Package org.apache.solr.util

Class SSLTestConfig

  • public class SSLTestConfig
extends org.apache.solr.client.solrj.embedded.SSLConfig
    An SSLConfig that supports reading key/trust store information directly from resource files provided with the Solr test-framework classes

    • Constructor Summary

      Constructors 
      Constructor Description
      SSLTestConfig()
      Creates an SSLTestConfig that does not use SSL or client authentication
      SSLTestConfig​(boolean useSSL, boolean clientAuth)
      Create an SSLTestConfig based on a few caller specified options, implicitly assuming checkPeerName=false.
      SSLTestConfig​(boolean useSSL, boolean clientAuth, boolean checkPeerName)
      Create an SSLTestConfig based on a few caller specified options.

    • Constructor Detail

      • SSLTestConfig

        public SSLTestConfig()
        Creates an SSLTestConfig that does not use SSL or client authentication

      • SSLTestConfig

        public SSLTestConfig​(boolean useSSL,
                     boolean clientAuth)
        Create an SSLTestConfig based on a few caller specified options, implicitly assuming checkPeerName=false.

        As needed, keystore/truststore information will be pulled from a hardcoded resource file provided by the solr test-framework

        Parameters:
        useSSL - - whether SSL should be required.
        clientAuth - - whether client authentication should be required.

      • SSLTestConfig

        public SSLTestConfig​(boolean useSSL,
                     boolean clientAuth,
                     boolean checkPeerName)
        Create an SSLTestConfig based on a few caller specified options. As needed, keystore/truststore information will be pulled from a hardcoded resource files provided by the solr test-framework based on the value of checkPeerName:
        • true - A keystore resource file will be used that specifies a CN of localhost and a SAN IP of 127.0.0.1, to ensure that all connections should be valid regardless of what machine runs the tests.
        • false - A keystore resource file will be used that specifies a bogus hostname in the CN and reserved IP as the SAN, since no (valid) tests using this SSLTestConfig should care what CN/SAN are.
        Parameters:
        useSSL - - whether SSL should be required.
        clientAuth - - whether client authentication should be required.
        checkPeerName - - whether the client should validate the 'peer name' of the SSL Certificate (and which testing Cert should be used)
        See Also:
        HttpClientUtil.SYS_PROP_CHECK_PEER_NAME

    • Method Detail

      • getCheckPeerName

        public boolean getCheckPeerName()
        If true, then servers hostname/ip should be validated against the SSL Cert metadata

      • getKeyStore

        public String getKeyStore()
        NOTE: This method is meaningless in SSLTestConfig.
        Overrides:
        getKeyStore in class org.apache.solr.client.solrj.embedded.SSLConfig
        Returns:
        null

      • getTrustStore

        public String getTrustStore()
        NOTE: This method is meaningless in SSLTestConfig.
        Overrides:
        getTrustStore in class org.apache.solr.client.solrj.embedded.SSLConfig
        Returns:
        null

      • buildClientSchemaRegistryProvider

        public org.apache.solr.client.solrj.impl.HttpClientUtil.SchemaRegistryProvider buildClientSchemaRegistryProvider()
        Creates a HttpClientUtil.SchemaRegistryProvider for HTTP clients to use when communicating with servers which have been configured based on the settings of this object. When SSLConfig.isSSLMode() is true, this SchemaRegistryProvider will only support HTTPS (no HTTP scheme) using the appropriate certs. When SSLConfig.isSSLMode() is false, only HTTP (no HTTPS scheme) will be supported.

      • createContextFactory

        public org.eclipse.jetty.util.ssl.SslContextFactory createContextFactory()
        Returns an SslContextFactory using buildServerSSLContext() if SSL should be used, else returns null.
        Overrides:
        createContextFactory in class org.apache.solr.client.solrj.embedded.SSLConfig

      • buildKeyStore

        protected static KeyStore buildKeyStore​(org.eclipse.jetty.util.resource.Resource resource,
                                        String password)
        Constructs a KeyStore using the specified filename and password

      • buildClientSSLConnectionSocketFactory

        public org.apache.http.conn.ssl.SSLConnectionSocketFactory buildClientSSLConnectionSocketFactory()
        Constructs a new SSLConnectionSocketFactory for HTTP clients to use when communicating with servers which have been configured based on the settings of this object. Will return null unless SSLConfig.isSSLMode() is true.

      • toBooleanDefaultIfNull

        public static boolean toBooleanDefaultIfNull​(Boolean bool,
                                             boolean valueIfNull)

      • toBooleanObject

        public static Boolean toBooleanObject​(String str)