Tested admin services using SSL and a self-signed certificate.
Change-Id: If5cbd8ab867637d3524629a75b120b2fedc29779
diff --git a/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java b/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
index f66646a..6455452 100644
--- a/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
+++ b/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
@@ -57,7 +57,7 @@
// .getConfiguration().getAdminToken())) {
// EM: to do ssl
-// if (authentication != null && cr.isSecure()) {
+ if (authentication != null && cr.isSecure()) {
// String token = StringUtils.stripTokenType(authentication);
// EncryptionIface crypto = BeansFactory.getKustvaktContext()
// .getEncryption();
@@ -73,9 +73,9 @@
cr.setSecurityContext(new KustvaktContext(c));
// }
-// }
-// else
-// throw KustvaktResponseHandler.throwAuthenticationException("");
+ }
+ else
+ throw KustvaktResponseHandler.throwAuthenticationException("Unsecure connection.");
return cr;
}
diff --git a/src/test/java/de/ids_mannheim/korap/web/service/FastJerseyTest.java b/src/test/java/de/ids_mannheim/korap/web/service/FastJerseyTest.java
index 65c906c..c282708 100644
--- a/src/test/java/de/ids_mannheim/korap/web/service/FastJerseyTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/service/FastJerseyTest.java
@@ -37,11 +37,12 @@
private static TestContainer testContainer;
- private static Client client;
+ protected static Client client;
private static String[] classPackages = null;
private static int PORT = 9000;
private static int PORT_IT = 1;
+ protected static String containerURI = "http://localhost/";
public static void addClass (Class<?> resourceClass) {
@@ -108,7 +109,7 @@
tcf = new GrizzlyWebTestContainerFactory();
}
- testContainer = tcf.create(UriBuilder.fromUri("http://localhost/")
+ testContainer = tcf.create(UriBuilder.fromUri(containerURI)
.port(port).build(), ad);
client = testContainer.getClient();
if (client == null) {
diff --git a/src/test/java/de/ids_mannheim/korap/web/service/full/ResouceServiceServerTest.java b/src/test/java/de/ids_mannheim/korap/web/service/full/ResouceServiceServerTest.java
index 3e16f22..81d3e0e 100644
--- a/src/test/java/de/ids_mannheim/korap/web/service/full/ResouceServiceServerTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/service/full/ResouceServiceServerTest.java
@@ -5,10 +5,21 @@
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
+import java.io.File;
+import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.URISyntaxException;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.CertificateException;
+import java.util.UUID;
+
+import javax.net.ssl.SSLContext;
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpEntity;
@@ -16,7 +27,12 @@
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URIBuilder;
+import org.apache.http.config.Registry;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.apache.http.conn.ssl.SSLContexts;
+import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.HttpClients;
+import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.junit.Assert;
import org.junit.Test;
@@ -28,13 +44,14 @@
import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.handlers.ResourceDao;
import de.ids_mannheim.korap.resources.KustvaktResource;
+import de.ids_mannheim.korap.resources.Permissions.Permission;
import de.ids_mannheim.korap.security.auth.BasicHttpAuth;
import de.ids_mannheim.korap.user.User;
import de.ids_mannheim.korap.utils.JsonUtils;
/**
- * This class tests services of a running Kustvakt server with a MySQL database.
- * Please check the database configuration in src/main/resources/jdbc.properties
+ * This class tests services of a running Kustvakt server with a MySQL database.
+ * Please check the database configuration in src/main/resources/jdbc.properties
* and run the server before running the tests.
*
* See {@link ResourceServiceTest} for tests using an in-memory database.
@@ -42,7 +59,53 @@
* @author margaretha
*
*/
-public class ResouceServiceServerTest extends BeanConfigTest{
+public class ResouceServiceServerTest extends BeanConfigTest {
+ @Test
+ public void testCreatePolicy() throws IOException, URISyntaxException {
+ String pwd ="password";
+ InputStream stream = new FileInputStream(new File(
+ "/home/elma/korap-keystore"));
+
+ SSLContext sslcontext = null;
+ try {
+ KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
+ ks.load(stream, pwd.toCharArray());
+ sslcontext = SSLContexts.custom()
+ .loadTrustMaterial(ks)
+ .loadKeyMaterial(ks, pwd.toCharArray())
+ .build();
+ } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException
+ | KeyManagementException | UnrecoverableKeyException e) {
+ e.printStackTrace();
+ }
+
+ SSLConnectionSocketFactory factory = new SSLConnectionSocketFactory(sslcontext,
+ SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);
+ HttpClient httpclient = HttpClients.custom()
+ .setSSLSocketFactory(factory)
+ .build();
+
+ String id = UUID.randomUUID().toString();
+ URIBuilder builder = new URIBuilder();
+ builder.setScheme("https")
+ .setHost("korap.ids-mannheim.de")
+ .setPort(8443).setPath("/api/v0.1/admin/createPolicies/" + id)
+ .setParameter("type", "virtualcollection")
+ .setParameter("name", "Goethe VC")
+ .setParameter("description", "Goethe corpus")
+ .setParameter("group", "public")
+ .setParameter("perm", Permission.READ.name())
+ .setParameter("loc", "")
+ .setParameter("expire", "");
+
+ URI uri = builder.build();
+ HttpPost httppost = new HttpPost(uri);
+ httppost.addHeader(Attributes.AUTHORIZATION, BasicHttpAuth.encode("kustvakt", "kustvakt2015"));
+ HttpResponse response = httpclient.execute(httppost);
+ assertEquals(ClientResponse.Status.OK.getStatusCode(),
+ response.getStatusLine().getStatusCode());
+
+ }
@Test
public void testWrongAuthorization() throws IOException, URISyntaxException {
@@ -73,8 +136,8 @@
assertTrue(node.isObject());
assertEquals("Goethe", node.path("name").asText());
assertEquals("Goethe corpus", node.path("description").asText());
-
- //checkResourceInDB(node.path("id").asText());
+
+ // checkResourceInDB(node.path("id").asText());
}
public HttpResponse testResourceStore(String password) throws IOException, URISyntaxException {
@@ -90,24 +153,21 @@
return httpclient.execute(httppost);
}
-
- private void checkResourceInDB(String id) throws KustvaktException {
-
- ResourceDao<?> dao = new ResourceDao<>(helper().getContext()
- .getPersistenceClient());
- assertEquals("sqlite", helper().getContext().getPersistenceClient()
- .getDatabase());
- assertNotEquals(0, dao.size());
- KustvaktResource res = dao.findbyId(id,
- User.UserFactory.getDemoUser());
- assertNotNull(res);
- Assert.assertEquals(true,res.getField("testVar").toString().startsWith("testVal_"));
+ private void checkResourceInDB(String id) throws KustvaktException {
+
+ ResourceDao<?> dao = new ResourceDao<>(helper().getContext().getPersistenceClient());
+ assertEquals("sqlite", helper().getContext().getPersistenceClient().getDatabase());
+
+ assertNotEquals(0, dao.size());
+ KustvaktResource res = dao.findbyId(id, User.UserFactory.getDemoUser());
+ assertNotNull(res);
+ Assert.assertEquals(true, res.getField("testVar").toString().startsWith("testVal_"));
}
@Override
public void initMethod() throws KustvaktException {
// TODO Auto-generated method stub
-
+
}
}