Search in sources :

Example 1 with SslStoreProvider

use of cn.taketoday.framework.web.server.SslStoreProvider in project today-infrastructure by TAKETODAY.

the class AbstractServletWebServerFactoryTests method sslWithCustomSslStoreProvider.

@Test
void sslWithCustomSslStoreProvider() throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    addTestTxtFile(factory);
    Ssl ssl = new Ssl();
    ssl.setClientAuth(ClientAuth.NEED);
    ssl.setKeyPassword("password");
    factory.setSsl(ssl);
    SslStoreProvider sslStoreProvider = mock(SslStoreProvider.class);
    given(sslStoreProvider.getKeyStore()).willReturn(loadStore());
    given(sslStoreProvider.getTrustStore()).willReturn(loadStore());
    factory.setSslStoreProvider(sslStoreProvider);
    this.webServer = factory.getWebServer();
    this.webServer.start();
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    loadStore(keyStore, new FileSystemResource("src/test/resources/test.jks"));
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).loadKeyMaterial(keyStore, "password".toCharArray()).build());
    HttpClient httpClient = this.httpClientBuilder.get().setSSLSocketFactory(socketFactory).build();
    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
    assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
    then(sslStoreProvider).should(atLeastOnce()).getKeyStore();
    then(sslStoreProvider).should(atLeastOnce()).getTrustStore();
}
Also used : SslStoreProvider(cn.taketoday.framework.web.server.SslStoreProvider) HttpClient(org.apache.http.client.HttpClient) FileSystemResource(cn.taketoday.core.io.FileSystemResource) HttpComponentsClientHttpRequestFactory(cn.taketoday.http.client.HttpComponentsClientHttpRequestFactory) Ssl(cn.taketoday.framework.web.server.Ssl) KeyStore(java.security.KeyStore) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest) Test(org.junit.jupiter.api.Test)

Example 2 with SslStoreProvider

use of cn.taketoday.framework.web.server.SslStoreProvider in project today-infrastructure by TAKETODAY.

the class SslConnectorCustomizerTests method customizeWhenSslStoreProviderPresentShouldIgnorePasswordFromSsl.

@Test
void customizeWhenSslStoreProviderPresentShouldIgnorePasswordFromSsl(CapturedOutput output) throws Exception {
    System.setProperty("javax.net.ssl.trustStorePassword", "trustStoreSecret");
    Ssl ssl = new Ssl();
    ssl.setKeyPassword("password");
    ssl.setKeyStorePassword("secret");
    SslStoreProvider sslStoreProvider = mock(SslStoreProvider.class);
    given(sslStoreProvider.getTrustStore()).willReturn(loadStore());
    given(sslStoreProvider.getKeyStore()).willReturn(loadStore());
    SslConnectorCustomizer customizer = new SslConnectorCustomizer(ssl, sslStoreProvider);
    Connector connector = this.tomcat.getConnector();
    customizer.customize(connector);
    this.tomcat.start();
    assertThat(connector.getState()).isEqualTo(LifecycleState.STARTED);
    assertThat(output).doesNotContain("Password verification failed");
}
Also used : Connector(org.apache.catalina.connector.Connector) SslStoreProvider(cn.taketoday.framework.web.server.SslStoreProvider) Ssl(cn.taketoday.framework.web.server.Ssl) Test(org.junit.jupiter.api.Test)

Example 3 with SslStoreProvider

use of cn.taketoday.framework.web.server.SslStoreProvider in project today-framework by TAKETODAY.

the class SslConnectorCustomizerTests method customizeWhenSslStoreProviderPresentShouldIgnorePasswordFromSsl.

@Test
void customizeWhenSslStoreProviderPresentShouldIgnorePasswordFromSsl(CapturedOutput output) throws Exception {
    System.setProperty("javax.net.ssl.trustStorePassword", "trustStoreSecret");
    Ssl ssl = new Ssl();
    ssl.setKeyPassword("password");
    ssl.setKeyStorePassword("secret");
    SslStoreProvider sslStoreProvider = mock(SslStoreProvider.class);
    given(sslStoreProvider.getTrustStore()).willReturn(loadStore());
    given(sslStoreProvider.getKeyStore()).willReturn(loadStore());
    SslConnectorCustomizer customizer = new SslConnectorCustomizer(ssl, sslStoreProvider);
    Connector connector = this.tomcat.getConnector();
    customizer.customize(connector);
    this.tomcat.start();
    assertThat(connector.getState()).isEqualTo(LifecycleState.STARTED);
    assertThat(output).doesNotContain("Password verification failed");
}
Also used : Connector(org.apache.catalina.connector.Connector) SslStoreProvider(cn.taketoday.framework.web.server.SslStoreProvider) Ssl(cn.taketoday.framework.web.server.Ssl) Test(org.junit.jupiter.api.Test)

Example 4 with SslStoreProvider

use of cn.taketoday.framework.web.server.SslStoreProvider in project today-framework by TAKETODAY.

the class AbstractServletWebServerFactoryTests method sslWithCustomSslStoreProvider.

@Test
void sslWithCustomSslStoreProvider() throws Exception {
    AbstractServletWebServerFactory factory = getFactory();
    addTestTxtFile(factory);
    Ssl ssl = new Ssl();
    ssl.setClientAuth(ClientAuth.NEED);
    ssl.setKeyPassword("password");
    factory.setSsl(ssl);
    SslStoreProvider sslStoreProvider = mock(SslStoreProvider.class);
    given(sslStoreProvider.getKeyStore()).willReturn(loadStore());
    given(sslStoreProvider.getTrustStore()).willReturn(loadStore());
    factory.setSslStoreProvider(sslStoreProvider);
    this.webServer = factory.getWebServer();
    this.webServer.start();
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    loadStore(keyStore, new FileSystemResource("src/test/resources/test.jks"));
    SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(new SSLContextBuilder().loadTrustMaterial(null, new TrustSelfSignedStrategy()).loadKeyMaterial(keyStore, "password".toCharArray()).build());
    HttpClient httpClient = this.httpClientBuilder.get().setSSLSocketFactory(socketFactory).build();
    HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
    assertThat(getResponse(getLocalUrl("https", "/test.txt"), requestFactory)).isEqualTo("test");
    then(sslStoreProvider).should(atLeastOnce()).getKeyStore();
    then(sslStoreProvider).should(atLeastOnce()).getTrustStore();
}
Also used : SslStoreProvider(cn.taketoday.framework.web.server.SslStoreProvider) HttpClient(org.apache.http.client.HttpClient) FileSystemResource(cn.taketoday.core.io.FileSystemResource) HttpComponentsClientHttpRequestFactory(cn.taketoday.http.client.HttpComponentsClientHttpRequestFactory) Ssl(cn.taketoday.framework.web.server.Ssl) KeyStore(java.security.KeyStore) SSLConnectionSocketFactory(org.apache.http.conn.ssl.SSLConnectionSocketFactory) SSLContextBuilder(org.apache.http.ssl.SSLContextBuilder) TrustSelfSignedStrategy(org.apache.http.conn.ssl.TrustSelfSignedStrategy) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest) Test(org.junit.jupiter.api.Test)

Example 5 with SslStoreProvider

use of cn.taketoday.framework.web.server.SslStoreProvider in project today-framework by TAKETODAY.

the class SslConnectorCustomizerTests method customizeWhenSslStoreProviderProvidesOnlyKeyStoreShouldUseDefaultTruststore.

@Test
void customizeWhenSslStoreProviderProvidesOnlyKeyStoreShouldUseDefaultTruststore() throws Exception {
    Ssl ssl = new Ssl();
    ssl.setKeyPassword("password");
    ssl.setTrustStore("src/test/resources/test.jks");
    SslStoreProvider sslStoreProvider = mock(SslStoreProvider.class);
    KeyStore keyStore = loadStore();
    given(sslStoreProvider.getKeyStore()).willReturn(keyStore);
    SslConnectorCustomizer customizer = new SslConnectorCustomizer(ssl, sslStoreProvider);
    Connector connector = this.tomcat.getConnector();
    customizer.customize(connector);
    this.tomcat.start();
    SSLHostConfig sslHostConfig = connector.getProtocolHandler().findSslHostConfigs()[0];
    SSLHostConfig sslHostConfigWithDefaults = new SSLHostConfig();
    assertThat(sslHostConfig.getTruststoreFile()).isEqualTo(sslHostConfigWithDefaults.getTruststoreFile());
    Set<SSLHostConfigCertificate> certificates = sslHostConfig.getCertificates();
    assertThat(certificates).hasSize(1);
    assertThat(certificates.iterator().next().getCertificateKeystore()).isEqualTo(keyStore);
}
Also used : Connector(org.apache.catalina.connector.Connector) SslStoreProvider(cn.taketoday.framework.web.server.SslStoreProvider) SSLHostConfigCertificate(org.apache.tomcat.util.net.SSLHostConfigCertificate) Ssl(cn.taketoday.framework.web.server.Ssl) KeyStore(java.security.KeyStore) SSLHostConfig(org.apache.tomcat.util.net.SSLHostConfig) Test(org.junit.jupiter.api.Test)

Aggregations

Ssl (cn.taketoday.framework.web.server.Ssl)8 SslStoreProvider (cn.taketoday.framework.web.server.SslStoreProvider)8 Test (org.junit.jupiter.api.Test)8 KeyStore (java.security.KeyStore)6 Connector (org.apache.catalina.connector.Connector)6 SSLHostConfig (org.apache.tomcat.util.net.SSLHostConfig)4 SSLHostConfigCertificate (org.apache.tomcat.util.net.SSLHostConfigCertificate)4 FileSystemResource (cn.taketoday.core.io.FileSystemResource)2 HttpComponentsClientHttpRequestFactory (cn.taketoday.http.client.HttpComponentsClientHttpRequestFactory)2 HttpClient (org.apache.http.client.HttpClient)2 SSLConnectionSocketFactory (org.apache.http.conn.ssl.SSLConnectionSocketFactory)2 TrustSelfSignedStrategy (org.apache.http.conn.ssl.TrustSelfSignedStrategy)2 SSLContextBuilder (org.apache.http.ssl.SSLContextBuilder)2 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)2