use of org.apache.geode.distributed.internal.DistributionConfigImpl in project geode by apache.
the class SSLConfigJUnitTest method testP2pSSLPropsOverriden_GatewayPropsOverridden.
@Test
public void testP2pSSLPropsOverriden_GatewayPropsOverridden() throws Exception {
boolean sslenabled = true;
String sslprotocols = "overrriden";
String sslciphers = "overrriden";
boolean requireAuth = true;
boolean gatewayServerSslenabled = false;
String gatewayServerSslprotocols = "SSLv7";
String gatewayServerSslciphers = "RSA_WITH_GARBAGE";
boolean gatewayServerSslRequireAuth = false;
Properties gemFireProps = new Properties();
gemFireProps.put(MCAST_PORT, "0");
gemFireProps.put(CLUSTER_SSL_ENABLED, String.valueOf(sslenabled));
gemFireProps.put(CLUSTER_SSL_PROTOCOLS, sslprotocols);
gemFireProps.put(CLUSTER_SSL_CIPHERS, sslciphers);
gemFireProps.put(CLUSTER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(requireAuth));
gemFireProps.put(GATEWAY_SSL_ENABLED, String.valueOf(gatewayServerSslenabled));
gemFireProps.put(GATEWAY_SSL_PROTOCOLS, gatewayServerSslprotocols);
gemFireProps.put(GATEWAY_SSL_CIPHERS, gatewayServerSslciphers);
gemFireProps.put(GATEWAY_SSL_REQUIRE_AUTHENTICATION, String.valueOf(gatewayServerSslRequireAuth));
gemFireProps.putAll(getGfSecurityPropertiesForGateway(true));
DistributionConfigImpl config = new DistributionConfigImpl(gemFireProps);
isEqual(config.getClusterSSLEnabled(), sslenabled);
isEqual(config.getClusterSSLProtocols(), sslprotocols);
isEqual(config.getClusterSSLCiphers(), sslciphers);
isEqual(config.getClusterSSLRequireAuthentication(), requireAuth);
isEqual(config.getGatewaySSLEnabled(), gatewayServerSslenabled);
isEqual(config.getGatewaySSLProtocols(), gatewayServerSslprotocols);
isEqual(config.getGatewaySSLCiphers(), gatewayServerSslciphers);
isEqual(config.getGatewaySSLRequireAuthentication(), gatewayServerSslRequireAuth);
System.out.println(config.toLoggerString());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE), config.getClusterSSLKeyStore());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE_TYPE), config.getClusterSSLKeyStoreType());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE_PASSWORD), config.getClusterSSLKeyStorePassword());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_TRUSTSTORE), config.getClusterSSLTrustStore());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_TRUSTSTORE_PASSWORD), config.getClusterSSLTrustStorePassword());
isEqual(GATEWAY_PROPS_SUBSET_MAP.get(GATEWAY_SSL_KEYSTORE), config.getGatewaySSLKeyStore());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE_TYPE), config.getGatewaySSLKeyStoreType());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE_PASSWORD), config.getGatewaySSLKeyStorePassword());
isEqual(GATEWAY_PROPS_SUBSET_MAP.get(GATEWAY_SSL_TRUSTSTORE), config.getGatewaySSLTrustStore());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_TRUSTSTORE_PASSWORD), config.getGatewaySSLTrustStorePassword());
}
use of org.apache.geode.distributed.internal.DistributionConfigImpl in project geode by apache.
the class SSLConfigJUnitTest method testClusterSSLPropsOverriden_GatewayPropsNotOverriden.
@Test
public void testClusterSSLPropsOverriden_GatewayPropsNotOverriden() throws Exception {
boolean sslenabled = true;
String sslprotocols = "overrriden";
String sslciphers = "overrriden";
boolean requireAuth = true;
boolean gatewayServerSslenabled = false;
String gatewayServerSslprotocols = "SSLv7";
String gatewayServerSslciphers = "RSA_WITH_GARBAGE";
boolean gatewayServerSslRequireAuth = false;
Properties gemFireProps = new Properties();
gemFireProps.put(MCAST_PORT, "0");
gemFireProps.put(CLUSTER_SSL_ENABLED, String.valueOf(sslenabled));
gemFireProps.put(CLUSTER_SSL_PROTOCOLS, sslprotocols);
gemFireProps.put(CLUSTER_SSL_CIPHERS, sslciphers);
gemFireProps.put(CLUSTER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(requireAuth));
gemFireProps.putAll(getGfSecurityPropertiesForGateway(true));
DistributionConfigImpl config = new DistributionConfigImpl(gemFireProps);
isEqual(config.getClusterSSLEnabled(), sslenabled);
isEqual(config.getClusterSSLProtocols(), sslprotocols);
isEqual(config.getClusterSSLCiphers(), sslciphers);
isEqual(config.getClusterSSLRequireAuthentication(), requireAuth);
isEqual(config.getGatewaySSLEnabled(), sslenabled);
isEqual(config.getGatewaySSLProtocols(), sslprotocols);
isEqual(config.getGatewaySSLCiphers(), sslciphers);
isEqual(config.getGatewaySSLRequireAuthentication(), requireAuth);
assertFalse(config.getGatewaySSLEnabled() == gatewayServerSslenabled);
assertFalse(config.getGatewaySSLProtocols().equals(gatewayServerSslprotocols));
assertFalse(config.getGatewaySSLCiphers().equals(gatewayServerSslciphers));
assertFalse(config.getGatewaySSLRequireAuthentication() == gatewayServerSslRequireAuth);
System.out.println(config.toLoggerString());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE), config.getClusterSSLKeyStore());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE_TYPE), config.getClusterSSLKeyStoreType());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE_PASSWORD), config.getClusterSSLKeyStorePassword());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_TRUSTSTORE), config.getClusterSSLTrustStore());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_TRUSTSTORE_PASSWORD), config.getClusterSSLTrustStorePassword());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE), config.getGatewaySSLKeyStore());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE_TYPE), config.getGatewaySSLKeyStoreType());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_KEYSTORE_PASSWORD), config.getGatewaySSLKeyStorePassword());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_TRUSTSTORE), config.getGatewaySSLTrustStore());
isEqual(CLUSTER_SSL_PROPS_MAP.get(CLUSTER_SSL_TRUSTSTORE_PASSWORD), config.getGatewaySSLTrustStorePassword());
}
use of org.apache.geode.distributed.internal.DistributionConfigImpl in project geode by apache.
the class SSLConfigJUnitTest method testCustomizedManagerSslConfig.
@Test
public void testCustomizedManagerSslConfig() throws Exception {
boolean sslenabled = false;
String sslprotocols = "any";
String sslciphers = "any";
boolean requireAuth = true;
boolean jmxManagerSslenabled = true;
String jmxManagerSslprotocols = "SSLv7";
String jmxManagerSslciphers = "RSA_WITH_GARBAGE";
boolean jmxManagerSslRequireAuth = true;
Properties gemFireProps = new Properties();
gemFireProps.put(CLUSTER_SSL_ENABLED, String.valueOf(sslenabled));
gemFireProps.put(CLUSTER_SSL_PROTOCOLS, sslprotocols);
gemFireProps.put(CLUSTER_SSL_CIPHERS, sslciphers);
gemFireProps.put(CLUSTER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(requireAuth));
gemFireProps.put(JMX_MANAGER_SSL_ENABLED, String.valueOf(jmxManagerSslenabled));
gemFireProps.put(JMX_MANAGER_SSL_PROTOCOLS, jmxManagerSslprotocols);
gemFireProps.put(JMX_MANAGER_SSL_CIPHERS, jmxManagerSslciphers);
gemFireProps.put(JMX_MANAGER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(jmxManagerSslRequireAuth));
gemFireProps.putAll(getGfSecurityPropertiesJMX(false));
DistributionConfigImpl config = new DistributionConfigImpl(gemFireProps);
isEqual(config.getClusterSSLEnabled(), sslenabled);
isEqual(config.getClusterSSLProtocols(), sslprotocols);
isEqual(config.getClusterSSLCiphers(), sslciphers);
isEqual(config.getClusterSSLRequireAuthentication(), requireAuth);
isEqual(config.getJmxManagerSSLEnabled(), jmxManagerSslenabled);
isEqual(config.getJmxManagerSSLProtocols(), jmxManagerSslprotocols);
isEqual(config.getJmxManagerSSLCiphers(), jmxManagerSslciphers);
isEqual(config.getJmxManagerSSLRequireAuthentication(), jmxManagerSslRequireAuth);
isEqual(JMX_SSL_PROPS_MAP.get(JMX_MANAGER_SSL_KEYSTORE), config.getJmxManagerSSLKeyStore());
isEqual(JMX_SSL_PROPS_MAP.get(JMX_MANAGER_SSL_KEYSTORE_TYPE), config.getJmxManagerSSLKeyStoreType());
isEqual(JMX_SSL_PROPS_MAP.get(JMX_MANAGER_SSL_KEYSTORE_PASSWORD), config.getJmxManagerSSLKeyStorePassword());
isEqual(JMX_SSL_PROPS_MAP.get(JMX_MANAGER_SSL_TRUSTSTORE), config.getJmxManagerSSLTrustStore());
isEqual(JMX_SSL_PROPS_MAP.get(JMX_MANAGER_SSL_TRUSTSTORE_PASSWORD), config.getJmxManagerSSLTrustStorePassword());
}
use of org.apache.geode.distributed.internal.DistributionConfigImpl in project geode by apache.
the class SSLConfigJUnitTest method testManagerConfig.
@Test
public void testManagerConfig() throws Exception {
boolean sslenabled = false;
String sslprotocols = "any";
String sslciphers = "any";
boolean requireAuth = true;
boolean jmxManagerSslenabled = true;
String jmxManagerSslprotocols = "SSLv7";
String jmxManagerSslciphers = "RSA_WITH_GARBAGE";
boolean jmxManagerSslRequireAuth = true;
Properties gemFireProps = new Properties();
gemFireProps.put(JMX_MANAGER_SSL_ENABLED, String.valueOf(jmxManagerSslenabled));
gemFireProps.put(JMX_MANAGER_SSL_PROTOCOLS, jmxManagerSslprotocols);
gemFireProps.put(JMX_MANAGER_SSL_CIPHERS, jmxManagerSslciphers);
gemFireProps.put(JMX_MANAGER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(jmxManagerSslRequireAuth));
try {
DistributionConfigImpl config = new DistributionConfigImpl(gemFireProps);
} catch (IllegalArgumentException e) {
if (!e.toString().contains("GemFire properties \'jmx-manager-ssl\' and \'jmx-manager-ssl-enabled\' can not be used at the same time")) {
throw new Exception("did not get expected exception, got this instead...", e);
}
}
gemFireProps = new Properties();
gemFireProps.put(CLUSTER_SSL_ENABLED, String.valueOf(sslenabled));
gemFireProps.put(CLUSTER_SSL_PROTOCOLS, sslprotocols);
gemFireProps.put(CLUSTER_SSL_CIPHERS, sslciphers);
gemFireProps.put(CLUSTER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(requireAuth));
gemFireProps.put(JMX_MANAGER_SSL_ENABLED, String.valueOf(jmxManagerSslenabled));
gemFireProps.put(JMX_MANAGER_SSL_PROTOCOLS, jmxManagerSslprotocols);
gemFireProps.put(JMX_MANAGER_SSL_CIPHERS, jmxManagerSslciphers);
gemFireProps.put(JMX_MANAGER_SSL_REQUIRE_AUTHENTICATION, String.valueOf(jmxManagerSslRequireAuth));
DistributionConfigImpl config = new DistributionConfigImpl(gemFireProps);
isEqual(config.getClusterSSLEnabled(), sslenabled);
isEqual(config.getClusterSSLProtocols(), sslprotocols);
isEqual(config.getClusterSSLCiphers(), sslciphers);
isEqual(config.getClusterSSLRequireAuthentication(), requireAuth);
isEqual(config.getJmxManagerSSLEnabled(), jmxManagerSslenabled);
isEqual(config.getJmxManagerSSLProtocols(), jmxManagerSslprotocols);
isEqual(config.getJmxManagerSSLCiphers(), jmxManagerSslciphers);
isEqual(config.getJmxManagerSSLRequireAuthentication(), jmxManagerSslRequireAuth);
}
use of org.apache.geode.distributed.internal.DistributionConfigImpl in project geode by apache.
the class HTTPServiceSSLSupportJUnitTest method testSSLWithClusterSSL.
// @Ignore("disabled for unknown reason")
@Test
public void testSSLWithClusterSSL() throws Exception {
Properties localProps = new Properties();
localProps.setProperty(MCAST_PORT, "0");
localProps.setProperty(CLUSTER_SSL_ENABLED, "true");
localProps.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath());
localProps.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password");
localProps.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS");
localProps.setProperty(CLUSTER_SSL_PROTOCOLS, "SSL");
localProps.setProperty(CLUSTER_SSL_REQUIRE_AUTHENTICATION, "true");
localProps.setProperty(CLUSTER_SSL_TRUSTSTORE, jks.getCanonicalPath());
localProps.setProperty(CLUSTER_SSL_TRUSTSTORE_PASSWORD, "password");
DistributionConfigImpl config = new DistributionConfigImpl(localProps);
assertEquals(config.getHttpServiceSSLEnabled(), true);
assertEquals(config.getHttpServiceSSLKeyStore(), jks.getCanonicalPath());
assertEquals(config.getHttpServiceSSLKeyStorePassword(), "password");
assertEquals(config.getHttpServiceSSLKeyStoreType(), "JKS");
assertEquals(config.getHttpServiceSSLProtocols(), "SSL");
assertEquals(config.getHttpServiceSSLRequireAuthentication(), true);
assertEquals(config.getHttpServiceSSLTrustStore(), jks.getCanonicalPath());
assertEquals(config.getHttpServiceSSLTrustStorePassword(), "password");
}
Aggregations