Examples with ASException com.intel.mountwilson.as.common.ASException used on opensource projects

Example 51 with ASException

use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.

the class BulkHostTrust method getTrustSaml.

/**
         * REST Web Service Example: GET /hosts/trust?hosts=host_name_1
         * ,host_name_2,host_name_3&force_verify=true
         *
         * @param hosts
         * @param forceVerify
     * @param timeout
         * @return
         */
@GET
@Produces({ MediaType.APPLICATION_XML })
@Path("/trust/saml")
//@RolesAllowed({"Attestation", "Report"})
@RequiresPermissions("host_attestations:create,retrieve")
public String getTrustSaml(@QueryParam("hosts") String hosts, @QueryParam("force_verify") @DefaultValue("false") Boolean forceVerify, //                        @QueryParam("threads") @DefaultValue("5") Integer threads, // bug #503 max threads now global and configured in properties file
@QueryParam("timeout") @DefaultValue("600") Integer timeout) {
    ValidationUtil.validate(hosts);
    Integer myTimeOut = timeout;
    // Modified the default time out back to 600 seconds as we are seeing time out issues. 30 seconds short for VMware hosts.
    if (timeout == 600) {
        log.info("getTrustSaml called with default timeout, checking config");
        myTimeOut = ASConfig.getConfiguration().getInt("com.intel.mountwilson.as.attestation.hostTimeout", 600);
        log.debug("getTrustSaml config returned back" + myTimeOut);
    }
    if (hosts == null || hosts.length() == 0) {
        throw new ASException(com.intel.mtwilson.datatypes.ErrorCode.AS_MISSING_INPUT, "hosts");
    }
    Set<String> hostSet = new HashSet<String>();
    // bug #783  make sure that we only pass to the next layer hostnames that are likely to be valid 
    for (String host : Arrays.asList(hosts.split(","))) {
        log.debug("Host: '{}'", host);
        if (!(host.trim().isEmpty() || host.trim() == null)) {
            hostSet.add(host.trim());
        }
    }
    BulkHostTrustBO bulkHostTrustBO = new BulkHostTrustBO(/*threads, */
    myTimeOut);
    String result = bulkHostTrustBO.getBulkTrustSaml(hostSet, forceVerify);
    return result;
}

Example 52 with ASException

use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.

the class HostTrustBO method getTrustWithCache.

public HostTrust getTrustWithCache(String host, Boolean forceVerify) {
    log.info("Getting trust for host: " + host + " Force verify flag: " + forceVerify);
    try {
        if (forceVerify != true) {
            TblHosts tblHosts = getHostByName(new Hostname(host));
            if (tblHosts != null) {
                TblTaLog tblTaLog = new TblTaLogJpaController(getEntityManagerFactory()).getHostTALogEntryBefore(tblHosts.getId(), getCacheStaleAfter());
                if (tblTaLog != null)
                    return getHostTrustObj(tblTaLog);
            } else {
                throw new ASException(ErrorCode.AS_HOST_NOT_FOUND, host);
            }
        }
        log.info("Getting trust status from host.");
        HostTrustStatus status = getTrustStatus(new Hostname(host));
        HostTrust hostTrust = new HostTrust(ErrorCode.OK, "OK");
        hostTrust.setBiosStatus((status.bios) ? 1 : 0);
        hostTrust.setVmmStatus((status.vmm) ? 1 : 0);
        hostTrust.setIpAddress(host);
        return hostTrust;
    } catch (ASException e) {
        log.error("Error while getting trust for host " + host, e);
        return new HostTrust(e.getErrorCode(), e.getErrorMessage(), host, null, null);
    } catch (Exception e) {
        log.error("Error while getting trust for host " + host, e);
        return new HostTrust(ErrorCode.SYSTEM_ERROR, new AuthResponse(ErrorCode.SYSTEM_ERROR, e.getMessage()).getErrorMessage(), host, null, null);
    }
}

Example 53 with ASException

use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.

the class HostTrustBO method getTrustWithSaml.

/**
     * Returns a multi-host SAML assertion.  It's similar to getTrustWithSaml(TblHosts,String)
     * but it does NOT save the generated SAML assertion.
     */
public String getTrustWithSaml(Collection<TblHosts> tblHostsCollection) {
    try {
        //String location = hostTrustBO.getHostLocation(new Hostname(hostName)).location; // example: "San Jose"
        //HostTrustStatus trustStatus = hostTrustBO.getTrustStatus(new Hostname(hostName)); // example:  BIOS:1,VMM:1
        ArrayList<TxtHostWithAssetTag> hostList = new ArrayList<>();
        for (TblHosts tblHosts : tblHostsCollection) {
            // these 3 lines equivalent of getHostWithTrust without a host-specific saml assertion table record to update 
            HostTrustStatus trust = getTrustStatus(tblHosts, tblHosts.getUuid_hex());
            TxtHostRecord data = createTxtHostRecord(tblHosts);
            TxtHost host = new TxtHost(data, trust);
            // We need to add the Asset tag related data only if the host is provisioned for it. This is done
            // by verifying in the asset tag certificate table. 
            X509AttributeCertificate tagCertificate;
            AssetTagCertBO atagCertBO = new AssetTagCertBO();
            MwAssetTagCertificate atagCertForHost = atagCertBO.findValidAssetTagCertForHost(tblHosts.getHardwareUuid());
            if (atagCertForHost != null) {
                tagCertificate = X509AttributeCertificate.valueOf(atagCertForHost.getCertificate());
            } else {
                tagCertificate = null;
            }
            /*
                // We will check if the asset-tag was verified successfully for the host. If so, we need to retrieve
                // all the attributes for that asset-tag and send it to the saml generator.
                X509AttributeCertificate tagCertificate = null; 
                if (host.isAssetTagTrusted()) {
                    AssetTagCertBO atagCertBO = new AssetTagCertBO();
                    MwAssetTagCertificate atagCertForHost = atagCertBO.findValidAssetTagCertForHost(tblHosts.getHardwareUuid());
                    if (atagCertForHost != null) {
                        tagCertificate = X509AttributeCertificate.valueOf(atagCertForHost.getCertificate());
//                        atags.add(new AttributeOidAndValue("UUID", atagCertForHost.getUuid())); // should already be the "Subject" attribute of the certificate, if not then we need to get it from one of the cert attributes
                    }
                }*/
            TxtHostWithAssetTag hostWithAssetTag = new TxtHostWithAssetTag(host, tagCertificate);
            hostList.add(hostWithAssetTag);
        }
        SamlAssertion samlAssertion = getSamlGenerator().generateHostAssertions(hostList);
        log.debug("Expiry {}", samlAssertion.expiry_ts.toString());
        return samlAssertion.assertion;
    } catch (ASException e) {
        // We override that here to give more specific codes when possible:
        if (e.getErrorCode().equals(ErrorCode.AS_HOST_NOT_FOUND)) {
            throw new WebApplicationException(Status.NOT_FOUND);
        }
        /*
             * if( e.getErrorCode().equals(ErrorCode.TA_ERROR)) { throw new
             * WebApplicationException(Status.INTERNAL_SERVER_ERROR); }
             *
             */
        throw e;
    } catch (Exception ex) {
        // throw new ASException( e);
        log.error("Error during retrieval of host trust status.", ex);
        throw new ASException(ErrorCode.AS_HOST_TRUST_ERROR, ex.getClass().getSimpleName());
    }
}

Example 54 with ASException

use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.

the class HostTrustBO method getPollHosts.

public OpenStackHostTrustLevelReport getPollHosts(OpenStackHostTrustLevelQuery input) {
    OpenStackHostTrustLevelReport hostTrusts = new OpenStackHostTrustLevelReport();
    Date today = new Date(System.currentTimeMillis());
    String trustLevel;
    // fetch pcr value from host agent in parallel
    for (final Hostname hostName : input.hosts) {
        hostStatus.put(hostName.getHostname(), "");
        Thread thread = new Thread() {

            public void run() {
                try {
                    String hostTrustStatus = getTrustStatusString(hostName);
                    log.info("The trust status of {} is :{}", new String[] { hostName.toString(), hostTrustStatus });
                    hostStatus.put(hostName.getHostname(), hostTrustStatus);
                } catch (ASException e) {
                    log.error("Error while getting status of host " + hostName, e);
                    hostStatus.put(hostName.getHostname(), "unknown");
                } catch (Exception e) {
                    log.error("Error while getting status of host " + hostName, e);
                    hostStatus.put(hostName.getHostname(), "unknown");
                }
            }
        };
        thread.start();
    }
    while (!isAllAttested(input)) {
        try {
            Thread.sleep(ASConfig.getTrustAgentSleepTimeinMilliSecs());
        } catch (InterruptedException e) {
            log.error("Error while sleeping " + e);
        }
    }
    for (Hostname hostName : input.hosts) {
        try {
            String hostTrustStatus = hostStatus.get(hostName.getHostname());
            log.info("The trust status of {} is :{}", new String[] { hostName.toString(), hostTrustStatus });
            if (hostTrustStatus == "unknown") {
                trustLevel = "unknown";
            } else {
                log.debug("Processing hostTrustStatus String: {}", hostTrustStatus);
                trustLevel = parseTrustStatus(hostTrustStatus);
                log.debug("Trust level obtained: {}", hostTrustStatus);
            }
        } catch (ASException e) {
            log.error("Error while getting trust of host " + hostName, e);
            trustLevel = "unknown";
        } catch (Exception e) {
            log.error("Error while getting trust of host " + hostName, e);
            trustLevel = "unknown";
        }
        HostTrustLevel1String trust = new HostTrustLevel1String();
        trust.hostname = hostName.toString();
        trust.trustLevel = trustLevel;
        trust.vtime = today;
        // trust.timestamp = Util.getDateString(today);
        // hostTrusts.pollHosts.put(hostName, trust);
        hostTrusts.pollHosts.add(trust);
    }
    return hostTrusts;
}

Example 55 with ASException

use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.

the class CitrixClient method init.

public void init() {
    boolean foundAllRequiredFiles = true;
    String[] required = new String[] { aikverifyhome, opensslCmd, aikverifyhomeData };
    for (String filename : required) {
        File file = new File(filename);
        if (!file.exists()) {
            log.info(String.format("Invalid service configuration: Cannot find %s", filename));
            foundAllRequiredFiles = false;
        }
    }
    if (!foundAllRequiredFiles) {
        throw new ASException(ErrorCode.AS_CONFIGURATION_ERROR, "Cannot find aikverify files");
    }
    // we must be able to write to the data folder in order to save certificates, nones, public keys, etc.
    //log.info("stdalex-error checking to see if we can write to " + aikverifyhomeData);
    File datafolder = new File(aikverifyhomeData);
    if (!datafolder.canWrite()) {
        throw new ASException(ErrorCode.AS_CONFIGURATION_ERROR, String.format(" Cannot write to %s", aikverifyhomeData));
    }
}