diff options
Diffstat (limited to 'BKUOnline/src/main/java/at/gv')
-rw-r--r-- | BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java | 385 | ||||
-rw-r--r-- | BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java | 4 |
2 files changed, 202 insertions, 187 deletions
diff --git a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java index 54dbfdea..d213dd36 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java +++ b/BKUOnline/src/main/java/at/gv/egiz/bku/online/conf/SpringConfigurator.java @@ -1,19 +1,19 @@ /*
-* Copyright 2008 Federal Chancellery Austria and
-* Graz University of Technology
-*
-* Licensed under the Apache License, Version 2.0 (the "License");
-* you may not use this file except in compliance with the License.
-* You may obtain a copy of the License at
-*
-* http://www.apache.org/licenses/LICENSE-2.0
-*
-* Unless required by applicable law or agreed to in writing, software
-* distributed under the License is distributed on an "AS IS" BASIS,
-* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-* See the License for the specific language governing permissions and
-* limitations under the License.
-*/
+ * Copyright 2008 Federal Chancellery Austria and
+ * Graz University of Technology
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
package at.gv.egiz.bku.online.conf;
import java.io.File;
@@ -52,183 +52,198 @@ import org.springframework.core.io.ResourceLoader; import at.gv.egiz.bku.binding.DataUrl;
import at.gv.egiz.bku.binding.DataUrlConnection;
import at.gv.egiz.bku.slexceptions.SLRuntimeException;
+import at.gv.egiz.stal.service.impl.RequestBrokerSTALFactory;
public class SpringConfigurator extends Configurator implements
- ResourceLoaderAware {
-
- private final static Log log = LogFactory.getLog(SpringConfigurator.class);
-
- private ResourceLoader resourceLoader;
-
- public void setResource(Resource resource) {
- log.debug("Loading config from: " + resource);
- if (resource != null) {
- Properties props = new Properties();
- try {
- props.load(resource.getInputStream());
- super.setConfiguration(props);
- } catch (IOException e) {
- log.error("Cannot load config", e);
- }
- } else {
- log.warn("Cannot load properties, resource: "+resource);
- }
- }
-
- public void configureVersion() {
+ ResourceLoaderAware {
+
+ private final static Log log = LogFactory.getLog(SpringConfigurator.class);
+
+ private ResourceLoader resourceLoader;
+
+ public void setResource(Resource resource) {
+ log.debug("Loading config from: " + resource);
+ if (resource != null) {
+ Properties props = new Properties();
+ try {
+ props.load(resource.getInputStream());
+ super.setConfiguration(props);
+ } catch (IOException e) {
+ log.error("Cannot load config", e);
+ }
+ } else {
+ log.warn("Cannot load properties, resource: " + resource);
+ }
+ }
+
+ public void configureVersion() {
Properties p = new Properties();
try {
- p.load(resourceLoader.getResource("META-INF/MANIFEST.MF").getInputStream());
+ p.load(resourceLoader.getResource("META-INF/MANIFEST.MF")
+ .getInputStream());
String version = p.getProperty("Implementation-Build");
- properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY, "citizen-card-environment/1.2 MOCCA "+version);
+ properties.setProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY,
+ "citizen-card-environment/1.2 MOCCA " + version);
DataUrl.setConfiguration(properties);
- log.debug("Setting user agent to: "+properties.getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY));
+ log.debug("Setting user agent to: "
+ + properties.getProperty(DataUrlConnection.USER_AGENT_PROPERTY_KEY));
} catch (IOException e) {
- log.error(e);
+ log.error(e);
+ }
+ }
+
+ public void configure() {
+ super.configure();
+ configureSSL();
+ configureVersion();
+ configureNetwork();
+ }
+
+ public void configureNetwork() {
+ String proxyHost = getProperty("HTTPProxyHost");
+ String proxyPort = getProperty("HTTPProxyPort");
+ if (proxyPort == null) {
+ proxyPort = "80";
+ }
+ if (proxyHost != null) {
+ log.debug("Setting proxy server to: " + proxyHost + ":" + proxyPort);
+ System.setProperty("http.proxyHost", proxyHost);
+ System.setProperty("http.proxyPort", proxyPort);
+ }
+ log.debug("No proxy specified");
+ String appletTimeout = getProperty("AppletTimeout");
+ if ((appletTimeout != null)) {
+ try {
+ long ato = Long.parseLong(appletTimeout);
+ RequestBrokerSTALFactory.setTimeout(ato);
+ } catch (NumberFormatException nfe) {
+ log.error("Cannot set Applettimeout", nfe);
+ }
+
+ }
+ }
+
+ private Set<TrustAnchor> getCACerts() throws IOException,
+ CertificateException {
+ Set<TrustAnchor> caCerts = new HashSet<TrustAnchor>();
+ String caDirectory = getProperty("SSL.caDirectory");
+ if (caDirectory != null) {
+ Resource caDirRes = resourceLoader.getResource(caDirectory);
+ File caDir = caDirRes.getFile();
+ if (!caDir.isDirectory()) {
+ log.error("Expecting directory as SSL.caDirectory parameter");
+ throw new SLRuntimeException(
+ "Expecting directory as SSL.caDirectory parameter");
+ }
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ for (File f : caDir.listFiles()) {
+ try {
+ FileInputStream fis = new FileInputStream(f);
+ X509Certificate cert = (X509Certificate) cf.generateCertificate(fis);
+ fis.close();
+ log.debug("Adding trusted cert " + cert.getSubjectDN());
+ caCerts.add(new TrustAnchor(cert, null));
+ } catch (Exception e) {
+ log.error("Cannot add trusted ca", e);
+ }
+ }
+ return caCerts;
+
+ } else {
+ log.warn("No CA certificates configured");
}
+ return null;
+ }
+
+ private CertStore getCertstore() throws IOException, CertificateException,
+ InvalidAlgorithmParameterException, NoSuchAlgorithmException {
+ String certDirectory = getProperty("SSL.certDirectory");
+ if (certDirectory != null) {
+ Resource certDirRes = resourceLoader.getResource(certDirectory);
+
+ File certDir = certDirRes.getFile();
+ if (!certDir.isDirectory()) {
+ log.error("Expecting directory as SSL.certDirectory parameter");
+ throw new SLRuntimeException(
+ "Expecting directory as SSL.certDirectory parameter");
+ }
+ List<X509Certificate> certCollection = new LinkedList<X509Certificate>();
+ CertificateFactory cf = CertificateFactory.getInstance("X.509");
+ for (File f : certDir.listFiles()) {
+ try {
+ FileInputStream fis = new FileInputStream(f);
+ X509Certificate cert = (X509Certificate) cf.generateCertificate(fis);
+ certCollection.add(cert);
+ fis.close();
+ log
+ .trace("Added following cert to certstore: "
+ + cert.getSubjectDN());
+ } catch (Exception ex) {
+ log.error("Cannot add certificate", ex);
+ }
+ }
+ CollectionCertStoreParameters csp = new CollectionCertStoreParameters(
+ certCollection);
+ return CertStore.getInstance("Collection", csp);
+
+ } else {
+ log.warn("No certstore configured");
+ }
+ return null;
+ }
+
+ public void configureSSL() {
+ Set<TrustAnchor> caCerts = null;
+ try {
+ caCerts = getCACerts();
+ } catch (Exception e1) {
+ log.error("Cannot load CA certificates", e1);
+ }
+ CertStore certStore = null;
+ try {
+ certStore = getCertstore();
+ } catch (Exception e1) {
+ log.error("Cannot load certstore certificates", e1);
+ }
+ System.setProperty("com.sun.security.enableAIAcaIssuers", "true");
+ try {
+ X509CertSelector selector = new X509CertSelector();
+ PKIXBuilderParameters pkixParams;
+ pkixParams = new PKIXBuilderParameters(caCerts, selector);
+ if ((getProperty("SSL.doRevocationChecking") != null)
+ && (Boolean.valueOf(getProperty("SSL.doRevocationChecking")))) {
+ log.info("Enable revocation checking");
+ pkixParams.setRevocationEnabled(true);
+ System.setProperty("com.sun.security.enableCRLDP", "true");
+ Security.setProperty("ocsp.enable", "true");
+ } else {
+ log.warn("Revocation checking disabled");
+ pkixParams.setRevocationEnabled(false);
+ }
+ pkixParams.addCertStore(certStore);
+ ManagerFactoryParameters trustParams = new CertPathTrustManagerParameters(
+ pkixParams);
+ TrustManagerFactory trustFab;
+ try {
+ trustFab = TrustManagerFactory.getInstance("PKIX");
+ trustFab.init(trustParams);
+ KeyManager[] km = null;
+ SSLContext sslCtx = SSLContext
+ .getInstance(getProperty("SSL.sslProtocol"));
+ sslCtx.init(km, trustFab.getTrustManagers(), null);
+ HttpsURLConnection
+ .setDefaultSSLSocketFactory(sslCtx.getSocketFactory());
+ } catch (Exception e) {
+ log.error("Cannot configure SSL", e);
+ }
+
+ } catch (InvalidAlgorithmParameterException e) {
+ log.error("Cannot configure SSL", e);
+ }
+ }
+
+ @Override
+ public void setResourceLoader(ResourceLoader loader) {
+ this.resourceLoader = loader;
}
-
-
- public void configure() {
- super.configure();
- configureSSL();
- configureVersion();
- configureNetwork();
- }
-
- public void configureNetwork() {
- String proxyHost = getProperty("HTTPProxyHost");
- String proxyPort = getProperty("HTTPProxyPort");
- if (proxyPort == null) {
- proxyPort = "80";
- }
- if (proxyHost != null) {
- log.debug("Setting proxy server to: "+proxyHost+":"+proxyPort);
- System.setProperty("http.proxyHost", proxyHost);
- System.setProperty("http.proxyPort", proxyPort);
- }
- log.debug("No proxy specified");
- }
-
- private Set<TrustAnchor> getCACerts() throws IOException,
- CertificateException {
- Set<TrustAnchor> caCerts = new HashSet<TrustAnchor>();
- String caDirectory = getProperty("SSL.caDirectory");
- if (caDirectory != null) {
- Resource caDirRes = resourceLoader.getResource(caDirectory);
- File caDir = caDirRes.getFile();
- if (!caDir.isDirectory()) {
- log.error("Expecting directory as SSL.caDirectory parameter");
- throw new SLRuntimeException(
- "Expecting directory as SSL.caDirectory parameter");
- }
- CertificateFactory cf = CertificateFactory.getInstance("X.509");
- for (File f : caDir.listFiles()) {
- try {
- FileInputStream fis = new FileInputStream(f);
- X509Certificate cert = (X509Certificate) cf.generateCertificate(fis);
- fis.close();
- log.debug("Adding trusted cert " + cert.getSubjectDN());
- caCerts.add(new TrustAnchor(cert, null));
- } catch (Exception e) {
- log.error("Cannot add trusted ca", e);
- }
- }
- return caCerts;
-
- } else {
- log.warn("No CA certificates configured");
- }
- return null;
- }
-
- private CertStore getCertstore() throws IOException, CertificateException,
- InvalidAlgorithmParameterException, NoSuchAlgorithmException {
- String certDirectory = getProperty("SSL.certDirectory");
- if (certDirectory != null) {
- Resource certDirRes = resourceLoader.getResource(certDirectory);
-
- File certDir = certDirRes.getFile();
- if (!certDir.isDirectory()) {
- log.error("Expecting directory as SSL.certDirectory parameter");
- throw new SLRuntimeException(
- "Expecting directory as SSL.certDirectory parameter");
- }
- List<X509Certificate> certCollection = new LinkedList<X509Certificate>();
- CertificateFactory cf = CertificateFactory.getInstance("X.509");
- for (File f : certDir.listFiles()) {
- try {
- FileInputStream fis = new FileInputStream(f);
- X509Certificate cert =(X509Certificate) cf.generateCertificate(fis);
- certCollection.add(cert);
- fis.close();
- log.trace("Added following cert to certstore: "+cert.getSubjectDN());
- } catch (Exception ex) {
- log.error("Cannot add certificate", ex);
- }
- }
- CollectionCertStoreParameters csp = new CollectionCertStoreParameters(
- certCollection);
- return CertStore.getInstance("Collection", csp);
-
- } else {
- log.warn("No certstore configured");
- }
- return null;
- }
-
- public void configureSSL() {
- Set<TrustAnchor> caCerts = null;
- try {
- caCerts = getCACerts();
- } catch (Exception e1) {
- log.error("Cannot load CA certificates", e1);
- }
- CertStore certStore = null;
- try {
- certStore = getCertstore();
- } catch (Exception e1) {
- log.error("Cannot load certstore certificates", e1);
- }
- System.setProperty("com.sun.security.enableAIAcaIssuers", "true");
- try {
- X509CertSelector selector = new X509CertSelector();
- PKIXBuilderParameters pkixParams;
- pkixParams = new PKIXBuilderParameters(caCerts, selector);
- if ((getProperty("SSL.doRevocationChecking") != null)
- && (Boolean.valueOf(getProperty("SSL.doRevocationChecking")))) {
- log.info("Enable revocation checking");
- pkixParams.setRevocationEnabled(true);
- System.setProperty("com.sun.security.enableCRLDP", "true");
- Security.setProperty("ocsp.enable", "true");
- } else {
- log.warn("Revocation checking disabled");
- pkixParams.setRevocationEnabled(false);
- }
- pkixParams.addCertStore(certStore);
- ManagerFactoryParameters trustParams = new CertPathTrustManagerParameters(
- pkixParams);
- TrustManagerFactory trustFab;
- try {
- trustFab = TrustManagerFactory.getInstance("PKIX");
- trustFab.init(trustParams);
- KeyManager[] km = null;
- SSLContext sslCtx = SSLContext
- .getInstance(getProperty("SSL.sslProtocol"));
- sslCtx.init(km, trustFab.getTrustManagers(), null);
- HttpsURLConnection
- .setDefaultSSLSocketFactory(sslCtx.getSocketFactory());
- } catch (Exception e) {
- log.error("Cannot configure SSL", e);
- }
-
- } catch (InvalidAlgorithmParameterException e) {
- log.error("Cannot configure SSL", e);
- }
- }
-
- @Override
- public void setResourceLoader(ResourceLoader loader) {
- this.resourceLoader = loader;
- }
}
\ No newline at end of file diff --git a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java index bb552002..45ee67d0 100644 --- a/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java +++ b/BKUOnline/src/main/java/at/gv/egiz/stal/service/impl/RequestBrokerSTALFactory.java @@ -32,7 +32,7 @@ import at.gv.egiz.stal.STALFactory; */ public class RequestBrokerSTALFactory implements STALFactory { - private long timeout; + private static long timeout; @Override public STAL createSTAL() { @@ -43,7 +43,7 @@ public class RequestBrokerSTALFactory implements STALFactory { public void setLocale(Locale locale) { } - public void setTimeout(long millisec) { + public static void setTimeout(long millisec) { timeout = millisec; } } |