From 4af6912e43237c3678f05e30c69385481f42ae76 Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 12 May 2009 14:46:41 +0000 Subject: bku web start git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@354 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/webstart/BKULauncher.java | 221 +++++++++++++++++++++ .../src/main/java/at/gv/egiz/bku/webstart/CA.java | 117 +++++++++++ .../java/at/gv/egiz/bku/webstart/Container.java | 86 ++++++++ .../bku/webstart/ui/BKUControllerInterface.java | 23 +++ .../at/gv/egiz/bku/webstart/ui/TrayIconDialog.java | 202 +++++++++++++++++++ .../bku/webstart/ui/TrayIconDialogInterface.java | 33 +++ 6 files changed, 682 insertions(+) create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/CA.java create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/BKUControllerInterface.java create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialogInterface.java (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java new file mode 100644 index 00000000..854e6535 --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java @@ -0,0 +1,221 @@ +package at.gv.egiz.bku.webstart; + +import java.io.File; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.security.KeyStore; +import java.util.Enumeration; +import java.util.Locale; +import java.util.MissingResourceException; +import java.util.ResourceBundle; +import java.util.zip.ZipEntry; +import java.util.zip.ZipFile; + +//import org.apache.commons.cli.CommandLine; +//import org.apache.commons.cli.CommandLineParser; +//import org.apache.commons.cli.HelpFormatter; +//import org.apache.commons.cli.Options; +//import org.apache.commons.cli.ParseException; +//import org.apache.commons.cli.PosixParser; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.webstart.ui.BKUControllerInterface; +import at.gv.egiz.bku.webstart.ui.TrayIconDialog; +import at.gv.egiz.bku.utils.StreamUtil; + +public class BKULauncher implements BKUControllerInterface { + + private static Log log = LogFactory.getLog(BKULauncher.class); + + private ResourceBundle resourceBundle = null; + private Container server; +// private SplashScreen splash = SplashScreen.getSplashScreen(); + + private void startUpServer() throws Exception { + server = new Container(); + // XmlConfiguration xcfg = new XmlConfiguration(getClass().getClassLoader() + // .getResourceAsStream("at/gv/egiz/bku/local/app/jetty.xml")); + // xcfg.configure(server); + server.init(); + server.start(); + } + + private void initTrayIcon() { + Locale loc = Locale.getDefault(); + try { + resourceBundle = ResourceBundle.getBundle( + "at/gv/egiz/bku/webstart/ui/UIMessages", loc); + } catch (MissingResourceException mx) { + resourceBundle = ResourceBundle.getBundle( + "at/gv/egiz/bku/webstart/ui/UIMessages", Locale.ENGLISH); + } + TrayIconDialog.getInstance().init(resourceBundle); + TrayIconDialog.getInstance().setShutdownHook(this); + TrayIconDialog.getInstance().displayInfo("Greetings.Caption", + "Greetings.Message"); + } + + private void initStart() { + + } + + private void initFinished() { + try { +// if (splash != null) { +// try { +// splash.close(); +// } catch (IllegalStateException ex) { +// log.warn("Failed to close splash screen: " + ex.getMessage()); +// } +// } + server.join(); + } catch (InterruptedException e) { + log.info(e); + } + } + +// private void copyDirs(File srcDir, File dstDir) { +// for (File cf : srcDir.listFiles()) { +// File of = new File(dstDir, cf.getName()); +// if (cf.isDirectory()) { +// log.debug("Creating directory: " + of); +// of.mkdir(); +// copyDirs(cf, of); +// } else { +// log.debug("Writing file: " + of); +// try { +// FileInputStream fis = new FileInputStream(cf); +// FileOutputStream fos = new FileOutputStream(of); +// StreamUtil.copyStream(fis, fos); +// fis.close(); +// fos.close(); +// } catch (IOException e) { +// log.error("Cannot copy default configuration", e); +// } +// } +// } +// } + + private void unzip(File zipfile) throws IOException { + File dir = zipfile.getParentFile(); + ZipFile zipFile = new ZipFile(zipfile); + Enumeration entries = zipFile.entries(); + while (entries.hasMoreElements()) { + ZipEntry entry = entries.nextElement(); + File eF = new File(dir, entry.getName()); + if (entry.isDirectory()) { + eF.mkdirs(); + continue; + } + File f = new File(eF.getParent()); + f.mkdirs(); + StreamUtil.copyStream(zipFile.getInputStream(entry), + new FileOutputStream(eF)); + } + zipFile.close(); + } + + private void checkConfig(String[] args) { +// CommandLineParser parser = new PosixParser(); +// Options options = new Options(); +// options.addOption("c", true, "the configuration's base directory"); +// options.addOption("h", false, "print this message"); +// try { + File cfgDir = new File(System.getProperty("user.home") + "/.mocca/conf"); +// CommandLine cmd = parser.parse(options, args); +// if (cmd.hasOption("h")) { +// HelpFormatter formatter = new HelpFormatter(); +// formatter.printHelp("BKULauncher", options); +// System.exit(0); +// } +// +// if (cmd.hasOption("c")) { +// cfgDir = new File(cmd.getOptionValue("c")); +// } + log.debug("using config directory: " + cfgDir); + if (cfgDir.exists() && cfgDir.isFile()) { + log.error("Configuration directory must not be a file"); + } + if (!cfgDir.exists()) { + log.debug("Creating config directory: " + cfgDir); + cfgDir.mkdirs(); + try { + InputStream is = getClass().getClassLoader().getResourceAsStream( + "at/gv/egiz/bku/webstart/defaultConf/template.zip"); + OutputStream os = new FileOutputStream(new File(cfgDir, + "template.zip")); + StreamUtil.copyStream(is, os); + os.close(); + unzip(new File(cfgDir, "template.zip")); + } catch (IOException iox) { + log.error("Cannot create user directory", iox); + return; + } + CA ca = new CA(); + char[] password = "changeMe".toCharArray(); + KeyStore ks = ca.generateKeyStore(password); + if (ks != null) { + File ksdir = new File(cfgDir, "keystore"); + ksdir.mkdirs(); + FileOutputStream fos; + try { + fos = new FileOutputStream(new File(ksdir, "keystore.ks")); + ks.store(fos, password); + fos.close(); + } catch (Exception e) { + log.error("Cannot store keystore", e); + } + } else { + log.error("Cannot create ssl certificate"); + } + } +// } catch (ParseException e1) { +// log.error(e1); +// HelpFormatter formatter = new HelpFormatter(); +// formatter.printHelp("BKULauncher", options); +// System.exit(0); +// } + } + + /** + * @param args + */ + public static void main(String[] args) { + try { + log.warn("***** DISABLING SECURITY MANAGER *******"); + System.setSecurityManager(null); + BKULauncher launcher = new BKULauncher(); + launcher.initStart(); + launcher.checkConfig(args); + launcher.startUpServer(); + launcher.initTrayIcon(); + launcher.initFinished(); + } catch (Exception e) { + log.fatal("Cannot launch BKU", e); + System.exit(-1000); + } + + } + + public void shutDown() { + log.info("Shutting down server"); + if ((server != null) && (server.isRunning())) { + try { + if (server.isRunning()) { + server.stop(); + } + } catch (Exception e) { + log.debug(e.toString()); + } finally { + if (server.isRunning()) { + server.destroy(); + } + } + } + System.exit(0); + } + +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/CA.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/CA.java new file mode 100644 index 00000000..f81d3d83 --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/CA.java @@ -0,0 +1,117 @@ +package at.gv.egiz.bku.webstart; + +import iaik.asn1.ObjectID; +import iaik.asn1.structures.AlgorithmID; +import iaik.asn1.structures.Name; +import iaik.x509.X509Certificate; +import iaik.x509.extensions.BasicConstraints; +import iaik.x509.extensions.KeyUsage; + +import java.math.BigInteger; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.GeneralSecurityException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.KeyStore; +import java.security.NoSuchAlgorithmException; +import java.util.Calendar; +import java.util.GregorianCalendar; +import java.util.Random; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public class CA { + private final static Log log = LogFactory.getLog(CA.class); + + private KeyPair caKeyPair; + private X509Certificate caCert; + + private KeyPair serverKeyPair; + private X509Certificate serverCert; + + public CA() { + } + + private KeyPair generateKeyPair() throws NoSuchAlgorithmException { + KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA"); + gen.initialize(2048); + return gen.generateKeyPair(); + } + + private void generateCA() throws GeneralSecurityException { + log.debug("Generating CA certificate"); + Name subject = new Name(); + subject.addRDN(ObjectID.country, "AT"); + subject.addRDN(ObjectID.organization, "MOCCA"); + subject.addRDN(ObjectID.organizationalUnit, "MOCCA-CA"); + + caKeyPair = generateKeyPair(); + caCert = new X509Certificate(); + caCert.setSerialNumber(new BigInteger(20, new Random())); + caCert.setSubjectDN(subject); + caCert.setPublicKey(caKeyPair.getPublic()); + caCert.setIssuerDN(subject); + + caCert.addExtension(new BasicConstraints(true)); + caCert.addExtension(new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign + | KeyUsage.digitalSignature)); + + GregorianCalendar date = new GregorianCalendar(); + date.add(Calendar.HOUR_OF_DAY, -1); + caCert.setValidNotBefore(date.getTime()); + date.add(Calendar.YEAR, 7); + caCert.setValidNotAfter(date.getTime()); + caCert.sign(AlgorithmID.sha1WithRSAEncryption, caKeyPair.getPrivate()); + log.debug("Successfully signed CA certificate"); + } + + private void generateServerCert() throws GeneralSecurityException { + log.debug("Generating SSL certificate"); + Name subject = new Name(); + subject.addRDN(ObjectID.country, "AT"); + subject.addRDN(ObjectID.organization, "MOCCA"); + try { + subject.addRDN(ObjectID.commonName, InetAddress.getLocalHost() + .getHostName()); + } catch (UnknownHostException e) { + subject.addRDN(ObjectID.commonName, "localhost"); + } + serverKeyPair = generateKeyPair(); + serverCert = new X509Certificate(); + serverCert.setSerialNumber(new BigInteger(20, new Random())); + serverCert.setSubjectDN(subject); + serverCert.setPublicKey(serverKeyPair.getPublic()); + serverCert.setIssuerDN(caCert.getSubjectDN()); + + serverCert.addExtension(new BasicConstraints(false)); + serverCert.addExtension(new KeyUsage(KeyUsage.keyEncipherment + | KeyUsage.digitalSignature)); + + GregorianCalendar date = new GregorianCalendar(); + date.add(Calendar.HOUR_OF_DAY, -1); + serverCert.setValidNotBefore(date.getTime()); + date.add(Calendar.YEAR, 7); + date.add(Calendar.HOUR_OF_DAY, -1); + serverCert.setValidNotAfter(date.getTime()); + serverCert.sign(AlgorithmID.sha1WithRSAEncryption, caKeyPair.getPrivate()); + log.debug("Successfully signed server certificate"); + caKeyPair = null; + } + + public KeyStore generateKeyStore(char[] password) { + try { + generateCA(); + generateServerCert(); + KeyStore ks = KeyStore.getInstance("JKS"); + ks.load(null, null); + ks.setKeyEntry("server", serverKeyPair.getPrivate(), password, new X509Certificate[]{serverCert, caCert}); + return ks; + } catch (Exception e) { + log.error("Cannot generate certificate", e); + } + return null; + } + +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java new file mode 100644 index 00000000..ef12e4fd --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -0,0 +1,86 @@ +package at.gv.egiz.bku.webstart; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.mortbay.jetty.Connector; +import org.mortbay.jetty.Handler; +import org.mortbay.jetty.Server; +import org.mortbay.jetty.handler.DefaultHandler; +import org.mortbay.jetty.handler.HandlerCollection; +import org.mortbay.jetty.nio.SelectChannelConnector; +import org.mortbay.jetty.security.SslSocketConnector; +import org.mortbay.jetty.webapp.WebAppContext; +import org.mortbay.thread.QueuedThreadPool; + +public class Container { + + public static final String HTTP_PORT = "mocca.http.port"; + public static final String HTTPS_PORT = "mocca.http.port"; + + private static Log log = LogFactory.getLog(Container.class); + + private Server server; + + public Container() { + } + + public void init() { + server = new Server(); + QueuedThreadPool qtp = new QueuedThreadPool(); + qtp.setMaxThreads(5); + qtp.setMinThreads(2); + qtp.setLowThreads(0); + server.setThreadPool(qtp); + server.setStopAtShutdown(true); + server.setGracefulShutdown(3000); + + SelectChannelConnector connector = new SelectChannelConnector(); + connector.setPort(Integer.getInteger(HTTP_PORT, 3495).intValue()); + connector.setAcceptors(1); + connector.setConfidentialPort(Integer.getInteger(HTTPS_PORT, 3496).intValue()); + + SslSocketConnector sslConnector = new SslSocketConnector(); + sslConnector.setPort(Integer.getInteger(HTTPS_PORT, 3496).intValue()); + sslConnector.setAcceptors(1); + sslConnector.setKeystore(System.getProperty("user.home") + + "/.mocca/conf/keystore/keystore.ks"); + sslConnector.setPassword("changeMe"); + sslConnector.setKeyPassword("changeMe"); + + server.setConnectors(new Connector[] { connector, sslConnector }); + +// HandlerCollection handlers = new HandlerCollection(); + WebAppContext webapp = new WebAppContext(); + webapp.setContextPath("/"); + webapp.setExtractWAR(true); //false + webapp.setParentLoaderPriority(false); + +// webappcontext.setWar("BKULocal-1.0.4-SNAPSHOT.war"); + webapp.setWar(getClass().getClassLoader().getResource("BKULocalWar/").toString()); + +// handlers.setHandlers(new Handler[] { webappcontext, new DefaultHandler() }); + + server.setHandler(webapp); + server.setGracefulShutdown(1000*3); + } + + public void start() throws Exception { + server.start(); + } + + public boolean isRunning() { + return server.isRunning(); + } + + public void stop() throws Exception { + server.stop(); + } + + public void destroy() { + server.destroy(); + } + + public void join() throws InterruptedException { + server.join(); + } +} \ No newline at end of file diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/BKUControllerInterface.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/BKUControllerInterface.java new file mode 100644 index 00000000..fd9838f9 --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/BKUControllerInterface.java @@ -0,0 +1,23 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.webstart.ui; + +public interface BKUControllerInterface { + + public void shutDown(); + +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java new file mode 100644 index 00000000..4679eac5 --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java @@ -0,0 +1,202 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.webstart.ui; + +import java.awt.AWTException; +import java.awt.Image; +import java.awt.MenuItem; +import java.awt.PopupMenu; +import java.awt.SystemTray; +import java.awt.TrayIcon; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.io.IOException; +import java.lang.reflect.InvocationHandler; +import java.lang.reflect.Method; +import java.lang.reflect.Proxy; +import java.util.ResourceBundle; + +import javax.imageio.ImageIO; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public class TrayIconDialog implements TrayIconDialogInterface { + + private static Log log = LogFactory.getLog(TrayIconDialog.class); + private static TrayIconDialogInterface instance; + private boolean isSupported; + private BKUControllerInterface shutDown; + private TrayIcon trayIcon = null; + private ResourceBundle resourceBundle = null; + + private TrayIconDialog() { + } + + private void displayTrayMsg(String captionID, String messageID, + TrayIcon.MessageType type) { + if ((isSupported) && (resourceBundle != null)) { + try { + trayIcon.displayMessage(resourceBundle.getString(captionID), + resourceBundle.getString(messageID), type); + } catch (Exception ex) { + log.error(ex); + } + } + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.bku.local.ui.TrayIconDialogInterface#displayInfo(java.lang.String + * , java.lang.String) + */ + public void displayInfo(String captionID, String messageID) { + displayTrayMsg(captionID, messageID, TrayIcon.MessageType.INFO); + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.bku.local.ui.TrayIconDialogInterface#displayWarning(java.lang + * .String, java.lang.String) + */ + public void displayWarning(String captionID, String messageID) { + displayTrayMsg(captionID, messageID, TrayIcon.MessageType.WARNING); + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.bku.local.ui.TrayIconDialogInterface#displayError(java.lang. + * String, java.lang.String) + */ + public void displayError(String captionID, String messageID) { + displayTrayMsg(captionID, messageID, TrayIcon.MessageType.ERROR); + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.bku.local.ui.TrayIconDialogInterface#init(java.util.ResourceBundle + * ) + */ + public void init(ResourceBundle resourceBundel) { + this.resourceBundle = resourceBundel; + isSupported = SystemTray.isSupported(); + log.info("Trayicon supported: " + isSupported); + try { + if (isSupported) { + SystemTray tray = SystemTray.getSystemTray(); + Image image = ImageIO.read(getClass().getClassLoader() + .getResourceAsStream("at/gv/egiz/bku/webstart/ui/logo.png")); + PopupMenu popup = new PopupMenu(); + MenuItem exitItem = new MenuItem(resourceBundel + .getString("TrayMenu.Shutdown")); + popup.add(exitItem); + exitItem.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + log.info("Calling Shutdown"); + if (shutDown != null) { + shutDown.shutDown(); + } + } + }); + + trayIcon = new TrayIcon(image, "BKULogo", popup); + trayIcon.setImageAutoSize(true); + trayIcon.setToolTip(resourceBundel.getString("TrayMenu.Tooltip")); + try { + tray.add(trayIcon); + } catch (AWTException e) { + log.error("TrayIcon could not be added.", e); + isSupported = false; + } + } + } catch (IOException e) { + log.error(e); + } + } + + /* + * (non-Javadoc) + * + * @see + * at.gv.egiz.bku.local.ui.TrayIconDialogInterface#setShutdownHook(at.gv.egiz + * .bku.local.ui.BKUControllerInterface) + */ + public void setShutdownHook(BKUControllerInterface shutDown) { + this.shutDown = shutDown; + } + + @SuppressWarnings("unchecked") + public synchronized static TrayIconDialogInterface getInstance() { + ClassLoader cl = TrayIconDialog.class.getClassLoader(); + if (instance == null) { + if (cl.toString().equals(cl.getParent().toString())) { + instance = new TrayIconDialog(); + return instance; + } + ClassLoader parent = cl; + while (!parent.toString().equals(cl.getParent().toString())) { + parent = parent.getParent(); + } + try { + Class otherClassInstance = (Class) parent + .loadClass(TrayIconDialog.class.getName()); + Method getInstanceMethod = otherClassInstance.getDeclaredMethod( + "getInstance", new Class[] {}); + Object otherSingleton = getInstanceMethod.invoke(null, new Object[] {}); + instance = (TrayIconDialogInterface) Proxy.newProxyInstance(cl, + new Class[] { TrayIconDialogInterface.class }, + new PassThroughProxyHandler(otherSingleton)); + } catch (ClassNotFoundException ce) { + instance = new TrayIconDialog(); + } catch (Exception e) { + log.error(e); + instance = new TrayIconDialog(); + } + return instance; + } + return instance; + } + + /** + * + * Only works for public methods + * + */ + static class PassThroughProxyHandler implements InvocationHandler { + private final Object delegate; + + public PassThroughProxyHandler(Object delegate) { + this.delegate = delegate; + } + + public Object invoke(Object proxy, Method method, Object[] args) + throws Throwable { + Method delegateMethod = delegate.getClass().getMethod(method.getName(), + method.getParameterTypes()); + return delegateMethod.invoke(delegate, args); + } + } + +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialogInterface.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialogInterface.java new file mode 100644 index 00000000..078844cb --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialogInterface.java @@ -0,0 +1,33 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.webstart.ui; + +import java.util.ResourceBundle; + +public interface TrayIconDialogInterface { + + public abstract void displayInfo(String captionID, String messageID); + + public abstract void displayWarning(String captionID, String messageID); + + public abstract void displayError(String captionID, String messageID); + + public abstract void init(ResourceBundle resourceBundel); + + public abstract void setShutdownHook(BKUControllerInterface shutDown); + +} \ No newline at end of file -- cgit v1.2.3 From 61366ba8efcc0cf3d36438e9ee26228e7bc66174 Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 12 Jun 2009 12:42:05 +0000 Subject: BKU Web Start git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@361 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/webstart/BKULauncher.java | 339 +++++++++++++++------ .../src/main/java/at/gv/egiz/bku/webstart/CA.java | 117 ------- .../java/at/gv/egiz/bku/webstart/Container.java | 60 ++-- .../java/at/gv/egiz/bku/webstart/TLSServerCA.java | 138 +++++++++ .../at/gv/egiz/bku/webstart/ui/TrayIconDialog.java | 9 +- 5 files changed, 428 insertions(+), 235 deletions(-) delete mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/CA.java create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java index 854e6535..3d09fb00 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java @@ -1,15 +1,23 @@ package at.gv.egiz.bku.webstart; +import iaik.asn1.CodingException; import java.io.File; +import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; +import java.net.MalformedURLException; import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; import java.util.Enumeration; import java.util.Locale; import java.util.MissingResourceException; import java.util.ResourceBundle; +import java.util.logging.Level; +import java.util.logging.Logger; import java.util.zip.ZipEntry; import java.util.zip.ZipFile; @@ -25,16 +33,157 @@ import org.apache.commons.logging.LogFactory; import at.gv.egiz.bku.webstart.ui.BKUControllerInterface; import at.gv.egiz.bku.webstart.ui.TrayIconDialog; import at.gv.egiz.bku.utils.StreamUtil; +import java.awt.Desktop; +import java.io.BufferedInputStream; +import java.io.BufferedOutputStream; +import java.io.BufferedReader; +import java.io.BufferedWriter; +import java.io.FileInputStream; +import java.io.FileReader; +import java.io.FileWriter; +import java.net.URI; +import java.net.URL; +import java.security.GeneralSecurityException; +import java.util.UUID; +import java.util.jar.Attributes; +import java.util.jar.Manifest; +import java.util.zip.ZipOutputStream; public class BKULauncher implements BKUControllerInterface { + /** configurations with less than this (major) version will be backuped and updated */ + public static final String MIN_CONFIG_VERSION = "1.0.3"; + public static final String CONFIG_DIR = ".mocca/conf/"; + public static final String CONF_TEMPLATE_FILE = "template.zip"; + public static final String CONF_TEMPLATE_RESOURCE = "at/gv/egiz/bku/webstart/conf/template.zip"; + public static final String WEBAPP_RESOURCE = "BKULocal.war"; + public static final String WEBAPP_FILE = "BKULocal.war"; + public static final String KEYSTORE_FILE = "keystore.ks"; + public static final String MESSAGES_RESOURCE = "at/gv/egiz/bku/webstart/ui/UIMessages"; + public static final String PASSWD_FILE = ".secret"; + /** resource bundle messages */ + public static final String GREETING_CAPTION = "Greetings.Caption"; + public static final String GREETING_MESSAGE = "Greetings.Message"; + public static final String VERSION_FILE = ".version"; private static Log log = LogFactory.getLog(BKULauncher.class); - private ResourceBundle resourceBundle = null; private Container server; -// private SplashScreen splash = SplashScreen.getSplashScreen(); + private void createConfig(File configDir, File versionFile, String version) throws IOException, CertificateException, GeneralSecurityException, KeyStoreException, FileNotFoundException, NoSuchAlgorithmException { + log.debug("creating config directory: " + configDir); + configDir.mkdirs(); + InputStream is = getClass().getClassLoader().getResourceAsStream(CONF_TEMPLATE_RESOURCE); + OutputStream os = new FileOutputStream(new File(configDir, CONF_TEMPLATE_FILE)); + StreamUtil.copyStream(is, os); + os.close(); + File confTemplateFile = new File(configDir, CONF_TEMPLATE_FILE); + unzip(confTemplateFile); + confTemplateFile.delete(); + writeVersionFile(versionFile, version); + } + + private void createCertificates(File configDir) throws IOException, GeneralSecurityException, CodingException { + char[] password = UUID.randomUUID().toString().toCharArray(); + File passwdFile = new File(configDir, PASSWD_FILE); + FileWriter passwdWriter = new FileWriter(passwdFile); + passwdWriter.write(password); + passwdWriter.close(); + if (!passwdFile.setReadable(true, true)) { + passwdFile.delete(); + throw new IOException("failed to make " + passwdFile + " owner readable only, deleting file"); + } + TLSServerCA ca = new TLSServerCA(); + KeyStore ks = ca.generateKeyStore(password); + FileOutputStream fos = new FileOutputStream(new File(configDir, KEYSTORE_FILE)); + ks.store(fos, password); + fos.close(); + } + + private String getFileVersion(File versionFile) throws FileNotFoundException, IOException { + //TODO no file? + if (versionFile.exists() && versionFile.canRead()) { + BufferedReader versionReader = new BufferedReader(new FileReader(versionFile)); + String versionString = null; + while ((versionString = versionReader.readLine().trim()) != null) { + if (versionString.length() > 0 && !versionString.startsWith("#")) { + log.debug("found existing configuration version " + versionString); + break; + } + } + return versionString; + } + return null; + } + + private String getManifestVersion() throws MalformedURLException, IOException { + String bkuWebStartJar = BKULauncher.class.getProtectionDomain().getCodeSource().getLocation().toString(); + URL manifestURL = new URL("jar:" + bkuWebStartJar + "!/META-INF/MANIFEST.MF"); + String version = null; + if (manifestURL != null) { + Manifest manifest = new Manifest(manifestURL.openStream()); + if (log.isTraceEnabled()) { + log.trace("read version information from " + manifestURL); + } + Attributes atts = manifest.getMainAttributes(); + if (atts != null) { + version = atts.getValue("Implementation-Build"); + } + } + if (version == null) { + version = "UNKNOWN"; + } + log.debug("config version: " + version); + return version; + } + + /** + * change the + * @param oldVersion + * @param newVersion + * @return + */ + private boolean updateRequired(String oldVersion, String newVersion) { + if (oldVersion != null) { + int majorEnd = oldVersion.indexOf('-'); + if (majorEnd > 0) { + oldVersion = oldVersion.substring(0, majorEnd); + } + return (oldVersion.compareTo(MIN_CONFIG_VERSION) < 0); + } + log.debug("no old version, update required"); + return true; + } + + private boolean updateRequiredStrict(String oldVersion, String newVersion) { + String[] oldV = oldVersion.split("-"); + String[] newV = newVersion.split("-"); + log.debug("comparing " + oldV[0] + " to " + newV[0]); + if (oldV[0].compareTo(newV[0]) < 0) { + log.debug("update required"); + return true; + } else { + log.debug("comparing " + oldV[oldV.length - 1] + " to " + newV[newV.length - 1]); + if (oldV[oldV.length - 1].compareTo(newV[newV.length - 1]) < 0) { + log.debug("update required"); + return true; + } else { + log.debug("no update required"); + return false; + } + } + } + + private void writeVersionFile(File versionFile, String version) throws IOException { + BufferedWriter versionWriter = new BufferedWriter(new FileWriter(versionFile)); + versionWriter.write("# MOCCA Web Start configuration version\n"); + versionWriter.write("# DO NOT MODIFY THIS FILE\n\n"); + versionWriter.write(version); + versionWriter.close(); + } + +// private SplashScreen splash = SplashScreen.getSplashScreen(); private void startUpServer() throws Exception { + log.info("init servlet container and MOCCA webapp"); server = new Container(); // XmlConfiguration xcfg = new XmlConfiguration(getClass().getClassLoader() // .getResourceAsStream("at/gv/egiz/bku/local/app/jetty.xml")); @@ -44,25 +193,24 @@ public class BKULauncher implements BKUControllerInterface { } private void initTrayIcon() { + log.debug("init MOCCA tray icon"); Locale loc = Locale.getDefault(); try { resourceBundle = ResourceBundle.getBundle( - "at/gv/egiz/bku/webstart/ui/UIMessages", loc); + MESSAGES_RESOURCE, loc); } catch (MissingResourceException mx) { resourceBundle = ResourceBundle.getBundle( - "at/gv/egiz/bku/webstart/ui/UIMessages", Locale.ENGLISH); + MESSAGES_RESOURCE, Locale.ENGLISH); } TrayIconDialog.getInstance().init(resourceBundle); TrayIconDialog.getInstance().setShutdownHook(this); - TrayIconDialog.getInstance().displayInfo("Greetings.Caption", - "Greetings.Message"); + TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); } private void initStart() { - } - private void initFinished() { + private void initFinished(boolean installCert) { try { // if (splash != null) { // try { @@ -71,34 +219,33 @@ public class BKULauncher implements BKUControllerInterface { // log.warn("Failed to close splash screen: " + ex.getMessage()); // } // } + + log.debug("trying install MOCCA certificate on system browser"); + if (installCert) { + if (Desktop.isDesktopSupported()) { + Desktop desktop = Desktop.getDesktop(); + if (desktop.isSupported(Desktop.Action.BROWSE)) { + try { + desktop.browse(new URI("https://localhost:" + + Integer.getInteger(Container.HTTPS_PORT_PROPERTY, 3496).intValue())); + } catch (Exception ex) { + log.error("failed to open system browser, install MOCCA certificate manually", ex); + } + } else { + log.error("failed to open system browser, install MOCCA certificate manually"); + } + } else { + log.error("failed to open system browser, install MOCCA certificate manually"); + } + } + + log.info("init completed, joining server"); server.join(); } catch (InterruptedException e) { - log.info(e); + log.warn("failed to join MOCCA server: " + e.getMessage(), e); } } -// private void copyDirs(File srcDir, File dstDir) { -// for (File cf : srcDir.listFiles()) { -// File of = new File(dstDir, cf.getName()); -// if (cf.isDirectory()) { -// log.debug("Creating directory: " + of); -// of.mkdir(); -// copyDirs(cf, of); -// } else { -// log.debug("Writing file: " + of); -// try { -// FileInputStream fis = new FileInputStream(cf); -// FileOutputStream fos = new FileOutputStream(of); -// StreamUtil.copyStream(fis, fos); -// fis.close(); -// fos.close(); -// } catch (IOException e) { -// log.error("Cannot copy default configuration", e); -// } -// } -// } -// } - private void unzip(File zipfile) throws IOException { File dir = zipfile.getParentFile(); ZipFile zipFile = new ZipFile(zipfile); @@ -113,73 +260,11 @@ public class BKULauncher implements BKUControllerInterface { File f = new File(eF.getParent()); f.mkdirs(); StreamUtil.copyStream(zipFile.getInputStream(entry), - new FileOutputStream(eF)); + new FileOutputStream(eF)); } zipFile.close(); } - private void checkConfig(String[] args) { -// CommandLineParser parser = new PosixParser(); -// Options options = new Options(); -// options.addOption("c", true, "the configuration's base directory"); -// options.addOption("h", false, "print this message"); -// try { - File cfgDir = new File(System.getProperty("user.home") + "/.mocca/conf"); -// CommandLine cmd = parser.parse(options, args); -// if (cmd.hasOption("h")) { -// HelpFormatter formatter = new HelpFormatter(); -// formatter.printHelp("BKULauncher", options); -// System.exit(0); -// } -// -// if (cmd.hasOption("c")) { -// cfgDir = new File(cmd.getOptionValue("c")); -// } - log.debug("using config directory: " + cfgDir); - if (cfgDir.exists() && cfgDir.isFile()) { - log.error("Configuration directory must not be a file"); - } - if (!cfgDir.exists()) { - log.debug("Creating config directory: " + cfgDir); - cfgDir.mkdirs(); - try { - InputStream is = getClass().getClassLoader().getResourceAsStream( - "at/gv/egiz/bku/webstart/defaultConf/template.zip"); - OutputStream os = new FileOutputStream(new File(cfgDir, - "template.zip")); - StreamUtil.copyStream(is, os); - os.close(); - unzip(new File(cfgDir, "template.zip")); - } catch (IOException iox) { - log.error("Cannot create user directory", iox); - return; - } - CA ca = new CA(); - char[] password = "changeMe".toCharArray(); - KeyStore ks = ca.generateKeyStore(password); - if (ks != null) { - File ksdir = new File(cfgDir, "keystore"); - ksdir.mkdirs(); - FileOutputStream fos; - try { - fos = new FileOutputStream(new File(ksdir, "keystore.ks")); - ks.store(fos, password); - fos.close(); - } catch (Exception e) { - log.error("Cannot store keystore", e); - } - } else { - log.error("Cannot create ssl certificate"); - } - } -// } catch (ParseException e1) { -// log.error(e1); -// HelpFormatter formatter = new HelpFormatter(); -// formatter.printHelp("BKULauncher", options); -// System.exit(0); -// } - } - /** * @param args */ @@ -189,15 +274,74 @@ public class BKULauncher implements BKUControllerInterface { System.setSecurityManager(null); BKULauncher launcher = new BKULauncher(); launcher.initStart(); - launcher.checkConfig(args); + + File configDir = new File(System.getProperty("user.home") + '/' + CONFIG_DIR); + boolean installCert = launcher.ensureConfig(configDir); launcher.startUpServer(); launcher.initTrayIcon(); - launcher.initFinished(); + launcher.initFinished(installCert); } catch (Exception e) { - log.fatal("Cannot launch BKU", e); + log.fatal("Failed to launch BKU: " + e.getMessage(), e); System.exit(-1000); } + } + + private void backupAndDelete(File dir, URI relativeTo, ZipOutputStream zip) throws IOException { + if (dir.isDirectory()) { + File[] subDirs = dir.listFiles(); + for (File subDir : subDirs) { + backupAndDelete(subDir, relativeTo, zip); + subDir.delete(); + } + } else { + URI relativePath = relativeTo.relativize(dir.toURI()); + ZipEntry entry = new ZipEntry(relativePath.toString()); + zip.putNextEntry(entry); + BufferedInputStream entryIS = new BufferedInputStream(new FileInputStream(dir)); + StreamUtil.copyStream(entryIS, zip); + entryIS.close(); + zip.closeEntry(); + dir.delete(); + } + } + /** + * Checks whether the config directory already exists and creates it otherwise. + * @param configDir the config directory to be created + * @return true if a new MOCCA cert was created (and needs to be installed in the browser) + */ + private boolean ensureConfig(File configDir) throws IOException, GeneralSecurityException, CodingException { + log.debug("config directory: " + configDir); + String manifestVersion = getManifestVersion(); + File versionFile = new File(configDir, VERSION_FILE); + + if (configDir.exists()) { + if (configDir.isFile()) { + log.error("invalid config directory: " + configDir); + throw new IOException("invalid config directory: " + configDir); + } else { + String fileVersion = getFileVersion(versionFile); + if (updateRequired(fileVersion, manifestVersion)) { + if (fileVersion == null) { + fileVersion = "unknown"; + } + log.info("updating configuration from " + fileVersion + " to " + manifestVersion); + File moccaDir = configDir.getParentFile(); + File zipFile = new File(moccaDir, "conf-" + fileVersion + ".zip"); + ZipOutputStream zipOS = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(zipFile))); + backupAndDelete(configDir, moccaDir.toURI(), zipOS); + zipOS.close(); + createConfig(configDir, versionFile, manifestVersion); + createCertificates(configDir); + return true; + } + } + } else { + createConfig(configDir, versionFile, manifestVersion); + createCertificates(configDir); + return true; + } + return false; } public void shutDown() { @@ -217,5 +361,4 @@ public class BKULauncher implements BKUControllerInterface { } System.exit(0); } - } diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/CA.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/CA.java deleted file mode 100644 index f81d3d83..00000000 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/CA.java +++ /dev/null @@ -1,117 +0,0 @@ -package at.gv.egiz.bku.webstart; - -import iaik.asn1.ObjectID; -import iaik.asn1.structures.AlgorithmID; -import iaik.asn1.structures.Name; -import iaik.x509.X509Certificate; -import iaik.x509.extensions.BasicConstraints; -import iaik.x509.extensions.KeyUsage; - -import java.math.BigInteger; -import java.net.InetAddress; -import java.net.UnknownHostException; -import java.security.GeneralSecurityException; -import java.security.KeyPair; -import java.security.KeyPairGenerator; -import java.security.KeyStore; -import java.security.NoSuchAlgorithmException; -import java.util.Calendar; -import java.util.GregorianCalendar; -import java.util.Random; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -public class CA { - private final static Log log = LogFactory.getLog(CA.class); - - private KeyPair caKeyPair; - private X509Certificate caCert; - - private KeyPair serverKeyPair; - private X509Certificate serverCert; - - public CA() { - } - - private KeyPair generateKeyPair() throws NoSuchAlgorithmException { - KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA"); - gen.initialize(2048); - return gen.generateKeyPair(); - } - - private void generateCA() throws GeneralSecurityException { - log.debug("Generating CA certificate"); - Name subject = new Name(); - subject.addRDN(ObjectID.country, "AT"); - subject.addRDN(ObjectID.organization, "MOCCA"); - subject.addRDN(ObjectID.organizationalUnit, "MOCCA-CA"); - - caKeyPair = generateKeyPair(); - caCert = new X509Certificate(); - caCert.setSerialNumber(new BigInteger(20, new Random())); - caCert.setSubjectDN(subject); - caCert.setPublicKey(caKeyPair.getPublic()); - caCert.setIssuerDN(subject); - - caCert.addExtension(new BasicConstraints(true)); - caCert.addExtension(new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign - | KeyUsage.digitalSignature)); - - GregorianCalendar date = new GregorianCalendar(); - date.add(Calendar.HOUR_OF_DAY, -1); - caCert.setValidNotBefore(date.getTime()); - date.add(Calendar.YEAR, 7); - caCert.setValidNotAfter(date.getTime()); - caCert.sign(AlgorithmID.sha1WithRSAEncryption, caKeyPair.getPrivate()); - log.debug("Successfully signed CA certificate"); - } - - private void generateServerCert() throws GeneralSecurityException { - log.debug("Generating SSL certificate"); - Name subject = new Name(); - subject.addRDN(ObjectID.country, "AT"); - subject.addRDN(ObjectID.organization, "MOCCA"); - try { - subject.addRDN(ObjectID.commonName, InetAddress.getLocalHost() - .getHostName()); - } catch (UnknownHostException e) { - subject.addRDN(ObjectID.commonName, "localhost"); - } - serverKeyPair = generateKeyPair(); - serverCert = new X509Certificate(); - serverCert.setSerialNumber(new BigInteger(20, new Random())); - serverCert.setSubjectDN(subject); - serverCert.setPublicKey(serverKeyPair.getPublic()); - serverCert.setIssuerDN(caCert.getSubjectDN()); - - serverCert.addExtension(new BasicConstraints(false)); - serverCert.addExtension(new KeyUsage(KeyUsage.keyEncipherment - | KeyUsage.digitalSignature)); - - GregorianCalendar date = new GregorianCalendar(); - date.add(Calendar.HOUR_OF_DAY, -1); - serverCert.setValidNotBefore(date.getTime()); - date.add(Calendar.YEAR, 7); - date.add(Calendar.HOUR_OF_DAY, -1); - serverCert.setValidNotAfter(date.getTime()); - serverCert.sign(AlgorithmID.sha1WithRSAEncryption, caKeyPair.getPrivate()); - log.debug("Successfully signed server certificate"); - caKeyPair = null; - } - - public KeyStore generateKeyStore(char[] password) { - try { - generateCA(); - generateServerCert(); - KeyStore ks = KeyStore.getInstance("JKS"); - ks.load(null, null); - ks.setKeyEntry("server", serverKeyPair.getPrivate(), password, new X509Certificate[]{serverCert, caCert}); - return ks; - } catch (Exception e) { - log.error("Cannot generate certificate", e); - } - return null; - } - -} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java index ef12e4fd..0cd3e633 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -1,5 +1,15 @@ package at.gv.egiz.bku.webstart; +import at.gv.egiz.bku.utils.StreamUtil; +import java.io.BufferedOutputStream; +import java.io.BufferedReader; +import java.io.File; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.FileReader; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.mortbay.jetty.Connector; @@ -14,8 +24,8 @@ import org.mortbay.thread.QueuedThreadPool; public class Container { - public static final String HTTP_PORT = "mocca.http.port"; - public static final String HTTPS_PORT = "mocca.http.port"; + public static final String HTTP_PORT_PROPERTY = "mocca.http.port"; + public static final String HTTPS_PORT_PROPERTY = "mocca.http.port"; private static Log log = LogFactory.getLog(Container.class); @@ -24,7 +34,7 @@ public class Container { public Container() { } - public void init() { + public void init() throws IOException { server = new Server(); QueuedThreadPool qtp = new QueuedThreadPool(); qtp.setMaxThreads(5); @@ -35,35 +45,51 @@ public class Container { server.setGracefulShutdown(3000); SelectChannelConnector connector = new SelectChannelConnector(); - connector.setPort(Integer.getInteger(HTTP_PORT, 3495).intValue()); + connector.setPort(Integer.getInteger(HTTP_PORT_PROPERTY, 3495).intValue()); connector.setAcceptors(1); - connector.setConfidentialPort(Integer.getInteger(HTTPS_PORT, 3496).intValue()); + connector.setConfidentialPort(Integer.getInteger(HTTPS_PORT_PROPERTY, 3496).intValue()); + connector.setHost("127.0.0.1"); SslSocketConnector sslConnector = new SslSocketConnector(); - sslConnector.setPort(Integer.getInteger(HTTPS_PORT, 3496).intValue()); + sslConnector.setPort(Integer.getInteger(HTTPS_PORT_PROPERTY, 3496).intValue()); sslConnector.setAcceptors(1); - sslConnector.setKeystore(System.getProperty("user.home") - + "/.mocca/conf/keystore/keystore.ks"); - sslConnector.setPassword("changeMe"); - sslConnector.setKeyPassword("changeMe"); + sslConnector.setHost("127.0.0.1"); + File configDir = new File(System.getProperty("user.home") + "/" + BKULauncher.CONFIG_DIR); + sslConnector.setKeystore(configDir.getPath() + "/" + BKULauncher.KEYSTORE_FILE); + File passwdFile = new File(configDir, BKULauncher.PASSWD_FILE); + BufferedReader reader = new BufferedReader(new FileReader(passwdFile)); + String pwd; + while ((pwd = reader.readLine()) != null) { + sslConnector.setPassword(pwd); + sslConnector.setKeyPassword(pwd); + } + reader.close(); server.setConnectors(new Connector[] { connector, sslConnector }); -// HandlerCollection handlers = new HandlerCollection(); WebAppContext webapp = new WebAppContext(); + webapp.setLogUrlOnStart(true); webapp.setContextPath("/"); - webapp.setExtractWAR(true); //false - webapp.setParentLoaderPriority(false); + webapp.setExtractWAR(true); + webapp.setParentLoaderPriority(false); //true); -// webappcontext.setWar("BKULocal-1.0.4-SNAPSHOT.war"); - webapp.setWar(getClass().getClassLoader().getResource("BKULocalWar/").toString()); - -// handlers.setHandlers(new Handler[] { webappcontext, new DefaultHandler() }); + webapp.setWar(copyWebapp(webapp.getTempDirectory())); //getClass().getClassLoader().getResource("BKULocalWar/").toString()); server.setHandler(webapp); server.setGracefulShutdown(1000*3); } + + private String copyWebapp(File webappDir) throws IOException { + File webapp = new File(webappDir, "BKULocal.war"); + log.debug("copying BKULocal classpath resource to " + webapp); + InputStream is = getClass().getClassLoader().getResourceAsStream("BKULocal.war"); + OutputStream os = new BufferedOutputStream(new FileOutputStream(webapp)); + StreamUtil.copyStream(is, os); + os.close(); + return webapp.getPath(); + } + public void start() throws Exception { server.start(); } diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java new file mode 100644 index 00000000..97ca716b --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java @@ -0,0 +1,138 @@ +package at.gv.egiz.bku.webstart; + +import iaik.asn1.CodingException; +import iaik.asn1.ObjectID; +import iaik.asn1.structures.AlgorithmID; +import iaik.asn1.structures.GeneralName; +import iaik.asn1.structures.GeneralNames; +import iaik.asn1.structures.Name; +import iaik.x509.X509Certificate; +import iaik.x509.extensions.AuthorityKeyIdentifier; +import iaik.x509.extensions.BasicConstraints; +import iaik.x509.extensions.ExtendedKeyUsage; +import iaik.x509.extensions.KeyUsage; + +import iaik.x509.extensions.SubjectAltName; +import iaik.x509.extensions.SubjectKeyIdentifier; +import java.io.IOException; +import java.math.BigInteger; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.GeneralSecurityException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.KeyStore; +import java.security.NoSuchAlgorithmException; +import java.util.Calendar; +import java.util.GregorianCalendar; +import java.util.Random; + +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +public class TLSServerCA { + public static final int CA_VALIDITY_Y = 3; + public static final int SERVER_VALIDITY_Y = 3; + private final static Log log = LogFactory.getLog(TLSServerCA.class); + + private KeyPair caKeyPair; + private X509Certificate caCert; + + private KeyPair serverKeyPair; + private X509Certificate serverCert; + + private KeyPair generateKeyPair() throws NoSuchAlgorithmException { + KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA"); + gen.initialize(2048); + return gen.generateKeyPair(); + } + + private void generateCACert() throws GeneralSecurityException, CodingException { + log.debug("generating MOCCA CA certificate"); + Name subject = new Name(); + subject.addRDN(ObjectID.country, "AT"); + subject.addRDN(ObjectID.organization, "MOCCA"); + subject.addRDN(ObjectID.organizationalUnit, "MOCCA TLS Server CA"); + + caKeyPair = generateKeyPair(); + caCert = new X509Certificate(); + caCert.setSerialNumber(new BigInteger(20, new Random())); + caCert.setSubjectDN(subject); + caCert.setPublicKey(caKeyPair.getPublic()); + caCert.setIssuerDN(subject); + + caCert.addExtension(new SubjectKeyIdentifier(caKeyPair.getPublic())); + + caCert.addExtension(new BasicConstraints(true)); + caCert.addExtension(new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign + | KeyUsage.digitalSignature)); + + GregorianCalendar date = new GregorianCalendar(); + date.add(Calendar.HOUR_OF_DAY, -1); + caCert.setValidNotBefore(date.getTime()); + date.add(Calendar.YEAR, CA_VALIDITY_Y); + caCert.setValidNotAfter(date.getTime()); + caCert.sign(AlgorithmID.sha1WithRSAEncryption, caKeyPair.getPrivate()); + + log.debug("successfully generated MOCCA TLS Server CA certificate " + caCert.getSubjectDN()); + } + + private void generateServerCert() throws GeneralSecurityException, CodingException { + log.debug("generating MOCCA server certificate"); + Name subject = new Name(); + subject.addRDN(ObjectID.country, "AT"); + subject.addRDN(ObjectID.organization, "MOCCA"); + subject.addRDN(ObjectID.organizationalUnit, "MOCCA TLS Server"); + subject.addRDN(ObjectID.commonName, "localhost"); + subject.addRDN(ObjectID.commonName, "127.0.0.1"); + + serverKeyPair = generateKeyPair(); + serverCert = new X509Certificate(); + serverCert.setSerialNumber(new BigInteger(20, new Random())); + serverCert.setSubjectDN(subject); + serverCert.setPublicKey(serverKeyPair.getPublic()); + serverCert.setIssuerDN(caCert.getSubjectDN()); + + serverCert.addExtension(new SubjectKeyIdentifier(serverKeyPair.getPublic())); + byte[] aki = new SubjectKeyIdentifier(caCert.getPublicKey()).get(); + serverCert.addExtension(new AuthorityKeyIdentifier(aki)); + + serverCert.addExtension(new ExtendedKeyUsage(ExtendedKeyUsage.serverAuth)); + + GeneralNames altNames = new GeneralNames(); + altNames.addName(new GeneralName(GeneralName.dNSName, "localhost")); + altNames.addName(new GeneralName(GeneralName.dNSName, "127.0.0.1")); + altNames.addName(new GeneralName(GeneralName.iPAddress, "127.0.0.1")); + serverCert.addExtension(new SubjectAltName(altNames)); + + serverCert.addExtension(new BasicConstraints(false)); + serverCert.addExtension(new KeyUsage(KeyUsage.keyEncipherment + | KeyUsage.digitalSignature)); + + GregorianCalendar date = new GregorianCalendar(); + date.add(Calendar.HOUR_OF_DAY, -1); + serverCert.setValidNotBefore(date.getTime()); + date.add(Calendar.YEAR,SERVER_VALIDITY_Y); + date.add(Calendar.HOUR_OF_DAY, -1); + serverCert.setValidNotAfter(date.getTime()); + serverCert.sign(AlgorithmID.sha1WithRSAEncryption, caKeyPair.getPrivate()); + + log.debug("successfully generated MOCCA TLS Server certificate " + serverCert.getSubjectDN()); + caKeyPair = null; + } + + public KeyStore generateKeyStore(char[] password) throws GeneralSecurityException, IOException, CodingException { +// try { + generateCACert(); + generateServerCert(); + KeyStore ks = KeyStore.getInstance("JKS"); + ks.load(null, null); + ks.setKeyEntry("server", serverKeyPair.getPrivate(), password, new X509Certificate[]{serverCert, caCert}); + return ks; +// } catch (Exception e) { +// log.error("Cannot generate certificate", e); +// } +// return null; + } + +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java index 4679eac5..9990b2a0 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java @@ -36,6 +36,9 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; public class TrayIconDialog implements TrayIconDialogInterface { + public static final String TRAYICON_RESOURCE = "at/gv/egiz/bku/webstart/ui/trayicon.png"; + public static final String TRAYMENU_SHUTDOWN = "TrayMenu.Shutdown"; + public static final String TRAYMENU_TOOLTIP = "TrayMenu.Tooltip"; private static Log log = LogFactory.getLog(TrayIconDialog.class); private static TrayIconDialogInterface instance; @@ -107,10 +110,10 @@ public class TrayIconDialog implements TrayIconDialogInterface { if (isSupported) { SystemTray tray = SystemTray.getSystemTray(); Image image = ImageIO.read(getClass().getClassLoader() - .getResourceAsStream("at/gv/egiz/bku/webstart/ui/logo.png")); + .getResourceAsStream(TRAYICON_RESOURCE)); PopupMenu popup = new PopupMenu(); MenuItem exitItem = new MenuItem(resourceBundel - .getString("TrayMenu.Shutdown")); + .getString(TRAYMENU_SHUTDOWN)); popup.add(exitItem); exitItem.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e) { @@ -123,7 +126,7 @@ public class TrayIconDialog implements TrayIconDialogInterface { trayIcon = new TrayIcon(image, "BKULogo", popup); trayIcon.setImageAutoSize(true); - trayIcon.setToolTip(resourceBundel.getString("TrayMenu.Tooltip")); + trayIcon.setToolTip(resourceBundel.getString(TRAYMENU_TOOLTIP)); try { tray.add(trayIcon); } catch (AWTException e) { -- cgit v1.2.3 From 5a45508c63ad07606fa39ac8c773d46ada353acf Mon Sep 17 00:00:00 2001 From: clemenso Date: Tue, 16 Jun 2009 16:25:17 +0000 Subject: tray icon on startup, messages git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@364 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java index 3d09fb00..b1fc29be 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java @@ -64,6 +64,8 @@ public class BKULauncher implements BKUControllerInterface { /** resource bundle messages */ public static final String GREETING_CAPTION = "Greetings.Caption"; public static final String GREETING_MESSAGE = "Greetings.Message"; + public static final String STARTUP_CAPTION = "Startup.Caption"; + public static final String STARTUP_MESSAGE = "Startup.Message"; public static final String VERSION_FILE = ".version"; private static Log log = LogFactory.getLog(BKULauncher.class); private ResourceBundle resourceBundle = null; @@ -204,7 +206,7 @@ public class BKULauncher implements BKUControllerInterface { } TrayIconDialog.getInstance().init(resourceBundle); TrayIconDialog.getInstance().setShutdownHook(this); - TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); +// TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); } private void initStart() { @@ -277,8 +279,12 @@ public class BKULauncher implements BKUControllerInterface { File configDir = new File(System.getProperty("user.home") + '/' + CONFIG_DIR); boolean installCert = launcher.ensureConfig(configDir); - launcher.startUpServer(); launcher.initTrayIcon(); + TrayIconDialog.getInstance().displayInfo(STARTUP_CAPTION, STARTUP_MESSAGE); + launcher.startUpServer(); + TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); + +// launcher.initTrayIcon(); launcher.initFinished(installCert); } catch (Exception e) { log.fatal("Failed to launch BKU: " + e.getMessage(), e); -- cgit v1.2.3 From 69e0dbee3567fc3a710d7bffad4d03e64edd7daa Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 25 Jun 2009 12:07:39 +0000 Subject: TLS CipherSuites (FF XP) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@375 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/webstart/BKULauncher.java | 68 +++++++++++++++++----- .../java/at/gv/egiz/bku/webstart/Container.java | 47 ++++++++++++++- 2 files changed, 99 insertions(+), 16 deletions(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java index b1fc29be..36c9cbb2 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java @@ -41,6 +41,7 @@ import java.io.BufferedWriter; import java.io.FileInputStream; import java.io.FileReader; import java.io.FileWriter; +import java.net.BindException; import java.net.URI; import java.net.URL; import java.security.GeneralSecurityException; @@ -48,6 +49,7 @@ import java.util.UUID; import java.util.jar.Attributes; import java.util.jar.Manifest; import java.util.zip.ZipOutputStream; +import org.mortbay.util.MultiException; public class BKULauncher implements BKUControllerInterface { @@ -65,7 +67,11 @@ public class BKULauncher implements BKUControllerInterface { public static final String GREETING_CAPTION = "Greetings.Caption"; public static final String GREETING_MESSAGE = "Greetings.Message"; public static final String STARTUP_CAPTION = "Startup.Caption"; + public static final String ERROR_CAPTION = "Error.Caption"; public static final String STARTUP_MESSAGE = "Startup.Message"; + public static final String ERROR_STARTUP_MESSAGE = "Error.Startup.Message"; + public static final String ERROR_CONF_MESSAGE = "Error.Conf.Message"; + public static final String ERROR_BIND_MESSAGE = "Error.Bind.Message"; public static final String VERSION_FILE = ".version"; private static Log log = LogFactory.getLog(BKULauncher.class); private ResourceBundle resourceBundle = null; @@ -222,8 +228,8 @@ public class BKULauncher implements BKUControllerInterface { // } // } - log.debug("trying install MOCCA certificate on system browser"); if (installCert) { + log.debug("trying install MOCCA certificate on system browser"); if (Desktop.isDesktopSupported()) { Desktop desktop = Desktop.getDesktop(); if (desktop.isSupported(Desktop.Action.BROWSE)) { @@ -270,26 +276,60 @@ public class BKULauncher implements BKUControllerInterface { /** * @param args */ - public static void main(String[] args) { - try { - log.warn("***** DISABLING SECURITY MANAGER *******"); + public static void main(String[] args) throws InterruptedException { + + if (log.isDebugEnabled()) { + //System.setProperty("DEBUG", "true"); + System.setProperty("VERBOSE", "true"); + System.setProperty("javax.net.debug", "ssl,handshake"); + } + +// log.warn("***** DISABLING SECURITY MANAGER *******"); System.setSecurityManager(null); + BKULauncher launcher = new BKULauncher(); launcher.initStart(); - File configDir = new File(System.getProperty("user.home") + '/' + CONFIG_DIR); - boolean installCert = launcher.ensureConfig(configDir); + boolean installCert = false; + launcher.initTrayIcon(); TrayIconDialog.getInstance().displayInfo(STARTUP_CAPTION, STARTUP_MESSAGE); - launcher.startUpServer(); - TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); -// launcher.initTrayIcon(); - launcher.initFinished(installCert); - } catch (Exception e) { - log.fatal("Failed to launch BKU: " + e.getMessage(), e); - System.exit(-1000); - } + try { + File configDir = new File(System.getProperty("user.home") + '/' + CONFIG_DIR); + installCert = launcher.ensureConfig(configDir); + } catch (Exception ex) { + log.fatal("Failed to init MOCCA configuration, exiting", ex); + TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_CONF_MESSAGE); + Thread.sleep(5000); + System.exit(-1000); + } + + try { + launcher.startUpServer(); + TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); + launcher.initFinished(installCert); + } catch (BindException ex) { + log.fatal("Failed to launch MOCCA, " + ex.getMessage(), ex); + TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE); + Thread.sleep(5000); + System.exit(-1000); + } catch (MultiException ex) { + log.fatal("Failed to launch MOCCA, " + ex.getMessage(), ex); + if (ex.getThrowable(0) instanceof BindException) { + TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE); + } else { + TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE); + } + Thread.sleep(5000); + System.exit(-1000); + } catch (Exception e) { + log.fatal("Failed to launch MOCCA, " + e.getMessage(), e); + TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE); + Thread.sleep(5000); + System.exit(-1000); + } + } private void backupAndDelete(File dir, URI relativeTo, ZipOutputStream zip) throws IOException { diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java index 0cd3e633..89044486 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -35,6 +35,7 @@ public class Container { } public void init() throws IOException { +// System.setProperty("DEBUG", "true"); server = new Server(); QueuedThreadPool qtp = new QueuedThreadPool(); qtp.setMaxThreads(5); @@ -55,7 +56,13 @@ public class Container { sslConnector.setAcceptors(1); sslConnector.setHost("127.0.0.1"); File configDir = new File(System.getProperty("user.home") + "/" + BKULauncher.CONFIG_DIR); - sslConnector.setKeystore(configDir.getPath() + "/" + BKULauncher.KEYSTORE_FILE); + File keystoreFile = new File(configDir, BKULauncher.KEYSTORE_FILE); + if (!keystoreFile.canRead()) { + log.error("MOCCA keystore file not readable: " + keystoreFile.getAbsolutePath()); + throw new FileNotFoundException("MOCCA keystore file not readable: " + keystoreFile.getAbsolutePath()); + } + log.debug("loading MOCCA keystore from " + keystoreFile.getAbsolutePath()); + sslConnector.setKeystore(keystoreFile.getAbsolutePath()); File passwdFile = new File(configDir, BKULauncher.PASSWD_FILE); BufferedReader reader = new BufferedReader(new FileReader(passwdFile)); String pwd; @@ -64,6 +71,42 @@ public class Container { sslConnector.setKeyPassword(pwd); } reader.close(); + + //avoid jetty's ClassCastException: iaik.security.ecc.ecdsa.ECPublicKey cannot be cast to java.security.interfaces.ECPublicKey + String[] RFC4492CipherSuites = new String[] { + "TLS_ECDH_ECDSA_WITH_NULL_SHA", + "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + + "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + + "TLS_ECDH_RSA_WITH_NULL_SHA", + "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + + "TLS_ECDHE_RSA_WITH_NULL_SHA", + "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + + "TLS_ECDH_anon_WITH_NULL_SHA", + "TLS_ECDH_anon_WITH_RC4_128_SHA", + "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "TLS_ECDH_anon_WITH_AES_256_CBC_SHA" + }; + + sslConnector.setExcludeCipherSuites(RFC4492CipherSuites); + server.setConnectors(new Connector[] { connector, sslConnector }); @@ -71,7 +114,7 @@ public class Container { webapp.setLogUrlOnStart(true); webapp.setContextPath("/"); webapp.setExtractWAR(true); - webapp.setParentLoaderPriority(false); //true); + webapp.setParentLoaderPriority(false); webapp.setWar(copyWebapp(webapp.getTempDirectory())); //getClass().getClassLoader().getResource("BKULocalWar/").toString()); -- cgit v1.2.3 From e75f30d8d51fa33fc778c31c1b0312cf10de8e45 Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 25 Jun 2009 17:01:14 +0000 Subject: disable pinpad git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@376 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java index 36c9cbb2..5e4ab634 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java @@ -56,8 +56,8 @@ public class BKULauncher implements BKUControllerInterface { /** configurations with less than this (major) version will be backuped and updated */ public static final String MIN_CONFIG_VERSION = "1.0.3"; public static final String CONFIG_DIR = ".mocca/conf/"; - public static final String CONF_TEMPLATE_FILE = "template.zip"; - public static final String CONF_TEMPLATE_RESOURCE = "at/gv/egiz/bku/webstart/conf/template.zip"; + public static final String CONF_TEMPLATE_FILE = "configuration.zip"; + public static final String CONF_TEMPLATE_RESOURCE = "at/gv/egiz/bku/webstart/conf/configuration.zip"; public static final String WEBAPP_RESOURCE = "BKULocal.war"; public static final String WEBAPP_FILE = "BKULocal.war"; public static final String KEYSTORE_FILE = "keystore.ks"; -- cgit v1.2.3 From 60a139378e88719445a0958cadd4271dd5e2d6bc Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 25 Jun 2009 18:25:56 +0000 Subject: account for snapshot version in update conf git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@377 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java index 5e4ab634..abc0b8ee 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java @@ -152,11 +152,19 @@ public class BKULauncher implements BKUControllerInterface { */ private boolean updateRequired(String oldVersion, String newVersion) { if (oldVersion != null) { + log.debug("comparing " + oldVersion + " to " + MIN_CONFIG_VERSION); + int majorEnd = oldVersion.indexOf('-'); - if (majorEnd > 0) { - oldVersion = oldVersion.substring(0, majorEnd); + String oldMajor = (majorEnd < 0) ? oldVersion : oldVersion.substring(0, majorEnd); + + int compare = oldMajor.compareTo(MIN_CONFIG_VERSION); + if (compare < 0 || + // SNAPSHOT versions are pre-releases (update if release required) + (compare == 0 && oldVersion.startsWith("-SNAPSHOT", majorEnd))) { + return true; + } else { + return false; } - return (oldVersion.compareTo(MIN_CONFIG_VERSION) < 0); } log.debug("no old version, update required"); return true; -- cgit v1.2.3 From 79016a7b2f9d89e52e991b0abdfc73ad24e60979 Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 13 Aug 2009 09:19:28 +0000 Subject: [#433] update BKU Web Start CertStore WebStart configuration refactored git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@423 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/webstart/BKULauncher.java | 418 -------------------- .../java/at/gv/egiz/bku/webstart/Configurator.java | 418 ++++++++++++++++++++ .../java/at/gv/egiz/bku/webstart/Container.java | 75 +++- .../java/at/gv/egiz/bku/webstart/Launcher.java | 230 +++++++++++ .../gv/egiz/bku/webstart/LogSecurityManager.java | 440 +++++++++++++++++++++ .../at/gv/egiz/bku/webstart/ui/TrayIconDialog.java | 2 +- 6 files changed, 1151 insertions(+), 432 deletions(-) delete mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java deleted file mode 100644 index abc0b8ee..00000000 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/BKULauncher.java +++ /dev/null @@ -1,418 +0,0 @@ -package at.gv.egiz.bku.webstart; - -import iaik.asn1.CodingException; -import java.io.File; -import java.io.FileNotFoundException; -import java.io.FileOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; -import java.net.MalformedURLException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.cert.CertificateException; -import java.util.Enumeration; -import java.util.Locale; -import java.util.MissingResourceException; -import java.util.ResourceBundle; -import java.util.logging.Level; -import java.util.logging.Logger; -import java.util.zip.ZipEntry; -import java.util.zip.ZipFile; - -//import org.apache.commons.cli.CommandLine; -//import org.apache.commons.cli.CommandLineParser; -//import org.apache.commons.cli.HelpFormatter; -//import org.apache.commons.cli.Options; -//import org.apache.commons.cli.ParseException; -//import org.apache.commons.cli.PosixParser; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.webstart.ui.BKUControllerInterface; -import at.gv.egiz.bku.webstart.ui.TrayIconDialog; -import at.gv.egiz.bku.utils.StreamUtil; -import java.awt.Desktop; -import java.io.BufferedInputStream; -import java.io.BufferedOutputStream; -import java.io.BufferedReader; -import java.io.BufferedWriter; -import java.io.FileInputStream; -import java.io.FileReader; -import java.io.FileWriter; -import java.net.BindException; -import java.net.URI; -import java.net.URL; -import java.security.GeneralSecurityException; -import java.util.UUID; -import java.util.jar.Attributes; -import java.util.jar.Manifest; -import java.util.zip.ZipOutputStream; -import org.mortbay.util.MultiException; - -public class BKULauncher implements BKUControllerInterface { - - /** configurations with less than this (major) version will be backuped and updated */ - public static final String MIN_CONFIG_VERSION = "1.0.3"; - public static final String CONFIG_DIR = ".mocca/conf/"; - public static final String CONF_TEMPLATE_FILE = "configuration.zip"; - public static final String CONF_TEMPLATE_RESOURCE = "at/gv/egiz/bku/webstart/conf/configuration.zip"; - public static final String WEBAPP_RESOURCE = "BKULocal.war"; - public static final String WEBAPP_FILE = "BKULocal.war"; - public static final String KEYSTORE_FILE = "keystore.ks"; - public static final String MESSAGES_RESOURCE = "at/gv/egiz/bku/webstart/ui/UIMessages"; - public static final String PASSWD_FILE = ".secret"; - /** resource bundle messages */ - public static final String GREETING_CAPTION = "Greetings.Caption"; - public static final String GREETING_MESSAGE = "Greetings.Message"; - public static final String STARTUP_CAPTION = "Startup.Caption"; - public static final String ERROR_CAPTION = "Error.Caption"; - public static final String STARTUP_MESSAGE = "Startup.Message"; - public static final String ERROR_STARTUP_MESSAGE = "Error.Startup.Message"; - public static final String ERROR_CONF_MESSAGE = "Error.Conf.Message"; - public static final String ERROR_BIND_MESSAGE = "Error.Bind.Message"; - public static final String VERSION_FILE = ".version"; - private static Log log = LogFactory.getLog(BKULauncher.class); - private ResourceBundle resourceBundle = null; - private Container server; - - private void createConfig(File configDir, File versionFile, String version) throws IOException, CertificateException, GeneralSecurityException, KeyStoreException, FileNotFoundException, NoSuchAlgorithmException { - log.debug("creating config directory: " + configDir); - configDir.mkdirs(); - InputStream is = getClass().getClassLoader().getResourceAsStream(CONF_TEMPLATE_RESOURCE); - OutputStream os = new FileOutputStream(new File(configDir, CONF_TEMPLATE_FILE)); - StreamUtil.copyStream(is, os); - os.close(); - File confTemplateFile = new File(configDir, CONF_TEMPLATE_FILE); - unzip(confTemplateFile); - confTemplateFile.delete(); - writeVersionFile(versionFile, version); - } - - private void createCertificates(File configDir) throws IOException, GeneralSecurityException, CodingException { - char[] password = UUID.randomUUID().toString().toCharArray(); - File passwdFile = new File(configDir, PASSWD_FILE); - FileWriter passwdWriter = new FileWriter(passwdFile); - passwdWriter.write(password); - passwdWriter.close(); - if (!passwdFile.setReadable(true, true)) { - passwdFile.delete(); - throw new IOException("failed to make " + passwdFile + " owner readable only, deleting file"); - } - TLSServerCA ca = new TLSServerCA(); - KeyStore ks = ca.generateKeyStore(password); - FileOutputStream fos = new FileOutputStream(new File(configDir, KEYSTORE_FILE)); - ks.store(fos, password); - fos.close(); - } - - private String getFileVersion(File versionFile) throws FileNotFoundException, IOException { - //TODO no file? - if (versionFile.exists() && versionFile.canRead()) { - BufferedReader versionReader = new BufferedReader(new FileReader(versionFile)); - String versionString = null; - while ((versionString = versionReader.readLine().trim()) != null) { - if (versionString.length() > 0 && !versionString.startsWith("#")) { - log.debug("found existing configuration version " + versionString); - break; - } - } - return versionString; - } - return null; - } - - private String getManifestVersion() throws MalformedURLException, IOException { - String bkuWebStartJar = BKULauncher.class.getProtectionDomain().getCodeSource().getLocation().toString(); - URL manifestURL = new URL("jar:" + bkuWebStartJar + "!/META-INF/MANIFEST.MF"); - String version = null; - if (manifestURL != null) { - Manifest manifest = new Manifest(manifestURL.openStream()); - if (log.isTraceEnabled()) { - log.trace("read version information from " + manifestURL); - } - Attributes atts = manifest.getMainAttributes(); - if (atts != null) { - version = atts.getValue("Implementation-Build"); - } - } - if (version == null) { - version = "UNKNOWN"; - } - log.debug("config version: " + version); - return version; - } - - /** - * change the - * @param oldVersion - * @param newVersion - * @return - */ - private boolean updateRequired(String oldVersion, String newVersion) { - if (oldVersion != null) { - log.debug("comparing " + oldVersion + " to " + MIN_CONFIG_VERSION); - - int majorEnd = oldVersion.indexOf('-'); - String oldMajor = (majorEnd < 0) ? oldVersion : oldVersion.substring(0, majorEnd); - - int compare = oldMajor.compareTo(MIN_CONFIG_VERSION); - if (compare < 0 || - // SNAPSHOT versions are pre-releases (update if release required) - (compare == 0 && oldVersion.startsWith("-SNAPSHOT", majorEnd))) { - return true; - } else { - return false; - } - } - log.debug("no old version, update required"); - return true; - } - - private boolean updateRequiredStrict(String oldVersion, String newVersion) { - String[] oldV = oldVersion.split("-"); - String[] newV = newVersion.split("-"); - log.debug("comparing " + oldV[0] + " to " + newV[0]); - if (oldV[0].compareTo(newV[0]) < 0) { - log.debug("update required"); - return true; - } else { - log.debug("comparing " + oldV[oldV.length - 1] + " to " + newV[newV.length - 1]); - if (oldV[oldV.length - 1].compareTo(newV[newV.length - 1]) < 0) { - log.debug("update required"); - return true; - } else { - log.debug("no update required"); - return false; - } - } - } - - private void writeVersionFile(File versionFile, String version) throws IOException { - BufferedWriter versionWriter = new BufferedWriter(new FileWriter(versionFile)); - versionWriter.write("# MOCCA Web Start configuration version\n"); - versionWriter.write("# DO NOT MODIFY THIS FILE\n\n"); - versionWriter.write(version); - versionWriter.close(); - } - -// private SplashScreen splash = SplashScreen.getSplashScreen(); - private void startUpServer() throws Exception { - log.info("init servlet container and MOCCA webapp"); - server = new Container(); - // XmlConfiguration xcfg = new XmlConfiguration(getClass().getClassLoader() - // .getResourceAsStream("at/gv/egiz/bku/local/app/jetty.xml")); - // xcfg.configure(server); - server.init(); - server.start(); - } - - private void initTrayIcon() { - log.debug("init MOCCA tray icon"); - Locale loc = Locale.getDefault(); - try { - resourceBundle = ResourceBundle.getBundle( - MESSAGES_RESOURCE, loc); - } catch (MissingResourceException mx) { - resourceBundle = ResourceBundle.getBundle( - MESSAGES_RESOURCE, Locale.ENGLISH); - } - TrayIconDialog.getInstance().init(resourceBundle); - TrayIconDialog.getInstance().setShutdownHook(this); -// TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); - } - - private void initStart() { - } - - private void initFinished(boolean installCert) { - try { -// if (splash != null) { -// try { -// splash.close(); -// } catch (IllegalStateException ex) { -// log.warn("Failed to close splash screen: " + ex.getMessage()); -// } -// } - - if (installCert) { - log.debug("trying install MOCCA certificate on system browser"); - if (Desktop.isDesktopSupported()) { - Desktop desktop = Desktop.getDesktop(); - if (desktop.isSupported(Desktop.Action.BROWSE)) { - try { - desktop.browse(new URI("https://localhost:" + - Integer.getInteger(Container.HTTPS_PORT_PROPERTY, 3496).intValue())); - } catch (Exception ex) { - log.error("failed to open system browser, install MOCCA certificate manually", ex); - } - } else { - log.error("failed to open system browser, install MOCCA certificate manually"); - } - } else { - log.error("failed to open system browser, install MOCCA certificate manually"); - } - } - - log.info("init completed, joining server"); - server.join(); - } catch (InterruptedException e) { - log.warn("failed to join MOCCA server: " + e.getMessage(), e); - } - } - - private void unzip(File zipfile) throws IOException { - File dir = zipfile.getParentFile(); - ZipFile zipFile = new ZipFile(zipfile); - Enumeration entries = zipFile.entries(); - while (entries.hasMoreElements()) { - ZipEntry entry = entries.nextElement(); - File eF = new File(dir, entry.getName()); - if (entry.isDirectory()) { - eF.mkdirs(); - continue; - } - File f = new File(eF.getParent()); - f.mkdirs(); - StreamUtil.copyStream(zipFile.getInputStream(entry), - new FileOutputStream(eF)); - } - zipFile.close(); - } - - /** - * @param args - */ - public static void main(String[] args) throws InterruptedException { - - if (log.isDebugEnabled()) { - //System.setProperty("DEBUG", "true"); - System.setProperty("VERBOSE", "true"); - System.setProperty("javax.net.debug", "ssl,handshake"); - } - -// log.warn("***** DISABLING SECURITY MANAGER *******"); - System.setSecurityManager(null); - - BKULauncher launcher = new BKULauncher(); - launcher.initStart(); - - boolean installCert = false; - - launcher.initTrayIcon(); - TrayIconDialog.getInstance().displayInfo(STARTUP_CAPTION, STARTUP_MESSAGE); - - try { - File configDir = new File(System.getProperty("user.home") + '/' + CONFIG_DIR); - installCert = launcher.ensureConfig(configDir); - } catch (Exception ex) { - log.fatal("Failed to init MOCCA configuration, exiting", ex); - TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_CONF_MESSAGE); - Thread.sleep(5000); - System.exit(-1000); - } - - try { - launcher.startUpServer(); - TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); - launcher.initFinished(installCert); - } catch (BindException ex) { - log.fatal("Failed to launch MOCCA, " + ex.getMessage(), ex); - TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE); - Thread.sleep(5000); - System.exit(-1000); - } catch (MultiException ex) { - log.fatal("Failed to launch MOCCA, " + ex.getMessage(), ex); - if (ex.getThrowable(0) instanceof BindException) { - TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE); - } else { - TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE); - } - Thread.sleep(5000); - System.exit(-1000); - } catch (Exception e) { - log.fatal("Failed to launch MOCCA, " + e.getMessage(), e); - TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE); - Thread.sleep(5000); - System.exit(-1000); - } - - } - - private void backupAndDelete(File dir, URI relativeTo, ZipOutputStream zip) throws IOException { - if (dir.isDirectory()) { - File[] subDirs = dir.listFiles(); - for (File subDir : subDirs) { - backupAndDelete(subDir, relativeTo, zip); - subDir.delete(); - } - } else { - URI relativePath = relativeTo.relativize(dir.toURI()); - ZipEntry entry = new ZipEntry(relativePath.toString()); - zip.putNextEntry(entry); - BufferedInputStream entryIS = new BufferedInputStream(new FileInputStream(dir)); - StreamUtil.copyStream(entryIS, zip); - entryIS.close(); - zip.closeEntry(); - dir.delete(); - } - } - - /** - * Checks whether the config directory already exists and creates it otherwise. - * @param configDir the config directory to be created - * @return true if a new MOCCA cert was created (and needs to be installed in the browser) - */ - private boolean ensureConfig(File configDir) throws IOException, GeneralSecurityException, CodingException { - log.debug("config directory: " + configDir); - String manifestVersion = getManifestVersion(); - File versionFile = new File(configDir, VERSION_FILE); - - if (configDir.exists()) { - if (configDir.isFile()) { - log.error("invalid config directory: " + configDir); - throw new IOException("invalid config directory: " + configDir); - } else { - String fileVersion = getFileVersion(versionFile); - if (updateRequired(fileVersion, manifestVersion)) { - if (fileVersion == null) { - fileVersion = "unknown"; - } - log.info("updating configuration from " + fileVersion + " to " + manifestVersion); - File moccaDir = configDir.getParentFile(); - File zipFile = new File(moccaDir, "conf-" + fileVersion + ".zip"); - ZipOutputStream zipOS = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(zipFile))); - backupAndDelete(configDir, moccaDir.toURI(), zipOS); - zipOS.close(); - createConfig(configDir, versionFile, manifestVersion); - createCertificates(configDir); - return true; - } - } - } else { - createConfig(configDir, versionFile, manifestVersion); - createCertificates(configDir); - return true; - } - return false; - } - - public void shutDown() { - log.info("Shutting down server"); - if ((server != null) && (server.isRunning())) { - try { - if (server.isRunning()) { - server.stop(); - } - } catch (Exception e) { - log.debug(e.toString()); - } finally { - if (server.isRunning()) { - server.destroy(); - } - } - } - System.exit(0); - } -} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java new file mode 100644 index 00000000..ab1746ed --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java @@ -0,0 +1,418 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.webstart; + +import at.gv.egiz.bku.utils.StreamUtil; +import iaik.asn1.CodingException; +import iaik.xml.crypto.utils.Utils; +import java.io.BufferedInputStream; +import java.io.BufferedOutputStream; +import java.io.BufferedReader; +import java.io.BufferedWriter; +import java.io.File; +import java.io.FileInputStream; +import java.io.FileOutputStream; +import java.io.FileReader; +import java.io.FileWriter; +import java.io.IOException; +import java.io.InputStream; +import java.io.OutputStream; +import java.net.URI; +import java.net.URISyntaxException; +import java.net.URL; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import java.util.Enumeration; +import java.util.Iterator; +import java.util.Map; +import java.util.Set; +import java.util.UUID; +import java.util.jar.Attributes; +import java.util.jar.Manifest; +import java.util.logging.Level; +import java.util.logging.Logger; +import java.util.zip.ZipEntry; +import java.util.zip.ZipFile; +import java.util.zip.ZipOutputStream; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.eclipse.jdt.core.dom.ThisExpression; + +/** + * + * @author Clemens Orthacker + */ +public class Configurator { + + /** + * MOCCA configuration + * configurations with less than this (major) version will be backuped and updated + * allowed: MAJOR[.MINOR[.X[-SNAPSHOT]]] + */ + public static final String MIN_CONFIG_VERSION = "1.0.9-SNAPSHOT"; + public static final String CONFIG_DIR = ".mocca/conf/"; + public static final String CERTS_DIR = ".mocca/certs/"; + public static final String VERSION_FILE = ".version"; + public static final String UNKOWN_VERSION = "unknown"; + public static final String CONF_TEMPLATE_FILE = "conf-tmp.zip"; + public static final String CONF_TEMPLATE_RESOURCE = "at/gv/egiz/bku/webstart/conf/conf.zip"; + public static final String CERTIFICATES_PKG = "at/gv/egiz/bku/certs"; + + /** + * MOCCA TLS certificate + */ + public static final String KEYSTORE_FILE = "keystore.ks"; + public static final String PASSWD_FILE = ".secret"; + + private static final Log log = LogFactory.getLog(Configurator.class); + + /** currently installed configuration version */ + private String version; + private String certsVersion; + /** whether a new MOCCA TLS cert was created during initialization */ + private boolean certRenewed = false; + + /** + * Checks whether the config directory already exists and creates it otherwise. + * @param configDir the config directory to be created + * @throws IOException config/certificate creation failed + * @throws GeneralSecurityException if MOCCA TLS certificate could not be created + * @throws CodingException if MOCCA TLS certificate could not be created + */ + public void ensureConfiguration() throws IOException, CodingException, GeneralSecurityException { + File configDir = new File(System.getProperty("user.home") + '/' + CONFIG_DIR); + if (configDir.exists()) { + if (configDir.isFile()) { + log.error("invalid config directory: " + configDir); + throw new IOException("invalid config directory: " + configDir); + } else { + version = readVersion(new File(configDir, VERSION_FILE)); + if (log.isDebugEnabled()) { + log.debug("config directory " + configDir + ", version " + version); + } + if (updateRequired(version)) { + File moccaDir = configDir.getParentFile(); + File zipFile = new File(moccaDir, "conf-" + version + ".zip"); + ZipOutputStream zipOS = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(zipFile))); + log.info("backup configuration to " + zipFile); + backupAndDelete(configDir, moccaDir.toURI(), zipOS); + zipOS.close(); + initConfig(configDir); + } + } + } else { + initConfig(configDir); + } + } + + /** + * To be replaced by TSLs in IAIK-PKI + * @throws IOException + */ + public void ensureCertificates() throws IOException { + File certsDir = new File(System.getProperty("user.home") + '/' + CERTS_DIR); + if (certsDir.exists()) { + if (certsDir.isFile()) { + log.error("invalid certificate store directory: " + certsDir); + throw new IOException("invalid config directory: " + certsDir); + } else { + certsVersion = readVersion(new File(certsDir, VERSION_FILE)); + if (log.isDebugEnabled()) { + log.debug("certificate-store directory " + certsDir + ", version " + certsVersion); + } + String newCertsVersion = getCertificatesVersion(); + if (updateRequiredStrict(certsVersion, newCertsVersion)) { + File moccaDir = certsDir.getParentFile(); + File zipFile = new File(moccaDir, "certs-" + certsVersion + ".zip"); + ZipOutputStream zipOS = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(zipFile))); + log.info("backup certificates to " + zipFile); + backupAndDelete(certsDir, moccaDir.toURI(), zipOS); + zipOS.close(); + + createCerts(certsDir, newCertsVersion); + certsVersion = newCertsVersion; + } + } + } else { + String newCertsVersion = getCertificatesVersion(); + createCerts(certsDir, newCertsVersion); + certsVersion = newCertsVersion; + } + } + + /** + * + * @return whether a new MOCCA TLS certificate has been created during initialization + */ + public boolean isCertRenewed() { + return certRenewed; + } + + /** + * @return The first valid (not empty, no comment) line of the version file or + * "unknown" if version file cannot be read or does not contain such a line. + */ + protected static String readVersion(File versionFile) { + if (versionFile.exists() && versionFile.canRead()) { + BufferedReader versionReader = null; + try { + versionReader = new BufferedReader(new FileReader(versionFile)); + String version; + while ((version = versionReader.readLine().trim()) != null) { + if (version.length() > 0 && !version.startsWith("#")) { + log.debug("configuration version from " + versionFile + ": " + version); + return version; + } + } + } catch (IOException ex) { + log.error("failed to read configuration version from " + versionFile, ex); + } finally { + try { + versionReader.close(); + } catch (IOException ex) { + } + } + } + log.debug("unknown configuration version"); + return UNKOWN_VERSION; + } + + /** + * Temporary workaround, replace with TSLs in IAIK-PKI. + * Retrieves version from BKUCertificates.jar Manifest file. + * The (remote) resource URL will be handled by the JNLP loader, + * and the resource retrieved from the cache. + * + * @return + * @throws IOException + */ + private static String getCertificatesVersion() throws IOException { + String certsResourceVersion = null; + URL certsURL = Configurator.class.getClassLoader().getResource(CERTIFICATES_PKG); + if (certsURL != null) { + StringBuilder url = new StringBuilder(certsURL.toExternalForm()); + url = url.replace(url.length() - CERTIFICATES_PKG.length(), url.length(), "META-INF/MANIFEST.MF"); + log.trace("retrieve certificates resource version from " + url); + certsURL = new URL(url.toString()); + Manifest certsManifest = new Manifest(certsURL.openStream()); + Attributes atts = certsManifest.getMainAttributes(); + if (atts != null) { + certsResourceVersion = atts.getValue("Implementation-Version"); + log.debug("certs resource version: " + certsResourceVersion); + } + } else { + log.error("Failed to retrieve certificates resource " + CERTIFICATES_PKG); + throw new IOException("Failed to retrieve certificates resource " + CERTIFICATES_PKG); + } + return certsResourceVersion; + } + + protected static boolean updateRequired(String oldVersion) { + log.debug("comparing " + oldVersion + " to " + MIN_CONFIG_VERSION); + if (oldVersion != null && !UNKOWN_VERSION.equals(oldVersion)) { + + int majorEnd = oldVersion.indexOf('-'); + String oldMajor = (majorEnd < 0) ? oldVersion : oldVersion.substring(0, majorEnd); + + String minMajor = MIN_CONFIG_VERSION; + boolean releaseRequired = true; + if (MIN_CONFIG_VERSION.endsWith("-SNAPSHOT")) { + releaseRequired = false; + minMajor = minMajor.substring(0, minMajor.length() - 9); + } + + int compare = oldMajor.compareTo(minMajor); + if (compare < 0 || + // SNAPSHOT versions are pre-releases (update if release required) + (compare == 0 && releaseRequired && oldVersion.startsWith("-SNAPSHOT", majorEnd))) { + log.debug("configuration update required"); + return true; + } else { + log.debug("configuration up to date"); + return false; + } + } + log.debug("no old version, configuration update required"); + return true; + } + + /** + * if unknown old, update in any case + * if known old and unknown new, don't update + * @param oldVersion + * @param newVersion + * @return + */ + private boolean updateRequiredStrict(String oldVersion, String newVersion) { + log.debug("comparing " + oldVersion + " to " + newVersion); + if (oldVersion != null && !UNKOWN_VERSION.equals(oldVersion)) { + if (newVersion != null && !UNKOWN_VERSION.equals(newVersion)) { + String[] oldV = oldVersion.split("-"); + String[] newV = newVersion.split("-"); + log.trace("comparing " + oldV[0] + " to " + newV[0]); + if (oldV[0].compareTo(newV[0]) < 0) { + log.debug("update required"); + return true; + } else { + log.trace("comparing " + oldV[oldV.length - 1] + " to " + newV[newV.length - 1]); + if (oldV[oldV.length - 1].compareTo(newV[newV.length - 1]) < 0) { + log.debug("update required"); + return true; + } else { + log.debug("no update required"); + return false; + } + } + } + log.debug("unknown new version, do not update"); + return true; + } + log.debug("unknown old version, update required"); + return true; + } + + protected static void backupAndDelete(File dir, URI relativeTo, ZipOutputStream zip) throws IOException { + if (dir.isDirectory()) { + File[] subDirs = dir.listFiles(); + for (File subDir : subDirs) { + backupAndDelete(subDir, relativeTo, zip); + subDir.delete(); + } + } else { + URI relativePath = relativeTo.relativize(dir.toURI()); + ZipEntry entry = new ZipEntry(relativePath.toString()); + zip.putNextEntry(entry); + BufferedInputStream entryIS = new BufferedInputStream(new FileInputStream(dir)); + StreamUtil.copyStream(entryIS, zip); + entryIS.close(); + zip.closeEntry(); + dir.delete(); + } + } + + /** + * set up a new MOCCA local configuration + * (not to be called directly, call ensureConfiguration()) + * @throws IOException config/certificate creation failed + * @throws GeneralSecurityException if MOCCA TLS certificate could not be created + * @throws CodingException if MOCCA TLS certificate could not be created + */ + protected void initConfig(File configDir) throws IOException, GeneralSecurityException, CodingException { + createConfig(configDir, Launcher.version); + version = Launcher.version; + createKeyStore(configDir); + certRenewed = true; + } + + private static void createConfig(File configDir, String version) throws IOException { + if (log.isDebugEnabled()) { + log.debug("creating configuration version " + Launcher.version + " in " + configDir ); + } + configDir.mkdirs(); + File confTemplateFile = new File(configDir, CONF_TEMPLATE_FILE); + InputStream is = Configurator.class.getClassLoader().getResourceAsStream(CONF_TEMPLATE_RESOURCE); + OutputStream os = new BufferedOutputStream(new FileOutputStream(confTemplateFile)); + StreamUtil.copyStream(is, os); + os.close(); + unzip(confTemplateFile, configDir); + confTemplateFile.delete(); + writeVersionFile(new File(configDir, VERSION_FILE), version); + } + + /** + * set up a new MOCCA local certStore + * @throws IOException config/certificate creation failed + * @throws GeneralSecurityException if MOCCA TLS certificate could not be created + * @throws CodingException if MOCCA TLS certificate could not be created + */ + private static void createCerts(File certsDir, String certsVersion) throws IOException { + if (log.isDebugEnabled()) { + log.debug("creating certificate-store " + certsDir + ", version " + certsVersion); + } + URL certsURL = Configurator.class.getClassLoader().getResource(CERTIFICATES_PKG); + if (certsURL != null) { + StringBuilder url = new StringBuilder(certsURL.toExternalForm()); + url = url.replace(url.length() - CERTIFICATES_PKG.length(), url.length(), "META-INF/MANIFEST.MF"); + log.debug("retrieve certificate resource names from " + url); + certsURL = new URL(url.toString()); + Manifest certsManifest = new Manifest(certsURL.openStream()); + certsDir.mkdirs(); + Iterator entries = certsManifest.getEntries().keySet().iterator(); + while (entries.hasNext()) { + String entry = entries.next(); + if (entry.startsWith(CERTIFICATES_PKG)) { + String f = entry.substring(CERTIFICATES_PKG.length()); // "/trustStore/..." + new File(certsDir, f.substring(0, f.lastIndexOf('/'))).mkdirs(); + BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(new File(certsDir, f))); + log.debug(f); + StreamUtil.copyStream(Configurator.class.getClassLoader().getResourceAsStream(entry), bos); + bos.close(); + } else { + log.trace("ignore " + entry); + } + } + writeVersionFile(new File(certsDir, VERSION_FILE), certsVersion); + } else { + log.error("Failed to retrieve certificates resource " + CERTIFICATES_PKG); + throw new IOException("Failed to retrieve certificates resource " + CERTIFICATES_PKG); + } + } + + private static void unzip(File zipfile, File toDir) throws IOException { + ZipFile zipFile = new ZipFile(zipfile); + Enumeration entries = zipFile.entries(); + while (entries.hasMoreElements()) { + ZipEntry entry = entries.nextElement(); + File eF = new File(toDir, entry.getName()); + if (entry.isDirectory()) { + eF.mkdirs(); + continue; + } + File f = new File(eF.getParent()); + f.mkdirs(); + StreamUtil.copyStream(zipFile.getInputStream(entry), + new FileOutputStream(eF)); + } + zipFile.close(); + } + + private static void writeVersionFile(File versionFile, String version) throws IOException { + BufferedWriter versionWriter = new BufferedWriter(new FileWriter(versionFile)); + versionWriter.write("# MOCCA Web Start configuration version\n"); + versionWriter.write("# DO NOT MODIFY THIS FILE\n\n"); + versionWriter.write(version); + versionWriter.close(); + } + + private static void createKeyStore(File configDir) throws IOException, GeneralSecurityException, CodingException { + char[] password = UUID.randomUUID().toString().toCharArray(); + File passwdFile = new File(configDir, PASSWD_FILE); + FileWriter passwdWriter = new FileWriter(passwdFile); + passwdWriter.write(password); + passwdWriter.close(); + if (!passwdFile.setReadable(false, false) || !passwdFile.setReadable(true, true)) { + passwdFile.delete(); + throw new IOException("failed to make " + passwdFile + " owner readable only, deleting file"); + } + TLSServerCA ca = new TLSServerCA(); + KeyStore ks = ca.generateKeyStore(password); + File ksFile = new File(configDir, KEYSTORE_FILE); + FileOutputStream fos = new FileOutputStream(ksFile); + ks.store(fos, password); + fos.close(); + } +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java index 89044486..4df90ab2 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -1,22 +1,28 @@ package at.gv.egiz.bku.webstart; import at.gv.egiz.bku.utils.StreamUtil; +import java.awt.AWTPermission; import java.io.BufferedOutputStream; import java.io.BufferedReader; import java.io.File; import java.io.FileNotFoundException; import java.io.FileOutputStream; +import java.io.FilePermission; import java.io.FileReader; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; +import java.lang.reflect.ReflectPermission; +import java.net.NetPermission; +import java.net.SocketPermission; +import java.security.Permissions; +import java.security.SecurityPermission; +import java.util.PropertyPermission; +import javax.smartcardio.CardPermission; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.mortbay.jetty.Connector; -import org.mortbay.jetty.Handler; import org.mortbay.jetty.Server; -import org.mortbay.jetty.handler.DefaultHandler; -import org.mortbay.jetty.handler.HandlerCollection; import org.mortbay.jetty.nio.SelectChannelConnector; import org.mortbay.jetty.security.SslSocketConnector; import org.mortbay.jetty.webapp.WebAppContext; @@ -28,12 +34,18 @@ public class Container { public static final String HTTPS_PORT_PROPERTY = "mocca.http.port"; private static Log log = LogFactory.getLog(Container.class); + static { + if (log.isDebugEnabled()) { + //Jetty log INFO and WARN, include ignored exceptions + //jetty logging may be further restricted by setting level in log4j.properties + System.setProperty("VERBOSE", "true"); + //do not set Jetty DEBUG logging, produces loads of output + //System.setProperty("DEBUG", "true"); + } + } private Server server; - public Container() { - } - public void init() throws IOException { // System.setProperty("DEBUG", "true"); server = new Server(); @@ -55,15 +67,15 @@ public class Container { sslConnector.setPort(Integer.getInteger(HTTPS_PORT_PROPERTY, 3496).intValue()); sslConnector.setAcceptors(1); sslConnector.setHost("127.0.0.1"); - File configDir = new File(System.getProperty("user.home") + "/" + BKULauncher.CONFIG_DIR); - File keystoreFile = new File(configDir, BKULauncher.KEYSTORE_FILE); + File configDir = new File(System.getProperty("user.home") + "/" + Configurator.CONFIG_DIR); + File keystoreFile = new File(configDir, Configurator.KEYSTORE_FILE); if (!keystoreFile.canRead()) { log.error("MOCCA keystore file not readable: " + keystoreFile.getAbsolutePath()); throw new FileNotFoundException("MOCCA keystore file not readable: " + keystoreFile.getAbsolutePath()); } log.debug("loading MOCCA keystore from " + keystoreFile.getAbsolutePath()); sslConnector.setKeystore(keystoreFile.getAbsolutePath()); - File passwdFile = new File(configDir, BKULauncher.PASSWD_FILE); + File passwdFile = new File(configDir, Configurator.PASSWD_FILE); BufferedReader reader = new BufferedReader(new FileReader(passwdFile)); String pwd; while ((pwd = reader.readLine()) != null) { @@ -107,7 +119,6 @@ public class Container { sslConnector.setExcludeCipherSuites(RFC4492CipherSuites); - server.setConnectors(new Connector[] { connector, sslConnector }); WebAppContext webapp = new WebAppContext(); @@ -116,13 +127,13 @@ public class Container { webapp.setExtractWAR(true); webapp.setParentLoaderPriority(false); - webapp.setWar(copyWebapp(webapp.getTempDirectory())); //getClass().getClassLoader().getResource("BKULocalWar/").toString()); - + webapp.setWar(copyWebapp(webapp.getTempDirectory())); + webapp.setPermissions(getPermissions(webapp.getTempDirectory())); + server.setHandler(webapp); server.setGracefulShutdown(1000*3); } - private String copyWebapp(File webappDir) throws IOException { File webapp = new File(webappDir, "BKULocal.war"); log.debug("copying BKULocal classpath resource to " + webapp); @@ -133,6 +144,44 @@ public class Container { return webapp.getPath(); } + private Permissions getPermissions(File webappDir) { + Permissions perms = new Permissions(); + + // jetty-webstart (spring?) + perms.add(new RuntimePermission("getClassLoader")); + + // standard permissions + perms.add(new PropertyPermission("*", "read")); + perms.add(new RuntimePermission("accessDeclaredMembers")); + perms.add(new RuntimePermission("accessClassInPackage.*")); + perms.add(new RuntimePermission("defineClassInPackage.*")); + perms.add(new RuntimePermission("setFactory")); + perms.add(new RuntimePermission("getProtectionDomain")); + perms.add(new RuntimePermission("modifyThread")); + perms.add(new RuntimePermission("modifyThreadGroup")); + perms.add(new RuntimePermission("setFactory")); + perms.add(new ReflectPermission("suppressAccessChecks")); + + // MOCCA specific + perms.add(new SocketPermission("*", "connect,resolve")); + perms.add(new NetPermission("specifyStreamHandler")); + perms.add(new SecurityPermission("insertProvider.*")); + perms.add(new SecurityPermission("putProviderProperty.*")); + perms.add(new SecurityPermission("removeProvider.*")); + perms.add(new CardPermission("*", "*")); + perms.add(new AWTPermission("*")); + + perms.add(new FilePermission(webappDir.getAbsolutePath() + "/-", "read")); + perms.add(new FilePermission(new File(System.getProperty("java.home") + "/lib/xalan.properties").getAbsolutePath(), "read")); + perms.add(new FilePermission(new File(System.getProperty("java.home") + "/lib/xerces.properties").getAbsolutePath(), "read")); + perms.add(new FilePermission(new File(System.getProperty("user.home")).getAbsolutePath(), "read, write")); + perms.add(new FilePermission(new File(System.getProperty("user.home") + "/-").getAbsolutePath(), "read, write")); + perms.add(new FilePermission(new File(System.getProperty("user.home") + "/.mocca/logs/*").getAbsolutePath(), "read, write,delete")); + + + return perms; + } + public void start() throws Exception { server.start(); } diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java new file mode 100644 index 00000000..f7be7b65 --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java @@ -0,0 +1,230 @@ +package at.gv.egiz.bku.webstart; + +import iaik.asn1.CodingException; +import java.io.IOException; +import java.net.URISyntaxException; +import java.util.Locale; +import java.util.MissingResourceException; +import java.util.ResourceBundle; + +import javax.jnlp.UnavailableServiceException; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +import at.gv.egiz.bku.webstart.ui.BKUControllerInterface; +import at.gv.egiz.bku.webstart.ui.TrayIconDialog; +import com.sun.javaws.security.JavaWebStartSecurity; +import java.awt.Desktop; +import java.awt.SplashScreen; +import java.net.BindException; +import java.net.URI; +import java.net.URL; +import java.security.GeneralSecurityException; +import java.util.jar.Attributes; +import java.util.jar.Manifest; +import javax.jnlp.BasicService; +import javax.jnlp.ServiceManager; +import org.mortbay.util.MultiException; + +public class Launcher implements BKUControllerInterface { + + public static final String WEBAPP_RESOURCE = "BKULocal.war"; + public static final String CERTIFICATES_RESOURCE = "BKUCertificates.jar"; + public static final String WEBAPP_FILE = "BKULocal.war"; + public static final String MESSAGES_RESOURCE = "at/gv/egiz/bku/webstart/ui/UIMessages"; + /** resource bundle messages */ + public static final String GREETING_CAPTION = "Greetings.Caption"; + public static final String GREETING_MESSAGE = "Greetings.Message"; + public static final String CONFIG_CAPTION = "Config.Caption"; + public static final String CONFIG_MESSAGE = "Config.Message"; + public static final String STARTUP_CAPTION = "Startup.Caption"; + public static final String STARTUP_MESSAGE = "Startup.Message"; + public static final String ERROR_CAPTION = "Error.Caption"; + public static final String ERROR_STARTUP_MESSAGE = "Error.Startup.Message"; + public static final String ERROR_CONF_MESSAGE = "Error.Conf.Message"; + public static final String ERROR_BIND_MESSAGE = "Error.Bind.Message"; + public static final URI HTTPS_SECURITY_LAYER_URI; + private static Log log = LogFactory.getLog(Launcher.class); + + static { + URI tmp = null; + try { + tmp = new URI("https://localhost:" + Integer.getInteger(Container.HTTPS_PORT_PROPERTY, 3496).intValue()); + } catch (URISyntaxException ex) { + log.error(ex); + } finally { + HTTPS_SECURITY_LAYER_URI = tmp; + } + } + + public static final String version; + static { + String tmp = Configurator.UNKOWN_VERSION; + try { + String bkuWebStartJar = Launcher.class.getProtectionDomain().getCodeSource().getLocation().toString(); + URL manifestURL = new URL("jar:" + bkuWebStartJar + "!/META-INF/MANIFEST.MF"); + if (log.isTraceEnabled()) { + log.trace("read version information from " + manifestURL); + } + Manifest manifest = new Manifest(manifestURL.openStream()); + Attributes atts = manifest.getMainAttributes(); + if (atts != null) { + tmp = atts.getValue("Implementation-Build"); + } + } catch (IOException ex) { + log.error("failed to read version", ex); + } finally { + version = tmp; + log.info("BKU Web Start " + version); + } + } + + private Configurator config; + private Container server; + private BasicService basicService; + + private void initStart() { + try { + basicService = (BasicService) ServiceManager.lookup("javax.jnlp.BasicService"); + if (basicService.isOffline()) { + log.info("launching MOCCA Web Start offline"); + } else { + log.info("launching MOCCA Web Start online"); + } + } catch (UnavailableServiceException ex) { + log.info("Failed to obtain JNLP service: " + ex.getMessage()); + } + } + + private void initTrayIcon() { + log.debug("init MOCCA tray icon"); + Locale loc = Locale.getDefault(); + ResourceBundle resourceBundle; + try { + resourceBundle = ResourceBundle.getBundle( + MESSAGES_RESOURCE, loc); + } catch (MissingResourceException mx) { + resourceBundle = ResourceBundle.getBundle( + MESSAGES_RESOURCE, Locale.ENGLISH); + } + TrayIconDialog.getInstance().init(resourceBundle); + TrayIconDialog.getInstance().setShutdownHook(this); +// TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); + } + + private void initConfig() throws IOException, CodingException, GeneralSecurityException { + config = new Configurator(); + config.ensureConfiguration(); + config.ensureCertificates(); + } + + private void startServer() throws Exception { + log.info("init servlet container and MOCCA webapp"); + server = new Container(); + server.init(); + server.start(); + } + + private void initFinished() { + try { + // standalone (non-webstart) version has splashscreen + if (SplashScreen.getSplashScreen() != null) { + try { + SplashScreen.getSplashScreen().close(); + } catch (IllegalStateException ex) { + log.warn("Failed to close splash screen: " + ex.getMessage()); + } + } + if (config.isCertRenewed()) { + // don't use basicService.showDocument(), which causes a java ssl warning dialog + if (Desktop.isDesktopSupported()) { + Desktop desktop = Desktop.getDesktop(); + if (desktop.isSupported(Desktop.Action.BROWSE)) { + try { + desktop.browse(HTTPS_SECURITY_LAYER_URI); + } catch (Exception ex) { + log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URI, ex); + } + } else { + log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URI); + } + } else { + log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URI); + } + } + log.info("BKU successfully started"); + server.join(); + } catch (InterruptedException e) { + log.warn("failed to join server: " + e.getMessage(), e); + } + } + + @Override + public void shutDown() { + log.info("Shutting down server"); + if ((server != null) && (server.isRunning())) { + try { + if (server.isRunning()) { + server.stop(); + } + } catch (Exception e) { + log.debug(e.toString()); + } finally { + if (server.isRunning()) { + server.destroy(); + } + } + } + System.exit(0); + } + + public static void main(String[] args) throws InterruptedException, IOException { + + if (log.isTraceEnabled()) { + SecurityManager sm = System.getSecurityManager(); + if (sm instanceof JavaWebStartSecurity) { + System.setSecurityManager(new LogSecurityManager((JavaWebStartSecurity) sm)); + } + } + + Launcher launcher = new Launcher(); + launcher.initStart(); + launcher.initTrayIcon(); //keep reference? BKULauncher not garbage collected after main() + + try { + TrayIconDialog.getInstance().displayInfo(CONFIG_CAPTION, CONFIG_MESSAGE); + launcher.initConfig(); + } catch (Exception ex) { + log.fatal("Failed to initialize configuration", ex); + TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_CONF_MESSAGE); + Thread.sleep(5000); + System.exit(-1000); + } + + try { + TrayIconDialog.getInstance().displayInfo(STARTUP_CAPTION, STARTUP_MESSAGE); + launcher.startServer(); + TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); + launcher.initFinished(); + } catch (BindException ex) { + log.fatal("Failed to launch server, " + ex.getMessage(), ex); + TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE); + Thread.sleep(5000); + System.exit(-1000); + } catch (MultiException ex) { + log.fatal("Failed to launch server, " + ex.getMessage(), ex); + if (ex.getThrowable(0) instanceof BindException) { + TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE); + } else { + TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE); + } + Thread.sleep(5000); + System.exit(-1000); + } catch (Exception e) { + log.fatal("Failed to launch server, " + e.getMessage(), e); + TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE); + Thread.sleep(5000); + System.exit(-1000); + } + } +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java new file mode 100644 index 00000000..99fd403b --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java @@ -0,0 +1,440 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.webstart; + +import com.sun.javaws.security.JavaWebStartSecurity; +import java.io.FileDescriptor; +import java.net.InetAddress; +import java.security.Permission; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * JVM argument -Djava.security.debug=access,failure + * (passed as attribute to java element in jnlp) is ignored. + * + * @author Clemens Orthacker + */ +public class LogSecurityManager extends SecurityManager { + + protected static final Log log = LogFactory.getLog(LogSecurityManager.class); + JavaWebStartSecurity sm; + + public LogSecurityManager(JavaWebStartSecurity sm) { + this.sm = sm; +// AppPolicy policy = AppPolicy.getInstance(); +// SecurityManager sm = System.getSecurityManager(); + } + + @Override + public void checkAccept(String host, int port) { + try { + sm.checkAccept(host, port); + } catch (SecurityException ex) { + log.warn("checkAccept(" + host + ", " + port + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkAccess(Thread g) { + try { + sm.checkAccess(g); + } catch (SecurityException ex) { + log.warn("checkAccess(" + g + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkAccess(ThreadGroup g) { + try { + sm.checkAccess(g); + } catch (SecurityException ex) { + log.warn("checkAccess(" + g + "): " + ex.getMessage(), ex); + throw ex; + } + + } + + @Override + public void checkAwtEventQueueAccess() { + try { + sm.checkAwtEventQueueAccess(); + } catch (SecurityException ex) { + log.warn("checkAwtEventQAccess():" + ex.getMessage(), ex); + throw ex; + } + + } + + @Override + public void checkConnect(String host, int port) { + try { + sm.checkConnect(host, port); + } catch (SecurityException ex) { + log.warn("checkConnect(" + host + ", " + port + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkConnect(String host, int port, Object context) { + try { + sm.checkConnect(host, port, context); + } catch (SecurityException ex) { + log.warn("checkConnect(" + host + ", " + port + ", " + context + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkCreateClassLoader() { + try { + sm.checkCreateClassLoader(); + } catch (SecurityException ex) { + log.warn("checkCreateClassLoader(): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkDelete(String file) { + try { + sm.checkDelete(file); + } catch (SecurityException ex) { + log.warn("checkDelete(" + file + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkExec(String cmd) { + try { + sm.checkExec(cmd); + } catch (SecurityException ex) { + log.warn("checkExec(" + cmd + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkExit(int status) { + try { + sm.checkExit(status); + } catch (SecurityException ex) { + log.warn("checkExit(" + status + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkLink(String lib) { + try { + sm.checkLink(lib); + } catch (SecurityException ex) { + log.warn("checkLink(" + lib + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkListen(int port) { + try { + sm.checkListen(port); + } catch (SecurityException ex) { + log.warn("checkListen(" + port + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkMemberAccess(Class clazz, int which) { + try { + sm.checkMemberAccess(clazz, which); + } catch (SecurityException ex) { + log.warn("checkMemberAccess(" + clazz + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkMulticast(InetAddress maddr) { + try { + sm.checkMulticast(maddr); + } catch (SecurityException ex) { + log.warn("checkMulticast(" + maddr + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkMulticast(InetAddress maddr, byte ttl) { + try { + sm.checkMulticast(maddr,ttl); + } catch (SecurityException ex) { + log.warn("checkMulticast(" + maddr + "," + ttl + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkPackageAccess(String pkg) { + try { + sm.checkPackageAccess(pkg); + } catch (SecurityException ex) { + log.warn("checkPackageAccess(" + pkg + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkPackageDefinition(String pkg) { + try { + sm.checkPackageDefinition(pkg); + } catch (SecurityException ex) { + log.warn("checkPackageDefinition(" + pkg + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkPermission(Permission perm) { + try { + sm.checkPermission(perm); + } catch (SecurityException ex) { + log.warn("checkPermission(" + perm.toString() + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkPermission(Permission perm, Object context) { + try { + sm.checkPermission(perm, context); + } catch (SecurityException ex) { + log.warn("checkPermission(" + perm.toString() + ", ctx): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkPrintJobAccess() { + try { + sm.checkPrintJobAccess(); + } catch (SecurityException ex) { + log.info("checkPrintJobAccess(): " + ex.getMessage(), ex); + throw ex; + } + } + + /** + * allowed + */ + @Override + public void checkPropertiesAccess() { + try { + sm.checkPropertiesAccess(); + } catch (SecurityException ex) { + log.info("checkPropertiesAccess(): " + ex.getMessage(), ex); + throw ex; + } + } + + /** + * access to all properties allowed + * @param key + */ + @Override + public void checkPropertyAccess(String key) { + try { + sm.checkPropertyAccess(key); + } catch (SecurityException ex) { + log.info("checkPropertyAccess(" + key + "): " + ex.getMessage()); + throw ex; + } + } + + @Override + public void checkRead(FileDescriptor fd) { + try { + sm.checkRead(fd); + } catch (SecurityException ex) { + log.warn("checkRead(" + fd + ") " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkRead(String file) { + try { + sm.checkRead(file); + } catch (SecurityException ex) { + log.warn("checkRead(" + file + ") " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkRead(String file, Object context) { + try { + sm.checkRead(file, context); + } catch (SecurityException ex) { + log.warn("checkRead(" + file + ") " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkSecurityAccess(String target) { + try { + sm.checkSecurityAccess(target); + } catch (SecurityException ex) { + log.info("checkSecurityAccess(" + target + "): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public void checkSetFactory() { + log.info("checkSetFactory() "); + try { + sm.checkSetFactory(); + } catch (SecurityException ex) { + log.warn("checkSetFactroy(): " + ex.getMessage(), ex); + throw ex; + } + + } + + @Override + public void checkSystemClipboardAccess() { + try { + sm.checkSystemClipboardAccess(); + } catch (SecurityException ex) { + log.info("checkSystemClipboardAccess(): " + ex.getMessage(), ex); + throw ex; + } + } + + @Override + public boolean checkTopLevelWindow(Object window) { + log.info("checkTopLevelWindow(Object window)"); + try { + return sm.checkTopLevelWindow(window); + } catch (SecurityException ex) { + log.warn("checkTopLevelWindow(" + window + "): " + ex.getMessage(), ex); + throw ex; + } + + } + + @Override + public void checkWrite(FileDescriptor fd) { + try { + sm.checkWrite(fd); + } catch (SecurityException ex) { + log.info("checkWrite(" + fd + "): " + ex.getMessage(), ex); + } + } + + @Override + public void checkWrite(String file) { + try { + sm.checkWrite(file); + } catch (SecurityException ex) { + log.info("checkWrite(" + file + "): " + ex.getMessage(), ex); + } + } + +// @Override +// protected int classDepth(String name) { +// log.info("classDepth(String name)"); return this.classDepth(name); +// } +// +// @Override +// protected int classLoaderDepth() { +// log.info("classLoaderDepth"); return sm.classLoaderDepth(); +// } +// +// @Override +// protected Object clone() throws CloneNotSupportedException { +// log.info("clone"); return sm.clone(); +// } +// +// @Override +// protected ClassLoader currentClassLoader() { +// log.info("currentClassLoader"); return sm.currentClassLoader(); +// } +// +// @Override +// protected Class currentLoadedClass() { +// log.info("currentLoadedClass"); return sm.currentLoadedClass(); +// } + @Override + public boolean equals(Object obj) { + log.info("equals"); + return sm.equals(obj); + } + +// @Override +// protected void finalize() throws Throwable { +// log.info("finalize"); sm.finalize(); +// } +// @Override +// protected Class[] getClassContext() { +// log.info("getClassContext"); return sm.getClassContext(); +// } + @Override + public boolean getInCheck() { + log.info("getInCheck"); + return sm.getInCheck(); + } + + @Override + public Object getSecurityContext() { + log.info("getSecurityContext"); + return sm.getSecurityContext(); + } + + @Override + public ThreadGroup getThreadGroup() { + log.info("getThreadGroup"); + return sm.getThreadGroup(); + } + + @Override + public int hashCode() { + log.info("hashCode"); + return sm.hashCode(); + } + +// @Override +// protected boolean inClass(String name) { +// log.info("inClass"); return sm.inClass(name); +// } +// +// @Override +// protected boolean inClassLoader() { +// log.info(""); return sm.inClassLoader(); +// } + @Override + public String toString() { + log.info("toString"); + return sm.toString(); + } +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java index 9990b2a0..fb7c40dd 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java @@ -36,7 +36,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; public class TrayIconDialog implements TrayIconDialogInterface { - public static final String TRAYICON_RESOURCE = "at/gv/egiz/bku/webstart/ui/trayicon.png"; + public static final String TRAYICON_RESOURCE = "at/gv/egiz/bku/webstart/ui/trayicon_32.png"; public static final String TRAYMENU_SHUTDOWN = "TrayMenu.Shutdown"; public static final String TRAYMENU_TOOLTIP = "TrayMenu.Tooltip"; -- cgit v1.2.3 From a8e021a5b4450e117b76d9f6cc69bd24cd1dd5d3 Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 14 Aug 2009 10:55:59 +0000 Subject: fixed updateRequired function git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@434 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/webstart/Configurator.java | 159 ++++++++++++++------- .../java/at/gv/egiz/bku/webstart/Container.java | 4 + 2 files changed, 108 insertions(+), 55 deletions(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java index ab1746ed..f1349637 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java @@ -79,7 +79,7 @@ public class Configurator { public static final String PASSWD_FILE = ".secret"; private static final Log log = LogFactory.getLog(Configurator.class); - + /** currently installed configuration version */ private String version; private String certsVersion; @@ -104,7 +104,7 @@ public class Configurator { if (log.isDebugEnabled()) { log.debug("config directory " + configDir + ", version " + version); } - if (updateRequired(version)) { + if (updateRequired(version, MIN_CONFIG_VERSION)) { File moccaDir = configDir.getParentFile(); File zipFile = new File(moccaDir, "conf-" + version + ".zip"); ZipOutputStream zipOS = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(zipFile))); @@ -135,7 +135,7 @@ public class Configurator { log.debug("certificate-store directory " + certsDir + ", version " + certsVersion); } String newCertsVersion = getCertificatesVersion(); - if (updateRequiredStrict(certsVersion, newCertsVersion)) { + if (updateRequired(certsVersion, newCertsVersion)) { File moccaDir = certsDir.getParentFile(); File zipFile = new File(moccaDir, "certs-" + certsVersion + ".zip"); ZipOutputStream zipOS = new ZipOutputStream(new BufferedOutputStream(new FileOutputStream(zipFile))); @@ -174,7 +174,7 @@ public class Configurator { String version; while ((version = versionReader.readLine().trim()) != null) { if (version.length() > 0 && !version.startsWith("#")) { - log.debug("configuration version from " + versionFile + ": " + version); + log.trace("configuration version from " + versionFile + ": " + version); return version; } } @@ -221,70 +221,119 @@ public class Configurator { return certsResourceVersion; } - protected static boolean updateRequired(String oldVersion) { - log.debug("comparing " + oldVersion + " to " + MIN_CONFIG_VERSION); - if (oldVersion != null && !UNKOWN_VERSION.equals(oldVersion)) { - - int majorEnd = oldVersion.indexOf('-'); - String oldMajor = (majorEnd < 0) ? oldVersion : oldVersion.substring(0, majorEnd); - - String minMajor = MIN_CONFIG_VERSION; - boolean releaseRequired = true; - if (MIN_CONFIG_VERSION.endsWith("-SNAPSHOT")) { - releaseRequired = false; - minMajor = minMajor.substring(0, minMajor.length() - 9); - } - - int compare = oldMajor.compareTo(minMajor); - if (compare < 0 || - // SNAPSHOT versions are pre-releases (update if release required) - (compare == 0 && releaseRequired && oldVersion.startsWith("-SNAPSHOT", majorEnd))) { - log.debug("configuration update required"); - return true; - } else { - log.debug("configuration up to date"); - return false; - } - } - log.debug("no old version, configuration update required"); - return true; - } - /** * if unknown old, update in any case - * if known old and unknown new, don't update + * if known old and unknown min, don't update * @param oldVersion - * @param newVersion + * @param minVersion * @return */ - private boolean updateRequiredStrict(String oldVersion, String newVersion) { - log.debug("comparing " + oldVersion + " to " + newVersion); + protected static boolean updateRequired(String oldVersion, String minVersion) { + log.debug("comparing " + oldVersion + " to " + minVersion); if (oldVersion != null && !UNKOWN_VERSION.equals(oldVersion)) { - if (newVersion != null && !UNKOWN_VERSION.equals(newVersion)) { - String[] oldV = oldVersion.split("-"); - String[] newV = newVersion.split("-"); - log.trace("comparing " + oldV[0] + " to " + newV[0]); - if (oldV[0].compareTo(newV[0]) < 0) { - log.debug("update required"); - return true; - } else { - log.trace("comparing " + oldV[oldV.length - 1] + " to " + newV[newV.length - 1]); - if (oldV[oldV.length - 1].compareTo(newV[newV.length - 1]) < 0) { + if (minVersion != null && !UNKOWN_VERSION.equals(minVersion)) { + int fromInd = 0; + int nextIndOld, nextIndMin; + int xOld, xMin; + + // assume dots '.' appear in major version only (not after "-SNAPSHOT") + while ((nextIndOld = oldVersion.indexOf('.', fromInd)) > 0) { + nextIndMin = minVersion.indexOf('.', fromInd); + if (nextIndMin < 0) { + log.debug("installed version newer than minimum required (newer minor version)"); + } + xOld = Integer.valueOf(oldVersion.substring(fromInd, nextIndOld)); + xMin = Integer.valueOf(minVersion.substring(fromInd, nextIndMin)); + if (xMin > xOld) { log.debug("update required"); return true; - } else { - log.debug("no update required"); + } else if (xMin < xOld) { + log.debug("installed version newer than minimum required"); return false; } + fromInd = nextIndOld + 1; + } + + // compare last digit of major + boolean preRelease = true; + int majorEndOld = oldVersion.indexOf("-SNAPSHOT"); + if (majorEndOld < 0) { + preRelease = false; + majorEndOld = oldVersion.length(); + } + + boolean releaseRequired = false; + int majorEndMin = minVersion.indexOf("-SNAPSHOT"); + if (majorEndMin < 0) { + releaseRequired = true; + majorEndMin = minVersion.length(); + } + + xOld = Integer.valueOf(oldVersion.substring(fromInd, majorEndOld)); + boolean hasMoreDigitsMin = true; + nextIndMin = minVersion.indexOf('.', fromInd); + if (nextIndMin < 0) { + hasMoreDigitsMin = false; + nextIndMin = majorEndMin; + } + xMin = Integer.valueOf(minVersion.substring(fromInd, nextIndMin)); + if (xMin > xOld) { + log.debug("update required"); + return true; + } else if (xMin < xOld) { + log.debug("installed version newer than minimum required"); + return false; + } else if (hasMoreDigitsMin) { // xMin == xOld + log.debug("update required (newer minor version required)"); + return true; + } else if (preRelease && releaseRequired) { + log.debug("pre-release installed but release required"); + return true; + } else { + log.debug("exact match, no updated required"); + return false; } } - log.debug("unknown new version, do not update"); - return true; + log.debug("unknown minimum version, do not update"); + return false; } - log.debug("unknown old version, update required"); + log.debug("no old version, update required"); return true; } - + + /** + + * @param oldVersion + * @param newVersion + * @return + */ +// private boolean updateRequiredStrict(String oldVersion, String newVersion) { +// log.debug("comparing " + oldVersion + " to " + newVersion); +// if (oldVersion != null && !UNKOWN_VERSION.equals(oldVersion)) { +// if (newVersion != null && !UNKOWN_VERSION.equals(newVersion)) { +// String[] oldV = oldVersion.split("-"); +// String[] newV = newVersion.split("-"); +// log.trace("comparing " + oldV[0] + " to " + newV[0]); +// if (oldV[0].compareTo(newV[0]) < 0) { +// log.debug("update required"); +// return true; +// } else { +// log.trace("comparing " + oldV[oldV.length - 1] + " to " + newV[newV.length - 1]); +// if (oldV[oldV.length - 1].compareTo(newV[newV.length - 1]) < 0) { +// log.debug("update required"); +// return true; +// } else { +// log.debug("no update required"); +// return false; +// } +// } +// } +// log.debug("unknown new version, do not update"); +// return true; +// } +// log.debug("unknown old version, update required"); +// return true; +// } protected static void backupAndDelete(File dir, URI relativeTo, ZipOutputStream zip) throws IOException { if (dir.isDirectory()) { File[] subDirs = dir.listFiles(); @@ -320,7 +369,7 @@ public class Configurator { private static void createConfig(File configDir, String version) throws IOException { if (log.isDebugEnabled()) { - log.debug("creating configuration version " + Launcher.version + " in " + configDir ); + log.debug("creating configuration version " + Launcher.version + " in " + configDir); } configDir.mkdirs(); File confTemplateFile = new File(configDir, CONF_TEMPLATE_FILE); @@ -347,7 +396,7 @@ public class Configurator { if (certsURL != null) { StringBuilder url = new StringBuilder(certsURL.toExternalForm()); url = url.replace(url.length() - CERTIFICATES_PKG.length(), url.length(), "META-INF/MANIFEST.MF"); - log.debug("retrieve certificate resource names from " + url); + log.trace("retrieve certificate resource names from " + url); certsURL = new URL(url.toString()); Manifest certsManifest = new Manifest(certsURL.openStream()); certsDir.mkdirs(); diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java index 4df90ab2..a2947833 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -177,7 +177,11 @@ public class Container { perms.add(new FilePermission(new File(System.getProperty("user.home")).getAbsolutePath(), "read, write")); perms.add(new FilePermission(new File(System.getProperty("user.home") + "/-").getAbsolutePath(), "read, write")); perms.add(new FilePermission(new File(System.getProperty("user.home") + "/.mocca/logs/*").getAbsolutePath(), "read, write,delete")); + perms.add(new FilePermission(new File(System.getProperty("user.home") + "/.mocca/certs/-").getAbsolutePath(), "read, write,delete")); + //TODO + log.trace("granting file read/write permission to MOCCA local"); + perms.add(new FilePermission("<>", "read, write")); return perms; } -- cgit v1.2.3 From df55caa03b0111d81b44762936462ca29d229c7e Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 14 Aug 2009 10:59:28 +0000 Subject: <> git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@435 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java index a2947833..4ae3b060 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -181,7 +181,7 @@ public class Container { //TODO log.trace("granting file read/write permission to MOCCA local"); - perms.add(new FilePermission("<>", "read, write")); + perms.add(new FilePermission("<>", "read, write")); return perms; } -- cgit v1.2.3 From e72c9994054446f38c5bc53d7da573e366f57963 Mon Sep 17 00:00:00 2001 From: clemenso Date: Wed, 19 Aug 2009 13:43:02 +0000 Subject: make "include-webstart" profile default (added "local-webstart" for development) updateRequired (versioning) bug fixed AboutDialog Branding (removed MOCCA/Bean) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@444 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/webstart/Configurator.java | 55 +----- .../java/at/gv/egiz/bku/webstart/Container.java | 2 +- .../java/at/gv/egiz/bku/webstart/Launcher.java | 208 +++++++++++++-------- .../at/gv/egiz/bku/webstart/gui/AboutDialog.form | 139 ++++++++++++++ .../at/gv/egiz/bku/webstart/gui/AboutDialog.java | 162 ++++++++++++++++ .../bku/webstart/gui/BKUControllerInterface.java | 23 +++ .../gv/egiz/bku/webstart/gui/TrayMenuListener.java | 75 ++++++++ .../bku/webstart/ui/BKUControllerInterface.java | 23 --- .../at/gv/egiz/bku/webstart/ui/TrayIconDialog.java | 205 -------------------- .../bku/webstart/ui/TrayIconDialogInterface.java | 33 ---- 10 files changed, 544 insertions(+), 381 deletions(-) create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.form create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/BKUControllerInterface.java create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/TrayMenuListener.java delete mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/BKUControllerInterface.java delete mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java delete mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialogInterface.java (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java index f1349637..bef2246b 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java @@ -18,7 +18,6 @@ package at.gv.egiz.bku.webstart; import at.gv.egiz.bku.utils.StreamUtil; import iaik.asn1.CodingException; -import iaik.xml.crypto.utils.Utils; import java.io.BufferedInputStream; import java.io.BufferedOutputStream; import java.io.BufferedReader; @@ -32,25 +31,19 @@ import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.net.URI; -import java.net.URISyntaxException; import java.net.URL; import java.security.GeneralSecurityException; import java.security.KeyStore; import java.util.Enumeration; import java.util.Iterator; -import java.util.Map; -import java.util.Set; import java.util.UUID; import java.util.jar.Attributes; import java.util.jar.Manifest; -import java.util.logging.Level; -import java.util.logging.Logger; import java.util.zip.ZipEntry; import java.util.zip.ZipFile; import java.util.zip.ZipOutputStream; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.eclipse.jdt.core.dom.ThisExpression; /** * @@ -63,7 +56,7 @@ public class Configurator { * configurations with less than this (major) version will be backuped and updated * allowed: MAJOR[.MINOR[.X[-SNAPSHOT]]] */ - public static final String MIN_CONFIG_VERSION = "1.0.9-SNAPSHOT"; + public static final String MIN_CONFIG_VERSION = "1.0.9"; public static final String CONFIG_DIR = ".mocca/conf/"; public static final String CERTS_DIR = ".mocca/certs/"; public static final String VERSION_FILE = ".version"; @@ -259,14 +252,20 @@ public class Configurator { int majorEndOld = oldVersion.indexOf("-SNAPSHOT"); if (majorEndOld < 0) { preRelease = false; - majorEndOld = oldVersion.length(); + majorEndOld = oldVersion.indexOf('-'); // 1.0.10-r439 + if (majorEndOld < 0) { + majorEndOld = oldVersion.length(); + } } boolean releaseRequired = false; int majorEndMin = minVersion.indexOf("-SNAPSHOT"); if (majorEndMin < 0) { releaseRequired = true; - majorEndMin = minVersion.length(); + majorEndMin = minVersion.indexOf('-'); + if (majorEndMin < 0) { + majorEndMin = minVersion.length(); + } } xOld = Integer.valueOf(oldVersion.substring(fromInd, majorEndOld)); @@ -301,39 +300,6 @@ public class Configurator { return true; } - /** - - * @param oldVersion - * @param newVersion - * @return - */ -// private boolean updateRequiredStrict(String oldVersion, String newVersion) { -// log.debug("comparing " + oldVersion + " to " + newVersion); -// if (oldVersion != null && !UNKOWN_VERSION.equals(oldVersion)) { -// if (newVersion != null && !UNKOWN_VERSION.equals(newVersion)) { -// String[] oldV = oldVersion.split("-"); -// String[] newV = newVersion.split("-"); -// log.trace("comparing " + oldV[0] + " to " + newV[0]); -// if (oldV[0].compareTo(newV[0]) < 0) { -// log.debug("update required"); -// return true; -// } else { -// log.trace("comparing " + oldV[oldV.length - 1] + " to " + newV[newV.length - 1]); -// if (oldV[oldV.length - 1].compareTo(newV[newV.length - 1]) < 0) { -// log.debug("update required"); -// return true; -// } else { -// log.debug("no update required"); -// return false; -// } -// } -// } -// log.debug("unknown new version, do not update"); -// return true; -// } -// log.debug("unknown old version, update required"); -// return true; -// } protected static void backupAndDelete(File dir, URI relativeTo, ZipOutputStream zip) throws IOException { if (dir.isDirectory()) { File[] subDirs = dir.listFiles(); @@ -454,8 +420,7 @@ public class Configurator { passwdWriter.write(password); passwdWriter.close(); if (!passwdFile.setReadable(false, false) || !passwdFile.setReadable(true, true)) { - passwdFile.delete(); - throw new IOException("failed to make " + passwdFile + " owner readable only, deleting file"); + log.error("failed to make " + passwdFile + " owner readable only (certain file-systems do not support owner's permissions)"); } TLSServerCA ca = new TLSServerCA(); KeyStore ks = ca.generateKeyStore(password); diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java index 4ae3b060..08a0808a 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -151,7 +151,7 @@ public class Container { perms.add(new RuntimePermission("getClassLoader")); // standard permissions - perms.add(new PropertyPermission("*", "read")); + perms.add(new PropertyPermission("*", "read,write")); perms.add(new RuntimePermission("accessDeclaredMembers")); perms.add(new RuntimePermission("accessClassInPackage.*")); perms.add(new RuntimePermission("defineClassInPackage.*")); diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java index f7be7b65..23d832a2 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java @@ -1,27 +1,33 @@ package at.gv.egiz.bku.webstart; +import at.gv.egiz.bku.webstart.gui.BKUControllerInterface; +import at.gv.egiz.bku.webstart.gui.TrayMenuListener; import iaik.asn1.CodingException; import java.io.IOException; import java.net.URISyntaxException; import java.util.Locale; -import java.util.MissingResourceException; import java.util.ResourceBundle; import javax.jnlp.UnavailableServiceException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import at.gv.egiz.bku.webstart.ui.BKUControllerInterface; -import at.gv.egiz.bku.webstart.ui.TrayIconDialog; import com.sun.javaws.security.JavaWebStartSecurity; +import java.awt.AWTException; import java.awt.Desktop; +import java.awt.Image; +import java.awt.MenuItem; +import java.awt.PopupMenu; import java.awt.SplashScreen; +import java.awt.SystemTray; +import java.awt.TrayIcon; import java.net.BindException; import java.net.URI; import java.net.URL; import java.security.GeneralSecurityException; import java.util.jar.Attributes; import java.util.jar.Manifest; +import javax.imageio.ImageIO; import javax.jnlp.BasicService; import javax.jnlp.ServiceManager; import org.mortbay.util.MultiException; @@ -31,18 +37,26 @@ public class Launcher implements BKUControllerInterface { public static final String WEBAPP_RESOURCE = "BKULocal.war"; public static final String CERTIFICATES_RESOURCE = "BKUCertificates.jar"; public static final String WEBAPP_FILE = "BKULocal.war"; - public static final String MESSAGES_RESOURCE = "at/gv/egiz/bku/webstart/ui/UIMessages"; + public static final String MESSAGES_RESOURCE = "at/gv/egiz/bku/webstart/messages"; + public static final String TRAYICON_RESOURCE = "at/gv/egiz/bku/webstart/logo_"; /** resource bundle messages */ - public static final String GREETING_CAPTION = "Greetings.Caption"; - public static final String GREETING_MESSAGE = "Greetings.Message"; - public static final String CONFIG_CAPTION = "Config.Caption"; - public static final String CONFIG_MESSAGE = "Config.Message"; - public static final String STARTUP_CAPTION = "Startup.Caption"; - public static final String STARTUP_MESSAGE = "Startup.Message"; - public static final String ERROR_CAPTION = "Error.Caption"; - public static final String ERROR_STARTUP_MESSAGE = "Error.Startup.Message"; - public static final String ERROR_CONF_MESSAGE = "Error.Conf.Message"; - public static final String ERROR_BIND_MESSAGE = "Error.Bind.Message"; + public static final String CAPTION_DEFAULT = "tray.caption.default"; + public static final String CAPTION_ERROR = "tray.caption.error"; + public static final String MESSAGE_START = "tray.message.start"; + public static final String MESSAGE_START_OFFLINE = "tray.message.start.offline"; + public static final String MESSAGE_CONFIG = "tray.message.config"; + public static final String MESSAGE_CERTS = "tray.message.certs"; + public static final String MESSAGE_FINISHED = "tray.message.finished"; + public static final String MESSAGE_SHUTDOWN = "tray.message.shutdown"; + public static final String ERROR_START = "tray.error.start"; + public static final String ERROR_CONFIG = "tray.error.config"; + public static final String ERROR_BIND = "tray.error.bind"; + public static final String LABEL_SHUTDOWN = "tray.label.shutdown"; + public static final String LABEL_PIN = "tray.label.pin"; + public static final String LABEL_ABOUT = "tray.label.about"; + public static final String TOOLTIP_DEFAULT = "tray.tooltip.default"; + + /** local bku uri */ public static final URI HTTPS_SECURITY_LAYER_URI; private static Log log = LogFactory.getLog(Launcher.class); @@ -56,7 +70,6 @@ public class Launcher implements BKUControllerInterface { HTTPS_SECURITY_LAYER_URI = tmp; } } - public static final String version; static { String tmp = Configurator.UNKOWN_VERSION; @@ -78,16 +91,107 @@ public class Launcher implements BKUControllerInterface { log.info("BKU Web Start " + version); } } - private Configurator config; private Container server; private BasicService basicService; + private TrayIcon trayIcon; + private ResourceBundle messages; + + public Launcher() { + if (log.isTraceEnabled()) { + SecurityManager sm = System.getSecurityManager(); + if (sm instanceof JavaWebStartSecurity) { + System.setSecurityManager(new LogSecurityManager((JavaWebStartSecurity) sm)); + } + } + messages = ResourceBundle.getBundle(MESSAGES_RESOURCE, Locale.getDefault()); + trayIcon = initTrayIcon(); + } + + public void launch() throws Exception { + initStart(); + try { + initConfig(); + } catch (Exception ex) { + log.fatal("Failed to initialize configuration", ex); + trayIcon.displayMessage(messages.getString(CAPTION_ERROR), + messages.getString(ERROR_CONFIG), TrayIcon.MessageType.ERROR); + throw ex; + } + try { + startServer(); + initFinished(); + } catch (BindException ex) { + log.fatal("Failed to launch server, " + ex.getMessage(), ex); + trayIcon.displayMessage(messages.getString(CAPTION_ERROR), + messages.getString(ERROR_BIND), TrayIcon.MessageType.ERROR); + throw ex; + } catch (MultiException ex) { + log.fatal("Failed to launch server, " + ex.getMessage(), ex); + if (ex.getThrowable(0) instanceof BindException) { + trayIcon.displayMessage(messages.getString(CAPTION_ERROR), + messages.getString(ERROR_BIND), TrayIcon.MessageType.ERROR); + } else { + trayIcon.displayMessage(messages.getString(CAPTION_ERROR), + messages.getString(ERROR_START), TrayIcon.MessageType.ERROR); + } + throw ex; + } catch (Exception ex) { + log.fatal("Failed to launch server, " + ex.getMessage(), ex); + trayIcon.displayMessage(messages.getString(CAPTION_ERROR), + messages.getString(ERROR_START), TrayIcon.MessageType.ERROR); + throw ex; + } + } + + private TrayIcon initTrayIcon() { //ResourceBundle messages, BKUControllerInterface bkuHook) { + if (SystemTray.isSupported()) { + try { + // get the SystemTray instance + SystemTray tray = SystemTray.getSystemTray(); + log.debug("TrayIcon size: " + tray.getTrayIconSize()); + String iconResource = (tray.getTrayIconSize().height < 25) + ? TRAYICON_RESOURCE + "24.png" + : TRAYICON_RESOURCE + "32.png"; + Image image = ImageIO.read(Launcher.class.getClassLoader().getResourceAsStream(iconResource)); + + TrayMenuListener listener = new TrayMenuListener(this, messages, version); + PopupMenu popup = new PopupMenu(); + + MenuItem shutdownItem = new MenuItem(messages.getString(LABEL_SHUTDOWN)); + shutdownItem.addActionListener(listener); + shutdownItem.setActionCommand(TrayMenuListener.SHUTDOWN_COMMAND); + popup.add(shutdownItem); + + MenuItem aboutItem = new MenuItem(messages.getString(LABEL_ABOUT)); + aboutItem.setActionCommand(TrayMenuListener.ABOUT_COMMAND); + aboutItem.addActionListener(listener); + popup.add(aboutItem); + + TrayIcon ti = new TrayIcon(image, messages.getString(TOOLTIP_DEFAULT), popup); + ti.addActionListener(listener); + tray.add(ti); + return ti; + } catch (AWTException ex) { + log.error("Failed to init tray icon", ex); + } catch (IOException ex) { + log.error("Failed to load tray icon image", ex); + } + } else { + log.error("No system tray support"); + } + return null; + } private void initStart() { try { + trayIcon.displayMessage(messages.getString(CAPTION_DEFAULT), + messages.getString(MESSAGE_START), TrayIcon.MessageType.INFO); basicService = (BasicService) ServiceManager.lookup("javax.jnlp.BasicService"); if (basicService.isOffline()) { log.info("launching MOCCA Web Start offline"); + trayIcon.displayMessage(messages.getString(CAPTION_DEFAULT), + messages.getString(MESSAGE_START_OFFLINE), TrayIcon.MessageType.INFO); } else { log.info("launching MOCCA Web Start online"); } @@ -96,30 +200,20 @@ public class Launcher implements BKUControllerInterface { } } - private void initTrayIcon() { - log.debug("init MOCCA tray icon"); - Locale loc = Locale.getDefault(); - ResourceBundle resourceBundle; - try { - resourceBundle = ResourceBundle.getBundle( - MESSAGES_RESOURCE, loc); - } catch (MissingResourceException mx) { - resourceBundle = ResourceBundle.getBundle( - MESSAGES_RESOURCE, Locale.ENGLISH); - } - TrayIconDialog.getInstance().init(resourceBundle); - TrayIconDialog.getInstance().setShutdownHook(this); -// TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); - } - private void initConfig() throws IOException, CodingException, GeneralSecurityException { + trayIcon.displayMessage(messages.getString(CAPTION_DEFAULT), + messages.getString(MESSAGE_CONFIG), TrayIcon.MessageType.INFO); config = new Configurator(); config.ensureConfiguration(); + trayIcon.displayMessage(messages.getString(CAPTION_DEFAULT), + messages.getString(MESSAGE_CERTS), TrayIcon.MessageType.INFO); config.ensureCertificates(); } private void startServer() throws Exception { log.info("init servlet container and MOCCA webapp"); +// trayIcon.displayMessage(messages.getString(CAPTION_DEFAULT), +// messages.getString(MESSAGE_START), TrayIcon.MessageType.INFO); server = new Container(); server.init(); server.start(); @@ -127,6 +221,8 @@ public class Launcher implements BKUControllerInterface { private void initFinished() { try { + trayIcon.displayMessage(messages.getString(CAPTION_DEFAULT), + messages.getString(MESSAGE_FINISHED), TrayIcon.MessageType.INFO); // standalone (non-webstart) version has splashscreen if (SplashScreen.getSplashScreen() != null) { try { @@ -162,6 +258,8 @@ public class Launcher implements BKUControllerInterface { @Override public void shutDown() { log.info("Shutting down server"); + trayIcon.displayMessage(messages.getString(CAPTION_DEFAULT), + messages.getString(MESSAGE_SHUTDOWN), TrayIcon.MessageType.INFO); if ((server != null) && (server.isRunning())) { try { if (server.isRunning()) { @@ -179,51 +277,13 @@ public class Launcher implements BKUControllerInterface { } public static void main(String[] args) throws InterruptedException, IOException { - - if (log.isTraceEnabled()) { - SecurityManager sm = System.getSecurityManager(); - if (sm instanceof JavaWebStartSecurity) { - System.setSecurityManager(new LogSecurityManager((JavaWebStartSecurity) sm)); - } - } - - Launcher launcher = new Launcher(); - launcher.initStart(); - launcher.initTrayIcon(); //keep reference? BKULauncher not garbage collected after main() - try { - TrayIconDialog.getInstance().displayInfo(CONFIG_CAPTION, CONFIG_MESSAGE); - launcher.initConfig(); + Launcher launcher = new Launcher(); + launcher.launch(); } catch (Exception ex) { - log.fatal("Failed to initialize configuration", ex); - TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_CONF_MESSAGE); - Thread.sleep(5000); - System.exit(-1000); - } - - try { - TrayIconDialog.getInstance().displayInfo(STARTUP_CAPTION, STARTUP_MESSAGE); - launcher.startServer(); - TrayIconDialog.getInstance().displayInfo(GREETING_CAPTION, GREETING_MESSAGE); - launcher.initFinished(); - } catch (BindException ex) { - log.fatal("Failed to launch server, " + ex.getMessage(), ex); - TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE); - Thread.sleep(5000); - System.exit(-1000); - } catch (MultiException ex) { - log.fatal("Failed to launch server, " + ex.getMessage(), ex); - if (ex.getThrowable(0) instanceof BindException) { - TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_BIND_MESSAGE); - } else { - TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE); - } - Thread.sleep(5000); - System.exit(-1000); - } catch (Exception e) { - log.fatal("Failed to launch server, " + e.getMessage(), e); - TrayIconDialog.getInstance().displayError(ERROR_CAPTION, ERROR_STARTUP_MESSAGE); + log.info("waiting to shutdown..."); Thread.sleep(5000); + log.info("exit"); System.exit(-1000); } } diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.form b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.form new file mode 100644 index 00000000..c1cfdab7 --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.form @@ -0,0 +1,139 @@ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java new file mode 100644 index 00000000..efa80bd6 --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java @@ -0,0 +1,162 @@ +/* + * To change this template, choose Tools | Templates + * and open the template in the editor. + */ + +/* + * AboutDialog.java + * + * Created on 18.08.2009, 11:54:44 + */ + +package at.gv.egiz.bku.webstart.gui; + +import java.text.Format; +import java.text.MessageFormat; +import java.util.ResourceBundle; + +/** + * + * @author clemens + */ +public class AboutDialog extends javax.swing.JDialog { + + /** Creates new form AboutDialog */ + public AboutDialog(java.awt.Frame parent, boolean modal, String version) { + super(parent, modal); + this.version = version; + initComponents(); + } + + /** This method is called from within the constructor to + * initialize the form. + * WARNING: Do NOT modify this code. The content of this method is + * always regenerated by the Form Editor. + */ + @SuppressWarnings("unchecked") + // //GEN-BEGIN:initComponents + private void initComponents() { + + jPanel1 = new javax.swing.JPanel(); + jLabel1 = new javax.swing.JLabel(); + jLabel2 = new javax.swing.JLabel(); + jLabel3 = new javax.swing.JLabel(); + jPanel3 = new javax.swing.JPanel(); + jButton1 = new javax.swing.JButton(); + + setDefaultCloseOperation(javax.swing.WindowConstants.DISPOSE_ON_CLOSE); + java.util.ResourceBundle bundle = java.util.ResourceBundle.getBundle("at/gv/egiz/bku/webstart/messages"); // NOI18N + setTitle(bundle.getString("about.frame.title")); // NOI18N + + jLabel1.setIcon(new javax.swing.ImageIcon(getClass().getResource("/at/gv/egiz/bku/webstart/logo_notext.png"))); // NOI18N + + jLabel2.setText(getVersionText(bundle)); + + jLabel3.setText(bundle.getString("about.title")); // NOI18N + + javax.swing.GroupLayout jPanel1Layout = new javax.swing.GroupLayout(jPanel1); + jPanel1.setLayout(jPanel1Layout); + jPanel1Layout.setHorizontalGroup( + jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel1Layout.createSequentialGroup() + .addComponent(jLabel1) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.UNRELATED) + .addGroup(jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jLabel3) + .addComponent(jLabel2)) + .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + ); + jPanel1Layout.setVerticalGroup( + jPanel1Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jLabel1) + .addGroup(jPanel1Layout.createSequentialGroup() + .addContainerGap() + .addComponent(jLabel3) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED) + .addComponent(jLabel2)) + ); + + jButton1.setText(bundle.getString("button.close")); // NOI18N + jButton1.addActionListener(new java.awt.event.ActionListener() { + public void actionPerformed(java.awt.event.ActionEvent evt) { + jButton1ActionPerformed(evt); + } + }); + + javax.swing.GroupLayout jPanel3Layout = new javax.swing.GroupLayout(jPanel3); + jPanel3.setLayout(jPanel3Layout); + jPanel3Layout.setHorizontalGroup( + jPanel3Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, jPanel3Layout.createSequentialGroup() + .addContainerGap(157, Short.MAX_VALUE) + .addComponent(jButton1) + .addContainerGap()) + ); + jPanel3Layout.setVerticalGroup( + jPanel3Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(jPanel3Layout.createSequentialGroup() + .addContainerGap() + .addComponent(jButton1) + .addContainerGap(javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + ); + + javax.swing.GroupLayout layout = new javax.swing.GroupLayout(getContentPane()); + getContentPane().setLayout(layout); + layout.setHorizontalGroup( + layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(layout.createSequentialGroup() + .addContainerGap() + .addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addComponent(jPanel1, javax.swing.GroupLayout.Alignment.TRAILING, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) + .addComponent(jPanel3, javax.swing.GroupLayout.Alignment.TRAILING, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)) + .addContainerGap()) + ); + layout.setVerticalGroup( + layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) + .addGroup(layout.createSequentialGroup() + .addContainerGap() + .addComponent(jPanel1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 12, Short.MAX_VALUE) + .addComponent(jPanel3, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) + .addContainerGap()) + ); + + pack(); + }// //GEN-END:initComponents + + private String getVersionText(ResourceBundle bundle) { + return MessageFormat.format(bundle.getString("about.version"), version); + } + private void jButton1ActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_jButton1ActionPerformed + // TODO add your handling code here: + setVisible(false); + }//GEN-LAST:event_jButton1ActionPerformed + + /** + * @param args the command line arguments + */ + public static void main(String args[]) { + java.awt.EventQueue.invokeLater(new Runnable() { + public void run() { + AboutDialog dialog = new AboutDialog(new javax.swing.JFrame(), true, "1.2.3"); + dialog.addWindowListener(new java.awt.event.WindowAdapter() { + public void windowClosing(java.awt.event.WindowEvent e) { + System.exit(0); + } + }); + dialog.setVisible(true); + } + }); + } + + // Variables declaration - do not modify//GEN-BEGIN:variables + private javax.swing.JButton jButton1; + private javax.swing.JLabel jLabel1; + private javax.swing.JLabel jLabel2; + private javax.swing.JLabel jLabel3; + private javax.swing.JPanel jPanel1; + private javax.swing.JPanel jPanel3; + // End of variables declaration//GEN-END:variables + + private String version; +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/BKUControllerInterface.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/BKUControllerInterface.java new file mode 100644 index 00000000..886b55f7 --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/BKUControllerInterface.java @@ -0,0 +1,23 @@ +/* +* Copyright 2008 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ +package at.gv.egiz.bku.webstart.gui; + +public interface BKUControllerInterface { + + public void shutDown(); + +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/TrayMenuListener.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/TrayMenuListener.java new file mode 100644 index 00000000..1e5efe8e --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/TrayMenuListener.java @@ -0,0 +1,75 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.webstart.gui; + +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.awt.event.WindowAdapter; +import java.util.ResourceBundle; +import javax.swing.JFrame; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * + * @author Clemens Orthacker + */ +public class TrayMenuListener implements ActionListener { + + /** action commands for tray menu */ + public static final String SHUTDOWN_COMMAND = "shutdown"; + public static final String PIN_COMMAND = "pin"; + public static final String ABOUT_COMMAND = "about"; + + private static final Log log = LogFactory.getLog(TrayMenuListener.class); + + protected BKUControllerInterface bku; + protected ResourceBundle messages; + protected String version; + protected AboutDialog aboutDialog; + + public TrayMenuListener(BKUControllerInterface bkuHook, ResourceBundle messages, String version) { + this.messages = messages; + this.version = version; + this.bku = bkuHook; + } + + @Override + public void actionPerformed(ActionEvent e) { + if (SHUTDOWN_COMMAND.equals(e.getActionCommand())) { + log.debug("shutdown requested via tray menu"); + bku.shutDown(); + } else if (ABOUT_COMMAND.equals(e.getActionCommand())) { + log.debug("about dialog requested via tray menu"); + if (aboutDialog == null) { + aboutDialog = new AboutDialog(new JFrame(), true, version); + aboutDialog.addWindowListener(new WindowAdapter() { + @Override + public void windowClosing(java.awt.event.WindowEvent e) { + aboutDialog.setVisible(false); + } + }); + } + aboutDialog.setLocationByPlatform(true); + aboutDialog.setVisible(true); + } else if (PIN_COMMAND.equals(e.getActionCommand())) { + log.error("not implemented yet."); + } else { + log.error("unknown tray menu command: " + e.getActionCommand()); + } + } +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/BKUControllerInterface.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/BKUControllerInterface.java deleted file mode 100644 index fd9838f9..00000000 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/BKUControllerInterface.java +++ /dev/null @@ -1,23 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.webstart.ui; - -public interface BKUControllerInterface { - - public void shutDown(); - -} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java deleted file mode 100644 index fb7c40dd..00000000 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialog.java +++ /dev/null @@ -1,205 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.webstart.ui; - -import java.awt.AWTException; -import java.awt.Image; -import java.awt.MenuItem; -import java.awt.PopupMenu; -import java.awt.SystemTray; -import java.awt.TrayIcon; -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.io.IOException; -import java.lang.reflect.InvocationHandler; -import java.lang.reflect.Method; -import java.lang.reflect.Proxy; -import java.util.ResourceBundle; - -import javax.imageio.ImageIO; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -public class TrayIconDialog implements TrayIconDialogInterface { - public static final String TRAYICON_RESOURCE = "at/gv/egiz/bku/webstart/ui/trayicon_32.png"; - public static final String TRAYMENU_SHUTDOWN = "TrayMenu.Shutdown"; - public static final String TRAYMENU_TOOLTIP = "TrayMenu.Tooltip"; - - private static Log log = LogFactory.getLog(TrayIconDialog.class); - private static TrayIconDialogInterface instance; - private boolean isSupported; - private BKUControllerInterface shutDown; - private TrayIcon trayIcon = null; - private ResourceBundle resourceBundle = null; - - private TrayIconDialog() { - } - - private void displayTrayMsg(String captionID, String messageID, - TrayIcon.MessageType type) { - if ((isSupported) && (resourceBundle != null)) { - try { - trayIcon.displayMessage(resourceBundle.getString(captionID), - resourceBundle.getString(messageID), type); - } catch (Exception ex) { - log.error(ex); - } - } - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egiz.bku.local.ui.TrayIconDialogInterface#displayInfo(java.lang.String - * , java.lang.String) - */ - public void displayInfo(String captionID, String messageID) { - displayTrayMsg(captionID, messageID, TrayIcon.MessageType.INFO); - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egiz.bku.local.ui.TrayIconDialogInterface#displayWarning(java.lang - * .String, java.lang.String) - */ - public void displayWarning(String captionID, String messageID) { - displayTrayMsg(captionID, messageID, TrayIcon.MessageType.WARNING); - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egiz.bku.local.ui.TrayIconDialogInterface#displayError(java.lang. - * String, java.lang.String) - */ - public void displayError(String captionID, String messageID) { - displayTrayMsg(captionID, messageID, TrayIcon.MessageType.ERROR); - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egiz.bku.local.ui.TrayIconDialogInterface#init(java.util.ResourceBundle - * ) - */ - public void init(ResourceBundle resourceBundel) { - this.resourceBundle = resourceBundel; - isSupported = SystemTray.isSupported(); - log.info("Trayicon supported: " + isSupported); - try { - if (isSupported) { - SystemTray tray = SystemTray.getSystemTray(); - Image image = ImageIO.read(getClass().getClassLoader() - .getResourceAsStream(TRAYICON_RESOURCE)); - PopupMenu popup = new PopupMenu(); - MenuItem exitItem = new MenuItem(resourceBundel - .getString(TRAYMENU_SHUTDOWN)); - popup.add(exitItem); - exitItem.addActionListener(new ActionListener() { - public void actionPerformed(ActionEvent e) { - log.info("Calling Shutdown"); - if (shutDown != null) { - shutDown.shutDown(); - } - } - }); - - trayIcon = new TrayIcon(image, "BKULogo", popup); - trayIcon.setImageAutoSize(true); - trayIcon.setToolTip(resourceBundel.getString(TRAYMENU_TOOLTIP)); - try { - tray.add(trayIcon); - } catch (AWTException e) { - log.error("TrayIcon could not be added.", e); - isSupported = false; - } - } - } catch (IOException e) { - log.error(e); - } - } - - /* - * (non-Javadoc) - * - * @see - * at.gv.egiz.bku.local.ui.TrayIconDialogInterface#setShutdownHook(at.gv.egiz - * .bku.local.ui.BKUControllerInterface) - */ - public void setShutdownHook(BKUControllerInterface shutDown) { - this.shutDown = shutDown; - } - - @SuppressWarnings("unchecked") - public synchronized static TrayIconDialogInterface getInstance() { - ClassLoader cl = TrayIconDialog.class.getClassLoader(); - if (instance == null) { - if (cl.toString().equals(cl.getParent().toString())) { - instance = new TrayIconDialog(); - return instance; - } - ClassLoader parent = cl; - while (!parent.toString().equals(cl.getParent().toString())) { - parent = parent.getParent(); - } - try { - Class otherClassInstance = (Class) parent - .loadClass(TrayIconDialog.class.getName()); - Method getInstanceMethod = otherClassInstance.getDeclaredMethod( - "getInstance", new Class[] {}); - Object otherSingleton = getInstanceMethod.invoke(null, new Object[] {}); - instance = (TrayIconDialogInterface) Proxy.newProxyInstance(cl, - new Class[] { TrayIconDialogInterface.class }, - new PassThroughProxyHandler(otherSingleton)); - } catch (ClassNotFoundException ce) { - instance = new TrayIconDialog(); - } catch (Exception e) { - log.error(e); - instance = new TrayIconDialog(); - } - return instance; - } - return instance; - } - - /** - * - * Only works for public methods - * - */ - static class PassThroughProxyHandler implements InvocationHandler { - private final Object delegate; - - public PassThroughProxyHandler(Object delegate) { - this.delegate = delegate; - } - - public Object invoke(Object proxy, Method method, Object[] args) - throws Throwable { - Method delegateMethod = delegate.getClass().getMethod(method.getName(), - method.getParameterTypes()); - return delegateMethod.invoke(delegate, args); - } - } - -} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialogInterface.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialogInterface.java deleted file mode 100644 index 078844cb..00000000 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/ui/TrayIconDialogInterface.java +++ /dev/null @@ -1,33 +0,0 @@ -/* -* Copyright 2008 Federal Chancellery Austria and -* Graz University of Technology -* -* Licensed under the Apache License, Version 2.0 (the "License"); -* you may not use this file except in compliance with the License. -* You may obtain a copy of the License at -* -* http://www.apache.org/licenses/LICENSE-2.0 -* -* Unless required by applicable law or agreed to in writing, software -* distributed under the License is distributed on an "AS IS" BASIS, -* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -* See the License for the specific language governing permissions and -* limitations under the License. -*/ -package at.gv.egiz.bku.webstart.ui; - -import java.util.ResourceBundle; - -public interface TrayIconDialogInterface { - - public abstract void displayInfo(String captionID, String messageID); - - public abstract void displayWarning(String captionID, String messageID); - - public abstract void displayError(String captionID, String messageID); - - public abstract void init(ResourceBundle resourceBundel); - - public abstract void setShutdownHook(BKUControllerInterface shutDown); - -} \ No newline at end of file -- cgit v1.2.3 From 22001c93bca360d1b15c252cb22d2a4147ff350d Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 20 Aug 2009 16:24:55 +0000 Subject: [#430] Activation/PIN-management in MOCCA Web Start - new Modules: smccSTALExt, BKUGuiExt in order not to depend on BKUAppletExt in BKULocal - provide stal-request handler de-registration in abstractSMCCSTAL git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@448 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/webstart/Launcher.java | 104 ++++++++++++++++----- .../bku/webstart/gui/PINManagementInvoker.java | 71 ++++++++++++++ .../gv/egiz/bku/webstart/gui/TrayMenuListener.java | 75 --------------- 3 files changed, 153 insertions(+), 97 deletions(-) create mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java delete mode 100644 BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/TrayMenuListener.java (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java index 23d832a2..ca40ddc0 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java @@ -1,10 +1,10 @@ package at.gv.egiz.bku.webstart; +import at.gv.egiz.bku.webstart.gui.AboutDialog; import at.gv.egiz.bku.webstart.gui.BKUControllerInterface; -import at.gv.egiz.bku.webstart.gui.TrayMenuListener; +import at.gv.egiz.bku.webstart.gui.PINManagementInvoker; import iaik.asn1.CodingException; import java.io.IOException; -import java.net.URISyntaxException; import java.util.Locale; import java.util.ResourceBundle; @@ -21,8 +21,12 @@ import java.awt.PopupMenu; import java.awt.SplashScreen; import java.awt.SystemTray; import java.awt.TrayIcon; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.awt.event.WindowAdapter; import java.net.BindException; -import java.net.URI; +import java.net.HttpURLConnection; +import java.net.MalformedURLException; import java.net.URL; import java.security.GeneralSecurityException; import java.util.jar.Attributes; @@ -30,9 +34,10 @@ import java.util.jar.Manifest; import javax.imageio.ImageIO; import javax.jnlp.BasicService; import javax.jnlp.ServiceManager; +import javax.swing.JFrame; import org.mortbay.util.MultiException; -public class Launcher implements BKUControllerInterface { +public class Launcher implements BKUControllerInterface, ActionListener { public static final String WEBAPP_RESOURCE = "BKULocal.war"; public static final String CERTIFICATES_RESOURCE = "BKUCertificates.jar"; @@ -51,23 +56,37 @@ public class Launcher implements BKUControllerInterface { public static final String ERROR_START = "tray.error.start"; public static final String ERROR_CONFIG = "tray.error.config"; public static final String ERROR_BIND = "tray.error.bind"; + public static final String ERROR_PIN = "tray.error.pin.connect"; public static final String LABEL_SHUTDOWN = "tray.label.shutdown"; public static final String LABEL_PIN = "tray.label.pin"; public static final String LABEL_ABOUT = "tray.label.about"; public static final String TOOLTIP_DEFAULT = "tray.tooltip.default"; - - /** local bku uri */ - public static final URI HTTPS_SECURITY_LAYER_URI; + + /** action commands for tray menu */ + public static final String SHUTDOWN_COMMAND = "shutdown"; + public static final String PIN_COMMAND = "pin"; + public static final String ABOUT_COMMAND = "about"; + private static Log log = LogFactory.getLog(Launcher.class); + /** local bku uri */ + public static final URL HTTP_SECURITY_LAYER_URL; + public static final URL HTTPS_SECURITY_LAYER_URL; + public static final URL PIN_MANAGEMENT_URL; static { - URI tmp = null; + URL http = null; + URL https = null; + URL pin = null; try { - tmp = new URI("https://localhost:" + Integer.getInteger(Container.HTTPS_PORT_PROPERTY, 3496).intValue()); - } catch (URISyntaxException ex) { + http = new URL("http://localhost:" + Integer.getInteger(Container.HTTPS_PORT_PROPERTY, 3495).intValue()); + https = new URL("https://localhost:" + Integer.getInteger(Container.HTTPS_PORT_PROPERTY, 3496).intValue()); + pin = new URL(http, "/PINManagement"); + } catch (MalformedURLException ex) { log.error(ex); } finally { - HTTPS_SECURITY_LAYER_URI = tmp; + HTTP_SECURITY_LAYER_URL = http; + HTTPS_SECURITY_LAYER_URL = https; + PIN_MANAGEMENT_URL = pin; } } public static final String version; @@ -96,6 +115,8 @@ public class Launcher implements BKUControllerInterface { private BasicService basicService; private TrayIcon trayIcon; private ResourceBundle messages; + private AboutDialog aboutDialog; + public Launcher() { if (log.isTraceEnabled()) { @@ -144,7 +165,7 @@ public class Launcher implements BKUControllerInterface { } } - private TrayIcon initTrayIcon() { //ResourceBundle messages, BKUControllerInterface bkuHook) { + private TrayIcon initTrayIcon() { if (SystemTray.isSupported()) { try { // get the SystemTray instance @@ -155,21 +176,27 @@ public class Launcher implements BKUControllerInterface { : TRAYICON_RESOURCE + "32.png"; Image image = ImageIO.read(Launcher.class.getClassLoader().getResourceAsStream(iconResource)); - TrayMenuListener listener = new TrayMenuListener(this, messages, version); PopupMenu popup = new PopupMenu(); + MenuItem pinItem = new MenuItem(messages.getString(LABEL_PIN)); + pinItem.addActionListener(this); + pinItem.setActionCommand(PIN_COMMAND); + popup.add(pinItem); + MenuItem shutdownItem = new MenuItem(messages.getString(LABEL_SHUTDOWN)); - shutdownItem.addActionListener(listener); - shutdownItem.setActionCommand(TrayMenuListener.SHUTDOWN_COMMAND); + shutdownItem.addActionListener(this); + shutdownItem.setActionCommand(SHUTDOWN_COMMAND); popup.add(shutdownItem); + popup.addSeparator(); + MenuItem aboutItem = new MenuItem(messages.getString(LABEL_ABOUT)); - aboutItem.setActionCommand(TrayMenuListener.ABOUT_COMMAND); - aboutItem.addActionListener(listener); + aboutItem.setActionCommand(ABOUT_COMMAND); + aboutItem.addActionListener(this); popup.add(aboutItem); TrayIcon ti = new TrayIcon(image, messages.getString(TOOLTIP_DEFAULT), popup); - ti.addActionListener(listener); + ti.addActionListener(this); tray.add(ti); return ti; } catch (AWTException ex) { @@ -237,15 +264,15 @@ public class Launcher implements BKUControllerInterface { Desktop desktop = Desktop.getDesktop(); if (desktop.isSupported(Desktop.Action.BROWSE)) { try { - desktop.browse(HTTPS_SECURITY_LAYER_URI); + desktop.browse(HTTPS_SECURITY_LAYER_URL.toURI()); } catch (Exception ex) { - log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URI, ex); + log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URL, ex); } } else { - log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URI); + log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URL); } } else { - log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URI); + log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URL); } } log.info("BKU successfully started"); @@ -276,6 +303,39 @@ public class Launcher implements BKUControllerInterface { System.exit(0); } + /** + * Listen for TrayMenu actions (display error messages on trayIcon) + * @param e + */ + @Override + public void actionPerformed(ActionEvent e) { + if (SHUTDOWN_COMMAND.equals(e.getActionCommand())) { + log.debug("shutdown requested via tray menu"); + this.shutDown(); + } else if (ABOUT_COMMAND.equals(e.getActionCommand())) { + log.debug("about dialog requested via tray menu"); + if (aboutDialog == null) { + aboutDialog = new AboutDialog(new JFrame(), true, version); + aboutDialog.addWindowListener(new WindowAdapter() { + + @Override + public void windowClosing(java.awt.event.WindowEvent e) { + aboutDialog.setVisible(false); + } + }); + } + aboutDialog.setLocationByPlatform(true); + aboutDialog.setVisible(true); + } else if (PIN_COMMAND.equals(e.getActionCommand())) { + log.debug("pin management dialog requested via tray menu"); + + new Thread(new PINManagementInvoker(trayIcon, messages)).start(); + + } else { + log.error("unknown tray menu command: " + e.getActionCommand()); + } + } + public static void main(String[] args) throws InterruptedException, IOException { try { Launcher launcher = new Launcher(); diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java new file mode 100644 index 00000000..55e26313 --- /dev/null +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java @@ -0,0 +1,71 @@ +/* + * Copyright 2008 Federal Chancellery Austria and + * Graz University of Technology + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package at.gv.egiz.bku.webstart.gui; + +import at.gv.egiz.bku.webstart.Launcher; +import java.awt.TrayIcon; +import java.io.IOException; +import java.net.HttpURLConnection; +import java.util.ResourceBundle; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + * GUI is painted using SwingUtilities.invokeLater, but TrayIcon ActionListener Thread (== webstart thread) joined Jetty Thread + * + * @author Clemens Orthacker + */ +public class PINManagementInvoker implements Runnable { + + private static final Log log = LogFactory.getLog(PINManagementInvoker.class); + + TrayIcon trayIcon; + ResourceBundle messages; + + public PINManagementInvoker(TrayIcon trayIcon, ResourceBundle messages) { + this.trayIcon = trayIcon; + this.messages = messages; + } + + @Override + public void run() { + HttpURLConnection connection = null; + try { + log.debug("Connecting to: " + Launcher.PIN_MANAGEMENT_URL); + + connection = (HttpURLConnection) Launcher.PIN_MANAGEMENT_URL.openConnection(); + + connection.setRequestMethod("GET"); + connection.setReadTimeout(0); + connection.connect(); + + if (connection.getResponseCode() == HttpURLConnection.HTTP_OK) { + log.debug("pin management dialog returned"); + } else { + log.error("unexpected response from pin management: " + connection.getResponseMessage()); + } + } catch (IOException ex) { + log.error("Failed to connect to PIN Management", ex); + trayIcon.displayMessage(messages.getString(Launcher.CAPTION_ERROR), + messages.getString(Launcher.ERROR_PIN), TrayIcon.MessageType.ERROR); + } finally { + if (connection != null) { + connection.disconnect(); + } + } + } +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/TrayMenuListener.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/TrayMenuListener.java deleted file mode 100644 index 1e5efe8e..00000000 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/TrayMenuListener.java +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package at.gv.egiz.bku.webstart.gui; - -import java.awt.event.ActionEvent; -import java.awt.event.ActionListener; -import java.awt.event.WindowAdapter; -import java.util.ResourceBundle; -import javax.swing.JFrame; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -/** - * - * @author Clemens Orthacker - */ -public class TrayMenuListener implements ActionListener { - - /** action commands for tray menu */ - public static final String SHUTDOWN_COMMAND = "shutdown"; - public static final String PIN_COMMAND = "pin"; - public static final String ABOUT_COMMAND = "about"; - - private static final Log log = LogFactory.getLog(TrayMenuListener.class); - - protected BKUControllerInterface bku; - protected ResourceBundle messages; - protected String version; - protected AboutDialog aboutDialog; - - public TrayMenuListener(BKUControllerInterface bkuHook, ResourceBundle messages, String version) { - this.messages = messages; - this.version = version; - this.bku = bkuHook; - } - - @Override - public void actionPerformed(ActionEvent e) { - if (SHUTDOWN_COMMAND.equals(e.getActionCommand())) { - log.debug("shutdown requested via tray menu"); - bku.shutDown(); - } else if (ABOUT_COMMAND.equals(e.getActionCommand())) { - log.debug("about dialog requested via tray menu"); - if (aboutDialog == null) { - aboutDialog = new AboutDialog(new JFrame(), true, version); - aboutDialog.addWindowListener(new WindowAdapter() { - @Override - public void windowClosing(java.awt.event.WindowEvent e) { - aboutDialog.setVisible(false); - } - }); - } - aboutDialog.setLocationByPlatform(true); - aboutDialog.setVisible(true); - } else if (PIN_COMMAND.equals(e.getActionCommand())) { - log.error("not implemented yet."); - } else { - log.error("unknown tray menu command: " + e.getActionCommand()); - } - } -} -- cgit v1.2.3 From 65f25f58df0df1d8a90625f3944155235a9d20be Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 20 Aug 2009 16:33:43 +0000 Subject: 24x24 icon for webstart 16x16 tray icon git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@449 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/webstart/Launcher.java | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java index ca40ddc0..d216fdc4 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java @@ -171,9 +171,15 @@ public class Launcher implements BKUControllerInterface, ActionListener { // get the SystemTray instance SystemTray tray = SystemTray.getSystemTray(); log.debug("TrayIcon size: " + tray.getTrayIconSize()); - String iconResource = (tray.getTrayIconSize().height < 25) - ? TRAYICON_RESOURCE + "24.png" - : TRAYICON_RESOURCE + "32.png"; + + String iconResource; + if (tray.getTrayIconSize().height < 17) { + iconResource = TRAYICON_RESOURCE + "16.png"; + } else if (tray.getTrayIconSize().height < 25) { + iconResource = TRAYICON_RESOURCE + "24.png"; + } else { + iconResource = TRAYICON_RESOURCE + "32.png"; + } Image image = ImageIO.read(Launcher.class.getClassLoader().getResourceAsStream(iconResource)); PopupMenu popup = new PopupMenu(); -- cgit v1.2.3 From 84eee5daccfebb3fad94eae986c46748c4cfc3f6 Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 21 Aug 2009 16:03:40 +0000 Subject: icons 2.0 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@465 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../src/main/java/at/gv/egiz/bku/webstart/Launcher.java | 10 +++++++--- .../src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.form | 6 +++--- .../src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java | 6 +++--- 3 files changed, 13 insertions(+), 9 deletions(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java index d216fdc4..0cfc14e5 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java @@ -42,8 +42,9 @@ public class Launcher implements BKUControllerInterface, ActionListener { public static final String WEBAPP_RESOURCE = "BKULocal.war"; public static final String CERTIFICATES_RESOURCE = "BKUCertificates.jar"; public static final String WEBAPP_FILE = "BKULocal.war"; + /** no leading slash for messages, but for image */ public static final String MESSAGES_RESOURCE = "at/gv/egiz/bku/webstart/messages"; - public static final String TRAYICON_RESOURCE = "at/gv/egiz/bku/webstart/logo_"; + public static final String TRAYICON_RESOURCE = "/at/gv/egiz/bku/webstart/chip"; /** resource bundle messages */ public static final String CAPTION_DEFAULT = "tray.caption.default"; public static final String CAPTION_ERROR = "tray.caption.error"; @@ -177,10 +178,12 @@ public class Launcher implements BKUControllerInterface, ActionListener { iconResource = TRAYICON_RESOURCE + "16.png"; } else if (tray.getTrayIconSize().height < 25) { iconResource = TRAYICON_RESOURCE + "24.png"; - } else { + } else if (tray.getTrayIconSize().height < 33) { iconResource = TRAYICON_RESOURCE + "32.png"; + } else { + iconResource = TRAYICON_RESOURCE + "48.png"; } - Image image = ImageIO.read(Launcher.class.getClassLoader().getResourceAsStream(iconResource)); + Image image = ImageIO.read(getClass().getResourceAsStream(iconResource)); PopupMenu popup = new PopupMenu(); @@ -347,6 +350,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { Launcher launcher = new Launcher(); launcher.launch(); } catch (Exception ex) { + log.debug(ex); log.info("waiting to shutdown..."); Thread.sleep(5000); log.info("exit"); diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.form b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.form index c1cfdab7..548893a7 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.form +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.form @@ -40,7 +40,7 @@ - + @@ -80,7 +80,7 @@ - + @@ -106,7 +106,7 @@ - + diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java index efa80bd6..1e35af58 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java @@ -48,7 +48,7 @@ public class AboutDialog extends javax.swing.JDialog { java.util.ResourceBundle bundle = java.util.ResourceBundle.getBundle("at/gv/egiz/bku/webstart/messages"); // NOI18N setTitle(bundle.getString("about.frame.title")); // NOI18N - jLabel1.setIcon(new javax.swing.ImageIcon(getClass().getResource("/at/gv/egiz/bku/webstart/logo_notext.png"))); // NOI18N + jLabel1.setIcon(new javax.swing.ImageIcon(getClass().getResource("/at/gv/egiz/bku/webstart/chiperling96.png"))); // NOI18N jLabel2.setText(getVersionText(bundle)); @@ -88,7 +88,7 @@ public class AboutDialog extends javax.swing.JDialog { jPanel3Layout.setHorizontalGroup( jPanel3Layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING) .addGroup(javax.swing.GroupLayout.Alignment.TRAILING, jPanel3Layout.createSequentialGroup() - .addContainerGap(157, Short.MAX_VALUE) + .addContainerGap(163, Short.MAX_VALUE) .addComponent(jButton1) .addContainerGap()) ); @@ -116,7 +116,7 @@ public class AboutDialog extends javax.swing.JDialog { .addGroup(layout.createSequentialGroup() .addContainerGap() .addComponent(jPanel1, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) - .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, 12, Short.MAX_VALUE) + .addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE) .addComponent(jPanel3, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE) .addContainerGap()) ); -- cgit v1.2.3 From 145003155c05e915b900989a27cef1271398164b Mon Sep 17 00:00:00 2001 From: clemenso Date: Wed, 26 Aug 2009 17:31:32 +0000 Subject: MOCCA TLS Server CA cert installation servlet removed help.jsp (and jsp dependencies in jetty) moved html pages to src/main/webapp (encoding problem?) switch to BASIC download protocol in BKUWebStart (no jnlpDownloadServlet required, see template.xml) git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@474 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/webstart/Configurator.java | 2 +- .../java/at/gv/egiz/bku/webstart/Container.java | 210 +++++++++++++-------- .../java/at/gv/egiz/bku/webstart/Launcher.java | 7 +- .../java/at/gv/egiz/bku/webstart/TLSServerCA.java | 3 +- 4 files changed, 137 insertions(+), 85 deletions(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java index bef2246b..923a70d9 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java @@ -56,7 +56,7 @@ public class Configurator { * configurations with less than this (major) version will be backuped and updated * allowed: MAJOR[.MINOR[.X[-SNAPSHOT]]] */ - public static final String MIN_CONFIG_VERSION = "1.0.9"; + public static final String MIN_CONFIG_VERSION = "1.2.4-SNAPSHOT"; public static final String CONFIG_DIR = ".mocca/conf/"; public static final String CERTS_DIR = ".mocca/certs/"; public static final String VERSION_FILE = ".version"; diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java index 08a0808a..3bf74d3c 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -2,9 +2,11 @@ package at.gv.egiz.bku.webstart; import at.gv.egiz.bku.utils.StreamUtil; import java.awt.AWTPermission; +import java.io.BufferedInputStream; import java.io.BufferedOutputStream; import java.io.BufferedReader; import java.io.File; +import java.io.FileInputStream; import java.io.FileNotFoundException; import java.io.FileOutputStream; import java.io.FilePermission; @@ -15,8 +17,12 @@ import java.io.OutputStream; import java.lang.reflect.ReflectPermission; import java.net.NetPermission; import java.net.SocketPermission; +import java.security.AllPermission; +import java.security.KeyStore; import java.security.Permissions; import java.security.SecurityPermission; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; import java.util.PropertyPermission; import javax.smartcardio.CardPermission; import org.apache.commons.logging.Log; @@ -32,8 +38,9 @@ public class Container { public static final String HTTP_PORT_PROPERTY = "mocca.http.port"; public static final String HTTPS_PORT_PROPERTY = "mocca.http.port"; - + public static final String SERVER_CA_CERTIFICATE_ATTRIBUTE = "mocca.tls.server.ca.certificate"; private static Log log = LogFactory.getLog(Container.class); + static { if (log.isDebugEnabled()) { //Jetty log INFO and WARN, include ignored exceptions @@ -43,7 +50,6 @@ public class Container { //System.setProperty("DEBUG", "true"); } } - private Server server; public void init() throws IOException { @@ -75,63 +81,98 @@ public class Container { } log.debug("loading MOCCA keystore from " + keystoreFile.getAbsolutePath()); sslConnector.setKeystore(keystoreFile.getAbsolutePath()); - File passwdFile = new File(configDir, Configurator.PASSWD_FILE); - BufferedReader reader = new BufferedReader(new FileReader(passwdFile)); - String pwd; - while ((pwd = reader.readLine()) != null) { - sslConnector.setPassword(pwd); - sslConnector.setKeyPassword(pwd); - } - reader.close(); - + String passwd = readPassword(new File(configDir, Configurator.PASSWD_FILE)); + sslConnector.setPassword(passwd); + sslConnector.setKeyPassword(passwd); + //avoid jetty's ClassCastException: iaik.security.ecc.ecdsa.ECPublicKey cannot be cast to java.security.interfaces.ECPublicKey - String[] RFC4492CipherSuites = new String[] { + String[] RFC4492CipherSuites = new String[]{ "TLS_ECDH_ECDSA_WITH_NULL_SHA", - "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", - "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", - "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", - "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", - - "TLS_ECDHE_ECDSA_WITH_NULL_SHA", - "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", - "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", - "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", - "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", - - "TLS_ECDH_RSA_WITH_NULL_SHA", - "TLS_ECDH_RSA_WITH_RC4_128_SHA", - "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", - "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", - "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", - - "TLS_ECDHE_RSA_WITH_NULL_SHA", - "TLS_ECDHE_RSA_WITH_RC4_128_SHA", - "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", - "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", - "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", - - "TLS_ECDH_anon_WITH_NULL_SHA", - "TLS_ECDH_anon_WITH_RC4_128_SHA", - "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", - "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", - "TLS_ECDH_anon_WITH_AES_256_CBC_SHA" + "TLS_ECDH_ECDSA_WITH_RC4_128_SHA", + "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA", + "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", + "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", + "TLS_ECDHE_ECDSA_WITH_NULL_SHA", + "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA", + "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA", + "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", + "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", + "TLS_ECDH_RSA_WITH_NULL_SHA", + "TLS_ECDH_RSA_WITH_RC4_128_SHA", + "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA", + "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", + "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", + "TLS_ECDHE_RSA_WITH_NULL_SHA", + "TLS_ECDHE_RSA_WITH_RC4_128_SHA", + "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA", + "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", + "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", + "TLS_ECDH_anon_WITH_NULL_SHA", + "TLS_ECDH_anon_WITH_RC4_128_SHA", + "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA", + "TLS_ECDH_anon_WITH_AES_128_CBC_SHA", + "TLS_ECDH_anon_WITH_AES_256_CBC_SHA" }; sslConnector.setExcludeCipherSuites(RFC4492CipherSuites); - server.setConnectors(new Connector[] { connector, sslConnector }); - + server.setConnectors(new Connector[]{connector, sslConnector}); + WebAppContext webapp = new WebAppContext(); webapp.setLogUrlOnStart(true); webapp.setContextPath("/"); - webapp.setExtractWAR(true); + webapp.setExtractWAR(true); webapp.setParentLoaderPriority(false); + try { + // no way to get certificate from within the servlet (SSLEngine/Jetty SSLSocketConnector/SSLContext?) + if (log.isTraceEnabled()) { + log.trace("local ca certificate from " + keystoreFile + " in webapp context at " + SERVER_CA_CERTIFICATE_ATTRIBUTE); + } + BufferedInputStream bis = new BufferedInputStream(new FileInputStream(keystoreFile)); + KeyStore sslKeyStore = KeyStore.getInstance("JKS"); + sslKeyStore.load(bis, passwd.toCharArray()); + Certificate[] sslChain = sslKeyStore.getCertificateChain(TLSServerCA.MOCCA_TLS_SERVER_ALIAS); + webapp.setAttribute(SERVER_CA_CERTIFICATE_ATTRIBUTE, sslChain[sslChain.length - 1]); + bis.close(); + } catch (Exception ex) { + log.error("Failed to load local ca certificate", ex); + log.warn("automated web certificate installation will not be available"); + } + webapp.setWar(copyWebapp(webapp.getTempDirectory())); webapp.setPermissions(getPermissions(webapp.getTempDirectory())); - + server.setHandler(webapp); - server.setGracefulShutdown(1000*3); + server.setGracefulShutdown(1000 * 3); + } + + /** + * @return The first valid (not empty, no comment) line of the passwd file + * @throws IOException + */ + protected static String readPassword(File passwdFile) throws IOException { + if (passwdFile.exists() && passwdFile.canRead()) { + BufferedReader passwdReader = null; + try { + passwdReader = new BufferedReader(new FileReader(passwdFile)); + String passwd; + while ((passwd = passwdReader.readLine().trim()) != null) { + if (passwd.length() > 0 && !passwd.startsWith("#")) { + return passwd; + } + } + } catch (IOException ex) { + log.error("failed to read password from " + passwdFile, ex); + throw ex; + } finally { + try { + passwdReader.close(); + } catch (IOException ex) { + } + } + } + throw new IOException(passwdFile + " not readable"); } private String copyWebapp(File webappDir) throws IOException { @@ -146,43 +187,48 @@ public class Container { private Permissions getPermissions(File webappDir) { Permissions perms = new Permissions(); + perms.add(new AllPermission()); + + + if (false) { + + // jetty-webstart (spring?) + perms.add(new RuntimePermission("getClassLoader")); + + // standard permissions + perms.add(new PropertyPermission("*", "read,write")); + perms.add(new RuntimePermission("accessDeclaredMembers")); + perms.add(new RuntimePermission("accessClassInPackage.*")); + perms.add(new RuntimePermission("defineClassInPackage.*")); + perms.add(new RuntimePermission("setFactory")); + perms.add(new RuntimePermission("getProtectionDomain")); + perms.add(new RuntimePermission("modifyThread")); + perms.add(new RuntimePermission("modifyThreadGroup")); + perms.add(new RuntimePermission("setFactory")); + perms.add(new ReflectPermission("suppressAccessChecks")); + + // MOCCA specific + perms.add(new SocketPermission("*", "connect,resolve")); + perms.add(new NetPermission("specifyStreamHandler")); + perms.add(new SecurityPermission("insertProvider.*")); + perms.add(new SecurityPermission("putProviderProperty.*")); + perms.add(new SecurityPermission("removeProvider.*")); + perms.add(new CardPermission("*", "*")); + perms.add(new AWTPermission("*")); + + perms.add(new FilePermission(webappDir.getAbsolutePath() + "/-", "read")); + perms.add(new FilePermission(new File(System.getProperty("java.home") + "/lib/xalan.properties").getAbsolutePath(), "read")); + perms.add(new FilePermission(new File(System.getProperty("java.home") + "/lib/xerces.properties").getAbsolutePath(), "read")); + perms.add(new FilePermission(new File(System.getProperty("user.home")).getAbsolutePath(), "read, write")); + perms.add(new FilePermission(new File(System.getProperty("user.home") + "/-").getAbsolutePath(), "read, write")); + perms.add(new FilePermission(new File(System.getProperty("user.home") + "/.mocca/logs/*").getAbsolutePath(), "read, write,delete")); + perms.add(new FilePermission(new File(System.getProperty("user.home") + "/.mocca/certs/-").getAbsolutePath(), "read, write,delete")); + + //TODO +// log.trace("granting file read/write permission to MOCCA local"); +// perms.add(new FilePermission("<>", "read, write")); - // jetty-webstart (spring?) - perms.add(new RuntimePermission("getClassLoader")); - - // standard permissions - perms.add(new PropertyPermission("*", "read,write")); - perms.add(new RuntimePermission("accessDeclaredMembers")); - perms.add(new RuntimePermission("accessClassInPackage.*")); - perms.add(new RuntimePermission("defineClassInPackage.*")); - perms.add(new RuntimePermission("setFactory")); - perms.add(new RuntimePermission("getProtectionDomain")); - perms.add(new RuntimePermission("modifyThread")); - perms.add(new RuntimePermission("modifyThreadGroup")); - perms.add(new RuntimePermission("setFactory")); - perms.add(new ReflectPermission("suppressAccessChecks")); - - // MOCCA specific - perms.add(new SocketPermission("*", "connect,resolve")); - perms.add(new NetPermission("specifyStreamHandler")); - perms.add(new SecurityPermission("insertProvider.*")); - perms.add(new SecurityPermission("putProviderProperty.*")); - perms.add(new SecurityPermission("removeProvider.*")); - perms.add(new CardPermission("*", "*")); - perms.add(new AWTPermission("*")); - - perms.add(new FilePermission(webappDir.getAbsolutePath() + "/-", "read")); - perms.add(new FilePermission(new File(System.getProperty("java.home") + "/lib/xalan.properties").getAbsolutePath(), "read")); - perms.add(new FilePermission(new File(System.getProperty("java.home") + "/lib/xerces.properties").getAbsolutePath(), "read")); - perms.add(new FilePermission(new File(System.getProperty("user.home")).getAbsolutePath(), "read, write")); - perms.add(new FilePermission(new File(System.getProperty("user.home") + "/-").getAbsolutePath(), "read, write")); - perms.add(new FilePermission(new File(System.getProperty("user.home") + "/.mocca/logs/*").getAbsolutePath(), "read, write,delete")); - perms.add(new FilePermission(new File(System.getProperty("user.home") + "/.mocca/certs/-").getAbsolutePath(), "read, write,delete")); - - //TODO - log.trace("granting file read/write permission to MOCCA local"); - perms.add(new FilePermission("<>", "read, write")); - + } return perms; } @@ -205,4 +251,4 @@ public class Container { public void join() throws InterruptedException { server.join(); } -} \ No newline at end of file +} diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java index 0cfc14e5..0106de62 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java @@ -27,6 +27,7 @@ import java.awt.event.WindowAdapter; import java.net.BindException; import java.net.HttpURLConnection; import java.net.MalformedURLException; +import java.net.URI; import java.net.URL; import java.security.GeneralSecurityException; import java.util.jar.Attributes; @@ -73,21 +74,25 @@ public class Launcher implements BKUControllerInterface, ActionListener { /** local bku uri */ public static final URL HTTP_SECURITY_LAYER_URL; public static final URL HTTPS_SECURITY_LAYER_URL; + public static final URL INSTALL_CERT_URL; public static final URL PIN_MANAGEMENT_URL; static { URL http = null; URL https = null; URL pin = null; + URL cert = null; try { http = new URL("http://localhost:" + Integer.getInteger(Container.HTTPS_PORT_PROPERTY, 3495).intValue()); https = new URL("https://localhost:" + Integer.getInteger(Container.HTTPS_PORT_PROPERTY, 3496).intValue()); pin = new URL(http, "/PINManagement"); + cert = new URL(http, "/installCertificate"); } catch (MalformedURLException ex) { log.error(ex); } finally { HTTP_SECURITY_LAYER_URL = http; HTTPS_SECURITY_LAYER_URL = https; PIN_MANAGEMENT_URL = pin; + INSTALL_CERT_URL = cert; } } public static final String version; @@ -273,7 +278,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { Desktop desktop = Desktop.getDesktop(); if (desktop.isSupported(Desktop.Action.BROWSE)) { try { - desktop.browse(HTTPS_SECURITY_LAYER_URL.toURI()); + desktop.browse(HTTP_SECURITY_LAYER_URL.toURI()); } catch (Exception ex) { log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URL, ex); } diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java index 97ca716b..fd94958e 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java @@ -32,6 +32,7 @@ import org.apache.commons.logging.LogFactory; public class TLSServerCA { public static final int CA_VALIDITY_Y = 3; + public static final String MOCCA_TLS_SERVER_ALIAS = "server"; public static final int SERVER_VALIDITY_Y = 3; private final static Log log = LogFactory.getLog(TLSServerCA.class); @@ -127,7 +128,7 @@ public class TLSServerCA { generateServerCert(); KeyStore ks = KeyStore.getInstance("JKS"); ks.load(null, null); - ks.setKeyEntry("server", serverKeyPair.getPrivate(), password, new X509Certificate[]{serverCert, caCert}); + ks.setKeyEntry(MOCCA_TLS_SERVER_ALIAS, serverKeyPair.getPrivate(), password, new X509Certificate[]{serverCert, caCert}); return ks; // } catch (Exception e) { // log.error("Cannot generate certificate", e); -- cgit v1.2.3 From 234cc16c3ebee52e7b3b76219b94d6ee644d5775 Mon Sep 17 00:00:00 2001 From: clemenso Date: Thu, 27 Aug 2009 16:00:46 +0000 Subject: added HELP tray item added INSTALL CA CERT help page WebStart: shortcut online=true git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@476 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/webstart/Launcher.java | 56 ++++++++++++++++------ 1 file changed, 41 insertions(+), 15 deletions(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java index 0106de62..8cc9817f 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java @@ -5,9 +5,12 @@ import at.gv.egiz.bku.webstart.gui.BKUControllerInterface; import at.gv.egiz.bku.webstart.gui.PINManagementInvoker; import iaik.asn1.CodingException; import java.io.IOException; +import java.net.URISyntaxException; import java.util.Locale; import java.util.ResourceBundle; +import java.util.logging.Level; +import java.util.logging.Logger; import javax.jnlp.UnavailableServiceException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -30,6 +33,7 @@ import java.net.MalformedURLException; import java.net.URI; import java.net.URL; import java.security.GeneralSecurityException; +import java.text.MessageFormat; import java.util.jar.Attributes; import java.util.jar.Manifest; import javax.imageio.ImageIO; @@ -39,6 +43,7 @@ import javax.swing.JFrame; import org.mortbay.util.MultiException; public class Launcher implements BKUControllerInterface, ActionListener { + public static final String HELP_COMMAND = "help"; public static final String WEBAPP_RESOURCE = "BKULocal.war"; public static final String CERTIFICATES_RESOURCE = "BKUCertificates.jar"; @@ -59,8 +64,10 @@ public class Launcher implements BKUControllerInterface, ActionListener { public static final String ERROR_CONFIG = "tray.error.config"; public static final String ERROR_BIND = "tray.error.bind"; public static final String ERROR_PIN = "tray.error.pin.connect"; + public static final String ERROR_OPEN_URL = "tray.error.open.url"; public static final String LABEL_SHUTDOWN = "tray.label.shutdown"; public static final String LABEL_PIN = "tray.label.pin"; + public static final String LABEL_HELP = "tray.label.help"; public static final String LABEL_ABOUT = "tray.label.about"; public static final String TOOLTIP_DEFAULT = "tray.tooltip.default"; @@ -76,16 +83,19 @@ public class Launcher implements BKUControllerInterface, ActionListener { public static final URL HTTPS_SECURITY_LAYER_URL; public static final URL INSTALL_CERT_URL; public static final URL PIN_MANAGEMENT_URL; + public static final URL HELP_URL; static { URL http = null; URL https = null; URL pin = null; URL cert = null; + URL help = null; try { http = new URL("http://localhost:" + Integer.getInteger(Container.HTTPS_PORT_PROPERTY, 3495).intValue()); https = new URL("https://localhost:" + Integer.getInteger(Container.HTTPS_PORT_PROPERTY, 3496).intValue()); pin = new URL(http, "/PINManagement"); cert = new URL(http, "/installCertificate"); + help = new URL(http, "/help"); } catch (MalformedURLException ex) { log.error(ex); } finally { @@ -93,6 +103,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { HTTPS_SECURITY_LAYER_URL = https; PIN_MANAGEMENT_URL = pin; INSTALL_CERT_URL = cert; + HELP_URL = help; } } public static final String version; @@ -170,6 +181,18 @@ public class Launcher implements BKUControllerInterface, ActionListener { throw ex; } } + + private void browse(URL url) throws IOException, URISyntaxException { + // don't use basicService.showDocument(), which causes a java ssl warning dialog + if (Desktop.isDesktopSupported()) { + Desktop desktop = Desktop.getDesktop(); + if (desktop.isSupported(Desktop.Action.BROWSE)) { + desktop.browse(url.toURI()); + return; + } + } + throw new IOException("current platform does not support Java Desktop API"); + } private TrayIcon initTrayIcon() { if (SystemTray.isSupported()) { @@ -192,6 +215,11 @@ public class Launcher implements BKUControllerInterface, ActionListener { PopupMenu popup = new PopupMenu(); + MenuItem helpItem = new MenuItem(messages.getString(LABEL_HELP)); + helpItem.addActionListener(this); + helpItem.setActionCommand(HELP_COMMAND); + popup.add(helpItem); + MenuItem pinItem = new MenuItem(messages.getString(LABEL_PIN)); pinItem.addActionListener(this); pinItem.setActionCommand(PIN_COMMAND); @@ -273,20 +301,10 @@ public class Launcher implements BKUControllerInterface, ActionListener { } } if (config.isCertRenewed()) { - // don't use basicService.showDocument(), which causes a java ssl warning dialog - if (Desktop.isDesktopSupported()) { - Desktop desktop = Desktop.getDesktop(); - if (desktop.isSupported(Desktop.Action.BROWSE)) { - try { - desktop.browse(HTTP_SECURITY_LAYER_URL.toURI()); - } catch (Exception ex) { - log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URL, ex); - } - } else { - log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URL); - } - } else { - log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URL); + try { + browse(HTTP_SECURITY_LAYER_URL); + } catch (Exception ex) { + log.error("failed to open system browser, install TLS certificate manually: " + HTTPS_SECURITY_LAYER_URL, ex); } } log.info("BKU successfully started"); @@ -344,7 +362,15 @@ public class Launcher implements BKUControllerInterface, ActionListener { log.debug("pin management dialog requested via tray menu"); new Thread(new PINManagementInvoker(trayIcon, messages)).start(); - + } else if (HELP_COMMAND.equals(e.getActionCommand())) { + log.debug("help page requested via tray menu"); + try { + browse(HELP_URL); + } catch (Exception ex) { + log.error("Failed to open " + HELP_URL, ex); + String msg = MessageFormat.format(messages.getString(ERROR_OPEN_URL), HELP_URL); + trayIcon.displayMessage(messages.getString(CAPTION_ERROR), msg, TrayIcon.MessageType.ERROR); + } } else { log.error("unknown tray menu command: " + e.getActionCommand()); } -- cgit v1.2.3 From dd04951a76fc6406755a94ecf547c0797f062fa2 Mon Sep 17 00:00:00 2001 From: clemenso Date: Fri, 28 Aug 2009 17:53:01 +0000 Subject: replace installCertificate servlet with der encoded crt file in webapp/ moved local-webstart profile to BKUWebStart (jnlp-inline goal) help note for internet explorer on visat/7 git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@482 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/webstart/Container.java | 47 +++++++++++++--------- .../java/at/gv/egiz/bku/webstart/Launcher.java | 6 +-- .../java/at/gv/egiz/bku/webstart/TLSServerCA.java | 10 +++-- 3 files changed, 37 insertions(+), 26 deletions(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java index 3bf74d3c..2feae267 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -22,7 +22,6 @@ import java.security.KeyStore; import java.security.Permissions; import java.security.SecurityPermission; import java.security.cert.Certificate; -import java.security.cert.CertificateException; import java.util.PropertyPermission; import javax.smartcardio.CardPermission; import org.apache.commons.logging.Log; @@ -38,7 +37,6 @@ public class Container { public static final String HTTP_PORT_PROPERTY = "mocca.http.port"; public static final String HTTPS_PORT_PROPERTY = "mocca.http.port"; - public static final String SERVER_CA_CERTIFICATE_ATTRIBUTE = "mocca.tls.server.ca.certificate"; private static Log log = LogFactory.getLog(Container.class); static { @@ -51,6 +49,8 @@ public class Container { } } private Server server; + private WebAppContext webapp; + private Certificate caCertificate; public void init() throws IOException { // System.setProperty("DEBUG", "true"); @@ -118,33 +118,19 @@ public class Container { server.setConnectors(new Connector[]{connector, sslConnector}); - WebAppContext webapp = new WebAppContext(); + webapp = new WebAppContext(); webapp.setLogUrlOnStart(true); webapp.setContextPath("/"); webapp.setExtractWAR(true); webapp.setParentLoaderPriority(false); - try { - // no way to get certificate from within the servlet (SSLEngine/Jetty SSLSocketConnector/SSLContext?) - if (log.isTraceEnabled()) { - log.trace("local ca certificate from " + keystoreFile + " in webapp context at " + SERVER_CA_CERTIFICATE_ATTRIBUTE); - } - BufferedInputStream bis = new BufferedInputStream(new FileInputStream(keystoreFile)); - KeyStore sslKeyStore = KeyStore.getInstance("JKS"); - sslKeyStore.load(bis, passwd.toCharArray()); - Certificate[] sslChain = sslKeyStore.getCertificateChain(TLSServerCA.MOCCA_TLS_SERVER_ALIAS); - webapp.setAttribute(SERVER_CA_CERTIFICATE_ATTRIBUTE, sslChain[sslChain.length - 1]); - bis.close(); - } catch (Exception ex) { - log.error("Failed to load local ca certificate", ex); - log.warn("automated web certificate installation will not be available"); - } - webapp.setWar(copyWebapp(webapp.getTempDirectory())); webapp.setPermissions(getPermissions(webapp.getTempDirectory())); server.setHandler(webapp); server.setGracefulShutdown(1000 * 3); + + loadCACertificate(keystoreFile, passwd.toCharArray()); } /** @@ -234,6 +220,12 @@ public class Container { public void start() throws Exception { server.start(); + // webapp.getBaseResource() + File caCertFile = new File(webapp.getTempDirectory(), "webapp/ca.crt"); + BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(caCertFile)); + bos.write(caCertificate.getEncoded()); + bos.flush(); + bos.close(); } public boolean isRunning() { @@ -251,4 +243,21 @@ public class Container { public void join() throws InterruptedException { server.join(); } + + private void loadCACertificate(File keystoreFile, char[] passwd) { + try { + if (log.isTraceEnabled()) { + log.trace("local ca certificate from " + keystoreFile); + } + BufferedInputStream bis = new BufferedInputStream(new FileInputStream(keystoreFile)); + KeyStore sslKeyStore = KeyStore.getInstance("JKS"); + sslKeyStore.load(bis, passwd); + Certificate[] sslChain = sslKeyStore.getCertificateChain(TLSServerCA.MOCCA_TLS_SERVER_ALIAS); + caCertificate = sslChain[sslChain.length - 1]; + bis.close(); + } catch (Exception ex) { + log.error("Failed to load local ca certificate", ex); + log.warn("automated web certificate installation will not be available"); + } + } } diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java index 8cc9817f..2bf42ccb 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java @@ -9,8 +9,6 @@ import java.net.URISyntaxException; import java.util.Locale; import java.util.ResourceBundle; -import java.util.logging.Level; -import java.util.logging.Logger; import javax.jnlp.UnavailableServiceException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -28,9 +26,7 @@ import java.awt.event.ActionEvent; import java.awt.event.ActionListener; import java.awt.event.WindowAdapter; import java.net.BindException; -import java.net.HttpURLConnection; import java.net.MalformedURLException; -import java.net.URI; import java.net.URL; import java.security.GeneralSecurityException; import java.text.MessageFormat; @@ -175,6 +171,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { } throw ex; } catch (Exception ex) { + ex.printStackTrace(); log.fatal("Failed to launch server, " + ex.getMessage(), ex); trayIcon.displayMessage(messages.getString(CAPTION_ERROR), messages.getString(ERROR_START), TrayIcon.MessageType.ERROR); @@ -381,6 +378,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { Launcher launcher = new Launcher(); launcher.launch(); } catch (Exception ex) { + ex.printStackTrace(); log.debug(ex); log.info("waiting to shutdown..."); Thread.sleep(5000); diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java index fd94958e..08a06570 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java @@ -64,9 +64,13 @@ public class TLSServerCA { caCert.addExtension(new SubjectKeyIdentifier(caKeyPair.getPublic())); - caCert.addExtension(new BasicConstraints(true)); - caCert.addExtension(new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign - | KeyUsage.digitalSignature)); + BasicConstraints bc = new BasicConstraints(true); + bc.setCritical(true); + caCert.addExtension(bc); + KeyUsage ku = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign + | KeyUsage.digitalSignature); + ku.setCritical(true); + caCert.addExtension(ku); GregorianCalendar date = new GregorianCalendar(); date.add(Calendar.HOUR_OF_DAY, -1); -- cgit v1.2.3 From bd070e82c276afb8c1c3a9ddc3b5712783760881 Mon Sep 17 00:00:00 2001 From: mcentner Date: Tue, 29 Sep 2009 17:36:06 +0000 Subject: Logging issues fixed: - Added possibility to configure logging of BKUWebstart. Logging is now configured from log4j configuration deployed with BKUWebstart in a first step. In a second step the webstart launcher looks for a log4j configuration file in the user's mooca configuration directory and updates the log4j configuration. - Logging of IAIK PKI properly initialized. IAIK PKI does not mess with the log4j configuration any longer. - Changed log4j accordingly (an appender is now needed as IAIK PKI does not reconfigure log4j any longer). Added css-stylesheet to ErrorResponses issued by the BKU to improve the presentation to the user. Changed dependencies of BKUWebStart (see Issue#469 https://egovlabs.gv.at/tracker/index.php?func=detail&aid=469&group_id=13&atid=134). DataURLConnection now uses the request encoding of SL < 1.2. application/x-www-form-urlencoded is now used as default encoding method. multipart/form-data is used only if transfer parameters are present in the request that require a Content-Type parameter. This can only be set with multipart/form-data. This is not in conformance with SL 1.2, however it should improve compatibility with applications. Therefore, removed the ability to configure the DataURLConnection implementation class. DataURLConnection now uses a streaming implementation for encoding of application/x-www-form-urlencoded requests. XWWWFormUrlImputDecoder now uses a streaming implementation for decoding of application/x-www-form-urlencoded requests. Fixed Bug in SLResultPart that caused a binary response to be provided as parameter "XMLResponse" in a multipart/form-data encoded request to DataURL. SLCommandFactory now supports unmarshalling of SL < 1.2 requests in order issue meaningful error messages. Therefore, the marshaling context for response marshaling had to be separated from the marshaling context for requests in order to avoid the marshaling of SL < 1.2 namespace prefixes in SL 1.2 responses. Target attribute in QualifiedProperties is now marshaled. (see Issue#470 https://egovlabs.gv.at/tracker/index.php?func=detail&aid=470&group_id=13&atid=134) Reporting of XML validation errors improved. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@510 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/webstart/Configurator.java | 26 ++++++++++++++-------- .../java/at/gv/egiz/bku/webstart/Container.java | 11 ++++----- .../java/at/gv/egiz/bku/webstart/Launcher.java | 22 +++++++++--------- .../gv/egiz/bku/webstart/LogSecurityManager.java | 9 +++++--- .../java/at/gv/egiz/bku/webstart/TLSServerCA.java | 9 ++++---- .../at/gv/egiz/bku/webstart/gui/AboutDialog.java | 7 ++++-- .../bku/webstart/gui/PINManagementInvoker.java | 7 +++--- 7 files changed, 54 insertions(+), 37 deletions(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java index 923a70d9..d8fe3e70 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java @@ -16,8 +16,9 @@ */ package at.gv.egiz.bku.webstart; -import at.gv.egiz.bku.utils.StreamUtil; import iaik.asn1.CodingException; +import iaik.utils.StreamCopier; + import java.io.BufferedInputStream; import java.io.BufferedOutputStream; import java.io.BufferedReader; @@ -42,8 +43,10 @@ import java.util.jar.Manifest; import java.util.zip.ZipEntry; import java.util.zip.ZipFile; import java.util.zip.ZipOutputStream; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; + +import org.apache.log4j.PropertyConfigurator; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * @@ -71,7 +74,7 @@ public class Configurator { public static final String KEYSTORE_FILE = "keystore.ks"; public static final String PASSWD_FILE = ".secret"; - private static final Log log = LogFactory.getLog(Configurator.class); + private static final Logger log = LoggerFactory.getLogger(Configurator.class); /** currently installed configuration version */ private String version; @@ -110,6 +113,11 @@ public class Configurator { } else { initConfig(configDir); } + // re-configure logging + // TODO: move to appropriate place + String log4jconfig = configDir.getPath() + File.separatorChar + "log4j.properties"; + log.debug("Reconfiguring logging with " + log4jconfig); + PropertyConfigurator.configureAndWatch(log4jconfig); } /** @@ -312,7 +320,7 @@ public class Configurator { ZipEntry entry = new ZipEntry(relativePath.toString()); zip.putNextEntry(entry); BufferedInputStream entryIS = new BufferedInputStream(new FileInputStream(dir)); - StreamUtil.copyStream(entryIS, zip); + new StreamCopier(entryIS, zip).copyStream(); entryIS.close(); zip.closeEntry(); dir.delete(); @@ -341,7 +349,7 @@ public class Configurator { File confTemplateFile = new File(configDir, CONF_TEMPLATE_FILE); InputStream is = Configurator.class.getClassLoader().getResourceAsStream(CONF_TEMPLATE_RESOURCE); OutputStream os = new BufferedOutputStream(new FileOutputStream(confTemplateFile)); - StreamUtil.copyStream(is, os); + new StreamCopier(is, os).copyStream(); os.close(); unzip(confTemplateFile, configDir); confTemplateFile.delete(); @@ -374,7 +382,7 @@ public class Configurator { new File(certsDir, f.substring(0, f.lastIndexOf('/'))).mkdirs(); BufferedOutputStream bos = new BufferedOutputStream(new FileOutputStream(new File(certsDir, f))); log.debug(f); - StreamUtil.copyStream(Configurator.class.getClassLoader().getResourceAsStream(entry), bos); + new StreamCopier(Configurator.class.getClassLoader().getResourceAsStream(entry), bos).copyStream(); bos.close(); } else { log.trace("ignore " + entry); @@ -399,8 +407,8 @@ public class Configurator { } File f = new File(eF.getParent()); f.mkdirs(); - StreamUtil.copyStream(zipFile.getInputStream(entry), - new FileOutputStream(eF)); + new StreamCopier(zipFile.getInputStream(entry), + new FileOutputStream(eF)).copyStream(); } zipFile.close(); } diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java index 2feae267..4d1fe658 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Container.java @@ -1,6 +1,7 @@ package at.gv.egiz.bku.webstart; -import at.gv.egiz.bku.utils.StreamUtil; +import iaik.utils.StreamCopier; + import java.awt.AWTPermission; import java.io.BufferedInputStream; import java.io.BufferedOutputStream; @@ -24,20 +25,20 @@ import java.security.SecurityPermission; import java.security.cert.Certificate; import java.util.PropertyPermission; import javax.smartcardio.CardPermission; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import org.mortbay.jetty.Connector; import org.mortbay.jetty.Server; import org.mortbay.jetty.nio.SelectChannelConnector; import org.mortbay.jetty.security.SslSocketConnector; import org.mortbay.jetty.webapp.WebAppContext; import org.mortbay.thread.QueuedThreadPool; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class Container { public static final String HTTP_PORT_PROPERTY = "mocca.http.port"; public static final String HTTPS_PORT_PROPERTY = "mocca.http.port"; - private static Log log = LogFactory.getLog(Container.class); + private static Logger log = LoggerFactory.getLogger(Container.class); static { if (log.isDebugEnabled()) { @@ -166,7 +167,7 @@ public class Container { log.debug("copying BKULocal classpath resource to " + webapp); InputStream is = getClass().getClassLoader().getResourceAsStream("BKULocal.war"); OutputStream os = new BufferedOutputStream(new FileOutputStream(webapp)); - StreamUtil.copyStream(is, os); + new StreamCopier(is, os).copyStream(); os.close(); return webapp.getPath(); } diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java index 2bf42ccb..ef7edef1 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Launcher.java @@ -10,8 +10,6 @@ import java.util.Locale; import java.util.ResourceBundle; import javax.jnlp.UnavailableServiceException; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; import com.sun.javaws.security.JavaWebStartSecurity; import java.awt.AWTException; @@ -37,6 +35,8 @@ import javax.jnlp.BasicService; import javax.jnlp.ServiceManager; import javax.swing.JFrame; import org.mortbay.util.MultiException; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class Launcher implements BKUControllerInterface, ActionListener { public static final String HELP_COMMAND = "help"; @@ -71,9 +71,10 @@ public class Launcher implements BKUControllerInterface, ActionListener { public static final String SHUTDOWN_COMMAND = "shutdown"; public static final String PIN_COMMAND = "pin"; public static final String ABOUT_COMMAND = "about"; + + private static Logger log = LoggerFactory.getLogger(Launcher.class); - private static Log log = LogFactory.getLog(Launcher.class); - + /** local bku uri */ public static final URL HTTP_SECURITY_LAYER_URL; public static final URL HTTPS_SECURITY_LAYER_URL; @@ -93,7 +94,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { cert = new URL(http, "/installCertificate"); help = new URL(http, "/help"); } catch (MalformedURLException ex) { - log.error(ex); + log.error("Failed to create URL.", ex); } finally { HTTP_SECURITY_LAYER_URL = http; HTTPS_SECURITY_LAYER_URL = https; @@ -132,6 +133,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { public Launcher() { + log.info("Initializing Launcher"); if (log.isTraceEnabled()) { SecurityManager sm = System.getSecurityManager(); if (sm instanceof JavaWebStartSecurity) { @@ -147,7 +149,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { try { initConfig(); } catch (Exception ex) { - log.fatal("Failed to initialize configuration", ex); + log.error("Failed to initialize configuration", ex); trayIcon.displayMessage(messages.getString(CAPTION_ERROR), messages.getString(ERROR_CONFIG), TrayIcon.MessageType.ERROR); throw ex; @@ -156,12 +158,12 @@ public class Launcher implements BKUControllerInterface, ActionListener { startServer(); initFinished(); } catch (BindException ex) { - log.fatal("Failed to launch server, " + ex.getMessage(), ex); + log.error("Failed to launch server, " + ex.getMessage(), ex); trayIcon.displayMessage(messages.getString(CAPTION_ERROR), messages.getString(ERROR_BIND), TrayIcon.MessageType.ERROR); throw ex; } catch (MultiException ex) { - log.fatal("Failed to launch server, " + ex.getMessage(), ex); + log.error("Failed to launch server, " + ex.getMessage(), ex); if (ex.getThrowable(0) instanceof BindException) { trayIcon.displayMessage(messages.getString(CAPTION_ERROR), messages.getString(ERROR_BIND), TrayIcon.MessageType.ERROR); @@ -172,7 +174,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { throw ex; } catch (Exception ex) { ex.printStackTrace(); - log.fatal("Failed to launch server, " + ex.getMessage(), ex); + log.error("Failed to launch server, " + ex.getMessage(), ex); trayIcon.displayMessage(messages.getString(CAPTION_ERROR), messages.getString(ERROR_START), TrayIcon.MessageType.ERROR); throw ex; @@ -379,7 +381,7 @@ public class Launcher implements BKUControllerInterface, ActionListener { launcher.launch(); } catch (Exception ex) { ex.printStackTrace(); - log.debug(ex); + log.debug("Caught exception " + ex.getMessage(), ex); log.info("waiting to shutdown..."); Thread.sleep(5000); log.info("exit"); diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java index 99fd403b..d589812e 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/LogSecurityManager.java @@ -20,8 +20,9 @@ import com.sun.javaws.security.JavaWebStartSecurity; import java.io.FileDescriptor; import java.net.InetAddress; import java.security.Permission; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * JVM argument -Djava.security.debug=access,failure @@ -31,7 +32,7 @@ import org.apache.commons.logging.LogFactory; */ public class LogSecurityManager extends SecurityManager { - protected static final Log log = LogFactory.getLog(LogSecurityManager.class); + protected static final Logger log = LoggerFactory.getLogger(LogSecurityManager.class); JavaWebStartSecurity sm; public LogSecurityManager(JavaWebStartSecurity sm) { @@ -182,6 +183,7 @@ public class LogSecurityManager extends SecurityManager { } } + @SuppressWarnings("deprecation") @Override public void checkMulticast(InetAddress maddr, byte ttl) { try { @@ -399,6 +401,7 @@ public class LogSecurityManager extends SecurityManager { // protected Class[] getClassContext() { // log.info("getClassContext"); return sm.getClassContext(); // } + @SuppressWarnings("deprecation") @Override public boolean getInCheck() { log.info("getInCheck"); diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java index 08a06570..745042f8 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/TLSServerCA.java @@ -16,8 +16,6 @@ import iaik.x509.extensions.SubjectAltName; import iaik.x509.extensions.SubjectKeyIdentifier; import java.io.IOException; import java.math.BigInteger; -import java.net.InetAddress; -import java.net.UnknownHostException; import java.security.GeneralSecurityException; import java.security.KeyPair; import java.security.KeyPairGenerator; @@ -27,14 +25,15 @@ import java.util.Calendar; import java.util.GregorianCalendar; import java.util.Random; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + public class TLSServerCA { public static final int CA_VALIDITY_Y = 3; public static final String MOCCA_TLS_SERVER_ALIAS = "server"; public static final int SERVER_VALIDITY_Y = 3; - private final static Log log = LogFactory.getLog(TLSServerCA.class); + private final static Logger log = LoggerFactory.getLogger(TLSServerCA.class); private KeyPair caKeyPair; private X509Certificate caCert; diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java index 1e35af58..ba2c007d 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/AboutDialog.java @@ -11,7 +11,6 @@ package at.gv.egiz.bku.webstart.gui; -import java.text.Format; import java.text.MessageFormat; import java.util.ResourceBundle; @@ -21,6 +20,11 @@ import java.util.ResourceBundle; */ public class AboutDialog extends javax.swing.JDialog { + /** + * + */ + private static final long serialVersionUID = 1L; + /** Creates new form AboutDialog */ public AboutDialog(java.awt.Frame parent, boolean modal, String version) { super(parent, modal); @@ -33,7 +37,6 @@ public class AboutDialog extends javax.swing.JDialog { * WARNING: Do NOT modify this code. The content of this method is * always regenerated by the Form Editor. */ - @SuppressWarnings("unchecked") // //GEN-BEGIN:initComponents private void initComponents() { diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java index 55e26313..1f14d751 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/gui/PINManagementInvoker.java @@ -21,8 +21,9 @@ import java.awt.TrayIcon; import java.io.IOException; import java.net.HttpURLConnection; import java.util.ResourceBundle; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; /** * GUI is painted using SwingUtilities.invokeLater, but TrayIcon ActionListener Thread (== webstart thread) joined Jetty Thread @@ -31,7 +32,7 @@ import org.apache.commons.logging.LogFactory; */ public class PINManagementInvoker implements Runnable { - private static final Log log = LogFactory.getLog(PINManagementInvoker.class); + private static final Logger log = LoggerFactory.getLogger(PINManagementInvoker.class); TrayIcon trayIcon; ResourceBundle messages; -- cgit v1.2.3 From 678f2d84046c8e3ab7abe459d984868d4c9d2a3c Mon Sep 17 00:00:00 2001 From: clemenso Date: Mon, 18 Jan 2010 15:55:46 +0000 Subject: support reader configuration (disablePinpad) in BKUWebStart webstart-local -> template-local.xml pkcs11sign -> template.xml default -> template-unstable.xml git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@576 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'BKUWebStart/src/main/java/at/gv/egiz') diff --git a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java index d8fe3e70..37638510 100644 --- a/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java +++ b/BKUWebStart/src/main/java/at/gv/egiz/bku/webstart/Configurator.java @@ -59,7 +59,7 @@ public class Configurator { * configurations with less than this (major) version will be backuped and updated * allowed: MAJOR[.MINOR[.X[-SNAPSHOT]]] */ - public static final String MIN_CONFIG_VERSION = "1.2.4-SNAPSHOT"; + public static final String MIN_CONFIG_VERSION = "1.2.11-SNAPSHOT"; public static final String CONFIG_DIR = ".mocca/conf/"; public static final String CERTS_DIR = ".mocca/certs/"; public static final String VERSION_FILE = ".version"; -- cgit v1.2.3