You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by sm...@apache.org on 2015/03/05 20:36:32 UTC
[10/17] airavata git commit: Reorganizing credential store to create
a light weight stubs artifact - AIRAVATA-1621
http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store-service/pom.xml
----------------------------------------------------------------------
diff --git a/modules/credential-store-service/pom.xml b/modules/credential-store-service/pom.xml
deleted file mode 100644
index efc075f..0000000
--- a/modules/credential-store-service/pom.xml
+++ /dev/null
@@ -1,42 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!--Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under
- the Apache License, Version 2.0 (theÏ "License"); you may not use this file except in compliance with the License. You may
- obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to
- in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
- ANY ~ KIND, either express or implied. See the License for the specific language governing permissions and limitations under
- the License. -->
-
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-
- <parent>
- <groupId>org.apache.airavata</groupId>
- <artifactId>airavata</artifactId>
- <version>0.15-SNAPSHOT</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <modelVersion>4.0.0</modelVersion>
- <artifactId>airavata-credential-store-service</artifactId>
- <packaging>pom</packaging>
- <name>Airavata Credential Store Service</name>
- <url>http://airavata.apache.org/</url>
-
- <profiles>
- <profile>
- <id>default</id>
- <activation>
- <activeByDefault>true</activeByDefault>
- </activation>
- <modules>
- <module>credential-store</module>
- <module>credential-store-webapp</module>
- </modules>
- </profile>
- </profiles>
- <properties>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
- </properties>
-</project>
http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-service/pom.xml
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-service/pom.xml b/modules/credential-store/credential-store-service/pom.xml
new file mode 100644
index 0000000..d8af25f
--- /dev/null
+++ b/modules/credential-store/credential-store-service/pom.xml
@@ -0,0 +1,154 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<!--Licensed to the Apache Software Foundation (ASF) under one or more contributor
+ license agreements. See the NOTICE file distributed with this work for additional
+ information regarding copyright ownership. The ASF licenses this file to
+ you under the Apache License, Version 2.0 (theÏ "License"); you may not use
+ this file except in compliance with the License. You may obtain a copy of
+ the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required
+ by applicable law or agreed to in writing, software distributed under the
+ License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
+ OF ANY ~ KIND, either express or implied. See the License for the specific
+ language governing permissions and limitations under the License. -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+ <parent>
+ <groupId>org.apache.airavata</groupId>
+ <artifactId>airavata</artifactId>
+ <version>0.15-SNAPSHOT</version>
+ <relativePath>../../../pom.xml</relativePath>
+ </parent>
+
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>airavata-credential-store</artifactId>
+ <name>Airavata Credential Store</name>
+ <description>Module to manage credentials</description>
+
+ <dependencies>
+ <dependency>
+ <groupId>edu.uiuc.ncsa.myproxy</groupId>
+ <artifactId>oa4mp-client-api</artifactId>
+ <version>${oa4mp.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>edu.uiuc.ncsa.myproxy</groupId>
+ <artifactId>oa4mp-client-loader-oauth1</artifactId>
+ <version>${oa4mp.version}</version>
+ <exclusions>
+ <exclusion>
+ <groupId>net.oauth.core</groupId>
+ <artifactId>oauth-httpclient4</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>net.oauth.core</groupId>
+ <artifactId>oauth-consumer</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>mysql</groupId>
+ <artifactId>mysql-connector-java</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>postgresql</groupId>
+ <artifactId>postgresql</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>junit</groupId>
+ <artifactId>junit</artifactId>
+ <version>4.7</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.derby</groupId>
+ <artifactId>derby</artifactId>
+ <version>${derby.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.derby</groupId>
+ <artifactId>derbyclient</artifactId>
+ <version>${derby.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.derby</groupId>
+ <artifactId>derbynet</artifactId>
+ <version>${derby.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.derby</groupId>
+ <artifactId>derbytools</artifactId>
+ <version>${derby.version}</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>commons-dbcp</groupId>
+ <artifactId>commons-dbcp</artifactId>
+ <version>1.4</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.airavata</groupId>
+ <artifactId>airavata-common-utils</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>com.jcraft</groupId>
+ <artifactId>jsch</artifactId>
+ <version>0.1.50</version>
+ </dependency>
+ <dependency>
+ <groupId>javax.servlet</groupId>
+ <artifactId>servlet-api</artifactId>
+ <version>2.5</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-email</artifactId>
+ <version>1.3.2</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-io</artifactId>
+ <version>1.3.2</version>
+ </dependency>
+ </dependencies>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-surefire-plugin</artifactId>
+ <version>${surefire.version}</version>
+ <inherited>true</inherited>
+ <configuration>
+ <systemPropertyVariables>
+ <credential.module.directory>${basedir}</credential.module.directory>
+ </systemPropertyVariables>
+ <excludes>
+ <exclude>**/DAOBaseTestCase.java</exclude>
+ <exclude>**/MappingDAOTest.java</exclude>
+ </excludes>
+ <testSourceDirectory>${basedir}\src\test\java\</testSourceDirectory>
+ </configuration>
+ </plugin>
+
+ </plugins>
+ <testSourceDirectory>${project.basedir}/src/test/java</testSourceDirectory>
+ <testOutputDirectory>${project.build.directory}/test-classes</testOutputDirectory>
+ <testResources>
+ <testResource>
+ <directory>${project.basedir}/src/test/resources</directory>
+ </testResource>
+ </testResources>
+ </build>
+</project>
http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-service/scripts/credential-store-h2.sql
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-service/scripts/credential-store-h2.sql b/modules/credential-store/credential-store-service/scripts/credential-store-h2.sql
new file mode 100644
index 0000000..91915b6
--- /dev/null
+++ b/modules/credential-store/credential-store-service/scripts/credential-store-h2.sql
@@ -0,0 +1,42 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+CREATE TABLE COMMUNITY_USER
+(
+ GATEWAY_NAME VARCHAR(256) NOT NULL,
+ COMMUNITY_USER_NAME VARCHAR(256) NOT NULL,
+ COMMUNITY_USER_EMAIL VARCHAR(256) NOT NULL,
+ PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME)
+);
+
+
+CREATE TABLE CREDENTIALS
+(
+ GATEWAY_NAME VARCHAR(256) NOT NULL,
+ COMMUNITY_USER_NAME VARCHAR(256) NOT NULL,
+ CREDENTIAL CLOB NOT NULL,
+ PRIVATE_KEY CLOB NOT NULL,
+ NOT_BEFORE VARCHAR(256) NOT NULL,
+ NOT_AFTER VARCHAR(256) NOT NULL,
+ LIFETIME MEDIUMINT NOT NULL,
+ REQUESTING_PORTAL_USER_NAME VARCHAR(256) NOT NULL,
+ REQUESTED_TIME TIMESTAMP DEFAULT '0000-00-00 00:00:00',
+ PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME)
+);
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-service/scripts/credential-store-mysql.sql
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-service/scripts/credential-store-mysql.sql b/modules/credential-store/credential-store-service/scripts/credential-store-mysql.sql
new file mode 100644
index 0000000..50d5e0f
--- /dev/null
+++ b/modules/credential-store/credential-store-service/scripts/credential-store-mysql.sql
@@ -0,0 +1,42 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+CREATE TABLE COMMUNITY_USER
+(
+ GATEWAY_NAME VARCHAR(256) NOT NULL,
+ COMMUNITY_USER_NAME VARCHAR(256) NOT NULL,
+ COMMUNITY_USER_EMAIL VARCHAR(256) NOT NULL,
+ PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME)
+);
+
+
+CREATE TABLE CREDENTIALS
+(
+ GATEWAY_NAME VARCHAR(256) NOT NULL,
+ COMMUNITY_USER_NAME VARCHAR(256) NOT NULL,
+ CREDENTIAL TEXT NOT NULL,
+ PRIVATE_KEY TEXT NOT NULL,
+ NOT_BEFORE VARCHAR(256) NOT NULL,
+ NOT_AFTER VARCHAR(256) NOT NULL,
+ LIFETIME MEDIUMINT NOT NULL,
+ REQUESTING_PORTAL_USER_NAME VARCHAR(256) NOT NULL,
+ REQUESTED_TIME TIMESTAMP DEFAULT '0000-00-00 00:00:00',
+ PRIMARY KEY (GATEWAY_NAME, COMMUNITY_USER_NAME)
+);
http://git-wip-us.apache.org/repos/asf/airavata/blob/58c58cf2/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java
----------------------------------------------------------------------
diff --git a/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java b/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java
new file mode 100644
index 0000000..12105e2
--- /dev/null
+++ b/modules/credential-store/credential-store-service/src/main/java/org/apache/airavata/credential/store/client/TestSSLClient.java
@@ -0,0 +1,140 @@
+/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+package org.apache.airavata.credential.store.client;
+
+import org.apache.airavata.common.exception.ApplicationSettingsException;
+import org.apache.airavata.common.utils.AiravataUtils;
+import org.apache.airavata.common.utils.Constants;
+import org.apache.airavata.common.utils.ServerSettings;
+import org.apache.airavata.credential.store.cpi.CredentialStoreService;
+import org.apache.airavata.credential.store.datamodel.CertificateCredential;
+import org.apache.airavata.credential.store.datamodel.CommunityUser;
+import org.apache.airavata.credential.store.datamodel.SSHCredential;
+import org.apache.thrift.TException;
+import org.apache.thrift.protocol.TBinaryProtocol;
+import org.apache.thrift.protocol.TProtocol;
+import org.apache.thrift.transport.TSSLTransportFactory;
+import org.apache.thrift.transport.TTransport;
+import org.apache.thrift.transport.TTransportException;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import org.apache.commons.codec.binary.Base64;
+
+public class TestSSLClient {
+ private void invoke() {
+ TTransport transport;
+ try {
+ AiravataUtils.setExecutionAsServer();
+ TSSLTransportFactory.TSSLTransportParameters params =
+ new TSSLTransportFactory.TSSLTransportParameters();
+ String keystorePath = ServerSettings.getCredentialStoreThriftServerKeyStorePath();
+ String keystorePWD = ServerSettings.getCredentialStoreThriftServerKeyStorePassword();
+ params.setTrustStore(keystorePath, keystorePWD);
+ final int serverPort = Integer.parseInt(ServerSettings.getSetting(Constants.CREDNETIAL_SERVER_PORT, "8960"));
+ final String serverHost = ServerSettings.getSetting(Constants.CREDNETIAL_SERVER_HOST, null);
+
+ transport = TSSLTransportFactory.getClientSocket(serverHost, serverPort, 10000, params);
+ TProtocol protocol = new TBinaryProtocol(transport);
+
+ CredentialStoreService.Client client = new CredentialStoreService.Client(protocol);
+// testSSHCredential(client);
+ testCertificateCredential(client);
+ transport.close();
+ } catch (TTransportException e) {
+ e.printStackTrace();
+ }catch (ApplicationSettingsException e) {
+ e.printStackTrace();
+ }
+ }
+
+ public static void testSSHCredential (CredentialStoreService.Client client){
+ try {
+ SSHCredential sshCredential = new SSHCredential();
+ sshCredential.setUsername("test");
+ sshCredential.setGatewayId("testGateway");
+ sshCredential.setPassphrase("mypassphrase");
+ String token = client.addSSHCredential(sshCredential);
+ System.out.println("SSH Token :" + token);
+ SSHCredential credential = client.getSSHCredential(token, "testGateway");
+ System.out.println("private key : " + credential.getPrivateKey());
+ System.out.println("public key : " + credential.getPublicKey());
+ }catch (TTransportException e) {
+ e.printStackTrace();
+ } catch (TException e) {
+ e.printStackTrace();
+ }
+ }
+
+ public static void testCertificateCredential (CredentialStoreService.Client client){
+ try {
+ CertificateCredential certificateCredential = new CertificateCredential();
+ CommunityUser communityUser = new CommunityUser("testGateway", "test", "test@ddsd");
+ certificateCredential.setCommunityUser(communityUser);
+ X509Certificate[] x509Certificates = new X509Certificate[1];
+ KeyStore ks = KeyStore.getInstance("JKS");
+ File keyStoreFile = new File("/Users/chathuri/dev/airavata/credential-store/oa4mp/airavata.jks");
+ FileInputStream fis = new FileInputStream(keyStoreFile);
+ char[] password = "airavata".toCharArray();
+ ks.load(fis,password);
+ x509Certificates[0] = (X509Certificate) ks.getCertificate("airavata");
+ Base64 encoder = new Base64(64);
+ String cert_begin = "-----BEGIN CERTIFICATE-----\n";
+ String end_cert = "-----END CERTIFICATE-----";
+ byte[] derCert = x509Certificates[0].getEncoded();
+ String pemCertPre = new String(encoder.encode(derCert));
+ String pemCert = cert_begin + pemCertPre + end_cert;
+ certificateCredential.setX509Cert(pemCert);
+ String token = client.addCertificateCredential(certificateCredential);
+ System.out.println("Certificate Token :" + token);
+ CertificateCredential credential = client.getCertificateCredential(token, "testGateway");
+ System.out.println("certificate : " + credential.getX509Cert());
+ System.out.println("gateway name : " + credential.getCommunityUser().getGatewayNmae());
+ }catch (TTransportException e) {
+ e.printStackTrace();
+ } catch (TException e) {
+ e.printStackTrace();
+ } catch (KeyStoreException e) {
+ e.printStackTrace();
+ } catch (FileNotFoundException e) {
+ e.printStackTrace();
+ } catch (NoSuchAlgorithmException e) {
+ e.printStackTrace();
+ } catch (CertificateException e) {
+ e.printStackTrace();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+
+ public static void main(String[] args) {
+ TestSSLClient c = new TestSSLClient();
+ c.invoke();
+
+ }
+}