AIRAVATA-2371 Initialize trust store for IamAdminServices
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/f19cc0cd Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/f19cc0cd Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/f19cc0cd Branch: refs/heads/registry-refactoring Commit: f19cc0cd9adf587d67c4245cf27dd1535c6d5332 Parents: d71c2aa Author: Marcus Christie <[email protected]> Authored: Mon May 22 15:28:28 2017 -0400 Committer: Marcus Christie <[email protected]> Committed: Mon May 22 15:28:28 2017 -0400 ---------------------------------------------------------------------- .../profile/handlers/IamAdminServicesHandler.java | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/f19cc0cd/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java ---------------------------------------------------------------------- diff --git a/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java b/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java index e2abbbe..26fa1ed 100644 --- a/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java +++ b/airavata-services/profile-service/profile-service-server/src/main/java/org/apache/airavata/service/profile/handlers/IamAdminServicesHandler.java @@ -21,15 +21,17 @@ package org.apache.airavata.service.profile.handlers; +import org.apache.airavata.common.utils.ServerSettings; import org.apache.airavata.model.credential.store.PasswordCredential; import org.apache.airavata.model.error.AuthorizationException; import org.apache.airavata.model.security.AuthzToken; import org.apache.airavata.model.user.UserProfile; import org.apache.airavata.model.workspace.Gateway; +import org.apache.airavata.security.util.TrustStoreManager; import org.apache.airavata.service.profile.iam.admin.services.core.impl.TenantManagementKeycloakImpl; import org.apache.airavata.service.profile.iam.admin.services.cpi.IamAdminServices; -import org.apache.airavata.service.profile.iam.admin.services.cpi.iam_admin_services_cpiConstants; import org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException; +import org.apache.airavata.service.profile.iam.admin.services.cpi.iam_admin_services_cpiConstants; import org.apache.airavata.service.security.interceptor.SecurityCheck; import org.apache.thrift.TException; import org.slf4j.Logger; @@ -41,6 +43,17 @@ public class IamAdminServicesHandler implements IamAdminServices.Iface { private final static Logger logger = LoggerFactory.getLogger(IamAdminServicesHandler.class); + public IamAdminServicesHandler() { + + try { + //initialize SSL context with the trust store that contains the CA cert signing the Keycloak server cert + TrustStoreManager trustStoreManager = new TrustStoreManager(); + trustStoreManager.initializeTrustStoreManager(ServerSettings.getTrustStorePath(), + ServerSettings.getTrustStorePassword()); + } catch (Exception e) { + throw new RuntimeException(e.getMessage(), e); + } + } @Override public String getAPIVersion(AuthzToken authzToken) throws IamAdminServicesException, AuthorizationException {
