use of com.emc.storageos.security.exceptions.SecurityException in project coprhd-controller by CoprHD.
the class KeystoreTest method testZookeeperKeystore.
@Test
public void testZookeeperKeystore() throws IOException {
DistributedKeyStore zookeeperKeystore = new DistributedKeyStoreImpl();
boolean exceptionThrown = false;
try {
zookeeperKeystore.init(invalidLoadStoreParam);
} catch (SecurityException e) {
exceptionThrown = true;
}
Assert.assertTrue(exceptionThrown);
zookeeperKeystore.init(loadStoreParam);
// this is in case this test was run previously
zookeeperKeystore.setTrustedCertificates(null);
KeyCertificateEntry origEntry = gen.generateKeyCertificatePair();
origEntry.setCreationDate(new Date());
zookeeperKeystore.setKeyCertificatePair(origEntry);
KeyCertificateEntry storedEntry = zookeeperKeystore.getKeyCertificatePair();
assertKeyCertificateEntriesEquals(origEntry, storedEntry);
origEntry = gen.generateKeyCertificatePair();
TrustedCertificateEntry origCertEntry = new TrustedCertificateEntry(origEntry.getCertificateChain()[0], new Date());
Map<String, TrustedCertificateEntry> origCertEntries = new HashMap<String, TrustedCertificateEntry>();
origCertEntries.put("trustedCert1", origCertEntry);
zookeeperKeystore.addTrustedCertificate("trustedCert1", origCertEntry);
origEntry = gen.generateKeyCertificatePair();
origCertEntry = new TrustedCertificateEntry(origEntry.getCertificateChain()[0], new Date());
origCertEntries.put("trustedCert2", origCertEntry);
zookeeperKeystore.addTrustedCertificate("trustedCert2", origCertEntry);
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
origEntry = gen.generateKeyCertificatePair();
origCertEntry = new TrustedCertificateEntry(origEntry.getCertificateChain()[0], new Date());
origCertEntries.put("trustedCert3", origCertEntry);
zookeeperKeystore.setTrustedCertificates(origCertEntries);
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
origCertEntries.remove("trustedCert3");
zookeeperKeystore.setTrustedCertificates(origCertEntries);
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
origCertEntries.remove("trustedCert2");
zookeeperKeystore.removeTrustedCertificate("trustedCert2");
assertTrustedCertsEquals(origCertEntries, zookeeperKeystore.getTrustedCertificates());
zookeeperKeystore.removeTrustedCertificate("trustedCert10");
}
use of com.emc.storageos.security.exceptions.SecurityException in project coprhd-controller by CoprHD.
the class CassandraTokenManager method getProxyToken.
/**
* Gets a proxy token for the given user
* If a proxy token for the given user already exists, it will be reused
*
* @return proxy-token
*/
@Override
public String getProxyToken(StorageOSUserDAO userDAO) {
InterProcessLock userLock = null;
try {
userLock = _coordinator.getLock(userDAO.getUserName());
if (userLock == null) {
_log.error("Could not acquire lock for user: {}", userDAO.getUserName());
throw SecurityException.fatals.couldNotAcquireLockForUser(userDAO.getUserName());
}
userLock.acquire();
// Look for proxy tokens based on that username.
// If any is found, use that. Else, create a new one.
ProxyToken proxyToken = getProxyTokenForUserName(userDAO.getUserName());
if (proxyToken != null) {
_log.debug("Found proxy token {} for user {}. Reusing...", proxyToken.getId(), userDAO.getUserName());
return _tokenEncoder.encode(TokenOnWire.createTokenOnWire(proxyToken));
}
// No proxy token found for this user. Create a new one.
// Create the actual proxy token
ProxyToken pToken = new ProxyToken();
pToken.setId(URIUtil.createId(ProxyToken.class));
pToken.addKnownId(userDAO.getId());
pToken.setUserName(userDAO.getUserName());
// for now
pToken.setZoneId("zone1");
pToken.setIssuedTime(getCurrentTimeInMins());
pToken.setLastValidatedTime(getCurrentTimeInMins());
_dbClient.persistObject(pToken);
return _tokenEncoder.encode(TokenOnWire.createTokenOnWire(pToken));
} catch (DatabaseException ex) {
_log.error("DatabaseException while persisting proxy token", ex);
} catch (SecurityException ex) {
_log.error("Proxy Token encoding exception. ", ex);
} catch (Exception ex) {
_log.error("Could not acquire lock while trying to get a proxy token.", ex);
} finally {
try {
if (userLock != null) {
userLock.release();
}
} catch (Exception ex) {
_log.error("Unable to release proxytoken creation lock", ex);
}
}
return null;
}
use of com.emc.storageos.security.exceptions.SecurityException in project coprhd-controller by CoprHD.
the class CassandraTokenManager method deleteToken.
/**
* Remove token from database if valid.
*/
@Override
public void deleteToken(String tokenIn) {
try {
if (tokenIn == null) {
_log.error("Null token passed for deletion");
return;
}
URI tkId = _tokenEncoder.decode(tokenIn).getTokenId();
Token verificationToken = _dbClient.queryObject(Token.class, tkId);
if (verificationToken == null) {
_log.error("Could not fetch token from the database: {}", tkId);
return;
}
deleteTokenInternal(verificationToken);
} catch (DatabaseException ex) {
throw SecurityException.fatals.databseExceptionDuringTokenDeletion(tokenIn, ex);
} catch (SecurityException e) {
_log.error("Token decoding exception during deleteToken.", e);
}
}
Aggregations