commit 571714739b23e16c4c90d5229b806433920b3bcb
author Vinay Vishal <vinay.vishal@oracle.com> Tue Sep 18 20:22:00 2018 +0530
committer Vinay Vishal <vinay.vishal@oracle.com> Tue Sep 18 20:22:00 2018 +0530
tree e27eb3f3638f3ce5698893c5bbc48d286537d380

Initial Contribution

Signed-off-by: Vinay Vishal <vinay.vishal@oracle.com>

appserver/tests/appserv-tests/devtests/security/web-mutual-ssl/WebSSLClient.java

diff --git a/appserver/tests/appserv-tests/devtests/security/web-mutual-ssl/WebSSLClient.java b/appserver/tests/appserv-tests/devtests/security/web-mutual-ssl/WebSSLClient.java
new file mode 100644
index 0000000..bb4f565
--- /dev/null
+++ b/appserver/tests/appserv-tests/devtests/security/web-mutual-ssl/WebSSLClient.java
@@ -0,0 +1,153 @@
+/*
+ * Copyright (c) 2017, 2018 Oracle and/or its affiliates. All rights reserved.
+ *
+ * This program and the accompanying materials are made available under the
+ * terms of the Eclipse Public License v. 2.0, which is available at
+ * http://www.eclipse.org/legal/epl-2.0.
+ *
+ * This Source Code may also be made available under the following Secondary
+ * Licenses when the conditions for such availability set forth in the
+ * Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
+ * version 2 with the GNU Classpath Exception, which is available at
+ * https://www.gnu.org/software/classpath/license.html.
+ *
+ * SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
+ */
+
+package devtests.security;
+
+import java.io.*;
+import java.security.*;
+import java.net.*;
+import javax.net.ssl.*;
+import com.sun.ejte.ccl.reporter.*;
+
+/*
+   This is the standalone client java program to access AS web app
+   which has <security-constraint> protected by (in its web.xml)
+   <login-config>
+     <auth-method>CLIENT-CERT</auth-method>
+     <realm-name>default</realm-name>
+   </login-config>
+*/
+public class WebSSLClient {
+
+    private static final String TEST_NAME
+        = "security-web-mutual-ssl";    
+
+    private static final String EXPECTED_RESPONSE
+        = "[Ljava.security.cert.X509Certificate;";
+
+    private static SimpleReporterAdapter stat
+        = new SimpleReporterAdapter("appserv-tests");
+
+
+    public static void main(String args[]) throws Exception{
+
+        String host = args[0];
+        String port = args[1];
+        String contextRoot = args[2];
+        String keyStorePath = args[3];
+        String trustStorePath = args[4];
+        String sslPassword = args[5];
+
+        System.out.println("host/port=" + host + "/" + port);
+        
+        try {
+            stat.addDescription(TEST_NAME);
+            SSLSocketFactory ssf = getSSLSocketFactory(sslPassword,
+                                                       keyStorePath,
+                                                       trustStorePath);
+            HttpsURLConnection connection = connect("https://" + host  + ":"
+                                                    + port + contextRoot
+                                                    + "/TestClientCert",
+                                                    ssf);
+            
+            parseResponse(connection);
+            
+        } catch (Throwable t) {
+            stat.addStatus(TEST_NAME, stat.FAIL);
+            t.printStackTrace();
+        }
+        stat.printSummary(TEST_NAME);
+    }
+
+
+    private static void parseResponse(HttpsURLConnection connection)
+            throws Exception {
+
+        BufferedReader in = null;
+
+        try {
+            in = new BufferedReader(new InputStreamReader(
+                            connection.getInputStream()));
+            
+            String line = null;
+            while ((line = in.readLine()) != null) {
+                if (EXPECTED_RESPONSE.equals(line)) {
+                    stat.addStatus(TEST_NAME, stat.PASS);
+                    break;
+                }
+            }
+
+            if (line == null) {
+                System.err.println("Wrong response. Expected: "
+                                   + EXPECTED_RESPONSE
+                                   + ", received: " + line);
+                stat.addStatus(TEST_NAME, stat.FAIL);
+            }
+        } finally {
+            if (in != null) {
+                in.close();
+            }
+        }
+    }
+
+
+    private static SSLSocketFactory getSSLSocketFactory(String sslPassword,
+                                                        String keyStorePath,
+                                                        String trustStorePath)
+            throws Exception {
+
+        SSLContext ctx = SSLContext.getInstance("TLS");
+
+        // Keystore 
+        KeyStore ks = KeyStore.getInstance("JKS");
+        char[] passphrase = sslPassword.toCharArray();
+        ks.load(new FileInputStream(keyStorePath), passphrase);
+        KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+        kmf.init(ks, passphrase);
+
+        // Truststore
+        KeyStore trustStore = KeyStore.getInstance("JKS");
+        trustStore.load(new FileInputStream(trustStorePath), null);
+        TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
+        tmf.init(trustStore);
+
+        ctx.init(kmf.getKeyManagers(),tmf.getTrustManagers(), null);
+        
+        return ctx.getSocketFactory();
+    }
+
+
+    private static HttpsURLConnection connect(String urlAddress,
+                                              SSLSocketFactory ssf)
+            throws Exception {
+
+        URL url = new URL(urlAddress);
+        HttpsURLConnection.setDefaultSSLSocketFactory(ssf);
+        HttpsURLConnection connection = (HttpsURLConnection)
+            url.openConnection();
+
+        connection.setHostnameVerifier(
+            new HostnameVerifier() {
+                public boolean verify(String rserver, SSLSession sses) {
+                    return true;
+                }
+        });
+
+        connection.setDoOutput(true);
+
+        return connection;
+    }
+}