You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ga...@apache.org on 2010/05/24 16:53:17 UTC
svn commit: r947660 - in
/geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli:
DeployUtils.java OnlineServerConnection.java StopServer.java
Author: gawor
Date: Mon May 24 14:53:17 2010
New Revision: 947660
URL: http://svn.apache.org/viewvc?rev=947660&view=rev
Log:
GERONIMO-5335: Ensure EncryptionManager.decrypt() is called with the right context classloader. Also reduce code duplication in deployer and shutdown tools
Modified:
geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/DeployUtils.java
geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/OnlineServerConnection.java
geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/StopServer.java
Modified: geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/DeployUtils.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/DeployUtils.java?rev=947660&r1=947659&r2=947660&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/DeployUtils.java (original)
+++ geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/DeployUtils.java Mon May 24 14:53:17 2010
@@ -28,6 +28,7 @@ import java.io.Serializable;
import java.io.StringReader;
import java.util.Properties;
+import org.apache.geronimo.common.DeploymentException;
import org.apache.geronimo.crypto.EncryptionManager;
import org.apache.geronimo.deployment.plugin.ConfigIDExtractor;
@@ -40,6 +41,19 @@ public class DeployUtils extends ConfigI
private final static String DEFAULT_URI = "deployer:geronimo:jmx";
private final static String DEFAULT_SECURE_URI = "deployer:geronimo:jmxs";
+
+
+ private static final String KEYSTORE_TRUSTSTORE_PASSWORD_FILE =
+ "org.apache.geronimo.keyStoreTrustStorePasswordFile";
+
+ private static final String DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION =
+ "/var/security/keystores/geronimo-default";
+
+ private static final String GERONIMO_HOME =
+ "org.apache.geronimo.home.dir";
+
+ private static final String DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE =
+ System.getProperty(GERONIMO_HOME) + "/var/config/config-substitutions.properties";
/**
* Split up an output line so it indents at beginning and end (to fit in a
@@ -217,4 +231,25 @@ public class DeployUtils extends ConfigI
}
}
+ public static void setSecurityProperties() throws DeploymentException {
+ try {
+ Properties props = new Properties();
+ FileInputStream fstream = new FileInputStream(System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE, DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE));
+ props.load(fstream);
+ fstream.close();
+
+ String keyStorePassword = (String) EncryptionManager.decrypt(props.getProperty("keyStorePassword"));
+ String trustStorePassword = (String) EncryptionManager.decrypt(props.getProperty("trustStorePassword"));
+
+ String keyStore = System.getProperty("javax.net.ssl.keyStore", System.getProperty(GERONIMO_HOME) + DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION);
+ String trustStore = System.getProperty("javax.net.ssl.trustStore", System.getProperty(GERONIMO_HOME) + DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION);
+
+ System.setProperty("javax.net.ssl.keyStore", keyStore);
+ System.setProperty("javax.net.ssl.trustStore", trustStore);
+ System.setProperty("javax.net.ssl.keyStorePassword", keyStorePassword);
+ System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
+ } catch (IOException e) {
+ throw new DeploymentException("Unable to set KeyStorePassword and TrustStorePassword.", e);
+ }
+ }
}
Modified: geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/OnlineServerConnection.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/OnlineServerConnection.java?rev=947660&r1=947659&r2=947660&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/OnlineServerConnection.java (original)
+++ geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/OnlineServerConnection.java Mon May 24 14:53:17 2010
@@ -18,9 +18,7 @@
package org.apache.geronimo.deployment.cli;
import java.io.File;
-import java.io.FileInputStream;
import java.io.IOException;
-import java.util.Properties;
import java.util.jar.JarFile;
import javax.enterprise.deploy.shared.factories.DeploymentFactoryManager;
@@ -29,7 +27,6 @@ import javax.enterprise.deploy.spi.facto
import org.apache.geronimo.cli.deployer.ConnectionParams;
import org.apache.geronimo.common.DeploymentException;
-import org.apache.geronimo.crypto.EncryptionManager;
import org.apache.geronimo.deployment.cli.DeployUtils.SavedAuthentication;
import org.apache.geronimo.deployment.plugin.factories.AuthenticationFailedException;
import org.apache.geronimo.deployment.plugin.jmx.JMXDeploymentManager;
@@ -51,14 +48,6 @@ public class OnlineServerConnection exte
private boolean verboseMessages;
- String KEYSTORE_TRUSTSTORE_PASSWORD_FILE = "org.apache.geronimo.keyStoreTrustStorePasswordFile";
-
- String DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION = "/var/security/keystores/geronimo-default";
-
- String GERONIMO_HOME = "org.apache.geronimo.home.dir";
-
- String DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE = System.getProperty(GERONIMO_HOME) + "/var/config/config-substitutions.properties";
-
public OnlineServerConnection(ConnectionParams params, ConsoleReader consoleReader, DeploymentFactory geronimoDeploymentFactory) throws DeploymentException {
this(params, new DefaultUserPasswordHandler(consoleReader), geronimoDeploymentFactory);
}
@@ -118,24 +107,7 @@ public class OnlineServerConnection exte
}
}
if (secure) {
- try {
- Properties props = new Properties();
- String keyStorePassword = null;
- String trustStorePassword = null;
- FileInputStream fstream = new FileInputStream(System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE, DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE));
- props.load(fstream);
- keyStorePassword = (String) EncryptionManager.decrypt(props.getProperty("keyStorePassword"));
- trustStorePassword = (String) EncryptionManager.decrypt(props.getProperty("trustStorePassword"));
- fstream.close();
- String value = System.getProperty("javax.net.ssl.keyStore", System.getProperty(GERONIMO_HOME) + DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION);
- String value1 = System.getProperty("javax.net.ssl.trustStore", System.getProperty(GERONIMO_HOME) + DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION);
- System.setProperty("javax.net.ssl.keyStore", value);
- System.setProperty("javax.net.ssl.trustStore", value1);
- System.setProperty("javax.net.ssl.keyStorePassword", keyStorePassword);
- System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
- } catch (IOException e) {
- throw new DeploymentException("Unable to set KeyStorePassword and TrustStorePassword.", e);
- }
+ DeployUtils.setSecurityProperties();
}
if (user == null || password == null) {
try {
Modified: geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/StopServer.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/StopServer.java?rev=947660&r1=947659&r2=947660&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/StopServer.java (original)
+++ geronimo/server/trunk/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/StopServer.java Mon May 24 14:53:17 2010
@@ -17,11 +17,9 @@
package org.apache.geronimo.deployment.cli;
-import java.io.FileInputStream;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
-import java.util.Properties;
import java.util.Set;
import javax.management.MBeanServerConnection;
@@ -33,7 +31,7 @@ import javax.management.remote.rmi.RMICo
import javax.rmi.ssl.SslRMIClientSocketFactory;
import org.apache.geronimo.cli.shutdown.ShutdownCLParser;
-import org.apache.geronimo.crypto.EncryptionManager;
+import org.apache.geronimo.common.DeploymentException;
import org.apache.geronimo.deployment.cli.DeployUtils.SavedAuthentication;
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoBuilder;
@@ -55,12 +53,6 @@ public class StopServer implements Main
private final Bundle bundle;
- String KEYSTORE_TRUSTSTORE_PASSWORD_FILE = "org.apache.geronimo.keyStoreTrustStorePasswordFile";
- String DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION = "/var/security/keystores/geronimo-default";
- String GERONIMO_HOME = "org.apache.geronimo.home.dir";
- String DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE = System.getProperty(GERONIMO_HOME)
- + "/var/config/config-substitutions.properties";
-
public StopServer(Bundle bundle) {
this.bundle = bundle;
}
@@ -83,38 +75,13 @@ public class StopServer implements Main
secure = parser.isSecure();
- if(secure){
-
- try {
- Properties props = new Properties();
-
- String keyStorePassword = null;
- String trustStorePassword = null;
-
- FileInputStream fstream = new FileInputStream(System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE,
- DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE));
- props.load(fstream);
-
- keyStorePassword = (String) EncryptionManager.decrypt(props.getProperty("keyStorePassword"));
- trustStorePassword = (String) EncryptionManager.decrypt(props.getProperty("trustStorePassword"));
-
- fstream.close();
-
- String value = System.getProperty("javax.net.ssl.keyStore", System.getProperty(GERONIMO_HOME)
- + DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION);
- String value1 = System.getProperty("javax.net.ssl.trustStore", System.getProperty(GERONIMO_HOME)
- + DEFAULT_TRUSTSTORE_KEYSTORE_LOCATION);
- System.setProperty("javax.net.ssl.keyStore", value);
- System.setProperty("javax.net.ssl.trustStore", value1);
- System.setProperty("javax.net.ssl.keyStorePassword", keyStorePassword);
- System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
- }
-
- catch (IOException e) {
- System.out.println("Unable to set KeyStorePassword and TrustStorePassword");
- e.printStackTrace();
+ if (secure) {
+ try {
+ DeployUtils.setSecurityProperties();
+ } catch (DeploymentException e) {
+ System.err.println(e.getMessage());
+ return 1;
}
-
}
user = parser.getUser();
@@ -123,7 +90,9 @@ public class StopServer implements Main
if (user == null && password == null) {
String uri = DeployUtils.getConnectionURI(host, port, secure);
- try {
+ ClassLoader oldCL = Thread.currentThread().getContextClassLoader();
+ Thread.currentThread().setContextClassLoader(DeployUtils.class.getClassLoader());
+ try {
SavedAuthentication savedAuthentication = DeployUtils.readSavedCredentials(uri);
if (savedAuthentication != null) {
user = savedAuthentication.getUser();
@@ -131,6 +100,8 @@ public class StopServer implements Main
}
} catch (IOException e) {
System.out.println("Warning: " + e.getMessage());
+ } finally {
+ Thread.currentThread().setContextClassLoader(oldCL);
}
}