You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by am...@apache.org on 2006/05/24 20:33:27 UTC
svn commit: r409223 - in /geronimo/trunk:
applications/console-standard/src/java/org/apache/geronimo/console/keystores/
applications/console-standard/src/java/org/apache/geronimo/console/webmanager/
applications/console-standard/src/webapp/WEB-INF/view...
Author: ammulder
Date: Wed May 24 11:33:25 2006
New Revision: 409223
URL: http://svn.apache.org/viewvc?rev=409223&view=rev
Log:
Merge fix for GERONIMO-2049, GERONIMO-2050, GERONIMO-2051, GERONIMO-2052
Modified:
geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java
geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/ListHandler.java
geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/UnlockKeystoreHandler.java
geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java
geronimo/trunk/applications/console-standard/src/webapp/WEB-INF/view/webmanager/connector/editHTTPS.jsp
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
Modified: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java
URL: http://svn.apache.org/viewvc/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java?rev=409223&r1=409222&r2=409223&view=diff
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java (original)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java Wed May 24 11:33:25 2006
@@ -17,13 +17,19 @@
package org.apache.geronimo.console.keystores;
import java.io.IOException;
+import java.util.Map;
+import java.util.HashMap;
import javax.portlet.ActionRequest;
import javax.portlet.ActionResponse;
import javax.portlet.PortletException;
import javax.portlet.RenderRequest;
import javax.portlet.RenderResponse;
+import javax.portlet.PortletSession;
import org.apache.geronimo.console.MultiPageModel;
import org.apache.geronimo.console.util.PortletManager;
+import org.apache.geronimo.gbean.AbstractName;
+import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
+import org.apache.geronimo.management.geronimo.KeystoreInstance;
/**
* Handler for entering a password to unlock a keystore
@@ -54,7 +60,15 @@
response.setRenderParameter("filename", filename);
return getMode();
}
- PortletManager.getCurrentServer(request).getKeystoreManager().createKeystore(filename, password.toCharArray());
+ KeystoreInstance instance = PortletManager.getCurrentServer(request).getKeystoreManager().createKeystore(filename, password.toCharArray());
+ PortletSession session = request.getPortletSession(true);
+ KeystoreData data = new KeystoreData();
+ data.setInstance(instance);
+ session.setAttribute(KEYSTORE_DATA_PREFIX+filename, data);
+ char[] cpw = password.toCharArray();
+ data.setPassword(cpw);
+ data.setCertificates(data.getInstance().listTrustCertificates(cpw));
+ data.setKeys(data.getInstance().listPrivateKeys(cpw));
return LIST_MODE+BEFORE_ACTION;
}
Modified: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/ListHandler.java
URL: http://svn.apache.org/viewvc/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/ListHandler.java?rev=409223&r1=409222&r2=409223&view=diff
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/ListHandler.java (original)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/ListHandler.java Wed May 24 11:33:25 2006
@@ -69,7 +69,7 @@
if(all.length > 0) {
keys.put(data.getInstance().getKeystoreName(), all.length+" key"+(all.length > 1 ? "s" : "")+" ready");
} else {
- keys.put(data.getInstance().getKeystoreName(), "NO KEYS READY");
+ keys.put(data.getInstance().getKeystoreName(), "trust store only");
}
} catch (KeystoreIsLocked locked) {}
}
Modified: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/UnlockKeystoreHandler.java
URL: http://svn.apache.org/viewvc/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/UnlockKeystoreHandler.java?rev=409223&r1=409222&r2=409223&view=diff
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/UnlockKeystoreHandler.java (original)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/keystores/UnlockKeystoreHandler.java Wed May 24 11:33:25 2006
@@ -67,16 +67,18 @@
char[] storePass = password.toCharArray();
data.getInstance().unlockKeystore(storePass);
if(data.getKeys() != null && data.getKeys().length > 0) {
+ // if it's unlocked for editing and has keys
try {
data.getInstance().unlockPrivateKey(alias, keyPassword.toCharArray());
} catch (KeystoreIsLocked e) {
throw new PortletException("Invalid password for keystore", e);
}
- } else {
+ } else if(data.getInstance().listPrivateKeys(storePass) != null && data.getInstance().listPrivateKeys(storePass).length > 0) {
+ // if it's locked for editing but has keys
response.setRenderParameter("keystore", keystore);
response.setRenderParameter("password", password);
return UNLOCK_KEY+BEFORE_ACTION;
- }
+ } // otherwise it has no keys
return LIST_MODE+BEFORE_ACTION;
}
}
Modified: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java
URL: http://svn.apache.org/viewvc/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java?rev=409223&r1=409222&r2=409223&view=diff
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java (original)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java Wed May 24 11:33:25 2006
@@ -359,6 +359,26 @@
if(server.equals(WEB_SERVER_JETTY)) {
int minThreads = ((Number)getProperty(connector, "minThreads")).intValue();
renderRequest.setAttribute("minThreads", String.valueOf(minThreads));
+ KeystoreManager mgr = PortletManager.getCurrentServer(renderRequest).getKeystoreManager();
+ KeystoreInstance[] stores = mgr.getUnlockedKeyStores();
+ String[] storeNames = new String[stores.length];
+ for (int i = 0; i < storeNames.length; i++) {
+ storeNames[i] = stores[i].getKeystoreName();
+ }
+ renderRequest.setAttribute("keyStores", storeNames);
+ KeystoreInstance[] trusts = mgr.getUnlockedTrustStores();
+ String[] trustNames = new String[trusts.length];
+ for (int i = 0; i < trustNames.length; i++) {
+ trustNames[i] = trusts[i].getKeystoreName();
+ }
+ renderRequest.setAttribute("trustStores", trustNames);
+ Map aliases = new HashMap();
+ for (int i = 0; i < stores.length; i++) {
+ try {
+ aliases.put(stores[i].getKeystoreName(), stores[i].getUnlockedKeys());
+ } catch (KeystoreIsLocked locked) {}
+ }
+ renderRequest.setAttribute("unlockedKeys", aliases);
}
else if (server.equals(WEB_SERVER_TOMCAT)) {
//todo: Any Tomcat specific processing?
Modified: geronimo/trunk/applications/console-standard/src/webapp/WEB-INF/view/webmanager/connector/editHTTPS.jsp
URL: http://svn.apache.org/viewvc/geronimo/trunk/applications/console-standard/src/webapp/WEB-INF/view/webmanager/connector/editHTTPS.jsp?rev=409223&r1=409222&r2=409223&view=diff
==============================================================================
--- geronimo/trunk/applications/console-standard/src/webapp/WEB-INF/view/webmanager/connector/editHTTPS.jsp (original)
+++ geronimo/trunk/applications/console-standard/src/webapp/WEB-INF/view/webmanager/connector/editHTTPS.jsp Wed May 24 11:33:25 2006
@@ -120,7 +120,8 @@
</tr>
<tr>
<td><div align="right"></div></td>
- <td>The keystore to use for accessing the server's private key</td>
+ <td>The keystore containing the trusted certificate entries, including
+ Certification Authority (CA) certificates</td>
</tr>
</c:if>
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
URL: http://svn.apache.org/viewvc/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java?rev=409223&r1=409222&r2=409223&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java Wed May 24 11:33:25 2006
@@ -126,12 +126,26 @@
public boolean unlockKeystore(char[] password) {
//todo: test whether password is correct and if not return false
- keystorePassword = password;
+ try {
+ kernel.setAttribute(abstractName, "keystorePassword", password == null ? null : new String(password));
+ } catch (Exception e) {
+ throw (IllegalStateException)new IllegalStateException("Unable to set attribute keystorePassword on myself!").initCause(e);
+ }
return true;
}
+ public void setKeystorePassword(String password) {
+ keystorePassword = password == null ? null : password.toCharArray();
+ }
+
public void lockKeystore() {
- keystorePassword = null;
+ try {
+ kernel.setAttribute(abstractName, "keystorePassword", null);
+ keyPasswords.clear();
+ storePasswords();
+ } catch (Exception e) {
+ throw (IllegalStateException)new IllegalStateException("Unable to set attribute keystorePassword on myself!").initCause(e);
+ }
}
public boolean isKeystoreLocked() {
@@ -178,8 +192,8 @@
}
public void lockPrivateKey(String alias) {
- storePasswords();
keyPasswords.remove(alias);
+ storePasswords();
}
private void storePasswords() {
@@ -192,7 +206,7 @@
buf.append(entry.getKey()).append("=").append(entry.getValue());
}
try {
- kernel.setAttribute(abstractName, "keyPasswords", buf.toString());
+ kernel.setAttribute(abstractName, "keyPasswords", buf.length() == 0 ? null : buf.toString());
} catch (Exception e) {
log.error("Unable to save key passwords in keystore '"+keystoreName+"'", e);
}