Examples with SecurityConfig com.sequenceiq.freeipa.entity.SecurityConfig used on opensource projects

Search in sources :

Example 6 with SecurityConfig

use of com.sequenceiq.freeipa.entity.SecurityConfig in project cloudbreak by hortonworks.

the class GatewayConfigService method getSaltClientConfig.

private SaltClientConfig getSaltClientConfig(Stack stack) {
    SecurityConfig securityConfig = stack.getSecurityConfig();
    SaltSecurityConfig saltSecurityConfig = securityConfig.getSaltSecurityConfig();
    String privateKey = saltSecurityConfig.getSaltBootSignPrivateKey();
    String saltBootPassword = saltSecurityConfig.getSaltBootPassword();
    String saltPassword = saltSecurityConfig.getSaltPassword();
    return new SaltClientConfig(saltPassword, saltBootPassword, new String(Base64.decodeBase64(privateKey)));
}
Also used : SaltSecurityConfig(com.sequenceiq.freeipa.entity.SaltSecurityConfig) SecurityConfig(com.sequenceiq.freeipa.entity.SecurityConfig) SaltClientConfig(com.sequenceiq.cloudbreak.client.SaltClientConfig) SaltSecurityConfig(com.sequenceiq.freeipa.entity.SaltSecurityConfig)

Example 7 with SecurityConfig

use of com.sequenceiq.freeipa.entity.SecurityConfig in project cloudbreak by hortonworks.

the class SecurityConfigService method findOneByStack.

public SecurityConfig findOneByStack(Stack stack) {
    SecurityConfig securityConfig = securityConfigRepository.findOneByStackId(stack.getId());
    if (securityConfig != null && securityConfig.getSaltSecurityConfig() != null) {
        SaltSecurityConfig saltSecurityConfig = securityConfig.getSaltSecurityConfig();
        if (StringUtils.isAnyBlank(saltSecurityConfig.getSaltBootPasswordVault(), saltSecurityConfig.getSaltBootSignPrivateKeyVault(), saltSecurityConfig.getSaltPasswordVault(), saltSecurityConfig.getSaltSignPrivateKeyVault())) {
            LOGGER.debug("Migrate SaltSecurityConfig with id [{}] to vault", saltSecurityConfig.getId());
            if (!saltSecurityConfig.getSaltBootPassword().equals(saltSecurityConfig.getSaltBootPasswordVault())) {
                saltSecurityConfig.setSaltBootPasswordVault(saltSecurityConfig.getSaltBootPassword());
            }
            if (!saltSecurityConfig.getSaltBootSignPrivateKey().equals(saltSecurityConfig.getSaltBootSignPrivateKeyVault())) {
                saltSecurityConfig.setSaltBootSignPrivateKeyVault(saltSecurityConfig.getSaltBootSignPrivateKey());
            }
            if (!saltSecurityConfig.getSaltSignPrivateKey().equals(saltSecurityConfig.getSaltPasswordVault())) {
                saltSecurityConfig.setSaltPasswordVault(saltSecurityConfig.getSaltPassword());
            }
            if (!saltSecurityConfig.getSaltSignPrivateKey().equals(saltSecurityConfig.getSaltSignPrivateKeyVault())) {
                saltSecurityConfig.setSaltSignPrivateKeyVault(saltSecurityConfig.getSaltSignPrivateKey());
            }
            saltSecurityConfig = disabledSaltSecurityConfigRepository.save(saltSecurityConfig);
            securityConfig.setSaltSecurityConfig(saltSecurityConfig);
        }
    }
    return securityConfig;
}
Also used : SecurityConfig(com.sequenceiq.freeipa.entity.SecurityConfig) SaltSecurityConfig(com.sequenceiq.freeipa.entity.SaltSecurityConfig) SaltSecurityConfig(com.sequenceiq.freeipa.entity.SaltSecurityConfig)

Example 8 with SecurityConfig

use of com.sequenceiq.freeipa.entity.SecurityConfig in project cloudbreak by hortonworks.

the class TlsSecurityService method buildGatewayConfig.

public GatewayConfig buildGatewayConfig(Stack stack, InstanceMetaData gatewayInstance, SaltClientConfig saltClientConfig, Boolean knoxGatewayEnabled) {
    SecurityConfig securityConfig = securityConfigService.findOneByStack(stack);
    String connectionIp = getGatewayIp(securityConfig, gatewayInstance, stack);
    HttpClientConfig conf = buildTLSClientConfig(stack, connectionIp, gatewayInstance);
    SaltSecurityConfig saltSecurityConfig = securityConfig.getSaltSecurityConfig();
    String saltSignPrivateKeyB64 = saltSecurityConfig.getSaltSignPrivateKeyVault();
    GatewayConfig gatewayConfig = new GatewayConfig(connectionIp, gatewayInstance.getPublicIpWrapper(), gatewayInstance.getPrivateIp(), gatewayInstance.getDiscoveryFQDN(), getGatewayPort(stack.getGatewayport(), stack), gatewayInstance.getInstanceId(), conf.getServerCert(), conf.getClientCert(), conf.getClientKey(), saltClientConfig.getSaltPassword(), saltClientConfig.getSaltBootPassword(), saltClientConfig.getSignatureKeyPem(), knoxGatewayEnabled, InstanceMetadataType.GATEWAY_PRIMARY.equals(gatewayInstance.getInstanceMetadataType()), new String(decodeBase64(saltSignPrivateKeyB64)), new String(decodeBase64(saltSecurityConfig.getSaltSignPublicKey())), null, null);
    if (clusterProxyService.isCreateConfigForClusterProxy(stack)) {
        gatewayConfig.withPath(clusterProxyService.getProxyPathPgwAsFallBack(stack, Optional.ofNullable(gatewayInstance.getDiscoveryFQDN()))).withProtocol(clusterProxyConfiguration.getClusterProxyProtocol());
    }
    return gatewayConfig;
}
Also used : HttpClientConfig(com.sequenceiq.cloudbreak.client.HttpClientConfig) SaltSecurityConfig(com.sequenceiq.freeipa.entity.SaltSecurityConfig) SecurityConfig(com.sequenceiq.freeipa.entity.SecurityConfig) SaltSecurityConfig(com.sequenceiq.freeipa.entity.SaltSecurityConfig) GatewayConfig(com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)

Example 9 with SecurityConfig

use of com.sequenceiq.freeipa.entity.SecurityConfig in project cloudbreak by hortonworks.

the class TlsSecurityService method generateSecurityKeys.

public SecurityConfig generateSecurityKeys(String accountId) {
    SecurityConfig securityConfig = new SecurityConfig();
    securityConfig.setAccountId(accountId);
    SaltSecurityConfig saltSecurityConfig = new SaltSecurityConfig();
    saltSecurityConfig.setAccountId(accountId);
    securityConfig.setSaltSecurityConfig(saltSecurityConfig);
    generateClientKeys(securityConfig);
    generateSaltBootSignKeypair(saltSecurityConfig);
    generateSaltSignKeypair(securityConfig);
    generateSaltPassword(saltSecurityConfig);
    generateSaltBootPassword(saltSecurityConfig);
    return securityConfig;
}
Also used : SaltSecurityConfig(com.sequenceiq.freeipa.entity.SaltSecurityConfig) SecurityConfig(com.sequenceiq.freeipa.entity.SecurityConfig) SaltSecurityConfig(com.sequenceiq.freeipa.entity.SaltSecurityConfig)

Example 10 with SecurityConfig

use of com.sequenceiq.freeipa.entity.SecurityConfig in project cloudbreak by hortonworks.

the class ClusterProxyService method clientCertificates.

private ClientCertificate clientCertificates(Stack stack) {
    SecurityConfig securityConfig = securityConfigService.findOneByStack(stack);
    ClientCertificate clientCertificate = null;
    if (securityConfig != null && StringUtils.isNoneBlank(securityConfig.getClientCertVaultSecret(), securityConfig.getClientKeyVaultSecret())) {
        String clientCertRef = vaultPath(securityConfig.getClientCertVaultSecret());
        String clientKeyRef = vaultPath(securityConfig.getClientKeyVaultSecret());
        clientCertificate = new ClientCertificate(clientKeyRef, clientCertRef);
    }
    return clientCertificate;
}
Also used : SecurityConfig(com.sequenceiq.freeipa.entity.SecurityConfig) ClientCertificate(com.sequenceiq.cloudbreak.clusterproxy.ClientCertificate)

Aggregations

SecurityConfig (com.sequenceiq.freeipa.entity.SecurityConfig)11 SaltSecurityConfig (com.sequenceiq.freeipa.entity.SaltSecurityConfig)6 Stack (com.sequenceiq.freeipa.entity.Stack)4 HttpClientConfig (com.sequenceiq.cloudbreak.client.HttpClientConfig)2 GatewayConfig (com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)2 DetailedEnvironmentResponse (com.sequenceiq.environment.api.v1.environment.model.response.DetailedEnvironmentResponse)2 Credential (com.sequenceiq.freeipa.dto.Credential)2 FreeIpa (com.sequenceiq.freeipa.entity.FreeIpa)2 CcmConnectivityParameters (com.sequenceiq.cloudbreak.ccm.cloudinit.CcmConnectivityParameters)1 SaltClientConfig (com.sequenceiq.cloudbreak.client.SaltClientConfig)1 PlatformParameters (com.sequenceiq.cloudbreak.cloud.PlatformParameters)1 GetPlatformTemplateRequest (com.sequenceiq.cloudbreak.cloud.event.platform.GetPlatformTemplateRequest)1 GetCloudParameterException (com.sequenceiq.cloudbreak.cloud.service.GetCloudParameterException)1 CcmV2Config (com.sequenceiq.cloudbreak.clusterproxy.CcmV2Config)1 ClientCertificate (com.sequenceiq.cloudbreak.clusterproxy.ClientCertificate)1 ClusterServiceConfig (com.sequenceiq.cloudbreak.clusterproxy.ClusterServiceConfig)1 ClusterServiceHealthCheck (com.sequenceiq.cloudbreak.clusterproxy.ClusterServiceHealthCheck)1 ConfigRegistrationRequest (com.sequenceiq.cloudbreak.clusterproxy.ConfigRegistrationRequest)1 ConfigRegistrationResponse (com.sequenceiq.cloudbreak.clusterproxy.ConfigRegistrationResponse)1 BadRequestException (com.sequenceiq.cloudbreak.common.exception.BadRequestException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial