Author: david.lloyd(a)jboss.com Date: 2010-03-03 23:30:28 -0500 (Wed, 03 Mar 2010) New Revision: 5793 Added: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServer.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServerFactory.java Modified: remoting3/trunk/jboss-remoting/pom.xml remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/EndpointImpl.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/RemotingOptions.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientAuthenticationHandler.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientGreetingHandler.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientOpenListener.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteConnection.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteProtocolDescriptor.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteSslProtocolDescriptor.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerAuthenticationHandler.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerGreetingHandler.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerInitialAuthenticationHandler.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerOpenListener.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/AbstractHandleableCloseable.java remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/ProtocolServiceType.java remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/AbstractRemoteTestCase.java remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/InvocationTestBase.java remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/LocalTestCase.java remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/RemoteSslTestCase.java remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/StreamsTestCase.java remoting3/trunk/jboss-remoting/src/test/resources/logging.properties remoting3/trunk/jboss-remoting/src/test/resources/remoting.properties Log: Fix a series of authentication issues Modified: remoting3/trunk/jboss-remoting/pom.xml =================================================================== --- remoting3/trunk/jboss-remoting/pom.xml 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/pom.xml 2010-03-04 04:30:28 UTC (rev 5793) @@ -62,7 +62,7 @@ <groupId>org.jboss.marshalling</groupId> <artifactId>jboss-marshalling-river</artifactId> <version>${jbmar.version}</version> - <scope>compile</scope> + <scope>test</scope> </dependency> <dependency> <groupId>org.testng</groupId> @@ -92,7 +92,7 @@ </property> <property> <name>jboss.remoting.leakdebugging</name> - <value>true</value> + <value>false</value> </property> </systemProperties> </configuration> Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/EndpointImpl.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/EndpointImpl.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/EndpointImpl.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -26,14 +26,15 @@ import java.net.URI; import java.nio.charset.Charset; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; +import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Queue; import java.util.Set; -import java.util.Iterator; import java.util.concurrent.ConcurrentLinkedQueue; import java.util.concurrent.ConcurrentMap; import java.util.concurrent.Executor; @@ -43,20 +44,20 @@ import org.jboss.remoting3.security.RemotingPermission; import org.jboss.remoting3.security.SimpleClientCallbackHandler; import org.jboss.remoting3.spi.AbstractHandleableCloseable; +import org.jboss.remoting3.spi.ConnectionHandlerContext; import org.jboss.remoting3.spi.ConnectionHandlerFactory; import org.jboss.remoting3.spi.ConnectionProvider; import org.jboss.remoting3.spi.ConnectionProviderContext; import org.jboss.remoting3.spi.ConnectionProviderFactory; +import org.jboss.remoting3.spi.ProtocolServiceType; import org.jboss.remoting3.spi.RequestHandler; -import org.jboss.remoting3.spi.ConnectionHandlerContext; -import org.jboss.remoting3.spi.ProtocolServiceType; -import org.jboss.xnio.log.Logger; import org.jboss.xnio.FutureResult; import org.jboss.xnio.IoFuture; import org.jboss.xnio.IoUtils; import org.jboss.xnio.OptionMap; -import org.jboss.xnio.TranslatingResult; +import org.jboss.xnio.Result; import org.jboss.xnio.WeakCloseable; +import org.jboss.xnio.log.Logger; import javax.security.auth.callback.CallbackHandler; @@ -339,7 +340,7 @@ class ServiceRegistration extends AbstractHandleableCloseable<Registration> implements Registration { ServiceRegistration() { - super(executor); + super(executor, false); } protected void closeAction() { @@ -468,7 +469,7 @@ class ServiceListenerRegistration extends AbstractHandleableCloseable<Registration> implements Registration { ServiceListenerRegistration() { - super(executor); + super(executor, false); } protected void closeAction() { @@ -569,10 +570,22 @@ throw new UnknownURISchemeException("No connection provider for URI scheme \"" + scheme + "\" is installed"); } final FutureResult<Connection> futureResult = new FutureResult<Connection>(executor); - futureResult.addCancelHandler(connectionProvider.connect(destination, connectOptions, new TranslatingResult<ConnectionHandlerFactory, Connection>(futureResult) { - protected Connection translate(final ConnectionHandlerFactory input) { - return new ConnectionImpl(EndpointImpl.this, input, connectionProviderContext, destination.toString()); + // Mark the stack because otherwise debugging connect problems can be incredibly tough + final Throwable t = new Throwable(); + futureResult.addCancelHandler(connectionProvider.connect(destination, connectOptions, new Result<ConnectionHandlerFactory>() { + public boolean setResult(final ConnectionHandlerFactory result) { + return futureResult.setResult(new ConnectionImpl(EndpointImpl.this, result, connectionProviderContext, destination.toString())); } + + public boolean setException(final IOException exception) { + final StackTraceElement[] st0 = t.getStackTrace(); + exception.setStackTrace(Arrays.copyOfRange(st0, 1, st0.length)); + return futureResult.setException(exception); + } + + public boolean setCancelled() { + return futureResult.setCancelled(); + } }, callbackHandler)); return futureResult.getIoFuture(); } @@ -612,7 +625,7 @@ if (connectionProviders.putIfAbsent(uriScheme, provider) != null) { throw new DuplicateRegistrationException("URI scheme '" + uriScheme + "' is already registered to a provider"); } - log.trace("Adding registration for connection provider named %s: %s", name, provider); + log.trace("Adding connection provider registration named '%s': %s", uriScheme, provider); final Registration handle = new MapRegistration<ConnectionProvider>(connectionProviders, uriScheme, provider); return handle; } @@ -644,7 +657,7 @@ if (map.putIfAbsent(name, provider) != null) { throw new DuplicateRegistrationException(type.getDescription() + " '" + name + "' is already registered"); } - log.trace("Adding registration for %s named %s: %s", type, name, provider); + log.trace("Adding '%s' registration named '%s': %s", type, name, provider); return new MapRegistration<T>(map, name, provider); } @@ -694,7 +707,7 @@ private final T value; private MapRegistration(final ConcurrentMap<String, T> map, final String key, final T value) { - super(executor); + super(executor, false); this.map = map; this.key = key; this.value = value; @@ -711,6 +724,10 @@ throw new IllegalStateException(e); } } + + public String toString() { + return String.format("Registration of '%s': %s", key, value); + } } final class LocalConnectionContext implements ConnectionHandlerContext { Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/RemotingOptions.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/RemotingOptions.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/RemotingOptions.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -143,4 +143,9 @@ * Specify the name of a preregistered server authentication provider to use. */ public static final Option<String> AUTHENTICATION_PROVIDER = Option.simple(RemotingOptions.class, "AUTHENTICATION_PROVIDER", String.class); + + /** + * Specify the number of times a client is allowed to retry authentication before closing the connection. + */ + public static final Option<Integer> AUTHENTICATION_RETRIES = Option.simple(RemotingOptions.class, "AUTHENTICATION_RETRIES", Integer.class); } Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientAuthenticationHandler.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientAuthenticationHandler.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientAuthenticationHandler.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -137,6 +137,11 @@ }); return; } + case RemoteProtocol.AUTH_REJECTED: { + RemoteConnectionHandler.log.trace("Received auth rejected message"); + factoryResult.setException(new SaslException("Authentication failed")); + IoUtils.safeClose(remoteConnection); + } } } } Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientGreetingHandler.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientGreetingHandler.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientGreetingHandler.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -24,9 +24,9 @@ import java.io.IOException; import java.nio.ByteBuffer; -import java.util.ArrayList; -import java.util.List; +import java.util.LinkedHashSet; import java.util.Map; +import java.util.Set; import org.jboss.remoting3.ProtocolException; import org.jboss.remoting3.RemotingOptions; import org.jboss.remoting3.spi.ConnectionHandlerFactory; @@ -53,13 +53,13 @@ } public void handleMessage(final ByteBuffer buffer) { - List<String> saslMechs = new ArrayList<String>(); + Set<String> saslMechs = new LinkedHashSet<String>(); String remoteEndpointName = "endpoint"; final int[] ourVersions = connection.getProviderDescriptor().getSupportedVersions(); int bestVersion = -1; switch (buffer.get()) { case RemoteProtocol.GREETING: { - RemoteConnectionHandler.log.warn("Client received greeting message"); + RemoteConnectionHandler.log.trace("Client received greeting message"); while (buffer.hasRemaining()) { final byte type = buffer.get(); final int len = buffer.get() & 0xff; @@ -105,6 +105,11 @@ IoUtils.safeClose(connection); return; } + if (saslMechs.isEmpty()) { + factoryResult.setException(new SaslException("No more authentication mechanisms to try")); + IoUtils.safeClose(connection); + return; + } // OK now send our authentication request final OptionMap optionMap = connection.getOptionMap(); final String userName = optionMap.get(RemotingOptions.AUTH_USER_NAME); Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientOpenListener.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientOpenListener.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ClientOpenListener.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -84,6 +84,7 @@ res = channel.write(buffer); } catch (IOException e1) { RemoteConnectionHandler.log.trace(e1, "Failed to send client greeting message"); + factoryResult.setException(e1); IoUtils.safeClose(connection); connection.free(buffer); return; @@ -93,8 +94,16 @@ return; } } - RemoteConnectionHandler.log.warn("Client sent greeting message"); connection.free(buffer); + try { + while (! channel.flush()); + } catch (IOException e) { + RemoteConnectionHandler.log.trace(e, "Failed to flush client greeting message"); + factoryResult.setException(e); + IoUtils.safeClose(connection); + return; + } + RemoteConnectionHandler.log.trace("Client sent greeting message"); channel.resumeReads(); return; } Added: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServer.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServer.java (rev 0) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServer.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -0,0 +1,115 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, JBoss Inc., and individual contributors as indicated + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ + +package org.jboss.remoting3.remote; + +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.security.Principal; +import java.util.concurrent.atomic.AtomicBoolean; +import org.jboss.xnio.channels.SslChannel; + +import javax.net.ssl.SSLPeerUnverifiedException; +import javax.net.ssl.SSLSession; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.UnsupportedCallbackException; +import javax.security.sasl.AuthorizeCallback; +import javax.security.sasl.SaslException; +import javax.security.sasl.SaslServer; + +final class ExternalSaslServer implements SaslServer { + private final AtomicBoolean complete = new AtomicBoolean(); + private String authorizationID; + private final SslChannel sslChannel; + private final CallbackHandler callbackHandler; + private static final byte[] EMPTY = new byte[0]; + + ExternalSaslServer(final SslChannel sslChannel, final CallbackHandler callbackHandler) { + this.sslChannel = sslChannel; + this.callbackHandler = callbackHandler; + } + + public String getMechanismName() { + return "EXTERNAL"; + } + + public byte[] evaluateResponse(final byte[] response) throws SaslException { + if (complete.getAndSet(true)) { + throw new SaslException("Received response after complete"); + } + String userName; + try { + userName = new String(response, "UTF8"); + } catch (UnsupportedEncodingException e) { + throw new SaslException("Cannot convert user name from UTF-8", e); + } + final SSLSession session = sslChannel.getSslSession(); + final Principal peerPrincipal; + try { + peerPrincipal = session.getPeerPrincipal(); + } catch (SSLPeerUnverifiedException e) { + throw new SaslException("SSL peer is unverified", e); + } + final AuthorizeCallback authorizeCallback = new AuthorizeCallback(peerPrincipal.getName(), userName); + handleCallback(callbackHandler, authorizeCallback); + authorizationID = userName; + return EMPTY; + } + + private static void handleCallback(CallbackHandler handler, Callback callback) throws SaslException { + try { + handler.handle(new Callback[] { + callback, + }); + } catch (SaslException e) { + throw e; + } catch (IOException e) { + throw new SaslException("Failed to authenticate due to callback exception", e); + } catch (UnsupportedCallbackException e) { + throw new SaslException("Failed to authenticate due to unsupported callback", e); + } + } + + public boolean isComplete() { + return complete.get(); + } + + public String getAuthorizationID() { + return authorizationID; + } + + public byte[] unwrap(final byte[] incoming, final int offset, final int len) throws SaslException { + throw new IllegalStateException(); + } + + public byte[] wrap(final byte[] outgoing, final int offset, final int len) throws SaslException { + throw new IllegalStateException(); + } + + public Object getNegotiatedProperty(final String propName) { + return null; + } + + public void dispose() throws SaslException { + } +} Added: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServerFactory.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServerFactory.java (rev 0) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ExternalSaslServerFactory.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -0,0 +1,53 @@ +/* + * JBoss, Home of Professional Open Source + * Copyright 2010, JBoss Inc., and individual contributors as indicated + * by the @authors tag. See the copyright.txt in the distribution for a + * full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ + +package org.jboss.remoting3.remote; + +import java.util.Map; +import org.jboss.xnio.channels.SslChannel; + +import javax.security.auth.callback.CallbackHandler; +import javax.security.sasl.SaslException; +import javax.security.sasl.SaslServer; +import javax.security.sasl.SaslServerFactory; + +final class ExternalSaslServerFactory implements SaslServerFactory { + + private static final String[] NAMES = new String[] { "EXTERNAL" }; + + private final SslChannel sslChannel; + + ExternalSaslServerFactory(final SslChannel sslChannel) { + this.sslChannel = sslChannel; + } + + public SaslServer createSaslServer(final String mechanism, final String protocol, final String serverName, final Map<String, ?> props, final CallbackHandler cbh) throws SaslException { + if (! "EXTERNAL".equalsIgnoreCase(mechanism)) { + return null; + } + return new ExternalSaslServer(sslChannel, cbh); + } + + public String[] getMechanismNames(final Map<String, ?> props) { + return NAMES; + } +} Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteConnection.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteConnection.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteConnection.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -44,7 +44,6 @@ private final Pool<ByteBuffer> bufferPool = Buffers.createHeapByteBufferAllocator(4096); private final MessageHandler.Setter messageHandlerSetter; private final OptionMap optionMap; - private boolean readDone; private final Object writeLock = new Object(); RemoteConnection(final Executor executor, final ConnectedStreamChannel<InetSocketAddress> channel, final OptionMap optionMap, final ProviderDescriptor providerDescriptor) { @@ -90,12 +89,15 @@ try { sendBlockingNoClose(buffer); } catch (IOException e) { + RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to send"); IoUtils.safeClose(channel); throw e; } catch (RuntimeException e) { + RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to send"); IoUtils.safeClose(channel); throw e; } catch (Error e) { + RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to send"); IoUtils.safeClose(channel); throw e; } @@ -128,12 +130,15 @@ channel.awaitWritable(); } } catch (IOException e) { + RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to flush"); IoUtils.safeClose(channel); throw e; } catch (RuntimeException e) { + RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to flush"); IoUtils.safeClose(channel); throw e; } catch (Error e) { + RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to flush"); IoUtils.safeClose(channel); throw e; } @@ -147,12 +152,15 @@ channel.awaitWritable(); } } catch (IOException e) { + RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to shutdown writes"); IoUtils.safeClose(channel); throw e; } catch (RuntimeException e) { + RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to shutdown writes"); IoUtils.safeClose(channel); throw e; } catch (Error e) { + RemoteConnectionHandler.log.trace(e, "Closing channel due to failure to shutdown writes"); IoUtils.safeClose(channel); throw e; } @@ -194,4 +202,12 @@ ProviderDescriptor getProviderDescriptor() { return providerDescriptor; } + + void terminate() { + try { + channel.close(); + } catch (IOException e) { + RemoteConnectionHandler.log.trace("Channel terminate exception: %s", e); + } + } } Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteProtocolDescriptor.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteProtocolDescriptor.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteProtocolDescriptor.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -51,7 +51,7 @@ public ConnectionProviderFactory getService(final Properties properties) throws IOException { final String providerName = properties.getProperty("remote.xnio.provider", "default"); final Xnio xnio = Xnio.getInstance(providerName); - final OptionMap connectorOptions = OptionMap.builder().parseAll(properties, "remote.connector.option").getMap(); + final OptionMap connectorOptions = OptionMap.builder().parseAll(properties, "remote.connector.option.", getClass().getClassLoader()).getMap(); final Connector<InetSocketAddress, ? extends TcpChannel> connector; connector = xnio.createTcpConnector(connectorOptions); return new ConnectionProviderFactory() { Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteSslProtocolDescriptor.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteSslProtocolDescriptor.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/RemoteSslProtocolDescriptor.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -51,7 +51,7 @@ public ConnectionProviderFactory getService(final Properties properties) throws IOException { final String providerName = properties.getProperty("remote+ssl.xnio.provider", "default"); final Xnio xnio = Xnio.getInstance(providerName); - final OptionMap connectorOptions = OptionMap.builder().parseAll(properties, "remote+ssl.connector.option").getMap(); + final OptionMap connectorOptions = OptionMap.builder().parseAll(properties, "remote+ssl.connector.option.", getClass().getClassLoader()).getMap(); final Connector<InetSocketAddress, ? extends TcpChannel> connector; try { connector = xnio.createSslTcpConnector(null, connectorOptions); Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerAuthenticationHandler.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerAuthenticationHandler.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerAuthenticationHandler.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -40,12 +40,14 @@ private final RemoteConnection remoteConnection; private final SaslServer saslServer; private final ConnectionProviderContext connectionProviderContext; + private final ServerInitialAuthenticationHandler initialAuthHandler; - ServerAuthenticationHandler(final RemoteConnection remoteConnection, final SaslServer saslServer, final ConnectionProviderContext connectionProviderContext) { + ServerAuthenticationHandler(final RemoteConnection remoteConnection, final SaslServer saslServer, final ConnectionProviderContext connectionProviderContext, final ServerInitialAuthenticationHandler initialAuthHandler) { super(remoteConnection); this.saslServer = saslServer; this.remoteConnection = remoteConnection; this.connectionProviderContext = connectionProviderContext; + this.initialAuthHandler = initialAuthHandler; } public void handleMessage(final ByteBuffer buffer) { @@ -58,8 +60,8 @@ challenge = saslServer.evaluateResponse(Buffers.take(buffer, buffer.remaining())); } catch (SaslException e) { RemoteConnectionHandler.log.trace(e, "Server authentication failed"); - remoteConnection.sendAuthReject("Authentication failed"); - remoteConnection.flushBlocking(); + initialAuthHandler.rejectAuth(); + remoteConnection.setMessageHandler(initialAuthHandler); return; } final boolean complete = saslServer.isComplete(); Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerGreetingHandler.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerGreetingHandler.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerGreetingHandler.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -24,20 +24,21 @@ import java.nio.ByteBuffer; import java.util.Map; -import java.util.Set; import org.jboss.remoting3.security.ServerAuthenticationProvider; import org.jboss.remoting3.spi.ConnectionProviderContext; import org.jboss.xnio.Buffers; import org.jboss.xnio.IoUtils; +import javax.security.sasl.SaslServerFactory; + final class ServerGreetingHandler extends AbstractMessageHandler { private final RemoteConnection connection; private final ConnectionProviderContext connectionProviderContext; - private final Set<String> saslMechs; + private final Map<String, SaslServerFactory> saslMechs; private final ServerAuthenticationProvider provider; private final Map<String, Object> propertyMap; - ServerGreetingHandler(final RemoteConnection connection, final ConnectionProviderContext connectionProviderContext, final Set<String> saslMechs, final ServerAuthenticationProvider provider, final Map<String, Object> propertyMap) { + ServerGreetingHandler(final RemoteConnection connection, final ConnectionProviderContext connectionProviderContext, final Map<String, SaslServerFactory> saslMechs, final ServerAuthenticationProvider provider, final Map<String, Object> propertyMap) { super(connection); this.connection = connection; this.connectionProviderContext = connectionProviderContext; Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerInitialAuthenticationHandler.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerInitialAuthenticationHandler.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerInitialAuthenticationHandler.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -25,29 +25,32 @@ import java.io.IOException; import java.nio.ByteBuffer; import java.util.Map; -import java.util.Set; +import org.jboss.remoting3.RemotingOptions; import org.jboss.remoting3.security.ServerAuthenticationProvider; import org.jboss.remoting3.spi.ConnectionProviderContext; import org.jboss.xnio.Buffers; import org.jboss.xnio.IoUtils; -import javax.security.sasl.Sasl; +import javax.security.sasl.SaslException; import javax.security.sasl.SaslServer; +import javax.security.sasl.SaslServerFactory; final class ServerInitialAuthenticationHandler extends AbstractMessageHandler { private final RemoteConnection remoteConnection; private final Map<String, ?> saslPropertyMap; - private final Set<String> allowedMechs; + private final Map<String, SaslServerFactory> allowedMechs; private final ServerAuthenticationProvider authenticationProvider; private final ConnectionProviderContext connectionProviderContext; + private int retries; - ServerInitialAuthenticationHandler(final RemoteConnection remoteConnection, final Map<String, ?> saslPropertyMap, final Set<String> allowedMechs, final ServerAuthenticationProvider authenticationProvider, final ConnectionProviderContext connectionProviderContext) { + ServerInitialAuthenticationHandler(final RemoteConnection remoteConnection, final Map<String, ?> saslPropertyMap, final Map<String, SaslServerFactory> allowedMechs, final ServerAuthenticationProvider authenticationProvider, final ConnectionProviderContext connectionProviderContext) { super(remoteConnection); this.remoteConnection = remoteConnection; this.saslPropertyMap = saslPropertyMap; this.allowedMechs = allowedMechs; this.authenticationProvider = authenticationProvider; this.connectionProviderContext = connectionProviderContext; + retries = remoteConnection.getOptionMap().get(RemotingOptions.AUTHENTICATION_RETRIES, 3); } public void handleMessage(final ByteBuffer buffer) { @@ -56,17 +59,26 @@ try { // mech name final String name = Buffers.getModifiedUtf8(buffer); - if (allowedMechs.contains(name)) { + final SaslServerFactory serverFactory = allowedMechs.get(name); + if (serverFactory != null) { RemoteConnectionHandler.log.trace("Selected SASL mechanism %s", name); final String realm = connectionProviderContext.getEndpoint().getName(); - final SaslServer server = Sasl.createSaslServer(name, "remote", realm, saslPropertyMap, authenticationProvider.getCallbackHandler()); - remoteConnection.setMessageHandler(new ServerAuthenticationHandler(remoteConnection, server, connectionProviderContext)); + final SaslServer server = serverFactory.createSaslServer(name, "remote", realm, saslPropertyMap, authenticationProvider.getCallbackHandler()); + remoteConnection.setMessageHandler(new ServerAuthenticationHandler(remoteConnection, server, connectionProviderContext, this)); RemoteConnectionHandler.log.trace("Sending initial challenge"); - remoteConnection.sendAuthMessage(RemoteProtocol.AUTH_CHALLENGE, server.evaluateResponse(SaslUtils.EMPTY)); + final byte[] resp; + try { + resp = server.evaluateResponse(SaslUtils.EMPTY); + } catch (SaslException e) { + RemoteConnectionHandler.log.trace("Rejected invalid SASL response: %s", e); + rejectAuth(); + return; + } + remoteConnection.sendAuthMessage(RemoteProtocol.AUTH_CHALLENGE, resp); return; } else { RemoteConnectionHandler.log.trace("Rejected invalid SASL mechanism %s", name); - remoteConnection.sendAuthReject("Invalid mechanism name"); + rejectAuth(); return; } } catch (IOException e) { @@ -81,4 +93,12 @@ } } } + + void rejectAuth() throws IOException { + remoteConnection.sendAuthReject("Authentication failed"); + if (retries-- == 0) { + // too bad + remoteConnection.terminate(); + } + } } Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerOpenListener.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerOpenListener.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/remote/ServerOpenListener.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -27,7 +27,7 @@ import java.nio.ByteBuffer; import java.util.Enumeration; import java.util.HashSet; -import java.util.LinkedHashSet; +import java.util.LinkedHashMap; import java.util.Map; import java.util.Set; import org.jboss.marshalling.ProviderDescriptor; @@ -41,6 +41,7 @@ import org.jboss.xnio.Options; import org.jboss.xnio.Sequence; import org.jboss.xnio.channels.ConnectedStreamChannel; +import org.jboss.xnio.channels.SslChannel; import javax.security.sasl.Sasl; import javax.security.sasl.SaslServerFactory; @@ -65,20 +66,50 @@ } final RemoteConnection connection = new RemoteConnection(connectionProviderContext.getExecutor(), channel, optionMap, providerDescriptor); + // Get the server authentication provider + final String authProvider = optionMap.get(RemotingOptions.AUTHENTICATION_PROVIDER); + if (authProvider == null) { + RemoteConnectionHandler.log.warn("No authentication provider available"); + IoUtils.safeClose(connection); + return; + } + final ServerAuthenticationProvider provider = connectionProviderContext.getProtocolServiceProvider(ProtocolServiceType.SERVER_AUTHENTICATION_PROVIDER, authProvider); + if (provider == null) { + RemoteConnectionHandler.log.warn("No authentication provider available"); + IoUtils.safeClose(connection); + return; + } + // Calculate available server mechanisms final Sequence<String> mechs = optionMap.get(Options.SASL_MECHANISMS); final Set<String> includes = mechs != null ? new HashSet<String>(mechs) : null; - final Set<String> serverMechanisms = new LinkedHashSet<String>(); final Map<String, Object> propertyMap = SaslUtils.createPropertyMap(optionMap); final Enumeration<SaslServerFactory> e = Sasl.getSaslServerFactories(); + final Map<String, SaslServerFactory> saslServerFactories = new LinkedHashMap<String, SaslServerFactory>(); + if (channel instanceof SslChannel && (includes == null | includes.contains("EXTERNAL"))) { + // automatically the best mechanism. + saslServerFactories.put("EXTERNAL", new ExternalSaslServerFactory((SslChannel) channel)); + } while (e.hasMoreElements()) { final SaslServerFactory saslServerFactory = e.nextElement(); for (String name : saslServerFactory.getMechanismNames(propertyMap)) { if (includes == null || includes.contains(name)) { - serverMechanisms.add(name); + saslServerFactories.put(name, saslServerFactory); } } } + if (saslServerFactories.isEmpty()) { + try { + RemoteConnectionHandler.log.trace("Sending server no-mechanisms message"); + connection.sendAuthReject("No mechanisms available"); + connection.close(); + return; + } catch (IOException e1) { + RemoteConnectionHandler.log.trace(e1, "Failed to send server no-mechanisms message"); + IoUtils.safeClose(connection); + return; + } + } // Send server greeting packet... final ByteBuffer buffer = connection.allocate(); @@ -93,7 +124,7 @@ GreetingUtils.writeInt(buffer, RemoteProtocol.GREETING_MARSHALLER_VERSION, version); } // SASL server mechs - for (String name : serverMechanisms) { + for (String name : saslServerFactories.keySet()) { GreetingUtils.writeString(buffer, RemoteProtocol.GREETING_SASL_MECH, name); RemoteConnectionHandler.log.trace("Offering SASL mechanism %s", name); } @@ -119,24 +150,21 @@ return; } } - RemoteConnectionHandler.log.warn("Server sent greeting message"); connection.free(buffer); + try { + while (! channel.flush()); + } catch (IOException e) { + RemoteConnectionHandler.log.trace(e, "Failed to flush server greeting message"); + IoUtils.safeClose(connection); + return; + } + RemoteConnectionHandler.log.trace("Server sent greeting message"); channel.resumeReads(); return; } } }); - final String authProvider = optionMap.get(RemotingOptions.AUTHENTICATION_PROVIDER); - if (authProvider == null) { - // todo log no valid auth provider - IoUtils.safeClose(connection); - } - final ServerAuthenticationProvider provider = connectionProviderContext.getProtocolServiceProvider(ProtocolServiceType.SERVER_AUTHENTICATION_PROVIDER, authProvider); - if (provider == null) { - // todo log no valid auth provider - IoUtils.safeClose(connection); - } - connection.setMessageHandler(new ServerGreetingHandler(connection, connectionProviderContext, serverMechanisms, provider, propertyMap)); + connection.setMessageHandler(new ServerGreetingHandler(connection, connectionProviderContext, saslServerFactories, provider, propertyMap)); // and send the greeting channel.resumeWrites(); } Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/AbstractHandleableCloseable.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/AbstractHandleableCloseable.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/AbstractHandleableCloseable.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -48,6 +48,7 @@ private final Executor executor; private final StackTraceElement[] backtrace; + private final boolean autoClose; private final Object closeLock = new Object(); private State state = State.OPEN; @@ -79,11 +80,22 @@ * @param executor the executor used to execute the close notification handlers */ protected AbstractHandleableCloseable(final Executor executor) { + this(executor, true); + } + + /** + * Basic constructor. + * + * @param executor the executor used to execute the close notification handlers + * @param autoClose {@code true} if this instance should automatically close on finalize + */ + protected AbstractHandleableCloseable(final Executor executor, final boolean autoClose) { if (executor == null) { throw new NullPointerException("executor is null"); } this.executor = executor; backtrace = LEAK_DEBUGGING ? new Throwable().getStackTrace() : null; + this.autoClose = autoClose; } /** @@ -241,7 +253,7 @@ try { super.finalize(); } finally { - if (isOpen()) { + if (autoClose && isOpen()) { if (LEAK_DEBUGGING) { final Throwable t = new LeakThrowable(); t.setStackTrace(backtrace); Modified: remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/ProtocolServiceType.java =================================================================== --- remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/ProtocolServiceType.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/main/java/org/jboss/remoting3/spi/ProtocolServiceType.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -106,4 +106,8 @@ public String getDescription() { return description; } + + public String toString() { + return "protocol service type: \"" + getDescription() + "\""; + } } Modified: remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/AbstractRemoteTestCase.java =================================================================== --- remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/AbstractRemoteTestCase.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/AbstractRemoteTestCase.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -62,29 +62,33 @@ } } - protected Connection getConnection() throws IOException { + protected Connection getConnection() throws Exception { final NetworkServerProvider provider = endpoint.getConnectionProviderInterface(getScheme(), NetworkServerProvider.class); assertNotNull(provider, "No remote provider interface"); - final ChannelListener<ConnectedStreamChannel<InetSocketAddress>> listener = provider.getServerListener(OptionMap.builder().set(RemotingOptions.AUTHENTICATION_PROVIDER, "test").setSequence(Options.SASL_MECHANISMS, "DIGEST-MD5").getMap()); + final OptionMap serverOptions = OptionMap.builder() + .set(RemotingOptions.AUTHENTICATION_PROVIDER, "test") +// .setSequence(Options.SASL_MECHANISMS, "EXTERNAL", "DIGEST-MD5") + .setSequence(Options.SASL_MECHANISMS, "DIGEST-MD5") + .getMap(); + final ChannelListener<ConnectedStreamChannel<InetSocketAddress>> listener = provider.getServerListener(serverOptions); final Xnio xnio = Xnio.getInstance(); - try { - final AcceptingServer<InetSocketAddress, ?, ?> server = getServer(listener, xnio); - final IoFuture<? extends BoundChannel<InetSocketAddress>> future = server.bind(new InetSocketAddress(InetAddress.getByName("127.0.0.1"), 0)); - final InetSocketAddress localAddress = future.get().getLocalAddress(); - final Connection connection = endpoint.connect(new URI(getScheme(), null, localAddress.getAddress().getHostAddress(), localAddress.getPort(), null, null, null), OptionMap.builder().setSequence(Options.SSL_ENABLED_CIPHER_SUITES, "TLS_RSA_WITH_AES_128_CBC_SHA").getMap(), "user", null, "password".toCharArray()).get(); - connection.addCloseHandler(new CloseHandler<Connection>() { - public void handleClose(final Connection closed) { - IoUtils.safeClose(server); - } - }); - return connection; - } catch (Exception e) { - final IOException ioe = new IOException(); - ioe.initCause(e); - throw ioe; - } + final AcceptingServer<InetSocketAddress, ?, ?> server = getServer(listener, xnio); + final IoFuture<? extends BoundChannel<InetSocketAddress>> future = server.bind(new InetSocketAddress(InetAddress.getByName("127.0.0.1"), 0)); + final InetSocketAddress localAddress = future.get().getLocalAddress(); + final OptionMap clientOptions = OptionMap.builder() + .setSequence(Options.SSL_ENABLED_CIPHER_SUITES, "TLS_RSA_WITH_AES_128_CBC_SHA") + .getMap(); + final Connection connection = endpoint.connect(new URI(getScheme(), null, localAddress.getAddress().getHostAddress(), localAddress.getPort(), null, null, null), clientOptions, "user", null, "password".toCharArray()).get(); + connection.addCloseHandler(new CloseHandler<Connection>() { + public void handleClose(final Connection closed) { + IoUtils.safeClose(server); + } + }); + return connection; } + protected void addClientOptions(OptionMap.Builder optionMapBuilder) {} + protected abstract String getScheme(); protected abstract AcceptingServer<InetSocketAddress, ?, ?> getServer(ChannelListener<ConnectedStreamChannel<InetSocketAddress>> listener, Xnio xnio) throws NoSuchProviderException, NoSuchAlgorithmException; Modified: remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/InvocationTestBase.java =================================================================== --- remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/InvocationTestBase.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/InvocationTestBase.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -76,9 +76,9 @@ log.info("-------------------------------------------------------------"); } - protected abstract Connection getConnection() throws IOException; + protected abstract Connection getConnection() throws Exception; - public void testBasicInvoke() throws IOException { + public void testBasicInvoke() throws Exception { enter(); try { final InvocationTestObject requestObj = new InvocationTestObject(); @@ -126,7 +126,7 @@ } } - public void testBasicSend() throws IOException { + public void testBasicSend() throws Exception { enter(); try { final InvocationTestObject requestObj = new InvocationTestObject(); @@ -175,7 +175,7 @@ } } - public void testBasicClientConnector() throws Throwable { + public void testBasicClientConnector() throws Exception { enter(); try { final InvocationTestObject requestObj = new InvocationTestObject(); Modified: remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/LocalTestCase.java =================================================================== --- remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/LocalTestCase.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/LocalTestCase.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -28,7 +28,7 @@ import org.jboss.xnio.OptionMap; import org.testng.annotations.Test; -@Test(suiteName = "Local tests") +@Test(description = "Local Tests") public final class LocalTestCase extends InvocationTestBase { protected Connection getConnection() throws IOException { Modified: remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/RemoteSslTestCase.java =================================================================== --- remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/RemoteSslTestCase.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/RemoteSslTestCase.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -22,6 +22,7 @@ package org.jboss.remoting3.test; +import java.io.IOException; import java.net.InetSocketAddress; import java.security.NoSuchAlgorithmException; import java.security.NoSuchProviderException; @@ -36,12 +37,33 @@ @Test(suiteName = "Remote SSL tests") public final class RemoteSslTestCase extends AbstractRemoteTestCase { + // Use anonymous ciphers so we don't need a trust store configuration of any sort + private static final String[] CIPHER_SUITES = { + "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", + "TLS_DH_anon_WITH_AES_128_CBC_SHA", + "TLS_DH_anon_WITH_AES_256_CBC_SHA", + "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA", + "SSL_DH_anon_WITH_DES_CBC_SHA", + "SSL_DH_anon_WITH_RC4_128_MD5", + "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA", + "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5", + }; + + private static final String[] PROTOCOLS = { + "TLSv1", + }; + protected SslTcpServer getServer(final ChannelListener<ConnectedStreamChannel<InetSocketAddress>> listener, final Xnio xnio) throws NoSuchProviderException, NoSuchAlgorithmException { - return xnio.createSslTcpServer(listener, OptionMap.builder().setSequence(Options.SSL_ENABLED_CIPHER_SUITES, "TLS_RSA_WITH_AES_128_CBC_SHA").getMap()); + final OptionMap serverOptions = OptionMap.builder() + .setSequence(Options.SSL_ENABLED_CIPHER_SUITES, CIPHER_SUITES) + .setSequence(Options.SSL_ENABLED_PROTOCOLS, PROTOCOLS) + .getMap(); + return xnio.createSslTcpServer(listener, serverOptions); } protected String getScheme() { - if (true) throw new SkipException("SSL"); + if (false) throw new SkipException("SSL"); return "remote+ssl"; } } \ No newline at end of file Modified: remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/StreamsTestCase.java =================================================================== --- remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/StreamsTestCase.java 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/test/java/org/jboss/remoting3/test/StreamsTestCase.java 2010-03-04 04:30:28 UTC (rev 5793) @@ -40,7 +40,7 @@ /** * */ -@Test +@Test(suiteName = "Streams Tests") public final class StreamsTestCase { public void testCollectionObjectSink() throws Throwable { Modified: remoting3/trunk/jboss-remoting/src/test/resources/logging.properties =================================================================== --- remoting3/trunk/jboss-remoting/src/test/resources/logging.properties 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/test/resources/logging.properties 2010-03-04 04:30:28 UTC (rev 5793) @@ -21,20 +21,23 @@ # # Additional logger names to configure (root logger is always configured) -loggers=javax.security.sasl +loggers=javax.security.sasl,org.jboss.xnio.ssl # Root logger configuration -logger.level=DEBUG +logger.level=INFO logger.handlers=CONSOLE # Configure javax.security.sasl to be less verbose by default logger.javax.security.sasl.level=INFO +# Configure org.jboss.xnio.ssl to be less verbose by default +logger.org.jboss.xnio.ssl.level=INFO + # Console handler configuration handler.CONSOLE=org.jboss.logmanager.handlers.ConsoleHandler handler.CONSOLE.target=SYSTEM_ERR handler.CONSOLE.properties=autoFlush -handler.CONSOLE.level=DEBUG +handler.CONSOLE.level=TRACE handler.CONSOLE.autoFlush=true handler.CONSOLE.formatter=PATTERN Modified: remoting3/trunk/jboss-remoting/src/test/resources/remoting.properties =================================================================== --- remoting3/trunk/jboss-remoting/src/test/resources/remoting.properties 2010-03-03 16:54:23 UTC (rev 5792) +++ remoting3/trunk/jboss-remoting/src/test/resources/remoting.properties 2010-03-04 04:30:28 UTC (rev 5793) @@ -19,3 +19,5 @@ # Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA # 02110-1301 USA, or see the FSF site: http://www.fsf.org. # + +remote+ssl.connector.option.org.jboss.xnio.Options.SSL_ENABLED_CIPHER_SUITES=SSL_DH_anon_WITH_DES_CBC_SHA