diff --git a/testsuite/integration-arquillian/pom.xml b/testsuite/integration-arquillian/pom.xml
index d42264a841..4d7eebc852 100644
--- a/testsuite/integration-arquillian/pom.xml
+++ b/testsuite/integration-arquillian/pom.xml
@@ -50,6 +50,7 @@
1.2.0.Beta2
2.2.6
1.0.0.Alpha2
+ 1.6.1
1.9.8.Final
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/common/security-eap6.xsl b/testsuite/integration-arquillian/servers/app-server/jboss/common/security-eap6.xsl
deleted file mode 100644
index a902fcb2d3..0000000000
--- a/testsuite/integration-arquillian/servers/app-server/jboss/common/security-eap6.xsl
+++ /dev/null
@@ -1,51 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/common/security.xsl b/testsuite/integration-arquillian/servers/app-server/jboss/common/security.xsl
deleted file mode 100644
index 45e0c4113d..0000000000
--- a/testsuite/integration-arquillian/servers/app-server/jboss/common/security.xsl
+++ /dev/null
@@ -1,64 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/servers/app-server/jboss/pom.xml b/testsuite/integration-arquillian/servers/app-server/jboss/pom.xml
index 343e980bca..cbb3803b10 100644
--- a/testsuite/integration-arquillian/servers/app-server/jboss/pom.xml
+++ b/testsuite/integration-arquillian/servers/app-server/jboss/pom.xml
@@ -182,6 +182,29 @@
true
+
+ copy-keystore
+ process-resources
+
+ copy-resources
+
+
+ ${app.server.jboss.home}/standalone/configuration
+
+
+ ${common.resources}/keystore
+
+ adapter.jks
+ keycloak.truststore
+
+
+
+
+ jks
+ truststore
+
+
+
@@ -323,79 +346,6 @@
-
- ssl
-
-
- app.server.ssl.required
-
-
-
-
-
- maven-resources-plugin
-
-
-
-
-
- org.codehaus.mojo
- xml-maven-plugin
-
-
- configure-adapter-subsystem-security
- process-resources
-
- transform
-
-
-
-
- ${app.server.jboss.home}/standalone/configuration
-
- standalone.xml
-
- ${common.resources}/${security.xslt}
- ${app.server.jboss.home}/standalone/configuration
-
-
-
-
-
-
-
- maven-resources-plugin
-
-
- copy-keystore
- process-resources
-
- copy-resources
-
-
- ${app.server.jboss.home}/standalone/configuration
-
-
- ${common.resources}/keystore
-
- adapter.jks
- keycloak.truststore
-
-
-
-
- jks
- truststore
-
-
-
-
-
-
-
-
-
-
app-server-as7
diff --git a/testsuite/integration-arquillian/servers/auth-server/jboss/common/security-wildfly.xsl b/testsuite/integration-arquillian/servers/auth-server/jboss/common/security-wildfly.xsl
deleted file mode 100644
index d51a2d8bca..0000000000
--- a/testsuite/integration-arquillian/servers/auth-server/jboss/common/security-wildfly.xsl
+++ /dev/null
@@ -1,67 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/servers/auth-server/jboss/common/security.xsl b/testsuite/integration-arquillian/servers/auth-server/jboss/common/security.xsl
deleted file mode 100644
index 17550cfd66..0000000000
--- a/testsuite/integration-arquillian/servers/auth-server/jboss/common/security.xsl
+++ /dev/null
@@ -1,64 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml b/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml
index a2de7fdde8..ae7d87a657 100644
--- a/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml
+++ b/testsuite/integration-arquillian/servers/auth-server/jboss/pom.xml
@@ -342,81 +342,6 @@
-
-
- ssl
-
-
- auth.server.ssl.required
-
-
-
-
- -
-
-
-
-
-
- org.codehaus.mojo
- xml-maven-plugin
-
-
- configure-adapter-subsystem-security
- process-resources
-
- transform
-
-
-
-
- ${auth.server.home}/standalone/configuration
-
- standalone.xml
-
- ${common.resources}/${security.xsl}
- ${auth.server.home}/standalone/configuration
-
-
-
-
-
-
-
- maven-resources-plugin
-
-
- copy-keystore
- process-resources
-
- copy-resources
-
-
- ${auth.server.home}/standalone/configuration
-
-
- ${common.resources}/keystore
-
- keycloak.jks
- keycloak.truststore
- client.jks
- ca.crt
- client.crt
- client.key
- intermediate-ca.crl
- empty.crl
-
-
-
-
-
-
-
-
-
-
-
-
jpa
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AppServerTestEnricher.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AppServerTestEnricher.java
index bc83338dbd..cbd922ec1f 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AppServerTestEnricher.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AppServerTestEnricher.java
@@ -9,6 +9,10 @@ import org.jboss.arquillian.test.spi.annotation.ClassScoped;
import org.jboss.arquillian.test.spi.event.suite.BeforeClass;
import org.jboss.logging.Logger;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
+import org.wildfly.extras.creaper.core.ManagementClient;
+import org.wildfly.extras.creaper.core.online.ManagementProtocol;
+import org.wildfly.extras.creaper.core.online.OnlineManagementClient;
+import org.wildfly.extras.creaper.core.online.OnlineOptions;
import java.io.IOException;
import java.net.MalformedURLException;
@@ -91,6 +95,22 @@ public class AppServerTestEnricher {
return appServerInfo;
}
+ public static OnlineManagementClient getManagementClient() {
+ OnlineManagementClient managementClient;
+ try {
+ managementClient = ManagementClient.online(OnlineOptions
+ .standalone()
+ .hostAndPort(System.getProperty("app.server.host"), System.getProperty("app.server","").startsWith("eap6") ? 10199 : 10190)
+ .protocol(System.getProperty("app.server","").startsWith("eap6") ? ManagementProtocol.REMOTE : ManagementProtocol.HTTP_REMOTING)
+ .build()
+ );
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+
+ return managementClient;
+ }
+
@Inject
private Instance containerConrollerInstance;
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java
index f03a81d126..5b0f6d8fd7 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/AuthServerTestEnricher.java
@@ -36,6 +36,9 @@ import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.client.KeycloakTestingClient;
import org.keycloak.testsuite.util.LogChecker;
import org.keycloak.testsuite.util.OAuthClient;
+import org.wildfly.extras.creaper.core.ManagementClient;
+import org.wildfly.extras.creaper.core.online.OnlineManagementClient;
+import org.wildfly.extras.creaper.core.online.OnlineOptions;
import java.io.IOException;
import java.net.MalformedURLException;
@@ -117,6 +120,22 @@ public class AuthServerTestEnricher {
return String.format("%s://%s:%s", scheme, host, port + clusterPortOffset);
}
+ public static OnlineManagementClient getManagementClient() {
+ OnlineManagementClient managementClient;
+ try {
+ managementClient = ManagementClient.online(OnlineOptions
+ .standalone()
+ .hostAndPort(System.getProperty("auth.server.host", "localhost"), Integer.parseInt(System.getProperty("auth.server.management.port", "10090")))
+ .build()
+ );
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+
+
+ return managementClient;
+ }
+
public void initializeSuiteContext(@Observes(precedence = 2) BeforeSuite event) {
Set containers = containerRegistry.get().getContainers().stream()
.map(ContainerInfo::new)
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java
index 79b0365878..0df9a97c1c 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/arquillian/DeploymentArchiveProcessor.java
@@ -144,7 +144,7 @@ public class DeploymentArchiveProcessor implements ApplicationArchiveProcessor {
if (authServerSslRequired) {
modifyDocElementAttribute(doc, "SingleSignOnService", "bindingUrl", "8080", System.getProperty("auth.server.https.port"));
modifyDocElementAttribute(doc, "SingleSignOnService", "bindingUrl", "http", "https");
- modifyDocElementAttribute(doc, "SingleSignOnService", "assertionConsumerServiceUrl", "8081", System.getProperty("app.server.http.port"));
+ modifyDocElementAttribute(doc, "SingleSignOnService", "assertionConsumerServiceUrl", "8081", System.getProperty("app.server.https.port"));
modifyDocElementAttribute(doc, "SingleSignOnService", "assertionConsumerServiceUrl", "http", "https");
modifyDocElementAttribute(doc, "SingleLogoutService", "postBindingUrl", "8080", System.getProperty("auth.server.https.port"));
modifyDocElementAttribute(doc, "SingleLogoutService", "postBindingUrl", "http", "https");
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java
index d2f7de6280..9b3e1f9e73 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/AbstractKeycloakTest.java
@@ -18,11 +18,13 @@ package org.keycloak.testsuite;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.configuration.PropertiesConfiguration;
+import org.junit.BeforeClass;
import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.common.util.Time;
import org.keycloak.testsuite.arquillian.KcArquillian;
import org.keycloak.testsuite.arquillian.TestContext;
+import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
@@ -30,6 +32,7 @@ import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
+import java.util.concurrent.TimeoutException;
import javax.ws.rs.NotFoundException;
import org.jboss.arquillian.container.test.api.RunAsClient;
@@ -65,6 +68,16 @@ import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.TestCleanup;
import org.keycloak.testsuite.util.TestEventsLogger;
import org.openqa.selenium.WebDriver;
+import org.wildfly.extras.creaper.commands.undertow.AddUndertowListener;
+import org.wildfly.extras.creaper.commands.undertow.RemoveUndertowListener;
+import org.wildfly.extras.creaper.commands.undertow.UndertowListenerType;
+import org.wildfly.extras.creaper.core.CommandFailedException;
+import org.wildfly.extras.creaper.core.online.CliException;
+import org.wildfly.extras.creaper.core.online.OnlineManagementClient;
+import org.wildfly.extras.creaper.core.online.operations.Address;
+import org.wildfly.extras.creaper.core.online.operations.OperationException;
+import org.wildfly.extras.creaper.core.online.operations.Operations;
+import org.wildfly.extras.creaper.core.online.operations.admin.Administration;
import static org.keycloak.testsuite.admin.Users.setPasswordFor;
import static org.keycloak.testsuite.auth.page.AuthRealm.ADMIN;
@@ -78,6 +91,8 @@ import static org.keycloak.testsuite.auth.page.AuthRealm.MASTER;
@RunAsClient
public abstract class AbstractKeycloakTest {
+ protected static final boolean AUTH_SERVER_SSL_REQUIRED = Boolean.parseBoolean(System.getProperty("auth.server.ssl.required", "false"));
+
protected Logger log = Logger.getLogger(this.getClass());
@ArquillianResource
@@ -122,6 +137,13 @@ public abstract class AbstractKeycloakTest {
private boolean resetTimeOffset;
+ @BeforeClass
+ public static void setUpAuthServer() throws Exception {
+ if (AUTH_SERVER_SSL_REQUIRED) {
+ enableHTTPSForAuthServer();
+ }
+ }
+
@Before
public void beforeAbstractKeycloakTest() throws Exception {
adminClient = testContext.getAdminClient();
@@ -155,6 +177,7 @@ public abstract class AbstractKeycloakTest {
}
oauth.init(adminClient, driver);
+
}
protected void beforeAbstractKeycloakTestRealmImport() throws Exception {
@@ -307,20 +330,21 @@ public abstract class AbstractKeycloakTest {
} catch (NotFoundException e) {
}
}
-
+
public RealmsResource realmsResouce() {
return adminClient.realms();
}
/**
* Creates a user in the given realm and returns its ID.
- * @param realm Realm name
- * @param username Username
- * @param password Password
+ *
+ * @param realm Realm name
+ * @param username Username
+ * @param password Password
* @param requiredActions
* @return ID of the newly created user
*/
- public String createUser(String realm, String username, String password, String ... requiredActions) {
+ public String createUser(String realm, String username, String password, String... requiredActions) {
List requiredUserActions = Arrays.asList(requiredActions);
UserRepresentation homer = new UserRepresentation();
@@ -359,6 +383,7 @@ public abstract class AbstractKeycloakTest {
/**
* Sets time offset in seconds that will be added to Time.currentTime() and Time.currentTimeMillis() both for client and server.
+ *
* @param offset
*/
public void setTimeOffset(int offset) {
@@ -403,4 +428,27 @@ public abstract class AbstractKeycloakTest {
throw new RuntimeException(e);
}
}
-}
+
+ private static void enableHTTPSForAuthServer() throws IOException, CommandFailedException, TimeoutException, InterruptedException, CliException, OperationException {
+ OnlineManagementClient client = AuthServerTestEnricher.getManagementClient();
+ Administration administration = new Administration(client);
+ Operations operations = new Operations(client);
+
+ if(!operations.exists(Address.coreService("management").and("security-realm", "UndertowRealm"))) {
+ client.execute("/core-service=management/security-realm=UndertowRealm:add()");
+ client.execute("/core-service=management/security-realm=UndertowRealm/server-identity=ssl:add(keystore-relative-to=jboss.server.config.dir,keystore-password=secret,keystore-path=keycloak.jks");
+ }
+
+ client.apply(new RemoveUndertowListener.Builder(UndertowListenerType.HTTPS_LISTENER, "https")
+ .forDefaultServer());
+
+ administration.reloadIfRequired();
+
+ client.apply(new AddUndertowListener.HttpsBuilder("https", "default-server", "https")
+ .securityRealm("UndertowRealm")
+ .build());
+
+ administration.reloadIfRequired();
+ client.close();
+ }
+}
\ No newline at end of file
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractAdapterTest.java
index f1edf4aa67..ab3ebbe9dd 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/AbstractAdapterTest.java
@@ -21,17 +21,32 @@ import org.apache.commons.io.IOUtils;
import org.jboss.arquillian.graphene.page.Page;
import org.jboss.shrinkwrap.api.Archive;
import org.jboss.shrinkwrap.api.asset.StringAsset;
+import org.junit.BeforeClass;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractAuthTest;
import org.keycloak.testsuite.adapter.page.AppServerContextRoot;
+import org.keycloak.testsuite.arquillian.AppServerTestEnricher;
import org.keycloak.testsuite.arquillian.annotation.AppServerContainer;
+import org.wildfly.extras.creaper.commands.undertow.AddUndertowListener;
+import org.wildfly.extras.creaper.commands.undertow.RemoveUndertowListener;
+import org.wildfly.extras.creaper.commands.undertow.UndertowListenerType;
+import org.wildfly.extras.creaper.commands.web.AddConnector;
+import org.wildfly.extras.creaper.commands.web.AddConnectorSslConfig;
+import org.wildfly.extras.creaper.core.CommandFailedException;
+import org.wildfly.extras.creaper.core.online.CliException;
+import org.wildfly.extras.creaper.core.online.OnlineManagementClient;
+import org.wildfly.extras.creaper.core.online.operations.Address;
+import org.wildfly.extras.creaper.core.online.operations.OperationException;
+import org.wildfly.extras.creaper.core.online.operations.Operations;
+import org.wildfly.extras.creaper.core.online.operations.admin.Administration;
import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
+import java.util.concurrent.TimeoutException;
/**
*
@@ -43,6 +58,9 @@ public abstract class AbstractAdapterTest extends AbstractAuthTest {
@Page
protected AppServerContextRoot appServerContextRootPage;
+ protected static final boolean APP_SERVER_SSL_REQUIRED = Boolean.parseBoolean(System.getProperty("app.server.ssl.required", "false"));
+ protected static final String APP_SERVER_CONTAINER = System.getProperty("app.server", "");
+
public static final String JBOSS_DEPLOYMENT_STRUCTURE_XML = "jboss-deployment-structure.xml";
public static final URL jbossDeploymentStructure = AbstractServletsAdapterTest.class
.getResource("/adapter-test/" + JBOSS_DEPLOYMENT_STRUCTURE_XML);
@@ -50,6 +68,13 @@ public abstract class AbstractAdapterTest extends AbstractAuthTest {
public static final URL tomcatContext = AbstractServletsAdapterTest.class
.getResource("/adapter-test/" + TOMCAT_CONTEXT_XML);
+ @BeforeClass
+ public static void setUpAppServer() throws Exception {
+ if (APP_SERVER_SSL_REQUIRED && (APP_SERVER_CONTAINER.contains("eap") || APP_SERVER_CONTAINER.contains("wildfly"))) { // Other containers need some external configuraiton to run SSL tests
+ enableHTTPSForAppServer();
+ }
+ }
+
@Override
public void addTestRealms(List testRealms) {
addAdapterTestRealms(testRealms);
@@ -216,4 +241,46 @@ public abstract class AbstractAdapterTest extends AbstractAuthTest {
}
}
+ private static void enableHTTPSForAppServer() throws CommandFailedException, InterruptedException, TimeoutException, IOException, CliException, OperationException {
+ OnlineManagementClient client = AppServerTestEnricher.getManagementClient();
+ Administration administration = new Administration(client);
+ Operations operations = new Operations(client);
+
+ if(!operations.exists(Address.coreService("management").and("security-realm", "UndertowRealm"))) {
+ client.execute("/core-service=management/security-realm=UndertowRealm:add()");
+ client.execute("/core-service=management/security-realm=UndertowRealm/server-identity=ssl:add(keystore-relative-to=jboss.server.config.dir,keystore-password=secret,keystore-path=adapter.jks");
+ }
+
+ client.execute("/system-property=javax.net.ssl.trustStore:add(value=${jboss.server.config.dir}/keycloak.truststore)");
+ client.execute("/system-property=javax.net.ssl.trustStorePassword:add(value=secret)");
+
+ if (APP_SERVER_CONTAINER.contains("eap6")) {
+ if(!operations.exists(Address.subsystem("web").and("connector", "https"))) {
+ client.apply(new AddConnector.Builder("https")
+ .protocol("HTTP/1.1")
+ .scheme("https")
+ .socketBinding("https")
+ .secure(true)
+ .build());
+
+ client.apply(new AddConnectorSslConfig.Builder("https")
+ .password("secret")
+ .certificateKeyFile("${jboss.server.config.dir}/adapter.jks")
+ .build());
+ }
+ } else {
+ client.apply(new RemoveUndertowListener.Builder(UndertowListenerType.HTTPS_LISTENER, "https")
+ .forDefaultServer());
+
+ administration.reloadIfRequired();
+
+ client.apply(new AddUndertowListener.HttpsBuilder("https", "default-server", "https")
+ .securityRealm("UndertowRealm")
+ .build());
+ }
+
+ administration.reloadIfRequired();
+ client.close();
+ }
+
}
diff --git a/testsuite/integration-arquillian/tests/pom.xml b/testsuite/integration-arquillian/tests/pom.xml
index 7ad24deedf..1307dcbc3f 100755
--- a/testsuite/integration-arquillian/tests/pom.xml
+++ b/testsuite/integration-arquillian/tests/pom.xml
@@ -971,6 +971,21 @@
junit
junit
+
+
+
+
+ org.wildfly.extras.creaper
+ creaper-commands
+ ${version.org.wildfly.extras.creaper}
+
+
+ com.google.guava
+ guava
+
+
+
+
org.jboss.arquillian.junit
arquillian-junit-container