[jboss-remoting-commits] JBoss Remoting SVN: r5793 - in remoting3/trunk/jboss-remoting: src/main/java/org/jboss/remoting3 and 4 other directories.
jboss-remoting-commits at lists.jboss.org
jboss-remoting-commits at lists.jboss.org
Wed Mar 3 23:30:29 EST 2010
Author: david.lloyd at jboss.com
Date: 2010-03-03 23:30:28 -0500 (Wed, 03 Mar 2010)
New Revision: 5793
Added:
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServer.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServerFactory.java
Modified:
remoting3/trunk/jboss-remoting/pom.xml
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/EndpointImpl.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/RemotingOptions.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientAuthenticationHandler.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientGreetingHandler.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientOpenListener.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteConnection.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteProtocolDescriptor.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteSslProtocolDescriptor.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerAuthenticationHandler.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerGreetingHandler.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerInitialAuthenticationHandler.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerOpenListener.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/AbstractHandleableCloseable.java
remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/ProtocolServiceType.java
remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/AbstractRemoteTestCase.java
remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/InvocationTestBase.java
remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/LocalTestCase.java
remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/RemoteSslTestCase.java
remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/StreamsTestCase.java
remoting3/trunk/jboss-remoting/src/test/resources/logging.properties
remoting3/trunk/jboss-remoting/src/test/resources/remoting.properties
Log:
Fix a series of authentication issues
Modified: remoting3/trunk/jboss-remoting/pom.xml
===================================================================
--- remoting3/trunk/jboss-remoting/pom.xml 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/pom.xml 2010-03-04 04:30:28 UTC (rev 5793)
@@ -62,7 +62,7 @@
<groupId>org.jboss.marshalling</groupId>
<artifactId>jboss-marshalling-river</artifactId>
<version>${jbmar.version}</version>
- <scope>compile</scope>
+ <scope>test</scope>
</dependency>
<dependency>
<groupId>org.testng</groupId>
@@ -92,7 +92,7 @@
</property>
<property>
<name>jboss.remoting.leakdebugging</name>
- <value>true</value>
+ <value>false</value>
</property>
</systemProperties>
</configuration>
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/EndpointImpl.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/EndpointImpl.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/EndpointImpl.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -26,14 +26,15 @@
import java.net.URI;
import java.nio.charset.Charset;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
+import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Queue;
import java.util.Set;
-import java.util.Iterator;
import java.util.concurrent.ConcurrentLinkedQueue;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.Executor;
@@ -43,20 +44,20 @@
import org.jboss.remoting3.security.RemotingPermission;
import org.jboss.remoting3.security.SimpleClientCallbackHandler;
import org.jboss.remoting3.spi.AbstractHandleableCloseable;
+import org.jboss.remoting3.spi.ConnectionHandlerContext;
import org.jboss.remoting3.spi.ConnectionHandlerFactory;
import org.jboss.remoting3.spi.ConnectionProvider;
import org.jboss.remoting3.spi.ConnectionProviderContext;
import org.jboss.remoting3.spi.ConnectionProviderFactory;
+import org.jboss.remoting3.spi.ProtocolServiceType;
import org.jboss.remoting3.spi.RequestHandler;
-import org.jboss.remoting3.spi.ConnectionHandlerContext;
-import org.jboss.remoting3.spi.ProtocolServiceType;
-import org.jboss.xnio.log.Logger;
import org.jboss.xnio.FutureResult;
import org.jboss.xnio.IoFuture;
import org.jboss.xnio.IoUtils;
import org.jboss.xnio.OptionMap;
-import org.jboss.xnio.TranslatingResult;
+import org.jboss.xnio.Result;
import org.jboss.xnio.WeakCloseable;
+import org.jboss.xnio.log.Logger;
import javax.security.auth.callback.CallbackHandler;
@@ -339,7 +340,7 @@
class ServiceRegistration extends AbstractHandleableCloseable<Registration> implements Registration {
ServiceRegistration() {
- super(executor);
+ super(executor, false);
}
protected void closeAction() {
@@ -468,7 +469,7 @@
class ServiceListenerRegistration extends AbstractHandleableCloseable<Registration> implements Registration {
ServiceListenerRegistration() {
- super(executor);
+ super(executor, false);
}
protected void closeAction() {
@@ -569,10 +570,22 @@
throw new UnknownURISchemeException("No connection provider for URI scheme \"" + scheme + "\" is installed");
}
final FutureResult<Connection> futureResult = new FutureResult<Connection>(executor);
- futureResult.addCancelHandler(connectionProvider.connect(destination, connectOptions, new TranslatingResult<ConnectionHandlerFactory, Connection>(futureResult) {
- protected Connection translate(final ConnectionHandlerFactory input) {
- return new ConnectionImpl(EndpointImpl.this, input, connectionProviderContext, destination.toString());
+ // Mark the stack because otherwise debugging connect problems can be incredibly tough
+ final Throwable t = new Throwable();
+ futureResult.addCancelHandler(connectionProvider.connect(destination, connectOptions, new Result<ConnectionHandlerFactory>() {
+ public boolean setResult(final ConnectionHandlerFactory result) {
+ return futureResult.setResult(new ConnectionImpl(EndpointImpl.this, result, connectionProviderContext, destination.toString()));
}
+
+ public boolean setException(final IOException exception) {
+ final StackTraceElement[] st0 = t.getStackTrace();
+ exception.setStackTrace(Arrays.copyOfRange(st0, 1, st0.length));
+ return futureResult.setException(exception);
+ }
+
+ public boolean setCancelled() {
+ return futureResult.setCancelled();
+ }
}, callbackHandler));
return futureResult.getIoFuture();
}
@@ -612,7 +625,7 @@
if (connectionProviders.putIfAbsent(uriScheme, provider) != null) {
throw new DuplicateRegistrationException("URI scheme '" + uriScheme + "' is already registered to a provider");
}
- log.trace("Adding registration for connection provider named %s: %s", name, provider);
+ log.trace("Adding connection provider registration named '%s': %s", uriScheme, provider);
final Registration handle = new MapRegistration<ConnectionProvider>(connectionProviders, uriScheme, provider);
return handle;
}
@@ -644,7 +657,7 @@
if (map.putIfAbsent(name, provider) != null) {
throw new DuplicateRegistrationException(type.getDescription() + " '" + name + "' is already registered");
}
- log.trace("Adding registration for %s named %s: %s", type, name, provider);
+ log.trace("Adding '%s' registration named '%s': %s", type, name, provider);
return new MapRegistration<T>(map, name, provider);
}
@@ -694,7 +707,7 @@
private final T value;
private MapRegistration(final ConcurrentMap<String, T> map, final String key, final T value) {
- super(executor);
+ super(executor, false);
this.map = map;
this.key = key;
this.value = value;
@@ -711,6 +724,10 @@
throw new IllegalStateException(e);
}
}
+
+ public String toString() {
+ return String.format("Registration of '%s': %s", key, value);
+ }
}
final class LocalConnectionContext implements ConnectionHandlerContext {
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/RemotingOptions.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/RemotingOptions.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/RemotingOptions.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -143,4 +143,9 @@
* Specify the name of a preregistered server authentication provider to use.
*/
public static final Option<String> AUTHENTICATION_PROVIDER = Option.simple(RemotingOptions.class, "AUTHENTICATION_PROVIDER", String.class);
+
+ /**
+ * Specify the number of times a client is allowed to retry authentication before closing the connection.
+ */
+ public static final Option<Integer> AUTHENTICATION_RETRIES = Option.simple(RemotingOptions.class, "AUTHENTICATION_RETRIES", Integer.class);
}
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientAuthenticationHandler.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientAuthenticationHandler.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientAuthenticationHandler.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -137,6 +137,11 @@
});
return;
}
+ case RemoteProtocol.AUTH_REJECTED: {
+ RemoteConnectionHandler.log.trace("Received auth rejected message");
+ factoryResult.setException(new SaslException("Authentication failed"));
+ IoUtils.safeClose(remoteConnection);
+ }
}
}
}
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientGreetingHandler.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientGreetingHandler.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientGreetingHandler.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -24,9 +24,9 @@
import java.io.IOException;
import java.nio.ByteBuffer;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.LinkedHashSet;
import java.util.Map;
+import java.util.Set;
import org.jboss.remoting3.ProtocolException;
import org.jboss.remoting3.RemotingOptions;
import org.jboss.remoting3.spi.ConnectionHandlerFactory;
@@ -53,13 +53,13 @@
}
public void handleMessage(final ByteBuffer buffer) {
- List<String> saslMechs = new ArrayList<String>();
+ Set<String> saslMechs = new LinkedHashSet<String>();
String remoteEndpointName = "endpoint";
final int[] ourVersions = connection.getProviderDescriptor().getSupportedVersions();
int bestVersion = -1;
switch (buffer.get()) {
case RemoteProtocol.GREETING: {
- RemoteConnectionHandler.log.warn("Client received greeting message");
+ RemoteConnectionHandler.log.trace("Client received greeting message");
while (buffer.hasRemaining()) {
final byte type = buffer.get();
final int len = buffer.get() & 0xff;
@@ -105,6 +105,11 @@
IoUtils.safeClose(connection);
return;
}
+ if (saslMechs.isEmpty()) {
+ factoryResult.setException(new SaslException("No more authentication mechanisms to try"));
+ IoUtils.safeClose(connection);
+ return;
+ }
// OK now send our authentication request
final OptionMap optionMap = connection.getOptionMap();
final String userName = optionMap.get(RemotingOptions.AUTH_USER_NAME);
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientOpenListener.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientOpenListener.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientOpenListener.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -84,6 +84,7 @@
res = channel.write(buffer);
} catch (IOException e1) {
RemoteConnectionHandler.log.trace(e1, "Failed to send client greeting message");
+ factoryResult.setException(e1);
IoUtils.safeClose(connection);
connection.free(buffer);
return;
@@ -93,8 +94,16 @@
return;
}
}
- RemoteConnectionHandler.log.warn("Client sent greeting message");
connection.free(buffer);
+ try {
+ while (! channel.flush());
+ } catch (IOException e) {
+ RemoteConnectionHandler.log.trace(e, "Failed to flush client greeting message");
+ factoryResult.setException(e);
+ IoUtils.safeClose(connection);
+ return;
+ }
+ RemoteConnectionHandler.log.trace("Client sent greeting message");
channel.resumeReads();
return;
}
Added: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServer.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServer.java (rev 0)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServer.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -0,0 +1,115 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.jboss.remoting3.remote;
+
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.security.Principal;
+import java.util.concurrent.atomic.AtomicBoolean;
+import org.jboss.xnio.channels.SslChannel;
+
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.SSLSession;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.sasl.AuthorizeCallback;
+import javax.security.sasl.SaslException;
+import javax.security.sasl.SaslServer;
+
+final class ExternalSaslServer implements SaslServer {
+ private final AtomicBoolean complete = new AtomicBoolean();
+ private String authorizationID;
+ private final SslChannel sslChannel;
+ private final CallbackHandler callbackHandler;
+ private static final byte[] EMPTY = new byte[0];
+
+ ExternalSaslServer(final SslChannel sslChannel, final CallbackHandler callbackHandler) {
+ this.sslChannel = sslChannel;
+ this.callbackHandler = callbackHandler;
+ }
+
+ public String getMechanismName() {
+ return "EXTERNAL";
+ }
+
+ public byte[] evaluateResponse(final byte[] response) throws SaslException {
+ if (complete.getAndSet(true)) {
+ throw new SaslException("Received response after complete");
+ }
+ String userName;
+ try {
+ userName = new String(response, "UTF8");
+ } catch (UnsupportedEncodingException e) {
+ throw new SaslException("Cannot convert user name from UTF-8", e);
+ }
+ final SSLSession session = sslChannel.getSslSession();
+ final Principal peerPrincipal;
+ try {
+ peerPrincipal = session.getPeerPrincipal();
+ } catch (SSLPeerUnverifiedException e) {
+ throw new SaslException("SSL peer is unverified", e);
+ }
+ final AuthorizeCallback authorizeCallback = new AuthorizeCallback(peerPrincipal.getName(), userName);
+ handleCallback(callbackHandler, authorizeCallback);
+ authorizationID = userName;
+ return EMPTY;
+ }
+
+ private static void handleCallback(CallbackHandler handler, Callback callback) throws SaslException {
+ try {
+ handler.handle(new Callback[] {
+ callback,
+ });
+ } catch (SaslException e) {
+ throw e;
+ } catch (IOException e) {
+ throw new SaslException("Failed to authenticate due to callback exception", e);
+ } catch (UnsupportedCallbackException e) {
+ throw new SaslException("Failed to authenticate due to unsupported callback", e);
+ }
+ }
+
+ public boolean isComplete() {
+ return complete.get();
+ }
+
+ public String getAuthorizationID() {
+ return authorizationID;
+ }
+
+ public byte[] unwrap(final byte[] incoming, final int offset, final int len) throws SaslException {
+ throw new IllegalStateException();
+ }
+
+ public byte[] wrap(final byte[] outgoing, final int offset, final int len) throws SaslException {
+ throw new IllegalStateException();
+ }
+
+ public Object getNegotiatedProperty(final String propName) {
+ return null;
+ }
+
+ public void dispose() throws SaslException {
+ }
+}
Added: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServerFactory.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServerFactory.java (rev 0)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServerFactory.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -0,0 +1,53 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.jboss.remoting3.remote;
+
+import java.util.Map;
+import org.jboss.xnio.channels.SslChannel;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.sasl.SaslException;
+import javax.security.sasl.SaslServer;
+import javax.security.sasl.SaslServerFactory;
+
+final class ExternalSaslServerFactory implements SaslServerFactory {
+
+ private static final String[] NAMES = new String[] { "EXTERNAL" };
+
+ private final SslChannel sslChannel;
+
+ ExternalSaslServerFactory(final SslChannel sslChannel) {
+ this.sslChannel = sslChannel;
+ }
+
+ public SaslServer createSaslServer(final String mechanism, final String protocol, final String serverName, final Map<String, ?> props, final CallbackHandler cbh) throws SaslException {
+ if (! "EXTERNAL".equalsIgnoreCase(mechanism)) {
+ return null;
+ }
+ return new ExternalSaslServer(sslChannel, cbh);
+ }
+
+ public String[] getMechanismNames(final Map<String, ?> props) {
+ return NAMES;
+ }
+}
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteConnection.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteConnection.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteConnection.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -44,7 +44,6 @@
private final Pool<ByteBuffer> bufferPool = Buffers.createHeapByteBufferAllocator(4096);
private final MessageHandler.Setter messageHandlerSetter;
private final OptionMap optionMap;
- private boolean readDone;
private final Object writeLock = new Object();
RemoteConnection(final Executor executor, final ConnectedStreamChannel<InetSocketAddress> channel, final OptionMap optionMap, final ProviderDescriptor providerDescriptor) {
@@ -90,12 +89,15 @@
try {
sendBlockingNoClose(buffer);
} catch (IOException e) {
+ RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to send");
IoUtils.safeClose(channel);
throw e;
} catch (RuntimeException e) {
+ RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to send");
IoUtils.safeClose(channel);
throw e;
} catch (Error e) {
+ RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to send");
IoUtils.safeClose(channel);
throw e;
}
@@ -128,12 +130,15 @@
channel.awaitWritable();
}
} catch (IOException e) {
+ RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to flush");
IoUtils.safeClose(channel);
throw e;
} catch (RuntimeException e) {
+ RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to flush");
IoUtils.safeClose(channel);
throw e;
} catch (Error e) {
+ RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to flush");
IoUtils.safeClose(channel);
throw e;
}
@@ -147,12 +152,15 @@
channel.awaitWritable();
}
} catch (IOException e) {
+ RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to shutdown writes");
IoUtils.safeClose(channel);
throw e;
} catch (RuntimeException e) {
+ RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to shutdown writes");
IoUtils.safeClose(channel);
throw e;
} catch (Error e) {
+ RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to shutdown writes");
IoUtils.safeClose(channel);
throw e;
}
@@ -194,4 +202,12 @@
ProviderDescriptor getProviderDescriptor() {
return providerDescriptor;
}
+
+ void terminate() {
+ try {
+ channel.close();
+ } catch (IOException e) {
+ RemoteConnectionHandler.log.trace("Channel terminate exception: %s", e);
+ }
+ }
}
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteProtocolDescriptor.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteProtocolDescriptor.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteProtocolDescriptor.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -51,7 +51,7 @@
public ConnectionProviderFactory getService(final Properties properties) throws IOException {
final String providerName = properties.getProperty("remote.xnio.provider", "default");
final Xnio xnio = Xnio.getInstance(providerName);
- final OptionMap connectorOptions = OptionMap.builder().parseAll(properties, "remote.connector.option").getMap();
+ final OptionMap connectorOptions = OptionMap.builder().parseAll(properties, "remote.connector.option.", getClass().getClassLoader()).getMap();
final Connector<InetSocketAddress, ? extends TcpChannel> connector;
connector = xnio.createTcpConnector(connectorOptions);
return new ConnectionProviderFactory() {
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteSslProtocolDescriptor.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteSslProtocolDescriptor.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteSslProtocolDescriptor.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -51,7 +51,7 @@
public ConnectionProviderFactory getService(final Properties properties) throws IOException {
final String providerName = properties.getProperty("remote+ssl.xnio.provider", "default");
final Xnio xnio = Xnio.getInstance(providerName);
- final OptionMap connectorOptions = OptionMap.builder().parseAll(properties, "remote+ssl.connector.option").getMap();
+ final OptionMap connectorOptions = OptionMap.builder().parseAll(properties, "remote+ssl.connector.option.", getClass().getClassLoader()).getMap();
final Connector<InetSocketAddress, ? extends TcpChannel> connector;
try {
connector = xnio.createSslTcpConnector(null, connectorOptions);
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerAuthenticationHandler.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerAuthenticationHandler.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerAuthenticationHandler.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -40,12 +40,14 @@
private final RemoteConnection remoteConnection;
private final SaslServer saslServer;
private final ConnectionProviderContext connectionProviderContext;
+ private final ServerInitialAuthenticationHandler initialAuthHandler;
- ServerAuthenticationHandler(final RemoteConnection remoteConnection, final SaslServer saslServer, final ConnectionProviderContext connectionProviderContext) {
+ ServerAuthenticationHandler(final RemoteConnection remoteConnection, final SaslServer saslServer, final ConnectionProviderContext connectionProviderContext, final ServerInitialAuthenticationHandler initialAuthHandler) {
super(remoteConnection);
this.saslServer = saslServer;
this.remoteConnection = remoteConnection;
this.connectionProviderContext = connectionProviderContext;
+ this.initialAuthHandler = initialAuthHandler;
}
public void handleMessage(final ByteBuffer buffer) {
@@ -58,8 +60,8 @@
challenge = saslServer.evaluateResponse(Buffers.take(buffer, buffer.remaining()));
} catch (SaslException e) {
RemoteConnectionHandler.log.trace(e, "Server authentication failed");
- remoteConnection.sendAuthReject("Authentication failed");
- remoteConnection.flushBlocking();
+ initialAuthHandler.rejectAuth();
+ remoteConnection.setMessageHandler(initialAuthHandler);
return;
}
final boolean complete = saslServer.isComplete();
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerGreetingHandler.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerGreetingHandler.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerGreetingHandler.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -24,20 +24,21 @@
import java.nio.ByteBuffer;
import java.util.Map;
-import java.util.Set;
import org.jboss.remoting3.security.ServerAuthenticationProvider;
import org.jboss.remoting3.spi.ConnectionProviderContext;
import org.jboss.xnio.Buffers;
import org.jboss.xnio.IoUtils;
+import javax.security.sasl.SaslServerFactory;
+
final class ServerGreetingHandler extends AbstractMessageHandler {
private final RemoteConnection connection;
private final ConnectionProviderContext connectionProviderContext;
- private final Set<String> saslMechs;
+ private final Map<String, SaslServerFactory> saslMechs;
private final ServerAuthenticationProvider provider;
private final Map<String, Object> propertyMap;
- ServerGreetingHandler(final RemoteConnection connection, final ConnectionProviderContext connectionProviderContext, final Set<String> saslMechs, final ServerAuthenticationProvider provider, final Map<String, Object> propertyMap) {
+ ServerGreetingHandler(final RemoteConnection connection, final ConnectionProviderContext connectionProviderContext, final Map<String, SaslServerFactory> saslMechs, final ServerAuthenticationProvider provider, final Map<String, Object> propertyMap) {
super(connection);
this.connection = connection;
this.connectionProviderContext = connectionProviderContext;
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerInitialAuthenticationHandler.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerInitialAuthenticationHandler.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerInitialAuthenticationHandler.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -25,29 +25,32 @@
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.Map;
-import java.util.Set;
+import org.jboss.remoting3.RemotingOptions;
import org.jboss.remoting3.security.ServerAuthenticationProvider;
import org.jboss.remoting3.spi.ConnectionProviderContext;
import org.jboss.xnio.Buffers;
import org.jboss.xnio.IoUtils;
-import javax.security.sasl.Sasl;
+import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
+import javax.security.sasl.SaslServerFactory;
final class ServerInitialAuthenticationHandler extends AbstractMessageHandler {
private final RemoteConnection remoteConnection;
private final Map<String, ?> saslPropertyMap;
- private final Set<String> allowedMechs;
+ private final Map<String, SaslServerFactory> allowedMechs;
private final ServerAuthenticationProvider authenticationProvider;
private final ConnectionProviderContext connectionProviderContext;
+ private int retries;
- ServerInitialAuthenticationHandler(final RemoteConnection remoteConnection, final Map<String, ?> saslPropertyMap, final Set<String> allowedMechs, final ServerAuthenticationProvider authenticationProvider, final ConnectionProviderContext connectionProviderContext) {
+ ServerInitialAuthenticationHandler(final RemoteConnection remoteConnection, final Map<String, ?> saslPropertyMap, final Map<String, SaslServerFactory> allowedMechs, final ServerAuthenticationProvider authenticationProvider, final ConnectionProviderContext connectionProviderContext) {
super(remoteConnection);
this.remoteConnection = remoteConnection;
this.saslPropertyMap = saslPropertyMap;
this.allowedMechs = allowedMechs;
this.authenticationProvider = authenticationProvider;
this.connectionProviderContext = connectionProviderContext;
+ retries = remoteConnection.getOptionMap().get(RemotingOptions.AUTHENTICATION_RETRIES, 3);
}
public void handleMessage(final ByteBuffer buffer) {
@@ -56,17 +59,26 @@
try {
// mech name
final String name = Buffers.getModifiedUtf8(buffer);
- if (allowedMechs.contains(name)) {
+ final SaslServerFactory serverFactory = allowedMechs.get(name);
+ if (serverFactory != null) {
RemoteConnectionHandler.log.trace("Selected SASL mechanism %s", name);
final String realm = connectionProviderContext.getEndpoint().getName();
- final SaslServer server = Sasl.createSaslServer(name, "remote", realm, saslPropertyMap, authenticationProvider.getCallbackHandler());
- remoteConnection.setMessageHandler(new ServerAuthenticationHandler(remoteConnection, server, connectionProviderContext));
+ final SaslServer server = serverFactory.createSaslServer(name, "remote", realm, saslPropertyMap, authenticationProvider.getCallbackHandler());
+ remoteConnection.setMessageHandler(new ServerAuthenticationHandler(remoteConnection, server, connectionProviderContext, this));
RemoteConnectionHandler.log.trace("Sending initial challenge");
- remoteConnection.sendAuthMessage(RemoteProtocol.AUTH_CHALLENGE, server.evaluateResponse(SaslUtils.EMPTY));
+ final byte[] resp;
+ try {
+ resp = server.evaluateResponse(SaslUtils.EMPTY);
+ } catch (SaslException e) {
+ RemoteConnectionHandler.log.trace("Rejected invalid SASL response: %s", e);
+ rejectAuth();
+ return;
+ }
+ remoteConnection.sendAuthMessage(RemoteProtocol.AUTH_CHALLENGE, resp);
return;
} else {
RemoteConnectionHandler.log.trace("Rejected invalid SASL mechanism %s", name);
- remoteConnection.sendAuthReject("Invalid mechanism name");
+ rejectAuth();
return;
}
} catch (IOException e) {
@@ -81,4 +93,12 @@
}
}
}
+
+ void rejectAuth() throws IOException {
+ remoteConnection.sendAuthReject("Authentication failed");
+ if (retries-- == 0) {
+ // too bad
+ remoteConnection.terminate();
+ }
+ }
}
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerOpenListener.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerOpenListener.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerOpenListener.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -27,7 +27,7 @@
import java.nio.ByteBuffer;
import java.util.Enumeration;
import java.util.HashSet;
-import java.util.LinkedHashSet;
+import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Set;
import org.jboss.marshalling.ProviderDescriptor;
@@ -41,6 +41,7 @@
import org.jboss.xnio.Options;
import org.jboss.xnio.Sequence;
import org.jboss.xnio.channels.ConnectedStreamChannel;
+import org.jboss.xnio.channels.SslChannel;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslServerFactory;
@@ -65,20 +66,50 @@
}
final RemoteConnection connection = new RemoteConnection(connectionProviderContext.getExecutor(), channel, optionMap, providerDescriptor);
+ // Get the server authentication provider
+ final String authProvider = optionMap.get(RemotingOptions.AUTHENTICATION_PROVIDER);
+ if (authProvider == null) {
+ RemoteConnectionHandler.log.warn("No authentication provider available");
+ IoUtils.safeClose(connection);
+ return;
+ }
+ final ServerAuthenticationProvider provider = connectionProviderContext.getProtocolServiceProvider(ProtocolServiceType.SERVER_AUTHENTICATION_PROVIDER, authProvider);
+ if (provider == null) {
+ RemoteConnectionHandler.log.warn("No authentication provider available");
+ IoUtils.safeClose(connection);
+ return;
+ }
+
// Calculate available server mechanisms
final Sequence<String> mechs = optionMap.get(Options.SASL_MECHANISMS);
final Set<String> includes = mechs != null ? new HashSet<String>(mechs) : null;
- final Set<String> serverMechanisms = new LinkedHashSet<String>();
final Map<String, Object> propertyMap = SaslUtils.createPropertyMap(optionMap);
final Enumeration<SaslServerFactory> e = Sasl.getSaslServerFactories();
+ final Map<String, SaslServerFactory> saslServerFactories = new LinkedHashMap<String, SaslServerFactory>();
+ if (channel instanceof SslChannel && (includes == null | includes.contains("EXTERNAL"))) {
+ // automatically the best mechanism.
+ saslServerFactories.put("EXTERNAL", new ExternalSaslServerFactory((SslChannel) channel));
+ }
while (e.hasMoreElements()) {
final SaslServerFactory saslServerFactory = e.nextElement();
for (String name : saslServerFactory.getMechanismNames(propertyMap)) {
if (includes == null || includes.contains(name)) {
- serverMechanisms.add(name);
+ saslServerFactories.put(name, saslServerFactory);
}
}
}
+ if (saslServerFactories.isEmpty()) {
+ try {
+ RemoteConnectionHandler.log.trace("Sending server no-mechanisms message");
+ connection.sendAuthReject("No mechanisms available");
+ connection.close();
+ return;
+ } catch (IOException e1) {
+ RemoteConnectionHandler.log.trace(e1, "Failed to send server no-mechanisms message");
+ IoUtils.safeClose(connection);
+ return;
+ }
+ }
// Send server greeting packet...
final ByteBuffer buffer = connection.allocate();
@@ -93,7 +124,7 @@
GreetingUtils.writeInt(buffer, RemoteProtocol.GREETING_MARSHALLER_VERSION, version);
}
// SASL server mechs
- for (String name : serverMechanisms) {
+ for (String name : saslServerFactories.keySet()) {
GreetingUtils.writeString(buffer, RemoteProtocol.GREETING_SASL_MECH, name);
RemoteConnectionHandler.log.trace("Offering SASL mechanism %s", name);
}
@@ -119,24 +150,21 @@
return;
}
}
- RemoteConnectionHandler.log.warn("Server sent greeting message");
connection.free(buffer);
+ try {
+ while (! channel.flush());
+ } catch (IOException e) {
+ RemoteConnectionHandler.log.trace(e, "Failed to flush server greeting message");
+ IoUtils.safeClose(connection);
+ return;
+ }
+ RemoteConnectionHandler.log.trace("Server sent greeting message");
channel.resumeReads();
return;
}
}
});
- final String authProvider = optionMap.get(RemotingOptions.AUTHENTICATION_PROVIDER);
- if (authProvider == null) {
- // todo log no valid auth provider
- IoUtils.safeClose(connection);
- }
- final ServerAuthenticationProvider provider = connectionProviderContext.getProtocolServiceProvider(ProtocolServiceType.SERVER_AUTHENTICATION_PROVIDER, authProvider);
- if (provider == null) {
- // todo log no valid auth provider
- IoUtils.safeClose(connection);
- }
- connection.setMessageHandler(new ServerGreetingHandler(connection, connectionProviderContext, serverMechanisms, provider, propertyMap));
+ connection.setMessageHandler(new ServerGreetingHandler(connection, connectionProviderContext, saslServerFactories, provider, propertyMap));
// and send the greeting
channel.resumeWrites();
}
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/AbstractHandleableCloseable.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/AbstractHandleableCloseable.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/AbstractHandleableCloseable.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -48,6 +48,7 @@
private final Executor executor;
private final StackTraceElement[] backtrace;
+ private final boolean autoClose;
private final Object closeLock = new Object();
private State state = State.OPEN;
@@ -79,11 +80,22 @@
* @param executor the executor used to execute the close notification handlers
*/
protected AbstractHandleableCloseable(final Executor executor) {
+ this(executor, true);
+ }
+
+ /**
+ * Basic constructor.
+ *
+ * @param executor the executor used to execute the close notification handlers
+ * @param autoClose {@code true} if this instance should automatically close on finalize
+ */
+ protected AbstractHandleableCloseable(final Executor executor, final boolean autoClose) {
if (executor == null) {
throw new NullPointerException("executor is null");
}
this.executor = executor;
backtrace = LEAK_DEBUGGING ? new Throwable().getStackTrace() : null;
+ this.autoClose = autoClose;
}
/**
@@ -241,7 +253,7 @@
try {
super.finalize();
} finally {
- if (isOpen()) {
+ if (autoClose && isOpen()) {
if (LEAK_DEBUGGING) {
final Throwable t = new LeakThrowable();
t.setStackTrace(backtrace);
Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/ProtocolServiceType.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/ProtocolServiceType.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/ProtocolServiceType.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -106,4 +106,8 @@
public String getDescription() {
return description;
}
+
+ public String toString() {
+ return "protocol service type: \"" + getDescription() + "\"";
+ }
}
Modified: remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/AbstractRemoteTestCase.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/AbstractRemoteTestCase.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/AbstractRemoteTestCase.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -62,29 +62,33 @@
}
}
- protected Connection getConnection() throws IOException {
+ protected Connection getConnection() throws Exception {
final NetworkServerProvider provider = endpoint.getConnectionProviderInterface(getScheme(), NetworkServerProvider.class);
assertNotNull(provider, "No remote provider interface");
- final ChannelListener<ConnectedStreamChannel<InetSocketAddress>> listener = provider.getServerListener(OptionMap.builder().set(RemotingOptions.AUTHENTICATION_PROVIDER, "test").setSequence(Options.SASL_MECHANISMS, "DIGEST-MD5").getMap());
+ final OptionMap serverOptions = OptionMap.builder()
+ .set(RemotingOptions.AUTHENTICATION_PROVIDER, "test")
+// .setSequence(Options.SASL_MECHANISMS, "EXTERNAL", "DIGEST-MD5")
+ .setSequence(Options.SASL_MECHANISMS, "DIGEST-MD5")
+ .getMap();
+ final ChannelListener<ConnectedStreamChannel<InetSocketAddress>> listener = provider.getServerListener(serverOptions);
final Xnio xnio = Xnio.getInstance();
- try {
- final AcceptingServer<InetSocketAddress, ?, ?> server = getServer(listener, xnio);
- final IoFuture<? extends BoundChannel<InetSocketAddress>> future = server.bind(new InetSocketAddress(InetAddress.getByName("127.0.0.1"), 0));
- final InetSocketAddress localAddress = future.get().getLocalAddress();
- final Connection connection = endpoint.connect(new URI(getScheme(), null, localAddress.getAddress().getHostAddress(), localAddress.getPort(), null, null, null), OptionMap.builder().setSequence(Options.SSL_ENABLED_CIPHER_SUITES, "TLS_RSA_WITH_AES_128_CBC_SHA").getMap(), "user", null, "password".toCharArray()).get();
- connection.addCloseHandler(new CloseHandler<Connection>() {
- public void handleClose(final Connection closed) {
- IoUtils.safeClose(server);
- }
- });
- return connection;
- } catch (Exception e) {
- final IOException ioe = new IOException();
- ioe.initCause(e);
- throw ioe;
- }
+ final AcceptingServer<InetSocketAddress, ?, ?> server = getServer(listener, xnio);
+ final IoFuture<? extends BoundChannel<InetSocketAddress>> future = server.bind(new InetSocketAddress(InetAddress.getByName("127.0.0.1"), 0));
+ final InetSocketAddress localAddress = future.get().getLocalAddress();
+ final OptionMap clientOptions = OptionMap.builder()
+ .setSequence(Options.SSL_ENABLED_CIPHER_SUITES, "TLS_RSA_WITH_AES_128_CBC_SHA")
+ .getMap();
+ final Connection connection = endpoint.connect(new URI(getScheme(), null, localAddress.getAddress().getHostAddress(), localAddress.getPort(), null, null, null), clientOptions, "user", null, "password".toCharArray()).get();
+ connection.addCloseHandler(new CloseHandler<Connection>() {
+ public void handleClose(final Connection closed) {
+ IoUtils.safeClose(server);
+ }
+ });
+ return connection;
}
+ protected void addClientOptions(OptionMap.Builder optionMapBuilder) {}
+
protected abstract String getScheme();
protected abstract AcceptingServer<InetSocketAddress, ?, ?> getServer(ChannelListener<ConnectedStreamChannel<InetSocketAddress>> listener, Xnio xnio) throws NoSuchProviderException, NoSuchAlgorithmException;
Modified: remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/InvocationTestBase.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/InvocationTestBase.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/InvocationTestBase.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -76,9 +76,9 @@
log.info("-------------------------------------------------------------");
}
- protected abstract Connection getConnection() throws IOException;
+ protected abstract Connection getConnection() throws Exception;
- public void testBasicInvoke() throws IOException {
+ public void testBasicInvoke() throws Exception {
enter();
try {
final InvocationTestObject requestObj = new InvocationTestObject();
@@ -126,7 +126,7 @@
}
}
- public void testBasicSend() throws IOException {
+ public void testBasicSend() throws Exception {
enter();
try {
final InvocationTestObject requestObj = new InvocationTestObject();
@@ -175,7 +175,7 @@
}
}
- public void testBasicClientConnector() throws Throwable {
+ public void testBasicClientConnector() throws Exception {
enter();
try {
final InvocationTestObject requestObj = new InvocationTestObject();
Modified: remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/LocalTestCase.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/LocalTestCase.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/LocalTestCase.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -28,7 +28,7 @@
import org.jboss.xnio.OptionMap;
import org.testng.annotations.Test;
- at Test(suiteName = "Local tests")
+ at Test(description = "Local Tests")
public final class LocalTestCase extends InvocationTestBase {
protected Connection getConnection() throws IOException {
Modified: remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/RemoteSslTestCase.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/RemoteSslTestCase.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/RemoteSslTestCase.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -22,6 +22,7 @@
package org.jboss.remoting3.test;
+import java.io.IOException;
import java.net.InetSocketAddress;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
@@ -36,12 +37,33 @@
@Test(suiteName = "Remote SSL tests")
public final class RemoteSslTestCase extends AbstractRemoteTestCase {
+ // Use anonymous ciphers so we don't need a trust store configuration of any sort
+ private static final String[] CIPHER_SUITES = {
+ "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
+ "TLS_DH_anon_WITH_AES_128_CBC_SHA",
+ "TLS_DH_anon_WITH_AES_256_CBC_SHA",
+ "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA",
+ "SSL_DH_anon_WITH_DES_CBC_SHA",
+ "SSL_DH_anon_WITH_RC4_128_MD5",
+ "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA",
+ "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5",
+ };
+
+ private static final String[] PROTOCOLS = {
+ "TLSv1",
+ };
+
protected SslTcpServer getServer(final ChannelListener<ConnectedStreamChannel<InetSocketAddress>> listener, final Xnio xnio) throws NoSuchProviderException, NoSuchAlgorithmException {
- return xnio.createSslTcpServer(listener, OptionMap.builder().setSequence(Options.SSL_ENABLED_CIPHER_SUITES, "TLS_RSA_WITH_AES_128_CBC_SHA").getMap());
+ final OptionMap serverOptions = OptionMap.builder()
+ .setSequence(Options.SSL_ENABLED_CIPHER_SUITES, CIPHER_SUITES)
+ .setSequence(Options.SSL_ENABLED_PROTOCOLS, PROTOCOLS)
+ .getMap();
+ return xnio.createSslTcpServer(listener, serverOptions);
}
protected String getScheme() {
- if (true) throw new SkipException("SSL");
+ if (false) throw new SkipException("SSL");
return "remote+ssl";
}
}
\ No newline at end of file
Modified: remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/StreamsTestCase.java
===================================================================
--- remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/StreamsTestCase.java 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/StreamsTestCase.java 2010-03-04 04:30:28 UTC (rev 5793)
@@ -40,7 +40,7 @@
/**
*
*/
- at Test
+ at Test(suiteName = "Streams Tests")
public final class StreamsTestCase {
public void testCollectionObjectSink() throws Throwable {
Modified: remoting3/trunk/jboss-remoting/src/test/resources/logging.properties
===================================================================
--- remoting3/trunk/jboss-remoting/src/test/resources/logging.properties 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/test/resources/logging.properties 2010-03-04 04:30:28 UTC (rev 5793)
@@ -21,20 +21,23 @@
#
# Additional logger names to configure (root logger is always configured)
-loggers=javax.security.sasl
+loggers=javax.security.sasl,org.jboss.xnio.ssl
# Root logger configuration
-logger.level=DEBUG
+logger.level=INFO
logger.handlers=CONSOLE
# Configure javax.security.sasl to be less verbose by default
logger.javax.security.sasl.level=INFO
+# Configure org.jboss.xnio.ssl to be less verbose by default
+logger.org.jboss.xnio.ssl.level=INFO
+
# Console handler configuration
handler.CONSOLE=org.jboss.logmanager.handlers.ConsoleHandler
handler.CONSOLE.target=SYSTEM_ERR
handler.CONSOLE.properties=autoFlush
-handler.CONSOLE.level=DEBUG
+handler.CONSOLE.level=TRACE
handler.CONSOLE.autoFlush=true
handler.CONSOLE.formatter=PATTERN
Modified: remoting3/trunk/jboss-remoting/src/test/resources/remoting.properties
===================================================================
--- remoting3/trunk/jboss-remoting/src/test/resources/remoting.properties 2010-03-03 16:54:23 UTC (rev 5792)
+++ remoting3/trunk/jboss-remoting/src/test/resources/remoting.properties 2010-03-04 04:30:28 UTC (rev 5793)
@@ -19,3 +19,5 @@
# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
# 02110-1301 USA, or see the FSF site: http://www.fsf.org.
#
+
+remote+ssl.connector.option.org.jboss.xnio.Options.SSL_ENABLED_CIPHER_SUITES=SSL_DH_anon_WITH_DES_CBC_SHA
More information about the jboss-remoting-commits
mailing list