geos_one/CASA
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Updated the AtsConfigurator to allow an invoker to change the connector key in the Tomcat server.xml file to point to another keystore for SSL communications. This change will allow us to leverage the Certificates installed for other components under Windows.

Browse Source
This commit is contained in:
Juan Carlos Luciani 2007-04-20 19:29:14 +00:00
parent d0d47d13fc
commit c5281ab8d1
2 changed files with 232 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
CASA-auth-token/server-java/package/windows/AtsConfigurator/src/AtsConfigurator.java
View File

@ -49,7 +49,10 @@ public final class AtsConfigurator
" HOSTNAME - Name of the host.\n" + " HOSTNAME - Name of the host.\n" +
" IAREALMS_FILE_PATH - Path to the iaRealms file to be used by the service.\n" + " IAREALMS_FILE_PATH - Path to the iaRealms file to be used by the service.\n" +
" The following properties are optional:\n" + " The following properties are optional:\n" +
" TOMCAT5 - Location of the tomcat5 executable.\n"; " TOMCAT5 - Location of the tomcat5 executable.\n" +
" KEYSTORE_PATH - Location of keystore that should be used by connector.\n" +
" KEYSTORE_PASS - Password for keystore specified via KEYSTORE_PATH.\n" +
" KEYSTORE_ALG - Algorithm (SunX509 or IbmX509) for keystore specified via KEYSTORE_PATH.\n";
// Error codes // Error codes
final static int ERROR_NO_ERROR = 0; final static int ERROR_NO_ERROR = 0;
@ -76,6 +79,8 @@ public final class AtsConfigurator
final static int ERROR_JOS_CLOSE_FAILED = -25; final static int ERROR_JOS_CLOSE_FAILED = -25;
final static int ERROR_FOS_CLOSE_FAILED = -26; final static int ERROR_FOS_CLOSE_FAILED = -26;
final static int ERROR_JFTEMPLATE_CLOSE_FAILED = -27; final static int ERROR_JFTEMPLATE_CLOSE_FAILED = -27;
final static int ERROR_MISSING_KEYSTORE_PROPERTY = -28;
final static int ERROR_INVALID_TOMCAT_SERVER_XML_FORMAT = -29;
// Required properties // Required properties
final static String INSTALL_DIR_PROPERTY = "ATS_INSTALL_DIR"; final static String INSTALL_DIR_PROPERTY = "ATS_INSTALL_DIR";
@ -84,7 +89,12 @@ public final class AtsConfigurator
final static String JAVA_HOME_PROPERTY = "ATS_JAVA_HOME"; final static String JAVA_HOME_PROPERTY = "ATS_JAVA_HOME";
final static String HOSTNAME_PROPERTY = "HOSTNAME"; final static String HOSTNAME_PROPERTY = "HOSTNAME";
final static String IAREALMS_FILE_PROPERTY = "IAREALMS_FILE_PATH"; final static String IAREALMS_FILE_PROPERTY = "IAREALMS_FILE_PATH";
// Optional properties
final static String TOMCAT5_PROPERTY = "TOMCAT5"; final static String TOMCAT5_PROPERTY = "TOMCAT5";
final static String KEYSTORE_PATH_PROPERTY = "KEYSTORE_PATH";
final static String KEYSTORE_PASS_PROPERTY = "KEYSTORE_PASS";
final static String KEYSTORE_ALG_PROPERTY = "KEYSTORE_ALG";
final static String[] m_requiredProperties = { final static String[] m_requiredProperties = {
INSTALL_DIR_PROPERTY, INSTALL_DIR_PROPERTY,
@ -383,6 +393,12 @@ public final class AtsConfigurator
case ERROR_EXCEPTION: case ERROR_EXCEPTION:
rcMessage = "Exception"; rcMessage = "Exception";
break; break;
case ERROR_MISSING_KEYSTORE_PROPERTY:
rcMessage = "Missing Keystore related property";
break;
case ERROR_INVALID_TOMCAT_SERVER_XML_FORMAT:
rcMessage = "Invalid tomcat server.xml format";
break;
default: default:
rcMessage = "Unknown error"; rcMessage = "Unknown error";
break; break;

219
CASA-auth-token/server-java/package/windows/AtsConfigurator/src/Configure.java
View File

@ -23,12 +23,21 @@
* *
***********************************************************************/ ***********************************************************************/
import com.sun.org.apache.xerces.internal.parsers.DOMParser;
import com.sun.org.apache.xml.internal.serialize.OutputFormat;
import com.sun.org.apache.xml.internal.serialize.XMLSerializer;
import java.io.*; import java.io.*;
import java.util.*; import java.util.*;
import java.util.zip.ZipEntry; import java.util.zip.ZipEntry;
import java.util.zip.ZipOutputStream; import java.util.zip.ZipOutputStream;
import java.util.zip.ZipFile; import java.util.zip.ZipFile;
import org.xml.sax.InputSource;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NamedNodeMap;
/** /**
* Configure Class. * Configure Class.
* <p> * <p>
@ -79,6 +88,9 @@ public class Configure
{ {
// Setup the relocatable files // Setup the relocatable files
if (AtsConfigurator.ERROR_NO_ERROR == (m_rc = setupRelocatableFiles())) if (AtsConfigurator.ERROR_NO_ERROR == (m_rc = setupRelocatableFiles()))
{
// Update the tomcat server.xml
if (AtsConfigurator.ERROR_NO_ERROR == (m_rc = updateTomcatServerXML()))
{ {
// Setup the War file // Setup the War file
if (AtsConfigurator.ERROR_NO_ERROR == (m_rc = createWarFileFromTemplate())) if (AtsConfigurator.ERROR_NO_ERROR == (m_rc = createWarFileFromTemplate()))
@ -91,6 +103,7 @@ public class Configure
} }
} }
} }
}
catch (Exception e) catch (Exception e)
{ {
m_rc = AtsConfigurator.ERROR_EXCEPTION; m_rc = AtsConfigurator.ERROR_EXCEPTION;
@ -144,7 +157,7 @@ public class Configure
AtsConfigurator.log("Configure.keyStoreAlreadyExists()- Start, relPath = " + keyStoreRelPath); AtsConfigurator.log("Configure.keyStoreAlreadyExists()- Start, relPath = " + keyStoreRelPath);
File fileKeystore = new File(((String) m_properties.get(AtsConfigurator.INSTALL_DIR_PROPERTY)) + keyStoreRelPath); File fileKeystore = new File(m_properties.get(AtsConfigurator.INSTALL_DIR_PROPERTY) + keyStoreRelPath);
File fileParent = fileKeystore.getParentFile(); File fileParent = fileKeystore.getParentFile();
String[] rgChildren = fileParent.list(); String[] rgChildren = fileParent.list();
if (null != rgChildren) if (null != rgChildren)
@ -189,7 +202,7 @@ public class Configure
commandArray[4] = "-keypass"; commandArray[5] = "secret"; commandArray[4] = "-keypass"; commandArray[5] = "secret";
commandArray[6] = "-keystore"; commandArray[7] = installDir + SERVER_KEY_STORE_RELATIVE_PATH; commandArray[6] = "-keystore"; commandArray[7] = installDir + SERVER_KEY_STORE_RELATIVE_PATH;
commandArray[8] = "-storepass"; commandArray[9] = "secret"; commandArray[8] = "-storepass"; commandArray[9] = "secret";
commandArray[10] = "-dname"; commandArray[11] = "cn=casaatsd@" + (String) m_properties.get("COMPUTERNAME"); commandArray[10] = "-dname"; commandArray[11] = "cn=casaatsd@" + m_properties.get("COMPUTERNAME");
commandArray[12] = "-validity"; commandArray[13] = "3600"; commandArray[12] = "-validity"; commandArray[13] = "3600";
// Create the signing key // Create the signing key
@ -216,7 +229,7 @@ public class Configure
commandArray[4] = "-keypass"; commandArray[5] = "secret"; commandArray[4] = "-keypass"; commandArray[5] = "secret";
commandArray[6] = "-keystore"; commandArray[7] = installDir + SERVER_KEY_STORE_RELATIVE_PATH; commandArray[6] = "-keystore"; commandArray[7] = installDir + SERVER_KEY_STORE_RELATIVE_PATH;
commandArray[8] = "-storepass"; commandArray[9] = "secret"; commandArray[8] = "-storepass"; commandArray[9] = "secret";
commandArray[10] = "-dname"; commandArray[11] = "cn=" + (String) m_properties.get("COMPUTERNAME"); commandArray[10] = "-dname"; commandArray[11] = "cn=" + m_properties.get("COMPUTERNAME");
commandArray[12] = "-keyalg"; commandArray[13] = "RSA"; commandArray[12] = "-keyalg"; commandArray[13] = "RSA";
// Create a key for Tomcat to do SSL communications // Create a key for Tomcat to do SSL communications
@ -424,6 +437,197 @@ public class Configure
return rc; return rc;
} }
/**
* Find first child node with matching node name.
*
* @param parentNode Parent node.
* @param nodeName Name of node.
* @return Child node found or null.
*/
public static Node findChildNode(Node parentNode, String nodeName)
{
Node retNode = null;
Node childNode;
Node nextNode = parentNode.getFirstChild();
while ((childNode = nextNode) != null)
{
// Set next before we change anything
nextNode = childNode.getNextSibling();
// Handle child by node type
if (childNode.getNodeType() == Node.ELEMENT_NODE)
{
// Check if this is the element node wanted
if (childNode.getNodeName().equalsIgnoreCase(nodeName))
{
// Found the node
retNode = childNode;
break;
}
}
}
return retNode;
}
/**
* Update the Setup all of the needed relocatable files.
*
* @return Return code.
*/
int updateTomcatServerXML()
{
int rc = AtsConfigurator.ERROR_NO_ERROR;
AtsConfigurator.log("Configure.updateTomcatServerXML()- Start");
// Check if a keystore path property was specified
String keystorePath = (String) m_properties.get(AtsConfigurator.KEYSTORE_PATH_PROPERTY);
if (keystorePath != null)
{
AtsConfigurator.log("Need to update server.xml");
// The keystore path property was specified. The keystore pass and keystore algorithms
// should also be specified.
String keystorePass = (String) m_properties.get(AtsConfigurator.KEYSTORE_PASS_PROPERTY);
String keystoreAlg = (String) m_properties.get(AtsConfigurator.KEYSTORE_ALG_PROPERTY);
if (keystorePass != null && keystoreAlg != null)
{
// We have all of the information necessary to update the connector in the server.xml
// file, proceed.
FileInputStream inStream = null;
FileOutputStream outStream = null;
try
{
String installDir = (String) m_properties.get(AtsConfigurator.INSTALL_DIR_PROPERTY);
File serverXmlFile = new File(installDir + "\\catalinabase\\conf\\server.xml");
inStream = new FileInputStream(serverXmlFile);
// Pull the server.xml file into a DOM
DOMParser parser = new DOMParser();
parser.parse(new InputSource(inStream));
Document doc = parser.getDocument();
Node docElement = doc.getDocumentElement();
if (docElement != null)
{
Node serviceElement = findChildNode(docElement, "service");
if (serviceElement != null)
{
Node connectorElement = findChildNode(serviceElement, "connector");
if (connectorElement != null)
{
NamedNodeMap connectorAttributesMap = connectorElement.getAttributes();
if (connectorAttributesMap != null)
{
int attributeSetFailures = 0;
Node keystoreFileAttributeNode = connectorAttributesMap.getNamedItem("keystoreFile");
if (keystoreFileAttributeNode != null)
{
keystoreFileAttributeNode.setNodeValue(keystorePath);
}
else
{
AtsConfigurator.log("keystoreFile attribute not configured for connector");
attributeSetFailures ++;
rc = AtsConfigurator.ERROR_INVALID_TOMCAT_SERVER_XML_FORMAT;
}
Node keystorePassAttributeNode = connectorAttributesMap.getNamedItem("keystorePass");
if (keystorePassAttributeNode != null)
{
keystorePassAttributeNode.setNodeValue(keystorePass);
}
else
{
AtsConfigurator.log("keystorePass attribute not configured for connector");
attributeSetFailures ++;
rc = AtsConfigurator.ERROR_INVALID_TOMCAT_SERVER_XML_FORMAT;
}
Node algorithmAttributeNode = connectorAttributesMap.getNamedItem("algorithm");
if (algorithmAttributeNode != null)
{
algorithmAttributeNode.setNodeValue(keystoreAlg);
}
else
{
AtsConfigurator.log("algorithm attribute not configured for connector");
attributeSetFailures ++;
rc = AtsConfigurator.ERROR_INVALID_TOMCAT_SERVER_XML_FORMAT;
}
if (attributeSetFailures == 0)
{
outStream = new FileOutputStream(serverXmlFile);
OutputFormat format = new OutputFormat(doc);
XMLSerializer serializer = new XMLSerializer(outStream, format);
serializer.serialize(doc.getDocumentElement());
}
}
else
{
AtsConfigurator.log("Failed to obtain connector attributes map");
rc = AtsConfigurator.ERROR_INVALID_TOMCAT_SERVER_XML_FORMAT;
}
}
else
{
AtsConfigurator.log("Failed to obtain connector node");
rc = AtsConfigurator.ERROR_INVALID_TOMCAT_SERVER_XML_FORMAT;
}
}
else
{
AtsConfigurator.log("Failed to obtain service node");
rc = AtsConfigurator.ERROR_INVALID_TOMCAT_SERVER_XML_FORMAT;
}
}
else
{
AtsConfigurator.log("Failed to obtain document element");
rc = AtsConfigurator.ERROR_INVALID_TOMCAT_SERVER_XML_FORMAT;
}
}
catch (Exception e)
{
AtsConfigurator.log("Exception: " + e.getMessage());
rc = AtsConfigurator.ERROR_EXCEPTION;
}
finally
{
try
{
// Close input stream if necessary
if (inStream != null)
inStream.close();
// Flush and close output stream if necessary
if (outStream != null)
{
outStream.flush();
outStream.close();
}
}
catch (Exception e)
{
// Do nothing
}
}
}
else
{
AtsConfigurator.log("Not all keystore related properties specified");
rc = AtsConfigurator.ERROR_MISSING_KEYSTORE_PROPERTY;
}
}
AtsConfigurator.log("Configure.updateTomcatServerXML()- End, rc= ", rc);
return rc;
}
/** /**
* Move files from Jar to Jar. * Move files from Jar to Jar.
* *
@ -448,7 +652,6 @@ public class Configure
if (jeLoop.getName().equalsIgnoreCase("WEB-INF/classes/casa_crypto.properties")) if (jeLoop.getName().equalsIgnoreCase("WEB-INF/classes/casa_crypto.properties"))
{ {
AtsConfigurator.log("skipping: " + "WEB-INF/classes/casa_crypto.properties"); AtsConfigurator.log("skipping: " + "WEB-INF/classes/casa_crypto.properties");
continue;
} }
// Move the rest of the files over // Move the rest of the files over
@ -540,8 +743,8 @@ public class Configure
*/ */
int createWarFileFromTemplate() int createWarFileFromTemplate()
{ {
String sWarTemplate = ((String) m_properties.get(AtsConfigurator.INSTALL_DIR_PROPERTY)) + "\\etc\\svc\\templates\\CasaAuthTokenSvc.war"; String sWarTemplate = m_properties.get(AtsConfigurator.INSTALL_DIR_PROPERTY) + "\\etc\\svc\\templates\\CasaAuthTokenSvc.war";
String sWarNew = ((String) m_properties.get(AtsConfigurator.INSTALL_DIR_PROPERTY)) + "\\catalinabase\\webapps\\CasaAuthTokenSvc.war"; String sWarNew = m_properties.get(AtsConfigurator.INSTALL_DIR_PROPERTY) + "\\catalinabase\\webapps\\CasaAuthTokenSvc.war";
File fileWarTemplate = new File(sWarTemplate); File fileWarTemplate = new File(sWarTemplate);
File fileWarNew = new File(sWarNew); File fileWarNew = new File(sWarNew);
FileOutputStream fosWarNew = null; FileOutputStream fosWarNew = null;
@ -612,7 +815,7 @@ public class Configure
{ {
int i; int i;
String [] rgsFilesToAdd = new String[1]; String [] rgsFilesToAdd = new String[1];
rgsFilesToAdd[0] = ((String) m_properties.get(AtsConfigurator.INSTALL_DIR_PROPERTY)) + "\\etc\\svc\\casa_crypto.properties"; rgsFilesToAdd[0] = m_properties.get(AtsConfigurator.INSTALL_DIR_PROPERTY) + "\\etc\\svc\\casa_crypto.properties";
String [] rgsNames = new String[1]; String [] rgsNames = new String[1];
rgsNames[0] = "WEB-INF/classes/casa_crypto.properties"; rgsNames[0] = "WEB-INF/classes/casa_crypto.properties";
for (i = 0; i < rgsFilesToAdd.length; i++) for (i = 0; i < rgsFilesToAdd.length; i++)
@ -690,7 +893,7 @@ public class Configure
// Determine the path to the Tomcat5 executable // Determine the path to the Tomcat5 executable
String sExe = (String) m_properties.get(AtsConfigurator.TOMCAT5_PROPERTY); String sExe = (String) m_properties.get(AtsConfigurator.TOMCAT5_PROPERTY);
if (sExe == null) if (sExe == null)
sExe = ((String) m_properties.get(AtsConfigurator.TOMCAT_HOME_PROPERTY)) + "\\bin\\tomcat5.exe"; sExe = m_properties.get(AtsConfigurator.TOMCAT_HOME_PROPERTY) + "\\bin\\tomcat5.exe";
/* /*
* Note that in the following code we do not bother to check the return of the invokeExternalCommand * Note that in the following code we do not bother to check the return of the invokeExternalCommand