summaryrefslogtreecommitdiff
path: root/BKUWebStart
diff options
context:
space:
mode:
authorclemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2009-06-25 12:07:39 +0000
committerclemenso <clemenso@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4>2009-06-25 12:07:39 +0000
commit69e0dbee3567fc3a710d7bffad4d03e64edd7daa (patch)
treebae70dc305f577693a591658db904314a6bdeda5 /BKUWebStart
parentbaa86c0bbcd5509ac70cc318547632c9ad4d9fde (diff)
downloadmocca-69e0dbee3567fc3a710d7bffad4d03e64edd7daa.tar.gz
mocca-69e0dbee3567fc3a710d7bffad4d03e64edd7daa.tar.bz2
mocca-69e0dbee3567fc3a710d7bffad4d03e64edd7daa.zip
TLS CipherSuites (FF XP)
git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@375 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
Diffstat (limited to 'BKUWebStart')
-rw-r--r--BKUWebStart/pom.xml6
-rw-r--r--BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java68
-rw-r--r--BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java47
-rw-r--r--BKUWebStart/src/main/jnlp/resources/player.jnlp3
-rw-r--r--BKUWebStart/src/main/jnlp/template.xml7
-rw-r--r--BKUWebStart/src/main/resources/at/gv/egiz/bku/webstart/ui/UIMessages.properties5
6 files changed, 116 insertions, 20 deletions
diff --git a/BKUWebStart/pom.xml b/BKUWebStart/pom.xml
index 25683dba..fb72f26f 100644
--- a/BKUWebStart/pom.xml
+++ b/BKUWebStart/pom.xml
@@ -205,6 +205,12 @@
<artifactId>utils</artifactId>
<groupId>at.gv.egiz</groupId>
<version>1.1.2-SNAPSHOT</version>
+ <exclusions>
+ <exclusion>
+ <artifactId>iaik_ecc_signed</artifactId>
+ <groupId>iaik</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>commons-logging</groupId>
diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java
index b1fc29be..36c9cbb2 100644
--- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java
+++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java
@@ -41,6 +41,7 @@ import java.io.BufferedWriter;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.FileWriter;
+import java.net.BindException;
import java.net.URI;
import java.net.URL;
import java.security.GeneralSecurityException;
@@ -48,6 +49,7 @@ import java.util.UUID;
import java.util.jar.Attributes;
import java.util.jar.Manifest;
import java.util.zip.ZipOutputStream;
+import org.mortbay.util.MultiException;
public class BKULauncher implements BKUControllerInterface {
@@ -65,7 +67,11 @@ public class BKULauncher implements BKUControllerInterface {
public static final String GREETING_CAPTION = "Greetings.Caption";
public static final String GREETING_MESSAGE = "Greetings.Message";
public static final String STARTUP_CAPTION = "Startup.Caption";
+ public static final String ERROR_CAPTION = "Error.Caption";
public static final String STARTUP_MESSAGE = "Startup.Message";
+ public static final String ERROR_STARTUP_MESSAGE = "Error.Startup.Message";
+ public static final String ERROR_CONF_MESSAGE = "Error.Conf.Message";
+ public static final String ERROR_BIND_MESSAGE = "Error.Bind.Message";
public static final String VERSION_FILE = ".version";
private static Log log = LogFactory.getLog(BKULauncher.class);
private ResourceBundle resourceBundle = null;
@@ -222,8 +228,8 @@ public class BKULauncher implements BKUControllerInterface {
// }
// }
- log.debug("trying install MOCCA certificate on system browser");
if (installCert) {
+ log.debug("trying install MOCCA certificate on system browser");
if (Desktop.isDesktopSupported()) {
Desktop desktop = Desktop.getDesktop();
if (desktop.isSupported(Desktop.Action.BROWSE)) {
@@ -270,26 +276,60 @@ public class BKULauncher implements BKUControllerInterface {
/**
* @param args
*/
- public static void main(String[] args) {
- try {
- log.warn("***** DISABLING SECURITY MANAGER *******");
+ public static void main(String[] args) throws InterruptedException {
+
+ if (log.isDebugEnabled()) {
+ //System.setProperty("DEBUG", "true");
+ System.setProperty("VERBOSE", "true");
+ System.setProperty("javax.net.debug", "ssl,handshake");
+ }
+
+// log.warn("***** DISABLING SECURITY MANAGER *******");
System.setSecurityManager(null);
+
BKULauncher launcher = new BKULauncher();
launcher.initStart();
- File configDir = new File(System.getProperty("user.home") + '/' + CONFIG_DIR);
- boolean installCert = launcher.ensureConfig(configDir);
+ boolean installCert = false;
+
launcher.initTrayIcon();
TrayIconDialog.getInstance().displayInfo(STARTUP_CAPTION, STARTUP_MESSAGE);
- launcher.startUpServer();
- TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE);
-// launcher.initTrayIcon();
- launcher.initFinished(installCert);
- } catch (Exception e) {
- log.fatal("Failed to launch BKU: " + e.getMessage(), e);
- System.exit(-1000);
- }
+ try {
+ File configDir = new File(System.getProperty("user.home") + '/' + CONFIG_DIR);
+ installCert = launcher.ensureConfig(configDir);
+ } catch (Exception ex) {
+ log.fatal("Failed to init MOCCA configuration, exiting", ex);
+ TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_CONF_MESSAGE);
+ Thread.sleep(5000);
+ System.exit(-1000);
+ }
+
+ try {
+ launcher.startUpServer();
+ TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE);
+ launcher.initFinished(installCert);
+ } catch (BindException ex) {
+ log.fatal("Failed to launch MOCCA, " + ex.getMessage(), ex);
+ TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE);
+ Thread.sleep(5000);
+ System.exit(-1000);
+ } catch (MultiException ex) {
+ log.fatal("Failed to launch MOCCA, " + ex.getMessage(), ex);
+ if (ex.getThrowable(0) instanceof BindException) {
+ TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE);
+ } else {
+ TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE);
+ }
+ Thread.sleep(5000);
+ System.exit(-1000);
+ } catch (Exception e) {
+ log.fatal("Failed to launch MOCCA, " + e.getMessage(), e);
+ TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE);
+ Thread.sleep(5000);
+ System.exit(-1000);
+ }
+
}
private void backupAndDelete(File dir, URI relativeTo, ZipOutputStream zip) throws IOException {
diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java
index 0cd3e633..89044486 100644
--- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java
+++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java
@@ -35,6 +35,7 @@ public class Container {
}
public void init() throws IOException {
+// System.setProperty("DEBUG", "true");
server = new Server();
QueuedThreadPool qtp = new QueuedThreadPool();
qtp.setMaxThreads(5);
@@ -55,7 +56,13 @@ public class Container {
sslConnector.setAcceptors(1);
sslConnector.setHost("127.0.0.1");
File configDir = new File(System.getProperty("user.home") + "/" + BKULauncher.CONFIG_DIR);
- sslConnector.setKeystore(configDir.getPath() + "/" + BKULauncher.KEYSTORE_FILE);
+ File keystoreFile = new File(configDir, BKULauncher.KEYSTORE_FILE);
+ if (!keystoreFile.canRead()) {
+ log.error("MOCCA keystore file not readable: " + keystoreFile.getAbsolutePath());
+ throw new FileNotFoundException("MOCCA keystore file not readable: " + keystoreFile.getAbsolutePath());
+ }
+ log.debug("loading MOCCA keystore from " + keystoreFile.getAbsolutePath());
+ sslConnector.setKeystore(keystoreFile.getAbsolutePath());
File passwdFile = new File(configDir, BKULauncher.PASSWD_FILE);
BufferedReader reader = new BufferedReader(new FileReader(passwdFile));
String pwd;
@@ -64,6 +71,42 @@ public class Container {
sslConnector.setKeyPassword(pwd);
}
reader.close();
+
+ //avoid jetty's ClassCastException: iaik.security.ecc.ecdsa.ECPublicKey cannot be cast to java.security.interfaces.ECPublicKey
+ String[] RFC4492CipherSuites = new String[] {
+ "TLS_ECDH_ECDSA_WITH_NULL_SHA",
+ "TLS_ECDH_ECDSA_WITH_RC4_128_SHA",
+ "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA",
+ "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
+ "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+
+ "TLS_ECDHE_ECDSA_WITH_NULL_SHA",
+ "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA",
+ "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA",
+ "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+ "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+
+ "TLS_ECDH_RSA_WITH_NULL_SHA",
+ "TLS_ECDH_RSA_WITH_RC4_128_SHA",
+ "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA",
+ "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+
+ "TLS_ECDHE_RSA_WITH_NULL_SHA",
+ "TLS_ECDHE_RSA_WITH_RC4_128_SHA",
+ "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA",
+ "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+ "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+
+ "TLS_ECDH_anon_WITH_NULL_SHA",
+ "TLS_ECDH_anon_WITH_RC4_128_SHA",
+ "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA",
+ "TLS_ECDH_anon_WITH_AES_128_CBC_SHA",
+ "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"
+ };
+
+ sslConnector.setExcludeCipherSuites(RFC4492CipherSuites);
+
server.setConnectors(new Connector[] { connector, sslConnector });
@@ -71,7 +114,7 @@ public class Container {
webapp.setLogUrlOnStart(true);
webapp.setContextPath("/");
webapp.setExtractWAR(true);
- webapp.setParentLoaderPriority(false); //true);
+ webapp.setParentLoaderPriority(false);
webapp.setWar(copyWebapp(webapp.getTempDirectory())); //getClass().getClassLoader().getResource("BKULocalWar/").toString());
diff --git a/BKUWebStart/src/main/jnlp/resources/player.jnlp b/BKUWebStart/src/main/jnlp/resources/player.jnlp
new file mode 100644
index 00000000..da08ebc2
--- /dev/null
+++ b/BKUWebStart/src/main/jnlp/resources/player.jnlp
@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Jump specific JNL file for launching the player -->
+<player/> \ No newline at end of file
diff --git a/BKUWebStart/src/main/jnlp/template.xml b/BKUWebStart/src/main/jnlp/template.xml
index 07e1c28a..4d08d4e5 100644
--- a/BKUWebStart/src/main/jnlp/template.xml
+++ b/BKUWebStart/src/main/jnlp/template.xml
@@ -5,11 +5,12 @@
<jnlp spec="$jnlpspec" codebase="$$codebase" context="$$context" href="$$name">
<information>
- <title>$project.Name EarlyAccess</title>
+ <!--title>$project.Name</title-->
+ <title>$project.Description</title>
<vendor>$project.Organization.Name</vendor>
<homepage href="$project.Url"/>
- <description>$project.Description EarlyAccess</description>
- <description kind="short">$project.Description EarlyAccess</description>
+ <description>$project.Description</description>
+ <description kind="short">$project.Description</description>
<icon href="img/logo.png" kind="default" version="1.0-SNAPSHOT"/>
<icon href="img/splash.png" kind="splash" version="1.0-SNAPSHOT"/>
<shortcut online="false">
diff --git a/BKUWebStart/src/main/resources/at/gv/egiz/bku/webstart/ui/UIMessages.properties b/BKUWebStart/src/main/resources/at/gv/egiz/bku/webstart/ui/UIMessages.properties
index 6ee1a510..eb2b74c0 100644
--- a/BKUWebStart/src/main/resources/at/gv/egiz/bku/webstart/ui/UIMessages.properties
+++ b/BKUWebStart/src/main/resources/at/gv/egiz/bku/webstart/ui/UIMessages.properties
@@ -6,7 +6,10 @@ Startup.Message=B\u00FCrgerkartenumgebung wird gestartet...
Startup.Caption=B\u00FCrgerkartenumgebung (MOCCA Web Start)
Greetings.Message=B\u00FCrgerkartenumgebung erfolgreich gestartet
Greetings.Caption=B\u00FCrgerkartenumgebung (MOCCA Web Start)
-
+Error.Caption=Fehler
+Error.Startup.Message=B\u00FCrgerkartenumgebung konnte nicht gestartet werden
+Error.Conf.Message=Konfiguration konnte nicht initialisiert werden, B\u00FCrberkartenumgebung wird nicht gestartet
+Error.Bind.Message=Die f\u00FCr die B\u00FCrgerkartenumgebung reservierte Adresse wird bereits von einem anderen Dienst verwendet
Message.RequestCaption=New Request
Message.InfoboxReadRequest=Reading Infobox
Message.SecureSignatureKeypair=Reading secure signature certificate