Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/test/sun/net/www/protocol/https/HttpsClient/ProxyAuthTest.java
changeset 23052 241885315119
parent 10328 06c93c42bca0
child 30820 0d4717a011d3 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/net/www/protocol/https/HttpsClient/ProxyAuthTest.java	Wed Mar 05 07:24:34 2014 +0000
@@ -0,0 +1,208 @@
+/*
+ * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 4323990 4413069
+ * @summary HttpsURLConnection doesn't send Proxy-Authorization on CONNECT
+ *     Incorrect checking of proxy server response
+ * @run main/othervm ProxyAuthTest
+ *
+ *     No way to reserve and restore java.lang.Authenticator, need to run this
+ *     test in othervm mode.
+ */
+
+import java.io.*;
+import java.net.*;
+import java.security.KeyStore;
+import javax.net.*;
+import javax.net.ssl.*;
+import java.security.cert.*;
+
+/*
+ * ProxyAuthTest.java -- includes a simple server that can serve
+ * Http get request in both clear and secure channel, and a client
+ * that makes https requests behind the firewall through an
+ * authentication proxy
+ */
+
+public class ProxyAuthTest {
+    /*
+     * Where do we find the keystores?
+     */
+    static String pathToStores = "../../../../../../javax/net/ssl/etc";
+    static String keyStoreFile = "keystore";
+    static String trustStoreFile = "truststore";
+    static String passwd = "passphrase";
+
+    volatile private static int serverPort = 0;
+
+    /*
+     * The TestServer implements a OriginServer that
+     * processes HTTP requests and responses.
+     */
+    static class TestServer extends OriginServer {
+        public TestServer(ServerSocket ss) throws Exception {
+            super(ss);
+        }
+
+        /*
+         * Returns an array of bytes containing the bytes for
+         * the data sent in the response.
+         *
+         * @return bytes for the data in the response
+         */
+        public byte[] getBytes() {
+            return "Proxy authentication for tunneling succeeded ..".
+                        getBytes();
+        }
+    }
+
+    /*
+     * Main method to create the server and the client
+     */
+    public static void main(String args[]) throws Exception {
+        String keyFilename =
+            System.getProperty("test.src", "./") + "/" + pathToStores +
+                "/" + keyStoreFile;
+        String trustFilename =
+            System.getProperty("test.src", "./") + "/" + pathToStores +
+                "/" + trustStoreFile;
+
+        System.setProperty("javax.net.ssl.keyStore", keyFilename);
+        System.setProperty("javax.net.ssl.keyStorePassword", passwd);
+        System.setProperty("javax.net.ssl.trustStore", trustFilename);
+        System.setProperty("javax.net.ssl.trustStorePassword", passwd);
+
+        boolean useSSL = true;
+        /*
+         * setup the server
+         */
+        try {
+            ServerSocketFactory ssf =
+                ProxyAuthTest.getServerSocketFactory(useSSL);
+            ServerSocket ss = ssf.createServerSocket(serverPort);
+            serverPort = ss.getLocalPort();
+            new TestServer(ss);
+        } catch (Exception e) {
+            System.out.println("Server side failed:" +
+                                e.getMessage());
+            throw e;
+        }
+        // trigger the client
+        try {
+            doClientSide();
+        } catch (Exception e) {
+            System.out.println("Client side failed: " + e.getMessage());
+            throw e;
+        }
+    }
+
+    private static ServerSocketFactory getServerSocketFactory
+                   (boolean useSSL) throws Exception {
+        if (useSSL) {
+            SSLServerSocketFactory ssf = null;
+            // set up key manager to do server authentication
+            SSLContext ctx;
+            KeyManagerFactory kmf;
+            KeyStore ks;
+            char[] passphrase = passwd.toCharArray();
+
+            ctx = SSLContext.getInstance("TLS");
+            kmf = KeyManagerFactory.getInstance("SunX509");
+            ks = KeyStore.getInstance("JKS");
+
+            ks.load(new FileInputStream(System.getProperty(
+                        "javax.net.ssl.keyStore")), passphrase);
+            kmf.init(ks, passphrase);
+            ctx.init(kmf.getKeyManagers(), null, null);
+
+            ssf = ctx.getServerSocketFactory();
+            return ssf;
+        } else {
+            return ServerSocketFactory.getDefault();
+        }
+    }
+
+    static void doClientSide() throws Exception {
+        /*
+         * setup up a proxy with authentication information
+         */
+        setupProxy();
+
+        /*
+         * we want to avoid URLspoofCheck failures in cases where the cert
+         * DN name does not match the hostname in the URL.
+         */
+        HttpsURLConnection.setDefaultHostnameVerifier(
+                                      new NameVerifier());
+        URL url = new URL("https://" + "localhost:" + serverPort
+                                + "/index.html");
+        BufferedReader in = null;
+        try {
+            in = new BufferedReader(new InputStreamReader(
+                               url.openStream()));
+            String inputLine;
+            System.out.print("Client recieved from the server: ");
+            while ((inputLine = in.readLine()) != null)
+                System.out.println(inputLine);
+            in.close();
+        } catch (SSLException e) {
+            if (in != null)
+                in.close();
+            throw e;
+        }
+    }
+
+    static class NameVerifier implements HostnameVerifier {
+        public boolean verify(String hostname, SSLSession session) {
+            return true;
+        }
+    }
+
+    static void setupProxy() throws IOException {
+        ProxyTunnelServer pserver = new ProxyTunnelServer();
+        /*
+         * register a system wide authenticator and setup the proxy for
+         * authentication
+         */
+        Authenticator.setDefault(new TestAuthenticator());
+
+        // register with the username and password
+        pserver.needUserAuth(true);
+        pserver.setUserAuth("Test", "test123");
+
+        pserver.start();
+        System.setProperty("https.proxyHost", "localhost");
+        System.setProperty("https.proxyPort", String.valueOf(
+                                        pserver.getPort()));
+    }
+
+    public static class TestAuthenticator extends Authenticator {
+
+        public PasswordAuthentication getPasswordAuthentication() {
+            return new PasswordAuthentication("Test",
+                                         "test123".toCharArray());
+        }
+    }
+}
jdk-sandbox