http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/DefaultMasterPasswordProvider.java ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/DefaultMasterPasswordProvider.java b/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/DefaultMasterPasswordProvider.java deleted file mode 100644 index 9b72188..0000000 --- a/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/DefaultMasterPasswordProvider.java +++ /dev/null @@ -1,51 +0,0 @@ -package net.sf.taverna.t2.security.credentialmanager.impl; - -import static net.sf.taverna.t2.security.credentialmanager.CredentialManager.USER_SET_MASTER_PASSWORD_INDICATOR_FILE_NAME; - -import java.io.File; - -import net.sf.taverna.t2.security.credentialmanager.MasterPasswordProvider; -import uk.org.taverna.configuration.app.ApplicationConfiguration; - -//import org.apache.log4j.Logger; - -public class DefaultMasterPasswordProvider implements MasterPasswordProvider { - /** - * Default master password for Credential Manager - used by default and - * ignored if user sets their own - */ - private final String DEFAULT_MASTER_PASSWORD = "taverna"; - private ApplicationConfiguration appConfig; - - @Override - public int getProviderPriority() { - // Higher priority then the UI provider so this one will be tried first - return 101; - } - - /** - * Sets the applicationConfiguration. - * - * @param applicationConfiguration - * the new value of applicationConfiguration - */ - public void setApplicationConfiguration( - ApplicationConfiguration applicationConfiguration) { - appConfig = applicationConfiguration; - } - - @Override - public String getMasterPassword(boolean firstTime) { - File cmDir = DistinguishedNameParserImpl.getTheCredentialManagerDefaultDirectory(appConfig); - File flagFile = new File(cmDir, - USER_SET_MASTER_PASSWORD_INDICATOR_FILE_NAME); - if (flagFile.exists()) - return null; - return DEFAULT_MASTER_PASSWORD; - } - - @Override - public void setMasterPassword(String password) { - // We always ignore this; we're never changing our password - } -}
http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/DistinguishedNameParserImpl.java ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/DistinguishedNameParserImpl.java b/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/DistinguishedNameParserImpl.java deleted file mode 100644 index 5fdd8ca..0000000 --- a/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/DistinguishedNameParserImpl.java +++ /dev/null @@ -1,177 +0,0 @@ -/******************************************************************************* - * Copyright (C) 2014 The University of Manchester - * - * Modifications to the initial code base are copyright of their - * respective authors, or their employers as appropriate. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 - ******************************************************************************/ -package net.sf.taverna.t2.security.credentialmanager.impl; - -import java.io.ByteArrayInputStream; -import java.io.File; -import java.math.BigInteger; -import java.net.URI; -import java.net.URISyntaxException; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; - -import net.sf.taverna.t2.security.credentialmanager.CMException; -import net.sf.taverna.t2.security.credentialmanager.DistinguishedNameParser; - -import org.apache.log4j.Logger; - -import uk.org.taverna.configuration.app.ApplicationConfiguration; - -/** - * Utility methods for Credential Manager and security-related stuff. - * - * @author Alex Nenadic - * @author Stian Soiland-Reyes - * @author Christian Brenninkmeijer - */ -public class DistinguishedNameParserImpl implements DistinguishedNameParser{ - private static Logger logger = Logger.getLogger(DistinguishedNameParserImpl.class); - - public DistinguishedNameParserImpl(){ - } - - /** - * Get the configuration directory where the security stuff will be/is saved - * to. - */ - public static File getTheCredentialManagerDefaultDirectory( - ApplicationConfiguration applicationConfiguration) { - File home = applicationConfiguration.getApplicationHomeDir(); - File secConfigDirectory = new File(home, "security"); - if (!secConfigDirectory.exists()) - secConfigDirectory.mkdir(); - return secConfigDirectory; - } - - @Override - public final File getCredentialManagerDefaultDirectory( - ApplicationConfiguration applicationConfiguration) { - return getTheCredentialManagerDefaultDirectory(applicationConfiguration); - } - - static URI resolveUriFragment(URI uri, String realm) - throws URISyntaxException { - /* - * Little hack to encode the fragment correctly - why does not - * java.net.URI expose this quoting or have setFragment()? - */ - URI fragment = new URI("http", "localhost", "/", realm); - fragment = fragment.resolve(fragment.getPath()).relativize(fragment); - return uri.resolve(fragment); - } - - @Override - public final URI setFragmentForURI(URI uri, String fragment) - throws URISyntaxException { - return new URI(uri.getScheme(), uri.getUserInfo(), uri.getHost(), - uri.getPort(), uri.getPath(), uri.getQuery(), fragment); - } - - @Override - public final URI setUserInfoForURI(URI uri, String userinfo) - throws URISyntaxException { - return new URI(uri.getScheme(), userinfo, uri.getHost(), uri.getPort(), - uri.getPath(), uri.getQuery(), uri.getFragment()); - } - - @Override - public final X509Certificate convertCertificate(Certificate cert) - throws CMException { - try { - // Get the factory for X509 certificates - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - // Get the encoded (binary) form of the certificate. - // For an X509 certificate the encoding will be DER. - ByteArrayInputStream bais = new ByteArrayInputStream( - cert.getEncoded()); - // Create the X509 certificate object from the stream - return (X509Certificate) cf.generateCertificate(bais); - } catch (CertificateException ex) { - throw new CMException( - "Failed to convert the certificate object into X.509 certificate.", - ex); - } - } - - /** - * Get the message digest of the given byte array as a string of hexadecimal - * characters in the form XX:XX:XX... using the given digest algorithm. - */ - public String getMessageDigestAsFormattedString(byte[] messageBytes, - String digestAlgorithm) { - - MessageDigest messageDigest; - byte[] digestBytes; - try { - messageDigest = MessageDigest.getInstance(digestAlgorithm); - digestBytes = messageDigest.digest(messageBytes); - } catch (NoSuchAlgorithmException ex) { - logger.error("Failed to create message digest.", ex); - return ""; - } - - // Create the integer value from the digest bytes - BigInteger number = new BigInteger(1, digestBytes); - // Convert the integer from decimal to hexadecimal representation - String hexValueString = number.toString(16).toUpperCase(); - - StringBuffer strBuff = new StringBuffer(hexValueString); - // If the hex number contains odd number of characters - - // insert a padding "0" at the front of the string - if ((strBuff.length() % 2) != 0) - strBuff.insert(0, '0'); - - // Insert colons after every two hex characters - start form the end of - // the hex string - if (strBuff.length() > 2) - for (int i = 2; i < strBuff.length(); i += 3) - strBuff.insert(i, ':'); - - return strBuff.toString(); - } - - - private String emailAddress; // not from RFC 2253, yet some certificates - // contain this field - - private String CN; - private String L; - private String ST; - private String C; - private String O; - private String OU; - - /** - * Parses a DN string and fills in fields with DN parts. Heavily based on - * uk.ac.omii.security.utils.DNParser class from omii-security-utils - * library. - * - * http://maven.omii.ac.uk/maven2/repository/omii/omii-security-utils/ - */ - public ParsedDistinguishedNameImpl parseDN(String DNstr) { - return new ParsedDistinguishedNameImpl(DNstr); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/ParsedDistinguishedNameImpl.java ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/ParsedDistinguishedNameImpl.java b/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/ParsedDistinguishedNameImpl.java deleted file mode 100644 index c049d49..0000000 --- a/taverna-credential-manager-impl/src/main/java/net/sf/taverna/t2/security/credentialmanager/impl/ParsedDistinguishedNameImpl.java +++ /dev/null @@ -1,265 +0,0 @@ -/******************************************************************************* - * Copyright (C) 2014 The University of Manchester - * - * Modifications to the initial code base are copyright of their - * respective authors, or their employers as appropriate. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 - ******************************************************************************/ -package net.sf.taverna.t2.security.credentialmanager.impl; - -import java.net.URI; -import java.util.ArrayList; -import net.sf.taverna.t2.security.credentialmanager.ParsedDistinguishedName; -import org.apache.log4j.Logger; - -/** - * Parses a Distinguished Name and stores the parts for retreival. - * - * @author Alex Nenadic - * @author Stian Soiland-Reyes - * @author Christian Brenninkmeijer - */ -public class ParsedDistinguishedNameImpl implements ParsedDistinguishedName{ - private static final Logger logger = Logger.getLogger(ParsedDistinguishedNameImpl.class); - - private String emailAddress; // not from RFC 2253, yet some certificates - // contain this field - private String CN; - private String L; - private String ST; - private String C; - private String O; - private String OU; - - // /** - // * Gets the intended certificate uses, i.e. Netscape Certificate Type - // * extension (2.16.840.1.113730.1.1) as a string. - // */ - // // From openssl's documentation: "The [above] extension is non standard, - // Netscape - // // specific and largely obsolete. Their use in new applications is - // discouraged." - // // TODO replace with "basicConstraints, keyUsage and extended key usage - // extensions - // // which are now used instead." - // public static String getIntendedCertificateUses(byte[] value) { - // - // // Netscape Certificate Types (2.16.840.1.113730.1.1) denoting the - // // intended uses of a certificate - // int[] INTENDED_USES = new int[] { NetscapeCertType.sslClient, - // NetscapeCertType.sslServer, NetscapeCertType.smime, - // NetscapeCertType.objectSigning, NetscapeCertType.reserved, - // NetscapeCertType.sslCA, NetscapeCertType.smimeCA, - // NetscapeCertType.objectSigningCA, }; - // - // // Netscape Certificate Type strings (2.16.840.1.113730.1.1) - // HashMap<String, String> INTENDED_USES_STRINGS = new HashMap<String, - // String>(); - // INTENDED_USES_STRINGS.put("128", "SSL Client"); - // INTENDED_USES_STRINGS.put("64", "SSL Server"); - // INTENDED_USES_STRINGS.put("32", "S/MIME"); - // INTENDED_USES_STRINGS.put("16", "Object Signing"); - // INTENDED_USES_STRINGS.put("8", "Reserved"); - // INTENDED_USES_STRINGS.put("4", "SSL CA"); - // INTENDED_USES_STRINGS.put("2", "S/MIME CA"); - // INTENDED_USES_STRINGS.put("1", "Object Signing CA"); - // - // // Get DER octet string from extension value - // ASN1OctetString derOctetString = new DEROctetString(value); - // byte[] octets = derOctetString.getOctets(); - // // Get DER bit string - // DERBitString derBitString = new DERBitString(octets); - // int val = new NetscapeCertType(derBitString).intValue(); - // StringBuffer strBuff = new StringBuffer(); - // for (int i = 0, len = INTENDED_USES.length; i < len; i++) { - // int use = INTENDED_USES[i]; - // if ((val & use) == use) { - // strBuff.append(INTENDED_USES_STRINGS.get(String.valueOf(use)) - // + ", \n"); - // } - // } - // // remove the last ", \n" from the end of the buffer - // String str = strBuff.toString(); - // str = str.substring(0, str.length() - 3); - // return str; - // } - - // FROM RFC 2253: - // CN commonName - // L localityName - // ST stateOrProvinceName - // O organizationName - // OU organizationalUnitName - // C countryName - // STREET streetAddress - // DC domainComponent - // UID userid - - /** - * Parses a DN string and fills in fields with DN parts. Heavily based on - * uk.ac.omii.security.utils.DNParser class from omii-security-utils - * library. - * - * http://maven.omii.ac.uk/maven2/repository/omii/omii-security-utils/ - */ - public ParsedDistinguishedNameImpl(String DNstr) { - // /////////////////////////////////////////////////////////////////////////////////////////////////// - // Parse the DN String and put into variables. First, tokenise using a - // "," character as a delimiter - // UNLESS escaped with a "\" character. Put the tokens into an - // ArrayList. These should be name value pairs - // separated by "=". Tokenise these using a StringTokenizer class, test - // for the name, and if one of the - // recognised names, copy into the correct variable. The reason - // StringTokenizer is not used for the major - // token list is that the StringTokenizer class does not handle escaped - // delimiters so an escaped delimiter - // in the code would be treated as a valid one. - - int i = 0; - - char majorListDelimiter = ','; - char majorListEscapeChar = '\\'; - - // String minorListDelimiter = "="; - - String DNchars = DNstr; - - int startIndex = 0; - int endIndex = 0; - boolean ignoreThisChar = false; - - boolean inQuotes = false; - - ArrayList<String> majorTokenList = new ArrayList<String>(); - - for (i = 0; i < DNchars.length(); i++) { - if (ignoreThisChar == true) { - ignoreThisChar = false; - } else if ((inQuotes == false) && (DNchars.charAt(i) == '\"')) { - inQuotes = true; - } else if ((inQuotes == true) && (DNchars.charAt(i) == '\"')) { - inQuotes = false; - } else if (inQuotes == true) { - continue; - } else if (DNchars.charAt(i) == majorListEscapeChar) { - ignoreThisChar = true; - } else if ((DNchars.charAt(i) == majorListDelimiter) - && (ignoreThisChar == false)) { - endIndex = i; - majorTokenList.add(DNchars.substring(startIndex, endIndex)); - startIndex = i + 1; - } - } - - // Add last token - after the last delimiter - endIndex = DNchars.length(); - majorTokenList.add(DNchars.substring(startIndex, endIndex)); - - for (String currentToken : majorTokenList) { - currentToken = currentToken.trim(); - - // split on first equals only, as value can contain an equals char - String[] minorTokenList = currentToken.split("=", 2); - - if (minorTokenList.length == 2) { - // there had better be a key and a value only - String DNTokenName = minorTokenList[0].toUpperCase(); - String DNTokenValue = minorTokenList[1]; - - if (DNTokenName.equals("CN") - || DNTokenName.equals("COMMONNAME")) { - CN = DNTokenValue; - } else if (DNTokenName.equals("EMAIL") - || DNTokenName.equals("EMAILADDRESS")) { - emailAddress = DNTokenValue; - } else if (DNTokenName.equals("OU") - || DNTokenName.equals("ORGANIZATIONALUNITNAME")) { - OU = DNTokenValue; - } else if (DNTokenName.equals("O") - || DNTokenName.equals("ORGANIZATIONNAME")) { - O = DNTokenValue; - } else if (DNTokenName.equals("L") - || DNTokenName.equals("LOCALITYNAME")) { - L = DNTokenValue; - } else if (DNTokenName.equals("ST") - || DNTokenName.equals("STATEORPROVINCENAME")) { - ST = DNTokenValue; - } else if (DNTokenName.equals("C") - || DNTokenName.equals("COUNTRYNAME")) { - C = DNTokenValue; - } - } - // else we have a key with no value, so skip processing the key - } - - if (CN == null) - CN = "none"; - - if (emailAddress == null) - emailAddress = "none"; - - if (OU == null) - OU = "none"; - - if (O == null) - O = "none"; - - if (L == null) - L = "none"; - - if (ST == null) - ST = "none"; - - if (C == null) - C = "none"; - } - - @Override - public String getCN() { - return CN; - } - - @Override - public String getEmailAddress() { - return emailAddress; - } - - @Override - public String getOU() { - return OU; - } - - @Override - public String getO() { - return O; - } - - @Override - public String getL() { - return L; - } - - @Override - public String getST() { - return ST; - } - - @Override - public String getC() { - return C; - } -} http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/main/resources/META-INF/spring/credential-manager-impl-context-osgi.xml ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/main/resources/META-INF/spring/credential-manager-impl-context-osgi.xml b/taverna-credential-manager-impl/src/main/resources/META-INF/spring/credential-manager-impl-context-osgi.xml deleted file mode 100644 index 3c59bf6..0000000 --- a/taverna-credential-manager-impl/src/main/resources/META-INF/spring/credential-manager-impl-context-osgi.xml +++ /dev/null @@ -1,31 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<beans:beans xmlns="http://www.springframework.org/schema/osgi"; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:beans="http://www.springframework.org/schema/beans"; - xsi:schemaLocation="http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd - http://www.springframework.org/schema/osgi - http://www.springframework.org/schema/osgi/spring-osgi.xsd";> - - <service ref="credentialManager" - interface="net.sf.taverna.t2.security.credentialmanager.CredentialManager" /> - <service ref="defaultMasterPassword" - interface="net.sf.taverna.t2.security.credentialmanager.MasterPasswordProvider" /> - <service ref="distinguishedNameParser" - interface="net.sf.taverna.t2.security.credentialmanager.DistinguishedNameParser" /> - - <reference id="applicationConfiguration" - interface="uk.org.taverna.configuration.app.ApplicationConfiguration" /> - - <list id="masterPasswordProviders" - interface="net.sf.taverna.t2.security.credentialmanager.MasterPasswordProvider" - cardinality="0..N" comparator-ref="MasterPasswordProviderComparator" /> - <list id="javaTruststorePasswordProviders" - interface="net.sf.taverna.t2.security.credentialmanager.JavaTruststorePasswordProvider" - cardinality="0..N" /> - <list id="serviceUsernameAndPasswordProviders" - interface="net.sf.taverna.t2.security.credentialmanager.ServiceUsernameAndPasswordProvider" - cardinality="0..N" /> - <list id="trustConfirmationProviders" - interface="net.sf.taverna.t2.security.credentialmanager.TrustConfirmationProvider" - cardinality="0..N" /> -</beans:beans> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/main/resources/META-INF/spring/credential-manager-impl-context.xml ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/main/resources/META-INF/spring/credential-manager-impl-context.xml b/taverna-credential-manager-impl/src/main/resources/META-INF/spring/credential-manager-impl-context.xml deleted file mode 100644 index d1531e1..0000000 --- a/taverna-credential-manager-impl/src/main/resources/META-INF/spring/credential-manager-impl-context.xml +++ /dev/null @@ -1,25 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<beans xmlns="http://www.springframework.org/schema/beans"; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; - xsi:schemaLocation="http://www.springframework.org/schema/beans - http://www.springframework.org/schema/beans/spring-beans.xsd";> - - <bean id="credentialManager" init-method="installAuthenticator" - class="net.sf.taverna.t2.security.credentialmanager.impl.CredentialManagerImpl"> - <property name="masterPasswordProviders" ref="masterPasswordProviders" /> - <property name="javaTruststorePasswordProviders" ref="javaTruststorePasswordProviders" /> - <property name="serviceUsernameAndPasswordProviders" ref="serviceUsernameAndPasswordProviders" /> - <property name="trustConfirmationProviders" ref="trustConfirmationProviders" /> - <property name="applicationConfiguration" ref="applicationConfiguration" /> - </bean> - - <bean id="MasterPasswordProviderComparator" - class="net.sf.taverna.t2.security.credentialmanager.MasterPasswordProvider$ProviderComparator" /> - - <bean id="distinguishedNameParser" - class="net.sf.taverna.t2.security.credentialmanager.impl.DistinguishedNameParserImpl" /> - <bean id="defaultMasterPassword" - class="net.sf.taverna.t2.security.credentialmanager.impl.DefaultMasterPasswordProvider"> - <property name="applicationConfiguration" ref="applicationConfiguration" /> - </bean> -</beans> \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/main/resources/trusted-certificates/AddTrustExternalCARoot.crt ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/AddTrustExternalCARoot.crt b/taverna-credential-manager-impl/src/main/resources/trusted-certificates/AddTrustExternalCARoot.crt deleted file mode 100644 index 20585f1..0000000 --- a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/AddTrustExternalCARoot.crt +++ /dev/null @@ -1,25 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU -MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs -IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290 -MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux -FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h -bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v -dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt -H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9 -uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX -mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX -a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN -E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0 -WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD -VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0 -Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU -cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx -IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN -AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH -YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 -6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC -Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX -c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a -mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= ------END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/main/resources/trusted-certificates/TERENASSLCA.crt ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/TERENASSLCA.crt b/taverna-credential-manager-impl/src/main/resources/trusted-certificates/TERENASSLCA.crt deleted file mode 100644 index 1e70af9..0000000 --- a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/TERENASSLCA.crt +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEmDCCA4CgAwIBAgIQS8gUAy8H+mqk8Nop32F5ujANBgkqhkiG9w0BAQUFADCB -lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug -Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho -dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt -SGFyZHdhcmUwHhcNMDkwNTE4MDAwMDAwWhcNMjAwNTMwMTA0ODM4WjA2MQswCQYD -VQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENB -MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+NIxC9cwcupmf0booNd -ij2tOtDipEMfTQ7+NSUwpWkbxOjlwY9UfuFqoppcXN49/ALOlrhfj4NbzGBAkPjk -tjolnF8UUeyx56+eUKExVccCvaxSin81joL6hK0V/qJ/gxA6VVOULAEWdJRUYyij -8lspPZSIgCDiFFkhGbSkmOFg5vLrooCDQ+CtaPN5GYtoQ1E/iptBhQw1jF218bbl -p8ODtWsjb9Sl61DllPFKX+4nSxQSFSRMDc9ijbcAIa06Mg9YC18em9HfnY6pGTVQ -L0GprTvG4EWyUzl/Ib8iGodcNK5Sbwd9ogtOnyt5pn0T3fV/g3wvWl13eHiRoBS/ -fQIDAQABo4IBPjCCATowHwYDVR0jBBgwFoAUoXJfJhsomEOVXQc31YWWnUvSw0Uw -HQYDVR0OBBYEFAy9k2gM896ro0lrKzdXR+qQ47ntMA4GA1UdDwEB/wQEAwIBBjAS -BgNVHRMBAf8ECDAGAQH/AgEAMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAh0wRAYD -VR0fBD0wOzA5oDegNYYzaHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VUTi1VU0VS -Rmlyc3QtSGFyZHdhcmUuY3JsMHQGCCsGAQUFBwEBBGgwZjA9BggrBgEFBQcwAoYx -aHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VUTkFkZFRydXN0U2VydmVyX0NBLmNy -dDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG -9w0BAQUFAAOCAQEATiPuSJz2hYtxxApuc5NywDqOgIrZs8qy1AGcKM/yXA4hRJML -thoh45gBlA5nSYEevj0NTmDa76AxTpXv8916WoIgQ7ahY0OzUGlDYktWYrA0irkT -Q1mT7BR5iPNIk+idyfqHcgxrVqDDFY1opYcfcS3mWm08aXFABFXcoEOUIEU4eNe9 -itg5xt8Jt1qaqQO4KBB4zb8BG1oRPjj02Bs0ec8z0gH9rJjNbUcRkEy7uVvYcOfV -r7bMxIbmdcCeKbYrDyqlaQIN4+mitF3A884saoU4dmHGSYKrUbOCprlBmCiY+2v+ -ihb/MX5UR6g83EMmqZsFt57ANEORMNQywxFa4Q== ------END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/main/resources/trusted-certificates/UTNAddTrustServer_CA.crt ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/UTNAddTrustServer_CA.crt b/taverna-credential-manager-impl/src/main/resources/trusted-certificates/UTNAddTrustServer_CA.crt deleted file mode 100644 index 3642581..0000000 --- a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/UTNAddTrustServer_CA.crt +++ /dev/null @@ -1,25 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEPDCCAySgAwIBAgIQSEus8arH1xND0aJ0NUmXJTANBgkqhkiG9w0BAQUFADBv -MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk -ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF -eHRlcm5hbCBDQSBSb290MB4XDTA1MDYwNzA4MDkxMFoXDTIwMDUzMDEwNDgzOFow -gZcxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtl -IENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMY -aHR0cDovL3d3dy51c2VydHJ1c3QuY29tMR8wHQYDVQQDExZVVE4tVVNFUkZpcnN0 -LUhhcmR3YXJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsffDOD+0 -qH/POYJRZ9Btn9L/WPPnnyvsDYlUmbk4mRb34CF5SMK7YXQSlh08anLVPBBnOjnt -KxPNZuuVCTOkbJex6MbswXV5nEZejavQav25KlUXEFSzGfCa9vGxXbanbfvgcRdr -ooj7AN/+GjF3DJoBerEy4ysBBzhuw6VeI7xFm3tQwckwj9vlK3rTW/szQB6g1ZgX -vIuHw4nTXaCOsqqq9o5piAbF+okh8widaS4JM5spDUYPjMxJNLBpUb35Bs1orWZM -vD6sYb0KiA7I3z3ufARMnQpea5HW7sftKI2rTYeJc9BupNAeFosU4XZEA39jrOTN -SZzFkvSrMqFIWwIDAQABo4GqMIGnMB8GA1UdIwQYMBaAFK29mHo0tCb3+sQmVO8D -veAky1QaMB0GA1UdDgQWBBShcl8mGyiYQ5VdBzfVhZadS9LDRTAOBgNVHQ8BAf8E -BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8v -Y3JsLnVzZXJ0cnVzdC5jb20vQWRkVHJ1c3RFeHRlcm5hbENBUm9vdC5jcmwwDQYJ -KoZIhvcNAQEFBQADggEBADzse+Cuow6WbTDXhcbSaFtFWoKmNA+wyZIjXhFtCBGy -dAkjOjUlc1heyrl8KPpH7PmgA1hQtlPvjNs55Gfp2MooRtSn4PU4dfjny1y/HRE8 -akCbLURW0/f/BSgyDBXIZEWT6CEkjy3aeoR7T8/NsiV8dxDTlNEEkaglHAkiD31E -NREU768A/l7qX46w2ZJZuvwTlqAYAVbO2vYoC7Gv3VxPXLLzj1pxz+0YrWOIHY6V -9+qV5x+tkLiECEeFfyIvGh1IMNZMCNg3GWcyK+tc0LL8blefBDVekAB+EcfeEyrN -pG1FJseIVqDwavfY5/wnfmcI0L36tsNhAgFlubgvz1o= ------END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/main/resources/trusted-certificates/heater.cs.man.ac.uk-not-needed.pem ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/heater.cs.man.ac.uk-not-needed.pem b/taverna-credential-manager-impl/src/main/resources/trusted-certificates/heater.cs.man.ac.uk-not-needed.pem deleted file mode 100644 index e7e861f..0000000 --- a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/heater.cs.man.ac.uk-not-needed.pem +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEczCCA1ugAwIBAgIQPNDfg7NaMsjkGjowei7/JjANBgkqhkiG9w0BAQUFADA2 -MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg -U1NMIENBMB4XDTEzMDUyMjAwMDAwMFoXDTE2MDUyMTIzNTk1OVowQTEhMB8GA1UE -CxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRwwGgYDVQQDExNoZWF0ZXIuY3Mu -bWFuLmFjLnVrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2egVdh/d -PbrglnEp/BATt2UWk48tplWdt0aFcpvatItJZ4+CY0Rfd0TCIRKDp+PppbE1/PcE -pe77Zngiu1YYnOpAIoS3Mfgc/yxssEHJj/tAjY1d4/NFa8jwY/MIoSPZrNGtTEpf -IMn7OUNsEh1YyWYdDmvNaxQFdLVjO/QhFqtQedUJEg7YaD1/OacmQoWAZvOPkXeQ -lUHpieiFjGeJYI/RCqWE1tjU6E/4WtczOsXXA50kFJ/XykQVwto3e8ckKju6HI0g -FL1R/7wrhfSJ5rkiwmlPWZd5Keik/va/8JJKlWG3OzYaLb5qPTqgaKTTKbWvU/nX -cPeKaIZ0Sa7AYwIDAQABo4IBcDCCAWwwHwYDVR0jBBgwFoAUDL2TaAzz3qujSWsr -N1dH6pDjue0wHQYDVR0OBBYEFEKp10paTphB4PCL5kK5C/aVod4+MA4GA1UdDwEB -/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF -BQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgIdMAgGBmeBDAECATA6BgNVHR8E -MzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENB -LmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYBBQUHMAKGKWh0dHA6Ly9jcnQudGNz -LnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0MCYGCCsGAQUFBzABhhpodHRwOi8v -b2NzcC50Y3MudGVyZW5hLm9yZzAeBgNVHREEFzAVghNoZWF0ZXIuY3MubWFuLmFj -LnVrMA0GCSqGSIb3DQEBBQUAA4IBAQCIO7fl98dU24AfcCGyZDPA2zHi0coqAZbA -SZ31z5IPezLXpPkpN/msiYuUkIx5DjWjzv9w/sAQ952YUGz0z7AFDamMcyETlMb+ -trWedNHk0FghwoQTNW+WXxBa9My8K3IeO1FOt58lKVay9aqVZjiumt+P3LKocXfP -0cNAPNHR57j9MO+D0fWOCMfbfYk3jEuz1k6vMZomZi35tb61QQ/mYbva7EodBxRt -HrzOsWPG1jgt32zRibnCc1C6cBry5BkWQ1/9dpJ2LHM6JVVknoRGYng+L91OLfj8 -8PB6BTrehrqH5fe5kcgW02XlezIkaKpzEYc4Jpdf817A1rOSVuBv ------END CERTIFICATE----- \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/main/resources/trusted-certificates/www.biocatalogue.org-revoked.pem ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/www.biocatalogue.org-revoked.pem b/taverna-credential-manager-impl/src/main/resources/trusted-certificates/www.biocatalogue.org-revoked.pem deleted file mode 100644 index f687fb1..0000000 --- a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/www.biocatalogue.org-revoked.pem +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEdTCCA12gAwIBAgIQWKdgSd6Zw0PQcE4pbzsWZDANBgkqhkiG9w0BAQUFADA2 -MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg -U1NMIENBMB4XDTEzMDgwNTAwMDAwMFoXDTE2MDgwNDIzNTk1OVowQjEhMB8GA1UE -CxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMR0wGwYDVQQDExR3d3cuYmlvY2F0 -YWxvZ3VlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL++4x8O -F1YaggcA9OMinMRMkzDHyMnDTDD6piy23nX1F7EetzvhZOWeuotrZRrRm9XnzJ+v -JOcFXa8ibTZRKF9wdwxRqkH9RVtskYQWFO0oTIdFagRpceHJM2cfI+YLwxaNkekP -zFhsT/m0Zql6WSD9sTzB/FApcaBkR+gQXP+bQyutxr8cvrwnpgJWYPjUr1jHIXbq -ZxTwYE1ezeHM9zroO831C8r1PX/goWND6+cNccalsancXraMDwASphhu7LYniSCZ -zRKwhssl7Xg8ytjkACC8nS4jeyUNmhKa8iPDJthkgGfhT9T+XzUj/NkGNm98IXtn -m5puPjTaKAe7H90CAwEAAaOCAXEwggFtMB8GA1UdIwQYMBaAFAy9k2gM896ro0lr -KzdXR+qQ47ntMB0GA1UdDgQWBBQkiYQZefzKYVzbL1td0qbF6uabRzAOBgNVHQ8B -Af8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB -BQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICHTAIBgZngQwBAgEwOgYDVR0f -BDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xD -QS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRj -cy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDov -L29jc3AudGNzLnRlcmVuYS5vcmcwHwYDVR0RBBgwFoIUd3d3LmJpb2NhdGFsb2d1 -ZS5vcmcwDQYJKoZIhvcNAQEFBQADggEBAA1ix/IzQ0mESvfXXX+Dwzx5fXzJ/Rnr -q93pSBZnroPzpcV84PTE2O7jVi0QHPUsSTtQKp3NHk1zV8xEWR+DNYBVEecNuzcg -NOXCXF3arXSR7eY1LNwrIaAzbrdxExKlwhPAhhQZ2hxcRX8wvsPT/+sZhlG8wEjj -y7lg8YtdNjBrRIwYlAQBb1+ilFc7Pge+54B2aMDnv7boRt/XTYdL8XYjcOC2JlE6 -ETnNPD1bNk5Rg+nZwpzAqY+yKKdgk8jsWGr8/eJ88LtpzjZUILH7owU3EHQSQyTq -T7gcAL+eBwRVfUXKatoB/1uTrQvJz8YHRMDULyIPGGh8rlhJtdAGLk8= ------END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/main/resources/trusted-certificates/www.biodiversitycatalogue.org-revoked.pem ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/www.biodiversitycatalogue.org-revoked.pem b/taverna-credential-manager-impl/src/main/resources/trusted-certificates/www.biodiversitycatalogue.org-revoked.pem deleted file mode 100644 index 05b3926..0000000 --- a/taverna-credential-manager-impl/src/main/resources/trusted-certificates/www.biodiversitycatalogue.org-revoked.pem +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIE4zCCA8ugAwIBAgIPSNz7e2uWg8LSOeQaskiFMA0GCSqGSIb3DQEBBQUAMDYx -CzAJBgNVBAYTAk5MMQ8wDQYDVQQKEwZURVJFTkExFjAUBgNVBAMTDVRFUkVOQSBT -U0wgQ0EwHhcNMTIxMTIyMDAwMDAwWhcNMTUxMTIyMjM1OTU5WjCBpzELMAkGA1UE -BhMCR0IxDjAMBgNVBAgTBVdhbGVzMRAwDgYDVQQHEwdDYXJkaWZmMRswGQYDVQQK -ExJDYXJkaWZmIFVuaXZlcnNpdHkxMTAvBgNVBAsTKEJpb1ZlTCBCaW9kaXZlcnNp -dHkgVmlydHVhbCBlLUxhYm9yYXRvcnkxJjAkBgNVBAMTHXd3dy5iaW9kaXZlcnNp -dHljYXRhbG9ndWUub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA -rPabZIqwVD+WqCt6WgJJuh40TLU50tiGipECf+4JwU45pz1VAI+HS8V9RcnlUhWs -WCjCtl2XeBv7kxlMxGUZAZ3uCZGhqUuzC1g/G2nwsrsLv+Xo09setIXUinFFJB8G -oSRhflZ8YfGPg26Q5Efmd+ecATSIyXMH7w9/IfJ/gHLsBrJjyXz4pTmjQ242jDEz -Uf6u1kdDp/0moAcVXgCv4Ev1N8eDmvDYzQcD/fdjOD62xi1IEixKgiaMzvBM14gj -ZuyCPLpc4naD+gfwz2ecZ4moWmUTOouaA5w54Z1d/6b08xJsysoE6B5YKAP2z27i -iqA5YHySvhJ7AJ90dbg1mwIDAQABo4IBejCCAXYwHwYDVR0jBBgwFoAUDL2TaAzz -3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFBsGmwvAkT9J7ehe+2x5cZ6zh/dPMA4G -A1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB -BggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgIdMAgGBmeBDAECAjA6 -BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50ZXJlbmEub3JnL1RFUkVO -QVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYBBQUHMAKGKWh0dHA6Ly9j -cnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0MCYGCCsGAQUFBzABhhpo -dHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAoBgNVHREEITAfgh13d3cuYmlvZGl2 -ZXJzaXR5Y2F0YWxvZ3VlLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEAw86F5CulT1aY -c3UrW2ndPNMwAkMHJApvJHBqYFCDZTjatZZOaMBG8Ka3IznIpskH9L5XSh+Af+px -NYhtMxRpeLXjjisYyJIwomI4mtF4+35mv5zPAW6cgf0bMp0gt6CFPqpo42WcKzZW -nasesR978XViPXhUJbN+KaW6dW1zZAB9kHE8jJ4COWpBKKBKQwiOhVQGvhgKfjYE -txawV7OUiV5IS9h5FndFUqCipBcIDVhE8dJdLKnMNBo03HzgLFNHONM0zEpHkNPg -dASnuVpol6ldJYnEUbDNY5EC//D7s7h6fJciAQMLbELVrNMjv7IK5i1YjFAGn27i -CXrSjJd7ow== ------END CERTIFICATE----- http://git-wip-us.apache.org/repos/asf/incubator-taverna-engine/blob/3ecb1291/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/CredentialManagerImplIT.java ---------------------------------------------------------------------- diff --git a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/CredentialManagerImplIT.java b/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/CredentialManagerImplIT.java deleted file mode 100644 index 593e223..0000000 --- a/taverna-credential-manager-impl/src/test/java/net/sf/taverna/t2/security/credentialmanager/impl/CredentialManagerImplIT.java +++ /dev/null @@ -1,339 +0,0 @@ -/******************************************************************************* - * Copyright (C) 2008-2010 The University of Manchester - * - * Modifications to the initial code base are copyright of their - * respective authors, or their employers as appropriate. - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 - ******************************************************************************/ -package net.sf.taverna.t2.security.credentialmanager.impl; - -import static org.junit.Assert.*; - - -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.net.URI; -import java.net.URISyntaxException; -import java.net.URL; -import java.security.Key; -import java.security.KeyStore; -import java.security.Security; -import java.security.cert.Certificate; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Enumeration; -import java.util.List; -import java.util.Random; - -import javax.net.ssl.HttpsURLConnection; - -import net.sf.taverna.t2.lang.observer.Observable; -import net.sf.taverna.t2.lang.observer.Observer; -import net.sf.taverna.t2.security.credentialmanager.CMException; -import net.sf.taverna.t2.security.credentialmanager.KeystoreChangedEvent; -import net.sf.taverna.t2.security.credentialmanager.MasterPasswordProvider; -import net.sf.taverna.t2.security.credentialmanager.TrustConfirmationProvider; -import net.sf.taverna.t2.security.credentialmanager.UsernamePassword; - -import org.apache.commons.io.FileUtils; -import org.bouncycastle.jce.provider.BouncyCastleProvider; -import org.junit.AfterClass; -import org.junit.BeforeClass; -import org.junit.Ignore; -import org.junit.Test; - -/** - * Tests here require Java strong/unlimited cryptography policy to be installed - * so they are part of integration tests. - * - * Java strong/unlimited cryptography policy is required to use the Credential Manager and - * the full security capabilities in Taverna. Java by default comes with the weak policy - * that disables the use of certain cryto algorithms and bigger key sizes. Although - * it is claimed that as of Java 6 the default policy is strong, we have seen otherwise, - * so make sure you install it. - * - * For Java 6, strong/unlimited cryptography policy can be downloaded - * (together with the installation instructions) from: - * http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html - * - * These tests use an existing keystore (in resources/security/t2keystore.ubr) and - * truststore (in resources/security/t2truststore.ubr) that are not empty. - * - * @author Alex Nenadic - * - */ -public class CredentialManagerImplIT { - - private static CredentialManagerImpl credentialManager; - // Master password for Credential Manager's Keystore and Truststore - private static String masterPassword = "(cl%ZDxu66AN/{vNXbLF"; - private static DummyMasterPasswordProvider masterPasswordProvider; - private static File credentialManagerDirectory; - - private static UsernamePassword usernamePassword; - private static URI serviceURI; - private static UsernamePassword usernamePassword2; - private static URI serviceURI2; - private static UsernamePassword usernamePassword3; - private static URI serviceURI3; - - private static Key privateKey; - private static Certificate[] privateKeyCertChain; - private static URL privateKeyFileURL = CredentialManagerImplTest.class.getResource( - "/security/test-private-key-cert.p12"); - private static final String privateKeyAndPKCS12KeystorePassword = "test"; // password for the test PKCS#12 keystore in resources - - private static X509Certificate trustedCertficateGoogle; - private static URL trustedCertficateGoogleFileURL = CredentialManagerImplTest.class.getResource( - "/security/google-trusted-certificate.pem"); - private static X509Certificate trustedCertficateHeater; - private static URL trustedCertficateHeaterFileURL = CredentialManagerImplTest.class.getResource( - "/security/tomcat_heater_certificate.pem"); - - private static Observer<KeystoreChangedEvent> keystoreChangedObserver; - - /** - * @throws java.lang.Exception - */ - @BeforeClass - @Ignore - public static void setUpBeforeCLass() throws Exception { - - Security.addProvider(new BouncyCastleProvider()); - - // Create some test username and passwords for services - serviceURI = new URI("http://someservice";); - usernamePassword = new UsernamePassword("testuser", "testpasswd"); - serviceURI2 = new URI("http://someservice2";); - usernamePassword2 = new UsernamePassword("testuser2", "testpasswd2"); - serviceURI3 = new URI("http://someservice3";); - usernamePassword3 = new UsernamePassword("testuser3", "testpasswd3"); - - // Load the test private key and its certificate - File privateKeyCertFile = new File(privateKeyFileURL.getPath()); - KeyStore pkcs12Keystore = java.security.KeyStore.getInstance("PKCS12", "BC"); // We have to use the BC provider here as the certificate chain is not loaded if we use whichever provider is first in Java!!! - FileInputStream inStream = new FileInputStream(privateKeyCertFile); - pkcs12Keystore.load(inStream, privateKeyAndPKCS12KeystorePassword.toCharArray()); - // KeyStore pkcs12Keystore = credentialManager.loadPKCS12Keystore(privateKeyCertFile, privateKeyPassword); - Enumeration<String> aliases = pkcs12Keystore.aliases(); - while (aliases.hasMoreElements()) { - // The test-private-key-cert.p12 file contains only one private key - // and corresponding certificate entry - String alias = aliases.nextElement(); - if (pkcs12Keystore.isKeyEntry(alias)) { // is it a (private) key entry? - privateKey = pkcs12Keystore.getKey(alias, - privateKeyAndPKCS12KeystorePassword.toCharArray()); - privateKeyCertChain = pkcs12Keystore.getCertificateChain(alias); - break; - } - } - inStream.close(); - - // Load the test trusted certificate (belonging to *.Google.com) - File trustedCertFile = new File(trustedCertficateGoogleFileURL.getPath()); - inStream = new FileInputStream(trustedCertFile); - CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); - trustedCertficateGoogle = (X509Certificate) certFactory.generateCertificate(inStream); - try{ - inStream.close(); - } - catch (Exception e) { - // Ignore - } - // Load the test trusted certificate (belonging to heater.cs.man.ac.uk) - File trustedCertFile2 = new File(trustedCertficateHeaterFileURL.getPath()); - inStream = new FileInputStream(trustedCertFile2); - trustedCertficateHeater = (X509Certificate) certFactory.generateCertificate(inStream); - try{ - inStream.close(); - } - catch (Exception e) { - // Ignore - } - - credentialManager = new CredentialManagerImpl(); - -// // The code below sets up the Keystore and Truststore files and loads some data into them -// // and saves them into a temp directory. These files can later be used for testing the Credential -// // Manager with non-empty keystores. -// Random randomGenerator = new Random(); -// String credentialManagerDirectoryPath = System -// .getProperty("java.io.tmpdir") -// + System.getProperty("file.separator") -// + "taverna-security-" -// + randomGenerator.nextInt(1000000); -// System.out.println("Credential Manager's directory path: " -// + credentialManagerDirectoryPath); -// credentialManagerDirectory = new File(credentialManagerDirectoryPath); -// credentialManager.setConfigurationDirectoryPath(credentialManagerDirectory); -// -// // Create the dummy master password provider -// masterPasswordProvider = new DummyMasterPasswordProvider(); -// masterPasswordProvider.setMasterPassword(masterPassword); -// List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>(); -// masterPasswordProviders.add(masterPasswordProvider); -// credentialManager.setMasterPasswordProviders(masterPasswordProviders); -// -// // Add some stuff into Credential Manager -// credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI); -// credentialManager.addUsernameAndPasswordForService(usernamePassword2, serviceURI2); -// credentialManager.addUsernameAndPasswordForService(usernamePassword3, serviceURI3); -// credentialManager.addKeyPair(privateKey, privateKeyCertChain); -// credentialManager.addTrustedCertificate(trustedCertficate); - - - // Set up a random temp directory and copy the test keystore files - // from resources/security - Random randomGenerator = new Random(); - String credentialManagerDirectoryPath = System - .getProperty("java.io.tmpdir") - + System.getProperty("file.separator") - + "taverna-security-" - + randomGenerator.nextInt(1000000); - System.out.println("Credential Manager's directory path: " - + credentialManagerDirectoryPath); - credentialManagerDirectory = new File(credentialManagerDirectoryPath); - if (!credentialManagerDirectory.exists()) { - credentialManagerDirectory.mkdir(); - } - URL keystoreFileURL = CredentialManagerImplIT.class - .getResource("/security/t2keystore.ubr"); - File keystoreFile = new File(keystoreFileURL.getPath()); - File keystoreDestFile = new File(credentialManagerDirectory, - "taverna-keystore.ubr"); - URL truststroreFileURL = CredentialManagerImplIT.class - .getResource("/security/t2truststore.ubr"); - File truststoreFile = new File(truststroreFileURL.getPath()); - File truststoreDestFile = new File(credentialManagerDirectory, - "taverna-truststore.ubr"); - FileUtils.copyFile(keystoreFile, keystoreDestFile); - FileUtils.copyFile(truststoreFile, truststoreDestFile); - credentialManager.setConfigurationDirectoryPath(credentialManagerDirectory); - - // Create the dummy master password provider - masterPasswordProvider = new DummyMasterPasswordProvider(); - masterPasswordProvider.setMasterPassword(masterPassword); - List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>(); - masterPasswordProviders.add(masterPasswordProvider); - credentialManager.setMasterPasswordProviders(masterPasswordProviders); - - // Set an empty list for trust confirmation providers - credentialManager.setTrustConfirmationProviders(new ArrayList<TrustConfirmationProvider>()); - - keystoreChangedObserver = new Observer<KeystoreChangedEvent>() { - @Override - public void notify(Observable<KeystoreChangedEvent> sender, - KeystoreChangedEvent message) throws Exception { - // TODO Auto-generated method stub - } - }; - credentialManager.addObserver(keystoreChangedObserver); - } - - @AfterClass - @Ignore - // Clean up the credentialManagerDirectory we created for testing - public static void cleanUp(){ - - if (credentialManagerDirectory.exists()){ - try { - FileUtils.deleteDirectory(credentialManagerDirectory); - System.out.println("Deleting Credential Manager's directory: " - + credentialManagerDirectory.getAbsolutePath()); - } catch (IOException e) { - System.out.println(e.getStackTrace()); - } - } - } - - @Test - @Ignore - public void testCredentialManager() throws CMException, URISyntaxException, IOException{ - - // There are 3 service username and password entries in the Keystore - List<URI> serviceList = credentialManager.getServiceURIsForAllUsernameAndPasswordPairs(); - assertTrue(serviceList.size() == 3); - System.out.println(); - assertTrue(serviceList.contains(serviceURI2)); - - credentialManager.deleteUsernameAndPasswordForService(serviceURI3); - assertFalse(credentialManager.hasUsernamePasswordForService(serviceURI3)); - - // There are 2 private/public key pair entries in the Keystore - credentialManager.hasKeyPair(privateKey, privateKeyCertChain); - - // There are Google's and heater.cs.man.ac's trusted certificates in the Truststore - credentialManager.hasTrustedCertificate(trustedCertficateGoogle); - // Open a HTTPS connection to Google - URL url = new URL("https://code.google.com/p/taverna/";); - HttpsURLConnection conn; - conn = (HttpsURLConnection) url.openConnection(); - // This should work - conn.connect(); - assertEquals("HTTP/1.1 200 OK", conn.getHeaderField(0)); - conn.disconnect(); - - credentialManager.hasTrustedCertificate(trustedCertficateHeater); - // Open a HTTPS connection to heater - url = new URL("https://heater.cs.man.ac.uk:7443/";); - conn = (HttpsURLConnection) url.openConnection(); - // This should work - conn.connect(); - assertEquals("HTTP/1.1 200 OK", conn.getHeaderField(0)); - conn.disconnect(); - - } - - public void generateKeystores() throws Exception{ - - setUpBeforeCLass(); - - // The code below sets up the Keystore and Truststore files and loads some data into them - // and saves them into a temp directory. These files can later be used for testing the Credential - // Manager with non-empty keystores. - Random randomGenerator = new Random(); - String credentialManagerDirectoryPath = System - .getProperty("java.io.tmpdir") - + System.getProperty("file.separator") - + "taverna-security-" - + randomGenerator.nextInt(1000000); - System.out.println("Credential Manager's Keystore and Truststore will be saved to: " - + credentialManagerDirectoryPath); - credentialManagerDirectory = new File(credentialManagerDirectoryPath); - credentialManager.setConfigurationDirectoryPath(credentialManagerDirectory); - - // Create the dummy master password provider - masterPasswordProvider = new DummyMasterPasswordProvider(); -// masterPasswordProvider.setMasterPassword(masterPassword); - masterPasswordProvider.setMasterPassword("uber"); - List<MasterPasswordProvider> masterPasswordProviders = new ArrayList<MasterPasswordProvider>(); - masterPasswordProviders.add(masterPasswordProvider); - credentialManager.setMasterPasswordProviders(masterPasswordProviders); - - // Add some stuff into Credential Manager - credentialManager.addUsernameAndPasswordForService(usernamePassword, new URI("http://heater.cs.man.ac.uk:7070/axis/services/HelloService-PlaintextPassword?wsdl";)); - -// credentialManager.addUsernameAndPasswordForService(usernamePassword, serviceURI); -// credentialManager.addUsernameAndPasswordForService(usernamePassword2, serviceURI2); -// credentialManager.addUsernameAndPasswordForService(usernamePassword3, serviceURI3); -// credentialManager.addKeyPair(privateKey, privateKeyCertChain); - credentialManager.addTrustedCertificate(trustedCertficateHeater); - } - - -}
