You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@juddi.apache.org by al...@apache.org on 2014/01/17 03:21:15 UTC
svn commit: r1558992 - in /juddi/trunk/juddi-gui/src/main:
java/org/apache/juddi/webconsole/ java/org/apache/juddi/webconsole/hub/
webapp/ webapp/ajax/ webapp/js/
Author: alexoree
Date: Fri Jan 17 02:21:15 2014
New Revision: 1558992
URL: http://svn.apache.org/r1558992
Log:
JUDDI-791 hopefully fixed for juddi-gui
Modified:
juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/AES.java
juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/StartupServlet.java
juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/hub/UddiHub.java
juddi/trunk/juddi-gui/src/main/webapp/ajax/loginpost.jsp
juddi/trunk/juddi-gui/src/main/webapp/js/main.js
juddi/trunk/juddi-gui/src/main/webapp/login.jsp
Modified: juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/AES.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/AES.java?rev=1558992&r1=1558991&r2=1558992&view=diff
==============================================================================
--- juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/AES.java (original)
+++ juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/AES.java Fri Jan 17 02:21:15 2014
@@ -32,165 +32,173 @@ import org.apache.commons.logging.LogFac
*/
public class AES {
- public static final String logname = "org.apache.juddi.gui";
- public static final Log log = LogFactory.getLog(logname);
+ public static final String logname = "org.apache.juddi.gui";
+ public static final Log log = LogFactory.getLog(logname);
- /**
- * Turns array of bytes into string
- *
- * @param buf Array of bytes to convert to hex string
- * @return Generated hex string
- */
- private static String asHex(byte buf[]) {
- //return new String(buf);
- StringBuilder strbuf = new StringBuilder(buf.length * 2);
- int i;
-
- for (i = 0; i < buf.length; i++) {
- if (((int) buf[i] & 0xff) < 0x10) {
- strbuf.append("0");
- }
- strbuf.append(Long.toString((int) buf[i] & 0xff, 16));
- }
-
- return strbuf.toString();
- }
-
- private static byte[] hexToBytes(String s) {
- //return s.getBytes();
- return hexToBytes(s.toCharArray());
- }
- private static final char[] kDigits = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a',
- 'b', 'c', 'd', 'e', 'f'};
-
- private static byte[] hexToBytes(char[] hex) {
- int length = hex.length / 2;
- byte[] raw = new byte[length];
- for (int i = 0; i < length; i++) {
- int high = Character.digit(hex[i * 2], 16);
- int low = Character.digit(hex[i * 2 + 1], 16);
- int value = (high << 4) | low;
- if (value > 127) {
- value -= 256;
- }
- raw[i] = (byte) value;
- }
- return raw;
- }
-
- /**
- * generates an AES based off of the selected key size
- *
- * @param keysize
- * @return may return null if the key is not of a supported size by the
- * current jdk
- */
- public static String GEN(int keysize) {
- KeyGenerator kgen;
- try {
- kgen = KeyGenerator.getInstance("AES");
- kgen.init(keysize);
- SecretKey skey = kgen.generateKey();
- byte[] raw = skey.getEncoded();
- return asHex(raw);
- } catch (Exception ex) {
- log.fatal("error generating key", ex);
- }
- return null;
- }
-
- /**
- * Generate a new AES 256 bit encryption key. Once generated, this key can
- * be used to replace the default key.
- *
- * @return
- */
- public static String GEN() {
- return GEN(256);
- }
-
- static String EN(String cleartext, String key) throws Exception {
- byte[] raw =//skey.getEncoded();
- hexToBytes(key); //
- SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
- // Instantiate the cipher
- Cipher cipher = Cipher.getInstance("AES");
- cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
- byte[] encrypted = cipher.doFinal(cleartext.getBytes());
- return asHex(encrypted);
- }
-
-
- static String DE(String ciphertext, String key) throws Exception {
- byte[] raw =//skey.getEncoded();
- hexToBytes(key); //
- SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
- Cipher cipher = Cipher.getInstance("AES");
- cipher.init(Cipher.DECRYPT_MODE, skeySpec);
- byte[] original = cipher.doFinal(hexToBytes(ciphertext));
- return new String(original);
- }
-
- /**
- * return true is the supplied key is a valid aes key
- *
- * @param key
- * @return
- */
- public static boolean ValidateKey(String key) {
- try {
- String src = "abcdefghijklmopqrstuvwxyz123567890!@#$%^&*()_+{}|:\">?<,";
- String x = EN(src, key);
- String y = DE(x, key);
- //if the sample text is encryptable and decryptable, and it was actually encrypted
- if (y.equals(src) && !x.equals(y)) {
- return true;
- }
- return false;
- } catch (Exception ex) {
- log.info("Key validation failed!", ex);
- return false;
- }
- }
-
- /**
- * encrypts a password using AES Requires the Unlimited Strength Crypto
- * Extensions
- *
- * @param clear
- * @return
- */
- public static String Encrypt(String clear, String key) {
- if ((clear == null || clear.length() == 0)) {
- return "";
- }
- try {
- return AES.EN(clear, key);
- } catch (Exception ex) {
- log.fatal("Cannot encrypt sensitive information! Check to make sure the unlimited strength JCE is installed " + ex.getMessage());
- }
- return "";
- }
-
- /**
- * Decrypts a password or other sensitive data If the parameter is null or
- * empty, an empty string is returned. If the parameter is not encrypted or
- * was encrypted using a different key or it fails to decrypt, the original
- * text is returned.
- *
- * @param cipher
- * @return
- */
- public static String Decrypt(String cipher, String key) {
- if ((cipher == null || cipher.length() == 0)) {
- return "";
- }
- try {
- return AES.DE(cipher, key);
- } catch (Exception ex) {
- log.fatal("trouble decrypting data, check to make sure the unlimited strength JCE is installed. If this error occured during deployment, I'll automatically try a smaller key size. " + ex.getMessage());
- }
- return cipher;
+ /**
+ * Turns array of bytes into string
+ *
+ * @param buf Array of bytes to convert to hex string
+ * @return Generated hex string
+ */
+ private static String asHex(byte buf[]) {
+ //return new String(buf);
+ StringBuilder strbuf = new StringBuilder(buf.length * 2);
+ int i;
+
+ for (i = 0; i < buf.length; i++) {
+ if (((int) buf[i] & 0xff) < 0x10) {
+ strbuf.append("0");
+ }
+ strbuf.append(Long.toString((int) buf[i] & 0xff, 16));
+ }
+
+ return strbuf.toString();
+ }
+
+ private static byte[] hexToBytes(String s) {
+ //return s.getBytes();
+ return hexToBytes(s.toCharArray());
+ }
+ private static final char[] kDigits = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a',
+ 'b', 'c', 'd', 'e', 'f'};
+
+ private static byte[] hexToBytes(char[] hex) {
+ int length = hex.length / 2;
+ byte[] raw = new byte[length];
+ for (int i = 0; i < length; i++) {
+ int high = Character.digit(hex[i * 2], 16);
+ int low = Character.digit(hex[i * 2 + 1], 16);
+ int value = (high << 4) | low;
+ if (value > 127) {
+ value -= 256;
+ }
+ raw[i] = (byte) value;
+ }
+ return raw;
+ }
+
+ /**
+ * generates an AES based off of the selected key size
+ *
+ * @param keysize
+ * @return may return null if the key is not of a supported size by the
+ * current jdk
+ */
+ public static String GEN(int keysize) {
+ KeyGenerator kgen;
+ try {
+ kgen = KeyGenerator.getInstance("AES");
+ kgen.init(keysize);
+ SecretKey skey = kgen.generateKey();
+ byte[] raw = skey.getEncoded();
+ return asHex(raw);
+ } catch (Exception ex) {
+ log.fatal("error generating key", ex);
+ }
+ return null;
+ }
+
+ /**
+ * Generate a new AES 256 bit encryption key. Once generated, this key
+ * can be used to replace the default key.
+ *
+ * @return
+ */
+ public static String GEN() {
+ return GEN(256);
+ }
+
+ static String EN(String cleartext, String key) throws Exception {
+ byte[] raw =//skey.getEncoded();
+ hexToBytes(key); //
+ SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+ // Instantiate the cipher
+ Cipher cipher = Cipher.getInstance("AES");
+ cipher.init(Cipher.ENCRYPT_MODE, skeySpec);
+ byte[] encrypted = cipher.doFinal(cleartext.getBytes());
+ return asHex(encrypted);
+ }
+
+ static String DE(String ciphertext, String key) throws Exception {
+ byte[] raw =//skey.getEncoded();
+ hexToBytes(key); //
+ SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+ Cipher cipher = Cipher.getInstance("AES");
+ cipher.init(Cipher.DECRYPT_MODE, skeySpec);
+ byte[] original = cipher.doFinal(hexToBytes(ciphertext));
+ return new String(original);
+ }
+
+ /**
+ * return true is the supplied key is a valid aes key
+ *
+ * @param key
+ * @return
+ */
+ public static boolean ValidateKey(String key) {
+ try {
+ String src = "abcdefghijklmopqrstuvwxyz123567890!@#$%^&*()_+{}|:\">?<,";
+ String x = EN(src, key);
+ String y = DE(x, key);
+ //if the sample text is encryptable and decryptable, and it was actually encrypted
+ if (y.equals(src) && !x.equals(y)) {
+ return true;
+ }
+ return false;
+ } catch (Exception ex) {
+ log.info("Key validation failed!", ex);
+ return false;
+ }
+ }
+
+ /**
+ * encrypts a password using AES Requires the Unlimited Strength Crypto
+ * Extensions
+ *
+ * @param clear
+ * @param key
+ * @return
+ */
+ public static String Encrypt(String clear, String key) throws Exception {
+ if ((clear == null || clear.length() == 0)) {
+ return "";
+ }
+ if (key == null || key.length() == 0) {
+ log.fatal("The generated encryption key was null or emtpy!");
+ }
+ try {
+ return AES.EN(clear, key);
+ } catch (Exception ex) {
+ log.fatal("Cannot encrypt sensitive information! Check to make sure the unlimited strength JCE is installed " + ex.getMessage(), ex);
+ throw new Exception("Internal Configuration Error, See Log for details. ");
+ }
+ // return "";
+ }
+
+ /**
+ * Decrypts a password or other sensitive data If the parameter is null
+ * or empty, an empty string is returned. If the parameter is not
+ * encrypted or was encrypted using a different key or it fails to
+ * decrypt, the original text is returned.
+ *
+ * @param cipher encrypted text
+ * @param key
+ * @return
+ */
+ public static String Decrypt(String cipher, String key) {
+ if ((cipher == null || cipher.length() == 0)) {
+ return "";
+ }
+ if (key == null || key.length() == 0) {
+ log.fatal("The generated encryption key was null or emtpy!");
+ }
+ try {
+ return AES.DE(cipher, key);
+ } catch (Exception ex) {
+ log.fatal("trouble decrypting data, check to make sure the unlimited strength JCE is installed. If this error occured during deployment, I'll automatically try a smaller key size. " + ex.getMessage(), ex);
+ }
+ return cipher;
- }
+ }
}
Modified: juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/StartupServlet.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/StartupServlet.java?rev=1558992&r1=1558991&r2=1558992&view=diff
==============================================================================
--- juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/StartupServlet.java (original)
+++ juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/StartupServlet.java Fri Jan 17 02:21:15 2014
@@ -31,83 +31,86 @@ import javax.servlet.ServletContextEvent
*/
public class StartupServlet implements javax.servlet.ServletContextListener {
- static final Logger log = Logger.getLogger(StartupServlet.class.getCanonicalName());
+ static final Logger log = Logger.getLogger(StartupServlet.class.getCanonicalName());
- /**
- * creates a new AES key and stores it to the properties files
- *
- * @param sce
- */
- public void contextInitialized(ServletContextEvent sce) {
- FileOutputStream fos = null;
- try {
- //URL resource = sce.getServletContext().getResource("/META-INF/config.properties");
- Properties p = new Properties();
- InputStream is = sce.getServletContext().getResourceAsStream("/META-INF/config.properties");
- p.load(is);
- is.close();
- p.remove("key");
- log.info("Attempting to generate 256 bit AES key");
- String key = AES.GEN(256);
- if (key == null) {
- log.info("FAILEd. Now attempting to generate 128 bit AES key");
- key = AES.GEN(128);
- }
- if (key == null) {
- log.log(Level.SEVERE, "128 bit key generation failed! user credentials may not be encrypted");
- }
- p.put("key", key);
- fos = new FileOutputStream(sce.getServletContext().getRealPath("/META-INF/config.properties"));
+ /**
+ * creates a new AES key and stores it to the properties files
+ *
+ * @param sce
+ */
+ public void contextInitialized(ServletContextEvent sce) {
+ log.info("juddi-gui startup");
+ FileOutputStream fos = null;
+ try {
+ //URL resource = sce.getServletContext().getResource("/META-INF/config.properties");
+ Properties p = new Properties();
+ InputStream is = sce.getServletContext().getResourceAsStream("/META-INF/config.properties");
+ p.load(is);
+ is.close();
+ p.remove("key");
+ log.info("Attempting to generate 256 bit AES key");
+ String key = AES.GEN(256);
+ if (key == null) {
+ log.info("FAILED. Now attempting to generate 128 bit AES key");
+ key = AES.GEN(128);
+ } else {
+ log.info("Generatation of 256 bit AES key successful");
+ }
+ if (key == null) {
+ log.log(Level.SEVERE, "128 bit key generation failed! user credentials may not be encrypted");
+ }
+ p.put("key", key);
+ fos = new FileOutputStream(sce.getServletContext().getRealPath("/META-INF/config.properties"));
- p.store(fos, "No comments");
- fos.flush();
- fos.close();
- } catch (Exception ex) {
- log.log(Level.WARNING, null, ex);
- try {
- if (fos != null) {
- fos.close();
+ p.store(fos, "No comments");
+ fos.flush();
+ fos.close();
+ } catch (Exception ex) {
+ log.log(Level.WARNING, null, ex);
+ try {
+ if (fos != null) {
+ fos.close();
+ }
+ } catch (Exception e) {
+ }
}
- } catch (Exception e) {
- }
}
- }
- /**
- * does nothing
- *
- * @param sce
- */
- public void contextDestroyed(ServletContextEvent sce) {
- FileOutputStream fos = null;
- try {
- log.info("Cleaning up juddi-gui");
- Properties p = new Properties();
- InputStream is = sce.getServletContext().getResourceAsStream("/META-INF/config.properties");
- p.load(is);
- p.remove("key");
- is.close();
- fos = new FileOutputStream(sce.getServletContext().getRealPath("/META-INF/config.properties"));
- p.store(fos, "No comments");
- fos.flush();
- fos.close();
- } catch (Exception ex) {
- log.log(Level.WARNING, null, ex);
- try {
- if (fos != null) {
- fos.close();
+ /**
+ * does nothing
+ *
+ * @param sce
+ */
+ public void contextDestroyed(ServletContextEvent sce) {
+ FileOutputStream fos = null;
+ try {
+ log.info("Cleaning up juddi-gui");
+ Properties p = new Properties();
+ InputStream is = sce.getServletContext().getResourceAsStream("/META-INF/config.properties");
+ p.load(is);
+ p.remove("key");
+ is.close();
+ fos = new FileOutputStream(sce.getServletContext().getRealPath("/META-INF/config.properties"));
+ p.store(fos, "No comments");
+ fos.flush();
+ fos.close();
+ } catch (Exception ex) {
+ log.log(Level.WARNING, null, ex);
+ try {
+ if (fos != null) {
+ fos.close();
+ }
+ } catch (Exception e) {
+ }
+ }
+ try {
+ sce.getServletContext().removeAttribute("username");
+ sce.getServletContext().removeAttribute("password");
+ sce.getServletContext().removeAttribute("locale");
+ sce.getServletContext().removeAttribute("hub");
+ } catch (Exception ex) {
+ log.log(Level.WARNING, null, ex);
}
- } catch (Exception e) {
- }
- }
- try {
- sce.getServletContext().removeAttribute("username");
- sce.getServletContext().removeAttribute("password");
- sce.getServletContext().removeAttribute("locale");
- sce.getServletContext().removeAttribute("hub");
- } catch (Exception ex) {
- log.log(Level.WARNING, null, ex);
- }
- }
+ }
}
Modified: juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/hub/UddiHub.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/hub/UddiHub.java?rev=1558992&r1=1558991&r2=1558992&view=diff
==============================================================================
--- juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/hub/UddiHub.java (original)
+++ juddi/trunk/juddi-gui/src/main/java/org/apache/juddi/webconsole/hub/UddiHub.java Fri Jan 17 02:21:15 2014
@@ -32,6 +32,8 @@ import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.concurrent.atomic.AtomicReference;
+import java.util.logging.Level;
+import java.util.logging.Logger;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
@@ -150,6 +152,114 @@ public class UddiHub implements Serializ
// token = null;
}
+ public String verifyLogin() {
+ EnsureConfig();
+ if (style != AuthStyle.UDDI_AUTH) {
+ if (WS_Transport) {
+ BindingProvider bp = null;
+ Map<String, Object> context = null;
+ bp = (BindingProvider) inquiry;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
+ context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
+
+ bp = (BindingProvider) publish;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
+ context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
+
+ bp = (BindingProvider) custody;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
+ context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
+
+ bp = (BindingProvider) subscription;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
+ context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
+ }
+ FindBusiness fb = new FindBusiness();
+ fb.setListHead(0);
+ fb.setMaxRows(1);
+ fb.setFindQualifiers(new FindQualifiers());
+ fb.getFindQualifiers().getFindQualifier().add(UDDIConstants.APPROXIMATE_MATCH);
+ fb.getName().add(new Name(UDDIConstants.WILDCARD, null));
+ try {
+ inquiry.findBusiness(fb);
+ } catch (Exception ex) {
+ return HandleException(ex);
+ }
+ /*
+ bp = (BindingProvider) juddi;
+ context = bp.getRequestContext();
+ context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
+ context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));*/
+ return null;
+ } else {
+ if (token != null) {
+ return token;
+ }
+ if (WS_Transport) {
+ BindingProvider bp = null;
+ Map<String, Object> context = null;
+
+ bp = (BindingProvider) inquiry;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ bp = (BindingProvider) publish;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ bp = (BindingProvider) custody;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ bp = (BindingProvider) subscription;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+ }
+ GetAuthToken req = new GetAuthToken();
+ try {
+ if (security == null) {
+ security = transport.getUDDISecurityService();
+ }
+ } catch (Exception ex) {
+ return HandleException(ex);
+ }
+ if (session.getAttribute("username") != null
+ && session.getAttribute("password") != null) {
+ req.setUserID((String) session.getAttribute("username"));
+ req.setCred(AES.Decrypt((String) session.getAttribute("password"), (String) properties.get("key")));
+ log.info("AUDIT: fetching auth token for " + req.getUserID() + " Auth Mode is " + ((security == null) ? "HTTP" : "AUTH_TOKEN"));
+ try {
+ AuthToken authToken = security.getAuthToken(req);
+ token = authToken.getAuthInfo();
+ return null;
+ } catch (Exception ex) {
+ return HandleException(ex);
+ }
+ }
+ }
+ return "Unexpected error";
+ }
+
/**
* This kills any authentication tokens, logs the user out and nulls out
* all services
@@ -259,6 +369,9 @@ public class UddiHub implements Serializ
URL prop = application.getResource("/META-INF/config.properties");
if (prop == null) {
+ prop = application.getResource("META-INF/config.properties");
+ }
+ if (prop == null) {
throw new Exception("Cannot locate the configuration file.");
}
@@ -312,40 +425,41 @@ public class UddiHub implements Serializ
private String GetToken() {
EnsureConfig();
if (style != AuthStyle.UDDI_AUTH) {
- BindingProvider bp = null;
- Map<String, Object> context = null;
- bp = (BindingProvider) inquiry;
- context = bp.getRequestContext();
- context.remove(BindingProvider.USERNAME_PROPERTY);
- context.remove(BindingProvider.PASSWORD_PROPERTY);
-
- context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
- context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
-
- bp = (BindingProvider) publish;
- context = bp.getRequestContext();
- context.remove(BindingProvider.USERNAME_PROPERTY);
- context.remove(BindingProvider.PASSWORD_PROPERTY);
-
- context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
- context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
-
- bp = (BindingProvider) custody;
- context = bp.getRequestContext();
- context.remove(BindingProvider.USERNAME_PROPERTY);
- context.remove(BindingProvider.PASSWORD_PROPERTY);
-
- context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
- context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
-
- bp = (BindingProvider) subscription;
- context = bp.getRequestContext();
- context.remove(BindingProvider.USERNAME_PROPERTY);
- context.remove(BindingProvider.PASSWORD_PROPERTY);
-
- context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
- context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
+ if (WS_Transport) {
+ BindingProvider bp = null;
+ Map<String, Object> context = null;
+ bp = (BindingProvider) inquiry;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
+ context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
+
+ bp = (BindingProvider) publish;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
+ context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
+
+ bp = (BindingProvider) custody;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
+ context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
+
+ bp = (BindingProvider) subscription;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+ context.put(BindingProvider.USERNAME_PROPERTY, session.getAttribute("username"));
+ context.put(BindingProvider.PASSWORD_PROPERTY, session.getAttribute(AES.Decrypt("password", (String) properties.get("key"))));
+ }
/*
bp = (BindingProvider) juddi;
context = bp.getRequestContext();
@@ -356,29 +470,30 @@ public class UddiHub implements Serializ
if (token != null) {
return token;
}
- BindingProvider bp = null;
- Map<String, Object> context = null;
-
- bp = (BindingProvider) inquiry;
- context = bp.getRequestContext();
- context.remove(BindingProvider.USERNAME_PROPERTY);
- context.remove(BindingProvider.PASSWORD_PROPERTY);
-
- bp = (BindingProvider) publish;
- context = bp.getRequestContext();
- context.remove(BindingProvider.USERNAME_PROPERTY);
- context.remove(BindingProvider.PASSWORD_PROPERTY);
-
- bp = (BindingProvider) custody;
- context = bp.getRequestContext();
- context.remove(BindingProvider.USERNAME_PROPERTY);
- context.remove(BindingProvider.PASSWORD_PROPERTY);
-
- bp = (BindingProvider) subscription;
- context = bp.getRequestContext();
- context.remove(BindingProvider.USERNAME_PROPERTY);
- context.remove(BindingProvider.PASSWORD_PROPERTY);
-
+ if (WS_Transport) {
+ BindingProvider bp = null;
+ Map<String, Object> context = null;
+
+ bp = (BindingProvider) inquiry;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ bp = (BindingProvider) publish;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ bp = (BindingProvider) custody;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+
+ bp = (BindingProvider) subscription;
+ context = bp.getRequestContext();
+ context.remove(BindingProvider.USERNAME_PROPERTY);
+ context.remove(BindingProvider.PASSWORD_PROPERTY);
+ }
GetAuthToken req = new GetAuthToken();
try {
if (security == null) {
@@ -1195,7 +1310,7 @@ public class UddiHub implements Serializ
} else {
// if (!isChooser) {
ret.renderedHtml = Printers.PrintTModelListAsHtml(findTModel, session, isChooser);
- // } else {
+ // } else {
// ret.renderedHtml = Printers.PrintTModelListAsHtmlModel(findTModel, session);
// }
@@ -1605,8 +1720,8 @@ public class UddiHub implements Serializ
if (findBusiness != null && findBusiness.getRelatedBusinessInfos() != null) {
StringBuilder sb = new StringBuilder();
sb.append("<table class=\"table table-hover\">");
- sb.append("<tr><th>" + ResourceLoader.GetResource(session, "items.business") + "</th><th>" +
- ResourceLoader.GetResource(session, "items.publisherassertions.relationship")+"</th><tr>");
+ sb.append("<tr><th>" + ResourceLoader.GetResource(session, "items.business") + "</th><th>"
+ + ResourceLoader.GetResource(session, "items.publisherassertions.relationship") + "</th><tr>");
for (int i = 0; i < findBusiness.getRelatedBusinessInfos().getRelatedBusinessInfo().size(); i++) {
sb.append("<tr><td>");
sb.append("<a href=\"businessEditor2.jsp?id=").
@@ -2036,7 +2151,7 @@ public class UddiHub implements Serializ
*/
public static String SignatureToReadable(SignatureType sig) {
StringBuilder sb = new StringBuilder();
- // X509Certificate signingcert = null;
+ // X509Certificate signingcert = null;
//sb.append("Signature Id: ").append(sig.getKeyInfo().getId());
for (int i = 0; i < sig.getKeyInfo().getContent().size(); i++) {
//sb.append("Signature #").append((i + 1)).append(": ");
@@ -2858,7 +2973,7 @@ public class UddiHub implements Serializ
*/
public String GetCustodyTransferToken(org.uddi.custody_v3.KeyBag keys, Holder<String> nodeid, Holder<XMLGregorianCalendar> outExpires, Holder<byte[]> outToken) {
- // org.uddi.custody_v3.KeyBag kb = new org.uddi.custody_v3.KeyBag();
+ // org.uddi.custody_v3.KeyBag kb = new org.uddi.custody_v3.KeyBag();
// kb.getKey().addAll(keys);
try {
try {
Modified: juddi/trunk/juddi-gui/src/main/webapp/ajax/loginpost.jsp
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-gui/src/main/webapp/ajax/loginpost.jsp?rev=1558992&r1=1558991&r2=1558992&view=diff
==============================================================================
--- juddi/trunk/juddi-gui/src/main/webapp/ajax/loginpost.jsp (original)
+++ juddi/trunk/juddi-gui/src/main/webapp/ajax/loginpost.jsp Fri Jan 17 02:21:15 2014
@@ -4,37 +4,71 @@
Author : Alex O'Ree
--%>
+<%@page import="org.apache.commons.lang.StringEscapeUtils"%>
<%@page import="java.util.Properties"%>
<%@page import="java.io.InputStream"%>
<%@page import="java.net.URL"%>
<%@page import="org.apache.juddi.webconsole.AES"%>
<%@page import="org.apache.juddi.webconsole.hub.UddiHub"%>
<%@page contentType="text/html" pageEncoding="UTF-8"%>
-<!DOCTYPE html>
<%@include file="../csrf.jsp" %>
-<%
-
- URL prop = application.getResource("/META-INF/config.properties");
- if (prop == null) {
- prop = application.getResource("META-INF/config.properties");
-
- }
- if (prop == null) {
- throw new Exception("Cannot locate the configuration file.");
- }
-
- InputStream in = prop.openStream();
- Properties p = new Properties();
- p.load(in);
- in.close();
- session.setAttribute("username", request.getParameter("username"));
- session.setAttribute("password", AES.Encrypt(request.getParameter("password"), (String) p.get("key")));
-
-
-
- UddiHub.reset(request.getSession());
- UddiHub x = UddiHub.getInstance(application, request.getSession());
-
+<% URL prop = application.getResource("/WEB-INF/config.properties");
+ boolean ok = true;
+ if (prop == null) {
+ prop = application.getResource("WEB-INF/config.properties");
+
+ }
+ if (prop == null) {
+ prop = application.getResource("META-INF/config.properties");
+
+ }
+ if (prop == null) {
+ prop = application.getResource("/META-INF/config.properties");
+
+ }
+ if (prop == null) {
+ response.setStatus(406);
+
+ out.write("Contact the sysadmin. Cannot locate the configuration file.");
+ ok = false;
+ }
+
+ InputStream in = prop.openStream();
+ Properties p = new Properties();
+ p.load(in);
+ in.close();
+ session.setAttribute("username", request.getParameter("username"));
+ if (request.getParameter("password") == null || request.getParameter("password").length() == 0) {
+ response.setStatus(406);
+ ok = false;
+ out.write("Please enter a password");
+ //TODO i18n
+ }
+ if (request.getParameter("username") == null || request.getParameter("username").length() == 0) {
+ response.setStatus(406);
+ ok = false;
+ out.write("Please enter a username");
+ //TODO i18n
+ }
+ if (ok) {
+ try {
+ session.setAttribute("password", AES.Encrypt(request.getParameter("password"), (String) p.get("key")));
+ } catch (Exception ex) {
+ response.setStatus(406);
+
+ out.write(StringEscapeUtils.escapeHtml(ex.getMessage()));
+ }
+
+ UddiHub.reset(request.getSession());
+ UddiHub x = UddiHub.getInstance(application, request.getSession());
+
+ String msg = x.verifyLogin();
+ if (msg != null) {
+ response.setStatus(406);
+
+ out.write(msg);
+ }
+ }
%>
\ No newline at end of file
Modified: juddi/trunk/juddi-gui/src/main/webapp/js/main.js
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-gui/src/main/webapp/js/main.js?rev=1558992&r1=1558991&r2=1558992&view=diff
==============================================================================
--- juddi/trunk/juddi-gui/src/main/webapp/js/main.js (original)
+++ juddi/trunk/juddi-gui/src/main/webapp/js/main.js Fri Jan 17 02:21:15 2014
@@ -87,6 +87,8 @@ function Login()
//TODO handle expired nonce values?
RefreshLoginPage();
$("#loginbutton").text(i18n_login);
+ $("#loginfailuredetails").text("Login failed: " + textStatus + " " + jqXHR.responseText);
+ $("#loginfailure").modal();
});
}
Modified: juddi/trunk/juddi-gui/src/main/webapp/login.jsp
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-gui/src/main/webapp/login.jsp?rev=1558992&r1=1558991&r2=1558992&view=diff
==============================================================================
--- juddi/trunk/juddi-gui/src/main/webapp/login.jsp (original)
+++ juddi/trunk/juddi-gui/src/main/webapp/login.jsp Fri Jan 17 02:21:15 2014
@@ -22,7 +22,7 @@
</script>
<a class="btn" title="<%=ResourceLoader.GetResource(session, "navbar.login.logout")%>" href="javascript:logout();">
<%
- if (!request.isSecure() && UddiHub.getInstance(application, session).isSecure()) {
+ if (!request.isSecure() || !UddiHub.getInstance(application, session).isSecure()) {
%>
<i class="icon-warning-sign" title="<%=ResourceLoader.GetResource(session, "warning.ssl")%>"></i>
<%
@@ -58,3 +58,21 @@
</div>
+
+
+<div class="modal hide fade container" id="loginfailure">
+ <div class="modal-header">
+ <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
+ <h3><%=ResourceLoader.GetResource(session, "errors.generic")%></h3>
+ </div>
+ <div class="modal-body">
+ <i class="icon-4x icon-thumbs-down"></i><br>
+ <div id="loginfailuredetails"></div>
+ </div>
+ <div class="modal-footer">
+
+ <button type="button" class="btn" data-dismiss="modal" ><%=ResourceLoader.GetResource(session, "modal.close")%></button>
+ </div>
+</div>
+
+
\ No newline at end of file
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@juddi.apache.org
For additional commands, e-mail: commits-help@juddi.apache.org