[#CAMEL-409] working unit test required for HTTPS with the jetty component which works in maven

Apache Camel

CAMEL-407

working unit test required for HTTPS with the jetty component which works in maven

Created: 28/Mar/08 12:01 PM Updated: 10/Jul/08 09:21 PM

Component/s:

None

Affects Version/s:

1.3.0

Fix Version/s:

1.4.0

Time Tracking:

Not Specified

File Attachments:

File Name	Attached Date	Attached By	Size
camel-409.combined.patch	2008-04-14 10:04 AM	Gary Tully	12 kb
JettyHttpComponent.java	2008-04-11 02:00 AM	Micky Santomax	8 kb
localhost.ks	2008-04-10 02:51 AM	Gary Tully	1 kb

All

Comments

Work Log

Change History

Subversion Commits

FishEye

Crucible

Sort Order:

Ascending order - Click to sort in descending order

[ Permlink | « Hide ]

Gary Tully - 10/Apr/08 02:44 AM

jetty HttpsRouteTest - uses ssl attributes on JettyHttpComponent and system property for jsse client trust store configuration.
The keystore, localhost.ks is binary so it is not part of this patch.

[ Permlink | « Hide ]

Gary Tully - 10/Apr/08 02:51 AM

components\camel-jetty\src\test\resources\jsse\localhost.ks a binary keystore file.

the contents of this file were created with:
keytool -genkey -alias server -keystore localhost.ks
using passwords: changeit and name components with value: localhost

The cert is used by the https endpoint and made available to the clients via their truststore so that the server cert can be validated. The cert is self signed. This is a dummy cert that is useful only for testing.
The use of localhost as the OU and CN allows the cert to pass spoofing validation as implemented by the jdk jsse implementation.

[ Permlink | « Hide ]

Gary Tully - 10/Apr/08 03:11 AM

this patch superseeds the camel-409.patch file.
It adds an additional negative test for camel http component calling https endpoint and expects an exception.

[ Permlink | « Hide ]

Claus Ibsen - 11/Apr/08 01:39 AM

Gary thanks a lot for all the hard work creating such a patch. We will definitely add it to Camel.

[ Permlink | « Hide ]

Micky Santomax - 11/Apr/08 02:00 AM

Gary, I think is a good solution to set getter and setter methods for SslSocketConnector in JettyHttpComponent so that one can set (for example) the keystore path or anything else.

If you want to consider this suggestion I have attached file of jetty component with this patch implemented

[ Permlink | « Hide ]

Gary Tully - 11/Apr/08 03:57 AM

Micky, yea, that is a far better idea than replicating all of the Ssl attributes on JettyHttpComponent.
One thing to note is that in order for the jsse system properties to be picked up by the SssSocketConnector, a call to the setter methods is required, hense the default values of "" for the key and keystore passwords in the JettyHttpComponent.
Without that we get the "no password" error.
Best may be to lazily initialize the SslSocketConnector and call the setters if a user has not already provided an instance.

[ Permlink | « Hide ]

Claus Ibsen - 12/Apr/08 03:59 AM

Gary could you provide a final patch with your and Mickys latest suggesting included.

I will then be able to commit the patch. It is a great addition to Camel.

[ Permlink | « Hide ]

Gary Tully - 14/Apr/08 10:04 AM

adds sslsocketConnector accessor along with simple default sslPassword and sslKeyPassword that will solicit the default jetty behaviour of looking for jetty system properties or prompting the user.
If your config needs are simple, the accessors will work, if they are more complex, the ability to set the sslsocketconnector should be used. added another test that uses the sslsocketconnector accesor

[ Permlink | « Hide ]

Claus Ibsen - 14/Apr/08 12:29 PM

Comitted to trunk

~~CAMEL-409~~ Added unit tests for Jetty doing https. With huge thanks to Gary Tully and Micky Santomax for the patches