[jboss-svn-commits] JBossWS SVN: r778 - branches/jbossws-1.0/src/main/java/org/jboss/ws/wsse
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Sat Aug 19 02:06:38 EDT 2006
Author: mageshbk
Date: 2006-08-19 02:06:35 -0400 (Sat, 19 Aug 2006)
New Revision: 778
Modified:
branches/jbossws-1.0/src/main/java/org/jboss/ws/wsse/SecurityStore.java
Log:
Updated SecurityStore to accept encrypted password using {EXT} and {CLASS} methods
Modified: branches/jbossws-1.0/src/main/java/org/jboss/ws/wsse/SecurityStore.java
===================================================================
--- branches/jbossws-1.0/src/main/java/org/jboss/ws/wsse/SecurityStore.java 2006-08-19 05:59:26 UTC (rev 777)
+++ branches/jbossws-1.0/src/main/java/org/jboss/ws/wsse/SecurityStore.java 2006-08-19 06:06:35 UTC (rev 778)
@@ -21,9 +21,13 @@
*/
package org.jboss.ws.wsse;
+import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Method;
import java.net.URL;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
@@ -40,9 +44,17 @@
import java.util.Arrays;
import java.util.Enumeration;
import java.util.List;
+import java.util.StringTokenizer;
import org.jboss.logging.Logger;
+/**
+ * <code>SecurityStore</code> holds and loads the keystore and truststore required for encyption and signing.
+ *
+ * @author <a href="mailto:jason.greene at jboss.com">Jason T. Greene</a>
+ * @author <a href="mailto:jason.greene at jboss.com">Magesh Kumar B</a>
+ * @version $Revision$
+ */
public class SecurityStore
{
private static Logger log = Logger.getLogger(SecurityStore.class);
@@ -97,6 +109,25 @@
if (storeType == null)
storeType = "jks";
+ if( storePassword.charAt(0) == '{' )
+ {
+ StringTokenizer tokenizer = new StringTokenizer(storePassword, "{}");
+ String keyStorePasswordCmdType = tokenizer.nextToken();
+ String keyStorePasswordCmd = tokenizer.nextToken();
+ if( keyStorePasswordCmdType.equals("EXT") )
+ {
+ storePassword = execPasswordCmd(keyStorePasswordCmd);
+ }
+ else if( keyStorePasswordCmdType.equals("CLASS") )
+ {
+ storePassword = invokePasswordClass(keyStorePasswordCmd);
+ }
+ else
+ {
+ throw new WSSecurityException("Unknown keyStorePasswordCmdType: "+keyStorePasswordCmdType);
+ }
+ }
+ keyStorePassword = storePassword;
try
{
if (storeURL == null)
@@ -112,7 +143,7 @@
log.debug("loadStore: " + storeURL);
InputStream stream = storeURL.openStream();
KeyStore keyStore = KeyStore.getInstance(storeType);
- keyStore.load(stream, storePassword.toCharArray());
+ keyStore.load(stream, keyStorePassword.toCharArray());
return keyStore;
}
@@ -121,6 +152,75 @@
throw new WSSecurityException("Problems loading " + type + ": " + e.getMessage(), e);
}
}
+ private String execPasswordCmd(String keyStorePasswordCmd) throws WSSecurityException
+ {
+ log.debug("Executing command: "+keyStorePasswordCmd);
+ try
+ {
+ Runtime rt = Runtime.getRuntime();
+ Process p = rt.exec(keyStorePasswordCmd);
+ InputStream stdin = p.getInputStream();
+ BufferedReader reader = new BufferedReader(new InputStreamReader(stdin));
+ String password = reader.readLine();
+ stdin.close();
+ int exitCode = p.waitFor();
+ log.debug("Command exited with: "+exitCode);
+ return password;
+ }
+ catch (Exception e)
+ {
+ throw new WSSecurityException("Problems executing password command: " + keyStorePasswordCmd, e);
+ }
+ }
+ private String invokePasswordClass(String keyStorePasswordCmd) throws WSSecurityException
+ {
+ String password = null;
+ String classname = keyStorePasswordCmd;
+ String ctorArg = null;
+ int colon = keyStorePasswordCmd.indexOf(':');
+ if( colon > 0 )
+ {
+ classname = keyStorePasswordCmd.substring(0, colon);
+ ctorArg = keyStorePasswordCmd.substring(colon+1);
+ }
+ log.debug("Loading class: "+classname+", ctorArg="+ctorArg);
+ try
+ {
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ Class c = loader.loadClass(classname);
+ Object instance = null;
+ if( ctorArg != null )
+ {
+ Class[] sig = {String.class};
+ Constructor ctor = c.getConstructor(sig);
+ Object[] args = {ctorArg};
+ instance = ctor.newInstance(args);
+ }
+ else
+ {
+ instance = c.newInstance();
+ }
+ try
+ {
+ log.debug("Checking for toCharArray");
+ Class[] sig = {};
+ Method toCharArray = c.getMethod("toCharArray", sig);
+ Object[] args = {};
+ log.debug("Invoking toCharArray");
+ password = new String((char[]) toCharArray.invoke(instance, args));
+ }
+ catch(NoSuchMethodException e)
+ {
+ log.debug("No toCharArray found, invoking toString");
+ password = instance.toString();
+ }
+ }
+ catch (Exception e)
+ {
+ throw new WSSecurityException("Problems loading or invoking Password class : " + classname, e);
+ }
+ return password;
+ }
public static byte[] getSubjectKeyIdentifier(X509Certificate cert)
{
More information about the jboss-svn-commits
mailing list