Search in sources :

Example 1 with SecurableCommunicationChannel

use of org.apache.geode.internal.security.SecurableCommunicationChannel in project geode by apache.

the class SSLConfigurationFactoryJUnitTest method getSSLConfigForComponentHTTPServiceWithMutualAuth.

@Test
public void getSSLConfigForComponentHTTPServiceWithMutualAuth() throws Exception {
    Properties properties = new Properties();
    properties.setProperty(SSL_ENABLED_COMPONENTS, SecurableCommunicationChannel.WEB.getConstant());
    properties.setProperty(SSL_KEYSTORE, "someKeyStore");
    properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
    properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
    properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
    properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
    properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
    properties.setProperty(SSL_WEB_ALIAS, "httpAlias");
    properties.setProperty(SSL_WEB_SERVICE_REQUIRE_AUTHENTICATION, "true");
    properties.setProperty(SSL_CIPHERS, "any");
    properties.setProperty(SSL_PROTOCOLS, "any");
    DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
    SSLConfigurationFactory.setDistributionConfig(distributionConfig);
    for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
        assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
    }
}
Also used : DistributionConfigImpl(org.apache.geode.distributed.internal.DistributionConfigImpl) Properties(java.util.Properties) RestoreSystemProperties(org.junit.contrib.java.lang.system.RestoreSystemProperties) SecurableCommunicationChannel(org.apache.geode.internal.security.SecurableCommunicationChannel) UnitTest(org.apache.geode.test.junit.categories.UnitTest) Test(org.junit.Test) MembershipTest(org.apache.geode.test.junit.categories.MembershipTest)

Example 2 with SecurableCommunicationChannel

use of org.apache.geode.internal.security.SecurableCommunicationChannel in project geode by apache.

the class SSLConfigurationFactory method createSSLConfigForComponent.

private SSLConfig createSSLConfigForComponent(final SecurableCommunicationChannel sslEnabledComponent) {
    SSLConfig sslConfig = createSSLConfig(sslEnabledComponent);
    SecurableCommunicationChannel[] sslEnabledComponents = getDistributionConfig().getSecurableCommunicationChannels();
    if (sslEnabledComponents.length == 0) {
        sslConfig = configureLegacyClusterSSL(sslConfig);
    }
    sslConfig.setSecurableCommunicationChannel(sslEnabledComponent);
    switch(sslEnabledComponent) {
        case ALL:
            {
                // Create a SSLConfig separate for HTTP Service. As the require-authentication might differ
                createSSLConfigForComponent(SecurableCommunicationChannel.WEB);
                break;
            }
        case CLUSTER:
            {
                if (sslEnabledComponents.length > 0) {
                    sslConfig = setAliasForComponent(sslConfig, getDistributionConfig().getClusterSSLAlias());
                } else {
                    sslConfig = configureLegacyClusterSSL(sslConfig);
                }
                break;
            }
        case LOCATOR:
            {
                if (sslEnabledComponents.length > 0) {
                    sslConfig = setAliasForComponent(sslConfig, getDistributionConfig().getLocatorSSLAlias());
                }
                break;
            }
        case SERVER:
            {
                if (sslEnabledComponents.length > 0) {
                    sslConfig = setAliasForComponent(sslConfig, getDistributionConfig().getServerSSLAlias());
                } else {
                    sslConfig = configureLegacyServerSSL(sslConfig);
                }
                break;
            }
        case GATEWAY:
            {
                if (sslEnabledComponents.length > 0) {
                    sslConfig = setAliasForComponent(sslConfig, getDistributionConfig().getGatewaySSLAlias());
                } else {
                    sslConfig = configureLegacyGatewaySSL(sslConfig);
                }
                break;
            }
        case WEB:
            {
                if (sslEnabledComponents.length > 0) {
                    sslConfig = setAliasForComponent(sslConfig, getDistributionConfig().getHTTPServiceSSLAlias());
                    sslConfig.setRequireAuth(getDistributionConfig().getSSLWebRequireAuthentication());
                } else {
                    sslConfig = configureLegacyHttpServiceSSL(sslConfig);
                }
                break;
            }
        case JMX:
            {
                if (sslEnabledComponents.length > 0) {
                    sslConfig = setAliasForComponent(sslConfig, getDistributionConfig().getJMXSSLAlias());
                } else {
                    sslConfig = configureLegacyJMXSSL(sslConfig);
                }
                break;
            }
    }
    configureSSLPropertiesFromSystemProperties(sslConfig);
    return sslConfig;
}
Also used : SSLConfig(org.apache.geode.internal.admin.SSLConfig) SecurableCommunicationChannel(org.apache.geode.internal.security.SecurableCommunicationChannel)

Example 3 with SecurableCommunicationChannel

use of org.apache.geode.internal.security.SecurableCommunicationChannel in project geode by apache.

the class AbstractConfig method commaDelimitedStringToSecurableCommunicationChannels.

private SecurableCommunicationChannel[] commaDelimitedStringToSecurableCommunicationChannels(final String tokenizeString) {
    StringTokenizer stringTokenizer = new StringTokenizer(tokenizeString, ",");
    SecurableCommunicationChannel[] returnArray = new SecurableCommunicationChannel[stringTokenizer.countTokens()];
    for (int i = 0; i < returnArray.length; i++) {
        String name = stringTokenizer.nextToken();
        try {
            returnArray[i] = SecurableCommunicationChannel.getEnum(name);
        } catch (Exception e) {
            throw new IllegalArgumentException(e);
        }
    }
    return returnArray;
}
Also used : StringTokenizer(java.util.StringTokenizer) SecurableCommunicationChannel(org.apache.geode.internal.security.SecurableCommunicationChannel) UnmodifiableException(org.apache.geode.UnmodifiableException) InternalGemFireException(org.apache.geode.InternalGemFireException) IOException(java.io.IOException) UnknownHostException(java.net.UnknownHostException)

Example 4 with SecurableCommunicationChannel

use of org.apache.geode.internal.security.SecurableCommunicationChannel in project geode by apache.

the class DistributionConfigImpl method validateSSLEnabledComponentsConfiguration.

private void validateSSLEnabledComponentsConfiguration() {
    Object value = null;
    try {
        Method method = getters.get(ConfigurationProperties.SSL_ENABLED_COMPONENTS);
        if (method != null) {
            value = method.invoke(this, new Object[] {});
        }
    } catch (Exception e) {
        if (e instanceof RuntimeException) {
            throw (RuntimeException) e;
        }
        if (e.getCause() instanceof RuntimeException) {
            throw (RuntimeException) e.getCause();
        } else {
            throw new InternalGemFireException("error invoking getter for property" + ConfigurationProperties.SSL_ENABLED_COMPONENTS);
        }
    }
    SecurableCommunicationChannel[] sslEnabledComponents = (SecurableCommunicationChannel[]) value;
    for (SecurableCommunicationChannel securableCommunicationChannel : sslEnabledComponents) {
        if (!isAliasCorrectlyConfiguredForComponents(securableCommunicationChannel)) {
            throw new IllegalArgumentException(LocalizedStrings.AbstractDistributionConfig_SSL_ENABLED_COMPONENTS_INVALID_ALIAS_OPTIONS.toLocalizedString());
        }
    }
}
Also used : InternalGemFireException(org.apache.geode.InternalGemFireException) Method(java.lang.reflect.Method) SecurableCommunicationChannel(org.apache.geode.internal.security.SecurableCommunicationChannel) GemFireIOException(org.apache.geode.GemFireIOException) GemFireConfigException(org.apache.geode.GemFireConfigException) InternalGemFireException(org.apache.geode.InternalGemFireException) IOException(java.io.IOException) UnknownHostException(java.net.UnknownHostException)

Example 5 with SecurableCommunicationChannel

use of org.apache.geode.internal.security.SecurableCommunicationChannel in project geode by apache.

the class SSLConfigurationFactoryJUnitTest method getSSLConfigForComponentALL.

@Test
public void getSSLConfigForComponentALL() throws Exception {
    Properties properties = new Properties();
    properties.setProperty(SSL_ENABLED_COMPONENTS, "all");
    properties.setProperty(SSL_KEYSTORE, "someKeyStore");
    properties.setProperty(SSL_KEYSTORE_PASSWORD, "keystorePassword");
    properties.setProperty(SSL_KEYSTORE_TYPE, "JKS");
    properties.setProperty(SSL_TRUSTSTORE, "someKeyStore");
    properties.setProperty(SSL_TRUSTSTORE_PASSWORD, "keystorePassword");
    properties.setProperty(SSL_DEFAULT_ALIAS, "defaultAlias");
    properties.setProperty(SSL_CIPHERS, "any");
    properties.setProperty(SSL_PROTOCOLS, "any");
    DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties);
    SSLConfigurationFactory.setDistributionConfig(distributionConfig);
    for (SecurableCommunicationChannel securableCommunicationChannel : SecurableCommunicationChannel.values()) {
        assertSSLConfig(properties, SSLConfigurationFactory.getSSLConfigForComponent(securableCommunicationChannel), securableCommunicationChannel, distributionConfig);
    }
}
Also used : DistributionConfigImpl(org.apache.geode.distributed.internal.DistributionConfigImpl) Properties(java.util.Properties) RestoreSystemProperties(org.junit.contrib.java.lang.system.RestoreSystemProperties) SecurableCommunicationChannel(org.apache.geode.internal.security.SecurableCommunicationChannel) UnitTest(org.apache.geode.test.junit.categories.UnitTest) Test(org.junit.Test) MembershipTest(org.apache.geode.test.junit.categories.MembershipTest)

Aggregations

SecurableCommunicationChannel (org.apache.geode.internal.security.SecurableCommunicationChannel)10 Properties (java.util.Properties)7 DistributionConfigImpl (org.apache.geode.distributed.internal.DistributionConfigImpl)7 MembershipTest (org.apache.geode.test.junit.categories.MembershipTest)7 UnitTest (org.apache.geode.test.junit.categories.UnitTest)7 Test (org.junit.Test)7 RestoreSystemProperties (org.junit.contrib.java.lang.system.RestoreSystemProperties)7 IOException (java.io.IOException)2 UnknownHostException (java.net.UnknownHostException)2 InternalGemFireException (org.apache.geode.InternalGemFireException)2 Method (java.lang.reflect.Method)1 StringTokenizer (java.util.StringTokenizer)1 GemFireConfigException (org.apache.geode.GemFireConfigException)1 GemFireIOException (org.apache.geode.GemFireIOException)1 UnmodifiableException (org.apache.geode.UnmodifiableException)1 SSLConfig (org.apache.geode.internal.admin.SSLConfig)1