You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2017/09/26 12:45:22 UTC
[cxf-fediz] branch master updated: Upgrade STS + IdP integration
tests to use the jetty9 maven plugin
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git
The following commit(s) were added to refs/heads/master by this push:
new 913169d Upgrade STS + IdP integration tests to use the jetty9 maven plugin
913169d is described below
commit 913169ddc74db121fc58f1e7a7019573519dc399
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Tue Sep 26 13:38:12 2017 +0100
Upgrade STS + IdP integration tests to use the jetty9 maven plugin
---
services/idp/pom.xml | 56 ++++++++--------
services/idp/src/test/resources/jetty-https.xml | 49 ++++++++++++++
.../idp/src/test/resources/jetty-ssl-context.xml | 52 +++++++++++++++
services/idp/src/test/resources/jetty-ssl.xml | 77 ++++++++++++++++++++++
services/idp/src/test/resources/jetty.xml | 43 ++++++++++++
services/sts/pom.xml | 52 ++++++++++-----
services/sts/src/test/resources/jetty-https.xml | 49 ++++++++++++++
.../sts/src/test/resources/jetty-ssl-context.xml | 52 +++++++++++++++
services/sts/src/test/resources/jetty-ssl.xml | 77 ++++++++++++++++++++++
services/sts/src/test/resources/jetty.xml | 43 ++++++++++++
10 files changed, 506 insertions(+), 44 deletions(-)
diff --git a/services/idp/pom.xml b/services/idp/pom.xml
index 59c2776..4de7835 100644
--- a/services/idp/pom.xml
+++ b/services/idp/pom.xml
@@ -74,6 +74,21 @@
</excludes>
</resource>
</resources>
+ <testResources>
+ <testResource>
+ <directory>src/test/java</directory>
+ <excludes>
+ <exclude>**/*.java</exclude>
+ </excludes>
+ </testResource>
+ <testResource>
+ <directory>src/test/resources</directory>
+ <includes>
+ <include>**/*</include>
+ </includes>
+ <filtering>true</filtering>
+ </testResource>
+ </testResources>
<plugins>
<plugin>
<!--for mvn tomcat:deploy/:undeploy/:redeploy -->
@@ -193,7 +208,6 @@
<configuration>
<portNames>
<portName>idp.https.port</portName>
- <portName>idp.http.port</portName>
<portName>idp.stop.port</portName>
</portNames>
</configuration>
@@ -221,33 +235,23 @@
</executions>
</plugin>
<plugin>
- <groupId>org.mortbay.jetty</groupId>
+ <groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
- <version>8.1.16.v20140903</version>
+ <version>${jetty9.version}</version>
+ <inherited>true</inherited>
<configuration>
<skip>${skipTests}</skip>
<stopPort>${idp.stop.port}</stopPort>
<stopKey>STOP</stopKey>
- <connectors>
- <connector implementation="org.eclipse.jetty.server.nio.SelectChannelConnector">
- <port>${idp.http.port}</port>
- <maxIdleTime>30000</maxIdleTime>
- </connector>
- <connector implementation="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
- <port>${idp.https.port}</port>
- <maxIdleTime>30000</maxIdleTime>
- <keystore>${basedir}/../../examples/samplekeys/idp-ssl-key.jks</keystore>
- <keyPassword>tompass</keyPassword>
- <password>tompass</password>
- </connector>
- </connectors>
+ <jettyXml>${project.build.directory}/test-classes/jetty.xml,${project.build.directory}/test-classes/jetty-ssl-context.xml,
+ ${project.build.directory}/test-classes/jetty-ssl.xml,${project.build.directory}/test-classes/jetty-https.xml</jettyXml>
<contextHandlers>
- <contextHandler implementation="org.eclipse.jetty.webapp.WebAppContext">
+ <contextHandler implementation="org.eclipse.jetty.maven.plugin.JettyWebAppContext">
<war>${basedir}/target/fediz-idp-sts.war</war>
<contextPath>/fediz-idp-sts</contextPath>
<throwUnavailableOnStartupException>false</throwUnavailableOnStartupException>
</contextHandler>
- <contextHandler implementation="org.eclipse.jetty.webapp.WebAppContext">
+ <contextHandler implementation="org.eclipse.jetty.maven.plugin.JettyWebAppContext">
<war>${basedir}/target/fediz-idp.war</war>
<contextPath>/fediz-idp</contextPath>
</contextHandler>
@@ -258,7 +262,7 @@
<id>start-jetty</id>
<phase>pre-integration-test</phase>
<goals>
- <goal>run-war</goal>
+ <goal>deploy-war</goal>
</goals>
<configuration>
<scanIntervalSeconds>0</scanIntervalSeconds>
@@ -348,7 +352,6 @@
<properties>
<jpa.url>jdbc:hsqldb:target/db/realma/myDB;shutdown=true</jpa.url>
<idp.https.port>9443</idp.https.port>
- <idp.http.port>9080</idp.http.port>
<realm>realm-a</realm>
</properties>
<build>
@@ -357,11 +360,11 @@
</filters>
<plugins>
<plugin>
- <groupId>org.mortbay.jetty</groupId>
+ <groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<configuration>
<contextHandlers>
- <contextHandler implementation="org.eclipse.jetty.webapp.WebAppContext">
+ <contextHandler implementation="org.eclipse.jetty.maven.plugin.JettyWebAppContext">
<war>${basedir}/target/fediz-idp.war</war>
<contextPath>/fediz-idp</contextPath>
</contextHandler>
@@ -376,7 +379,6 @@
<properties>
<jpa.url>jdbc:hsqldb:target/db/realmb/myDB;shutdown=true</jpa.url>
<idp.https.port>12346</idp.https.port>
- <idp.http.port>12345</idp.http.port>
<realm>realm-b</realm>
</properties>
<build>
@@ -385,11 +387,11 @@
</filters>
<plugins>
<plugin>
- <groupId>org.mortbay.jetty</groupId>
+ <groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<configuration>
<contextHandlers>
- <contextHandler implementation="org.eclipse.jetty.webapp.WebAppContext">
+ <contextHandler implementation="org.eclipse.jetty.maven.plugin.JettyWebAppContext">
<war>${basedir}/target/fediz-idp-remote.war</war>
<contextPath>/fediz-idp-remote</contextPath>
</contextHandler>
@@ -444,11 +446,11 @@
</executions>
</plugin>
<plugin>
- <groupId>org.mortbay.jetty</groupId>
+ <groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<configuration>
<contextHandlers combine.children="append">
- <contextHandler implementation="org.eclipse.jetty.webapp.WebAppContext">
+ <contextHandler implementation="org.eclipse.jetty.maven.plugin.JettyWebAppContext">
<war>${basedir}/target/fediz-idp-sts.war</war>
<contextPath>/fediz-idp-sts</contextPath>
</contextHandler>
diff --git a/services/idp/src/test/resources/jetty-https.xml b/services/idp/src/test/resources/jetty-https.xml
new file mode 100644
index 0000000..1fe9a0d
--- /dev/null
+++ b/services/idp/src/test/resources/jetty-https.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+
+<!-- ============================================================= -->
+<!-- Configure a HTTPS connector. -->
+<!-- This configuration must be used in conjunction with jetty.xml -->
+<!-- and jetty-ssl.xml. -->
+<!-- ============================================================= -->
+<Configure id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
+
+ <Call name="addIfAbsentConnectionFactory">
+ <Arg>
+ <New class="org.eclipse.jetty.server.SslConnectionFactory">
+ <Arg name="next">http/1.1</Arg>
+ <Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg>
+ </New>
+ </Arg>
+ </Call>
+
+ <Call name="addConnectionFactory">
+ <Arg>
+ <New class="org.eclipse.jetty.server.HttpConnectionFactory">
+ <Arg name="config"><Ref refid="sslHttpConfig" /></Arg>
+ <Arg name="compliance"><Call class="org.eclipse.jetty.http.HttpCompliance" name="valueOf"><Arg><Property name="jetty.http.compliance" default="RFC7230"/></Arg></Call></Arg>
+ </New>
+ </Arg>
+ </Call>
+
+</Configure>
\ No newline at end of file
diff --git a/services/idp/src/test/resources/jetty-ssl-context.xml b/services/idp/src/test/resources/jetty-ssl-context.xml
new file mode 100644
index 0000000..cfb22d2
--- /dev/null
+++ b/services/idp/src/test/resources/jetty-ssl-context.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+
+<!-- ============================================================= -->
+<!-- SSL ContextFactory configuration -->
+<!-- ============================================================= -->
+<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
+ <Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.keyStorePath" deprecated="jetty.keystore" default="${basedir}/../../examples/samplekeys/idp-ssl-key.jks"/></Set>
+ <Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" deprecated="jetty.keystore.password" default="tompass"/></Set>
+ <Set name="KeyStoreType"><Property name="jetty.sslContext.keyStoreType" default="JKS"/></Set>
+ <Set name="KeyStoreProvider"><Property name="jetty.sslContext.keyStoreProvider"/></Set>
+ <Set name="KeyManagerPassword"><Property name="jetty.sslContext.keyManagerPassword" deprecated="jetty.keymanager.password" default="tompass"/></Set>
+ <Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.trustStorePath" deprecated="jetty.truststore" default="${basedir}/../../examples/samplekeys/idp-ssl-key.jks"/></Set>
+ <Set name="TrustStorePassword"><Property name="jetty.sslContext.trustStorePassword" deprecated="jetty.truststore.password" default="tompass"/></Set>
+ <Set name="TrustStoreType"><Property name="jetty.sslContext.trustStoreType"/></Set>
+ <Set name="TrustStoreProvider"><Property name="jetty.sslContext.trustStoreProvider"/></Set>
+ <Set name="EndpointIdentificationAlgorithm"></Set>
+ <Set name="NeedClientAuth"><Property name="jetty.sslContext.needClientAuth" deprecated="jetty.ssl.needClientAuth" default="false"/></Set>
+ <Set name="WantClientAuth"><Property name="jetty.sslContext.wantClientAuth" deprecated="jetty.ssl.wantClientAuth" default="false"/></Set>
+ <Set name="ExcludeCipherSuites">
+ <Array type="String">
+ <Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
+ <Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
+ <Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
+ <Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
+ <Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
+ <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
+ <Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
+ </Array>
+ </Set>
+ <Set name="useCipherSuitesOrder"><Property name="jetty.sslContext.useCipherSuitesOrder" default="true"/></Set>
+</Configure>
diff --git a/services/idp/src/test/resources/jetty-ssl.xml b/services/idp/src/test/resources/jetty-ssl.xml
new file mode 100644
index 0000000..aae968f
--- /dev/null
+++ b/services/idp/src/test/resources/jetty-ssl.xml
@@ -0,0 +1,77 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<!-- ============================================================= -->
+<!-- Base SSL configuration -->
+<!-- This configuration needs to be used together with 1 or more -->
+<!-- of jetty-https.xml or jetty-http2.xml -->
+<!-- ============================================================= -->
+<Configure id="Server" class="org.eclipse.jetty.server.Server">
+
+ <!-- =========================================================== -->
+ <!-- Add a SSL Connector with no protocol factories -->
+ <!-- =========================================================== -->
+ <Call name="addConnector">
+ <Arg>
+ <New id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
+ <Arg name="server"><Ref refid="Server" /></Arg>
+ <Arg name="acceptors" type="int"><Property name="jetty.ssl.acceptors" deprecated="ssl.acceptors" default="-1"/></Arg>
+ <Arg name="selectors" type="int"><Property name="jetty.ssl.selectors" deprecated="ssl.selectors" default="-1"/></Arg>
+ <Arg name="factories">
+ <Array type="org.eclipse.jetty.server.ConnectionFactory">
+ <!-- uncomment to support proxy protocol
+ <Item>
+ <New class="org.eclipse.jetty.server.ProxyConnectionFactory"/>
+ </Item>-->
+ </Array>
+ </Arg>
+
+ <Set name="host"><Property name="jetty.ssl.host" deprecated="jetty.host" /></Set>
+ <Set name="port"><Property name="jetty.ssl.port" deprecated="ssl.port" default="${idp.https.port}" /></Set>
+ <Set name="idleTimeout"><Property name="jetty.ssl.idleTimeout" deprecated="ssl.timeout" default="30000"/></Set>
+ <Set name="soLingerTime"><Property name="jetty.ssl.soLingerTime" deprecated="ssl.soLingerTime" default="-1"/></Set>
+ <Set name="acceptorPriorityDelta"><Property name="jetty.ssl.acceptorPriorityDelta" deprecated="ssl.acceptorPriorityDelta" default="0"/></Set>
+ <Set name="acceptQueueSize"><Property name="jetty.ssl.acceptQueueSize" deprecated="ssl.acceptQueueSize" default="0"/></Set>
+ </New>
+ </Arg>
+ </Call>
+
+ <!-- =========================================================== -->
+ <!-- Create a TLS specific HttpConfiguration based on the -->
+ <!-- common HttpConfiguration defined in jetty.xml -->
+ <!-- Add a SecureRequestCustomizer to extract certificate and -->
+ <!-- session information -->
+ <!-- =========================================================== -->
+ <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
+ <Arg><Ref refid="httpConfig"/></Arg>
+ <Call name="addCustomizer">
+ <Arg>
+ <New class="org.eclipse.jetty.server.SecureRequestCustomizer">
+ <Arg name="sniHostCheck" type="boolean"><Property name="jetty.ssl.sniHostCheck" default="true"/></Arg>
+ <Arg name="stsMaxAgeSeconds" type="int"><Property name="jetty.ssl.stsMaxAgeSeconds" default="-1"/></Arg>
+ <Arg name="stsIncludeSubdomains" type="boolean"><Property name="jetty.ssl.stsIncludeSubdomains" default="false"/></Arg>
+ </New>
+ </Arg>
+ </Call>
+ </New>
+
+</Configure>
\ No newline at end of file
diff --git a/services/idp/src/test/resources/jetty.xml b/services/idp/src/test/resources/jetty.xml
new file mode 100644
index 0000000..af6079e
--- /dev/null
+++ b/services/idp/src/test/resources/jetty.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+
+<Configure id="Server" class="org.eclipse.jetty.server.Server">
+
+<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
+ <Set name="secureScheme">https</Set>
+ <Set name="securePort">
+ <Property name="jetty.secure.port" default="${idp.https.port}" />
+ </Set>
+ <Set name="outputBufferSize">32768</Set>
+ <Set name="requestHeaderSize">8192</Set>
+ <Set name="responseHeaderSize">8192</Set>
+ <Set name="sendServerVersion">true</Set>
+ <Set name="sendDateHeader">false</Set>
+ <Set name="headerCacheSize">512</Set>
+
+ <!-- Uncomment to enable handling of X-Forwarded- style headers <Call name="addCustomizer">
+ <Arg><New class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/></Arg>
+ </Call> -->
+</New>
+
+</Configure>
\ No newline at end of file
diff --git a/services/sts/pom.xml b/services/sts/pom.xml
index d40bcc1..db8ba6a 100644
--- a/services/sts/pom.xml
+++ b/services/sts/pom.xml
@@ -86,6 +86,37 @@
</dependencies>
<build>
+ <sourceDirectory>${basedir}/src/main/java</sourceDirectory>
+ <testSourceDirectory>${basedir}/src/test/java</testSourceDirectory>
+ <resources>
+ <resource>
+ <directory>src/main/java</directory>
+ <excludes>
+ <exclude>**/*.java</exclude>
+ </excludes>
+ </resource>
+ <resource>
+ <directory>src/main/resources</directory>
+ <includes>
+ <include>**/*</include>
+ </includes>
+ </resource>
+ </resources>
+ <testResources>
+ <testResource>
+ <directory>src/test/java</directory>
+ <excludes>
+ <exclude>**/*.java</exclude>
+ </excludes>
+ </testResource>
+ <testResource>
+ <directory>src/test/resources</directory>
+ <includes>
+ <include>**/*</include>
+ </includes>
+ <filtering>true</filtering>
+ </testResource>
+ </testResources>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
@@ -183,31 +214,18 @@
</executions>
</plugin>
<plugin>
- <groupId>org.mortbay.jetty</groupId>
+ <groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
- <version>8.1.16.v20140903</version>
+ <version>${jetty9.version}</version>
<inherited>true</inherited>
<configuration>
<webApp>
<contextPath>/fediz-idp-sts</contextPath>
</webApp>
- <scanIntervalSeconds>0</scanIntervalSeconds>
- <connectors>
- <connector implementation="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
- <port>${sts.https.port}</port>
- <maxIdleTime>60000</maxIdleTime>
- <keystore>${project.build.directory}/test-classes/jetty-ssl.keystore</keystore>
- <password>jettypw</password>
- <keyPassword>jettypw</keyPassword>
- <truststore>${project.build.directory}/test-classes/jetty-ssl.keystore</truststore>
- <trustPassword>jettypw</trustPassword>
- <wantClientAuth>true</wantClientAuth>
- </connector>
- </connectors>
+ <jettyXml>${project.build.directory}/test-classes/jetty.xml,${project.build.directory}/test-classes/jetty-ssl-context.xml,
+ ${project.build.directory}/test-classes/jetty-ssl.xml,${project.build.directory}/test-classes/jetty-https.xml</jettyXml>
<stopPort>${jetty.port}</stopPort>
<stopKey>STOP</stopKey>
- <systemProperties>
- </systemProperties>
<skip>${skipTests}</skip>
</configuration>
<executions>
diff --git a/services/sts/src/test/resources/jetty-https.xml b/services/sts/src/test/resources/jetty-https.xml
new file mode 100644
index 0000000..1fe9a0d
--- /dev/null
+++ b/services/sts/src/test/resources/jetty-https.xml
@@ -0,0 +1,49 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+
+<!-- ============================================================= -->
+<!-- Configure a HTTPS connector. -->
+<!-- This configuration must be used in conjunction with jetty.xml -->
+<!-- and jetty-ssl.xml. -->
+<!-- ============================================================= -->
+<Configure id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
+
+ <Call name="addIfAbsentConnectionFactory">
+ <Arg>
+ <New class="org.eclipse.jetty.server.SslConnectionFactory">
+ <Arg name="next">http/1.1</Arg>
+ <Arg name="sslContextFactory"><Ref refid="sslContextFactory"/></Arg>
+ </New>
+ </Arg>
+ </Call>
+
+ <Call name="addConnectionFactory">
+ <Arg>
+ <New class="org.eclipse.jetty.server.HttpConnectionFactory">
+ <Arg name="config"><Ref refid="sslHttpConfig" /></Arg>
+ <Arg name="compliance"><Call class="org.eclipse.jetty.http.HttpCompliance" name="valueOf"><Arg><Property name="jetty.http.compliance" default="RFC7230"/></Arg></Call></Arg>
+ </New>
+ </Arg>
+ </Call>
+
+</Configure>
\ No newline at end of file
diff --git a/services/sts/src/test/resources/jetty-ssl-context.xml b/services/sts/src/test/resources/jetty-ssl-context.xml
new file mode 100644
index 0000000..382ea48
--- /dev/null
+++ b/services/sts/src/test/resources/jetty-ssl-context.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+
+<!-- ============================================================= -->
+<!-- SSL ContextFactory configuration -->
+<!-- ============================================================= -->
+<Configure id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory">
+ <Set name="KeyStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.keyStorePath" deprecated="jetty.keystore" default="${project.build.directory}/test-classes/jetty-ssl.keystore"/></Set>
+ <Set name="KeyStorePassword"><Property name="jetty.sslContext.keyStorePassword" deprecated="jetty.keystore.password" default="jettypw"/></Set>
+ <Set name="KeyStoreType"><Property name="jetty.sslContext.keyStoreType" default="JKS"/></Set>
+ <Set name="KeyStoreProvider"><Property name="jetty.sslContext.keyStoreProvider"/></Set>
+ <Set name="KeyManagerPassword"><Property name="jetty.sslContext.keyManagerPassword" deprecated="jetty.keymanager.password" default="jettypw"/></Set>
+ <Set name="TrustStorePath"><Property name="jetty.base" default="." />/<Property name="jetty.sslContext.trustStorePath" deprecated="jetty.truststore" default="${project.build.directory}/test-classes/jetty-ssl.keystore"/></Set>
+ <Set name="TrustStorePassword"><Property name="jetty.sslContext.trustStorePassword" deprecated="jetty.truststore.password" default="jettypw"/></Set>
+ <Set name="TrustStoreType"><Property name="jetty.sslContext.trustStoreType"/></Set>
+ <Set name="TrustStoreProvider"><Property name="jetty.sslContext.trustStoreProvider"/></Set>
+ <Set name="EndpointIdentificationAlgorithm"></Set>
+ <Set name="NeedClientAuth"><Property name="jetty.sslContext.needClientAuth" deprecated="jetty.ssl.needClientAuth" default="false"/></Set>
+ <Set name="WantClientAuth"><Property name="jetty.sslContext.wantClientAuth" deprecated="jetty.ssl.wantClientAuth" default="true"/></Set>
+ <Set name="ExcludeCipherSuites">
+ <Array type="String">
+ <Item>SSL_RSA_WITH_DES_CBC_SHA</Item>
+ <Item>SSL_DHE_RSA_WITH_DES_CBC_SHA</Item>
+ <Item>SSL_DHE_DSS_WITH_DES_CBC_SHA</Item>
+ <Item>SSL_RSA_EXPORT_WITH_RC4_40_MD5</Item>
+ <Item>SSL_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
+ <Item>SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA</Item>
+ <Item>SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA</Item>
+ </Array>
+ </Set>
+ <Set name="useCipherSuitesOrder"><Property name="jetty.sslContext.useCipherSuitesOrder" default="true"/></Set>
+</Configure>
diff --git a/services/sts/src/test/resources/jetty-ssl.xml b/services/sts/src/test/resources/jetty-ssl.xml
new file mode 100644
index 0000000..d685f2d
--- /dev/null
+++ b/services/sts/src/test/resources/jetty-ssl.xml
@@ -0,0 +1,77 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+<!-- ============================================================= -->
+<!-- Base SSL configuration -->
+<!-- This configuration needs to be used together with 1 or more -->
+<!-- of jetty-https.xml or jetty-http2.xml -->
+<!-- ============================================================= -->
+<Configure id="Server" class="org.eclipse.jetty.server.Server">
+
+ <!-- =========================================================== -->
+ <!-- Add a SSL Connector with no protocol factories -->
+ <!-- =========================================================== -->
+ <Call name="addConnector">
+ <Arg>
+ <New id="sslConnector" class="org.eclipse.jetty.server.ServerConnector">
+ <Arg name="server"><Ref refid="Server" /></Arg>
+ <Arg name="acceptors" type="int"><Property name="jetty.ssl.acceptors" deprecated="ssl.acceptors" default="-1"/></Arg>
+ <Arg name="selectors" type="int"><Property name="jetty.ssl.selectors" deprecated="ssl.selectors" default="-1"/></Arg>
+ <Arg name="factories">
+ <Array type="org.eclipse.jetty.server.ConnectionFactory">
+ <!-- uncomment to support proxy protocol
+ <Item>
+ <New class="org.eclipse.jetty.server.ProxyConnectionFactory"/>
+ </Item>-->
+ </Array>
+ </Arg>
+
+ <Set name="host"><Property name="jetty.ssl.host" deprecated="jetty.host" /></Set>
+ <Set name="port"><Property name="jetty.ssl.port" deprecated="ssl.port" default="${sts.https.port}" /></Set>
+ <Set name="idleTimeout"><Property name="jetty.ssl.idleTimeout" deprecated="ssl.timeout" default="30000"/></Set>
+ <Set name="soLingerTime"><Property name="jetty.ssl.soLingerTime" deprecated="ssl.soLingerTime" default="-1"/></Set>
+ <Set name="acceptorPriorityDelta"><Property name="jetty.ssl.acceptorPriorityDelta" deprecated="ssl.acceptorPriorityDelta" default="0"/></Set>
+ <Set name="acceptQueueSize"><Property name="jetty.ssl.acceptQueueSize" deprecated="ssl.acceptQueueSize" default="0"/></Set>
+ </New>
+ </Arg>
+ </Call>
+
+ <!-- =========================================================== -->
+ <!-- Create a TLS specific HttpConfiguration based on the -->
+ <!-- common HttpConfiguration defined in jetty.xml -->
+ <!-- Add a SecureRequestCustomizer to extract certificate and -->
+ <!-- session information -->
+ <!-- =========================================================== -->
+ <New id="sslHttpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
+ <Arg><Ref refid="httpConfig"/></Arg>
+ <Call name="addCustomizer">
+ <Arg>
+ <New class="org.eclipse.jetty.server.SecureRequestCustomizer">
+ <Arg name="sniHostCheck" type="boolean"><Property name="jetty.ssl.sniHostCheck" default="true"/></Arg>
+ <Arg name="stsMaxAgeSeconds" type="int"><Property name="jetty.ssl.stsMaxAgeSeconds" default="-1"/></Arg>
+ <Arg name="stsIncludeSubdomains" type="boolean"><Property name="jetty.ssl.stsIncludeSubdomains" default="false"/></Arg>
+ </New>
+ </Arg>
+ </Call>
+ </New>
+
+</Configure>
\ No newline at end of file
diff --git a/services/sts/src/test/resources/jetty.xml b/services/sts/src/test/resources/jetty.xml
new file mode 100644
index 0000000..c9feb81
--- /dev/null
+++ b/services/sts/src/test/resources/jetty.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0"?>
+<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_3.dtd">
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+
+
+<Configure id="Server" class="org.eclipse.jetty.server.Server">
+
+<New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
+ <Set name="secureScheme">https</Set>
+ <Set name="securePort">
+ <Property name="jetty.secure.port" default="${sts.https.port}" />
+ </Set>
+ <Set name="outputBufferSize">32768</Set>
+ <Set name="requestHeaderSize">8192</Set>
+ <Set name="responseHeaderSize">8192</Set>
+ <Set name="sendServerVersion">true</Set>
+ <Set name="sendDateHeader">false</Set>
+ <Set name="headerCacheSize">512</Set>
+
+ <!-- Uncomment to enable handling of X-Forwarded- style headers <Call name="addCustomizer">
+ <Arg><New class="org.eclipse.jetty.server.ForwardedRequestCustomizer"/></Arg>
+ </Call> -->
+</New>
+
+</Configure>
\ No newline at end of file
--
To stop receiving notification emails like this one, please contact
['"commits@cxf.apache.org" <co...@cxf.apache.org>'].