geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vamsic...@apache.org
Subject svn commit: r615625 - in /geronimo/server/trunk: framework/configs/server-security-config/src/main/plan/ framework/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/ framework/modules/geronimo-security/src/main/java/org/...
Date Sun, 27 Jan 2008 18:13:02 GMT
Author: vamsic007
Date: Sun Jan 27 10:12:55 2008
New Revision: 615625

URL: http://svn.apache.org/viewvc?rev=615625&view=rev
Log:
GERONIMO-3757 KeyStore type can't be changed
 o Allow creation of all possible keystore types supported.  Keystore type is no longer restricted
to JKS.
 o Added a type parameter to create keystore methods.
 o Keystores portlet will now allow creating and managing all types of keystores.
 o This revision will simplify the configuration changes required to run G on a JVM that does
not support JKS keystores (for e.g., Harmony).

Added:
    geronimo/server/trunk/framework/modules/geronimo-util/src/main/java/org/apache/geronimo/util/KeystoreUtil.java
  (with props)
Modified:
    geronimo/server/trunk/framework/configs/server-security-config/src/main/plan/plan.xml
    geronimo/server/trunk/framework/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java
    geronimo/server/trunk/framework/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreManager.java
    geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
    geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreManager.java
    geronimo/server/trunk/plugins/client/client-security/src/main/plan/plan.xml
    geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/ca/BaseCAHandler.java
    geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/ca/ConfirmCAHandler.java
    geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/keystores/BaseKeystoreHandler.java
    geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java
    geronimo/server/trunk/plugins/console/console-base-portlets/src/main/resources/consolebase.properties
    geronimo/server/trunk/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/keystore/createKeystore.jsp
    geronimo/server/trunk/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/keystore/index.jsp
    geronimo/server/trunk/plugins/tomcat/tomcat6/pom.xml
    geronimo/server/trunk/plugins/tomcat/tomcat6/src/main/plan/plan.xml

Modified: geronimo/server/trunk/framework/configs/server-security-config/src/main/plan/plan.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/configs/server-security-config/src/main/plan/plan.xml?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/framework/configs/server-security-config/src/main/plan/plan.xml
(original)
+++ geronimo/server/trunk/framework/configs/server-security-config/src/main/plan/plan.xml
Sun Jan 27 10:12:55 2008
@@ -54,6 +54,7 @@
         <attribute name="keystoreName">geronimo-default</attribute>
         <attribute name="keystorePath">var/security/keystores/geronimo-default</attribute>
         <attribute name="keystorePassword">secret</attribute>
+        <attribute name="keystoreType">JKS</attribute>
         <attribute name="keyPasswords">geronimo=secret</attribute>
         <reference name="ServerInfo"><name>ServerInfo</name></reference>
     </gbean>

Modified: geronimo/server/trunk/framework/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java
(original)
+++ geronimo/server/trunk/framework/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreInstance.java
Sun Jan 27 10:12:55 2008
@@ -34,6 +34,11 @@
     public String getKeystoreName();
 
     /**
+     * Returns the type of the keystore.
+     */
+    public String getKeystoreType();
+    
+    /**
      * Saves a password to access the keystore as a whole.  This means that any
      * other server component can use this keystore to create a socket factory.
      * However, the relevant private key in the keystore must also be unlocked.

Modified: geronimo/server/trunk/framework/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreManager.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreManager.java?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreManager.java
(original)
+++ geronimo/server/trunk/framework/modules/geronimo-management/src/main/java/org/apache/geronimo/management/geronimo/KeystoreManager.java
Sun Jan 27 10:12:55 2008
@@ -115,8 +115,9 @@
      *
      * @param name The name of the keystore to create
      * @param password The password to use to protect the new keystore
+     * @param type The keystore type
      */
-    public KeystoreInstance createKeystore(String name, char[] password) throws KeystoreException;
+    public KeystoreInstance createKeystore(String name, char[] password, String type) throws
KeystoreException;
 
     /**
      * Gets the aliases for any keystores that are available to be used as

Modified: geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
(original)
+++ geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreInstance.java
Sun Jan 27 10:12:55 2008
@@ -97,6 +97,7 @@
     private ServerInfo serverInfo; // used to decode relative path
     private File keystoreFile; // Only valid after startup
     private String keystoreName;
+    private String keystoreType;
     private char[] keystorePassword; // Used to "unlock" the keystore for other services
     private Map<String, char[]> keyPasswords = new HashMap<String, char[]>();
     private Kernel kernel;
@@ -108,10 +109,11 @@
     private KeyStore keystore;
     private long keystoreReadDate = Long.MIN_VALUE;
 
-    public FileKeystoreInstance(ServerInfo serverInfo, URI keystorePath, String keystoreName,
String keystorePassword, String keyPasswords, Kernel kernel, AbstractName abstractName) {
+    public FileKeystoreInstance(ServerInfo serverInfo, URI keystorePath, String keystoreName,
String keystorePassword, String keystoreType, String keyPasswords, Kernel kernel, AbstractName
abstractName) {
         this.serverInfo = serverInfo;
         this.keystorePath = keystorePath;
         this.keystoreName = keystoreName;
+        this.keystoreType = keystoreType;
         this.kernel = kernel;
         this.abstractName = abstractName;
         this.keystorePassword = keystorePassword == null ? null : keystorePassword.toCharArray();
@@ -145,12 +147,13 @@
         infoFactory.addAttribute("keystorePath", URI.class, true, false);
         infoFactory.addAttribute("keystoreName", String.class, true, false);
         infoFactory.addAttribute("keystorePassword", String.class, true, true);
+        infoFactory.addAttribute("keystoreType", String.class, true, false);
         infoFactory.addAttribute("keyPasswords", String.class, true, true);
         infoFactory.addAttribute("kernel", Kernel.class, false);
         infoFactory.addAttribute("abstractName", AbstractName.class, false);
         infoFactory.addReference("ServerInfo", ServerInfo.class, NameFactory.GERONIMO_SERVICE);
         infoFactory.addInterface(KeystoreInstance.class);
-        infoFactory.setConstructor(new String[]{"ServerInfo","keystorePath", "keystoreName",
"keystorePassword", "keyPasswords", "kernel", "abstractName"});
+        infoFactory.setConstructor(new String[]{"ServerInfo","keystorePath", "keystoreName",
"keystorePassword", "keystoreType", "keyPasswords", "kernel", "abstractName"});
 
         GBEAN_INFO = infoFactory.getBeanInfo();
     }
@@ -166,6 +169,10 @@
         return keystoreName;
     }
 
+    public String getKeystoreType() {
+        return keystoreType;
+    }
+
     public void unlockKeystore(char[] password) throws KeystoreException {
         if (password == null) {
             throw new NullPointerException("password is null");
@@ -632,7 +639,7 @@
         InputStream in = null;
         try {
             // Make sure the keystore is loadable using the provided password before resetting
the instance variables.
-            KeyStore tempKeystore = KeyStore.getInstance(JKS);
+            KeyStore tempKeystore = KeyStore.getInstance(keystoreType);
             in = new BufferedInputStream(new FileInputStream(keystoreFile));
             long readDate = System.currentTimeMillis();
             tempKeystore.load(in, password);

Modified: geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreManager.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreManager.java?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreManager.java
(original)
+++ geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/keystore/FileKeystoreManager.java
Sun Jan 27 10:12:55 2008
@@ -64,6 +64,7 @@
 import org.apache.geronimo.management.geronimo.KeystoreIsLocked;
 import org.apache.geronimo.management.geronimo.KeystoreManager;
 import org.apache.geronimo.system.serverinfo.ServerInfo;
+import org.apache.geronimo.util.KeystoreUtil;
 import org.apache.geronimo.util.jce.X509Principal;
 import org.apache.geronimo.util.jce.X509V1CertificateGenerator;
 
@@ -127,7 +128,7 @@
         String[] names = listKeystoreFiles();
         KeystoreInstance[] result = new KeystoreInstance[names.length];
         for (int i = 0; i < result.length; i++) {
-            result[i] = getKeystore(names[i]);
+            result[i] = getKeystore(names[i], null);
             if(result[i] == null) {
                 return null;
             }
@@ -135,7 +136,7 @@
         return result;
     }
 
-    public KeystoreInstance getKeystore(String name) {
+    public KeystoreInstance getKeystore(String name, String type) {
         for (Iterator it = keystores.iterator(); it.hasNext();) {
             KeystoreInstance instance = (KeystoreInstance) it.next();
             if(instance.getKeystoreName().equals(name)) {
@@ -161,6 +162,16 @@
         }
         data.setReferencePattern("ServerInfo", kernel.getAbstractNameFor(serverInfo));
         data.setAttribute("keystoreName", name);
+        if(type == null) {
+            if(name.lastIndexOf(".") == -1) {
+                type = KeystoreUtil.defaultType;
+                log.warn("keystoreType for new keystore \""+name+"\" set to default type
\""+type+"\".");
+            } else {
+                type = name.substring(name.lastIndexOf(".")+1);
+                log.warn("keystoreType for new keystore \""+name+"\" set to \""+type+"\"
based on file extension.");
+            }
+        }
+        data.setAttribute("keystoreType", type);
         EditableConfigurationManager mgr = ConfigurationUtil.getEditableConfigurationManager(kernel);
         if(mgr != null) {
             try {
@@ -240,7 +251,7 @@
         // the keyStore is optional.
         KeystoreInstance keyInstance = null;
         if (keyStore != null) {
-            keyInstance = getKeystore(keyStore);
+            keyInstance = getKeystore(keyStore, null);
             if(keyInstance.isKeystoreLocked()) {
                 throw new KeystoreIsLocked("Keystore '"+keyStore+"' is locked; please use
the keystore page in the admin console to unlock it");
             }
@@ -248,7 +259,7 @@
                 throw new KeystoreIsLocked("Key '"+keyAlias+"' in keystore '"+keyStore+"'
is locked; please use the keystore page in the admin console to unlock it");
             }
         }
-        KeystoreInstance trustInstance = trustStore == null ? null : getKeystore(trustStore);
+        KeystoreInstance trustInstance = trustStore == null ? null : getKeystore(trustStore,
null);
         if(trustInstance != null && trustInstance.isKeystoreLocked()) {
             throw new KeystoreIsLocked("Keystore '"+trustStore+"' is locked; please use the
keystore page in the admin console to unlock it");
         }
@@ -327,14 +338,14 @@
      *                     unlocked.
      */
     public SSLContext createSSLContext(String provider, String protocol, String algorithm,
String keyStore, String keyAlias, String trustStore, ClassLoader loader) throws KeystoreException
{
-        KeystoreInstance keyInstance = getKeystore(keyStore);
+        KeystoreInstance keyInstance = getKeystore(keyStore, null);
         if(keyInstance.isKeystoreLocked()) {
             throw new KeystoreIsLocked("Keystore '"+keyStore+"' is locked; please use the
keystore page in the admin console to unlock it");
         }
         if(keyInstance.isKeyLocked(keyAlias)) {
             throw new KeystoreIsLocked("Key '"+keyAlias+"' in keystore '"+keyStore+"' is
locked; please use the keystore page in the admin console to unlock it");
         }
-        KeystoreInstance trustInstance = trustStore == null ? null : getKeystore(trustStore);
+        KeystoreInstance trustInstance = trustStore == null ? null : getKeystore(trustStore,
null);
         if(trustInstance != null && trustInstance.isKeystoreLocked()) {
             throw new KeystoreIsLocked("Keystore '"+trustStore+"' is locked; please use the
keystore page in the admin console to unlock it");
         }
@@ -355,19 +366,19 @@
         }
     }
 
-    public KeystoreInstance createKeystore(String name, char[] password) throws KeystoreException
{
+    public KeystoreInstance createKeystore(String name, char[] password, String keystoreType)
throws KeystoreException {
         File test = new File(directory, name);
         if(test.exists()) {
             throw new IllegalArgumentException("Keystore already exists "+test.getAbsolutePath()+"!");
         }
         try {
-            KeyStore keystore = KeyStore.getInstance(FileKeystoreInstance.JKS);
+            KeyStore keystore = KeyStore.getInstance(keystoreType);
             keystore.load(null, password);
             OutputStream out = new BufferedOutputStream(new FileOutputStream(test));
             keystore.store(out, password);
             out.flush();
             out.close();
-            return getKeystore(name);
+            return getKeystore(name, keystoreType);
         } catch (KeyStoreException e) {
             throw new KeystoreException("Unable to create keystore", e);
         } catch (IOException e) {

Added: geronimo/server/trunk/framework/modules/geronimo-util/src/main/java/org/apache/geronimo/util/KeystoreUtil.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-util/src/main/java/org/apache/geronimo/util/KeystoreUtil.java?rev=615625&view=auto
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-util/src/main/java/org/apache/geronimo/util/KeystoreUtil.java
(added)
+++ geronimo/server/trunk/framework/modules/geronimo-util/src/main/java/org/apache/geronimo/util/KeystoreUtil.java
Sun Jan 27 10:12:55 2008
@@ -0,0 +1,118 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.util;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.Provider;
+import java.security.Security;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateFactory;
+import java.util.Collections;
+import java.util.Set;
+import java.util.TreeSet;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class KeystoreUtil {
+    /**
+     * All KeyStore types available.
+     */
+    public static final Set<String> keystoreTypes;
+    /**
+     * The keystore types which allow an empty keystore saved to disk.
+     */
+    public static final Set<String> emptyKeystoreTypes;
+    /**
+     * The keystore types which allow certificate entries.
+     */
+    public static final Set<String> certKeystoreTypes;
+    /**
+     * The default keystore type.
+     */
+    public static final String defaultType;
+
+    static {
+        TreeSet<String> tempKeystoreTypes = new TreeSet<String>();
+        TreeSet<String> tempEmptyKeystoreTypes = new TreeSet<String>();
+        TreeSet<String> tempCertKeystoreTypes = new TreeSet<String>();
+        String tempDefaultType = null;
+        Provider[] providers = Security.getProviders();
+        char[] password = "emptypassword".toCharArray();
+
+        // Certificate used to check if a keystore allows storing trusted
+        String sampleCertText = "-----BEGIN CERTIFICATE-----\n"
+            +"MIIBpzCCAVECBgEV+CystzANBgkqhkiG9w0BAQQFADBcMQswCQYDVQQDEwJNZTEQMA4GA1UECxMH\n"
+            +"TXkgVW5pdDEPMA0GA1UEChMGTXkgT3JnMRAwDgYDVQQHEwdNeSBDaXR5MQswCQYDVQQIEwJBUDEL\n"
+            +"MAkGA1UEBhMCSU4wHhcNMDcxMDMxMjIyNjU4WhcNMTcxMDI4MjIyNjU4WjBcMQswCQYDVQQDEwJN\n"
+            +"ZTEQMA4GA1UECxMHTXkgVW5pdDEPMA0GA1UEChMGTXkgT3JnMRAwDgYDVQQHEwdNeSBDaXR5MQsw\n"
+            +"CQYDVQQIEwJBUDELMAkGA1UEBhMCSU4wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAlN7IscUYq5U9\n"
+            +"d1TYVJaj5RQJLg39Gz9R9hB0hhOULSHOxeE0utTJvgBQcf+f39FgbGIdriJniyoubtCXGfSpxwID\n"
+            +"AQABMA0GCSqGSIb3DQEBBAUAA0EACQN6ScbxzAjrrQ3Ciy8I7/qsgpQo4Nuhfo5cAU4rvcKnujs6\n"
+            +"uGHAJrHMF/ROGl6kPZvFeoGXk5qjyKs8Kx5MJA==\n"
+            +"-----END CERTIFICATE-----";
+        Certificate sampleCert = null;
+
+        try {
+            CertificateFactory certFac = CertificateFactory.getInstance("X.509");
+            sampleCert = certFac.generateCertificate(new ByteArrayInputStream(sampleCertText.getBytes()));
+        } catch (Throwable ignored) {
+        }
+        for(Provider provider: providers) {
+            for(Provider.Service service: provider.getServices()) {
+                if(service.getType().equals("KeyStore")) {
+                    String type = service.getAlgorithm();
+                    tempKeystoreTypes.add(type);
+                    if(type.equalsIgnoreCase(KeyStore.getDefaultType())) {
+                        tempDefaultType = type;
+                    }
+
+                    ByteArrayOutputStream baos = null;
+                    KeyStore ks = null;
+                    try {
+                        ks = KeyStore.getInstance(type);
+                        ks.load(null);
+                        baos = new ByteArrayOutputStream();
+                        // Check if an empty keystore can be saved.
+                        ks.store(baos, password);
+                        tempEmptyKeystoreTypes.add(type);
+                    } catch(Throwable ignored) {
+                    } finally {
+                        if(baos != null) {
+                            try {baos.close();} catch(IOException ignored){}
+                        }
+                    }
+
+                    try {
+                        // Check if the keystore allows storing of certificate entries.
+                        ks.setCertificateEntry("samplecert", sampleCert);
+                        tempCertKeystoreTypes.add(type);
+                    } catch(Throwable ignored) {
+                    }
+                }
+            }
+        }
+        
+        keystoreTypes = Collections.unmodifiableSortedSet(tempKeystoreTypes);
+        emptyKeystoreTypes = Collections.unmodifiableSortedSet(tempEmptyKeystoreTypes);
+        certKeystoreTypes = Collections.unmodifiableSortedSet(tempCertKeystoreTypes);
+        defaultType = tempDefaultType;
+    }
+}

Propchange: geronimo/server/trunk/framework/modules/geronimo-util/src/main/java/org/apache/geronimo/util/KeystoreUtil.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/framework/modules/geronimo-util/src/main/java/org/apache/geronimo/util/KeystoreUtil.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/framework/modules/geronimo-util/src/main/java/org/apache/geronimo/util/KeystoreUtil.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: geronimo/server/trunk/plugins/client/client-security/src/main/plan/plan.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/client/client-security/src/main/plan/plan.xml?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/client/client-security/src/main/plan/plan.xml (original)
+++ geronimo/server/trunk/plugins/client/client-security/src/main/plan/plan.xml Sun Jan 27
10:12:55 2008
@@ -83,6 +83,7 @@
         <attribute name="keystoreName">geronimo-default</attribute>
         <attribute name="keystorePath">var/security/keystores/geronimo-default</attribute>
         <attribute name="keystorePassword">secret</attribute>
+        <attribute name="keystoreType">JKS</attribute>
         <attribute name="keyPasswords">geronimo=secret</attribute>
         <reference name="ServerInfo"><name>ServerInfo</name></reference>
     </gbean>

Modified: geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/ca/BaseCAHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/ca/BaseCAHandler.java?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/ca/BaseCAHandler.java
(original)
+++ geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/ca/BaseCAHandler.java
Sun Jan 27 10:12:55 2008
@@ -99,8 +99,8 @@
      * @param password Password for newly created Keystore
      * @throws KeystoreException 
      */
-    protected KeystoreInstance createCAKeystoreInstance(PortletRequest request, String password)
throws KeystoreException {
-        return PortletManager.getCurrentServer(request).getKeystoreManager().createKeystore(defaultCAKeystore,
password.toCharArray());
+    protected KeystoreInstance createCAKeystoreInstance(PortletRequest request, String password,
String type) throws KeystoreException {
+        return PortletManager.getCurrentServer(request).getKeystoreManager().createKeystore(defaultCAKeystore,
password.toCharArray(), type);
     }
     
     /**

Modified: geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/ca/ConfirmCAHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/ca/ConfirmCAHandler.java?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/ca/ConfirmCAHandler.java
(original)
+++ geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/ca/ConfirmCAHandler.java
Sun Jan 27 10:12:55 2008
@@ -47,6 +47,7 @@
 import org.apache.geronimo.security.ca.FileCertificateStore;
 import org.apache.geronimo.security.ca.GeronimoCertificationAuthority;
 import org.apache.geronimo.system.serverinfo.ServerInfo;
+import org.apache.geronimo.util.KeystoreUtil;
 
 /**
  * Handler for the CA confirmation screen.
@@ -100,7 +101,7 @@
                 throw new Exception("Key Algorithm '"+keyAlgorithm+"' is not supported.");
             }
             // Create a KeystoreInstance and generate keypair
-            KeystoreInstance caKeystore = createCAKeystoreInstance(request, password);
+            KeystoreInstance caKeystore = createCAKeystoreInstance(request, password, KeystoreUtil.defaultType);
             caKeystore.unlockKeystore(password.toCharArray());
             caKeystore.generateKeyPair(alias, password.toCharArray(), password.toCharArray(),
keyAlgorithm, Integer.parseInt(keySize),
                     algorithm, 365, caCN, caOU, caO, caL, caST, caC);

Modified: geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/keystores/BaseKeystoreHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/keystores/BaseKeystoreHandler.java?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/keystores/BaseKeystoreHandler.java
(original)
+++ geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/keystores/BaseKeystoreHandler.java
Sun Jan 27 10:12:55 2008
@@ -94,6 +94,10 @@
             return instance.getKeystoreName();
         }
         
+        public String getType() {
+            return instance.getKeystoreType();
+        }
+
         public KeystoreInstance getInstance() {
             return instance;
         }

Modified: geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java
(original)
+++ geronimo/server/trunk/plugins/console/console-base-portlets/src/main/java/org/apache/geronimo/console/keystores/CreateKeystoreHandler.java
Sun Jan 27 10:12:55 2008
@@ -27,9 +27,10 @@
 import org.apache.geronimo.console.util.PortletManager;
 import org.apache.geronimo.management.geronimo.KeystoreException;
 import org.apache.geronimo.management.geronimo.KeystoreInstance;
+import org.apache.geronimo.util.KeystoreUtil;
 
 /**
- * Handler for entering a password to unlock a keystore
+ * Handler for creating a keystore
  *
  * @version $Rev$ $Date$
  */
@@ -46,11 +47,14 @@
         if(request.getParameter("filename") != null) {
             request.setAttribute("filename", request.getParameter("filename"));
         }
+        request.setAttribute("keystoreTypes", KeystoreUtil.emptyKeystoreTypes);
+        request.setAttribute("defaultType", KeystoreUtil.defaultType);
     }
 
     public String actionAfterView(ActionRequest request, ActionResponse response, MultiPageModel
model) throws PortletException, IOException {
         String filename = request.getParameter("filename");
         String password = request.getParameter("password");
+        String type = request.getParameter("type");
         if(filename == null || filename.equals("")) {
             return getMode();
         } else if(password == null) {
@@ -58,7 +62,7 @@
             return getMode();
         }
         try {
-            KeystoreInstance instance = PortletManager.getCurrentServer(request).getKeystoreManager().createKeystore(filename,
password.toCharArray());
+            KeystoreInstance instance = PortletManager.getCurrentServer(request).getKeystoreManager().createKeystore(filename,
password.toCharArray(), type);
             PortletSession session = request.getPortletSession(true);
             KeystoreData data = new KeystoreData();
             data.setInstance(instance);

Modified: geronimo/server/trunk/plugins/console/console-base-portlets/src/main/resources/consolebase.properties
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/console/console-base-portlets/src/main/resources/consolebase.properties?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/console/console-base-portlets/src/main/resources/consolebase.properties
(original)
+++ geronimo/server/trunk/plugins/console/console-base-portlets/src/main/resources/consolebase.properties
Sun Jan 27 10:12:55 2008
@@ -269,6 +269,7 @@
 keystore.createKeystore.createKeystore         = Create Keystore
 keystore.createKeystore.keystoreFileName       = Keystore file name
 keystore.createKeystore.passwordForKeystore    = Password for new keystore
+keystore.createKeystore.type                   = Keystore Type
 keystore.generateCSR.PKCS10CertificatioRequest = PKCS10 Certification Request
 keystore.importCAReply.PKCS7CertificateReply   = PKCS7 Certificate Reply
 keystore.importCAReply.pasteHere               = \ ...paste pkcs7 encoded certificate reply
here...
@@ -283,6 +284,7 @@
 keystore.index.newKeystore                     = New Keystore
 keystore.index.noKeystores                     = There are no keystores defined
 keystore.index.title                           = This tool walks you through the process
of configuring keystores to use with SSL connectors (for the web container, etc.).
+keystore.index.type                            = Type
 keystore.index.unlocked                        = Unlocked
 keystore.unlockKey.title                       = The keystore has been unlocked.  However,
a private key within the keystore also needs to be unlocked in order for SSL to work properly.
 Please specify the password for the private key within the keystore.
 keystore.unlockKey.unlockPrivateKey            = Unlock Private Key

Modified: geronimo/server/trunk/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/keystore/createKeystore.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/keystore/createKeystore.jsp?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/keystore/createKeystore.jsp
(original)
+++ geronimo/server/trunk/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/keystore/createKeystore.jsp
Sun Jan 27 10:12:55 2008
@@ -60,6 +60,16 @@
                 <input type="password" name="confirm-password" size="20" maxlength="200"
/>
             </td>
         </tr>
+        <tr>
+            <th align="right"><fmt:message key="keystore.createKeystore.type"/>:</th>
+            <td>
+                <select name="type">
+                    <c:forEach var="keystoreType" items="${keystoreTypes}">
+                        <option <c:if test="${defaultType eq keystoreType}">selected</c:if>>${keystoreType}</option>
+                    </c:forEach>
+                </select>
+            </td>
+        </tr>
     </table>
     <input type="submit" value='<fmt:message key="keystore.createKeystore.createKeystore"/>'
onClick="return <portlet:namespace/>validateForm();"/>
 </form>

Modified: geronimo/server/trunk/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/keystore/index.jsp
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/keystore/index.jsp?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/keystore/index.jsp
(original)
+++ geronimo/server/trunk/plugins/console/console-base-portlets/src/main/webapp/WEB-INF/view/keystore/index.jsp
Sun Jan 27 10:12:55 2008
@@ -35,6 +35,7 @@
 <table width="100%">
   <tr>
     <td class="DarkBackground"><fmt:message key="keystore.index.keystoreFile"/></td>
+    <td class="DarkBackground" align="center"><fmt:message key="keystore.index.type"/></td>
     <td class="DarkBackground" align="center"><fmt:message key="keystore.index.contents"/></td>
     <td class="DarkBackground" align="center"><fmt:message key="keystore.index.editable"/></td>
     <td class="DarkBackground" align="center"><fmt:message key="keystore.index.available"/></td>
@@ -59,6 +60,9 @@
           <a href="<portlet:actionURL portletMode="view"><portlet:param name="mode"
value="viewKeystore-before" /><portlet:param name="id" value="${keystore.instance.keystoreName}"
/></portlet:actionURL>">${keystore.instance.keystoreName}</a>
         </c:otherwise>
       </c:choose>
+    </td>
+    <td class="${backgroundClass}">
+      ${keystore.type}
     </td>
     <td class="${backgroundClass}">
         <c:choose>

Modified: geronimo/server/trunk/plugins/tomcat/tomcat6/pom.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/tomcat6/pom.xml?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/tomcat6/pom.xml (original)
+++ geronimo/server/trunk/plugins/tomcat/tomcat6/pom.xml Sun Jan 27 10:12:55 2008
@@ -181,6 +181,7 @@
                                     <attribute name="sslProtocol">TLS</attribute>
                                     <attribute name="keystoreFile">var/security/keystores/geronimo-default</attribute>
                                     <attribute name="keystorePass">secret</attribute>
+                                    <attribute name="keystoreType">JKS</attribute>
                                 </gbean>
                             </config-xml-content>
                             <config-substitution key="HTTPPort">8080</config-substitution>

Modified: geronimo/server/trunk/plugins/tomcat/tomcat6/src/main/plan/plan.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/tomcat6/src/main/plan/plan.xml?rev=615625&r1=615624&r2=615625&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/tomcat6/src/main/plan/plan.xml (original)
+++ geronimo/server/trunk/plugins/tomcat/tomcat6/src/main/plan/plan.xml Sun Jan 27 10:12:55
2008
@@ -104,6 +104,7 @@
         <attribute name="sslProtocol">TLS</attribute>
         <attribute name="keystoreFile">var/security/keystores/geronimo-default</attribute>
         <attribute name="keystorePass">secret</attribute>
+        <attribute name="keystoreType">JKS</attribute>
         <reference name="TomcatContainer">
             <name>TomcatWebContainer</name>
         </reference>



Mime
View raw message