Package org.apache.geronimo.management.geronimo

Examples of org.apache.geronimo.management.geronimo.KeystoreInstance


        return result;
    }

    public KeystoreInstance getKeystore(String name, String type) {
        for (Iterator it = keystores.iterator(); it.hasNext();) {
            KeystoreInstance instance = (KeystoreInstance) it.next();
            if(instance.getKeystoreName().equals(name)) {
                return instance;
            }
        }
        File test = new File(directory, name);
        if(!test.exists() || !test.canRead()) {
View Full Code Here


     *                unlocked.
     * @throws KeystoreException
     */
    public SSLSocketFactory createSSLFactory(String provider, String protocol, String algorithm, String keyStore, String keyAlias, String trustStore, ClassLoader loader) throws KeystoreException {
        // the keyStore is optional.
        KeystoreInstance keyInstance = null;
        if (keyStore != null) {
            keyInstance = getKeystore(keyStore, null);
            if(keyInstance.isKeystoreLocked()) {
                throw new KeystoreIsLocked("Keystore '"+keyStore+"' is locked; please use the keystore page in the admin console to unlock it");
            }
            if(keyInstance.isKeyLocked(keyAlias)) {
                throw new KeystoreIsLocked("Key '"+keyAlias+"' in keystore '"+keyStore+"' is locked; please use the keystore page in the admin console to unlock it");
            }
        }
        KeystoreInstance trustInstance = trustStore == null ? null : getKeystore(trustStore, null);
        if(trustInstance != null && trustInstance.isKeystoreLocked()) {
            throw new KeystoreIsLocked("Keystore '"+trustStore+"' is locked; please use the keystore page in the admin console to unlock it");
        }

        // OMG this hurts, but it causes ClassCastExceptions elsewhere unless done this way!
        try {
            Class cls = loader.loadClass("javax.net.ssl.SSLContext");
            Object ctx = cls.getMethod("getInstance", new Class[] {String.class}).invoke(null, new Object[]{protocol});
            Class kmc = Class.forName("[Ljavax.net.ssl.KeyManager;", false, loader);
            Class tmc = Class.forName("[Ljavax.net.ssl.TrustManager;", false, loader);            Class src = loader.loadClass("java.security.SecureRandom");
            cls.getMethod("init", new Class[]{kmc, tmc, src}).invoke(ctx, new Object[]{
                                                                            keyInstance == null ? null : keyInstance.getKeyManager(algorithm, keyAlias, null),
                                                                            trustInstance == null ? null : trustInstance.getTrustManager(algorithm, null),
                                                                            new java.security.SecureRandom()});
            Object result = cls.getMethod("getSocketFactory", new Class[0]).invoke(ctx, new Object[0]);
            return (SSLSocketFactory) result;
        } catch (Exception e) {
            throw new KeystoreException("Unable to create SSL Factory", e);
View Full Code Here

     * @throws KeyIsLocked Occurs when the requested private key in the key
     *                     keystore cannot be used because it has not been
     *                     unlocked.
     */
    public SSLContext createSSLContext(String provider, String protocol, String algorithm, String keyStore, String keyAlias, String trustStore, ClassLoader loader) throws KeystoreException {
        KeystoreInstance keyInstance = getKeystore(keyStore, null);
        if(keyInstance.isKeystoreLocked()) {
            throw new KeystoreIsLocked("Keystore '"+keyStore+"' is locked; please use the keystore page in the admin console to unlock it");
        }
        if(keyInstance.isKeyLocked(keyAlias)) {
            throw new KeystoreIsLocked("Key '"+keyAlias+"' in keystore '"+keyStore+"' is locked; please use the keystore page in the admin console to unlock it");
        }
        KeystoreInstance trustInstance = trustStore == null ? null : getKeystore(trustStore, null);
        if(trustInstance != null && trustInstance.isKeystoreLocked()) {
            throw new KeystoreIsLocked("Keystore '"+trustStore+"' is locked; please use the keystore page in the admin console to unlock it");
        }

        // OMG this hurts, but it causes ClassCastExceptions elsewhere unless done this way!
        try {
            Class cls = loader.loadClass("javax.net.ssl.SSLContext");
            Object ctx = cls.getMethod("getInstance", new Class[] {String.class}).invoke(null, new Object[]{protocol});
            Class kmc = Class.forName("[Ljavax.net.ssl.KeyManager;", false, loader);
            Class tmc = Class.forName("[Ljavax.net.ssl.TrustManager;", false, loader);
            Class src = loader.loadClass("java.security.SecureRandom");
            cls.getMethod("init", new Class[]{kmc, tmc, src}).invoke(ctx, new Object[]{keyInstance.getKeyManager(algorithm, keyAlias, null),
                                                                            trustInstance == null ? null : trustInstance.getTrustManager(algorithm, null),
                                                                            new java.security.SecureRandom()});
            return (SSLContext) ctx;
        } catch (Exception e) {
            throw new KeystoreException("Unable to create SSL Context", e);
        }
View Full Code Here

    }

    public KeystoreInstance[] getUnlockedKeyStores() {
        List results = new ArrayList();
        for (Iterator it = keystores.iterator(); it.hasNext();) {
            KeystoreInstance instance = (KeystoreInstance) it.next();
            try {
                if(!instance.isKeystoreLocked() && instance.getUnlockedKeys(null).length > 0) {
                    results.add(instance);
                }
            } catch (KeystoreException e) {}
        }
        return (KeystoreInstance[]) results.toArray(new KeystoreInstance[results.size()]);
View Full Code Here

    }

    public KeystoreInstance[] getUnlockedTrustStores() {
        List results = new ArrayList();
        for (Iterator it = keystores.iterator(); it.hasNext();) {
            KeystoreInstance instance = (KeystoreInstance) it.next();
            try {
                if(!instance.isKeystoreLocked() && instance.isTrustStore(null)) {
                    results.add(instance);
                }
            } catch (KeystoreException e) {}
        }
        return (KeystoreInstance[]) results.toArray(new KeystoreInstance[results.size()]);
View Full Code Here

                KeystoreInstance[] keystores = PortletManager.getCurrentServer(request)
                        .getKeystoreManager().getKeystores();

                String[] keys = null;
                for (int i = 0; i < keystores.length; i++) {
                    KeystoreInstance keystore = keystores[i];
                    if (keystore.getKeystoreName().equals(keyStore)) {
                        keys = keystore.getUnlockedKeys(null);
                    }
                }
                if (keys != null && keys.length == 1) {
                    setProperty(connector, "keyAlias", keys[0]);
                } else {
View Full Code Here

            // Check if the key algorithm is same as defaultKeyAlgorithm (which is "RSA")
            if(!defaultKeyAlgorithm.equalsIgnoreCase(keyAlgorithm)) {
                throw new Exception("Key Algorithm '"+keyAlgorithm+"' is not supported.");
            }
            // Create a KeystoreInstance and generate keypair
            KeystoreInstance caKeystore = createCAKeystoreInstance(request, password, KeystoreUtil.defaultType);
            caKeystore.unlockKeystore(password.toCharArray());
            caKeystore.generateKeyPair(alias, password.toCharArray(), password.toCharArray(), keyAlgorithm, Integer.parseInt(keySize),
                    algorithm, 365, caCN, caOU, caO, caL, caST, caC);
            caKeystore.unlockPrivateKey(alias, password.toCharArray(), password.toCharArray());
           
            // Create CertificationAuthority, CertificateStore and CertificateRequestStore GBeans
            createCARelatedGBeans(request, (GeronimoManagedBean)caKeystore, defaultCAStoreDir, defaultCSRStoreDir);

            CertificationAuthority ca = getCertificationAuthority(request);
View Full Code Here

            // Check if the key algorithm is same as defaultKeyAlgorithm (which is "RSA")
            if(!defaultKeyAlgorithm.equalsIgnoreCase(keyAlgorithm)) {
                throw new Exception("Key Algorithm '"+keyAlgorithm+"' is not supported.");
            }
            // Create a KeystoreInstance and generate keypair
            KeystoreInstance caKeystore = createCAKeystoreInstance(request, password);
            caKeystore.unlockKeystore(password.toCharArray());
            caKeystore.generateKeyPair(alias, password.toCharArray(), password.toCharArray(), keyAlgorithm, Integer.parseInt(keySize),
                    algorithm, 365, caCN, caOU, caO, caL, caST, caC);
            caKeystore.unlockPrivateKey(alias, password.toCharArray(), password.toCharArray());
           
            // Create CertificationAuthority, CertificateStore and CertificateRequestStore GBeans
            createCARelatedGBeans(request, (GeronimoManagedBean)caKeystore, defaultCAStoreDir, defaultCSRStoreDir);

            CertificationAuthority ca = getCertificationAuthority(request);
View Full Code Here

                    try {
                        KeystoreInstance[] keystores = PortletManager.getCurrentServer(actionRequest).getKeystoreManager().getKeystores();

                        String[] keys = null;
                        for (int i = 0; i < keystores.length; i++) {
                            KeystoreInstance keystore = keystores[i];
                            if(keystore.getKeystoreName().equals(keyStore)) {
                                keys = keystore.getUnlockedKeys(null);
                            }
                        }
                        if(keys != null && keys.length == 1) {
                            setProperty(secure, "keyAlias", keys[0]);
                        } else {
                            throw new PortletException("Cannot handle keystores with anything but 1 unlocked private key");
                        }
                    } catch (KeystoreException e) {
                        throw new PortletException(e);
                    }
                    String trustStore = actionRequest.getParameter("unlockTrustStore");
                    // "" is a valid trustStore value, which means the parameter should be cleared
                    setProperty(secure, "trustStore", isValid(trustStore) ? trustStore : null);
                } else if (server.equals(WEB_SERVER_TOMCAT)) {
                    if(isValid(truststoreType)) {setProperty(secure, "truststoreType", truststoreType);}
                    if(isValid(truststoreFile)) {setProperty(secure, "truststoreFileName", truststoreFile);}
                    if(isValid(truststorePass)) {setProperty(secure, "truststorePassword", truststorePass);}
                } else {
                    //todo:   Handle "should not occur" condition
                }
            }
            // Start the connector
            try {
                ((GeronimoManagedBean)connector).startRecursive();
            } catch (Exception e) {
                log.error("Unable to start connector", e); //todo: get into rendered page somehow?
            }
            actionResponse.setRenderParameter("mode", "list");
        } else if(mode.equals("save")) { // User just submitted the form to update a connector
            // Get submitted values
            //todo: lots of validation
            String host = actionRequest.getParameter("host");
            int port = Integer.parseInt(actionRequest.getParameter("port"));
            int maxThreads = Integer.parseInt(actionRequest.getParameter("maxThreads"));
            Integer minThreads = getInteger(actionRequest, "minThreads");
            String connectorURI = actionRequest.getParameter("connectorURI");
            // Identify and update the connector
            WebConnector connector = PortletManager.getWebConnector(actionRequest, new AbstractName(URI.create(connectorURI)));
            if(connector != null) {
                connector.setHost(host);
                connector.setPort(port);
                connector.setMaxThreads(maxThreads);
                if(server.equals(WEB_SERVER_JETTY)) {
                    if(minThreads != null) {
                        setProperty(connector,"minThreads",minThreads);
                    }
                    else if (server.equals(WEB_SERVER_TOMCAT)) {
                        //todo:   Any Tomcat specific processing?
                    }
                    else {
                        //todo:   Handle "should not occur" condition
                    }
                }
                if(connector instanceof SecureConnector) {
                    String keystoreType = actionRequest.getParameter("keystoreType");
                    String keystoreFile = actionRequest.getParameter("keystoreFile");
                    String privateKeyPass = actionRequest.getParameter("privateKeyPassword");
                    String keystorePass = actionRequest.getParameter("keystorePassword");
                    String secureProtocol = actionRequest.getParameter("secureProtocol");
                    String algorithm = actionRequest.getParameter("algorithm");
                    String truststoreType = actionRequest.getParameter("truststoreType");
                    String truststoreFile = actionRequest.getParameter("truststoreFile");
                    String truststorePass = actionRequest.getParameter("truststorePassword");
                    boolean clientAuth = isValid(actionRequest.getParameter("clientAuth"));
                    SecureConnector secure = (SecureConnector) connector;
                    if(isValid(keystoreType)) {secure.setKeystoreType(keystoreType);}
                    if(isValid(keystoreFile)) {secure.setKeystoreFileName(keystoreFile);}
                    if(isValid(keystorePass)) {secure.setKeystorePassword(keystorePass);}
                    if(isValid(secureProtocol)) {secure.setSecureProtocol(secureProtocol);}
                    if(isValid(algorithm)) {secure.setAlgorithm(algorithm);}
                    secure.setClientAuthRequired(clientAuth);
                    if(server.equals(WEB_SERVER_JETTY)) {
                        if(isValid(privateKeyPass)) {setProperty(secure, "keyPassword", privateKeyPass);}
                        String keyStore = actionRequest.getParameter("unlockKeyStore");
                        String trustStore = actionRequest.getParameter("unlockTrustStore");
                        setProperty(secure, "keyStore", keyStore);
                        try {
                            KeystoreInstance[] keystores = PortletManager.getCurrentServer(actionRequest).getKeystoreManager().getKeystores();

                            String[] keys = null;
                            for (int i = 0; i < keystores.length; i++) {
                                KeystoreInstance keystore = keystores[i];
                                if(keystore.getKeystoreName().equals(keyStore)) {
                                    keys = keystore.getUnlockedKeys(null);
                                }
                            }
                            if(keys != null && keys.length == 1) {
                                setProperty(secure, "keyAlias", keys[0]);
                            } else {
View Full Code Here

            return getMode();
        } else if(password == null) {
            response.setRenderParameter("filename", filename);
            return getMode();
        }
        KeystoreInstance instance = PortletManager.getCurrentServer(request).getKeystoreManager().createKeystore(filename, password.toCharArray());
        PortletSession session = request.getPortletSession(true);
        KeystoreData data = new KeystoreData();
        data.setInstance(instance);
        session.setAttribute(KEYSTORE_DATA_PREFIX+filename, data);
        char[] cpw = password.toCharArray();
View Full Code Here

TOP

Related Classes of org.apache.geronimo.management.geronimo.KeystoreInstance

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.