Example 1 with JCEEncryption
use of com.iplanet.services.util.JCEEncryption in project OpenAM by OpenRock.
the class DefaultDebugRecorder method exportConfigExport.
/**
* Export the OpenAM config export
*/
private void exportConfigExport() {
if (currentRecord.getRecordProperties().isConfigExportEnabled()) {
SSOToken adminSSOToken = AccessController.doPrivileged(AdminTokenAction.getInstance());
try {
ServiceManager sm = new ServiceManager(adminSSOToken);
AMEncryption encryptObj = new JCEEncryption();
((ConfigurableKey) encryptObj).setPassword(currentRecord.getRecordProperties().getConfigExportPassword());
String resultXML = sm.toXML(encryptObj);
SimpleDateFormat dateFormat = new SimpleDateFormat(DATE_FORMAT_UID);
String xmlName = RecordConstants.OPENAM_CONFIG_EXPORT_FILE_NAME.replace("$DATE$", dateFormat.format(new Date()));
File file = new File(currentRecord.getFolderPath() + File.separator + xmlName);
PrintWriter printWriter = new PrintWriter(new FileWriter(file, false), true);
printWriter.println(resultXML);
printWriter.flush();
} catch (Exception e) {
debug.error("Can't export OpenAM configuration", e);
}
}
}
Also used :
AMEncryption(com.iplanet.services.util.AMEncryption)
SSOToken(com.iplanet.sso.SSOToken)
JCEEncryption(com.iplanet.services.util.JCEEncryption)
ServiceManager(com.sun.identity.sm.ServiceManager)
FileWriter(java.io.FileWriter)
ConfigurableKey(com.iplanet.services.util.ConfigurableKey)
SimpleDateFormat(java.text.SimpleDateFormat)
File(java.io.File)
Date(java.util.Date)
URISyntaxException(java.net.URISyntaxException)
JSONException(org.json.JSONException)
ParseException(java.text.ParseException)
IOException(java.io.IOException)
JsonValueException(org.forgerock.json.JsonValueException)
PrintWriter(java.io.PrintWriter)
Example 2 with JCEEncryption
use of com.iplanet.services.util.JCEEncryption in project OpenAM by OpenRock.
the class ExportServiceConfiguration method handleRequest.
/**
* Handles request.
*
* @param rc Request Context.
* @throws CLIException if request cannot be processed.
*/
public void handleRequest(RequestContext rc) throws CLIException {
super.handleRequest(rc);
ldapLogin();
SSOToken adminSSOToken = getAdminSSOToken();
String outputFile = getStringOptionValue(IArgument.OUTPUT_FILE);
String encryptSecret = getStringOptionValue(IArgument.ENCRYPT_SECRET);
FileOutputStream fout = null;
String[] param = { "tty" };
String[] paramException = { "tty", "" };
try {
if ((outputFile != null) && (outputFile.length() > 0)) {
fout = new FileOutputStream(outputFile);
param[0] = outputFile;
paramException[0] = outputFile;
}
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "ATTEMPT_EXPORT_SM_CONFIG_DATA", param);
ServiceManager sm = new ServiceManager(adminSSOToken);
AMEncryption encryptObj = new JCEEncryption();
((ConfigurableKey) encryptObj).setPassword(encryptSecret);
String resultXML = sm.toXML(encryptObj);
resultXML += "<!-- " + Hash.hash(encryptSecret) + " -->";
if (fout != null) {
fout.write(resultXML.getBytes("UTF-8"));
} else {
System.out.write(resultXML.getBytes("UTF-8"));
}
getOutputWriter().printlnMessage(getResourceString("export-service-configuration-succeeded"));
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "SUCCEEDED_IMPORT_SM_CONFIG_DATA", param);
} catch (UnsupportedEncodingException e) {
paramException[1] = e.getMessage();
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_EXPORT_SM_CONFIG_DATA", paramException);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (IOException e) {
paramException[1] = e.getMessage();
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_EXPORT_SM_CONFIG_DATA", paramException);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SSOException e) {
paramException[1] = e.getMessage();
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_EXPORT_SM_CONFIG_DATA", paramException);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SMSException e) {
paramException[1] = e.getMessage();
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_EXPORT_SM_CONFIG_DATA", paramException);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (Exception e) {
paramException[1] = e.getMessage();
writeLog(LogWriter.LOG_ACCESS, Level.INFO, "FAILED_EXPORT_SM_CONFIG_DATA", paramException);
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} finally {
if (fout != null) {
try {
fout.close();
} catch (IOException ioe) {
//ignored
}
}
}
}
Also used :
AMEncryption(com.iplanet.services.util.AMEncryption)
SSOToken(com.iplanet.sso.SSOToken)
JCEEncryption(com.iplanet.services.util.JCEEncryption)
SMSException(com.sun.identity.sm.SMSException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
SSOException(com.iplanet.sso.SSOException)
IOException(java.io.IOException)
ConfigurableKey(com.iplanet.services.util.ConfigurableKey)
SMSException(com.sun.identity.sm.SMSException)
IOException(java.io.IOException)
CLIException(com.sun.identity.cli.CLIException)
SSOException(com.iplanet.sso.SSOException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ServiceManager(com.sun.identity.sm.ServiceManager)
FileOutputStream(java.io.FileOutputStream)
CLIException(com.sun.identity.cli.CLIException)
Example 3 with JCEEncryption
use of com.iplanet.services.util.JCEEncryption in project OpenAM by OpenRock.
the class SoapSTSAgentCredentialsAccessImpl method decryptAgentPassword.
private String decryptAgentPassword(String encryptedAgentPassword, KeyStore soapSTSInternalKeystore) throws STSInitializationException {
try {
KeyStore.SecretKeyEntry entry = (KeyStore.SecretKeyEntry) soapSTSInternalKeystore.getEntry(SharedSTSConstants.AM_INTERNAL_PEK_ALIAS, new KeyStore.PasswordProtection(SharedSTSConstants.AM_INTERNAL_SOAP_STS_KEYSTORE_PW.toCharArray()));
JCEEncryption jceEncryption = new JCEEncryption();
final byte[] decodedPassword = Base64.decode(encryptedAgentPassword);
try {
jceEncryption.setPassword(new String(entry.getSecretKey().getEncoded(), StandardCharsets.UTF_8));
final byte[] decryptedPassword = jceEncryption.decrypt(decodedPassword);
return new String(decryptedPassword, StandardCharsets.UTF_8);
} catch (Exception e) {
throw new STSInitializationException(ResourceException.INTERNAL_ERROR, e.getMessage(), e);
}
} catch (NoSuchAlgorithmException | UnrecoverableEntryException | KeyStoreException e) {
throw new STSInitializationException(ResourceException.INTERNAL_ERROR, e.getMessage(), e);
}
}
Also used :
JCEEncryption(com.iplanet.services.util.JCEEncryption)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyStoreException(java.security.KeyStoreException)
KeyStore(java.security.KeyStore)
STSInitializationException(org.forgerock.openam.sts.STSInitializationException)
KeyStoreException(java.security.KeyStoreException)
ResourceException(org.forgerock.json.resource.ResourceException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
UnrecoverableEntryException(java.security.UnrecoverableEntryException)
STSInitializationException(org.forgerock.openam.sts.STSInitializationException)
UnrecoverableEntryException(java.security.UnrecoverableEntryException)
Example 4 with JCEEncryption
use of com.iplanet.services.util.JCEEncryption in project OpenAM by OpenRock.
the class CreateSoapSTSDeployment method encryptAgentPassword.
private String encryptAgentPassword(String agentPasswordEncryptionKey, String agentPassword) throws IllegalStateException {
final JCEEncryption jceEncryption = new JCEEncryption();
try {
jceEncryption.setPassword(agentPasswordEncryptionKey);
} catch (Exception e) {
throw new IllegalStateException("Exception thrown from JCEEncryption#setPassword: " + e, e);
}
final byte[] encryptedBytes = jceEncryption.encrypt(agentPassword.getBytes(StandardCharsets.UTF_8));
return Base64.encode(encryptedBytes);
}
Also used :
JCEEncryption(com.iplanet.services.util.JCEEncryption)
PWResetException(com.sun.identity.password.ui.model.PWResetException)
KeyStoreException(java.security.KeyStoreException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Example 5 with JCEEncryption
use of com.iplanet.services.util.JCEEncryption in project OpenAM by OpenRock.
the class ImportServiceConfiguration method importData.
private void importData(String xmlFile, String encryptSecret, SSOToken ssoToken) throws CLIException, SSOException, SMSException, IOException {
// set the correct password encryption key.
// without doing so, the default encryption key will be used.
String encKey = getEncKey(xmlFile);
if (encKey != null) {
SystemProperties.initializeProperties(Constants.ENC_PWD_PROPERTY, encKey);
Crypt.reinitialize();
}
IOutput outputWriter = getOutputWriter();
FileInputStream fis = null;
try {
AMEncryption encryptObj = new JCEEncryption();
((ConfigurableKey) encryptObj).setPassword(encryptSecret);
ServiceManager ssm = new ServiceManager(ssoToken);
fis = new FileInputStream(xmlFile);
ssm.registerServices(fis, encryptObj);
InitializeSystem initSys = CommandManager.initSys;
String instanceName = initSys.getInstanceName();
String serverConfigXML = initSys.getServerConfigXML();
ServerConfiguration.setServerConfigXML(ssoToken, instanceName, serverConfigXML);
outputWriter.printlnMessage(getResourceString("import-service-configuration-succeeded"));
} catch (IOException e) {
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SSOException e) {
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (SMSException e) {
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} catch (Exception e) {
throw new CLIException(e, ExitCodes.REQUEST_CANNOT_BE_PROCESSED);
} finally {
if (fis != null) {
try {
fis.close();
} catch (IOException ie) {
//ignore if file input stream cannot be closed.
}
}
}
}
Also used :
AMEncryption(com.iplanet.services.util.AMEncryption)
JCEEncryption(com.iplanet.services.util.JCEEncryption)
SMSException(com.sun.identity.sm.SMSException)
SSOException(com.iplanet.sso.SSOException)
IOException(java.io.IOException)
ConfigurableKey(com.iplanet.services.util.ConfigurableKey)
FileInputStream(java.io.FileInputStream)
LoginException(javax.security.auth.login.LoginException)
LDAPServiceException(com.iplanet.services.ldap.LDAPServiceException)
InvalidAuthContextException(com.sun.identity.authentication.internal.InvalidAuthContextException)
LdapException(org.forgerock.opendj.ldap.LdapException)
SMSException(com.sun.identity.sm.SMSException)
IOException(java.io.IOException)
CLIException(com.sun.identity.cli.CLIException)
SSOException(com.iplanet.sso.SSOException)
InitializeSystem(com.sun.identity.cli.InitializeSystem)
IOutput(com.sun.identity.cli.IOutput)
ServiceManager(com.sun.identity.sm.ServiceManager)
CLIException(com.sun.identity.cli.CLIException)
Aggregations
JCEEncryption (com.iplanet.services.util.JCEEncryption)7
IOException (java.io.IOException)6
AMEncryption (com.iplanet.services.util.AMEncryption)5
ConfigurableKey (com.iplanet.services.util.ConfigurableKey)5
ServiceManager (com.sun.identity.sm.ServiceManager)4
SSOException (com.iplanet.sso.SSOException)2
SSOToken (com.iplanet.sso.SSOToken)2
CLIException (com.sun.identity.cli.CLIException)2
PWResetException (com.sun.identity.password.ui.model.PWResetException)2
SMSException (com.sun.identity.sm.SMSException)2
File (java.io.File)2
FileOutputStream (java.io.FileOutputStream)2
PrintWriter (java.io.PrintWriter)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
KeyStoreException (java.security.KeyStoreException)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2
LDAPServiceException (com.iplanet.services.ldap.LDAPServiceException)1
InvalidAuthContextException (com.sun.identity.authentication.internal.InvalidAuthContextException)1
IOutput (com.sun.identity.cli.IOutput)1
InitializeSystem (com.sun.identity.cli.InitializeSystem)1
