Repository: cxf-fediz Updated Branches: refs/heads/master bec9f5862 -> 680cb0d74
FEDIZ-170 - Load keystore/truststore resources in the container plugins Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/680cb0d7 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/680cb0d7 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/680cb0d7 Branch: refs/heads/master Commit: 680cb0d74d7301da5f38b131cac27c7db30f7b89 Parents: bec9f58 Author: Colm O hEigeartaigh <[email protected]> Authored: Fri Jul 15 10:57:10 2016 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Fri Jul 15 10:57:10 2016 +0100 ---------------------------------------------------------------------- .../cxf/fediz/core/config/FedizContext.java | 19 +++++++++++++++---- .../core/federation/RequestedClaimsTest.java | 2 +- 2 files changed, 16 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/680cb0d7/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java ---------------------------------------------------------------------- diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java index 3ec3c99..d9ff3de 100644 --- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java +++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FedizContext.java @@ -23,6 +23,7 @@ import java.io.Closeable; import java.io.File; import java.io.IOException; import java.math.BigInteger; +import java.net.URL; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; import java.util.ArrayList; @@ -286,11 +287,16 @@ public class FedizContext implements Closeable { private Properties createCryptoProperties(TrustManagersType tm) { String trustStoreFile = null; - String trustStorePw = null; KeyStoreType ks = tm.getKeyStore(); + String trustStorePw = ks.getPassword(); if (ks.getFile() != null && !ks.getFile().isEmpty()) { trustStoreFile = ks.getFile(); - trustStorePw = ks.getPassword(); + } else if (ks.getResource() != null && !ks.getResource().isEmpty()) { + URL resource = Loader.getResource(ks.getResource()); + if (resource != null) { + // WSS4J will re-load the resource anyway + trustStoreFile = ks.getResource(); + } } else { throw new IllegalStateException("No certificate store configured"); } @@ -318,12 +324,17 @@ public class FedizContext implements Closeable { private Properties createCryptoProperties(KeyManagersType km) { String keyStoreFile = null; - String keyStorePw = null; String keyType = "jks"; KeyStoreType ks = km.getKeyStore(); + String keyStorePw = ks.getPassword(); if (ks.getFile() != null && !ks.getFile().isEmpty()) { keyStoreFile = ks.getFile(); - keyStorePw = ks.getPassword(); + } else if (ks.getResource() != null && !ks.getResource().isEmpty()) { + URL resource = Loader.getResource(ks.getResource()); + if (resource != null) { + // WSS4J will re-load the resource anyway + keyStoreFile = ks.getResource(); + } } else { throw new IllegalStateException("No certificate store configured"); } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/680cb0d7/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/RequestedClaimsTest.java ---------------------------------------------------------------------- diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/RequestedClaimsTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/RequestedClaimsTest.java index 79c836c..2a2ba45 100644 --- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/RequestedClaimsTest.java +++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/RequestedClaimsTest.java @@ -137,7 +137,7 @@ public class RequestedClaimsTest { KeyStoreType ks0 = new KeyStoreType(); ks0.setType("JKS"); ks0.setPassword("storepass"); - ks0.setFile("ststrust.jks"); + ks0.setResource("ststrust.jks"); tm0.setKeyStore(ks0); certStores.getTrustManager().add(tm0);
