adding IceSSL test

author: Mark Spruiell <mes@zeroc.com> 2006-04-13 19:51:31 +0000
committer: Mark Spruiell <mes@zeroc.com> 2006-04-13 19:51:31 +0000
commit: 5fda5c250c3d430e7ad6fc9d4ef17159abb31e9b (patch)
tree: 791e697af698a8361b33477e9fdddeb268b2e259
parent: Bug 617 - Glacier2 usage with locator (diff)
download: ice-5fda5c250c3d430e7ad6fc9d4ef17159abb31e9b.tar.bz2
ice-5fda5c250c3d430e7ad6fc9d4ef17159abb31e9b.tar.xz
ice-5fda5c250c3d430e7ad6fc9d4ef17159abb31e9b.zip
23 files changed, 1361 insertions, 0 deletions
diff --git a/java/test/IceSSL/build.xml b/java/test/IceSSL/build.xml
new file mode 100644
index 00000000000..bc38621a1ed
--- /dev/null
+++ b/java/test/IceSSL/build.xml
@@ -0,0 +1,22 @@
+<!--
+ **********************************************************************
+
+ Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+
+ This copy of Ice is licensed to you under the terms described in the
+ ICE_LICENSE file included in this distribution.
+
+ **********************************************************************
+-->
+
+<project name="test_IceSSL" default="all" basedir=".">
+
+    <target name="all">
+        <ant dir="configuration"/>
+    </target>
+
+    <target name="clean">
+        <ant dir="configuration" target="clean"/>
+    </target>
+
+</project>
diff --git a/java/test/IceSSL/certs/c_dsa_ca1.jks b/java/test/IceSSL/certs/c_dsa_ca1.jks
new file mode 100644
index 00000000000..c1f056734a9
--- /dev/null
+++ b/java/test/IceSSL/certs/c_dsa_ca1.jks
diff --git a/java/test/IceSSL/certs/c_rsa_ca1.jks b/java/test/IceSSL/certs/c_rsa_ca1.jks
new file mode 100644
index 00000000000..2eed285ce07
--- /dev/null
+++ b/java/test/IceSSL/certs/c_rsa_ca1.jks
diff --git a/java/test/IceSSL/certs/c_rsa_ca1_exp.jks b/java/test/IceSSL/certs/c_rsa_ca1_exp.jks
new file mode 100644
index 00000000000..1a33866e373
--- /dev/null
+++ b/java/test/IceSSL/certs/c_rsa_ca1_exp.jks
diff --git a/java/test/IceSSL/certs/c_rsa_ca2.jks b/java/test/IceSSL/certs/c_rsa_ca2.jks
new file mode 100644
index 00000000000..afc1997a2e1
--- /dev/null
+++ b/java/test/IceSSL/certs/c_rsa_ca2.jks
diff --git a/java/test/IceSSL/certs/cacert1.jks b/java/test/IceSSL/certs/cacert1.jks
new file mode 100644
index 00000000000..83677f73a66
--- /dev/null
+++ b/java/test/IceSSL/certs/cacert1.jks
diff --git a/java/test/IceSSL/certs/cacert2.jks b/java/test/IceSSL/certs/cacert2.jks
new file mode 100644
index 00000000000..70135a768d6
--- /dev/null
+++ b/java/test/IceSSL/certs/cacert2.jks
diff --git a/java/test/IceSSL/certs/cacerts.jks b/java/test/IceSSL/certs/cacerts.jks
new file mode 100644
index 00000000000..8cd76706603
--- /dev/null
+++ b/java/test/IceSSL/certs/cacerts.jks
diff --git a/java/test/IceSSL/certs/makecerts.py b/java/test/IceSSL/certs/makecerts.py
new file mode 100755
index 00000000000..42aac57f101
--- /dev/null
+++ b/java/test/IceSSL/certs/makecerts.py
@@ -0,0 +1,137 @@
+#!/usr/bin/env python
+# **********************************************************************
+#
+# Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+#
+# This copy of Ice is licensed to you under the terms described in the
+# ICE_LICENSE file included in this distribution.
+#
+# **********************************************************************
+
+import os, sys, shutil
+
+#
+# Show usage information.
+#
+def usage():
+    print "Usage: " + sys.argv[0] + " [options]"
+    print
+    print "Options:"
+    print "-h    Show this message."
+    print "-f    Force an update to the Java files."
+
+#
+# Check arguments
+#
+force = 0
+for x in sys.argv[1:]:
+    if x == "-h":
+        usage()
+        sys.exit(0)
+    elif x == "-f":
+        force = 1
+    elif x.startswith("-"):
+        print sys.argv[0] + ": unknown option `" + x + "'"
+        print
+        usage()
+        sys.exit(1)
+    else:
+        usage()
+        sys.exit(1)
+
+if not os.environ.has_key("ICE_HOME"):
+    print sys.argv[0] + ": error: ICE_HOME is not defined"
+    sys.exit(1)
+
+cppcerts = os.path.join(os.environ["ICE_HOME"], "test", "IceSSL", "certs")
+
+certs = [\
+    "c_dsa_nopass_ca1", \
+    "c_rsa_nopass_ca1_exp", \
+    "c_rsa_nopass_ca1", \
+    "c_rsa_nopass_ca2", \
+    "s_dsa_nopass_ca1", \
+    "s_rsa_nopass_ca1_exp", \
+    "s_rsa_nopass_ca1", \
+    "s_rsa_nopass_ca2", \
+]
+
+#
+# Create truststores from the CA certificates.
+#
+for x in ("cacert1", "cacert2"):
+    ts = x + ".jks"
+    os.system("openssl x509 -in " + os.path.join(cppcerts, x) + ".pem -outform DER -out " + x + ".der")
+    if force or not os.path.exists(ts):
+	if os.path.exists(ts):
+	    os.remove(ts)
+	os.system("keytool -import -alias cacert -file " + x + ".der -keystore " + ts + \
+		  " -storepass password -noprompt")
+	print "Created " + ts
+
+#
+# Create a truststore containing both CA certificates.
+#
+if force or not os.path.exists("cacerts.jks"):
+    if os.path.exists("cacerts.jks"):
+	os.remove("cacerts.jks")
+    os.system("keytool -import -alias cacert1 -file cacert1.der -keystore cacerts.jks -storepass password -noprompt")
+    os.system("keytool -import -alias cacert2 -file cacert2.der -keystore cacerts.jks -storepass password -noprompt")
+    print "Created cacerts.jks"
+
+#
+# Convert key/certificate pairs into PKCS12 format and then import them
+# into keystores.
+#
+for x in certs:
+    p12 = x.replace("nopass_", "") + ".p12"
+    ks = x.replace("nopass_", "") + ".jks"
+    if x.find("1") > 0:
+	cacert = "cacert1"
+    else:
+	cacert = "cacert2"
+    if force or not os.path.exists(ks):
+	if os.path.exists(ks):
+	    os.remove(ks)
+	cert = os.path.join(cppcerts, x)
+	ca = os.path.join(cppcerts, cacert) + ".pem"
+	os.system("openssl pkcs12 -in " + cert + "_pub.pem -inkey " + cert + "_priv.pem -export -out " + p12 + \
+		  " -name cert -passout pass:password -certfile " + ca)
+	os.system("java -classpath ../../../certs ImportKey " + p12  + " cert " + cacert + ".der " + ks + " password")
+	os.remove(p12)
+	print "Created " + ks
+
+#
+# Create a keystore that contains both RSA and DSS certificates.
+#
+ks = "s_rsa_dsa_ca1.jks"
+if force or not os.path.exists(ks):
+    if os.path.exists(ks):
+	os.remove(ks)
+    cacert = "cacert1"
+    ca = os.path.join(cppcerts, cacert) + ".pem"
+    p12 = "s_dsa_nopass_ca1.p12"
+    cert = os.path.join(cppcerts, "s_dsa_nopass_ca1")
+    os.system("openssl pkcs12 -in " + cert + "_pub.pem -inkey " + cert + "_priv.pem -export -out " + p12 + \
+	      " -name dsacert -passout pass:password -certfile " + ca)
+    os.system("java -classpath ../../../certs ImportKey " + p12  + " dsacert " + cacert + ".der " + ks + " password")
+    os.remove(p12)
+    p12 = "s_rsa_nopass_ca1.p12"
+    cert = os.path.join(cppcerts, "s_rsa_nopass_ca1")
+    os.system("openssl pkcs12 -in " + cert + "_pub.pem -inkey " + cert + "_priv.pem -export -out " + p12 + \
+	      " -name rsacert -passout pass:password -certfile " + ca)
+    os.system("java -classpath ../../../certs ImportKey " + p12  + " rsacert " + cacert + ".der " + ks + " password")
+    os.remove(p12)
+    print "Created " + ks
+
+#
+# Clean up.
+#
+for x in ("cacert1", "cacert2"):
+    cert = x + ".der"
+    if os.path.exists(cert):
+	os.remove(cert)
+#
+# Done.
+#
+print "Done."
diff --git a/java/test/IceSSL/certs/s_dsa_ca1.jks b/java/test/IceSSL/certs/s_dsa_ca1.jks
new file mode 100644
index 00000000000..6b47dc8ae61
--- /dev/null
+++ b/java/test/IceSSL/certs/s_dsa_ca1.jks
diff --git a/java/test/IceSSL/certs/s_rsa_ca1.jks b/java/test/IceSSL/certs/s_rsa_ca1.jks
new file mode 100644
index 00000000000..2128ea702bd
--- /dev/null
+++ b/java/test/IceSSL/certs/s_rsa_ca1.jks
diff --git a/java/test/IceSSL/certs/s_rsa_ca1_exp.jks b/java/test/IceSSL/certs/s_rsa_ca1_exp.jks
new file mode 100644
index 00000000000..c26043dff35
--- /dev/null
+++ b/java/test/IceSSL/certs/s_rsa_ca1_exp.jks
diff --git a/java/test/IceSSL/certs/s_rsa_ca2.jks b/java/test/IceSSL/certs/s_rsa_ca2.jks
new file mode 100644
index 00000000000..2f642151e48
--- /dev/null
+++ b/java/test/IceSSL/certs/s_rsa_ca2.jks
diff --git a/java/test/IceSSL/certs/s_rsa_dsa_ca1.jks b/java/test/IceSSL/certs/s_rsa_dsa_ca1.jks
new file mode 100644
index 00000000000..58f8a99d0a0
--- /dev/null
+++ b/java/test/IceSSL/certs/s_rsa_dsa_ca1.jks
diff --git a/java/test/IceSSL/configuration/AllTests.java b/java/test/IceSSL/configuration/AllTests.java
new file mode 100644
index 00000000000..3eb3266a703
--- /dev/null
+++ b/java/test/IceSSL/configuration/AllTests.java
@@ -0,0 +1,877 @@
+// **********************************************************************
+//
+// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+//
+// This copy of Ice is licensed to you under the terms described in the
+// ICE_LICENSE file included in this distribution.
+//
+// **********************************************************************
+
+//
+// NOTE: This test is not interoperable with other language mappings.
+//
+
+class CertificateVerifierI implements IceSSL.CertificateVerifier
+{
+    CertificateVerifierI()
+    {
+	reset();
+    }
+
+    public boolean
+    verify(IceSSL.VerifyInfo info)
+    {
+	_incoming = info.incoming;
+	_hadCert = info.certs != null;
+	_invoked = true;
+	return _returnValue;
+    }
+
+    void
+    reset()
+    {
+	_returnValue = true;
+       	_invoked = false;
+	_incoming = false;
+	_hadCert = false;
+    }
+
+    void
+    returnValue(boolean b)
+    {
+	_returnValue = b;
+    }
+
+    boolean
+    invoked()
+    {
+	return _invoked;
+    }
+
+    boolean
+    incoming()
+    {
+	return _incoming;
+    }
+
+    boolean
+    hadCert()
+    {
+	return _hadCert;
+    }
+
+    private boolean _returnValue;
+    private boolean _invoked;
+    private boolean _incoming;
+    private boolean _hadCert;
+}
+
+public class AllTests
+{
+    private static void
+    test(boolean b)
+    {
+	if(!b)
+	{
+	    throw new RuntimeException();
+	}
+    }
+
+    private static Ice.InitializationData
+    createClientProps(String testDir, String defaultHost)
+    {
+	Ice.InitializationData result = new Ice.InitializationData();
+	result.properties = Ice.Util.createProperties();
+	result.properties.setProperty("Ice.Plugin.IceSSL", "IceSSL.PluginFactory");
+	result.properties.setProperty("Ice.ThreadPerConnection", "1");
+	result.properties.setProperty("Ice.RetryIntervals", "-1");
+	if(defaultHost.length() > 0)
+	{
+	    result.properties.setProperty("Ice.Default.Host", defaultHost);
+	}
+	return result;
+    }
+
+    private static java.util.Map
+    createServerProps(String testDir, String defaultHost)
+    {
+	java.util.Map result = new java.util.HashMap();
+	result.put("Ice.Plugin.IceSSL", "IceSSL.PluginFactory");
+	result.put("Ice.ThreadPerConnection", "1");
+	if(defaultHost.length() > 0)
+	{
+	    result.put("Ice.Default.Host", defaultHost);
+	}
+	return result;
+    }
+    
+    public static void
+    allTests(Ice.Communicator communicator, String testDir)
+    {
+	final String factoryRef = "factory:tcp -p 12010 -t 10000";
+	Ice.ObjectPrx b = communicator.stringToProxy(factoryRef);
+	test(b != null);
+	Test.ServerFactoryPrx factory = Test.ServerFactoryPrxHelper.checkedCast(b);
+
+	final String defaultHost = communicator.getProperties().getProperty("Ice.Default.Host");
+	final String defaultDir = testDir + "/../certs";
+
+	final String[] args = new String[0];
+
+	System.out.print("testing manual initialization... ");
+	System.out.flush();
+	{
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.DelayInit", "1");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    Ice.ObjectPrx p = comm.stringToProxy("dummy:ssl -p 9999");
+	    try
+	    {
+		p.ice_ping();
+		test(false);
+	    }
+	    catch(Ice.PluginInitializationException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    comm.destroy();
+	}
+	{
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.DelayInit", "1");
+	    initData.properties.setProperty("IceSSL.Client.Ciphers", "NONE (.*DH_anon.*)");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    IceSSL.Plugin plugin = (IceSSL.Plugin)comm.getPluginManager().getPlugin("IceSSL");
+	    test(plugin != null);
+	    plugin.initialize(null, null);
+	    Ice.ObjectPrx obj = comm.stringToProxy(factoryRef);
+	    test(obj != null);
+	    Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(obj);
+	    java.util.Map d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.Ciphers", "NONE (.*DH_anon.*)");
+	    d.put("IceSSL.Server.VerifyPeer", "0");
+	    Test.ServerPrx server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+	}
+	System.out.println("ok");
+
+	System.out.print("testing certificate verification... ");
+	System.out.flush();
+	{
+	    //
+	    // Test IceSSL.Server.VerifyPeer=0. Client does not have a certificate,
+	    // but it still verifies the server's.
+	    //
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    java.util.Map d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "0");
+	    Test.ServerPrx server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+
+	    //
+	    // Test IceSSL.Server.VerifyPeer=1. Client does not have a certificate.
+	    //
+	    initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    comm = Ice.Util.initialize(args, initData);
+	    fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "1");
+	    server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+
+	    //
+	    // Test IceSSL.Server.VerifyPeer=2. This should fail because the client
+	    // does not supply a certificate.
+	    //
+	    d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "2");
+	    server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+		test(false);
+	    }
+	    catch(Ice.SecurityException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+
+	    comm.destroy();
+
+	    //
+	    // Test IceSSL.Server.VerifyPeer=1. Client has a certificate.
+	    //
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_rsa_ca1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    comm = Ice.Util.initialize(args, initData);
+	    fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "1");
+	    server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+
+	    //
+	    // Test IceSSL.Server.VerifyPeer=2. Client has a certificate.
+	    //
+	    d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "2");
+	    server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+
+	    comm.destroy();
+
+	    //
+	    // Test IceSSL.Server.VerifyPeer=1. This should fail because the
+	    // client doesn't trust the server's CA.
+	    //
+	    initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_rsa_ca2.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert2.jks");
+	    comm = Ice.Util.initialize(args, initData);
+	    fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "1");
+	    server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+		test(false);
+	    }
+	    catch(Ice.SecurityException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+
+	    comm.destroy();
+
+	    //
+	    // Test IceSSL.Server.VerifyPeer=2. This should fail because the
+	    // server doesn't trust the client's CA.
+	    //
+	    // NOTE: In C++ this test fails with VerifyPeer=1, but JSSE seems
+	    // to allow the handshake to continue unless we set VerifyPeer=2.
+	    //
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_rsa_ca2.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    comm = Ice.Util.initialize(args, initData);
+	    fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "2");
+	    server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+		test(false);
+	    }
+	    catch(Ice.SecurityException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+	}
+	System.out.println("ok");
+
+	System.out.print("testing custom certificate verifier... ");
+	System.out.flush();
+	{
+	    //
+	    // ADH is allowed but will not have a certificate.
+	    //
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.Ciphers", "NONE (.*DH_anon.*)");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    IceSSL.Plugin plugin = (IceSSL.Plugin)comm.getPluginManager().getPlugin("IceSSL");
+	    test(plugin != null);
+	    CertificateVerifierI verifier = new CertificateVerifierI();
+	    plugin.setCertificateVerifier(verifier);
+
+	    Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    java.util.Map d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.Ciphers", "NONE (.*DH_anon.*)");
+	    d.put("IceSSL.Server.VerifyPeer", "0");
+	    Test.ServerPrx server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    test(verifier.invoked());
+	    test(!verifier.incoming());
+	    test(!verifier.hadCert());
+
+	    //
+	    // Have the verifier return false. Close the connection explicitly
+	    // to force a new connection to be established.
+	    //
+	    verifier.reset();
+	    verifier.returnValue(false);
+	    server.ice_connection().close(false);
+	    try
+	    {
+		server.ice_ping();
+		test(false);
+	    }
+	    catch(Ice.SecurityException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    test(verifier.invoked());
+	    test(!verifier.incoming());
+	    test(!verifier.hadCert());
+
+	    fact.destroyServer(server);
+	    comm.destroy();
+	}
+	{
+	    //
+	    // Verify that a server certificate is present.
+	    //
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_rsa_ca1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    IceSSL.Plugin plugin = (IceSSL.Plugin)comm.getPluginManager().getPlugin("IceSSL");
+	    test(plugin != null);
+	    CertificateVerifierI verifier = new CertificateVerifierI();
+	    plugin.setCertificateVerifier(verifier);
+
+	    Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    java.util.Map d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "2");
+	    Test.ServerPrx server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    test(verifier.invoked());
+	    test(!verifier.incoming());
+	    test(verifier.hadCert());
+	    fact.destroyServer(server);
+	    comm.destroy();
+	}
+	System.out.println("ok");
+
+	System.out.print("testing protocols... ");
+	System.out.flush();
+	{
+	    //
+	    // This should fail because the client and server have no protocol
+	    // in common.
+	    //
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_rsa_ca1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Protocols", "ssl3");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    java.util.Map d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "2");
+	    d.put("IceSSL.Server.Protocols", "tls1");
+	    Test.ServerPrx server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+		test(false);
+	    }
+	    catch(Ice.SecurityException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+
+	    //
+	    // This should succeed.
+	    //
+	    comm = Ice.Util.initialize(args, initData);
+	    fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "2");
+	    d.put("IceSSL.Server.Protocols", "tls1, ssl3");
+	    server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+	}
+	System.out.println("ok");
+
+	System.out.print("testing expired certificates... ");
+	System.out.flush();
+	{
+	    //
+	    // This should fail because the server's certificate is expired.
+	    //
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_rsa_ca1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    java.util.Map d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1_exp.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "2");
+	    Test.ServerPrx server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+		test(false);
+	    }
+	    catch(Ice.SecurityException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+
+	    //
+	    // This should fail because the client's certificate is expired.
+	    //
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_rsa_ca1_exp.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    comm = Ice.Util.initialize(args, initData);
+	    fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "2");
+	    server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+		test(false);
+	    }
+	    catch(Ice.ConnectionLostException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.SecurityException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+	}
+	System.out.println("ok");
+
+	System.out.print("testing multiple CA certificates... ");
+	System.out.flush();
+	{
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_rsa_ca1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacerts.jks");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    java.util.Map d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca2.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacerts.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "2");
+	    Test.ServerPrx server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+	}
+	System.out.println("ok");
+
+	System.out.print("testing password failure... ");
+	System.out.flush();
+	{
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_rsa_ca1.jks");
+	    // Don't specify the password.
+	    //initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    try
+	    {
+		Ice.Util.initialize(args, initData);
+		test(false);
+	    }
+	    catch(Ice.PluginInitializationException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	}
+	System.out.println("ok");
+
+	System.out.print("testing ciphers... ");
+	System.out.flush();
+	{
+	    //
+	    // The server has a certificate but the client doesn't. They should
+	    // negotiate to use ADH since we explicitly enable it.
+	    //
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.Ciphers", "NONE (.*DH_anon.*)");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    java.util.Map d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.Ciphers", "ALL");
+	    d.put("IceSSL.Server.VerifyPeer", "1");
+	    Test.ServerPrx server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+	}
+	{
+	    //
+	    // Configure a server with RSA and DSA certificates.
+	    //
+	    // First try a client with a DSA certificate.
+	    //
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_dsa_ca1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    java.util.Map d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_dsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "1");
+	    Test.ServerPrx server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+
+	    //
+	    // Next try a client with an RSA certificate.
+	    //
+	    initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_rsa_ca1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    comm = Ice.Util.initialize(args, initData);
+	    fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_dsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "1");
+	    server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+
+	    //
+	    // Next try a client with ADH. This should fail.
+	    //
+	    initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.Ciphers", "NONE (.*DH_anon.*)");
+	    comm = Ice.Util.initialize(args, initData);
+	    fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_dsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "1");
+	    server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+		test(false);
+	    }
+	    catch(Ice.SecurityException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+	}
+	{
+	    //
+	    // Configure a server with RSA and a client with DSA. This should fail.
+	    //
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_dsa_ca1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Ciphers", "NONE (.*DSS.*)");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    java.util.Map d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_ca1.jks");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "2");
+	    Test.ServerPrx server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+		test(false);
+	    }
+	    catch(Ice.SecurityException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+	}
+	{
+	    //
+	    // Configure the server with both RSA and DSA certificates, but use the
+	    // Alias property to select the RSA certificate. This should fail.
+	    //
+	    Ice.InitializationData initData = createClientProps(testDir, defaultHost);
+	    initData.properties.setProperty("IceSSL.Client.DefaultDir", defaultDir);
+	    initData.properties.setProperty("IceSSL.Client.Keystore", "c_dsa_ca1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Password", "password");
+	    initData.properties.setProperty("IceSSL.Client.Truststore", "cacert1.jks");
+	    initData.properties.setProperty("IceSSL.Client.Ciphers", "NONE (.*DSS.*)");
+	    Ice.Communicator comm = Ice.Util.initialize(args, initData);
+	    Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef));
+	    test(fact != null);
+	    java.util.Map d = createServerProps(testDir, defaultHost);
+	    d.put("IceSSL.Server.DefaultDir", defaultDir);
+	    d.put("IceSSL.Server.Keystore", "s_rsa_dsa_ca1.jks");
+	    d.put("IceSSL.Server.Alias", "rsacert");
+	    d.put("IceSSL.Server.Password", "password");
+	    d.put("IceSSL.Server.Truststore", "cacert1.jks");
+	    d.put("IceSSL.Server.VerifyPeer", "2");
+	    Test.ServerPrx server = fact.createServer(d);
+	    try
+	    {
+		server.ice_ping();
+		test(false);
+	    }
+	    catch(Ice.SecurityException ex)
+	    {
+		// Expected.
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		test(false);
+	    }
+	    fact.destroyServer(server);
+	    comm.destroy();
+	}
+	System.out.println("ok");
+
+	factory.shutdown();
+    }
+}
diff --git a/java/test/IceSSL/configuration/Client.java b/java/test/IceSSL/configuration/Client.java
new file mode 100644
index 00000000000..3f2f8eca703
--- /dev/null
+++ b/java/test/IceSSL/configuration/Client.java
@@ -0,0 +1,59 @@
+// **********************************************************************
+//
+// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+//
+// This copy of Ice is licensed to you under the terms described in the
+// ICE_LICENSE file included in this distribution.
+//
+// **********************************************************************
+
+public class Client
+{
+    private static int
+    run(String[] args, Ice.Communicator communicator)
+    {
+	if(args.length < 1)
+	{
+	    System.out.println("Usage: client testdir");
+	    return 1;
+	}
+
+	AllTests.allTests(communicator, args[0]);
+
+	return 0;
+    }
+
+    public static void main(String[] args)
+    {
+	int status = 0;
+	Ice.Communicator communicator = null;
+
+	try
+	{
+	    Ice.StringSeqHolder argsH = new Ice.StringSeqHolder(args);
+	    communicator = Ice.Util.initialize(argsH);
+	    status = run(argsH.value, communicator);
+	}
+	catch(Ice.LocalException ex)
+	{
+	    ex.printStackTrace();
+	    status = 1;
+	}
+
+	if(communicator != null)
+	{
+	    try
+	    {
+		communicator.destroy();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		ex.printStackTrace();
+		status = 1;
+	    }
+	}
+
+	System.gc();
+	System.exit(status);
+    }
+}
diff --git a/java/test/IceSSL/configuration/Server.java b/java/test/IceSSL/configuration/Server.java
new file mode 100644
index 00000000000..4cad38214ac
--- /dev/null
+++ b/java/test/IceSSL/configuration/Server.java
@@ -0,0 +1,58 @@
+// **********************************************************************
+//
+// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+//
+// This copy of Ice is licensed to you under the terms described in the
+// ICE_LICENSE file included in this distribution.
+//
+// **********************************************************************
+
+public class Server
+{
+    private static int
+    run(String[] args, Ice.Communicator communicator)
+    {
+	communicator.getProperties().setProperty("TestAdapter.Endpoints", "tcp -p 12010");
+	Ice.ObjectAdapter adapter = communicator.createObjectAdapter("TestAdapter");
+	Ice.Identity id = Ice.Util.stringToIdentity("factory");
+	adapter.add(new ServerFactoryI(), id);
+	adapter.activate();
+
+	communicator.waitForShutdown();
+	return 0;
+    }
+
+    public static void
+    main(String[] args)
+    {
+	int status = 0;
+	Ice.Communicator communicator = null;
+
+	try
+	{
+	    Ice.StringSeqHolder argsH = new Ice.StringSeqHolder(args);
+	    communicator = Ice.Util.initialize(argsH);
+	    status = run(argsH.value, communicator);
+	}
+	catch(Ice.LocalException ex)
+	{
+	    ex.printStackTrace();
+	    status = 1;
+	}
+	
+	if(communicator != null)
+	{
+	    try
+	    {
+		communicator.destroy();
+	    }
+	    catch(Ice.LocalException ex)
+	    {
+		ex.printStackTrace();
+		status = 1;
+	    }
+	}
+	
+	System.exit(status);
+    }
+}
diff --git a/java/test/IceSSL/configuration/ServerFactoryI.java b/java/test/IceSSL/configuration/ServerFactoryI.java
new file mode 100644
index 00000000000..560ecd0cc47
--- /dev/null
+++ b/java/test/IceSSL/configuration/ServerFactoryI.java
@@ -0,0 +1,64 @@
+// **********************************************************************
+//
+// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+//
+// This copy of Ice is licensed to you under the terms described in the
+// ICE_LICENSE file included in this distribution.
+//
+// **********************************************************************
+
+class ServerFactoryI extends Test._ServerFactoryDisp
+{
+    private static void
+    test(boolean b)
+    {
+	if(!b)
+	{
+            throw new RuntimeException();
+	}
+    }
+
+    public Test.ServerPrx
+    createServer(java.util.Map props, Ice.Current current)
+    {
+	Ice.InitializationData initData = new Ice.InitializationData();
+	initData.properties = Ice.Util.createProperties();
+	java.util.Iterator i = props.entrySet().iterator();
+	while(i.hasNext())
+	{
+	    java.util.Map.Entry e = (java.util.Map.Entry)i.next();
+	    initData.properties.setProperty((String)e.getKey(), (String)e.getValue());
+	}
+
+	String[] args = new String[0];
+	Ice.Communicator communicator = Ice.Util.initialize(args, initData);
+	Ice.ObjectAdapter adapter = communicator.createObjectAdapterWithEndpoints("ServerAdapter", "ssl");
+	ServerI server = new ServerI(communicator);
+	Ice.ObjectPrx obj = adapter.addWithUUID(server);
+	_servers.put(obj.ice_getIdentity(), server);
+	adapter.activate();
+
+	return Test.ServerPrxHelper.uncheckedCast(obj);
+    }
+
+    public void
+    destroyServer(Test.ServerPrx srv, Ice.Current current)
+    {
+	Ice.Identity key = srv.ice_getIdentity();
+	if(_servers.containsKey(key))
+	{
+	    ServerI server = (ServerI)_servers.get(key);
+	    server.destroy();
+	    _servers.remove(key);
+	}
+    }
+
+    public void
+    shutdown(Ice.Current current)
+    {
+	test(_servers.size() == 0);
+	current.adapter.getCommunicator().shutdown();
+    }
+
+    private java.util.HashMap _servers = new java.util.HashMap();
+}
diff --git a/java/test/IceSSL/configuration/ServerI.java b/java/test/IceSSL/configuration/ServerI.java
new file mode 100644
index 00000000000..b600f9c3a3e
--- /dev/null
+++ b/java/test/IceSSL/configuration/ServerI.java
@@ -0,0 +1,24 @@
+// **********************************************************************
+//
+// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+//
+// This copy of Ice is licensed to you under the terms described in the
+// ICE_LICENSE file included in this distribution.
+//
+// **********************************************************************
+
+class ServerI extends Test._ServerDisp
+{
+    ServerI(Ice.Communicator communicator)
+    {
+	_communicator = communicator;
+    }
+
+    public void
+    destroy()
+    {
+	_communicator.destroy();
+    }
+
+    private Ice.Communicator _communicator;
+}
diff --git a/java/test/IceSSL/configuration/Test.ice b/java/test/IceSSL/configuration/Test.ice
new file mode 100644
index 00000000000..f5e6b6992bc
--- /dev/null
+++ b/java/test/IceSSL/configuration/Test.ice
@@ -0,0 +1,31 @@
+// **********************************************************************
+//
+// Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+//
+// This copy of Ice is licensed to you under the terms described in the
+// ICE_LICENSE file included in this distribution.
+//
+// **********************************************************************
+
+#ifndef TEST_ICE
+#define TEST_ICE
+
+module Test
+{
+
+interface Server
+{
+};
+
+dictionary<string, string> Properties;
+
+interface ServerFactory
+{
+    Server* createServer(Properties props);
+    void destroyServer(Server* srv);
+    void shutdown();
+};
+
+};
+
+#endif
diff --git a/java/test/IceSSL/configuration/build.xml b/java/test/IceSSL/configuration/build.xml
new file mode 100644
index 00000000000..1e2a63de954
--- /dev/null
+++ b/java/test/IceSSL/configuration/build.xml
@@ -0,0 +1,58 @@
+<!--
+ **********************************************************************
+
+ Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+
+ This copy of Ice is licensed to you under the terms described in the
+ ICE_LICENSE file included in this distribution.
+
+ **********************************************************************
+-->
+
+<!DOCTYPE project [
+<!ENTITY common SYSTEM "file:../../../config/common.xml">
+]>
+
+<project name="test_IceSSL_configuration" default="all" basedir=".">
+
+    <!-- set global properties for this build -->
+    <property name="top.dir" value="../../.."/>
+
+    <!-- Include common definitions -->
+    &common;
+
+    <property name="class.dir" value="classes"/>
+    <property name="generated.dir" value="generated"/>
+
+    <target name="init" depends="config-init">
+        <!-- Create the time stamp -->
+        <tstamp/>
+    </target>
+
+    <target name="generate" depends="init">
+        <!-- Create the output directory for generated code -->
+        <mkdir dir="${generated.dir}"/>
+        <slice2java outputdir="${generated.dir}">
+            <fileset dir="." includes="Test.ice"/>
+            <includepath>
+                <pathelement path="${slice.dir}" />
+            </includepath>
+        </slice2java>
+    </target>
+
+    <target name="compile" depends="generate">
+        <mkdir dir="${class.dir}"/>
+        <javac srcdir="${generated.dir}" destdir="${class.dir}"
+            source="1.4" classpath="${lib.dir}" debug="${debug}"/>
+        <javac srcdir="." destdir="${class.dir}" source="1.4"
+            classpath="${lib.dir}" excludes="generated/**" debug="${debug}"/>
+    </target>
+
+    <target name="all" depends="compile"/>
+
+    <target name="clean">
+        <delete dir="${generated.dir}"/>
+        <delete dir="${class.dir}"/>
+    </target>
+
+</project>
diff --git a/java/test/IceSSL/configuration/run.py b/java/test/IceSSL/configuration/run.py
new file mode 100755
index 00000000000..b826a7390f5
--- /dev/null
+++ b/java/test/IceSSL/configuration/run.py
@@ -0,0 +1,29 @@
+#!/usr/bin/env python
+# **********************************************************************
+#
+# Copyright (c) 2003-2006 ZeroC, Inc. All rights reserved.
+#
+# This copy of Ice is licensed to you under the terms described in the
+# ICE_LICENSE file included in this distribution.
+#
+# **********************************************************************
+
+import os, sys
+
+for toplevel in [".", "..", "../..", "../../..", "../../../.."]:
+    toplevel = os.path.normpath(toplevel)
+    if os.path.exists(os.path.join(toplevel, "config", "TestUtil.py")):
+        break
+else:
+    raise "can't find toplevel directory!"
+
+sys.path.append(os.path.join(toplevel, "config"))
+import TestUtil
+
+name = os.path.join("IceSSL", "configuration")
+testdir = os.path.join(toplevel, "test", name)
+
+classpath = os.getenv("CLASSPATH", "")
+os.environ["CLASSPATH"] = os.path.join(testdir, "classes") + TestUtil.sep + classpath
+TestUtil.clientServerTestWithOptions("", " " + testdir)
+sys.exit(0)
diff --git a/java/test/build.xml b/java/test/build.xml
index 719dbe27981..58387a6b2ee 100644
--- a/java/test/build.xml
+++ b/java/test/build.xml
@@ -17,6 +17,7 @@
         <ant dir="Freeze"/>
         <ant dir="Glacier2"/>
         <ant dir="IceGrid"/>
+        <ant dir="IceSSL"/>
     </target>
 
     <target name="clean">
@@ -25,6 +26,7 @@
         <ant dir="Freeze" target="clean"/>
         <ant dir="Glacier2" target="clean"/>
         <ant dir="IceGrid" target="clean"/>
+        <ant dir="IceSSL" target="clean"/>
     </target>
 
 </project>
author	Mark Spruiell <mes@zeroc.com>	2006-04-13 19:51:31 +0000
committer	Mark Spruiell <mes@zeroc.com>	2006-04-13 19:51:31 +0000
commit	5fda5c250c3d430e7ad6fc9d4ef17159abb31e9b (patch)
tree	791e697af698a8361b33477e9fdddeb268b2e259
parent	Bug 617 - Glacier2 usage with locator (diff)
download	ice-5fda5c250c3d430e7ad6fc9d4ef17159abb31e9b.tar.bz2 ice-5fda5c250c3d430e7ad6fc9d4ef17159abb31e9b.tar.xz ice-5fda5c250c3d430e7ad6fc9d4ef17159abb31e9b.zip