cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1509321 - in /cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms: cache/EHCacheXKMSClientCache.java cache/XKMSCacheToken.java cache/XKMSClientCache.java crypto/XkmsCryptoProvider.java
Date Thu, 01 Aug 2013 16:37:53 GMT
Author: coheigea
Date: Thu Aug  1 16:37:53 2013
New Revision: 1509321

URL: http://svn.apache.org/r1509321
Log:
Some XKMS tidy-up

Added:
    cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSCacheToken.java
      - copied, changed from r1509277, cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java
Modified:
    cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheXKMSClientCache.java
    cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java
    cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java

Modified: cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheXKMSClientCache.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheXKMSClientCache.java?rev=1509321&r1=1509320&r2=1509321&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheXKMSClientCache.java
(original)
+++ cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/EHCacheXKMSClientCache.java
Thu Aug  1 16:37:53 2013
@@ -22,7 +22,6 @@ package org.apache.cxf.xkms.cache;
 import java.io.File;
 import java.io.IOException;
 import java.net.URL;
-import java.security.cert.X509Certificate;
 
 import net.sf.ehcache.Cache;
 import net.sf.ehcache.CacheManager;
@@ -100,26 +99,29 @@ public class EHCacheXKMSClientCache impl
     }
     
     /**
-     * Store an X509Certificate in the Cache
+     * Store an XKMSCacheToken in the Cache using the given key
      */
-    public void put(String key, X509Certificate certificate) {
-        cache.put(new Element(key, certificate, false, null, null));
+    public void put(String key, XKMSCacheToken cacheToken) {
+        cache.put(new Element(key, cacheToken, false));
     }
     
     /**
-     * Get an X509Certificate from the cache matching the given key. Returns null if there
-     * is no such certificate in the cache.
+     * Get an XKMSCacheToken from the cache matching the given key. Returns null if there
+     * is no such XKMSCacheToken in the cache, or if the certificate has expired in the cache
      */
-    public X509Certificate get(String key) {
+    public XKMSCacheToken get(String key) {
         Element element = cache.get(key);
         if (element != null && !element.isExpired()) {
-            return (X509Certificate)element.getObjectValue();
+            return (XKMSCacheToken)element.getObjectValue();
         }
         return null;
     }
     
     public void close() throws IOException {
         if (cacheManager != null) {
+            if (cache != null) {
+                cache.removeAll();
+            }
             cacheManager.shutdown();
             cacheManager = null;
             cache = null;

Copied: cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSCacheToken.java
(from r1509277, cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java)
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSCacheToken.java?p2=cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSCacheToken.java&p1=cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java&r1=1509277&r2=1509321&rev=1509321&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java
(original)
+++ cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSCacheToken.java
Thu Aug  1 16:37:53 2013
@@ -19,22 +19,40 @@
 
 package org.apache.cxf.xkms.cache;
 
-import java.io.Closeable;
-import java.io.IOException;
+import java.io.Serializable;
 import java.security.cert.X509Certificate;
 
-public interface XKMSClientCache extends Closeable {
-
-    /**
-     * Store an X509Certificate in the Cache
-     */
-    void put(String key, X509Certificate certificate);
-
+public class XKMSCacheToken implements Serializable {
+    
     /**
-     * Get an X509Certificate from the cache matching the given key. Returns null if there
-     * is no such certificate in the cache.
+     * 
      */
-    X509Certificate get(String key);
+    private static final long serialVersionUID = 7097585680022947024L;
+    private X509Certificate x509Certificate;
+    private boolean xkmsValidated;
+    
+    public XKMSCacheToken() {
+        // 
+    }
     
-    void close() throws IOException;
+    public XKMSCacheToken(X509Certificate x509Certificate) {
+        this.x509Certificate = x509Certificate;
+    }
+
+    public X509Certificate getX509Certificate() {
+        return x509Certificate;
+    }
+
+    public void setX509Certificate(X509Certificate x509Certificate) {
+        this.x509Certificate = x509Certificate;
+    }
+
+    public boolean isXkmsValidated() {
+        return xkmsValidated;
+    }
+
+    public void setXkmsValidated(boolean xkmsValidated) {
+        this.xkmsValidated = xkmsValidated;
+    }
+
 }
\ No newline at end of file

Modified: cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java?rev=1509321&r1=1509320&r2=1509321&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java
(original)
+++ cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/cache/XKMSClientCache.java
Thu Aug  1 16:37:53 2013
@@ -21,20 +21,19 @@ package org.apache.cxf.xkms.cache;
 
 import java.io.Closeable;
 import java.io.IOException;
-import java.security.cert.X509Certificate;
 
 public interface XKMSClientCache extends Closeable {
 
     /**
-     * Store an X509Certificate in the Cache
+     * Store an XKMSCacheToken in the Cache using the given key
      */
-    void put(String key, X509Certificate certificate);
+    void put(String key, XKMSCacheToken cacheToken);
 
     /**
-     * Get an X509Certificate from the cache matching the given key. Returns null if there
-     * is no such certificate in the cache.
+     * Get an XKMSCacheToken from the cache matching the given key. Returns null if there
+     * is no such XKMSCacheToken in the cache.
      */
-    X509Certificate get(String key);
+    XKMSCacheToken get(String key);
     
     void close() throws IOException;
 }
\ No newline at end of file

Modified: cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java
URL: http://svn.apache.org/viewvc/cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java?rev=1509321&r1=1509320&r2=1509321&view=diff
==============================================================================
--- cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java
(original)
+++ cxf/trunk/services/xkms/xkms-client/src/main/java/org/apache/cxf/xkms/crypto/XkmsCryptoProvider.java
Thu Aug  1 16:37:53 2013
@@ -19,6 +19,7 @@
 
 package org.apache.cxf.xkms.crypto;
 
+import java.math.BigInteger;
 import java.security.PrivateKey;
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
@@ -29,6 +30,7 @@ import javax.security.auth.callback.Call
 
 import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.xkms.cache.EHCacheXKMSClientCache;
+import org.apache.cxf.xkms.cache.XKMSCacheToken;
 import org.apache.cxf.xkms.cache.XKMSClientCache;
 import org.apache.cxf.xkms.client.XKMSInvoker;
 import org.apache.cxf.xkms.handlers.Applications;
@@ -129,12 +131,12 @@ public class XkmsCryptoProvider extends 
         } else if (type == TYPE.ALIAS) {
             return getX509CertificatesFromXKMS(cryptoType);
         } else if (type == TYPE.ISSUER_SERIAL) {
-            String key = cryptoType.getIssuer() + "-" + cryptoType.getSerial().toString(16);
+            String key = getKeyForIssuerSerial(cryptoType.getIssuer(), cryptoType.getSerial());
             // Try local cache first
             if (xkmsClientCache != null) {
-                X509Certificate cachedCert = xkmsClientCache.get(key);
-                if (cachedCert != null) {
-                    return new X509Certificate[] {cachedCert};
+                XKMSCacheToken cachedToken = xkmsClientCache.get(key);
+                if (cachedToken != null && cachedToken.getX509Certificate() != null)
{
+                    return new X509Certificate[] {cachedToken.getX509Certificate()};
                 }
             }
             // Now ask the XKMS Service
@@ -143,9 +145,10 @@ public class XkmsCryptoProvider extends 
             
             // Store in the cache
             if (certificate != null && xkmsClientCache != null) {
-                xkmsClientCache.put(key, certificate);
+                XKMSCacheToken cacheToken = new XKMSCacheToken(certificate);
+                xkmsClientCache.put(key, cacheToken);
                 // Store it using the Subject DN as well
-                xkmsClientCache.put(certificate.getSubjectX500Principal().getName(), certificate);
+                xkmsClientCache.put(certificate.getSubjectX500Principal().getName(), cacheToken);
             }
             return new X509Certificate[] {
                 certificate
@@ -178,9 +181,9 @@ public class XkmsCryptoProvider extends 
         
         // Try local cache first
         if (xkmsClientCache != null) {
-            X509Certificate cachedCert = xkmsClientCache.get(id.toLowerCase());
-            if (cachedCert != null) {
-                return new X509Certificate[] {cachedCert};
+            XKMSCacheToken cachedToken = xkmsClientCache.get(id.toLowerCase());
+            if (cachedToken != null && cachedToken.getX509Certificate() != null)
{
+                return new X509Certificate[] {cachedToken.getX509Certificate()};
             }
         }
         
@@ -189,11 +192,12 @@ public class XkmsCryptoProvider extends 
         
         // Store in the cache
         if (cert != null && xkmsClientCache != null) {
-            xkmsClientCache.put(id.toLowerCase(), cert);
+            XKMSCacheToken cacheToken = new XKMSCacheToken(cert);
+            xkmsClientCache.put(id.toLowerCase(), cacheToken);
             // Store it using IssuerSerial as well
-            String key = cert.getIssuerX500Principal().getName() + "-" 
-                + cert.getSerialNumber().toString(16);
-            xkmsClientCache.put(key, cert);
+            String key = getKeyForIssuerSerial(cert.getIssuerX500Principal().getName(), 
+                                               cert.getSerialNumber());
+            xkmsClientCache.put(key, cacheToken);
         }
 
         return new X509Certificate[] {
@@ -227,4 +231,8 @@ public class XkmsCryptoProvider extends 
     private boolean isServiceName(CryptoType cryptoType) {
         return cryptoType.getAlias().contains("{");
     }
+    
+    private String getKeyForIssuerSerial(String issuer, BigInteger serial) {
+        return issuer + "-" + serial.toString(16);
+    }
 }



Mime
View raw message