[phiz] 6 new revisions pushed by michal.kotelba@esacinc.com on 2015-03-09 11:24 GMT

1 view

Skip to first unread message

ph...@googlecode.com

unread,

Mar 9, 2015, 7:25:12 AM3/9/15

to phiz-de...@googlegroups.com

6 new revisions:

Revision: 4108ef68595b
Branch: default
Author: Michal Kotelba <michal....@esacinc.com>
Date: Wed Feb 18 20:44:48 2015 UTC
Log: - Supports PHIZ-33....
https://code.google.com/p/phiz/source/detail?r=4108ef68595b

Revision: cc38a0984b2f
Branch: default
Author: Michal Kotelba <michal....@esacinc.com>
Date: Wed Feb 18 20:52:23 2015 UTC
Log: - Further supports PHIZ-33....
https://code.google.com/p/phiz/source/detail?r=cc38a0984b2f

Revision: 4c12be7a9ee8
Branch: default
Author: Michal Kotelba <michal....@esacinc.com>
Date: Sat Feb 21 20:45:44 2015 UTC
Log: - Supports PHIZ-34....
https://code.google.com/p/phiz/source/detail?r=4c12be7a9ee8

Revision: a836e971c5dd
Branch: default
Author: Michal Kotelba <michal....@esacinc.com>
Date: Sun Feb 22 22:41:41 2015 UTC
Log: - Supports PHIZ-35....
https://code.google.com/p/phiz/source/detail?r=a836e971c5dd

Revision: 1c6bf3f2ee5c
Branch: default
Author: Michal Kotelba <michal....@esacinc.com>
Date: Sat Mar 7 13:04:18 2015 UTC
Log: - Further supports PHIZ-34 and PHIZ-35....
https://code.google.com/p/phiz/source/detail?r=1c6bf3f2ee5c

Revision: 06aff4721ae3
Branch: default
Author: Michal Kotelba <michal....@esacinc.com>
Date: Sat Mar 7 17:35:44 2015 UTC
Log: - Further supports PHIZ-35 and PHIZ-36....
https://code.google.com/p/phiz/source/detail?r=06aff4721ae3

==============================================================================
Revision: 4108ef68595b
Branch: default
Author: Michal Kotelba <michal....@esacinc.com>
Date: Wed Feb 18 20:44:48 2015 UTC
Log: - Supports PHIZ-33.
- Implemented Spring resource ordering via chained Comparator(s).
https://code.google.com/p/phiz/source/detail?r=4108ef68595b

Added:
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/PhizCryptoProviders.java
/phiz-core/src/main/java/gov/hhs/onc/phiz/utils/PhizResourceUtils.java
/phiz-core/src/main/java/gov/hhs/onc/phiz/xml/PhizXmlNames.java
/phiz-core/src/test/java/gov/hhs/onc/phiz/utils/PhizResourceUtilsTests.java

/phiz-core/src/test/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl-test.xml

/phiz-core/src/test/resources/META-INF/phiz/spring/spring-phiz-data-db-test.xml

/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-soapui-test.xml

/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-tomcat-test.xml

/phiz-web-ws/src/test/resources/META-INF/phiz/spring/spring-phiz-web-ws-client-test.xml

/phiz-web-ws/src/test/resources/META-INF/phiz/spring/spring-phiz-web-ws-soapui-test.xml
Modified:
/phiz-core/src/main/java/gov/hhs/onc/phiz/context/impl/PhizApplication.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/impl/AbstractPhizCryptoFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslSocketFactoryFactoryBean.java
/phiz-core/src/main/java/gov/hhs/onc/phiz/utils/PhizStringUtils.java
/phiz-core/src/main/java/gov/hhs/onc/phiz/xml/PhizXmlNs.java

/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl.xml
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-crypto.xml

/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-logging-metrics.xml
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz.xml
/phiz-core/src/test/resources/META-INF/phiz/phiz-test.properties
/phiz-core/src/test/resources/META-INF/phiz/spring/spring-phiz-test.xml
/phiz-parent/pom.xml

/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/impl/AbstractPhizSoapUiIntegrationTests.java

/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-test.xml
/phiz-web-parent/pom.xml
/phiz-web-ws/src/it/soapui/soapui-phiz-web-ws.xml
/phiz-web-ws/src/main/resources/META-INF/phiz/phiz-web-ws.properties

/phiz-web-ws/src/test/resources/META-INF/phiz/spring/spring-phiz-web-ws-test.xml

=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/PhizCryptoProviders.java
Wed Feb 18 20:44:48 2015 UTC
@@ -0,0 +1,45 @@
+package gov.hhs.onc.phiz.crypto;
+
+import br.net.woodstock.rockframework.security.ProviderType;
+import java.security.Provider;
+import java.security.Security;
+import java.util.stream.Stream;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+
+public final class PhizCryptoProviders {
+ public final static String BC_NAME =
BouncyCastleProvider.PROVIDER_NAME;
+ public final static BouncyCastleProvider BC = new
BouncyCastleProvider();
+
+ public final static String SUN_NAME = ProviderType.SUN.getType();
+ public final static Provider SUN = Security.getProvider(SUN_NAME);
+
+ public final static String SUN_EC_NAME = ProviderType.SUN_EC.getType();
+ public final static Provider SUN_EC =
Security.getProvider(SUN_EC_NAME);
+
+ public final static String SUN_JCE_NAME =
ProviderType.SUN_JCE.getType();
+ public final static Provider SUN_JCE =
Security.getProvider(SUN_JCE_NAME);
+
+ public final static String SUN_JSSE_NAME =
ProviderType.SUN_JSSE.getType();
+ public final static Provider SUN_JSSE =
Security.getProvider(SUN_JSSE_NAME);
+
+ public final static String SUN_RSA_SIGN_NAME = "SunRsaSign";
+ public final static Provider SUN_RSA_SIGN =
Security.getProvider(SUN_RSA_SIGN_NAME);
+
+ static {
+ resetProviders();
+ }
+
+ private PhizCryptoProviders() {
+ }
+
+ public static void resetProviders() {
+ Stream.of(Security.getProviders()).forEach(prov ->
Security.removeProvider(prov.getName()));
+
+ Security.insertProviderAt(SUN, 1);
+ Security.insertProviderAt(SUN_RSA_SIGN, 2);
+ Security.insertProviderAt(SUN_EC, 3);
+ Security.insertProviderAt(SUN_JSSE, 4);
+ Security.insertProviderAt(SUN_JCE, 5);
+ Security.insertProviderAt(BC, 6);
+ }
+}
=======================================
--- /dev/null
+++ /phiz-core/src/main/java/gov/hhs/onc/phiz/utils/PhizResourceUtils.java
Wed Feb 18 20:44:48 2015 UTC
@@ -0,0 +1,140 @@
+package gov.hhs.onc.phiz.utils;
+
+import java.io.IOException;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Comparator;
+import java.util.TreeSet;
+import javax.annotation.Nullable;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.FileSystemResource;
+import org.springframework.core.io.PathResource;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.UrlResource;
+import org.springframework.util.ResourceUtils;
+
+public final class PhizResourceUtils {
+ public static class PhizResourceSet extends TreeSet<Resource> {
+ private final static long serialVersionUID = 0L;
+
+ public PhizResourceSet(Resource ... resources) {
+ this(Arrays.asList(resources));
+ }
+
+ public PhizResourceSet(Collection<? extends Resource> resources) {
+ super(LOC_COMPARATOR);
+
+ this.addAll(resources);
+ }
+ }
+
+ public final static String PATH_DELIM = "/";
+ public final static String JAR_PATH_DELIM = "!";
+
+ public final static String JAR_PATH_PREFIX =
ResourceUtils.JAR_URL_PREFIX + ResourceUtils.FILE_URL_PREFIX;
+ public final static String META_INF_PATH_PREFIX = PATH_DELIM
+ "META-INF" + PATH_DELIM;
+
+ public final static String TEST_FILE_NAME_SUFFIX = "-test";
+
+ public final static Comparator<Resource> LOC_FILE_NAME_COMPARATOR =
Comparator.comparing(
+ resource -> extractPath(resource, true),
+ Comparator.nullsLast(((Comparator<String>) (resourcePath1,
resourcePath2) -> {
+ String resourceFilePath1 = extractFilePath(resourcePath1),
resourceFilePath2 = extractFilePath(resourcePath2);
+
+ if (!resourceFilePath1.endsWith(resourceFilePath2)
&& !resourceFilePath2.endsWith(resourceFilePath1)) {
+ String resourceFileName1 =
org.springframework.util.StringUtils.getFilename(resourceFilePath1),
resourceFileName2 =
+
org.springframework.util.StringUtils.getFilename(resourceFilePath2);
+
+ if (!resourceFileName1.equals(resourceFileName2)) {
+ String resourceFileNameExt1 =
org.springframework.util.StringUtils.getFilenameExtension(resourceFileName1),
resourceFileNameExt2 =
+
org.springframework.util.StringUtils.getFilenameExtension(resourceFileName2);
+
+ if (resourceFileNameExt1.equals(resourceFileNameExt2)
+ && !(resourceFileName1 =
org.springframework.util.StringUtils.stripFilenameExtension(resourceFileName1)).equals((resourceFileName2
=
+
org.springframework.util.StringUtils.stripFilenameExtension(resourceFileName2))))
{
+ if (StringUtils.endsWith(resourceFileName1,
TEST_FILE_NAME_SUFFIX)
+ && StringUtils.removeEnd(resourceFileName1,
TEST_FILE_NAME_SUFFIX).equals(resourceFileName2)) {
+ return 1;
+ } else if (StringUtils.endsWith(resourceFileName2,
TEST_FILE_NAME_SUFFIX)
+ && StringUtils.removeEnd(resourceFileName2,
TEST_FILE_NAME_SUFFIX).equals(resourceFileName1)) {
+ return -1;
+ } else {
+ return
StringUtils.removeEnd(resourceFileName1, TEST_FILE_NAME_SUFFIX).compareTo(
+ StringUtils.removeEnd(resourceFileName2,
TEST_FILE_NAME_SUFFIX));
+ }
+ }
+ }
+ }
+
+ return 0;
+ })));
+
+ public final static Comparator<Resource> LOC_FILE_PATH_COMPARATOR =
Comparator.comparing(resource -> extractPath(resource, true),
+
Comparator.nullsLast(Comparator.comparing(PhizResourceUtils::extractFilePath)));
+
+ public final static Comparator<Resource> LOC_PROTOCOL_COMPARATOR =
Comparator.comparing(resource -> {
+ try {
+ if (resource instanceof FileSystemResource) {
+ return 2;
+ } else if ((resource instanceof UrlResource) &&
ResourceUtils.isJarURL(resource.getURL())) {
+ return 1;
+ }
+ } catch (IOException ignored) {
+ }
+
+ return 0;
+ });
+
+ public final static Comparator<Resource>
LOC_ARCHIVE_FILE_PATH_COMPARATOR = Comparator.comparing(resource ->
extractPath(resource, true),
+ Comparator.nullsLast(Comparator.comparing(resourcePath ->
extractFilePath(resourcePath, true))));
+
+ public final static Comparator<Resource> LOC_COMPARATOR =
LOC_FILE_NAME_COMPARATOR.thenComparing(LOC_FILE_PATH_COMPARATOR)
+ .thenComparing(LOC_PROTOCOL_COMPARATOR).thenComparing(LOC_ARCHIVE_FILE_PATH_COMPARATOR);
+
+ private PhizResourceUtils() {
+ }
+
+ public static String extractFilePath(String resourcePath) {
+ return extractFilePath(resourcePath, false);
+ }
+
+ public static String extractFilePath(String resourcePath, boolean
jarFilePath) {
+ return (isJarPath(resourcePath) ?
extractJarPathParts(resourcePath)[(jarFilePath ? 0 : 1)] : resourcePath);
+ }
+
+ public static String[] extractJarPathParts(String jarPath) {
+ return StringUtils.split(jarPath, JAR_PATH_DELIM, 2);
+ }
+
+ public static boolean isJarPath(String resourcePath) {
+ return (StringUtils.startsWith(resourcePath, JAR_PATH_PREFIX) &&
resourcePath.contains(ResourceUtils.JAR_URL_SEPARATOR));
+ }
+
+ @Nullable
+ public static String extractPath(Resource resource) {
+ return extractPath(resource, false);
+ }
+
+ @Nullable
+ public static String extractPath(Resource resource, boolean
fromMetaInf) {
+ try {
+ String resourcePath = null;
+
+ if (resource instanceof UrlResource) {
+ resourcePath = resource.getURL().toString();
+ } else if (resource instanceof FileSystemResource) {
+ resourcePath = ((FileSystemResource) resource).getPath();
+ } else if (resource instanceof ClassPathResource) {
+ resourcePath = ((ClassPathResource) resource).getPath();
+ } else if (resource instanceof PathResource) {
+ resourcePath = ((PathResource) resource).getPath();
+ }
+
+ return (fromMetaInf ? StringUtils.substringAfter(resourcePath,
META_INF_PATH_PREFIX) : resourcePath);
+ } catch (IOException ignored) {
+ }
+
+ return null;
+ }
+}
=======================================
--- /dev/null
+++ /phiz-core/src/main/java/gov/hhs/onc/phiz/xml/PhizXmlNames.java Wed Feb
18 20:44:48 2015 UTC
@@ -0,0 +1,8 @@
+package gov.hhs.onc.phiz.xml;
+
+public final class PhizXmlNames {
+ public final static String SPRING_BEANS_IF_NAME = "if";
+
+ private PhizXmlNames() {
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/test/java/gov/hhs/onc/phiz/utils/PhizResourceUtilsTests.java
Wed Feb 18 20:44:48 2015 UTC
@@ -0,0 +1,68 @@
+package gov.hhs.onc.phiz.utils;
+
+import gov.hhs.onc.phiz.test.impl.AbstractPhizTests;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.io.Resource;
+import org.testng.Assert;
+import org.testng.annotations.Test;
+
+@Test(groups = { "phiz.test.utils.all", "phiz.test.utils.resource" },
enabled = false)
+public class PhizResourceUtilsTests extends AbstractPhizTests {
+ @Value("${phiz.test.utils.resource.resource.1.path}")
+ private String testResourcePath1;
+
+ @Value("${phiz.test.utils.resource.resource.1.file.path}")
+ private Resource testFileResource1;
+
+ @Value("${phiz.test.utils.resource.resource.1.jar.path}")
+ private Resource testJarResource1;
+
+ @Value("${phiz.test.utils.resource.resource.2.path}")
+ private String testResourcePath2;
+
+ @Value("${phiz.test.utils.resource.resource.2.file.path}")
+ private Resource testFileResource2;
+
+ @Value("${phiz.test.utils.resource.resource.2.jar.path}")
+ private Resource testJarResource2;
+
+ @Value("${phiz.test.utils.resource.resource.3.path}")
+ private String testResourcePath3;
+
+ @Value("${phiz.test.utils.resource.resource.3.file.path}")
+ private Resource testFileResource3;
+
+ @Value("${phiz.test.utils.resource.resource.3.jar.path}")
+ private Resource testJarResource3;
+
+ @Test(dependsOnMethods = { "testExtractFilePath" })
+ public void testSortByLocation() throws Exception {
+ Resource[] resourcesExpected =
+ ArrayUtils.toArray(this.testJarResource1,
this.testJarResource2, this.testJarResource3, this.testFileResource1,
this.testFileResource2,
+ this.testFileResource3), resources =
ArrayUtils.clone(resourcesExpected);
+
+ // noinspection ConstantConditions
+ List<Resource> resourceList = Arrays.asList(resources);
+ Collections.shuffle(resourceList);
+ resourceList.sort(PhizResourceUtils.LOC_COMPARATOR);
+
+ Assert.assertEquals((resources = resourceList.toArray(new
Resource[resourceList.size()])), resourcesExpected, String.format(
+ "Unable to sort resources by overridden locations:
expected=[%s], actual=[%s]", StringUtils.join(resourcesExpected, "; "),
+ StringUtils.join(resources, "; ")));
+ }
+
+ @Test(dependsOnMethods = { "testExtractMetaInfPath" })
+ public void testExtractFilePath() throws Exception {
+
Assert.assertEquals(PhizResourceUtils.extractFilePath(PhizResourceUtils.extractPath(this.testJarResource1)),
this.testResourcePath1);
+ }
+
+ @Test
+ public void testExtractMetaInfPath() throws Exception {
+
Assert.assertEquals(PhizResourceUtils.extractPath(this.testFileResource1,
true), PhizResourceUtils.extractPath(this.testJarResource1, true));
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/test/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl-test.xml
Wed Feb 18 20:44:48 2015 UTC
@@ -0,0 +1,90 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:beans="http://www.springframework.org/schema/beans"
+ xmlns:c="http://www.springframework.org/schema/c"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:p="http://www.springframework.org/schema/p"
+ xmlns:task="http://www.springframework.org/schema/task"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd
+ http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
+ http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task.xsd
+ http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd">
+
+

+ <beans:bean id="credCaRoot" parent="credGen">
+ <beans:property name="credential">
+ <beans:bean parent="credImpl">
+ <beans:property name="certificateRequest">
+ <beans:bean parent="certReqCa">
+ <beans:constructor-arg name="subject">
+ 
+ <beans:bean parent="dn"
+
p:commonName="${phiz.crypto.cred.ca.root.subject.cn}"/>
+ </beans:constructor-arg>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+
+ 
+ <beans:bean id="credCa" parent="credGen"
+ p:certificateResource="${phiz.crypto.cred.ca.cert.file}">
+ <beans:property name="credential">
+ <beans:bean parent="credImpl"
+ p:issuerCredential-ref="credCaRoot">
+ <beans:property name="certificateRequest">
+ <beans:bean parent="certReqCa">
+ <beans:constructor-arg name="subject">
+ 
+ <beans:bean parent="dn"
+
p:commonName="${phiz.crypto.cred.ca.subject.cn}"/>
+ </beans:constructor-arg>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+
+

+ <beans:bean id="credLeaf" parent="credImpl" abstract="true"
+ p:issuerCredential-ref="credCa"/>
+
+

+ 
+ <beans:bean id="keyStoreCa" parent="keyStoreGen" lazy-init="true"
+ p:password="${phiz.crypto.store.ca.pass}"
+ p:resource="${phiz.crypto.store.ca.file}">
+ <beans:property name="entryMap">
+ <beans:map>
+ 
+ <beans:entry
key="${phiz.crypto.store.ca.entry.ca.root.alias}">
+ 
+ <beans:bean parent="keyStoreEntryPrivateKey"
+ p:certificateChain="#{
credCaRoot.certificateResponse.identity.chain[0] }"
+
p:password="${phiz.crypto.store.ca.entry.ca.root.pass}"
+ p:privateKey="#{
credCaRoot.certificateResponse.identity.privateKey }"/>
+ </beans:entry>
+ 
+ <beans:entry key="${phiz.crypto.store.ca.entry.ca.alias}">
+ 
+ <beans:bean parent="keyStoreEntryPrivateKey"
+ p:certificateChain="#{
credCa.certificateResponse.identity.chain[0] }"
+ p:password="${phiz.crypto.store.ca.entry.ca.pass}"
+ p:privateKey="#{
credCa.certificateResponse.identity.privateKey }"/>
+ </beans:entry>
+ </beans:map>
+ </beans:property>
+ </beans:bean>
+</beans:beans>
=======================================
--- /dev/null
+++
/phiz-core/src/test/resources/META-INF/phiz/spring/spring-phiz-data-db-test.xml
Wed Feb 18 20:44:48 2015 UTC
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:beans="http://www.springframework.org/schema/beans"
+ xmlns:c="http://www.springframework.org/schema/c"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:p="http://www.springframework.org/schema/p"
+ xmlns:task="http://www.springframework.org/schema/task"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd
+ http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
+ http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task.xsd
+ http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd">
+
+

+ <beans:bean id="dbServer"
class="gov.hhs.onc.phiz.test.impl.PhizHsqlServer" abstract="true"
+ p:daemon="true"/>
+
+ 
+ <beans:bean id="dbServerHub" parent="dbServer" destroy-method="stop"
init-method="start"
+ p:address="${phiz.data.db.host}"
+ p:databaseName="${phiz.data.db.name}"
+ p:directory="${phiz.data.db.dir}"
+ p:password="${phiz.data.db.user.admin.pass}"
+ p:port="${phiz.data.db.port}"
+ p:silent="true"
+ p:user="${phiz.data.db.user.admin.name}"/>
+
+

+ <beans:bean id="dbPopulator"
class="org.springframework.jdbc.datasource.init.DatabasePopulator"
abstract="true"/>
+
+ <beans:bean id="dbPopulatorPlaceholderResource"
class="gov.hhs.onc.phiz.test.impl.PlaceholderResourceDatabasePopulator"
parent="dbPopulator" abstract="true"
+ p:scriptEncoding-ref="charsetUtf8"/>
+
+

+ <beans:bean id="dataSrcInit"
class="org.springframework.jdbc.datasource.init.DataSourceInitializer"
abstract="true"/>
+
+ <beans:bean id="dataSrcInitHub" parent="dataSrcInit"
depends-on="dbServerHub"
+ p:dataSource-ref="dataSrcHub">
+ <beans:property name="databasePopulator">
+ <beans:bean parent="dbPopulatorPlaceholderResource">
+ <beans:property name="scripts">
+ <beans:array>
+
<beans:value>classpath*:META-INF/phiz/db/db-init-phiz.sql</beans:value>
+
<beans:value>classpath*:META-INF/phiz/db/db-init-phiz-schema.sql</beans:value>
+
<beans:value>classpath*:META-INF/phiz/db/db-init-phiz-data.sql</beans:value>
+ </beans:array>
+ </beans:property>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+
+

+ <beans:bean id="hibernateSessionFactoryHub"
parent="hibernateSessionFactoryBase" depends-on="dataSrcInitHub"
+ p:dataSource-ref="dataSrcHub"/>
+</beans:beans>
=======================================
--- /dev/null
+++
/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-soapui-test.xml
Wed Feb 18 20:44:48 2015 UTC
@@ -0,0 +1,165 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:beans="http://www.springframework.org/schema/beans"
+ xmlns:c="http://www.springframework.org/schema/c"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:p="http://www.springframework.org/schema/p"
+ xmlns:task="http://www.springframework.org/schema/task"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd
+ http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
+ http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task.xsd
+ http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd">
+
+

+ 
+ <beans:bean id="credSoapUiClient" parent="credGen">
+ <beans:property name="credential">
+ <beans:bean parent="credLeaf">
+ <beans:property name="certificateRequest">
+ <beans:bean parent="certReqLeaf">
+ <beans:constructor-arg name="subject">
+ 
+ <beans:bean parent="dn"
+
p:commonName="${phiz.soapui.crypto.client.cred.ssl.subject.cn}"/>
+ </beans:constructor-arg>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+
+

+ 
+ <beans:bean id="keyStoreSoapUiClientKey" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.soapui.crypto.client.store.key.pass}"
+ p:resource="${phiz.soapui.crypto.client.store.key.file}">
+ <beans:property name="entryMap">
+ <beans:map>
+ 
+ <beans:entry
key="${phiz.soapui.crypto.client.store.key.entry.ssl.alias}">
+ 
+ <beans:bean parent="keyStoreEntryPrivateKey"
+ p:certificateChain="#{
credSoapUiClient.certificateResponse.identity.chain[0] }"
+
p:password="${phiz.soapui.crypto.client.store.key.entry.ssl.pass}"
+ p:privateKey="#{
credSoapUiClient.certificateResponse.identity.privateKey }"/>
+ </beans:entry>
+ </beans:map>
+ </beans:property>
+ </beans:bean>
+
+ 
+ <beans:bean id="keyStoreSoapUiClientTrust" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.soapui.crypto.client.store.trust.pass}"
+ p:resource="${phiz.soapui.crypto.client.store.trust.file}">
+ <beans:property name="entryMap">
+ <beans:map>
+ 
+ <beans:entry
key="${phiz.soapui.crypto.client.store.trust.entry.ca.alias}">
+ 
+ <beans:bean parent="keyStoreEntryTrustedCert"
+ p:certificate="#{
credCa.certificateResponse.identity.chain[0] }"/>
+ </beans:entry>
+ </beans:map>
+ </beans:property>
+ </beans:bean>
+
+

+ <beans:bean id="keyManagerSoapUiClient" parent="keyManagerNewSunX509"
lazy-init="true">
+ <beans:property name="factoryParameters">
+ <beans:bean parent="keyStoreBuilderParams">
+ <beans:constructor-arg index="0"
type="java.security.KeyStore$Builder">
+ <beans:bean parent="keyStoreBuilder"
factory-method="newInstance">
+ <beans:constructor-arg index="0"
type="java.security.KeyStore" ref="keyStoreSoapUiClientKey"/>
+ <beans:constructor-arg index="1"
type="java.security.KeyStore$ProtectionParameter">
+ <beans:bean parent="keyStoreProtectionPass">
+ 
+ <beans:constructor-arg index="0"
type="char[]"
value="${phiz.soapui.crypto.client.store.key.entry.ssl.pass}"/>
+ </beans:bean>
+ </beans:constructor-arg>
+ </beans:bean>
+ </beans:constructor-arg>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+
+

+ <beans:bean id="trustManagerSoapUiClient" parent="trustManagerPkix"
lazy-init="true">
+ <beans:property name="factoryParameters">
+ <beans:bean parent="certPathTrustManagerParams">
+ <beans:constructor-arg index="0"
type="java.security.cert.CertPathParameters">
+ <beans:bean parent="certPathParamsPkixBuilder">
+ <beans:constructor-arg index="0"
type="java.security.KeyStore" ref="keyStoreSoapUiClientTrust"/>
+ <beans:constructor-arg index="1"
type="java.security.cert.CertSelector">
+ <beans:bean parent="certSelectorX509"/>
+ </beans:constructor-arg>
+ </beans:bean>
+ </beans:constructor-arg>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+
+

+ <beans:bean id="sslParamsSoapUiClient" parent="sslParamsBase"/>
+
+

+ <beans:bean id="sslContextSoapUiClient" parent="sslContextBase"
lazy-init="true">
+ <beans:property name="keyManagers">
+ <beans:array>
+ <beans:ref bean="keyManagerSoapUiClient"/>
+ </beans:array>
+ </beans:property>
+ <beans:property name="trustManagers">
+ <beans:array>
+ <beans:ref bean="trustManagerSoapUiClient"/>
+ </beans:array>
+ </beans:property>
+ </beans:bean>
+
+

+ <beans:bean id="sslSocketFactorySoapUiClient"
parent="sslSocketFactoryBase" lazy-init="true"
+ p:sslContext-ref="sslContextSoapUiClient"
+ p:sslParameters-ref="sslParamsSoapUiClient"/>
+
+

+ <beans:bean id="soapUiTestCaseRunner"
class="com.eviware.soapui.SoapUIProTestCaseRunner" abstract="true"/>
+
+ 
+ <beans:bean id="soapUiTestCaseRunnerBase"
class="gov.hhs.onc.phiz.web.test.impl.PhizSoapUiTestCaseRunner"
parent="soapUiTestCaseRunner" abstract="true"
+ p:exportAll="true"
+ p:JUnitReport="true"
+ p:maxErrors="#{ T(java.lang.Integer).MAX_VALUE }"
+ p:outputFolder="${phiz.soapui.output.dir}"
+ p:printAlertSiteReport="true"
+ p:printReport="true"
+ p:projectFile="${phiz.soapui.project.file}"
+ p:settingsFile="${phiz.soapui.settings.file}"
+ p:sslParams-ref="sslParamsSoapUiClient"
+ p:sslSocketFactory-ref="sslSocketFactorySoapUiClient">
+ <beans:property name="reportFormats">
+ <beans:array>
+ <beans:value>XML</beans:value>
+ </beans:array>
+ </beans:property>
+ </beans:bean>
+</beans:beans>
=======================================
--- /dev/null
+++
/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-tomcat-test.xml
Wed Feb 18 20:44:48 2015 UTC
@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:beans="http://www.springframework.org/schema/beans"
+ xmlns:c="http://www.springframework.org/schema/c"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:p="http://www.springframework.org/schema/p"
+ xmlns:task="http://www.springframework.org/schema/task"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd
+ http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
+ http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task.xsd
+ http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd">
+
+

+ 
+ <beans:bean id="credTomcatServer" parent="credGen">
+ <beans:property name="credential">
+ <beans:bean parent="credLeaf">
+ <beans:property name="certificateRequest">
+ <beans:bean parent="certReqLeaf">
+ <beans:constructor-arg name="subject">
+ 
+ <beans:bean parent="dn"
+
p:commonName="${phiz.tomcat.crypto.server.cred.ssl.subject.cn}"/>
+ </beans:constructor-arg>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+
+

+ 
+ <beans:bean id="keyStoreTomcatServerKey" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.tomcat.crypto.server.store.key.pass}"
+ p:resource="${phiz.tomcat.crypto.server.store.key.file}">
+ <beans:property name="entryMap">
+ <beans:map>
+ 
+ <beans:entry
key="${phiz.tomcat.crypto.server.store.key.entry.ssl.alias}">
+ 
+ <beans:bean parent="keyStoreEntryPrivateKey"
+ p:certificateChain="#{
credTomcatServer.certificateResponse.identity.chain[0] }"
+
p:password="${phiz.tomcat.crypto.server.store.key.entry.ssl.pass}"
+ p:privateKey="#{
credTomcatServer.certificateResponse.identity.privateKey }"/>
+ </beans:entry>
+ </beans:map>
+ </beans:property>
+ </beans:bean>
+
+ 
+ <beans:bean id="keyStoreTomcatServerTrust" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.tomcat.crypto.server.store.trust.pass}"
+ p:resource="${phiz.tomcat.crypto.server.store.trust.file}">
+ <beans:property name="entryMap">
+ <beans:map>
+ 
+ <beans:entry
key="${phiz.tomcat.crypto.server.store.trust.entry.ca.alias}">
+ 
+ <beans:bean parent="keyStoreEntryTrustedCert"
+ p:certificate="#{
credCa.certificateResponse.identity.chain[0] }"/>
+ </beans:entry>
+ </beans:map>
+ </beans:property>
+ </beans:bean>
+</beans:beans>
=======================================
--- /dev/null
+++
/phiz-web-ws/src/test/resources/META-INF/phiz/spring/spring-phiz-web-ws-client-test.xml
Wed Feb 18 20:44:48 2015 UTC
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:beans="http://www.springframework.org/schema/beans"
+ xmlns:c="http://www.springframework.org/schema/c"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:p="http://www.springframework.org/schema/p"
+ xmlns:task="http://www.springframework.org/schema/task"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd
+ http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
+ http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task.xsd
+ http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd">
+
+

+ <beans:alias name="credTomcatServer" alias="credWsClient"/>
+
+

+ 
+ <beans:bean id="keyStoreWsClientKey" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.ws.crypto.client.store.key.pass}"
+ p:resource="${phiz.ws.crypto.client.store.key.file}">
+ <beans:property name="entryMap">
+ <beans:map>
+ 
+ <beans:entry
key="${phiz.ws.crypto.client.store.key.entry.ssl.alias}">
+ 
+ <beans:bean parent="keyStoreEntryPrivateKey"
+ p:certificateChain="#{
credWsClient.certificateResponse.identity.chain[0] }"
+
p:password="${phiz.ws.crypto.client.store.key.entry.ssl.pass}"
+ p:privateKey="#{
credWsClient.certificateResponse.identity.privateKey }"/>
+ </beans:entry>
+ </beans:map>
+ </beans:property>
+ </beans:bean>
+
+ 
+ <beans:bean id="keyStoreWsClientTrust" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.ws.crypto.client.store.trust.pass}"
+ p:resource="${phiz.ws.crypto.client.store.trust.file}">
+ <beans:property name="entryMap">
+ <beans:map>
+ 
+ <beans:entry
key="${phiz.ws.crypto.client.store.trust.entry.ca.alias}">
+ 
+ <beans:bean parent="keyStoreEntryTrustedCert"
+ p:certificate="#{
credCa.certificateResponse.identity.chain[0] }"/>
+ </beans:entry>
+ </beans:map>
+ </beans:property>
+ </beans:bean>
+</beans:beans>
=======================================
--- /dev/null
+++
/phiz-web-ws/src/test/resources/META-INF/phiz/spring/spring-phiz-web-ws-soapui-test.xml
Wed Feb 18 20:44:48 2015 UTC
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans:beans
+ xmlns:aop="http://www.springframework.org/schema/aop"
+ xmlns:beans="http://www.springframework.org/schema/beans"
+ xmlns:c="http://www.springframework.org/schema/c"
+ xmlns:context="http://www.springframework.org/schema/context"
+ xmlns:p="http://www.springframework.org/schema/p"
+ xmlns:task="http://www.springframework.org/schema/task"
+ xmlns:util="http://www.springframework.org/schema/util"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="
+ http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd
+ http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
+ http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
+ http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task.xsd
+ http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd">
+
+

+ <beans:bean id="soapUiTestCaseRunnerWs"
parent="soapUiTestCaseRunnerBase" lazy-init="true"/>
+</beans:beans>
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/context/impl/PhizApplication.java
Thu Jan 22 06:01:46 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/context/impl/PhizApplication.java
Wed Feb 18 20:44:48 2015 UTC
@@ -1,25 +1,58 @@
package gov.hhs.onc.phiz.context.impl;

+import gov.hhs.onc.phiz.utils.PhizResourceUtils;
+import java.io.IOException;
+import java.util.List;
import java.util.stream.Collectors;
+import java.util.stream.Stream;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.builder.SpringApplicationBuilder;
import org.springframework.boot.logging.LoggingApplicationListener;
+import org.springframework.context.ApplicationContextException;
import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.ImportResource;
+import org.springframework.core.io.DefaultResourceLoader;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.core.io.support.ResourcePatternResolver;
+import org.springframework.core.io.support.ResourcePatternUtils;

-@Configuration("app")
-@ImportResource({ "classpath*:META-INF/phiz/spring/spring-phiz*.xml" })
+@Configuration("appConfiguration")
public abstract class PhizApplication {
+ private final static String APP_SOURCE_RESOURCE_LOC_PATTERN =
ResourcePatternResolver.CLASSPATH_ALL_URL_PREFIX
+ "META-INF/phiz/spring/spring-phiz*.xml";
+
+ private final static Logger LOGGER =
LoggerFactory.getLogger(PhizApplication.class);
+
public static void main(String ... args) {
buildApplication().run(args);
}

public static SpringApplication buildApplication() {
+ ResourceLoader resourceLoader = new DefaultResourceLoader();
+
SpringApplication app =
- new
SpringApplicationBuilder(PhizApplication.class).addCommandLineProperties(false).showBanner(false).headless(true).application();
+ new
SpringApplicationBuilder(buildApplicationSources(resourceLoader)).addCommandLineProperties(false).showBanner(false).headless(true)
+ .resourceLoader(resourceLoader).application();
app.setListeners(app.getListeners().stream().filter((appListener
-> !appListener.getClass().equals(LoggingApplicationListener.class)))
.collect(Collectors.toList()));

return app;
}
+
+ private static Object[] buildApplicationSources(ResourceLoader
resourceLoader) {
+ try {
+ List<Object> appSources =
+
Stream.of(ResourcePatternUtils.getResourcePatternResolver(resourceLoader).getResources(APP_SOURCE_RESOURCE_LOC_PATTERN))
+ .sorted(PhizResourceUtils.LOC_COMPARATOR).collect(Collectors.toList());
+
+ LOGGER.info(String.format("Resolved %d application source
resource(s): %s", appSources.size(), StringUtils.join(appSources, "; ")));
+
+ appSources.add(0, PhizApplication.class);
+
+ return appSources.toArray();
+ } catch (IOException e) {
+ throw new ApplicationContextException(String.format("Unable to
resolve application source resource(s): %s",
APP_SOURCE_RESOURCE_LOC_PATTERN), e);
+ }
+ }
}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/impl/AbstractPhizCryptoFactoryBean.java
Sun Dec 21 09:33:36 2014 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/impl/AbstractPhizCryptoFactoryBean.java
Wed Feb 18 20:44:48 2015 UTC
@@ -1,20 +1,21 @@
package gov.hhs.onc.phiz.crypto.impl;

import gov.hhs.onc.phiz.beans.factory.impl.AbstractPhizFactoryBean;
+import java.security.Provider;

public abstract class AbstractPhizCryptoFactoryBean<T> extends
AbstractPhizFactoryBean<T> {
- protected String prov;
+ protected Provider prov;
protected String type;

protected AbstractPhizCryptoFactoryBean(Class<T> objClass) {
super(objClass);
}

- public String getProvider() {
+ public Provider getProvider() {
return this.prov;
}

- public void setProvider(String prov) {
+ public void setProvider(Provider prov) {
this.prov = prov;
}

=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslSocketFactoryFactoryBean.java
Sun Jan 4 15:55:30 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslSocketFactoryFactoryBean.java
Wed Feb 18 20:44:48 2015 UTC
@@ -9,13 +9,9 @@
import javax.net.ssl.SSLSocketFactory;
import org.aopalliance.intercept.MethodInterceptor;
import org.apache.commons.lang3.ClassUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import org.springframework.aop.framework.ProxyFactory;

public class PhizSslSocketFactoryFactoryBean extends
AbstractPhizCryptoSocketFactoryFactoryBean<SSLSocketFactory, SSLSocket> {
- private final static Logger LOGGER =
LoggerFactory.getLogger(PhizSslSocketFactoryFactoryBean.class);
-
private Set<HandshakeCompletedListener> handshakeCompletedListeners;

public PhizSslSocketFactoryFactoryBean() {
@@ -40,49 +36,10 @@

Optional.of(this.handshakeCompletedListeners).ifPresent(
(handshakeCompletedListeners) ->
handshakeCompletedListeners.stream().forEach(sslSocket::addHandshakeCompletedListener));
+ }

- // TEMP: dev
- // @formatter:off
- /*
- ProxyFactory socketProxyFactory = new ProxyFactory();
- socketProxyFactory.setProxyTargetClass(true);
- socketProxyFactory.setTarget(methodReturnValue);
- socketProxyFactory.setTargetClass(SSLSocket.class);
-
- socketProxyFactory.addAdvice(((MethodInterceptor)
(socketMethodInvocation) -> {
- Method socketMethod =
socketMethodInvocation.getMethod();
-
- if (socketMethod.getName().equals("startHandshake")) {
-
Stream.of(socketMethodInvocation.getThis().getClass().getFields())
- .filter((socketField) ->
ClassUtils.isAssignable(socketField.getType(),
SSLSession.class)).findFirst()
- .ifPresent((socketSessionField) -> {
- try {
-
AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
- SSLSession socketSession =
((SSLSession) socketSessionField.get(socketMethodInvocation.getThis()));
-
- if ((socketSession != null) &&
(socketSession.isValid())) {
- socketSession.invalidate();
-
- LOGGER.error(String.format("SSL
socket session invalidated: %s",
ReflectionToStringBuilder.toString(socketSession)));
- }
-
- return null;
- }) ;
- } catch (PrivilegedActionException
ignored) {
- }
- });
- }
-
- return socketMethodInvocation.proceed();
- }));
-
- methodReturnValue = ((SSLSocket)
socketProxyFactory.getProxy());
- */
- // @formatter:on
- }
-
- return methodReturnValue;
- })) ;
+ return methodReturnValue;
+ }));

return socketFactoryProxyFactory;
}
=======================================
--- /phiz-core/src/main/java/gov/hhs/onc/phiz/utils/PhizStringUtils.java
Thu Jan 29 00:44:10 2015 UTC
+++ /phiz-core/src/main/java/gov/hhs/onc/phiz/utils/PhizStringUtils.java
Wed Feb 18 20:44:48 2015 UTC
@@ -3,10 +3,9 @@
import javax.annotation.Nullable;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.ObjectUtils;
+import org.springframework.context.ConfigurableApplicationContext;

public final class PhizStringUtils {
- public final static String TOKEN_DELIMS = ",; \t\n";
-
private PhizStringUtils() {
}

@@ -15,7 +14,7 @@
}

public static String[] tokenize(@Nullable String str, @Nullable String
defaultStr) {
- return
ObjectUtils.defaultIfNull(org.springframework.util.StringUtils.tokenizeToStringArray(ObjectUtils.defaultIfNull(str,
defaultStr), TOKEN_DELIMS),
- ArrayUtils.EMPTY_STRING_ARRAY);
+ return
ObjectUtils.defaultIfNull(org.springframework.util.StringUtils.tokenizeToStringArray(ObjectUtils.defaultIfNull(str,
defaultStr),
+ ConfigurableApplicationContext.CONFIG_LOCATION_DELIMITERS),
ArrayUtils.EMPTY_STRING_ARRAY);
}
}
=======================================
--- /phiz-core/src/main/java/gov/hhs/onc/phiz/xml/PhizXmlNs.java Sun Jan 25
19:49:30 2015 UTC
+++ /phiz-core/src/main/java/gov/hhs/onc/phiz/xml/PhizXmlNs.java Wed Feb 18
20:44:48 2015 UTC
@@ -9,6 +9,8 @@
public final static String IIS = "urn:cdc:iisb:2014";
public final static String IIS_HUB = "urn:cdc:iisb:hub:2014";

+ public final static String SPRING_BEANS
= "http://phiz-project.org/spring/schema/spring-phiz-beans";
+
private PhizXmlNs() {
}
}
=======================================
---
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl.xml
Sun Jan 4 15:55:30 2015 UTC
+++
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl.xml
Wed Feb 18 20:44:48 2015 UTC
@@ -36,7 +36,7 @@
<beans:bean id="keyManager" class="javax.net.ssl.KeyManager"
abstract="true"/>

<beans:bean id="keyManagerNewSunX509"
class="gov.hhs.onc.phiz.crypto.ssl.impl.PhizKeyManagerFactoryBean"
parent="keyManager" abstract="true"
- p:provider="#{
T(br.net.woodstock.rockframework.security.ProviderType).SUN_JSSE.type }"
+ p:provider="#{
T(gov.hhs.onc.phiz.crypto.PhizCryptoProviders).SUN_JSSE }"
p:type="NewSunX509"/>


- <beans:bean id="securityProv" class="java.security.Provider"
abstract="true"/>
-
- <beans:bean id="securityProvBc"
class="org.bouncycastle.jce.provider.BouncyCastleProvider"
parent="securityProv"/>
-
- <beans:bean id="securityProvBcAdd" parent="methodInvoke"
- p:targetClass="java.security.Security"
- p:targetMethod="addProvider">
- <beans:property name="arguments">
- <beans:array>
- <beans:ref bean="securityProvBc"/>
- </beans:array>
- </beans:property>
- </beans:bean>
-


@@ -39,7 +22,7 @@

<beans:bean id="secureRandomSha1"
class="gov.hhs.onc.phiz.crypto.impl.PhizSecureRandomFactoryBean"
parent="secureRandom" lazy-init="true" scope="prototype"
p:prototype="true"
- p:provider="#{
T(br.net.woodstock.rockframework.security.ProviderType).SUN.type }"
+ p:provider="#{ T(gov.hhs.onc.phiz.crypto.PhizCryptoProviders).SUN
}"
p:type="SHA1PRNG"/>


<beans:bean id="keyPairGen" class="java.security.KeyPairGenerator"
abstract="true"/>

- <beans:bean id="keyPairGenRsa"
class="gov.hhs.onc.phiz.crypto.impl.PhizKeyPairGeneratorFactoryBean"
parent="keyPairGen" depends-on="securityProvBcAdd"
+ <beans:bean id="keyPairGenRsa"
class="gov.hhs.onc.phiz.crypto.impl.PhizKeyPairGeneratorFactoryBean"
parent="keyPairGen"
p:keySize="#{
T(br.net.woodstock.rockframework.security.cert.KeySizeType).KEYSIZE_2K.size
}"
- p:provider="#{
T(br.net.woodstock.rockframework.security.ProviderType).BOUNCY_CASTLE.type
}"
+ p:provider="#{ T(gov.hhs.onc.phiz.crypto.PhizCryptoProviders).BC }"
p:secureRandom-ref="secureRandomSha1"
p:type="#{
T(br.net.woodstock.rockframework.security.crypt.KeyPairType).RSA.algorithm
}"/>

@@ -73,9 +56,9 @@


- <beans:bean id="certReq"
class="br.net.woodstock.rockframework.security.cert.CertificateRequest"
abstract="true" depends-on="securityProvBcAdd"
+ <beans:bean id="certReq"
class="br.net.woodstock.rockframework.security.cert.CertificateRequest"
abstract="true"
p:keyPair="#{ keyPairGenRsa.generateKeyPair() }"
- p:provider="#{
T(br.net.woodstock.rockframework.security.ProviderType).BOUNCY_CASTLE.type
}"
+ p:provider="#{
T(gov.hhs.onc.phiz.crypto.PhizCryptoProviders).BC_NAME }"
p:signType="SHA512_RSA"
p:version="V3"/>

@@ -142,7 +125,7 @@
<beans:bean id="keyStore" class="java.security.KeyStore"
abstract="true"/>

<beans:bean id="keyStoreJks"
class="gov.hhs.onc.phiz.crypto.impl.PhizKeyStoreFactoryBean"
parent="keyStore" abstract="true"
- p:provider="#{
T(br.net.woodstock.rockframework.security.ProviderType).SUN.type }"
+ p:provider="#{ T(gov.hhs.onc.phiz.crypto.PhizCryptoProviders).SUN
}"
p:type="#{
T(br.net.woodstock.rockframework.security.store.KeyStoreType).JKS.type }"/>

<beans:bean id="keyStoreGen"
class="gov.hhs.onc.phiz.crypto.impl.GeneratedKeyStoreFactoryBean"
parent="keyStoreJks" abstract="true"/>
=======================================
---
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-logging-metrics.xml
Fri Feb 6 12:28:44 2015 UTC
+++
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-logging-metrics.xml
Wed Feb 18 20:44:48 2015 UTC
@@ -31,8 +31,6 @@

=====================================================================================================-->
<beans:bean id="gauge" class="com.codahale.metrics.Gauge"
parent="metric" abstract="true"/>

- <beans:bean id="gaugeSet" parent="metricSet" abstract="true"/>
-


@@ -57,7 +55,7 @@
c:name="cachedThreadStates">
<beans:constructor-arg name="metric">

- <beans:bean
class="com.codahale.metrics.jvm.CachedThreadStatesGaugeSet"
parent="gaugeSet"
+ <beans:bean
class="com.codahale.metrics.jvm.CachedThreadStatesGaugeSet"
parent="metricSet"

c:interval="${phiz.logging.metrics.metric.cached.thread.states.interval}"
c:unit="#{ T(java.util.concurrent.TimeUnit).SECONDS }"/>
</beans:constructor-arg>
@@ -66,7 +64,7 @@
<beans:bean id="metricRegistererClassLoading" parent="metricRegisterer"
c:name="classLoading">
<beans:constructor-arg name="metric">
- <beans:bean
class="com.codahale.metrics.jvm.ClassLoadingGaugeSet" parent="gaugeSet"/>
+ <beans:bean
class="com.codahale.metrics.jvm.ClassLoadingGaugeSet" parent="metricSet"/>
</beans:constructor-arg>
</beans:bean>

@@ -94,14 +92,14 @@
<beans:bean id="metricRegistererMemUsage" parent="metricRegisterer"
c:name="memUsage">
<beans:constructor-arg name="metric">
- <beans:bean
class="com.codahale.metrics.jvm.MemoryUsageGaugeSet" parent="gaugeSet"/>
+ <beans:bean
class="com.codahale.metrics.jvm.MemoryUsageGaugeSet" parent="metricSet"/>
</beans:constructor-arg>
</beans:bean>

<beans:bean id="metricRegistererThreadStates" parent="metricRegisterer"
c:name="threadStates">
<beans:constructor-arg name="metric">
- <beans:bean
class="com.codahale.metrics.jvm.ThreadStatesGaugeSet" parent="gaugeSet"/>
+ <beans:bean
class="com.codahale.metrics.jvm.ThreadStatesGaugeSet" parent="metricSet"/>
</beans:constructor-arg>
</beans:bean>

=======================================
--- /phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz.xml Fri
Feb 6 12:28:44 2015 UTC
+++ /phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz.xml Wed
Feb 18 20:44:48 2015 UTC
@@ -55,16 +55,17 @@


- <beans:bean id="propSourcesPlaceholderConfigurer"
class="org.springframework.context.support.PropertySourcesPlaceholderConfigurer"
abstract="true"
+ <beans:bean id="propSourcesPlaceholderConfigurer"
class="org.springframework.context.support.PropertySourcesPlaceholderConfigurer"
p:fileEncoding="#{ charsetUtf8.name() }"
- p:ignoreUnresolvablePlaceholders="true"/>
-
- <beans:bean id="propSourcesPlaceholderConfigurerMain"
parent="propSourcesPlaceholderConfigurer"
- p:order="#{ T(org.springframework.core.Ordered).LOWEST_PRECEDENCE
}">
+ p:ignoreUnresolvablePlaceholders="true">
<beans:property name="locations">
- <beans:array>
-
<beans:value>classpath*:META-INF/phiz/phiz*.properties</beans:value>
- </beans:array>
+ <beans:bean
class="gov.hhs.onc.phiz.utils.PhizResourceUtils$PhizResourceSet">
+ <beans:constructor-arg name="resources">
+ <beans:array>
+
<beans:value>classpath*:META-INF/phiz/phiz*.properties</beans:value>
+ </beans:array>
+ </beans:constructor-arg>
+ </beans:bean>
</beans:property>
</beans:bean>

=======================================
--- /phiz-core/src/test/resources/META-INF/phiz/phiz-test.properties Fri
Feb 6 12:53:52 2015 UTC
+++ /phiz-core/src/test/resources/META-INF/phiz/phiz-test.properties Wed
Feb 18 20:44:48 2015 UTC
@@ -47,3 +47,16 @@

#================================================================================
phiz.logging.metrics.metric.cached.thread.states.interval=1
phiz.logging.metrics.reporter.logstash.interval=1
+
+#================================================================================
+# TEST RESOURCE UTILITIES
+#================================================================================
+phiz.test.utils.resource.resource.1.path=/META-INF/phiz/spring/spring-phiz.xml
+phiz.test.utils.resource.resource.1.file.path=#{
T(org.springframework.util.ResourceUtils).FILE_URL_PREFIX
}classes${phiz.test.utils.resource.resource.1.path}
+phiz.test.utils.resource.resource.1.jar.path=#{
T(gov.hhs.onc.phiz.utils.PhizResourceUtils).JAR_PATH_PREFIX
}phiz-core.jar!${phiz.test.utils.resource.resource.1.path}
+phiz.test.utils.resource.resource.2.path=/META-INF/phiz/spring/spring-phiz-test.xml
+phiz.test.utils.resource.resource.2.file.path=#{
T(org.springframework.util.ResourceUtils).FILE_URL_PREFIX
}classes${phiz.test.utils.resource.resource.2.path}
+phiz.test.utils.resource.resource.2.jar.path=#{
T(gov.hhs.onc.phiz.utils.PhizResourceUtils).JAR_PATH_PREFIX
}phiz-core.jar!${phiz.test.utils.resource.resource.2.path}
+phiz.test.utils.resource.resource.3.path=/META-INF/phiz/spring/spring-phiz-data.xml
+phiz.test.utils.resource.resource.3.file.path=#{
T(org.springframework.util.ResourceUtils).FILE_URL_PREFIX
}classes${phiz.test.utils.resource.resource.3.path}
+phiz.test.utils.resource.resource.3.jar.path=#{
T(gov.hhs.onc.phiz.utils.PhizResourceUtils).JAR_PATH_PREFIX
}phiz-core.jar!${phiz.test.utils.resource.resource.3.path}
=======================================
--- /phiz-core/src/test/resources/META-INF/phiz/spring/spring-phiz-test.xml
Fri Feb 6 12:53:52 2015 UTC
+++ /phiz-core/src/test/resources/META-INF/phiz/spring/spring-phiz-test.xml
Wed Feb 18 20:44:48 2015 UTC
@@ -15,138 +15,4 @@
http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd">

-

- <beans:bean id="propSourcesPlaceholderConfigurerTest"
parent="propSourcesPlaceholderConfigurer"
- p:order="#{ propSourcesPlaceholderConfigurerMain.order - 1 }">
- <beans:property name="locations">
- <beans:array>
-
<beans:value>classpath*:META-INF/phiz/phiz*-test.properties</beans:value>
- </beans:array>
- </beans:property>
- </beans:bean>
-
-

- <beans:bean id="credCaRoot" parent="credGen">
- <beans:property name="credential">
- <beans:bean parent="credImpl">
- <beans:property name="certificateRequest">
- <beans:bean parent="certReqCa">
- <beans:constructor-arg name="subject">
- 
- <beans:bean parent="dn"
-
p:commonName="${phiz.crypto.cred.ca.root.subject.cn}"/>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
- </beans:property>
- </beans:bean>
-
- 
- <beans:bean id="credCa" parent="credGen"
- p:certificateResource="${phiz.crypto.cred.ca.cert.file}">
- <beans:property name="credential">
- <beans:bean parent="credImpl"
- p:issuerCredential-ref="credCaRoot">
- <beans:property name="certificateRequest">
- <beans:bean parent="certReqCa">
- <beans:constructor-arg name="subject">
- 
- <beans:bean parent="dn"
-
p:commonName="${phiz.crypto.cred.ca.subject.cn}"/>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
- </beans:property>
- </beans:bean>
-
-

- <beans:bean id="credLeaf" parent="credImpl" abstract="true"
- p:issuerCredential-ref="credCa"/>
-
-

- 
- <beans:bean id="keyStoreCa" parent="keyStoreGen" lazy-init="true"
- p:password="${phiz.crypto.store.ca.pass}"
- p:resource="${phiz.crypto.store.ca.file}">
- <beans:property name="entryMap">
- <beans:map>
- 
- <beans:entry
key="${phiz.crypto.store.ca.entry.ca.root.alias}">
- 
- <beans:bean parent="keyStoreEntryPrivateKey"
- p:certificateChain="#{
credCaRoot.certificateResponse.identity.chain[0] }"
-
p:password="${phiz.crypto.store.ca.entry.ca.root.pass}"
- p:privateKey="#{
credCaRoot.certificateResponse.identity.privateKey }"/>
- </beans:entry>
- 
- <beans:entry key="${phiz.crypto.store.ca.entry.ca.alias}">
- 
- <beans:bean parent="keyStoreEntryPrivateKey"
- p:certificateChain="#{
credCa.certificateResponse.identity.chain[0] }"
- p:password="${phiz.crypto.store.ca.entry.ca.pass}"
- p:privateKey="#{
credCa.certificateResponse.identity.privateKey }"/>
- </beans:entry>
- </beans:map>
- </beans:property>
- </beans:bean>
-
-

- <beans:bean id="dbServer"
class="gov.hhs.onc.phiz.test.impl.PhizHsqlServer" abstract="true"
- p:daemon="true"/>
-
- 
- <beans:bean id="dbServerHub" parent="dbServer" destroy-method="stop"
init-method="start"
- p:address="${phiz.data.db.host}"
- p:databaseName="${phiz.data.db.name}"
- p:directory="${phiz.data.db.dir}"
- p:password="${phiz.data.db.user.admin.pass}"
- p:port="${phiz.data.db.port}"
- p:silent="true"
- p:user="${phiz.data.db.user.admin.name}"/>
-
-

- <beans:bean id="dbPopulator"
class="org.springframework.jdbc.datasource.init.DatabasePopulator"
abstract="true"/>
-
- <beans:bean id="dbPopulatorPlaceholderResource"
class="gov.hhs.onc.phiz.test.impl.PlaceholderResourceDatabasePopulator"
parent="dbPopulator" abstract="true"
- p:scriptEncoding-ref="charsetUtf8"/>
-
-

- <beans:bean id="dataSrcInit"
class="org.springframework.jdbc.datasource.init.DataSourceInitializer"
abstract="true"/>
-
- <beans:bean id="dataSrcInitHub" parent="dataSrcInit"
depends-on="dbServerHub"
- p:dataSource-ref="dataSrcHub">
- <beans:property name="databasePopulator">
- <beans:bean parent="dbPopulatorPlaceholderResource">
- <beans:property name="scripts">
- <beans:array>
-
<beans:value>classpath*:META-INF/phiz/db/db-init-phiz.sql</beans:value>
-
<beans:value>classpath*:META-INF/phiz/db/db-init-phiz-schema.sql</beans:value>
-
<beans:value>classpath*:META-INF/phiz/db/db-init-phiz-data.sql</beans:value>
- </beans:array>
- </beans:property>
- </beans:bean>
- </beans:property>
- </beans:bean>
-
-

- <beans:bean id="hibernateSessionFactoryHub"
parent="hibernateSessionFactoryBase" depends-on="dataSrcInitHub"
- p:dataSource-ref="dataSrcHub"/>
</beans:beans>
=======================================
--- /phiz-parent/pom.xml Fri Feb 6 12:53:52 2015 UTC
+++ /phiz-parent/pom.xml Wed Feb 18 20:44:48 2015 UTC
@@ -386,7 +386,7 @@
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
- <version>4.3.6</version>
+ <version>4.4</version>
<exclusions>
<exclusion>
<groupId>commons-logging</groupId>
@@ -407,7 +407,7 @@
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
- <version>1.8.4</version>
+ <version>1.8.5</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
@@ -422,12 +422,12 @@
<dependency>
<groupId>org.codehaus.groovy</groupId>
<artifactId>groovy-all</artifactId>
- <version>2.3.8</version>
+ <version>2.4.0</version>
</dependency>
<dependency>
<groupId>org.codehaus.janino</groupId>
<artifactId>janino</artifactId>
- <version>2.7.7</version>
+ <version>2.7.8</version>
</dependency>
<dependency>
<groupId>org.fusesource.jansi</groupId>
@@ -483,7 +483,17 @@
<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
- <version>9.3-1102-jdbc41</version>
+ <version>9.4-1200-jdbc41</version>
+ <exclusions>
+ <exclusion>
+ <groupId>com.github.dblock.waffle</groupId>
+ <artifactId>waffle-jna</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-simple</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
@@ -555,7 +565,7 @@
<dependency>
<groupId>org.testng</groupId>
<artifactId>testng</artifactId>
- <version>6.8.17</version>
+ <version>6.8.21</version>
<scope>test</scope>
</dependency>
</dependencies>
@@ -616,7 +626,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
- <version>2.9</version>
+ <version>2.10</version>
<inherited>true</inherited>
<configuration>
<silent>true</silent>
@@ -666,7 +676,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
- <version>1.3.1</version>
+ <version>1.4</version>
<inherited>true</inherited>
<executions>
<execution>
@@ -1059,7 +1069,7 @@
<inherited>true</inherited>
<configuration>
<argLine>
- -Xms128m -Xmx256m
-XX:MetaspaceSize=64m -XX:MaxMetaspaceSize=128m -XX:+UseG1GC
-XX:MaxGCPauseMillis=50 -XX:ParallelGCThreads=4 -XX:ConcGCThreads=4
-javaagent:lib/aspectjweaver-1.8.4.jar
-javaagent:lib/spring-instrument-4.1.4.RELEASE.jar
+ -Xms128m -Xmx256m
-XX:MetaspaceSize=64m -XX:MaxMetaspaceSize=128m -XX:+UseG1GC
-XX:MaxGCPauseMillis=50 -XX:ParallelGCThreads=4 -XX:ConcGCThreads=4
-javaagent:lib/aspectjweaver-1.8.5.jar
-javaagent:lib/spring-instrument-4.1.4.RELEASE.jar
</argLine>
<reportNameSuffix>it</reportNameSuffix>
<skip>true</skip>
@@ -1096,7 +1106,7 @@
<dependency>
<groupId>org.codehaus.groovy</groupId>
<artifactId>groovy-all</artifactId>
- <version>2.3.8</version>
+ <version>2.4.0</version>
<scope>runtime</scope>
</dependency>
</dependencies>
=======================================
---
/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/impl/AbstractPhizSoapUiIntegrationTests.java
Fri Jan 9 08:17:07 2015 UTC
+++
/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/impl/AbstractPhizSoapUiIntegrationTests.java
Wed Feb 18 20:44:48 2015 UTC
@@ -36,13 +36,13 @@
String[] testCaseTestsTestGroups =
Stream
.concat(Stream.of(AnnotationUtils.getAnnotations(this.testCaseTestsClass)),
-
Stream.of(AnnotationUtils.getAnnotations(this.testCaseTestsTestMethod))).filter((anno)
-> (anno instanceof Test))
- .flatMap((anno) -> Stream.of(((Test)
anno).groups())).distinct().toArray(String[]::new);
+
Stream.of(AnnotationUtils.getAnnotations(this.testCaseTestsTestMethod))).filter(anno
-> (anno instanceof Test))
+ .flatMap(anno -> Stream.of(((Test)
anno).groups())).distinct().toArray(String[]::new);

if (Stream.of(testCaseTestsTestGroups).noneMatch(
- (testCaseTestsTestGroup) ->
Stream.of(testContext.getIncludedGroups()).anyMatch(testCaseTestsTestGroup::matches))
+ testCaseTestsTestGroup ->
Stream.of(testContext.getIncludedGroups()).anyMatch(testCaseTestsTestGroup::matches))
|| Stream.of(testCaseTestsTestGroups).anyMatch(
- (testCaseTestsTestGroup) ->
Stream.of(testContext.getExcludedGroups()).anyMatch(testCaseTestsTestGroup::matches)))
{
+ testCaseTestsTestGroup ->
Stream.of(testContext.getExcludedGroups()).anyMatch(testCaseTestsTestGroup::matches)))
{
return ArrayUtils.EMPTY_OBJECT_ARRAY;
}

@@ -59,9 +59,10 @@
project
.getTestSuiteList()
.stream()
+ .filter(testSuite -> !testSuite.isDisabled())
.flatMap(
- (testSuite) ->
testSuite.getTestCaseList().stream().filter((testCase)
-> !testCase.isDisabled())
- .map((testCase) -> ((WsdlTestCasePro)
testCase))).collect(Collectors.toList());
+ testSuite ->
testSuite.getTestCaseList().stream().filter(testCase
-> !testCase.isDisabled())
+ .map(testCase -> ((WsdlTestCasePro)
testCase))).collect(Collectors.toList());

CountDownLatch projectRunLatch = new
CountDownLatch(testCases.size());
testCaseRunner.setProjectRunLatch(projectRunLatch);
@@ -76,7 +77,7 @@
projectRunThread.setDaemon(true);
projectRunThread.start();

- return testCases.stream().map((testCase) -> {
+ return testCases.stream().map(testCase -> {
T testCaseTestsInstance =
this.testCaseTestsClassBuilder.get();
testCaseTestsInstance.testCaseRunner = testCaseRunner;
testCaseTestsInstance.projectRunTask = projectRunTask;
=======================================
---
/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-test.xml
Thu Dec 25 10:17:46 2014 UTC
+++
/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-test.xml
Wed Feb 18 20:44:48 2015 UTC
@@ -15,208 +15,4 @@
http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd">

-

- 
- <beans:bean id="credTomcatServer" parent="credGen">
- <beans:property name="credential">
- <beans:bean parent="credLeaf">
- <beans:property name="certificateRequest">
- <beans:bean parent="certReqLeaf">
- <beans:constructor-arg name="subject">
- 
- <beans:bean parent="dn"
-
p:commonName="${phiz.tomcat.crypto.server.cred.ssl.subject.cn}"/>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
- </beans:property>
- </beans:bean>
-
-

- 
- <beans:bean id="credSoapUiClient" parent="credGen">
- <beans:property name="credential">
- <beans:bean parent="credLeaf">
- <beans:property name="certificateRequest">
- <beans:bean parent="certReqLeaf">
- <beans:constructor-arg name="subject">
- 
- <beans:bean parent="dn"
-
p:commonName="${phiz.soapui.crypto.client.cred.ssl.subject.cn}"/>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
- </beans:property>
- </beans:bean>
-
-

- 
- <beans:bean id="keyStoreTomcatServerKey" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.tomcat.crypto.server.store.key.pass}"
- p:resource="${phiz.tomcat.crypto.server.store.key.file}">
- <beans:property name="entryMap">
- <beans:map>
- 
- <beans:entry
key="${phiz.tomcat.crypto.server.store.key.entry.ssl.alias}">
- 
- <beans:bean parent="keyStoreEntryPrivateKey"
- p:certificateChain="#{
credTomcatServer.certificateResponse.identity.chain[0] }"
-
p:password="${phiz.tomcat.crypto.server.store.key.entry.ssl.pass}"
- p:privateKey="#{
credTomcatServer.certificateResponse.identity.privateKey }"/>
- </beans:entry>
- </beans:map>
- </beans:property>
- </beans:bean>
-
- 
- <beans:bean id="keyStoreTomcatServerTrust" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.tomcat.crypto.server.store.trust.pass}"
- p:resource="${phiz.tomcat.crypto.server.store.trust.file}">
- <beans:property name="entryMap">
- <beans:map>
- 
- <beans:entry
key="${phiz.tomcat.crypto.server.store.trust.entry.ca.alias}">
- 
- <beans:bean parent="keyStoreEntryTrustedCert"
- p:certificate="#{
credCa.certificateResponse.identity.chain[0] }"/>
- </beans:entry>
- </beans:map>
- </beans:property>
- </beans:bean>
-
-

- 
- <beans:bean id="keyStoreSoapUiClientKey" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.soapui.crypto.client.store.key.pass}"
- p:resource="${phiz.soapui.crypto.client.store.key.file}">
- <beans:property name="entryMap">
- <beans:map>
- 
- <beans:entry
key="${phiz.soapui.crypto.client.store.key.entry.ssl.alias}">
- 
- <beans:bean parent="keyStoreEntryPrivateKey"
- p:certificateChain="#{
credSoapUiClient.certificateResponse.identity.chain[0] }"
-
p:password="${phiz.soapui.crypto.client.store.key.entry.ssl.pass}"
- p:privateKey="#{
credSoapUiClient.certificateResponse.identity.privateKey }"/>
- </beans:entry>
- </beans:map>
- </beans:property>
- </beans:bean>
-
- 
- <beans:bean id="keyStoreSoapUiClientTrust" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.soapui.crypto.client.store.trust.pass}"
- p:resource="${phiz.soapui.crypto.client.store.trust.file}">
- <beans:property name="entryMap">
- <beans:map>
- 
- <beans:entry
key="${phiz.soapui.crypto.client.store.trust.entry.ca.alias}">
- 
- <beans:bean parent="keyStoreEntryTrustedCert"
- p:certificate="#{
credCa.certificateResponse.identity.chain[0] }"/>
- </beans:entry>
- </beans:map>
- </beans:property>
- </beans:bean>
-
-

- <beans:bean id="keyManagerSoapUiClient" parent="keyManagerNewSunX509"
lazy-init="true">
- <beans:property name="factoryParameters">
- <beans:bean parent="keyStoreBuilderParams">
- <beans:constructor-arg index="0"
type="java.security.KeyStore$Builder">
- <beans:bean parent="keyStoreBuilder"
factory-method="newInstance">
- <beans:constructor-arg index="0"
type="java.security.KeyStore" ref="keyStoreSoapUiClientKey"/>
- <beans:constructor-arg index="1"
type="java.security.KeyStore$ProtectionParameter">
- <beans:bean parent="keyStoreProtectionPass">
- 
- <beans:constructor-arg index="0"
type="char[]"
value="${phiz.soapui.crypto.client.store.key.entry.ssl.pass}"/>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
-
-

- <beans:bean id="trustManagerSoapUiClient" parent="trustManagerPkix"
lazy-init="true">
- <beans:property name="factoryParameters">
- <beans:bean parent="certPathTrustManagerParams">
- <beans:constructor-arg index="0"
type="java.security.cert.CertPathParameters">
- <beans:bean parent="certPathParamsPkixBuilder">
- <beans:constructor-arg index="0"
type="java.security.KeyStore" ref="keyStoreSoapUiClientTrust"/>
- <beans:constructor-arg index="1"
type="java.security.cert.CertSelector">
- <beans:bean parent="certSelectorX509"/>
- </beans:constructor-arg>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
-
-

- <beans:bean id="sslParamsSoapUiClient" parent="sslParamsBase"/>
-
-

- <beans:bean id="sslContextSoapUiClient" parent="sslContextBase"
lazy-init="true">
- <beans:property name="keyManagers">
- <beans:array>
- <beans:ref bean="keyManagerSoapUiClient"/>
- </beans:array>
- </beans:property>
- <beans:property name="trustManagers">
- <beans:array>
- <beans:ref bean="trustManagerSoapUiClient"/>
- </beans:array>
- </beans:property>
- </beans:bean>
-
-

- <beans:bean id="sslSocketFactorySoapUiClient"
parent="sslSocketFactoryBase" lazy-init="true"
- p:sslContext-ref="sslContextSoapUiClient"
- p:sslParameters-ref="sslParamsSoapUiClient"/>
-
-

- <beans:bean id="soapUiTestCaseRunner"
class="com.eviware.soapui.SoapUIProTestCaseRunner" abstract="true"/>
-
- 
- <beans:bean id="soapUiTestCaseRunnerBase"
class="gov.hhs.onc.phiz.web.test.impl.PhizSoapUiTestCaseRunner"
parent="soapUiTestCaseRunner" abstract="true"
- p:exportAll="true"
- p:JUnitReport="true"
- p:maxErrors="#{ T(java.lang.Integer).MAX_VALUE }"
- p:outputFolder="${phiz.soapui.output.dir}"
- p:printAlertSiteReport="true"
- p:printReport="true"
- p:projectFile="${phiz.soapui.project.file}"
- p:settingsFile="${phiz.soapui.settings.file}"
- p:sslParams-ref="sslParamsSoapUiClient"
- p:sslSocketFactory-ref="sslSocketFactorySoapUiClient">
- <beans:property name="reportFormats">
- <beans:array>
- <beans:value>XML</beans:value>
- </beans:array>
- </beans:property>
- </beans:bean>
</beans:beans>
=======================================
--- /phiz-web-parent/pom.xml Tue Feb 3 16:25:30 2015 UTC
+++ /phiz-web-parent/pom.xml Wed Feb 18 20:44:48 2015 UTC
@@ -141,19 +141,19 @@
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-core</artifactId>
- <version>8.0.17</version>
+ <version>8.0.18</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-el</artifactId>
- <version>8.0.17</version>
+ <version>8.0.18</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.tomcat.embed</groupId>
<artifactId>tomcat-embed-logging-log4j</artifactId>
- <version>8.0.17</version>
+ <version>8.0.18</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -404,7 +404,7 @@
<extraArguments>

<extraArgument>-Xss4m</extraArgument>

<extraArgument>-XX:MetaspaceSize=512m</extraArgument>
-
<extraArgument>-javaagent:%REPO_DIR%/aspectjweaver-1.8.4.jar</extraArgument>
+
<extraArgument>-javaagent:%REPO_DIR%/aspectjweaver-1.8.5.jar</extraArgument>

<extraArgument>-javaagent:%REPO_DIR%/spring-instrument-4.1.4.RELEASE.jar</extraArgument>
</extraArguments>

<initialMemorySize>1024M</initialMemorySize>
=======================================
--- /phiz-web-ws/src/it/soapui/soapui-phiz-web-ws.xml Fri Jan 9 08:17:07
2015 UTC
+++ /phiz-web-ws/src/it/soapui/soapui-phiz-web-ws.xml Wed Feb 18 20:44:48
2015 UTC
@@ -637,13 +637,13 @@
</con:testStep>
<con:loadTest name="SubmitSingleMessage_Load">
<con:settings/>
- <con:threadCount>10</con:threadCount>
+ <con:threadCount>5</con:threadCount>
<con:startDelay>0</con:startDelay>
<con:sampleInterval>50</con:sampleInterval>
<con:calculateTPSOnTimePassed>true</con:calculateTPSOnTimePassed>

<con:resetStatisticsOnThreadCountChange>true</con:resetStatisticsOnThreadCountChange>
<con:historyLimit>-1</con:historyLimit>
- <con:testLimit>2</con:testLimit>
+ <con:testLimit>1</con:testLimit>
<con:limitType>COUNT_PER_THREAD</con:limitType>
<con:loadStrategy>
<con:type>Simple</con:type>
=======================================
--- /phiz-web-ws/src/main/resources/META-INF/phiz/phiz-web-ws.properties
Tue Feb 3 16:25:30 2015 UTC
+++ /phiz-web-ws/src/main/resources/META-INF/phiz/phiz-web-ws.properties
Wed Feb 18 20:44:48 2015 UTC
@@ -30,8 +30,7 @@

#================================================================================
# WEB SERVICE CRYPTOGRAPHY: CLIENT KEY STORE

#================================================================================
-phiz.ws.crypto.client.store.key.file=${phiz.tomcat.crypto.server.store.key.file}
-#phiz.ws.crypto.client.store.key.file=${phiz.conf.ssl.dir}/phiz_ws_client_store_key.jks
+phiz.ws.crypto.client.store.key.file=${phiz.conf.ssl.dir}/phiz_ws_client_store_key.jks

#================================================================================
# WEB SERVICE CRYPTOGRAPHY: CLIENT KEY STORE ENTRIES
@@ -42,8 +41,7 @@

#================================================================================
# WEB SERVICE CRYPTOGRAPHY: CLIENT TRUST STORE

#================================================================================
-phiz.ws.crypto.client.store.trust.file=${phiz.tomcat.crypto.server.store.trust.file}
-#phiz.ws.crypto.client.store.trust.file=${phiz.conf.ssl.dir}/phiz_ws_client_store_trust.jks
+phiz.ws.crypto.client.store.trust.file=${phiz.conf.ssl.dir}/phiz_ws_client_store_trust.jks

#================================================================================
# WEB SERVICE CRYPTOGRAPHY: CLIENT TRUST STORE ENTRIES
=======================================
---
/phiz-web-ws/src/test/resources/META-INF/phiz/spring/spring-phiz-web-ws-test.xml
Fri Jan 9 01:16:51 2015 UTC
+++
/phiz-web-ws/src/test/resources/META-INF/phiz/spring/spring-phiz-web-ws-test.xml
Wed Feb 18 20:44:48 2015 UTC
@@ -15,50 +15,4 @@
http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd">

-

- <beans:alias name="credTomcatServer" alias="credWsClient"/>
-
-

- 
- <beans:bean id="keyStoreWsClientKey" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.ws.crypto.client.store.key.pass}"
- p:resource="${phiz.ws.crypto.client.store.key.file}">
- <beans:property name="entryMap">
- <beans:map>
- 
- <beans:entry
key="${phiz.ws.crypto.client.store.key.entry.ssl.alias}">
- 
- <beans:bean parent="keyStoreEntryPrivateKey"
- p:certificateChain="#{
credWsClient.certificateResponse.identity.chain[0] }"
-
p:password="${phiz.ws.crypto.client.store.key.entry.ssl.pass}"
- p:privateKey="#{
credWsClient.certificateResponse.identity.privateKey }"/>
- </beans:entry>
- </beans:map>
- </beans:property>
- </beans:bean>
-
- 
- <beans:bean id="keyStoreWsClientTrust" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.ws.crypto.client.store.trust.pass}"
- p:resource="${phiz.ws.crypto.client.store.trust.file}">
- <beans:property name="entryMap">
- <beans:map>
- 
- <beans:entry
key="${phiz.ws.crypto.client.store.trust.entry.ca.alias}">
- 
- <beans:bean parent="keyStoreEntryTrustedCert"
- p:certificate="#{
credCa.certificateResponse.identity.chain[0] }"/>
- </beans:entry>
- </beans:map>
- </beans:property>
- </beans:bean>
-
-

- <beans:bean id="soapUiTestCaseRunnerWs"
parent="soapUiTestCaseRunnerBase" lazy-init="true"/>
</beans:beans>

==============================================================================
Revision: cc38a0984b2f
Branch: default
Author: Michal Kotelba <michal....@esacinc.com>
Date: Wed Feb 18 20:52:23 2015 UTC
Log: - Further supports PHIZ-33.
- Removed accidentally leftover code.
https://code.google.com/p/phiz/source/detail?r=cc38a0984b2f

Deleted:
/phiz-core/src/main/java/gov/hhs/onc/phiz/xml/PhizXmlNames.java
Modified:
/phiz-core/src/main/java/gov/hhs/onc/phiz/xml/PhizXmlNs.java

=======================================
--- /phiz-core/src/main/java/gov/hhs/onc/phiz/xml/PhizXmlNames.java Wed Feb
18 20:44:48 2015 UTC
+++ /dev/null
@@ -1,8 +0,0 @@
-package gov.hhs.onc.phiz.xml;
-
-public final class PhizXmlNames {
- public final static String SPRING_BEANS_IF_NAME = "if";
-
- private PhizXmlNames() {
- }
-}
=======================================
--- /phiz-core/src/main/java/gov/hhs/onc/phiz/xml/PhizXmlNs.java Wed Feb 18
20:44:48 2015 UTC
+++ /phiz-core/src/main/java/gov/hhs/onc/phiz/xml/PhizXmlNs.java Wed Feb 18
20:52:23 2015 UTC
@@ -9,8 +9,6 @@
public final static String IIS = "urn:cdc:iisb:2014";
public final static String IIS_HUB = "urn:cdc:iisb:hub:2014";

- public final static String SPRING_BEANS
= "http://phiz-project.org/spring/schema/spring-phiz-beans";
-
private PhizXmlNs() {
}
}

==============================================================================
Revision: 4c12be7a9ee8
Branch: default
Author: Michal Kotelba <michal....@esacinc.com>
Date: Sat Feb 21 20:45:44 2015 UTC
Log: - Supports PHIZ-34.
- Implemented negative SSL/TLS SoapUI-based web service integration testing.
- Refactored/improved SSL/TLS related Spring configurations.
https://code.google.com/p/phiz/source/detail?r=4c12be7a9ee8

Added:
/phiz-core/src/main/java/gov/hhs/onc/phiz/aop/utils/PhizProxyUtils.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizSslContextAwareFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizSslManagerFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizSslSocketFactoryFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslClientSocketFactoryFactoryBean.java

/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/soapui/PhizSoapUiProperties.java

/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/soapui/impl/AbstractPhizSoapUiIntegrationTests.java

/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/soapui/impl/PhizSoapUiTestCaseRunner.java

/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/soapui/utils/PhizSoapUiUtils.java
Deleted:

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizCryptoManagerFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizCryptoSocketFactoryFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslSocketFactoryFactoryBean.java

/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/impl/AbstractPhizSoapUiIntegrationTests.java

/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/impl/PhizSoapUiTestCaseRunner.java

/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/utils/PhizSoapUiUtils.java
Modified:
/phiz-core/pom.xml

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizKeyManagerFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslServerSocketFactoryFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizTrustManagerFactoryBean.java
/phiz-core/src/main/resources/META-INF/phiz/phiz.properties

/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl.xml
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz.xml
/phiz-core/src/test/resources/META-INF/phiz/phiz-test.properties

/phiz-core/src/test/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl-test.xml
/phiz-parent/pom.xml
/phiz-tools/pom.xml
/phiz-web-core/pom.xml
/phiz-web-core/src/main/resources/META-INF/phiz/phiz-web.properties

/phiz-web-core/src/main/resources/META-INF/phiz/spring/spring-phiz-web-tomcat.xml
/phiz-web-core/src/test/resources/META-INF/phiz/phiz-web-test.properties

/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-soapui-test.xml

/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-tomcat-test.xml
/phiz-web-portal/pom.xml
/phiz-web-ws/pom.xml
/phiz-web-ws/src/it/soapui/soapui-phiz-web-ws.xml
/phiz-web-ws/src/main/resources/META-INF/phiz/phiz-web-ws.properties

/phiz-web-ws/src/main/resources/META-INF/phiz/spring/spring-phiz-web-ws-client.xml

/phiz-web-ws/src/test/java/gov/hhs/onc/phiz/web/ws/impl/PhizWebWsSoapUiIntegrationTests.java
/phiz-web-ws/src/test/resources/META-INF/phiz/phiz-web-ws-test.properties

/phiz-web-ws/src/test/resources/META-INF/phiz/spring/spring-phiz-web-ws-client-test.xml

=======================================
--- /dev/null
+++ /phiz-core/src/main/java/gov/hhs/onc/phiz/aop/utils/PhizProxyUtils.java
Sat Feb 21 20:45:44 2015 UTC
@@ -0,0 +1,62 @@
+package gov.hhs.onc.phiz.aop.utils;
+
+import com.github.sebhoss.warnings.CompilerWarnings;
+import java.lang.reflect.Method;
+import java.util.stream.Stream;
+import org.aopalliance.aop.Advice;
+import org.springframework.aop.Advisor;
+import org.springframework.aop.TargetSource;
+import org.springframework.aop.aspectj.annotation.AspectJProxyFactory;
+import org.springframework.aop.support.NameMatchMethodPointcutAdvisor;
+import org.springframework.aop.target.SingletonTargetSource;
+
+public final class PhizProxyUtils {
+ @SuppressWarnings({ CompilerWarnings.SERIAL })
+ public static class PhizSingletonTargetSource extends
SingletonTargetSource {
+ private Class<?> targetClass;
+
+ public PhizSingletonTargetSource(Object target, Class<?>
targetClass) {
+ super(target);
+
+ this.targetClass = targetClass;
+ }
+
+ @Override
+ public Class<?> getTargetClass() {
+ return this.targetClass;
+ }
+ }
+
+ @SuppressWarnings({ CompilerWarnings.SERIAL })
+ public static class PhizMethodAdvisor extends
NameMatchMethodPointcutAdvisor {
+ public PhizMethodAdvisor(Advice advice, Method ... methods) {
+ this(advice,
Stream.of(methods).map(Method::getName).toArray(String[]::new));
+ }
+
+ public PhizMethodAdvisor(Advice advice, String ... methodNames) {
+ super(advice);
+
+ this.setMappedNames(methodNames);
+ }
+ }
+
+ private PhizProxyUtils() {
+ }
+
+ public static AspectJProxyFactory buildProxyFactory(Object target,
Advisor ... advisors) {
+ return buildProxyFactory(new SingletonTargetSource(target),
advisors);
+ }
+
+ public static AspectJProxyFactory buildProxyFactory(Object target,
Class<?> targetClass, Advisor ... advisors) {
+ return buildProxyFactory(new PhizSingletonTargetSource(target,
targetClass), advisors);
+ }
+
+ public static AspectJProxyFactory buildProxyFactory(TargetSource
targetSource, Advisor ... advisors) {
+ AspectJProxyFactory proxyFactory = new AspectJProxyFactory();
+ proxyFactory.setProxyTargetClass(true);
+ proxyFactory.setTargetSource(targetSource);
+ proxyFactory.addAdvisors(advisors);
+
+ return proxyFactory;
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizSslContextAwareFactoryBean.java
Sat Feb 21 20:45:44 2015 UTC
@@ -0,0 +1,30 @@
+package gov.hhs.onc.phiz.crypto.ssl.impl;
+
+import gov.hhs.onc.phiz.crypto.impl.AbstractPhizCryptoFactoryBean;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLParameters;
+
+public abstract class AbstractPhizSslContextAwareFactoryBean<T> extends
AbstractPhizCryptoFactoryBean<T> {
+ protected SSLContext sslContext;
+ protected SSLParameters sslParams;
+
+ protected AbstractPhizSslContextAwareFactoryBean(Class<T> objClass) {
+ super(objClass);
+ }
+
+ public SSLContext getSslContext() {
+ return this.sslContext;
+ }
+
+ public void setSslContext(SSLContext sslContext) {
+ this.sslContext = sslContext;
+ }
+
+ public SSLParameters getSslParameters() {
+ return this.sslParams;
+ }
+
+ public void setSslParameters(SSLParameters sslParams) {
+ this.sslParams = sslParams;
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizSslManagerFactoryBean.java
Sat Feb 21 20:45:44 2015 UTC
@@ -0,0 +1,23 @@
+package gov.hhs.onc.phiz.crypto.ssl.impl;
+
+import gov.hhs.onc.phiz.crypto.impl.AbstractPhizCryptoFactoryBean;
+import java.security.KeyStore;
+import javax.net.ssl.ManagerFactoryParameters;
+
+public abstract class AbstractPhizSslManagerFactoryBean<T, U extends
ManagerFactoryParameters> extends AbstractPhizCryptoFactoryBean<T> {
+ protected KeyStore keyStore;
+
+ protected AbstractPhizSslManagerFactoryBean(Class<T> objClass) {
+ super(objClass);
+ }
+
+ protected abstract U buildFactoryParameters() throws Exception;
+
+ public KeyStore getKeyStore() {
+ return this.keyStore;
+ }
+
+ public void setKeyStore(KeyStore keyStore) {
+ this.keyStore = keyStore;
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizSslSocketFactoryFactoryBean.java
Sat Feb 21 20:45:44 2015 UTC
@@ -0,0 +1,17 @@
+package gov.hhs.onc.phiz.crypto.ssl.impl;
+
+import java.io.Closeable;
+import org.springframework.aop.aspectj.annotation.AspectJProxyFactory;
+
+public abstract class AbstractPhizSslSocketFactoryFactoryBean<T, U extends
Closeable> extends AbstractPhizSslContextAwareFactoryBean<T> {
+ protected AbstractPhizSslSocketFactoryFactoryBean(Class<T> objClass) {
+ super(objClass);
+ }
+
+ @Override
+ public T getObject() throws Exception {
+ return this.objClass.cast(this.buildProxyFactory().getProxy());
+ }
+
+ protected abstract AspectJProxyFactory buildProxyFactory();
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslClientSocketFactoryFactoryBean.java
Sat Feb 21 20:45:44 2015 UTC
@@ -0,0 +1,27 @@
+package gov.hhs.onc.phiz.crypto.ssl.impl;
+
+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils;
+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils.PhizMethodAdvisor;
+import javax.net.ssl.SSLSocket;
+import javax.net.ssl.SSLSocketFactory;
+import org.aopalliance.intercept.MethodInterceptor;
+import org.springframework.aop.aspectj.annotation.AspectJProxyFactory;
+
+public class PhizSslClientSocketFactoryFactoryBean extends
AbstractPhizSslSocketFactoryFactoryBean<SSLSocketFactory, SSLSocket> {
+ private final static String CREATE_SOCKET_METHOD_NAME = "createSocket";
+
+ public PhizSslClientSocketFactoryFactoryBean() {
+ super(SSLSocketFactory.class);
+ }
+
+ @Override
+ protected AspectJProxyFactory buildProxyFactory() {
+ return
PhizProxyUtils.buildProxyFactory(this.sslContext.getSocketFactory(),
this.objClass, new PhizMethodAdvisor(
+ ((MethodInterceptor) socketFactoryMethodInvocation -> {
+ SSLSocket socket = ((SSLSocket)
socketFactoryMethodInvocation.proceed());
+
socket.setSSLParameters(PhizSslClientSocketFactoryFactoryBean.this.sslParams);
+
+ return socket;
+ }), CREATE_SOCKET_METHOD_NAME));
+ }
+}
=======================================
--- /dev/null
+++
/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/soapui/PhizSoapUiProperties.java
Sat Feb 21 20:45:44 2015 UTC
@@ -0,0 +1,18 @@
+package gov.hhs.onc.phiz.web.test.soapui;
+
+import gov.hhs.onc.phiz.context.PhizProperties;
+
+public final class PhizSoapUiProperties {
+ public final static String PREFIX = PhizProperties.PREFIX
+ "test.soapui.";
+ public final static String SSL_PREFIX = PREFIX + "ssl.";
+
+ public final static String SSL_PARAMS_NAME = SSL_PREFIX + "params";
+ public final static String BAD_CIPHER_SUITES_SSL_PARAMS_VALUE
= "bad.cipher.suites";
+ public final static String BAD_PROTOCOL_VERSIONS_SSL_PARAMS_VALUE
= "bad.protocol.versions";
+
+ public final static String SSL_SOCKET_FACTORY_NAME = SSL_PREFIX
+ "socket.factory";
+ public final static String UNTRUSTED_SSL_SOCKET_FACTORY_VALUE
= "untrusted";
+
+ private PhizSoapUiProperties() {
+ }
+}
=======================================
--- /dev/null
+++
/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/soapui/impl/AbstractPhizSoapUiIntegrationTests.java
Sat Feb 21 20:45:44 2015 UTC
@@ -0,0 +1,134 @@
+package gov.hhs.onc.phiz.web.test.soapui.impl;
+
+import com.eviware.soapui.impl.wsdl.WsdlProjectPro;
+import com.eviware.soapui.impl.wsdl.WsdlTestCasePro;
+import
gov.hhs.onc.phiz.web.test.soapui.impl.AbstractPhizSoapUiIntegrationTests.PhizSoapUiTestCaseMethodInterceptor;
+import gov.hhs.onc.phiz.web.test.impl.AbstractPhizWebIntegrationTests;
+import java.lang.reflect.Method;
+import java.util.Comparator;
+import java.util.List;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.FutureTask;
+import java.util.function.IntFunction;
+import java.util.function.Supplier;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+import org.apache.commons.lang3.ArrayUtils;
+import org.springframework.core.annotation.AnnotationUtils;
+import org.springframework.test.context.TestContext;
+import org.springframework.test.context.TestContextManager;
+import org.testng.IMethodInstance;
+import org.testng.IMethodInterceptor;
+import org.testng.ITestContext;
+import org.testng.annotations.Factory;
+import org.testng.annotations.Listeners;
+import org.testng.annotations.Test;
+
+@Listeners({ PhizSoapUiTestCaseMethodInterceptor.class })
+@Test(groups = { "phiz.test.it.web.soapui.all" })
+public abstract class AbstractPhizSoapUiIntegrationTests extends
AbstractPhizWebIntegrationTests {
+ public static class PhizSoapUiTestCaseMethodInterceptor implements
IMethodInterceptor {
+ @Override
+ public List<IMethodInstance> intercept(List<IMethodInstance>
methodInstances, ITestContext testContext) {
+ methodInstances.sort(Comparator.comparingInt(methodInstance ->
((AbstractPhizSoapUiIntegrationTests)
methodInstance.getInstance()).testCaseOrder));
+
+ return methodInstances;
+ }
+ }
+
+ protected abstract static class
AbstractPhizSoapUiTestCaseIntegrationTestsFactory<T extends
AbstractPhizSoapUiIntegrationTests> {
+ protected Class<T> testCaseTestsClass;
+ protected Supplier<T> testCaseTestsClassBuilder;
+ protected IntFunction<T[]> testCaseTestsArrayBuilder;
+ protected Method testCaseTestsTestMethod;
+
+ protected
AbstractPhizSoapUiTestCaseIntegrationTestsFactory(Class<T>
testCaseTestsClass, Supplier<T> testCaseTestsClassBuilder,
+ IntFunction<T[]> testCaseTestsArrayBuilder, String
testCaseTestsTestMethodName) throws Exception {
+ this.testCaseTestsClass = testCaseTestsClass;
+ this.testCaseTestsClassBuilder = testCaseTestsClassBuilder;
+ this.testCaseTestsArrayBuilder = testCaseTestsArrayBuilder;
+ this.testCaseTestsTestMethod =
this.testCaseTestsClass.getMethod(testCaseTestsTestMethodName);
+ }
+
+ @Factory
+ public Object[] getTestCaseTests(ITestContext testContext) throws
Exception {
+ String[] testCaseTestsTestGroups =
+ Stream
+ .concat(Stream.of(AnnotationUtils.getAnnotations(this.testCaseTestsClass)),
+
Stream.of(AnnotationUtils.getAnnotations(this.testCaseTestsTestMethod))).filter(anno
-> (anno instanceof Test))
+ .flatMap(anno -> Stream.of(((Test)
anno).groups())).distinct().toArray(String[]::new);
+
+ if (Stream.of(testCaseTestsTestGroups).noneMatch(
+ testCaseTestsTestGroup ->
Stream.of(testContext.getIncludedGroups()).anyMatch(testCaseTestsTestGroup::matches))
+ || Stream.of(testCaseTestsTestGroups).anyMatch(
+ testCaseTestsTestGroup ->
Stream.of(testContext.getExcludedGroups()).anyMatch(testCaseTestsTestGroup::matches)))
{
+ return ArrayUtils.EMPTY_OBJECT_ARRAY;
+ }
+
+ PhizSoapUiTestCaseRunner testCaseRunner = new
TestContextManager(this.testCaseTestsClass) {
+ public TestContext getTestContextExternal() {
+ return this.getTestContext();
+ }
+
}.getTestContextExternal().getApplicationContext().getBean(PhizSoapUiTestCaseRunner.class);
+
+ WsdlProjectPro project = new
WsdlProjectPro(testCaseRunner.getProjectFile());
+ testCaseRunner.initProject(project);
+
+ List<WsdlTestCasePro> testCases =
+ project
+ .getTestSuiteList()
+ .stream()
+ .filter(testSuite -> !testSuite.isDisabled())
+ .flatMap(
+ testSuite ->
testSuite.getTestCaseList().stream().filter(testCase
-> !testCase.isDisabled())
+ .map(testCase -> ((WsdlTestCasePro)
testCase))).collect(Collectors.toList());
+
+ CountDownLatch projectRunLatch = new
CountDownLatch(testCases.size());
+ testCaseRunner.setProjectRunLatch(projectRunLatch);
+
+ FutureTask<Void> projectRunTask = new FutureTask<>(() -> {
+ testCaseRunner.run(project);
+
+ return null;
+ });
+
+ Thread projectRunThread = new Thread(projectRunTask);
+ projectRunThread.setDaemon(true);
+ projectRunThread.start();
+
+ T[] testCaseTestsInstances =
this.testCaseTestsArrayBuilder.apply(testCases.size());
+
+ for (int a = 0; a < testCaseTestsInstances.length; a++) {
+ testCaseTestsInstances[a] =
this.testCaseTestsClassBuilder.get();
+ testCaseTestsInstances[a].testCaseRunner = testCaseRunner;
+ testCaseTestsInstances[a].projectRunTask = projectRunTask;
+ testCaseTestsInstances[a].projectRunLatch =
projectRunLatch;
+ testCaseTestsInstances[a].testCase = testCases.get(a);
+ testCaseTestsInstances[a].testCaseOrder = a;
+ }
+
+ return testCaseTestsInstances;
+ }
+ }
+
+ protected PhizSoapUiTestCaseRunner testCaseRunner;
+ protected FutureTask<Void> projectRunTask;
+ protected CountDownLatch projectRunLatch;
+ protected WsdlTestCasePro testCase;
+ protected int testCaseOrder;
+
+ public void testTestCase() throws Exception {
+ try {
+ this.testCaseRunner.runTestCase(this.testCase);
+ } finally {
+ this.projectRunLatch.countDown();
+
+ if (this.projectRunLatch.getCount() == 0) {
+ try {
+ this.projectRunTask.get();
+ } catch (InterruptedException ignored) {
+ }
+ }
+ }
+ }
+}
=======================================
--- /dev/null
+++
/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/soapui/impl/PhizSoapUiTestCaseRunner.java
Sat Feb 21 20:45:44 2015 UTC
@@ -0,0 +1,194 @@
+package gov.hhs.onc.phiz.web.test.soapui.impl;
+
+import com.eviware.soapui.DefaultSoapUICore;
+import com.eviware.soapui.SoapUICore;
+import com.eviware.soapui.SoapUIProTestCaseRunner;
+import com.eviware.soapui.impl.wsdl.WsdlProject;
+import com.eviware.soapui.impl.wsdl.WsdlProjectPro;
+import com.eviware.soapui.impl.wsdl.WsdlProjectProFactory;
+import com.eviware.soapui.impl.wsdl.WsdlTestSuite;
+import com.eviware.soapui.impl.wsdl.WsdlTestSuitePro;
+import com.eviware.soapui.impl.wsdl.submit.RequestTransportRegistry;
+import com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport;
+import com.eviware.soapui.impl.wsdl.testcase.WsdlTestCase;
+import com.eviware.soapui.impl.wsdl.testcase.WsdlTestSuiteRunContext;
+import com.eviware.soapui.impl.wsdl.testcase.WsdlTestSuiteRunner;
+import com.eviware.soapui.model.project.ProjectFactoryRegistry;
+import com.eviware.soapui.model.propertyexpansion.PropertyExpander;
+import com.eviware.soapui.model.propertyexpansion.PropertyExpansion;
+import com.eviware.soapui.model.testsuite.LoadTest;
+import com.eviware.soapui.support.types.StringToObjectMap;
+import com.github.sebhoss.warnings.CompilerWarnings;
+import gov.hhs.onc.phiz.beans.factory.EmbeddedPlaceholderResolver;
+import gov.hhs.onc.phiz.web.test.soapui.PhizSoapUiProperties;
+import java.util.Map;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.ExecutionException;
+import java.util.concurrent.FutureTask;
+import javax.net.ssl.SSLParameters;
+import javax.net.ssl.SSLSocketFactory;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
+@SuppressWarnings({ CompilerWarnings.DEPRECATION })
+public class PhizSoapUiTestCaseRunner extends SoapUIProTestCaseRunner {
+ private final static String SPRING_REF_PROP_NAME_PREFIX =
PropertyExpansion.SCOPE_PREFIX + "Spring" +
PropertyExpansion.PROPERTY_SEPARATOR;
+
+ @Autowired
+ private EmbeddedPlaceholderResolver embeddedPlaceholderResolver;
+
+ private Map<String, SSLParameters> sslParamMap;
+ private Map<String, SSLSocketFactory> sslSocketFactoryMap;
+ private boolean projectInitialized;
+ private CountDownLatch projectRunLatch;
+ private WsdlTestSuite testSuite;
+ private CountDownLatch testSuiteRunLatch;
+ private FutureTask<Void> testSuiteRunTask;
+
+ public PhizSoapUiTestCaseRunner() {
+ super();
+ }
+
+ public boolean run(WsdlProjectPro project) throws Exception {
+
ProjectFactoryRegistry.registrerProjectFactory(WsdlProjectProFactory.WSDL_TYPE,
new WsdlProjectProFactory() {
+ @Override
+ public WsdlProjectPro createNew(String projectFile, String
projectPass) {
+ return project;
+ }
+ });
+
+ this.projectInitialized = true;
+
+ return this.run();
+ }
+
+ @Override
+ public void runTestCase(WsdlTestCase testCase) {
+ WsdlTestSuite testCaseTestSuite = testCase.getTestSuite();
+
+ if ((this.testSuite == null) |
| !testCaseTestSuite.getName().equals(this.testSuite.getName())) {
+ if (this.testSuite != null) {
+ this.testSuiteRunLatch.countDown();
+
+ try {
+ this.testSuiteRunTask.get();
+ } catch (ExecutionException | InterruptedException
ignored) {
+ }
+ }
+
+ this.testSuite = testCaseTestSuite;
+ this.testSuiteRunLatch = new CountDownLatch(1);
+
+ this.testSuiteRunTask = new FutureTask<>(() -> {
+ this.runSuite(new WsdlTestSuitePro(((WsdlProject)
testCase.getProject()), this.testSuite.getConfig()) {
+ @Override
+ public WsdlTestSuiteRunner run(StringToObjectMap
context, boolean async) {
+ WsdlTestSuiteRunner testSuiteRunner = new
WsdlTestSuiteRunner(this, context) {
+ @Override
+ public void
internalRun(WsdlTestSuiteRunContext runContext) throws Exception {
+ try {
+
PhizSoapUiTestCaseRunner.this.testSuiteRunLatch.await();
+ } catch (InterruptedException ignored) {
+ }
+ }
+ };
+
+ testSuiteRunner.start(async);
+
+ return testSuiteRunner;
+ }
+ });
+
+ return null;
+ });
+
+ Thread testSuiteRunThread = new Thread(this.testSuiteRunTask);
+ testSuiteRunThread.setDaemon(true);
+ testSuiteRunThread.start();
+ }
+
+
this.initializeSslScheme(this.sslParamMap.get(testCase.getPropertyValue(PhizSoapUiProperties.SSL_PARAMS_NAME)),
+
this.sslSocketFactoryMap.get(testCase.getPropertyValue(PhizSoapUiProperties.SSL_SOCKET_FACTORY_NAME)));
+
+ if (testCase.getLoadTestCount() > 0) {
+ testCase.getLoadTestList().stream().forEach(LoadTest::run);
+ } else {
+ super.runTestCase(testCase);
+ }
+
+ this.initializeSslScheme(this.sslParamMap.get(null),
this.sslSocketFactoryMap.get(null));
+ }
+
+ @Override
+ public void initProject(WsdlProject wsdlProject) {
+ if (this.projectInitialized) {
+ return;
+ }
+
+ this.initializeSslScheme(this.sslParamMap.get(null),
this.sslSocketFactoryMap.get(null));
+
+ super.initProject(wsdlProject);
+ }
+
+ @Override
+ protected void runProject(WsdlProject project) {
+ try {
+ this.projectRunLatch.await();
+ } catch (InterruptedException ignored) {
+ }
+ }
+
+ @Override
+ protected void initProjectProperties(WsdlProject project) {
+ PropertyExpander.getDefaultExpander().addResolver(
+ (propExpContext, propName, globalOverride) -> {
+ return (StringUtils.startsWith(propName,
SPRING_REF_PROP_NAME_PREFIX) ?
this.embeddedPlaceholderResolver.resolvePlaceholders(
+ StringUtils.removeStart(propName,
SPRING_REF_PROP_NAME_PREFIX), true) : null);
+ });
+
+ super.initProjectProperties(project);
+ }
+
+ @Override
+ protected void initGroovyLog() {
+ }
+
+ @Override
+ protected SoapUICore createSoapUICore() {
+ return new DefaultSoapUICore();
+ }
+
+ private void initializeSslScheme(SSLParameters sslParams,
SSLSocketFactory sslSocketFactory) {
+ org.apache.http.conn.scheme.SchemeRegistry httpSchemeReg =
HttpClientSupport.getHttpClient().getConnectionManager().getSchemeRegistry();
+ org.apache.http.conn.scheme.Scheme httpsScheme =
httpSchemeReg.getScheme(RequestTransportRegistry.HTTPS);
+
+ httpSchemeReg.register(new
org.apache.http.conn.scheme.Scheme(httpsScheme.getName(),
httpsScheme.getDefaultPort(),
+ new
org.apache.http.conn.ssl.SSLSocketFactory(sslSocketFactory,
sslParams.getProtocols(), sslParams.getCipherSuites(),
+ SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)));
+ }
+
+ public CountDownLatch getProjectRunLatch() {
+ return this.projectRunLatch;
+ }
+
+ public void setProjectRunLatch(CountDownLatch testCaseRunLatch) {
+ this.projectRunLatch = testCaseRunLatch;
+ }
+
+ public Map<String, SSLParameters> getSslParameterMap() {
+ return this.sslParamMap;
+ }
+
+ public void setSslParameterMap(Map<String, SSLParameters> sslParamMap)
{
+ this.sslParamMap = sslParamMap;
+ }
+
+ public Map<String, SSLSocketFactory> getSslSocketFactoryMap() {
+ return this.sslSocketFactoryMap;
+ }
+
+ public void setSslSocketFactoryMap(Map<String, SSLSocketFactory>
sslSocketFactoryMap) {
+ this.sslSocketFactoryMap = sslSocketFactoryMap;
+ }
+}
=======================================
--- /dev/null
+++
/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/soapui/utils/PhizSoapUiUtils.java
Sat Feb 21 20:45:44 2015 UTC
@@ -0,0 +1,35 @@
+package gov.hhs.onc.phiz.web.test.soapui.utils;
+
+import com.eviware.soapui.model.iface.MessageExchange;
+import com.eviware.soapui.model.propertyexpansion.PropertyExpansionContext;
+import com.eviware.soapui.support.GroovyUtilsPro;
+import java.util.Objects;
+import org.apache.cxf.ws.addressing.JAXWSAConstants;
+import org.apache.cxf.ws.addressing.Names;
+
+public final class PhizSoapUiUtils {
+ public final static String DECL_NS_XPATH_PREFIX = "declare namespace ";
+ public final static String DECL_NS_XPATH_DELIM = "='";
+ public final static String DECL_NS_XPATH_SUFFIX = "';";
+
+ public final static String WSA_DECL_NS_XPATH = DECL_NS_XPATH_PREFIX +
JAXWSAConstants.WSA_PREFIX + DECL_NS_XPATH_DELIM + Names.WSA_NAMESPACE_NAME
+ + DECL_NS_XPATH_SUFFIX;
+
+ public final static String WSA_ELEM_XPATH_PREFIX = WSA_DECL_NS_XPATH
+ " //" + JAXWSAConstants.WSA_PREFIX + ":";
+ public final static String WSA_MSG_ID_ELEM_XPATH =
WSA_ELEM_XPATH_PREFIX + Names.WSA_MESSAGEID_NAME;
+ public final static String WSA_RELATES_TO_ELEM_XPATH =
WSA_ELEM_XPATH_PREFIX + Names.WSA_RELATESTO_NAME;
+
+ private PhizSoapUiUtils() {
+ }
+
+ public static void
assertAddressingMessageIdsMatch(PropertyExpansionContext
propExpansionContext, MessageExchange msgExchange) throws Exception {
+ GroovyUtilsPro groovyUtils =
createGroovyUtils(propExpansionContext);
+
+ assert
Objects.equals(groovyUtils.getXmlHolder(msgExchange.getRequestContentAsXml()).getNodeValue(WSA_MSG_ID_ELEM_XPATH),
+
groovyUtils.getXmlHolder(msgExchange.getResponseContentAsXml()).getNodeValue(WSA_RELATES_TO_ELEM_XPATH));
+ }
+
+ public static GroovyUtilsPro
createGroovyUtils(PropertyExpansionContext propExpansionContext) {
+ return new GroovyUtilsPro(propExpansionContext);
+ }
+}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizCryptoManagerFactoryBean.java
Sun Jan 4 15:55:30 2015 UTC
+++ /dev/null
@@ -1,20 +0,0 @@
-package gov.hhs.onc.phiz.crypto.ssl.impl;
-
-import gov.hhs.onc.phiz.crypto.impl.AbstractPhizCryptoFactoryBean;
-import javax.net.ssl.ManagerFactoryParameters;
-
-public abstract class AbstractPhizCryptoManagerFactoryBean<T, U extends
ManagerFactoryParameters> extends AbstractPhizCryptoFactoryBean<T> {
- protected U factoryParams;
-
- protected AbstractPhizCryptoManagerFactoryBean(Class<T> objClass) {
- super(objClass);
- }
-
- public U getFactoryParameters() {
- return this.factoryParams;
- }
-
- public void setFactoryParameters(U factoryParams) {
- this.factoryParams = factoryParams;
- }
-}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizCryptoSocketFactoryFactoryBean.java
Sun Jan 4 15:55:30 2015 UTC
+++ /dev/null
@@ -1,40 +0,0 @@
-package gov.hhs.onc.phiz.crypto.ssl.impl;
-
-import gov.hhs.onc.phiz.crypto.impl.AbstractPhizCryptoFactoryBean;
-import java.io.Closeable;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLParameters;
-import org.springframework.aop.framework.ProxyFactory;
-
-public abstract class AbstractPhizCryptoSocketFactoryFactoryBean<T, U
extends Closeable> extends AbstractPhizCryptoFactoryBean<T> {
- protected SSLContext sslContext;
- protected SSLParameters sslParams;
-
- protected AbstractPhizCryptoSocketFactoryFactoryBean(Class<T>
objClass) {
- super(objClass);
- }
-
- protected ProxyFactory buildSocketFactoryProxyFactory(T socketFactory)
{
- ProxyFactory socketFactoryProxyFactory = new ProxyFactory();
- socketFactoryProxyFactory.setProxyTargetClass(true);
- socketFactoryProxyFactory.setTargetClass(this.objClass);
-
- return socketFactoryProxyFactory;
- }
-
- public SSLContext getSslContext() {
- return this.sslContext;
- }
-
- public void setSslContext(SSLContext sslContext) {
- this.sslContext = sslContext;
- }
-
- public SSLParameters getSslParameters() {
- return this.sslParams;
- }
-
- public void setSslParameters(SSLParameters sslParams) {
- this.sslParams = sslParams;
- }
-}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslSocketFactoryFactoryBean.java
Wed Feb 18 20:44:48 2015 UTC
+++ /dev/null
@@ -1,54 +0,0 @@
-package gov.hhs.onc.phiz.crypto.ssl.impl;
-
-import java.lang.reflect.Method;
-import java.lang.reflect.Modifier;
-import java.util.Optional;
-import java.util.Set;
-import javax.net.ssl.HandshakeCompletedListener;
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
-import org.aopalliance.intercept.MethodInterceptor;
-import org.apache.commons.lang3.ClassUtils;
-import org.springframework.aop.framework.ProxyFactory;
-
-public class PhizSslSocketFactoryFactoryBean extends
AbstractPhizCryptoSocketFactoryFactoryBean<SSLSocketFactory, SSLSocket> {
- private Set<HandshakeCompletedListener> handshakeCompletedListeners;
-
- public PhizSslSocketFactoryFactoryBean() {
- super(SSLSocketFactory.class);
- }
-
- @Override
- public SSLSocketFactory getObject() throws Exception {
- return
this.objClass.cast(this.buildSocketFactoryProxyFactory(this.sslContext.getSocketFactory()).getProxy());
- }
-
- @Override
- protected ProxyFactory buildSocketFactoryProxyFactory(SSLSocketFactory
socketFactory) {
- ProxyFactory socketFactoryProxyFactory =
super.buildSocketFactoryProxyFactory(socketFactory);
- socketFactoryProxyFactory.addAdvice(((MethodInterceptor)
(methodInvocation) -> {
- Method method = methodInvocation.getMethod();
- Object methodReturnValue =
method.invoke((!Modifier.isStatic(method.getModifiers()) ? socketFactory :
null), methodInvocation.getArguments());
-
- if (ClassUtils.isAssignable(method.getReturnType(),
SSLSocket.class)) {
- SSLSocket sslSocket = ((SSLSocket) methodReturnValue);
- sslSocket.setSSLParameters(this.sslParams);
-
- Optional.of(this.handshakeCompletedListeners).ifPresent(
- (handshakeCompletedListeners) ->
handshakeCompletedListeners.stream().forEach(sslSocket::addHandshakeCompletedListener));
- }
-
- return methodReturnValue;
- }));
-
- return socketFactoryProxyFactory;
- }
-
- public Set<HandshakeCompletedListener>
getHandshakeCompletedListeners() {
- return this.handshakeCompletedListeners;
- }
-
- public void
setHandshakeCompletedListeners(Set<HandshakeCompletedListener>
handshakeCompletedListeners) {
- this.handshakeCompletedListeners = handshakeCompletedListeners;
- }
-}
=======================================
---
/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/impl/AbstractPhizSoapUiIntegrationTests.java
Wed Feb 18 20:44:48 2015 UTC
+++ /dev/null
@@ -1,111 +0,0 @@
-package gov.hhs.onc.phiz.web.test.impl;
-
-import com.eviware.soapui.impl.wsdl.WsdlProjectPro;
-import com.eviware.soapui.impl.wsdl.WsdlTestCasePro;
-import java.lang.reflect.Method;
-import java.util.List;
-import java.util.concurrent.CountDownLatch;
-import java.util.concurrent.FutureTask;
-import java.util.function.Supplier;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-import org.apache.commons.lang3.ArrayUtils;
-import org.springframework.core.annotation.AnnotationUtils;
-import org.springframework.test.context.TestContext;
-import org.springframework.test.context.TestContextManager;
-import org.testng.ITestContext;
-import org.testng.annotations.Factory;
-import org.testng.annotations.Test;
-
-@Test(groups = { "phiz.test.it.web.soapui.all" })
-public abstract class AbstractPhizSoapUiIntegrationTests extends
AbstractPhizWebIntegrationTests {
- protected abstract static class
AbstractPhizSoapUiTestCaseIntegrationTestsFactory<T extends
AbstractPhizSoapUiIntegrationTests> {
- protected Class<T> testCaseTestsClass;
- protected Supplier<T> testCaseTestsClassBuilder;
- protected Method testCaseTestsTestMethod;
-
- protected
AbstractPhizSoapUiTestCaseIntegrationTestsFactory(Class<T>
testCaseTestsClass, Supplier<T> testCaseTestsClassBuilder,
- String testCaseTestsTestMethodName) throws Exception {
- this.testCaseTestsClass = testCaseTestsClass;
- this.testCaseTestsClassBuilder = testCaseTestsClassBuilder;
- this.testCaseTestsTestMethod =
this.testCaseTestsClass.getMethod(testCaseTestsTestMethodName);
- }
-
- @Factory
- public Object[] getTestCaseTests(ITestContext testContext) throws
Exception {
- String[] testCaseTestsTestGroups =
- Stream
- .concat(Stream.of(AnnotationUtils.getAnnotations(this.testCaseTestsClass)),
-
Stream.of(AnnotationUtils.getAnnotations(this.testCaseTestsTestMethod))).filter(anno
-> (anno instanceof Test))
- .flatMap(anno -> Stream.of(((Test)
anno).groups())).distinct().toArray(String[]::new);
-
- if (Stream.of(testCaseTestsTestGroups).noneMatch(
- testCaseTestsTestGroup ->
Stream.of(testContext.getIncludedGroups()).anyMatch(testCaseTestsTestGroup::matches))
- || Stream.of(testCaseTestsTestGroups).anyMatch(
- testCaseTestsTestGroup ->
Stream.of(testContext.getExcludedGroups()).anyMatch(testCaseTestsTestGroup::matches)))
{
- return ArrayUtils.EMPTY_OBJECT_ARRAY;
- }
-
- PhizSoapUiTestCaseRunner testCaseRunner = new
TestContextManager(this.testCaseTestsClass) {
- public TestContext getTestContextExternal() {
- return this.getTestContext();
- }
-
}.getTestContextExternal().getApplicationContext().getBean(PhizSoapUiTestCaseRunner.class);
-
- WsdlProjectPro project = new
WsdlProjectPro(testCaseRunner.getProjectFile());
- testCaseRunner.initProject(project);
-
- List<WsdlTestCasePro> testCases =
- project
- .getTestSuiteList()
- .stream()
- .filter(testSuite -> !testSuite.isDisabled())
- .flatMap(
- testSuite ->
testSuite.getTestCaseList().stream().filter(testCase
-> !testCase.isDisabled())
- .map(testCase -> ((WsdlTestCasePro)
testCase))).collect(Collectors.toList());
-
- CountDownLatch projectRunLatch = new
CountDownLatch(testCases.size());
- testCaseRunner.setProjectRunLatch(projectRunLatch);
-
- FutureTask<Void> projectRunTask = new FutureTask<>(() -> {
- testCaseRunner.run(project);
-
- return null;
- });
-
- Thread projectRunThread = new Thread(projectRunTask);
- projectRunThread.setDaemon(true);
- projectRunThread.start();
-
- return testCases.stream().map(testCase -> {
- T testCaseTestsInstance =
this.testCaseTestsClassBuilder.get();
- testCaseTestsInstance.testCaseRunner = testCaseRunner;
- testCaseTestsInstance.projectRunTask = projectRunTask;
- testCaseTestsInstance.projectRunLatch = projectRunLatch;
- testCaseTestsInstance.testCase = testCase;
-
- return testCaseTestsInstance;
- }).toArray();
- }
- }
-
- protected PhizSoapUiTestCaseRunner testCaseRunner;
- protected FutureTask<Void> projectRunTask;
- protected CountDownLatch projectRunLatch;
- protected WsdlTestCasePro testCase;
-
- public void testTestCase() throws Exception {
- try {
- this.testCaseRunner.runTestCase(this.testCase);
- } finally {
- this.projectRunLatch.countDown();
-
- if (this.projectRunLatch.getCount() == 0) {
- try {
- this.projectRunTask.get();
- } catch (InterruptedException ignored) {
- }
- }
- }
- }
-}
=======================================
---
/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/impl/PhizSoapUiTestCaseRunner.java
Tue Jan 20 22:42:18 2015 UTC
+++ /dev/null
@@ -1,186 +0,0 @@
-package gov.hhs.onc.phiz.web.test.impl;
-
-import com.eviware.soapui.DefaultSoapUICore;
-import com.eviware.soapui.SoapUICore;
-import com.eviware.soapui.SoapUIProTestCaseRunner;
-import com.eviware.soapui.impl.wsdl.WsdlProject;
-import com.eviware.soapui.impl.wsdl.WsdlProjectPro;
-import com.eviware.soapui.impl.wsdl.WsdlProjectProFactory;
-import com.eviware.soapui.impl.wsdl.WsdlTestSuite;
-import com.eviware.soapui.impl.wsdl.WsdlTestSuitePro;
-import com.eviware.soapui.impl.wsdl.submit.RequestTransportRegistry;
-import com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport;
-import com.eviware.soapui.impl.wsdl.support.http.SoapUISSLSocketFactory;
-import com.eviware.soapui.impl.wsdl.testcase.WsdlTestCase;
-import com.eviware.soapui.impl.wsdl.testcase.WsdlTestSuiteRunContext;
-import com.eviware.soapui.impl.wsdl.testcase.WsdlTestSuiteRunner;
-import com.eviware.soapui.model.project.ProjectFactoryRegistry;
-import com.eviware.soapui.model.propertyexpansion.PropertyExpander;
-import com.eviware.soapui.model.propertyexpansion.PropertyExpansion;
-import com.eviware.soapui.model.testsuite.LoadTest;
-import com.eviware.soapui.support.types.StringToObjectMap;
-import com.github.sebhoss.warnings.CompilerWarnings;
-import gov.hhs.onc.phiz.beans.factory.EmbeddedPlaceholderResolver;
-import java.util.concurrent.CountDownLatch;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.FutureTask;
-import javax.net.ssl.SSLParameters;
-import javax.net.ssl.SSLSocketFactory;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-
-@SuppressWarnings({ CompilerWarnings.DEPRECATION })
-public class PhizSoapUiTestCaseRunner extends SoapUIProTestCaseRunner {
- private final static String SPRING_REF_PROP_NAME_PREFIX =
PropertyExpansion.SCOPE_PREFIX + "Spring" +
PropertyExpansion.PROPERTY_SEPARATOR;
-
- @Autowired
- private EmbeddedPlaceholderResolver embeddedPlaceholderResolver;
-
- private SSLParameters sslParams;
- private SSLSocketFactory sslSocketFactory;
- private boolean projectInitialized;
- private CountDownLatch projectRunLatch;
- private WsdlTestSuite testSuite;
- private CountDownLatch testSuiteRunLatch;
- private FutureTask<Void> testSuiteRunTask;
-
- public PhizSoapUiTestCaseRunner() {
- super();
- }
-
- public boolean run(WsdlProjectPro project) throws Exception {
-
ProjectFactoryRegistry.registrerProjectFactory(WsdlProjectProFactory.WSDL_TYPE,
new WsdlProjectProFactory() {
- @Override
- public WsdlProjectPro createNew(String projectFile, String
projectPass) {
- return project;
- }
- });
-
- this.projectInitialized = true;
-
- return this.run();
- }
-
- @Override
- public void runTestCase(WsdlTestCase testCase) {
- WsdlTestSuite testCaseTestSuite = testCase.getTestSuite();
-
- if ((this.testSuite == null) |
| !testCaseTestSuite.getName().equals(this.testSuite.getName())) {
- if (this.testSuite != null) {
- this.testSuiteRunLatch.countDown();
-
- try {
- this.testSuiteRunTask.get();
- } catch (ExecutionException | InterruptedException
ignored) {
- }
- }
-
- this.testSuite = testCaseTestSuite;
- this.testSuiteRunLatch = new CountDownLatch(1);
-
- this.testSuiteRunTask = new FutureTask<>(() -> {
- this.runSuite(new WsdlTestSuitePro(((WsdlProject)
testCase.getProject()), this.testSuite.getConfig()) {
- @Override
- public WsdlTestSuiteRunner run(StringToObjectMap
context, boolean async) {
- WsdlTestSuiteRunner testSuiteRunner = new
WsdlTestSuiteRunner(this, context) {
- @Override
- public void
internalRun(WsdlTestSuiteRunContext runContext) throws Exception {
- try {
-
PhizSoapUiTestCaseRunner.this.testSuiteRunLatch.await();
- } catch (InterruptedException ignored) {
- }
- }
- };
-
- testSuiteRunner.start(async);
-
- return testSuiteRunner;
- }
- });
-
- return null;
- });
-
- Thread testSuiteRunThread = new Thread(this.testSuiteRunTask);
- testSuiteRunThread.setDaemon(true);
- testSuiteRunThread.start();
- }
-
- if (testCase.getLoadTestCount() > 0) {
- testCase.getLoadTestList().stream().forEach(LoadTest::run);
- } else {
- super.runTestCase(testCase);
- }
- }
-
- @Override
- public void initProject(WsdlProject wsdlProject) {
- if (this.projectInitialized) {
- return;
- }
-
- org.apache.http.conn.scheme.SchemeRegistry httpSchemeReg =
HttpClientSupport.getHttpClient().getConnectionManager().getSchemeRegistry();
- org.apache.http.conn.scheme.Scheme httpsScheme =
httpSchemeReg.getScheme(RequestTransportRegistry.HTTPS);
-
- if (httpsScheme.getSchemeSocketFactory() instanceof
SoapUISSLSocketFactory) {
- httpSchemeReg.register(new
org.apache.http.conn.scheme.Scheme(httpsScheme.getName(),
httpsScheme.getDefaultPort(),
- new
org.apache.http.conn.ssl.SSLSocketFactory(this.sslSocketFactory,
this.sslParams.getProtocols(), this.sslParams.getCipherSuites(),
-
SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)));
- }
-
- super.initProject(wsdlProject);
- }
-
- @Override
- protected void runProject(WsdlProject project) {
- try {
- this.projectRunLatch.await();
- } catch (InterruptedException ignored) {
- }
- }
-
- @Override
- protected void initProjectProperties(WsdlProject project) {
- PropertyExpander.getDefaultExpander().addResolver(
- (propExpContext, propName, globalOverride) -> {
- return (StringUtils.startsWith(propName,
SPRING_REF_PROP_NAME_PREFIX) ?
this.embeddedPlaceholderResolver.resolvePlaceholders(
- StringUtils.removeStart(propName,
SPRING_REF_PROP_NAME_PREFIX), true) : null);
- });
-
- super.initProjectProperties(project);
- }
-
- @Override
- protected void initGroovyLog() {
- }
-
- @Override
- protected SoapUICore createSoapUICore() {
- return new DefaultSoapUICore();
- }
-
- public SSLParameters getSslParams() {
- return this.sslParams;
- }
-
- public void setSslParams(SSLParameters sslParams) {
- this.sslParams = sslParams;
- }
-
- public SSLSocketFactory getSslSocketFactory() {
- return this.sslSocketFactory;
- }
-
- public void setSslSocketFactory(SSLSocketFactory sslSocketFactory) {
- this.sslSocketFactory = sslSocketFactory;
- }
-
- public CountDownLatch getProjectRunLatch() {
- return this.projectRunLatch;
- }
-
- public void setProjectRunLatch(CountDownLatch testCaseRunLatch) {
- this.projectRunLatch = testCaseRunLatch;
- }
-}
=======================================
---
/phiz-web-core/src/test/java/gov/hhs/onc/phiz/web/test/utils/PhizSoapUiUtils.java
Fri Jan 9 08:17:07 2015 UTC
+++ /dev/null
@@ -1,35 +0,0 @@
-package gov.hhs.onc.phiz.web.test.utils;
-
-import com.eviware.soapui.model.iface.MessageExchange;
-import com.eviware.soapui.model.propertyexpansion.PropertyExpansionContext;
-import com.eviware.soapui.support.GroovyUtilsPro;
-import java.util.Objects;
-import org.apache.cxf.ws.addressing.JAXWSAConstants;
-import org.apache.cxf.ws.addressing.Names;
-
-public final class PhizSoapUiUtils {
- public final static String DECL_NS_XPATH_PREFIX = "declare namespace ";
- public final static String DECL_NS_XPATH_DELIM = "='";
- public final static String DECL_NS_XPATH_SUFFIX = "';";
-
- public final static String WSA_DECL_NS_XPATH = DECL_NS_XPATH_PREFIX +
JAXWSAConstants.WSA_PREFIX + DECL_NS_XPATH_DELIM + Names.WSA_NAMESPACE_NAME
- + DECL_NS_XPATH_SUFFIX;
-
- public final static String WSA_ELEM_XPATH_PREFIX = WSA_DECL_NS_XPATH
+ " //" + JAXWSAConstants.WSA_PREFIX + ":";
- public final static String WSA_MSG_ID_ELEM_XPATH =
WSA_ELEM_XPATH_PREFIX + Names.WSA_MESSAGEID_NAME;
- public final static String WSA_RELATES_TO_ELEM_XPATH =
WSA_ELEM_XPATH_PREFIX + Names.WSA_RELATESTO_NAME;
-
- private PhizSoapUiUtils() {
- }
-
- public static void
assertAddressingMessageIdsMatch(PropertyExpansionContext
propExpansionContext, MessageExchange msgExchange) throws Exception {
- GroovyUtilsPro groovyUtils =
createGroovyUtils(propExpansionContext);
-
- assert
Objects.equals(groovyUtils.getXmlHolder(msgExchange.getRequestContentAsXml()).getNodeValue(WSA_MSG_ID_ELEM_XPATH),
-
groovyUtils.getXmlHolder(msgExchange.getResponseContentAsXml()).getNodeValue(WSA_RELATES_TO_ELEM_XPATH));
- }
-
- public static GroovyUtilsPro
createGroovyUtils(PropertyExpansionContext propExpansionContext) {
- return new GroovyUtilsPro(propExpansionContext);
- }
-}
=======================================
--- /phiz-core/pom.xml Fri Feb 6 12:53:52 2015 UTC
+++ /phiz-core/pom.xml Sat Feb 21 20:45:44 2015 UTC
@@ -189,6 +189,10 @@
<artifactId>httpcore-nio</artifactId>
</dependency>
<dependency>
+ <groupId>org.aspectj</groupId>
+ <artifactId>aspectjrt</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
</dependency>
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizKeyManagerFactoryBean.java
Sun Jan 4 15:55:30 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizKeyManagerFactoryBean.java
Sat Feb 21 20:45:44 2015 UTC
@@ -1,10 +1,14 @@
package gov.hhs.onc.phiz.crypto.ssl.impl;

+import java.security.KeyStore.Builder;
+import java.security.KeyStore.PasswordProtection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.KeyStoreBuilderParameters;

-public class PhizKeyManagerFactoryBean extends
AbstractPhizCryptoManagerFactoryBean<KeyManager, KeyStoreBuilderParameters>
{
+public class PhizKeyManagerFactoryBean extends
AbstractPhizSslManagerFactoryBean<KeyManager, KeyStoreBuilderParameters> {
+ protected String pass;
+
public PhizKeyManagerFactoryBean() {
super(KeyManager.class);
}
@@ -12,8 +16,17 @@
@Override
public KeyManager getObject() throws Exception {
KeyManagerFactory factory =
KeyManagerFactory.getInstance(this.type, this.prov);
- factory.init(this.factoryParams);
+ factory.init(this.buildFactoryParameters());

return factory.getKeyManagers()[0];
}
+
+ @Override
+ protected KeyStoreBuilderParameters buildFactoryParameters() throws
Exception {
+ return new
KeyStoreBuilderParameters(Builder.newInstance(this.keyStore, new
PasswordProtection(((this.pass != null) ? this.pass.toCharArray() :
null))));
+ }
+
+ public void setPassword(String pass) {
+ this.pass = pass;
+ }
}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslServerSocketFactoryFactoryBean.java
Sun Jan 4 15:55:30 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslServerSocketFactoryFactoryBean.java
Sat Feb 21 20:45:44 2015 UTC
@@ -1,37 +1,27 @@
package gov.hhs.onc.phiz.crypto.ssl.impl;

-import java.lang.reflect.Method;
-import java.lang.reflect.Modifier;
+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils;
+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils.PhizMethodAdvisor;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import org.aopalliance.intercept.MethodInterceptor;
-import org.apache.commons.lang3.ClassUtils;
-import org.springframework.aop.framework.ProxyFactory;
+import org.springframework.aop.aspectj.annotation.AspectJProxyFactory;

-public class PhizSslServerSocketFactoryFactoryBean extends
AbstractPhizCryptoSocketFactoryFactoryBean<SSLServerSocketFactory,
SSLServerSocket> {
+public class PhizSslServerSocketFactoryFactoryBean extends
AbstractPhizSslSocketFactoryFactoryBean<SSLServerSocketFactory,
SSLServerSocket> {
+ private final static String CREATE_SERVER_SOCKET_METHOD_NAME
= "createServerSocket";
+
public PhizSslServerSocketFactoryFactoryBean() {
super(SSLServerSocketFactory.class);
}

@Override
- public SSLServerSocketFactory getObject() throws Exception {
- return
this.objClass.cast(this.buildSocketFactoryProxyFactory(this.sslContext.getServerSocketFactory()).getProxy());
- }
-
- @Override
- protected ProxyFactory
buildSocketFactoryProxyFactory(SSLServerSocketFactory socketFactory) {
- ProxyFactory socketFactoryProxyFactory =
super.buildSocketFactoryProxyFactory(socketFactory);
- socketFactoryProxyFactory.addAdvice(((MethodInterceptor)
(methodInvocation) -> {
- Method method = methodInvocation.getMethod();
- Object methodReturnValue =
method.invoke((!Modifier.isStatic(method.getModifiers()) ? socketFactory :
null), methodInvocation.getArguments());
-
- if (ClassUtils.isAssignable(method.getReturnType(),
SSLServerSocket.class)) {
- ((SSLServerSocket)
methodReturnValue).setSSLParameters(this.sslParams);
- }
-
- return methodReturnValue;
- }));
+ protected AspectJProxyFactory buildProxyFactory() {
+ return
PhizProxyUtils.buildProxyFactory(this.sslContext.getServerSocketFactory(),
this.objClass, new PhizMethodAdvisor(
+ ((MethodInterceptor) serverSocketFactoryMethodInvocation -> {
+ SSLServerSocket serverSocket = ((SSLServerSocket)
serverSocketFactoryMethodInvocation.proceed());
+
serverSocket.setSSLParameters(PhizSslServerSocketFactoryFactoryBean.this.sslParams);

- return socketFactoryProxyFactory;
+ return serverSocket;
+ }), CREATE_SERVER_SOCKET_METHOD_NAME));
}
}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizTrustManagerFactoryBean.java
Sun Jan 4 15:55:30 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizTrustManagerFactoryBean.java
Sat Feb 21 20:45:44 2015 UTC
@@ -1,10 +1,14 @@
package gov.hhs.onc.phiz.crypto.ssl.impl;

+import java.security.cert.CertSelector;
+import java.security.cert.PKIXBuilderParameters;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

-public class PhizTrustManagerFactoryBean extends
AbstractPhizCryptoManagerFactoryBean<TrustManager,
CertPathTrustManagerParameters> {
+public class PhizTrustManagerFactoryBean extends
AbstractPhizSslManagerFactoryBean<TrustManager,
CertPathTrustManagerParameters> {
+ private CertSelector certSelector;
+
public PhizTrustManagerFactoryBean() {
super(TrustManager.class);
}
@@ -12,8 +16,24 @@
@Override
public TrustManager getObject() throws Exception {
TrustManagerFactory factory =
TrustManagerFactory.getInstance(this.type, this.prov);
- factory.init(this.factoryParams);
+ factory.init(this.buildFactoryParameters());

return factory.getTrustManagers()[0];
}
+
+ @Override
+ protected CertPathTrustManagerParameters buildFactoryParameters()
throws Exception {
+ PKIXBuilderParameters builderParams = new
PKIXBuilderParameters(this.keyStore, this.certSelector);
+ builderParams.setRevocationEnabled(false);
+
+ return new CertPathTrustManagerParameters(builderParams);
+ }
+
+ public CertSelector getCertSelector() {
+ return this.certSelector;
+ }
+
+ public void setCertSelector(CertSelector certSelector) {
+ this.certSelector = certSelector;
+ }
}
=======================================
--- /phiz-core/src/main/resources/META-INF/phiz/phiz.properties Fri Feb 6
12:53:52 2015 UTC
+++ /phiz-core/src/main/resources/META-INF/phiz/phiz.properties Sat Feb 21
20:45:44 2015 UTC
@@ -33,9 +33,8 @@
TLS_DHE_RSA_WITH_AES_128_CBC_SHA

#================================================================================
-# CRYPTOGRAPHY: CERTIFICATE AUTHORITY CREDENTIALS
+# CRYPTOGRAPHY CREDENTIALS: CERTIFICATE AUTHORITY

#================================================================================
-phiz.crypto.cred.ca.root.subject.cn=phiz_ca_root
phiz.crypto.cred.ca.subject.cn=phiz_ca

#================================================================================
=======================================
---
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl.xml
Wed Feb 18 20:44:48 2015 UTC
+++
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl.xml
Sat Feb 21 20:45:44 2015 UTC
@@ -15,27 +15,12 @@
http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util.xsd">

-

- <beans:bean id="managerFactoryParams"
class="javax.net.ssl.ManagerFactoryParameters" abstract="true"/>
-
-

- <beans:bean id="keyStoreBuilder"
class="java.security.KeyStore$Builder" abstract="true"/>
-
-

- <beans:bean id="keyStoreBuilderParams"
class="javax.net.ssl.KeyStoreBuilderParameters"
parent="managerFactoryParams" abstract="true"/>
-


<beans:bean id="keyManager" class="javax.net.ssl.KeyManager"
abstract="true"/>

- <beans:bean id="keyManagerNewSunX509"
class="gov.hhs.onc.phiz.crypto.ssl.impl.PhizKeyManagerFactoryBean"
parent="keyManager" abstract="true"
+ <beans:bean id="keyManagerBase"
class="gov.hhs.onc.phiz.crypto.ssl.impl.PhizKeyManagerFactoryBean"
parent="keyManager" abstract="true"
p:provider="#{
T(gov.hhs.onc.phiz.crypto.PhizCryptoProviders).SUN_JSSE }"
p:type="NewSunX509"/>

@@ -44,39 +29,23 @@

=====================================================================================================-->
<beans:bean id="certSelector" class="java.security.cert.CertSelector"
abstract="true"/>

- <beans:bean id="certSelectorX509"
class="java.security.cert.X509CertSelector" parent="certSelector"
abstract="true"/>
-
-

- <beans:bean id="certPathParams"
class="java.security.cert.CertPathParameters" abstract="true"/>
-
- <beans:bean id="certPathParamsPkix"
class="java.security.cert.PKIXParameters" parent="certPathParams"
abstract="true"/>
-
- <beans:bean id="certPathParamsPkixBuilder"
class="java.security.cert.PKIXBuilderParameters"
parent="certPathParamsPkix" abstract="true"
- p:revocationEnabled="false"/>
-
-

- <beans:bean id="certPathTrustManagerParams"
class="javax.net.ssl.CertPathTrustManagerParameters"
parent="managerFactoryParams" abstract="true"/>
+ <beans:bean id="certSelectorX509"
class="java.security.cert.X509CertSelector" parent="certSelector"/>


<beans:bean id="trustManager" class="javax.net.ssl.TrustManager"
abstract="true"/>

- <beans:bean id="trustManagerPkix"
class="gov.hhs.onc.phiz.crypto.ssl.impl.PhizTrustManagerFactoryBean"
parent="trustManager" abstract="true"
+ <beans:bean id="trustManagerBase"
class="gov.hhs.onc.phiz.crypto.ssl.impl.PhizTrustManagerFactoryBean"
parent="trustManager" abstract="true"
+ p:certSelector-ref="certSelectorX509"
p:provider="#{
T(gov.hhs.onc.phiz.crypto.PhizCryptoProviders).SUN_JSSE }"
p:type="PKIX"/>


- <beans:bean id="sslParams" class="javax.net.ssl.SSLParameters"
abstract="true"/>
-

- <beans:bean id="sslParamsBase" parent="sslParams" abstract="true"
+ <beans:bean id="sslParams" class="javax.net.ssl.SSLParameters"
abstract="true"
p:cipherSuites="${phiz.crypto.cipher.suites}"
p:useCipherSuitesOrder="true">
<beans:property name="protocols">
@@ -86,8 +55,13 @@
</beans:property>
</beans:bean>

+ <beans:bean id="sslParamsClient" parent="sslParams" abstract="true"/>
+
+ <beans:bean id="sslParamsServer" parent="sslParams" abstract="true"
+ p:needClientAuth="true"/>
+


<beans:bean id="sslContext" class="javax.net.ssl.SSLContext"
abstract="true"/>

@@ -97,17 +71,18 @@
p:type="#{
T(gov.hhs.onc.phiz.crypto.ssl.PhizTlsVersions).TLS_1_2_NAME }"/>


- <beans:bean id="sslSocketFactory"
class="javax.net.ssl.SSLSocketFactory" abstract="true"/>
+ <beans:bean id="sslSocketFactoryClient"
class="javax.net.ssl.SSLSocketFactory" abstract="true"/>

- <beans:bean id="sslSocketFactoryBase"
class="gov.hhs.onc.phiz.crypto.ssl.impl.PhizSslSocketFactoryFactoryBean"
parent="sslSocketFactory" abstract="true"/>
+ <beans:bean id="sslSocketFactoryClientBase"
class="gov.hhs.onc.phiz.crypto.ssl.impl.PhizSslClientSocketFactoryFactoryBean"
parent="sslSocketFactoryClient"
+ abstract="true"/>


- <beans:bean id="sslServerSocketFactory"
class="javax.net.ssl.SSLServerSocketFactory" abstract="true"/>
+ <beans:bean id="sslSocketFactoryServer"
class="javax.net.ssl.SSLServerSocketFactory" abstract="true"/>

- <beans:bean id="sslServerSocketFactoryBase"
class="gov.hhs.onc.phiz.crypto.ssl.impl.PhizSslServerSocketFactoryFactoryBean"
parent="sslServerSocketFactory"
+ <beans:bean id="sslSocketFactoryServerBase"
class="gov.hhs.onc.phiz.crypto.ssl.impl.PhizSslServerSocketFactoryFactoryBean"
parent="sslSocketFactoryServer"
abstract="true"/>
</beans:beans>
=======================================
--- /phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz.xml Wed
Feb 18 20:44:48 2015 UTC
+++ /phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz.xml Sat
Feb 21 20:45:44 2015 UTC
@@ -25,10 +25,10 @@


- <context:component-scan base-package="gov.hhs.onc.phiz"/>
-
<context:spring-configured/>

+ <context:component-scan base-package="gov.hhs.onc.phiz"/>
+


=======================================
--- /phiz-core/src/test/resources/META-INF/phiz/phiz-test.properties Wed
Feb 18 20:44:48 2015 UTC
+++ /phiz-core/src/test/resources/META-INF/phiz/phiz-test.properties Sat
Feb 21 20:45:44 2015 UTC
@@ -1,21 +1,19 @@

#================================================================================
-# CRYPTOGRAPHY: CERTIFICATE AUTHORITY CREDENTIALS
+# CRYPTOGRAPHY CREDENTIALS: CERTIFICATE AUTHORITY

#================================================================================
-phiz.crypto.cred.ca.cert.file=${phiz.conf.ssl.dir}/${phiz.crypto.cred.ca.subject.cn}_cert.pem
+phiz.crypto.cred.ca.untrusted.subject.cn=${phiz.crypto.cred.ca.subject.cn}_untrusted

#================================================================================
-# CRYPTOGRAPHY: CERTIFICATE AUTHORITY KEY STORE
+# CRYPTOGRAPHY KEY STORES: CERTIFICATE AUTHORITY

#================================================================================
-phiz.crypto.store.ca.file=${phiz.conf.ssl.dir}/phiz_store_ca.jks
-phiz.crypto.store.ca.pass=storepass
+phiz.crypto.store.key.ca.file=${phiz.conf.ssl.dir}/phiz_store_key_ca.jks
+phiz.crypto.store.key.ca.pass=storepass

#================================================================================
-# CRYPTOGRAPHY: CERTIFICATE AUTHORITY KEY STORE ENTRIES
+# CRYPTOGRAPHY KEY STORE ENTRIES: CERTIFICATE AUTHORITY

#================================================================================
-phiz.crypto.store.ca.entry.ca.root.alias=${phiz.crypto.cred.ca.root.subject.cn}
-phiz.crypto.store.ca.entry.ca.root.pass=${phiz.crypto.store.ca.pass}
-phiz.crypto.store.ca.entry.ca.alias=${phiz.crypto.cred.ca.subject.cn}
-phiz.crypto.store.ca.entry.ca.pass=${phiz.crypto.store.ca.pass}
+phiz.crypto.store.key.ca.entry.ca.alias=${phiz.crypto.cred.ca.subject.cn}
+phiz.crypto.store.key.ca.entry.ca.pass=${phiz.crypto.store.key.ca.pass}

#================================================================================
# DATA DATABASE
=======================================
---
/phiz-core/src/test/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl-test.xml
Wed Feb 18 20:44:48 2015 UTC
+++
/phiz-core/src/test/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl-test.xml
Sat Feb 21 20:45:44 2015 UTC
@@ -18,7 +18,8 @@


- <beans:bean id="credCaRoot" parent="credGen">
+ 
+ <beans:bean id="credCa" parent="credGen">
<beans:property name="credential">
<beans:bean parent="credImpl">
<beans:property name="certificateRequest">
@@ -26,7 +27,7 @@
<beans:constructor-arg name="subject">

<beans:bean parent="dn"
-
p:commonName="${phiz.crypto.cred.ca.root.subject.cn}"/>
+
p:commonName="${phiz.crypto.cred.ca.subject.cn}"/>
</beans:constructor-arg>
</beans:bean>
</beans:property>
@@ -35,17 +36,15 @@
</beans:bean>


- <beans:bean id="credCa" parent="credGen"
- p:certificateResource="${phiz.crypto.cred.ca.cert.file}">
+ <beans:bean id="credCaUntrusted" parent="credGen">
<beans:property name="credential">
- <beans:bean parent="credImpl"
- p:issuerCredential-ref="credCaRoot">
+ <beans:bean parent="credImpl">
<beans:property name="certificateRequest">
<beans:bean parent="certReqCa">
<beans:constructor-arg name="subject">

<beans:bean parent="dn"
-
p:commonName="${phiz.crypto.cred.ca.subject.cn}"/>
+
p:commonName="${phiz.crypto.cred.ca.untrusted.subject.cn}"/>
</beans:constructor-arg>
</beans:bean>
</beans:property>
@@ -59,29 +58,24 @@
<beans:bean id="credLeaf" parent="credImpl" abstract="true"
p:issuerCredential-ref="credCa"/>

+ <beans:bean id="credLeafUntrusted" parent="credImpl" abstract="true"
+ p:issuerCredential-ref="credCaUntrusted"/>
+



<beans:bean id="keyStoreCa" parent="keyStoreGen" lazy-init="true"
- p:password="${phiz.crypto.store.ca.pass}"
- p:resource="${phiz.crypto.store.ca.file}">
+ p:password="${phiz.crypto.store.key.ca.pass}"
+ p:resource="${phiz.crypto.store.key.ca.file}">
<beans:property name="entryMap">
<beans:map>
- 
- <beans:entry
key="${phiz.crypto.store.ca.entry.ca.root.alias}">
- 
- <beans:bean parent="keyStoreEntryPrivateKey"
- p:certificateChain="#{
credCaRoot.certificateResponse.identity.chain[0] }"
-
p:password="${phiz.crypto.store.ca.entry.ca.root.pass}"
- p:privateKey="#{
credCaRoot.certificateResponse.identity.privateKey }"/>
- </beans:entry>

- <beans:entry key="${phiz.crypto.store.ca.entry.ca.alias}">
+ <beans:entry
key="${phiz.crypto.store.key.ca.entry.ca.alias}">

<beans:bean parent="keyStoreEntryPrivateKey"
p:certificateChain="#{
credCa.certificateResponse.identity.chain[0] }"
- p:password="${phiz.crypto.store.ca.entry.ca.pass}"
+
p:password="${phiz.crypto.store.key.ca.entry.ca.pass}"
p:privateKey="#{
credCa.certificateResponse.identity.privateKey }"/>
</beans:entry>
</beans:map>
=======================================
--- /phiz-parent/pom.xml Wed Feb 18 20:44:48 2015 UTC
+++ /phiz-parent/pom.xml Sat Feb 21 20:45:44 2015 UTC
@@ -405,6 +405,11 @@
<version>4.4</version>
</dependency>
<dependency>
+ <groupId>org.aspectj</groupId>
+ <artifactId>aspectjrt</artifactId>
+ <version>1.8.5</version>
+ </dependency>
+ <dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<version>1.8.5</version>
=======================================
--- /phiz-tools/pom.xml Thu Jan 22 06:01:46 2015 UTC
+++ /phiz-tools/pom.xml Sat Feb 21 20:45:44 2015 UTC
@@ -70,6 +70,10 @@
<artifactId>commons-lang3</artifactId>
</dependency>
<dependency>
+ <groupId>org.aspectj</groupId>
+ <artifactId>aspectjrt</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
</dependency>
=======================================
--- /phiz-web-core/pom.xml Tue Feb 3 16:25:30 2015 UTC
+++ /phiz-web-core/pom.xml Sat Feb 21 20:45:44 2015 UTC
@@ -104,6 +104,10 @@
<scope>provided</scope>
</dependency>
<dependency>
+ <groupId>org.aspectj</groupId>
+ <artifactId>aspectjrt</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
</dependency>
=======================================
--- /phiz-web-core/src/main/resources/META-INF/phiz/phiz-web.properties Tue
Feb 3 16:25:30 2015 UTC
+++ /phiz-web-core/src/main/resources/META-INF/phiz/phiz-web.properties Sat
Feb 21 20:45:44 2015 UTC
@@ -1,3 +1,31 @@
+#================================================================================
+# CRYPTOGRAPHY CREDENTIALS: TOMCAT SERVER
+#================================================================================
+phiz.crypto.cred.tomcat.server.ssl.subject.cn=phiz_tomcat_server
+
+#================================================================================
+# CRYPTOGRAPHY KEY STORES: TOMCAT SERVER
+#================================================================================
+phiz.crypto.store.key.tomcat.server.file=${phiz.conf.ssl.dir}/phiz_store_key_tomcat_server.jks
+phiz.crypto.store.key.tomcat.server.pass=storepass
+
+#================================================================================
+# CRYPTOGRAPHY KEY STORE ENTRIES: TOMCAT SERVER
+#================================================================================
+phiz.crypto.store.key.tomcat.server.entry.ssl.alias=${phiz.crypto.cred.tomcat.server.ssl.subject.cn}
+phiz.crypto.store.key.tomcat.server.entry.ssl.pass=${phiz.crypto.store.key.tomcat.server.pass}
+
+#================================================================================
+# CRYPTOGRAPHY TRUST STORES: TOMCAT SERVER
+#================================================================================
+phiz.crypto.store.trust.tomcat.server.file=${phiz.conf.ssl.dir}/phiz_store_trust_tomcat_server.jks
+phiz.crypto.store.trust.tomcat.server.pass=storepass
+
+#================================================================================
+# CRYPTOGRAPHY TRUST STORE ENTRIES: TOMCAT SERVER
+#================================================================================
+phiz.crypto.store.trust.tomcat.server.entry.ca.alias=${phiz.crypto.cred.ca.subject.cn}
+

#================================================================================
# TOMCAT

#================================================================================
@@ -34,32 +62,6 @@
# TOMCAT SECURITY ROLES

#================================================================================
phiz.tomcat.role.sec.name=ROLE_PHIZ_SECURE
-
-#================================================================================
-# TOMCAT CRYPTOGRAPHY: SERVER CREDENTIALS
-#================================================================================
-phiz.tomcat.crypto.server.cred.ssl.subject.cn=phiz_tomcat_server
-
-#================================================================================
-# TOMCAT CRYPTOGRAPHY: SERVER KEY STORE
-#================================================================================
-phiz.tomcat.crypto.server.store.key.file=${phiz.conf.ssl.dir}/phiz_tomcat_server_store_key.jks
-
-#================================================================================
-# TOMCAT CRYPTOGRAPHY: SERVER KEY STORE ENTRIES
-#================================================================================
-phiz.tomcat.crypto.server.store.key.entry.ssl.alias=${phiz.tomcat.crypto.server.cred.ssl.subject.cn}
-phiz.tomcat.crypto.server.store.key.entry.ssl.pass=${phiz.tomcat.crypto.server.store.key.pass}
-
-#================================================================================
-# TOMCAT CRYPTOGRAPHY: SERVER TRUST STORE
-#================================================================================
-phiz.tomcat.crypto.server.store.trust.file=${phiz.conf.ssl.dir}/phiz_tomcat_server_store_trust.jks
-
-#================================================================================
-# TOMCAT CRYPTOGRAPHY: SERVER TRUST STORE ENTRIES
-#================================================================================
-phiz.tomcat.crypto.server.store.trust.entry.ca.alias=${phiz.crypto.cred.ca.subject.cn}

#================================================================================
# TOMCAT WEB SERVICE: DEVELOPMENT IIS
=======================================
---
/phiz-web-core/src/main/resources/META-INF/phiz/spring/spring-phiz-web-tomcat.xml
Tue Feb 3 16:25:30 2015 UTC
+++
/phiz-web-core/src/main/resources/META-INF/phiz/spring/spring-phiz-web-tomcat.xml
Sat Feb 21 20:45:44 2015 UTC
@@ -20,62 +20,37 @@
= KEY STORES

=====================================================================================================-->

- <beans:bean id="keyStoreTomcatServerKey" parent="keyStoreJks"
lazy-init="true"
- p:password="${phiz.tomcat.crypto.server.store.key.pass}"
- p:resource="${phiz.tomcat.crypto.server.store.key.file}"/>
+ <beans:bean id="keyStoreKeyTomcatServer" parent="keyStoreJks"
lazy-init="true"
+ p:password="${phiz.crypto.store.key.tomcat.server.pass}"
+ p:resource="${phiz.crypto.store.key.tomcat.server.file}"/>


- <beans:bean id="keyStoreTomcatServerTrust" parent="keyStoreJks"
lazy-init="true"
- p:password="${phiz.tomcat.crypto.server.store.trust.pass}"
- p:resource="${phiz.tomcat.crypto.server.store.trust.file}"/>
+ <beans:bean id="keyStoreTrustTomcatServer" parent="keyStoreJks"
lazy-init="true"
+ p:password="${phiz.crypto.store.trust.tomcat.server.pass}"
+ p:resource="${phiz.crypto.store.trust.tomcat.server.file}"/>


- <beans:bean id="keyManagerTomcatServer" parent="keyManagerNewSunX509"
lazy-init="true">
- <beans:property name="factoryParameters">
- <beans:bean parent="keyStoreBuilderParams">
- <beans:constructor-arg index="0"
type="java.security.KeyStore$Builder">
- <beans:bean parent="keyStoreBuilder"
factory-method="newInstance">
- <beans:constructor-arg index="0"
type="java.security.KeyStore" ref="keyStoreTomcatServerKey"/>
- <beans:constructor-arg index="1"
type="java.security.KeyStore$ProtectionParameter">
- <beans:bean parent="keyStoreProtectionPass">
- 
- <beans:constructor-arg index="0"
type="char[]"
value="${phiz.tomcat.crypto.server.store.key.entry.ssl.pass}"/>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
+ 
+ <beans:bean id="keyManagerTomcatServer" parent="keyManagerBase"
lazy-init="true"
+ p:keyStore-ref="keyStoreKeyTomcatServer"
+
p:password="${phiz.crypto.store.key.tomcat.server.entry.ssl.pass}"/>


- <beans:bean id="trustManagerTomcatServer" parent="trustManagerPkix"
lazy-init="true">
- <beans:property name="factoryParameters">
- <beans:bean parent="certPathTrustManagerParams">
- <beans:constructor-arg index="0"
type="java.security.cert.CertPathParameters">
- <beans:bean parent="certPathParamsPkixBuilder">
- <beans:constructor-arg index="0"
type="java.security.KeyStore" ref="keyStoreTomcatServerTrust"/>
- <beans:constructor-arg index="1"
type="java.security.cert.CertSelector">
- <beans:bean parent="certSelectorX509"/>
- </beans:constructor-arg>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
+ <beans:bean id="trustManagerTomcatServer" parent="trustManagerBase"
lazy-init="true"
+ p:keyStore-ref="keyStoreTrustTomcatServer"/>


- <beans:bean id="sslParamsTomcatServer" parent="sslParamsBase"
+ <beans:bean id="sslParamsTomcatServer" parent="sslParamsServer"
p:needClientAuth="true"/>


<beans:bean id="sslContextTomcatServer" parent="sslContextBase"
lazy-init="true">
<beans:property name="keyManagers">
@@ -91,9 +66,9 @@
</beans:bean>


- <beans:bean id="sslServerSocketFactoryTomcatServer"
parent="sslServerSocketFactoryBase" lazy-init="true"
+ <beans:bean id="sslServerSocketFactoryTomcatServer"
parent="sslSocketFactoryServerBase" lazy-init="true"
p:sslContext-ref="sslContextTomcatServer"
p:sslParameters-ref="sslParamsTomcatServer"/>

=======================================
---
/phiz-web-core/src/test/resources/META-INF/phiz/phiz-web-test.properties
Thu Dec 25 10:17:46 2014 UTC
+++
/phiz-web-core/src/test/resources/META-INF/phiz/phiz-web-test.properties
Sat Feb 21 20:45:44 2015 UTC
@@ -1,42 +1,49 @@

#================================================================================
-# TOMCAT
+# CRYPTOGRAPHY

#================================================================================
-phiz.tomcat.port.https=10443
+phiz.crypto.cipher.suites.bad=\
+ TLS_RSA_WITH_NULL_MD5,\
+ TLS_DH_RSA_WITH_DES_CBC_SHA,\
+ TLS_DH_anon_WITH_DES_CBC_SHA,\
+ TLS_ECDH_RSA_WITH_NULL_SHA

#================================================================================
-# TOMCAT CRYPTOGRAPHY: SERVER KEY STORE
+# CRYPTOGRAPHY CREDENTIALS: SOAPUI CLIENT

#================================================================================
-phiz.tomcat.crypto.server.store.key.pass=storepass
+phiz.crypto.cred.soapui.client.ssl.subject.cn=phiz_soapui_client
+phiz.crypto.cred.soapui.client.untrusted.ssl.subject.cn=${phiz.crypto.cred.soapui.client.ssl.subject.cn}_untrusted

#================================================================================
-# TOMCAT CRYPTOGRAPHY: SERVER TRUST STORE
+# CRYPTOGRAPHY KEY STORES: SOAPUI CLIENT

#================================================================================
-phiz.tomcat.crypto.server.store.trust.pass=storepass
+phiz.crypto.store.key.soapui.client.file=${phiz.conf.ssl.dir}/phiz_store_key_soapui_client.jks
+phiz.crypto.store.key.soapui.client.pass=storepass
+phiz.crypto.store.key.soapui.client.untrusted.file=${phiz.conf.ssl.dir}/phiz_store_key_soapui_client_untrusted.jks
+phiz.crypto.store.key.soapui.client.untrusted.pass=storepass

#================================================================================
-# SOAPUI CRYPTOGRAPHY: CLIENT CREDENTIALS
+# CRYPTOGRAPHY KEY STORE ENTRIES: SOAPUI CLIENT

#================================================================================
-phiz.soapui.crypto.client.cred.ssl.subject.cn=phiz_soapui_client
+phiz.crypto.store.key.soapui.client.entry.ssl.alias=${phiz.crypto.cred.ssl.subject.cn}
+phiz.crypto.store.key.soapui.client.entry.ssl.pass=${phiz.crypto.store.key.pass}
+phiz.crypto.store.key.soapui.client.untrusted.entry.ssl.alias=${phiz.crypto.cred.soapui.client.untrusted.ssl.subject.cn}
+phiz.crypto.store.key.soapui.client.untrusted.entry.ssl.pass=${phiz.crypto.store.key.soapui.client.pass}

#================================================================================
-# SOAPUI CRYPTOGRAPHY: CLIENT KEY STORE
-#================================================================================
-phiz.soapui.crypto.client.store.key.file=${phiz.conf.ssl.dir}/phiz_soapui_client_store_key.jks
-phiz.soapui.crypto.client.store.key.pass=storepass
-
-#================================================================================
-# SOAPUI CRYPTOGRAPHY: CLIENT KEY STORE ENTRIES
+# CRYPTOGRAPHY TRUST STORES: SOAPUI CLIENT

#================================================================================
-phiz.soapui.crypto.client.store.key.entry.ssl.alias=${phiz.soapui.crypto.client.cred.ssl.subject.cn}
-phiz.soapui.crypto.client.store.key.entry.ssl.pass=${phiz.soapui.crypto.client.store.key.pass}
+phiz.crypto.store.trust.soapui.client.file=${phiz.conf.ssl.dir}/phiz_store_trust_soapui_client.jks
+phiz.crypto.store.trust.soapui.client.pass=storepass
+phiz.crypto.store.trust.soapui.client.untrusted.file=${phiz.conf.ssl.dir}/phiz_store_trust_soapui_client_untrusted.jks
+phiz.crypto.store.trust.soapui.client.untrusted.pass=storepass

#================================================================================
-# SOAPUI CRYPTOGRAPHY: CLIENT TRUST STORE
+# CRYPTOGRAPHY TRUST STORE ENTRIES: SOAPUI CLIENT

#================================================================================
-phiz.soapui.crypto.client.store.trust.file=${phiz.conf.ssl.dir}/phiz_soapui_client_store_trust.jks
-phiz.soapui.crypto.client.store.trust.pass=storepass
+phiz.crypto.store.trust.soapui.client.entry.ca.alias=${phiz.crypto.cred.ca.subject.cn}
+phiz.crypto.store.trust.soapui.client.untrusted.Tentry.ca.alias=${phiz.crypto.cred.ca.untrusted.subject.cn}

#================================================================================
-# SOAPUI CRYPTOGRAPHY: CLIENT TRUST STORE ENTRIES
+# TOMCAT

#================================================================================
-phiz.soapui.crypto.client.store.trust.entry.ca.alias=${phiz.crypto.cred.ca.subject.cn}
+phiz.tomcat.port.https=10443
=======================================
---
/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-soapui-test.xml
Wed Feb 18 20:44:48 2015 UTC
+++
/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-soapui-test.xml
Sat Feb 21 20:45:44 2015 UTC
@@ -27,7 +27,7 @@
<beans:constructor-arg name="subject">

<beans:bean parent="dn"
-
p:commonName="${phiz.soapui.crypto.client.cred.ssl.subject.cn}"/>
+
p:commonName="${phiz.crypto.cred.soapui.client.ssl.subject.cn}"/>
</beans:constructor-arg>
</beans:bean>
</beans:property>
@@ -35,21 +35,38 @@
</beans:property>
</beans:bean>

+ 
+ <beans:bean id="credSoapUiClientUntrusted" parent="credGen">
+ <beans:property name="credential">
+ <beans:bean parent="credLeafUntrusted">
+ <beans:property name="certificateRequest">
+ <beans:bean parent="certReqLeaf">
+ <beans:constructor-arg name="subject">
+ 
+ <beans:bean parent="dn"
+
p:commonName="${phiz.crypto.cred.soapui.client.untrusted.ssl.subject.cn}"/>
+ </beans:constructor-arg>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+ </beans:property>
+ </beans:bean>
+



- <beans:bean id="keyStoreSoapUiClientKey" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.soapui.crypto.client.store.key.pass}"
- p:resource="${phiz.soapui.crypto.client.store.key.file}">
+ <beans:bean id="keyStoreKeySoapUiClient" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.crypto.store.key.soapui.client.pass}"
+ p:resource="${phiz.crypto.store.key.soapui.client.file}">
<beans:property name="entryMap">
<beans:map>

- <beans:entry
key="${phiz.soapui.crypto.client.store.key.entry.ssl.alias}">
+ <beans:entry
key="${phiz.crypto.store.key.soapui.client.entry.ssl.alias}">

<beans:bean parent="keyStoreEntryPrivateKey"
p:certificateChain="#{
credSoapUiClient.certificateResponse.identity.chain[0] }"
-
p:password="${phiz.soapui.crypto.client.store.key.entry.ssl.pass}"
+
p:password="${phiz.crypto.store.key.soapui.client.entry.ssl.pass}"
p:privateKey="#{
credSoapUiClient.certificateResponse.identity.privateKey }"/>
</beans:entry>
</beans:map>
@@ -57,13 +74,13 @@
</beans:bean>


- <beans:bean id="keyStoreSoapUiClientTrust" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.soapui.crypto.client.store.trust.pass}"
- p:resource="${phiz.soapui.crypto.client.store.trust.file}">
+ <beans:bean id="keyStoreTrustSoapUiClient" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.crypto.store.trust.soapui.client.pass}"
+ p:resource="${phiz.crypto.store.trust.soapui.client.file}">
<beans:property name="entryMap">
<beans:map>

- <beans:entry
key="${phiz.soapui.crypto.client.store.trust.entry.ca.alias}">
+ <beans:entry
key="${phiz.crypto.store.trust.soapui.client.entry.ca.alias}">

<beans:bean parent="keyStoreEntryTrustedCert"
p:certificate="#{
credCa.certificateResponse.identity.chain[0] }"/>
@@ -72,52 +89,83 @@
</beans:property>
</beans:bean>

+ 
+ <beans:bean id="keyStoreKeySoapUiClientUntrusted" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.crypto.store.key.soapui.client.untrusted.pass}"
+ p:resource="${phiz.crypto.store.key.soapui.client.untrusted.file}">
+ <beans:property name="entryMap">
+ <beans:map>
+ 
+ <beans:entry
key="${phiz.crypto.store.key.soapui.client.untrusted.entry.ssl.alias}">
+ 
+ <beans:bean parent="keyStoreEntryPrivateKey"
+ p:certificateChain="#{
credSoapUiClientUntrusted.certificateResponse.identity.chain[0] }"
+
p:password="${phiz.crypto.store.key.soapui.client.untrusted.entry.ssl.pass}"
+ p:privateKey="#{
credSoapUiClientUntrusted.certificateResponse.identity.privateKey }"/>
+ </beans:entry>
+ </beans:map>
+ </beans:property>
+ </beans:bean>
+
+ 
+ <beans:bean id="keyStoreTrustSoapUiClientUntrusted"
parent="keyStoreGen" lazy-init="true"
+
p:password="${phiz.crypto.store.trust.soapui.client.untrusted.pass}"
+
p:resource="${phiz.crypto.store.trust.soapui.client.untrusted.file}">
+ <beans:property name="entryMap">
+ <beans:map>
+ 
+ <beans:entry
key="${phiz.crypto.store.trust.soapui.client.untrusted.entry.ca.alias}">
+ 
+ <beans:bean parent="keyStoreEntryTrustedCert"
+ p:certificate="#{
credCaUntrusted.certificateResponse.identity.chain[0] }"/>
+ </beans:entry>
+ </beans:map>
+ </beans:property>
+ </beans:bean>
+


- <beans:bean id="keyManagerSoapUiClient" parent="keyManagerNewSunX509"
lazy-init="true">
- <beans:property name="factoryParameters">
- <beans:bean parent="keyStoreBuilderParams">
- <beans:constructor-arg index="0"
type="java.security.KeyStore$Builder">
- <beans:bean parent="keyStoreBuilder"
factory-method="newInstance">
- <beans:constructor-arg index="0"
type="java.security.KeyStore" ref="keyStoreSoapUiClientKey"/>
- <beans:constructor-arg index="1"
type="java.security.KeyStore$ProtectionParameter">
- <beans:bean parent="keyStoreProtectionPass">
- 
- <beans:constructor-arg index="0"
type="char[]"
value="${phiz.soapui.crypto.client.store.key.entry.ssl.pass}"/>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
+ 
+ <beans:bean id="keyManagerSoapUiClient" parent="keyManagerBase"
lazy-init="true"
+ p:keyStore-ref="keyStoreKeySoapUiClient"
+
p:password="${phiz.crypto.store.key.soapui.client.entry.ssl.pass}"/>
+
+ 
+ <beans:bean id="keyManagerSoapUiClientUntrusted"
parent="keyManagerBase" lazy-init="true"
+ p:keyStore-ref="keyStoreKeySoapUiClientUntrusted"
+
p:password="${phiz.crypto.store.key.soapui.client.untrusted.entry.ssl.pass}"/>


- <beans:bean id="trustManagerSoapUiClient" parent="trustManagerPkix"
lazy-init="true">
- <beans:property name="factoryParameters">
- <beans:bean parent="certPathTrustManagerParams">
- <beans:constructor-arg index="0"
type="java.security.cert.CertPathParameters">
- <beans:bean parent="certPathParamsPkixBuilder">
- <beans:constructor-arg index="0"
type="java.security.KeyStore" ref="keyStoreSoapUiClientTrust"/>
- <beans:constructor-arg index="1"
type="java.security.cert.CertSelector">
- <beans:bean parent="certSelectorX509"/>
- </beans:constructor-arg>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
+ <beans:bean id="trustManagerSoapUiClient" parent="trustManagerBase"
lazy-init="true"
+ p:keyStore-ref="keyStoreTrustSoapUiClient"/>
+
+ <beans:bean id="trustManagerSoapUiClientUntrusted"
parent="trustManagerBase" lazy-init="true"
+ p:keyStore-ref="keyStoreTrustSoapUiClientUntrusted"/>


- <beans:bean id="sslParamsSoapUiClient" parent="sslParamsBase"/>
+ <beans:bean id="sslParamsClientSoapUiClient" parent="sslParamsClient"/>
+
+ <beans:bean id="sslParamsClientSoapUiClientBadProtocolVersions"
parent="sslParamsClientSoapUiClient">
+ <beans:property name="protocols">
+ <beans:array>
+ <beans:value>#{
T(gov.hhs.onc.phiz.crypto.ssl.PhizTlsVersions).SSL_3_NAME }</beans:value>
+ <beans:value>#{
T(gov.hhs.onc.phiz.crypto.ssl.PhizTlsVersions).TLS_1_NAME }</beans:value>
+ <beans:value>#{
T(gov.hhs.onc.phiz.crypto.ssl.PhizTlsVersions).TLS_1_1_NAME }</beans:value>
+ </beans:array>
+ </beans:property>
+ </beans:bean>
+
+ 
+ <beans:bean id="sslParamsClientSoapUiClientBadCipherSuites"
parent="sslParamsClientSoapUiClient"
+ p:cipherSuites="${phiz.crypto.cipher.suites.bad}"/>


<beans:bean id="sslContextSoapUiClient" parent="sslContextBase"
lazy-init="true">
<beans:property name="keyManagers">
@@ -132,12 +180,28 @@
</beans:property>
</beans:bean>

+ <beans:bean id="sslContextSoapUiClientUntrusted"
parent="sslContextBase" lazy-init="true">
+ <beans:property name="keyManagers">
+ <beans:array>
+ <beans:ref bean="keyManagerSoapUiClientUntrusted"/>
+ </beans:array>
+ </beans:property>
+ <beans:property name="trustManagers">
+ <beans:array>
+ <beans:ref bean="trustManagerSoapUiClientUntrusted"/>
+ </beans:array>
+ </beans:property>
+ </beans:bean>
+


- <beans:bean id="sslSocketFactorySoapUiClient"
parent="sslSocketFactoryBase" lazy-init="true"
+ <beans:bean id="sslSocketFactoryClientSoapUiClient"
parent="sslSocketFactoryClientBase" lazy-init="true"
p:sslContext-ref="sslContextSoapUiClient"
- p:sslParameters-ref="sslParamsSoapUiClient"/>
+ p:sslParameters-ref="sslParamsClientSoapUiClient"/>
+
+ <beans:bean id="sslSocketFactoryClientSoapUiClientUntrusted"
parent="sslSocketFactoryClientSoapUiClient" lazy-init="true"
+ p:sslContext-ref="sslContextSoapUiClientUntrusted"/>


- <beans:bean id="soapUiTestCaseRunnerBase"
class="gov.hhs.onc.phiz.web.test.impl.PhizSoapUiTestCaseRunner"
parent="soapUiTestCaseRunner" abstract="true"
+ <beans:bean id="soapUiTestCaseRunnerBase"
class="gov.hhs.onc.phiz.web.test.soapui.impl.PhizSoapUiTestCaseRunner"
parent="soapUiTestCaseRunner"
+ abstract="true"
p:exportAll="true"
p:JUnitReport="true"
p:maxErrors="#{ T(java.lang.Integer).MAX_VALUE }"
@@ -153,13 +218,35 @@
p:printAlertSiteReport="true"
p:printReport="true"
p:projectFile="${phiz.soapui.project.file}"
- p:settingsFile="${phiz.soapui.settings.file}"
- p:sslParams-ref="sslParamsSoapUiClient"
- p:sslSocketFactory-ref="sslSocketFactorySoapUiClient">
+ p:settingsFile="${phiz.soapui.settings.file}">
<beans:property name="reportFormats">
<beans:array>
<beans:value>XML</beans:value>
</beans:array>
+ </beans:property>
+ <beans:property name="sslParameterMap">
+ <beans:map>
+ <beans:entry value-ref="sslParamsClientSoapUiClient">
+ <beans:key>
+ <beans:null/>
+ </beans:key>
+ </beans:entry>
+ <beans:entry key="#{
T(gov.hhs.onc.phiz.web.test.soapui.PhizSoapUiProperties).BAD_CIPHER_SUITES_SSL_PARAMS_VALUE
}"
+
value-ref="sslParamsClientSoapUiClientBadCipherSuites"/>
+ <beans:entry key="#{
T(gov.hhs.onc.phiz.web.test.soapui.PhizSoapUiProperties).BAD_PROTOCOL_VERSIONS_SSL_PARAMS_VALUE
}"
+
value-ref="sslParamsClientSoapUiClientBadProtocolVersions"/>
+ </beans:map>
+ </beans:property>
+ <beans:property name="sslSocketFactoryMap">
+ <beans:map>
+ <beans:entry
value-ref="sslSocketFactoryClientSoapUiClient">
+ <beans:key>
+ <beans:null/>
+ </beans:key>
+ </beans:entry>
+ <beans:entry key="#{
T(gov.hhs.onc.phiz.web.test.soapui.PhizSoapUiProperties).UNTRUSTED_SSL_SOCKET_FACTORY_VALUE
}"
+
value-ref="sslSocketFactoryClientSoapUiClientUntrusted"/>
+ </beans:map>
</beans:property>
</beans:bean>
</beans:beans>
=======================================
---
/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-tomcat-test.xml
Wed Feb 18 20:44:48 2015 UTC
+++
/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-tomcat-test.xml
Sat Feb 21 20:45:44 2015 UTC
@@ -27,7 +27,7 @@
<beans:constructor-arg name="subject">

<beans:bean parent="dn"
-
p:commonName="${phiz.tomcat.crypto.server.cred.ssl.subject.cn}"/>
+
p:commonName="${phiz.crypto.cred.tomcat.server.ssl.subject.cn}"/>
</beans:constructor-arg>
</beans:bean>
</beans:property>
@@ -39,17 +39,17 @@
= KEY STORES

=====================================================================================================-->

- <beans:bean id="keyStoreTomcatServerKey" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.tomcat.crypto.server.store.key.pass}"
- p:resource="${phiz.tomcat.crypto.server.store.key.file}">
+ <beans:bean id="keyStoreKeyTomcatServer" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.crypto.store.key.tomcat.server.pass}"
+ p:resource="${phiz.crypto.store.key.tomcat.server.file}">
<beans:property name="entryMap">
<beans:map>

- <beans:entry
key="${phiz.tomcat.crypto.server.store.key.entry.ssl.alias}">
+ <beans:entry
key="${phiz.crypto.store.key.tomcat.server.entry.ssl.alias}">

<beans:bean parent="keyStoreEntryPrivateKey"
p:certificateChain="#{
credTomcatServer.certificateResponse.identity.chain[0] }"
-
p:password="${phiz.tomcat.crypto.server.store.key.entry.ssl.pass}"
+
p:password="${phiz.crypto.store.key.tomcat.server.entry.ssl.pass}"
p:privateKey="#{
credTomcatServer.certificateResponse.identity.privateKey }"/>
</beans:entry>
</beans:map>
@@ -57,13 +57,13 @@
</beans:bean>


- <beans:bean id="keyStoreTomcatServerTrust" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.tomcat.crypto.server.store.trust.pass}"
- p:resource="${phiz.tomcat.crypto.server.store.trust.file}">
+ <beans:bean id="keyStoreTrustTomcatServer" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.crypto.store.trust.tomcat.server.pass}"
+ p:resource="${phiz.crypto.store.trust.tomcat.server.file}">
<beans:property name="entryMap">
<beans:map>

- <beans:entry
key="${phiz.tomcat.crypto.server.store.trust.entry.ca.alias}">
+ <beans:entry
key="${phiz.crypto.store.trust.tomcat.server.entry.ca.alias}">

<beans:bean parent="keyStoreEntryTrustedCert"
p:certificate="#{
credCa.certificateResponse.identity.chain[0] }"/>
=======================================
--- /phiz-web-portal/pom.xml Sun Jan 25 19:49:30 2015 UTC
+++ /phiz-web-portal/pom.xml Sat Feb 21 20:45:44 2015 UTC
@@ -117,6 +117,10 @@
<scope>provided</scope>
</dependency>
<dependency>
+ <groupId>org.aspectj</groupId>
+ <artifactId>aspectjrt</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
</dependency>
=======================================
--- /phiz-web-ws/pom.xml Tue Feb 3 16:25:30 2015 UTC
+++ /phiz-web-ws/pom.xml Sat Feb 21 20:45:44 2015 UTC
@@ -163,6 +163,10 @@
<scope>provided</scope>
</dependency>
<dependency>
+ <groupId>org.aspectj</groupId>
+ <artifactId>aspectjrt</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
</dependency>
=======================================
--- /phiz-web-ws/src/it/soapui/soapui-phiz-web-ws.xml Wed Feb 18 20:44:48
2015 UTC
+++ /phiz-web-ws/src/it/soapui/soapui-phiz-web-ws.xml Sat Feb 21 20:45:44
2015 UTC
@@ -140,7 +140,7 @@
</con:assertion>
<con:assertion type="GroovyScriptAssertion" name="Script
Assertion">
<con:configuration>
-
<scriptText>gov.hhs.onc.phiz.web.test.utils.PhizSoapUiUtils.assertAddressingMessageIdsMatch(context,
messageExchange)</scriptText>
+
<scriptText>gov.hhs.onc.phiz.web.test.soapui.utils.PhizSoapUiUtils.assertAddressingMessageIdsMatch(context,
messageExchange)</scriptText>
</con:configuration>
</con:assertion>
<con:assertion type="GroovyScriptAssertion" name="Script
Assertion">
@@ -229,6 +229,132 @@
</con:testStep>
<con:properties/>
</con:testCase>
+ <con:testCase failOnError="false" failTestCaseOnErrors="false"
keepSession="false" maxResults="0"
name="SubmitSingleMessage_SSL_Params_Bad_Protocol_Versions"
searchProperties="true" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo=""
amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
+ <con:description>SubmitSingleMessage SSL parameters bad protocol
versions test case.</con:description>
+ <con:settings/>
+ <con:testStep type="request" name="SubmitSingleMessage">
+ <con:settings/>
+ <con:config xsi:type="con:RequestStep"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:interface>IISHubBindingSoap12</con:interface>
+ <con:operation>SubmitSingleMessage</con:operation>
+ <con:request name="SubmitSingleMessage" outgoingWss=""
incomingWss="" timeout="" sslKeystore="" useWsAddressing="true"
useWsReliableMessaging="false" wssPasswordType="">
+ <con:description/>
+ <con:settings/>
+ <con:encoding>UTF-8</con:encoding>
+
<con:endpoint>${#Spring#phiz.tomcat.ws.iis.hub.url}</con:endpoint>
+ <con:request><![CDATA[<soap:Envelope
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:iis="urn:cdc:iisb:2014" xmlns:iis-hub="urn:cdc:iisb:hub:2014">
+ <soap:Header>
+ <iis-hub:HubRequestHeader>
+
<iis-hub:DestinationId>${#Spring#phiz.dest.iis.dev.id}</iis-hub:DestinationId>
+ </iis-hub:HubRequestHeader>
+ </soap:Header>
+ <soap:Body>
+ <iis:SubmitSingleMessageRequest>
+
<iis:Hl7Message>${=project.name}_${=testSuite.name}_${=testCase.name}_${=testStep.name}_${=request.name}</iis:Hl7Message>
+ </iis:SubmitSingleMessageRequest>
+ </soap:Body>
+</soap:Envelope>]]></con:request>
+ <con:credentials>
+ <con:authType>No Authorization</con:authType>
+ </con:credentials>
+ <con:jmsConfig JMSDeliveryMode="PERSISTENT"/>
+ <con:jmsPropertyConfig/>
+ <con:wsaConfig mustUnderstand="TRUE" version="200508"
action="urn:cdc:iisb:hub:2014:IISHubPortType:SubmitSingleMessageRequest"
generateMessageId="true"/>
+ <con:wsrmConfig version="1.2"/>
+ </con:request>
+ </con:config>
+ </con:testStep>
+ <con:properties>
+ <con:property>
+ <con:name>#{
T(gov.hhs.onc.phiz.web.test.soapui.PhizSoapUiProperties).SSL_PARAMS_NAME
}</con:name>
+ <con:value>#{
T(gov.hhs.onc.phiz.web.test.soapui.PhizSoapUiProperties).BAD_PROTOCOL_VERSIONS_SSL_PARAMS_VALUE
}</con:value>
+ </con:property>
+ </con:properties>
+ </con:testCase>
+ <con:testCase failOnError="false" failTestCaseOnErrors="false"
keepSession="false" maxResults="0"
name="SubmitSingleMessage_SSL_Params_Bad_Cipher_Suites"
searchProperties="true" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo=""
amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
+ <con:description>SubmitSingleMessage SSL parameters bad cipher
suites test case.</con:description>
+ <con:settings/>
+ <con:testStep type="request" name="SubmitSingleMessage">
+ <con:settings/>
+ <con:config xsi:type="con:RequestStep"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:interface>IISHubBindingSoap12</con:interface>
+ <con:operation>SubmitSingleMessage</con:operation>
+ <con:request name="SubmitSingleMessage" outgoingWss=""
incomingWss="" timeout="" sslKeystore="" useWsAddressing="true"
useWsReliableMessaging="false" wssPasswordType="">
+ <con:description/>
+ <con:settings/>
+ <con:encoding>UTF-8</con:encoding>
+
<con:endpoint>${#Spring#phiz.tomcat.ws.iis.hub.url}</con:endpoint>
+ <con:request><![CDATA[<soap:Envelope
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:iis="urn:cdc:iisb:2014" xmlns:iis-hub="urn:cdc:iisb:hub:2014">
+ <soap:Header>
+ <iis-hub:HubRequestHeader>
+
<iis-hub:DestinationId>${#Spring#phiz.dest.iis.dev.id}</iis-hub:DestinationId>
+ </iis-hub:HubRequestHeader>
+ </soap:Header>
+ <soap:Body>
+ <iis:SubmitSingleMessageRequest>
+
<iis:Hl7Message>${=project.name}_${=testSuite.name}_${=testCase.name}_${=testStep.name}_${=request.name}</iis:Hl7Message>
+ </iis:SubmitSingleMessageRequest>
+ </soap:Body>
+</soap:Envelope>]]></con:request>
+ <con:credentials>
+ <con:authType>No Authorization</con:authType>
+ </con:credentials>
+ <con:jmsConfig JMSDeliveryMode="PERSISTENT"/>
+ <con:jmsPropertyConfig/>
+ <con:wsaConfig mustUnderstand="TRUE" version="200508"
action="urn:cdc:iisb:hub:2014:IISHubPortType:SubmitSingleMessageRequest"
generateMessageId="true"/>
+ <con:wsrmConfig version="1.2"/>
+ </con:request>
+ </con:config>
+ </con:testStep>
+ <con:properties>
+ <con:property>
+ <con:name>#{
T(gov.hhs.onc.phiz.web.test.soapui.PhizSoapUiProperties).SSL_PARAMS_NAME
}</con:name>
+ <con:value>#{
T(gov.hhs.onc.phiz.web.test.soapui.PhizSoapUiProperties).BAD_CIPHER_SUITES_SSL_PARAMS_VALUE
}</con:value>
+ </con:property>
+ </con:properties>
+ </con:testCase>
+ <con:testCase failOnError="false" failTestCaseOnErrors="false"
keepSession="false" maxResults="0"
name="SubmitSingleMessage_SSL_Socket_Factory_Untrusted"
searchProperties="true" wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo=""
amfAuthorisation="false" amfEndpoint="" amfLogin="" amfPassword="">
+ <con:description>SubmitSingleMessage SSL socket factory untrusted
test case.</con:description>
+ <con:settings/>
+ <con:testStep type="request" name="SubmitSingleMessage">
+ <con:settings/>
+ <con:config xsi:type="con:RequestStep"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <con:interface>IISHubBindingSoap12</con:interface>
+ <con:operation>SubmitSingleMessage</con:operation>
+ <con:request name="SubmitSingleMessage" outgoingWss=""
incomingWss="" timeout="" sslKeystore="" useWsAddressing="true"
useWsReliableMessaging="false" wssPasswordType="">
+ <con:description/>
+ <con:settings/>
+ <con:encoding>UTF-8</con:encoding>
+
<con:endpoint>${#Spring#phiz.tomcat.ws.iis.hub.url}</con:endpoint>
+ <con:request><![CDATA[<soap:Envelope
xmlns:soap="http://www.w3.org/2003/05/soap-envelope"
xmlns:iis="urn:cdc:iisb:2014" xmlns:iis-hub="urn:cdc:iisb:hub:2014">
+ <soap:Header>
+ <iis-hub:HubRequestHeader>
+
<iis-hub:DestinationId>${#Spring#phiz.dest.iis.dev.id}</iis-hub:DestinationId>
+ </iis-hub:HubRequestHeader>
+ </soap:Header>
+ <soap:Body>
+ <iis:SubmitSingleMessageRequest>
+
<iis:Hl7Message>${=project.name}_${=testSuite.name}_${=testCase.name}_${=testStep.name}_${=request.name}</iis:Hl7Message>
+ </iis:SubmitSingleMessageRequest>
+ </soap:Body>
+</soap:Envelope>]]></con:request>
+ <con:credentials>
+ <con:authType>No Authorization</con:authType>
+ </con:credentials>
+ <con:jmsConfig JMSDeliveryMode="PERSISTENT"/>
+ <con:jmsPropertyConfig/>
+ <con:wsaConfig mustUnderstand="TRUE" version="200508"
action="urn:cdc:iisb:hub:2014:IISHubPortType:SubmitSingleMessageRequest"
generateMessageId="true"/>
+ <con:wsrmConfig version="1.2"/>
+ </con:request>
+ </con:config>
+ </con:testStep>
+ <con:properties>
+ <con:property>
+ <con:name>#{
T(gov.hhs.onc.phiz.web.test.soapui.PhizSoapUiProperties).SSL_SOCKET_FACTORY_NAME
}</con:name>
+ <con:value>#{
T(gov.hhs.onc.phiz.web.test.soapui.PhizSoapUiProperties).UNTRUSTED_SSL_SOCKET_FACTORY_VALUE
}</con:value>
+ </con:property>
+ </con:properties>
+ </con:testCase>
<con:testCase failOnError="true" failTestCaseOnErrors="true"
keepSession="false" maxResults="0"
name="SubmitSingleMessage_Fault_MsgTooLarge" searchProperties="true"
wsrmEnabled="false" wsrmVersion="1.0" wsrmAckTo="" amfAuthorisation="false"
amfEndpoint="" amfLogin="" amfPassword="">
<con:description>SubmitSingleMessage MessageTooLargeFault test
case.</con:description>
<con:settings/>
@@ -617,7 +743,7 @@
</con:assertion>
<con:assertion type="GroovyScriptAssertion" name="Script
Assertion">
<con:configuration>
-
<scriptText>gov.hhs.onc.phiz.web.test.utils.PhizSoapUiUtils.assertAddressingMessageIdsMatch(context,
messageExchange)</scriptText>
+
<scriptText>gov.hhs.onc.phiz.web.test.soapui.utils.PhizSoapUiUtils.assertAddressingMessageIdsMatch(context,
messageExchange)</scriptText>
</con:configuration>
</con:assertion>
<con:assertion type="GroovyScriptAssertion" name="Script
Assertion">
=======================================
--- /phiz-web-ws/src/main/resources/META-INF/phiz/phiz-web-ws.properties
Wed Feb 18 20:44:48 2015 UTC
+++ /phiz-web-ws/src/main/resources/META-INF/phiz/phiz-web-ws.properties
Sat Feb 21 20:45:44 2015 UTC
@@ -1,49 +1,46 @@

#================================================================================
-# WEB SERVICE CLIENT
+# CRYPTOGRAPHY CREDENTIALS: WEB SERVICE CLIENT

#================================================================================
-phiz.ws.client.conn.timeout=#{ 15 *
T(org.apache.commons.lang3.time.DateUtils).MILLIS_PER_SECOND }
-phiz.ws.client.receive.timeout=#{ 15 *
T(org.apache.commons.lang3.time.DateUtils).MILLIS_PER_SECOND }
+phiz.crypto.cred.ws.client.ssl.subject.cn=phiz_iis_hub

#================================================================================
-# WEB SERVICE CLIENT: ASYNCHRONOUS
+# CRYPTOGRAPHY CREDENTIALS: TOMCAT SERVER

#================================================================================
-phiz.ws.client.async.exec.timeout=#{ 15 *
T(org.apache.commons.lang3.time.DateUtils).MILLIS_PER_SECOND }
-phiz.ws.client.async.interest.op.queued=true
-phiz.ws.client.async.io.thread.count=-1
-phiz.ws.client.async.select.interval=500
+phiz.crypto.cred.tomcat.server.ssl.subject.cn=${phiz.crypto.cred.ws.client.ssl.subject.cn}

#================================================================================
-# WEB SERVICE CRYPTOGRAPHY: CREDENTIALS
+# CRYPTOGRAPHY KEY STORES: WEB SERVICE CLIENT

#================================================================================
-phiz.ws.crypto.cred.iis.hub.subject.cn=phiz_iis_hub
+phiz.crypto.store.key.ws.client.file=${phiz.conf.ssl.dir}/phiz_store_key_ws_client.jks
+phiz.crypto.store.key.ws.client.pass=storepass

#================================================================================
-# TOMCAT CRYPTOGRAPHY: SERVER CREDENTIALS
+# CRYPTOGRAPHY KEY STORE ENTRIES: WEB SERVICE CLIENT

#================================================================================
-phiz.tomcat.crypto.server.cred.ssl.subject.cn=${phiz.ws.crypto.cred.iis.hub.subject.cn}
+phiz.crypto.store.key.ws.client.entry.ssl.alias=${phiz.crypto.cred.ws.client.ssl.subject.cn}
+phiz.crypto.store.key.ws.client.entry.ssl.pass=${phiz.crypto.store.key.ws.client.pass}

#================================================================================
-# WEB SERVICE CRYPTOGRAPHY: CLIENT CREDENTIALS
+# CRYPTOGRAPHY TRUST STORES: WEB SERVICE CLIENT

#================================================================================
-phiz.ws.crypto.client.cred.ssl.subject.cn=${phiz.ws.crypto.cred.iis.hub.subject.cn}
-
-#================================================================================
-# WEB SERVICE CRYPTOGRAPHY: CLIENT KEY STORE
-#================================================================================
-phiz.ws.crypto.client.store.key.file=${phiz.conf.ssl.dir}/phiz_ws_client_store_key.jks
+phiz.crypto.store.trust.ws.client.file=${phiz.conf.ssl.dir}/phiz_store_trust_ws_client.jks
+phiz.crypto.store.trust.ws.client.pass=storepass

#================================================================================
-# WEB SERVICE CRYPTOGRAPHY: CLIENT KEY STORE ENTRIES
+# CRYPTOGRAPHY TRUST STORE ENTRIES: WEB SERVICE CLIENT

#================================================================================
-phiz.ws.crypto.client.store.key.entry.ssl.alias=${phiz.ws.crypto.client.cred.ssl.subject.cn}
-phiz.ws.crypto.client.store.key.entry.ssl.pass=${phiz.ws.crypto.client.store.key.pass}
+phiz.crypto.store.trust.ws.client.entry.ca.alias=${phiz.crypto.cred.ca.subject.cn}

#================================================================================
-# WEB SERVICE CRYPTOGRAPHY: CLIENT TRUST STORE
+# WEB SERVICE CLIENT

#================================================================================
-phiz.ws.crypto.client.store.trust.file=${phiz.conf.ssl.dir}/phiz_ws_client_store_trust.jks
+phiz.ws.client.conn.timeout=#{ 15 *
T(org.apache.commons.lang3.time.DateUtils).MILLIS_PER_SECOND }
+phiz.ws.client.receive.timeout=#{ 15 *
T(org.apache.commons.lang3.time.DateUtils).MILLIS_PER_SECOND }

#================================================================================
-# WEB SERVICE CRYPTOGRAPHY: CLIENT TRUST STORE ENTRIES
+# WEB SERVICE CLIENT: ASYNCHRONOUS

#================================================================================
-phiz.ws.crypto.client.store.trust.entry.ca.alias=${phiz.crypto.cred.ca.subject.cn}
+phiz.ws.client.async.exec.timeout=#{ 15 *
T(org.apache.commons.lang3.time.DateUtils).MILLIS_PER_SECOND }
+phiz.ws.client.async.interest.op.queued=true
+phiz.ws.client.async.io.thread.count=-1
+phiz.ws.client.async.select.interval=500
=======================================
---
/phiz-web-ws/src/main/resources/META-INF/phiz/spring/spring-phiz-web-ws-client.xml
Fri Feb 6 12:28:44 2015 UTC
+++
/phiz-web-ws/src/main/resources/META-INF/phiz/spring/spring-phiz-web-ws-client.xml
Sat Feb 21 20:45:44 2015 UTC
@@ -20,61 +20,36 @@
= KEY STORES

=====================================================================================================-->

- <beans:bean id="keyStoreWsClientKey" parent="keyStoreJks"
lazy-init="true"
- p:password="${phiz.ws.crypto.client.store.key.pass}"
- p:resource="${phiz.ws.crypto.client.store.key.file}"/>
+ <beans:bean id="keyStoreKeyWsClient" parent="keyStoreJks"
lazy-init="true"
+ p:password="${phiz.crypto.store.key.ws.client.pass}"
+ p:resource="${phiz.crypto.store.key.ws.client.file}"/>


- <beans:bean id="keyStoreWsClientTrust" parent="keyStoreJks"
lazy-init="true"
- p:password="${phiz.ws.crypto.client.store.trust.pass}"
- p:resource="${phiz.ws.crypto.client.store.trust.file}"/>
+ <beans:bean id="keyStoreTrustWsClient" parent="keyStoreJks"
lazy-init="true"
+ p:password="${phiz.crypto.store.trust.ws.client.pass}"
+ p:resource="${phiz.crypto.store.trust.ws.client.file}"/>


- <beans:bean id="keyManagerWsClient" parent="keyManagerNewSunX509"
lazy-init="true">
- <beans:property name="factoryParameters">
- <beans:bean parent="keyStoreBuilderParams">
- <beans:constructor-arg index="0"
type="java.security.KeyStore$Builder">
- <beans:bean parent="keyStoreBuilder"
factory-method="newInstance">
- <beans:constructor-arg index="0"
type="java.security.KeyStore" ref="keyStoreWsClientKey"/>
- <beans:constructor-arg index="1"
type="java.security.KeyStore$ProtectionParameter">
- <beans:bean parent="keyStoreProtectionPass">
- 
- <beans:constructor-arg index="0"
type="char[]" value="${phiz.ws.crypto.client.store.key.entry.ssl.pass}"/>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
+ 
+ <beans:bean id="keyManagerWsClient" parent="keyManagerBase"
lazy-init="true"
+ p:keyStore-ref="keyStoreKeyWsClient"
+ p:password="${phiz.crypto.store.key.ws.client.entry.ssl.pass}"/>


- <beans:bean id="trustManagerWsClient" parent="trustManagerPkix"
lazy-init="true">
- <beans:property name="factoryParameters">
- <beans:bean parent="certPathTrustManagerParams">
- <beans:constructor-arg index="0"
type="java.security.cert.CertPathParameters">
- <beans:bean parent="certPathParamsPkixBuilder">
- <beans:constructor-arg index="0"
type="java.security.KeyStore" ref="keyStoreWsClientTrust"/>
- <beans:constructor-arg index="1"
type="java.security.cert.CertSelector">
- <beans:bean parent="certSelectorX509"/>
- </beans:constructor-arg>
- </beans:bean>
- </beans:constructor-arg>
- </beans:bean>
- </beans:property>
- </beans:bean>
+ <beans:bean id="trustManagerWsClient" parent="trustManagerBase"
lazy-init="true"
+ p:keyStore-ref="keyStoreTrustWsClient"/>


- <beans:bean id="sslParamsWsClient" parent="sslParamsBase"/>
+ <beans:bean id="sslParamsClientWsClient" parent="sslParamsClient"/>


<beans:bean id="sslContextWsClient" parent="sslContextBase"
lazy-init="true">
<beans:property name="keyManagers">
@@ -90,11 +65,11 @@
</beans:bean>


- <beans:bean id="sslSocketFactoryWsClient"
parent="sslSocketFactoryBase" lazy-init="true"
+ <beans:bean id="sslSocketFactoryClientWsClient"
parent="sslSocketFactoryClientBase" lazy-init="true"
p:sslContext-ref="sslContextWsClient"
- p:sslParameters-ref="sslParamsWsClient"/>
+ p:sslParameters-ref="sslParamsClientWsClient"/>


<beans:bean id="tlsParamsClientWs" parent="tlsParamsClient"
lazy-init="true"
- p:certAlias="${phiz.ws.crypto.client.store.key.entry.ssl.alias}"
- p:SSLSocketFactory-ref="sslSocketFactoryWsClient"/>
+ p:certAlias="${phiz.crypto.store.key.ws.client.entry.ssl.alias}"
+ p:SSLSocketFactory-ref="sslSocketFactoryClientWsClient"/>



- <beans:bean id="keyStoreWsClientKey" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.ws.crypto.client.store.key.pass}"
- p:resource="${phiz.ws.crypto.client.store.key.file}">
+ <beans:bean id="keyStoreKeyWsClient" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.crypto.store.key.ws.client.pass}"
+ p:resource="${phiz.crypto.store.key.ws.client.file}">
<beans:property name="entryMap">
<beans:map>

- <beans:entry
key="${phiz.ws.crypto.client.store.key.entry.ssl.alias}">
+ <beans:entry
key="${phiz.crypto.store.key.ws.client.entry.ssl.alias}">

<beans:bean parent="keyStoreEntryPrivateKey"
p:certificateChain="#{
credWsClient.certificateResponse.identity.chain[0] }"
-
p:password="${phiz.ws.crypto.client.store.key.entry.ssl.pass}"
+
p:password="${phiz.crypto.store.key.ws.client.entry.ssl.pass}"
p:privateKey="#{
credWsClient.certificateResponse.identity.privateKey }"/>
</beans:entry>
</beans:map>
@@ -42,13 +42,13 @@
</beans:bean>


- <beans:bean id="keyStoreWsClientTrust" parent="keyStoreGen"
lazy-init="true"
- p:password="${phiz.ws.crypto.client.store.trust.pass}"
- p:resource="${phiz.ws.crypto.client.store.trust.file}">
+ <beans:bean id="keyStoreTrustWsClient" parent="keyStoreGen"
lazy-init="true"
+ p:password="${phiz.crypto.store.trust.ws.client.pass}"
+ p:resource="${phiz.crypto.store.trust.ws.client.file}">
<beans:property name="entryMap">
<beans:map>

- <beans:entry
key="${phiz.ws.crypto.client.store.trust.entry.ca.alias}">
+ <beans:entry
key="${phiz.crypto.store.trust.ws.client.entry.ca.alias}">

<beans:bean parent="keyStoreEntryTrustedCert"
p:certificate="#{
credCa.certificateResponse.identity.chain[0] }"/>

==============================================================================
Revision: a836e971c5dd
Branch: default
Author: Michal Kotelba <michal....@esacinc.com>
Date: Sun Feb 22 22:41:41 2015 UTC
Log: - Supports PHIZ-35.
- Implemented (initial) contextual SSL event logging.
- Implemented Spring CGLIB based proxying of SSLContext(s), SSLEngine(s),
and (X509Extended)TrustManager(s) in order to capture events.
- Implemented automatic existing/valid SSL session invalidation in order to
always force (re-)handshaking.
https://code.google.com/p/phiz/source/detail?r=a836e971c5dd

Added:
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/PhizSslLocation.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/SslClientTrustEvent.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/SslServerTrustEvent.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/SslTrustEvent.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/impl/AbstractSslTrustEvent.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/impl/PhizSslDebugConfiguration.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/impl/SslClientTrustEventImpl.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/impl/SslServerTrustEventImpl.java
/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/impl/AtomicEventId.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/impl/EventIdMdcConverter.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/logstash/PhizLogstashTags.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/logstash/impl/PhizMdcJsonProvider.java
/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/tomcat/impl/MdcValve.java
Deleted:

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslDebugConfiguration.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/impl/RequestMdcConverter.java

/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/listener/impl/AbstractPhizServletRequestListener.java

/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/listener/impl/MdcServletRequestListener.java
Modified:
/phiz-core/pom.xml
/phiz-core/src/main/java/gov/hhs/onc/phiz/aop/utils/PhizProxyUtils.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslClientSocketFactoryFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslContextFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslServerSocketFactoryFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizTrustManagerFactoryBean.java

/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/metrics/impl/LogstashReporter.java
/phiz-core/src/main/resources/META-INF/phiz/logback/logback-phiz.xml

/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-logging-logstash.xml
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-logging.xml
/phiz-parent/pom.xml

/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/crypto/impl/PhizJsseImplementation.java

/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/tomcat/impl/MetricsValve.java

/phiz-web-core/src/main/resources/META-INF/phiz/spring/spring-phiz-web-listener.xml

/phiz-web-core/src/main/resources/META-INF/phiz/spring/spring-phiz-web-tomcat.xml
/phiz-web-core/src/test/resources/META-INF/phiz/phiz-web-test.properties

/phiz-web-core/src/test/resources/META-INF/phiz/spring/spring-phiz-web-soapui-test.xml

/phiz-web-ws/src/main/java/gov/hhs/onc/phiz/web/ws/feature/impl/PhizLoggingFeature.java

/phiz-web-ws/src/main/java/gov/hhs/onc/phiz/web/ws/logging/WsMessageEvent.java

/phiz-web-ws/src/main/java/gov/hhs/onc/phiz/web/ws/logging/impl/AbstractWsMessageEvent.java

/phiz-web-ws/src/main/java/gov/hhs/onc/phiz/web/ws/transport/impl/PhizAsyncHttpConduit.java

=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/PhizSslLocation.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,5 @@
+package gov.hhs.onc.phiz.crypto.ssl;
+
+public enum PhizSslLocation {
+ CLIENT, SERVER
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/SslClientTrustEvent.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,7 @@
+package gov.hhs.onc.phiz.crypto.ssl.logging;
+
+import gov.hhs.onc.phiz.logging.logstash.MarkerObjectFieldName;
+
+@MarkerObjectFieldName("sslClientTrust")
+public interface SslClientTrustEvent extends SslTrustEvent {
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/SslServerTrustEvent.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,7 @@
+package gov.hhs.onc.phiz.crypto.ssl.logging;
+
+import gov.hhs.onc.phiz.logging.logstash.MarkerObjectFieldName;
+
+@MarkerObjectFieldName("sslServerTrust")
+public interface SslServerTrustEvent extends SslTrustEvent {
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/SslTrustEvent.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,24 @@
+package gov.hhs.onc.phiz.crypto.ssl.logging;
+
+import com.fasterxml.jackson.annotation.JsonProperty;
+import gov.hhs.onc.phiz.crypto.ssl.PhizSslLocation;
+
+public interface SslTrustEvent {
+ @JsonProperty
+ public String getAuthType();
+
+ public void setAuthType(String authType);
+
+ @JsonProperty
+ public String[] getCertificates();
+
+ public void setCertificates(String[] certs);
+
+ @JsonProperty
+ public PhizSslLocation getLocation();
+
+ @JsonProperty
+ public boolean isTrusted();
+
+ public void setTrusted(boolean trusted);
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/impl/AbstractSslTrustEvent.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,50 @@
+package gov.hhs.onc.phiz.crypto.ssl.logging.impl;
+
+import gov.hhs.onc.phiz.crypto.ssl.PhizSslLocation;
+import gov.hhs.onc.phiz.crypto.ssl.logging.SslTrustEvent;
+
+public abstract class AbstractSslTrustEvent implements SslTrustEvent {
+ protected String authType;
+ protected String[] certs;
+ protected PhizSslLocation loc;
+ protected boolean trusted;
+
+ protected AbstractSslTrustEvent(PhizSslLocation loc) {
+ this.loc = loc;
+ }
+
+ @Override
+ public String getAuthType() {
+ return this.authType;
+ }
+
+ @Override
+ public void setAuthType(String authType) {
+ this.authType = authType;
+ }
+
+ @Override
+ public String[] getCertificates() {
+ return this.certs;
+ }
+
+ @Override
+ public void setCertificates(String[] certs) {
+ this.certs = certs;
+ }
+
+ @Override
+ public PhizSslLocation getLocation() {
+ return this.loc;
+ }
+
+ @Override
+ public boolean isTrusted() {
+ return this.trusted;
+ }
+
+ @Override
+ public void setTrusted(boolean trusted) {
+ this.trusted = trusted;
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/impl/PhizSslDebugConfiguration.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,127 @@
+package gov.hhs.onc.phiz.crypto.ssl.logging.impl;
+
+import ch.qos.logback.classic.Level;
+import ch.qos.logback.classic.Logger;
+import ch.qos.logback.classic.spi.LoggingEvent;
+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils;
+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils.PhizMethodAdvisor;
+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils.PhizMethodInterceptor;
+import gov.hhs.onc.phiz.logging.logstash.PhizLogstashTags;
+import gov.hhs.onc.phiz.logging.logstash.impl.PhizLogstashMarkers;
+import java.io.PrintStream;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+import java.util.function.Consumer;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.commons.lang3.ClassUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.DisposableBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration("sslDebugConfiguration")
+public class PhizSslDebugConfiguration implements DisposableBean {
+ private final static String SUN_SEC_PKG_NAME_PREFIX =
StringUtils.join(ArrayUtils.toArray("sun", "security", "ssl",
StringUtils.EMPTY),
+ ClassUtils.PACKAGE_SEPARATOR);
+
+ private final static String HANDSHAKE_MSG_INNER_CLASS_NAME_PREFIX =
SUN_SEC_PKG_NAME_PREFIX + "HandshakeMessage$";
+ private final static String ENHANCED_PRINT_STREAM_CLASS_NAME_PREFIX =
PhizProxyUtils.ENHANCER_CLASS_NAME_PREFIX + PrintStream.class.getName()
+ + PhizProxyUtils.ENHANCER_CLASS_NAME_SUFFIX;
+
+ private final static String DEBUG_CLASS_NAME = SUN_SEC_PKG_NAME_PREFIX
+ "Debug";
+ private final static String
HANDSHAKE_MSG_CLIENT_HELLO_INNER_CLASS_NAME =
HANDSHAKE_MSG_INNER_CLASS_NAME_PREFIX + "ClientHello";
+ private final static String
HANDSHAKE_MSG_SERVER_HELLO_INNER_CLASS_NAME =
HANDSHAKE_MSG_INNER_CLASS_NAME_PREFIX + "ServerHello";
+
+ private final static Set<String> HANDSHAKE_CLASS_NAMES = Stream
+ .of(HANDSHAKE_MSG_CLIENT_HELLO_INNER_CLASS_NAME,
HANDSHAKE_MSG_SERVER_HELLO_INNER_CLASS_NAME).collect(Collectors.toSet());
+
+ private final static String PRINT_METHOD_NAME = "print";
+ private final static String PRINTLN_METHOD_NAME = "println";
+
+ private final static int THREAD_PRINT_STR_BUILDER_INITIAL_CAPACITY =
64;
+ private final static ThreadLocal<StringBuilder>
THREAD_PRINT_STR_BUILDER = ThreadLocal.withInitial(() -> new StringBuilder(
+ THREAD_PRINT_STR_BUILDER_INITIAL_CAPACITY));
+
+ private final static Map<PrintStream, Consumer<PrintStream>>
DELEGATE_PRINT_STREAM_MAP = new HashMap<>(2);
+
+ private final static Logger LOGGER = ((Logger)
LoggerFactory.getLogger(PhizSslDebugConfiguration.class));
+
+ private final static PhizMethodAdvisor PRINT_METHODS_ADVISOR = new
PhizMethodAdvisor(
+ ((PhizMethodInterceptor) (invocation, method, methodName, args,
target) -> {
+ StackTraceElement[] stackTraceElems = new
Throwable().getStackTrace();
+ int numStackTraceElems = stackTraceElems.length;
+ StackTraceElement stackTraceElem;
+
+ for (int a = 0; a < numStackTraceElems; a++) {
+ if (StringUtils.startsWith((stackTraceElem =
stackTraceElems[a]).getClassName(), ENHANCED_PRINT_STREAM_CLASS_NAME_PREFIX)
+ && stackTraceElem.getMethodName().equals(methodName)) {
+ if
(!StringUtils.startsWith(stackTraceElems[++a].getClassName(),
SUN_SEC_PKG_NAME_PREFIX)) {
+ break;
+ }
+
+ if (args.length != 1) {
+ return null;
+ }
+
+ while
(stackTraceElems[a].getClassName().equals(DEBUG_CLASS_NAME)) {
+ a++;
+ }
+
+ if
(!HANDSHAKE_CLASS_NAMES.contains(stackTraceElems[a].getClassName())) {
+ return null;
+ }
+
+ StringBuilder printStrBuilder =
THREAD_PRINT_STR_BUILDER.get();
+ printStrBuilder.append(args[0]);
+
+ if (methodName.equals(PRINTLN_METHOD_NAME)) {
+ String msg =
StringUtils.trim(StringUtils.strip(printStrBuilder.toString()));
+
+ // noinspection ConstantConditions
+ if (!msg.isEmpty()) {
+ LoggingEvent srcEvent = new
LoggingEvent(Logger.FQCN, LOGGER, Level.TRACE, msg, null, null);
+
srcEvent.setCallerData(ArrayUtils.subarray(stackTraceElems, a,
numStackTraceElems));
+
srcEvent.setMarker(PhizLogstashMarkers.append(PhizLogstashTags.SSL));
+
+ LOGGER.callAppenders(srcEvent);
+ }
+
+ THREAD_PRINT_STR_BUILDER.remove();
+ }
+
+ return null;
+ }
+ }
+
+ return invocation.proceed();
+ }), PRINT_METHOD_NAME, PRINTLN_METHOD_NAME);
+
+ @Bean(name = "sslDebugPrintStreamErr")
+ public PrintStream getErrPrintStream() {
+ return buildProxyPrintStream(System.err, System::setErr);
+ }
+
+ @Bean(name = "sslDebugPrintStreamOut")
+ public PrintStream getOutPrintStream() {
+ return buildProxyPrintStream(System.out, System::setOut);
+ }
+
+ @Override
+ public synchronized void destroy() throws Exception {
+ DELEGATE_PRINT_STREAM_MAP.forEach((delegatePrintStream,
delegateStreamSetter) -> delegateStreamSetter.accept(delegatePrintStream));
+ }
+
+ private synchronized static PrintStream
buildProxyPrintStream(PrintStream delegatePrintStream,
Consumer<PrintStream> delegateStreamSetter) {
+ PrintStream proxyPrintStream =
PhizProxyUtils.buildProxyFactory(delegatePrintStream, PrintStream.class,
PRINT_METHODS_ADVISOR).getProxy();
+
+ DELEGATE_PRINT_STREAM_MAP.put(delegatePrintStream,
delegateStreamSetter);
+
+ delegateStreamSetter.accept(proxyPrintStream);
+
+ return proxyPrintStream;
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/impl/SslClientTrustEventImpl.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,10 @@
+package gov.hhs.onc.phiz.crypto.ssl.logging.impl;
+
+import gov.hhs.onc.phiz.crypto.ssl.PhizSslLocation;
+import gov.hhs.onc.phiz.crypto.ssl.logging.SslClientTrustEvent;
+
+public class SslClientTrustEventImpl extends AbstractSslTrustEvent
implements SslClientTrustEvent {
+ public SslClientTrustEventImpl() {
+ super(PhizSslLocation.CLIENT);
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/logging/impl/SslServerTrustEventImpl.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,10 @@
+package gov.hhs.onc.phiz.crypto.ssl.logging.impl;
+
+import gov.hhs.onc.phiz.crypto.ssl.PhizSslLocation;
+import gov.hhs.onc.phiz.crypto.ssl.logging.SslServerTrustEvent;
+
+public class SslServerTrustEventImpl extends AbstractSslTrustEvent
implements SslServerTrustEvent {
+ public SslServerTrustEventImpl() {
+ super(PhizSslLocation.SERVER);
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/impl/AtomicEventId.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,14 @@
+package gov.hhs.onc.phiz.logging.impl;
+
+import com.github.sebhoss.warnings.CompilerWarnings;
+import java.util.concurrent.atomic.AtomicLong;
+import java.util.function.LongUnaryOperator;
+
+@SuppressWarnings({ CompilerWarnings.SERIAL })
+public class AtomicEventId extends AtomicLong {
+ private final static LongUnaryOperator NEXT_UPDATE_OP = (value) ->
((value < Long.MAX_VALUE) ? ++value : 1);
+
+ public long getNext() {
+ return this.updateAndGet(NEXT_UPDATE_OP);
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/impl/EventIdMdcConverter.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,20 @@
+package gov.hhs.onc.phiz.logging.impl;
+
+import ch.qos.logback.classic.pattern.ClassicConverter;
+import ch.qos.logback.classic.spi.ILoggingEvent;
+import java.util.Map;
+import org.apache.commons.lang3.StringUtils;
+
+public class EventIdMdcConverter extends ClassicConverter {
+ public final static String EVENT_ID_MDC_KEY = "eventId";
+
+ private final static String SECTION_PREFIX = " [";
+ private final static String SECTION_SUFFIX = "]";
+
+ @Override
+ public String convert(ILoggingEvent event) {
+ Map<String, String> mdcProps = event.getMDCPropertyMap();
+
+ return (mdcProps.containsKey(EVENT_ID_MDC_KEY) ? (SECTION_PREFIX +
mdcProps.get(EVENT_ID_MDC_KEY) + SECTION_SUFFIX) : StringUtils.EMPTY);
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/logstash/PhizLogstashTags.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,10 @@
+package gov.hhs.onc.phiz.logging.logstash;
+
+public final class PhizLogstashTags {
+ public final static String LOGS = "logs";
+ public final static String METRICS = "metrics";
+ public final static String SSL = "ssl";
+
+ private PhizLogstashTags() {
+ }
+}
=======================================
--- /dev/null
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/logstash/impl/PhizMdcJsonProvider.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,46 @@
+package gov.hhs.onc.phiz.logging.logstash.impl;
+
+import ch.qos.logback.classic.spi.ILoggingEvent;
+import com.fasterxml.jackson.core.JsonGenerator;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.stream.Collectors;
+import net.logstash.logback.composite.JsonWritingUtils;
+import net.logstash.logback.composite.loggingevent.MdcJsonProvider;
+import org.apache.commons.collections4.CollectionUtils;
+
+public class PhizMdcJsonProvider extends MdcJsonProvider {
+ private List<String> includeMdcKeyNames;
+ private List<String> excludeMdcKeyNames;
+
+ @Override
+ public void writeTo(JsonGenerator jsonGen, ILoggingEvent event) throws
IOException {
+ Map<String, String> mdcProps = new
HashMap<>(event.getMDCPropertyMap());
+
+ if (mdcProps.isEmpty()) {
+ return;
+ }
+
+ if (!CollectionUtils.isEmpty(this.includeMdcKeyNames)) {
+ mdcProps.keySet().retainAll(this.includeMdcKeyNames);
+ } else if (!CollectionUtils.isEmpty(this.excludeMdcKeyNames)) {
+ mdcProps.keySet().removeAll(this.excludeMdcKeyNames);
+ }
+
+ JsonWritingUtils.writeMapEntries(jsonGen,
+
mdcProps.entrySet().stream().collect(Collectors.toMap(mdcPropEntry ->
PhizLogstashMarkers.buildFieldName(mdcPropEntry.getKey()),
Entry::getValue)));
+ }
+
+ @Override
+ public void setIncludeMdcKeyNames(List<String> includeMdcKeyNames) {
+ super.setIncludeMdcKeyNames((this.includeMdcKeyNames =
includeMdcKeyNames));
+ }
+
+ @Override
+ public void setExcludeMdcKeyNames(List<String> excludeMdcKeyNames) {
+ super.setExcludeMdcKeyNames((this.excludeMdcKeyNames =
excludeMdcKeyNames));
+ }
+}
=======================================
--- /dev/null
+++
/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/tomcat/impl/MdcValve.java
Sun Feb 22 22:41:41 2015 UTC
@@ -0,0 +1,30 @@
+package gov.hhs.onc.phiz.web.tomcat.impl;
+
+import gov.hhs.onc.phiz.logging.impl.AtomicEventId;
+import gov.hhs.onc.phiz.logging.impl.EventIdMdcConverter;
+import java.io.IOException;
+import javax.servlet.ServletException;
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.catalina.valves.ValveBase;
+import org.slf4j.MDC;
+import org.springframework.core.Ordered;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
+
+@Component("valveMdc")
+@Order(Ordered.HIGHEST_PRECEDENCE)
+public class MdcValve extends ValveBase {
+ private final static AtomicEventId EVENT_ID = new AtomicEventId();
+
+ @Override
+ public void invoke(Request req, Response resp) throws IOException,
ServletException {
+ MDC.put(EventIdMdcConverter.EVENT_ID_MDC_KEY,
Long.toString(EVENT_ID.getNext()));
+
+ try {
+ this.getNext().invoke(req, resp);
+ } finally {
+ MDC.remove(EventIdMdcConverter.EVENT_ID_MDC_KEY);
+ }
+ }
+}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslDebugConfiguration.java
Sun Jan 4 15:55:30 2015 UTC
+++ /dev/null
@@ -1,127 +0,0 @@
-package gov.hhs.onc.phiz.crypto.ssl.impl;
-
-import ch.qos.logback.classic.Level;
-import ch.qos.logback.classic.Logger;
-import ch.qos.logback.classic.spi.LoggingEvent;
-import java.io.PrintStream;
-import java.lang.reflect.Method;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.function.Consumer;
-import org.aopalliance.intercept.MethodInterceptor;
-import org.apache.commons.lang3.ArrayUtils;
-import org.apache.commons.lang3.ClassUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.LoggerFactory;
-import org.springframework.aop.framework.ProxyFactory;
-import org.springframework.aop.target.SingletonTargetSource;
-import org.springframework.beans.factory.DisposableBean;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-
-@Configuration("sslDebugConfig")
-public class PhizSslDebugConfiguration implements DisposableBean {
- private final static String SUN_SEC_PKG_NAME_PREFIX =
StringUtils.join(ArrayUtils.toArray("sun", "security", "ssl",
StringUtils.EMPTY),
- ClassUtils.PACKAGE_SEPARATOR);
-
- private final static String SUN_SEC_DEBUG_CLASS_NAME =
SUN_SEC_PKG_NAME_PREFIX + "Debug";
- private final static String PRINT_STREAM_CLASS_NAME =
PrintStream.class.getName();
-
- private final static String PROXY_PRINT_STREAM_CLASS_NAME_PREFIX = "$"
+ PRINT_STREAM_CLASS_NAME + "$$EnhancerBySpringCGLIB$$";
-
- private final static String PRINT_METHOD_NAME = "print";
- private final static String PRINTLN_METHOD_NAME = "println";
-
- private final static int THREAD_PRINT_STR_BUILDER_INITIAL_CAPACITY =
256;
- private final static ThreadLocal<StringBuilder>
THREAD_PRINT_STR_BUILDER = new ThreadLocal<StringBuilder>() {
- @Override
- protected StringBuilder initialValue() {
- return new
StringBuilder(THREAD_PRINT_STR_BUILDER_INITIAL_CAPACITY);
- }
- };
-
- private final static Map<PrintStream, Consumer<PrintStream>>
DELEGATE_PRINT_STREAM_MAP = new HashMap<>(2);
-
- private final static Logger LOGGER = ((Logger)
LoggerFactory.getLogger(PhizSslDebugConfiguration.class));
-
- @Bean(name = "sslDebugPrintStreamErr")
- public PrintStream getErrPrintStream() {
- return buildProxyPrintStream(System.err, System::setErr);
- }
-
- @Bean(name = "sslDebugPrintStreamOut")
- public PrintStream getOutPrintStream() {
- return buildProxyPrintStream(System.out, System::setOut);
- }
-
- @Override
- public synchronized void destroy() throws Exception {
- DELEGATE_PRINT_STREAM_MAP.forEach((delegatePrintStream,
delegateStreamSetFunc) -> {
- delegateStreamSetFunc.accept(delegatePrintStream);
- });
- }
-
- private synchronized static PrintStream
buildProxyPrintStream(PrintStream delegatePrintStream,
Consumer<PrintStream> delegateStreamSetFunc) {
- ProxyFactory proxyFactory = new ProxyFactory();
- proxyFactory.setProxyTargetClass(true);
-
- proxyFactory.setTargetSource(new
SingletonTargetSource(delegatePrintStream) {
- private final static long serialVersionUID = 0L;
-
- @Override
- public Class<?> getTargetClass() {
- return PrintStream.class;
- }
- });
-
- proxyFactory.addAdvice(((MethodInterceptor) (invocation) -> {
- Method invocationMethod = invocation.getMethod();
- String invocationMethodName = invocationMethod.getName();
- Object[] invocationArgs = invocation.getArguments();
-
- if
(invocationMethod.getDeclaringClass().getName().equals(PRINT_STREAM_CLASS_NAME)
- && (invocationMethodName.equals(PRINT_METHOD_NAME) ||
invocationMethodName.equals(PRINTLN_METHOD_NAME)) && (invocationArgs.length
== 1)) {
- StackTraceElement[] stackTraceElems = new
Throwable().getStackTrace();
- int numStackTraceElems = stackTraceElems.length;
- StackTraceElement stackTraceElem;
-
- for (int a = 0; a < numStackTraceElems; a++) {
- if (StringUtils.startsWith((stackTraceElem =
stackTraceElems[a]).getClassName(), PROXY_PRINT_STREAM_CLASS_NAME_PREFIX)
- &&
stackTraceElem.getMethodName().equals(invocationMethodName)) {
- if
(StringUtils.startsWith(stackTraceElems[++a].getClassName(),
SUN_SEC_PKG_NAME_PREFIX)) {
- while
(stackTraceElems[a].getClassName().equals(SUN_SEC_DEBUG_CLASS_NAME)) {
- a++;
- }
-
- StringBuilder printStrBuilder =
THREAD_PRINT_STR_BUILDER.get();
- printStrBuilder.append(invocationArgs[0]);
-
- if
(invocationMethodName.equals(PRINTLN_METHOD_NAME)) {
- LoggingEvent srcEvent = new
LoggingEvent(Logger.FQCN, LOGGER, Level.TRACE, printStrBuilder.toString(),
null, null);
-
srcEvent.setCallerData(ArrayUtils.subarray(stackTraceElems, a,
numStackTraceElems));
-
- LOGGER.callAppenders(srcEvent);
-
- THREAD_PRINT_STR_BUILDER.remove();
- }
-
- return null;
- } else {
- break;
- }
- }
- }
- }
-
- return invocationMethod.invoke(delegatePrintStream,
invocationArgs);
- }));
-
- PrintStream proxyPrintStream = ((PrintStream)
proxyFactory.getProxy());
-
- DELEGATE_PRINT_STREAM_MAP.put(delegatePrintStream,
delegateStreamSetFunc);
-
- delegateStreamSetFunc.accept(proxyPrintStream);
-
- return proxyPrintStream;
- }
-}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/impl/RequestMdcConverter.java
Mon Jan 26 17:11:24 2015 UTC
+++ /dev/null
@@ -1,20 +0,0 @@
-package gov.hhs.onc.phiz.logging.impl;
-
-import ch.qos.logback.classic.ClassicConstants;
-import ch.qos.logback.classic.pattern.ClassicConverter;
-import ch.qos.logback.classic.spi.ILoggingEvent;
-import java.util.Map;
-import org.apache.commons.lang3.StringUtils;
-
-public class RequestMdcConverter extends ClassicConverter {
- private final static String SECTION_PREFIX = " [";
- private final static String SECTION_SUFFIX = "]";
-
- @Override
- public String convert(ILoggingEvent event) {
- Map<String, String> mdcProps = event.getMDCPropertyMap();
-
- return
(mdcProps.containsKey(ClassicConstants.REQUEST_REMOTE_HOST_MDC_KEY) ?
(SECTION_PREFIX
- + mdcProps.get(ClassicConstants.REQUEST_REMOTE_HOST_MDC_KEY) +
SECTION_SUFFIX) : StringUtils.EMPTY);
- }
-}
=======================================
---
/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/listener/impl/AbstractPhizServletRequestListener.java
Sun Jan 4 15:55:30 2015 UTC
+++ /dev/null
@@ -1,14 +0,0 @@
-package gov.hhs.onc.phiz.web.listener.impl;
-
-import javax.servlet.ServletRequestEvent;
-import javax.servlet.ServletRequestListener;
-
-public abstract class AbstractPhizServletRequestListener implements
ServletRequestListener {
- @Override
- public void requestDestroyed(ServletRequestEvent servletReqEvent) {
- }
-
- @Override
- public void requestInitialized(ServletRequestEvent servletReqEvent) {
- }
-}
=======================================
---
/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/listener/impl/MdcServletRequestListener.java
Sun Jan 4 15:55:30 2015 UTC
+++ /dev/null
@@ -1,35 +0,0 @@
-package gov.hhs.onc.phiz.web.listener.impl;
-
-import ch.qos.logback.classic.ClassicConstants;
-import java.util.Objects;
-import java.util.stream.Stream;
-import javax.servlet.ServletRequestEvent;
-import javax.servlet.http.HttpServletRequest;
-import org.apache.commons.lang3.ArrayUtils;
-import org.slf4j.MDC;
-import org.springframework.http.HttpHeaders;
-
-public class MdcServletRequestListener extends
AbstractPhizServletRequestListener {
- private final static String X_FORWARDED_FOR_HTTP_HEADER_NAME
= "X-Forwarded-For";
-
- private final static String[] REQ_MDC_KEYS =
ArrayUtils.toArray(ClassicConstants.REQUEST_QUERY_STRING,
ClassicConstants.REQUEST_REMOTE_HOST_MDC_KEY,
- ClassicConstants.REQUEST_REQUEST_URI,
ClassicConstants.REQUEST_REQUEST_URL,
ClassicConstants.REQUEST_USER_AGENT_MDC_KEY,
- ClassicConstants.REQUEST_X_FORWARDED_FOR);
-
- @Override
- public void requestDestroyed(ServletRequestEvent servletReqEvent) {
- Stream.of(REQ_MDC_KEYS).forEach(MDC::remove);
- }
-
- @Override
- public void requestInitialized(ServletRequestEvent servletReqEvent) {
- HttpServletRequest servletReq = ((HttpServletRequest)
servletReqEvent.getServletRequest());
-
- MDC.put(ClassicConstants.REQUEST_QUERY_STRING,
servletReq.getQueryString());
- MDC.put(ClassicConstants.REQUEST_REMOTE_HOST_MDC_KEY,
servletReq.getRemoteHost());
- MDC.put(ClassicConstants.REQUEST_REQUEST_URI,
servletReq.getRequestURI());
- MDC.put(ClassicConstants.REQUEST_REQUEST_URI,
Objects.toString(servletReq.getRequestURL(), null));
- MDC.put(ClassicConstants.REQUEST_USER_AGENT_MDC_KEY,
servletReq.getHeader(HttpHeaders.USER_AGENT));
- MDC.put(ClassicConstants.REQUEST_X_FORWARDED_FOR,
servletReq.getHeader(X_FORWARDED_FOR_HTTP_HEADER_NAME));
- }
-}
=======================================
--- /phiz-core/pom.xml Sat Feb 21 20:45:44 2015 UTC
+++ /phiz-core/pom.xml Sun Feb 22 22:41:41 2015 UTC
@@ -324,7 +324,7 @@
<plugin>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-codegen-plugin</artifactId>
- <version>3.0.3</version>
+ <version>3.0.4</version>
<dependencies>
<dependency>
<groupId>com.btmatthews.jaxb2_commons</groupId>
=======================================
--- /phiz-core/src/main/java/gov/hhs/onc/phiz/aop/utils/PhizProxyUtils.java
Sat Feb 21 20:45:44 2015 UTC
+++ /phiz-core/src/main/java/gov/hhs/onc/phiz/aop/utils/PhizProxyUtils.java
Sun Feb 22 22:41:41 2015 UTC
@@ -3,7 +3,10 @@
import com.github.sebhoss.warnings.CompilerWarnings;
import java.lang.reflect.Method;
import java.util.stream.Stream;
+import javax.annotation.Nullable;
import org.aopalliance.aop.Advice;
+import org.aopalliance.intercept.MethodInterceptor;
+import org.aopalliance.intercept.MethodInvocation;
import org.springframework.aop.Advisor;
import org.springframework.aop.TargetSource;
import org.springframework.aop.aspectj.annotation.AspectJProxyFactory;
@@ -26,6 +29,20 @@
return this.targetClass;
}
}
+
+ @FunctionalInterface
+ public static interface PhizMethodInterceptor extends
MethodInterceptor {
+ @Nullable
+ @Override
+ default public Object invoke(MethodInvocation invocation) throws
Throwable {
+ Method method = invocation.getMethod();
+
+ return this.invoke(invocation, method, method.getName(),
invocation.getArguments(), invocation.getThis());
+ }
+
+ @Nullable
+ public Object invoke(MethodInvocation invocation, Method method,
String methodName, Object[] args, @Nullable Object target) throws Throwable;
+ }

@SuppressWarnings({ CompilerWarnings.SERIAL })
public static class PhizMethodAdvisor extends
NameMatchMethodPointcutAdvisor {
@@ -39,6 +56,9 @@
this.setMappedNames(methodNames);
}
}
+
+ public final static String ENHANCER_CLASS_NAME_PREFIX = "$";
+ public final static String ENHANCER_CLASS_NAME_SUFFIX
= "$$EnhancerBySpringCGLIB$$";

private PhizProxyUtils() {
}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslClientSocketFactoryFactoryBean.java
Sat Feb 21 20:45:44 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslClientSocketFactoryFactoryBean.java
Sun Feb 22 22:41:41 2015 UTC
@@ -16,12 +16,11 @@

@Override
protected AspectJProxyFactory buildProxyFactory() {
- return
PhizProxyUtils.buildProxyFactory(this.sslContext.getSocketFactory(),
this.objClass, new PhizMethodAdvisor(
- ((MethodInterceptor) socketFactoryMethodInvocation -> {
- SSLSocket socket = ((SSLSocket)
socketFactoryMethodInvocation.proceed());
-
socket.setSSLParameters(PhizSslClientSocketFactoryFactoryBean.this.sslParams);
+ return
PhizProxyUtils.buildProxyFactory(this.sslContext.getSocketFactory(),
this.objClass, new PhizMethodAdvisor(((MethodInterceptor) invocation -> {
+ SSLSocket socket = ((SSLSocket) invocation.proceed());
+ socket.setSSLParameters(this.sslParams);

- return socket;
- }), CREATE_SOCKET_METHOD_NAME));
+ return socket;
+ }), CREATE_SOCKET_METHOD_NAME));
}
}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslContextFactoryBean.java
Sun Jan 4 15:55:30 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslContextFactoryBean.java
Sun Feb 22 22:41:41 2015 UTC
@@ -1,12 +1,25 @@
package gov.hhs.onc.phiz.crypto.ssl.impl;

+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils;
+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils.PhizMethodAdvisor;
import gov.hhs.onc.phiz.crypto.impl.AbstractPhizCryptoFactoryBean;
import java.security.SecureRandom;
+import java.security.Security;
+import java.util.stream.Stream;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLContextSpi;
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
+import org.aopalliance.intercept.MethodInterceptor;

public class PhizSslContextFactoryBean extends
AbstractPhizCryptoFactoryBean<SSLContext> {
+ private final static String SSL_CONTEXT_SERVICE_TYPE =
SSLContext.class.getSimpleName();
+
+ private final static String BEGIN_HANDSHAKE_METHOD_NAME
= "beginHandshake";
+ private final static String ENGINE_CREATE_SSL_ENGINE_METHOD_NAME
= "engineCreateSSLEngine";
+
private KeyManager[] keyManagers;
private SecureRandom secureRandom;
private TrustManager[] trustManagers;
@@ -17,10 +30,31 @@

@Override
public SSLContext getObject() throws Exception {
- SSLContext sslContext = SSLContext.getInstance(this.type,
this.prov);
- sslContext.init(this.keyManagers, this.trustManagers,
this.secureRandom);
+ SSLContextSpi contextSpi =
+ ((SSLContextSpi)
Stream.of(Security.getProviders()).flatMap(prov ->
prov.getServices().stream())
+ .filter(service ->
(service.getType().equals(SSL_CONTEXT_SERVICE_TYPE) &&
service.getAlgorithm().equals(this.type))).findFirst().get()
+ .newInstance(null));

- return sslContext;
+ return new SSLContext(PhizProxyUtils.buildProxyFactory(contextSpi,
SSLContextSpi.class,
+ new PhizMethodAdvisor(((MethodInterceptor) contextInvocation
-> {
+ SSLEngine engine = ((SSLEngine)
contextInvocation.proceed());
+
+ return PhizProxyUtils.buildProxyFactory(engine,
SSLEngine.class, new PhizMethodAdvisor(((MethodInterceptor)
engineInvocation -> {
+ SSLSession session = engine.getSession();
+
+ if (session.isValid()) {
+ session.invalidate();
+ }
+
+ engineInvocation.proceed();
+
+ return null;
+ }), BEGIN_HANDSHAKE_METHOD_NAME)).getProxy();
+ }), ENGINE_CREATE_SSL_ENGINE_METHOD_NAME)).getProxy(),
this.prov, this.type) {
+ {
+ this.init(PhizSslContextFactoryBean.this.keyManagers,
PhizSslContextFactoryBean.this.trustManagers,
PhizSslContextFactoryBean.this.secureRandom);
+ }
+ };
}

public KeyManager[] getKeyManagers() {
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslServerSocketFactoryFactoryBean.java
Sat Feb 21 20:45:44 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslServerSocketFactoryFactoryBean.java
Sun Feb 22 22:41:41 2015 UTC
@@ -17,9 +17,9 @@
@Override
protected AspectJProxyFactory buildProxyFactory() {
return
PhizProxyUtils.buildProxyFactory(this.sslContext.getServerSocketFactory(),
this.objClass, new PhizMethodAdvisor(
- ((MethodInterceptor) serverSocketFactoryMethodInvocation -> {
- SSLServerSocket serverSocket = ((SSLServerSocket)
serverSocketFactoryMethodInvocation.proceed());
-
serverSocket.setSSLParameters(PhizSslServerSocketFactoryFactoryBean.this.sslParams);
+ ((MethodInterceptor) invocation -> {
+ SSLServerSocket serverSocket = ((SSLServerSocket)
invocation.proceed());
+ serverSocket.setSSLParameters(this.sslParams);

return serverSocket;
}), CREATE_SERVER_SOCKET_METHOD_NAME));
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizTrustManagerFactoryBean.java
Sat Feb 21 20:45:44 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizTrustManagerFactoryBean.java
Sun Feb 22 22:41:41 2015 UTC
@@ -1,12 +1,32 @@
package gov.hhs.onc.phiz.crypto.ssl.impl;

+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils;
+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils.PhizMethodAdvisor;
+import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils.PhizMethodInterceptor;
+import gov.hhs.onc.phiz.crypto.ssl.logging.SslTrustEvent;
+import gov.hhs.onc.phiz.crypto.ssl.logging.impl.SslClientTrustEventImpl;
+import gov.hhs.onc.phiz.crypto.ssl.logging.impl.SslServerTrustEventImpl;
+import gov.hhs.onc.phiz.logging.logstash.PhizLogstashTags;
+import gov.hhs.onc.phiz.logging.logstash.impl.PhizLogstashMarkers;
import java.security.cert.CertSelector;
+import java.security.cert.CertificateException;
import java.security.cert.PKIXBuilderParameters;
+import java.security.cert.X509Certificate;
+import java.util.stream.Stream;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
+import javax.net.ssl.X509ExtendedTrustManager;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;

public class PhizTrustManagerFactoryBean extends
AbstractPhizSslManagerFactoryBean<TrustManager,
CertPathTrustManagerParameters> {
+ private final static String CHECK_CLIENT_TRUSTED_METHOD_NAME
= "checkClientTrusted";
+ private final static String CHECK_SERVER_TRUSTED_METHOD_NAME
= "checkServerTrusted";
+
+ private final static Logger LOGGER =
LoggerFactory.getLogger(PhizTrustManagerFactoryBean.class);
+
private CertSelector certSelector;

public PhizTrustManagerFactoryBean() {
@@ -18,7 +38,42 @@
TrustManagerFactory factory =
TrustManagerFactory.getInstance(this.type, this.prov);
factory.init(this.buildFactoryParameters());

- return factory.getTrustManagers()[0];
+ TrustManager manager = factory.getTrustManagers()[0];
+
+ return PhizProxyUtils.buildProxyFactory(
+ manager,
+ X509ExtendedTrustManager.class,
+ new PhizMethodAdvisor(
+ ((PhizMethodInterceptor) (invocation, method, methodName,
args, target) -> {
+ X509Certificate[] certs = ((X509Certificate[])
args[0]);
+ String[] certSubjectDns = Stream.of(certs).map(cert ->
cert.getSubjectDN().getName()).toArray(String[]::new);
+
+ SslTrustEvent event =
+
(invocation.getMethod().getName().equals(CHECK_CLIENT_TRUSTED_METHOD_NAME)
+ ? new SslClientTrustEventImpl() : new
SslServerTrustEventImpl());
+ event.setAuthType(((String) args[1]));
+
event.setCertificates(Stream.of(certs).map(Object::toString).toArray(String[]::new));
+
+ try {
+ invocation.proceed();
+
+ event.setTrusted(true);
+
+ LOGGER.debug(
+
PhizLogstashMarkers.append(PhizLogstashTags.SSL, event),
+ String.format("SSL %s certificate chain
(subjects=[%s]) is trusted.", event.getLocation().name().toLowerCase(),
+ StringUtils.join(certSubjectDns, "; ")));
+
+ return null;
+ } catch (CertificateException e) {
+ LOGGER.error(
+
PhizLogstashMarkers.append(PhizLogstashTags.SSL, event),
+ String.format("SSL %s certificate chain
(subjects=[%s]) is not trusted.", event.getLocation().name().toLowerCase(),
+ StringUtils.join(certSubjectDns, "; ")),
e);
+
+ throw e;
+ }
+ }), CHECK_CLIENT_TRUSTED_METHOD_NAME,
CHECK_SERVER_TRUSTED_METHOD_NAME)).getProxy();
}

@Override
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/metrics/impl/LogstashReporter.java
Tue Feb 3 16:25:30 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/logging/metrics/impl/LogstashReporter.java
Sun Feb 22 22:41:41 2015 UTC
@@ -9,6 +9,7 @@
import com.codahale.metrics.ScheduledReporter;
import com.codahale.metrics.Timer;
import com.github.sebhoss.warnings.CompilerWarnings;
+import gov.hhs.onc.phiz.logging.logstash.PhizLogstashTags;
import gov.hhs.onc.phiz.logging.logstash.impl.PhizLogstashMarkers;
import java.util.SortedMap;
import java.util.concurrent.TimeUnit;
@@ -18,7 +19,7 @@
import org.springframework.context.SmartLifecycle;

public class LogstashReporter extends ScheduledReporter implements
SmartLifecycle {
- private final static String METRICS_NAME = "metrics";
+ private final static String METRICS_FIELD_NAME = "metrics";

private final static Logger LOGGER =
LoggerFactory.getLogger(LogstashReporter.class);

@@ -37,7 +38,7 @@
public void report(SortedMap<String, Gauge> gauges, SortedMap<String,
Counter> counters, SortedMap<String, Histogram> histograms,
SortedMap<String, Meter> meters, SortedMap<String, Timer> timers) {
LOGGER.info(
- PhizLogstashMarkers.append(METRICS_NAME,
Markers.append(METRICS_NAME, this.metricRegistry)),
+ PhizLogstashMarkers.append(PhizLogstashTags.METRICS,
Markers.append(METRICS_FIELD_NAME, this.metricRegistry)),
String.format("Metrics (numGauges=%d, numCounters=%d,
numHistograms=%d, numMeters=%d, numTimers=%d).", gauges.size(),
counters.size(),
histograms.size(), meters.size(), timers.size()));
}
=======================================
--- /phiz-core/src/main/resources/META-INF/phiz/logback/logback-phiz.xml
Fri Feb 6 12:28:44 2015 UTC
+++ /phiz-core/src/main/resources/META-INF/phiz/logback/logback-phiz.xml
Sun Feb 22 22:41:41 2015 UTC
@@ -43,7 +43,7 @@

<conversionRule conversionWord="pColor"
converterClass="gov.hhs.onc.phiz.logging.impl.PriorityColorCompositeConverter"/>

- <conversionRule conversionWord="xReq"
converterClass="gov.hhs.onc.phiz.logging.impl.RequestMdcConverter"/>
+ <conversionRule conversionWord="xEventId"
converterClass="gov.hhs.onc.phiz.logging.impl.EventIdMdcConverter"/>


-

-
+
<javax.net.debug>ssl,handshake</javax.net.debug>
<javax.net.ssl.keyStore/>
<javax.net.ssl.trustStore/>

<logback.configurationFile>META-INF/phiz/logback/logback-phiz.xml</logback.configurationFile>
=======================================
---
/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/crypto/impl/PhizJsseImplementation.java
Sun Jan 4 15:55:30 2015 UTC
+++
/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/crypto/impl/PhizJsseImplementation.java
Sun Feb 22 22:41:41 2015 UTC
@@ -5,7 +5,6 @@
import java.net.ServerSocket;
import java.net.Socket;
import java.net.SocketException;
-import java.util.Optional;
import javax.annotation.Resource;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
@@ -27,11 +26,11 @@
public class PhizJsseImplementation extends JSSEImplementation {
private class PhizJsseSocketFactory implements ServerSocketFactory,
SSLUtil {
private AbstractEndpoint<?> endpoint;
-
+
public PhizJsseSocketFactory(AbstractEndpoint<?> endpoint) {
this.endpoint = endpoint;
}
-
+
@Override
public void handshake(Socket socket) throws IOException {
((SSLSocket) socket).getSession();
@@ -45,30 +44,30 @@
throw new SocketException(String.format("Unable to accept
SSL socket: %s", e.getMessage()));
}
}
-
+
@Override
public SSLContext createSSLContext() throws Exception {
return PhizJsseImplementation.this.sslContext;
}
-
+
@Override
public ServerSocket createSocket(int port) throws IOException {
this.initializeSession();
-
+
return
PhizJsseImplementation.this.sslServerSocketFactory.createServerSocket(port);
}

@Override
public ServerSocket createSocket(int port, int backlog) throws
IOException {
this.initializeSession();
-
+
return
PhizJsseImplementation.this.sslServerSocketFactory.createServerSocket(port,
backlog);
}

@Override
public ServerSocket createSocket(int port, int backlog,
InetAddress interfaceAddr) throws IOException {
this.initializeSession();
-
+
return
PhizJsseImplementation.this.sslServerSocketFactory.createServerSocket(port,
backlog, interfaceAddr);
}

@@ -86,7 +85,7 @@
public KeyManager[] getKeyManagers() throws Exception {
return PhizJsseImplementation.this.keyManagers;
}
-
+
@Override
public TrustManager[] getTrustManagers() throws Exception {
return PhizJsseImplementation.this.trustManagers;
@@ -99,7 +98,7 @@
}

private void initializeSession() {
-
Optional.of(PhizJsseImplementation.this.sslContext.getServerSessionContext()).ifPresent(this::configureSessionContext);
+
this.configureSessionContext(PhizJsseImplementation.this.sslContext.getServerSessionContext());
}
}

@@ -108,18 +107,18 @@
@Resource(name = "keyManagerTomcatServer")
@SuppressWarnings({ "SpringJavaAutowiringInspection" })
private KeyManager[] keyManagers;
-
+
@Resource(name = "trustManagerTomcatServer")
@SuppressWarnings({ "SpringJavaAutowiringInspection" })
private TrustManager[] trustManagers;
-
- @Resource(name = "sslParamsTomcatServer")
+
+ @Resource(name = "sslParamsServerTomcatServer")
private SSLParameters sslParams;
-
+
@Resource(name = "sslContextTomcatServer")
@SuppressWarnings({ "SpringJavaAutowiringInspection" })
private SSLContext sslContext;
-
+
@Resource(name = "sslServerSocketFactoryTomcatServer")
@SuppressWarnings({ "SpringJavaAutowiringInspection" })
private SSLServerSocketFactory sslServerSocketFactory;
=======================================
---
/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/tomcat/impl/MetricsValve.java
Tue Feb 3 16:25:30 2015 UTC
+++
/phiz-web-core/src/main/java/gov/hhs/onc/phiz/web/tomcat/impl/MetricsValve.java
Sun Feb 22 22:41:41 2015 UTC
@@ -14,7 +14,7 @@
import org.springframework.stereotype.Component;

@Component("valveMetrics")
-@Order(Ordered.HIGHEST_PRECEDENCE)
+@Order(Ordered.HIGHEST_PRECEDENCE + 1)
public class MetricsValve extends ValveBase {
@Metric(name = "http.requests.active", absolute = true)
private Counter activeReqsCounter = new Counter();
=======================================
---
/phiz-web-core/src/main/resources/META-INF/phiz/spring/spring-phiz-web-listener.xml
Sun Jan 4 15:55:30 2015 UTC
+++
/phiz-web-core/src/main/resources/META-INF/phiz/spring/spring-phiz-web-listener.xml
Sun Feb 22 22:41:41 2015 UTC
@@ -21,17 +21,8 @@

=====================================================================================================-->
<beans:bean id="servletContextListener"
class="javax.servlet.ServletContextListener" parent="eventListener"
abstract="true"/>

- <beans:bean id="servletReqListener"
class="javax.servlet.ServletRequestListener" parent="eventListener"
abstract="true"/>
-


<beans:bean id="regBeanServletListener"
class="org.springframework.boot.context.embedded.ServletListenerRegistrationBean"
parent="regBean" abstract="true"/>
-
- <beans:bean id="reqBeanServletListenerMdc"
parent="regBeanServletListener">
- <beans:constructor-arg name="listener">
- 
- <beans:bean
class="gov.hhs.onc.phiz.web.listener.impl.MdcServletRequestListener"
parent="servletReqListener"/>
- </beans:constructor-arg>
- </beans:bean>
</beans:beans>
=======================================
---
/phiz-web-core/src/main/resources/META-INF/phiz/spring/spring-phiz-web-tomcat.xml
Sat Feb 21 20:45:44 2015 UTC
+++
/phiz-web-core/src/main/resources/META-INF/phiz/spring/spring-phiz-web-tomcat.xml
Sun Feb 22 22:41:41 2015 UTC
@@ -46,7 +46,7 @@


- <beans:bean id="sslParamsTomcatServer" parent="sslParamsServer"
+ <beans:bean id="sslParamsServerTomcatServer" parent="sslParamsServer"
p:needClientAuth="true"/>


<beans:bean id="sslServerSocketFactoryTomcatServer"
parent="sslSocketFactoryServerBase" lazy-init="true"
p:sslContext-ref="sslContextTomcatServer"
- p:sslParameters-ref="sslParamsTomcatServer"/>
+ p:sslParameters-ref="sslParamsServerTomcatServer"/>


<beans:bean id="sslParamsClientSoapUiClientBadCipherSuites"
parent="sslParamsClientSoapUiClient"
- p:cipherSuites="${phiz.crypto.cipher.suites.bad}"/>
+ p:cipherSuites="${phiz.crypto.cipher.suites.bad}"
+ p:useCipherSuitesOrder="false"/>


<dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-buffer</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-codec-http</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-codec-socks</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-common</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-handler</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-transport</artifactId>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
<groupId>org.hsqldb</groupId>
<artifactId>hsqldb</artifactId>
<scope>test</scope>
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/beans/factory/impl/PropertiesPropertyResolver.java
Thu Jan 22 06:01:46 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/beans/factory/impl/PropertiesPropertyResolver.java
Sat Mar 7 13:04:18 2015 UTC
@@ -4,13 +4,19 @@
import java.util.Properties;
import javax.annotation.Nullable;
import org.springframework.core.env.AbstractPropertyResolver;
+import org.springframework.util.StringValueResolver;

-public class PropertiesPropertyResolver extends AbstractPropertyResolver {
+public class PropertiesPropertyResolver extends AbstractPropertyResolver
implements StringValueResolver {
private Properties props;

public PropertiesPropertyResolver(Properties props) {
this.props = props;
}
+
+ @Override
+ public String resolveStringValue(String str) {
+ return this.resolveRequiredPlaceholders(str);
+ }

@Nullable
@Override
=======================================
--- /phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/PhizCredential.java
Thu Dec 25 10:17:46 2014 UTC
+++ /phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/PhizCredential.java
Sat Mar 7 13:04:18 2015 UTC
@@ -1,22 +1,60 @@
package gov.hhs.onc.phiz.crypto;

+import br.net.woodstock.rockframework.security.Identity;
import br.net.woodstock.rockframework.security.cert.CertificateRequest;
import br.net.woodstock.rockframework.security.cert.CertificateResponse;
+import gov.hhs.onc.phiz.crypto.ssl.revocation.OcspRevokeReasonType;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+import java.util.Date;
+import javax.annotation.Nullable;
+import org.bouncycastle.cert.ocsp.CertificateStatus;

public interface PhizCredential {
+ public boolean isRevoked();
+
public boolean isIssued();

- public boolean isSelfIssued();
+ public boolean isRootIssuer();
+
+ public boolean isIssuer();
+
+ @Nullable
+ public X509Certificate getCertificate();

public CertificateRequest getCertificateRequest();

public void setCertificateRequest(CertificateRequest certReq);

+ @Nullable
public CertificateResponse getCertificateResponse();

- public void setCertificateResponse(CertificateResponse certResp);
+ public void setCertificateResponse(@Nullable CertificateResponse
certResp);

+ @Nullable
+ public X509Certificate[] getCertificates();
+
+ @Nullable
+ public CertificateStatus getCertificateStatus();
+
+ @Nullable
+ public Identity getIdentity();
+
+ @Nullable
public PhizCredential getIssuerCredential();

- public void setIssuerCredential(PhizCredential issuerCred);
+ public void setIssuerCredential(@Nullable PhizCredential issuerCred);
+
+ @Nullable
+ public PrivateKey getPrivateKey();
+
+ @Nullable
+ public OcspRevokeReasonType getRevocationReason();
+
+ public void setRevocationReason(@Nullable OcspRevokeReasonType
revocationReason);
+
+ @Nullable
+ public Date getRevocationTime();
+
+ public void setRevocationTime(@Nullable Date revocationTime);
}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/impl/GeneratedCredentialFactoryBean.java
Sun Jan 4 15:55:30 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/impl/GeneratedCredentialFactoryBean.java
Sat Mar 7 13:04:18 2015 UTC
@@ -5,6 +5,7 @@
import br.net.woodstock.rockframework.security.cert.CertificateResponse;
import gov.hhs.onc.phiz.crypto.PhizCredential;
import java.io.OutputStreamWriter;
+import java.util.Date;
import javax.annotation.Nullable;
import org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator;
import org.bouncycastle.openssl.jcajce.JcaPKCS8Generator;
@@ -27,7 +28,7 @@

@Override
public PhizCredential getObject() throws Exception {
- if (!this.cred.isSelfIssued()) {
+ if (!this.cred.isRootIssuer()) {

this.cred.getCertificateRequest().setIssuer(this.cred.getIssuerCredential().getCertificateResponse().getIdentity());
}

@@ -51,6 +52,10 @@
certWriter.flush();
}
}
+
+ if (this.cred.isRevoked() && (this.cred.getRevocationTime() ==
null)) {
+ this.cred.setRevocationTime(new Date());
+ }

return this.cred;
}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/impl/PhizCredentialImpl.java
Thu Dec 25 10:17:46 2014 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/impl/PhizCredentialImpl.java
Sat Mar 7 13:04:18 2015 UTC
@@ -1,13 +1,28 @@
package gov.hhs.onc.phiz.crypto.impl;

+import br.net.woodstock.rockframework.security.Identity;
import br.net.woodstock.rockframework.security.cert.CertificateRequest;
import br.net.woodstock.rockframework.security.cert.CertificateResponse;
import gov.hhs.onc.phiz.crypto.PhizCredential;
+import gov.hhs.onc.phiz.crypto.ssl.revocation.OcspRevokeReasonType;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+import java.util.Date;
+import javax.annotation.Nullable;
+import org.bouncycastle.cert.ocsp.CertificateStatus;
+import org.bouncycastle.cert.ocsp.RevokedStatus;

public class PhizCredentialImpl implements PhizCredential {
private CertificateRequest certReq;
private CertificateResponse certResp;
private PhizCredential issuerCred;
+ private OcspRevokeReasonType revocationReason;
+ private Date revocationTime;
+
+ @Override
+ public boolean isRevoked() {
+ return (this.revocationReason != null);
+ }

@Override
public boolean isIssued() {
@@ -15,8 +30,21 @@
}

@Override
- public boolean isSelfIssued() {
- return (this.issuerCred == null);
+ public boolean isRootIssuer() {
+ return (this.isIssuer() && (this.issuerCred == null));
+ }
+
+ @Override
+ public boolean isIssuer() {
+ return this.certReq.isBasicConstraintsCritical();
+ }
+
+ @Nullable
+ @Override
+ public X509Certificate getCertificate() {
+ Identity identity = this.getIdentity();
+
+ return ((identity != null) ? ((X509Certificate)
identity.getChain().get(0)) : null);
}

@Override
@@ -29,23 +57,83 @@
this.certReq = certReq;
}

+ @Nullable
@Override
public CertificateResponse getCertificateResponse() {
return this.certResp;
}

@Override
- public void setCertificateResponse(CertificateResponse certResp) {
+ public void setCertificateResponse(@Nullable CertificateResponse
certResp) {
this.certResp = certResp;
}

+ @Nullable
+ @Override
+ public X509Certificate[] getCertificates() {
+ Identity identity = this.getIdentity();
+
+ return ((identity != null) ? identity.getChain().stream().map(cert
-> ((X509Certificate) cert)).toArray(X509Certificate[]::new) : null);
+ }
+
+ @Nullable
+ @Override
+ public CertificateStatus getCertificateStatus() {
+ if (!this.isRevoked()) {
+ return CertificateStatus.GOOD;
+ }
+
+ if (this.revocationTime == null) {
+ this.revocationTime = new Date();
+ }
+
+ return new RevokedStatus(this.revocationTime,
this.revocationReason.getTag());
+ }
+
+ @Nullable
+ @Override
+ public Identity getIdentity() {
+ return (this.isIssued() ? this.certResp.getIdentity() : null);
+ }
+
+ @Nullable
@Override
public PhizCredential getIssuerCredential() {
return this.issuerCred;
}

@Override
- public void setIssuerCredential(PhizCredential issuerCred) {
+ public void setIssuerCredential(@Nullable PhizCredential issuerCred) {
this.issuerCred = issuerCred;
}
+
+ @Nullable
+ @Override
+ public PrivateKey getPrivateKey() {
+ Identity identity = this.getIdentity();
+
+ return ((identity != null) ? identity.getPrivateKey() : null);
+ }
+
+ @Nullable
+ @Override
+ public OcspRevokeReasonType getRevocationReason() {
+ return this.revocationReason;
+ }
+
+ @Override
+ public void setRevocationReason(@Nullable OcspRevokeReasonType
revocationReason) {
+ this.revocationReason = revocationReason;
+ }
+
+ @Nullable
+ @Override
+ public Date getRevocationTime() {
+ return this.revocationTime;
+ }
+
+ @Override
+ public void setRevocationTime(@Nullable Date revocationTime) {
+ this.revocationTime = revocationTime;
+ }
}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/PhizSslLocation.java
Sun Feb 22 22:41:41 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/PhizSslLocation.java
Sat Mar 7 13:04:18 2015 UTC
@@ -1,5 +1,18 @@
package gov.hhs.onc.phiz.crypto.ssl;

-public enum PhizSslLocation {
- CLIENT, SERVER
+import gov.hhs.onc.phiz.crypto.PhizCryptoId;
+
+public enum PhizSslLocation implements PhizCryptoId {
+ CLIENT, SERVER;
+
+ private final String id;
+
+ private PhizSslLocation() {
+ this.id = this.name().toLowerCase();
+ }
+
+ @Override
+ public String getId() {
+ return this.id;
+ }
}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizSslContextAwareFactoryBean.java
Sat Feb 21 20:45:44 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/AbstractPhizSslContextAwareFactoryBean.java
Sat Mar 7 13:04:18 2015 UTC
@@ -1,12 +1,9 @@
package gov.hhs.onc.phiz.crypto.ssl.impl;

-import gov.hhs.onc.phiz.crypto.impl.AbstractPhizCryptoFactoryBean;
import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLParameters;

-public abstract class AbstractPhizSslContextAwareFactoryBean<T> extends
AbstractPhizCryptoFactoryBean<T> {
+public abstract class AbstractPhizSslContextAwareFactoryBean<T> extends
AbstractPhizSslParametersAwareFactoryBean<T> {
protected SSLContext sslContext;
- protected SSLParameters sslParams;

protected AbstractPhizSslContextAwareFactoryBean(Class<T> objClass) {
super(objClass);
@@ -19,12 +16,4 @@
public void setSslContext(SSLContext sslContext) {
this.sslContext = sslContext;
}
-
- public SSLParameters getSslParameters() {
- return this.sslParams;
- }
-
- public void setSslParameters(SSLParameters sslParams) {
- this.sslParams = sslParams;
- }
}
=======================================
---
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslContextFactoryBean.java
Sun Feb 22 22:41:41 2015 UTC
+++
/phiz-core/src/main/java/gov/hhs/onc/phiz/crypto/ssl/impl/PhizSslContextFactoryBean.java
Sat Mar 7 13:04:18 2015 UTC
@@ -2,7 +2,6 @@

import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils;
import gov.hhs.onc.phiz.aop.utils.PhizProxyUtils.PhizMethodAdvisor;
-import gov.hhs.onc.phiz.crypto.impl.AbstractPhizCryptoFactoryBean;
import java.security.SecureRandom;
import java.security.Security;
import java.util.stream.Stream;
@@ -14,7 +13,7 @@
import javax.net.ssl.TrustManager;
import org.aopalliance.intercept.MethodInterceptor;

-public class PhizSslContextFactoryBean extends
AbstractPhizCryptoFactoryBean<SSLContext> {
+public class PhizSslContextFactoryBean extends
AbstractPhizSslParametersAwareFactoryBean<SSLContext> {
private final static String SSL_CONTEXT_SERVICE_TYPE =
SSLContext.class.getSimpleName();

private final static String BEGIN_HANDSHAKE_METHOD_NAME
= "beginHandshake";
@@ -38,6 +37,7 @@
return new SSLContext(PhizProxyUtils.buildProxyFactory(contextSpi,
SSLContextSpi.class,
new PhizMethodAdvisor(((MethodInterceptor) contextInvocation
-> {
SSLEngine engine = ((SSLEngine)
contextInvocation.proceed());
+ engine.setSSLParameters(this.sslParams);

return PhizProxyUtils.buildProxyFactory(engine,
SSLEngine.class, new PhizMethodAdvisor(((MethodInterceptor)
engineInvocation -> {
SSLSession session = engine.getSession();
=======================================
***Additional files exist in this changeset.***

==============================================================================
Revision: 06aff4721ae3
Branch: default
Author: Michal Kotelba <michal....@esacinc.com>
Date: Sat Mar 7 17:35:44 2015 UTC
Log: - Further supports PHIZ-35 and PHIZ-36.
- Reverted to using HTTP(S)URLConnection-based CXF Conduit(s) due to use of
custom SSLSocketFactory (only documentation was buried in the
AsyncHTTPConduit code).
- Removed JVM security manager configuration.
- Improved logrotate configuration files (Logstash JSON file inclusion,
delayed compression following rotations, etc).
https://code.google.com/p/phiz/source/detail?r=06aff4721ae3

Deleted:

/phiz-web-portal/src/main/deb/data/etc/phiz-web-portal/catalina-phiz-web-portal.policy
/phiz-web-ws/src/main/deb/data/etc/phiz-web-ws/catalina-phiz-web-ws.policy

/phiz-web-ws/src/main/java/gov/hhs/onc/phiz/web/ws/transport/impl/PhizAsyncHttpConduit.java

/phiz-web-ws/src/main/java/gov/hhs/onc/phiz/web/ws/transport/impl/PhizAsyncHttpConduitFactory.java
Modified:
/phiz-core/pom.xml
/phiz-core/src/main/resources/META-INF/phiz/phiz.properties

/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl.xml
/phiz-parent/pom.xml
/phiz-web-parent/pom.xml

/phiz-web-portal/src/main/deb/data/etc/logrotate.d/phiz-web-portal.logrotate
/phiz-web-ws/pom.xml
/phiz-web-ws/src/main/deb/data/etc/logrotate.d/phiz-web-ws.logrotate
/phiz-web-ws/src/main/resources/META-INF/phiz/phiz-web-ws.properties

/phiz-web-ws/src/main/resources/META-INF/phiz/spring/spring-phiz-web-ws-client.xml

=======================================
---
/phiz-web-portal/src/main/deb/data/etc/phiz-web-portal/catalina-phiz-web-portal.policy
Thu Jan 22 06:01:46 2015 UTC
+++ /dev/null
@@ -1,3 +0,0 @@
-grant codeBase "file:lib/-" {
- permission java.security.AllPermission;
-};
=======================================
---
/phiz-web-ws/src/main/deb/data/etc/phiz-web-ws/catalina-phiz-web-ws.policy
Thu Jan 22 06:01:46 2015 UTC
+++ /dev/null
@@ -1,3 +0,0 @@
-grant codeBase "file:lib/-" {
- permission java.security.AllPermission;
-};
=======================================
---
/phiz-web-ws/src/main/java/gov/hhs/onc/phiz/web/ws/transport/impl/PhizAsyncHttpConduit.java
Sat Mar 7 13:04:18 2015 UTC
+++ /dev/null
@@ -1,106 +0,0 @@
-package gov.hhs.onc.phiz.web.ws.transport.impl;
-
-import gov.hhs.onc.phiz.web.ws.PhizWsMessageProperties;
-import gov.hhs.onc.phiz.web.ws.utils.PhizWsUtils;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.lang.reflect.Field;
-import java.security.GeneralSecurityException;
-import java.util.Objects;
-import javax.annotation.Nullable;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLEngine;
-import org.apache.commons.lang3.reflect.FieldUtils;
-import org.apache.cxf.Bus;
-import org.apache.cxf.configuration.jsse.TLSClientParameters;
-import org.apache.cxf.message.Message;
-import org.apache.cxf.service.model.EndpointInfo;
-import org.apache.cxf.transport.http.Address;
-import org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduit;
-import org.apache.cxf.transport.http.asyncclient.CXFHttpRequest;
-import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
-import org.apache.cxf.ws.addressing.EndpointReferenceType;
-
-public class PhizAsyncHttpConduit extends AsyncHTTPConduit {
- private class PhizAsyncWrappedOutputStream extends
AsyncWrappedOutputStream {
- private CXFHttpRequest httpReq;
-
- public PhizAsyncWrappedOutputStream(Message outMsg, boolean
cacheReq, boolean chunking, int chunkThreshold, CXFHttpRequest httpReq) {
- super(outMsg, cacheReq, chunking, chunkThreshold,
PhizAsyncHttpConduit.this.getConduitName(), httpReq.getURI());
-
- (this.httpReq = httpReq).setOutputStream(this);
- }
-
- @Override
- public void close() throws IOException {
- super.close();
-
- this.outMessage.put(PhizWsMessageProperties.CONTENT_LEN,
this.httpReq.getEntity().getContentLength());
- }
-
- @Override
- protected void updateResponseHeaders(Message inMsg) throws
IOException {
- inMsg.put(PhizWsMessageProperties.RESP_CODE_MSG,
this.getResponseMessage());
-
- super.updateResponseHeaders(inMsg);
- }
- }
-
- private final static String LAST_TLS_HASH_FIELD_NAME = "lastTlsHash";
- private final static String SSL_CONTEXT_FIELD_NAME = "sslContext";
-
- private final static Field LAST_TLS_HASH_FIELD =
FieldUtils.getDeclaredField(AsyncHTTPConduit.class,
LAST_TLS_HASH_FIELD_NAME, true);
- private final static Field SSL_CONTEXT_FIELD =
FieldUtils.getDeclaredField(AsyncHTTPConduit.class, SSL_CONTEXT_FIELD_NAME,
true);
-
- private SSLContext sslContext;
-
- public PhizAsyncHttpConduit(Bus bus, PhizAsyncHttpConduitFactory
conduitFactory) throws IOException {
- this(bus, new EndpointInfo(), null, conduitFactory);
- }
-
- public PhizAsyncHttpConduit(Bus bus, EndpointInfo endpointInfo,
@Nullable EndpointReferenceType endpointRef, PhizAsyncHttpConduitFactory
conduitFactory)
- throws IOException {
- super(bus, endpointInfo, endpointRef, conduitFactory);
- }
-
- @Override
- public void initializeSSLEngine(SSLContext sslContext, SSLEngine
sslEngine) {
- }
-
- @Override
- public synchronized SSLContext getSSLContext(TLSClientParameters
tlsClientParams) throws GeneralSecurityException {
- try {
- if (SSL_CONTEXT_FIELD.get(this) == null) {
- LAST_TLS_HASH_FIELD.set(this, tlsClientParams.hashCode());
- SSL_CONTEXT_FIELD.set(this, this.sslContext);
- }
- } catch (IllegalAccessException e) {
- throw new GeneralSecurityException("Unable to access
asynchronous HTTP(S) conduit field.", e);
- }
-
- return this.sslContext;
- }
-
- @Override
- protected void setupConnection(Message outMsg, Address addr,
HTTPClientPolicy clientPolicy) throws IOException {
- super.setupConnection(outMsg, addr, clientPolicy);
-
- if (Objects.equals(PhizWsUtils.getProperty(outMsg, USE_ASYNC,
Boolean.class), Boolean.TRUE)) {
- outMsg.put(PhizWsMessageProperties.PROTOCOL,
outMsg.get(CXFHttpRequest.class).getProtocolVersion().toString());
- }
- }
-
- @Override
- protected OutputStream createOutputStream(Message outMsg, boolean
cacheReq, boolean chunking, int chunkThreshold) throws IOException {
- return (Objects.equals(PhizWsUtils.getProperty(outMsg, USE_ASYNC,
Boolean.class), Boolean.TRUE) ? new PhizAsyncWrappedOutputStream(outMsg,
cacheReq,
- chunking, chunkThreshold, outMsg.get(CXFHttpRequest.class)) :
super.createOutputStream(outMsg, cacheReq, chunking, chunkThreshold));
- }
-
- public SSLContext getSslContext() {
- return this.sslContext;
- }
-
- public void setSslContext(SSLContext sslContext) {
- this.sslContext = sslContext;
- }
-}
=======================================
---
/phiz-web-ws/src/main/java/gov/hhs/onc/phiz/web/ws/transport/impl/PhizAsyncHttpConduitFactory.java
Sat Mar 7 13:04:18 2015 UTC
+++ /dev/null
@@ -1,59 +0,0 @@
-package gov.hhs.onc.phiz.web.ws.transport.impl;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-import javax.annotation.Nullable;
-import org.apache.cxf.Bus;
-import org.apache.cxf.extension.BusExtension;
-import org.apache.cxf.service.model.EndpointInfo;
-import org.apache.cxf.transport.http.HTTPConduit;
-import org.apache.cxf.transport.http.HTTPConduitFactory;
-import org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduitFactory;
-import org.apache.cxf.ws.addressing.EndpointReferenceType;
-import org.springframework.beans.BeansException;
-import org.springframework.beans.factory.BeanFactory;
-import org.springframework.beans.factory.BeanFactoryAware;
-import org.springframework.beans.factory.InitializingBean;
-import org.springframework.beans.factory.ListableBeanFactory;
-
-public class PhizAsyncHttpConduitFactory extends AsyncHTTPConduitFactory
implements BeanFactoryAware, BusExtension, InitializingBean {
- private ListableBeanFactory beanFactory;
- private Map<String, Object> props = new HashMap<>();
- private String conduitBeanName;
-
- public PhizAsyncHttpConduitFactory(Bus bus) {
- super(bus);
- }
-
- @Nullable
- @Override
- public HTTPConduit createConduit(Bus bus, EndpointInfo endpointInfo,
@Nullable EndpointReferenceType endpointRef) throws IOException {
- return (!this.isShutdown() ? ((PhizAsyncHttpConduit)
this.beanFactory.getBean(this.conduitBeanName, bus, endpointInfo,
endpointRef, this)) : null);
- }
-
- @Override
- public void afterPropertiesSet() throws Exception {
- this.update(this.props);
-
- this.conduitBeanName =
this.beanFactory.getBeanNamesForType(PhizAsyncHttpConduit.class, true,
false)[0];
- }
-
- @Override
- public void setBeanFactory(BeanFactory beanFactory) throws
BeansException {
- this.beanFactory = ((ListableBeanFactory) beanFactory);
- }
-
- public Map<String, Object> getProperties() {
- return this.props;
- }
-
- public void setProperties(Map<String, Object> props) {
- this.props.putAll(props);
- }
-
- @Override
- public Class<?> getRegistrationType() {
- return HTTPConduitFactory.class;
- }
-}
=======================================
--- /phiz-core/pom.xml Sat Mar 7 13:04:18 2015 UTC
+++ /phiz-core/pom.xml Sat Mar 7 17:35:44 2015 UTC
@@ -161,10 +161,6 @@
<artifactId>cxf-rt-transports-http</artifactId>
</dependency>
<dependency>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-rt-transports-http-hc</artifactId>
- </dependency>
- <dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-addr</artifactId>
</dependency>
@@ -173,10 +169,6 @@
<artifactId>cxf-rt-ws-policy</artifactId>
</dependency>
<dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpasyncclient</artifactId>
- </dependency>
- <dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
</dependency>
=======================================
--- /phiz-core/src/main/resources/META-INF/phiz/phiz.properties Sat Mar 7
13:04:18 2015 UTC
+++ /phiz-core/src/main/resources/META-INF/phiz/phiz.properties Sat Mar 7
17:35:44 2015 UTC
@@ -41,6 +41,7 @@
# CRYPTOGRAPHY OCSP

#================================================================================
phiz.crypto.ocsp.conn.timeout=#{ 5 *
T(org.apache.commons.lang3.time.DateUtils).MILLIS_PER_SECOND }
+phiz.crypto.ocsp.nonce.size=32
phiz.crypto.ocsp.read.timeout=#{ 5 *
T(org.apache.commons.lang3.time.DateUtils).MILLIS_PER_SECOND }
phiz.crypto.ocsp.url=

=======================================
---
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl.xml
Sat Mar 7 13:04:18 2015 UTC
+++
/phiz-core/src/main/resources/META-INF/phiz/spring/spring-phiz-crypto-ssl.xml
Sat Mar 7 17:35:44 2015 UTC
@@ -41,7 +41,7 @@
scope="prototype"
p:connectTimeout="${phiz.crypto.ocsp.conn.timeout}"
p:digestAlgorithmId="#{
T(br.net.woodstock.rockframework.security.digest.DigestType).SHA256.algorithm
}"
- p:nonceSize="32"
+ p:nonceSize="${phiz.crypto.ocsp.nonce.size}"
p:readTimeout="${phiz.crypto.ocsp.read.timeout}"
p:secureRandom-ref="secureRandomSha1">
<beans:property name="preferredSignatureAlgorithmIds">
=======================================
--- /phiz-parent/pom.xml Sat Mar 7 13:04:18 2015 UTC
+++ /phiz-parent/pom.xml Sat Mar 7 17:35:44 2015 UTC
@@ -358,11 +358,6 @@
<version>3.0.4</version>
</dependency>
<dependency>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-rt-transports-http-hc</artifactId>
- <version>3.0.4</version>
- </dependency>
- <dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-addr</artifactId>
<version>3.0.4</version>
@@ -373,17 +368,6 @@
<version>3.0.4</version>
</dependency>
<dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpasyncclient</artifactId>
- <version>4.0.2</version>
- <exclusions>
- <exclusion>
- <groupId>commons-logging</groupId>
- <artifactId>commons-logging</artifactId>
- </exclusion>
- </exclusions>
- </dependency>
- <dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.4</version>
@@ -1077,6 +1061,7 @@

<javax.net.debug>ssl,certpath,handshake</javax.net.debug>
<javax.net.ssl.keyStore/>
<javax.net.ssl.trustStore/>
+
<jdk.tls.ephemeralDHKeySize>2048</jdk.tls.ephemeralDHKeySize>

<logback.configurationFile>META-INF/phiz/logback/logback-phiz.xml</logback.configurationFile>

<phiz.conf.ssl.dir>${project.build.directory}/surefire-ssl</phiz.conf.ssl.dir>

<phiz.logging.console.tty>true</phiz.logging.console.tty>
@@ -1084,6 +1069,7 @@

<phiz.logging.file.name>${project.artifactId}-test</phiz.logging.file.name>

<phiz.logging.logstash.file.name>${project.artifactId}-logstash-test</phiz.logging.logstash.file.name>
<phiz.mode>dev</phiz.mode>
+
<sun.security.ssl.allowLegacyHelloMessages>false</sun.security.ssl.allowLegacyHelloMessages>
</systemPropertyVariables>
<trimStackTrace>false</trimStackTrace>

<workingDirectory>${project.build.directory}</workingDirectory>
@@ -1393,10 +1379,12 @@
<systemProperties
combine.children="append">

<systemProperty>java.net.preferIPv4Addresses=true</systemProperty>

<systemProperty>java.net.preferIPv4Stack=true</systemProperty>
+
<systemProperty>jdk.tls.ephemeralDHKeySize=2048</systemProperty>

<systemProperty>loader.main=gov.hhs.onc.phiz.context.impl.PhizApplication</systemProperty>

<systemProperty>logback.configurationFile=META-INF/phiz/logback/logback-phiz.xml</systemProperty>

<systemProperty>phiz.app.name=${project.artifactId}</systemProperty>

<systemProperty>phiz.logging.file.name=${project.artifactId}</systemProperty>
+
<systemProperty>sun.security.ssl.allowLegacyHelloMessages=false</systemProperty>
</systemProperties>
</jvmSettings>

<mainClass>org.springframework.boot.loader.PropertiesLauncher</mainClass>
=======================================
--- /phiz-web-parent/pom.xml Sat Mar 7 13:04:18 2015 UTC
+++ /phiz-web-parent/pom.xml Sat Mar 7 17:35:44 2015 UTC
@@ -410,10 +410,6 @@

<initialMemorySize>1024M</initialMemorySize>

<maxMemorySize>2048M</maxMemorySize>

<maxStackSize>768M</maxStackSize>
- <systemProperties>
-
<systemProperty>java.security.manager=</systemProperty>
-
<systemProperty>java.security.policy=conf/catalina-${project.artifactId}.policy</systemProperty>
- </systemProperties>
</jvmSettings>
</daemon>
</daemons>
=======================================
---
/phiz-web-portal/src/main/deb/data/etc/logrotate.d/phiz-web-portal.logrotate
Thu Jan 22 06:01:46 2015 UTC
+++
/phiz-web-portal/src/main/deb/data/etc/logrotate.d/phiz-web-portal.logrotate
Sat Mar 7 17:35:44 2015 UTC
@@ -1,16 +1,35 @@
+"/%{project.build.debLogDataDirectoryPath}/*.json" {
+ compress
+ copytruncate
+ create 640 %{project.artifactId} adm
+ daily
+ dateext
+ dateformat .%Y-%m-%d
+ delaycompress
+ extension .json
+ missingok
+ postrotate
+ chmod 640 "$1"
+ chown "%{project.artifactId}:adm" "$1"
+ endscript
+ rotate 365
+ sharedscripts
+}
+
"/%{project.build.debLogDataDirectoryPath}/*.log" {
+ compress
copytruncate
create 640 %{project.artifactId} adm
daily
dateext
dateformat .%Y-%m-%d
+ delaycompress
extension .log
missingok
- nocompress
postrotate
chmod 640 "$1"
chown "%{project.artifactId}:adm" "$1"
endscript
- rotate 51
+ rotate 365
sharedscripts
}
=======================================
--- /phiz-web-ws/pom.xml Sat Mar 7 13:04:18 2015 UTC
+++ /phiz-web-ws/pom.xml Sat Mar 7 17:35:44 2015 UTC
@@ -120,10 +120,6 @@
<artifactId>cxf-rt-transports-http</artifactId>
</dependency>
<dependency>
- <groupId>org.apache.cxf</groupId>
- <artifactId>cxf-rt-transports-http-hc</artifactId>
- </dependency>
- <dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-addr</artifactId>
</dependency>
@@ -132,10 +128,6 @@
<artifactId>cxf-rt-ws-policy</artifactId>
</dependency>
<dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpasyncclient</artifactId>
- </dependency>
- <dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
</dependency>
=======================================
--- /phiz-web-ws/src/main/deb/data/etc/logrotate.d/phiz-web-ws.logrotate
Thu Jan 22 06:01:46 2015 UTC
+++ /phiz-web-ws/src/main/deb/data/etc/logrotate.d/phiz-web-ws.logrotate
Sat Mar 7 17:35:44 2015 UTC
@@ -1,16 +1,35 @@
+"/%{project.build.debLogDataDirectoryPath}/*.json" {
+ compress
+ copytruncate
+ create 640 %{project.artifactId} adm
+ daily
+ dateext
+ dateformat .%Y-%m-%d
+ delaycompress
+ extension .json
+ missingok
+ postrotate
+ chmod 640 "$1"
+ chown "%{project.artifactId}:adm" "$1"
+ endscript
+ rotate 365
+ sharedscripts
+}
+
"/%{project.build.debLogDataDirectoryPath}/*.log" {
+ compress
copytruncate
create 640 %{project.artifactId} adm
daily
dateext
dateformat .%Y-%m-%d
+ delaycompress
extension .log
missingok
- nocompress
postrotate
chmod 640 "$1"
chown "%{project.artifactId}:adm" "$1"
endscript
- rotate 51
+ rotate 365
sharedscripts
}
=======================================
--- /phiz-web-ws/src/main/resources/META-INF/phiz/phiz-web-ws.properties
Sat Feb 21 20:45:44 2015 UTC
+++ /phiz-web-ws/src/main/resources/META-INF/phiz/phiz-web-ws.properties
Sat Mar 7 17:35:44 2015 UTC
@@ -36,11 +36,3 @@

#================================================================================
phiz.ws.client.conn.timeout=#{ 15 *
T(org.apache.commons.lang3.time.DateUtils).MILLIS_PER_SECOND }
phiz.ws.client.receive.timeout=#{ 15 *
T(org.apache.commons.lang3.time.DateUtils).MILLIS_PER_SECOND }
-
-#================================================================================
-# WEB SERVICE CLIENT: ASYNCHRONOUS
-#================================================================================
-phiz.ws.client.async.exec.timeout=#{ 15 *
T(org.apache.commons.lang3.time.DateUtils).MILLIS_PER_SECOND }
-phiz.ws.client.async.interest.op.queued=true
-phiz.ws.client.async.io.thread.count=-1
-phiz.ws.client.async.select.interval=500
=======================================
---
/phiz-web-ws/src/main/resources/META-INF/phiz/spring/spring-phiz-web-ws-client.xml
Sat Mar 7 13:04:18 2015 UTC
+++
/phiz-web-ws/src/main/resources/META-INF/phiz/spring/spring-phiz-web-ws-client.xml
Sat Mar 7 17:35:44 2015 UTC
@@ -91,35 +91,9 @@

=====================================================================================================-->
<beans:bean id="clientPolicyHttp"
class="org.apache.cxf.transports.http.configuration.HTTPClientPolicy"
abstract="true"
p:allowChunking="false"
- p:asyncExecuteTimeoutRejection="true"
p:cacheControl="no-cache, no-store, no-transform"
p:connection="CLOSE"/>

-

- <beans:bean id="conduitFactoryHttp"
class="org.apache.cxf.transport.http.HTTPConduitFactory" abstract="true"/>
-
- <beans:bean id="conduitFactoryHttpAsync"
class="gov.hhs.onc.phiz.web.ws.transport.impl.PhizAsyncHttpConduitFactory"
parent="conduitFactoryHttp"
- destroy-method="shutdown"
- c:bus-ref="busPhiz">
- <beans:property name="properties">
- <beans:map>
- <beans:entry key="#{
T(org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduit).USE_ASYNC }"
- value="#{
T(org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduitFactory.UseAsyncPolicy).ALWAYS
}"/>
- 
- <beans:entry key="#{
T(org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduitFactory).INTEREST_OP_QUEUED
}"
- value="${phiz.ws.client.async.interest.op.queued}"/>
- 
- <beans:entry key="#{
T(org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduitFactory).SELECT_INTERVAL
}"
- value="${phiz.ws.client.async.select.interval}"/>
- 
- <beans:entry key="#{
T(org.apache.cxf.transport.http.asyncclient.AsyncHTTPConduitFactory).THREAD_COUNT
}"
- value="${phiz.ws.client.async.io.thread.count}"/>
- </beans:map>
- </beans:property>
- </beans:bean>
-


@@ -127,23 +101,21 @@

<beans:bean id="conduitHttp"
class="org.apache.cxf.transport.http.HTTPConduit" parent="conduit"
abstract="true"
p:tlsClientParameters-ref="tlsParamsClientWs">
+ <beans:constructor-arg name="b" ref="busPhiz"/>
+ <beans:constructor-arg name="ei">
+ <beans:bean class="org.apache.cxf.service.model.EndpointInfo"/>
+ </beans:constructor-arg>
<beans:property name="client">

<beans:bean parent="clientPolicyHttp"
-
p:asyncExecuteTimeout="${phiz.ws.client.async.exec.timeout}"
p:connectionTimeout="${phiz.ws.client.conn.timeout}"
p:receiveTimeout="${phiz.ws.client.receive.timeout}"/>
</beans:property>
</beans:bean>

- <beans:bean id="conduitHttpAsync"
class="gov.hhs.onc.phiz.web.ws.transport.impl.PhizAsyncHttpConduit"
parent="conduitHttp" abstract="true"
- p:sslContext-ref="sslContextWsClient">
- <beans:constructor-arg name="bus" ref="busPhiz"/>
- <beans:constructor-arg name="conduitFactory"
ref="conduitFactoryHttpAsync"/>
- </beans:bean>
+ <beans:bean id="conduitHttpUrlConn"
class="org.apache.cxf.transport.http.URLConnectionHTTPConduit"
parent="conduitHttp" abstract="true"/>

- <beans:bean name="*.http-conduit"
class="gov.hhs.onc.phiz.web.ws.transport.impl.PhizAsyncHttpConduit"
parent="conduitHttpAsync" lazy-init="true"
- scope="prototype"/>
+ <beans:bean name="*.http-conduit"
class="org.apache.cxf.transport.http.URLConnectionHTTPConduit"
parent="conduitHttpUrlConn" lazy-init="true"/>

<!--====================================================================================================
= CLIENTS

Reply all

Reply to author

Forward

0 new messages