From b1c8641a63a67e3c64d948f9e8dce5c01e11e2dd Mon Sep 17 00:00:00 2001 From: mcentner Date: Wed, 5 May 2010 15:29:01 +0000 Subject: Merged feature branch mocca-1.2.13-id@r724 back to trunk. git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@725 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4 --- .../java/at/gv/egiz/bku/conf/CertValidator.java | 13 - .../at/gv/egiz/bku/conf/CertValidatorImpl.java | 110 ----- .../java/at/gv/egiz/bku/conf/Configuration.java | 100 ----- .../java/at/gv/egiz/bku/conf/Configurator.java | 467 --------------------- .../java/at/gv/egiz/bku/conf/IAIKCommonsLog.java | 144 ------- .../at/gv/egiz/bku/conf/IAIKCommonsLogFactory.java | 59 --- .../java/at/gv/egiz/bku/conf/IAIKLogAdapter.java | 146 +++++++ .../at/gv/egiz/bku/conf/IAIKLogAdapterFactory.java | 62 +++ .../gv/egiz/bku/conf/MoccaConfigurationFacade.java | 22 + 9 files changed, 230 insertions(+), 893 deletions(-) delete mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidator.java delete mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java delete mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/Configuration.java delete mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java delete mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLog.java delete mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLogFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKLogAdapter.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKLogAdapterFactory.java create mode 100644 bkucommon/src/main/java/at/gv/egiz/bku/conf/MoccaConfigurationFacade.java (limited to 'bkucommon/src/main/java/at/gv/egiz/bku/conf') diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidator.java deleted file mode 100644 index 6a95b369..00000000 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidator.java +++ /dev/null @@ -1,13 +0,0 @@ -package at.gv.egiz.bku.conf; - -import iaik.x509.X509Certificate; - -import java.io.File; - -public interface CertValidator { - - public abstract void init(File certDir, File caDir); - - public abstract boolean isCertificateValid(String transactionId, X509Certificate[] certs); - -} \ No newline at end of file diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java deleted file mode 100644 index 766fe355..00000000 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/CertValidatorImpl.java +++ /dev/null @@ -1,110 +0,0 @@ -package at.gv.egiz.bku.conf; - -import iaik.logging.LogConfigurationException; -import iaik.logging.TransactionId; -import iaik.logging.impl.TransactionIdImpl; -import iaik.logging.LoggerConfig; -import iaik.pki.DefaultPKIConfiguration; -import iaik.pki.DefaultPKIProfile; -import iaik.pki.PKIConfiguration; -import iaik.pki.PKIException; -import iaik.pki.PKIFactory; -import iaik.pki.PKIModule; -import iaik.pki.PKIProfile; -import iaik.pki.revocation.RevocationSourceTypes; -import iaik.pki.store.certstore.CertStoreParameters; -import iaik.pki.store.certstore.directory.DefaultDirectoryCertStoreParameters; -import iaik.pki.store.truststore.DefaultTrustStoreProfile; -import iaik.pki.store.truststore.TrustStoreProfile; -import iaik.pki.store.truststore.TrustStoreTypes; -import iaik.x509.X509Certificate; - -import java.io.File; -import java.util.Date; -import java.util.Properties; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -public class CertValidatorImpl implements CertValidator { - - private static Log log = LogFactory.getLog(CertValidatorImpl.class); - - private PKIFactory pkiFactory; - private PKIProfile profile; - - public CertValidatorImpl() { - - } - - /* (non-Javadoc) - * @see at.gv.egiz.bku.conf.CertValidator#init(java.io.File, java.io.File) - */ - public void init(File certDir, File caDir) { - // initialize IAIK logging for PKI module - log.debug("Configuring logging for IAIK PKI module"); - iaik.logging.LogFactory.configure(new LoggerConfig() { - - @Override - public Properties getProperties() throws LogConfigurationException { - return null; - } - - @Override - public String getNodeId() { - return "pki"; - } - - @Override - public String getFactory() { - return IAIKCommonsLogFactory.class.getName(); - } - }); - - - // the parameters specifying the directory certstore - CertStoreParameters[] certStoreParameters = { new DefaultDirectoryCertStoreParameters( - "CS-001", certDir.getAbsolutePath(), true, false) }; - - // create a new PKI configuration using the certstore parameters - PKIConfiguration pkiConfig = new DefaultPKIConfiguration( - certStoreParameters); - - // Transaction ID for logging - TransactionId tid = new TransactionIdImpl("Configure-PKI"); - // get PKI factory for creating PKI module(s) - pkiFactory = PKIFactory.getInstance(); - // configure the factory - try { - pkiFactory.configure(pkiConfig, tid); - } catch (PKIException e) { - log.error("Cannot configure PKI module", e); - } - // the truststore to be used - TrustStoreProfile trustProfile = new DefaultTrustStoreProfile("TS-001", - TrustStoreTypes.DIRECTORY, caDir.getAbsolutePath()); - profile = new DefaultPKIProfile(trustProfile); - ((DefaultPKIProfile)profile).setAutoAddCertificates(true); - ((DefaultPKIProfile) profile).setPreferredServiceOrder(new String[] { - RevocationSourceTypes.OCSP, RevocationSourceTypes.CRL }); - } - - /* (non-Javadoc) - * @see at.gv.egiz.bku.conf.CertValidator#isCertificateValid(java.lang.String, iaik.x509.X509Certificate[]) - */ - public boolean isCertificateValid(String transactionId, - X509Certificate[] certs) { - // Transaction ID for logging - TransactionId tid = new TransactionIdImpl(transactionId); - // get a PKIModule - PKIModule pkiModule; - try { - pkiModule = pkiFactory.getPKIModule(profile); - return pkiModule.validateCertificate(new Date(), certs[0], certs, null, - tid).isCertificateValid(); - } catch (PKIException e) { - log.error("Cannot validate certificate", e); - } - return false; - } -} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configuration.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configuration.java deleted file mode 100644 index f813b14d..00000000 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configuration.java +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright 2008 Federal Chancellery Austria and - * Graz University of Technology - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package at.gv.egiz.bku.conf; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -/** - * BKU Common Configuration - * - * Injected to BKU Common classes as defined in mocca-conf.xml - * - * Replace at.gv.egiz.bku.conf.Configurator, - * currently only few configuration options are supported. - * - * @author Clemens Orthacker - */ -public class Configuration { - - public static final int MAX_DATAURL_HOPS_DEFAULT = 50; - public static final String IMPLEMENTATION_NAME_DEFAULT = "MOCCA"; - public static final String IMPLEMENTATION_VERSION_DEFAULT = "UNKNOWN"; - - private static final Log log = LogFactory.getLog(Configuration.class); - - private int maxDataUrlHops = -1; - private String implementationName; - private String implementationVersion; - - public void setMaxDataUrlHops(int maxDataUrlHops) { - this.maxDataUrlHops = maxDataUrlHops; - } - - /** - * Defines the maximum number of dataurl connects that are allowed within a - * single SL Request processing. - */ - public int getMaxDataUrlHops() { - if (maxDataUrlHops < 0) { - log.warn("maxDataUrlHops not configured, using default: " + MAX_DATAURL_HOPS_DEFAULT); - return MAX_DATAURL_HOPS_DEFAULT; - } - return maxDataUrlHops; - } - - /** - * @return the implementationName - */ - public String getImplementationName() { - if (implementationName == null) { - log.info("implementationName not configured, using default: " + IMPLEMENTATION_NAME_DEFAULT); - return "MOCCA"; - } - return implementationName; - } - - /** - * @param implementationName the implementationName to set - */ - public void setImplementationName(String implementationName) { - this.implementationName = implementationName; - } - - /** - * @return the implementationVersion - */ - public String getImplementationVersion() { - if (implementationName == null) { - log.info("implementationName not configured, using default: " + IMPLEMENTATION_VERSION_DEFAULT); - return IMPLEMENTATION_VERSION_DEFAULT; - } - return implementationVersion; - } - - /** - * @param implementationVersion the implementationVersion to set - */ - public void setImplementationVersion(String implementationVersion) { - this.implementationVersion = implementationVersion; - } - - - - -} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java deleted file mode 100644 index 50f5d2b4..00000000 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/Configurator.java +++ /dev/null @@ -1,467 +0,0 @@ -package at.gv.egiz.bku.conf; - -import iaik.security.ecc.provider.ECCProvider; -import iaik.security.provider.IAIK; -import iaik.xml.crypto.XSecProvider; - -import java.io.File; -import java.io.FileInputStream; -import java.io.IOException; -import java.io.InputStream; -import java.net.HttpURLConnection; -import java.net.URL; -import java.security.GeneralSecurityException; -import java.security.InvalidAlgorithmParameterException; -import java.security.NoSuchAlgorithmException; -import java.security.Provider; -import java.security.Security; -import java.security.Provider.Service; -import java.security.cert.CertStore; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.CollectionCertStoreParameters; -import java.security.cert.LDAPCertStoreParameters; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.LinkedList; -import java.util.List; -import java.util.Properties; -import java.util.Set; -import java.util.jar.Attributes; -import java.util.jar.Manifest; - -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.HttpsURLConnection; -import javax.net.ssl.KeyManager; -import javax.net.ssl.SSLContext; -import javax.net.ssl.SSLSession; -import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; - -import at.gv.egiz.bku.binding.DataUrl; -import at.gv.egiz.bku.slcommands.impl.xsect.DataObject; -import at.gv.egiz.bku.slcommands.impl.xsect.STALProvider; -import at.gv.egiz.bku.slexceptions.SLRuntimeException; -import at.gv.egiz.bku.utils.urldereferencer.URLDereferencer; -import javax.net.ssl.SSLSocketFactory; - -public abstract class Configurator { - - private Log log = LogFactory.getLog(Configurator.class); - - public final static String USERAGENT_CONFIG_P = "UserAgent"; - public static final String DATAURLCONNECTION_CONFIG_P = "DataURLConnectionImplClass"; - - public static final String USERAGENT_DEFAULT = "citizen-card-environment/1.2 MOCCA/UNKNOWN"; - public static final String USERAGENT_BASE = "citizen-card-environment/1.2 MOCCA/"; - - public static final String SIGNATURE_LAYOUT = "SignatureLayout"; - - protected Properties properties; - - protected CertValidator certValidator; - protected String signaturLayoutVersion; - - protected Configurator() { - } - - protected abstract File getCertDir(); - - protected abstract File getCADir(); - - protected abstract InputStream getManifest(); - - private X509Certificate[] getCACerts() throws IOException, - CertificateException { - List caCerts = new ArrayList(); - File caDir = getCADir(); - if (caDir != null) { - if (!caDir.isDirectory()) { - log.error("Expecting directory as SSL.caDirectory parameter"); - throw new SLRuntimeException( - "Expecting directory as SSL.caDirectory parameter"); - } - log.info("loading trustStore from " + caDir.getAbsolutePath()); - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - for (File f : caDir.listFiles()) { - try { - FileInputStream fis = new FileInputStream(f); - X509Certificate cert = (X509Certificate) cf.generateCertificate(fis); - fis.close(); - log.debug("Adding trusted cert " + cert.getSubjectDN()); - caCerts.add(cert); - } catch (Exception e) { - log.error("Cannot add trusted ca", e); - } - } - return caCerts.toArray(new X509Certificate[caCerts.size()]); - } else { - log.warn("No CA certificates configured"); - } - return null; - } - - protected List getCertstore() throws IOException, - CertificateException, InvalidAlgorithmParameterException, - NoSuchAlgorithmException { - List resultList = new ArrayList(); - File certDir = getCertDir(); - if (certDir != null) { - if (!certDir.isDirectory()) { - log.error("Expecting directory as SSL.certDirectory parameter"); - throw new SLRuntimeException( - "Expecting directory as SSL.certDirectory parameter"); - } - log.info("loading certStore from " + certDir.getAbsolutePath()); - List certCollection = new LinkedList(); - CertificateFactory cf = CertificateFactory.getInstance("X.509"); - for (File f : certDir.listFiles()) { - try { - FileInputStream fis = new FileInputStream(f); - X509Certificate cert = (X509Certificate) cf.generateCertificate(fis); - certCollection.add(cert); - fis.close(); - log - .trace("Added following cert to certstore: " - + cert.getSubjectDN()); - } catch (Exception ex) { - log.error("Cannot add certificate", ex); - } - } - CollectionCertStoreParameters csp = new CollectionCertStoreParameters( - certCollection); - resultList.add(CertStore.getInstance("Collection", csp)); - log.info("Added collection certstore"); - } else { - log.warn("No certstore directory configured"); - } - String ldapHost = getProperty("SSL.ldapServer"); - if ((ldapHost != null) && (!"".equals(ldapHost))) { - String ldapPortString = getProperty("SSL.ldapPort"); - int ldapPort = 389; - if (ldapPortString != null) { - try { - ldapPort = Integer.parseInt(ldapPortString); - } catch (NumberFormatException nfe) { - log.error("Invalid ldap port, using default 389"); - } - } else { - log.warn("ldap port not specified, using default 389"); - } - LDAPCertStoreParameters ldapParams = new LDAPCertStoreParameters( - ldapHost, ldapPort); - resultList.add(CertStore.getInstance("LDAP", ldapParams)); - log.info("Added LDAP certstore"); - } - return resultList; - } - - protected void configUrlConnections() { - HttpsURLConnection.setFollowRedirects(false); - HttpURLConnection.setFollowRedirects(false); - } - - protected void configureProviders() { - log.debug("Registering security providers"); - - IAIK iaikProvider = new IAIK(); - if (Security.getProvider(iaikProvider.getName()) == null) { - // register IAIK provider at first position - Security.insertProviderAt(iaikProvider, 1); - } else { - // IAIK provider already registered - log.info("Provider " + iaikProvider.getName() + " already registered."); - } - - ECCProvider eccProvider = new ECCProvider(false); - if (Security.getProvider(eccProvider.getName()) == null) { - // register ECC Provider at second position - Security.insertProviderAt(eccProvider, 2); - } else { - // ECC Provider already registered - log.info("Provider " + eccProvider.getName() + " already registered."); - } - - // registering STALProvider as delegation provider for XSECT - STALProvider stalProvider = new STALProvider(); - if (Security.getProvider(stalProvider.getName()) == null) { - // register STAL provider - Set services = stalProvider.getServices(); - StringBuilder sb = new StringBuilder(); - for (Service service : services) { - String algorithm = service.getType() + "." + service.getAlgorithm(); - XSecProvider.setDelegationProvider(algorithm, stalProvider.getName()); - sb.append("\n" + algorithm); - } - log - .debug("Registered STALProvider as XSecProvider delegation provider for the following services : " - + sb.toString()); - - Security.addProvider(stalProvider); - } else { - // STAL Provider already registered - log.info("Provider " + stalProvider.getName() + " already registered."); - } - - if (Security.getProvider(XSecProvider.NAME) == null) { - // register XML Security provider - XSecProvider.addAsProvider(false); - } else { - log.info("Provider " + XSecProvider.NAME + " already registered."); - } - - if (log.isDebugEnabled()) { - StringBuilder sb = new StringBuilder(); - sb.append("Registered providers: "); - int i = 1; - for (Provider prov : Security.getProviders()) { - sb.append((i++) + ". : " + prov); - } - log.debug(sb.toString()); - } - } - - protected void configViewer() { - String bv = properties.getProperty("ValidateHashDataInputs"); - if (bv != null) { - DataObject.enableHashDataInputValidation(Boolean.parseBoolean(bv)); - } else { - log.warn("ValidateHashDataInputs not set, falling back to default"); - } - } - - public void configureSingatureLayoutVersion() { - if (properties.get(SIGNATURE_LAYOUT) == null) { - try { - String classContainer = Configurator.class.getProtectionDomain() - .getCodeSource().getLocation().toString(); - URL manifestUrl = new URL("jar:" + classContainer - + "!/META-INF/MANIFEST.MF"); - Manifest manifest = new Manifest(manifestUrl.openStream()); - Attributes att = manifest.getMainAttributes(); - String layout = null; - if (att != null) { - layout = att.getValue(SIGNATURE_LAYOUT); - } - if (layout != null) { - log.info("setting SignatureLayout header to " + layout); - properties.put(SIGNATURE_LAYOUT, layout); - } else { - log.warn("no SignatureLayout version defined"); - } - } catch (Exception ex) { - log.warn("Cannot read manifest", ex); - } - } - } - - public void configureNetwork() { - String proxy = getProperty("HTTPProxyHost"); - String portString = getProperty("HTTPProxyPort"); - if ((proxy == null) || (proxy.equals(""))) { - log.info("No proxy configured"); - } else { - log.info("Setting proxy to: " + proxy + ":" + portString); - System.setProperty("proxyHost", proxy); - System.setProperty("proxyPort", portString); - } - String timeout = getProperty("DefaultSocketTimeout"); - if ((timeout != null) && (!timeout.equals(""))) { - System.setProperty("sun.net.client.defaultConnectTimeout", timeout); - } - } - - public void configureVersion() { - if (properties.getProperty(USERAGENT_CONFIG_P) == null) { - Properties p = new Properties(); - try { - InputStream is = getManifest(); - if (is != null) { - p.load(getManifest()); - String version = p.getProperty("Implementation-Build"); - if (version == null) { - version="UNKNOWN"; - } - properties.setProperty(USERAGENT_CONFIG_P, USERAGENT_BASE + version); - log.debug("Setting user agent to: " - + properties.getProperty(USERAGENT_CONFIG_P)); - } else { - log.warn("Failed to read manifest, setting user-agent to " + USERAGENT_DEFAULT); - properties.setProperty(USERAGENT_CONFIG_P, USERAGENT_DEFAULT); - } - } catch (IOException e) { - log.error(e); - } - } else { - log.info("using configured user agent " + properties.getProperty(USERAGENT_CONFIG_P)); - } - } - - /** - * TODO cleanup configuration (read MANIFEST, DataURLconfig,...) - */ - public void configure() { - configureProviders(); - configUrlConnections(); - configViewer(); - configureSSL(); - configureVersion(); - configureSingatureLayoutVersion(); - configureNetwork(); - //after configureVersion() and configureSignatureLayoutVersion() - DataUrl.setConfiguration(properties); - } - - public void setConfiguration(Properties props) { - this.properties = props; - } - - public String getProperty(String key) { - if (properties != null) { - return properties.getProperty(key); - } - return null; - } - - public void configureSSL() { - X509Certificate[] caCerts = null; - try { - caCerts = getCACerts(); - } catch (Exception e1) { - log.error("Cannot load CA certificates", e1); - } - String disableAll = getProperty("SSL.disableAllChecks"); - String disableHostnameVerification = getProperty("SSL.disableHostnameVerification"); - try { - KeyManager[] km = null; - SSLContext sslCtx = SSLContext - .getInstance(getProperty("SSL.sslProtocol")); - if ((disableAll != null) && (Boolean.parseBoolean(disableAll))) { - log.warn("--------------------------------------"); - log.warn(" Disabling SSL Certificate Validation "); - log.warn("--------------------------------------"); - - sslCtx.init(km, - new TrustManager[] { new MyAlwaysTrustManager(caCerts) }, null); - } else { - MyPKITrustManager pkixTM = new MyPKITrustManager(certValidator, - getCertDir(), getCADir(), caCerts); - sslCtx.init(km, new TrustManager[] { pkixTM }, null); - } - DataUrl.setSSLSocketFactory(sslCtx.getSocketFactory()); - URLDereferencer.getInstance().setSSLSocketFactory( - sslCtx.getSocketFactory()); - } catch (Exception e) { - log.error("Cannot configure SSL", e); - } - if ((disableAll != null && Boolean.parseBoolean(disableAll)) - || (disableHostnameVerification != null && Boolean - .parseBoolean(disableHostnameVerification))) { - log.warn("---------------------------------"); - log.warn(" Disabling Hostname Verification "); - log.warn("---------------------------------"); - DataUrl.setHostNameVerifier(new HostnameVerifier() { - @Override - public boolean verify(String hostname, SSLSession session) { - return true; - } - }); - URLDereferencer.getInstance().setHostnameVerifier(new HostnameVerifier() { - @Override - public boolean verify(String hostname, SSLSession session) { - return true; - } - }); - } - } - - public void setCertValidator(CertValidator certValidator) { - this.certValidator = certValidator; - } - - private static class MyPKITrustManager implements X509TrustManager { - private static Log log = LogFactory.getLog(MyPKITrustManager.class); - - private CertValidator certValidator; - private X509Certificate[] trustedCerts; - - public MyPKITrustManager(CertValidator cv, File certStore, File trustStore, - X509Certificate[] trustedCerts) { - certValidator = cv; - certValidator.init(certStore, trustStore); - this.trustedCerts = trustedCerts; - } - - @Override - public void checkClientTrusted(X509Certificate[] chain, String authType) - throws CertificateException { - log.error("Did not expect this method to get called"); - throw new CertificateException("Method not implemented"); - } - - private static iaik.x509.X509Certificate[] convertCerts( - X509Certificate[] certs) throws GeneralSecurityException { - iaik.x509.X509Certificate[] retVal = new iaik.x509.X509Certificate[certs.length]; - int i = 0; - for (X509Certificate cert : certs) { - if (cert instanceof iaik.x509.X509Certificate) { - retVal[i++] = (iaik.x509.X509Certificate) cert; - } else { - retVal[i++] = new iaik.x509.X509Certificate(cert.getEncoded()); - } - } - return retVal; - } - - @Override - public void checkServerTrusted(X509Certificate[] chain, String authType) - throws CertificateException { - try { - boolean valid = certValidator.isCertificateValid(Thread.currentThread() - .getName(), convertCerts(chain)); - if (!valid) { - throw new CertificateException("Certificate not valid"); - } - } catch (GeneralSecurityException e) { - throw new CertificateException(e); - } - } - - @Override - public X509Certificate[] getAcceptedIssuers() { - return trustedCerts; - } - } - - private static class MyAlwaysTrustManager implements X509TrustManager { - private static Log log = LogFactory.getLog(MyAlwaysTrustManager.class); - private X509Certificate[] trustedCerts; - - public MyAlwaysTrustManager(X509Certificate[] trustedCerts) { - this.trustedCerts = trustedCerts; - } - - @Override - public void checkClientTrusted(X509Certificate[] arg0, String arg1) - throws CertificateException { - log.error("Did not expect this method to get called"); - throw new CertificateException("Method not implemented"); - } - - @Override - public void checkServerTrusted(X509Certificate[] certs, String arg1) - throws CertificateException { - log.warn("-------------------------------------"); - log.warn("SSL Certificate Validation Disabled !"); - log.warn("-------------------------------------"); - } - - @Override - public X509Certificate[] getAcceptedIssuers() { - return trustedCerts; - } - } -} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLog.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLog.java deleted file mode 100644 index 1b7dd189..00000000 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLog.java +++ /dev/null @@ -1,144 +0,0 @@ -/** - * - */ -package at.gv.egiz.bku.conf; - -import iaik.logging.Log; -import iaik.logging.TransactionId; - -/** - * @author mcentner - * - */ -public class IAIKCommonsLog implements Log { - - /** - * The id that will be written to the log if the transactionid == null - */ - public final static String NO_ID = "Null-ID"; - - protected org.apache.commons.logging.Log commonsLog; - - protected String nodeId; - - public IAIKCommonsLog(org.apache.commons.logging.Log log) { - this.commonsLog = log; - } - - /* (non-Javadoc) - * @see iaik.logging.Log#debug(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) - */ - @Override - public void debug(TransactionId transactionId, Object message, Throwable t) { - if (commonsLog.isDebugEnabled()) { - commonsLog.debug(nodeId + ": " - + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " - + message, t); - } - } - - /* (non-Javadoc) - * @see iaik.logging.Log#info(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) - */ - @Override - public void info(TransactionId transactionId, Object message, Throwable t) { - if (commonsLog.isInfoEnabled()) { - commonsLog.info(nodeId + ": " - + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " - + message, t); - } - } - - /* (non-Javadoc) - * @see iaik.logging.Log#warn(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) - */ - @Override - public void warn(TransactionId transactionId, Object message, Throwable t) { - if (commonsLog.isWarnEnabled()) { - commonsLog.warn(nodeId + ": " - + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " - + message, t); - } - } - - /* (non-Javadoc) - * @see iaik.logging.Log#error(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) - */ - @Override - public void error(TransactionId transactionId, Object message, Throwable t) { - if (commonsLog.isErrorEnabled()) { - commonsLog.error(nodeId + ": " - + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " - + message, t); - } - } - - /* (non-Javadoc) - * @see iaik.logging.Log#fatal(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) - */ - @Override - public void fatal(TransactionId transactionId, Object message, Throwable t) { - if (commonsLog.isFatalEnabled()) { - commonsLog.fatal(nodeId + ": " - + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " - + message, t); - } - } - - /* (non-Javadoc) - * @see iaik.logging.Log#setNodeId(java.lang.String) - */ - @Override - public void setNodeId(String nodeId) { - this.nodeId = nodeId; - } - - /* (non-Javadoc) - * @see iaik.logging.Log#getNodeId() - */ - @Override - public String getNodeId() { - return nodeId; - } - - /* (non-Javadoc) - * @see iaik.logging.Log#isDebugEnabled() - */ - @Override - public boolean isDebugEnabled() { - return commonsLog.isDebugEnabled(); - } - - /* (non-Javadoc) - * @see iaik.logging.Log#isInfoEnabled() - */ - @Override - public boolean isInfoEnabled() { - return commonsLog.isInfoEnabled(); - } - - /* (non-Javadoc) - * @see iaik.logging.Log#isWarnEnabled() - */ - @Override - public boolean isWarnEnabled() { - return commonsLog.isWarnEnabled(); - } - - /* (non-Javadoc) - * @see iaik.logging.Log#isErrorEnabled() - */ - @Override - public boolean isErrorEnabled() { - return commonsLog.isErrorEnabled(); - } - - /* (non-Javadoc) - * @see iaik.logging.Log#isFatalEnabled() - */ - @Override - public boolean isFatalEnabled() { - return commonsLog.isFatalEnabled(); - } - -} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLogFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLogFactory.java deleted file mode 100644 index 14e2c757..00000000 --- a/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKCommonsLogFactory.java +++ /dev/null @@ -1,59 +0,0 @@ -/** - * - */ -package at.gv.egiz.bku.conf; - -import org.apache.commons.logging.impl.WeakHashtable; - -import iaik.logging.Log; -import iaik.logging.LogConfigurationException; -import iaik.logging.LogFactory; - -/** - * @author mcentner - * - */ -public class IAIKCommonsLogFactory extends LogFactory { - - protected WeakHashtable instances = new WeakHashtable(); - - /* (non-Javadoc) - * @see iaik.logging.LogFactory#getInstance(java.lang.String) - */ - @Override - public Log getInstance(String name) throws LogConfigurationException { - org.apache.commons.logging.Log commonsLog = org.apache.commons.logging.LogFactory.getLog(name); - Log log = (Log) instances.get(commonsLog); - if (log == null) { - log = new IAIKCommonsLog(commonsLog); - log.setNodeId(node_id_); - instances.put(commonsLog, log); - } - return log; - } - - /* (non-Javadoc) - * @see iaik.logging.LogFactory#getInstance(java.lang.Class) - */ - @SuppressWarnings("unchecked") - @Override - public Log getInstance(Class clazz) throws LogConfigurationException { - org.apache.commons.logging.Log commonsLog = org.apache.commons.logging.LogFactory.getLog(clazz); - Log log = (Log) instances.get(commonsLog); - if (log == null) { - log = new IAIKCommonsLog(commonsLog); - log.setNodeId(node_id_); - instances.put(commonsLog, log); - } - return log; - } - - /* (non-Javadoc) - * @see iaik.logging.LogFactory#release() - */ - @Override - public void release() { - instances.clear(); - } - -} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKLogAdapter.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKLogAdapter.java new file mode 100644 index 00000000..b04509a0 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKLogAdapter.java @@ -0,0 +1,146 @@ +/** + * + */ +package at.gv.egiz.bku.conf; + +import org.slf4j.Logger; + +import iaik.logging.Log; +import iaik.logging.TransactionId; + +/** + * @author mcentner + * + */ +public class IAIKLogAdapter implements Log { + + /** + * The id that will be written to the log if the transactionid == null + */ + public final static String NO_ID = "Null-ID"; + + protected Logger log; + + protected String nodeId; + + public IAIKLogAdapter(Logger logger) { + this.log = logger; + } + + /* (non-Javadoc) + * @see iaik.logging.Log#debug(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) + */ + @Override + public void debug(TransactionId transactionId, Object message, Throwable t) { + if (log.isDebugEnabled()) { + log.debug(nodeId + ": " + + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " + + message, t); + } + } + + /* (non-Javadoc) + * @see iaik.logging.Log#info(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) + */ + @Override + public void info(TransactionId transactionId, Object message, Throwable t) { + if (log.isInfoEnabled()) { + log.info(nodeId + ": " + + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " + + message, t); + } + } + + /* (non-Javadoc) + * @see iaik.logging.Log#warn(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) + */ + @Override + public void warn(TransactionId transactionId, Object message, Throwable t) { + if (log.isWarnEnabled()) { + log.warn(nodeId + ": " + + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " + + message, t); + } + } + + /* (non-Javadoc) + * @see iaik.logging.Log#error(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) + */ + @Override + public void error(TransactionId transactionId, Object message, Throwable t) { + if (log.isErrorEnabled()) { + log.error(nodeId + ": " + + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " + + message, t); + } + } + + /* (non-Javadoc) + * @see iaik.logging.Log#fatal(iaik.logging.TransactionId, java.lang.Object, java.lang.Throwable) + */ + @Override + public void fatal(TransactionId transactionId, Object message, Throwable t) { + if (log.isErrorEnabled()) { + log.error(nodeId + ": " + + ((transactionId != null) ? transactionId.getLogID() : NO_ID) + ": " + + message, t); + } + } + + /* (non-Javadoc) + * @see iaik.logging.Log#setNodeId(java.lang.String) + */ + @Override + public void setNodeId(String nodeId) { + this.nodeId = nodeId; + } + + /* (non-Javadoc) + * @see iaik.logging.Log#getNodeId() + */ + @Override + public String getNodeId() { + return nodeId; + } + + /* (non-Javadoc) + * @see iaik.logging.Log#isDebugEnabled() + */ + @Override + public boolean isDebugEnabled() { + return log.isDebugEnabled(); + } + + /* (non-Javadoc) + * @see iaik.logging.Log#isInfoEnabled() + */ + @Override + public boolean isInfoEnabled() { + return log.isInfoEnabled(); + } + + /* (non-Javadoc) + * @see iaik.logging.Log#isWarnEnabled() + */ + @Override + public boolean isWarnEnabled() { + return log.isWarnEnabled(); + } + + /* (non-Javadoc) + * @see iaik.logging.Log#isErrorEnabled() + */ + @Override + public boolean isErrorEnabled() { + return log.isErrorEnabled(); + } + + /* (non-Javadoc) + * @see iaik.logging.Log#isFatalEnabled() + */ + @Override + public boolean isFatalEnabled() { + return log.isErrorEnabled(); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKLogAdapterFactory.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKLogAdapterFactory.java new file mode 100644 index 00000000..52c3d8d1 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/IAIKLogAdapterFactory.java @@ -0,0 +1,62 @@ +/** + * + */ +package at.gv.egiz.bku.conf; + +import java.util.WeakHashMap; + +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import iaik.logging.Log; +import iaik.logging.LogConfigurationException; +import iaik.logging.LogFactory; + +/** + * @author mcentner + * + */ +public class IAIKLogAdapterFactory extends LogFactory { + + protected WeakHashMap instances = new WeakHashMap(); + + /* (non-Javadoc) + * @see iaik.logging.LogFactory#getInstance(java.lang.String) + */ + @Override + public synchronized Log getInstance(String name) throws LogConfigurationException { + Logger logger = LoggerFactory.getLogger(name); + Log log = instances.get(logger); + if (log == null) { + log = new IAIKLogAdapter(logger); + log.setNodeId(node_id_); + instances.put(logger, log); + } + return log; + } + + /* (non-Javadoc) + * @see iaik.logging.LogFactory#getInstance(java.lang.Class) + */ + @SuppressWarnings("unchecked") + @Override + public synchronized Log getInstance(Class clazz) throws LogConfigurationException { + Logger logger = LoggerFactory.getLogger(clazz); + Log log = instances.get(logger); + if (log == null) { + log = new IAIKLogAdapter(logger); + log.setNodeId(node_id_); + instances.put(logger, log); + } + return log; + } + + /* (non-Javadoc) + * @see iaik.logging.LogFactory#release() + */ + @Override + public void release() { + instances.clear(); + } + +} diff --git a/bkucommon/src/main/java/at/gv/egiz/bku/conf/MoccaConfigurationFacade.java b/bkucommon/src/main/java/at/gv/egiz/bku/conf/MoccaConfigurationFacade.java new file mode 100644 index 00000000..52842167 --- /dev/null +++ b/bkucommon/src/main/java/at/gv/egiz/bku/conf/MoccaConfigurationFacade.java @@ -0,0 +1,22 @@ +/* +* Copyright 2009 Federal Chancellery Austria and +* Graz University of Technology +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +*/ + +package at.gv.egiz.bku.conf; + +public interface MoccaConfigurationFacade { + +} -- cgit v1.2.3