Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Configure Servlet 6.1 TCK to run SSL/Certificate tests #24960

Merged
merged 7 commits into from
May 28, 2024
Merged

Configure Servlet 6.1 TCK to run SSL/Certificate tests #24960

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
cf6e6f8
Configure TCK to run SSL/Certificate tests
arjantijms May 23, 2024
946fcd5
Clean WebArchiveUpdate
arjantijms May 23, 2024
e8c4206
Correct copy/paste name
arjantijms May 23, 2024
35aa03b
Update Arquillian connector to 1.5
arjantijms May 23, 2024
fd267ad
Remove offline mode in WebArchiveUpdater and add other test for SLF4j
arjantijms May 24, 2024
e1e4025
Updates to be EE 11 / Servlet 6.1 compatible
arjantijms May 27, 2024
77feadf
Integrate Grizzly 4.1.0-M1 to pass 6.1 TCK
arjantijms May 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions appserver/tests/tck/servlet/arquillian.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
<arquillian xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://jboss.org/schema/arquillian"
xsi:schemaLocation="http://jboss.org/schema/arquillian https://jboss.org/schema/arquillian/arquillian_1_0.xsd">
<defaultProtocol type="Servlet 6.0"/>

<engine>
<property name="deploymentExportPath">target/</property>
</engine>

<group qualifier="glassfish-servers" default="true">
<container qualifier="http" default="true">
<configuration>
<property name="httpsPortAsDefault">false</property>
</configuration>
</container>
<container qualifier="https">
<configuration>
<property name="httpsPortAsDefault">true</property>
</configuration>
</container>
</group>

</arquillian>
160 changes: 135 additions & 25 deletions appserver/tests/tck/servlet/pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>

<glassfish.version>${project.version}</glassfish.version>
<glassfish.root>${project.build.directory}</glassfish.root>
<glassfish.home>${glassfish.root}/glassfish8</glassfish.home>
Expand All @@ -60,6 +61,25 @@
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
</dependency>

<!-- Dependencies for our archive enhancer (org.glassfish.servlet.tck.WebArchiveUpdater) to compile -->
<dependency>
<groupId>org.jboss.arquillian.container</groupId>
<artifactId>arquillian-container-test-spi</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.arquillian.container</groupId>
<artifactId>arquillian-container-test-impl-base</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.shrinkwrap.resolver</groupId>
<artifactId>shrinkwrap-resolver-impl-maven</artifactId>
</dependency>
<dependency>
<groupId>org.jboss.shrinkwrap.resolver</groupId>
<artifactId>shrinkwrap-resolver-impl-maven-archive</artifactId>
</dependency>


<!-- Jakarta Servlet TCK -->
<dependency>
Expand All @@ -76,26 +96,12 @@
<scope>test</scope>
</dependency>


<!--
The Arquillian connector that starts GlassFish and deploys archives to it.
-->
<dependency>
<groupId>org.omnifaces.arquillian</groupId>
<artifactId>arquillian-glassfish-server-managed</artifactId>
<version>1.4</version>
<scope>test</scope>
</dependency>

<!-- Junit 5 -->
<dependency>
<groupId>org.jboss.arquillian.junit5</groupId>
<artifactId>arquillian-junit5-container</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.jboss.shrinkwrap.resolver</groupId>
<artifactId>shrinkwrap-resolver-impl-maven</artifactId>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter-engine</artifactId>
Expand All @@ -107,12 +113,23 @@
<version>${junit.version}</version>
<scope>test</scope>
</dependency>

<!-- Signature Test Plugin -->
<!-- Dependency for the API signature test -->
<dependency>
<groupId>org.netbeans.tools</groupId>
<groupId>jakarta.tck</groupId>
<artifactId>sigtest-maven-plugin</artifactId>
<version>1.7</version>
<version>2.2</version>
<scope>test</scope>
</dependency>

<!--
The Arquillian connector that starts GlassFish and deploys archives to it.
-->
<dependency>
<groupId>org.omnifaces.arquillian</groupId>
<artifactId>arquillian-glassfish-server-managed</artifactId>
<version>1.5</version>
<scope>test</scope>
</dependency>
</dependencies>

Expand All @@ -129,14 +146,16 @@
<artifactId>maven-dependency-plugin</artifactId>
<executions>
<execution>
<id>unpack-glassfish</id>
<phase>test-compile</phase>
<id>unpack-glassfish-and-certs</id>
<phase>generate-test-resources</phase>
<goals>
<goal>unpack</goal>
</goals>
<configuration>
<markersDirectory>${glassfish.root}/dependency-maven-plugin-markers</markersDirectory>
<artifactItems>

<!-- Extract GlassFish -->
<artifactItem>
<groupId>org.glassfish.main.distributions</groupId>
<artifactId>${glassfish-artifact-id}</artifactId>
Expand All @@ -145,33 +164,124 @@
<overWrite>false</overWrite>
<outputDirectory>${glassfish.root}</outputDirectory>
</artifactItem>

<!-- Extract certificates -->
<artifactItem>
<groupId>jakarta.tck</groupId>
<artifactId>servlet-tck-runtime</artifactId>
<type>jar</type>
<overWrite>true</overWrite>
<outputDirectory>${project.build.testOutputDirectory}/</outputDirectory>
<includes>**/**cts_cert,**/**clientcert.jks,**/**clientcert.p12</includes>
</artifactItem>
</artifactItems>
</configuration>
</execution>

<execution>
<id>copy-api</id>
<phase>generate-test-resources</phase>
<goals>
<goal>copy</goal>
</goals>
<configuration>
<artifactItems>
<!--
The main Servlet API artefact to test. This must match exactly the jar
that's also included in the GlassFish build we're testing.
-->
<artifactItem>
<groupId>jakarta.servlet</groupId>
<artifactId>jakarta.servlet-api</artifactId>
<type>jar</type>
<overWrite>true</overWrite>
<outputDirectory>${project.build.directory}/</outputDirectory>
<destFileName>jakarta.servlet-api.jar</destFileName>
</artifactItem>
</artifactItems>
</configuration>
</execution>
</executions>
</plugin>

<!-- Import the certificate that's used for the two tests that test SSL/Certificare authentication -->
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>keytool-maven-plugin</artifactId>
<version>1.7</version>
<executions>
<execution>
<phase>process-test-resources</phase>
<goals>
<goal>importCertificate</goal>
</goals>
<configuration>
<file>${project.build.testOutputDirectory}/certificates/cts_cert</file>
<alias>cts</alias>
<keystore>${glassfish.root}/glassfish8/glassfish/domains/domain1/config/cacerts.jks</keystore>
<storepass>changeit</storepass>
<keypass>changeit</keypass>
<noprompt>true</noprompt>
<trustcacerts>true</trustcacerts>
<verbose>true</verbose>
</configuration>
</execution>
</executions>
</plugin>

<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<argLine>
-Duser.language=en
-Duser.country=US
-Djava.locale.providers=COMPAT,CLDR
</argLine>

<dependenciesToScan>
<dependenciesToScan>jakarta.tck:servlet-tck-runtime</dependenciesToScan>
</dependenciesToScan>

<systemProperties>
<glassfish.home>${glassfish.root}/glassfish8</glassfish.home>

<arquillian.xml>${project.basedir}/arquillian.xml</arquillian.xml>

<javax.net.ssl.keyStore>${project.build.testOutputDirectory}/certificates/clientcert.jks</javax.net.ssl.keyStore>
<javax.net.ssl.keyStorePassword>changeit</javax.net.ssl.keyStorePassword>
<javax.net.ssl.trustStore>${glassfish.root}/glassfish8/glassfish/domains/domain1/config/cacerts.jks</javax.net.ssl.trustStore>

<!-- Uncomment to debug client-side SSL
<javax.net.debug>ssl:handshake</javax.net.debug>
-->

<!-- If the servlet container doesn't support optional cross context -->
<!-- If the servlet container doesn't (want to) support optional cross context -->
<servlet.tck.support.crossContext>false</servlet.tck.support.crossContext>

<!-- If the servlet container doesn't support optional http2 push -->
<!-- If the servlet container doesn't (want to) support optional http2 push -->
<servlet.tck.support.http2Push>false</servlet.tck.support.http2Push>

<!-- Print the content of the deployed archives -->
<servlet.tck.archive.print>true</servlet.tck.archive.print>

<!--
JDK 11 in TLSv1.3 does not support Post-Handshake Authentication, so TLSv1.2 must be used
for client-cert authentication to work.

See: https://stackoverflow.com/a/65979678/472792
-->
<jdk.tls.client.protocols>TLSv1.2</jdk.tls.client.protocols>

<!-- Create the users for the various security (authentication tests) -->
<glassfish.postBootCommands>
create-file-user --groups Manager:Employee --passwordfile ${maven.multiModuleProjectDirectory}/javajoe.pass javajoe
create-file-user --groups Administrator:Employee --passwordfile ${maven.multiModuleProjectDirectory}/j2ee.pass j2ee
create-file-user --groups Manager:Employee --passwordfile ${project.basedir}/javajoe.pass javajoe
create-file-user --groups Administrator:Employee --passwordfile ${project.basedir}/j2ee.pass j2ee
</glassfish.postBootCommands>

<!-- Set the properties for the API signature test -->
<jimage.dir>${project.build.directory}/jdk-bundle</jimage.dir>
<sigTestClasspath>${project.build.directory}/jakarta.servlet-api.jar:${project.build.directory}/jdk-bundle/java.base:${project.build.directory}/jdk-bundle/java.rmi:${project.build.directory}/jdk-bundle/java.sql:${project.build.directory}/jdk-bundle/java.naming</sigTestClasspath>
</systemProperties>
</configuration>
</plugin>
Expand Down
86 changes: 86 additions & 0 deletions appserver/tests/tck/servlet/src/main/java/org/glassfish/servlet/tck/WebArchiveUpdater.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
/*
* Copyright (c) 2024 Contributors to the Eclipse Foundation. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v. 2.0, which is available at
* http://www.eclipse.org/legal/epl-2.0.
*
* This Source Code may also be made available under the following Secondary
* Licenses when the conditions for such availability set forth in the
* Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
* version 2 with the GNU Classpath Exception, which is available at
* https://www.gnu.org/software/classpath/license.html.
*
* SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0
*/
package org.glassfish.servlet.tck;

import java.io.File;
import java.util.List;
import org.jboss.arquillian.container.spi.client.deployment.DeploymentDescription;
import org.jboss.arquillian.container.test.impl.client.deployment.AnnotationDeploymentScenarioGenerator;
import org.jboss.arquillian.container.test.spi.client.deployment.DeploymentScenarioGenerator;
import org.jboss.arquillian.core.spi.LoadableExtension;
import org.jboss.arquillian.test.spi.TestClass;
import org.jboss.shrinkwrap.api.Archive;
import org.jboss.shrinkwrap.api.spec.JavaArchive;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.jboss.shrinkwrap.resolver.api.maven.Maven;

/**
* WebArchiveUpdater updates the web archive that is created by the Servlet tests.
*
* <p>
* Specifically it adds SLF4J libs for a test that needs those, and adds sun-web.xml for the role
* mapping and context root setting.
*
* @author Arjan Tijms
*
*/
public class WebArchiveUpdater implements LoadableExtension {

@Override
public void register(ExtensionBuilder extensionBuilder) {
extensionBuilder.override(
DeploymentScenarioGenerator.class,
AnnotationDeploymentScenarioGenerator.class, ScenarioBasedUpdater.class);
}

public static class ScenarioBasedUpdater extends AnnotationDeploymentScenarioGenerator {

@Override
public List<DeploymentDescription> generate(TestClass testClass) {
List<DeploymentDescription> descriptions = super.generate(testClass);

for (DeploymentDescription description : descriptions) {
Archive<?> applicationArchive = description.getArchive();

if (
(testClass.getName().contains("ClientCertAnnoTests") || testClass.getName().contains("servletResponseTests")) &&
applicationArchive instanceof WebArchive webArchive) {

webArchive
.addAsWebInfResource(
new File("src/main/resources", "sun-web.xml"),
"sun-web.xml")
.addAsLibraries(
Maven.configureResolver()
.loadPomFromFile("pom.xml")
.resolve(System.getProperty("servlet.tck.slf4jimpl", "org.slf4j:slf4j-simple"))
.withTransitivity()
.as(JavaArchive.class));
}

if (Boolean.getBoolean("servlet.tck.archive.print")) {
System.out.println(applicationArchive.toString(true));
}
}

return descriptions;
}

}



}
1 change: 1 addition & 0 deletions ...vlet/src/main/resources/META-INF/services/org.jboss.arquillian.core.spi.LoadableExtension
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
org.glassfish.servlet.tck.WebArchiveUpdater
27 changes: 27 additions & 0 deletions appserver/tests/tck/servlet/src/main/resources/sun-web.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
<!--

Copyright (c) 2018, 2021 Oracle and/or its affiliates. All rights reserved.

This program and the accompanying materials are made available under the
terms of the Eclipse Public License v. 2.0, which is available at
http://www.eclipse.org/legal/epl-2.0.

This Source Code may also be made available under the following Secondary
Licenses when the conditions for such availability set forth in the
Eclipse Public License v. 2.0 are satisfied: GNU General Public License,
version 2 with the GNU Classpath Exception, which is available at
https://www.gnu.org/software/classpath/license.html.

SPDX-License-Identifier: EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0

-->

<sun-web-app>
<context-root>clientcertanno_web</context-root>
<security-role-mapping>
<role-name>Administrator</role-name>
<principal-name>CN=CTS,OU=Java Software,O=Sun Microsystems Inc.,L=Burlington,ST=MA,C=US</principal-name>
</security-role-mapping>
</sun-web-app>
Loading