GitHub-Spring
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Add configuration for Rabbit's key store and trust store algorithm 

See gh-24076
pull/24532/head
Gong Yi 5 years ago committed by Stephane Nicoll
parent
315067b379
commit
489062b203
3 changed files with 60 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/amqp/RabbitAutoConfiguration.java
  2. 28
      spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/amqp/RabbitProperties.java
  3. 30
      spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/amqp/RabbitAutoConfigurationTests.java

2
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/amqp/RabbitAutoConfiguration.java
Unescape View File

@ -140,9 +140,11 @@ public class RabbitAutoConfiguration { @@ -140,9 +140,11 @@ public class RabbitAutoConfiguration {
map.from(ssl::getKeyStoreType).to(factory::setKeyStoreType);
map.from(ssl::getKeyStore).to(factory::setKeyStore);
map.from(ssl::getKeyStorePassword).to(factory::setKeyStorePassphrase);
map.from(ssl::getKeyStoreAlgorithm).whenNonNull().to(factory::setKeyStoreAlgorithm);
map.from(ssl::getTrustStoreType).to(factory::setTrustStoreType);
map.from(ssl::getTrustStore).to(factory::setTrustStore);
map.from(ssl::getTrustStorePassword).to(factory::setTrustStorePassphrase);
map.from(ssl::getTrustStoreAlgorithm).whenNonNull().to(factory::setTrustStoreAlgorithm);
map.from(ssl::isValidateServerCertificate)
.to((validate) -> factory.setSkipServerCertificateValidation(!validate));
map.from(ssl::getVerifyHostname).to(factory::setEnableHostnameVerification);

28
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/amqp/RabbitProperties.java
Unescape View File

@ -363,6 +363,8 @@ public class RabbitProperties { @@ -363,6 +363,8 @@ public class RabbitProperties {
public class Ssl {
private static final String SUN_X509 = "SunX509";
/**
* Whether to enable SSL support. Determined automatically if an address is
* provided with the protocol (amqp:// vs. amqps://).
@ -384,6 +386,11 @@ public class RabbitProperties { @@ -384,6 +386,11 @@ public class RabbitProperties {
*/
private String keyStorePassword;
/**
* Key store algorithm.
*/
private String keyStoreAlgorithm = SUN_X509;
/**
* Trust store that holds SSL certificates.
*/
@ -399,6 +406,11 @@ public class RabbitProperties { @@ -399,6 +406,11 @@ public class RabbitProperties {
*/
private String trustStorePassword;
/**
* Trust store algorithm.
*/
private String trustStoreAlgorithm = SUN_X509;
/**
* SSL algorithm to use. By default, configured by the Rabbit client library.
*/
@ -462,6 +474,14 @@ public class RabbitProperties { @@ -462,6 +474,14 @@ public class RabbitProperties {
this.keyStorePassword = keyStorePassword;
}
public String getKeyStoreAlgorithm() {
return this.keyStoreAlgorithm;
}
public void setKeyStoreAlgorithm(String keyStoreAlgorithm) {
this.keyStoreAlgorithm = keyStoreAlgorithm;
}
public String getTrustStore() {
return this.trustStore;
}
@ -486,6 +506,14 @@ public class RabbitProperties { @@ -486,6 +506,14 @@ public class RabbitProperties {
this.trustStorePassword = trustStorePassword;
}
public String getTrustStoreAlgorithm() {
return this.trustStoreAlgorithm;
}
public void setTrustStoreAlgorithm(String trustStoreAlgorithm) {
this.trustStoreAlgorithm = trustStoreAlgorithm;
}
public String getAlgorithm() {
return this.algorithm;
}

30
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/amqp/RabbitAutoConfigurationTests.java
Unescape View File

@ -738,6 +738,36 @@ class RabbitAutoConfigurationTests { @@ -738,6 +738,36 @@ class RabbitAutoConfigurationTests {
});
}
@Test
void enableSslWithValidStoreAlgorithmShouldWork() throws Exception {
this.contextRunner.withUserConfiguration(TestConfiguration.class)
.withPropertyValues("spring.rabbitmq.ssl.enabled:true",
"spring.rabbitmq.ssl.keyStore=/org/springframework/boot/autoconfigure/amqp/test.jks",
"spring.rabbitmq.ssl.keyStoreType=jks", "spring.rabbitmq.ssl.keyStorePassword=secret",
"spring.rabbitmq.ssl.keyStoreAlgorithm=PKIX",
"spring.rabbitmq.ssl.trustStore=/org/springframework/boot/autoconfigure/amqp/test.jks",
"spring.rabbitmq.ssl.trustStoreType=jks", "spring.rabbitmq.ssl.trustStorePassword=secret",
"spring.rabbitmq.ssl.trustStoreAlgorithm=PKIX")
.run((context) -> assertThat(context).hasNotFailed());
}
@Test
void enableSslWithInvalidStoreAlgorithmShouldFail() throws Exception {
this.contextRunner.withUserConfiguration(TestConfiguration.class)
.withPropertyValues("spring.rabbitmq.ssl.enabled:true",
"spring.rabbitmq.ssl.keyStore=/org/springframework/boot/autoconfigure/amqp/test.jks",
"spring.rabbitmq.ssl.keyStoreType=jks", "spring.rabbitmq.ssl.keyStorePassword=secret",
"spring.rabbitmq.ssl.keyStoreAlgorithm=foo",
"spring.rabbitmq.ssl.trustStore=/org/springframework/boot/autoconfigure/amqp/test.jks",
"spring.rabbitmq.ssl.trustStoreType=jks", "spring.rabbitmq.ssl.trustStorePassword=secret",
"spring.rabbitmq.ssl.trustStoreAlgorithm=foo")
.run((context) -> {
assertThat(context).hasFailed();
assertThat(context).getFailure().hasMessageContaining("foo");
assertThat(context).getFailure().hasRootCauseInstanceOf(NoSuchAlgorithmException.class);
});
}
@Test
void whenACredentialsProviderIsAvailableThenConnectionFactoryIsConfiguredToUseIt() throws Exception {
this.contextRunner.withUserConfiguration(CredentialsProviderConfiguration.class)

Write Preview
Loading…
Cancel
Save