Author: kwall
Date: Sun Oct 16 17:45:16 2011
New Revision: 1184882
URL: http://svn.apache.org/viewvc?rev=1184882&view=rev
Log:
QPID-3517: Inconsistent SSL configuration keys in Java Broker in config.xml
Modified:
qpid/trunk/qpid/doc/book/src/Configure-Java-Qpid-to-use-a-SSL-connection.xml
qpid/trunk/qpid/java/broker-plugins/experimental/info/src/main/java/org/apache/qpid/info/AppInfo.java
qpid/trunk/qpid/java/broker/etc/config.xml
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/Broker.java
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java
qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
qpid/trunk/qpid/java/systests/etc/config-systests-firewall-2.xml
qpid/trunk/qpid/java/systests/etc/config-systests-firewall-3.xml
qpid/trunk/qpid/java/systests/etc/config-systests-settings.xml
Modified:
qpid/trunk/qpid/doc/book/src/Configure-Java-Qpid-to-use-a-SSL-connection.xml
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/doc/book/src/Configure-Java-Qpid-to-use-a-SSL-connection.xml?rev=1184882&r1=1184881&r2=1184882&view=diff
==============================================================================
---
qpid/trunk/qpid/doc/book/src/Configure-Java-Qpid-to-use-a-SSL-connection.xml
(original)
+++
qpid/trunk/qpid/doc/book/src/Configure-Java-Qpid-to-use-a-SSL-connection.xml
Sun Oct 16 17:45:16 2011
@@ -51,8 +51,8 @@
<ssl>
<enabled>true</enabled>
<sslOnly>true</sslOnly>
- <keystorePath>/path/to/keystore.ks</keystorePath>
- <keystorePassword>keystorepass</keystorePassword>
+ <keyStorePath>/path/to/keystore.ks</keyStorePath>
+ <keyStorePassword>keystorepass</keyStorePassword>
</ssl>
</programlisting>
Modified:
qpid/trunk/qpid/java/broker-plugins/experimental/info/src/main/java/org/apache/qpid/info/AppInfo.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker-plugins/experimental/info/src/main/java/org/apache/qpid/info/AppInfo.java?rev=1184882&r1=1184881&r2=1184882&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker-plugins/experimental/info/src/main/java/org/apache/qpid/info/AppInfo.java
(original)
+++
qpid/trunk/qpid/java/broker-plugins/experimental/info/src/main/java/org/apache/qpid/info/AppInfo.java
Sun Oct 16 17:45:16 2011
@@ -74,9 +74,9 @@ public class AppInfo
appInfoMap.put("port", sc.getPorts().toString());
appInfoMap.put("version", QpidProperties.getReleaseVersion());
appInfoMap.put("vhosts", "standalone");
- appInfoMap.put("KeystorePath", sc.getKeystorePath());
+ appInfoMap.put("KeystorePath", sc.getConnectorKeyStorePath());
appInfoMap.put("PluginDirectory", sc.getPluginDirectory());
- appInfoMap.put("CertType", sc.getCertType());
+ appInfoMap.put("CertType", sc.getConnectorCertType());
appInfoMap.put("QpidWork", sc.getQpidWork());
appInfoMap.put("Bind", sc.getBind());
}
Modified: qpid/trunk/qpid/java/broker/etc/config.xml
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker/etc/config.xml?rev=1184882&r1=1184881&r2=1184882&view=diff
==============================================================================
--- qpid/trunk/qpid/java/broker/etc/config.xml (original)
+++ qpid/trunk/qpid/java/broker/etc/config.xml Sun Oct 16 17:45:16 2011
@@ -35,8 +35,8 @@
<enabled>false</enabled>
<port>5671</port>
<sslOnly>false</sslOnly>
- <keystorePath>/path/to/keystore.ks</keystorePath>
- <keystorePassword>keystorepass</keystorePassword>
+ <keyStorePath>/path/to/keystore.ks</keyStorePath>
+ <keyStorePassword>keystorepass</keyStorePassword>
</ssl>
<port>5672</port>
<socketReceiveBuffer>262144</socketReceiveBuffer>
Modified:
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/Broker.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/Broker.java?rev=1184882&r1=1184881&r2=1184882&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/Broker.java
(original)
+++
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/Broker.java
Sun Oct 16 17:45:16 2011
@@ -210,9 +210,9 @@ public class Broker
if (serverConfig.getEnableSSL())
{
- final String keystorePath = serverConfig.getKeystorePath();
- final String keystorePassword =
serverConfig.getKeystorePassword();
- final String certType = serverConfig.getCertType();
+ final String keystorePath =
serverConfig.getConnectorKeyStorePath();
+ final String keystorePassword =
serverConfig.getConnectorKeyStorePassword();
+ final String certType = serverConfig.getConnectorCertType();
final SSLContext sslContext =
SSLContextFactory.buildServerContext(keystorePath, keystorePassword, certType);
for(int sslPort : sslPorts)
Modified:
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java?rev=1184882&r1=1184881&r2=1184882&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java
(original)
+++
qpid/trunk/qpid/java/broker/src/main/java/org/apache/qpid/server/configuration/ServerConfiguration.java
Sun Oct 16 17:45:16 2011
@@ -123,7 +123,7 @@ public class ServerConfiguration extends
* Configuration Manager to be initialised in the Application Registry.
* <p>
* If using this ServerConfiguration via an ApplicationRegistry there is no
- * need to explictly call {@link #initialise()} as this is done via the
+ * need to explicitly call {@link #initialise()} as this is done via the
* {@link ApplicationRegistry#initialise()} method.
*
* @param configurationURL
@@ -169,7 +169,7 @@ public class ServerConfiguration extends
* Configuration Manager to be initialised in the Application Registry.
* <p>
* If using this ServerConfiguration via an ApplicationRegistry there is
no
- * need to explictly call {@link #initialise()} as this is done via the
+ * need to explicitly call {@link #initialise()} as this is done via the
* {@link ApplicationRegistry#initialise()} method.
*
* @param conf
@@ -239,6 +239,22 @@ public class ServerConfiguration extends
+ (_configFile == null ? "" : " Configuration file : " +
_configFile);
throw new ConfigurationException(message);
}
+
+ // QPID-3517: Inconsistency in capitalisation in the SSL configuration
keys used within the connector and management configuration
+ // sections. For the moment, continue to understand both but generate
a deprecated warning if the less preferred keystore is used.
+ for (String key : new String[] {"management.ssl.keystorePath",
+ "management.ssl.keystorePassword," +
+ "connector.ssl.keystorePath",
+ "connector.ssl.keystorePassword"})
+ {
+ if (contains(key))
+ {
+ final String deprecatedXpath = key.replaceAll("\\.", "/");
+ final String preferredXpath =
deprecatedXpath.replaceAll("keystore", "keyStore");
+ _logger.warn("Validation warning: " + deprecatedXpath + " is
deprecated and must be replaced by " + preferredXpath
+ + (_configFile == null ? "" : " Configuration file : "
+ _configFile));
+ }
+ }
}
/*
@@ -404,7 +420,7 @@ public class ServerConfiguration extends
public final static Configuration flatConfig(File file) throws
ConfigurationException
{
// We have to override the interpolate methods so that
- // interpolation takes place accross the entirety of the
+ // interpolation takes place across the entirety of the
// composite configuration. Without doing this each
// configuration object only interpolates variables defined
// inside itself.
@@ -551,7 +567,8 @@ public class ServerConfiguration extends
public String getManagementKeyStorePath()
{
- return getStringValue("management.ssl.keyStorePath");
+ final String fallback = getStringValue("management.ssl.keystorePath");
+ return getStringValue("management.ssl.keyStorePath", fallback);
}
public boolean getManagementSSLEnabled()
@@ -561,7 +578,8 @@ public class ServerConfiguration extends
public String getManagementKeyStorePassword()
{
- return getStringValue("management.ssl.keyStorePassword");
+ final String fallback =
getStringValue("management.ssl.keystorePassword");
+ return getStringValue("management.ssl.keyStorePassword", fallback);
}
public boolean getQueueAutoRegister()
@@ -699,17 +717,19 @@ public class ServerConfiguration extends
return getListValue("connector.ssl.port",
Collections.<Integer>singletonList(DEFAULT_SSL_PORT));
}
- public String getKeystorePath()
+ public String getConnectorKeyStorePath()
{
- return getStringValue("connector.ssl.keystorePath");
+ final String fallback = getStringValue("connector.ssl.keystorePath");
// pre-0.13 broker supported this name.
+ return getStringValue("connector.ssl.keyStorePath", fallback);
}
- public String getKeystorePassword()
+ public String getConnectorKeyStorePassword()
{
- return getStringValue("connector.ssl.keystorePassword");
+ final String fallback =
getStringValue("connector.ssl.keystorePassword"); // pre-0.13 brokers supported
this name.
+ return getStringValue("connector.ssl.keyStorePassword", fallback);
}
- public String getCertType()
+ public String getConnectorCertType()
{
return getStringValue("connector.ssl.certType", "SunX509");
}
Modified:
qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java?rev=1184882&r1=1184881&r2=1184882&view=diff
==============================================================================
---
qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
(original)
+++
qpid/trunk/qpid/java/broker/src/test/java/org/apache/qpid/server/configuration/ServerConfigurationTest.java
Sun Oct 16 17:45:16 2011
@@ -256,7 +256,7 @@ public class ServerConfigurationTest ext
assertEquals(false, _serverConfig.getManagementSSLEnabled());
}
- public void testGetManagementKeyStorePassword() throws
ConfigurationException
+ public void testGetManagementKeystorePassword() throws
ConfigurationException
{
// Check default
_serverConfig.initialise();
@@ -534,43 +534,57 @@ public class ServerConfigurationTest ext
assertEquals("10", _serverConfig.getSSLPorts().get(0));
}
- public void testGetKeystorePath() throws ConfigurationException
+ public void testGetConnectorKeystorePath() throws ConfigurationException
{
// Check default
_serverConfig.initialise();
- assertNull(_serverConfig.getKeystorePath());
+ assertNull(_serverConfig.getConnectorKeyStorePath());
// Check value we set
- _config.setProperty("connector.ssl.keystorePath", "a");
+ _config.setProperty("connector.ssl.keyStorePath", "a");
_serverConfig = new ServerConfiguration(_config);
_serverConfig.initialise();
- assertEquals("a", _serverConfig.getKeystorePath());
+ assertEquals("a", _serverConfig.getConnectorKeyStorePath());
+
+ // Ensure we continue to support the old name keystorePath
+ _config.clearProperty("connector.ssl.keyStorePath");
+ _config.setProperty("connector.ssl.keystorePath", "b");
+ _serverConfig = new ServerConfiguration(_config);
+ _serverConfig.initialise();
+ assertEquals("b", _serverConfig.getConnectorKeyStorePath());
}
- public void testGetKeystorePassword() throws ConfigurationException
+ public void testGetConnectorKeystorePassword() throws
ConfigurationException
{
// Check default
_serverConfig.initialise();
- assertNull(_serverConfig.getKeystorePassword());
+ assertNull(_serverConfig.getConnectorKeyStorePassword());
// Check value we set
- _config.setProperty("connector.ssl.keystorePassword", "a");
+ _config.setProperty("connector.ssl.keyStorePassword", "a");
+ _serverConfig = new ServerConfiguration(_config);
+ _serverConfig.initialise();
+ assertEquals("a", _serverConfig.getConnectorKeyStorePassword());
+
+ // Ensure we continue to support the old name keystorePassword
+ _config.clearProperty("connector.ssl.keyStorePassword");
+ _config.setProperty("connector.ssl.keystorePassword", "b");
_serverConfig = new ServerConfiguration(_config);
_serverConfig.initialise();
- assertEquals("a", _serverConfig.getKeystorePassword());
+ assertEquals("b", _serverConfig.getConnectorKeyStorePassword());
}
- public void testGetCertType() throws ConfigurationException
+ public void testGetConnectorCertType() throws ConfigurationException
{
// Check default
_serverConfig.initialise();
- assertEquals("SunX509", _serverConfig.getCertType());
+ assertEquals("SunX509", _serverConfig.getConnectorCertType());
// Check value we set
_config.setProperty("connector.ssl.certType", "a");
_serverConfig = new ServerConfiguration(_config);
_serverConfig.initialise();
- assertEquals("a", _serverConfig.getCertType());
+ assertEquals("a", _serverConfig.getConnectorCertType());
}
public void testGetUseBiasedWrites() throws ConfigurationException
Modified: qpid/trunk/qpid/java/systests/etc/config-systests-firewall-2.xml
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/systests/etc/config-systests-firewall-2.xml?rev=1184882&r1=1184881&r2=1184882&view=diff
==============================================================================
--- qpid/trunk/qpid/java/systests/etc/config-systests-firewall-2.xml (original)
+++ qpid/trunk/qpid/java/systests/etc/config-systests-firewall-2.xml Sun Oct 16
17:45:16 2011
@@ -32,8 +32,8 @@
<ssl>
<enabled>false</enabled>
<sslOnly>false</sslOnly>
- <keystorePath>/path/to/keystore.ks</keystorePath>
- <keystorePassword>keystorepass</keystorePassword>
+ <keyStorePath>/path/to/keystore.ks</keyStorePath>
+ <keyStorePassword>keystorepass</keyStorePassword>
</ssl>
<port>5672</port>
<sslport>8672</sslport>
Modified: qpid/trunk/qpid/java/systests/etc/config-systests-firewall-3.xml
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/systests/etc/config-systests-firewall-3.xml?rev=1184882&r1=1184881&r2=1184882&view=diff
==============================================================================
--- qpid/trunk/qpid/java/systests/etc/config-systests-firewall-3.xml (original)
+++ qpid/trunk/qpid/java/systests/etc/config-systests-firewall-3.xml Sun Oct 16
17:45:16 2011
@@ -28,12 +28,12 @@
<connector>
<!-- To enable SSL edit the keystorePath and keystorePassword
and set enabled to true.
- To disasble Non-SSL port set sslOnly to true -->
+ To disable Non-SSL port set sslOnly to true -->
<ssl>
<enabled>false</enabled>
<sslOnly>false</sslOnly>
- <keystorePath>/path/to/keystore.ks</keystorePath>
- <keystorePassword>keystorepass</keystorePassword>
+ <keyStorePath>/path/to/keystore.ks</keyStorePath>
+ <keyStorePassword>keystorepass</keyStorePassword>
</ssl>
<port>5672</port>
<sslport>8672</sslport>
Modified: qpid/trunk/qpid/java/systests/etc/config-systests-settings.xml
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/java/systests/etc/config-systests-settings.xml?rev=1184882&r1=1184881&r2=1184882&view=diff
==============================================================================
--- qpid/trunk/qpid/java/systests/etc/config-systests-settings.xml (original)
+++ qpid/trunk/qpid/java/systests/etc/config-systests-settings.xml Sun Oct 16
17:45:16 2011
@@ -25,8 +25,8 @@
<port>15671</port>
<enabled>false</enabled>
<sslOnly>false</sslOnly>
-
<keystorePath>${QPID_HOME}/../test-profiles/test_resources/ssl/java_broker_keystore.jks</keystorePath>
- <keystorePassword>password</keystorePassword>
+
<keyStorePath>${QPID_HOME}/../test-profiles/test_resources/ssl/java_broker_keystore.jks</keyStorePath>
+ <keyStorePassword>password</keyStorePassword>
</ssl>
</connector>
<management>
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:commits-subscr...@qpid.apache.org
