--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/net/www/protocol/https/HttpsClient/ProxyAuthTest.java Wed Mar 05 07:24:34 2014 +0000
@@ -0,0 +1,208 @@
+/*
+ * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+
+/*
+ * @test
+ * @bug 4323990 4413069
+ * @summary HttpsURLConnection doesn't send Proxy-Authorization on CONNECT
+ * Incorrect checking of proxy server response
+ * @run main/othervm ProxyAuthTest
+ *
+ * No way to reserve and restore java.lang.Authenticator, need to run this
+ * test in othervm mode.
+ */
+
+import java.io.*;
+import java.net.*;
+import java.security.KeyStore;
+import javax.net.*;
+import javax.net.ssl.*;
+import java.security.cert.*;
+
+/*
+ * ProxyAuthTest.java -- includes a simple server that can serve
+ * Http get request in both clear and secure channel, and a client
+ * that makes https requests behind the firewall through an
+ * authentication proxy
+ */
+
+public class ProxyAuthTest {
+ /*
+ * Where do we find the keystores?
+ */
+ static String pathToStores = "../../../../../../javax/net/ssl/etc";
+ static String keyStoreFile = "keystore";
+ static String trustStoreFile = "truststore";
+ static String passwd = "passphrase";
+
+ volatile private static int serverPort = 0;
+
+ /*
+ * The TestServer implements a OriginServer that
+ * processes HTTP requests and responses.
+ */
+ static class TestServer extends OriginServer {
+ public TestServer(ServerSocket ss) throws Exception {
+ super(ss);
+ }
+
+ /*
+ * Returns an array of bytes containing the bytes for
+ * the data sent in the response.
+ *
+ * @return bytes for the data in the response
+ */
+ public byte[] getBytes() {
+ return "Proxy authentication for tunneling succeeded ..".
+ getBytes();
+ }
+ }
+
+ /*
+ * Main method to create the server and the client
+ */
+ public static void main(String args[]) throws Exception {
+ String keyFilename =
+ System.getProperty("test.src", "./") + "/" + pathToStores +
+ "/" + keyStoreFile;
+ String trustFilename =
+ System.getProperty("test.src", "./") + "/" + pathToStores +
+ "/" + trustStoreFile;
+
+ System.setProperty("javax.net.ssl.keyStore", keyFilename);
+ System.setProperty("javax.net.ssl.keyStorePassword", passwd);
+ System.setProperty("javax.net.ssl.trustStore", trustFilename);
+ System.setProperty("javax.net.ssl.trustStorePassword", passwd);
+
+ boolean useSSL = true;
+ /*
+ * setup the server
+ */
+ try {
+ ServerSocketFactory ssf =
+ ProxyAuthTest.getServerSocketFactory(useSSL);
+ ServerSocket ss = ssf.createServerSocket(serverPort);
+ serverPort = ss.getLocalPort();
+ new TestServer(ss);
+ } catch (Exception e) {
+ System.out.println("Server side failed:" +
+ e.getMessage());
+ throw e;
+ }
+ // trigger the client
+ try {
+ doClientSide();
+ } catch (Exception e) {
+ System.out.println("Client side failed: " + e.getMessage());
+ throw e;
+ }
+ }
+
+ private static ServerSocketFactory getServerSocketFactory
+ (boolean useSSL) throws Exception {
+ if (useSSL) {
+ SSLServerSocketFactory ssf = null;
+ // set up key manager to do server authentication
+ SSLContext ctx;
+ KeyManagerFactory kmf;
+ KeyStore ks;
+ char[] passphrase = passwd.toCharArray();
+
+ ctx = SSLContext.getInstance("TLS");
+ kmf = KeyManagerFactory.getInstance("SunX509");
+ ks = KeyStore.getInstance("JKS");
+
+ ks.load(new FileInputStream(System.getProperty(
+ "javax.net.ssl.keyStore")), passphrase);
+ kmf.init(ks, passphrase);
+ ctx.init(kmf.getKeyManagers(), null, null);
+
+ ssf = ctx.getServerSocketFactory();
+ return ssf;
+ } else {
+ return ServerSocketFactory.getDefault();
+ }
+ }
+
+ static void doClientSide() throws Exception {
+ /*
+ * setup up a proxy with authentication information
+ */
+ setupProxy();
+
+ /*
+ * we want to avoid URLspoofCheck failures in cases where the cert
+ * DN name does not match the hostname in the URL.
+ */
+ HttpsURLConnection.setDefaultHostnameVerifier(
+ new NameVerifier());
+ URL url = new URL("https://" + "localhost:" + serverPort
+ + "/index.html");
+ BufferedReader in = null;
+ try {
+ in = new BufferedReader(new InputStreamReader(
+ url.openStream()));
+ String inputLine;
+ System.out.print("Client recieved from the server: ");
+ while ((inputLine = in.readLine()) != null)
+ System.out.println(inputLine);
+ in.close();
+ } catch (SSLException e) {
+ if (in != null)
+ in.close();
+ throw e;
+ }
+ }
+
+ static class NameVerifier implements HostnameVerifier {
+ public boolean verify(String hostname, SSLSession session) {
+ return true;
+ }
+ }
+
+ static void setupProxy() throws IOException {
+ ProxyTunnelServer pserver = new ProxyTunnelServer();
+ /*
+ * register a system wide authenticator and setup the proxy for
+ * authentication
+ */
+ Authenticator.setDefault(new TestAuthenticator());
+
+ // register with the username and password
+ pserver.needUserAuth(true);
+ pserver.setUserAuth("Test", "test123");
+
+ pserver.start();
+ System.setProperty("https.proxyHost", "localhost");
+ System.setProperty("https.proxyPort", String.valueOf(
+ pserver.getPort()));
+ }
+
+ public static class TestAuthenticator extends Authenticator {
+
+ public PasswordAuthentication getPasswordAuthentication() {
+ return new PasswordAuthentication("Test",
+ "test123".toCharArray());
+ }
+ }
+}