[jboss-cvs] JBossAS SVN: r110302 - in branches/JBPAPP_5_1: security/src/main/org/jboss/security/ssl and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Jan 7 07:41:30 EST 2011
Author: mmoyses
Date: 2011-01-07 07:41:29 -0500 (Fri, 07 Jan 2011)
New Revision: 110302
Modified:
branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java
branches/JBPAPP_5_1/security/src/main/org/jboss/security/ssl/Context.java
branches/JBPAPP_5_1/tomcat/src/main/org/jboss/net/ssl/JBossSocketFactory.java
Log:
JBPAPP-5741: fixing alias aware key managers
Modified: branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java
===================================================================
--- branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java 2011-01-07 07:59:45 UTC (rev 110301)
+++ branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java 2011-01-07 12:41:29 UTC (rev 110302)
@@ -129,6 +129,8 @@
private KeyStore keyStore;
private KeyManagerFactory keyMgr;
+
+ private KeyManager[] keyManagers;
/** The KeyStore implementation type which defaults to 'JKS' */
private String keyStoreType = "JKS";
@@ -499,6 +501,11 @@
{
return keyMgr;
}
+
+ public KeyManager[] getKeyManagers()
+ {
+ return keyManagers;
+ }
/*
* (non-Javadoc)
@@ -1050,13 +1057,10 @@
else
keyMgr = KeyManagerFactory.getInstance(algorithm);
keyMgr.init(keyStore, keyStorePassword);
- if (keyStoreAlias != null)
+ keyManagers = keyMgr.getKeyManagers();
+ for (int i = 0; i < keyManagers.length; i++)
{
- KeyManager[] keyManagers = keyMgr.getKeyManagers();
- for (int i = 0; i < keyManagers.length; i++)
- {
- keyManagers[i] = new SecurityKeyManager((X509KeyManager) keyManagers[i], keyStoreAlias, clientAlias);
- }
+ keyManagers[i] = new SecurityKeyManager((X509KeyManager) keyManagers[i], keyStoreAlias, clientAlias);
}
}
if (trustStorePassword != null)
Modified: branches/JBPAPP_5_1/security/src/main/org/jboss/security/ssl/Context.java
===================================================================
--- branches/JBPAPP_5_1/security/src/main/org/jboss/security/ssl/Context.java 2011-01-07 07:59:45 UTC (rev 110301)
+++ branches/JBPAPP_5_1/security/src/main/org/jboss/security/ssl/Context.java 2011-01-07 12:41:29 UTC (rev 110302)
@@ -24,6 +24,8 @@
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
+
+import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
@@ -31,6 +33,7 @@
import org.jboss.logging.Logger;
import org.jboss.security.SecurityDomain;
+import org.jboss.security.plugins.JaasSecurityDomain;
/**
* Utility class with a static method that returns an initialized JSSE
@@ -66,11 +69,14 @@
KeyManagerFactory keyMgr = securityDomain.getKeyManagerFactory();
if( keyMgr == null )
throw new IOException("KeyManagerFactory is null for security domain: "+securityDomain.getSecurityDomain());
+ KeyManager[] keyMgrs = keyMgr.getKeyManagers();
+ if (securityDomain instanceof JaasSecurityDomain)
+ keyMgrs = ((JaasSecurityDomain) securityDomain).getKeyManagers();
TrustManagerFactory trustMgr = securityDomain.getTrustManagerFactory();
TrustManager[] trustMgrs = null;
if( trustMgr != null )
trustMgrs = trustMgr.getTrustManagers();
- sslCtx.init(keyMgr.getKeyManagers(), trustMgrs, null);
+ sslCtx.init(keyMgrs, trustMgrs, null);
return sslCtx;
}
catch(NoSuchAlgorithmException e)
Modified: branches/JBPAPP_5_1/tomcat/src/main/org/jboss/net/ssl/JBossSocketFactory.java
===================================================================
--- branches/JBPAPP_5_1/tomcat/src/main/org/jboss/net/ssl/JBossSocketFactory.java 2011-01-07 07:59:45 UTC (rev 110301)
+++ branches/JBPAPP_5_1/tomcat/src/main/org/jboss/net/ssl/JBossSocketFactory.java 2011-01-07 12:41:29 UTC (rev 110302)
@@ -32,6 +32,7 @@
import javax.net.ssl.KeyManagerFactory;
import org.jboss.security.SecurityDomain;
+import org.jboss.security.plugins.JaasSecurityDomain;
import org.apache.tomcat.util.net.jsse.JSSESocketFactory;
import org.apache.tomcat.util.net.jsse.JSSEKeyManager;
import javax.net.ssl.X509KeyManager;
@@ -152,18 +153,8 @@
if( kmf != null )
{
keyMgrs = kmf.getKeyManagers();
- /* from tomcat JSSESocketFactory.java */
- if (keyAlias != null)
- {
- if ("JKS".equals(keystoreType))
- {
- keyAlias = keyAlias.toLowerCase();
- }
- for(int i=0; i<keyMgrs.length; i++)
- {
- keyMgrs[i] = new JSSEKeyManager((X509KeyManager)keyMgrs[i], keyAlias);
- }
- }
+ if (securityDomain instanceof JaasSecurityDomain)
+ keyMgrs = ((JaasSecurityDomain) securityDomain).getKeyManagers();
}
return keyMgrs;
}
More information about the jboss-cvs-commits
mailing list