/**
* Tests the use of the StartTLS extended operation to communicate with the server in conjunction
* with SASL EXTERNAL authentication and using a client trust store to validate the server
* certificate.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testStartTLSExternalAuthTrustStore() throws Exception {
TestCaseUtils.initializeTestBackend(true);
Entry e =
TestCaseUtils.makeEntry(
"dn: cn=Test User,o=test",
"objectClass: top",
"objectClass: person",
"objectClass: organizationalPerson",
"objectClass: inetOrgPerson",
"cn: Test User",
"givenName: Test",
"sn: User");
InternalClientConnection conn = InternalClientConnection.getRootConnection();
AddOperation addOperation =
conn.processAdd(
e.getDN(), e.getObjectClasses(), e.getUserAttributes(), e.getOperationalAttributes());
assertEquals(addOperation.getResultCode(), ResultCode.SUCCESS);
String keyStorePath =
DirectoryServer.getInstanceRoot()
+ File.separator
+ "config"
+ File.separator
+ "client.keystore";
String trustStorePath =
DirectoryServer.getInstanceRoot()
+ File.separator
+ "config"
+ File.separator
+ "client.truststore";
String[] args = {
"--noPropertiesFile",
"-h",
"127.0.0.1",
"-p",
String.valueOf(TestCaseUtils.getServerLdapPort()),
"-q",
"-K",
keyStorePath,
"-W",
"password",
"-P",
trustStorePath,
"-r",
"-b",
"",
"-s",
"base",
"(objectClass=*)"
};
assertEquals(LDAPSearch.mainSearch(args, false, null, System.err), 0);
}
/**
* Tests the use of the StartTLS extended operation to communicate with the server in conjunction
* with no authentication and using a client trust store to validate the server certificate.
*/
@Test()
public void testStartTLSNoAuthTrustStore() {
String trustStorePath =
DirectoryServer.getInstanceRoot()
+ File.separator
+ "config"
+ File.separator
+ "client.truststore";
String[] args = {
"--noPropertiesFile",
"-h",
"127.0.0.1",
"-p",
String.valueOf(TestCaseUtils.getServerLdapPort()),
"-q",
"-P",
trustStorePath,
"-b",
"",
"-s",
"base",
"(objectClass=*)"
};
assertEquals(LDAPSearch.mainSearch(args, false, null, System.err), 0);
}
@BeforeClass
public void setUp() throws Exception {
// The server must be running for these tests, so that
// it can provide "getServerRoot()".
TestCaseUtils.startServer();
resourcePath =
DirectoryServer.getInstanceRoot() + File.separator + "config" + File.separator + "MakeLDIF";
}
@Override
public List<Attribute> getMonitorData() {
ArrayList<Attribute> attrs = new ArrayList<>(13);
attrs.add(createAttribute("javaVersion", System.getProperty("java.version")));
attrs.add(createAttribute("javaVendor", System.getProperty("java.vendor")));
attrs.add(createAttribute("jvmVersion", System.getProperty("java.vm.version")));
attrs.add(createAttribute("jvmVendor", System.getProperty("java.vm.vendor")));
attrs.add(createAttribute("javaHome", System.getProperty("java.home")));
attrs.add(createAttribute("classPath", System.getProperty("java.class.path")));
attrs.add(createAttribute("workingDirectory", System.getProperty("user.dir")));
String osInfo =
System.getProperty("os.name")
+ " "
+ System.getProperty("os.version")
+ " "
+ System.getProperty("os.arch");
attrs.add(createAttribute("operatingSystem", osInfo));
String sunOsArchDataModel = System.getProperty("sun.arch.data.model");
if (sunOsArchDataModel != null) {
String jvmArch = sunOsArchDataModel;
if (!sunOsArchDataModel.toLowerCase().equals("unknown")) {
jvmArch += "-bit";
}
attrs.add(createAttribute("jvmArchitecture", jvmArch));
} else {
attrs.add(createAttribute("jvmArchitecture", "unknown"));
}
try {
attrs.add(createAttribute("systemName", InetAddress.getLocalHost().getCanonicalHostName()));
} catch (Exception e) {
logger.traceException(e);
}
Runtime runtime = Runtime.getRuntime();
attrs.add(createAttribute("availableCPUs", runtime.availableProcessors()));
attrs.add(createAttribute("maxMemory", runtime.maxMemory()));
attrs.add(createAttribute("usedMemory", runtime.totalMemory()));
attrs.add(createAttribute("freeUsedMemory", runtime.freeMemory()));
String installPath = DirectoryServer.getServerRoot();
if (installPath != null) {
attrs.add(createAttribute("installPath", installPath));
}
String instancePath = DirectoryServer.getInstanceRoot();
if (instancePath != null) {
attrs.add(createAttribute("instancePath", instancePath));
}
// Get the JVM input arguments.
RuntimeMXBean rtBean = ManagementFactory.getRuntimeMXBean();
List<String> jvmArguments = rtBean.getInputArguments();
if (jvmArguments != null && !jvmArguments.isEmpty()) {
StringBuilder argList = new StringBuilder();
for (String jvmArg : jvmArguments) {
if (argList.length() > 0) {
argList.append(" ");
}
argList.append("\"");
argList.append(jvmArg);
argList.append("\"");
}
attrs.add(createAttribute("jvmArguments", argList.toString()));
}
// Get the list of supported SSL protocols and ciphers.
Collection<String> supportedTlsProtocols;
Collection<String> supportedTlsCiphers;
try {
final SSLContext context = SSLContext.getDefault();
final SSLParameters parameters = context.getSupportedSSLParameters();
supportedTlsProtocols = Arrays.asList(parameters.getProtocols());
supportedTlsCiphers = Arrays.asList(parameters.getCipherSuites());
} catch (Exception e) {
// A default SSL context should always be available.
supportedTlsProtocols = Collections.emptyList();
supportedTlsCiphers = Collections.emptyList();
}
addAttribute(attrs, ATTR_SUPPORTED_TLS_PROTOCOLS, supportedTlsProtocols);
addAttribute(attrs, ATTR_SUPPORTED_TLS_CIPHERS, supportedTlsCiphers);
return attrs;
}
