You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by da...@apache.org on 2016/05/28 13:58:34 UTC
[3/4] camel git commit: Added unittest for new SSL-config (good trust,
no trust, wrong trust)
Added unittest for new SSL-config (good trust, no trust, wrong trust)
Project: http://git-wip-us.apache.org/repos/asf/camel/repo
Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/37c4c0df
Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/37c4c0df
Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/37c4c0df
Branch: refs/heads/master
Commit: 37c4c0df05f3b6ed1a8cdbdbcd0c6ca86ded9bd5
Parents: 36be62e
Author: Arno Noordover <an...@users.noreply.github.com>
Authored: Sat May 28 10:37:57 2016 +0200
Committer: Claus Ibsen <da...@apache.org>
Committed: Sat May 28 15:55:54 2016 +0200
----------------------------------------------------------------------
.../camel/component/cxf/CXFTestSupport.java | 2 +
.../apache/camel/component/cxf/GreeterImpl.java | 26 +++++
.../apache/camel/component/cxf/ssl/SslTest.java | 102 +++++++++++++++++++
.../camel/component/cxf/CxfSslContext.xml | 96 +++++++++++++++++
.../src/test/resources/ssl/keystore-server.jks | Bin 0 -> 2033 bytes
.../src/test/resources/ssl/keystore-wrong.jks | Bin 0 -> 2057 bytes
.../src/test/resources/ssl/keystores.txt | 7 ++
.../test/resources/ssl/truststore-client.jks | Bin 0 -> 743 bytes
.../src/test/resources/ssl/truststore-wrong.jks | Bin 0 -> 767 bytes
9 files changed, 233 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/camel/blob/37c4c0df/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/CXFTestSupport.java
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/CXFTestSupport.java b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/CXFTestSupport.java
index de475a6..a40c2d8 100644
--- a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/CXFTestSupport.java
+++ b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/CXFTestSupport.java
@@ -32,6 +32,7 @@ public final class CXFTestSupport {
static final int PORT4 = AvailablePortFinder.getNextAvailable();
static final int PORT5 = AvailablePortFinder.getNextAvailable();
static final int PORT6 = AvailablePortFinder.getNextAvailable();
+ static final int SSL_PORT = AvailablePortFinder.getNextAvailable();
static {
//set them as system properties so Spring can use the property placeholder
@@ -42,6 +43,7 @@ public final class CXFTestSupport {
System.setProperty("CXFTestSupport.port4", Integer.toString(PORT4));
System.setProperty("CXFTestSupport.port5", Integer.toString(PORT5));
System.setProperty("CXFTestSupport.port6", Integer.toString(PORT6));
+ System.setProperty("CXFTestSupport.sslPort", Integer.toString(SSL_PORT));
System.setProperty("org.apache.cxf.transports.http_jetty.DontClosePort", "true");
}
http://git-wip-us.apache.org/repos/asf/camel/blob/37c4c0df/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/GreeterImpl.java
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/GreeterImpl.java b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/GreeterImpl.java
new file mode 100644
index 0000000..c2f05d7
--- /dev/null
+++ b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/GreeterImpl.java
@@ -0,0 +1,26 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.camel.component.cxf;
+
+public class GreeterImpl extends org.apache.hello_world_soap_http.GreeterImpl {
+
+ @Override
+ public String greetMe(String hi) {
+ return "Greet " + hi;
+ }
+}
http://git-wip-us.apache.org/repos/asf/camel/blob/37c4c0df/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/ssl/SslTest.java
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/ssl/SslTest.java b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/ssl/SslTest.java
new file mode 100644
index 0000000..856858d
--- /dev/null
+++ b/components/camel-cxf/src/test/java/org/apache/camel/component/cxf/ssl/SslTest.java
@@ -0,0 +1,102 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.cxf.ssl;
+
+import java.util.ArrayList;
+import java.util.List;
+import javax.xml.ws.Endpoint;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.Processor;
+import org.apache.camel.component.cxf.CXFTestSupport;
+import org.apache.camel.component.cxf.GreeterImpl;
+import org.apache.camel.component.cxf.common.message.CxfConstants;
+import org.apache.camel.test.spring.CamelSpringTestSupport;
+import org.apache.hello_world_soap_http.Greeter;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.springframework.context.support.AbstractXmlApplicationContext;
+import org.springframework.context.support.ClassPathXmlApplicationContext;
+
+import static org.hamcrest.core.Is.is;
+
+public class SslTest extends CamelSpringTestSupport {
+
+ protected static final String GREET_ME_OPERATION = "greetMe";
+ protected static final String TEST_MESSAGE = "Hello World!";
+ protected static final String JAXWS_SERVER_ADDRESS
+ = "https://localhost:" + CXFTestSupport.getPort1() + "/CxfSslTest/SoapContext/SoapPort";
+
+ @Override
+ public boolean isCreateCamelContextPerClass() {
+ return true;
+ }
+
+ @AfterClass
+ public static void cleanUp() {
+ //System.getProperties().remove("cxf.config.file");
+ }
+
+ @BeforeClass
+ public static void startService() {
+ //System.getProperties().put("cxf.config.file", "/org/apache/camel/component/cxf/CxfSslContext.xml");
+ //Greeter implementor = new GreeterImpl();
+ //Endpoint.publish(JAXWS_SERVER_ADDRESS, implementor);
+ }
+
+ @Test
+ public void testInvokingTrustRoute() throws Exception {
+ Exchange reply = sendJaxWsMessage("direct:trust");
+ assertFalse("We expect no exception here", reply.isFailed());
+ }
+
+ @Test
+ public void testInvokingNoTrustRoute() throws Exception {
+ Exchange reply = sendJaxWsMessage("direct:noTrust");
+ assertTrue("We expect the exception here", reply.isFailed());
+ Throwable e = reply.getException().getCause();
+ assertThat(e.getClass().getCanonicalName(), is("javax.net.ssl.SSLHandshakeException"));
+ }
+
+ @Test
+ public void testInvokingWrongTrustRoute() throws Exception {
+ Exchange reply = sendJaxWsMessage("direct:wrongTrust");
+ assertTrue("We expect the exception here", reply.isFailed());
+ Throwable e = reply.getException().getCause();
+ assertThat(e.getClass().getCanonicalName(), is("javax.net.ssl.SSLHandshakeException"));
+ }
+
+ protected Exchange sendJaxWsMessage(String endpointUri) throws InterruptedException {
+ Exchange exchange = template.send(endpointUri, new Processor() {
+ public void process(final Exchange exchange) {
+ final List<String> params = new ArrayList<String>();
+ params.add(TEST_MESSAGE);
+ exchange.getIn().setBody(params);
+ exchange.getIn().setHeader(CxfConstants.OPERATION_NAME, GREET_ME_OPERATION);
+ }
+ });
+ return exchange;
+ }
+
+ @Override
+ protected AbstractXmlApplicationContext createApplicationContext() {
+ // we can put the http conduit configuration here
+ return new ClassPathXmlApplicationContext("org/apache/camel/component/cxf/CxfSslContext.xml");
+ }
+
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/camel/blob/37c4c0df/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/CxfSslContext.xml
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/CxfSslContext.xml b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/CxfSslContext.xml
new file mode 100644
index 0000000..4e9c339
--- /dev/null
+++ b/components/camel-cxf/src/test/resources/org/apache/camel/component/cxf/CxfSslContext.xml
@@ -0,0 +1,96 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:cxf="http://camel.apache.org/schema/cxf"
+ xmlns:sec="http://cxf.apache.org/configuration/security"
+ xmlns:httpj="http://cxf.apache.org/transports/http-jetty/configuration"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://camel.apache.org/schema/cxf http://camel.apache.org/schema/cxf/camel-cxf.xsd
+ http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd
+ http://cxf.apache.org/configuration/security http://cxf.apache.org/schemas/configuration/security.xsd
+ http://cxf.apache.org/transports/http-jetty/configuration http://cxf.apache.org/schemas/configuration/http-jetty.xsd
+">
+
+ <bean class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer"/>
+
+ <httpj:engine-factory bus="cxf">
+ <!-- you just need to specify the TLS Server configuration for the certain port -->
+ <httpj:engine port="${CXFTestSupport.sslPort}">
+ <httpj:tlsServerParameters>
+ <sec:keyManagers keyPassword="changeit">
+ <sec:keyStore type="JKS" password="changeit"
+ resource="/ssl/keystore-server.jks"/>
+ </sec:keyManagers>
+ <sec:clientAuthentication want="false" required="false"/>
+ </httpj:tlsServerParameters>
+ </httpj:engine>
+ </httpj:engine-factory>
+
+ <import resource="classpath:META-INF/cxf/cxf.xml"/>
+
+ <sslContextParameters xmlns="http://camel.apache.org/schema/spring"
+ id="wrongSslContext">
+ <trustManagers>
+ <keyStore type="JKS" resource="/ssl/truststore-wrong.jks"
+ password="changeit"/>
+ </trustManagers>
+ </sslContextParameters>
+ <sslContextParameters xmlns="http://camel.apache.org/schema/spring"
+ id="mySslContext">
+ <trustManagers>
+ <keyStore type="JKS" resource="/ssl/truststore-client.jks"
+ password="changeit"/>
+ </trustManagers>
+ </sslContextParameters>
+
+ <bean id="defaultHostnameVerifier"
+ class="org.apache.cxf.transport.https.httpclient.DefaultHostnameVerifier"/>
+
+ <cxf:cxfEndpoint id="springEndpoint"
+ address="https://localhost:${CXFTestSupport.sslPort}/CxfSslTest/SoapContext/SoapPort"
+ serviceClass="org.apache.hello_world_soap_http.Greeter"/>
+
+ <bean id="greeter" class="org.apache.camel.component.cxf.GreeterImpl"/>
+ <camelContext id="camel" xmlns="http://camel.apache.org/schema/spring" errorHandlerRef="noErrorHandler">
+ <route errorHandlerRef="noErrorHandler">
+ <from uri="cxf:bean:springEndpoint"/>
+ <to uri="bean:greeter?method=greetMe"/>
+ </route>
+
+ <route errorHandlerRef="noErrorHandler">
+ <from uri="direct:trust"/>
+ <to uri="cxf:bean:springEndpoint?sslContextParameters=#mySslContext&hostnameVerifier=#defaultHostnameVerifier"/>
+ </route>
+
+ <route errorHandlerRef="noErrorHandler">
+ <from uri="direct:wrongTrust"/>
+ <to uri="cxf:bean:springEndpoint?sslContextParameters=#wrongSslContext&hostnameVerifier=#defaultHostnameVerifier"/>
+ </route>
+
+ <route errorHandlerRef="noErrorHandler">
+ <from uri="direct:noTrust"/>
+ <to uri="cxf:bean:springEndpoint"/>
+ </route>
+
+ </camelContext>
+
+ <bean id="noErrorHandler" class="org.apache.camel.builder.NoErrorHandlerBuilder"/>
+
+</beans>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/camel/blob/37c4c0df/components/camel-cxf/src/test/resources/ssl/keystore-server.jks
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/resources/ssl/keystore-server.jks b/components/camel-cxf/src/test/resources/ssl/keystore-server.jks
new file mode 100644
index 0000000..41e39c7
Binary files /dev/null and b/components/camel-cxf/src/test/resources/ssl/keystore-server.jks differ
http://git-wip-us.apache.org/repos/asf/camel/blob/37c4c0df/components/camel-cxf/src/test/resources/ssl/keystore-wrong.jks
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/resources/ssl/keystore-wrong.jks b/components/camel-cxf/src/test/resources/ssl/keystore-wrong.jks
new file mode 100644
index 0000000..9b6dd28
Binary files /dev/null and b/components/camel-cxf/src/test/resources/ssl/keystore-wrong.jks differ
http://git-wip-us.apache.org/repos/asf/camel/blob/37c4c0df/components/camel-cxf/src/test/resources/ssl/keystores.txt
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/resources/ssl/keystores.txt b/components/camel-cxf/src/test/resources/ssl/keystores.txt
new file mode 100644
index 0000000..1317d5d
--- /dev/null
+++ b/components/camel-cxf/src/test/resources/ssl/keystores.txt
@@ -0,0 +1,7 @@
+passwords: changeit
+Keystore for server:
+keystore-server.jks
+
+Keystore on client side matching keystore-server.jks:
+truststore-client.jks
+
http://git-wip-us.apache.org/repos/asf/camel/blob/37c4c0df/components/camel-cxf/src/test/resources/ssl/truststore-client.jks
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/resources/ssl/truststore-client.jks b/components/camel-cxf/src/test/resources/ssl/truststore-client.jks
new file mode 100644
index 0000000..0d6d55a
Binary files /dev/null and b/components/camel-cxf/src/test/resources/ssl/truststore-client.jks differ
http://git-wip-us.apache.org/repos/asf/camel/blob/37c4c0df/components/camel-cxf/src/test/resources/ssl/truststore-wrong.jks
----------------------------------------------------------------------
diff --git a/components/camel-cxf/src/test/resources/ssl/truststore-wrong.jks b/components/camel-cxf/src/test/resources/ssl/truststore-wrong.jks
new file mode 100644
index 0000000..8e5723d
Binary files /dev/null and b/components/camel-cxf/src/test/resources/ssl/truststore-wrong.jks differ