Author: dimuthul
Date: Sun Mar 2 22:27:47 2008
New Revision: 14424
Log:
Loading the keystore once
Fixing a bug when deleting the Personal Rp.
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/KeystoreUtilAdmin.java
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/RelyingPartyAdmin.java
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/IPPersistenceManager.java
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dao/UserPersonalRelyingPartyDAO.java
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/UploadRelyingPartyCertificateAction.java
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/KeystoreUtilAdmin.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/KeystoreUtilAdmin.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/KeystoreUtilAdmin.java
Sun Mar 2 22:27:47 2008
@@ -31,6 +31,15 @@
* Instance of the main keystore of the identity provider
*/
private static KeyStore identityProviderKeystore = null;
+
+ /**
+ * The key store that holds certificaates of
+ * personal Relying Parties of users.
+ * This holds trusted Relying party certificates
+ */
+ private static KeyStore userRPTruststore = null;
+
+
/**
* Provides the instance of the main keystore of the identity provider.
@@ -42,10 +51,25 @@
if(identityProviderKeystore != null) {
return identityProviderKeystore;
}
-
+
return loadKeystore();
}
+ /**
+ * Provides the instance of the main keystore of the identity provider.
+ * @return A java.security.Keystore instance
+ * @throws IdentityProviderException
+ */
+ private KeyStore getUserRPTrustStore() throws IdentityProviderException {
+
+ if(userRPTruststore != null) {
+ return userRPTruststore;
+ }
+
+ return loadUserRPTrustStore();
+ }
+
+
/**
* Load the main keystore of the identity provider usign the configuration
@@ -78,6 +102,39 @@
}
+
+ /**
+ * Load the key store that holds user trusted relying parties.
+ * @return A java.security.Keystore instance
+ * @throws IdentityProviderException
+ */
+ private KeyStore loadUserRPTrustStore() throws IdentityProviderException {
+
+ ServerConfiguration serverConfig = ServerConfiguration.getInstance();
+ String storeFilePath = serverConfig
+
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_LOCATION);
+ String type = serverConfig
+
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_TYPE);
+ String passwd = serverConfig
+
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_PASSWORD);
+
+ try {
+ FileInputStream is = new FileInputStream(storeFilePath);
+
+ userRPTruststore = KeyStore.getInstance(type);
+
+ userRPTruststore.load(is, passwd.toCharArray());
+ is.close();
+ return userRPTruststore;
+ } catch (Exception e) {
+ throw new IdentityProviderException("errorInKeystoreAccess",
+ new String[] { storeFilePath }, e);
+ }
+
+ }
+
+
+
public boolean isCertExists(X509Certificate cert)
throws IdentityProviderException {
try {
@@ -130,18 +187,15 @@
*/
public String importCertToUserTrustStore(X509Certificate cert)
throws IdentityProviderException {
+ KeyStore store = getUserRPTrustStore();
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
String storeFilePath = serverConfig
-
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_LOCATION);
- String type = serverConfig
-
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_TYPE);
+
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_LOCATION);
String passwd = serverConfig
-
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_PASSWORD);
+
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_PASSWORD);
+
String alias = null;
try {
- FileInputStream is = new FileInputStream(storeFilePath);
- KeyStore store = KeyStore.getInstance(type);
- store.load(is, passwd.toCharArray());
alias = getAlias(cert);
if (store.getCertificate(alias) == null) {
// then import
@@ -155,40 +209,34 @@
throw new IdentityProviderException("errorInKeystoreAccess",
new String[] { storeFilePath }, e);
}
-
+
+ //to reflect the changes
+ this.loadUserRPTrustStore();
return alias;
}
public X509Certificate getCertificateFromUserTrustedRP(String alias)
throws IdentityProviderException {
- ServerConfiguration serverConfig = ServerConfiguration.getInstance();
- String storeFilePath = serverConfig
-
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_LOCATION);
- String type = serverConfig
-
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_TYPE);
- String passwd = serverConfig
-
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_PASSWORD);
+ KeyStore store = this.loadUserRPTrustStore();
X509Certificate cert = null;
try {
- FileInputStream is = new FileInputStream(storeFilePath);
- KeyStore store = KeyStore.getInstance(type);
- store.load(is, passwd.toCharArray());
- cert = (X509Certificate)store.getCertificate(alias);
+ cert = (X509Certificate) store.getCertificate(alias);
} catch (Exception e) {
throw new IdentityProviderException("errorInKeystoreAccess",
- new String[] { storeFilePath }, e);
+ new String[]{"User Personal RelyingParty Trust Storee"},
e);
}
-
+
return cert;
}
-
+
/**
* Removes the Certificate from default store
*
* @param alias
* @throws IdentityProviderException
*/
- public void deleteRelyingParty(String alias) throws
IdentityProviderException {
+ public void deleteRelyingParty(String alias)
+ throws IdentityProviderException {
KeyStore store = getKeyStore();
try {
@@ -208,7 +256,8 @@
* @param alias
* @throws IdentityProviderException
*/
- public void removeCertEntryFromUserTrustedRP(String alias) throws
IdentityProviderException {
+ public void removeCertEntryFromUserTrustedRP(String alias)
+ throws IdentityProviderException {
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
String storeFilePath = serverConfig
.getFirstProperty(IdentityProviderConstants.ServerConfig.USER_TRUSTED_RP_STORE_LOCATION);
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/RelyingPartyAdmin.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/RelyingPartyAdmin.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/admin/RelyingPartyAdmin.java
Sun Mar 2 22:27:47 2008
@@ -22,8 +22,10 @@
import org.wso2.solutions.identity.IdentityProviderException;
import org.wso2.solutions.identity.i18n.Messages;
import org.wso2.solutions.identity.persistence.IPPersistenceManager;
+import org.wso2.solutions.identity.persistence.dao.UserPersonalRelyingPartyDAO;
import org.wso2.solutions.identity.persistence.dataobject.OpenIDUserRPDO;
import org.wso2.solutions.identity.persistence.dataobject.RelyingPartyDO;
+import
org.wso2.solutions.identity.persistence.dataobject.UserPersonalRelyingPartyIdentifier;
import org.wso2.solutions.identity.persistence.dataobject.UserTrustedRPDO;
@@ -57,6 +59,10 @@
}
}
+
+ public UserTrustedRPDO getPersonalRelyingParty(String alias, String user)
throws AxisFault {
+ return dbMan.getPersonalRelyingParty(user, alias);
+ }
public void create(UserTrustedRPDO rp) throws AxisFault {
try {
@@ -116,8 +122,10 @@
UserTrustedRPDO rpDO = dbMan.getPersonalRelyingParty(user, hostName);
dbMan.delete(rpDO);
- KeystoreUtilAdmin ksAdmin = new KeystoreUtilAdmin();
- ksAdmin.removeCertEntryFromUserTrustedRP(hostName);
+ if(dbMan.getPersonalRelyingPartyByHostName(hostName).length==0){
+ KeystoreUtilAdmin ksAdmin = new KeystoreUtilAdmin();
+ ksAdmin.removeCertEntryFromUserTrustedRP(hostName);
+ }
}
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/IPPersistenceManager.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/IPPersistenceManager.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/IPPersistenceManager.java
Sun Mar 2 22:27:47 2008
@@ -15,6 +15,7 @@
*/
package org.wso2.solutions.identity.persistence;
+import org.apache.axis2.AxisFault;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.hibernate.Session;
@@ -49,6 +50,7 @@
import
org.wso2.solutions.identity.persistence.dataobject.RegisteredInfoCardInfoDO;
import org.wso2.solutions.identity.persistence.dataobject.RelyingPartyDO;
import org.wso2.solutions.identity.persistence.dataobject.RevokedInfoCardDO;
+import
org.wso2.solutions.identity.persistence.dataobject.UserPersonalRelyingPartyIdentifier;
import org.wso2.solutions.identity.persistence.dataobject.UserTrustedRPDO;
import java.util.Date;
@@ -460,4 +462,9 @@
OpenIDUserRPDAO dao = new OpenIDUserRPDAO(hbConfig);
return dao.getOpenIDDefaultUserProfile(userName,rpUrl);
}
+
+ public UserTrustedRPDO[] getPersonalRelyingPartyByHostName(String
hostName) {
+ UserPersonalRelyingPartyDAO dao = new
UserPersonalRelyingPartyDAO(hbConfig);
+ return dao.getPersonalRelyingPartyByHostName(hostName);
+ }
}
\ No newline at end of file
Modified:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dao/UserPersonalRelyingPartyDAO.java
==============================================================================
---
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dao/UserPersonalRelyingPartyDAO.java
(original)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/persistence/dao/UserPersonalRelyingPartyDAO.java
Sun Mar 2 22:27:47 2008
@@ -16,6 +16,7 @@
package org.wso2.solutions.identity.persistence.dao;
+import java.util.Iterator;
import java.util.List;
import org.hibernate.Session;
@@ -78,4 +79,26 @@
return rp;
}
+
+ public UserTrustedRPDO[] getPersonalRelyingPartyByHostName(String
hostName) {
+ Session session = hbConfig.getCurrentSession();
+ Transaction tx = session.beginTransaction();
+ String stmt = "from UserTrustedRPDO as utrp where
utrp.identifier.hostName = '"+ hostName+"'";
+
+ UserTrustedRPDO[] rps = new UserTrustedRPDO[0];
+ try {
+ List lst = session.createQuery(stmt).list();
+ rps = (UserTrustedRPDO[])lst.toArray(new
UserTrustedRPDO[lst.size()]);
+ tx.commit();
+ } catch (Throwable e) {
+ tx.rollback();
+ String msg = messages.getMessage("errorQuerryingClaimData");
+ log.error(msg, e);
+ throw new RuntimeException(msg, e);
+ } finally {
+ hbConfig.closeSession();
+ }
+
+ return rps;
+ }
}
Modified:
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/UploadRelyingPartyCertificateAction.java
==============================================================================
---
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/UploadRelyingPartyCertificateAction.java
(original)
+++
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/UploadRelyingPartyCertificateAction.java
Sun Mar 2 22:27:47 2008
@@ -23,6 +23,8 @@
import java.security.cert.X509Certificate;
import java.util.Map;
+import org.apache.axis2.AxisFault;
+import org.wso2.solutions.identity.IdentityProviderException;
import org.wso2.solutions.identity.admin.KeystoreUtilAdmin;
import org.wso2.solutions.identity.admin.RelyingPartyAdmin;
import org.wso2.solutions.identity.admin.ReportAdmin;
@@ -62,16 +64,27 @@
return ERROR;
}
- String alias = ksAdmin.importCertToUserTrustStore(cert);
- UserTrustedRPDO rp = new UserTrustedRPDO();
- UserPersonalRelyingPartyIdentifier identifier = new
UserPersonalRelyingPartyIdentifier();
- identifier.setHostName(alias);
- identifier.setUserId(user);
- rp.setIdentifier(identifier);
-
- RelyingPartyAdmin admin = new RelyingPartyAdmin();
- admin.create(rp);
- ReportAdmin.record(user, ActionDO.ACTION_USER_ADD_RP, "RP=" + alias);
+ String alias = null;
+ try {
+ alias = ksAdmin.importCertToUserTrustStore(cert);
+ UserTrustedRPDO rp = new UserTrustedRPDO();
+ UserPersonalRelyingPartyIdentifier identifier = new
UserPersonalRelyingPartyIdentifier();
+ identifier.setHostName(alias);
+ identifier.setUserId(user);
+ rp.setIdentifier(identifier);
+
+ RelyingPartyAdmin admin = new RelyingPartyAdmin();
+ if(admin.getPersonalRelyingParty(alias, user) == null){
+ admin.create(rp);
+ ReportAdmin.record(user, ActionDO.ACTION_USER_ADD_RP, "RP=" +
alias);
+ }else{
+ this.addInfoMessage("You have already uploaded the
certificate");
+ }
+ }catch (IdentityProviderException e) {
+ this.addErrorMessage(e.getMessage());
+ return ERROR;
+ }
+
return SUCCESS;
}
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
