summaryrefslogtreecommitdiff
path: root/BKUWebStart/src/main
diff options
context:
space:
mode:
authorclemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2009-08-28 17:53:01 +0000
committerclemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2009-08-28 17:53:01 +0000
commitdd04951a76fc6406755a94ecf547c0797f062fa2 (patch)
treebf60c18edc59aacd77fe84ea01d2b1ed69d8a7ed /BKUWebStart/src/main
parent5eb05982f2e98f56569b4ea07b1961e3eed617d7 (diff)
downloadmocca-dd04951a76fc6406755a94ecf547c0797f062fa2.tar.gz
mocca-dd04951a76fc6406755a94ecf547c0797f062fa2.tar.bz2
mocca-dd04951a76fc6406755a94ecf547c0797f062fa2.zip
replace installCertificate servlet with der encoded crt file in webapp/
moved local-webstart profile to BKUWebStart (jnlp-inline goal) help note for internet explorer on visat/7 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@482 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
Diffstat (limited to 'BKUWebStart/src/main')
-rw-r--r--BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java47
-rw-r--r--BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java6
-rw-r--r--BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java10
-rw-r--r--BKUWebStart/src/main/jnlp/keystore.ksbin0 -> 5635 bytes
-rw-r--r--BKUWebStart/src/main/jnlp/resources/img/chip128.pngbin0 -> 7775 bytes
-rw-r--r--BKUWebStart/src/main/jnlp/resources/img/chip16.pngbin0 -> 787 bytes
-rw-r--r--BKUWebStart/src/main/jnlp/resources/img/chip24.pngbin0 -> 1227 bytes
-rw-r--r--BKUWebStart/src/main/jnlp/resources/img/chip32.pngbin0 -> 1753 bytes
-rw-r--r--BKUWebStart/src/main/jnlp/resources/img/chip48.pngbin0 -> 2771 bytes
-rw-r--r--BKUWebStart/src/main/jnlp/resources/img/splash.pngbin0 -> 41455 bytes
-rw-r--r--BKUWebStart/src/main/jnlp/resources/img/version.xml52
-rw-r--r--BKUWebStart/src/main/jnlp/resources/player.jnlp3
-rw-r--r--BKUWebStart/src/main/jnlp/template-local.xml40
13 files changed, 132 insertions, 26 deletions
diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java
index 3bf74d3c..2feae267 100644
--- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java
+++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java
@@ -22,7 +22,6 @@ import java.security.KeyStore;
import java.security.Permissions;
import java.security.SecurityPermission;
import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
import java.util.PropertyPermission;
import javax.smartcardio.CardPermission;
import org.apache.commons.logging.Log;
@@ -38,7 +37,6 @@ public class Container {
public static final String HTTP_PORT_PROPERTY = "mocca.http.port";
public static final String HTTPS_PORT_PROPERTY = "mocca.http.port";
- public static final String SERVER_CA_CERTIFICATE_ATTRIBUTE = "mocca.tls.server.ca.certificate";
private static Log log = LogFactory.getLog(Container.class);
static {
@@ -51,6 +49,8 @@ public class Container {
}
}
private Server server;
+ private WebAppContext webapp;
+ private Certificate caCertificate;
public void init() throws IOException {
// System.setProperty("DEBUG", "true");
@@ -118,33 +118,19 @@ public class Container {
server.setConnectors(new Connector[]{connector, sslConnector});
- WebAppContext webapp = new WebAppContext();
+ webapp = new WebAppContext();
webapp.setLogUrlOnStart(true);
webapp.setContextPath("/");
webapp.setExtractWAR(true);
webapp.setParentLoaderPriority(false);
- try {
- // no way to get certificate from within the servlet (SSLEngine/Jetty SSLSocketConnector/SSLContext?)
- if (log.isTraceEnabled()) {
- log.trace("local ca certificate from " + keystoreFile + " in webapp context at " + SERVER_CA_CERTIFICATE_ATTRIBUTE);
- }
- BufferedInputStream bis = new BufferedInputStream(new FileInputStream(keystoreFile));
- KeyStore sslKeyStore = KeyStore.getInstance("JKS");
- sslKeyStore.load(bis, passwd.toCharArray());
- Certificate[] sslChain = sslKeyStore.getCertificateChain(TLSServerCA.MOCCA_TLS_SERVER_ALIAS);
- webapp.setAttribute(SERVER_CA_CERTIFICATE_ATTRIBUTE, sslChain[sslChain.length - 1]);
- bis.close();
- } catch (Exception ex) {
- log.error("Failed to load local ca certificate", ex);
- log.warn("automated web certificate installation will not be available");
- }
-
webapp.setWar(copyWebapp(webapp.getTempDirectory()));
webapp.setPermissions(getPermissions(webapp.getTempDirectory()));
server.setHandler(webapp);
server.setGracefulShutdown(1000 * 3);
+
+ loadCACertificate(keystoreFile, passwd.toCharArray());
}
/**
@@ -234,6 +220,12 @@ public class Container {
public void start() throws Exception {
server.start();
+ // webapp.getBaseResource()
+ File caCertFile = new File(webapp.getTempDirectory(), "webapp/ca.crt");
+ BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(caCertFile));
+ bos.write(caCertificate.getEncoded());
+ bos.flush();
+ bos.close();
}
public boolean isRunning() {
@@ -251,4 +243,21 @@ public class Container {
public void join() throws InterruptedException {
server.join();
}
+
+ private void loadCACertificate(File keystoreFile, char[] passwd) {
+ try {
+ if (log.isTraceEnabled()) {
+ log.trace("local ca certificate from " + keystoreFile);
+ }
+ BufferedInputStream bis = new BufferedInputStream(new FileInputStream(keystoreFile));
+ KeyStore sslKeyStore = KeyStore.getInstance("JKS");
+ sslKeyStore.load(bis, passwd);
+ Certificate[] sslChain = sslKeyStore.getCertificateChain(TLSServerCA.MOCCA_TLS_SERVER_ALIAS);
+ caCertificate = sslChain[sslChain.length - 1];
+ bis.close();
+ } catch (Exception ex) {
+ log.error("Failed to load local ca certificate", ex);
+ log.warn("automated web certificate installation will not be available");
+ }
+ }
}
diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java
index 8cc9817f..2bf42ccb 100644
--- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java
+++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java
@@ -9,8 +9,6 @@ import java.net.URISyntaxException;
import java.util.Locale;
import java.util.ResourceBundle;
-import java.util.logging.Level;
-import java.util.logging.Logger;
import javax.jnlp.UnavailableServiceException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -28,9 +26,7 @@ import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.awt.event.WindowAdapter;
import java.net.BindException;
-import java.net.HttpURLConnection;
import java.net.MalformedURLException;
-import java.net.URI;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.text.MessageFormat;
@@ -175,6 +171,7 @@ public class Launcher implements BKUControllerInterface, ActionListener {
}
throw ex;
} catch (Exception ex) {
+ ex.printStackTrace();
log.fatal("Failed to launch server, " + ex.getMessage(), ex);
trayIcon.displayMessage(messages.getString(CAPTION_ERROR),
messages.getString(ERROR_START), TrayIcon.MessageType.ERROR);
@@ -381,6 +378,7 @@ public class Launcher implements BKUControllerInterface, ActionListener {
Launcher launcher = new Launcher();
launcher.launch();
} catch (Exception ex) {
+ ex.printStackTrace();
log.debug(ex);
log.info("waiting to shutdown...");
Thread.sleep(5000);
diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java
index fd94958e..08a06570 100644
--- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java
+++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java
@@ -64,9 +64,13 @@ public class TLSServerCA {
caCert.addExtension(new SubjectKeyIdentifier(caKeyPair.getPublic()));
- caCert.addExtension(new BasicConstraints(true));
- caCert.addExtension(new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign
- | KeyUsage.digitalSignature));
+ BasicConstraints bc = new BasicConstraints(true);
+ bc.setCritical(true);
+ caCert.addExtension(bc);
+ KeyUsage ku = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign
+ | KeyUsage.digitalSignature);
+ ku.setCritical(true);
+ caCert.addExtension(ku);
GregorianCalendar date = new GregorianCalendar();
date.add(Calendar.HOUR_OF_DAY, -1);
diff --git a/BKUWebStart/src/main/jnlp/keystore.ks b/BKUWebStart/src/main/jnlp/keystore.ks
new file mode 100644
index 00000000..824c3a40
--- /dev/null
+++ b/BKUWebStart/src/main/jnlp/keystore.ks
Binary files differ
diff --git a/BKUWebStart/src/main/jnlp/resources/img/chip128.png b/BKUWebStart/src/main/jnlp/resources/img/chip128.png
new file mode 100644
index 00000000..c36d8079
--- /dev/null
+++ b/BKUWebStart/src/main/jnlp/resources/img/chip128.png
Binary files differ
diff --git a/BKUWebStart/src/main/jnlp/resources/img/chip16.png b/BKUWebStart/src/main/jnlp/resources/img/chip16.png
new file mode 100644
index 00000000..96b580e9
--- /dev/null
+++ b/BKUWebStart/src/main/jnlp/resources/img/chip16.png
Binary files differ
diff --git a/BKUWebStart/src/main/jnlp/resources/img/chip24.png b/BKUWebStart/src/main/jnlp/resources/img/chip24.png
new file mode 100644
index 00000000..efd6dbeb
--- /dev/null
+++ b/BKUWebStart/src/main/jnlp/resources/img/chip24.png
Binary files differ
diff --git a/BKUWebStart/src/main/jnlp/resources/img/chip32.png b/BKUWebStart/src/main/jnlp/resources/img/chip32.png
new file mode 100644
index 00000000..e7efb020
--- /dev/null
+++ b/BKUWebStart/src/main/jnlp/resources/img/chip32.png
Binary files differ
diff --git a/BKUWebStart/src/main/jnlp/resources/img/chip48.png b/BKUWebStart/src/main/jnlp/resources/img/chip48.png
new file mode 100644
index 00000000..491fbcac
--- /dev/null
+++ b/BKUWebStart/src/main/jnlp/resources/img/chip48.png
Binary files differ
diff --git a/BKUWebStart/src/main/jnlp/resources/img/splash.png b/BKUWebStart/src/main/jnlp/resources/img/splash.png
new file mode 100644
index 00000000..597fbc60
--- /dev/null
+++ b/BKUWebStart/src/main/jnlp/resources/img/splash.png
Binary files differ
diff --git a/BKUWebStart/src/main/jnlp/resources/img/version.xml b/BKUWebStart/src/main/jnlp/resources/img/version.xml
new file mode 100644
index 00000000..5e160beb
--- /dev/null
+++ b/BKUWebStart/src/main/jnlp/resources/img/version.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jnlp-versions>
+ <resource>
+ <pattern>
+ <name>chip16.png</name>
+ <version-id>2.0</version-id>
+ </pattern>
+ <file>chip16.png</file>
+ </resource>
+ <resource>
+ <pattern>
+ <name>chip24.png</name>
+ <version-id>2.0</version-id>
+ </pattern>
+ <file>chip24.png</file>
+ </resource>
+ <resource>
+ <pattern>
+ <name>chip32.png</name>
+ <version-id>2.0</version-id>
+ </pattern>
+ <file>chip32.png</file>
+ </resource>
+ <resource>
+ <pattern>
+ <name>chip48.png</name>
+ <version-id>2.0</version-id>
+ </pattern>
+ <file>chip48.png</file>
+ </resource>
+ <resource>
+ <pattern>
+ <name>chip64.png</name>
+ <version-id>2.0</version-id>
+ </pattern>
+ <file>chip64.png</file>
+ </resource>
+ <resource>
+ <pattern>
+ <name>chip128.png</name>
+ <version-id>2.0</version-id>
+ </pattern>
+ <file>chip128.png</file>
+ </resource>
+ <resource>
+ <pattern>
+ <name>splash.png</name>
+ <version-id>2.0</version-id>
+ </pattern>
+ <file>splash.png</file>
+ </resource>
+</jnlp-versions>
diff --git a/BKUWebStart/src/main/jnlp/resources/player.jnlp b/BKUWebStart/src/main/jnlp/resources/player.jnlp
new file mode 100644
index 00000000..da08ebc2
--- /dev/null
+++ b/BKUWebStart/src/main/jnlp/resources/player.jnlp
@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Jump specific JNL file for launching the player -->
+<player/> \ No newline at end of file
diff --git a/BKUWebStart/src/main/jnlp/template-local.xml b/BKUWebStart/src/main/jnlp/template-local.xml
new file mode 100644
index 00000000..12ff9d8c
--- /dev/null
+++ b/BKUWebStart/src/main/jnlp/template-local.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="utf-8"?>
+<jnlp spec="$jnlpspec" codebase="file:${project.build.directory}/jnlp" href="$outputFile">
+
+ <information>
+ <title>${project.Description}</title>
+ <vendor>E-Government Innovationszentrum (EGIZ)</vendor>
+ <homepage href="${project.Url}"/>
+ <description>${project.Description} (BKU) MOCCA Web Start</description>
+ <description kind="short">${project.Description}</description>
+ <icon kind="shortcut" href="img/chip16.png" width="16" height="16"/>
+ <icon kind="shortcut" href="img/chip24.png" width="24" height="24"/>
+ <icon kind="shortcut" href="img/chip32.png" width="32" height="32"/>
+ <icon kind="shortcut" href="img/chip48.png" width="48" height="48"/>
+ <icon kind="default" href="img/chip16.png" width="16" height="16"/>
+ <icon kind="default" href="img/chip24.png" width="24" height="24"/>
+ <icon kind="default" href="img/chip32.png" width="32" height="32"/>
+ <icon kind="default" href="img/chip48.png" width="48" height="48"/>
+ <icon kind="splash" href="img/splash.png"/>
+ <shortcut online="true">
+ <desktop/>
+ <menu submenu="e-Government"/>
+ </shortcut>
+
+ <offline-allowed/>
+
+ </information>
+
+ <security>
+ <all-permissions/>
+ </security>
+
+ <update check="timeout" policy="prompt-update"/>
+
+ <resources>
+ <java version="1.6+" java-vm-args="-Djava.security.debug=access,failure"/>
+ $dependencies
+ </resources>
+
+ <application-desc main-class="$mainClass"/>
+</jnlp> \ No newline at end of file