diff --git a/spring-security-rest-basic-auth/pom.xml b/spring-security-rest-basic-auth/pom.xml index 64d5015a7b..79965a553c 100644 --- a/spring-security-rest-basic-auth/pom.xml +++ b/spring-security-rest-basic-auth/pom.xml @@ -252,6 +252,7 @@ **/*LiveTest.java + **/*ManualTest.java diff --git a/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/ClientLiveTest.java b/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/ClientLiveTest.java index 6b1bfc3dce..817e818b58 100644 --- a/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/ClientLiveTest.java +++ b/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/ClientLiveTest.java @@ -1,26 +1,16 @@ package org.baeldung.client; -import static org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; import static org.hamcrest.Matchers.equalTo; import static org.hamcrest.Matchers.is; import static org.junit.Assert.assertThat; -import java.security.GeneralSecurityException; -import java.security.cert.X509Certificate; - -import org.apache.http.conn.scheme.Scheme; -import org.apache.http.conn.ssl.SSLSocketFactory; -import org.apache.http.conn.ssl.TrustStrategy; -import org.apache.http.impl.client.CloseableHttpClient; import org.baeldung.client.spring.ClientConfig; import org.baeldung.web.dto.Foo; -import org.junit.Ignore; import org.junit.Test; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpMethod; import org.springframework.http.ResponseEntity; -import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.support.AnnotationConfigContextLoader; @@ -54,24 +44,4 @@ public class ClientLiveTest { assertThat(response.getStatusCode().value(), equalTo(200)); } - @Test - @Ignore("Only to run against a Server with HTTPS enabled (on 8443)") - public final void givenAcceptingAllCertificates_whenHttpsUrlIsConsumed_thenException() throws GeneralSecurityException { - final HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(); - final CloseableHttpClient httpClient = (CloseableHttpClient) requestFactory.getHttpClient(); - - final TrustStrategy acceptingTrustStrategy = new TrustStrategy() { - @Override - public final boolean isTrusted(final X509Certificate[] certificate, final String authType) { - return true; - } - }; - final SSLSocketFactory sf = new SSLSocketFactory(acceptingTrustStrategy, ALLOW_ALL_HOSTNAME_VERIFIER); - httpClient.getConnectionManager().getSchemeRegistry().register(new Scheme("https", 8443, sf)); - - final String urlOverHttps = "https://localhost:8443/spring-security-rest-basic-auth/api/bars/1"; - final ResponseEntity response = new RestTemplate(requestFactory).exchange(urlOverHttps, HttpMethod.GET, null, String.class); - assertThat(response.getStatusCode().value(), equalTo(200)); - } - } diff --git a/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/HttpsClientLiveManualTest.java b/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/HttpsClientLiveManualTest.java index 370ac79f6f..4d371dc1f0 100644 --- a/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/HttpsClientLiveManualTest.java +++ b/spring-security-rest-basic-auth/src/test/java/org/baeldung/client/HttpsClientLiveManualTest.java @@ -1,19 +1,17 @@ package org.baeldung.client; +import static org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; import static org.hamcrest.Matchers.equalTo; import static org.junit.Assert.assertThat; import java.io.IOException; import java.security.GeneralSecurityException; import java.security.cert.X509Certificate; -import java.util.Timer; -import java.util.TimerTask; import javax.net.ssl.SSLPeerUnverifiedException; import org.apache.http.HttpResponse; import org.apache.http.client.ClientProtocolException; -import org.apache.http.client.config.RequestConfig; import org.apache.http.client.methods.HttpGet; import org.apache.http.conn.ClientConnectionManager; import org.apache.http.conn.scheme.Scheme; @@ -30,6 +28,10 @@ import org.apache.http.impl.client.HttpClients; import org.apache.http.impl.conn.PoolingClientConnectionManager; import org.junit.Ignore; import org.junit.Test; +import org.springframework.http.HttpMethod; +import org.springframework.http.ResponseEntity; +import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; +import org.springframework.web.client.RestTemplate; /** * This test requires a localhost server over HTTPS
@@ -39,30 +41,6 @@ public class HttpsClientLiveManualTest { // tests - @Test - public final void whenSecuredRestApiIsConsumed_then200OK() throws ClientProtocolException, IOException { - final CloseableHttpClient httpClient = HttpClientBuilder.create().build(); - - final int timeout = 30; // seconds - final RequestConfig requestConfig = RequestConfig.custom().setConnectionRequestTimeout(timeout).setConnectTimeout(timeout).setSocketTimeout(timeout).build(); - final HttpGet getMethod = new HttpGet("http://localhost:8080/spring-security-rest-basic-auth/api/bars/1"); - getMethod.setConfig(requestConfig); - - final int hardTimeout = 10; // seconds - final TimerTask task = new TimerTask() { - @Override - public void run() { - if (getMethod != null) { - getMethod.abort(); - } - } - }; - new Timer(true).schedule(task, hardTimeout * 1000); - - final HttpResponse response = httpClient.execute(getMethod); - System.out.println("HTTP Status of response: " + response.getStatusLine().getStatusCode()); - } - @Test(expected = SSLPeerUnverifiedException.class) @Ignore("Only for a server that has HTTPS enabled (on 8443)") public final void whenHttpsUrlIsConsumed_thenException() throws ClientProtocolException, IOException { @@ -98,6 +76,25 @@ public class HttpsClientLiveManualTest { httpClient.close(); } + @Test + public final void givenAcceptingAllCertificates_whenHttpsUrlIsConsumed_thenException() throws GeneralSecurityException { + final HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(); + final CloseableHttpClient httpClient = (CloseableHttpClient) requestFactory.getHttpClient(); + + final TrustStrategy acceptingTrustStrategy = new TrustStrategy() { + @Override + public final boolean isTrusted(final X509Certificate[] certificate, final String authType) { + return true; + } + }; + final SSLSocketFactory sf = new SSLSocketFactory(acceptingTrustStrategy, ALLOW_ALL_HOSTNAME_VERIFIER); + httpClient.getConnectionManager().getSchemeRegistry().register(new Scheme("https", 8443, sf)); + + final String urlOverHttps = "https://localhost:8443/spring-security-rest-basic-auth/api/bars/1"; + final ResponseEntity response = new RestTemplate(requestFactory).exchange(urlOverHttps, HttpMethod.GET, null, String.class); + assertThat(response.getStatusCode().value(), equalTo(200)); + } + @Test public final void givenHttpClientPost4_3_whenAcceptingAllCertificates_thenCanConsumeHttpsUriWithSelfSignedCertificate() throws IOException, GeneralSecurityException { final SSLContextBuilder builder = new SSLContextBuilder();