marklogic · BillFarber · Apr 1, 2025 · Mar 31, 2025
@@ -156,7 +156,11 @@ public static DatabaseClient newEvalClient(String databaseName) {
 	}
 
 	public static MarkLogicVersion getMarkLogicVersion() {
-		String version = newServerAdminClient().newServerEval().javascript("xdmp.version()").evalAs(String.class);
+		return getMarkLogicVersion(newServerAdminClient());
+	}
+
+	public static MarkLogicVersion getMarkLogicVersion(DatabaseClient client) {
+		String version = client.newServerEval().javascript("xdmp.version()").evalAs(String.class);
 		return new MarkLogicVersion(version);
 	}
 

@@ -5,9 +5,9 @@
 import com.marklogic.client.ForbiddenUserException;
 import com.marklogic.client.MarkLogicIOException;
 import com.marklogic.client.test.Common;
+import com.marklogic.client.test.MarkLogicVersion;
 import com.marklogic.client.test.junit5.DisabledWhenUsingReverseProxyServer;
 import com.marklogic.client.test.junit5.RequireSSLExtension;
-import com.marklogic.client.test.junit5.RequiresML11OrLower;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 
@@ -85,10 +85,24 @@ void defaultSslContext() throws Exception {
 		assertTrue(ex.getCause() instanceof SSLException, "Unexpected cause: " + ex.getCause());
 	}
 
-	// Currently failing on 12-nightly due to https://progresssoftware.atlassian.net/browse/MLE-17505 .
 	@Test
-	@ExtendWith(RequiresML11OrLower.class)
-	void noSslContext() {
+	void noSslContext() throws Exception {
+		SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
+		sslContext.init(null, new TrustManager[]{Common.TRUST_ALL_MANAGER}, null);
+		DatabaseClient sslClient = Common.newClientBuilder()
+			.withUsername(Common.SERVER_ADMIN_USER)
+			.withPassword(Common.SERVER_ADMIN_PASS)
+			.withSSLProtocol("TLSv1.2")
+			.withTrustManager(Common.TRUST_ALL_MANAGER)
+			.withSSLHostnameVerifier(DatabaseClientFactory.SSLHostnameVerifier.ANY)
+			.build();
+		MarkLogicVersion markLogicVersion = Common.getMarkLogicVersion(sslClient);
+		// Currently failing on 12-nightly due to https://progresssoftware.atlassian.net/browse/MLE-17505 .
+		if (markLogicVersion.getMajor() > 11) {
+			System.out.println("MarkLogic major version is 12 or higher, skipping test");
+			return;
+		}
+
 		DatabaseClient client = Common.newClientBuilder().build();
 
 		DatabaseClient.ConnectionResult result = client.checkConnection();

@@ -9,9 +9,9 @@
 import com.marklogic.client.eval.EvalResultIterator;
 import com.marklogic.client.io.StringHandle;
 import com.marklogic.client.test.Common;
+import com.marklogic.client.test.MarkLogicVersion;
 import com.marklogic.client.test.junit5.DisabledWhenUsingReverseProxyServer;
 import com.marklogic.client.test.junit5.RequireSSLExtension;
-import com.marklogic.client.test.junit5.RequiresML11OrLower;
 import com.marklogic.mgmt.ManageClient;
 import com.marklogic.mgmt.resource.appservers.ServerManager;
 import com.marklogic.mgmt.resource.security.CertificateTemplateManager;
@@ -28,6 +28,7 @@
 import javax.net.ssl.X509TrustManager;
 import java.io.*;
 import java.nio.file.Path;
+import java.security.KeyManagementException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
@@ -43,8 +44,8 @@
 })
 public class TwoWaySSLTest {
 
-	private final static String TEST_DOCUMENT_URI = "/optic/test/musician1.json";
-	private final static String KEYSTORE_PASSWORD = "password";
+	private static final String TEST_DOCUMENT_URI = "/optic/test/musician1.json";
+	private static final String KEYSTORE_PASSWORD = "password";
 
 	// Used for creating a temporary JKS (Java KeyStore) file.
 	@TempDir
@@ -98,10 +99,15 @@ public static void teardown() {
 	 * - When the breakpoint is hit, look for the location of the files in stdout.
 	 * - Copy those files to a more accessible location and use them for accessing the 8012 app server.
 	 */
-	// Currently failing on 12-nightly due to https://progresssoftware.atlassian.net/browse/MLE-17505 .
 	@Test
-	@ExtendWith(RequiresML11OrLower.class)
-	void digestAuthentication() {
+	void digestAuthentication() throws NoSuchAlgorithmException, KeyManagementException {
+		MarkLogicVersion markLogicVersion = Common.getMarkLogicVersion(buildClientWithCert());
+		// Currently failing on 12-nightly due to https://progresssoftware.atlassian.net/browse/MLE-17505 .
+		if (markLogicVersion.getMajor() > 11) {
+			System.out.println("MarkLogic major version is 12 or higher, skipping test");
+			return;
+		}
+
 		// This client uses our Java KeyStore file with a client certificate in it, so it should work.
 		DatabaseClient clientWithCert = Common.newClientBuilder()
 			.withKeyStorePath(keyStoreFile.getAbsolutePath())
@@ -492,4 +498,22 @@ public void run() {
 				.forEach(consumer);
 		}
 	}
+
+	private DatabaseClient buildClientWithCert() {
+		return Common.newClientBuilder()
+			.withUsername(Common.SERVER_ADMIN_USER)
+			.withPassword(Common.SERVER_ADMIN_PASS)
+			.withKeyStorePath(keyStoreFile.getAbsolutePath())
+			.withKeyStorePassword(KEYSTORE_PASSWORD)
+
+			// Still need this as "common"/"strict" don't work for our temporary server certificate.
+			.withSSLHostnameVerifier(DatabaseClientFactory.SSLHostnameVerifier.ANY)
+
+			// Starting in 6.5.0, we can use a real trust manager as the server certificate is in the keystore.
+			.withTrustStorePath(trustStoreFile.getAbsolutePath())
+			.withTrustStorePassword(KEYSTORE_PASSWORD)
+			.withTrustStoreType("JKS")
+			.withTrustStoreAlgorithm("SunX509")
+			.build();
+	}
 }
@@ -1,4 +1,4 @@
-name: marklogic-javaclient-test-app
+name: docker-tests-marklogic-javaclient-test-app
 
 services: