aboutsummaryrefslogtreecommitdiff
path: root/spss.server/src/at/gv/egovernment/moa/spss
diff options
context:
space:
mode:
Diffstat (limited to 'spss.server/src/at/gv/egovernment/moa/spss')
-rw-r--r--spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java67
-rw-r--r--spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java12
2 files changed, 78 insertions, 1 deletions
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
new file mode 100644
index 000000000..c8a454e9f
--- /dev/null
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/CRLRetriever.java
@@ -0,0 +1,67 @@
+package at.gv.egovernment.moa.spss.server.iaik.config;
+
+import iaik.logging.TransactionId;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.pki.store.revocation.RevocationInfoRetriever;
+import iaik.pki.store.revocation.RevocationSource;
+import iaik.pki.store.revocation.RevocationStoreException;
+import iaik.servertools.ldap.Handler;
+
+import java.io.InputStream;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLStreamHandler;
+import java.util.Collection;
+
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * A customized implementation of {@link iaik.pki.store.revocation.RevocationInfoRetriever}. Will be used
+ * instead of the default implementation {@link iaik.pki.store.revocation.CRLRetriever} to overcome a
+ * classloader problem in connection with the {@link java.net.URL} class in a Tomcat deployment environment.
+ *
+ * @author Gregor Karlinger
+ * @version $$
+ */
+public class CRLRetriever implements RevocationInfoRetriever
+{
+ public void update(RevocationSource source, Collection supplementalRequestData, TransactionId tid)
+ throws RevocationStoreException
+ {
+ if (source == null)
+ {
+ throw new NullPointerException("RevocationSource parameter mustn't be null.");
+ }
+ Logger.info("Downloading crl from " + source.getUri());
+ if (!source.getType().equals(RevocationSourceTypes.CRL))
+ {
+ throw new RevocationStoreException(
+ source.getType() + " not supported",
+ null,
+ getClass().getName() + ":1");
+ }
+ try
+ {
+ URL crlUrl;
+ try
+ {
+ crlUrl = new URL(source.getUri());
+ }
+ catch (MalformedURLException e)
+ {
+ // Workaround for classloader problem with deployment in Tomcat 4.1
+ URLStreamHandler handler = new Handler();
+ crlUrl = new URL(null, source.getUri(), handler);
+ }
+
+ InputStream crlInputStream = crlUrl.openStream();
+ source.readFrom(crlInputStream, tid);
+ crlInputStream.close();
+ }
+ catch (Exception iox)
+ {
+ Logger.warn("Cannot retrieve crl", iox);
+ throw new RevocationStoreException("Cannot retrieve CRL", iox, getClass().getName() + ":1");
+ }
+ }
+}
diff --git a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
index 8bd410ac7..6562ef1f4 100644
--- a/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
+++ b/spss.server/src/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfigurator.java
@@ -6,6 +6,9 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
+import iaik.pki.revocation.RevocationSourceTypes;
+import iaik.pki.store.revocation.RevocationFactory;
+import iaik.pki.store.revocation.RevocationSourceStore;
import iaik.pki.store.truststore.TrustStoreFactory;
import iaik.server.ConfigurationData;
import iaik.server.Configurator;
@@ -37,6 +40,7 @@ public class IaikConfigurator {
/**
* Configure the IAIK MOA subsystem.
*
+ *
* @param moaConfig The underlying MOA configuration.
* @throws ConfigurationException An error occurred configuring the IAIK
* MOA subsystem.
@@ -48,7 +52,13 @@ public class IaikConfigurator {
warnings = new ArrayList();
try {
- Configurator.init(configData, new TransactionId("IaikConfigurator"));
+ TransactionId transId = new TransactionId("IaikConfigurator");
+ Configurator.init(configData, transId);
+
+ // Set customized CRL retriever to overcome a classloader problem when MOA is deployed in Tomcat
+ RevocationSourceStore rss = RevocationFactory.getInstance(transId).getRevocationSourceStore();
+ rss.setRetriever(new CRLRetriever(), RevocationSourceTypes.CRL);
+
dumpKeyEntryIDs();
checkKeyGroupConfig(moaConfig);
TrustStoreFactory.reset();