Example 1 with TrustStoreCertificate
use of org.gluu.oxtrust.model.cert.TrustStoreCertificate in project oxTrust by GluuFederation.
the class ManageCertificateAction method init.
public String init() {
if (this.initialized) {
return OxTrustConstants.RESULT_SUCCESS;
}
this.wereAnyChanges = false;
this.certsMmanagePossible = prepareTempWorkspace();
this.orgInumFN = StringHelper.removePunctuation(organizationService.getOrganizationInum());
this.tomcatCertFN = orgInumFN + "-java.crt";
this.idpCertFN = orgInumFN + "-shib.crt";
try {
GluuAppliance appliance = applianceService.getAppliance();
if (appliance == null) {
return OxTrustConstants.RESULT_FAILURE;
}
trustStoreConfiguration = appliance.getTrustStoreConfiguration();
if (trustStoreConfiguration == null) {
trustStoreConfiguration = new TrustStoreConfiguration();
}
trustStoreCertificates = appliance.getTrustStoreCertificates();
if (trustStoreCertificates == null) {
trustStoreCertificates = new ArrayList<TrustStoreCertificate>();
}
} catch (Exception ex) {
log.error("Failed to load appliance configuration", ex);
return OxTrustConstants.RESULT_FAILURE;
}
this.initialized = true;
return OxTrustConstants.RESULT_SUCCESS;
}
Also used :
TrustStoreConfiguration(org.gluu.oxtrust.model.cert.TrustStoreConfiguration)
GluuAppliance(org.gluu.oxtrust.model.GluuAppliance)
TrustStoreCertificate(org.gluu.oxtrust.model.cert.TrustStoreCertificate)
GeneralSecurityException(java.security.GeneralSecurityException)
LdapMappingException(org.gluu.site.ldap.persistence.exception.LdapMappingException)
IOException(java.io.IOException)
Example 2 with TrustStoreCertificate
use of org.gluu.oxtrust.model.cert.TrustStoreCertificate in project oxTrust by GluuFederation.
the class ManageCertificateAction method updateTrustCertificates.
private boolean updateTrustCertificates() {
try {
// Reload entry to include latest changes
GluuAppliance tmpAppliance = applianceService.getAppliance();
TrustStoreConfiguration currTrustStoreConfiguration = tmpAppliance.getTrustStoreConfiguration();
List<TrustStoreCertificate> currTrustStoreCertificates = tmpAppliance.getTrustStoreCertificates();
if (currTrustStoreCertificates == null) {
currTrustStoreCertificates = new ArrayList<TrustStoreCertificate>(0);
}
if (!trustStoreConfiguration.equals(currTrustStoreConfiguration) || !trustStoreCertificates.equals(currTrustStoreCertificates)) {
this.wereAnyChanges = true;
}
tmpAppliance.setTrustStoreConfiguration(trustStoreConfiguration);
if (trustStoreCertificates.size() == 0) {
tmpAppliance.setTrustStoreCertificates(null);
} else {
tmpAppliance.setTrustStoreCertificates(trustStoreCertificates);
}
applianceService.updateAppliance(tmpAppliance);
} catch (LdapMappingException ex) {
log.error("Failed to update appliance configuration", ex);
facesMessages.add(FacesMessage.SEVERITY_ERROR, "Failed to update appliance");
return false;
}
return true;
}
Also used :
TrustStoreConfiguration(org.gluu.oxtrust.model.cert.TrustStoreConfiguration)
GluuAppliance(org.gluu.oxtrust.model.GluuAppliance)
TrustStoreCertificate(org.gluu.oxtrust.model.cert.TrustStoreCertificate)
LdapMappingException(org.gluu.site.ldap.persistence.exception.LdapMappingException)
Example 3 with TrustStoreCertificate
use of org.gluu.oxtrust.model.cert.TrustStoreCertificate in project oxTrust by GluuFederation.
the class CertificateManagementAction method updateTableView.
/**
* Load and process certificate lists.
*
* Set highlight for obsolete certificates.
* Apply search pattern.
*/
private void updateTableView() {
try {
for (X509CertificateShortInfo cert : asimbaCertificates) {
// check dates
cert.updateViewStyle();
}
} catch (Exception e) {
log.error("Load Asimba keystore configuration exception", e);
}
try {
// load trustStoreCertificates
trustStoreCertificates = new ArrayList<X509CertificateShortInfo>();
GluuAppliance appliance = applianceService.getAppliance();
List<TrustStoreCertificate> trustStoreCertificatesList = appliance.getTrustStoreCertificates();
if (trustStoreCertificatesList != null) {
for (TrustStoreCertificate trustStoreCertificate : trustStoreCertificatesList) {
try {
X509Certificate[] certs = SSLService.loadCertificates(trustStoreCertificate.getCertificate().getBytes());
for (X509Certificate cert : certs) {
X509CertificateShortInfo entry = new X509CertificateShortInfo(trustStoreCertificate.getName(), cert);
trustStoreCertificates.add(entry);
}
} catch (Exception e) {
log.error("Certificate load exception", e);
}
}
}
} catch (Exception e) {
log.error("Load trustStoreCertificates configuration exception", e);
}
try {
// load internalCertificates
internalCertificates = new ArrayList<X509CertificateShortInfo>();
try {
X509Certificate[] openDJCerts = SSLService.loadCertificates(new FileInputStream(OPENDJ_CERTIFICATE_FILE));
for (X509Certificate openDJCert : openDJCerts) internalCertificates.add(new X509CertificateShortInfo("OpenDJ SSL", openDJCert));
} catch (Exception e) {
log.error("Certificate load exception", e);
}
try {
X509Certificate[] httpdCerts = SSLService.loadCertificates(new FileInputStream(HTTPD_CERTIFICATE_FILE));
for (X509Certificate httpdCert : httpdCerts) internalCertificates.add(new X509CertificateShortInfo("HTTPD SSL", httpdCert));
} catch (Exception e) {
log.error("Certificate load exception", e);
}
try {
X509Certificate[] shibIDPCerts = SSLService.loadCertificates(new FileInputStream(SHIB_IDP_CERTIFICATE_FILE));
for (X509Certificate shibIDPCert : shibIDPCerts) internalCertificates.add(new X509CertificateShortInfo("Shibboleth IDP SAML Certificate", shibIDPCert));
} catch (Exception e) {
log.error("Certificate load exception", e);
}
} catch (Exception e) {
log.error("Load internalCertificates configuration exception", e);
}
try {
// check for warning and search pattern
final String searchPatternLC = this.searchPattern != null ? this.searchPattern.toLowerCase() : null;
Iterator<X509CertificateShortInfo> certsIterator = asimbaCertificates.iterator();
while (certsIterator.hasNext()) {
X509CertificateShortInfo cert = certsIterator.next();
// apply warning flag
if (searchObsoleteWarning && !cert.isWarning())
certsIterator.remove();
// apply search pattern
if (searchPatternLC != null && !searchPatternLC.isEmpty() && cert.getAlias() != null && cert.getIssuer() != null) {
if (!cert.getAlias().toLowerCase().contains(searchPatternLC) && !cert.getIssuer().toLowerCase().contains(searchPatternLC))
certsIterator.remove();
}
}
certsIterator = trustStoreCertificates.iterator();
while (certsIterator.hasNext()) {
X509CertificateShortInfo cert = certsIterator.next();
// apply warning flag
if (searchObsoleteWarning && !cert.isWarning())
certsIterator.remove();
// apply search pattern
if (searchPatternLC != null && !searchPatternLC.isEmpty() && cert.getAlias() != null && cert.getIssuer() != null) {
if (!cert.getAlias().toLowerCase().contains(searchPatternLC) && !cert.getIssuer().toLowerCase().contains(searchPatternLC))
certsIterator.remove();
}
}
certsIterator = internalCertificates.iterator();
while (certsIterator.hasNext()) {
X509CertificateShortInfo cert = certsIterator.next();
// apply warning flag
if (searchObsoleteWarning && !cert.isWarning())
certsIterator.remove();
// apply search pattern
if (searchPatternLC != null && !searchPatternLC.isEmpty() && cert.getAlias() != null && cert.getIssuer() != null) {
if (!cert.getAlias().toLowerCase().contains(searchPatternLC) && !cert.getIssuer().toLowerCase().contains(searchPatternLC))
certsIterator.remove();
}
}
} catch (Exception e) {
log.error("Update certificates status view exception", e);
}
}
Also used :
X509CertificateShortInfo(org.gluu.oxtrust.util.X509CertificateShortInfo)
GluuAppliance(org.gluu.oxtrust.model.GluuAppliance)
TrustStoreCertificate(org.gluu.oxtrust.model.cert.TrustStoreCertificate)
X509Certificate(java.security.cert.X509Certificate)
FileInputStream(java.io.FileInputStream)
Example 4 with TrustStoreCertificate
use of org.gluu.oxtrust.model.cert.TrustStoreCertificate in project oxTrust by GluuFederation.
the class ManageCertificateAction method addPublicCertificate.
public void addPublicCertificate() {
TrustStoreCertificate trustStoreCertificate = new TrustStoreCertificate();
trustStoreCertificate.setAddedAt(new Date());
trustStoreCertificate.setAddedBy(currentPerson.getDn());
this.trustStoreCertificates.add(trustStoreCertificate);
}
Also used :
TrustStoreCertificate(org.gluu.oxtrust.model.cert.TrustStoreCertificate)
Date(java.util.Date)
Aggregations
TrustStoreCertificate (org.gluu.oxtrust.model.cert.TrustStoreCertificate)4
GluuAppliance (org.gluu.oxtrust.model.GluuAppliance)3
TrustStoreConfiguration (org.gluu.oxtrust.model.cert.TrustStoreConfiguration)2
LdapMappingException (org.gluu.site.ldap.persistence.exception.LdapMappingException)2
FileInputStream (java.io.FileInputStream)1
IOException (java.io.IOException)1
GeneralSecurityException (java.security.GeneralSecurityException)1
X509Certificate (java.security.cert.X509Certificate)1
Date (java.util.Date)1
X509CertificateShortInfo (org.gluu.oxtrust.util.X509CertificateShortInfo)1
