Examples with DefaultClientConfiguration eu.unicore.util.httpclient.DefaultClientConfiguration used on opensource projects

Example 1 with DefaultClientConfiguration

use of eu.unicore.util.httpclient.DefaultClientConfiguration in project airavata by apache.

the class BESJobSubmissionTask method getSecurityConfig.

private DefaultClientConfiguration getSecurityConfig(ProcessContext pc) throws GFacException {
    DefaultClientConfiguration clientConfig = null;
    try {
        UNICORESecurityContext unicoreSecurityContext = SecurityUtils.getSecurityContext(pc);
        UserConfigurationDataModel userConfigDataModel = (UserConfigurationDataModel) pc.getExperimentCatalog().get(ExperimentCatalogModelType.USER_CONFIGURATION_DATA, pc.getExperimentId());
        // FIXME - remove following setter lines, and use original value comes with user configuration data model.
        userConfigDataModel.setGenerateCert(true);
        // userConfigDataModel.setUserDN("CN=swus3, O=Ultrascan Gateway, C=DE");
        if (userConfigDataModel.isGenerateCert()) {
            clientConfig = unicoreSecurityContext.getDefaultConfiguration(false, userConfigDataModel);
        } else {
            clientConfig = unicoreSecurityContext.getDefaultConfiguration(false);
        }
    } catch (RegistryException e) {
        throw new GFacException("Error! reading user configuration data from registry", e);
    } catch (ApplicationSettingsException e) {
        throw new GFacException("Error! retrieving default client configurations", e);
    }
    return clientConfig;
}

Example 2 with DefaultClientConfiguration

use of eu.unicore.util.httpclient.DefaultClientConfiguration in project airavata by apache.

the class UNICORESecurityContext method getDefaultConfiguration.

public DefaultClientConfiguration getDefaultConfiguration(Boolean enableMessageLogging, UserConfigurationData userData) throws GFacException, ApplicationSettingsException {
    X509Credential cred = null;
    try {
        boolean genCert = userData.isGenerateCert();
        if (genCert) {
            String userDN = userData.getUserDN();
            if (userDN == null && "".equals(userDN)) {
                log.warn("Cannot generate cert, falling back to container configured MyProxy credentials");
                return getDefaultConfiguration(enableMessageLogging);
            } else {
                log.info("Generating X.509 certificate for: " + userDN);
                try {
                    String caCertPath = ServerSettings.getSetting(BESConstants.PROP_CA_CERT_PATH, "");
                    String caKeyPath = ServerSettings.getSetting(BESConstants.PROP_CA_KEY_PATH, "");
                    String caKeyPass = ServerSettings.getSetting(BESConstants.PROP_CA_KEY_PASS, "");
                    if (caCertPath.equals("") || caKeyPath.equals("")) {
                        throw new Exception("CA certificate or key file path missing in the properties file. " + "Please make sure " + BESConstants.PROP_CA_CERT_PATH + " or " + BESConstants.PROP_CA_KEY_PATH + " are not empty.");
                    }
                    if ("".equals(caKeyPass)) {
                        log.warn("Caution: CA key has no password. For security reasons it is highly recommended to set a CA key password");
                    }
                    cred = generateShortLivedCredential(userDN, caCertPath, caKeyPath, caKeyPass);
                } catch (Exception e) {
                    throw new GFacProviderException("Error occured while generating a short lived credential for user:" + userDN, e);
                }
            }
        } else {
            return getDefaultConfiguration(enableMessageLogging);
        }
        secProperties = new DefaultClientConfiguration(dcValidator, cred);
        setExtraSettings();
    } catch (Exception e) {
        throw new GFacException(e.getMessage(), e);
    }
    secProperties.getETDSettings().setExtendTrustDelegation(true);
    if (enableMessageLogging)
        secProperties.setMessageLogging(true);
    // secProperties.setDoSignMessage(true);
    secProperties.getETDSettings().setIssuerCertificateChain(secProperties.getCredential().getCertificateChain());
    return secProperties;
}

Example 3 with DefaultClientConfiguration

use of eu.unicore.util.httpclient.DefaultClientConfiguration in project airavata by apache.

the class UNICORESecurityContext method getDefaultConfiguration.

/**
 * Get client configuration from MyProxy credentials.
 *
 * @return an instance of the default client configuration
 * @throws GFacException
 * @throws ApplicationSettingsException
 * @throws GFacException, ApplicationSettingsException
 */
public DefaultClientConfiguration getDefaultConfiguration(Boolean enableMessageLogging) throws GFacException, ApplicationSettingsException {
    try {
        X509Credential cred = getX509Credentials();
        secProperties = new DefaultClientConfiguration(dcValidator, cred);
        setExtraSettings();
    } catch (Exception e) {
        throw new GFacException(e.getMessage(), e);
    }
    secProperties.getETDSettings().setExtendTrustDelegation(true);
    if (enableMessageLogging)
        secProperties.setMessageLogging(true);
    // secProperties.setMessageLogging(true);
    // secProperties.setDoSignMessage(true);
    secProperties.getETDSettings().setIssuerCertificateChain(secProperties.getCredential().getCertificateChain());
    return secProperties;
}

Example 4 with DefaultClientConfiguration

use of eu.unicore.util.httpclient.DefaultClientConfiguration in project airavata by apache.

the class UNICORESecurityContext method getServerSignedConfiguration.

/**
 * Get server signed credentials. Each time it is invoked new certificate
 * is returned.
 *
 * @param userID
 * @param userDN
 * @param caCertPath
 * @param caKeyPath
 * @param caKeyPwd
 * @return
 * @throws GFacException
 */
public DefaultClientConfiguration getServerSignedConfiguration(String userID, String userDN, String caCertPath, String caKeyPath, String caKeyPwd) throws GFacException {
    try {
        KeyAndCertCredential cred = SecurityUtils.generateShortLivedCertificate(userDN, caCertPath, caKeyPath, caKeyPwd);
        secProperties = new DefaultClientConfiguration(dcValidator, cred);
        setExtraSettings();
    } catch (Exception e) {
        throw new GFacException(e.getMessage(), e);
    }
    return secProperties;
}

Example 5 with DefaultClientConfiguration

use of eu.unicore.util.httpclient.DefaultClientConfiguration in project airavata by apache.

the class UNICORESecurityContext method getDefaultConfiguration.

public DefaultClientConfiguration getDefaultConfiguration(Boolean enableMessageLogging) throws GFacException, ApplicationSettingsException {
    try {
        X509Credential cred = getX509Credentials();
        secProperties = new DefaultClientConfiguration(dcValidator, cred);
        setExtraSettings();
    } catch (Exception e) {
        throw new GFacException(e.getMessage(), e);
    }
    if (enableMessageLogging)
        secProperties.setMessageLogging(true);
    return secProperties;
}