Skip to content

Commit

Permalink
Set the default SSL context in Elytron and turn on SSL debugging.
Browse files Browse the repository at this point in the history 
Signed-off-by: James R. Perkins <[email protected]>
  • Loading branch information
@jamezp
jamezp committed Jul 10, 2024
1 parent c873c06 commit 678fb07
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 7 deletions.
3 changes: 2 additions & 1 deletion security/run-tck.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -164,7 +164,8 @@ echo "Executing NEW Jakarta Security TCK."
pushd $TCK_ROOT
mvn ${MVN_ARGS} clean -pl '!old-tck,!old-tck/build,!old-tck/run'
mkdir target
safeRun mvn ${MVN_ARGS} install -Pnew-wildfly -pl '!old-tck,!old-tck/build,!old-tck/run' -Dtest.wildfly.home=$NEW_WILDFLY -fae
# safeRun mvn ${MVN_ARGS} install -Pnew-wildfly -pl '!old-tck,!old-tck/build,!old-tck/run' -Dtest.wildfly.home=$NEW_WILDFLY -fae
safeRun mvn ${MVN_ARGS} install -Pnew-wildfly -pl 'app-openid2' -Dtest.wildfly.home=$NEW_WILDFLY -fae
newTckStatus=${status}
popd

Expand Down
2 changes: 1 addition & 1 deletion security/wildfly-mods/arquillian.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<container qualifier="default" default="true">
<configuration>
<property name="jbossHome">${test.wildfly.home}</property>
<property name="javaVmArguments">${debugJvmArgs} -Djboss.https.port=9443</property>
<property name="javaVmArguments">${debugJvmArgs} -Djboss.https.port=9443 -Djavax.net.debug=all</property>
<property name="serverName">wildfly</property>
<property name="host">localhost</property>
</configuration>
Expand Down
9 changes: 4 additions & 5 deletions security/wildfly/configure-server.cli
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,14 +26,13 @@ if (outcome != success) of /subsystem=elytron/key-store=tckKs:read-resource

/subsystem=elytron/key-manager=tckKm:add(key-store=tckKs,credential-reference={clear-text=changeit})
/subsystem=elytron/trust-manager=tckTm:add(key-store=tckKs)
# /subsystem=elytron/server-ssl-context=tckSsl:add(key-manager=tckKm,protocols=["TLSv1.2"],trust-manager=tckTm,need-client-auth=true)

# /subsystem=undertow/server=default-server/https-listener=https:undefine-attribute(name=security-realm)
# /subsystem=undertow/server=default-server/https-listener=https:write-attribute(name=ssl-context,value=tckSsl)
#/subsystem=elytron/server-ssl-context=tckSsl:add(key-manager=tckKm,protocols=["TLSv1.2"],trust-manager=tckTm,need-client-auth=true)

/subsystem=elytron/client-ssl-context=tckSsl:add(key-manager=tckKm,trust-manager=tckTm)
/subsystem=elytron/authentication-context=tckAc:add(match-rules=[{match-port=9443,ssl-context=tckSsl}])
/subsystem=elytron/dynamic-client-ssl-context=dynamicClientSSLContext:add(authentication-context=tckAc)
/subsystem=elytron:write-attribute(name=default-ssl-context, value=tckSsl)

/subsystem=elytron/configurable-http-server-mechanism-factory=configuredCert:add(http-server-mechanism-factory=global, properties={org.wildfly.security.http.skip-certificate-verification=true})
end-if

stop-embedded-server

0 comments on commit 678fb07

Please sign in to comment.