diff options
| author | Alex Rudyy <orudyy@apache.org> | 2013-04-02 16:59:18 +0000 |
|---|---|---|
| committer | Alex Rudyy <orudyy@apache.org> | 2013-04-02 16:59:18 +0000 |
| commit | 44113d412df90a2adb15ab0d93b82f8cf3360164 (patch) | |
| tree | 3e4e2fa84e3ee76db9dba7bc8d32225b467ca558 /java | |
| parent | 1e6f70d919c93384025e26c72f6243eab0b78067 (diff) | |
| download | qpid-python-44113d412df90a2adb15ab0d93b82f8cf3360164.tar.gz | |
QPID-4691: Fix validation and UI for setting of keystore/truststore/peerstore dependant attributes on broker and ports
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1463626 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'java')
8 files changed, 269 insertions, 57 deletions
diff --git a/java/broker-plugins/management-http/src/main/java/resources/addPort.html b/java/broker-plugins/management-http/src/main/java/resources/addPort.html index 2f49ab1448..11acccb2ac 100644 --- a/java/broker-plugins/management-http/src/main/java/resources/addPort.html +++ b/java/broker-plugins/management-http/src/main/java/resources/addPort.html @@ -21,6 +21,7 @@ <div class="dijitHidden"> <div data-dojo-type="dijit.Dialog" style="width:600px;" data-dojo-props="title:'Port'" id="addPort"> <form id="formAddPort" method="post" dojoType="dijit.form.Form"> + <div class="dijitDialogPaneContentArea"> <div id="formAddPort:fields"> <input type="text" required="true" name="name" id="formAddPort.name" placeholder="Name" data-dojo-props="label: 'Name*:'" dojoType="dijit.form.ValidationTextBox" @@ -53,7 +54,7 @@ <div id="formAddPort:fieldsAMQP"> <input id="formAddPort.bindingAddress" type="text" name="bindingAddress" placeholder="*" dojoType="dijit.form.TextBox" data-dojo-props="label: 'Binding address:'"/> - <input id="formAddPort.protocolsDefault" type="checkbox" name="protocolsDefault" checked="checked" + <input id="formAddPort.protocolsDefault" type="checkbox" checked="checked" dojoType="dijit.form.CheckBox" data-dojo-props="label: 'Support broker default AMQP versions:'"/> <select id="formAddPort.protocolsAMQP" name="protocols" data-dojo-type="dijit.form.MultiSelect" multiple="true" data-dojo-props="name: 'protocols', value: '', placeHolder: 'Select AMQP versions', label: 'AMQP versions:'" @@ -80,8 +81,11 @@ </select> </div> <input type="hidden" id="formAddPort.id" name="id"/> + </div> + <div class="dijitDialogPaneActionBar"> <!-- submit buttons --> <input type="submit" value="Save Port" label="Save Port" dojoType="dijit.form.Button" /> + </div> </form> </div> </div> diff --git a/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/util.js b/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/util.js index fea67d5942..699cbcfab8 100644 --- a/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/util.js +++ b/java/broker-plugins/management-http/src/main/java/resources/js/qpid/common/util.js @@ -171,7 +171,7 @@ define(["dojo/_base/xhr", widgets[name] = widget; widget.initialValue = widget.value; layout.addChild(widget); - if (attributeWidgetFactory.hasOwnProperty("requiredFor")) + if (attributeWidgetFactory.hasOwnProperty("requiredFor") && !data[name]) { requiredFor[attributeWidgetFactory.requiredFor] = widget; } diff --git a/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js b/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js index f5e40025c2..365133b9c7 100644 --- a/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js +++ b/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/Broker.js @@ -141,7 +141,9 @@ define(["dojo/_base/xhr", required: false, label: "Keystore password:", invalidMessage: "Missed keystore password", - name: "keyStorePassword"}); + name: "keyStorePassword", + placeholder: brokerData["keyStorePassword"] ? brokerData["keyStorePassword"] : "" + }); } }, { name: "trustStorePath", @@ -161,7 +163,9 @@ define(["dojo/_base/xhr", required: false, label: "Truststore password:", invalidMessage: "Missed trustore password", - name: "trustStorePassword"}); + name: "trustStorePassword", + placeholder: brokerData["trustStorePassword"] ? brokerData["trustStorePassword"] : "" + }); } }, { name: "peerStorePath", @@ -180,7 +184,9 @@ define(["dojo/_base/xhr", required: false, label: "Peerstore password:", invalidMessage: "Missed peerstore password", - name: "peerStorePassword"}); + name: "peerStorePassword", + placeholder: brokerData["peerStorePassword"] ? brokerData["peerStorePassword"] : "" + }); } }, { name: "queue.alertThresholdQueueDepthMessages", diff --git a/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js b/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js index 4d1e268d4d..0c1a188cbf 100644 --- a/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js +++ b/java/broker-plugins/management-http/src/main/java/resources/js/qpid/management/addPort.js @@ -71,7 +71,7 @@ define(["dojo/_base/xhr", { if(formValues.hasOwnProperty(propName)) { - if (propName === "type" || propName === "protocolsDefault") + if (propName == "needClientAuth" || propName == "wantClientAuth") { continue; } @@ -107,18 +107,37 @@ define(["dojo/_base/xhr", } } - var needClientAuth = dijit.byId("formAddPort.needClientAuth"); - var wantClientAuth = dijit.byId("formAddPort.wantClientAuth"); - if(!needClientAuth.disabled) + var type = dijit.byId("formAddPort.type").value; + if (type == "AMQP") { - newPort.needClientAuth = needClientAuth.checked; + var needClientAuth = dijit.byId("formAddPort.needClientAuth"); + var wantClientAuth = dijit.byId("formAddPort.wantClientAuth"); + newPort.needClientAuth = needClientAuth.disabled ? false : needClientAuth.checked; + newPort.wantClientAuth = wantClientAuth.disabled ? false : wantClientAuth.checked } - if(!wantClientAuth.disabled) + return newPort; + }; + + var toggleCertificateWidgets = function toggleCertificateWidgets(protocolType, transportType) + { + var clientAuthPanel = registry.byId("formAddPort:fieldsClientAuth"); + var display = clientAuthPanel.domNode.style.display; + if (transportType == "SSL" && protocolType == "AMQP") { - newPort.wantClientAuth = wantClientAuth.checked; + clientAuthPanel.domNode.style.display = "block"; + registry.byId("formAddPort.needClientAuth").set("disabled", false); + registry.byId("formAddPort.wantClientAuth").set("disabled", false); + } + else + { + clientAuthPanel.domNode.style.display = "none"; + registry.byId("formAddPort.needClientAuth").set("disabled", true); + registry.byId("formAddPort.wantClientAuth").set("disabled", true); + } + if (clientAuthPanel.domNode.style.display != display) + { + clientAuthPanel.resize(); } - - return newPort; }; @@ -134,6 +153,11 @@ define(["dojo/_base/xhr", dijit.byId("formAddPort.protocolsAMQP").set("disabled", isChecked); }); + registry.byId("formAddPort.transports").on("change", function(newValue){ + var protocolType = registry.byId("formAddPort.type").value; + toggleCertificateWidgets(protocolType, newValue); + }); + registry.byId("formAddPort.type").on("change", function(newValue) { var typeWidget = registry.byId("formAddPort.type"); var store = typeWidget.store; @@ -142,20 +166,8 @@ define(["dojo/_base/xhr", registry.byId("formAddPort:fields" + option.value).domNode.style.display = "none"; }); - if ("AMQP" == newValue) - { - registry.byId("formAddPort:fieldsClientAuth").domNode.style.display = "block"; - registry.byId("formAddPort.needClientAuth").set("disabled", false); - registry.byId("formAddPort.wantClientAuth").set("disabled", false); - } - else - { - registry.byId("formAddPort:fieldsClientAuth").domNode.style.display = "none"; - registry.byId("formAddPort.needClientAuth").set("checked", false); - registry.byId("formAddPort.wantClientAuth").set("checked", false); - registry.byId("formAddPort.needClientAuth").set("disabled", true); - registry.byId("formAddPort.wantClientAuth").set("disabled", true); - } + registry.byId("formAddPort.needClientAuth").set("enabled", ("AMQP" == newValue)); + registry.byId("formAddPort.wantClientAuth").set("enabled", ("AMQP" == newValue)); registry.byId("formAddPort:fields" + newValue).domNode.style.display = "block"; var defaultsAMQPProtocols = registry.byId("formAddPort.protocolsDefault"); @@ -163,20 +175,10 @@ define(["dojo/_base/xhr", var protocolsWidget = registry.byId("formAddPort.protocols" + newValue); if (protocolsWidget) { - if ("AMQP" == newValue && defaultsAMQPProtocols.checked) - { - protocolsWidget.set("disabled", true); - } - else - { - protocolsWidget.set("disabled", false); - } - } - var transportsWidget = registry.byId("formAddPort.transports"); - if (transportsWidget) - { - transportsWidget.startup(); + protocolsWidget.set("disabled", ("AMQP" == newValue && defaultsAMQPProtocols.checked)); } + var transport = registry.byId("formAddPort.transports").value; + toggleCertificateWidgets(newValue, transport); }); theForm = registry.byId("formAddPort"); @@ -289,7 +291,8 @@ define(["dojo/_base/xhr", nameField.set("disabled", true); dom.byId("formAddPort.id").value=port.id; providerWidget.set("value", port.authenticationProvider ? port.authenticationProvider : ""); - registry.byId("formAddPort.transports").set("value", port.transports ? port.transports[0] : ""); + var transportWidget = registry.byId("formAddPort.transports"); + transportWidget.set("value", port.transports ? port.transports[0] : ""); registry.byId("formAddPort.port").set("value", port.port); var protocols = port.protocols; var typeWidget = registry.byId("formAddPort.type"); @@ -299,12 +302,6 @@ define(["dojo/_base/xhr", registry.byId("formAddPort:fields" + option.value).domNode.style.display = "none"; }); - registry.byId("formAddPort.needClientAuth").set("checked", false); - registry.byId("formAddPort.wantClientAuth").set("checked", false); - registry.byId("formAddPort.needClientAuth").set("disabled", true); - registry.byId("formAddPort.wantClientAuth").set("disabled", true); - registry.byId("formAddPort:fieldsClientAuth").domNode.style.display = "none"; - // identify the type of port using first protocol specified in protocol field if provided if ( !protocols || protocols.length == 0 || protocols[0].indexOf("AMQP") == 0) { @@ -326,11 +323,8 @@ define(["dojo/_base/xhr", amqpProtocolsWidget.set("disabled", true) } - registry.byId("formAddPort.needClientAuth").set("disabled", false); - registry.byId("formAddPort.wantClientAuth").set("disabled", false); registry.byId("formAddPort.needClientAuth").set("checked", port.needClientAuth); registry.byId("formAddPort.wantClientAuth").set("checked", port.wantClientAuth); - registry.byId("formAddPort:fieldsClientAuth").domNode.style.display = "block"; } else if (protocols[0].indexOf("RMI") != -1) { @@ -348,6 +342,8 @@ define(["dojo/_base/xhr", } registry.byId("formAddPort:fields" + typeWidget.value).domNode.style.display = "block"; typeWidget.set("disabled", true); + + toggleCertificateWidgets(typeWidget.value, transportWidget.value); registry.byId("addPort").show(); }); } diff --git a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractAdapter.java b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractAdapter.java index 8ff0b6d9e1..e57c8c2d16 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractAdapter.java +++ b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/AbstractAdapter.java @@ -381,4 +381,9 @@ abstract class AbstractAdapter implements ConfiguredObject { // allowed by default } + + protected Map<String, Object> getDefaultAttributes() + { + return _defaultAttributes; + } } diff --git a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java index b6a2bbac71..ec5a0402b4 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java +++ b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/BrokerAdapter.java @@ -1182,9 +1182,14 @@ public class BrokerAdapter extends AbstractAdapter implements Broker, Configurat String passwordAttribute, String aliasAttribute) { String keyStoreFile = (String) convertedAttributes.get(pathAttribute); - if (keyStoreFile != null) + String password = (String) convertedAttributes.get(passwordAttribute); + String alias = aliasAttribute!= null? (String) convertedAttributes.get(aliasAttribute) : null; + if (keyStoreFile != null || password != null || alias != null) { - String password = (String) convertedAttributes.get(passwordAttribute); + if (keyStoreFile == null) + { + keyStoreFile = (String) getActualAttributes().get(pathAttribute); + } if (password == null) { password = (String) getActualAttributes().get(passwordAttribute); @@ -1200,7 +1205,10 @@ public class BrokerAdapter extends AbstractAdapter implements Broker, Configurat } if (aliasAttribute != null) { - String alias = (String) convertedAttributes.get(aliasAttribute); + if (alias == null) + { + alias = (String) getActualAttributes().get(aliasAttribute); + } if (alias != null) { Certificate cert = null; diff --git a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/PortAdapter.java b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/PortAdapter.java index ba10816a35..59a2a50a24 100644 --- a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/PortAdapter.java +++ b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/PortAdapter.java @@ -48,6 +48,7 @@ import org.apache.qpid.server.model.VirtualHostAlias; import org.apache.qpid.server.security.access.Operation; import org.apache.qpid.server.util.MapValueConverter; import org.apache.qpid.server.util.ParameterizedTypeImpl; +import org.apache.qpid.server.configuration.IllegalConfigurationException; import org.apache.qpid.server.configuration.updater.TaskExecutor; public class PortAdapter extends AbstractAdapter implements Port @@ -362,7 +363,67 @@ public class PortAdapter extends AbstractAdapter implements Port { throw new IllegalStateException("Cannot change attributes for an active port outside of Management Mode"); } - super.changeAttributes(MapValueConverter.convert(attributes, ATTRIBUTE_TYPES)); + Map<String, Object> converted = MapValueConverter.convert(attributes, ATTRIBUTE_TYPES); + + Map<String, Object> merged = new HashMap<String, Object>(getDefaultAttributes()); + merged.putAll(getActualAttributes()); + merged.putAll(converted); + + @SuppressWarnings("unchecked") + Collection<Transport> transports = (Collection<Transport>)merged.get(TRANSPORTS); + @SuppressWarnings("unchecked") + Collection<Protocol> protocols = (Collection<Protocol>)merged.get(PROTOCOLS); + Boolean needClientCertificate = (Boolean)merged.get(NEED_CLIENT_AUTH); + Boolean wantClientCertificate = (Boolean)merged.get(WANT_CLIENT_AUTH); + boolean requiresCertificate = (needClientCertificate != null && needClientCertificate.booleanValue()) + || (wantClientCertificate != null && wantClientCertificate.booleanValue()); + + if (transports != null && transports.contains(Transport.SSL)) + { + if (_broker.getKeyStores().isEmpty()) + { + throw new IllegalConfigurationException("Can't create port which requires SSL as the broker has no keystore configured."); + } + + if (_broker.getTrustStores().isEmpty() && requiresCertificate) + { + throw new IllegalConfigurationException("Can't create port which requests SSL client certificates as the broker has no trust/peer stores configured."); + } + } + else + { + if (requiresCertificate) + { + throw new IllegalConfigurationException("Can't create port which requests SSL client certificates but doesn't use SSL transport."); + } + } + + if (protocols != null && protocols.contains(Protocol.HTTPS) && _broker.getKeyStores().isEmpty()) + { + throw new IllegalConfigurationException("Can't create port which requires SSL as the broker has no keystore configured."); + } + + String authenticationProviderName = (String)merged.get(AUTHENTICATION_PROVIDER); + if (authenticationProviderName != null) + { + Collection<AuthenticationProvider> providers = _broker.getAuthenticationProviders(); + AuthenticationProvider provider = null; + for (AuthenticationProvider p : providers) + { + if (p.getName().equals(authenticationProviderName)) + { + provider = p; + break; + } + } + + if (provider == null) + { + throw new IllegalConfigurationException("Cannot find authentication provider with name '" + + authenticationProviderName + "'"); + } + } + super.changeAttributes(converted); } @Override diff --git a/java/systests/src/main/java/org/apache/qpid/systest/rest/PortRestTest.java b/java/systests/src/main/java/org/apache/qpid/systest/rest/PortRestTest.java index f8a7a9855f..1497d740dc 100644 --- a/java/systests/src/main/java/org/apache/qpid/systest/rest/PortRestTest.java +++ b/java/systests/src/main/java/org/apache/qpid/systest/rest/PortRestTest.java @@ -21,16 +21,20 @@ package org.apache.qpid.systest.rest; import java.net.URLDecoder; +import java.util.Arrays; import java.util.Collection; import java.util.Collections; import java.util.HashMap; +import java.util.HashSet; import java.util.List; import java.util.Map; import org.apache.qpid.server.model.AuthenticationProvider; +import org.apache.qpid.server.model.Broker; import org.apache.qpid.server.model.Port; import org.apache.qpid.server.model.Protocol; import org.apache.qpid.server.model.State; +import org.apache.qpid.server.model.Transport; import org.apache.qpid.server.plugin.AuthenticationManagerFactory; import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManagerFactory; import org.apache.qpid.test.utils.TestBrokerConfiguration; @@ -159,8 +163,7 @@ public class PortRestTest extends QpidRestTestCase responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); assertEquals("Port cannot be updated in non management mode", 409, responseCode); - stopBroker(); - startBroker(DEFAULT_PORT, true); + restartBrokerInManagementMode(); responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); assertEquals("Port should be allwed to update in a management mode", 200, responseCode); @@ -193,4 +196,133 @@ public class PortRestTest extends QpidRestTestCase port = getRestTestHelper().getJsonAsSingletonList("/rest/port/" + TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT); assertEquals("Port has been changed", portValue, port.get(Port.PORT)); } + + public void testUpdatePortTransportFromTCPToSSLWhenKeystoreIsConfigured() throws Exception + { + restartBrokerInManagementMode(); + + String portName = TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT; + Map<String, Object> attributes = new HashMap<String, Object>(); + attributes.put(Port.NAME, portName); + attributes.put(Port.TRANSPORTS, Collections.singleton(Transport.SSL)); + + int responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); + assertEquals("Transport has not been changed to SSL " , 200, responseCode); + + restartBroker(); + + Map<String, Object> port = getRestTestHelper().getJsonAsSingletonList("/rest/port/" + portName); + + @SuppressWarnings("unchecked") + Collection<String> transports = (Collection<String>) port.get(Port.TRANSPORTS); + assertEquals("Unexpected auth provider", new HashSet<String>(Arrays.asList(Transport.SSL.name())), + new HashSet<String>(transports)); + } + + public void testUpdateTransportFromTCPToSSLWithoutKeystoreConfiguredFails() throws Exception + { + getBrokerConfiguration().setBrokerAttribute(Broker.KEY_STORE_PATH, null); + getBrokerConfiguration().setSaved(false); + restartBrokerInManagementMode(); + + String portName = TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT; + Map<String, Object> attributes = new HashMap<String, Object>(); + attributes.put(Port.NAME, portName); + attributes.put(Port.TRANSPORTS, Collections.singleton(Transport.SSL)); + + int responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); + assertEquals("Creation of SSL port without keystore should fail", 409, responseCode); + } + + public void testUpdateWantNeedClientAuth() throws Exception + { + String portName = TestBrokerConfiguration.ENTRY_NAME_SSL_PORT; + Map<String, Object> attributes = new HashMap<String, Object>(); + attributes.put(Port.NAME, portName); + attributes.put(Port.PORT, DEFAULT_SSL_PORT); + attributes.put(Port.TRANSPORTS, Collections.singleton(Transport.SSL)); + + int responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); + assertEquals("SSL port was not added", 201, responseCode); + + restartBrokerInManagementMode(); + + attributes.put(Port.NEED_CLIENT_AUTH, true); + attributes.put(Port.WANT_CLIENT_AUTH, true); + + responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); + assertEquals("Attributes for need/want client auth are not set", 200, responseCode); + + restartBroker(); + Map<String, Object> port = getRestTestHelper().getJsonAsSingletonList("/rest/port/" + portName); + assertEquals("Unexpected " + Port.NEED_CLIENT_AUTH, true, port.get(Port.NEED_CLIENT_AUTH)); + assertEquals("Unexpected " + Port.WANT_CLIENT_AUTH, true, port.get(Port.WANT_CLIENT_AUTH)); + + restartBrokerInManagementMode(); + + attributes = new HashMap<String, Object>(); + attributes.put(Port.NAME, portName); + attributes.put(Port.TRANSPORTS, Collections.singleton(Transport.TCP)); + + responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); + assertEquals("Should not be able to change transport to SSL without reseting of attributes for need/want client auth", 409, responseCode); + + attributes = new HashMap<String, Object>(); + attributes.put(Port.NAME, portName); + attributes.put(Port.TRANSPORTS, Collections.singleton(Transport.TCP)); + attributes.put(Port.NEED_CLIENT_AUTH, false); + attributes.put(Port.WANT_CLIENT_AUTH, false); + + responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); + assertEquals("Should be able to change transport to TCP ", 200, responseCode); + + restartBroker(); + port = getRestTestHelper().getJsonAsSingletonList("/rest/port/" + portName); + assertEquals("Unexpected " + Port.NEED_CLIENT_AUTH, false, port.get(Port.NEED_CLIENT_AUTH)); + assertEquals("Unexpected " + Port.WANT_CLIENT_AUTH, false, port.get(Port.WANT_CLIENT_AUTH)); + + @SuppressWarnings("unchecked") + Collection<String> transports = (Collection<String>) port.get(Port.TRANSPORTS); + assertEquals("Unexpected auth provider", new HashSet<String>(Arrays.asList(Transport.TCP.name())), + new HashSet<String>(transports)); + } + + public void testUpdateSettingWantNeedCertificateFailsForNonSSLPort() throws Exception + { + restartBrokerInManagementMode(); + + String portName = TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT; + Map<String, Object> attributes = new HashMap<String, Object>(); + attributes.put(Port.NAME, portName); + attributes.put(Port.NEED_CLIENT_AUTH, true); + int responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); + assertEquals("Unexpected response when trying to set 'needClientAuth' on non-SSL port", 409, responseCode); + + attributes = new HashMap<String, Object>(); + attributes.put(Port.NAME, portName); + attributes.put(Port.WANT_CLIENT_AUTH, true); + responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); + assertEquals("Unexpected response when trying to set 'wantClientAuth' on non-SSL port", 409, responseCode); + } + + public void testUpdatePortAuthenticationProvider() throws Exception + { + restartBrokerInManagementMode(); + + String portName = TestBrokerConfiguration.ENTRY_NAME_AMQP_PORT; + Map<String, Object> attributes = new HashMap<String, Object>(); + attributes.put(Port.NAME, portName); + attributes.put(Port.AUTHENTICATION_PROVIDER, "non-existing"); + int responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); + assertEquals("Unexpected response when trying to change auth provider to non-existing one", 409, responseCode); + + attributes = new HashMap<String, Object>(); + attributes.put(Port.NAME, portName); + attributes.put(Port.AUTHENTICATION_PROVIDER, ANONYMOUS_AUTHENTICATION_PROVIDER); + responseCode = getRestTestHelper().submitRequest("/rest/port/" + portName, "PUT", attributes); + assertEquals("Unexpected response when trying to change auth provider to existing one", 200, responseCode); + + Map<String, Object> port = getRestTestHelper().getJsonAsSingletonList("/rest/port/" + portName); + assertEquals("Unexpected auth provider", ANONYMOUS_AUTHENTICATION_PROVIDER, port.get(Port.AUTHENTICATION_PROVIDER)); + } } |