use of com.mysql.cj.xdevapi.Session in project aws-mysql-jdbc by awslabs.
the class DevApiSample method main.
public static void main(String[] args) {
Session session = new SessionFactory().getSession("mysqlx://localhost:33060/test?user=user&password=password1234");
System.err.println("Connected!");
Schema schema = session.getDefaultSchema();
System.err.println("Default schema is: " + schema);
documentWalkthrough(schema);
}
use of com.mysql.cj.xdevapi.Session in project aws-mysql-jdbc by awslabs.
the class SchemaTest method testEquals.
@Test
public void testEquals() {
Schema otherDefaultSchema = this.session.getDefaultSchema();
assertFalse(otherDefaultSchema == this.schema);
assertTrue(otherDefaultSchema.equals(this.schema));
assertTrue(this.schema.equals(otherDefaultSchema));
Session otherSession = new SessionImpl(this.testHostInfo);
Schema diffSessionSchema = otherSession.getDefaultSchema();
assertEquals(this.schema.getName(), diffSessionSchema.getName());
assertFalse(this.schema.equals(diffSessionSchema));
assertFalse(diffSessionSchema.equals(this.schema));
otherSession.close();
}
use of com.mysql.cj.xdevapi.Session in project aws-mysql-jdbc by awslabs.
the class SecureSessionTest method testSecureSessionVerifyServerCertificateIdentity.
/**
* Tests secure {@link Session}s created via URL and properties map, verifying server certificate.
* This test would pass if the server certificate had "CN=<host_name>", with <host_name> equals to the host name in the test URL.
*/
@Test
@Disabled("requires a certificate with CN=<host_name> equals to the host name in the test URL")
public void testSecureSessionVerifyServerCertificateIdentity() {
Session testSession = this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_IDENTITY) + makeParam(PropertyKey.xdevapiSslTrustStoreUrl, this.trustStoreUrl) + makeParam(PropertyKey.xdevapiSslTrustStorePassword, this.trustStorePassword));
assertSecureSession(testSession);
testSession.close();
Properties props = new Properties(this.sslFreeTestProperties);
props.setProperty(PropertyKey.xdevapiSslMode.getKeyName(), XdevapiSslMode.VERIFY_IDENTITY.toString());
props.setProperty(PropertyKey.xdevapiSslTrustStoreUrl.getKeyName(), this.trustStoreUrl);
props.setProperty(PropertyKey.xdevapiSslTrustStorePassword.getKeyName(), this.trustStorePassword);
testSession = this.fact.getSession(props);
assertSecureSession(testSession);
testSession.close();
}
use of com.mysql.cj.xdevapi.Session in project aws-mysql-jdbc by awslabs.
the class SecureSessionTest method testFallbackToSystemTrustStore.
/**
* Tests connection property 'xdevapi.fallback-to-system-truststore' behavior.
*
* @throws Exception
*/
@Test
public void testFallbackToSystemTrustStore() throws Exception {
assumeTrue(supportsTestCertificates(this.session), "This test requires the server configured with SSL certificates from ConnectorJ/src/test/config/ssl-test-certs");
Session testSess;
/*
* Valid system-wide TrustStore.
*/
System.setProperty("javax.net.ssl.trustStore", "file:src/test/config/ssl-test-certs/ca-truststore");
System.setProperty("javax.net.ssl.trustStoreType", "JKS");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
// No session-local TrustStore.
testSess = this.fact.getSession(this.sslFreeBaseUrl);
assertSecureSession(testSess);
testSess.close();
testSess = this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA));
assertSecureSession(testSess);
testSess.close();
testSess = this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA) + makeParam(PropertyKey.xdevapiFallbackToSystemTrustStore, "true"));
assertSecureSession(testSess);
testSess.close();
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA) + makeParam(PropertyKey.xdevapiFallbackToSystemTrustStore, "false")));
// Invalid session-local TrustStore:
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.REQUIRED) + makeParam(PropertyKey.xdevapiSslTrustStoreUrl, "file:src/test/config/ssl-test-certs/ca-truststore-ext") + makeParam(PropertyKey.xdevapiSslTrustStoreType, "JKS") + makeParam(PropertyKey.xdevapiSslTrustStorePassword, "password")));
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA) + makeParam(PropertyKey.xdevapiSslTrustStoreUrl, "file:src/test/config/ssl-test-certs/ca-truststore-ext") + makeParam(PropertyKey.xdevapiSslTrustStoreType, "JKS") + makeParam(PropertyKey.xdevapiSslTrustStorePassword, "password")));
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA) + makeParam(PropertyKey.xdevapiFallbackToSystemTrustStore, "true") + makeParam(PropertyKey.xdevapiSslTrustStoreUrl, "file:src/test/config/ssl-test-certs/ca-truststore-ext") + makeParam(PropertyKey.xdevapiSslTrustStoreType, "JKS") + makeParam(PropertyKey.xdevapiSslTrustStorePassword, "password")));
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA) + makeParam(PropertyKey.xdevapiFallbackToSystemTrustStore, "false") + makeParam(PropertyKey.xdevapiSslTrustStoreUrl, "file:src/test/config/ssl-test-certs/ca-truststore-ext") + makeParam(PropertyKey.xdevapiSslTrustStoreType, "JKS") + makeParam(PropertyKey.xdevapiSslTrustStorePassword, "password")));
/*
* Invalid system-wide TrustStore.
*/
System.setProperty("javax.net.ssl.trustStore", "file:src/test/config/ssl-test-certs/ca-truststore-ext");
System.setProperty("javax.net.ssl.trustStoreType", "JKS");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
// No session-local TrustStore.
testSess = this.fact.getSession(this.sslFreeBaseUrl);
assertSecureSession(testSess);
testSess.close();
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA)));
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA) + makeParam(PropertyKey.xdevapiFallbackToSystemTrustStore, "true")));
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA) + makeParam(PropertyKey.xdevapiFallbackToSystemTrustStore, "false")));
// Valid session-local TrustStore:
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.REQUIRED) + makeParam(PropertyKey.xdevapiSslTrustStoreUrl, "file:src/test/config/ssl-test-certs/ca-truststore") + makeParam(PropertyKey.xdevapiSslTrustStoreType, "JKS") + makeParam(PropertyKey.xdevapiSslTrustStorePassword, "password")));
testSess = this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA) + makeParam(PropertyKey.xdevapiSslTrustStoreUrl, "file:src/test/config/ssl-test-certs/ca-truststore") + makeParam(PropertyKey.xdevapiSslTrustStoreType, "JKS") + makeParam(PropertyKey.xdevapiSslTrustStorePassword, "password"));
assertSecureSession(testSess);
testSess.close();
testSess = this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA) + makeParam(PropertyKey.xdevapiFallbackToSystemTrustStore, "true") + makeParam(PropertyKey.xdevapiSslTrustStoreUrl, "file:src/test/config/ssl-test-certs/ca-truststore") + makeParam(PropertyKey.xdevapiSslTrustStoreType, "JKS") + makeParam(PropertyKey.xdevapiSslTrustStorePassword, "password"));
assertSecureSession(testSess);
testSess.close();
testSess = this.fact.getSession(this.sslFreeBaseUrl + makeParam(PropertyKey.xdevapiSslMode, XdevapiSslMode.VERIFY_CA) + makeParam(PropertyKey.xdevapiFallbackToSystemTrustStore, "false") + makeParam(PropertyKey.xdevapiSslTrustStoreUrl, "file:src/test/config/ssl-test-certs/ca-truststore") + makeParam(PropertyKey.xdevapiSslTrustStoreType, "JKS") + makeParam(PropertyKey.xdevapiSslTrustStorePassword, "password"));
assertSecureSession(testSess);
testSess.close();
}
use of com.mysql.cj.xdevapi.Session in project aws-mysql-jdbc by awslabs.
the class SecureSessionTest method testFallbackToSystemKeyStore.
/**
* Tests connection property 'xdevapi.fallback-to-system-keystore' behavior.
*
* @throws Exception
*/
@Test
public void testFallbackToSystemKeyStore() throws Exception {
assumeTrue(supportsTestCertificates(this.session), "This test requires the server configured with SSL certificates from ConnectorJ/src/test/config/ssl-test-certs");
final String user = "testFbToSysKS";
try {
Session testSession = this.fact.getSession(this.baseUrl);
testSession.sql("CREATE USER IF NOT EXISTS '" + user + "'@'%' IDENTIFIED BY 'password' REQUIRE X509").execute();
testSession.sql("GRANT ALL ON *.* TO '" + user + "'@'%'").execute();
testSession.close();
final Properties props = new Properties(this.sslFreeTestProperties);
props.setProperty(PropertyKey.USER.getKeyName(), user);
props.setProperty(PropertyKey.PASSWORD.getKeyName(), "password");
props.setProperty(PropertyKey.xdevapiSslMode.getKeyName(), XdevapiSslMode.REQUIRED.toString());
Session testSess;
/*
* Valid system-wide KeyStore.
*/
System.setProperty("javax.net.ssl.keyStore", "file:src/test/config/ssl-test-certs/client-keystore");
System.setProperty("javax.net.ssl.keyStoreType", "JKS");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
// No connection-local KeyStore.
testSess = this.fact.getSession(props);
assertSecureSession(testSess, user);
testSess.close();
props.setProperty(PropertyKey.xdevapiFallbackToSystemKeyStore.getKeyName(), "true");
testSess = this.fact.getSession(props);
assertSecureSession(testSess, user);
testSess.close();
props.setProperty(PropertyKey.xdevapiFallbackToSystemKeyStore.getKeyName(), "false");
assertThrows(XProtocolError.class, mysqlVersionMeetsMinimum(ServerVersion.parseVersion("8.0.12")) ? ".*Access denied for user '" + user + "'@.*" : ".*Current account requires TLS to be activate.", () -> this.fact.getSession(props));
props.remove(PropertyKey.xdevapiFallbackToSystemKeyStore.getKeyName());
// Invalid connection-local KeyStore:
props.setProperty(PropertyKey.xdevapiSslKeyStoreUrl.getKeyName(), "file:src/test/config/ssl-test-certs/client-keystore-ext");
props.setProperty(PropertyKey.xdevapiSslKeyStoreType.getKeyName(), "JKS");
props.setProperty(PropertyKey.xdevapiSslKeyStorePassword.getKeyName(), "password");
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(props));
props.setProperty(PropertyKey.xdevapiFallbackToSystemKeyStore.getKeyName(), "true");
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(props));
props.setProperty(PropertyKey.xdevapiFallbackToSystemKeyStore.getKeyName(), "false");
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(props));
props.remove(PropertyKey.xdevapiSslKeyStoreUrl.getKeyName());
props.remove(PropertyKey.xdevapiSslKeyStoreType.getKeyName());
props.remove(PropertyKey.xdevapiSslKeyStorePassword.getKeyName());
props.remove(PropertyKey.xdevapiFallbackToSystemKeyStore.getKeyName());
/*
* Invalid system-wide KeyStore.
*/
System.setProperty("javax.net.ssl.keyStore", "file:src/test/config/ssl-test-certs/client-keystore-ext");
System.setProperty("javax.net.ssl.keyStoreType", "JKS");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
// No connection-local KeyStore.
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(props));
props.setProperty(PropertyKey.xdevapiFallbackToSystemKeyStore.getKeyName(), "true");
assertThrows(CJCommunicationsException.class, () -> this.fact.getSession(props));
props.setProperty(PropertyKey.xdevapiFallbackToSystemKeyStore.getKeyName(), "false");
assertThrows(XProtocolError.class, mysqlVersionMeetsMinimum(ServerVersion.parseVersion("8.0.12")) ? ".*Access denied for user '" + user + "'@.*" : ".*Current account requires TLS to be activate.", () -> this.fact.getSession(props));
props.remove(PropertyKey.xdevapiFallbackToSystemKeyStore.getKeyName());
// Valid connection-local KeyStore:
props.setProperty(PropertyKey.xdevapiSslKeyStoreUrl.getKeyName(), "file:src/test/config/ssl-test-certs/client-keystore");
props.setProperty(PropertyKey.xdevapiSslKeyStoreType.getKeyName(), "JKS");
props.setProperty(PropertyKey.xdevapiSslKeyStorePassword.getKeyName(), "password");
testSess = this.fact.getSession(props);
assertSecureSession(testSess, user);
testSess.close();
props.setProperty(PropertyKey.xdevapiFallbackToSystemKeyStore.getKeyName(), "true");
testSess = this.fact.getSession(props);
assertSecureSession(testSess, user);
testSess.close();
props.setProperty(PropertyKey.xdevapiFallbackToSystemKeyStore.getKeyName(), "false");
testSess = this.fact.getSession(props);
assertSecureSession(testSess, user);
testSess.close();
} finally {
System.clearProperty("javax.net.ssl.keyStore");
System.clearProperty("javax.net.ssl.keyStoreType");
System.clearProperty("javax.net.ssl.keyStorePassword");
Session testSession = this.fact.getSession(this.baseUrl);
testSession.sql("DROP USER IF EXISTS " + user).execute();
testSession.close();
}
}
Aggregations