ofbiz-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject svn commit: r527755 - in /ofbiz/trunk/framework: shark/webapp/shark/WEB-INF/controller.xml webapp/src/org/ofbiz/webapp/control/RequestHandler.java webapp/src/org/ofbiz/webapp/control/RequestManager.java webtools/webapp/webtools/WEB-INF/controller.xml
Date Thu, 12 Apr 2007 03:12:57 GMT
Author: jaz
Date: Wed Apr 11 20:12:56 2007
New Revision: 527755

URL: http://svn.apache.org/viewvc?view=rev&rev=527755
Log:
fixed bug in x509 code where the ofbiz default trust store failed to load (bad protocol)

Modified:
    ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
    ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java
    ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml

Modified: ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml?view=diff&rev=527755&r1=527754&r2=527755
==============================================================================
--- ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml (original)
+++ ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml Wed Apr 11 20:12:56 2007
@@ -38,7 +38,7 @@
         
     <preprocessor>
     	<!-- Events to run on every request before security (chains exempt) -->
-    	<!-- <event type="java" path="org.ofbiz.webapp.event.TestEvent" invoke="test"/>
-->
+    	<event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="check509CertLogin"/>
     	<event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="checkExternalLoginKey"/>
     </preprocessor>
     <postprocessor>

Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java?view=diff&rev=527755&r1=527754&r2=527755
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java Wed Apr
11 20:12:56 2007
@@ -141,6 +141,9 @@
                 if (clientCerts == null) {
                     clientCerts = (X509Certificate[]) request.getAttribute("javax.net.ssl.peer_certificates");
// 2.1 spec
                 }
+                if (clientCerts == null) {
+                    Debug.logWarning("Received no client certificates from browser", module);
+                }
 
                 // check if the client has a valid certificate (in our db store)
                 String keyStorePass = requestManager.get509CertKeyStorePass(requestUri);
@@ -150,9 +153,6 @@
                 if (clientCerts == null) {
                     throw new RequestHandlerException("Unknown request [" + requestUri +
"]; this request does not exist or cannot be called directly.");
                 } else {
-                    // key the trust store info
-
-
                     // load the trust store
                     KeyStore keyStore;
                     try {
@@ -181,12 +181,10 @@
                             throw new RequestHandlerException("Unable to read certificate
from keystore", e);
                         }
 
-                        for (int i = 0; i < clientCerts.length; i++) {
-                            if (!foundValidCert && trustedCert.equals(clientCerts[i]))
{
-                                byte[] publicKey = clientCerts[i].getPublicKey().getEncoded();
-                                session.setAttribute(LoginWorker.X509_CERT_ATTR, StringUtil.toHexString(publicKey));
-                                //Debug.log("Cert Hex: " + session.getAttribute(LoginWorker.X509_CERT_ATTR));
+                        for (int ci = 0; ci < clientCerts.length; ci++) {            
               
+                            if (!foundValidCert && trustedCert.equals(clientCerts[ci]))
{
                                 foundValidCert = true;
+                                break;
                             }
                         }
                     }

Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java?view=diff&rev=527755&r1=527754&r2=527755
==============================================================================
--- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java (original)
+++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java Wed Apr
11 20:12:56 2007
@@ -316,7 +316,7 @@
     }
 
     public URL get509CertKeyStore(String uriStr) {
-        String defaultTrustStore = KeyStoreUtil.getTrustStoreFileName();
+        String defaultTrustStore = "file://" + KeyStoreUtil.getTrustStoreFileName();
         Map uri = getRequestMapMap(uriStr);
 
         if (uri != null) {
@@ -353,7 +353,7 @@
 
         if (uri != null) {
             String value = (String) uri.get(ConfigXMLReader.SECURITY_KEYSTORE);
-            if (value.indexOf(";") > -1) {            
+            if (value != null && value.indexOf(";") > -1) {            
                 return value.substring(value.indexOf(";") + 1);
             }
         }

Modified: ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml?view=diff&rev=527755&r1=527754&r2=527755
==============================================================================
--- ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml (original)
+++ ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml Wed Apr 11 20:12:56
2007
@@ -41,6 +41,7 @@
     <preprocessor>
         <!-- Events to run on every request before security (chains exempt) -->
         <!-- <event type="java" path="org.ofbiz.webapp.event.TestEvent" invoke="test"/>
-->
+        <event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="check509CertLogin"/>
         <event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="checkExternalLoginKey"/>
     </preprocessor>
     <postprocessor>



Mime
View raw message