+
+public class HttpsSimpleServer {
+
+ public HttpsSimpleServer(int serverPort, final String storePath, final String storePassword) throws IOException, KeyManagementException, NoSuchAlgorithmException {
+ final Map<String, String> params = new HashMap<String, String>(){
+ {
+ put("sslKeyStore",storePath);
+ put("sslKeyStorePassword",storePassword);
+ put("sslTrustStore",storePath);
+ put("sslTrustStorePassword",storePassword);
+ }
+ };
+
+ HttpsServer server = HttpsServer.create(new InetSocketAddress(serverPort), 5);
+ SSLContext sslContext = new SSLContextBuilder(params).build();
+
+ final SSLEngine m_engine = sslContext.createSSLEngine();
+ server.setHttpsConfigurator(new HttpsConfigurator(new SSLContextBuilder(params).build()) {
+ public void configure(HttpsParameters params) {
+
+ params.setCipherSuites(m_engine.getEnabledCipherSuites());
+ params.setProtocols(m_engine.getEnabledProtocols());
+ }
+ });
+
+ server.createContext("/secure", new MyHandler());
+ server.setExecutor(Executors.newCachedThreadPool());
+ server.start();
+ }
+
+
+ class MyHandler implements HttpHandler {
+ public void handle(HttpExchange exchange) throws IOException {
+ String requestMethod = exchange.getRequestMethod();
+ Headers responseHeaders = exchange.getResponseHeaders();
+ responseHeaders.set("Content-Type", "text/plain");
+ exchange.sendResponseHeaders(200, 0);
+ OutputStream responseBody = exchange.getResponseBody();
+ responseBody.write("secure page".getBytes());
+ responseBody.close();
+ }
+ }
+}