public class SSLTestConfig
extends org.apache.solr.client.solrj.embedded.SSLConfig
SSLConfig
that supports reading key/trust store information directly from resource
files provided with the Solr test-framework classesConstructor and Description |
---|
SSLTestConfig()
Creates an SSLTestConfig that does not use SSL or client authentication
|
SSLTestConfig(boolean useSSL,
boolean clientAuth)
Create an SSLTestConfig based on a few caller specified options,
implicitly assuming
checkPeerName=false . |
SSLTestConfig(boolean useSSL,
boolean clientAuth,
boolean checkPeerName)
Create an SSLTestConfig based on a few caller specified options.
|
Modifier and Type | Method and Description |
---|---|
org.apache.solr.client.solrj.impl.HttpClientUtil.SchemaRegistryProvider |
buildClientSchemaRegistryProvider()
Creates a
HttpClientUtil.SchemaRegistryProvider for HTTP clients to use when communicating with servers
which have been configured based on the settings of this object. |
org.apache.http.conn.ssl.SSLConnectionSocketFactory |
buildClientSSLConnectionSocketFactory()
Constructs a new SSLConnectionSocketFactory for HTTP clients to use when communicating
with servers which have been configured based on the settings of this object.
|
SSLContext |
buildClientSSLContext()
Builds a new SSLContext for HTTP clients to use when communicating with servers which have
been configured based on the settings of this object.
|
protected static KeyStore |
buildKeyStore(org.eclipse.jetty.util.resource.Resource resource,
String password)
Constructs a KeyStore using the specified filename and password
|
SSLContext |
buildServerSSLContext()
Builds a new SSLContext for jetty servers which have been configured based on the settings of
this object.
|
org.eclipse.jetty.util.ssl.SslContextFactory |
createContextFactory()
Returns an SslContextFactory using
buildServerSSLContext() if SSL should be used, else returns null. |
boolean |
getCheckPeerName()
If true, then servers hostname/ip should be validated against the SSL Cert metadata
|
String |
getKeyStore()
NOTE: This method is meaningless in SSLTestConfig.
|
String |
getTrustStore()
NOTE: This method is meaningless in SSLTestConfig.
|
static boolean |
toBooleanDefaultIfNull(Boolean bool,
boolean valueIfNull) |
static Boolean |
toBooleanObject(String str) |
public SSLTestConfig()
public SSLTestConfig(boolean useSSL, boolean clientAuth)
checkPeerName=false
.
As needed, keystore/truststore information will be pulled from a hardcoded resource file provided by the solr test-framework
useSSL
- - whether SSL should be required.clientAuth
- - whether client authentication should be required.public SSLTestConfig(boolean useSSL, boolean clientAuth, boolean checkPeerName)
checkPeerName
:
true
- A keystore resource file will be used that specifies
a CN of localhost
and a SAN IP of 127.0.0.1
, to
ensure that all connections should be valid regardless of what machine runs the tests.false
- A keystore resource file will be used that specifies
a bogus hostname in the CN and reserved IP as the SAN, since no (valid) tests using this
SSLTestConfig should care what CN/SAN are.useSSL
- - whether SSL should be required.clientAuth
- - whether client authentication should be required.checkPeerName
- - whether the client should validate the 'peer name' of the SSL Certificate (and which testing Cert should be used)HttpClientUtil.SYS_PROP_CHECK_PEER_NAME
public boolean getCheckPeerName()
public String getKeyStore()
getKeyStore
in class org.apache.solr.client.solrj.embedded.SSLConfig
public String getTrustStore()
getTrustStore
in class org.apache.solr.client.solrj.embedded.SSLConfig
public org.apache.solr.client.solrj.impl.HttpClientUtil.SchemaRegistryProvider buildClientSchemaRegistryProvider()
HttpClientUtil.SchemaRegistryProvider
for HTTP clients to use when communicating with servers
which have been configured based on the settings of this object. When SSLConfig.isSSLMode()
is true, this
SchemaRegistryProvider
will only support HTTPS (no HTTP scheme) using the
appropriate certs. When SSLConfig.isSSLMode()
is false, only HTTP (no HTTPS scheme) will be
supported.public SSLContext buildClientSSLContext() throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException
SecureRandom
instance to prevent tests from blocking
due to lack of entropy, also explicitly allows the use of self-signed
certificates (since that's what is almost always used during testing).public SSLContext buildServerSSLContext() throws KeyManagementException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException
SecureRandom
instance to prevent tests from blocking
due to lack of entropy, also explicitly allows the use of self-signed
certificates (since that's what is almost always used during testing).
almost always used during testing).public org.eclipse.jetty.util.ssl.SslContextFactory createContextFactory()
buildServerSSLContext()
if SSL should be used, else returns null.createContextFactory
in class org.apache.solr.client.solrj.embedded.SSLConfig
protected static KeyStore buildKeyStore(org.eclipse.jetty.util.resource.Resource resource, String password)
public org.apache.http.conn.ssl.SSLConnectionSocketFactory buildClientSSLConnectionSocketFactory()
SSLConfig.isSSLMode()
is true.public static boolean toBooleanDefaultIfNull(Boolean bool, boolean valueIfNull)
Copyright © 2000-2018 Apache Software Foundation. All Rights Reserved.