use of com.intel.mtwilson.as.data.TblHosts in project OpenAttestation by OpenAttestation.
the class HostTrustBO method getTrustWithCache.
public HostTrust getTrustWithCache(String host, Boolean forceVerify) {
log.info("Getting trust for host: " + host + " Force verify flag: " + forceVerify);
try {
if (forceVerify != true) {
TblHosts tblHosts = getHostByName(new Hostname(host));
if (tblHosts != null) {
TblTaLog tblTaLog = new TblTaLogJpaController(getEntityManagerFactory()).getHostTALogEntryBefore(tblHosts.getId(), getCacheStaleAfter());
if (tblTaLog != null)
return getHostTrustObj(tblTaLog);
} else {
throw new ASException(ErrorCode.AS_HOST_NOT_FOUND, host);
}
}
log.info("Getting trust status from host.");
HostTrustStatus status = getTrustStatus(new Hostname(host));
HostTrust hostTrust = new HostTrust(ErrorCode.OK, "OK");
hostTrust.setBiosStatus((status.bios) ? 1 : 0);
hostTrust.setVmmStatus((status.vmm) ? 1 : 0);
hostTrust.setIpAddress(host);
return hostTrust;
} catch (ASException e) {
log.error("Error while getting trust for host " + host, e);
return new HostTrust(e.getErrorCode(), e.getErrorMessage(), host, null, null);
} catch (Exception e) {
log.error("Error while getting trust for host " + host, e);
return new HostTrust(ErrorCode.SYSTEM_ERROR, new AuthResponse(ErrorCode.SYSTEM_ERROR, e.getMessage()).getErrorMessage(), host, null, null);
}
}
use of com.intel.mtwilson.as.data.TblHosts in project OpenAttestation by OpenAttestation.
the class HostTrustBO method getTrustWithSaml.
/**
* Returns a multi-host SAML assertion. It's similar to getTrustWithSaml(TblHosts,String)
* but it does NOT save the generated SAML assertion.
*/
public String getTrustWithSaml(Collection<TblHosts> tblHostsCollection) {
try {
//String location = hostTrustBO.getHostLocation(new Hostname(hostName)).location; // example: "San Jose"
//HostTrustStatus trustStatus = hostTrustBO.getTrustStatus(new Hostname(hostName)); // example: BIOS:1,VMM:1
ArrayList<TxtHostWithAssetTag> hostList = new ArrayList<>();
for (TblHosts tblHosts : tblHostsCollection) {
// these 3 lines equivalent of getHostWithTrust without a host-specific saml assertion table record to update
HostTrustStatus trust = getTrustStatus(tblHosts, tblHosts.getUuid_hex());
TxtHostRecord data = createTxtHostRecord(tblHosts);
TxtHost host = new TxtHost(data, trust);
// We need to add the Asset tag related data only if the host is provisioned for it. This is done
// by verifying in the asset tag certificate table.
X509AttributeCertificate tagCertificate;
AssetTagCertBO atagCertBO = new AssetTagCertBO();
MwAssetTagCertificate atagCertForHost = atagCertBO.findValidAssetTagCertForHost(tblHosts.getHardwareUuid());
if (atagCertForHost != null) {
tagCertificate = X509AttributeCertificate.valueOf(atagCertForHost.getCertificate());
} else {
tagCertificate = null;
}
/*
// We will check if the asset-tag was verified successfully for the host. If so, we need to retrieve
// all the attributes for that asset-tag and send it to the saml generator.
X509AttributeCertificate tagCertificate = null;
if (host.isAssetTagTrusted()) {
AssetTagCertBO atagCertBO = new AssetTagCertBO();
MwAssetTagCertificate atagCertForHost = atagCertBO.findValidAssetTagCertForHost(tblHosts.getHardwareUuid());
if (atagCertForHost != null) {
tagCertificate = X509AttributeCertificate.valueOf(atagCertForHost.getCertificate());
// atags.add(new AttributeOidAndValue("UUID", atagCertForHost.getUuid())); // should already be the "Subject" attribute of the certificate, if not then we need to get it from one of the cert attributes
}
}*/
TxtHostWithAssetTag hostWithAssetTag = new TxtHostWithAssetTag(host, tagCertificate);
hostList.add(hostWithAssetTag);
}
SamlAssertion samlAssertion = getSamlGenerator().generateHostAssertions(hostList);
log.debug("Expiry {}", samlAssertion.expiry_ts.toString());
return samlAssertion.assertion;
} catch (ASException e) {
// We override that here to give more specific codes when possible:
if (e.getErrorCode().equals(ErrorCode.AS_HOST_NOT_FOUND)) {
throw new WebApplicationException(Status.NOT_FOUND);
}
/*
* if( e.getErrorCode().equals(ErrorCode.TA_ERROR)) { throw new
* WebApplicationException(Status.INTERNAL_SERVER_ERROR); }
*
*/
throw e;
} catch (Exception ex) {
// throw new ASException( e);
log.error("Error during retrieval of host trust status.", ex);
throw new ASException(ErrorCode.AS_HOST_TRUST_ERROR, ex.getClass().getSimpleName());
}
}
Aggregations