http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-mina2/src/main/java/org/apache/camel/component/mina2/Mina2Component.java ---------------------------------------------------------------------- diff --git a/components/camel-mina2/src/main/java/org/apache/camel/component/mina2/Mina2Component.java b/components/camel-mina2/src/main/java/org/apache/camel/component/mina2/Mina2Component.java index 6413c26..62319ac 100644 --- a/components/camel-mina2/src/main/java/org/apache/camel/component/mina2/Mina2Component.java +++ b/components/camel-mina2/src/main/java/org/apache/camel/component/mina2/Mina2Component.java @@ -18,13 +18,17 @@ package org.apache.camel.component.mina2; import java.net.URI; import java.util.Map; +import java.util.Optional; +import java.util.function.Supplier; import org.apache.camel.CamelContext; import org.apache.camel.Endpoint; import org.apache.camel.ExchangePattern; import org.apache.camel.impl.UriEndpointComponent; import org.apache.camel.spi.Metadata; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.ObjectHelper; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; import org.apache.mina.core.filterchain.IoFilter; /** @@ -67,6 +71,10 @@ public class Mina2Component extends UriEndpointComponent { config.setFilters(resolveAndRemoveReferenceListParameter(parameters, "filters", IoFilter.class)); setProperties(config, parameters); + if (config.isUseGlobalSslContextParameters() && config.getSslContextParameters() == null) { + config.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null)); + } + return createEndpoint(uri, config); }
http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-mina2/src/main/java/org/apache/camel/component/mina2/Mina2Configuration.java ---------------------------------------------------------------------- diff --git a/components/camel-mina2/src/main/java/org/apache/camel/component/mina2/Mina2Configuration.java b/components/camel-mina2/src/main/java/org/apache/camel/component/mina2/Mina2Configuration.java index 2721791..e05d438 100644 --- a/components/camel-mina2/src/main/java/org/apache/camel/component/mina2/Mina2Configuration.java +++ b/components/camel-mina2/src/main/java/org/apache/camel/component/mina2/Mina2Configuration.java @@ -76,6 +76,8 @@ public class Mina2Configuration implements Cloneable { @UriParam(label = "security") private SSLContextParameters sslContextParameters; @UriParam(label = "security", defaultValue = "true") + private boolean useGlobalSslContextParameters = true; + @UriParam(label = "security", defaultValue = "true") private boolean autoStartTls = true; @UriParam(label = "advanced", defaultValue = "16") private int maximumPoolSize = 16; // 16 is the default mina setting @@ -341,6 +343,17 @@ public class Mina2Configuration implements Cloneable { this.sslContextParameters = sslContextParameters; } + public boolean isUseGlobalSslContextParameters() { + return useGlobalSslContextParameters; + } + + /** + * Enable usage of Camel global sslContextParameters. + */ + public void setUseGlobalSslContextParameters(boolean useGlobalSslContextParameters) { + this.useGlobalSslContextParameters = useGlobalSslContextParameters; + } + public boolean isAutoStartTls() { return autoStartTls; } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-mina2/src/test/java/org/apache/camel/component/mina2/BaseMina2Test.java ---------------------------------------------------------------------- diff --git a/components/camel-mina2/src/test/java/org/apache/camel/component/mina2/BaseMina2Test.java b/components/camel-mina2/src/test/java/org/apache/camel/component/mina2/BaseMina2Test.java index 204a2b9..e8fc6e3 100644 --- a/components/camel-mina2/src/test/java/org/apache/camel/component/mina2/BaseMina2Test.java +++ b/components/camel-mina2/src/test/java/org/apache/camel/component/mina2/BaseMina2Test.java @@ -61,6 +61,10 @@ public class BaseMina2Test extends CamelTestSupport { } protected void addSslContextParametersToRegistry(JndiRegistry registry) { + registry.bind("sslContextParameters", createSslContextParameters()); + } + + protected SSLContextParameters createSslContextParameters() { KeyStoreParameters ksp = new KeyStoreParameters(); ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").toString()); ksp.setPassword(KEY_STORE_PASSWORD); @@ -76,12 +80,11 @@ public class BaseMina2Test extends CamelTestSupport { // is provided. We turn on WANT client-auth to prefer using authentication SSLContextServerParameters scsp = new SSLContextServerParameters(); scsp.setClientAuthentication(ClientAuthentication.WANT.name()); - + SSLContextParameters sslContextParameters = new SSLContextParameters(); sslContextParameters.setKeyManagers(kmp); sslContextParameters.setTrustManagers(tmp); sslContextParameters.setServerParameters(scsp); - - registry.bind("sslContextParameters", sslContextParameters); + return sslContextParameters; } } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-mina2/src/test/java/org/apache/camel/component/mina2/Mina2SslGlobalContextParametersTcpTest.java ---------------------------------------------------------------------- diff --git a/components/camel-mina2/src/test/java/org/apache/camel/component/mina2/Mina2SslGlobalContextParametersTcpTest.java b/components/camel-mina2/src/test/java/org/apache/camel/component/mina2/Mina2SslGlobalContextParametersTcpTest.java new file mode 100644 index 0000000..8629637 --- /dev/null +++ b/components/camel-mina2/src/test/java/org/apache/camel/component/mina2/Mina2SslGlobalContextParametersTcpTest.java @@ -0,0 +1,79 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.component.mina2; + +import org.apache.camel.builder.RouteBuilder; +import org.apache.camel.component.mock.MockEndpoint; +import org.apache.camel.impl.JndiRegistry; +import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; +import org.junit.Test; + +/** + * @version + */ +public class Mina2SslGlobalContextParametersTcpTest extends BaseMina2Test { + + @Override + protected JndiRegistry createRegistry() throws Exception { + JndiRegistry reg = super.createRegistry(); + + if (isUseSslContext()) { + SSLContextParameters parameters = createSslContextParameters(); + reg.bind("sslContextParametersSupplier", (GlobalSSLContextParametersSupplier) () -> parameters); + } + return reg; + } + + @Test + public void testMinaRoute() throws Exception { + MockEndpoint endpoint = getMockEndpoint("mock:result"); + Object body = "Hello there!"; + endpoint.expectedBodiesReceived(body); + + template.sendBodyAndHeader("mina2:tcp://localhost:" + getPort() + "?sync=false&minaLogger=true", body, "cheese", 123); + + assertMockEndpointsSatisfied(); + } + + @Test + public void testMinaRouteWithoutSSL() throws Exception { + MockEndpoint endpoint = getMockEndpoint("mock:result"); + Object body = "Hello there!"; + endpoint.expectedBodiesReceived(body); + + template.sendBodyAndHeader("mina2:tcp://localhost:" + getPort() + "?useGlobalSslContextParameters=false&sync=false&minaLogger=true", body, "cheese", 123); + + endpoint.assertIsNotSatisfied(100); + } + + @Override + protected boolean isUseSslContext() { + return true; + } + + protected RouteBuilder createRouteBuilder() { + return new RouteBuilder() { + + public void configure() { + fromF("mina2:tcp://localhost:%s?sync=false&minaLogger=true", getPort()) + .to("log:before?showAll=true") + .to("mock:result").to("log:after?showAll=true"); + } + }; + } +} http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-nats/src/main/java/org/apache/camel/component/nats/NatsComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-nats/src/main/java/org/apache/camel/component/nats/NatsComponent.java b/components/camel-nats/src/main/java/org/apache/camel/component/nats/NatsComponent.java index 2ccfe36..8deb460 100644 --- a/components/camel-nats/src/main/java/org/apache/camel/component/nats/NatsComponent.java +++ b/components/camel-nats/src/main/java/org/apache/camel/component/nats/NatsComponent.java @@ -17,9 +17,13 @@ package org.apache.camel.component.nats; import java.util.Map; +import java.util.Optional; +import java.util.function.Supplier; import org.apache.camel.Endpoint; import org.apache.camel.impl.DefaultComponent; +import org.apache.camel.util.CamelContextHelper; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; public class NatsComponent extends DefaultComponent { @@ -28,6 +32,11 @@ public class NatsComponent extends DefaultComponent { NatsConfiguration config = new NatsConfiguration(); setProperties(config, parameters); config.setServers(remaining); + + if (config.getSslContextParameters() == null) { + config.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null)); + } + NatsEndpoint endpoint = new NatsEndpoint(uri, this, config); return endpoint; } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/NettyHttpComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/NettyHttpComponent.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/NettyHttpComponent.java index 74bc025..e20ae6e 100644 --- a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/NettyHttpComponent.java +++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/NettyHttpComponent.java @@ -20,6 +20,8 @@ import java.net.URI; import java.util.HashMap; import java.util.Locale; import java.util.Map; +import java.util.Optional; +import java.util.function.Supplier; import org.apache.camel.CamelContext; import org.apache.camel.Consumer; @@ -35,6 +37,7 @@ import org.apache.camel.spi.Metadata; import org.apache.camel.spi.RestApiConsumerFactory; import org.apache.camel.spi.RestConfiguration; import org.apache.camel.spi.RestConsumerFactory; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.FileUtil; import org.apache.camel.util.HostUtils; import org.apache.camel.util.IntrospectionSupport; @@ -42,6 +45,7 @@ import org.apache.camel.util.ObjectHelper; import org.apache.camel.util.ServiceHelper; import org.apache.camel.util.URISupport; import org.apache.camel.util.UnsafeUriCharactersEncoder; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -140,6 +144,10 @@ public class NettyHttpComponent extends NettyComponent implements HeaderFilterSt config = parseConfiguration(config, remaining, parameters); setProperties(config, parameters); + if (config.getSslContextParameters() == null) { + config.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null)); + } + // validate config config.validateConfiguration(); http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/util/NettySSLContextParameterSupplier.java ---------------------------------------------------------------------- diff --git a/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/util/NettySSLContextParameterSupplier.java b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/util/NettySSLContextParameterSupplier.java new file mode 100644 index 0000000..249ef68 --- /dev/null +++ b/components/camel-netty-http/src/main/java/org/apache/camel/component/netty/http/util/NettySSLContextParameterSupplier.java @@ -0,0 +1,43 @@ +/* + * Copyright 2016 Red Hat, Inc. + * + * Red Hat licenses this file to you under the Apache License, version + * 2.0 (the "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ +package org.apache.camel.component.netty.http.util; + +import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; + +/** + * Class for binding a SSSLContextParametersSupplier to the registry. + */ +public class NettySSLContextParameterSupplier implements GlobalSSLContextParametersSupplier { + + private SSLContextParameters sslContextParameters; + + public NettySSLContextParameterSupplier() { + } + + public SSLContextParameters getSslContextParameters() { + return sslContextParameters; + } + + public void setSslContextParameters(SSLContextParameters sslContextParameters) { + this.sslContextParameters = sslContextParameters; + } + + @Override + public SSLContextParameters get() { + return sslContextParameters; + } +} http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/SpringNettyHttpGlobalSSLTest.java ---------------------------------------------------------------------- diff --git a/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/SpringNettyHttpGlobalSSLTest.java b/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/SpringNettyHttpGlobalSSLTest.java new file mode 100644 index 0000000..8b64126 --- /dev/null +++ b/components/camel-netty-http/src/test/java/org/apache/camel/component/netty/http/SpringNettyHttpGlobalSSLTest.java @@ -0,0 +1,80 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.component.netty.http; + +import java.net.URL; +import javax.annotation.Resource; + +import junit.framework.TestCase; + +import org.apache.camel.EndpointInject; +import org.apache.camel.Produce; +import org.apache.camel.ProducerTemplate; +import org.apache.camel.component.mock.MockEndpoint; +import org.junit.AfterClass; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration(locations = {"/org/apache/camel/component/netty/http/SpringNettyHttpGlobalSSLTest.xml"}) +public class SpringNettyHttpGlobalSSLTest extends TestCase { + + @Produce + private ProducerTemplate template; + + @EndpointInject(uri = "mock:input") + private MockEndpoint mockEndpoint; + + private Integer port; + + public Integer getPort() { + return port; + } + + @Resource(name = "dynaPort") + public void setPort(Integer port) { + this.port = port; + } + + @BeforeClass + public static void setUpJaas() throws Exception { + // ensure jsse clients can validate the self signed dummy localhost cert, + // use the server keystore as the trust store for these tests + URL trustStoreUrl = NettyHttpSSLTest.class.getClassLoader().getResource("jsse/localhost.ks"); + System.setProperty("javax.net.ssl.trustStore", trustStoreUrl.toURI().getPath()); + } + + @AfterClass + public static void tearDownJaas() throws Exception { + System.clearProperty("java.security.auth.login.config"); + } + + @Test + public void testSSLInOutWithNettyConsumer() throws Exception { + mockEndpoint.expectedBodiesReceived("Hello World"); + + String out = template.requestBody("https://localhost:"; + getPort(), "Hello World", String.class); + assertEquals("Bye World", out); + + mockEndpoint.assertIsSatisfied(); + } + +} + http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-netty-http/src/test/resources/org/apache/camel/component/netty/http/SpringNettyHttpGlobalSSLTest.xml ---------------------------------------------------------------------- diff --git a/components/camel-netty-http/src/test/resources/org/apache/camel/component/netty/http/SpringNettyHttpGlobalSSLTest.xml b/components/camel-netty-http/src/test/resources/org/apache/camel/component/netty/http/SpringNettyHttpGlobalSSLTest.xml new file mode 100644 index 0000000..43a8327 --- /dev/null +++ b/components/camel-netty-http/src/test/resources/org/apache/camel/component/netty/http/SpringNettyHttpGlobalSSLTest.xml @@ -0,0 +1,65 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<beans xmlns="http://www.springframework.org/schema/beans"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xmlns:camel="http://camel.apache.org/schema/spring"; + xsi:schemaLocation=" + http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd + http://camel.apache.org/schema/spring http://camel.apache.org/schema/spring/camel-spring.xsd + "> + + <bean id="dynaPort" class="org.springframework.beans.factory.config.MethodInvokingFactoryBean"> + <property name="targetClass"> + <value>org.apache.camel.test.AvailablePortFinder</value> + </property> + <property name="targetMethod"> + <value>getNextAvailable</value> + </property> + <property name="arguments"> + <list> + <value>9000</value> + </list> + </property> + </bean> + + <camel:sslContextParameters id="mySsl"> + <camel:keyManagers keyPassword="changeit"> + <camel:keyStore resource="jsse/localhost.ks" password="changeit"/> + </camel:keyManagers> + <camel:trustManagers> + <camel:keyStore resource="jsse/localhost.ks" password="changeit"/> + </camel:trustManagers> + </camel:sslContextParameters> + <bean id="sslContextParameterSupplier" class="org.apache.camel.component.netty.http.util.NettySSLContextParameterSupplier"> + <property name="sslContextParameters" ref="mySsl"/> + </bean> + + <camelContext id="camel" xmlns="http://camel.apache.org/schema/spring";> + <endpoint id="input1" uri="netty-http:https://0.0.0.0:#{dynaPort}?ssl=true"/> + + <route> + <from ref="input1"/> + <to uri="mock:input"/> + <transform> + <simple>Bye World</simple> + </transform> + </route> + + </camelContext> + +</beans> http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyComponent.java b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyComponent.java index 719bcb8..66ba641 100644 --- a/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyComponent.java +++ b/components/camel-netty/src/main/java/org/apache/camel/component/netty/NettyComponent.java @@ -19,15 +19,19 @@ package org.apache.camel.component.netty; import java.net.URI; import java.util.HashMap; import java.util.Map; +import java.util.Optional; import java.util.concurrent.ThreadFactory; import java.util.concurrent.TimeUnit; +import java.util.function.Supplier; import org.apache.camel.CamelContext; import org.apache.camel.Endpoint; import org.apache.camel.impl.UriEndpointComponent; import org.apache.camel.spi.Metadata; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.IntrospectionSupport; import org.apache.camel.util.concurrent.CamelThreadFactory; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; import org.jboss.netty.handler.execution.OrderedMemoryAwareThreadPoolExecutor; import org.jboss.netty.util.HashedWheelTimer; import org.jboss.netty.util.Timer; @@ -73,6 +77,10 @@ public class NettyComponent extends UriEndpointComponent { } } + if (config.getSslContextParameters() == null) { + config.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null)); + } + // validate config config.validateConfiguration(); http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettyGlobalSSLContextParametersTest.java ---------------------------------------------------------------------- diff --git a/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettyGlobalSSLContextParametersTest.java b/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettyGlobalSSLContextParametersTest.java new file mode 100644 index 0000000..c4edb58 --- /dev/null +++ b/components/camel-netty/src/test/java/org/apache/camel/component/netty/NettyGlobalSSLContextParametersTest.java @@ -0,0 +1,93 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.component.netty; + +import org.apache.camel.Exchange; +import org.apache.camel.Processor; +import org.apache.camel.builder.RouteBuilder; +import org.apache.camel.impl.JndiRegistry; +import org.apache.camel.util.jsse.ClientAuthentication; +import org.apache.camel.util.jsse.KeyManagersParameters; +import org.apache.camel.util.jsse.KeyStoreParameters; +import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; +import org.apache.camel.util.jsse.SSLContextServerParameters; +import org.apache.camel.util.jsse.TrustManagersParameters; +import org.junit.Test; + +public class NettyGlobalSSLContextParametersTest extends BaseNettyTest { + + @Override + protected JndiRegistry createRegistry() throws Exception { + + KeyStoreParameters ksp = new KeyStoreParameters(); + ksp.setResource(this.getClass().getClassLoader().getResource("keystore.jks").toString()); + ksp.setPassword("changeit"); + + KeyManagersParameters kmp = new KeyManagersParameters(); + kmp.setKeyPassword("changeit"); + kmp.setKeyStore(ksp); + + TrustManagersParameters tmp = new TrustManagersParameters(); + tmp.setKeyStore(ksp); + + // NOTE: Needed since the client uses a loose trust configuration when no ssl context + // is provided. We turn on WANT client-auth to prefer using authentication + SSLContextServerParameters scsp = new SSLContextServerParameters(); + scsp.setClientAuthentication(ClientAuthentication.WANT.name()); + + SSLContextParameters sslContextParameters = new SSLContextParameters(); + sslContextParameters.setKeyManagers(kmp); + sslContextParameters.setTrustManagers(tmp); + sslContextParameters.setServerParameters(scsp); + + JndiRegistry registry = super.createRegistry(); + registry.bind("sslContextParametersSupplier", (GlobalSSLContextParametersSupplier) () -> sslContextParameters); + return registry; + } + + @Override + public boolean isUseRouteBuilder() { + return false; + } + + @Test + public void testSSLInOutWithNettyConsumer() throws Exception { + // ibm jdks dont have sun security algorithms + if (isJavaVendor("ibm")) { + return; + } + + context.addRoutes(new RouteBuilder() { + public void configure() { + from("netty:tcp://localhost:{{port}}?sync=true&ssl=true") + .process(new Processor() { + public void process(Exchange exchange) throws Exception { + exchange.getOut().setBody("When You Go Home, Tell Them Of Us And Say, For Your Tomorrow, We Gave Our Today."); + } + }); + } + }); + context.start(); + + String response = template.requestBody( + "netty:tcp://localhost:{{port}}?sync=true&ssl=true", + "Epitaph in Kohima, India marking the WWII Battle of Kohima and Imphal, Burma Campaign - Attributed to John Maxwell Edmonds", String.class); + assertEquals("When You Go Home, Tell Them Of Us And Say, For Your Tomorrow, We Gave Our Today.", response); + } + +} http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/NettyHttpComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/NettyHttpComponent.java b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/NettyHttpComponent.java index dfa296d..bd6b53b 100644 --- a/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/NettyHttpComponent.java +++ b/components/camel-netty4-http/src/main/java/org/apache/camel/component/netty4/http/NettyHttpComponent.java @@ -20,6 +20,8 @@ import java.net.URI; import java.util.HashMap; import java.util.Locale; import java.util.Map; +import java.util.Optional; +import java.util.function.Supplier; import org.apache.camel.CamelContext; import org.apache.camel.Consumer; @@ -37,6 +39,7 @@ import org.apache.camel.spi.RestApiConsumerFactory; import org.apache.camel.spi.RestConfiguration; import org.apache.camel.spi.RestConsumerFactory; import org.apache.camel.spi.RestProducerFactory; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.FileUtil; import org.apache.camel.util.HostUtils; import org.apache.camel.util.IntrospectionSupport; @@ -44,6 +47,7 @@ import org.apache.camel.util.ObjectHelper; import org.apache.camel.util.ServiceHelper; import org.apache.camel.util.URISupport; import org.apache.camel.util.UnsafeUriCharactersEncoder; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -144,6 +148,11 @@ public class NettyHttpComponent extends NettyComponent implements HeaderFilterSt config = parseConfiguration(config, remaining, parameters); setProperties(config, parameters); + // set default ssl config + if (config.getSslContextParameters() == null) { + config.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null)); + } + // validate config config.validateConfiguration(); http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyComponent.java b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyComponent.java index 376f394..02a160e 100644 --- a/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyComponent.java +++ b/components/camel-netty4/src/main/java/org/apache/camel/component/netty4/NettyComponent.java @@ -19,7 +19,9 @@ package org.apache.camel.component.netty4; import java.net.URI; import java.util.HashMap; import java.util.Map; +import java.util.Optional; import java.util.concurrent.ThreadFactory; +import java.util.function.Supplier; import io.netty.util.concurrent.DefaultEventExecutorGroup; import io.netty.util.concurrent.EventExecutorGroup; @@ -28,8 +30,10 @@ import org.apache.camel.CamelContext; import org.apache.camel.Endpoint; import org.apache.camel.impl.UriEndpointComponent; import org.apache.camel.spi.Metadata; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.IntrospectionSupport; import org.apache.camel.util.concurrent.CamelThreadFactory; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; public class NettyComponent extends UriEndpointComponent { @@ -84,6 +88,10 @@ public class NettyComponent extends UriEndpointComponent { } } + if (config.getSslContextParameters() == null) { + config.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null)); + } + // validate config config.validateConfiguration(); http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-netty4/src/test/java/org/apache/camel/component/netty4/NettyGlobalSSLContextParametersTest.java ---------------------------------------------------------------------- diff --git a/components/camel-netty4/src/test/java/org/apache/camel/component/netty4/NettyGlobalSSLContextParametersTest.java b/components/camel-netty4/src/test/java/org/apache/camel/component/netty4/NettyGlobalSSLContextParametersTest.java new file mode 100644 index 0000000..c3aff02 --- /dev/null +++ b/components/camel-netty4/src/test/java/org/apache/camel/component/netty4/NettyGlobalSSLContextParametersTest.java @@ -0,0 +1,93 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.component.netty4; + +import org.apache.camel.Exchange; +import org.apache.camel.Processor; +import org.apache.camel.builder.RouteBuilder; +import org.apache.camel.impl.JndiRegistry; +import org.apache.camel.util.jsse.ClientAuthentication; +import org.apache.camel.util.jsse.KeyManagersParameters; +import org.apache.camel.util.jsse.KeyStoreParameters; +import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; +import org.apache.camel.util.jsse.SSLContextServerParameters; +import org.apache.camel.util.jsse.TrustManagersParameters; +import org.junit.Test; + +public class NettyGlobalSSLContextParametersTest extends BaseNettyTest { + + @Override + protected JndiRegistry createRegistry() throws Exception { + + KeyStoreParameters ksp = new KeyStoreParameters(); + ksp.setResource(this.getClass().getClassLoader().getResource("keystore.jks").toString()); + ksp.setPassword("changeit"); + + KeyManagersParameters kmp = new KeyManagersParameters(); + kmp.setKeyPassword("changeit"); + kmp.setKeyStore(ksp); + + TrustManagersParameters tmp = new TrustManagersParameters(); + tmp.setKeyStore(ksp); + + // NOTE: Needed since the client uses a loose trust configuration when no ssl context + // is provided. We turn on WANT client-auth to prefer using authentication + SSLContextServerParameters scsp = new SSLContextServerParameters(); + scsp.setClientAuthentication(ClientAuthentication.WANT.name()); + + SSLContextParameters sslContextParameters = new SSLContextParameters(); + sslContextParameters.setKeyManagers(kmp); + sslContextParameters.setTrustManagers(tmp); + sslContextParameters.setServerParameters(scsp); + + JndiRegistry registry = super.createRegistry(); + registry.bind("sslContextParametersSupplier", (GlobalSSLContextParametersSupplier) () -> sslContextParameters); + return registry; + } + + @Override + public boolean isUseRouteBuilder() { + return false; + } + + @Test + public void testSSLInOutWithNettyConsumer() throws Exception { + // ibm jdks dont have sun security algorithms + if (isJavaVendor("ibm")) { + return; + } + + context.addRoutes(new RouteBuilder() { + public void configure() { + from("netty4:tcp://localhost:{{port}}?sync=true&ssl=true") + .process(new Processor() { + public void process(Exchange exchange) throws Exception { + exchange.getOut().setBody("When You Go Home, Tell Them Of Us And Say, For Your Tomorrow, We Gave Our Today."); + } + }); + } + }); + context.start(); + + String response = template.requestBody( + "netty4:tcp://localhost:{{port}}?sync=true&ssl=true", + "Epitaph in Kohima, India marking the WWII Battle of Kohima and Imphal, Burma Campaign - Attributed to John Maxwell Edmonds", String.class); + assertEquals("When You Go Home, Tell Them Of Us And Say, For Your Tomorrow, We Gave Our Today.", response); + } + +} http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-olingo2/camel-olingo2-component/src/main/java/org/apache/camel/component/olingo2/Olingo2Component.java ---------------------------------------------------------------------- diff --git a/components/camel-olingo2/camel-olingo2-component/src/main/java/org/apache/camel/component/olingo2/Olingo2Component.java b/components/camel-olingo2/camel-olingo2-component/src/main/java/org/apache/camel/component/olingo2/Olingo2Component.java index 35394df..836371f 100644 --- a/components/camel-olingo2/camel-olingo2-component/src/main/java/org/apache/camel/component/olingo2/Olingo2Component.java +++ b/components/camel-olingo2/camel-olingo2-component/src/main/java/org/apache/camel/component/olingo2/Olingo2Component.java @@ -19,15 +19,19 @@ package org.apache.camel.component.olingo2; import java.io.IOException; import java.security.GeneralSecurityException; import java.util.Map; +import java.util.Optional; +import java.util.function.Supplier; import org.apache.camel.CamelContext; import org.apache.camel.Endpoint; import org.apache.camel.component.olingo2.api.impl.Olingo2AppImpl; import org.apache.camel.component.olingo2.internal.Olingo2ApiCollection; import org.apache.camel.component.olingo2.internal.Olingo2ApiName; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.ObjectHelper; import org.apache.camel.util.component.AbstractApiComponent; import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; import org.apache.http.HttpHost; import org.apache.http.client.config.RequestConfig; import org.apache.http.impl.client.HttpClientBuilder; @@ -144,6 +148,10 @@ public class Olingo2Component extends AbstractApiComponent<Olingo2ApiName, Oling SSLContextParameters sslContextParameters = configuration.getSslContextParameters(); if (sslContextParameters == null) { + // use global ssl config + sslContextParameters = Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null); + } + if (sslContextParameters == null) { // use defaults if not specified sslContextParameters = new SSLContextParameters(); } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-olingo4/camel-olingo4-component/src/main/java/org/apache/camel/component/olingo4/Olingo4Component.java ---------------------------------------------------------------------- diff --git a/components/camel-olingo4/camel-olingo4-component/src/main/java/org/apache/camel/component/olingo4/Olingo4Component.java b/components/camel-olingo4/camel-olingo4-component/src/main/java/org/apache/camel/component/olingo4/Olingo4Component.java index ee5fd2c..b0d88ba 100644 --- a/components/camel-olingo4/camel-olingo4-component/src/main/java/org/apache/camel/component/olingo4/Olingo4Component.java +++ b/components/camel-olingo4/camel-olingo4-component/src/main/java/org/apache/camel/component/olingo4/Olingo4Component.java @@ -19,15 +19,19 @@ package org.apache.camel.component.olingo4; import java.io.IOException; import java.security.GeneralSecurityException; import java.util.Map; +import java.util.Optional; +import java.util.function.Supplier; import org.apache.camel.CamelContext; import org.apache.camel.Endpoint; import org.apache.camel.component.olingo4.api.impl.Olingo4AppImpl; import org.apache.camel.component.olingo4.internal.Olingo4ApiCollection; import org.apache.camel.component.olingo4.internal.Olingo4ApiName; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.ObjectHelper; import org.apache.camel.util.component.AbstractApiComponent; import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; import org.apache.http.HttpHost; import org.apache.http.client.config.RequestConfig; import org.apache.http.impl.client.HttpClientBuilder; @@ -143,6 +147,10 @@ public class Olingo4Component extends AbstractApiComponent<Olingo4ApiName, Oling SSLContextParameters sslContextParameters = configuration.getSslContextParameters(); if (sslContextParameters == null) { + // use global ssl config + sslContextParameters = Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null); + } + if (sslContextParameters == null) { // use defaults if not specified sslContextParameters = new SSLContextParameters(); } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-restlet/src/main/java/org/apache/camel/component/restlet/RestletComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-restlet/src/main/java/org/apache/camel/component/restlet/RestletComponent.java b/components/camel-restlet/src/main/java/org/apache/camel/component/restlet/RestletComponent.java index f668f9e..bbd7a0c 100644 --- a/components/camel-restlet/src/main/java/org/apache/camel/component/restlet/RestletComponent.java +++ b/components/camel-restlet/src/main/java/org/apache/camel/component/restlet/RestletComponent.java @@ -26,6 +26,8 @@ import java.util.HashMap; import java.util.List; import java.util.Locale; import java.util.Map; +import java.util.Optional; +import java.util.function.Supplier; import javax.net.ssl.SSLContext; import javax.net.ssl.SSLEngine; @@ -40,6 +42,7 @@ import org.apache.camel.spi.RestApiConsumerFactory; import org.apache.camel.spi.RestConfiguration; import org.apache.camel.spi.RestConsumerFactory; import org.apache.camel.spi.RestProducerFactory; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.FileUtil; import org.apache.camel.util.HostUtils; import org.apache.camel.util.ObjectHelper; @@ -47,6 +50,7 @@ import org.apache.camel.util.ServiceHelper; import org.apache.camel.util.URISupport; import org.apache.camel.util.UnsafeUriCharactersEncoder; import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; import org.restlet.Component; import org.restlet.Restlet; import org.restlet.Server; @@ -162,6 +166,10 @@ public class RestletComponent extends HeaderFilterStrategyComponent implements R result.setPort(port); } + if (result.getSslContextParameters() == null) { + result.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null)); + } + return result; } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-restlet/src/test/java/org/apache/camel/component/restlet/RestletHttpsWithGlobalSSLContextParametersTest.java ---------------------------------------------------------------------- diff --git a/components/camel-restlet/src/test/java/org/apache/camel/component/restlet/RestletHttpsWithGlobalSSLContextParametersTest.java b/components/camel-restlet/src/test/java/org/apache/camel/component/restlet/RestletHttpsWithGlobalSSLContextParametersTest.java new file mode 100644 index 0000000..f1bde71 --- /dev/null +++ b/components/camel-restlet/src/test/java/org/apache/camel/component/restlet/RestletHttpsWithGlobalSSLContextParametersTest.java @@ -0,0 +1,104 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.component.restlet; + +import java.net.URL; + +import org.apache.camel.Exchange; +import org.apache.camel.Processor; +import org.apache.camel.builder.RouteBuilder; +import org.apache.camel.impl.JndiRegistry; +import org.apache.camel.util.jsse.KeyManagersParameters; +import org.apache.camel.util.jsse.KeyStoreParameters; +import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; +import org.apache.http.HttpResponse; +import org.apache.http.client.methods.HttpPost; +import org.apache.http.entity.StringEntity; +import org.junit.Test; + +/** + * @version + */ +public class RestletHttpsWithGlobalSSLContextParametersTest extends RestletTestSupport { + + private static final String REQUEST_MESSAGE = + "<mail><body>HelloWorld!</body><subject>test</subject><to>x...@y.net</to></mail>"; + + @Override + protected JndiRegistry createRegistry() throws Exception { + KeyStoreParameters ksp = new KeyStoreParameters(); + ksp.setResource(this.getClass().getClassLoader().getResource("jsse/localhost.ks").getPath().toString()); + ksp.setPassword("changeit"); + + KeyManagersParameters kmp = new KeyManagersParameters(); + kmp.setKeyPassword("changeit"); + kmp.setKeyStore(ksp); + + SSLContextParameters sslContextParameters = new SSLContextParameters(); + sslContextParameters.setKeyManagers(kmp); + + JndiRegistry registry = super.createRegistry(); + registry.bind("mySSLContextParametersSupplier", (GlobalSSLContextParametersSupplier) () -> sslContextParameters); + + return registry; + } + + + + @Override + protected RouteBuilder createRouteBuilder() { + return new RouteBuilder() { + @Override + public void configure() throws Exception { + // enable POST support + from("restlet:https://localhost:"; + portNum + "/users/?restletMethods=post") + .process(new Processor() { + public void process(Exchange exchange) throws Exception { + String body = exchange.getIn().getBody(String.class); + assertNotNull(body); + assertTrue("Get a wrong request message", body.indexOf(REQUEST_MESSAGE) >= 0); + exchange.getOut().setBody("<status>OK</status>"); + exchange.getOut().setHeader(Exchange.CONTENT_TYPE, "application/xml"); + } + }); + } + }; + } + + @Test + public void testPostXml() throws Exception { + postRequestMessage(REQUEST_MESSAGE); + } + + private void postRequestMessage(String message) throws Exception { + // ensure jsse clients can validate the self signed dummy localhost cert, + // use the server keystore as the trust store for these tests + URL trustStoreUrl = this.getClass().getClassLoader().getResource("jsse/localhost.ks"); + System.setProperty("javax.net.ssl.trustStore", trustStoreUrl.toURI().getPath()); + + HttpPost post = new HttpPost("https://localhost:"; + portNum + "/users/"); + post.addHeader(Exchange.CONTENT_TYPE, "application/xml"); + post.setEntity(new StringEntity(message)); + + HttpResponse response = doExecute(post); + assertHttpResponse(response, 200, "application/xml"); + String s = context.getTypeConverter().convertTo(String.class, response.getEntity().getContent()); + assertEquals("<status>OK</status>", s); + } + +} http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-salesforce/camel-salesforce-component/src/main/java/org/apache/camel/component/salesforce/SalesforceComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-salesforce/camel-salesforce-component/src/main/java/org/apache/camel/component/salesforce/SalesforceComponent.java b/components/camel-salesforce/camel-salesforce-component/src/main/java/org/apache/camel/component/salesforce/SalesforceComponent.java index 930c9e9..2bb9db3 100644 --- a/components/camel-salesforce/camel-salesforce-component/src/main/java/org/apache/camel/component/salesforce/SalesforceComponent.java +++ b/components/camel-salesforce/camel-salesforce-component/src/main/java/org/apache/camel/component/salesforce/SalesforceComponent.java @@ -20,7 +20,9 @@ import java.net.URI; import java.util.Arrays; import java.util.HashMap; import java.util.Map; +import java.util.Optional; import java.util.Set; +import java.util.function.Supplier; import java.util.regex.Pattern; import org.apache.camel.CamelContext; @@ -34,11 +36,13 @@ import org.apache.camel.component.salesforce.internal.SalesforceSession; import org.apache.camel.component.salesforce.internal.streaming.SubscriptionHelper; import org.apache.camel.impl.DefaultComponent; import org.apache.camel.spi.Metadata; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.IntrospectionSupport; import org.apache.camel.util.ServiceHelper; import org.apache.camel.util.StringHelper; import org.apache.camel.util.jsse.KeyStoreParameters; import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; import org.eclipse.jetty.client.HttpProxy; import org.eclipse.jetty.client.Origin; import org.eclipse.jetty.client.ProxyConfiguration; @@ -294,8 +298,13 @@ public class SalesforceComponent extends DefaultComponent implements VerifiableC httpClient = config.getHttpClient(); } else { // set ssl context parameters if set - final SSLContextParameters contextParameters = sslContextParameters != null - ? sslContextParameters : new SSLContextParameters(); + SSLContextParameters contextParameters = sslContextParameters; + if (contextParameters == null) { + contextParameters = Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null); + } + if (contextParameters == null) { + contextParameters = new SSLContextParameters(); + } final SslContextFactory sslContextFactory = new SslContextFactory(); sslContextFactory.setSslContext(contextParameters.createSSLContext(getCamelContext())); http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-servicenow/src/main/docs/servicenow-component.adoc ---------------------------------------------------------------------- diff --git a/components/camel-servicenow/src/main/docs/servicenow-component.adoc b/components/camel-servicenow/src/main/docs/servicenow-component.adoc index 2dc64a0..4355b66 100644 --- a/components/camel-servicenow/src/main/docs/servicenow-component.adoc +++ b/components/camel-servicenow/src/main/docs/servicenow-component.adoc @@ -64,7 +64,7 @@ with the following path and query parameters: | **instanceName** | *Required* The ServiceNow instance name | | String |======================================================================= -#### Query Parameters (40 parameters): +#### Query Parameters (41 parameters): [width="100%",cols="2,5,^1,2",options="header"] |======================================================================= @@ -108,6 +108,7 @@ with the following path and query parameters: | **proxyPassword** (security) | Password for proxy authentication | | String | **proxyUserName** (security) | Username for proxy authentication | | String | **sslContextParameters** (security) | To configure security using SSLContextParameters. See http://camel.apache.org/camel-configuration-utilities.html | | SSLContextParameters +| **useGlobalSslContext Parameters** (security) | Enable usage of Camel global SSL configuration. | false | boolean | **userName** (security) | *Required* ServiceNow user account name MUST be provided | | String |======================================================================= // endpoint options: END http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-servicenow/src/main/java/org/apache/camel/component/servicenow/ServiceNowComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-servicenow/src/main/java/org/apache/camel/component/servicenow/ServiceNowComponent.java b/components/camel-servicenow/src/main/java/org/apache/camel/component/servicenow/ServiceNowComponent.java index 885b9ce..43afc64 100644 --- a/components/camel-servicenow/src/main/java/org/apache/camel/component/servicenow/ServiceNowComponent.java +++ b/components/camel-servicenow/src/main/java/org/apache/camel/component/servicenow/ServiceNowComponent.java @@ -17,6 +17,8 @@ package org.apache.camel.component.servicenow; import java.util.Map; +import java.util.Optional; +import java.util.function.Supplier; import org.apache.camel.CamelContext; import org.apache.camel.ComponentVerifier; @@ -24,8 +26,10 @@ import org.apache.camel.Endpoint; import org.apache.camel.VerifiableComponent; import org.apache.camel.impl.UriEndpointComponent; import org.apache.camel.spi.Metadata; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.EndpointHelper; import org.apache.camel.util.IntrospectionSupport; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; /** * Represents the component that manages {@link ServiceNowEndpoint}. @@ -78,6 +82,10 @@ public class ServiceNowComponent extends UriEndpointComponent implements Verifia configuration.setOauthTokenUrl(String.format("https://%s.service-now.com/oauth_token.do";, instanceName)); } + if (configuration.isUseGlobalSslContextParameters() && configuration.getSslContextParameters() == null) { + configuration.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null)); + } + return new ServiceNowEndpoint(uri, this, configuration, instanceName); } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-servicenow/src/main/java/org/apache/camel/component/servicenow/ServiceNowConfiguration.java ---------------------------------------------------------------------- diff --git a/components/camel-servicenow/src/main/java/org/apache/camel/component/servicenow/ServiceNowConfiguration.java b/components/camel-servicenow/src/main/java/org/apache/camel/component/servicenow/ServiceNowConfiguration.java index 3429ff9..2ff5d53 100644 --- a/components/camel-servicenow/src/main/java/org/apache/camel/component/servicenow/ServiceNowConfiguration.java +++ b/components/camel-servicenow/src/main/java/org/apache/camel/component/servicenow/ServiceNowConfiguration.java @@ -110,6 +110,8 @@ public class ServiceNowConfiguration implements Cloneable { private ServiceNowRelease release = ServiceNowRelease.HELSINKI; @UriParam(label = "security") private SSLContextParameters sslContextParameters; + @UriParam(label = "security", defaultValue = "false") + private boolean useGlobalSslContextParameters; @UriParam(label = "advanced") private HTTPClientPolicy httpClientPolicy; @UriParam(label = "advanced") @@ -504,6 +506,17 @@ public class ServiceNowConfiguration implements Cloneable { this.sslContextParameters = sslContextParameters; } + public boolean isUseGlobalSslContextParameters() { + return useGlobalSslContextParameters; + } + + /** + * Enable usage of Camel global SSL configuration. + */ + public void setUseGlobalSslContextParameters(boolean useSslContextParameters) { + this.useGlobalSslContextParameters = useSslContextParameters; + } + public HTTPClientPolicy getHttpClientPolicy() { return httpClientPolicy; } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-spring-boot/src/main/java/org/apache/camel/spring/boot/security/CamelSSLAutoConfiguration.java ---------------------------------------------------------------------- diff --git a/components/camel-spring-boot/src/main/java/org/apache/camel/spring/boot/security/CamelSSLAutoConfiguration.java b/components/camel-spring-boot/src/main/java/org/apache/camel/spring/boot/security/CamelSSLAutoConfiguration.java new file mode 100644 index 0000000..a0fd18f --- /dev/null +++ b/components/camel-spring-boot/src/main/java/org/apache/camel/spring/boot/security/CamelSSLAutoConfiguration.java @@ -0,0 +1,42 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.spring.boot.security; + +import org.apache.camel.spring.boot.CamelAutoConfiguration; +import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; +import org.springframework.boot.autoconfigure.AutoConfigureAfter; +import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +@Configuration +@ConditionalOnBean(CamelAutoConfiguration.class) +@AutoConfigureAfter(CamelAutoConfiguration.class) +@EnableConfigurationProperties(CamelSSLConfigurationProperties.class) +@ConditionalOnProperty(value = "camel.ssl.enabled") +public class CamelSSLAutoConfiguration { + + @Bean + public GlobalSSLContextParametersSupplier sslContextParametersSupplier(CamelSSLConfigurationProperties properties) { + final SSLContextParameters config = properties.getConfig() != null ? properties.getConfig() : new SSLContextParameters(); + return () -> config; + } + +} http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-spring-boot/src/main/java/org/apache/camel/spring/boot/security/CamelSSLConfigurationProperties.java ---------------------------------------------------------------------- diff --git a/components/camel-spring-boot/src/main/java/org/apache/camel/spring/boot/security/CamelSSLConfigurationProperties.java b/components/camel-spring-boot/src/main/java/org/apache/camel/spring/boot/security/CamelSSLConfigurationProperties.java new file mode 100644 index 0000000..cf79558 --- /dev/null +++ b/components/camel-spring-boot/src/main/java/org/apache/camel/spring/boot/security/CamelSSLConfigurationProperties.java @@ -0,0 +1,55 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.spring.boot.security; + +import org.apache.camel.util.jsse.SSLContextParameters; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.boot.context.properties.NestedConfigurationProperty; + +@ConfigurationProperties(prefix = "camel.ssl") +public class CamelSSLConfigurationProperties { + + /** + * Enable the global ssl configuration in Camel. + */ + private boolean enabled = false; + + /** + * The Camel global SSL configuration + */ + @NestedConfigurationProperty + private SSLContextParameters config; + + public CamelSSLConfigurationProperties() { + } + + public boolean isEnabled() { + return enabled; + } + + public void setEnabled(boolean enabled) { + this.enabled = enabled; + } + + public SSLContextParameters getConfig() { + return config; + } + + public void setConfig(SSLContextParameters config) { + this.config = config; + } +} http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-spring-boot/src/main/resources/META-INF/spring.factories ---------------------------------------------------------------------- diff --git a/components/camel-spring-boot/src/main/resources/META-INF/spring.factories b/components/camel-spring-boot/src/main/resources/META-INF/spring.factories index ef14820..da3defc 100644 --- a/components/camel-spring-boot/src/main/resources/META-INF/spring.factories +++ b/components/camel-spring-boot/src/main/resources/META-INF/spring.factories @@ -22,4 +22,5 @@ org.apache.camel.spring.boot.cloud.CamelCloudServiceCallConfigurationAutoConfigu org.apache.camel.spring.boot.cloud.CamelCloudServiceDiscoveryAutoConfiguration,\ org.apache.camel.spring.boot.cloud.CamelCloudServiceFilterAutoConfiguration,\ org.apache.camel.spring.boot.cloud.CamelCloudServiceChooserAutoConfiguration,\ -org.apache.camel.spring.boot.health.CamelHealthAutoConfiguration +org.apache.camel.spring.boot.health.CamelHealthAutoConfiguration,\ +org.apache.camel.spring.boot.security.CamelSSLAutoConfiguration http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-spring-ws/src/main/java/org/apache/camel/component/spring/ws/SpringWebserviceComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-spring-ws/src/main/java/org/apache/camel/component/spring/ws/SpringWebserviceComponent.java b/components/camel-spring-ws/src/main/java/org/apache/camel/component/spring/ws/SpringWebserviceComponent.java index ea065d0..dde9b3a 100644 --- a/components/camel-spring-ws/src/main/java/org/apache/camel/component/spring/ws/SpringWebserviceComponent.java +++ b/components/camel-spring-ws/src/main/java/org/apache/camel/component/spring/ws/SpringWebserviceComponent.java @@ -19,6 +19,8 @@ package org.apache.camel.component.spring.ws; import java.net.URI; import java.net.URISyntaxException; import java.util.Map; +import java.util.Optional; +import java.util.function.Supplier; import javax.xml.transform.TransformerFactory; import org.apache.camel.CamelContext; @@ -35,6 +37,7 @@ import org.apache.camel.impl.UriEndpointComponent; import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.EndpointHelper; import org.apache.camel.util.UnsafeUriCharactersEncoder; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.ws.client.core.WebServiceTemplate; @@ -69,6 +72,11 @@ public class SpringWebserviceComponent extends UriEndpointComponent { setProperties(configuration, parameters); configureProducerConfiguration(remaining, configuration); configureMessageFilter(configuration); + + if (configuration.getSslContextParameters() == null) { + configuration.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null)); + } + return new SpringWebserviceEndpoint(this, uri, configuration); } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-stomp/src/main/java/org/apache/camel/component/stomp/StompComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-stomp/src/main/java/org/apache/camel/component/stomp/StompComponent.java b/components/camel-stomp/src/main/java/org/apache/camel/component/stomp/StompComponent.java index eeb1b6a..77b323f 100644 --- a/components/camel-stomp/src/main/java/org/apache/camel/component/stomp/StompComponent.java +++ b/components/camel-stomp/src/main/java/org/apache/camel/component/stomp/StompComponent.java @@ -17,10 +17,14 @@ package org.apache.camel.component.stomp; import java.util.Map; +import java.util.Optional; +import java.util.function.Supplier; import org.apache.camel.Endpoint; import org.apache.camel.impl.UriEndpointComponent; import org.apache.camel.spi.Metadata; +import org.apache.camel.util.CamelContextHelper; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; public class StompComponent extends UriEndpointComponent { @@ -48,6 +52,11 @@ public class StompComponent extends UriEndpointComponent { StompEndpoint endpoint = new StompEndpoint(uri, this, config, destination); setProperties(endpoint, parameters); + + if (config.isUseGlobalSslContextParameters() && config.getSslContextParameters() == null) { + config.setSslContextParameters(Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null)); + } + return endpoint; } @@ -89,4 +98,5 @@ public class StompComponent extends UriEndpointComponent { public void setHost(String host) { configuration.setHost(host); } + } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-stomp/src/main/java/org/apache/camel/component/stomp/StompConfiguration.java ---------------------------------------------------------------------- diff --git a/components/camel-stomp/src/main/java/org/apache/camel/component/stomp/StompConfiguration.java b/components/camel-stomp/src/main/java/org/apache/camel/component/stomp/StompConfiguration.java index 61ddd0d..f46a173 100644 --- a/components/camel-stomp/src/main/java/org/apache/camel/component/stomp/StompConfiguration.java +++ b/components/camel-stomp/src/main/java/org/apache/camel/component/stomp/StompConfiguration.java @@ -35,6 +35,8 @@ public class StompConfiguration implements Cloneable { private String host; @UriParam(label = "security") private SSLContextParameters sslContextParameters; + @Metadata(label = "security", defaultValue = "false") + private boolean useGlobalSslContextParameters; /** * Returns a copy of this configuration @@ -103,4 +105,14 @@ public class StompConfiguration implements Cloneable { this.sslContextParameters = sslContextParameters; } + public boolean isUseGlobalSslContextParameters() { + return useGlobalSslContextParameters; + } + + /** + * Enable usage of Camel global SSL configuration + */ + public void setUseGlobalSslContextParameters(boolean useGlobalSslContextParameters) { + this.useGlobalSslContextParameters = useGlobalSslContextParameters; + } } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-stomp/src/test/java/org/apache/camel/component/stomp/StompGlobalSslConsumerTest.java ---------------------------------------------------------------------- diff --git a/components/camel-stomp/src/test/java/org/apache/camel/component/stomp/StompGlobalSslConsumerTest.java b/components/camel-stomp/src/test/java/org/apache/camel/component/stomp/StompGlobalSslConsumerTest.java new file mode 100644 index 0000000..0c0d1a7 --- /dev/null +++ b/components/camel-stomp/src/test/java/org/apache/camel/component/stomp/StompGlobalSslConsumerTest.java @@ -0,0 +1,47 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.component.stomp; + +import org.apache.camel.builder.RouteBuilder; +import org.apache.camel.impl.JndiRegistry; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; + +public class StompGlobalSslConsumerTest extends StompConsumerTest { + + @Override + protected JndiRegistry createRegistry() throws Exception { + JndiRegistry registry = super.createRegistry(); + registry.bind("sslSupplier", (GlobalSSLContextParametersSupplier) this::getClientSSLContextParameters); + return registry; + } + + @Override + protected boolean isUseSsl() { + return true; + } + + @Override + protected RouteBuilder createRouteBuilder() { + return new RouteBuilder() { + public void configure() { + fromF("stomp:queue:test?brokerURL=ssl://localhost:%d&useGlobalSslContextParameters=true", getPort()) + .transform(body().convertToString()) + .to("mock:result"); + } + }; + } +} http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-undertow/src/main/java/org/apache/camel/component/undertow/UndertowComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-undertow/src/main/java/org/apache/camel/component/undertow/UndertowComponent.java b/components/camel-undertow/src/main/java/org/apache/camel/component/undertow/UndertowComponent.java index 86760ab..b38940f 100644 --- a/components/camel-undertow/src/main/java/org/apache/camel/component/undertow/UndertowComponent.java +++ b/components/camel-undertow/src/main/java/org/apache/camel/component/undertow/UndertowComponent.java @@ -21,7 +21,9 @@ import java.net.URISyntaxException; import java.util.HashMap; import java.util.Locale; import java.util.Map; +import java.util.Optional; import java.util.concurrent.ConcurrentHashMap; +import java.util.function.Supplier; import org.apache.camel.CamelContext; import org.apache.camel.ComponentVerifier; @@ -36,6 +38,7 @@ import org.apache.camel.spi.RestApiConsumerFactory; import org.apache.camel.spi.RestConfiguration; import org.apache.camel.spi.RestConsumerFactory; import org.apache.camel.spi.RestProducerFactory; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.FileUtil; import org.apache.camel.util.HostUtils; import org.apache.camel.util.IntrospectionSupport; @@ -44,6 +47,7 @@ import org.apache.camel.util.ServiceHelper; import org.apache.camel.util.URISupport; import org.apache.camel.util.UnsafeUriCharactersEncoder; import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -78,10 +82,16 @@ public class UndertowComponent extends DefaultComponent implements RestConsumerF // any additional channel options Map<String, Object> options = IntrospectionSupport.extractProperties(parameters, "option."); + // determine sslContextParameters + SSLContextParameters sslParams = this.sslContextParameters; + if (sslParams == null) { + sslParams = Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null); + } + // create the endpoint first UndertowEndpoint endpoint = createEndpointInstance(endpointUri, this); // set options from component - endpoint.setSslContextParameters(sslContextParameters); + endpoint.setSslContextParameters(sslParams); // Prefer endpoint configured over component configured if (undertowHttpBinding == null) { // fallback to component configured http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-websocket/src/main/docs/websocket-component.adoc ---------------------------------------------------------------------- diff --git a/components/camel-websocket/src/main/docs/websocket-component.adoc b/components/camel-websocket/src/main/docs/websocket-component.adoc index ff4d857..6091347 100644 --- a/components/camel-websocket/src/main/docs/websocket-component.adoc +++ b/components/camel-websocket/src/main/docs/websocket-component.adoc @@ -32,7 +32,7 @@ You can append query options to the URI in the following format, // component options: START -The Jetty Websocket component supports 13 options which are listed below. +The Jetty Websocket component supports 14 options which are listed below. @@ -50,6 +50,7 @@ The Jetty Websocket component supports 13 options which are listed below. | **maxThreads** (advanced) | To set a value for maximum number of threads in server thread pool. MaxThreads/minThreads or threadPool fields are required due to switch to Jetty9. The default values for maxThreads is 1 2 noCores. | | Integer | **threadPool** (advanced) | To use a custom thread pool for the server. MaxThreads/minThreads or threadPool fields are required due to switch to Jetty9. | | ThreadPool | **sslContextParameters** (security) | To configure security using SSLContextParameters | | SSLContextParameters +| **useGlobalSslContext Parameters** (security) | Enable usage of Camel global SSL context parameters | true | boolean | **socketFactory** (common) | To configure a map which contains custom WebSocketFactory for sub protocols. The key in the map is the sub protocol. The default key is reserved for the default implementation. | | Map | **resolveProperty Placeholders** (advanced) | Whether the component should resolve property placeholders on itself when starting. Only properties which are of String type can use property placeholders. | true | boolean |======================================================================= @@ -81,7 +82,7 @@ with the following path and query parameters: | **resourceUri** | *Required* Name of the websocket channel to use | | String |======================================================================= -#### Query Parameters (18 parameters): +#### Query Parameters (19 parameters): [width="100%",cols="2,5,^1,2",options="header"] |======================================================================= @@ -104,6 +105,7 @@ with the following path and query parameters: | **filterPath** (cors) | Context path for filtering CORS | | String | **enableJmx** (monitoring) | If this option is true Jetty JMX support will be enabled for this endpoint. See Jetty JMX support for more details. | false | boolean | **sslContextParameters** (security) | To configure security using SSLContextParameters | | SSLContextParameters +| **useGlobalSslContext Parameters** (security) | Enable usage of Camel global SSL context parameters | true | boolean |======================================================================= // endpoint options: END http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketComponent.java ---------------------------------------------------------------------- diff --git a/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketComponent.java b/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketComponent.java index 04169d0..323a522 100644 --- a/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketComponent.java +++ b/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketComponent.java @@ -23,14 +23,18 @@ import java.util.EnumSet; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Optional; +import java.util.function.Supplier; import javax.servlet.DispatcherType; import org.apache.camel.Endpoint; import org.apache.camel.RuntimeCamelException; import org.apache.camel.impl.UriEndpointComponent; import org.apache.camel.spi.Metadata; +import org.apache.camel.util.CamelContextHelper; import org.apache.camel.util.ObjectHelper; import org.apache.camel.util.jsse.SSLContextParameters; +import org.apache.camel.util.jsse.GlobalSSLContextParametersSupplier; import org.eclipse.jetty.jmx.MBeanContainer; import org.eclipse.jetty.server.Connector; import org.eclipse.jetty.server.Handler; @@ -65,6 +69,8 @@ public class WebsocketComponent extends UriEndpointComponent { @Metadata(label = "security") protected SSLContextParameters sslContextParameters; + @Metadata(label = "security", defaultValue = "true") + protected boolean useGlobalSslContextParameters = true; @Metadata(label = "advanced") protected ThreadPool threadPool; @Metadata(defaultValue = "9292") @@ -277,7 +283,10 @@ public class WebsocketComponent extends UriEndpointComponent { @Override protected Endpoint createEndpoint(String uri, String remaining, Map<String, Object> parameters) throws Exception { SSLContextParameters sslContextParameters = resolveAndRemoveReferenceParameter(parameters, "sslContextParameters", SSLContextParameters.class); - + Boolean useGlobalSslContextParameters = getAndRemoveParameter(parameters, "useGlobalSslContextParameters", Boolean.class); + if (useGlobalSslContextParameters == null) { + useGlobalSslContextParameters = this.useGlobalSslContextParameters; + } Boolean enableJmx = getAndRemoveParameter(parameters, "enableJmx", Boolean.class); String staticResources = getAndRemoveParameter(parameters, "staticResources", String.class); int port = extractPortNumber(remaining); @@ -296,9 +305,8 @@ public class WebsocketComponent extends UriEndpointComponent { // fallback to component configured sslContextParameters = getSslContextParameters(); } - - if (sslContextParameters != null) { - endpoint.setSslContextParameters(sslContextParameters); + if (useGlobalSslContextParameters && sslContextParameters == null) { + sslContextParameters = Optional.ofNullable(CamelContextHelper.findByType(getCamelContext(), GlobalSSLContextParametersSupplier.class)).map(Supplier::get).orElse(null); } // prefer to use endpoint configured over component configured @@ -314,6 +322,7 @@ public class WebsocketComponent extends UriEndpointComponent { endpoint.setSslContextParameters(sslContextParameters); endpoint.setPort(port); endpoint.setHost(host); + endpoint.setUseGlobalSslContextParameters(useGlobalSslContextParameters); setProperties(endpoint, parameters); return endpoint; @@ -732,6 +741,17 @@ public class WebsocketComponent extends UriEndpointComponent { this.sslContextParameters = sslContextParameters; } + public boolean isUseGlobalSslContextParameters() { + return useGlobalSslContextParameters; + } + + /** + * Enable usage of Camel global SSL context parameters + */ + public void setUseGlobalSslContextParameters(boolean useGlobalSslContextParameters) { + this.useGlobalSslContextParameters = useGlobalSslContextParameters; + } + public Map<String, WebSocketFactory> getSocketFactory() { return socketFactory; } http://git-wip-us.apache.org/repos/asf/camel/blob/ef916c22/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketEndpoint.java ---------------------------------------------------------------------- diff --git a/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketEndpoint.java b/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketEndpoint.java index cdd4cbf..27427c8 100644 --- a/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketEndpoint.java +++ b/components/camel-websocket/src/main/java/org/apache/camel/component/websocket/WebsocketEndpoint.java @@ -64,6 +64,8 @@ public class WebsocketEndpoint extends DefaultEndpoint { private boolean crossOriginFilterOn; @UriParam(label = "security") private SSLContextParameters sslContextParameters; + @UriParam(label = "security", defaultValue = "true") + private boolean useGlobalSslContextParameters = true; @UriParam(label = "cors") private String allowedOrigins; @UriParam(label = "cors") @@ -295,6 +297,17 @@ public class WebsocketEndpoint extends DefaultEndpoint { this.sslContextParameters = sslContextParameters; } + public boolean isUseGlobalSslContextParameters() { + return useGlobalSslContextParameters; + } + + /** + * Enable usage of Camel global SSL context parameters + */ + public void setUseGlobalSslContextParameters(boolean useGlobalSslContextParameters) { + this.useGlobalSslContextParameters = useGlobalSslContextParameters; + } + public boolean isEnableJmx() { return this.enableJmx; }
