/**
   * Tests the use of the StartTLS extended operation to communicate with the server in conjunction
   * with SASL EXTERNAL authentication and using a client trust store to validate the server
   * certificate.
   *
   * @throws Exception If an unexpected problem occurs.
   */
  @Test()
  public void testStartTLSExternalAuthTrustStore() throws Exception {
    TestCaseUtils.initializeTestBackend(true);

    Entry e =
        TestCaseUtils.makeEntry(
            "dn: cn=Test User,o=test",
            "objectClass: top",
            "objectClass: person",
            "objectClass: organizationalPerson",
            "objectClass: inetOrgPerson",
            "cn: Test User",
            "givenName: Test",
            "sn: User");

    InternalClientConnection conn = InternalClientConnection.getRootConnection();
    AddOperation addOperation =
        conn.processAdd(
            e.getDN(), e.getObjectClasses(), e.getUserAttributes(), e.getOperationalAttributes());
    assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);

    String keyStorePath =
        DirectoryServer.getInstanceRoot()
            + File.separator
            + "config"
            + File.separator
            + "client.keystore";
    String trustStorePath =
        DirectoryServer.getInstanceRoot()
            + File.separator
            + "config"
            + File.separator
            + "client.truststore";

    String[] args = {
      "--noPropertiesFile",
      "-h",
      "127.0.0.1",
      "-p",
      String.valueOf(TestCaseUtils.getServerLdapPort()),
      "-q",
      "-K",
      keyStorePath,
      "-W",
      "password",
      "-P",
      trustStorePath,
      "-r",
      "-b",
      "",
      "-s",
      "base",
      "(objectClass=*)"
    };

    assertEquals(LDAPSearch.mainSearch(args, false, null, System.err), 0);
  }
  /**
   * Tests the use of the StartTLS extended operation to communicate with the server in conjunction
   * with no authentication and using a client trust store to validate the server certificate.
   */
  @Test()
  public void testStartTLSNoAuthTrustStore() {
    String trustStorePath =
        DirectoryServer.getInstanceRoot()
            + File.separator
            + "config"
            + File.separator
            + "client.truststore";

    String[] args = {
      "--noPropertiesFile",
      "-h",
      "127.0.0.1",
      "-p",
      String.valueOf(TestCaseUtils.getServerLdapPort()),
      "-q",
      "-P",
      trustStorePath,
      "-b",
      "",
      "-s",
      "base",
      "(objectClass=*)"
    };

    assertEquals(LDAPSearch.mainSearch(args, false, null, System.err), 0);
  }
Beispiel #3
0
  @BeforeClass
  public void setUp() throws Exception {
    // The server must be running for these tests, so that
    // it can provide "getServerRoot()".
    TestCaseUtils.startServer();

    resourcePath =
        DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "MakeLDIF";
  }
  @Override
  public List<Attribute> getMonitorData() {
    ArrayList<Attribute> attrs = new ArrayList<>(13);

    attrs.add(createAttribute("javaVersion", System.getProperty("java.version")));
    attrs.add(createAttribute("javaVendor", System.getProperty("java.vendor")));
    attrs.add(createAttribute("jvmVersion", System.getProperty("java.vm.version")));
    attrs.add(createAttribute("jvmVendor", System.getProperty("java.vm.vendor")));
    attrs.add(createAttribute("javaHome", System.getProperty("java.home")));
    attrs.add(createAttribute("classPath", System.getProperty("java.class.path")));
    attrs.add(createAttribute("workingDirectory", System.getProperty("user.dir")));

    String osInfo =
        System.getProperty("os.name")
            + " "
            + System.getProperty("os.version")
            + " "
            + System.getProperty("os.arch");
    attrs.add(createAttribute("operatingSystem", osInfo));
    String sunOsArchDataModel = System.getProperty("sun.arch.data.model");
    if (sunOsArchDataModel != null) {
      String jvmArch = sunOsArchDataModel;
      if (!sunOsArchDataModel.toLowerCase().equals("unknown")) {
        jvmArch += "-bit";
      }
      attrs.add(createAttribute("jvmArchitecture", jvmArch));
    } else {
      attrs.add(createAttribute("jvmArchitecture", "unknown"));
    }

    try {
      attrs.add(createAttribute("systemName", InetAddress.getLocalHost().getCanonicalHostName()));
    } catch (Exception e) {
      logger.traceException(e);
    }

    Runtime runtime = Runtime.getRuntime();
    attrs.add(createAttribute("availableCPUs", runtime.availableProcessors()));
    attrs.add(createAttribute("maxMemory", runtime.maxMemory()));
    attrs.add(createAttribute("usedMemory", runtime.totalMemory()));
    attrs.add(createAttribute("freeUsedMemory", runtime.freeMemory()));
    String installPath = DirectoryServer.getServerRoot();
    if (installPath != null) {
      attrs.add(createAttribute("installPath", installPath));
    }
    String instancePath = DirectoryServer.getInstanceRoot();
    if (instancePath != null) {
      attrs.add(createAttribute("instancePath", instancePath));
    }

    // Get the JVM input arguments.
    RuntimeMXBean rtBean = ManagementFactory.getRuntimeMXBean();
    List<String> jvmArguments = rtBean.getInputArguments();
    if (jvmArguments != null && !jvmArguments.isEmpty()) {
      StringBuilder argList = new StringBuilder();
      for (String jvmArg : jvmArguments) {
        if (argList.length() > 0) {
          argList.append(" ");
        }

        argList.append("\"");
        argList.append(jvmArg);
        argList.append("\"");
      }

      attrs.add(createAttribute("jvmArguments", argList.toString()));
    }

    // Get the list of supported SSL protocols and ciphers.
    Collection<String> supportedTlsProtocols;
    Collection<String> supportedTlsCiphers;
    try {
      final SSLContext context = SSLContext.getDefault();
      final SSLParameters parameters = context.getSupportedSSLParameters();
      supportedTlsProtocols = Arrays.asList(parameters.getProtocols());
      supportedTlsCiphers = Arrays.asList(parameters.getCipherSuites());
    } catch (Exception e) {
      // A default SSL context should always be available.
      supportedTlsProtocols = Collections.emptyList();
      supportedTlsCiphers = Collections.emptyList();
    }

    addAttribute(attrs, ATTR_SUPPORTED_TLS_PROTOCOLS, supportedTlsProtocols);
    addAttribute(attrs, ATTR_SUPPORTED_TLS_CIPHERS, supportedTlsCiphers);

    return attrs;
  }