You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by gn...@apache.org on 2006/10/19 19:57:04 UTC
svn commit: r465702 [1/2] - in /geronimo/server/trunk:
applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/
applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanag...
Author: gnodet
Date: Thu Oct 19 10:57:02 2006
New Revision: 465702
URL: http://svn.apache.org/viewvc?view=rev&rev=465702
Log:
GERONIMO-2504: Allow all read-only operations on KeystoreInstance to be available to services
Added:
geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyNotFoundException.java
geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreException.java
Modified:
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/BaseKeystoreHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/CertificateDetailsHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ConfirmCertificateHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ConfirmKeyHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/DeleteEntryHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/EditKeystoreHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/GenerateCSRHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ImportCAReplyHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ListHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/LockEditKeystoreHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/LockKeystoreHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/UnlockKeyHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/UnlockKeystoreHandler.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/keystore/index.jsp
geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/keystore/viewKeystore.jsp
geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyIsLocked.java
geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java
geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreIsLocked.java
geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreManager.java
geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreManager.java
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/BaseKeystoreHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/BaseKeystoreHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/BaseKeystoreHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/BaseKeystoreHandler.java Thu Oct 19 10:57:02 2006
@@ -17,11 +17,9 @@
package org.apache.geronimo.console.keystores;
import java.io.ByteArrayInputStream;
-import java.io.FileNotFoundException;
import java.io.InputStream;
import java.io.Serializable;
import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
@@ -36,8 +34,8 @@
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.console.MultiPageAbstractHandler;
import org.apache.geronimo.console.MultiPageModel;
+import org.apache.geronimo.management.geronimo.KeystoreException;
import org.apache.geronimo.management.geronimo.KeystoreInstance;
-import org.apache.geronimo.management.geronimo.KeystoreIsLocked;
import org.apache.geronimo.util.CertificateUtil;
/**
@@ -86,6 +84,10 @@
private Map fingerprints;
private Map keyPasswords;
+ public String getName() {
+ return instance.getKeystoreName();
+ }
+
public KeystoreInstance getInstance() {
return instance;
}
@@ -94,37 +96,23 @@
this.instance = instance;
}
- public void setPassword(char[] password) {
- this.password = password;
- if(password == null) { // If locking, clear all saved data
- certificates = null;
- keys = null;
- fingerprints = null;
- keyPasswords = null;
- }
- }
-
- public boolean isLocked() {
+ public boolean isLockedEdit() {
return password == null;
}
+
+ public boolean isLockedUse() {
+ return instance.isKeystoreLocked();
+ }
public String[] getCertificates() {
return certificates;
}
- public void setCertificates(String[] certificates) {
- this.certificates = certificates;
- }
-
public String[] getKeys() {
return keys;
}
- public void setKeys(String[] keys) {
- this.keys = keys;
- }
-
- public Map getFingerprints() {
+ public Map getFingerprints() throws KeystoreException {
if(fingerprints == null) {
fingerprints = new HashMap();
for (int i = 0; i < certificates.length; i++) {
@@ -146,69 +134,63 @@
}
return fingerprints;
}
-
- public boolean importTrustCert(String fileName, String alias) throws FileNotFoundException, CertificateException {
- // Uploading certificate using a disk file fails on Windows. Certificate text is used instead.
- //InputStream is = new FileInputStream(fileName);
- InputStream is = new ByteArrayInputStream(fileName.getBytes());
- CertificateFactory cf = CertificateFactory.getInstance("X.509");
- Collection certs = cf.generateCertificates(is);
- X509Certificate cert = (X509Certificate) certs.iterator().next();
- boolean result = instance.importTrustCertificate(cert, alias, password);
- if(result) {
+
+ public void importTrustCert(String fileName, String alias) throws KeystoreException {
+ try {
+ // Uploading certificate using a disk file fails on Windows. Certificate text is used instead.
+ //InputStream is = new FileInputStream(fileName);
+ InputStream is = new ByteArrayInputStream(fileName.getBytes());
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ Collection certs = cf.generateCertificates(is);
+ X509Certificate cert = (X509Certificate) certs.iterator().next();
+ instance.importTrustCertificate(cert, alias, password);
String[] update = new String[certificates.length+1];
System.arraycopy(certificates, 0, update, 0, certificates.length);
update[certificates.length] = alias;
certificates = update;
- if(fingerprints == null) {
- getFingerprints();
- }
- try {
+ if (fingerprints != null) {
fingerprints.put(alias, CertificateUtil.generateFingerprint(instance.getCertificate(alias, password), "MD5"));
- } catch (Exception e) {
- log.error("Unable to generate certificate fingerprint", e);
}
+ } catch (KeystoreException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new KeystoreException("Unable to import trust certificate", e);
}
- return result;
}
- public boolean createKeyPair(String alias, String keyPassword, String keyAlgorithm, int keySize,
+ public void createKeyPair(String alias, String keyPassword, String keyAlgorithm, int keySize,
String signatureAlgorithm, int validity, String commonName, String orgUnit,
- String organization, String locality, String state, String country) {
- boolean result = instance.generateKeyPair(alias, password, keyPassword.toCharArray(), keyAlgorithm, keySize,
- signatureAlgorithm, validity, commonName, orgUnit, organization, locality, state, country);
- if(result) {
+ String organization, String locality, String state, String country) throws KeystoreException {
+ try {
+ instance.generateKeyPair(alias, password, keyPassword.toCharArray(), keyAlgorithm, keySize,
+ signatureAlgorithm, validity, commonName, orgUnit, organization, locality, state, country);
String[] update = new String[keys.length+1];
System.arraycopy(keys, 0, update, 0, keys.length);
update[keys.length] = alias;
keys = update;
- if(fingerprints == null) {
- getFingerprints();
- }
- try {
+ if (fingerprints != null) {
fingerprints.put(alias, CertificateUtil.generateFingerprint(instance.getCertificate(alias, password), "MD5"));
- } catch (Exception e) {
- log.error("Unable to generate certificate fingerprint", e);
}
+ } catch (KeystoreException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new KeystoreException("Unable to create key pair", e);
}
- return result;
}
- public Certificate getCertificate(String alias) {
+ public Certificate getCertificate(String alias) throws KeystoreException {
return instance.getCertificate(alias, password);
}
- public void unlockPrivateKey(String alias, char[] keyPassword) throws KeystoreIsLocked {
+ public void unlockPrivateKey(String alias, char[] keyPassword) throws KeystoreException {
if(keyPasswords == null) {
keyPasswords = new HashMap();
}
-
- if(instance.unlockPrivateKey(alias, keyPassword)) {
- keyPasswords.put(alias, keyPassword);
- }
+ instance.unlockPrivateKey(alias, password, keyPassword);
+ keyPasswords.put(alias, keyPassword);
}
- public void deleteEntry(String alias) {
+ public void deleteEntry(String alias) throws KeystoreException {
for(int i = 0; i < keys.length; ++i) {
if(keys[i].equals(alias)) {
String[] temp = new String[keys.length-1];
@@ -236,20 +218,52 @@
break;
}
}
- instance.deleteEntry(alias);
+ instance.deleteEntry(alias, password);
if(keyPasswords != null)
keyPasswords.remove(alias);
if(fingerprints != null)
fingerprints.remove(alias);
}
- public void importPKCS7Certificate(String alias, String pkcs7cert) {
+ public void importPKCS7Certificate(String alias, String pkcs7cert) throws KeystoreException {
try {
- instance.importPKCS7Certificate(alias, pkcs7cert);
+ instance.importPKCS7Certificate(alias, pkcs7cert, password);
fingerprints.put(alias, CertificateUtil.generateFingerprint(instance.getCertificate(alias, password), "MD5"));
- } catch (Exception e) {
- log.error("Error importing CA reply", e);
+ } catch (KeystoreException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new KeystoreException("Unable to import PKCS7 certificate", e);
}
}
+
+ public String generateCSR(String alias) throws KeystoreException {
+ return instance.generateCSR(alias, password);
+ }
+
+ public void unlockEdit(char[] password) throws KeystoreException {
+ this.certificates = instance.listTrustCertificates(password);
+ this.keys = instance.listPrivateKeys(password);
+ // Set password last, so that if an error occurs, the keystore
+ // still appears locked (lockedEdit == false)
+ this.password = password;
+ this.fingerprints = null;
+ }
+
+ public void lockEdit() {
+ this.password = null;
+ this.certificates = null;
+ this.keyPasswords = null;
+ this.keys = null;
+ this.fingerprints = null;
+ }
+
+ public void lockUse() throws KeystoreException {
+ instance.lockKeystore(password);
+ }
+
+ public void unlockUse(char[] password) throws KeystoreException {
+ instance.unlockKeystore(password);
+ }
+
}
}
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/CertificateDetailsHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/CertificateDetailsHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/CertificateDetailsHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/CertificateDetailsHandler.java Thu Oct 19 10:57:02 2006
@@ -17,6 +17,8 @@
package org.apache.geronimo.console.keystores;
import org.apache.geronimo.console.MultiPageModel;
+import org.apache.geronimo.management.geronimo.KeystoreException;
+
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
import javax.portlet.PortletException;
@@ -51,7 +53,12 @@
alias = "";
}
KeystoreData data = ((KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + id));
- Certificate cert = data.getCertificate(alias);
+ Certificate cert;
+ try {
+ cert = data.getCertificate(alias);
+ } catch (KeystoreException e) {
+ throw new PortletException(e);
+ }
String type = "Trusted Certificate";
boolean keyLocked = true;
String[] keys = data.getKeys();
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ConfirmCertificateHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ConfirmCertificateHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ConfirmCertificateHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ConfirmCertificateHandler.java Thu Oct 19 10:57:02 2006
@@ -19,6 +19,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.console.MultiPageModel;
+import org.apache.geronimo.management.geronimo.KeystoreException;
import org.apache.geronimo.util.CertificateUtil;
import javax.portlet.ActionRequest;
@@ -28,7 +29,6 @@
import javax.portlet.RenderResponse;
import java.io.ByteArrayInputStream;
-import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.NoSuchAlgorithmException;
@@ -92,11 +92,9 @@
}
KeystoreData data = ((KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + id));
try {
- if(!data.importTrustCert(certificate, alias)) {
- log.error("Unable to import certificate");
- }
- } catch (CertificateException e) {
- log.error("Unable to import certificate", e);
+ data.importTrustCert(certificate, alias);
+ } catch (KeystoreException e) {
+ throw new PortletException(e);
}
response.setRenderParameter("id", id);
return VIEW_KEYSTORE+BEFORE_ACTION;
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ConfirmKeyHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ConfirmKeyHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ConfirmKeyHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ConfirmKeyHandler.java Thu Oct 19 10:57:02 2006
@@ -19,6 +19,7 @@
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.console.MultiPageModel;
+import org.apache.geronimo.management.geronimo.KeystoreException;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
@@ -94,9 +95,13 @@
String certC = request.getParameter("certC");
KeystoreData data = ((KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + keystore));
- if(!data.createKeyPair(alias, password, "RSA", Integer.parseInt(keySize), algorithm, Integer.parseInt(valid),
- certCN, certOU, certO, certL, certST, certC)) {
- ConfirmKeyHandler.log.error("Unable to import certificate");
+ try {
+ data.createKeyPair(alias, password, "RSA", Integer.parseInt(keySize), algorithm, Integer.parseInt(valid),
+ certCN, certOU, certO, certL, certST, certC);
+ } catch (NumberFormatException e) {
+ throw new PortletException(e);
+ } catch (KeystoreException e) {
+ throw new PortletException(e);
}
response.setRenderParameter("id", keystore);
return VIEW_KEYSTORE+BEFORE_ACTION;
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java Thu Oct 19 10:57:02 2006
@@ -17,8 +17,6 @@
package org.apache.geronimo.console.keystores;
import java.io.IOException;
-import java.util.Map;
-import java.util.HashMap;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
import javax.portlet.PortletException;
@@ -27,8 +25,7 @@
import javax.portlet.PortletSession;
import org.apache.geronimo.console.MultiPageModel;
import org.apache.geronimo.console.util.PortletManager;
-import org.apache.geronimo.gbean.AbstractName;
-import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
+import org.apache.geronimo.management.geronimo.KeystoreException;
import org.apache.geronimo.management.geronimo.KeystoreInstance;
/**
@@ -60,16 +57,17 @@
response.setRenderParameter("filename", filename);
return getMode();
}
- KeystoreInstance instance = PortletManager.getCurrentServer(request).getKeystoreManager().createKeystore(filename, password.toCharArray());
- PortletSession session = request.getPortletSession(true);
- KeystoreData data = new KeystoreData();
- data.setInstance(instance);
- session.setAttribute(KEYSTORE_DATA_PREFIX+filename, data);
- char[] cpw = password.toCharArray();
- data.setPassword(cpw);
- data.setCertificates(data.getInstance().listTrustCertificates(cpw));
- data.setKeys(data.getInstance().listPrivateKeys(cpw));
-
+ try {
+ KeystoreInstance instance = PortletManager.getCurrentServer(request).getKeystoreManager().createKeystore(filename, password.toCharArray());
+ PortletSession session = request.getPortletSession(true);
+ KeystoreData data = new KeystoreData();
+ data.setInstance(instance);
+ session.setAttribute(KEYSTORE_DATA_PREFIX+filename, data);
+ char[] cpw = password.toCharArray();
+ data.unlockEdit(cpw);
+ } catch (KeystoreException e) {
+ throw new PortletException(e);
+ }
return LIST_MODE+BEFORE_ACTION;
}
}
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/DeleteEntryHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/DeleteEntryHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/DeleteEntryHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/DeleteEntryHandler.java Thu Oct 19 10:57:02 2006
@@ -17,6 +17,7 @@
package org.apache.geronimo.console.keystores;
import org.apache.geronimo.console.MultiPageModel;
+import org.apache.geronimo.management.geronimo.KeystoreException;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
@@ -42,7 +43,11 @@
response.setRenderParameter("id", id);
if(alias != null) {
KeystoreData data = (KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + id);
- data.deleteEntry(alias);
+ try {
+ data.deleteEntry(alias);
+ } catch (KeystoreException e) {
+ throw new PortletException(e);
+ }
}
} // else we hope this is after a failure and the actionAfterView took care of it below!
return getMode();
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/EditKeystoreHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/EditKeystoreHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/EditKeystoreHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/EditKeystoreHandler.java Thu Oct 19 10:57:02 2006
@@ -17,6 +17,7 @@
package org.apache.geronimo.console.keystores;
import org.apache.geronimo.console.MultiPageModel;
+import org.apache.geronimo.management.geronimo.KeystoreException;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
@@ -59,9 +60,11 @@
}
KeystoreData data = ((KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + keystore));
char[] storePass = password.toCharArray();
- data.setPassword(storePass);
- data.setCertificates(data.getInstance().listTrustCertificates(storePass));
- data.setKeys(data.getInstance().listPrivateKeys(storePass));
+ try {
+ data.unlockEdit(storePass);
+ } catch (KeystoreException e) {
+ throw new PortletException(e);
+ }
return LIST_MODE+BEFORE_ACTION;
}
}
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/GenerateCSRHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/GenerateCSRHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/GenerateCSRHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/GenerateCSRHandler.java Thu Oct 19 10:57:02 2006
@@ -17,7 +17,7 @@
package org.apache.geronimo.console.keystores;
import org.apache.geronimo.console.MultiPageModel;
-import org.apache.geronimo.management.geronimo.KeystoreInstance;
+import org.apache.geronimo.management.geronimo.KeystoreException;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
@@ -49,9 +49,12 @@
request.setAttribute("id", id);
request.setAttribute("alias", alias);
KeystoreData data = ((KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + id));
- KeystoreInstance keystoreInstance = data.getInstance();
- String csr = keystoreInstance.generateCSR(alias);
- request.setAttribute("csr", csr);
+ try {
+ String csr = data.generateCSR(alias);
+ request.setAttribute("csr", csr);
+ } catch (KeystoreException e) {
+ throw new PortletException(e);
+ }
}
public String actionAfterView(ActionRequest request, ActionResponse response, MultiPageModel model) throws PortletException, IOException {
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ImportCAReplyHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ImportCAReplyHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ImportCAReplyHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ImportCAReplyHandler.java Thu Oct 19 10:57:02 2006
@@ -25,6 +25,7 @@
import javax.portlet.RenderResponse;
import org.apache.geronimo.console.MultiPageModel;
+import org.apache.geronimo.management.geronimo.KeystoreException;
/**
* Handler for importing a certficate issued by a CA
@@ -59,7 +60,11 @@
return CERTIFICATE_DETAILS+BEFORE_ACTION;
String pkcs7cert = request.getParameter("pkcs7cert");
KeystoreData data = ((KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + id));
- data.importPKCS7Certificate(alias, pkcs7cert);
+ try {
+ data.importPKCS7Certificate(alias, pkcs7cert);
+ } catch (KeystoreException e) {
+ throw new PortletException(e);
+ }
return CERTIFICATE_DETAILS+BEFORE_ACTION;
}
}
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ListHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ListHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ListHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/ListHandler.java Thu Oct 19 10:57:02 2006
@@ -29,6 +29,7 @@
import org.apache.geronimo.console.util.PortletManager;
import org.apache.geronimo.gbean.AbstractName;
import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
+import org.apache.geronimo.management.geronimo.KeystoreException;
import org.apache.geronimo.management.geronimo.KeystoreInstance;
import org.apache.geronimo.management.geronimo.KeystoreIsLocked;
import org.apache.geronimo.management.geronimo.KeystoreManager;
@@ -65,13 +66,13 @@
datas[i] = data;
if(!data.getInstance().isKeystoreLocked()) {
try {
- String[] all = data.getInstance().getUnlockedKeys();
+ String[] all = data.getInstance().getUnlockedKeys(null);
if(all.length > 0) {
keys.put(data.getInstance().getKeystoreName(), all.length+" key"+(all.length > 1 ? "s" : "")+" ready");
} else {
keys.put(data.getInstance().getKeystoreName(), "trust store only");
}
- } catch (KeystoreIsLocked locked) {}
+ } catch (KeystoreException locked) {}
}
}
request.setAttribute("keystores", datas);
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/LockEditKeystoreHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/LockEditKeystoreHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/LockEditKeystoreHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/LockEditKeystoreHandler.java Thu Oct 19 10:57:02 2006
@@ -38,7 +38,7 @@
public String actionBeforeView(ActionRequest request, ActionResponse response, MultiPageModel model) throws PortletException, IOException {
String keystore = request.getParameter("keystore");
KeystoreData data = ((KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + keystore));
- data.setPassword(null);
+ data.lockEdit();
return LIST_MODE+BEFORE_ACTION;
}
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/LockKeystoreHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/LockKeystoreHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/LockKeystoreHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/LockKeystoreHandler.java Thu Oct 19 10:57:02 2006
@@ -17,6 +17,7 @@
package org.apache.geronimo.console.keystores;
import org.apache.geronimo.console.MultiPageModel;
+import org.apache.geronimo.management.geronimo.KeystoreException;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
@@ -38,7 +39,11 @@
public String actionBeforeView(ActionRequest request, ActionResponse response, MultiPageModel model) throws PortletException, IOException {
String keystore = request.getParameter("keystore");
KeystoreData data = ((KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + keystore));
- data.getInstance().lockKeystore();
+ try {
+ data.lockUse();
+ } catch (KeystoreException e) {
+ throw new PortletException(e);
+ }
return LIST_MODE+BEFORE_ACTION;
}
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/UnlockKeyHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/UnlockKeyHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/UnlockKeyHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/UnlockKeyHandler.java Thu Oct 19 10:57:02 2006
@@ -17,7 +17,7 @@
package org.apache.geronimo.console.keystores;
import org.apache.geronimo.console.MultiPageModel;
-import org.apache.geronimo.management.geronimo.KeystoreIsLocked;
+import org.apache.geronimo.management.geronimo.KeystoreException;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
@@ -42,10 +42,9 @@
public void renderView(RenderRequest request, RenderResponse response, MultiPageModel model) throws PortletException, IOException {
String keystore = request.getParameter("keystore");
- String password = request.getParameter("password");
request.setAttribute("keystore", keystore);
KeystoreData data = ((KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + keystore));
- request.setAttribute("keys", data.getInstance().listPrivateKeys(password.toCharArray()));
+ request.setAttribute("keys", data.getKeys());
}
public String actionAfterView(ActionRequest request, ActionResponse response, MultiPageModel model) throws PortletException, IOException {
@@ -57,10 +56,9 @@
}
KeystoreData data = ((KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + keystore));
try {
- //data.getInstance().unlockPrivateKey(alias, keyPassword.toCharArray());
data.unlockPrivateKey(alias, keyPassword.toCharArray());
- } catch (KeystoreIsLocked e) {
- throw new PortletException("Invalid password for keystore", e);
+ } catch (KeystoreException e) {
+ throw new PortletException(e);
}
return LIST_MODE+BEFORE_ACTION;
}
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/UnlockKeystoreHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/UnlockKeystoreHandler.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/UnlockKeystoreHandler.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/keystores/UnlockKeystoreHandler.java Thu Oct 19 10:57:02 2006
@@ -17,7 +17,6 @@
package org.apache.geronimo.console.keystores;
import org.apache.geronimo.console.MultiPageModel;
-import org.apache.geronimo.management.geronimo.KeystoreIsLocked;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
@@ -65,20 +64,20 @@
}
KeystoreData data = ((KeystoreData) request.getPortletSession(true).getAttribute(KEYSTORE_DATA_PREFIX + keystore));
char[] storePass = password.toCharArray();
- data.getInstance().unlockKeystore(storePass);
- if(data.getKeys() != null && data.getKeys().length > 0) {
- // if it's unlocked for editing and has keys
- try {
- data.getInstance().unlockPrivateKey(alias, keyPassword.toCharArray());
- } catch (KeystoreIsLocked e) {
- throw new PortletException("Invalid password for keystore", e);
- }
- } else if(data.getInstance().listPrivateKeys(storePass) != null && data.getInstance().listPrivateKeys(storePass).length > 0) {
- // if it's locked for editing but has keys
- response.setRenderParameter("keystore", keystore);
- response.setRenderParameter("password", password);
- return UNLOCK_KEY+BEFORE_ACTION;
- } // otherwise it has no keys
+ try {
+ data.unlockUse(storePass);
+ if(data.getKeys() != null && data.getKeys().length > 0) {
+ // if it's unlocked for editing and has keys
+ data.unlockPrivateKey(alias, keyPassword.toCharArray());
+ } else if (data.getInstance().listPrivateKeys(storePass) != null && data.getInstance().listPrivateKeys(storePass).length > 0) {
+ // if it's locked for editing but has keys
+ response.setRenderParameter("keystore", keystore);
+ response.setRenderParameter("password", password);
+ return UNLOCK_KEY+BEFORE_ACTION;
+ } // otherwise it has no keys
+ } catch (Exception e) {
+ throw new PortletException(e);
+ }
return LIST_MODE+BEFORE_ACTION;
}
}
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java Thu Oct 19 10:57:02 2006
@@ -23,8 +23,6 @@
import java.util.HashMap;
import java.util.List;
import java.util.Map;
-import javax.management.MalformedObjectNameException;
-import javax.management.ObjectName;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
import javax.portlet.PortletConfig;
@@ -41,8 +39,8 @@
import org.apache.geronimo.gbean.AbstractName;
import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
import org.apache.geronimo.kernel.proxy.GeronimoManagedBean;
+import org.apache.geronimo.management.geronimo.KeystoreException;
import org.apache.geronimo.management.geronimo.KeystoreInstance;
-import org.apache.geronimo.management.geronimo.KeystoreIsLocked;
import org.apache.geronimo.management.geronimo.KeystoreManager;
import org.apache.geronimo.management.geronimo.SecureConnector;
import org.apache.geronimo.management.geronimo.WebConnector;
@@ -147,7 +145,7 @@
for (int i = 0; i < keystores.length; i++) {
KeystoreInstance keystore = keystores[i];
if(keystore.getKeystoreName().equals(keyStore)) {
- keys = keystore.getUnlockedKeys();
+ keys = keystore.getUnlockedKeys(null);
}
}
if(keys != null && keys.length == 1) {
@@ -155,8 +153,8 @@
} else {
throw new PortletException("Cannot handle keystores with anything but 1 unlocked private key");
}
- } catch (KeystoreIsLocked locked) {
- throw new PortletException(locked.getMessage());
+ } catch (KeystoreException e) {
+ throw new PortletException(e);
}
String trustStore = actionRequest.getParameter("unlockTrustStore");
if(isValid(trustStore)) {setProperty(secure, "trustStore", trustStore);}
@@ -329,8 +327,8 @@
Map aliases = new HashMap();
for (int i = 0; i < stores.length; i++) {
try {
- aliases.put(stores[i].getKeystoreName(), stores[i].getUnlockedKeys());
- } catch (KeystoreIsLocked locked) {}
+ aliases.put(stores[i].getKeystoreName(), stores[i].getUnlockedKeys(null));
+ } catch (KeystoreException e) {}
}
renderRequest.setAttribute("unlockedKeys", aliases);
}
@@ -381,8 +379,8 @@
Map aliases = new HashMap();
for (int i = 0; i < stores.length; i++) {
try {
- aliases.put(stores[i].getKeystoreName(), stores[i].getUnlockedKeys());
- } catch (KeystoreIsLocked locked) {}
+ aliases.put(stores[i].getKeystoreName(), stores[i].getUnlockedKeys(null));
+ } catch (KeystoreException e) {}
}
renderRequest.setAttribute("unlockedKeys", aliases);
}
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/keystore/index.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/keystore/index.jsp?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/keystore/index.jsp (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/keystore/index.jsp Thu Oct 19 10:57:02 2006
@@ -28,8 +28,8 @@
<tr>
<td>
<c:choose>
- <c:when test="${keystore.locked}">
- ${keystore.instance.keystoreName}
+ <c:when test="${keystore.lockedEdit}">
+ ${keystore.name}
</c:when>
<c:otherwise>
<a href="<portlet:actionURL portletMode="view"><portlet:param name="mode" value="viewKeystore-before" /><portlet:param name="id" value="${keystore.instance.keystoreName}" /></portlet:actionURL>">${keystore.instance.keystoreName}</a>
@@ -38,7 +38,7 @@
</td>
<td>
<c:choose>
- <c:when test="${keystore.locked}">
+ <c:when test="${keystore.lockedEdit}">
<i>Keystore locked</i>
</c:when>
<c:otherwise>
@@ -50,34 +50,34 @@
</td>
<td>
<c:choose>
- <c:when test="${keystore.locked}">
+ <c:when test="${keystore.lockedEdit}">
<a href="<portlet:actionURL portletMode="view">
<portlet:param name="mode" value="unlockEdit-before" />
- <portlet:param name="keystore" value="${keystore.instance.keystoreName}" />
+ <portlet:param name="keystore" value="${keystore.name}" />
</portlet:actionURL>"><img src="<%=consoleServletPath%>/../images/ico_lock_16x16.gif" alt="Locked" /></a>
</c:when>
<c:otherwise>
<a href="<portlet:actionURL portletMode="view">
<portlet:param name="mode" value="lockEdit-before" />
- <portlet:param name="keystore" value="${keystore.instance.keystoreName}" />
+ <portlet:param name="keystore" value="${keystore.name}" />
</portlet:actionURL>"><img src="<%=consoleServletPath%>/../images/ico_unlock3_16x16.gif" alt="Unlocked" /></a>
</c:otherwise>
</c:choose>
</td>
<td>
<c:choose>
- <c:when test="${keystore.instance.keystoreLocked}">
+ <c:when test="${keystore.lockedUse}">
<a href="<portlet:actionURL portletMode="view">
<portlet:param name="mode" value="unlockKeystore-before" />
- <portlet:param name="keystore" value="${keystore.instance.keystoreName}" />
+ <portlet:param name="keystore" value="${keystore.name}" />
</portlet:actionURL>"><img src="<%=consoleServletPath%>/../images/ico_lock_16x16.gif" alt="Locked" /></a>
</c:when>
<c:otherwise>
<a href="<portlet:actionURL portletMode="view">
<portlet:param name="mode" value="lockKeystore-before" />
- <portlet:param name="keystore" value="${keystore.instance.keystoreName}" />
+ <portlet:param name="keystore" value="${keystore.name}" />
</portlet:actionURL> "onClick="return confirm('This keystore is currently in use. Locking it may prevent the server from starting. Continue?');" ><img src="<%=consoleServletPath%>/../images/ico_unlock3_16x16.gif" alt="Unlocked" /></a>
- ${keys[keystore.instance.keystoreName]}
+ ${keys[keystore.name]}
</c:otherwise>
</c:choose>
</td>
@@ -89,4 +89,4 @@
<p>
<a href="<portlet:actionURL portletMode="view"><portlet:param name="mode" value="createKeystore-before" /></portlet:actionURL>">New Keystore</a>
-</p>
\ No newline at end of file
+</p>
Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/keystore/viewKeystore.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/keystore/viewKeystore.jsp?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/keystore/viewKeystore.jsp (original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/keystore/viewKeystore.jsp Thu Oct 19 10:57:02 2006
@@ -15,14 +15,14 @@
<tr>
<td><a href="<portlet:actionURL portletMode="view">
<portlet:param name="mode" value="certificateDetails-before" />
- <portlet:param name="id" value="${keystore.instance.keystoreName}" />
+ <portlet:param name="id" value="${keystore.name}" />
<portlet:param name="alias" value="${alias}" /></portlet:actionURL>">
view
</a>
</td>
<td><a href="<portlet:actionURL portletMode="view">
<portlet:param name="mode" value="certificateDetails-before" />
- <portlet:param name="id" value="${keystore.instance.keystoreName}" />
+ <portlet:param name="id" value="${keystore.name}" />
<portlet:param name="alias" value="${alias}" /></portlet:actionURL>">
${alias}
</a>
@@ -35,14 +35,14 @@
<tr>
<td><a href="<portlet:actionURL portletMode="view">
<portlet:param name="mode" value="certificateDetails-before" />
- <portlet:param name="id" value="${keystore.instance.keystoreName}" />
+ <portlet:param name="id" value="${keystore.name}" />
<portlet:param name="alias" value="${alias}" /></portlet:actionURL>">
view
</a>
</td>
<td><a href="<portlet:actionURL portletMode="view">
<portlet:param name="mode" value="certificateDetails-before" />
- <portlet:param name="id" value="${keystore.instance.keystoreName}" />
+ <portlet:param name="id" value="${keystore.name}" />
<portlet:param name="alias" value="${alias}" /></portlet:actionURL>">
${alias}
</a>
@@ -54,7 +54,7 @@
</table>
<p>
- <a href="<portlet:actionURL portletMode="view"><portlet:param name="mode" value="uploadCertificate-before" /><portlet:param name="id" value="${keystore.instance.keystoreName}" /></portlet:actionURL>">Add Trust Certificate</a>
- <a href="<portlet:actionURL portletMode="view"><portlet:param name="mode" value="configureKey-before" /><portlet:param name="keystore" value="${keystore.instance.keystoreName}" /></portlet:actionURL>">Create Private Key</a>
+ <a href="<portlet:actionURL portletMode="view"><portlet:param name="mode" value="uploadCertificate-before" /><portlet:param name="id" value="${keystore.name}" /></portlet:actionURL>">Add Trust Certificate</a>
+ <a href="<portlet:actionURL portletMode="view"><portlet:param name="mode" value="configureKey-before" /><portlet:param name="keystore" value="${keystore.name}" /></portlet:actionURL>">Create Private Key</a>
<a href="<portlet:actionURL portletMode="view"><portlet:param name="mode" value="list-before" /></portlet:actionURL>">Return to keystore list</a>
</p>
Modified: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyIsLocked.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyIsLocked.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyIsLocked.java (original)
+++ geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyIsLocked.java Thu Oct 19 10:57:02 2006
@@ -22,7 +22,7 @@
*
* @version $Rev$ $Date$
*/
-public class KeyIsLocked extends Exception {
+public class KeyIsLocked extends KeystoreException {
public KeyIsLocked(String message) {
super(message);
}
Added: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyNotFoundException.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyNotFoundException.java?view=auto&rev=465702
==============================================================================
--- geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyNotFoundException.java (added)
+++ geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeyNotFoundException.java Thu Oct 19 10:57:02 2006
@@ -0,0 +1,32 @@
+/**
+ *
+ * Copyright 2006-2007 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.management.geronimo;
+
+/**
+ * Exception indicating that the private key you tried to retrieve does not exist.
+ *
+ * @version $Rev$ $Date$
+ */
+public class KeyNotFoundException extends KeystoreException {
+ public KeyNotFoundException(String message) {
+ super(message);
+ }
+
+ public KeyNotFoundException(String message, Throwable cause) {
+ super(message, cause);
+ }
+}
Added: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreException.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreException.java?view=auto&rev=465702
==============================================================================
--- geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreException.java (added)
+++ geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreException.java Thu Oct 19 10:57:02 2006
@@ -0,0 +1,32 @@
+/**
+ *
+ * Copyright 2006-2007 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.management.geronimo;
+
+/**
+ * Exception indicating that a problem occured accessing the keystore.
+ *
+ * @version $Rev$ $Date$
+ */
+public class KeystoreException extends Exception {
+ public KeystoreException(String message) {
+ super(message);
+ }
+
+ public KeystoreException(String message, Throwable cause) {
+ super(message, cause);
+ }
+}
Modified: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java (original)
+++ geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java Thu Oct 19 10:57:02 2006
@@ -16,10 +16,9 @@
*/
package org.apache.geronimo.management.geronimo;
+import java.security.PrivateKey;
import java.security.cert.Certificate;
-import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableKeyException;
-import java.security.KeyStoreException;
+
import javax.net.ssl.KeyManager;
import javax.net.ssl.TrustManager;
@@ -41,14 +40,14 @@
*
* @return True if the keystore was unlocked successfully
*/
- public boolean unlockKeystore(char[] password);
+ public void unlockKeystore(char[] password) throws KeystoreException;
/**
* Clears any saved password, meaning this keystore cannot be used by other
* server components. You can still query and update it by passing the
* password to other functions,
*/
- public void lockKeystore();
+ public void lockKeystore(char[] password) throws KeystoreException;
/**
* Checks whether this keystore is unlocked, which is to say, available for
@@ -60,9 +59,12 @@
/**
* Gets the aliases of all private key entries in the keystore
*
- * @param storePassword Used to open the keystore.
+ * @param storePassword Used to open the keystore. If null, the
+ * internal password will be used and may
+ * @throws KeystoreIsLocked if a null password was provided and the keystore
+ * is locked, or if a bad password was provided
*/
- public String[] listPrivateKeys(char[] storePassword);
+ public String[] listPrivateKeys(char[] storePassword) throws KeystoreException;
/**
* Saves a password to access a private key. This means that if the
@@ -72,29 +74,32 @@
*
* @param password The password to save.
* @return True if the key was unlocked successfully
+ * @throws KeystoreException
*/
- public boolean unlockPrivateKey(String alias, char[] password) throws KeystoreIsLocked;
+ public void unlockPrivateKey(String alias, char[] storePassword, char[] keyPassword) throws KeystoreException;
/**
* Gets the aliases for all the private keys that are currently unlocked.
* This only works if the keystore is unlocked.
*/
- public String[] getUnlockedKeys() throws KeystoreIsLocked;
+ public String[] getUnlockedKeys(char[] storePassword) throws KeystoreException;
/**
* Checks whether this keystore can be used as a trust store (e.g. has at
* least one trust certificate). This only works if the keystore is
* unlocked.
*/
- public boolean isTrustStore() throws KeystoreIsLocked;
+ public boolean isTrustStore(char[] storePassword) throws KeystoreException;
/**
* Clears any saved password for the specified private key, meaning this
* key cannot be used for a socket factory by other server components.
* You can still query and update it by passing the password to other
* functions,
+ * @param storePassword The password used to access the keystore. Must be non-null.
+ * @throws KeystoreIsLocked
*/
- public void lockPrivateKey(String alias);
+ public void lockPrivateKey(String alias, char[] storePassword) throws KeystoreException;
/**
* Checks whether the specified private key is locked, which is to say,
@@ -106,27 +111,46 @@
/**
* Gets the aliases of all trusted certificate entries in the keystore.
*
- * @param storePassword Used to open the keystore.
+ * @param storePassword Used to open the keystore or null to use the internal password.
+ * @throws KeystoreIsLocked if the keystore coul not be unlocked
*/
- public String[] listTrustCertificates(char[] storePassword);
+ public String[] listTrustCertificates(char[] storePassword) throws KeystoreException;
/**
* Gets a particular certificate from the keystore. This may be a trust
* certificate or the certificate corresponding to a particular private
* key.
* @param alias The certificate to look at
- * @param storePassword The password to use to access the keystore
+ * @param storePassword Used to open the keystore or null to use the internal password.
+ * @throws KeystoreException
*/
- public Certificate getCertificate(String alias, char[] storePassword);
+ public Certificate getCertificate(String alias, char[] storePassword) throws KeystoreException;
+
+ /**
+ * Gets a particular certificate chain from the keystore.
+ * @param alias The certificate chain to look at
+ * @param storePassword Used to open the keystore or null to use the internal password.
+ * @throws KeystoreIsLocked if the keystore coul not be unlocked
+ */
+ public Certificate[] getCertificateChain(String alias, char[] storePassword) throws KeystoreException;
+
+ /**
+ * Gets the alias corresponding to the given certificate.
+ * @param alias The certificate used to retrieve the alias
+ * @param storePassword Used to open the keystore or null to use the internal password.
+ * @throws KeystoreIsLocked if the keystore coul not be unlocked
+ */
+ public String getCertificateAlias(Certificate cert, char[] storePassword) throws KeystoreException;
/**
* Adds a certificate to this keystore as a trusted certificate.
* @param cert The certificate to add
* @param alias The alias to list the certificate under
- * @param storePassword The password for the keystore
+ * @param storePassword Used to open the keystore. Must be non null
* @return True if the certificate was imported successfully
+ * @throws KeystoreException
*/
- public boolean importTrustCertificate(Certificate cert, String alias, char[] storePassword);
+ public void importTrustCertificate(Certificate cert, String alias, char[] storePassword) throws KeystoreException;
/**
* Generates a new private key and certificate pair in this keystore.
@@ -144,10 +168,11 @@
* @param state The ST portion of the identity on the certificate
* @param country The C portion of the identity on the certificate
* @return True if the key was generated successfully
+ * @throws KeystoreException
*/
- public boolean generateKeyPair(String alias, char[] storePassword, char[] keyPassword, String keyAlgorithm, int keySize,
+ public void generateKeyPair(String alias, char[] storePassword, char[] keyPassword, String keyAlgorithm, int keySize,
String signatureAlgorithm, int validity, String commonName, String orgUnit,
- String organization, String locality, String state, String country);
+ String organization, String locality, String state, String country) throws KeystoreException;
/**
@@ -156,25 +181,38 @@
* allowing other components in the server to access them.
* @param algorithm The SSL algorithm to use for this key manager
* @param alias The alias of the key to use in the keystore
+ * @param storePassword The password used to access the keystore
*/
- public KeyManager[] getKeyManager(String algorithm, String alias) throws NoSuchAlgorithmException,
- UnrecoverableKeyException, KeyStoreException, KeystoreIsLocked;
+ public KeyManager[] getKeyManager(String algorithm, String alias, char[] storePassword) throws KeystoreException;
/**
* Gets a TrustManager for this keystore. This only works if the keystore
* has been unlocked, allowing other components in the server to access it.
* @param algorithm The SSL algorithm to use for this trust manager
+ * @param storePassword The password used to access the keystore
*/
- public TrustManager[] getTrustManager(String algorithm) throws KeyStoreException, NoSuchAlgorithmException, KeystoreIsLocked;
+ public TrustManager[] getTrustManager(String algorithm, char[] storePassword) throws KeystoreException;
- public String generateCSR(String alias);
+ public String generateCSR(String alias, char[] storePassword) throws KeystoreException;
- public void importPKCS7Certificate(String alias, String certbuf)
- throws java.security.cert.CertificateException,
- java.security.NoSuchProviderException,
- java.security.KeyStoreException,
- java.security.NoSuchAlgorithmException,
- java.security.UnrecoverableKeyException, java.io.IOException;
-
- public void deleteEntry(String alias);
+ public void importPKCS7Certificate(String alias, String certbuf, char[] storePassword) throws KeystoreException;
+
+ /**
+ * Deletes a key from this Keystore.
+ * @param alias the alias to delete
+ * @param storePassword The password used to access the keystore
+ * @return True if the key was deleted successfully
+ * @throws KeystoreException
+ */
+ public void deleteEntry(String alias, char[] storePassword) throws KeystoreException;
+
+
+ /**
+ * Gets the private key with the specified alias.
+ * @param alias The alias of the private key to be retrieved
+ * @param storePassword The password used to access the keystore
+ * @param keyPassword The password to use to protect the new key
+ * @return PrivateKey with the alias specified
+ */
+ public PrivateKey getPrivateKey(String alias, char[] storePassword, char[] keyPassword) throws KeystoreException;
}
Modified: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreIsLocked.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreIsLocked.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreIsLocked.java (original)
+++ geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreIsLocked.java Thu Oct 19 10:57:02 2006
@@ -22,7 +22,7 @@
*
* @version $Rev$ $Date$
*/
-public class KeystoreIsLocked extends Exception {
+public class KeystoreIsLocked extends KeystoreException {
public KeystoreIsLocked(String message) {
super(message);
}
Modified: geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreManager.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreManager.java?view=diff&rev=465702&r1=465701&r2=465702
==============================================================================
--- geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreManager.java (original)
+++ geronimo/server/trunk/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreManager.java Thu Oct 19 10:57:02 2006
@@ -16,13 +16,6 @@
*/
package org.apache.geronimo.management.geronimo;
-import java.security.NoSuchAlgorithmException;
-import java.security.UnrecoverableKeyException;
-import java.security.KeyStoreException;
-import java.security.KeyManagementException;
-import java.security.NoSuchProviderException;
-import javax.net.ServerSocketFactory;
-import javax.net.SocketFactory;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocketFactory;
@@ -64,7 +57,7 @@
*/
public SSLServerSocketFactory createSSLServerFactory(String provider, String protocol, String algorithm,
String keyStore, String keyAlias, String trustStore, ClassLoader loader)
- throws KeystoreIsLocked, KeyIsLocked, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException, NoSuchProviderException;
+ throws KeystoreException;
/**
@@ -91,7 +84,7 @@
*/
public SSLSocketFactory createSSLFactory(String provider, String protocol, String algorithm,
String keyStore, String keyAlias, String trustStore, ClassLoader loader)
- throws KeystoreIsLocked, KeyIsLocked, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException, NoSuchProviderException;
+ throws KeystoreException;
/**
@@ -113,7 +106,7 @@
*/
public SSLSocketFactory createSSLFactory(String provider, String protocol, String algorithm,
String trustStore, ClassLoader loader)
- throws KeystoreIsLocked, KeyIsLocked, NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, KeyManagementException, NoSuchProviderException;
+ throws KeystoreException;
/**
* Creates a new, empty keystore. The name should be a valid file name
@@ -122,7 +115,7 @@
* @param name The name of the keystore to create
* @param password The password to use to protect the new keystore
*/
- public KeystoreInstance createKeystore(String name, char[] password);
+ public KeystoreInstance createKeystore(String name, char[] password) throws KeystoreException;
/**
* Gets the aliases for any keystores that are available to be used as