geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From xuhaih...@apache.org
Subject svn commit: r1172511 - in /geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat: TomcatServerConfigManager.java TomcatServerGBean.java model/ConnectorType.java
Date Mon, 19 Sep 2011 08:31:31 GMT
Author: xuhaihong
Date: Mon Sep 19 08:31:31 2011
New Revision: 1172511

URL: http://svn.apache.org/viewvc?rev=1172511&view=rev
Log:
GERONIMO-5432 Encrypt password values in server.xml (Based on the patch from Xiao Yi)

Modified:
    geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatServerConfigManager.java
    geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatServerGBean.java
    geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/model/ConnectorType.java

Modified: geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatServerConfigManager.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatServerConfigManager.java?rev=1172511&r1=1172510&r2=1172511&view=diff
==============================================================================
--- geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatServerConfigManager.java
(original)
+++ geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatServerConfigManager.java
Mon Sep 19 08:31:31 2011
@@ -30,10 +30,12 @@ import javax.xml.transform.TransformerFa
 import javax.xml.transform.dom.DOMSource;
 import javax.xml.transform.stream.StreamResult;
 
+import org.apache.geronimo.crypto.EncryptionManager;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
+import org.w3c.dom.NamedNodeMap;
 import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 
@@ -72,7 +74,7 @@ public class TomcatServerConfigManager {
      * @param name
      *          the name of connector to be removed.
      */
-    public void removeConnector(String name) {
+    public synchronized void removeConnector(String name) {
 
         Element connector = this.findTargetConnector(name);
         if (null != connector) {
@@ -90,7 +92,7 @@ public class TomcatServerConfigManager {
      * @param serviceName
      *                      the name attribute of <Service> that the connector resides
in.
      */
-    public void updateConnector(Map<String, String> attributesToUpdate, String uniqueConnectorName,
String serviceName) {
+    public synchronized void updateConnector(Map<String, String> attributesToUpdate,
String uniqueConnectorName, String serviceName) {
 
         Element connector = this.findTargetConnector(uniqueConnectorName);
 
@@ -133,7 +135,29 @@ public class TomcatServerConfigManager {
 
     }
     
-
+    public synchronized void encryptPasswords() {
+        boolean persisteRequired = false;
+        NodeList connectors = server_xml_dom_doc.getElementsByTagName("Connector");
+        for (int i = 0; i < connectors.getLength(); i++) {
+            Element connector = (Element) (connectors.item(i));
+            NamedNodeMap attributeMap = connector.getAttributes();
+            for (int j = 0; j < attributeMap.getLength(); j++) {
+                Node attribute = attributeMap.item(j);
+                String nodeValue = attribute.getNodeValue();
+                if (attribute.getNodeName().equals("keystorePass")) {
+                    String encryptedNodeValue = EncryptionManager.encrypt(nodeValue);
+                    if (nodeValue.equals(encryptedNodeValue)) {
+                        continue;
+                    }
+                    persisteRequired = true;
+                    attribute.setNodeValue(encryptedNodeValue);
+                }
+            }
+        }
+        if (persisteRequired) {
+            persistServerConfig();
+        }
+    }
 
     private Element findTargetConnector(String name) {
 

Modified: geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatServerGBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatServerGBean.java?rev=1172511&r1=1172510&r2=1172511&view=diff
==============================================================================
--- geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatServerGBean.java
(original)
+++ geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatServerGBean.java
Mon Sep 19 08:31:31 2011
@@ -112,14 +112,24 @@ public class TomcatServerGBean implement
         if (serverConfig == null) {
             File serverConfigFile = serverInfo.resolveServer(serverConfigLocation);
             this.tomcatServerConfigManager = new TomcatServerConfigManager(serverConfigFile);
-            Reader in = new FileReader(serverConfigFile);
-            StringBuilder b = new StringBuilder();
-            char[] buf = new char[1024];
-            int i;
-            while ((i = in.read(buf)) > 0) {
-                b.append(buf, 0, i);
+            Reader in = null;
+            try {
+                in = new FileReader(serverConfigFile);
+                StringBuilder b = new StringBuilder();
+                char[] buf = new char[1024];
+                int i;
+                while ((i = in.read(buf)) > 0) {
+                    b.append(buf, 0, i);
+                }
+                serverConfig = b.toString();
+            } finally {
+                if (in != null) {
+                    try {
+                        in.close();
+                    } catch (Exception e) {
+                    }
+                }
             }
-            serverConfig = b.toString();
         }
 
         if (attributeStore != null) {
@@ -150,6 +160,9 @@ public class TomcatServerGBean implement
 
     public void doStop() throws Exception {
         ((Lifecycle)server).stop();
+        if(tomcatServerConfigManager != null) {
+            tomcatServerConfigManager.encryptPasswords();
+        }
     }
 
     public void doFail() {

Modified: geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/model/ConnectorType.java
URL: http://svn.apache.org/viewvc/geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/model/ConnectorType.java?rev=1172511&r1=1172510&r2=1172511&view=diff
==============================================================================
--- geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/model/ConnectorType.java
(original)
+++ geronimo/server/branches/2.2/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/model/ConnectorType.java
Mon Sep 19 08:31:31 2011
@@ -18,27 +18,28 @@
 
 package org.apache.geronimo.tomcat.model;
 
+import java.util.ArrayList;
 import java.util.HashMap;
-import java.util.Map;
 import java.util.List;
-import java.util.ArrayList;
+import java.util.Map;
 
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlAnyAttribute;
 import javax.xml.bind.annotation.XmlAttribute;
-import javax.xml.bind.annotation.XmlType;
 import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlType;
 import javax.xml.namespace.QName;
 
-import org.apache.catalina.connector.Connector;
+import org.apache.catalina.Executor;
 import org.apache.catalina.LifecycleListener;
 import org.apache.catalina.Service;
-import org.apache.catalina.Executor;
+import org.apache.catalina.connector.Connector;
+import org.apache.geronimo.crypto.EncryptionManager;
 import org.apache.geronimo.tomcat.TomcatServerGBean;
+import org.apache.tomcat.util.IntrospectionUtils;
 import org.apache.xbean.recipe.ObjectRecipe;
 import org.apache.xbean.recipe.Option;
-import org.apache.tomcat.util.IntrospectionUtils;
 
 
 /**
@@ -606,10 +607,11 @@ public class ConnectorType {
         boolean executorSupported = !connector.getProtocolHandlerClassName().equals("org.apache.jk.server.JkCoyoteHandler");
         for (Map.Entry<QName, String> entry : otherAttributes.entrySet()) {
             String name = entry.getKey().getLocalPart();
+            String value = entry.getValue();
             if (executorSupported && "executor".equals(name)) {
                 Executor executor = service.getExecutor(entry.getValue());
                 if (executor == null) {
-                    throw new IllegalArgumentException("No executor found in service with
name: " + entry.getValue());
+                    throw new IllegalArgumentException("No executor found in service with
name: " + value);
                 }
                 IntrospectionUtils.callMethod1(connector.getProtocolHandler(),
                         "setExecutor",
@@ -618,11 +620,13 @@ public class ConnectorType {
                         cl);
 
             } else if("name".equals(name)){
-                
-                TomcatServerGBean.ConnectorName.put(connector, entry.getValue());
-                
+                //name attribute is held by Geronimo to identify the connector, it is not
required by Tomcat
+                TomcatServerGBean.ConnectorName.put(connector, value);                
             } else{
-                connector.setProperty(name, entry.getValue());
+                if ("keystorePass".equals(name)) {
+                    value = (String) EncryptionManager.decrypt(name);
+                }
+                connector.setProperty(name, value);
             }
         }
 



Mime
View raw message