/*
* Adito
*
* Copyright (C) 2003-2006 3SP LTD. All Rights Reserved
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2 of
* the License, or (at your option) any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public
* License along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
package com.adito.install.actions;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.upload.FormFile;
import com.adito.boot.Util;
import com.adito.core.actions.AuthenticatedAction;
import com.adito.install.forms.ImportExistingCertificateForm;
import com.adito.security.Constants;
import com.adito.security.SessionInfo;
import com.adito.vfs.forms.UploadForm;
import com.adito.wizard.AbstractWizardSequence;
/**
* Implementatation of a {@link AuthenticatedAction} that allows a certificate
* to be uploaded during the install wizard.
*
* @see com.adito.install.forms.ConfigureUserDatabaseForm
*/
public class UploadExistingCertificateAction extends AuthenticatedAction {
private static final Log log = LogFactory.getLog(UploadExistingCertificateAction.class);
/* (non-Javadoc)
* @see com.adito.core.actions.AuthenticatedAction#onExecute(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
public ActionForward onExecute(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response)
throws Exception {
String alias = request.getParameter("alias");
UploadForm uploadForm = (UploadForm) form;
FormFile uploadFile = uploadForm.getUploadFile();
String fileName = uploadFile.getFileName();
if (fileName.trim().length() == 0) {
saveError(request, "installation.uploadExistingCertificate.noFileProvided");
return mapping.getInputForward();
}
if (uploadFile.getFileSize() == 0) {
saveError(request, "installation.uploadExistingCertificate.invalidFile");
return mapping.getInputForward();
}
if (log.isInfoEnabled())
log.info("Uploading certificate with alias " + alias);
File keystoreFile = File.createTempFile("uploadedFile", "");
doUpload(request, uploadFile, keystoreFile);
String keyStoreType = request.getParameter("keyStoreType");
String password = request.getParameter("password");
if (!validateKeyStore(keyStoreType, password, keystoreFile)) {
saveError(request, "installation.uploadExistingCertificate.importFailure");
return mapping.getInputForward();
}
AbstractWizardSequence seq = (AbstractWizardSequence) request.getSession().getAttribute(Constants.WIZARD_SEQUENCE);
seq.putAttribute(ImportExistingCertificateForm.ATTR_PASSPHRASE, password);
seq.putAttribute(ImportExistingCertificateForm.ATTR_UPLOADED_FILE, keystoreFile);
seq.putAttribute(ImportExistingCertificateForm.ATTR_KEY_STORE_TYPE, keyStoreType);
seq.putAttribute(ImportExistingCertificateForm.ATTR_ALIAS, alias.trim());
saveMessage(request, "installation.uploadExisting.uploaded", fileName, uploadFile.getFileSize());
return mapping.findForward("success");
}
private boolean doUpload(HttpServletRequest request, FormFile uploadFile, File keystoreFile) {
InputStream inputStream = null;
OutputStream outputStream = null;
try {
inputStream = uploadFile.getInputStream();
outputStream = new FileOutputStream(keystoreFile);
Util.copy(inputStream, outputStream);
return true;
} catch (Exception e) {
String errorMessage = e.getMessage() == null ? "No message provided." : e.getMessage();
saveError(request, "installation.uploadExistingCertificate.failedToUploadFile", uploadFile.getFileName(), errorMessage);
return false;
} finally {
Util.closeStream(inputStream);
Util.closeStream(outputStream);
}
}
private boolean validateKeyStore(String keyStoreType, String password, File keystoreFile) {
InputStream inputStream = null;
try {
KeyStore keyStore = KeyStore.getInstance(keyStoreType);
inputStream = new FileInputStream(keystoreFile);
keyStore.load(inputStream, password.toCharArray());
return true;
} catch (Exception e) {
log.error("Validation of key store failed", e);
return false;
} finally {
Util.closeStream(inputStream);
}
}
public int getNavigationContext(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) {
return SessionInfo.MANAGEMENT_CONSOLE_CONTEXT | SessionInfo.SETUP_CONSOLE_CONTEXT;
}
}