|
| 1 | +/** |
| 2 | + * Licensed to the Apache Software Foundation (ASF) under one |
| 3 | + * or more contributor license agreements. See the NOTICE file |
| 4 | + * distributed with this work for additional information |
| 5 | + * regarding copyright ownership. The ASF licenses this file |
| 6 | + * to you under the Apache License, Version 2.0 (the |
| 7 | + * "License"); you may not use this file except in compliance |
| 8 | + * with the License. You may obtain a copy of the License at |
| 9 | + * |
| 10 | + * http://www.apache.org/licenses/LICENSE-2.0 |
| 11 | + * |
| 12 | + * Unless required by applicable law or agreed to in writing, |
| 13 | + * software distributed under the License is distributed on an |
| 14 | + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| 15 | + * KIND, either express or implied. See the License for the |
| 16 | + * specific language governing permissions and limitations |
| 17 | + * under the License. |
| 18 | + */ |
| 19 | + |
| 20 | +package org.apache.cxf.systest.https.hostname; |
| 21 | + |
| 22 | +import java.net.URL; |
| 23 | + |
| 24 | +import javax.xml.ws.BindingProvider; |
| 25 | + |
| 26 | +import org.apache.cxf.Bus; |
| 27 | +import org.apache.cxf.BusFactory; |
| 28 | +import org.apache.cxf.bus.spring.SpringBusFactory; |
| 29 | +import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase; |
| 30 | +import org.apache.hello_world.Greeter; |
| 31 | +import org.apache.hello_world.services.SOAPService; |
| 32 | + |
| 33 | +import org.junit.AfterClass; |
| 34 | +import org.junit.BeforeClass; |
| 35 | + |
| 36 | +/** |
| 37 | + * A test for hostname verification when the Java system property "java.protocol.handler.pkgs" is set to |
| 38 | + * "com.sun.net.ssl.internal.www.protocol". This means that com.sun.net.ssl.HostnameVerifier is used |
| 39 | + * instead of the javax version. |
| 40 | + */ |
| 41 | +public class HostnameVerificationDeprecatedTest extends AbstractBusClientServerTestBase { |
| 42 | + static final String PORT = allocatePort(HostnameVerificationDeprecatedServer.class); |
| 43 | + static final String PORT2 = allocatePort(HostnameVerificationDeprecatedServer.class, 2); |
| 44 | + |
| 45 | + @BeforeClass |
| 46 | + public static void startServers() throws Exception { |
| 47 | + System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol"); |
| 48 | + assertTrue( |
| 49 | + "Server failed to launch", |
| 50 | + // run the server in the same process |
| 51 | + // set this to false to fork |
| 52 | + launchServer(HostnameVerificationDeprecatedServer.class, true) |
| 53 | + ); |
| 54 | + } |
| 55 | + |
| 56 | + @AfterClass |
| 57 | + public static void cleanup() throws Exception { |
| 58 | + System.clearProperty("java.protocol.handler.pkgs"); |
| 59 | + stopAllServers(); |
| 60 | + } |
| 61 | + |
| 62 | + // Here we expect an exception, as the default hostname verifier contributed by CXF will object to the |
| 63 | + // fact that the server certificate does not have "CN=localhost". |
| 64 | + @org.junit.Test |
| 65 | + public void testLocalhostNotMatching() throws Exception { |
| 66 | + SpringBusFactory bf = new SpringBusFactory(); |
| 67 | + URL busFile = HostnameVerificationDeprecatedTest.class.getResource("hostname-client-bethal.xml"); |
| 68 | + |
| 69 | + Bus bus = bf.createBus(busFile.toString()); |
| 70 | + BusFactory.setDefaultBus(bus); |
| 71 | + BusFactory.setThreadDefaultBus(bus); |
| 72 | + |
| 73 | + URL url = SOAPService.WSDL_LOCATION; |
| 74 | + SOAPService service = new SOAPService(url, SOAPService.SERVICE); |
| 75 | + assertNotNull("Service is null", service); |
| 76 | + final Greeter port = service.getHttpsPort(); |
| 77 | + assertNotNull("Port is null", port); |
| 78 | + |
| 79 | + updateAddressPort(port, PORT); |
| 80 | + |
| 81 | + try { |
| 82 | + port.greetMe("Kitty"); |
| 83 | + fail("Failure expected on the hostname verification"); |
| 84 | + } catch (Exception ex) { |
| 85 | + // expected |
| 86 | + } |
| 87 | + |
| 88 | + ((java.io.Closeable)port).close(); |
| 89 | + bus.shutdown(true); |
| 90 | + } |
| 91 | + |
| 92 | + // No Subject Alternative Name, but the CN matches ("localhost"), so the default HostnameVerifier |
| 93 | + // should work fine |
| 94 | + @org.junit.Test |
| 95 | + public void testNoSubjectAlternativeNameCNMatch() throws Exception { |
| 96 | + SpringBusFactory bf = new SpringBusFactory(); |
| 97 | + URL busFile = HostnameVerificationDeprecatedTest.class.getResource("hostname-client.xml"); |
| 98 | + |
| 99 | + Bus bus = bf.createBus(busFile.toString()); |
| 100 | + BusFactory.setDefaultBus(bus); |
| 101 | + BusFactory.setThreadDefaultBus(bus); |
| 102 | + |
| 103 | + URL url = SOAPService.WSDL_LOCATION; |
| 104 | + SOAPService service = new SOAPService(url, SOAPService.SERVICE); |
| 105 | + assertNotNull("Service is null", service); |
| 106 | + final Greeter port = service.getHttpsPort(); |
| 107 | + assertNotNull("Port is null", port); |
| 108 | + |
| 109 | + updateAddressPort(port, PORT2); |
| 110 | + |
| 111 | + assertEquals(port.greetMe("Kitty"), "Hello Kitty"); |
| 112 | + |
| 113 | + // Enable Async |
| 114 | + ((BindingProvider)port).getRequestContext().put("use.async.http.conduit", true); |
| 115 | + |
| 116 | + assertEquals(port.greetMe("Kitty"), "Hello Kitty"); |
| 117 | + |
| 118 | + ((java.io.Closeable)port).close(); |
| 119 | + bus.shutdown(true); |
| 120 | + } |
| 121 | +} |
0 commit comments