Example 6 with SecurityException
use of com.emc.storageos.security.exceptions.SecurityException in project coprhd-controller by CoprHD.
the class KeystoreTest method testZookeeperKeystore.
@Test
public void testZookeeperKeystore() throws IOException {
DistributedKeyStore zookeeperKeystore = new DistributedKeyStoreImpl();
boolean exceptionThrown = false;
try {
zookeeperKeystore.init(invalidLoadStoreParam);
} catch (SecurityException e) {
exceptionThrown = true;
}
Assert.assertTrue(exceptionThrown);
zookeeperKeystore.init(loadStoreParam);
// this is in case this test was run previously
zookeeperKeystore.setTrustedCertificates(null);
KeyCertificateEntry origEntry = gen.generateKeyCertificatePair();
origEntry.setCreationDate(new Date());
zookeeperKeystore.setKeyCertificatePair(origEntry);
KeyCertificateEntry storedEntry = zookeeperKeystore.getKeyCertificatePair();
assertKeyCertificateEntriesEquals(origEntry, storedEntry);
origEntry = gen.generateKeyCertificatePair();
TrustedCertificateEntry origCertEntry = new TrustedCertificateEntry(origEntry.getCertificateChain()[0], new Date());
Map<String, TrustedCertificateEntry> origCertEntries = new HashMap<String, TrustedCertificateEntry>();
origCertEntries.put("trustedCert1", origCertEntry);
zookeeperKeystore.addTrustedCertificate("trustedCert1", origCertEntry);
origEntry = gen.generateKeyCertificatePair();
origCertEntry = new TrustedCertificateEntry(origEntry.getCertificateChain()[0], new Date());
origCertEntries.put("trustedCert2", origCertEntry);
zookeeperKeystore.addTrustedCertificate("trustedCert2", origCertEntry);
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
origEntry = gen.generateKeyCertificatePair();
origCertEntry = new TrustedCertificateEntry(origEntry.getCertificateChain()[0], new Date());
origCertEntries.put("trustedCert3", origCertEntry);
zookeeperKeystore.setTrustedCertificates(origCertEntries);
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
origCertEntries.remove("trustedCert3");
zookeeperKeystore.setTrustedCertificates(origCertEntries);
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
origCertEntries.remove("trustedCert2");
zookeeperKeystore.removeTrustedCertificate("trustedCert2");
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
zookeeperKeystore.removeTrustedCertificate("trustedCert10");
}
Also used :
DistributedKeyStoreImpl(com.emc.storageos.security.keystore.impl.DistributedKeyStoreImpl)
HashMap(java.util.HashMap)
SecurityException(com.emc.storageos.security.exceptions.SecurityException)
KeyCertificateEntry(com.emc.storageos.security.keystore.impl.KeyCertificateEntry)
Date(java.util.Date)
TrustedCertificateEntry(com.emc.storageos.security.keystore.impl.TrustedCertificateEntry)
Test(org.junit.Test)
Example 7 with SecurityException
use of com.emc.storageos.security.exceptions.SecurityException in project coprhd-controller by CoprHD.
the class CassandraTokenManager method getProxyToken.
/**
* Gets a proxy token for the given user
* If a proxy token for the given user already exists, it will be reused
*
* @return proxy-token
*/
@Override
public String getProxyToken(StorageOSUserDAO userDAO) {
InterProcessLock userLock = null;
try {
userLock = _coordinator.getLock(userDAO.getUserName());
if (userLock == null) {
_log.error("Could not acquire lock for user: {}", userDAO.getUserName());
throw SecurityException.fatals.couldNotAcquireLockForUser(userDAO.getUserName());
}
userLock.acquire();
// Look for proxy tokens based on that username.
// If any is found, use that. Else, create a new one.
ProxyToken proxyToken = getProxyTokenForUserName(userDAO.getUserName());
if (proxyToken != null) {
_log.debug("Found proxy token {} for user {}. Reusing...", proxyToken.getId(), userDAO.getUserName());
return _tokenEncoder.encode(TokenOnWire.createTokenOnWire(proxyToken));
}
// No proxy token found for this user. Create a new one.
// Create the actual proxy token
ProxyToken pToken = new ProxyToken();
pToken.setId(URIUtil.createId(ProxyToken.class));
pToken.addKnownId(userDAO.getId());
pToken.setUserName(userDAO.getUserName());
// for now
pToken.setZoneId("zone1");
pToken.setIssuedTime(getCurrentTimeInMins());
pToken.setLastValidatedTime(getCurrentTimeInMins());
_dbClient.persistObject(pToken);
return _tokenEncoder.encode(TokenOnWire.createTokenOnWire(pToken));
} catch (DatabaseException ex) {
_log.error("DatabaseException while persisting proxy token", ex);
} catch (SecurityException ex) {
_log.error("Proxy Token encoding exception. ", ex);
} catch (Exception ex) {
_log.error("Could not acquire lock while trying to get a proxy token.", ex);
} finally {
try {
if (userLock != null) {
userLock.release();
}
} catch (Exception ex) {
_log.error("Unable to release proxytoken creation lock", ex);
}
}
return null;
}
Also used :
ProxyToken(com.emc.storageos.db.client.model.ProxyToken)
InterProcessLock(org.apache.curator.framework.recipes.locks.InterProcessLock)
SecurityException(com.emc.storageos.security.exceptions.SecurityException)
DatabaseException(com.emc.storageos.db.exceptions.DatabaseException)
APIException(com.emc.storageos.svcs.errorhandling.resources.APIException)
DatabaseException(com.emc.storageos.db.exceptions.DatabaseException)
SecurityException(com.emc.storageos.security.exceptions.SecurityException)
Example 8 with SecurityException
use of com.emc.storageos.security.exceptions.SecurityException in project coprhd-controller by CoprHD.
the class CassandraTokenManager method deleteToken.
/**
* Remove token from database if valid.
*/
@Override
public void deleteToken(String tokenIn) {
try {
if (tokenIn == null) {
_log.error("Null token passed for deletion");
return;
}
URI tkId = _tokenEncoder.decode(tokenIn).getTokenId();
Token verificationToken = _dbClient.queryObject(Token.class, tkId);
if (verificationToken == null) {
_log.error("Could not fetch token from the database: {}", tkId);
return;
}
deleteTokenInternal(verificationToken);
} catch (DatabaseException ex) {
throw SecurityException.fatals.databseExceptionDuringTokenDeletion(tokenIn, ex);
} catch (SecurityException e) {
_log.error("Token decoding exception during deleteToken.", e);
}
}
Also used :
ProxyToken(com.emc.storageos.db.client.model.ProxyToken)
Token(com.emc.storageos.db.client.model.Token)
SecurityException(com.emc.storageos.security.exceptions.SecurityException)
URI(java.net.URI)
DatabaseException(com.emc.storageos.db.exceptions.DatabaseException)
Aggregations
SecurityException (com.emc.storageos.security.exceptions.SecurityException)8
ProxyToken (com.emc.storageos.db.client.model.ProxyToken)3
DatabaseException (com.emc.storageos.db.exceptions.DatabaseException)3
KeyCertificateEntry (com.emc.storageos.security.keystore.impl.KeyCertificateEntry)3
Test (org.junit.Test)3
Token (com.emc.storageos.db.client.model.Token)2
DistributedKeyStoreImpl (com.emc.storageos.security.keystore.impl.DistributedKeyStoreImpl)2
TrustedCertificateEntry (com.emc.storageos.security.keystore.impl.TrustedCertificateEntry)2
APIException (com.emc.storageos.svcs.errorhandling.resources.APIException)2
URI (java.net.URI)2
Date (java.util.Date)2
DecommissionedConstraint (com.emc.storageos.db.client.constraint.DecommissionedConstraint)1
StorageOSUserDAO (com.emc.storageos.db.client.model.StorageOSUserDAO)1
KeyCertificatePairGenerator (com.emc.storageos.security.keystore.impl.KeyCertificatePairGenerator)1
SecurityProvider (com.emc.storageos.security.keystore.impl.SecurityProvider)1
BadRequestException (com.emc.storageos.svcs.errorhandling.resources.BadRequestException)1
GeneralSecurityException (java.security.GeneralSecurityException)1
KeyStore (java.security.KeyStore)1
PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)1
KeyStoreException (java.security.KeyStoreException)1
