You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by ja...@apache.org on 2007/04/12 05:12:57 UTC
svn commit: r527755 - in /ofbiz/trunk/framework:
shark/webapp/shark/WEB-INF/controller.xml
webapp/src/org/ofbiz/webapp/control/RequestHandler.java
webapp/src/org/ofbiz/webapp/control/RequestManager.java
webtools/webapp/webtools/WEB-INF/controller.xml
Author: jaz
Date: Wed Apr 11 20:12:56 2007
New Revision: 527755
URL: http://svn.apache.org/viewvc?view=rev&rev=527755
Log:
fixed bug in x509 code where the ofbiz default trust store failed to load (bad protocol)
Modified:
ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java
ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml
Modified: ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml?view=diff&rev=527755&r1=527754&r2=527755
==============================================================================
--- ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml (original)
+++ ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml Wed Apr 11 20:12:56 2007
@@ -38,7 +38,7 @@
<preprocessor>
<!-- Events to run on every request before security (chains exempt) -->
- <!-- <event type="java" path="org.ofbiz.webapp.event.TestEvent" invoke="test"/> -->
+ <event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="check509CertLogin"/>
<event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="checkExternalLoginKey"/>
</preprocessor>
<postprocessor>
Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java?view=diff&rev=527755&r1=527754&r2=527755
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java Wed Apr 11 20:12:56 2007
@@ -141,6 +141,9 @@
if (clientCerts == null) {
clientCerts = (X509Certificate[]) request.getAttribute("javax.net.ssl.peer_certificates"); // 2.1 spec
}
+ if (clientCerts == null) {
+ Debug.logWarning("Received no client certificates from browser", module);
+ }
// check if the client has a valid certificate (in our db store)
String keyStorePass = requestManager.get509CertKeyStorePass(requestUri);
@@ -150,9 +153,6 @@
if (clientCerts == null) {
throw new RequestHandlerException("Unknown request [" + requestUri + "]; this request does not exist or cannot be called directly.");
} else {
- // key the trust store info
-
-
// load the trust store
KeyStore keyStore;
try {
@@ -181,12 +181,10 @@
throw new RequestHandlerException("Unable to read certificate from keystore", e);
}
- for (int i = 0; i < clientCerts.length; i++) {
- if (!foundValidCert && trustedCert.equals(clientCerts[i])) {
- byte[] publicKey = clientCerts[i].getPublicKey().getEncoded();
- session.setAttribute(LoginWorker.X509_CERT_ATTR, StringUtil.toHexString(publicKey));
- //Debug.log("Cert Hex: " + session.getAttribute(LoginWorker.X509_CERT_ATTR));
+ for (int ci = 0; ci < clientCerts.length; ci++) {
+ if (!foundValidCert && trustedCert.equals(clientCerts[ci])) {
foundValidCert = true;
+ break;
}
}
}
Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java?view=diff&rev=527755&r1=527754&r2=527755
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java Wed Apr 11 20:12:56 2007
@@ -316,7 +316,7 @@
}
public URL get509CertKeyStore(String uriStr) {
- String defaultTrustStore = KeyStoreUtil.getTrustStoreFileName();
+ String defaultTrustStore = "file://" + KeyStoreUtil.getTrustStoreFileName();
Map uri = getRequestMapMap(uriStr);
if (uri != null) {
@@ -353,7 +353,7 @@
if (uri != null) {
String value = (String) uri.get(ConfigXMLReader.SECURITY_KEYSTORE);
- if (value.indexOf(";") > -1) {
+ if (value != null && value.indexOf(";") > -1) {
return value.substring(value.indexOf(";") + 1);
}
}
Modified: ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml?view=diff&rev=527755&r1=527754&r2=527755
==============================================================================
--- ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml (original)
+++ ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml Wed Apr 11 20:12:56 2007
@@ -41,6 +41,7 @@
<preprocessor>
<!-- Events to run on every request before security (chains exempt) -->
<!-- <event type="java" path="org.ofbiz.webapp.event.TestEvent" invoke="test"/> -->
+ <event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="check509CertLogin"/>
<event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="checkExternalLoginKey"/>
</preprocessor>
<postprocessor>