[jboss-cvs] JBossAS SVN: r110303 - in branches/JBPAPP_4_2_0_GA_CP: security/src/main/org/jboss/security/ssl and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Jan 7 08:48:54 EST 2011
Author: mmoyses
Date: 2011-01-07 08:48:54 -0500 (Fri, 07 Jan 2011)
New Revision: 110303
Modified:
branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java
branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/ssl/Context.java
branches/JBPAPP_4_2_0_GA_CP/tomcat/src/main/org/jboss/net/ssl/JBossSocketFactory.java
Log:
JBPAPP-5742: fixing alias aware key managers
Modified: branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java 2011-01-07 12:41:29 UTC (rev 110302)
+++ branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java 2011-01-07 13:48:54 UTC (rev 110303)
@@ -132,6 +132,7 @@
/** The KeyStore associated with the security domain */
private KeyStore keyStore;
private KeyManagerFactory keyMgr;
+ private KeyManager[] keyManagers;
/** The KeyStore implementation type which defaults to 'JKS' */
private String keyStoreType = "JKS";
/** The resource for the keystore location */
@@ -206,6 +207,11 @@
{
return keyMgr;
}
+
+ public KeyManager[] getKeyManagers()
+ {
+ return keyManagers;
+ }
public KeyStore getTrustStore() throws SecurityException
{
@@ -687,13 +693,10 @@
else
keyMgr = KeyManagerFactory.getInstance(algorithm);
keyMgr.init(keyStore, keyStorePassword);
- if (keyStoreAlias != null)
+ keyManagers = keyMgr.getKeyManagers();
+ for (int i = 0; i < keyManagers.length; i++)
{
- KeyManager[] keyManagers = keyMgr.getKeyManagers();
- for (int i = 0; i < keyManagers.length; i++)
- {
- keyManagers[i] = new SecurityKeyManager((X509KeyManager) keyManagers[i], keyStoreAlias, clientAlias);
- }
+ keyManagers[i] = new SecurityKeyManager((X509KeyManager) keyManagers[i], keyStoreAlias, clientAlias);
}
}
if( trustStorePassword != null )
Modified: branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/ssl/Context.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/ssl/Context.java 2011-01-07 12:41:29 UTC (rev 110302)
+++ branches/JBPAPP_4_2_0_GA_CP/security/src/main/org/jboss/security/ssl/Context.java 2011-01-07 13:48:54 UTC (rev 110303)
@@ -24,6 +24,8 @@
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
+
+import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
@@ -31,6 +33,7 @@
import org.jboss.logging.Logger;
import org.jboss.security.SecurityDomain;
+import org.jboss.security.plugins.JaasSecurityDomain;
/**
* Utility class with a static method that returns an initialized JSSE
@@ -66,11 +69,14 @@
KeyManagerFactory keyMgr = securityDomain.getKeyManagerFactory();
if( keyMgr == null )
throw new IOException("KeyManagerFactory is null for security domain: "+securityDomain.getSecurityDomain());
+ KeyManager[] keyMgrs = keyMgr.getKeyManagers();
+ if (securityDomain instanceof JaasSecurityDomain)
+ keyMgrs = ((JaasSecurityDomain) securityDomain).getKeyManagers();
TrustManagerFactory trustMgr = securityDomain.getTrustManagerFactory();
TrustManager[] trustMgrs = null;
if( trustMgr != null )
trustMgrs = trustMgr.getTrustManagers();
- sslCtx.init(keyMgr.getKeyManagers(), trustMgrs, null);
+ sslCtx.init(keyMgrs, trustMgrs, null);
return sslCtx;
}
catch(NoSuchAlgorithmException e)
Modified: branches/JBPAPP_4_2_0_GA_CP/tomcat/src/main/org/jboss/net/ssl/JBossSocketFactory.java
===================================================================
--- branches/JBPAPP_4_2_0_GA_CP/tomcat/src/main/org/jboss/net/ssl/JBossSocketFactory.java 2011-01-07 12:41:29 UTC (rev 110302)
+++ branches/JBPAPP_4_2_0_GA_CP/tomcat/src/main/org/jboss/net/ssl/JBossSocketFactory.java 2011-01-07 13:48:54 UTC (rev 110303)
@@ -26,15 +26,14 @@
import javax.naming.InitialContext;
import javax.naming.NamingException;
-import javax.net.ssl.TrustManager;
import javax.net.ssl.KeyManager;
-import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
-import org.jboss.security.SecurityDomain;
import org.apache.tomcat.util.net.jsse.JSSESocketFactory;
-import org.apache.tomcat.util.net.jsse.JSSEKeyManager;
-import javax.net.ssl.X509KeyManager;
+import org.jboss.security.SecurityDomain;
+import org.jboss.security.plugins.JaasSecurityDomain;
/**
* Extends the tomcat JSSE14SocketFactory to obtain the server key and trust
@@ -152,17 +151,8 @@
if( kmf != null )
{
keyMgrs = kmf.getKeyManagers();
- if (keyAlias != null)
- {
- if ("JKS".equals(keystoreType))
- {
- keyAlias = keyAlias.toLowerCase();
- }
- for(int i=0; i<keyMgrs.length; i++)
- {
- keyMgrs[i] = new JSSEKeyManager((X509KeyManager)keyMgrs[i], keyAlias);
- }
- }
+ if (securityDomain instanceof JaasSecurityDomain)
+ keyMgrs = ((JaasSecurityDomain) securityDomain).getKeyManagers();
}
return keyMgrs;
}
More information about the jboss-cvs-commits
mailing list