You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-commits@axis.apache.org by bi...@apache.org on 2020/04/14 20:03:14 UTC
[axis-axis2-java-core] 27/31: Partially merge r1780738 to the 1.7
branch.
This is an automated email from the ASF dual-hosted git repository.
billblough pushed a commit to branch 1_7
in repository https://gitbox.apache.org/repos/asf/axis-axis2-java-core.git
commit 2d7d8cba3cbd04b59ecb9303ce8a91c83b193293
Author: Andreas Veithen <ve...@apache.org>
AuthorDate: Sun Jan 6 17:26:36 2019 +0000
Partially merge r1780738 to the 1.7 branch.
---
.../axis2/testutils/AbstractAxis2Server.java | 3 +
.../org/apache/axis2/testutils/Axis2Server.java | 7 +
.../org/apache/axis2/testutils/ClientHelper.java | 26 +++-
.../org/apache/axis2/testutils/JettyServer.java | 149 ++++++++++-----------
4 files changed, 102 insertions(+), 83 deletions(-)
diff --git a/modules/testutils/src/main/java/org/apache/axis2/testutils/AbstractAxis2Server.java b/modules/testutils/src/main/java/org/apache/axis2/testutils/AbstractAxis2Server.java
index 4f89cd7..d34c443 100644
--- a/modules/testutils/src/main/java/org/apache/axis2/testutils/AbstractAxis2Server.java
+++ b/modules/testutils/src/main/java/org/apache/axis2/testutils/AbstractAxis2Server.java
@@ -18,6 +18,8 @@
*/
package org.apache.axis2.testutils;
+import javax.net.ssl.SSLContext;
+
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.context.ConfigurationContext;
@@ -63,6 +65,7 @@ public abstract class AbstractAxis2Server extends ExternalResource {
protected abstract void stopServer();
public abstract boolean isSecure();
+ public abstract SSLContext getClientSSLContext() throws Exception;
public abstract int getPort();
public abstract String getEndpoint(String serviceName) throws AxisFault;
public abstract EndpointReference getEndpointReference(String serviceName) throws AxisFault;
diff --git a/modules/testutils/src/main/java/org/apache/axis2/testutils/Axis2Server.java b/modules/testutils/src/main/java/org/apache/axis2/testutils/Axis2Server.java
index 2f88402..24f2308 100644
--- a/modules/testutils/src/main/java/org/apache/axis2/testutils/Axis2Server.java
+++ b/modules/testutils/src/main/java/org/apache/axis2/testutils/Axis2Server.java
@@ -18,6 +18,8 @@
*/
package org.apache.axis2.testutils;
+import javax.net.ssl.SSLContext;
+
import org.apache.axis2.AxisFault;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.context.ConfigurationContext;
@@ -37,6 +39,11 @@ public class Axis2Server extends AbstractAxis2Server {
}
@Override
+ public SSLContext getClientSSLContext() {
+ return null;
+ }
+
+ @Override
public int getPort() {
if (port == -1) {
throw new IllegalStateException();
diff --git a/modules/testutils/src/main/java/org/apache/axis2/testutils/ClientHelper.java b/modules/testutils/src/main/java/org/apache/axis2/testutils/ClientHelper.java
index b143528..71d5af4 100644
--- a/modules/testutils/src/main/java/org/apache/axis2/testutils/ClientHelper.java
+++ b/modules/testutils/src/main/java/org/apache/axis2/testutils/ClientHelper.java
@@ -18,11 +18,15 @@
*/
package org.apache.axis2.testutils;
+import java.io.IOException;
import java.net.URL;
+import java.net.URLConnection;
+import java.net.URLStreamHandler;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
import javax.xml.namespace.QName;
-import org.apache.axis2.AxisFault;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.client.Stub;
import org.apache.axis2.context.ConfigurationContext;
@@ -47,6 +51,10 @@ public class ClientHelper extends ExternalResource {
protected final void before() throws Throwable {
configurationContext =
ConfigurationContextFactory.createConfigurationContextFromFileSystem(repositoryPath);
+ SSLContext sslContext = server.getClientSSLContext();
+ if (sslContext != null) {
+ configurationContext.setProperty(SSLContext.class.getName(), sslContext);
+ }
}
@Override
@@ -62,8 +70,22 @@ public class ClientHelper extends ExternalResource {
}
public final ServiceClient createServiceClient(String serviceName, QName wsdlServiceName, String portName) throws Exception {
+ URLStreamHandler handler;
+ if (server.isSecure()) {
+ final SSLContext sslContext = server.getClientSSLContext();
+ handler = new URLStreamHandler() {
+ @Override
+ protected URLConnection openConnection(URL url) throws IOException {
+ HttpsURLConnection conn = (HttpsURLConnection)new URL(url.toExternalForm()).openConnection();
+ conn.setSSLSocketFactory(sslContext.getSocketFactory());
+ return conn;
+ }
+ };
+ } else {
+ handler = null;
+ }
ServiceClient serviceClient = new ServiceClient(configurationContext,
- new URL(server.getEndpoint(serviceName) + "?wsdl"), wsdlServiceName, portName);
+ new URL(null, server.getEndpoint(serviceName) + "?wsdl", handler), wsdlServiceName, portName);
configureServiceClient(serviceClient);
return serviceClient;
}
diff --git a/modules/testutils/src/main/java/org/apache/axis2/testutils/JettyServer.java b/modules/testutils/src/main/java/org/apache/axis2/testutils/JettyServer.java
index ee52e46..6cd51fc 100644
--- a/modules/testutils/src/main/java/org/apache/axis2/testutils/JettyServer.java
+++ b/modules/testutils/src/main/java/org/apache/axis2/testutils/JettyServer.java
@@ -31,6 +31,8 @@ import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Random;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManagerFactory;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
@@ -71,12 +73,9 @@ public class JettyServer extends AbstractAxis2Server {
private final boolean secure;
private File keyStoreFile;
- private File trustStoreFile;
+ private SSLContext clientSslContext;
+ private SslContextFactory serverSslContextFactory;
private Server server;
- private boolean systemPropertiesSet;
- private String savedTrustStore;
- private String savedTrustStorePassword;
- private String savedTrustStoreType;
/**
* Constructor.
@@ -108,6 +107,64 @@ public class JettyServer extends AbstractAxis2Server {
}
}
+ private void generateKeys() throws Exception {
+ SecureRandom random = new SecureRandom();
+
+ // Generate key pair
+ KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
+ keyPairGenerator.initialize(1024, random);
+ KeyPair keyPair = keyPairGenerator.generateKeyPair();
+ PrivateKey privateKey = keyPair.getPrivate();
+ PublicKey publicKey = keyPair.getPublic();
+
+ // Generate certificate
+ X500Name dn = new X500Name("cn=localhost,o=Apache");
+ BigInteger serial = BigInteger.valueOf(random.nextInt());
+ Date notBefore = new Date();
+ Date notAfter = new Date(notBefore.getTime() + 3600000L);
+ SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
+ X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(dn, serial, notBefore, notAfter, dn, subPubKeyInfo);
+ X509CertificateHolder certHolder = certBuilder.build(new JcaContentSignerBuilder("SHA1WithRSA").build(privateKey));
+ X509Certificate cert = new JcaX509CertificateConverter().getCertificate(certHolder);
+
+ // Build key store
+ keyStoreFile = File.createTempFile("keystore", "jks", null);
+ String keyStorePassword = generatePassword(random);
+ String keyPassword = generatePassword(random);
+ KeyStore keyStore = KeyStore.getInstance("JKS");
+ keyStore.load(null, null);
+ keyStore.setKeyEntry(CERT_ALIAS, privateKey, keyPassword.toCharArray(), new X509Certificate[] { cert });
+ writeKeyStore(keyStore, keyStoreFile, keyStorePassword);
+
+ // Build trust store
+ KeyStore trustStore = KeyStore.getInstance("JKS");
+ trustStore.load(null, null);
+ trustStore.setCertificateEntry(CERT_ALIAS, cert);
+
+ serverSslContextFactory = new SslContextFactory();
+ serverSslContextFactory.setKeyStorePath(keyStoreFile.getAbsolutePath());
+ serverSslContextFactory.setKeyStorePassword(keyStorePassword);
+ serverSslContextFactory.setKeyManagerPassword(keyPassword);
+ serverSslContextFactory.setCertAlias(CERT_ALIAS);
+
+ clientSslContext = SSLContext.getInstance("TLS");
+ TrustManagerFactory tmfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ tmfactory.init(trustStore);
+ clientSslContext.init(null, tmfactory.getTrustManagers(), null);
+ }
+
+ @Override
+ public SSLContext getClientSSLContext() throws Exception {
+ if (secure) {
+ if (clientSslContext == null) {
+ generateKeys();
+ }
+ return clientSslContext;
+ } else {
+ return null;
+ }
+ }
+
@Override
protected void startServer(final ConfigurationContext configurationContext) throws Throwable {
server = new Server();
@@ -116,58 +173,11 @@ public class JettyServer extends AbstractAxis2Server {
SelectChannelConnector connector = new SelectChannelConnector();
server.addConnector(connector);
} else {
- SecureRandom random = new SecureRandom();
-
- // Generate key pair
- KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
- keyPairGenerator.initialize(1024, random);
- KeyPair keyPair = keyPairGenerator.generateKeyPair();
- PrivateKey privateKey = keyPair.getPrivate();
- PublicKey publicKey = keyPair.getPublic();
-
- // Generate certificate
- X500Name dn = new X500Name("cn=localhost,o=Apache");
- BigInteger serial = BigInteger.valueOf(random.nextInt());
- Date notBefore = new Date();
- Date notAfter = new Date(notBefore.getTime() + 3600000L);
- SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
- X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(dn, serial, notBefore, notAfter, dn, subPubKeyInfo);
- X509CertificateHolder certHolder = certBuilder.build(new JcaContentSignerBuilder("SHA1WithRSA").build(privateKey));
- X509Certificate cert = new JcaX509CertificateConverter().getCertificate(certHolder);
-
- // Build key store
- keyStoreFile = File.createTempFile("keystore", "jks", null);
- String keyStorePassword = generatePassword(random);
- String keyPassword = generatePassword(random);
- KeyStore keyStore = KeyStore.getInstance("JKS");
- keyStore.load(null, null);
- keyStore.setKeyEntry(CERT_ALIAS, privateKey, keyPassword.toCharArray(), new X509Certificate[] { cert });
- writeKeyStore(keyStore, keyStoreFile, keyStorePassword);
-
- // Build trust store
- trustStoreFile = File.createTempFile("truststore", "jks", null);
- String trustStorePassword = generatePassword(random);
- KeyStore trustStore = KeyStore.getInstance("JKS");
- trustStore.load(null, null);
- trustStore.setCertificateEntry(CERT_ALIAS, cert);
- writeKeyStore(trustStore, trustStoreFile, trustStorePassword);
-
- SslContextFactory sslContextFactory = new SslContextFactory();
- sslContextFactory.setKeyStorePath(keyStoreFile.getAbsolutePath());
- sslContextFactory.setKeyStorePassword(keyStorePassword);
- sslContextFactory.setKeyManagerPassword(keyPassword);
- sslContextFactory.setCertAlias(CERT_ALIAS);
- SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(sslContextFactory);
-
+ if (serverSslContextFactory == null) {
+ generateKeys();
+ }
+ SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(serverSslContextFactory);
server.addConnector(sslConnector);
-
- savedTrustStore = System.getProperty("javax.net.ssl.trustStore");
- System.setProperty("javax.net.ssl.trustStore", trustStoreFile.getAbsolutePath());
- savedTrustStorePassword = System.getProperty("javax.net.ssl.trustStorePassword");
- System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
- savedTrustStoreType = System.getProperty("javax.net.ssl.trustStoreType");
- System.setProperty("javax.net.ssl.trustStoreType", "JKS");
- systemPropertiesSet = true;
}
WebAppContext context = new WebAppContext();
@@ -224,35 +234,12 @@ public class JettyServer extends AbstractAxis2Server {
}
server = null;
}
- if (systemPropertiesSet) {
- if (savedTrustStore != null) {
- System.setProperty("javax.net.ssl.trustStore", savedTrustStore);
- } else {
- System.clearProperty("javax.net.ssl.trustStore");
- }
- if (savedTrustStorePassword != null) {
- System.setProperty("javax.net.ssl.trustStorePassword", savedTrustStorePassword);
- } else {
- System.clearProperty("javax.net.ssl.trustStorePassword");
- }
- if (savedTrustStoreType != null) {
- System.setProperty("javax.net.ssl.trustStoreType", savedTrustStoreType);
- } else {
- System.clearProperty("javax.net.ssl.trustStoreType");
- }
- savedTrustStore = null;
- savedTrustStorePassword = null;
- savedTrustStoreType = null;
- systemPropertiesSet = false;
- }
if (keyStoreFile != null) {
keyStoreFile.delete();
keyStoreFile = null;
}
- if (trustStoreFile != null) {
- trustStoreFile.delete();
- trustStoreFile = null;
- }
+ clientSslContext = null;
+ serverSslContextFactory = null;
}
@Override