geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pmcma...@apache.org
Subject svn commit: r561661 - in /geronimo/server/trunk: applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanager/ applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/webmanager/connector/ modu...
Date Wed, 01 Aug 2007 05:09:48 GMT
Author: pmcmahan
Date: Tue Jul 31 22:09:47 2007
New Revision: 561661

URL: http://svn.apache.org/viewvc?view=rev&rev=561661
Log:
GERONIMO-3350 more portlet updates for the new WebManager apis.  Add getKeystorePass and getTruststorePass
to http11protocol interface to support editing HTTPS connectors from the portlet without losing
the passwd.
More tweaking to the ConnectorAttributes for jetty, this still needs some work.

Modified:
    geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java
    geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/webmanager/connector/editConnector.jsp
    geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyManagerImpl.java
    geronimo/server/trunk/modules/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/connector/AbstractHttp11ConnectorGBean.java
    geronimo/server/trunk/modules/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/connector/Http11Protocol.java

Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java?view=diff&rev=561661&r1=561660&r2=561661
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java
(original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/java/org/apache/geronimo/console/webmanager/ConnectorPortlet.java
Tue Jul 31 22:09:47 2007
@@ -159,7 +159,7 @@
             AbstractName newConnectorName = manager.getConnectorConfiguration( connectorType,
connectorAttributes, webContainer, displayName);
             
             // set the keystore properties if its a secure connector
-//            setKeystoreProperties(actionRequest, newConnectorName);
+            setKeystoreProperties(actionRequest, newConnectorName);
             
             // Start the connector
             try {
@@ -203,7 +203,7 @@
                 }
                 
                 // set the keystore properties if its a secure connector
-//                setKeystoreProperties(actionRequest, connectorName);
+                setKeystoreProperties(actionRequest, connectorName);
             }
             actionResponse.setRenderParameter(PARM_MODE, "list");
         } else if(mode.equals("start")) {
@@ -280,10 +280,7 @@
                 renderRequest.setAttribute(PARM_CONNECTOR_ATTRIBUTES, connectorAttributes);
                 renderRequest.setAttribute(PARM_CONNECTOR_TYPE, connectorType);
                 renderRequest.setAttribute(PARM_MODE, "add");
-                // add the special keystore properties to the render request
-                if (WEB_SERVER_JETTY.equals(server)) {
-//                    addKeystoreProperties(renderRequest);
-                }
+                populateEnumAttributes(renderRequest);
                 editConnectorView.include(renderRequest, renderResponse);
             } else if(mode.equals("edit")) {
                 String connectorURI = renderRequest.getParameter(PARM_CONNECTOR_URI);
@@ -310,9 +307,10 @@
                     
                     renderRequest.setAttribute(PARM_CONNECTOR_ATTRIBUTES, connectorAttributes);
                     renderRequest.setAttribute(PARM_CONNECTOR_URI, connectorURI);
-                    if (WEB_SERVER_JETTY.equals(server)) {
-//                        addKeystoreProperties(renderRequest);
-                    }
+                    // populate any enum type values.  the browser will render them in a
+                    // <SELECT> input for the attribute
+                    populateEnumAttributes(renderRequest);
+                    
                     renderRequest.setAttribute(PARM_MODE, "save");
                     editConnectorView.include(renderRequest, renderResponse);
                 }
@@ -439,29 +437,40 @@
         return s != null && !s.equals("");
     }
     
-    // add the special keystore properties to the request
-    // TODO: need a more generic way to handle this
-    private void addKeystoreProperties(PortletRequest request) {
+    // stash any 'enum' type values for attributes.  right now this is
+    // hardcoded, need to promote these to the ConnectorAttribute apis
+    private void populateEnumAttributes(PortletRequest request) {
+        HashMap<String,String[]> enumValues = new HashMap<String,String[]>();
+        
+        // provide the two possible values for secure protocol - TLS and SSL
+        enumValues.put("secureProtocol", new String[] { "TLS", "SSL" }); //jetty
+        enumValues.put("sslProtocol", new String[] { "TLS", "SSL" }); //tomcat
+        
+        // keystore and truststore types for tomcat
+        enumValues.put("keystoreType", new String[] { "JKS", "PKCS12" });
+        enumValues.put("truststoreType", new String[] { "JKS", "PKCS12" });
+
+        // provide the three possible values for secure algorithm - Default, SunX509, and
IbmX509 
+        enumValues.put("algorithm", new String[] { "Default", "SunX509", "IbmX509" });
+        
+        // provide the possible values for the keystore name
         KeystoreManager mgr = PortletManager.getCurrentServer(request).getKeystoreManager();
         KeystoreInstance[] stores = mgr.getUnlockedKeyStores();
         String[] storeNames = new String[stores.length];
         for (int i = 0; i < storeNames.length; i++) {
             storeNames[i] = stores[i].getKeystoreName();
         }
-        request.setAttribute("keyStores", storeNames);
+        enumValues.put("keyStore", storeNames);
+        
+        // provide the possible values for the trust store name
         KeystoreInstance[] trusts = mgr.getUnlockedTrustStores();
         String[] trustNames = new String[trusts.length];
         for (int i = 0; i < trustNames.length; i++) {
             trustNames[i] = trusts[i].getKeystoreName();
         }
-        request.setAttribute("trustStores", trustNames);
-        Map<String,String[]> aliases = new HashMap<String,String[]>();
-        for (int i = 0; i < stores.length; i++) {
-            try {
-                aliases.put(stores[i].getKeystoreName(), stores[i].getUnlockedKeys(null));
-            } catch (KeystoreException e) {}
-        }
-        request.setAttribute("unlockedKeys", aliases);
+        enumValues.put("trustStore", trustNames);
+        
+        request.setAttribute("geronimoConsoleEnumValues", enumValues);
     }
     
     // get the special keystore properties from the request and set them on the connector
@@ -479,8 +488,7 @@
         
         SecureConnector secure = (SecureConnector) connector;
         if (server.equals(WEB_SERVER_JETTY)) {
-            String keyStore = request.getParameter("unlockKeyStore");
-            setProperty(secure, "keyStore", keyStore);
+            String keyStore = request.getParameter("keyStore");
             try {
                 KeystoreInstance[] keystores = PortletManager.getCurrentServer(request)
                         .getKeystoreManager().getKeystores();
@@ -500,10 +508,6 @@
             } catch (KeystoreException e) {
                 throw new PortletException(e);
             }
-            String trustStore = request.getParameter("unlockTrustStore");
-            // "" is a valid trustStore value, which means the parameter
-            // should be cleared
-            setProperty(secure, "trustStore", isValid(trustStore) ? trustStore : null);
         }
         // TODO: what about Tomcat?
     }

Modified: geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/webmanager/connector/editConnector.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/webmanager/connector/editConnector.jsp?view=diff&rev=561661&r1=561660&r2=561661
==============================================================================
--- geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/webmanager/connector/editConnector.jsp
(original)
+++ geronimo/server/trunk/applications/console/geronimo-console-standard/src/main/webapp/WEB-INF/view/webmanager/connector/editConnector.jsp
Tue Jul 31 22:09:47 2007
@@ -97,6 +97,7 @@
 </tr>
 <c:forEach var="connectorAttribute" items="${connectorAttributes}" varStatus="status">
   <c:set var="style" value="${status.index % 2 == 0 ? 'MediumBackground' : 'LightBackground'}"/>
+  <c:set var="enumValues" value="${geronimoConsoleEnumValues[connectorAttribute.attributeName]}"/>
   <tr>
     <td class="${style}">
     <c:if test="${connectorAttribute.required}"><strong>*</c:if>
@@ -105,14 +106,26 @@
     </td>
     <td class="${style}">${connectorAttribute.attributeClass.simpleName}</td>
     <c:choose>
+        <c:when test="${enumValues != null}">
+    	    <td class="${style}">
+    	    <select name="${connectorAttribute.attributeName}">
+                <c:forEach var="enumValue" items="${enumValues}">
+                    <option <c:if test="${connectorAttribute.value eq enumValue}">
selected</c:if>>
+                      <c:out escapeXml="true" value="${enumValue}"/>
+                    </option>
+                </c:forEach>
+    	    </select>
+    	     </td>
+        </c:when>
         <c:when test="${connectorAttribute.attributeClass.simpleName eq 'Integer'}">
     	    <td class="${style}"><input name="${connectorAttribute.attributeName}"
type="text" size="5" 
     	     value="<c:out escapeXml="true" value="${connectorAttribute.stringValue}"/>"></td>
         </c:when>
         <c:when test="${connectorAttribute.attributeClass.simpleName eq 'Boolean'}">
-		    <td class="${style}"><input name="${connectorAttribute.attributeName}" type="checkbox"
${connectorAttribute.value ? 'checked' : ''}></td>
+		    <td class="${style}"><input name="${connectorAttribute.attributeName}" type="checkbox"

+		    <c:if test="${connectorAttribute.value}">checked</c:if>></td>
         </c:when>
-        <c:when test="${fn:containsIgnoreCase(connectorAttribute.attributeName, 'password')}">
+        <c:when test="${fn:containsIgnoreCase(connectorAttribute.attributeName, 'pass')}">
 		    <td class="${style}"><input name="${connectorAttribute.attributeName}" type="password"
size="30"
     	     value="<c:out escapeXml="true" value="${connectorAttribute.stringValue}"/>"></td>
         </c:when>

Modified: geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyManagerImpl.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyManagerImpl.java?view=diff&rev=561661&r1=561660&r2=561661
==============================================================================
--- geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyManagerImpl.java
(original)
+++ geronimo/server/trunk/modules/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyManagerImpl.java
Tue Jul 31 22:09:47 2007
@@ -106,11 +106,12 @@
         connectorAttributes.add(new ConnectorAttribute<Integer>("redirectPort", 8443,
"redirectPort", Integer.class));
         //connectorAttributes.add(new ConnectorAttribute<Integer>("maxIdleTimeMs",
30000, "maxIdleTimeMs", Integer.class));
         connectorAttributes.add(new ConnectorAttribute<Boolean>("clientAuthRequested",
false, "clientAuthRequested", Boolean.class));
-        connectorAttributes.add(new ConnectorAttribute<Boolean>("clientAuthRequired",
false, "clientAuthRequired", Boolean.class));
-        connectorAttributes.add(new ConnectorAttribute<String>("keyStore", "", "keyStore",
String.class, true));
-        connectorAttributes.add(new ConnectorAttribute<String>("trustStore", "", "trustStore",
String.class, true));
-        connectorAttributes.add(new ConnectorAttribute<String>("keyAlias", "", "keyAlias",
String.class, true));
-        connectorAttributes.add(new ConnectorAttribute<String>("secureProtocol", "",
"secureProtocol", String.class));
+        connectorAttributes.add(new ConnectorAttribute<Boolean>("clientAuthRequired",
false, "If set, then clients connecting through this connector must supply a valid client
certificate.", Boolean.class));
+        connectorAttributes.add(new ConnectorAttribute<String>("keyStore", "", "The
keystore to use for accessing the server's private key", String.class, true));
+        connectorAttributes.add(new ConnectorAttribute<String>("trustStore", "", "The
keystore containing the trusted certificate entries, including Certification Authority (CA)
certificates", String.class));
+        //connectorAttributes.add(new ConnectorAttribute<String>("keyAlias", "", "keyAlias",
String.class, true));
+        connectorAttributes.add(new ConnectorAttribute<String>("secureProtocol", "",
"This should normally be set to TLS, though some (IBM) JVMs don't work properly with popular
browsers unless it is changed to SSL.", String.class));
+        connectorAttributes.add(new ConnectorAttribute<String>("algorithm", "Default",
"This should normally be set to match the JVM vendor.", String.class));
         CONNECTOR_ATTRIBUTES.put(HTTPS_NIO, connectorAttributes);
 
         connectorAttributes = new ArrayList<ConnectorAttribute>();
@@ -136,11 +137,12 @@
         connectorAttributes.add(new ConnectorAttribute<Integer>("redirectPort", 8443,
"redirectPort", Integer.class));
         //connectorAttributes.add(new ConnectorAttribute<Integer>("maxIdleTimeMs",
30000, "maxIdleTimeMs", Integer.class));
         connectorAttributes.add(new ConnectorAttribute<Boolean>("clientAuthRequested",
false, "clientAuthRequested", Boolean.class));
-        connectorAttributes.add(new ConnectorAttribute<Boolean>("clientAuthRequired",
false, "clientAuthRequired", Boolean.class));
-        connectorAttributes.add(new ConnectorAttribute<String>("keyStore", "", "keyStore",
String.class, true));
-        connectorAttributes.add(new ConnectorAttribute<String>("trustStore", "", "trustStore",
String.class, true));
-        connectorAttributes.add(new ConnectorAttribute<String>("keyAlias", "", "keyAlias",
String.class, true));
-        connectorAttributes.add(new ConnectorAttribute<String>("secureProtocol", "",
"secureProtocol", String.class));
+        connectorAttributes.add(new ConnectorAttribute<Boolean>("clientAuthRequired",
false, "If set, then clients connecting through this connector must supply a valid client
certificate.", Boolean.class));
+        connectorAttributes.add(new ConnectorAttribute<String>("keyStore", "", "The
keystore to use for accessing the server's private key", String.class, true));
+        connectorAttributes.add(new ConnectorAttribute<String>("trustStore", "", "The
keystore containing the trusted certificate entries, including Certification Authority (CA)
certificates", String.class));
+        //connectorAttributes.add(new ConnectorAttribute<String>("keyAlias", "", "keyAlias",
String.class, true));
+        connectorAttributes.add(new ConnectorAttribute<String>("secureProtocol", "",
"This should normally be set to TLS, though some (IBM) JVMs don't work properly with popular
browsers unless it is changed to SSL.", String.class));
+        connectorAttributes.add(new ConnectorAttribute<String>("algorithm", "Default",
"This should normally be set to match the JVM vendor.", String.class));
         CONNECTOR_ATTRIBUTES.put(HTTPS_BIO, connectorAttributes);
 
         connectorAttributes = new ArrayList<ConnectorAttribute>();

Modified: geronimo/server/trunk/modules/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/connector/AbstractHttp11ConnectorGBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/connector/AbstractHttp11ConnectorGBean.java?view=diff&rev=561661&r1=561660&r2=561661
==============================================================================
--- geronimo/server/trunk/modules/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/connector/AbstractHttp11ConnectorGBean.java
(original)
+++ geronimo/server/trunk/modules/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/connector/AbstractHttp11ConnectorGBean.java
Tue Jul 31 22:09:47 2007
@@ -87,6 +87,14 @@
         return (String) connector.getAttribute("truststoreType");
     }
 
+    public String getTruststorePass() {
+        return (String) connector.getAttribute("truststorePass");
+    }
+    
+    public String getKeystorePass() {
+        return (String) connector.getAttribute("keystorePass");
+    }
+    
     public void setAlgorithm(String algorithm) {
         this.algorithm = algorithm;
         if ("default".equalsIgnoreCase(algorithm)) {

Modified: geronimo/server/trunk/modules/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/connector/Http11Protocol.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/connector/Http11Protocol.java?view=diff&rev=561661&r1=561660&r2=561661
==============================================================================
--- geronimo/server/trunk/modules/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/connector/Http11Protocol.java
(original)
+++ geronimo/server/trunk/modules/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/connector/Http11Protocol.java
Tue Jul 31 22:09:47 2007
@@ -27,6 +27,7 @@
     public void setClientAuth(boolean clientAuth);
     public String getKeystoreFile();
     public void setKeystoreFile(String keystoreFile);
+    public String getKeystorePass();
     public void setKeystorePass(String keystorePass);
     public String getKeystoreType();
     public void setKeystoreType(String keystoreType);
@@ -38,6 +39,7 @@
     public void setKeyAlias(String keyAlias);
     public String getTruststoreFile();
     public void setTruststoreFile(String truststoreFile);
+    public String getTruststorePass();
     public void setTruststorePass(String truststorePass);
     public String getTruststoreType();
     public void setTruststoreType(String truststoreType);



Mime
View raw message