geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rex Wang <rwo...@gmail.com>
Subject Re: svn commit: r1036002 - in /geronimo/server/branches/2.1/framework: configs/rmi-naming/src/main/plan/ modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/ modules/geronimo-system/src/main/java/org/apache/geronimo/system/u
Date Thu, 18 Nov 2010 05:11:09 GMT
Hi Ashish,

The EncryptionManagerWrapperGBean has a method to decrypt password. so I
think we don't need create a new GBean to do that.

-Rex

2010/11/17 <ashishjain@apache.org>

> Author: ashishjain
> Date: Wed Nov 17 12:40:13 2010
> New Revision: 1036002
>
> URL: http://svn.apache.org/viewvc?rev=1036002&view=rev
> Log:
> GERONIMO-5692 Fix for 2.1
>
> Added:
>
>  geronimo/server/branches/2.1/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/util/EncryptionManagerGBean.java
> Modified:
>
>  geronimo/server/branches/2.1/framework/configs/rmi-naming/src/main/plan/plan.xml
>
>  geronimo/server/branches/2.1/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/CommandUnlockKeystore.java
>
> Modified:
> geronimo/server/branches/2.1/framework/configs/rmi-naming/src/main/plan/plan.xml
> URL:
> http://svn.apache.org/viewvc/geronimo/server/branches/2.1/framework/configs/rmi-naming/src/main/plan/plan.xml?rev=1036002&r1=1036001&r2=1036002&view=diff
>
> ==============================================================================
> ---
> geronimo/server/branches/2.1/framework/configs/rmi-naming/src/main/plan/plan.xml
> (original)
> +++
> geronimo/server/branches/2.1/framework/configs/rmi-naming/src/main/plan/plan.xml
> Wed Nov 17 12:40:13 2010
> @@ -64,5 +64,6 @@
>
>     <gbean name="EncryptionManagerWrapper"
> class="org.apache.geronimo.system.util.EncryptionManagerWrapperGBean">
>     </gbean>
> +     <gbean name="EncryptionManagerGBean"
> class="org.apache.geronimo.system.util.EncryptionManagerGBean"/>
>
>  </module>
>
> Modified:
> geronimo/server/branches/2.1/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/CommandUnlockKeystore.java
> URL:
> http://svn.apache.org/viewvc/geronimo/server/branches/2.1/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/CommandUnlockKeystore.java?rev=1036002&r1=1036001&r2=1036002&view=diff
>
> ==============================================================================
> ---
> geronimo/server/branches/2.1/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/CommandUnlockKeystore.java
> (original)
> +++
> geronimo/server/branches/2.1/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/CommandUnlockKeystore.java
> Wed Nov 17 12:40:13 2010
> @@ -30,7 +30,6 @@ import jline.ConsoleReader;
>
>  import org.apache.geronimo.cli.deployer.CommandArgs;
>  import org.apache.geronimo.common.DeploymentException;
> -import org.apache.geronimo.crypto.EncryptionManager;
>  import org.apache.geronimo.deployment.plugin.jmx.RemoteDeploymentManager;
>  import org.apache.geronimo.gbean.AbstractName;
>  import org.apache.geronimo.gbean.AbstractNameQuery;
> @@ -118,12 +117,28 @@ public class CommandUnlockKeystore exten
>     /*
>      * Returns the password for private key alias
>      */
> -    private String getKeyAliasPassword(Properties properties, String
> keyStoreName, String aliasName) throws DeploymentException {
> +    private String getKeyAliasPassword(Properties properties, String
> keyStoreName, String aliasName, Kernel kernel) throws DeploymentException {
>         String aliasPassword = properties.getProperty(aliasName);
> +        AbstractName abstractName=null;
> +        String decryptedPassword=null;
>         if (aliasPassword == null) {
>             throw new DeploymentException("No alias with the name " +
> aliasName + " exists in the kyeStoreTruststore password properties file::" +
> System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE,
> DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE));
>         }
> -        return (String) EncryptionManager.decrypt(aliasPassword);
> +        AbstractNameQuery abstractNameQuery = new
> AbstractNameQuery("org.apache.geronimo.system.util.EncryptionManagerGBean");
> +        Iterator it = kernel.listGBeans(abstractNameQuery).iterator();
> +        abstractName = (AbstractName) it.next();
> +        try {
> +
> decryptedPassword=(String)kernel.invoke(abstractName,"decrypt",new
> Object[]{aliasPassword},new String[] {"java.lang.String"});
> +               } catch (GBeanNotFoundException e) {
> +                       throw new DeploymentException("Unable to find the
> gbean with the abstractname:: " + abstractName, e);
> +               } catch (NoSuchOperationException e) {
> +                       throw new DeploymentException("No method decrypt
> available with:: " + abstractName, e);
> +               } catch (InternalKernelException e) {
> +                       throw new DeploymentException();
> +               } catch (Exception e) {
> +                       throw new DeploymentException();
> +               }
> +        return decryptedPassword;
>     }
>
>     /*
> @@ -149,20 +164,36 @@ public class CommandUnlockKeystore exten
>     /*
>      * Returns the key store password
>      */
> -    private String getKeyStorePassword(Properties properties, String
> keyStoreName) throws DeploymentException {
> +    private String getKeyStorePassword(Properties properties, String
> keyStoreName, Kernel kernel) throws DeploymentException {
>         String keyStorePassword = properties.getProperty(keyStoreName);
> +        AbstractName abstractName=null;
> +        String decryptedPassword=null;
>         if (keyStorePassword == null) {
>             throw new DeploymentException("No keyStorePassword attribute
> named " + keyStoreName + " exists in the kyeStoreTruststore password
> properties file::" + System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE,
> DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE));
>         }
> -        return (String) EncryptionManager.decrypt(keyStorePassword);
> +        AbstractNameQuery abstractNameQuery = new
> AbstractNameQuery("org.apache.geronimo.system.util.EncryptionManagerGBean");
> +        Iterator it = kernel.listGBeans(abstractNameQuery).iterator();
> +        abstractName = (AbstractName) it.next();
> +        try {
> +
> decryptedPassword=(String)kernel.invoke(abstractName,"decrypt",new
> Object[]{keyStorePassword},new String[] {"java.lang.String"});
> +               } catch (GBeanNotFoundException e) {
> +                       throw new DeploymentException("Unable to find the
> gbean with the abstractname:: " + abstractName, e);
> +               } catch (NoSuchOperationException e) {
> +                       throw new DeploymentException("No method decrypt
> available with:: " + abstractName, e);
> +               } catch (InternalKernelException e) {
> +                       throw new DeploymentException();
> +               } catch (Exception e) {
> +                       throw new DeploymentException();
> +               }
> +        return decryptedPassword;
>     }
>
>     /*
>      * method to unlock a private key
>      */
>     public boolean unlockKeyAlias(Kernel kernel, AbstractName
> keyStoreAbName, Properties properties, String keyStoreName, String
> aliasName) throws DeploymentException, FileNotFoundException {
> -        char[] aliasPassword = getKeyAliasPassword(properties,
> keyStoreName, aliasName).toCharArray();
> -        char[] keyStorePassword = getKeyStorePassword(properties,
> keyStoreName).toCharArray();
> +        char[] aliasPassword = getKeyAliasPassword(properties,
> keyStoreName, aliasName,kernel).toCharArray();
> +        char[] keyStorePassword = getKeyStorePassword(properties,
> keyStoreName,kernel).toCharArray();
>         boolean success = false;
>         Object[] argsVariable = new Object[] { aliasName, keyStorePassword,
> aliasPassword };
>         String[] argsType = new String[] { aliasName.getClass().getName(),
> keyStorePassword.getClass().getName(), aliasPassword.getClass().getName() };
> @@ -183,7 +214,7 @@ public class CommandUnlockKeystore exten
>      * Method to unlock a keystore
>      */
>     public void unLockKeyStore(Kernel kernel, AbstractName keyStoreAbName,
> Properties properties, String keyStoreName) throws DeploymentException {
> -        char[] keyStorepassword = getKeyStorePassword(properties,
> keyStoreName).toCharArray();
> +        char[] keyStorepassword = getKeyStorePassword(properties,
> keyStoreName,kernel).toCharArray();
>         try {
>             kernel.invoke(keyStoreAbName, "unlockKeystore", new Object[] {
> keyStorepassword }, new String[] { keyStorepassword.getClass().getName() });
>         } catch (GBeanNotFoundException e) {
>
> Added:
> geronimo/server/branches/2.1/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/util/EncryptionManagerGBean.java
> URL:
> http://svn.apache.org/viewvc/geronimo/server/branches/2.1/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/util/EncryptionManagerGBean.java?rev=1036002&view=auto
>
> ==============================================================================
> ---
> geronimo/server/branches/2.1/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/util/EncryptionManagerGBean.java
> (added)
> +++
> geronimo/server/branches/2.1/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/util/EncryptionManagerGBean.java
> Wed Nov 17 12:40:13 2010
> @@ -0,0 +1,46 @@
> +package org.apache.geronimo.system.util;
> +
> +import java.io.Serializable;
> +
> +import org.apache.geronimo.crypto.EncryptionManager;
> +import org.apache.geronimo.gbean.GBeanInfo;
> +import org.apache.geronimo.gbean.GBeanInfoBuilder;
> +import org.apache.geronimo.gbean.GBeanLifecycle;
> +/**
> + * A GBean class to invoke EncryptionManager decrypt
> + * method for command line utility for example unlockKeystore
> + *
> + */
> +public class EncryptionManagerGBean implements GBeanLifecycle,
> Serializable {
> +
> +       public void doFail() {
> +               // TODO Auto-generated method stub
> +
> +       }
> +
> +       public void doStart() throws Exception {
> +               // TODO Auto-generated method stub
> +
> +       }
> +
> +       public void doStop() throws Exception {
> +               // TODO Auto-generated method stub
> +
> +       }
> +
> +       public String decrypt(String text){
> +        return (String)EncryptionManager.decrypt(text);
> +    }
> +
> +    public static final GBeanInfo GBEAN_INFO;
> +
> +    static {
> +        GBeanInfoBuilder infoBuilder =
> GBeanInfoBuilder.createStatic(EncryptionManagerGBean.class, "GBean");
> +        infoBuilder.addOperation("decrypt", new Class[] {String.class},
> "java.lang.String");
> +        GBEAN_INFO = infoBuilder.getBeanInfo();
> +    }
> +
> +    public static GBeanInfo getGBeanInfo() {
> +        return GBEAN_INFO;
> +    }
> +}
>
>
>


-- 
Lei Wang (Rex)
rwonly AT apache.org

Mime
View raw message