You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by lq...@apache.org on 2016/02/26 18:08:01 UTC
svn commit: r1732526 -
/qpid/java/trunk/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
Author: lquack
Date: Fri Feb 26 17:08:01 2016
New Revision: 1732526
URL: http://svn.apache.org/viewvc?rev=1732526&view=rev
Log:
QPID-7094: [Java Broker] In OAuth2MockEndpointHolder setup TLS protocols and cipher suites correctly
Modified:
qpid/java/trunk/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
Modified: qpid/java/trunk/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java
URL: http://svn.apache.org/viewvc/qpid/java/trunk/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java?rev=1732526&r1=1732525&r2=1732526&view=diff
==============================================================================
--- qpid/java/trunk/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java (original)
+++ qpid/java/trunk/broker-core/src/test/java/org/apache/qpid/server/security/auth/manager/oauth2/OAuth2MockEndpointHolder.java Fri Feb 26 17:08:01 2016
@@ -22,6 +22,9 @@ package org.apache.qpid.server.security.
import java.io.IOException;
import java.io.InputStream;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
import java.util.Map;
import javax.servlet.ServletException;
@@ -35,6 +38,11 @@ import org.eclipse.jetty.server.handler.
import org.eclipse.jetty.server.ssl.SslSocketConnector;
import org.eclipse.jetty.util.ssl.SslContextFactory;
+import org.apache.qpid.configuration.CommonProperties;
+import org.apache.qpid.server.model.ConfiguredObject;
+import org.apache.qpid.server.model.Port;
+import org.apache.qpid.transport.network.security.ssl.SSLUtil;
+
class OAuth2MockEndpointHolder
{
private static final String KEYSTORE_PASSWORD = "password";
@@ -44,8 +52,36 @@ class OAuth2MockEndpointHolder
OAuth2MockEndpointHolder(final Map<String, OAuth2MockEndpoint> endpoints)
{
+ final List<String> protocolWhiteList =
+ getSystemPropertyAsList(CommonProperties.QPID_SECURITY_TLS_PROTOCOL_WHITE_LIST,
+ CommonProperties.QPID_SECURITY_TLS_PROTOCOL_WHITE_LIST_DEFAULT);
+ final List<String> protocolBlackList =
+ getSystemPropertyAsList(CommonProperties.QPID_SECURITY_TLS_PROTOCOL_BLACK_LIST,
+ CommonProperties.QPID_SECURITY_TLS_PROTOCOL_BLACK_LIST_DEFAULT);
+ final List<String> cipherSuiteWhiteList =
+ getSystemPropertyAsList(CommonProperties.QPID_SECURITY_TLS_CIPHER_SUITE_WHITE_LIST,
+ CommonProperties.QPID_SECURITY_TLS_CIPHER_SUITE_WHITE_LIST_DEFAULT);
+ final List<String> cipherSuiteBlackList =
+ getSystemPropertyAsList(CommonProperties.QPID_SECURITY_TLS_CIPHER_SUITE_BLACK_LIST,
+ CommonProperties.QPID_SECURITY_TLS_CIPHER_SUITE_BLACK_LIST_DEFAULT);
+
_server = new Server();
- SslContextFactory sslContextFactory = new SslContextFactory();
+ SslContextFactory sslContextFactory = new SslContextFactory()
+ {
+ @Override
+ public String[] selectProtocols(String[] enabledProtocols, String[] supportedProtocols)
+ {
+ return SSLUtil.filterEnabledProtocols(enabledProtocols, supportedProtocols,
+ protocolWhiteList, protocolBlackList);
+ }
+
+ @Override
+ public String[] selectCipherSuites(String[] enabledCipherSuites, String[] supportedCipherSuites)
+ {
+ return SSLUtil.filterEnabledCipherSuites(enabledCipherSuites, supportedCipherSuites,
+ cipherSuiteWhiteList, cipherSuiteBlackList);
+ }
+ };
sslContextFactory.setKeyStorePassword(KEYSTORE_PASSWORD);
InputStream keyStoreInputStream = getClass().getClassLoader().getResourceAsStream(KEYSTORE_RESOURCE);
sslContextFactory.setKeyStoreInputStream(keyStoreInputStream);
@@ -96,4 +132,15 @@ class OAuth2MockEndpointHolder
{
return _connector.getLocalPort();
}
+
+ private List<String> getSystemPropertyAsList(final String propertyName, final String defaultValue)
+ {
+ String listAsString = System.getProperty(propertyName, defaultValue);
+ List<String> listOfStrings = Collections.emptyList();
+ if(listAsString != null && !"".equals(listAsString))
+ {
+ listOfStrings = Arrays.asList(listAsString.split("\\s*,\\s*"));
+ }
+ return listOfStrings;
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org