From 89321ff8ac5bacdc89c2b199e4f4fb3040c74b7b Mon Sep 17 00:00:00 2001 From: ibmmqmet Date: Fri, 21 Jul 2023 05:28:28 +0100 Subject: [PATCH] Update dependencies --- README.md | 6 +++--- jms2.properties | 6 +++--- jms3.properties | 6 +++--- .../mq/spring/boot/MQConfigurationPropertiesJks.java | 5 +++++ .../ibm/mq/spring/boot/MQConfigurationSslBundles.java | 5 +++++ .../mq/spring/boot/MQConfigurationSslBundles.java.jms2 | 6 ++++++ .../ibm/mq/spring/boot/MQConnectionFactoryFactory.java | 10 ++++++++-- samples/s1/build.gradle | 2 +- samples/s2.tls.jms3/build.gradle | 2 +- samples/s2.tls/build.gradle | 2 +- samples/s2/build.gradle | 2 +- samples/s3.jms3/build.gradle | 2 +- samples/s3/build.gradle | 2 +- 13 files changed, 39 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 7609197..3f8f871 100644 --- a/README.md +++ b/README.md @@ -198,14 +198,14 @@ and These JKS options are an alternative to setting the `javax.net.ssl` system properties, usually done on the command line. -An alternative preferred approach is +An alternative preferred approach for setting the key/truststores is available from Spring 3.1, which introduced the concept of "SSL Bundles". This makes it possible to have different SSL configurations - keystores, truststores etc - for different components executing in the same Spring-managed process. See [here](https://spring.io/blog/2023/06/07/securing-spring-boot-applications-with-ssl) for a description of the options available. Each bundle has an identifier with the `spring.ssl.bundle.jks.` tree of options. -The key can be specified for this package with `ibm.mq.sslBundle` which will then use the Spring elements to create the +The key can be specified for this package with `ibm.mq.sslBundle` which then uses the Spring elements to create the connection configuration. The default value for this key is empty, meaning that `SSLBundles` will not be used; the global -SSL configuration is used instead. +SSL configuration is used instead. However the `ibm.mq.jks` properties are now marked as deprecated. | Option | Description | | ------------------------------- | ---------------------------------------------------------------------------- | diff --git a/jms2.properties b/jms2.properties index 080a835..8f5cd1b 100644 --- a/jms2.properties +++ b/jms2.properties @@ -1,11 +1,11 @@ // This file contains the versions of Spring etc to work with a javax.jms-based system ext { // Our shipped version - should usually match the Spring Boot Version - mqStarterVersion = '2.7.13' + mqStarterVersion = '2.7.14' // Direct Dependencies - give versions here - springVersion = '5.3.28' - springBootVersion = '2.7.13' + springVersion = '5.3.29' + springBootVersion = '2.7.14' // The pooledJms v2.x level is built against Java 11 so we can't move there pooledJmsVersion = '1.2.4' diff --git a/jms3.properties b/jms3.properties index bde7470..41a9588 100644 --- a/jms3.properties +++ b/jms3.properties @@ -2,11 +2,11 @@ ext { // Our shipped version - should usually match the Spring Boot Version but // we keep it different during the pre-GA releases - mqStarterVersion = '3.1.1' + mqStarterVersion = '3.1.2' // Direct Dependencies - give versions here - springVersion = '6.0.10' - springBootVersion = '3.1.1' + springVersion = '6.0.11' + springBootVersion = '3.1.2' pooledJmsVersion = '3.1.0' jUnitVersion = '4.13.2' diff --git a/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationPropertiesJks.java b/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationPropertiesJks.java index 5efa2ee..460a223 100644 --- a/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationPropertiesJks.java +++ b/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationPropertiesJks.java @@ -19,6 +19,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.boot.context.properties.DeprecatedConfigurationProperty; /** * This class gives a mechanism to control access to keystore/truststore JKS files @@ -38,6 +39,7 @@ public class MQConfigurationPropertiesJks { private Map additionalProperties = new HashMap(); + @DeprecatedConfigurationProperty(replacement="spring.ssl.bundle") public String getKeyStore() { return keyStore; } @@ -46,6 +48,7 @@ public void setKeyStore(String keyStore) { this.keyStore = keyStore; } + @DeprecatedConfigurationProperty(replacement="spring.ssl.bundle") public String getTrustStore() { return trustStore; } @@ -54,6 +57,7 @@ public void setTrustStore(String trustStore) { this.trustStore = trustStore; } + @DeprecatedConfigurationProperty(replacement="spring.ssl.bundle") public String getKeyStorePassword() { return keyStorePassword; } @@ -62,6 +66,7 @@ public void setKeyStorePassword(String keyStorePassword) { this.keyStorePassword = keyStorePassword; } + @DeprecatedConfigurationProperty(replacement="spring.ssl.bundle") public String getTrustStorePassword() { return trustStorePassword; } diff --git a/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationSslBundles.java b/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationSslBundles.java index 038d14c..3404f40 100644 --- a/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationSslBundles.java +++ b/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationSslBundles.java @@ -40,6 +40,11 @@ public MQConfigurationSslBundles(SslBundles sslBundles) { logger.trace("constructor - Bundles are {}", (sslBundles == null) ? "null" : "not null"); bundles = sslBundles; } + + static boolean isSupported() { + logger.trace("SSLBundles are supported"); + return true; + } /* If the bundle name does not exist, then getBundle throws an exception. Since there is always some default bundle, we can't rely on there being no bundle. diff --git a/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationSslBundles.java.jms2 b/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationSslBundles.java.jms2 index e3259c2..3bbc3d4 100644 --- a/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationSslBundles.java.jms2 +++ b/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConfigurationSslBundles.java.jms2 @@ -25,7 +25,13 @@ import org.slf4j.LoggerFactory; public class MQConfigurationSslBundles { private static Logger logger = LoggerFactory.getLogger(MQConfigurationSslBundles.class); + + static boolean isSupported() { + logger.trace("SSLBundles are not supported"); + return false; + } + /* This should never actually be called */ public static SSLSocketFactory getSSLSocketFactory(String b) { logger.trace("getSSLSocketFactory returning null for bundle {}", b); return null; diff --git a/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConnectionFactoryFactory.java b/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConnectionFactoryFactory.java index 0839a7f..ce2c7f7 100644 --- a/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConnectionFactoryFactory.java +++ b/mq-jms-spring-boot-starter/src/main/java/com/ibm/mq/spring/boot/MQConnectionFactoryFactory.java @@ -54,6 +54,7 @@ public MQConnectionFactoryFactory(MQConfigurationProperties properties, List T createConnectionFactory(Class factoryClass) { String err = null; T cf = null; + SSLSocketFactory sf = null; String jndiProviderUrl = this.properties.getJndi().getProviderUrl(); String jndiCF = this.properties.getJndi().getProviderContextFactory(); @@ -61,10 +62,15 @@ public T createConnectionFactory(Class factor logger.trace("createConnectionFactory for class " + factoryClass.getSimpleName()); /* Keystore System properties don't need the CF to be already created */ - configureTLSStores(this.properties); + String sslBundle = this.properties.getSslBundle(); /* From Spring Boot 3.1, we can put sets of SSL configuration items in a bundle */ - SSLSocketFactory sf = MQConfigurationSslBundles.getSSLSocketFactory(this.properties.getSslBundle()); + /* The bundle name takes priority over the ibm.mq.jks properties */ + if (MQConfigurationSslBundles.isSupported() && isNotNullOrEmpty(sslBundle)) { + sf = MQConfigurationSslBundles.getSSLSocketFactory(this.properties.getSslBundle()); + } else { + configureTLSStores(this.properties); + } if (isNotNullOrEmpty(jndiProviderUrl) && isNotNullOrEmpty(jndiCF)) { logger.trace("createConnectionFactory using JNDI"); diff --git a/samples/s1/build.gradle b/samples/s1/build.gradle index 885782c..661e911 100644 --- a/samples/s1/build.gradle +++ b/samples/s1/build.gradle @@ -13,7 +13,7 @@ apply plugin: 'java' apply plugin: 'org.springframework.boot' // The designated version should match the current version in the root of the repo -ext.starterVersion = '2.7.13' +ext.starterVersion = '2.7.14' // The local, flatDir configuration lets us use a modified version from // this repository without needing it released via maven diff --git a/samples/s2.tls.jms3/build.gradle b/samples/s2.tls.jms3/build.gradle index 34cf864..d8d2561 100644 --- a/samples/s2.tls.jms3/build.gradle +++ b/samples/s2.tls.jms3/build.gradle @@ -13,7 +13,7 @@ apply plugin: 'java' apply plugin: 'org.springframework.boot' // The designated version should match the current version in the root of the repo -ext.starterVersion = '3.1.1' +ext.starterVersion = '3.1.2' // The local, flatDir configuration lets us use a modified version from // this repository without needing it released via maven diff --git a/samples/s2.tls/build.gradle b/samples/s2.tls/build.gradle index 92c81d9..9605ad8 100644 --- a/samples/s2.tls/build.gradle +++ b/samples/s2.tls/build.gradle @@ -13,7 +13,7 @@ apply plugin: 'java' apply plugin: 'org.springframework.boot' // The designated version should match the current version in the root of the repo -ext.starterVersion = '2.7.13' +ext.starterVersion = '2.7.14' // The local, flatDir configuration lets us use a modified version from // this repository without needing it released via maven diff --git a/samples/s2/build.gradle b/samples/s2/build.gradle index 17f92a1..fd1a413 100644 --- a/samples/s2/build.gradle +++ b/samples/s2/build.gradle @@ -13,7 +13,7 @@ apply plugin: 'java' apply plugin: 'org.springframework.boot' // The designated version should match the current version in the root of the repo -ext.starterVersion = '2.7.13' +ext.starterVersion = '2.7.14' // The local, flatDir configuration lets us use a modified version from // this repository without needing it released via maven diff --git a/samples/s3.jms3/build.gradle b/samples/s3.jms3/build.gradle index 9f207db..8977d03 100644 --- a/samples/s3.jms3/build.gradle +++ b/samples/s3.jms3/build.gradle @@ -13,7 +13,7 @@ apply plugin: 'java' apply plugin: 'org.springframework.boot' // The designated version should match the current version in the root of the repo -ext.starterVersion = '3.1.1' +ext.starterVersion = '3.1.2' // The local, flatDir configuration lets us use a modified version from diff --git a/samples/s3/build.gradle b/samples/s3/build.gradle index 17f92a1..fd1a413 100644 --- a/samples/s3/build.gradle +++ b/samples/s3/build.gradle @@ -13,7 +13,7 @@ apply plugin: 'java' apply plugin: 'org.springframework.boot' // The designated version should match the current version in the root of the repo -ext.starterVersion = '2.7.13' +ext.starterVersion = '2.7.14' // The local, flatDir configuration lets us use a modified version from // this repository without needing it released via maven