Examples with ServiceLifecycleException org.apache.knox.gateway.services.ServiceLifecycleException used on opensource projects

Example 26 with ServiceLifecycleException

use of org.apache.knox.gateway.services.ServiceLifecycleException in project knox by apache.

the class CMFMasterService method setupMasterSecret.

protected void setupMasterSecret(String securityDir, String filename, boolean persisting) throws ServiceLifecycleException {
    File masterFile = new File(securityDir, filename);
    if (masterFile.exists()) {
        try {
            initializeFromMaster(masterFile);
        } catch (Exception e) {
            throw new ServiceLifecycleException("Unable to load the persisted master secret.", e);
        }
    } else {
        if (master == null) {
            displayWarning(persisting);
            promptUser();
        }
        if (persisting) {
            persistMaster(master, masterFile);
        }
    }
}

Example 27 with ServiceLifecycleException

use of org.apache.knox.gateway.services.ServiceLifecycleException in project knox by apache.

the class DefaultServiceRegistryService method setupRegistryFile.

protected void setupRegistryFile(String securityDir, String filename) throws ServiceLifecycleException {
    File registryFile = new File(securityDir, filename);
    if (registryFile.exists()) {
        try {
            String json = FileUtils.readFileToString(registryFile);
            Registry reg = (Registry) getMapFromJsonString(json);
            if (reg != null) {
                registry = reg;
            }
        } catch (Exception e) {
            throw new ServiceLifecycleException("Unable to load the persisted registry.", e);
        }
    }
    registryFileName = registryFile.getAbsolutePath();
}

Example 28 with ServiceLifecycleException

use of org.apache.knox.gateway.services.ServiceLifecycleException in project knox by apache.

the class JettySSLService method init.

@Override
public void init(GatewayConfig config, Map<String, String> options) throws ServiceLifecycleException {
    // set any JSSE or security related system properties
    System.setProperty(EPHEMERAL_DH_KEY_SIZE_PROPERTY, config.getEphemeralDHKeySize());
    try {
        if (!ks.isCredentialStoreForClusterAvailable(GATEWAY_CREDENTIAL_STORE_NAME)) {
            log.creatingCredentialStoreForGateway();
            ks.createCredentialStoreForCluster(GATEWAY_CREDENTIAL_STORE_NAME);
        // LET'S NOT GENERATE A DIFFERENT KEY PASSPHRASE BY DEFAULT ANYMORE
        // IF A DEPLOYMENT WANTS TO CHANGE THE KEY PASSPHRASE TO MAKE IT MORE SECURE THEN
        // THEY CAN ADD THE ALIAS EXPLICITLY WITH THE CLI
        // as.generateAliasForCluster(GATEWAY_CREDENTIAL_STORE_NAME, GATEWAY_IDENTITY_PASSPHRASE);
        } else {
            log.credentialStoreForGatewayFoundNotCreating();
        }
    } catch (KeystoreServiceException e) {
        throw new ServiceLifecycleException("Keystore was not loaded properly - the provided (or persisted) master secret may not match the password for the keystore.", e);
    }
    try {
        if (!ks.isKeystoreForGatewayAvailable()) {
            log.creatingKeyStoreForGateway();
            ks.createKeystoreForGateway();
            char[] passphrase = null;
            try {
                passphrase = as.getGatewayIdentityPassphrase();
            } catch (AliasServiceException e) {
                throw new ServiceLifecycleException("Error accessing credential store for the gateway.", e);
            }
            if (passphrase == null) {
                passphrase = ms.getMasterSecret();
            }
            ks.addSelfSignedCertForGateway("gateway-identity", passphrase);
        } else {
            log.keyStoreForGatewayFoundNotCreating();
        }
        logAndValidateCertificate();
    } catch (KeystoreServiceException e) {
        throw new ServiceLifecycleException("Keystore was not loaded properly - the provided (or persisted) master secret may not match the password for the keystore.", e);
    }
    keystoreType = config.getKeystoreType();
    sslIncludeCiphers = config.getIncludedSSLCiphers();
    sslExcludeCiphers = config.getExcludedSSLCiphers();
    sslExcludeProtocols = config.getExcludedSSLProtocols();
    clientAuthNeeded = config.isClientAuthNeeded();
    clientAuthWanted = config.isClientAuthWanted();
    truststorePath = config.getTruststorePath();
    trustAllCerts = config.getTrustAllCerts();
    trustStoreType = config.getTruststoreType();
}

Example 29 with ServiceLifecycleException

use of org.apache.knox.gateway.services.ServiceLifecycleException in project knox by apache.

the class DefaultTokenAuthorityService method init.

@Override
public void init(GatewayConfig config, Map<String, String> options) throws ServiceLifecycleException {
    if (as == null || ks == null) {
        throw new ServiceLifecycleException("Alias or Keystore service is not set");
    }
    signingKeyAlias = config.getSigningKeyAlias();
    @SuppressWarnings("unused") RSAPrivateKey key;
    char[] passphrase = null;
    try {
        passphrase = as.getPasswordFromAliasForGateway(SIGNING_KEY_PASSPHRASE);
        if (passphrase != null) {
            key = (RSAPrivateKey) ks.getSigningKey(getSigningKeyAlias(), passphrase);
            if (key == null) {
                throw new ServiceLifecycleException("Provisioned passphrase cannot be used to acquire signing key.");
            }
        }
    } catch (AliasServiceException e) {
        throw new ServiceLifecycleException("Provisioned signing key passphrase cannot be acquired.", e);
    } catch (KeystoreServiceException e) {
        throw new ServiceLifecycleException("Provisioned signing key passphrase cannot be acquired.", e);
    }
}

Example 30 with ServiceLifecycleException

use of org.apache.knox.gateway.services.ServiceLifecycleException in project knox by apache.

the class CryptoServiceTest method setupSuite.

@BeforeClass
public static void setupSuite() throws Exception {
    as = new AliasService() {

        @Override
        public void init(GatewayConfig config, Map<String, String> options) throws ServiceLifecycleException {
        }

        @Override
        public void start() throws ServiceLifecycleException {
        }

        @Override
        public void stop() throws ServiceLifecycleException {
        }

        @Override
        public void addAliasForCluster(String clusterName, String alias, String value) {
        }

        @Override
        public char[] getPasswordFromAliasForCluster(String clusterName, String alias) {
            return "password".toCharArray();
        }

        @Override
        public char[] getPasswordFromAliasForCluster(String clusterName, String alias, boolean generate) {
            return null;
        }

        @Override
        public void generateAliasForCluster(String clusterName, String alias) {
        }

        @Override
        public char[] getPasswordFromAliasForGateway(String alias) {
            // TODO Auto-generated method stub
            return null;
        }

        @Override
        public void generateAliasForGateway(String alias) {
        // TODO Auto-generated method stub
        }

        @Override
        public Certificate getCertificateForGateway(String alias) {
            // TODO Auto-generated method stub
            return null;
        }

        @Override
        public void removeAliasForCluster(String clusterName, String alias) {
        }

        @Override
        public List<String> getAliasesForCluster(String clusterName) {
            // TODO Auto-generated method stub
            return null;
        }

        @Override
        public char[] getGatewayIdentityPassphrase() throws AliasServiceException {
            // TODO Auto-generated method stub
            return null;
        }
    };
    cs = new DefaultCryptoService();
    ((DefaultCryptoService) cs).setAliasService(as);
}