TouchInstinct
/
java-cas-client
303
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CASC-231 HttpsURLConnectonFactory is Not Serializable 

Problem: THe HttpsURLConnectionFactory is not serializable, causing problems for clients that must serialize
the principal (which depends on a ProxyRetriever).

Solution: Make the HttpsURLConnectionFactory serializable.

QA Notes: added unit test to confirm serialize-deserialize
This commit is contained in:
Scott 2014-12-07 13:32:14 -05:00
parent d7ca6a098e
commit d1da02f457
6 changed files with 92 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cas-client-core/src/main/java/org/jasig/cas/client/ssl/HttpURLConnectionFactory.java
View File

@ -18,6 +18,7 @@
*/
package org.jasig.cas.client.ssl;
import java.io.Serializable;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLConnection;
@ -28,7 +29,7 @@ import java.net.URLConnection;
* @author Misagh Moayyed
* @since 3.3
*/
public interface HttpURLConnectionFactory {
public interface HttpURLConnectionFactory extends Serializable {
/**
* Receives a {@link URLConnection} instance typically as a result of a {@link URL}

46
cas-client-core/src/main/java/org/jasig/cas/client/ssl/HttpsURLConnectionFactory.java
View File

@ -18,8 +18,7 @@
*/
package org.jasig.cas.client.ssl;
import java.io.FileInputStream;
import java.io.InputStream;
import java.io.*;
import java.net.HttpURLConnection;
import java.net.URLConnection;
import java.security.KeyStore;
@ -41,6 +40,8 @@ import org.slf4j.LoggerFactory;
*/
public final class HttpsURLConnectionFactory implements HttpURLConnectionFactory {
private static final long serialVersionUID = 1L;
private static final Logger LOGGER = LoggerFactory.getLogger(HttpsURLConnectionFactory.class);
/**
@ -146,4 +147,45 @@ public final class HttpsURLConnectionFactory implements HttpURLConnectionFactory
return null;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (o == null || getClass() != o.getClass()) return false;
final HttpsURLConnectionFactory that = (HttpsURLConnectionFactory) o;
if (!hostnameVerifier.equals(that.hostnameVerifier)) return false;
if (!sslConfiguration.equals(that.sslConfiguration)) return false;
return true;
}
@Override
public int hashCode() {
int result = hostnameVerifier.hashCode();
result = 31 * result + sslConfiguration.hashCode();
return result;
}
private void writeObject(final ObjectOutputStream out) throws IOException {
if (this.hostnameVerifier == HttpsURLConnection.getDefaultHostnameVerifier()) {
out.writeObject(null);
} else {
out.writeObject(this.hostnameVerifier);
}
out.writeObject(this.sslConfiguration);
}
private void readObject(final ObjectInputStream in) throws IOException, ClassNotFoundException {
final Object internalHostNameVerifier = in.readObject();
if (internalHostNameVerifier == null) {
this.hostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
} else {
this.hostnameVerifier = (HostnameVerifier) internalHostNameVerifier;
}
this.sslConfiguration = (Properties) in.readObject();
}
}

5
cas-client-core/src/main/java/org/jasig/cas/client/ssl/RegexHostnameVerifier.java
View File

@ -19,6 +19,7 @@
package org.jasig.cas.client.ssl;
import java.io.Serializable;
import java.util.regex.Pattern;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
@ -32,7 +33,9 @@ import javax.net.ssl.SSLSession;
* @since 3.1.10
*
*/
public final class RegexHostnameVerifier implements HostnameVerifier {
public final class RegexHostnameVerifier implements HostnameVerifier, Serializable {
private static final long serialVersionUID = 1L;
/** Allowed hostname pattern */
private Pattern pattern;

5
cas-client-core/src/main/java/org/jasig/cas/client/ssl/WhitelistHostnameVerifier.java
View File

@ -20,6 +20,7 @@ package org.jasig.cas.client.ssl;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import java.io.Serializable;
/**
* Verifies a SSL peer host name based on an explicit whitelist of allowed hosts.
@ -29,7 +30,9 @@ import javax.net.ssl.SSLSession;
* @since 3.1.10
*
*/
public final class WhitelistHostnameVerifier implements HostnameVerifier {
public final class WhitelistHostnameVerifier implements HostnameVerifier, Serializable {
private static final long serialVersionUID = 1L;
/** Allowed hosts */
private String[] allowedHosts;

37
cas-client-core/src/test/java/org/jasig/cas/client/ssl/HttpsURLConnectionFactoryTests.java Normal file
View File

@ -0,0 +1,37 @@
package org.jasig.cas.client.ssl;
import org.junit.Before;
import org.junit.Test;
import java.io.*;
import static org.junit.Assert.*;
public final class HttpsURLConnectionFactoryTests {
private HttpsURLConnectionFactory httpsURLConnectionFactory;
@Before
public void setUp() throws Exception {
this.httpsURLConnectionFactory = new HttpsURLConnectionFactory();
}
@Test
public void serializeAndDeserialize() throws Exception {
final ByteArrayOutputStream baos = new ByteArrayOutputStream();
final ObjectOutputStream oos = new ObjectOutputStream(baos);
oos.writeObject(this.httpsURLConnectionFactory);
oos.close();
final byte[] serializedHttpsUrlConnectionFactory = baos.toByteArray();
final ByteArrayInputStream bais = new ByteArrayInputStream(serializedHttpsUrlConnectionFactory);
final ObjectInputStream ois = new ObjectInputStream(bais);
final HttpsURLConnectionFactory deserializedObject = (HttpsURLConnectionFactory) ois.readObject();
assertEquals(this.httpsURLConnectionFactory, deserializedObject);
}
}

2
cas-client-core/src/test/java/org/jasig/cas/client/ssl/WhitelistHostnameVerifierTests.java
View File

@ -43,7 +43,7 @@ import junit.framework.TestCase;
*/
public class WhitelistHostnameVerifierTests extends TestCase {
/**
* Test method for {@link WhitelistHostnameVerifier#verify(String, SSLSession)}.
* Test method for {@link WhitelistHostnameVerifier#verify(String, javax.net.ssl.SSLSession)}.
*/
public void testVerify() {
final WhitelistHostnameVerifier verifier = new WhitelistHostnameVerifier("red.vt.edu, green.vt.edu,blue.vt.edu");