Example 1 with KeystoreServiceException
use of org.apache.knox.gateway.services.security.KeystoreServiceException in project knox by apache.
the class DefaultAliasService method getPasswordFromAliasForCluster.
/* (non-Javadoc)
* @see org.apache.knox.gateway.services.security.impl.AliasService#getAliasForCluster(java.lang.String, java.lang.String, boolean)
*/
@Override
public char[] getPasswordFromAliasForCluster(String clusterName, String alias, boolean generate) throws AliasServiceException {
char[] credential = null;
try {
credential = keystoreService.getCredentialForCluster(clusterName, alias);
if (credential == null) {
if (generate) {
generateAliasForCluster(clusterName, alias);
credential = keystoreService.getCredentialForCluster(clusterName, alias);
}
}
} catch (KeystoreServiceException e) {
LOG.failedToGetCredentialForCluster(clusterName, e);
throw new AliasServiceException(e);
}
return credential;
}
Also used :
AliasServiceException(org.apache.knox.gateway.services.security.AliasServiceException)
KeystoreServiceException(org.apache.knox.gateway.services.security.KeystoreServiceException)
Example 2 with KeystoreServiceException
use of org.apache.knox.gateway.services.security.KeystoreServiceException in project knox by apache.
the class DefaultAliasService method generateAliasForCluster.
@Override
public void generateAliasForCluster(String clusterName, String alias) throws AliasServiceException {
try {
keystoreService.getCredentialStoreForCluster(clusterName);
} catch (KeystoreServiceException e) {
LOG.failedToGenerateAliasForCluster(clusterName, e);
throw new AliasServiceException(e);
}
String passwordString = generatePassword(16);
addAliasForCluster(clusterName, alias, passwordString);
}
Also used :
AliasServiceException(org.apache.knox.gateway.services.security.AliasServiceException)
KeystoreServiceException(org.apache.knox.gateway.services.security.KeystoreServiceException)
Example 3 with KeystoreServiceException
use of org.apache.knox.gateway.services.security.KeystoreServiceException in project knox by apache.
the class DefaultAliasService method getAliasesForCluster.
/* (non-Javadoc)
* @see AliasService#getAliasesForCluster(java.lang.String)
*/
@Override
public List<String> getAliasesForCluster(String clusterName) {
ArrayList<String> list = new ArrayList<String>();
KeyStore keyStore;
try {
keyStore = keystoreService.getCredentialStoreForCluster(clusterName);
if (keyStore != null) {
String alias = null;
try {
Enumeration<String> e = keyStore.aliases();
while (e.hasMoreElements()) {
alias = e.nextElement();
// only include the metadata key names in the list of names
if (!alias.contains("@")) {
list.add(alias);
}
}
} catch (KeyStoreException e) {
LOG.failedToGetCredentialForCluster(clusterName, e);
}
}
} catch (KeystoreServiceException kse) {
LOG.failedToGetCredentialForCluster(clusterName, kse);
}
return list;
}
Also used :
ArrayList(java.util.ArrayList)
KeyStoreException(java.security.KeyStoreException)
KeystoreServiceException(org.apache.knox.gateway.services.security.KeystoreServiceException)
KeyStore(java.security.KeyStore)
Example 4 with KeystoreServiceException
use of org.apache.knox.gateway.services.security.KeystoreServiceException in project knox by apache.
the class DefaultKeystoreService method init.
@Override
public void init(GatewayConfig config, Map<String, String> options) throws ServiceLifecycleException {
ReadWriteLock lock = new ReentrantReadWriteLock(true);
readLock = lock.readLock();
writeLock = lock.writeLock();
this.keyStoreDir = config.getGatewaySecurityDir() + File.separator + "keystores" + File.separator;
File ksd = new File(this.keyStoreDir);
if (!ksd.exists()) {
if (!ksd.mkdirs()) {
throw new ServiceLifecycleException(RES.failedToCreateKeyStoreDirectory(ksd.getAbsolutePath()));
}
}
signingKeystoreName = config.getSigningKeystoreName();
// ensure that the keystore actually exists and fail to start if not
if (signingKeystoreName != null) {
File sks = new File(this.keyStoreDir, signingKeystoreName);
if (!sks.exists()) {
throw new ServiceLifecycleException("Configured signing keystore does not exist.");
}
signingKeyAlias = config.getSigningKeyAlias();
if (signingKeyAlias != null) {
// ensure that the signing key alias exists in the configured keystore
KeyStore ks;
try {
ks = getSigningKeystore();
if (ks != null) {
if (!ks.containsAlias(signingKeyAlias)) {
throw new ServiceLifecycleException("Configured signing key alias does not exist.");
}
}
} catch (KeystoreServiceException e) {
throw new ServiceLifecycleException("Unable to get the configured signing keystore.", e);
} catch (KeyStoreException e) {
throw new ServiceLifecycleException("Signing keystore has not been loaded.", e);
}
}
}
}
Also used :
ReentrantReadWriteLock(java.util.concurrent.locks.ReentrantReadWriteLock)
ReadWriteLock(java.util.concurrent.locks.ReadWriteLock)
ServiceLifecycleException(org.apache.knox.gateway.services.ServiceLifecycleException)
KeyStoreException(java.security.KeyStoreException)
ReentrantReadWriteLock(java.util.concurrent.locks.ReentrantReadWriteLock)
KeystoreServiceException(org.apache.knox.gateway.services.security.KeystoreServiceException)
File(java.io.File)
KeyStore(java.security.KeyStore)
Example 5 with KeystoreServiceException
use of org.apache.knox.gateway.services.security.KeystoreServiceException in project knox by apache.
the class DefaultKeystoreService method isKeystoreForGatewayAvailable.
@Override
public boolean isKeystoreForGatewayAvailable() throws KeystoreServiceException {
boolean rc = false;
final File keyStoreFile = new File(keyStoreDir + GATEWAY_KEYSTORE);
readLock.lock();
try {
try {
rc = isKeystoreAvailable(keyStoreFile, "JKS");
} catch (KeyStoreException e) {
throw new KeystoreServiceException(e);
} catch (IOException e) {
throw new KeystoreServiceException(e);
}
return rc;
} finally {
readLock.unlock();
}
}
Also used :
KeyStoreException(java.security.KeyStoreException)
IOException(java.io.IOException)
KeystoreServiceException(org.apache.knox.gateway.services.security.KeystoreServiceException)
File(java.io.File)
Aggregations
KeystoreServiceException (org.apache.knox.gateway.services.security.KeystoreServiceException)15
KeyStoreException (java.security.KeyStoreException)7
AliasServiceException (org.apache.knox.gateway.services.security.AliasServiceException)6
File (java.io.File)5
IOException (java.io.IOException)4
KeyStore (java.security.KeyStore)4
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4
ServiceLifecycleException (org.apache.knox.gateway.services.ServiceLifecycleException)3
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
InvalidKeyException (java.security.InvalidKeyException)2
Signature (java.security.Signature)2
SignatureException (java.security.SignatureException)2
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)2
TokenServiceException (org.apache.knox.gateway.services.security.token.TokenServiceException)2
JWSSigner (com.nimbusds.jose.JWSSigner)1
JWSVerifier (com.nimbusds.jose.JWSVerifier)1
RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)1
RSASSAVerifier (com.nimbusds.jose.crypto.RSASSAVerifier)1
FileNotFoundException (java.io.FileNotFoundException)1
FileOutputStream (java.io.FileOutputStream)1
