[jboss-cvs] JBossAS SVN: r104006 - trunk/testsuite/src/main/org/jboss/test/security/service.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Apr 15 11:45:45 EDT 2010
Author: sguilhen at redhat.com
Date: 2010-04-15 11:45:44 -0400 (Thu, 15 Apr 2010)
New Revision: 104006
Modified:
trunk/testsuite/src/main/org/jboss/test/security/service/HttpsClient.java
Log:
JBAS-7942: Fixed HttpsClient by setting a SSLSocketFactory that points to the tests truststore in the HTTP connection
Modified: trunk/testsuite/src/main/org/jboss/test/security/service/HttpsClient.java
===================================================================
--- trunk/testsuite/src/main/org/jboss/test/security/service/HttpsClient.java 2010-04-15 14:19:38 UTC (rev 104005)
+++ trunk/testsuite/src/main/org/jboss/test/security/service/HttpsClient.java 2010-04-15 15:45:44 UTC (rev 104006)
@@ -29,11 +29,16 @@
import java.net.MalformedURLException;
import java.net.Socket;
import java.net.URL;
+import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
import java.util.StringTokenizer;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
import org.jboss.invocation.http.interfaces.Util;
import org.jboss.logging.Logger;
@@ -41,213 +46,214 @@
import org.jboss.test.util.SecurityProviderUtil;
import org.jboss.vfs.VirtualFile;
-/** A test mbean service that reads input from an https url passed in
- to its readURL method.
-
- @author Scott.Stark at jboss.org
- @version $Revision$
+/**
+ * A test mbean service that reads input from an https url passed in to its
+ * readURL method.
+ *
+ * @author Scott.Stark at jboss.org
+ * @version $Revision$
*/
-public class HttpsClient extends ServiceMBeanSupport implements HttpsClientMBean
-{
- // Constants -----------------------------------------------------
+public class HttpsClient extends ServiceMBeanSupport implements
+ HttpsClientMBean {
+ // Constants -----------------------------------------------------
- // Attributes ----------------------------------------------------
- private boolean addedHttpsHandler;
+ // Attributes ----------------------------------------------------
+ private boolean addedHttpsHandler;
- private boolean addedJSSEProvider;
+ private boolean addedJSSEProvider;
- // Static --------------------------------------------------------
+ // Static --------------------------------------------------------
- // Constructors --------------------------------------------------
- public HttpsClient()
- {
- }
+ // Constructors --------------------------------------------------
+ public HttpsClient() {
+ }
- public String getName()
- {
- return "HttpsClient";
- }
+ public String getName() {
+ return "HttpsClient";
+ }
- /** Read the contents of the given URL and return it. */
- public String readURL(String urlString) throws IOException
- {
- try
- {
- String reply = internalReadURL(urlString);
- log.debug("readURL -> " + reply);
- return reply;
- }
- catch (Throwable e)
- {
- log.error("Failed to readURL", e);
- throw new IOException("Failed to readURL, ex=" + e.getMessage());
- }
- }
+ /** Read the contents of the given URL and return it. */
+ public String readURL(String urlString) throws IOException {
+ try {
+ String reply = internalReadURL(urlString);
+ log.debug("readURL -> " + reply);
+ return reply;
+ } catch (Throwable e) {
+ log.error("Failed to readURL", e);
+ throw new IOException("Failed to readURL, ex=" + e.getMessage());
+ }
+ }
- private String internalReadURL(String urlString) throws Exception
- {
- log.debug("Creating URL from string: " + urlString);
- URL url = new URL(urlString);
- log.debug("Created URL object from string, protocol=" + url.getProtocol());
- HttpURLConnection conn = (HttpURLConnection) url.openConnection();
- /* Override the host verifier so we can use a test server cert with
- a hostname that may not match the https url hostname.
- */
- System.setProperty("org.jboss.security.ignoreHttpsHost", "true");
- Util.configureHttpsHostVerifier(conn);
+ private String internalReadURL(String urlString) throws Exception {
+ log.debug("Creating URL from string: " + urlString);
+ URL url = new URL(urlString);
+ log.debug("Created URL object from string, protocol="
+ + url.getProtocol());
+ HttpURLConnection conn = (HttpURLConnection) url.openConnection();
+ /*
+ * Override the host verifier so we can use a test server cert with a
+ * hostname that may not match the https url hostname.
+ */
+ System.setProperty("org.jboss.security.ignoreHttpsHost", "true");
+ Util.configureHttpsHostVerifier(conn);
- log.debug("Connecting to URL: " + url);
- byte[] buffer = new byte[1024];
- int length = conn.getContentLength();
- log.debug("ContentLength: " + length);
- InputStream is = conn.getInputStream();
- StringBuffer reply = new StringBuffer();
- while ((length = is.read(buffer)) > 0)
- reply.append(new String(buffer, 0, length));
- log.debug("Done, closing streams");
- is.close();
- return reply.toString();
- }
+ // if SSL is used we must point to the test truststore.
+ if (conn instanceof HttpsURLConnection) {
+ // Setup the test keystore (truststore).
+ URL keyStoreURL = Thread.currentThread().getContextClassLoader()
+ .getResource("META-INF/tst.keystore");
+ InputStream stream = keyStoreURL.openStream();
+ KeyStore keyStore = KeyStore.getInstance("JKS");
+ keyStore.load(stream, "unit-tests".toCharArray());
+ // Setup the test TrustManagerFactory.
+ TrustManagerFactory trustMgr = TrustManagerFactory
+ .getInstance(TrustManagerFactory.getDefaultAlgorithm());
+ trustMgr.init(keyStore);
+ // Setup the test SSLSocketFactory.
+ SSLContext sslCtx = SSLContext.getInstance("TLS");
+ sslCtx.init(null, trustMgr.getTrustManagers(), null);
+ ((HttpsURLConnection) conn).setSSLSocketFactory(sslCtx.getSocketFactory());
+ }
+
+ // Connect to the remote HTTP server.
+ log.debug("Connecting to URL: " + url);
+ byte[] buffer = new byte[1024];
+ int length = conn.getContentLength();
+ log.debug("ContentLength: " + length);
+ InputStream is = conn.getInputStream();
+ StringBuffer reply = new StringBuffer();
+ while ((length = is.read(buffer)) > 0)
+ reply.append(new String(buffer, 0, length));
+ log.debug("Done, closing streams");
+ is.close();
+ return reply.toString();
+ }
- // Public --------------------------------------------------------
- protected void startService() throws Exception
- {
- addedJSSEProvider = false;
- try
- {
- new URL("https://www.https.test");
- }
- catch (MalformedURLException e)
- {
- // Install the default JSSE security provider
- Provider provider = SecurityProviderUtil.getJSSEProvider();
- log.debug("Adding " + provider.getName());
+ // Public --------------------------------------------------------
+ protected void startService() throws Exception {
+ addedJSSEProvider = false;
+ try {
+ new URL("https://www.https.test");
+ } catch (MalformedURLException e) {
+ // Install the default JSSE security provider
+ Provider provider = SecurityProviderUtil.getJSSEProvider();
+ log.debug("Adding " + provider.getName());
- addedJSSEProvider = Security.addProvider(provider) != -1;
- if (addedJSSEProvider)
- {
- log.debug("Added " + provider.getName());
- }
+ addedJSSEProvider = Security.addProvider(provider) != -1;
+ if (addedJSSEProvider) {
+ log.debug("Added " + provider.getName());
+ }
- addedHttpsHandler = false;
- // Install the JSSE https handler if it has not already been added
- String protocolHandler = SecurityProviderUtil.getProtocolHandlerName();
+ addedHttpsHandler = false;
+ // Install the JSSE https handler if it has not already been added
+ String protocolHandler = SecurityProviderUtil
+ .getProtocolHandlerName();
- String handlers = System.getProperty("java.protocol.handler.pkgs");
- if (handlers == null || handlers.indexOf(protocolHandler) < 0)
- {
- handlers += "|" + protocolHandler;
- log.debug("Adding https handler to java.protocol.handler.pkgs");
- System.setProperty("java.protocol.handler.pkgs", handlers);
- addedHttpsHandler = true;
- }
- }
+ String handlers = System.getProperty("java.protocol.handler.pkgs");
+ if (handlers == null || handlers.indexOf(protocolHandler) < 0) {
+ handlers += "|" + protocolHandler;
+ log.debug("Adding https handler to java.protocol.handler.pkgs");
+ System.setProperty("java.protocol.handler.pkgs", handlers);
+ addedHttpsHandler = true;
+ }
+ }
+ }
- // Install the trust store
- ClassLoader loader = Thread.currentThread().getContextClassLoader();
- URL keyStoreURL = loader.getResource("META-INF/tst.keystore");
- if (keyStoreURL == null)
- throw new IOException("Failed to find resource tst.keystore");
- log.debug("Setting javax.net.ssl.trustStore to: " + keyStoreURL.getPath());
- System.setProperty("javax.net.ssl.trustStore", keyStoreURL.getPath());
- }
+ protected void stopService() throws Exception {
+ if (addedJSSEProvider) {
+ Provider provider = SecurityProviderUtil.getJSSEProvider();
+ String name = provider.getName();
+ log.debug("Removing " + name);
+ Security.removeProvider(name);
+ }
- protected void stopService() throws Exception
- {
- if (addedJSSEProvider)
- {
- Provider provider = SecurityProviderUtil.getJSSEProvider();
- String name = provider.getName();
- log.debug("Removing " + name);
- Security.removeProvider(name);
- }
+ if (addedHttpsHandler == true) {
+ log.debug("Removing https handler from java.protocol.handler.pkgs");
+ String protocolHandler = SecurityProviderUtil
+ .getProtocolHandlerName();
+ String handlers = System.getProperty("java.protocol.handler.pkgs");
+ StringTokenizer tokenizer = new StringTokenizer(handlers, "|");
+ StringBuffer buffer = new StringBuffer();
+ while (tokenizer.hasMoreTokens()) {
+ String handler = tokenizer.nextToken();
+ if (handler.equals(protocolHandler) == false) {
+ buffer.append('|');
+ buffer.append(handler);
+ }
+ }
+ System.setProperty("java.protocol.handler.pkgs", buffer.toString());
+ }
+ }
- if (addedHttpsHandler == true)
- {
- log.debug("Removing https handler from java.protocol.handler.pkgs");
- String protocolHandler = SecurityProviderUtil.getProtocolHandlerName();
- String handlers = System.getProperty("java.protocol.handler.pkgs");
- StringTokenizer tokenizer = new StringTokenizer(handlers, "|");
- StringBuffer buffer = new StringBuffer();
- while (tokenizer.hasMoreTokens())
- {
- String handler = tokenizer.nextToken();
- if (handler.equals(protocolHandler) == false)
- {
- buffer.append('|');
- buffer.append(handler);
- }
- }
- System.setProperty("java.protocol.handler.pkgs", buffer.toString());
- }
- }
+ /**
+ * A SSLSocketFactory that logs the createSocket calls.
+ */
+ class DebugSSLSocketFactory extends SSLSocketFactory {
+ SSLSocketFactory factoryDelegate;
- /** A SSLSocketFactory that logs the createSocket calls.
- */
- class DebugSSLSocketFactory extends SSLSocketFactory
- {
- SSLSocketFactory factoryDelegate;
+ Logger theLog;
- Logger theLog;
+ DebugSSLSocketFactory(SSLSocketFactory factoryDelegate, Logger theLog) {
+ this.factoryDelegate = factoryDelegate;
+ this.theLog = theLog;
+ }
- DebugSSLSocketFactory(SSLSocketFactory factoryDelegate, Logger theLog)
- {
- this.factoryDelegate = factoryDelegate;
- this.theLog = theLog;
- }
+ public Socket createSocket(java.net.InetAddress host, int port)
+ throws java.io.IOException {
+ theLog.debug("createSocket, host=" + host + ", port=" + port);
+ Socket s = factoryDelegate.createSocket(host, port);
+ theLog.debug("created socket=" + s);
+ return s;
+ }
- public Socket createSocket(java.net.InetAddress host, int port) throws java.io.IOException
- {
- theLog.debug("createSocket, host=" + host + ", port=" + port);
- Socket s = factoryDelegate.createSocket(host, port);
- theLog.debug("created socket=" + s);
- return s;
- }
+ public Socket createSocket(String host, int port)
+ throws java.io.IOException, java.net.UnknownHostException {
+ theLog.debug("createSocket, host=" + host + ", port=" + port);
+ Socket s = factoryDelegate.createSocket(host, port);
+ theLog.debug("created socket=" + s);
+ return s;
+ }
- public Socket createSocket(String host, int port) throws java.io.IOException, java.net.UnknownHostException
- {
- theLog.debug("createSocket, host=" + host + ", port=" + port);
- Socket s = factoryDelegate.createSocket(host, port);
- theLog.debug("created socket=" + s);
- return s;
- }
+ public Socket createSocket(Socket socket, String host, int port,
+ boolean autoClose) throws java.io.IOException {
+ theLog.debug("createSocket, socket=" + socket + ", host=" + host
+ + ", port=" + port);
+ Socket s = factoryDelegate.createSocket(socket, host, port,
+ autoClose);
+ theLog.debug("created socket=" + s);
+ return s;
+ }
- public Socket createSocket(Socket socket, String host, int port, boolean autoClose) throws java.io.IOException
- {
- theLog.debug("createSocket, socket=" + socket + ", host=" + host + ", port=" + port);
- Socket s = factoryDelegate.createSocket(socket, host, port, autoClose);
- theLog.debug("created socket=" + s);
- return s;
- }
+ public Socket createSocket(java.net.InetAddress host, int port,
+ java.net.InetAddress clientAddress, int clientPort)
+ throws java.io.IOException {
+ theLog.debug("createSocket, host=" + host + ", port=" + port
+ + ", clientAddress=" + clientAddress + ", clientPort="
+ + clientPort);
+ Socket s = factoryDelegate.createSocket(host, port, clientAddress,
+ clientPort);
+ theLog.debug("created socket=" + s);
+ return s;
+ }
- public Socket createSocket(java.net.InetAddress host, int port, java.net.InetAddress clientAddress, int clientPort)
- throws java.io.IOException
- {
- theLog.debug("createSocket, host=" + host + ", port=" + port + ", clientAddress=" + clientAddress
- + ", clientPort=" + clientPort);
- Socket s = factoryDelegate.createSocket(host, port, clientAddress, clientPort);
- theLog.debug("created socket=" + s);
- return s;
- }
+ public Socket createSocket(String host, int port,
+ java.net.InetAddress clientAddress, int clientPort)
+ throws java.io.IOException, java.net.UnknownHostException {
+ theLog.debug("createSocket, host=" + host + ", port=" + port
+ + ", addr=" + clientAddress);
+ Socket s = factoryDelegate.createSocket(host, port, clientAddress,
+ clientPort);
+ theLog.debug("created socket=" + s);
+ return s;
+ }
- public Socket createSocket(String host, int port, java.net.InetAddress clientAddress, int clientPort)
- throws java.io.IOException, java.net.UnknownHostException
- {
- theLog.debug("createSocket, host=" + host + ", port=" + port + ", addr=" + clientAddress);
- Socket s = factoryDelegate.createSocket(host, port, clientAddress, clientPort);
- theLog.debug("created socket=" + s);
- return s;
- }
+ public String[] getDefaultCipherSuites() {
+ return factoryDelegate.getDefaultCipherSuites();
+ }
- public String[] getDefaultCipherSuites()
- {
- return factoryDelegate.getDefaultCipherSuites();
- }
+ public String[] getSupportedCipherSuites() {
+ return factoryDelegate.getSupportedCipherSuites();
+ }
+ }
- public String[] getSupportedCipherSuites()
- {
- return factoryDelegate.getSupportedCipherSuites();
- }
- }
-
}
More information about the jboss-cvs-commits
mailing list