QPID-3739: Java properties qpid.ssl.keyStoreCertType and qpid.ssl.trustStoreCertType have misleading names and would be better called qpid.ssl.[Key|Trust]ManagerFactory.algorithm

* Introduced two properties qpid.ssl.KeyManagerFactory.algorithm and qpid.ssl.TrustManagerFactory.algorithm to allow a client user to override the algorithm name used when Qpid client constructs a KeyManager or TrustManager.
* Continued to support qpid.ssl.keyStoreCertType and qpid.ssl.trustStoreCertType (now marked as deprecated)
* Introduced a new Java Broker configuration key connector/ssl/keyManagerFactoryAlgorithm
* Continued to support broker configuration key connector/ssl/certType (now marked as deprecated and will issue warning if used).
* Changed the default from hardcoded 'SunX509' to the value(s) returned by KeyManagerFactory#getDefaultAlgorithm() and TrustManagerFactory#getDefaultAlgorithm().  This allows the Java Broker and Client to be used out of the box on non-Sun JDKs without having to set qpid.ssl.KeyManagerFactory.algorithm or qpid.ssl.TrustManagerFactory.algorithm.
* Updated client docbook documentation.

Tested both Java Broker and Client on IBM JDK and ensured all 0-10 and 0-9-1 profiles pass (including SSLTest which was failing prior to this change).

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1237504 13f79535-47bb-0310-9956-ffa450edef68

4 files changed, 249 insertions, 25 deletions

diff --git a/java/common/src/test/java/org/apache/qpid/configuration/QpidPropertyTest.java b/java/common/src/test/java/org/apache/qpid/configuration/QpidPropertyTest.java
new file mode 100644
index 0000000000..2a8c177f64
--- /dev/null
+++ b/java/common/src/test/java/org/apache/qpid/configuration/QpidPropertyTest.java
@@ -0,0 +1,166 @@
+/* Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.qpid.configuration;
+
+import org.apache.qpid.test.utils.QpidTestCase;
+
+public class QpidPropertyTest extends QpidTestCase
+{
+    private static final String TEST_VALUE1 = "TEST_VALUE1";
+    private static final String TEST_VALUE2 = "TEST_VALUE2";
+    private static final String DEFAULT_VALUE = "DEFAULT_VALUE";
+
+    private String _systemPropertyName;
+    private String _deprecatedSystemPropertyName;
+
+    @Override
+    protected void setUp() throws Exception
+    {
+        super.setUp();
+        _systemPropertyName = getName() + ".current";
+        _deprecatedSystemPropertyName = getName() + ".deprecated";
+    }
+
+    public void testValueReadFromSystemProperty() throws Exception
+    {
+        setTestSystemProperty(_systemPropertyName, TEST_VALUE1);
+        assertSystemPropertiesSet(_systemPropertyName);
+
+        String propertyValue = QpidProperty.stringProperty(DEFAULT_VALUE, _systemPropertyName).get();
+        assertEquals(TEST_VALUE1, propertyValue);
+    }
+
+    public void testValueReadFromSecondChoiceSystemPropertyWhenFirstChoiceNotSet() throws Exception
+    {
+        setTestSystemProperty(_deprecatedSystemPropertyName, TEST_VALUE2);
+        assertSystemPropertiesSet(_deprecatedSystemPropertyName);
+        assertSystemPropertiesNotSet(_systemPropertyName);
+
+        String propertyValue = QpidProperty.stringProperty("default", _systemPropertyName, _deprecatedSystemPropertyName).get();
+        assertEquals(TEST_VALUE2, propertyValue);
+    }
+
+    public void testValueReadFromFirstChoiceSystemPropertyWhenBothFirstAndSecondChoiceSet() throws Exception
+    {
+        setTestSystemProperty(_systemPropertyName, TEST_VALUE1);
+        setTestSystemProperty(_deprecatedSystemPropertyName, TEST_VALUE2);
+        assertSystemPropertiesSet(_systemPropertyName, _deprecatedSystemPropertyName);
+
+        String propertyValue = QpidProperty.stringProperty("default", _systemPropertyName, _deprecatedSystemPropertyName).get();
+        assertEquals(TEST_VALUE1, propertyValue);
+    }
+
+    public void testValueIsDefaultWhenOneSystemPropertyIsNotSet() throws Exception
+    {
+        assertSystemPropertiesNotSet(_systemPropertyName);
+
+        String propertyValue = QpidProperty.stringProperty(DEFAULT_VALUE, _systemPropertyName).get();
+        assertEquals(DEFAULT_VALUE, propertyValue);
+    }
+
+    public void testValueIsDefaultWhenTwoSystemPropertiesAreNotSet() throws Exception
+    {
+        assertSystemPropertiesNotSet(_systemPropertyName, _deprecatedSystemPropertyName);
+
+        String propertyValue = QpidProperty.stringProperty(DEFAULT_VALUE, _systemPropertyName).get();
+        assertEquals(DEFAULT_VALUE, propertyValue);
+    }
+
+    public void testValueIsNullWhenNoDefaultAndNoSystemPropertiesAreSet() throws Exception
+    {
+        assertSystemPropertiesNotSet(_systemPropertyName, _deprecatedSystemPropertyName);
+
+        String nullString = null;
+        String propertyValue = QpidProperty.stringProperty(nullString, _systemPropertyName).get();
+        assertNull(propertyValue);
+    }
+
+    public void testBooleanValueReadFromSystemProperty() throws Exception
+    {
+        setTestSystemProperty(_systemPropertyName, Boolean.FALSE.toString());
+        assertSystemPropertiesSet(_systemPropertyName);
+
+        boolean propertyValue = QpidProperty.booleanProperty(Boolean.TRUE, _systemPropertyName).get();
+        assertFalse(propertyValue);
+    }
+
+    public void testBooleanValueIsDefaultWhenOneSystemPropertyIsNotSet() throws Exception
+    {
+        assertSystemPropertiesNotSet(_systemPropertyName);
+
+        Boolean propertyValue = QpidProperty.booleanProperty(Boolean.TRUE, _systemPropertyName).get();
+        assertTrue(propertyValue);
+    }
+
+    public void testIntegerValueReadFromSystemProperty() throws Exception
+    {
+        int expectedValue = 15;
+        setTestSystemProperty(_systemPropertyName, Integer.valueOf(expectedValue).toString());
+        assertSystemPropertiesSet(_systemPropertyName);
+
+        int propertyValue = QpidProperty.intProperty(14, _systemPropertyName).get();
+        assertEquals(expectedValue, propertyValue);
+    }
+
+    public void testIntegerValueIsDefaultWhenOneSystemPropertyIsNotSet() throws Exception
+    {
+        int expectedValue = 15;
+        assertSystemPropertiesNotSet(_systemPropertyName);
+
+        int propertyValue = QpidProperty.intProperty(expectedValue, _systemPropertyName).get();
+        assertEquals(expectedValue, propertyValue);
+    }
+
+    public void testLongValueReadFromSystemProperty() throws Exception
+    {
+        long expectedValue = 15;
+        setTestSystemProperty(_systemPropertyName, Long.valueOf(expectedValue).toString());
+        assertSystemPropertiesSet(_systemPropertyName);
+
+        long propertyValue = QpidProperty.longProperty(14l, _systemPropertyName).get();
+        assertEquals(expectedValue, propertyValue);
+    }
+
+    public void testLongValueIsDefaultWhenOneSystemPropertyIsNotSet() throws Exception
+    {
+        long expectedValue = 15;
+        assertSystemPropertiesNotSet(_systemPropertyName);
+
+        long propertyValue = QpidProperty.longProperty(expectedValue, _systemPropertyName).get();
+        assertEquals(expectedValue, propertyValue);
+    }
+
+    private void assertSystemPropertiesSet(String... systemPropertyNames)
+    {
+        for (String systemPropertyName : systemPropertyNames)
+        {
+            assertTrue("System property " + systemPropertyName + " should be set",
+                    System.getProperties().containsKey(systemPropertyName));
+        }
+    }
+
+    private void assertSystemPropertiesNotSet(String... systemPropertyNames)
+    {
+        for (String systemPropertyName : systemPropertyNames)
+        {
+            assertFalse("System property " + systemPropertyName + " should not be set",
+                    System.getProperties().containsKey(systemPropertyName));
+        }
+    }
+
+}
diff --git a/java/common/src/test/java/org/apache/qpid/ssl/SSLContextFactoryTest.java b/java/common/src/test/java/org/apache/qpid/ssl/SSLContextFactoryTest.java
index c373da0887..69b04c9979 100644
--- a/java/common/src/test/java/org/apache/qpid/ssl/SSLContextFactoryTest.java
+++ b/java/common/src/test/java/org/apache/qpid/ssl/SSLContextFactoryTest.java
@@ -19,7 +19,10 @@ package org.apache.qpid.ssl;
 
 import org.apache.qpid.test.utils.QpidTestCase;
 
+import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManagerFactory;
+
 import java.io.IOException;
 
 public class SSLContextFactoryTest extends QpidTestCase
@@ -28,12 +31,13 @@ public class SSLContextFactoryTest extends QpidTestCase
     private static final String CLIENT_KEYSTORE_PATH = TEST_RESOURCES_DIR + "/ssl/java_client_keystore.jks";
     private static final String CLIENT_TRUSTSTORE_PATH = TEST_RESOURCES_DIR + "/ssl/java_client_truststore.jks";
     private static final String STORE_PASSWORD = "password";
-    private static final String CERT_TYPE = "SunX509";
+    private static final String DEFAULT_KEY_MANAGER_ALGORITHM = KeyManagerFactory.getDefaultAlgorithm();
+    private static final String DEFAULT_TRUST_MANAGER_ALGORITHM = TrustManagerFactory.getDefaultAlgorithm();
     private static final String CERT_ALIAS_APP1 = "app1";
 
     public void testBuildServerContext() throws Exception
     {
-        SSLContext context = SSLContextFactory.buildServerContext(BROKER_KEYSTORE_PATH, STORE_PASSWORD, CERT_TYPE);
+        SSLContext context = SSLContextFactory.buildServerContext(BROKER_KEYSTORE_PATH, STORE_PASSWORD, DEFAULT_KEY_MANAGER_ALGORITHM);
         assertNotNull("SSLContext should not be null", context);
     }
 
@@ -41,7 +45,7 @@ public class SSLContextFactoryTest extends QpidTestCase
     {
         try
         {
-            SSLContextFactory.buildServerContext(BROKER_KEYSTORE_PATH, "sajdklsad", CERT_TYPE);
+            SSLContextFactory.buildServerContext(BROKER_KEYSTORE_PATH, "sajdklsad", DEFAULT_KEY_MANAGER_ALGORITHM);
             fail("Exception was not thrown due to incorrect password");
         }
         catch (IOException e)
@@ -54,7 +58,7 @@ public class SSLContextFactoryTest extends QpidTestCase
     {
         try
         {
-            SSLContextFactory.buildClientContext("/path/to/nothing", STORE_PASSWORD, CERT_TYPE, CLIENT_KEYSTORE_PATH, STORE_PASSWORD, CERT_TYPE, null);
+            SSLContextFactory.buildClientContext("/path/to/nothing", STORE_PASSWORD, DEFAULT_TRUST_MANAGER_ALGORITHM, CLIENT_KEYSTORE_PATH, STORE_PASSWORD, DEFAULT_KEY_MANAGER_ALGORITHM, null);
             fail("Exception was not thrown due to incorrect path");
         }
         catch (IOException e)
@@ -65,19 +69,19 @@ public class SSLContextFactoryTest extends QpidTestCase
 
     public void testBuildClientContextForSSLEncryptionOnly() throws Exception
     {
-        SSLContext context = SSLContextFactory.buildClientContext(CLIENT_TRUSTSTORE_PATH, STORE_PASSWORD, CERT_TYPE, null, null, null, null);
+        SSLContext context = SSLContextFactory.buildClientContext(CLIENT_TRUSTSTORE_PATH, STORE_PASSWORD, DEFAULT_TRUST_MANAGER_ALGORITHM, null, null, null, null);
         assertNotNull("SSLContext should not be null", context);
     }
 
     public void testBuildClientContextWithForClientAuth() throws Exception
     {
-        SSLContext context = SSLContextFactory.buildClientContext(CLIENT_TRUSTSTORE_PATH, STORE_PASSWORD, CERT_TYPE, CLIENT_KEYSTORE_PATH, STORE_PASSWORD, CERT_TYPE, null);
+        SSLContext context = SSLContextFactory.buildClientContext(CLIENT_TRUSTSTORE_PATH, STORE_PASSWORD, DEFAULT_TRUST_MANAGER_ALGORITHM, CLIENT_KEYSTORE_PATH, STORE_PASSWORD, DEFAULT_KEY_MANAGER_ALGORITHM, null);
         assertNotNull("SSLContext should not be null", context);
     }
     
     public void testBuildClientContextWithForClientAuthWithCertAlias() throws Exception
     {
-        SSLContext context = SSLContextFactory.buildClientContext(CLIENT_TRUSTSTORE_PATH, STORE_PASSWORD, CERT_TYPE, CLIENT_KEYSTORE_PATH, STORE_PASSWORD, CERT_TYPE, CERT_ALIAS_APP1);
+        SSLContext context = SSLContextFactory.buildClientContext(CLIENT_TRUSTSTORE_PATH, STORE_PASSWORD, DEFAULT_TRUST_MANAGER_ALGORITHM, CLIENT_KEYSTORE_PATH, STORE_PASSWORD, DEFAULT_KEY_MANAGER_ALGORITHM, CERT_ALIAS_APP1);
         assertNotNull("SSLContext should not be null", context);
     }
 }
diff --git a/java/common/src/test/java/org/apache/qpid/transport/ConnectionSettingsTest.java b/java/common/src/test/java/org/apache/qpid/transport/ConnectionSettingsTest.java
index 7d28f079ec..47773ff2f8 100644
--- a/java/common/src/test/java/org/apache/qpid/transport/ConnectionSettingsTest.java
+++ b/java/common/src/test/java/org/apache/qpid/transport/ConnectionSettingsTest.java
@@ -20,11 +20,16 @@
  */
 package org.apache.qpid.transport;
 
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.TrustManagerFactory;
+
 import org.apache.qpid.configuration.ClientProperties;
 import org.apache.qpid.test.utils.QpidTestCase;
 
 public class ConnectionSettingsTest extends QpidTestCase
 {
+    private static final String TEST_ALGORITHM_NAME = "algorithmName";
+
     private ConnectionSettings _conConnectionSettings;
 
     protected void setUp() throws Exception
@@ -33,37 +38,91 @@ public class ConnectionSettingsTest extends QpidTestCase
         _conConnectionSettings = new ConnectionSettings();
     }
 
-    public void testDefaultTCP_NODELAY()
+    public void testTcpNoDelayDefault()
     {
         assertTrue("Default for isTcpNodelay() should be true", _conConnectionSettings.isTcpNodelay());
     }
 
-    public void testSystemPropertyOverrideTrueForTCP_NODELAY()
+    public void testTcpNoDelayOverrideTrue()
     {
-        systemPropertyOverrideForTCP_NODELAYImpl(ClientProperties.QPID_TCP_NODELAY_PROP_NAME, true);
+        systemPropertyOverrideForTcpDelay(ClientProperties.QPID_TCP_NODELAY_PROP_NAME, true);
     }
     
-    public void testSystemPropertyOverrideFalseForTCP_NODELAY()
+    public void testTcpNoDelayOverrideFalse()
     {
-        systemPropertyOverrideForTCP_NODELAYImpl(ClientProperties.QPID_TCP_NODELAY_PROP_NAME, false);
+        systemPropertyOverrideForTcpDelay(ClientProperties.QPID_TCP_NODELAY_PROP_NAME, false);
     }
 
-    public void testLegacySystemPropertyOverrideTrueForTCP_NODELAY()
+    @SuppressWarnings("deprecation")
+    public void testTcpNoDelayLegacyOverrideTrue()
     {
-        systemPropertyOverrideForTCP_NODELAYImpl(ClientProperties.AMQJ_TCP_NODELAY_PROP_NAME, true);
+        systemPropertyOverrideForTcpDelay(ClientProperties.AMQJ_TCP_NODELAY_PROP_NAME, true);
     }
 
-    public void testLegacySystemPropertyOverrideFalseForTCP_NODELAY()
+    @SuppressWarnings("deprecation")
+    public void testTcpNoDelayLegacyOverrideFalse()
     {
-        systemPropertyOverrideForTCP_NODELAYImpl(ClientProperties.AMQJ_TCP_NODELAY_PROP_NAME, false);
+        systemPropertyOverrideForTcpDelay(ClientProperties.AMQJ_TCP_NODELAY_PROP_NAME, false);
     }
 
-    private void systemPropertyOverrideForTCP_NODELAYImpl(String propertyName, boolean value)
+    public void testKeyManagerFactoryAlgorithmDefault()
     {
-        //set the default via system property
-        setTestSystemProperty(propertyName, String.valueOf(value));
+        assertEquals(KeyManagerFactory.getDefaultAlgorithm(), _conConnectionSettings.getKeyManagerFactoryAlgorithm());
+    }
 
-        _conConnectionSettings = new ConnectionSettings();
+    public void testKeyManagerFactoryAlgorithmOverridden()
+    {
+        String algorithmName = TEST_ALGORITHM_NAME;
+        systemPropertyOverrideForKeyFactoryAlgorithm(ClientProperties.QPID_SSL_KEY_MANAGER_FACTORY_ALGORITHM_PROP_NAME, algorithmName);
+    }
+
+    @SuppressWarnings("deprecation")
+    public void testKeyManagerFactoryAlgorithmLegacyOverridden()
+    {
+        String algorithmName = TEST_ALGORITHM_NAME;
+        systemPropertyOverrideForKeyFactoryAlgorithm(ClientProperties.QPID_SSL_KEY_STORE_CERT_TYPE_PROP_NAME, algorithmName);
+    }
+
+    public void testTrustManagerFactoryAlgorithmDefault()
+    {
+        assertEquals(TrustManagerFactory.getDefaultAlgorithm(), _conConnectionSettings.getTrustManagerFactoryAlgorithm());
+    }
+
+    public void testTrustManagerFactoryAlgorithmOverridden()
+    {
+        String algorithmName = TEST_ALGORITHM_NAME;
+        systemPropertyOverrideForTrustFactoryAlgorithm(ClientProperties.QPID_SSL_TRUST_MANAGER_FACTORY_ALGORITHM_PROP_NAME, algorithmName);
+    }
+
+    @SuppressWarnings("deprecation")
+    public void testTrustManagerFactoryAlgorithmLegacyOverridden()
+    {
+        String algorithmName = TEST_ALGORITHM_NAME;
+        systemPropertyOverrideForTrustFactoryAlgorithm(ClientProperties.QPID_SSL_TRUST_STORE_CERT_TYPE_PROP_NAME, algorithmName);
+    }
+
+    private void systemPropertyOverrideForTcpDelay(String propertyName, boolean value)
+    {
+        resetSystemProperty(propertyName, String.valueOf(value));
         assertEquals("Value for isTcpNodelay() is incorrect", value, _conConnectionSettings.isTcpNodelay());
     }
+
+    private void systemPropertyOverrideForKeyFactoryAlgorithm(String propertyName, String value)
+    {
+        resetSystemProperty(propertyName, value);
+        assertEquals(value, _conConnectionSettings.getKeyManagerFactoryAlgorithm());
+    }
+
+    private void systemPropertyOverrideForTrustFactoryAlgorithm(String propertyName, String value)
+    {
+        resetSystemProperty(propertyName, value);
+        assertEquals(value, _conConnectionSettings.getTrustManagerFactoryAlgorithm());
+    }
+
+    private void resetSystemProperty(String propertyName, String value)
+    {
+        setTestSystemProperty(propertyName, value);
+
+        _conConnectionSettings = new ConnectionSettings();
+    }
 }
diff --git a/java/common/src/test/java/org/apache/qpid/util/PropertyUtilsTest.java b/java/common/src/test/java/org/apache/qpid/util/PropertyUtilsTest.java
index 9fd18d461a..c5464aab79 100644
--- a/java/common/src/test/java/org/apache/qpid/util/PropertyUtilsTest.java
+++ b/java/common/src/test/java/org/apache/qpid/util/PropertyUtilsTest.java
@@ -40,9 +40,4 @@ public class PropertyUtilsTest extends QpidTestCase
         String expandedProperty = PropertyUtils.replaceProperties("${banana}xyz${concrete}");
         assertEquals(expandedProperty, "fruityxyzhorrible");
     }
-
-    public static junit.framework.Test suite()
-    {
-        return new junit.framework.TestSuite(PropertyUtilsTest.class);
-    }
 }