cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dk...@apache.org
Subject svn commit: r1227321 - in /cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf: configuration/jsse/spring/TLSParameterJaxBUtils.java transport/https/Messages.properties transport/https/SSLUtils.java
Date Wed, 04 Jan 2012 21:06:46 GMT
Author: dkulp
Date: Wed Jan  4 21:06:46 2012
New Revision: 1227321

URL: http://svn.apache.org/viewvc?rev=1227321&view=rev
Log:
[CXF-4008] Check the javax.net.ssl.keyStore* props

Modified:
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSParameterJaxBUtils.java
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/Messages.properties
    cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSParameterJaxBUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSParameterJaxBUtils.java?rev=1227321&r1=1227320&r2=1227321&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSParameterJaxBUtils.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/configuration/jsse/spring/TLSParameterJaxBUtils.java
Wed Jan  4 21:06:46 2012
@@ -20,6 +20,7 @@ package org.apache.cxf.configuration.jss
 
 import java.io.FileInputStream;
 import java.io.IOException;
+import java.io.InputStream;
 import java.net.URL;
 import java.security.GeneralSecurityException;
 import java.security.KeyStore;
@@ -45,6 +46,7 @@ import org.apache.cxf.configuration.secu
 import org.apache.cxf.configuration.security.KeyStoreType;
 import org.apache.cxf.configuration.security.SecureRandomParameters;
 import org.apache.cxf.configuration.security.TrustManagersType;
+import org.apache.cxf.transport.https.SSLUtils;
 
 /**
  * This class provides some functionality to convert the JAXB
@@ -98,17 +100,24 @@ public final class TLSParameterJaxBUtils
         if (kst == null) {
             return null;
         }
-        String type = kst.isSetType()
-                    ? kst.getType()
-                    : KeyStore.getDefaultType();
+        String type = SSLUtils.getKeystoreType(kst.isSetType()
+                                 ? kst.getType() : null, LOG, KeyStore.getDefaultType());
 
         char[] password = kst.isSetPassword()
                     ? deobfuscate(kst.getPassword())
                     : null;
-
-        KeyStore keyStore = !kst.isSetProvider()
+        if (password == null) {
+            String tmp = SSLUtils.getKeystorePassword(null, LOG);
+            if (tmp != null) {
+                password = tmp.toCharArray();
+            }
+        }
+        String provider = SSLUtils.getKeystoreProvider(kst.isSetProvider() 
+                                                       ? kst.getProvider() : null,
+                                                       LOG);
+        KeyStore keyStore = provider == null
                     ? KeyStore.getInstance(type)
-                    : KeyStore.getInstance(type, kst.getProvider());
+                    : KeyStore.getInstance(type, provider);
 
         if (kst.isSetFile()) {
             keyStore.load(new FileInputStream(kst.getFile()), password);
@@ -125,7 +134,12 @@ public final class TLSParameterJaxBUtils
         } else if (kst.isSetUrl()) {
             keyStore.load(new URL(kst.getUrl()).openStream(), password);
         } else {
-            keyStore.load(null, password);
+            String loc = SSLUtils.getKeystore(null, LOG);
+            InputStream ins = null;
+            if (loc != null) {
+                ins = new FileInputStream(loc);
+            }
+            keyStore.load(ins, password);
         }
         return keyStore;
     }

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/Messages.properties
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/Messages.properties?rev=1227321&r1=1227320&r2=1227321&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/Messages.properties
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/Messages.properties
Wed Jan  4 21:06:46 2012
@@ -26,8 +26,12 @@ UNSUPPORTED_SSL_SERVER_POLICY_DATA = Uns
 KEY_STORE_NOT_SET = The location of the key store has not been set via a system parameter
or through configuration so the default value of {0} will be used.
 KEY_STORE_SET = The keystore location is set to {0}.
 KEY_STORE_SYSTEM_PROPERTY_SET = The keystore location is set via a system property to {0}.
-KEY_STORE_TYPE_NOT_SET = The key store type has not been set in configuration so the default
value of {0} will be used.
+KEY_STORE_TYPE_NOT_SET = The keystore type has not been set in configuration so the default
value of {0} will be used.
+KEY_STORE_TYPE_SYSTEM_SET = The keystore type is set via a system property to {0}.
 KEY_STORE_TYPE_SET = The key store type has been set in configuration to {0}.
+KEY_STORE_PROVIDER_NOT_SET = The keystore provider has not been set in configuration so the
default value of {0} will be used.
+KEY_STORE_PROVIDER_SYSTEM_SET = The keystore provider is set via a system property to {0}.
+KEY_STORE_PROVIDER_SET = The key store provider has been set in configuration to {0}.
 LOADED_KEYSTORE = Successfully loaded keystore, {0}.
 FAILED_TO_LOAD_KEYSTORE = Loading the keystore {0}, failed with the following problem: {1}.
 FAILED_TO_LOAD_KEYSTORE_NULL_PASSWORD = Loading the keystore. {0}, failed because the password
is not set.
@@ -36,6 +40,7 @@ TRUST_STORE_SET = The trust store locati
 TRUST_STORE_SYSTEM_PROPERTY_SET = The trust store location has been via a system property
to {0}.
 TRUST_STORE_TYPE_NOT_SET = The trust store type has not been set in configuration so the
default value of {0} will be used.
 TRUST_STORE_TYPE_SET = The trust store type has been set in configuration to {0}.
+TRUST_STORE_TYPE_SYSTEM_SET = The trust store type has been set via a system property to
{0}.
 FAILED_TO_LOAD_TRUST_STORE = Loading the truststore, {0}, failed with the following problem:
{1}.
 LOADED_TRUST_STORE = Successfully loaded trust store, {0}.
 KEY_STORE_PASSWORD_NOT_SET = The key store password has not been set via a system property
or through configuration, reading data from the keystore will fail.

Modified: cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java?rev=1227321&r1=1227320&r2=1227321&view=diff
==============================================================================
--- cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
(original)
+++ cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/https/SSLUtils.java
Wed Jan  4 21:06:46 2012
@@ -261,16 +261,39 @@ public final class SSLUtils {
     }
     
     public static String getKeystoreType(String keyStoreType, Logger log) {
+        return getKeystoreType(keyStoreType, log, DEFAULT_KEYSTORE_TYPE);
+    }
+    public static String getKeystoreType(String keyStoreType, Logger log, String def) {
         String logMsg = null;
         if (keyStoreType != null) {
             logMsg = "KEY_STORE_TYPE_SET";
         } else {
-            keyStoreType = DEFAULT_KEYSTORE_TYPE;
-            logMsg = "KEY_STORE_TYPE_NOT_SET";
+            keyStoreType = SystemPropertyAction.getProperty("javax.net.ssl.keyStoreType",
null);
+            if (keyStoreType == null) {
+                keyStoreType = def;
+                logMsg = "KEY_STORE_TYPE_NOT_SET";
+            } else {
+                logMsg = "KEY_STORE_TYPE_SYSTEM_SET";                
+            }
         }
         LogUtils.log(log, Level.FINE, logMsg, keyStoreType);
         return keyStoreType;
     }  
+    public static String getKeystoreProvider(String keyStoreProvider, Logger log) {
+        String logMsg = null;
+        if (keyStoreProvider != null) {
+            logMsg = "KEY_STORE_PROVIDER_SET";
+        } else {
+            keyStoreProvider = SystemPropertyAction.getProperty("javax.net.ssl.keyStoreProvider",
null);
+            if (keyStoreProvider == null) {
+                logMsg = "KEY_STORE_PROVIDER_NOT_SET";
+            } else {
+                logMsg = "KEY_STORE_PROVIDER_SYSTEM_SET";                
+            }
+        }
+        LogUtils.log(log, Level.FINE, logMsg, keyStoreProvider);
+        return keyStoreProvider;
+    }  
     
     public static String getKeystorePassword(String keyStorePassword,
                                              Logger log) {
@@ -294,7 +317,11 @@ public final class SSLUtils {
             logMsg = "KEY_PASSWORD_SET";
         } else {
             keyPassword =
-                SystemPropertyAction.getProperty("javax.net.ssl.keyStorePassword");
+                SystemPropertyAction.getProperty("javax.net.ssl.keyPassword");
+            if (keyPassword == null) {
+                keyPassword =
+                    SystemPropertyAction.getProperty("javax.net.ssl.keyStorePassword");
+            }
             logMsg = keyPassword != null
                      ? "KEY_PASSWORD_SYSTEM_PROPERTY_SET"
                      : "KEY_PASSWORD_NOT_SET";
@@ -478,8 +505,13 @@ public final class SSLUtils {
             logMsg = "TRUST_STORE_TYPE_SET";
         } else {
             //Can default to JKS
-            trustStoreType = DEFAULT_TRUST_STORE_TYPE;
-            logMsg = "TRUST_STORE_TYPE_NOT_SET";
+            trustStoreType = SystemPropertyAction.getProperty("javax.net.ssl.trustStoreType");
+            if (trustStoreType == null) {    
+                trustStoreType = DEFAULT_TRUST_STORE_TYPE;
+                logMsg = "TRUST_STORE_TYPE_NOT_SET";
+            } else {
+                logMsg = "TRUST_STORE_TYPE_SYSTEM_SET";
+            }
         }
         LogUtils.log(log, Level.FINE, logMsg, trustStoreType);
         return trustStoreType;



Mime
View raw message