[jboss-cvs] JBossAS SVN: r62192 - in branches/Branch_4_2/ejb3: src/resources/test-configs/invoker and 7 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Apr 9 19:39:06 EDT 2007
Author: bdecoste
Date: 2007-04-09 19:39:06 -0400 (Mon, 09 Apr 2007)
New Revision: 62192
Added:
branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/conf/
branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/conf/localhost.keystore
branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/jboss-web.deployer/
branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/jboss-web.deployer/server.xml
branches/Branch_4_2/ejb3/src/test/org/jboss/ejb3/test/invoker/StatelessSSLBean.java
Modified:
branches/Branch_4_2/ejb3/build-test.xml
branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/ejb3.deployer/META-INF/jboss-service.xml
branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/servlet-invoker.war/WEB-INF/web.xml
branches/Branch_4_2/ejb3/src/test/org/jboss/ejb3/test/invoker/unit/InvokerTestCase.java
Log:
test for accessing EJB3s via HTTPS
Modified: branches/Branch_4_2/ejb3/build-test.xml
===================================================================
--- branches/Branch_4_2/ejb3/build-test.xml 2007-04-09 23:18:54 UTC (rev 62191)
+++ branches/Branch_4_2/ejb3/build-test.xml 2007-04-09 23:39:06 UTC (rev 62192)
@@ -3881,18 +3881,17 @@
</patternset>
</create-config>
- <start-jboss conf="invoker" host="${node0}" jboss.dist="${ejb3.dist}" jvmargs="${ejb3.jboss.jvmargs}"/>
+ <property name="ssl-args" value="-Djavax.net.ssl.keyStore=${ejb3.dist}/server/invoker/conf/localhost.keystore -Djavax.net.ssl.keyStorePassword=opensource -Djava.protocol.handler.pkgs=javax.net.ssl ${ejb3.jboss.jvmargs}"/>
+
+ <start-jboss conf="invoker" host="${node0}" jboss.dist="${ejb3.dist}" jvmargs="${ssl-args}"/>
<wait-on-host/>
- <property name="jvmargs" value=""/>
+ <!-- Tell client to use the supplied truststore -->
+ <property name="jvmargs" value="-Djavax.net.ssl.trustStore=${resources}/test/ssl/localhost.truststore -Djavax.net.ssl.trustStorePassword=opensource -Djava.protocol.handler.pkgs=javax.net.ssl"/>
- <!--antcall target="test-with-jvmargs" inheritRefs="true">
+ <antcall target="test-with-jvmargs" inheritRefs="true">
<param name="test" value="invoker"/>
<param name="jvmargs" value="${jvmargs}"/>
- </antcall-->
-
- <antcall target="test" inheritRefs="true">
- <param name="test" value="invoker"/>
</antcall>
<stop-jboss jboss.dist="${ejb3.dist}"/>
Added: branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/conf/localhost.keystore
===================================================================
(Binary files differ)
Property changes on: branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/conf/localhost.keystore
___________________________________________________________________
Name: svn:mime-type
+ application/octet-stream
Modified: branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/ejb3.deployer/META-INF/jboss-service.xml
===================================================================
--- branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/ejb3.deployer/META-INF/jboss-service.xml 2007-04-09 23:18:54 UTC (rev 62191)
+++ branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/ejb3.deployer/META-INF/jboss-service.xml 2007-04-09 23:39:06 UTC (rev 62192)
@@ -293,5 +293,20 @@
</handlers>
</attribute>
</mbean>
+
+ <mbean code="org.jboss.remoting.transport.Connector"
+ name="jboss.remoting:service=Connector,transport=SSLServlet"
+ display-name="Servlet ssl transport Connector">
+ <depends>jboss.aop:service=AspectDeployer</depends>
+ <attribute name="InvokerLocator">
+ sslservlet://${jboss.bind.address}:8443/servlet-invoker/SSLServerInvokerServlet
+ </attribute>
+
+ <attribute name="Configuration">
+ <handlers>
+ <handler subsystem="AOP">org.jboss.aspects.remoting.AOPRemotingInvocationHandler</handler>
+ </handlers>
+ </attribute>
+ </mbean>
</server>
Added: branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/jboss-web.deployer/server.xml
===================================================================
--- branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/jboss-web.deployer/server.xml (rev 0)
+++ branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/jboss-web.deployer/server.xml 2007-04-09 23:39:06 UTC (rev 62192)
@@ -0,0 +1,173 @@
+<Server>
+
+ <!--APR library loader. Documentation at /docs/apr.html -->
+ <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
+ <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
+ <Listener className="org.apache.catalina.core.JasperListener" />
+
+ <!-- Use a custom version of StandardService that allows the
+ connectors to be started independent of the normal lifecycle
+ start to allow web apps to be deployed before starting the
+ connectors.
+ -->
+ <Service name="jboss.web"
+ className="org.jboss.web.tomcat.service.StandardService">
+
+ <!-- A "Connector" represents an endpoint by which requests are received
+ and responses are returned. Documentation at :
+ Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
+ Java AJP Connector: /docs/config/ajp.html
+ APR (HTTP/AJP) Connector: /docs/apr.html
+ Define a non-SSL HTTP/1.1 Connector on port 8080
+ -->
+ <Connector port="8080" address="${jboss.bind.address}"
+ maxThreads="250" strategy="ms" maxHttpHeaderSize="8192"
+ emptySessionPath="true" protocol="HTTP/1.1"
+ enableLookups="false" redirectPort="8443" acceptCount="100"
+ connectionTimeout="20000" disableUploadTimeout="true" />
+
+ <!-- Define a SSL HTTP/1.1 Connector on port 8443
+ This connector uses the JSSE configuration, when using APR, the
+ connector should be using the OpenSSL style configuration
+ described in the APR documentation -->
+
+ <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
+ maxThreads="150" scheme="https" secure="true"
+ clientAuth="false"
+ address="${jboss.bind.address}"
+ keystoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
+ keystorePass="opensource"
+ truststoreFile="${jboss.server.home.dir}/conf/localhost.keystore"
+ truststorePass="opensource"
+ sslProtocol="TLS"/>
+
+ <!-- Define an AJP 1.3 Connector on port 8009 -->
+ <Connector port="8009" address="${jboss.bind.address}" protocol="AJP/1.3"
+ emptySessionPath="true" enableLookups="false" redirectPort="8443" />
+
+ <Engine name="jboss.web" defaultHost="localhost">
+
+ <!-- The JAAS based authentication and authorization realm implementation
+ that is compatible with the jboss 3.2.x realm implementation.
+ - certificatePrincipal : the class name of the
+ org.jboss.security.auth.certs.CertificatePrincipal impl
+ used for mapping X509[] cert chains to a Princpal.
+ - allRolesMode : how to handle an auth-constraint with a role-name=*,
+ one of strict, authOnly, strictAuthOnly
+ + strict = Use the strict servlet spec interpretation which requires
+ that the user have one of the web-app/security-role/role-name
+ + authOnly = Allow any authenticated user
+ + strictAuthOnly = Allow any authenticated user only if there are no
+ web-app/security-roles
+ -->
+ <Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
+ certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
+ allRolesMode="authOnly"
+ />
+ <!-- A subclass of JBossSecurityMgrRealm that uses the authentication
+ behavior of JBossSecurityMgrRealm, but overrides the authorization
+ checks to use JACC permissions with the current java.security.Policy
+ to determine authorized access.
+ - allRolesMode : how to handle an auth-constraint with a role-name=*,
+ one of strict, authOnly, strictAuthOnly
+ + strict = Use the strict servlet spec interpretation which requires
+ that the user have one of the web-app/security-role/role-name
+ + authOnly = Allow any authenticated user
+ + strictAuthOnly = Allow any authenticated user only if there are no
+ web-app/security-roles
+ <Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm"
+ certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
+ allRolesMode="authOnly"
+ />
+ -->
+
+ <Host name="localhost"
+ autoDeploy="false" deployOnStartup="false" deployXML="false"
+ configClass="org.jboss.web.tomcat.security.config.JBossContextConfig"
+ >
+
+ <!-- Uncomment to enable request dumper. This Valve "logs interesting
+ contents from the specified Request (before processing) and the
+ corresponding Response (after processing). It is especially useful
+ in debugging problems related to headers and cookies."
+ -->
+ <!--
+ <Valve className="org.apache.catalina.valves.RequestDumperValve" />
+ -->
+
+ <!-- Access logger -->
+ <!--
+ <Valve className="org.apache.catalina.valves.AccessLogValve"
+ prefix="localhost_access_log." suffix=".log"
+ pattern="common" directory="${jboss.server.home.dir}/log"
+ resolveHosts="false" />
+ -->
+
+ <!-- Uncomment to enable single sign-on across web apps
+ deployed to this host. Does not provide SSO across a cluster.
+
+ If this valve is used, do not use the JBoss ClusteredSingleSignOn
+ valve shown below.
+
+ A new configuration attribute is available beginning with
+ release 4.0.4:
+
+ cookieDomain configures the domain to which the SSO cookie
+ will be scoped (i.e. the set of hosts to
+ which the cookie will be presented). By default
+ the cookie is scoped to "/", meaning the host
+ that presented it. Set cookieDomain to a
+ wider domain (e.g. "xyz.com") to allow an SSO
+ to span more than one hostname.
+ -->
+ <!--
+ <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
+ -->
+
+ <!-- Uncomment to enable single sign-on across web apps
+ deployed to this host AND to all other hosts in the cluster.
+
+ If this valve is used, do not use the standard Tomcat SingleSignOn
+ valve shown above.
+
+ Valve uses a JBossCache instance to support SSO credential
+ caching and replication across the cluster. The JBossCache
+ instance must be configured separately. By default, the valve
+ shares a JBossCache with the service that supports HttpSession
+ replication. See the "jboss-web-cluster-service.xml" file in the
+ server/all/deploy directory for cache configuration details.
+
+ Besides the attributes supported by the standard Tomcat
+ SingleSignOn valve (see the Tomcat docs), this version also
+ supports the following attributes:
+
+ cookieDomain see above
+
+ treeCacheName JMX ObjectName of the JBossCache MBean used to
+ support credential caching and replication across
+ the cluster. If not set, the default value is
+ "jboss.cache:service=TomcatClusteringCache", the
+ standard ObjectName of the JBossCache MBean used
+ to support session replication.
+ -->
+ <!--
+ <Valve className="org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn" />
+ -->
+
+ <!-- Check for unclosed connections and transaction terminated checks
+ in servlets/jsps.
+
+ Important: The dependency on the CachedConnectionManager
+ in META-INF/jboss-service.xml must be uncommented, too
+ -->
+ <Valve className="org.jboss.web.tomcat.service.jca.CachedConnectionValve"
+ cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager"
+ transactionManagerObjectName="jboss:service=TransactionManager" />
+
+ </Host>
+
+ </Engine>
+
+ </Service>
+
+</Server>
Modified: branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/servlet-invoker.war/WEB-INF/web.xml
===================================================================
--- branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/servlet-invoker.war/WEB-INF/web.xml 2007-04-09 23:18:54 UTC (rev 62191)
+++ branches/Branch_4_2/ejb3/src/resources/test-configs/invoker/deploy/servlet-invoker.war/WEB-INF/web.xml 2007-04-09 23:39:06 UTC (rev 62192)
@@ -21,9 +21,27 @@
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
+ <servlet>
+ <servlet-name>SSLServerInvokerServlet</servlet-name>
+ <description>The ServerInvokerServlet receives requests via HTTPS
+ protocol from within a web container and passes it onto the
+ ServletServerInvoker for processing.
+ </description>
+ <servlet-class>org.jboss.remoting.transport.servlet.web.ServerInvokerServlet</servlet-class>
+ <init-param>
+ <param-name>locatorUrl</param-name>
+ <param-value>sslservlet://localhost:8443/servlet-invoker/SSLServerInvokerServlet</param-value>
+ <description>The ssl servlet server invoker locator url</description>
+ </init-param>
+ <load-on-startup>1</load-on-startup>
+ </servlet>
<servlet-mapping>
<servlet-name>ServerInvokerServlet</servlet-name>
<url-pattern>/ServerInvokerServlet/*</url-pattern>
</servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>SSLServerInvokerServlet</servlet-name>
+ <url-pattern>/SSLServerInvokerServlet/*</url-pattern>
+ </servlet-mapping>
</web-app>
Added: branches/Branch_4_2/ejb3/src/test/org/jboss/ejb3/test/invoker/StatelessSSLBean.java
===================================================================
--- branches/Branch_4_2/ejb3/src/test/org/jboss/ejb3/test/invoker/StatelessSSLBean.java (rev 0)
+++ branches/Branch_4_2/ejb3/src/test/org/jboss/ejb3/test/invoker/StatelessSSLBean.java 2007-04-09 23:39:06 UTC (rev 62192)
@@ -0,0 +1,45 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2006, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.jboss.ejb3.test.invoker;
+
+import javax.ejb.Stateless;
+import javax.ejb.Remote;
+
+import org.jboss.annotation.ejb.RemoteBinding;
+import org.jboss.annotation.ejb.RemoteBindings;
+
+/**
+ * @author <a href="mailto:bdecoste at jboss.com">William DeCoste</a>
+ */
+ at Stateless
+ at RemoteBindings({
+ @RemoteBinding(clientBindUrl="https://0.0.0.0:8443/servlet-invoker/SSLServerInvokerServlet", jndiBinding="StatelessHttps")
+})
+ at Remote(StatelessRemote.class)
+public class StatelessSSLBean implements StatelessRemote
+{
+ public String echo(String s)
+ {
+ return s;
+ }
+}
Modified: branches/Branch_4_2/ejb3/src/test/org/jboss/ejb3/test/invoker/unit/InvokerTestCase.java
===================================================================
--- branches/Branch_4_2/ejb3/src/test/org/jboss/ejb3/test/invoker/unit/InvokerTestCase.java 2007-04-09 23:18:54 UTC (rev 62191)
+++ branches/Branch_4_2/ejb3/src/test/org/jboss/ejb3/test/invoker/unit/InvokerTestCase.java 2007-04-09 23:39:06 UTC (rev 62192)
@@ -42,7 +42,7 @@
super(name);
}
- public void testHttp() throws Exception
+ public void atestHttp() throws Exception
{
Properties props = new Properties();
props.put("java.naming.factory.initial", "org.jboss.naming.HttpNamingContextFactory");
@@ -53,13 +53,23 @@
StatelessRemote stateless = (StatelessRemote)jndiContext.lookup("StatelessHttp");
assertNotNull(stateless);
+
+ assertEquals("echo", stateless.echo("echo"));
+ }
+
+ public void testHttps() throws Exception
+ {
+ Properties props = new Properties();
+ props.put("java.naming.factory.initial", "org.jboss.naming.HttpNamingContextFactory");
+ props.put("java.naming.provider.url", "http://localhost:8080/invoker/JNDIFactory");
+ props.put("java.naming.factory.url.pkgs", "org.jboss.naming");
+ InitialContext jndiContext = new InitialContext(props);
+ //InitialContext jndiContext = new InitialContext();
- try
- {
+ StatelessRemote stateless = (StatelessRemote)jndiContext.lookup("StatelessHttps");
+ assertNotNull(stateless);
+
assertEquals("echo", stateless.echo("echo"));
- } catch (Exception e){
- e.printStackTrace();
- }
}
public static Test suite() throws Exception
More information about the jboss-cvs-commits
mailing list