use of org.apache.geode.distributed.internal.DistributionConfigImpl in project geode by apache.
the class SSLConfigurationFactoryJUnitTest method getSSLConfigUsingJavaProperties.
@Test
public void getSSLConfigUsingJavaProperties() {
Properties properties = new Properties();
properties.setProperty(CLUSTER_SSL_ENABLED, "true");
properties.setProperty(MCAST_PORT, "0");
System.setProperty(SSLConfigurationFactory.JAVAX_KEYSTORE, "keystore");
System.setProperty(SSLConfigurationFactory.JAVAX_KEYSTORE_TYPE, "JKS");
System.setProperty(SSLConfigurationFactory.JAVAX_KEYSTORE_PASSWORD, "keystorePassword");
System.setProperty(SSLConfigurationFactory.JAVAX_TRUSTSTORE, "truststore");
System.setProperty(SSLConfigurationFactory.JAVAX_TRUSTSTORE_PASSWORD, "truststorePassword");
System.setProperty(SSLConfigurationFactory.JAVAX_TRUSTSTORE_TYPE, "JKS");
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
SSLConfigurationFactory.setDistributionConfig(distributionConfig);
SSLConfig sslConfig = SSLConfigurationFactory.getSSLConfigForComponent(SecurableCommunicationChannel.CLUSTER);
assertEquals(true, sslConfig.isEnabled());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_KEYSTORE), sslConfig.getKeystore());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_KEYSTORE_PASSWORD), sslConfig.getKeystorePassword());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_KEYSTORE_TYPE), sslConfig.getKeystoreType());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_TRUSTSTORE), sslConfig.getTruststore());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_TRUSTSTORE_PASSWORD), sslConfig.getTruststorePassword());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_TRUSTSTORE_TYPE), sslConfig.getTruststoreType());
assertEquals(true, sslConfig.isEnabled());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_KEYSTORE), sslConfig.getKeystore());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_KEYSTORE_PASSWORD), sslConfig.getKeystorePassword());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_KEYSTORE_TYPE), sslConfig.getKeystoreType());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_TRUSTSTORE), sslConfig.getTruststore());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_TRUSTSTORE_PASSWORD), sslConfig.getTruststorePassword());
assertEquals(System.getProperty(SSLConfigurationFactory.JAVAX_TRUSTSTORE_TYPE), sslConfig.getTruststoreType());
}
use of org.apache.geode.distributed.internal.DistributionConfigImpl in project geode by apache.
the class SSLConfigurationFactoryJUnitTest method getSSLHTTPMutualAuthenticationOffWithDefaultConfiguration.
@Test
public void getSSLHTTPMutualAuthenticationOffWithDefaultConfiguration() {
Properties properties = new Properties();
properties.setProperty(CLUSTER_SSL_ENABLED, "true");
properties.setProperty(MCAST_PORT, "0");
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
SSLConfigurationFactory.setDistributionConfig(distributionConfig);
SSLConfig sslConfig = SSLConfigurationFactory.getSSLConfigForComponent(SecurableCommunicationChannel.WEB);
assertEquals(false, sslConfig.isRequireAuth());
assertEquals(true, sslConfig.isEnabled());
sslConfig = SSLConfigurationFactory.getSSLConfigForComponent(SecurableCommunicationChannel.CLUSTER);
assertEquals(true, sslConfig.isRequireAuth());
assertEquals(true, sslConfig.isEnabled());
sslConfig = SSLConfigurationFactory.getSSLConfigForComponent(SecurableCommunicationChannel.GATEWAY);
assertEquals(true, sslConfig.isRequireAuth());
assertEquals(true, sslConfig.isEnabled());
sslConfig = SSLConfigurationFactory.getSSLConfigForComponent(SecurableCommunicationChannel.SERVER);
assertEquals(true, sslConfig.isRequireAuth());
assertEquals(true, sslConfig.isEnabled());
sslConfig = SSLConfigurationFactory.getSSLConfigForComponent(SecurableCommunicationChannel.JMX);
assertEquals(true, sslConfig.isRequireAuth());
assertEquals(true, sslConfig.isEnabled());
}
use of org.apache.geode.distributed.internal.DistributionConfigImpl in project geode by apache.
the class SSLConfigurationFactoryJUnitTest method getSSLConfigForComponentHTTPServiceWithMutualAuth.
@Test
public void getSSLConfigForComponentHTTPServiceWithMutualAuth() throws Exception {
Properties properties = new Properties();
properties.setProperty(SSL_ENABLED_COMPONENTS, SecurableCommunicationChannel.WEB.getConstant());
properties.setProperty(SSL_KEYSTORE, "someKeyStore");
properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
properties.setProperty(SSL_WEB_ALIAS, "httpAlias");
properties.setProperty(SSL_WEB_SERVICE_REQUIRE_AUTHENTICATION, "true");
properties.setProperty(SSL_CIPHERS, "any");
properties.setProperty(SSL_PROTOCOLS, "any");
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
SSLConfigurationFactory.setDistributionConfig(distributionConfig);
for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
}
}
use of org.apache.geode.distributed.internal.DistributionConfigImpl in project geode by apache.
the class SSLSocketIntegrationTest method setUp.
@Before
public void setUp() throws Exception {
File keystore = findTestKeystore();
System.setProperty("javax.net.ssl.trustStore", keystore.getCanonicalPath());
System.setProperty("javax.net.ssl.trustStorePassword", "password");
System.setProperty("javax.net.ssl.keyStore", keystore.getCanonicalPath());
System.setProperty("javax.net.ssl.keyStorePassword", "password");
Properties properties = new Properties();
properties.setProperty(MCAST_PORT, "0");
properties.setProperty(CLUSTER_SSL_ENABLED, "true");
properties.setProperty(CLUSTER_SSL_REQUIRE_AUTHENTICATION, "true");
properties.setProperty(CLUSTER_SSL_CIPHERS, "any");
properties.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1.2");
this.distributionConfig = new DistributionConfigImpl(properties);
SocketCreatorFactory.setDistributionConfig(this.distributionConfig);
this.socketCreator = SocketCreatorFactory.getSocketCreatorForComponent(CLUSTER);
this.localHost = InetAddress.getLocalHost();
}
use of org.apache.geode.distributed.internal.DistributionConfigImpl in project geode by apache.
the class SocketCreatorFactoryJUnitTest method testLegacyGatewaySSLConfig.
@Test
public void testLegacyGatewaySSLConfig() throws IOException {
File jks = findTestJKS();
Properties properties = new Properties();
properties.setProperty(MCAST_PORT, "0");
properties.setProperty(GATEWAY_SSL_REQUIRE_AUTHENTICATION, "true");
properties.setProperty(GATEWAY_SSL_ENABLED, "true");
properties.setProperty(GATEWAY_SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA");
properties.setProperty(GATEWAY_SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2");
properties.setProperty(GATEWAY_SSL_KEYSTORE, jks.getCanonicalPath());
properties.setProperty(GATEWAY_SSL_KEYSTORE_PASSWORD, "password");
properties.setProperty(GATEWAY_SSL_KEYSTORE_TYPE, "JKS");
properties.setProperty(GATEWAY_SSL_TRUSTSTORE, jks.getCanonicalPath());
properties.setProperty(GATEWAY_SSL_TRUSTSTORE_PASSWORD, "password");
DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
SocketCreatorFactory.setDistributionConfig(distributionConfig);
assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL());
assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL());
assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL());
assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL());
assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL());
assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL());
}
Aggregations