geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r326194 - in /geronimo/trunk: applications/console-core/ applications/console-core/src/java/org/apache/geronimo/console/core/keystore/ applications/console-ear/src/plan/ applications/console-standard/src/java/org/apache/geronimo/console/cer...
Date Tue, 18 Oct 2005 18:23:07 GMT
Author: djencks
Date: Tue Oct 18 11:22:57 2005
New Revision: 326194

URL: http://svn.apache.org/viewcvs?rev=326194&view=rev
Log:
GERONIMO-887 keystore portlet

Added:
    geronimo/trunk/applications/console-core/src/java/org/apache/geronimo/console/core/keystore/
    geronimo/trunk/applications/console-core/src/java/org/apache/geronimo/console/core/keystore/KeyEntryInfo.java
    geronimo/trunk/applications/console-core/src/java/org/apache/geronimo/console/core/keystore/KeyStoreGBean.java
    geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/
    geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/CertManagerPortlet.java
    geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/
    geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ChangeStorePassword.java
    geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/GenerateCSR.java
    geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/GenerateKeyPair.java
    geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ImportCAReply.java
    geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ImportTrustedCertificate.java
    geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/UploadCertificateFile.java
    geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ViewKeyStore.java
    geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ViewKeyStoreEntryDetail.java
Modified:
    geronimo/trunk/applications/console-core/project.xml
    geronimo/trunk/applications/console-ear/src/plan/geronimo-application.xml
    geronimo/trunk/applications/console-standard/src/webapp/WEB-INF/web.xml
    geronimo/trunk/modules/assembly/src/plan/webconsole-jetty-plan.xml
    geronimo/trunk/modules/assembly/src/plan/webconsole-tomcat-plan.xml

Modified: geronimo/trunk/applications/console-core/project.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-core/project.xml?rev=326194&r1=326193&r2=326194&view=diff
==============================================================================
--- geronimo/trunk/applications/console-core/project.xml (original)
+++ geronimo/trunk/applications/console-core/project.xml Tue Oct 18 11:22:57 2005
@@ -69,6 +69,13 @@
             <artifactId>geronimo-system</artifactId>
             <version>${pom.currentVersion}</version>
         </dependency>
+        <!-- Keystore dependency -->
+        <dependency>
+            <groupId>geronimo</groupId>
+            <artifactId>geronimo-util</artifactId>
+            <version>${pom.currentVersion}</version>
+        </dependency>
+
         <dependency>
             <groupId>commons-logging</groupId>
             <artifactId>commons-logging</artifactId>
@@ -104,12 +111,6 @@
             <version>${mx4j_version}</version>
         </dependency>
 
-        <!-- Keystore dependency -->
-        <dependency>
-            <groupId>geronimo</groupId>
-            <artifactId>geronimo-util</artifactId>
-            <version>${pom.currentVersion}</version>
-        </dependency>
     </dependencies>
 
     <build>

Added: geronimo/trunk/applications/console-core/src/java/org/apache/geronimo/console/core/keystore/KeyEntryInfo.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-core/src/java/org/apache/geronimo/console/core/keystore/KeyEntryInfo.java?rev=326194&view=auto
==============================================================================
--- geronimo/trunk/applications/console-core/src/java/org/apache/geronimo/console/core/keystore/KeyEntryInfo.java (added)
+++ geronimo/trunk/applications/console-core/src/java/org/apache/geronimo/console/core/keystore/KeyEntryInfo.java Tue Oct 18 11:22:57 2005
@@ -0,0 +1,58 @@
+/**
+ *
+ * Copyright 2004, 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.console.core.keystore;
+
+import java.util.Date;
+
+public class KeyEntryInfo {
+    public static final String TRUSTED_CERT_TYPE = "trusted certificate";
+
+    public static final String PRIVATE_KEY_TYPE = "private key";
+
+    private String alias;
+
+    private String type;
+
+    private Date created;
+
+    public KeyEntryInfo(String alias, String type, Date created) {
+        this.alias = alias;
+        this.type = type;
+        this.created = created;
+    }
+
+    public String getAlias() {
+        return this.alias;
+    }
+
+    public String getType() {
+        return this.type;
+    }
+
+    public Date getCreated() {
+        return this.created;
+    }
+
+    public boolean isTrustedCertificate() {
+        return type.equals(TRUSTED_CERT_TYPE);
+    }
+
+    public boolean isPrivateKey() {
+        return type.equals(PRIVATE_KEY_TYPE);
+    }
+}

Added: geronimo/trunk/applications/console-core/src/java/org/apache/geronimo/console/core/keystore/KeyStoreGBean.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-core/src/java/org/apache/geronimo/console/core/keystore/KeyStoreGBean.java?rev=326194&view=auto
==============================================================================
--- geronimo/trunk/applications/console-core/src/java/org/apache/geronimo/console/core/keystore/KeyStoreGBean.java (added)
+++ geronimo/trunk/applications/console-core/src/java/org/apache/geronimo/console/core/keystore/KeyStoreGBean.java Tue Oct 18 11:22:57 2005
@@ -0,0 +1,506 @@
+/**
+ *
+ * Copyright 2004, 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.console.core.keystore;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.InputStream;
+import java.math.BigInteger;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Security;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Vector;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoBuilder;
+import org.apache.geronimo.gbean.GBeanLifecycle;
+import org.apache.geronimo.gbean.WaitingException;
+import org.apache.geronimo.system.serverinfo.ServerInfo;
+/*
+import org.bouncycastle.asn1.ASN1Set;
+import org.bouncycastle.asn1.DEROutputStream;
+import org.bouncycastle.asn1.x509.X509Name;
+import org.bouncycastle.jce.PKCS10CertificationRequest;
+import org.bouncycastle.jce.X509Principal;
+import org.bouncycastle.jce.X509V1CertificateGenerator;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.util.encoders.Base64;
+*/
+import org.apache.geronimo.util.asn1.ASN1Set;
+import org.apache.geronimo.util.asn1.DEROutputStream;
+import org.apache.geronimo.util.asn1.x509.X509Name;
+import org.apache.geronimo.util.jce.PKCS10CertificationRequest;
+import org.apache.geronimo.util.jce.X509Principal;
+import org.apache.geronimo.util.jce.X509V1CertificateGenerator;
+import org.apache.geronimo.util.encoders.Base64;
+
+public class KeyStoreGBean implements GBeanLifecycle {
+    public static final String KEY_STORE_OBJ_NAME = "geronimo.security:type=KeyStore";
+
+    private static Log log = LogFactory.getLog(KeyStoreGBean.class);
+
+    private String keyStoreType;
+
+    private String keyStoreProvider;
+
+    private String keyStoreLocation;
+
+    private String keyStorePassword;
+
+    private String keyPassword;
+
+    private KeyStore keystore;
+
+    // Used to resolve keystore path.
+    private ServerInfo serverInfo;
+
+    public KeyStoreGBean() {
+        keyPassword = new String("");
+    }
+
+    public void doStart() throws WaitingException, Exception {
+
+        //Security.addProvider(new BouncyCastleProvider());
+        
+        this.keystore = KeyStore.getInstance(keyStoreType);
+
+        boolean keystoreExistsFlag = true;
+        InputStream is = null;
+
+        try {
+            log.info("loading keystore from "
+                    + serverInfo.resolvePath(this.keyStoreLocation));
+            is = new java.io.FileInputStream(serverInfo
+                    .resolvePath(this.keyStoreLocation));
+            this.keystore.load(is, this.keyStorePassword.toCharArray());
+        } catch (java.io.FileNotFoundException e) {
+            keystoreExistsFlag = false;
+        } finally {
+            try {
+                if (is != null) {
+                    is.close();
+                }
+            } catch (Exception e) {
+            }
+        }
+
+        if (keystoreExistsFlag == false) {
+            keystore.load(null, keyStorePassword.toCharArray());
+        }
+    }
+
+    public void doStop() throws WaitingException, Exception {
+    }
+
+    public void doFail() {
+    }
+
+    public static final GBeanInfo GBEAN_INFO;
+
+    static {
+        GBeanInfoBuilder infoFactory = new GBeanInfoBuilder(KeyStoreGBean.class);
+
+        infoFactory.addAttribute("keyStoreType", String.class, true);
+        infoFactory.addAttribute("keyStoreProvider", String.class, true);
+        infoFactory.addAttribute("keyStoreLocation", String.class, true);
+        infoFactory.addAttribute("keyStorePassword", String.class, true);
+
+        infoFactory.addReference("serverInfo", ServerInfo.class);
+
+        infoFactory.addOperation("getKeyEntryInfo",
+                new Class[] { String.class });
+        infoFactory.addOperation("getKeyStoreSize");
+        infoFactory.addOperation("getKeyStoreEntries");
+        infoFactory.addOperation("getCertificateChain",
+                new Class[] { String.class });
+        infoFactory.addOperation("generateCSR", new Class[] { String.class });
+
+        infoFactory.addOperation("generateKeyPair", new Class[] { String.class,
+                String.class, Integer.class, String.class, Integer.class,
+                String.class, String.class, String.class, String.class,
+                String.class, String.class });
+
+        infoFactory.addOperation("importTrustedX509Certificate", new Class[] {
+                String.class, String.class });
+        infoFactory.addOperation("importPKCS7Certificate", new Class[] {
+                String.class, String.class });
+
+        GBEAN_INFO = infoFactory.getBeanInfo();
+    }
+
+    public static GBeanInfo getGBeanInfo() {
+        return GBEAN_INFO;
+    }
+
+    public void setKeyStoreType(String keyStoreType) {
+        this.keyStoreType = keyStoreType;
+    }
+
+    public String getKeyStoreType() {
+        return this.keyStoreType;
+    }
+
+    public void setKeyStoreProvider(String keyStoreProvider) {
+        this.keyStoreProvider = keyStoreProvider;
+    }
+
+    public String getKeyStoreProvider() {
+        return this.keyStoreProvider;
+    }
+
+    public void setKeyStoreLocation(String keyStoreLocation) {
+        this.keyStoreLocation = keyStoreLocation;
+    }
+
+    public ServerInfo getServerInfo() {
+        return serverInfo;
+    }
+
+    public void setServerInfo(ServerInfo serverInfo) {
+        this.serverInfo = serverInfo;
+    }
+
+    public String getKeyStoreLocation() {
+        return this.keyStoreLocation;
+    }
+
+    public void setKeyStorePassword(String keyStorePassword) {
+        this.keyStorePassword = keyStorePassword;
+    }
+
+    public String getKeyStorePassword() {
+        return this.keyStorePassword;
+    }
+
+    public int getKeyStoreSize() throws KeyStoreException {
+        return this.keystore.size();
+    }
+
+    public KeyEntryInfo getKeyEntryInfo(String alias) throws KeyStoreException {
+        KeyEntryInfo info = null;
+
+        if (this.keystore.isCertificateEntry(alias)) {
+            // certificate entry
+            info = new KeyEntryInfo(alias, "trusted certificate", keystore
+                    .getCreationDate(alias));
+        } else if (this.keystore.isKeyEntry(alias)) {
+            // private key entry
+            info = new KeyEntryInfo(alias, "private key", keystore
+                    .getCreationDate(alias));
+        } else {
+            throw new KeyStoreException("invalid key entry type");
+        }
+        return info;
+    }
+
+    public List getKeyStoreEntries() throws KeyStoreException {
+        List list = new ArrayList();
+
+        Enumeration aliases = this.keystore.aliases();
+
+        while (aliases.hasMoreElements()) {
+            String alias = (String) aliases.nextElement();
+            list.add(getKeyEntryInfo(alias));
+        }
+        return list;
+    }
+
+    public Certificate[] getCertificateChain(String alias)
+            throws KeyStoreException {
+        Certificate[] certs = null;
+
+        if (keystore.isCertificateEntry(alias)) {
+            Certificate cert = keystore.getCertificate(alias);
+            certs = new Certificate[1];
+            certs[0] = cert;
+        } else if (keystore.isKeyEntry(alias)) {
+            certs = keystore.getCertificateChain(alias);
+        } else if (keystore.containsAlias(alias)) {
+            throw new KeyStoreException("Unsupported key-store-entry, alias = "
+                    + alias);
+        } else {
+            throw new KeyStoreException(
+                    "Key-store-entry alias not found, alias = " + alias);
+        }
+
+        return certs;
+    }
+
+    public String generateCSR(String alias) throws Exception {
+
+        // find certificate by alias
+        X509Certificate cert = (X509Certificate) keystore.getCertificate(alias);
+
+        // find private key by alias
+        PrivateKey key = (PrivateKey) keystore.getKey(alias, new String("")
+                .toCharArray());
+
+        // generate csr
+        String csr = generateCSR(cert, key);
+        return csr;
+    }
+
+    public String generateCSR(X509Certificate cert, PrivateKey signingKey)
+            throws Exception {
+
+        String sigalg = cert.getSigAlgName();
+        X509Name subject = new X509Name(cert.getSubjectDN().toString());
+        PublicKey publicKey = cert.getPublicKey();
+        ASN1Set attributes = null;
+
+        PKCS10CertificationRequest csr = new PKCS10CertificationRequest(sigalg,
+                subject, publicKey, attributes, signingKey);
+
+        if (!csr.verify()) {
+            throw new KeyStoreException("CSR verification failed");
+        }
+
+        ByteArrayOutputStream os = new ByteArrayOutputStream();
+        DEROutputStream deros = new DEROutputStream(os);
+        deros.writeObject(csr.getDERObject());
+        String b64 = new String(Base64.encode(os.toByteArray()));
+
+        final String BEGIN_CERT_REQ = "-----BEGIN CERTIFICATE REQUEST-----";
+        final String END_CERT_REQ = "-----END CERTIFICATE REQUEST-----";
+        final int CERT_REQ_LINE_LENGTH = 70;
+
+        StringBuffer sbuf = new StringBuffer(BEGIN_CERT_REQ).append('\n');
+
+        int idx = 0;
+        while (idx < b64.length()) {
+
+            int len = (idx + CERT_REQ_LINE_LENGTH > b64.length()) ? b64
+                    .length()
+                    - idx : CERT_REQ_LINE_LENGTH;
+
+            String chunk = b64.substring(idx, idx + len);
+
+            sbuf.append(chunk).append('\n');
+            idx += len;
+        }
+
+        sbuf.append(END_CERT_REQ);
+        return sbuf.toString();
+    }
+
+    public void generateKeyPair(String alias, String keyalg, Integer keysize,
+            String sigalg, Integer validity, String cn, String ou, String o,
+            String l, String st, String c)
+            throws java.security.NoSuchAlgorithmException,
+            java.security.KeyStoreException, java.security.SignatureException,
+            java.security.InvalidKeyException,
+            java.security.cert.CertificateException, java.io.IOException {
+
+        KeyPairGenerator kpgen = KeyPairGenerator.getInstance(keyalg);
+
+        kpgen.initialize(keysize.intValue());
+
+        KeyPair keyPair = kpgen.generateKeyPair();
+
+        X509Certificate cert = generateCert(keyPair.getPublic(), keyPair
+                .getPrivate(), sigalg, validity.intValue(), cn, ou, o, l, st, c);
+
+        keystore.setKeyEntry(alias, keyPair.getPrivate(), new String()
+                .toCharArray(), new Certificate[] { cert });
+
+        saveKeyStore();
+    }
+
+    public void saveKeyStore() throws java.io.IOException,
+            java.security.KeyStoreException,
+            java.security.cert.CertificateException,
+            java.security.NoSuchAlgorithmException {
+
+        FileOutputStream os = null;
+
+        try {
+            os = new FileOutputStream(serverInfo
+                    .resolvePath(this.keyStoreLocation));
+
+            keystore.store(os, keyStorePassword.toCharArray());
+        } finally {
+            if (os != null) {
+                try {
+                    os.close();
+                } catch (Exception ex) {
+                }
+            }
+        }
+    }
+
+    public X509Certificate generateCert(PublicKey publicKey,
+            PrivateKey privateKey, String sigalg, int validity, String cn,
+            String ou, String o, String l, String st, String c)
+            throws java.security.SignatureException,
+            java.security.InvalidKeyException {
+        X509V1CertificateGenerator certgen = new X509V1CertificateGenerator();
+
+        // issuer dn
+        Vector order = new Vector();
+        Hashtable attrmap = new Hashtable();
+
+        if (cn != null) {
+            attrmap.put(X509Principal.CN, cn);
+            order.add(X509Principal.CN);
+        }
+
+        if (ou != null) {
+            attrmap.put(X509Principal.OU, ou);
+            order.add(X509Principal.OU);
+        }
+
+        if (o != null) {
+            attrmap.put(X509Principal.O, o);
+            order.add(X509Principal.O);
+        }
+
+        if (l != null) {
+            attrmap.put(X509Principal.L, l);
+            order.add(X509Principal.L);
+        }
+
+        if (st != null) {
+            attrmap.put(X509Principal.ST, st);
+            order.add(X509Principal.ST);
+        }
+
+        if (c != null) {
+            attrmap.put(X509Principal.C, c);
+            order.add(X509Principal.C);
+        }
+
+        X509Principal issuerDN = new X509Principal(order, attrmap);
+        certgen.setIssuerDN(issuerDN);
+
+        // validity
+        long curr = System.currentTimeMillis();
+        long untill = curr + (long) validity * 24 * 60 * 60 * 1000;
+
+        certgen.setNotBefore(new Date(curr));
+        certgen.setNotAfter(new Date(untill));
+
+        // subject dn
+        certgen.setSubjectDN(issuerDN);
+
+        // public key
+        certgen.setPublicKey(publicKey);
+
+        // signature alg
+        certgen.setSignatureAlgorithm(sigalg);
+
+        // serial number
+        certgen.setSerialNumber(new BigInteger(String.valueOf(curr)));
+
+        // make certificate
+        X509Certificate cert = certgen.generateX509Certificate(privateKey);
+        return cert;
+    }
+
+    public void importTrustedX509Certificate(String alias, String certfile)
+            throws java.io.FileNotFoundException,
+            java.security.cert.CertificateException,
+            java.security.KeyStoreException, java.io.IOException,
+            java.security.NoSuchAlgorithmException,
+            java.security.NoSuchProviderException {
+        InputStream is = null;
+
+        try {
+            CertificateFactory cf = CertificateFactory.getInstance("X.509",
+                    keyStoreProvider);
+
+            is = new FileInputStream(certfile);
+            Certificate cert = cf.generateCertificate(is);
+
+            keystore.setCertificateEntry(alias, cert);
+
+            saveKeyStore();
+        } finally {
+            if (is != null) {
+                try {
+                    is.close();
+                } catch (Exception e) {
+                }
+            }
+        }
+    }
+
+    public void importPKCS7Certificate(String alias, String certbuf)
+            throws java.security.cert.CertificateException,
+            java.security.NoSuchProviderException,
+            java.security.KeyStoreException,
+            java.security.NoSuchAlgorithmException,
+            java.security.UnrecoverableKeyException, java.io.IOException {
+
+        InputStream is = null;
+
+        try {
+            is = new ByteArrayInputStream(certbuf.getBytes());
+            importPKCS7Certificate(alias, is);
+        } finally {
+            if (is != null) {
+                try {
+                    is.close();
+                } catch (Exception e) {
+                }
+            }
+        }
+    }
+
+    public void importPKCS7Certificate(String alias, InputStream is)
+            throws java.security.cert.CertificateException,
+            java.security.NoSuchProviderException,
+            java.security.KeyStoreException,
+            java.security.NoSuchAlgorithmException,
+            java.security.UnrecoverableKeyException, java.io.IOException {
+
+        CertificateFactory cf = CertificateFactory.getInstance("X.509",
+                keyStoreProvider);
+        Collection certcoll = cf.generateCertificates(is);
+
+        Certificate[] chain = new Certificate[certcoll.size()];
+
+        Iterator iter = certcoll.iterator();
+        for (int i = 0; iter.hasNext(); i++) {
+            chain[i] = (Certificate) iter.next();
+        }
+
+        char[] password = keyPassword.toCharArray();
+        keystore.setKeyEntry(alias, keystore.getKey(alias, password), password,
+                chain);
+
+        saveKeyStore();
+    }
+}

Modified: geronimo/trunk/applications/console-ear/src/plan/geronimo-application.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-ear/src/plan/geronimo-application.xml?rev=326194&r1=326193&r2=326194&view=diff
==============================================================================
--- geronimo/trunk/applications/console-ear/src/plan/geronimo-application.xml (original)
+++ geronimo/trunk/applications/console-ear/src/plan/geronimo-application.xml Tue Oct 18 11:22:57 2005
@@ -78,19 +78,18 @@
     </gbean>
 
     <!-- Keystore configuration -->
-    <!-- I think this requires a modified GERONIMO-887 to be applied first -->
-<!--    <gbean gbeanName="geronimo.security:type=KeyStore" class="org.apache.geronimo.console.core.keystore.KeyStoreGBean">-->
-<!--        <attribute name="keyStoreLocation">var/security/ssl-keystore-1</attribute>-->
-<!--        <attribute name="keyStoreType">jks</attribute>-->
-<!--        <attribute name="keyStoreProvider">SUN</attribute>-->
-<!--        <attribute name="keyStorePassword">password</attribute>-->
-<!--        <reference name="serverInfo">-->
-<!--            <application>null</application>-->
-<!--            <moduleType>J2EEModule</moduleType>-->
-<!--            <module>org/apache/geronimo/System</module>-->
-<!--            <type>GBean</type>-->
-<!--            <name>ServerInfo</name>-->
-<!--        </reference>-->
-<!--    </gbean>-->
+    <gbean gbeanName="geronimo.security:type=KeyStore" class="org.apache.geronimo.console.core.keystore.KeyStoreGBean">
+        <attribute name="keyStoreLocation">var/security/ssl-keystore-1</attribute>
+        <attribute name="keyStoreType">jks</attribute>
+        <attribute name="keyStoreProvider">SUN</attribute>
+        <attribute name="keyStorePassword">password</attribute>
+        <reference name="serverInfo">
+            <application>null</application>
+            <moduleType>J2EEModule</moduleType>
+            <module>org/apache/geronimo/System</module>
+            <type>GBean</type>
+            <name>ServerInfo</name>
+        </reference>
+    </gbean>
 
 </application>

Added: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/CertManagerPortlet.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/CertManagerPortlet.java?rev=326194&view=auto
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/CertManagerPortlet.java (added)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/CertManagerPortlet.java Tue Oct 18 11:22:57 2005
@@ -0,0 +1,152 @@
+/**
+ *
+ * Copyright 2004, 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.console.certmanager;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+import javax.management.ObjectName;
+import javax.portlet.ActionRequest;
+import javax.portlet.ActionResponse;
+import javax.portlet.GenericPortlet;
+import javax.portlet.PortletConfig;
+import javax.portlet.PortletContext;
+import javax.portlet.PortletException;
+import javax.portlet.PortletRequestDispatcher;
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+
+import org.apache.geronimo.console.certmanager.actions.ChangeStorePassword;
+import org.apache.geronimo.console.certmanager.actions.GenerateCSR;
+import org.apache.geronimo.console.certmanager.actions.GenerateKeyPair;
+import org.apache.geronimo.console.certmanager.actions.ImportCAReply;
+import org.apache.geronimo.console.certmanager.actions.ImportTrustedCertificate;
+import org.apache.geronimo.console.certmanager.actions.UploadCertificateFile;
+import org.apache.geronimo.console.certmanager.actions.ViewKeyStore;
+import org.apache.geronimo.console.certmanager.actions.ViewKeyStoreEntryDetail;
+import org.apache.geronimo.console.util.ObjectNameConstants;
+
+public class CertManagerPortlet extends GenericPortlet {
+
+    private PortletContext ctx;
+
+    private ObjectName ksobjname;
+
+    public CertManagerPortlet() {
+        this.ctx = null;
+    }
+
+    public void init(PortletConfig portletConfig) throws PortletException {
+        super.init(portletConfig);
+
+        // iniitialize portlet environment
+        this.ctx = portletConfig.getPortletContext();
+
+        try {
+            this.ksobjname = new ObjectName(
+                    ObjectNameConstants.KEYSTORE_OBJ_NAME);
+        } catch (Exception e) {
+            throw new PortletException(e);
+        }
+
+        this.ctx.log("Certificate manager portlet initialized");
+    }
+
+    public ObjectName getKeyStoreObjectName() {
+        return ksobjname;
+    }
+
+    public void processAction(ActionRequest request, ActionResponse response)
+            throws PortletException, IOException {
+
+        String action = request.getParameter("action");
+        ctx.log("process-action: action = " + action);
+
+        if (action == null) {
+            return;
+        }
+
+        // pass 'action' parameter value to render method
+        response.setRenderParameter("action", action);
+
+        if (action.equals("upload-certificate-file")) {
+            UploadCertificateFile.action(this, request, response);
+        } else if (action.equals("import-trusted-certificate")) {
+            ImportTrustedCertificate.action(this, request, response);
+        } else if (action.equals("tools-generate-key-pair")) {
+            GenerateKeyPair.action(this, request, response);
+        } else if (action.equals("tools-change-keystore-password")) {
+            ChangeStorePassword.action(this, request, response);
+        } else if (action.equals("generate-csr")) {
+            GenerateCSR.action(this, request, response);
+        } else if (action.equals("import-ca-reply")) {
+            ImportCAReply.action(this, request, response);
+        } else if (action.equals("save-pkcs7-cert")) {
+            ImportCAReply.action(this, request, response);
+        } else if (action.equals("generate-key-pair")) {
+            GenerateKeyPair.action(this, request, response);
+        }
+    }
+
+    public void doView(RenderRequest request, RenderResponse response)
+            throws PortletException, IOException {
+
+        PortletRequestDispatcher prd = null;
+
+        String action = request.getParameter("action");
+        ctx.log("do-view: action = " + action);
+
+        Enumeration e = request.getParameterNames();
+        while (e.hasMoreElements()) {
+            String pname = (String) e.nextElement();
+            String value = request.getParameter(pname);
+            ctx.log("param-name = " + pname + ", param-value = " + value);
+        }
+
+        if (action == null) {
+            ViewKeyStore.render(this, request, response);
+        } else if (action.equals("tools-import-trusted-certificate")) {
+            ImportTrustedCertificate.render(this, request, response);
+        } else if (action.equals("tools-generate-key-pair")) {
+            GenerateKeyPair.render(this, request, response);
+        } else if (action.equals("tools-change-keystore-password")) {
+            ChangeStorePassword.render(this, request, response);
+        } else if (action.equals("upload-certificate-file")) {
+            UploadCertificateFile.render(this, request, response);
+        } else if (action.equals("import-trusted-certificate")) {
+            ImportTrustedCertificate.render(this, request, response);
+        } else if (action.equals("view-keystore-entry-details")) {
+            ViewKeyStoreEntryDetail.render(this, request, response);
+        } else if (action.equals("generate-csr")) {
+            GenerateCSR.render(this, request, response);
+        } else if (action.equals("import-ca-reply")) {
+            ImportCAReply.render(this, request, response);
+        } else if (action.equals("save-pkcs7-cert")) {
+            ImportCAReply.render(this, request, response);
+        } else if (action.equals("generate-key-pair")) {
+            GenerateKeyPair.render(this, request, response);
+        }
+    }
+
+    public void doHelp(RenderRequest renderRequest,
+            RenderResponse renderResponse) throws PortletException, IOException {
+        PortletRequestDispatcher prd = ctx
+                .getRequestDispatcher("/WEB-INF/view/certmanager/viewKeyStoreHelp.jsp");
+        prd.include(renderRequest, renderResponse);
+    }
+}

Added: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ChangeStorePassword.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ChangeStorePassword.java?rev=326194&view=auto
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ChangeStorePassword.java (added)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ChangeStorePassword.java Tue Oct 18 11:22:57 2005
@@ -0,0 +1,49 @@
+/**
+ *
+ * Copyright 2004, 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.console.certmanager.actions;
+
+import java.io.IOException;
+
+import javax.portlet.ActionRequest;
+import javax.portlet.ActionResponse;
+import javax.portlet.PortletException;
+import javax.portlet.PortletRequestDispatcher;
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+
+import org.apache.geronimo.console.certmanager.CertManagerPortlet;
+
+public class ChangeStorePassword {
+    public static void action(CertManagerPortlet portlet,
+            ActionRequest request, ActionResponse response)
+            throws PortletException, IOException {
+        response.setRenderParameter("action", request.getParameter("action"));
+    }
+
+    public static void render(CertManagerPortlet portlet,
+            RenderRequest request, RenderResponse response)
+            throws PortletException, IOException {
+
+        PortletRequestDispatcher rd = portlet
+                .getPortletContext()
+                .getRequestDispatcher(
+                        "/WEB-INF/view/certmanager/changeStorePasswordNormal.jsp");
+
+        rd.include(request, response);
+    }
+}

Added: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/GenerateCSR.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/GenerateCSR.java?rev=326194&view=auto
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/GenerateCSR.java (added)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/GenerateCSR.java Tue Oct 18 11:22:57 2005
@@ -0,0 +1,63 @@
+/**
+ *
+ * Copyright 2004, 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.console.certmanager.actions;
+
+import java.io.IOException;
+
+import javax.portlet.ActionRequest;
+import javax.portlet.ActionResponse;
+import javax.portlet.PortletException;
+import javax.portlet.PortletRequestDispatcher;
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+
+import org.apache.geronimo.console.certmanager.CertManagerPortlet;
+import org.apache.geronimo.kernel.KernelRegistry;
+
+public class GenerateCSR {
+    public static void action(CertManagerPortlet portlet,
+            ActionRequest request, ActionResponse response)
+            throws PortletException, IOException {
+        response.setRenderParameter("action", request.getParameter("action"));
+    }
+
+    public static void render(CertManagerPortlet portlet,
+            RenderRequest request, RenderResponse response)
+            throws PortletException, IOException {
+
+        String alias = request.getParameter("alias");
+
+        try {
+            String csr = (String) KernelRegistry.getSingleKernel()
+                    .invoke(portlet.getKeyStoreObjectName(), "generateCSR",
+                            new Object[] { alias },
+                            new String[] { "java.lang.String" });
+
+            request.setAttribute("com.gluecode.se.cert.csr", csr);
+            request.setAttribute("alias", alias);
+        } catch (Exception e) {
+            throw new PortletException(e);
+        }
+
+        PortletRequestDispatcher rd = portlet.getPortletContext()
+                .getRequestDispatcher(
+                        "/WEB-INF/view/certmanager/generateCSRNormal.jsp");
+
+        rd.include(request, response);
+    }
+}

Added: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/GenerateKeyPair.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/GenerateKeyPair.java?rev=326194&view=auto
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/GenerateKeyPair.java (added)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/GenerateKeyPair.java Tue Oct 18 11:22:57 2005
@@ -0,0 +1,143 @@
+/**
+ *
+ * Copyright 2004, 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.console.certmanager.actions;
+
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.management.ObjectName;
+import javax.portlet.ActionRequest;
+import javax.portlet.ActionResponse;
+import javax.portlet.PortletException;
+import javax.portlet.PortletRequestDispatcher;
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+
+import org.apache.geronimo.console.certmanager.CertManagerPortlet;
+import org.apache.geronimo.kernel.KernelRegistry;
+
+public class GenerateKeyPair {
+    public static void action(CertManagerPortlet portlet,
+            ActionRequest request, ActionResponse response)
+            throws PortletException, IOException {
+        response.setRenderParameter("action", request.getParameter("action"));
+
+        String action = request.getParameter("action");
+
+        if (action == null) {
+            return;
+        }
+
+        if (action.equals("generate-key-pair")) {
+
+            String submit = request.getParameter("submit");
+            String alias = request.getParameter("alias");
+            String keyalg = request.getParameter("keyalg");
+            String keysize = request.getParameter("keysize");
+            String sigalg = request.getParameter("sigalg");
+            String validity = request.getParameter("validity");
+
+            String cn = request.getParameter("cn");
+            String ou = request.getParameter("ou");
+            String o = request.getParameter("o");
+            String l = request.getParameter("l");
+            String st = request.getParameter("st");
+            String c = request.getParameter("c");
+
+            if (submit.equals("cancel")) {
+                return;
+            }
+
+            try {
+                Integer ikeysize = new Integer(Integer.parseInt(keysize));
+                Integer ivalidity = new Integer(Integer.parseInt(validity));
+
+                KernelRegistry.getSingleKernel().invoke(
+                        portlet.getKeyStoreObjectName(),
+                        "generateKeyPair",
+                        new Object[] { alias, keyalg, ikeysize, sigalg,
+                                ivalidity, cn, ou, o, l, st, c },
+                        new String[] { "java.lang.String", "java.lang.String",
+                                "java.lang.Integer", "java.lang.String",
+                                "java.lang.Integer", "java.lang.String",
+                                "java.lang.String", "java.lang.String",
+                                "java.lang.String", "java.lang.String",
+                                "java.lang.String" });
+            } catch (Exception ex) {
+                throw new PortletException(ex);
+            }
+        }
+    }
+
+    public static void render(CertManagerPortlet portlet,
+            RenderRequest request, RenderResponse response)
+            throws PortletException, IOException {
+
+        String action = request.getParameter("action");
+
+        PortletRequestDispatcher rd = null;
+
+        if (action.equals("tools-generate-key-pair")) {
+            rd = portlet.getPortletContext().getRequestDispatcher(
+                    "/WEB-INF/view/certmanager/generateKeyPairNormal.jsp");
+        } else {
+            try {
+                ObjectName objname = portlet.getKeyStoreObjectName();
+
+                String keyStoreType = (String) KernelRegistry.getSingleKernel()
+                        .getAttribute(objname, "keyStoreType");
+                String keyStoreProvider = (String) KernelRegistry
+                        .getSingleKernel().getAttribute(objname,
+                                "keyStoreProvider");
+                String keyStoreLocation = (String) KernelRegistry
+                        .getSingleKernel().getAttribute(objname,
+                                "keyStoreLocation");
+
+                request.setAttribute("com.gluecode.se.keystore.type",
+                        keyStoreType);
+                request.setAttribute("com.gluecode.se.keystore.provider",
+                        keyStoreProvider);
+                request.setAttribute("com.gluecode.se.keystore.location",
+                        keyStoreLocation);
+
+                List storelist = (List) KernelRegistry.getSingleKernel()
+                        .invoke(objname, "getKeyStoreEntries");
+
+                Iterator iter = storelist.iterator();
+                while (iter.hasNext()) {
+                    portlet.getPortletContext().log(
+                            "store-item = " + iter.next());
+                }
+
+                request
+                        .setAttribute("com.gluecode.se.keystore.list",
+                                storelist);
+                request.setAttribute("com.gluecode.se.keystore.size", String
+                        .valueOf(storelist.size()));
+            } catch (Exception e) {
+                throw new PortletException(e);
+            }
+
+            rd = portlet.getPortletContext().getRequestDispatcher(
+                    "/WEB-INF/view/certmanager/viewKeyStoreNormal.jsp");
+        }
+
+        rd.include(request, response);
+    }
+}

Added: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ImportCAReply.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ImportCAReply.java?rev=326194&view=auto
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ImportCAReply.java (added)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ImportCAReply.java Tue Oct 18 11:22:57 2005
@@ -0,0 +1,101 @@
+/**
+ *
+ * Copyright 2004, 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.console.certmanager.actions;
+
+import java.io.IOException;
+
+import javax.portlet.ActionRequest;
+import javax.portlet.ActionResponse;
+import javax.portlet.PortletException;
+import javax.portlet.PortletRequestDispatcher;
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+
+import org.apache.geronimo.console.certmanager.CertManagerPortlet;
+import org.apache.geronimo.kernel.KernelRegistry;
+
+public class ImportCAReply {
+    public static void action(CertManagerPortlet portlet,
+            ActionRequest request, ActionResponse response)
+            throws PortletException, IOException {
+
+        // pass 'alias' parameter along
+        String alias = request.getParameter("alias");
+        response.setRenderParameter("alias", alias);
+
+        String action = request.getParameter("action");
+
+        // this should never happen
+        if (action == null) {
+            return;
+        }
+
+        if (action.equals("import-ca-reply")) {
+            return;
+        } else if (action.equals("save-pkcs7-cert")) {
+            String submit = request.getParameter("submit");
+
+            if (submit.equalsIgnoreCase("cancel")) {
+                return;
+            }
+
+            // save pkcs7-encoded certificate
+            String pkcs7cert = request.getParameter("pkcs7cert");
+
+            try {
+                KernelRegistry.getSingleKernel()
+                        .invoke(
+                                portlet.getKeyStoreObjectName(),
+                                "importPKCS7Certificate",
+                                new Object[] { alias, pkcs7cert },
+                                new String[] { "java.lang.String",
+                                        "java.lang.String" });
+            } catch (Exception e) {
+                throw new PortletException(e);
+            }
+        }
+    }
+
+    public static void render(CertManagerPortlet portlet,
+            RenderRequest request, RenderResponse response)
+            throws PortletException, IOException {
+
+        String action = request.getParameter("action");
+        String alias = request.getParameter("alias");
+
+        // set alias name
+        request.setAttribute("alias", alias);
+
+        // this should never happen
+        if (action == null) {
+            ViewKeyStoreEntryDetail.render(portlet, request, response);
+            return;
+        }
+
+        if (action.equals("import-ca-reply")) {
+            PortletRequestDispatcher rd = portlet
+                    .getPortletContext()
+                    .getRequestDispatcher(
+                            "/WEB-INF/view/certmanager/importCAReplyNormal.jsp");
+
+            rd.include(request, response);
+        } else if (action.equals("save-pkcs7-cert")) {
+            ViewKeyStoreEntryDetail.render(portlet, request, response);
+        }
+    }
+}

Added: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ImportTrustedCertificate.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ImportTrustedCertificate.java?rev=326194&view=auto
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ImportTrustedCertificate.java (added)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ImportTrustedCertificate.java Tue Oct 18 11:22:57 2005
@@ -0,0 +1,90 @@
+/**
+ *
+ * Copyright 2004, 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.console.certmanager.actions;
+
+import java.io.IOException;
+import java.net.URLDecoder;
+
+import javax.portlet.ActionRequest;
+import javax.portlet.ActionResponse;
+import javax.portlet.PortletException;
+import javax.portlet.PortletRequestDispatcher;
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+
+import org.apache.geronimo.console.certmanager.CertManagerPortlet;
+import org.apache.geronimo.kernel.KernelRegistry;
+
+public class ImportTrustedCertificate {
+    public static void action(CertManagerPortlet portlet,
+            ActionRequest request, ActionResponse response)
+            throws PortletException, IOException {
+
+        String action = request.getParameter("action");
+
+        if (action == null) {
+            return;
+        }
+
+        // nothing to do
+        if (action.equals("tools-generate-trusted-certificate")) {
+            return;
+        }
+
+        String submit = request.getParameter("submit");
+
+        if (submit.equalsIgnoreCase("cancel")) {
+            return;
+        }
+
+        String certfileEnc = request
+                .getParameter("com.gluecode.se.cert.file.enc");
+        String alias = request.getParameter("alias");
+
+        // decode certificate file name
+        String certfile = URLDecoder.decode(certfileEnc, "UTF-8");
+
+        // import certificate into the key store
+        try {
+            KernelRegistry.getSingleKernel().invoke(
+                    portlet.getKeyStoreObjectName(),
+                    "importTrustedX509Certificate",
+                    new Object[] { alias, certfile },
+                    new String[] { "java.lang.String", "java.lang.String" });
+        } catch (Exception ex) {
+            throw new PortletException(ex);
+        }
+    }
+
+    public static void render(CertManagerPortlet portlet,
+            RenderRequest request, RenderResponse response)
+            throws PortletException, IOException {
+        PortletRequestDispatcher rd = null;
+
+        String action = request.getParameter("action");
+
+        if (action.equals("tools-import-trusted-certificate")) {
+            rd = portlet.getPortletContext().getRequestDispatcher(
+                    "/WEB-INF/view/certmanager/importTrustedCertNormal.jsp");
+
+            rd.include(request, response);
+        } else {
+            ViewKeyStore.render(portlet, request, response);
+        }
+    }
+}

Added: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/UploadCertificateFile.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/UploadCertificateFile.java?rev=326194&view=auto
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/UploadCertificateFile.java (added)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/UploadCertificateFile.java Tue Oct 18 11:22:57 2005
@@ -0,0 +1,142 @@
+/**
+ *
+ * Copyright 2004, 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.console.certmanager.actions;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URLDecoder;
+import java.net.URLEncoder;
+import java.security.cert.CertificateFactory;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.portlet.ActionRequest;
+import javax.portlet.ActionResponse;
+import javax.portlet.PortletException;
+import javax.portlet.PortletRequestDispatcher;
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+
+import org.apache.commons.fileupload.FileItem;
+import org.apache.commons.fileupload.FileUploadException;
+import org.apache.commons.fileupload.disk.DiskFileItemFactory;
+import org.apache.commons.fileupload.portlet.PortletFileUpload;
+import org.apache.geronimo.console.certmanager.CertManagerPortlet;
+
+public class UploadCertificateFile {
+
+    public static void action(CertManagerPortlet portlet,
+            ActionRequest request, ActionResponse response)
+            throws PortletException, IOException {
+        if (!PortletFileUpload.isMultipartContent(request)) {
+            throw new PortletException("Expected file upload");
+        }
+
+        File rootDir = new File(System.getProperty("java.io.tmpdir"));
+        PortletFileUpload uploader = new PortletFileUpload(
+                new DiskFileItemFactory(10240, rootDir));
+        File certFile = null;
+
+        try {
+            List items = uploader.parseRequest(request);
+            for (Iterator i = items.iterator(); i.hasNext();) {
+                FileItem item = (FileItem) i.next();
+                if (!item.isFormField()) {
+                    String name = item.getName().trim();
+
+                    if (name.length() == 0) {
+                        certFile = null;
+                    } else {
+                        // Firefox sends basename, IE sends full path
+                        int index = name.lastIndexOf('\\');
+                        if (index != -1) {
+                            name = name.substring(index + 1);
+                        }
+                        certFile = new File(rootDir, name);
+                    }
+
+                    if (certFile != null) {
+                        try {
+                            item.write(certFile);
+                        } catch (Exception e) {
+                            throw new PortletException(e);
+                        }
+                    }
+                }
+            }
+        } catch (FileUploadException e) {
+            throw new PortletException(e);
+        }
+
+        // pass certificate file name along
+        String certFileName = certFile.getCanonicalPath();
+        String enc = URLEncoder.encode(certFileName, "UTF-8");
+
+        portlet.getPortletContext().log("cert-file-name: " + certFileName);
+        portlet.getPortletContext().log("enc: " + enc);
+
+        response.setRenderParameter("com.gluecode.se.cert.file.enc", enc);
+        response.setRenderParameter("action", request.getParameter("action"));
+    }
+
+    public static void render(CertManagerPortlet portlet,
+            RenderRequest request, RenderResponse response)
+            throws PortletException, IOException {
+
+        String encodedCertFileName = request
+                .getParameter("com.gluecode.se.cert.file.enc");
+        String certFileName = URLDecoder.decode(encodedCertFileName, "UTF-8");
+        portlet.getPortletContext().log("cert file: " + certFileName);
+
+        Collection certs = null;
+        InputStream is = null;
+
+        if (certFileName != null) {
+            File certFile = new File(certFileName);
+            try {
+                is = new FileInputStream(certFile);
+
+                CertificateFactory cf = CertificateFactory.getInstance("X.509");
+                certs = cf.generateCertificates(is);
+            } catch (Exception e) {
+                throw new PortletException(e);
+            } finally {
+                try {
+                    if (is != null) {
+                        is.close();
+                    }
+                } catch (Exception e) {
+                }
+            }
+
+            request.setAttribute("com.gluecode.se.certs", certs);
+            request.setAttribute("com.gluecode.se.cert.file.enc",
+                    encodedCertFileName);
+        }
+
+        PortletRequestDispatcher prd = null;
+
+        prd = portlet.getPortletContext().getRequestDispatcher(
+                "/WEB-INF/view/certmanager/importTrustedCertNormal.jsp");
+
+        prd.include(request, response);
+    }
+}

Added: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ViewKeyStore.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ViewKeyStore.java?rev=326194&view=auto
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ViewKeyStore.java (added)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ViewKeyStore.java Tue Oct 18 11:22:57 2005
@@ -0,0 +1,83 @@
+/**
+ *
+ * Copyright 2004, 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.console.certmanager.actions;
+
+import java.io.IOException;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.management.ObjectName;
+import javax.portlet.ActionRequest;
+import javax.portlet.ActionResponse;
+import javax.portlet.PortletException;
+import javax.portlet.PortletRequestDispatcher;
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+
+import org.apache.geronimo.console.certmanager.CertManagerPortlet;
+import org.apache.geronimo.kernel.KernelRegistry;
+
+public class ViewKeyStore {
+    public static void action(CertManagerPortlet portlet,
+            ActionRequest request, ActionResponse response)
+            throws PortletException, Exception {
+        response.setRenderParameter("action", request.getParameter("action"));
+    }
+
+    public static void render(CertManagerPortlet portlet,
+            RenderRequest request, RenderResponse response)
+            throws PortletException, IOException {
+
+        PortletRequestDispatcher rd = null;
+
+        try {
+            ObjectName objname = portlet.getKeyStoreObjectName();
+
+            String keyStoreType = (String) KernelRegistry.getSingleKernel()
+                    .getAttribute(objname, "keyStoreType");
+            String keyStoreProvider = (String) KernelRegistry.getSingleKernel()
+                    .getAttribute(objname, "keyStoreProvider");
+            String keyStoreLocation = (String) KernelRegistry.getSingleKernel()
+                    .getAttribute(objname, "keyStoreLocation");
+
+            request.setAttribute("com.gluecode.se.keystore.type", keyStoreType);
+            request.setAttribute("com.gluecode.se.keystore.provider",
+                    keyStoreProvider);
+            request.setAttribute("com.gluecode.se.keystore.location",
+                    keyStoreLocation);
+
+            List storelist = (List) KernelRegistry.getSingleKernel().invoke(
+                    objname, "getKeyStoreEntries");
+
+            Iterator iter = storelist.iterator();
+            while (iter.hasNext()) {
+                portlet.getPortletContext().log("store-item = " + iter.next());
+            }
+
+            request.setAttribute("com.gluecode.se.keystore.list", storelist);
+            request.setAttribute("com.gluecode.se.keystore.size", String
+                    .valueOf(storelist.size()));
+        } catch (Exception e) {
+            throw new PortletException(e);
+        }
+
+        rd = portlet.getPortletContext().getRequestDispatcher(
+                "/WEB-INF/view/certmanager/viewKeyStoreNormal.jsp");
+        rd.include(request, response);
+    }
+}

Added: geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ViewKeyStoreEntryDetail.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ViewKeyStoreEntryDetail.java?rev=326194&view=auto
==============================================================================
--- geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ViewKeyStoreEntryDetail.java (added)
+++ geronimo/trunk/applications/console-standard/src/java/org/apache/geronimo/console/certmanager/actions/ViewKeyStoreEntryDetail.java Tue Oct 18 11:22:57 2005
@@ -0,0 +1,79 @@
+/**
+ *
+ * Copyright 2004, 2005 The Apache Software Foundation or its licensors, as applicable.
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.console.certmanager.actions;
+
+import java.io.IOException;
+import java.security.cert.Certificate;
+
+import javax.management.ObjectName;
+import javax.portlet.PortletException;
+import javax.portlet.PortletRequestDispatcher;
+import javax.portlet.RenderRequest;
+import javax.portlet.RenderResponse;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.geronimo.console.certmanager.CertManagerPortlet;
+import org.apache.geronimo.console.core.keystore.KeyEntryInfo;
+import org.apache.geronimo.console.core.keystore.KeyStoreGBean;
+import org.apache.geronimo.kernel.KernelRegistry;
+
+public class ViewKeyStoreEntryDetail {
+
+    private static Log log = LogFactory.getLog(ViewKeyStoreEntryDetail.class);
+
+    public static void render(CertManagerPortlet portlet,
+            RenderRequest request, RenderResponse response)
+            throws PortletException, IOException {
+
+        String alias = request.getParameter("alias");
+
+        portlet.getPortletContext().log(
+                "view-key-store-entry-detail: key-store-alias = " + alias);
+
+        try {
+            // entry info
+            ObjectName objname = new ObjectName(
+                    KeyStoreGBean.KEY_STORE_OBJ_NAME);
+            KeyEntryInfo kinfo = (KeyEntryInfo) KernelRegistry
+                    .getSingleKernel().invoke(objname, "getKeyEntryInfo",
+                            new Object[] { alias },
+                            new String[] { "java.lang.String" });
+
+            request.setAttribute("com.gluecode.se.keystore.entry.info", kinfo);
+
+            // get keystore certificate chain by the alias
+            Certificate[] chain = (Certificate[]) KernelRegistry
+                    .getSingleKernel().invoke(objname, "getCertificateChain",
+                            new Object[] { alias },
+                            new String[] { "java.lang.String" });
+
+            // set attributes
+            request.setAttribute("com.gluecode.se.certs", chain);
+        } catch (Exception e) {
+            throw new PortletException(e);
+        }
+
+        // display entry detail
+        PortletRequestDispatcher rd = portlet.getPortletContext()
+                .getRequestDispatcher(
+                        "/WEB-INF/view/certmanager/viewCertificateNormal.jsp");
+
+        rd.include(request, response);
+    }
+}

Modified: geronimo/trunk/applications/console-standard/src/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-standard/src/webapp/WEB-INF/web.xml?rev=326194&r1=326193&r2=326194&view=diff
==============================================================================
--- geronimo/trunk/applications/console-standard/src/webapp/WEB-INF/web.xml (original)
+++ geronimo/trunk/applications/console-standard/src/webapp/WEB-INF/web.xml Tue Oct 18 11:22:57 2005
@@ -80,7 +80,7 @@
         <servlet-class>org.apache.pluto.core.PortletServlet</servlet-class>
         <init-param>
             <param-name>portlet-class</param-name>
-            <param-value>org.apache.geronimo.console.EmptyPortlet</param-value>
+            <param-value>org.apache.geronimo.console.certmanager.CertManagerPortlet</param-value>
         </init-param>
         <init-param>
             <param-name>portlet-guid</param-name>

Modified: geronimo/trunk/modules/assembly/src/plan/webconsole-jetty-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/webconsole-jetty-plan.xml?rev=326194&r1=326193&r2=326194&view=diff
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/webconsole-jetty-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/webconsole-jetty-plan.xml Tue Oct 18 11:22:57 2005
@@ -62,25 +62,24 @@
             <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=org/apache/geronimo/System,J2EEServer=geronimo,j2eeType=GBean,name=ServerInfo</gbean-name>
         </reference>
         <reference name="LoginModule">
-<!--            <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=org/apache/geronimo/Server,J2EEServer=geronimo,j2eeType=LoginModule,name=properties-login</gbean-name>-->
+            <!--            <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=org/apache/geronimo/Server,J2EEServer=geronimo,j2eeType=LoginModule,name=properties-login</gbean-name>-->
             <gbean-name>geronimo.server:J2EEApplication=null,J2EEModule=org/apache/geronimo/Security,J2EEServer=geronimo,j2eeType=LoginModule,name=properties-login</gbean-name>
         </reference>
     </gbean>
 
     <!-- Keystore configuration -->
-    <!-- I think this requires a modified GERONIMO-887 to be applied first -->
-<!--    <gbean gbeanName="geronimo.security:type=KeyStore" class="org.apache.geronimo.console.core.keystore.KeyStoreGBean">-->
-<!--        <attribute name="keyStoreLocation">var/security/ssl-keystore-1</attribute>-->
-<!--        <attribute name="keyStoreType">jks</attribute>-->
-<!--        <attribute name="keyStoreProvider">SUN</attribute>-->
-<!--        <attribute name="keyStorePassword">password</attribute>-->
-<!--        <reference name="serverInfo">-->
-<!--            <application>null</application>-->
-<!--            <moduleType>J2EEModule</moduleType>-->
-<!--            <module>org/apache/geronimo/System</module>-->
-<!--            <type>GBean</type>-->
-<!--            <name>ServerInfo</name>-->
-<!--        </reference>-->
-<!--    </gbean>-->
+    <gbean gbeanName="geronimo.security:type=KeyStore" class="org.apache.geronimo.console.core.keystore.KeyStoreGBean">
+        <attribute name="keyStoreLocation">var/security/ssl-keystore-1</attribute>
+        <attribute name="keyStoreType">jks</attribute>
+        <attribute name="keyStoreProvider">SUN</attribute>
+        <attribute name="keyStorePassword">password</attribute>
+        <reference name="serverInfo">
+            <application>null</application>
+            <moduleType>J2EEModule</moduleType>
+            <module>org/apache/geronimo/System</module>
+            <type>GBean</type>
+            <name>ServerInfo</name>
+        </reference>
+    </gbean>
 
 </application>

Modified: geronimo/trunk/modules/assembly/src/plan/webconsole-tomcat-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/webconsole-tomcat-plan.xml?rev=326194&r1=326193&r2=326194&view=diff
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/webconsole-tomcat-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/webconsole-tomcat-plan.xml Tue Oct 18 11:22:57 2005
@@ -70,19 +70,18 @@
     </gbean>
 
     <!-- Keystore configuration -->
-    <!-- I think this requires a modified GERONIMO-887 to be applied first -->
-    <!--    <gbean gbeanName="geronimo.security:type=KeyStore" class="org.apache.geronimo.console.core.keystore.KeyStoreGBean">-->
-    <!--        <attribute name="keyStoreLocation">var/security/ssl-keystore-1</attribute>-->
-    <!--        <attribute name="keyStoreType">jks</attribute>-->
-    <!--        <attribute name="keyStoreProvider">SUN</attribute>-->
-    <!--        <attribute name="keyStorePassword">password</attribute>-->
-    <!--        <reference name="serverInfo">-->
-    <!--            <application>null</application>-->
-    <!--            <moduleType>J2EEModule</moduleType>-->
-    <!--            <module>org/apache/geronimo/System</module>-->
-    <!--            <type>GBean</type>-->
-    <!--            <name>ServerInfo</name>-->
-    <!--        </reference>-->
-    <!--    </gbean>-->
+    <gbean gbeanName="geronimo.security:type=KeyStore" class="org.apache.geronimo.console.core.keystore.KeyStoreGBean">
+        <attribute name="keyStoreLocation">var/security/ssl-keystore-1</attribute>
+        <attribute name="keyStoreType">jks</attribute>
+        <attribute name="keyStoreProvider">SUN</attribute>
+        <attribute name="keyStorePassword">password</attribute>
+        <reference name="serverInfo">
+            <application>null</application>
+            <moduleType>J2EEModule</moduleType>
+            <module>org/apache/geronimo/System</module>
+            <type>GBean</type>
+            <name>ServerInfo</name>
+        </reference>
+    </gbean>
 
 </application>



Mime
View raw message