[jboss-identity-commits] JBoss Identity SVN: r248 - identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat.
jboss-identity-commits at lists.jboss.org
jboss-identity-commits at lists.jboss.org
Sun Jan 25 23:20:00 EST 2009
Author: anil.saldhana at jboss.com
Date: 2009-01-25 23:20:00 -0500 (Sun, 25 Jan 2009)
New Revision: 248
Added:
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/SecurityActions.java
Modified:
identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java
Log:
handle keystore config/system props
Modified: identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java
===================================================================
--- identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java 2009-01-23 05:37:06 UTC (rev 247)
+++ identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/KeyStoreKeyManager.java 2009-01-26 04:20:00 UTC (rev 248)
@@ -21,7 +21,9 @@
*/
package org.jboss.identity.federation.bindings.tomcat;
+import java.io.IOException;
import java.io.InputStream;
+import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
@@ -63,6 +65,9 @@
public PrivateKey getSigningKey() throws Exception
{
if(ks == null)
+ this.setUpKeyStore();
+
+ if(ks == null)
throw new IllegalStateException("KeyStore is null");
return (PrivateKey) ks.getKey(this.signingAlias, this.signingKeyPass);
}
@@ -73,6 +78,9 @@
public PublicKey getValidatingKey(String domain) throws Exception
{
if(ks == null)
+ this.setUpKeyStore();
+
+ if(ks == null)
throw new IllegalStateException("KeyStore is null");
String domainAlias = this.domainAliasMap.get(domain);
if(domainAlias == null)
@@ -110,9 +118,6 @@
if(keypass == null || keypass.length() == 0)
throw new RuntimeException("Signing Key Pass is null");
this.signingKeyPass = keypass.toCharArray();
-
- InputStream is = ValveUtil.getKeyStoreInputStream(this.keyStoreURL);
- ks = KeyStoreUtil.getKeyStore(is, keyStorePass.toCharArray());
}
/**
@@ -125,4 +130,20 @@
domainAliasMap.put(alias.getKey(), alias.getValue());
}
}
+
+ private void setUpKeyStore() throws GeneralSecurityException, IOException
+ {
+ //Keystore URL/Pass can be either by configuration or on the HTTPS connector
+ if(this.keyStoreURL == null)
+ {
+ this.keyStoreURL = SecurityActions.getProperty("javax.net.ssl.keyStore", null);
+ }
+ if(this.keyStorePass == null)
+ {
+ this.keyStorePass = SecurityActions.getProperty("javax.net.ssl.keyStorePassword", null);
+ }
+
+ InputStream is = ValveUtil.getKeyStoreInputStream(this.keyStoreURL);
+ ks = KeyStoreUtil.getKeyStore(is, keyStorePass.toCharArray());
+ }
}
\ No newline at end of file
Added: identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/SecurityActions.java
===================================================================
--- identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/SecurityActions.java (rev 0)
+++ identity-federation/trunk/identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/SecurityActions.java 2009-01-26 04:20:00 UTC (rev 248)
@@ -0,0 +1,65 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.bindings.tomcat;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Dec 9, 2008
+ */
+class SecurityActions
+{
+ /**
+ * Get the Thread Context ClassLoader
+ * @return
+ */
+ static ClassLoader getContextClassLoader()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
+ {
+ public ClassLoader run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+ /**
+ * Get a system property
+ * @param key the key for the property
+ * @param defaultValue A default value to return if the property is not set (Can be null)
+ * @return
+ */
+ static String getProperty(final String key, final String defaultValue)
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<String>()
+ {
+ public String run()
+ {
+ return System.getProperty(key,defaultValue);
+ }
+ });
+ }
+}
\ No newline at end of file
More information about the jboss-identity-commits
mailing list