GEODE-1941: Added tests for SSL config for SocketFactory
Project: http://git-wip-us.apache.org/repos/asf/incubator-geode/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-geode/commit/7254cf3f Tree: http://git-wip-us.apache.org/repos/asf/incubator-geode/tree/7254cf3f Diff: http://git-wip-us.apache.org/repos/asf/incubator-geode/diff/7254cf3f Branch: refs/heads/feature/e2e-testing Commit: 7254cf3fb0ceb2255650d96f2b0ed615118ef700 Parents: 8c7efba Author: Udo Kohlmeyer <ukohlme...@pivotal.io> Authored: Thu Sep 29 04:52:54 2016 +1000 Committer: Udo Kohlmeyer <ukohlme...@pivotal.io> Committed: Thu Sep 29 04:52:54 2016 +1000 ---------------------------------------------------------------------- .../net/SocketCreatorFactoryJUnitTest.java | 340 +++++++++++++------ 1 file changed, 237 insertions(+), 103 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-geode/blob/7254cf3f/geode-core/src/test/java/org/apache/geode/internal/net/SocketCreatorFactoryJUnitTest.java ---------------------------------------------------------------------- diff --git a/geode-core/src/test/java/org/apache/geode/internal/net/SocketCreatorFactoryJUnitTest.java b/geode-core/src/test/java/org/apache/geode/internal/net/SocketCreatorFactoryJUnitTest.java index 7405eae..232eb61 100644 --- a/geode-core/src/test/java/org/apache/geode/internal/net/SocketCreatorFactoryJUnitTest.java +++ b/geode-core/src/test/java/org/apache/geode/internal/net/SocketCreatorFactoryJUnitTest.java @@ -17,169 +17,168 @@ package org.apache.geode.internal.net; import static org.apache.geode.distributed.ConfigurationProperties.*; -import static org.apache.geode.internal.net.SocketCreatorFactory.*; -import static org.apache.geode.internal.security.SecurableCommunicationChannel.*; import static org.junit.Assert.*; import java.io.File; import java.io.IOException; import java.util.Properties; +import org.apache.geode.internal.security.SecurableCommunicationChannel; +import org.apache.geode.test.junit.categories.UnitTest; import org.junit.After; import org.junit.Test; import org.junit.experimental.categories.Category; import org.apache.geode.distributed.internal.DistributionConfigImpl; -import org.apache.geode.test.junit.categories.IntegrationTest; import org.apache.geode.util.test.TestUtil; -@Category(IntegrationTest.class) +@Category(UnitTest.class) public class SocketCreatorFactoryJUnitTest { @After public void tearDown() throws Exception { - close(); + SocketCreatorFactory.close(); } @Test public void testNewSSLConfigSSLComponentLocator() throws Exception { - Properties properties = configureSSLProperties(LOCATOR.getConstant()); + Properties properties = configureSSLProperties(SecurableCommunicationChannel.LOCATOR.getConstant()); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); - setDistributionConfig(distributionConfig); - - assertTrue(getSocketCreatorForComponent(LOCATOR).useSSL()); - assertFalse(getSocketCreatorForComponent(CLUSTER).useSSL()); - assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL()); - assertFalse(getSocketCreatorForComponent(JMX).useSSL()); - assertFalse(getSocketCreatorForComponent(SERVER).useSSL()); - assertFalse(getSocketCreatorForComponent(WEB).useSSL()); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); } @Test public void testNewSSLConfigSSLComponentALL() throws Exception { - Properties properties = configureSSLProperties(ALL.getConstant()); + Properties properties = configureSSLProperties(SecurableCommunicationChannel.ALL.getConstant()); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); - setDistributionConfig(distributionConfig); - - assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL()); - assertTrue(getSocketCreatorForComponent(LOCATOR).useSSL()); - assertTrue(getSocketCreatorForComponent(GATEWAY).useSSL()); - assertTrue(getSocketCreatorForComponent(JMX).useSSL()); - assertTrue(getSocketCreatorForComponent(SERVER).useSSL()); - assertTrue(getSocketCreatorForComponent(WEB).useSSL()); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); } @Test public void testNewSSLConfigSSLComponentCLUSTER() throws Exception { - Properties properties = configureSSLProperties(CLUSTER.getConstant()); + Properties properties = configureSSLProperties(SecurableCommunicationChannel.CLUSTER.getConstant()); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); - setDistributionConfig(distributionConfig); - - assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL()); - assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL()); - assertFalse(getSocketCreatorForComponent(JMX).useSSL()); - assertFalse(getSocketCreatorForComponent(SERVER).useSSL()); - assertFalse(getSocketCreatorForComponent(WEB).useSSL()); - assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL()); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); } @Test public void testNewSSLConfigSSLComponentGATEWAY() throws Exception { - Properties properties = configureSSLProperties(GATEWAY.getConstant()); + Properties properties = configureSSLProperties(SecurableCommunicationChannel.GATEWAY.getConstant()); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); - setDistributionConfig(distributionConfig); - - assertFalse(getSocketCreatorForComponent(CLUSTER).useSSL()); - assertTrue(getSocketCreatorForComponent(GATEWAY).useSSL()); - assertFalse(getSocketCreatorForComponent(JMX).useSSL()); - assertFalse(getSocketCreatorForComponent(SERVER).useSSL()); - assertFalse(getSocketCreatorForComponent(WEB).useSSL()); - assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL()); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); } @Test public void testNewSSLConfigSSLComponentHTTP_SERVICE() throws Exception { - Properties properties = configureSSLProperties(WEB.getConstant()); + Properties properties = configureSSLProperties(SecurableCommunicationChannel.WEB.getConstant()); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); - setDistributionConfig(distributionConfig); - - assertFalse(getSocketCreatorForComponent(CLUSTER).useSSL()); - assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL()); - assertFalse(getSocketCreatorForComponent(JMX).useSSL()); - assertFalse(getSocketCreatorForComponent(SERVER).useSSL()); - assertTrue(getSocketCreatorForComponent(WEB).useSSL()); - assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL()); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); } @Test public void testNewSSLConfigSSLComponentJMX() throws Exception { - Properties properties = configureSSLProperties(JMX.getConstant()); + Properties properties = configureSSLProperties(SecurableCommunicationChannel.JMX.getConstant()); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); - setDistributionConfig(distributionConfig); - - assertFalse(getSocketCreatorForComponent(CLUSTER).useSSL()); - assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL()); - assertTrue(getSocketCreatorForComponent(JMX).useSSL()); - assertFalse(getSocketCreatorForComponent(SERVER).useSSL()); - assertFalse(getSocketCreatorForComponent(WEB).useSSL()); - assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL()); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); } @Test public void testNewSSLConfigSSLComponentSERVER() throws Exception { - Properties properties = configureSSLProperties(SERVER.getConstant()); + Properties properties = configureSSLProperties(SecurableCommunicationChannel.SERVER.getConstant()); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); - setDistributionConfig(distributionConfig); + SocketCreatorFactory.setDistributionConfig(distributionConfig); - assertFalse(getSocketCreatorForComponent(CLUSTER).useSSL()); - assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL()); - assertFalse(getSocketCreatorForComponent(JMX).useSSL()); - assertTrue(getSocketCreatorForComponent(SERVER).useSSL()); - assertFalse(getSocketCreatorForComponent(WEB).useSSL()); - assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); } @Test public void testNewSSLConfigSSLComponentCombinations1() throws Exception { - Properties properties = configureSSLProperties(commaDelimitedString(CLUSTER.getConstant(), SERVER.getConstant())); + Properties properties = configureSSLProperties(commaDelimitedString(SecurableCommunicationChannel.CLUSTER.getConstant(), SecurableCommunicationChannel.SERVER.getConstant())); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); - setDistributionConfig(distributionConfig); - - assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL()); - assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL()); - assertFalse(getSocketCreatorForComponent(JMX).useSSL()); - assertTrue(getSocketCreatorForComponent(SERVER).useSSL()); - assertFalse(getSocketCreatorForComponent(WEB).useSSL()); - assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL()); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); } @Test public void testNewSSLConfigSSLComponentCombinations2() throws Exception { - Properties properties = configureSSLProperties(commaDelimitedString(CLUSTER.getConstant(), SERVER.getConstant(), WEB.getConstant(), JMX.getConstant())); + Properties properties = configureSSLProperties(commaDelimitedString(SecurableCommunicationChannel.CLUSTER.getConstant(), SecurableCommunicationChannel.SERVER.getConstant(), SecurableCommunicationChannel.WEB.getConstant(), SecurableCommunicationChannel.JMX.getConstant())); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); - setDistributionConfig(distributionConfig); - - assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL()); - assertFalse(getSocketCreatorForComponent(GATEWAY).useSSL()); - assertTrue(getSocketCreatorForComponent(JMX).useSSL()); - assertTrue(getSocketCreatorForComponent(SERVER).useSSL()); - assertTrue(getSocketCreatorForComponent(WEB).useSSL()); - assertFalse(getSocketCreatorForComponent(LOCATOR).useSSL()); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); } @Test public void testNewSSLConfigSSLComponentAliasWithMultiKeyStore() throws Exception { - Properties properties = configureSSLProperties(ALL.getConstant()); + Properties properties = configureSSLProperties(SecurableCommunicationChannel.ALL.getConstant()); properties.setProperty(SSL_KEYSTORE, TestUtil.getResourcePath(getClass(), "/org/apache/geode/internal/net/multiKey.jks")); properties.setProperty(SSL_TRUSTSTORE, TestUtil.getResourcePath(getClass(), "/org/apache/geode/internal/net/multiKeyTrust.jks")); @@ -188,32 +187,32 @@ public class SocketCreatorFactoryJUnitTest { properties.setProperty(SSL_DEFAULT_ALIAS, "serverKey"); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); - setDistributionConfig(distributionConfig); - - assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL()); - assertTrue(getSocketCreatorForComponent(GATEWAY).useSSL()); - assertTrue(getSocketCreatorForComponent(JMX).useSSL()); - assertTrue(getSocketCreatorForComponent(SERVER).useSSL()); - assertTrue(getSocketCreatorForComponent(WEB).useSSL()); - assertTrue(getSocketCreatorForComponent(LOCATOR).useSSL()); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); } @Test public void testNewSSLConfigSSLComponentWithoutAliasWithMultiKeyStore() throws Exception { - Properties properties = configureSSLProperties(ALL.getConstant()); + Properties properties = configureSSLProperties(SecurableCommunicationChannel.ALL.getConstant()); properties.setProperty(SSL_KEYSTORE, TestUtil.getResourcePath(getClass(), "/org/apache/geode/internal/net/multiKey.jks")); properties.setProperty(SSL_TRUSTSTORE, TestUtil.getResourcePath(getClass(), "/org/apache/geode/internal/net/multiKeyTrust.jks")); DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); - setDistributionConfig(distributionConfig); - - assertTrue(getSocketCreatorForComponent(CLUSTER).useSSL()); - assertTrue(getSocketCreatorForComponent(GATEWAY).useSSL()); - assertTrue(getSocketCreatorForComponent(JMX).useSSL()); - assertTrue(getSocketCreatorForComponent(SERVER).useSSL()); - assertTrue(getSocketCreatorForComponent(WEB).useSSL()); - assertTrue(getSocketCreatorForComponent(LOCATOR).useSSL()); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); } private Properties configureSSLProperties(String sslComponents) throws IOException { @@ -243,6 +242,141 @@ public class SocketCreatorFactoryJUnitTest { return stringBuilder.substring(0, stringBuilder.length() - 1); } + @Test + public void testLegacyServerSSLConfig() throws IOException { + File jks = findTestJKS(); + + Properties properties = new Properties(); + properties.setProperty(MCAST_PORT, "0"); + properties.setProperty(SERVER_SSL_REQUIRE_AUTHENTICATION, "true"); + properties.setProperty(SERVER_SSL_ENABLED, "true"); + properties.setProperty(SERVER_SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"); + properties.setProperty(SERVER_SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2"); + properties.setProperty(SERVER_SSL_KEYSTORE, jks.getCanonicalPath()); + properties.setProperty(SERVER_SSL_KEYSTORE_PASSWORD, "password"); + properties.setProperty(SERVER_SSL_KEYSTORE_TYPE, "JKS"); + properties.setProperty(SERVER_SSL_TRUSTSTORE, jks.getCanonicalPath()); + properties.setProperty(SERVER_SSL_TRUSTSTORE_PASSWORD, "password"); + + DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); + } + + @Test + public void testLegacyClusterSSLConfig() throws IOException { + File jks = findTestJKS(); + + Properties properties = new Properties(); + properties.setProperty(MCAST_PORT, "0"); + properties.setProperty(CLUSTER_SSL_REQUIRE_AUTHENTICATION, "true"); + properties.setProperty(CLUSTER_SSL_ENABLED, "true"); + properties.setProperty(CLUSTER_SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"); + properties.setProperty(CLUSTER_SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2"); + properties.setProperty(CLUSTER_SSL_KEYSTORE, jks.getCanonicalPath()); + properties.setProperty(CLUSTER_SSL_KEYSTORE_PASSWORD, "password"); + properties.setProperty(CLUSTER_SSL_KEYSTORE_TYPE, "JKS"); + properties.setProperty(CLUSTER_SSL_TRUSTSTORE, jks.getCanonicalPath()); + properties.setProperty(CLUSTER_SSL_TRUSTSTORE_PASSWORD, "password"); + + DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); + } + + @Test + public void testLegacyJMXSSLConfig() throws IOException { + File jks = findTestJKS(); + + Properties properties = new Properties(); + properties.setProperty(MCAST_PORT, "0"); + properties.setProperty(JMX_MANAGER_SSL_REQUIRE_AUTHENTICATION, "true"); + properties.setProperty(JMX_MANAGER_SSL_ENABLED, "true"); + properties.setProperty(JMX_MANAGER_SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"); + properties.setProperty(JMX_MANAGER_SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2"); + properties.setProperty(JMX_MANAGER_SSL_KEYSTORE, jks.getCanonicalPath()); + properties.setProperty(JMX_MANAGER_SSL_KEYSTORE_PASSWORD, "password"); + properties.setProperty(JMX_MANAGER_SSL_KEYSTORE_TYPE, "JKS"); + properties.setProperty(JMX_MANAGER_SSL_TRUSTSTORE, jks.getCanonicalPath()); + properties.setProperty(JMX_MANAGER_SSL_TRUSTSTORE_PASSWORD, "password"); + + DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); + } + + @Test + public void testLegacyGatewaySSLConfig() throws IOException { + File jks = findTestJKS(); + + Properties properties = new Properties(); + properties.setProperty(MCAST_PORT, "0"); + properties.setProperty(GATEWAY_SSL_REQUIRE_AUTHENTICATION, "true"); + properties.setProperty(GATEWAY_SSL_ENABLED, "true"); + properties.setProperty(GATEWAY_SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"); + properties.setProperty(GATEWAY_SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2"); + properties.setProperty(GATEWAY_SSL_KEYSTORE, jks.getCanonicalPath()); + properties.setProperty(GATEWAY_SSL_KEYSTORE_PASSWORD, "password"); + properties.setProperty(GATEWAY_SSL_KEYSTORE_TYPE, "JKS"); + properties.setProperty(GATEWAY_SSL_TRUSTSTORE, jks.getCanonicalPath()); + properties.setProperty(GATEWAY_SSL_TRUSTSTORE_PASSWORD, "password"); + + DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); + } + + @Test + public void testLegacyHttpServiceSSLConfig() throws IOException { + File jks = findTestJKS(); + + Properties properties = new Properties(); + properties.setProperty(MCAST_PORT, "0"); + properties.setProperty(HTTP_SERVICE_SSL_REQUIRE_AUTHENTICATION, "true"); + properties.setProperty(HTTP_SERVICE_SSL_ENABLED, "true"); + properties.setProperty(HTTP_SERVICE_SSL_CIPHERS, "TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"); + properties.setProperty(HTTP_SERVICE_SSL_PROTOCOLS, "TLSv1,TLSv1.1,TLSv1.2"); + properties.setProperty(HTTP_SERVICE_SSL_KEYSTORE, jks.getCanonicalPath()); + properties.setProperty(HTTP_SERVICE_SSL_KEYSTORE_PASSWORD, "password"); + properties.setProperty(HTTP_SERVICE_SSL_KEYSTORE_TYPE, "JKS"); + properties.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE, jks.getCanonicalPath()); + properties.setProperty(HTTP_SERVICE_SSL_TRUSTSTORE_PASSWORD, "password"); + + DistributionConfigImpl distributionConfig = new DistributionConfigImpl(properties); + SocketCreatorFactory.setDistributionConfig(distributionConfig); + + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.GATEWAY).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.JMX).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.SERVER).useSSL()); + assertTrue(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.WEB).useSSL()); + assertFalse(SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.LOCATOR).useSSL()); + } + private File findTestJKS() { return new File(TestUtil.getResourcePath(getClass(), "/ssl/trusted.keystore")); }
