Example 6 with Domain
use of org.nhind.config.Domain in project nhin-d by DirectProject.
the class NHINDSecurityAndTrustMailet_initialization_Test method testValidMailetConfiguration_AssertProperWSInitialization.
public void testValidMailetConfiguration_AssertProperWSInitialization() throws Exception {
new TestPlan() {
private ConfigurationServiceProxy proxy;
@Override
protected MailetConfig getMailetConfig() throws Exception {
ConfigServiceRunner.startConfigService();
cleanConfig();
addDomains();
addTrustAnchors();
Map<String, String> params = new HashMap<String, String>();
params.put("ConfigURL", ConfigServiceRunner.getConfigServiceURL());
return new MockMailetConfig(params, "NHINDSecurityAndTrustMailet");
}
protected void addDomains() throws Exception {
Domain dom = new Domain();
dom.setDomainName("cerner.com");
dom.setPostMasterEmail("postmaster@cerner.com");
proxy.addDomain(dom);
dom = new Domain();
dom.setDomainName("securehealthemail.com");
dom.setPostMasterEmail("postmaster@securehealthemail.com");
proxy.addDomain(dom);
}
protected void addTrustAnchors() throws Exception {
Vector<Anchor> vec = new Vector<Anchor>();
Anchor anchor = new Anchor();
anchor.setData(getCertificateFileData("cacert.der"));
anchor.setOwner("cerner.com");
anchor.setIncoming(true);
anchor.setOutgoing(true);
vec.add(anchor);
anchor = new Anchor();
anchor.setData(getCertificateFileData("cacert.der"));
anchor.setOwner("securehealthemail.com");
anchor.setIncoming(true);
anchor.setOutgoing(true);
vec.add(anchor);
proxy.addAnchor(vec.toArray(new Anchor[vec.size()]));
}
protected void cleanConfig() throws Exception {
proxy = new ConfigurationServiceProxy(ConfigServiceRunner.getConfigServiceURL());
// clean domains
int domainCount = proxy.getDomainCount();
Domain[] doms = proxy.listDomains(null, domainCount);
if (doms != null)
for (Domain dom : doms) {
// clean anchors
proxy.removeAnchorsForOwner(dom.getDomainName());
proxy.removeDomain(dom.getDomainName());
}
// clean certificates
Certificate[] certs = proxy.listCertificates(0, 0x8FFFF, null);
if (certs != null)
for (Certificate cert : certs) proxy.removeCertificatesForOwner(cert.getOwner());
// clean settings
Setting[] settings = proxy.getAllSettings();
if (settings != null)
for (Setting setting : settings) proxy.deleteSetting(new String[] { setting.getName() });
}
@Override
protected void doAssertions(NHINDSecurityAndTrustMailet agent) throws Exception {
assertNotNull(agent);
assertNotNull(agent.getInitParameter("ConfigURL"));
assertEquals(ConfigServiceRunner.getConfigServiceURL(), agent.getInitParameter("ConfigURL"));
}
}.perform();
}
Also used :
BaseTestPlan(org.nhindirect.gateway.testutils.BaseTestPlan)
Setting(org.nhind.config.Setting)
MailetConfig(org.apache.mailet.MailetConfig)
MessagingException(javax.mail.MessagingException)
Anchor(org.nhind.config.Anchor)
Domain(org.nhind.config.Domain)
HashMap(java.util.HashMap)
Map(java.util.Map)
Vector(java.util.Vector)
ConfigurationServiceProxy(org.nhind.config.ConfigurationServiceProxy)
Certificate(org.nhind.config.Certificate)
Example 7 with Domain
use of org.nhind.config.Domain in project nhin-d by DirectProject.
the class WSSmtpAgentConfig method buildDomains.
protected void buildDomains() {
domains = new ArrayList<String>();
domainPostmasters = new HashMap<String, DomainPostmaster>();
// get the domain list first
try {
int domainCount = cfService.getDomainCount();
lookedupWSDomains = cfService.listDomains(null, domainCount);
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting domains list: " + e.getMessage(), e);
}
if (lookedupWSDomains != null) {
for (Domain dom : lookedupWSDomains) {
domains.add(dom.getDomainName());
try {
String configuredAddress = dom.getPostMasterEmail();
configuredAddress = (configuredAddress == null || configuredAddress.trim().isEmpty()) ? DomainPostmaster.getDefaultPostmaster(dom.getDomainName()) : configuredAddress;
domainPostmasters.put(dom.getDomainName().toUpperCase(Locale.getDefault()), new DomainPostmaster(dom.getDomainName(), new InternetAddress(configuredAddress)));
} catch (AddressException e) {
}
}
}
if (domains.size() == 0)
throw new SmtpAgentException(SmtpAgentError.MissingDomains);
// now get the trust anchors
buildTrustAnchorResolver();
}
Also used :
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
InternetAddress(javax.mail.internet.InternetAddress)
AddressException(javax.mail.internet.AddressException)
DomainPostmaster(org.nhindirect.gateway.smtp.DomainPostmaster)
Domain(org.nhind.config.Domain)
AddressException(javax.mail.internet.AddressException)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
PolicyParseException(org.nhindirect.policy.PolicyParseException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
Example 8 with Domain
use of org.nhind.config.Domain in project nhin-d by DirectProject.
the class WSSmtpAgentConfig method buildTrustAnchorResolver.
public void buildTrustAnchorResolver() {
Provider<TrustAnchorResolver> provider = null;
Map<String, Collection<X509Certificate>> incomingAnchors = new HashMap<String, Collection<X509Certificate>>();
Map<String, Collection<X509Certificate>> outgoingAnchors = new HashMap<String, Collection<X509Certificate>>();
/*
* first determine how anchors are stored... possibilities are LDAP, keystore, and WS
*
*/
Setting setting = null;
String storeType;
String resolverType;
try {
setting = cfService.getSettingByName("AnchorStoreType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor store type: " + e.getMessage(), e);
}
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty())
// default to WS
storeType = STORE_TYPE_WS;
else
storeType = setting.getValue();
// if the store type is anything other than WS, then we need to get the anchor names so we can look them up in the repository
if (!storeType.equalsIgnoreCase(STORE_TYPE_WS)) {
getAnchorsFromNonWS(incomingAnchors, outgoingAnchors, storeType);
} else {
// trust bundles are shared objects across domains, so just pull the entire bundle list and associate
// the anchors in the bundles to the appropriate domains as we go... this will not always be the most efficient
// algorithm, but it most cases it will be when there are several domains configured (in which case this
// loading algorithm will be much more efficient)
final Map<String, TrustBundle> bundleMap = new HashMap<String, TrustBundle>();
try {
final TrustBundle[] bundles = cfService.getTrustBundles(true);
// put the bundles in a Map by name
if (bundles != null)
for (TrustBundle bundle : bundles) bundleMap.put(bundle.getBundleName(), bundle);
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting trust bundles: " + e.getMessage(), e);
}
// hit up the web service for each domains anchor
for (Domain domain : lookedupWSDomains) {
try {
final Collection<X509Certificate> incomingAnchorsToAdd = new ArrayList<X509Certificate>();
final Collection<X509Certificate> outgoingAnchorsToAdd = new ArrayList<X509Certificate>();
// get the anchors for the domain
final Anchor[] anchors = cfService.getAnchorsForOwner(domain.getDomainName(), null);
if (anchors != null) {
for (Anchor anchor : anchors) {
final X509Certificate anchorToAdd = certFromData(anchor.getData());
if (anchor.isIncoming())
incomingAnchorsToAdd.add(anchorToAdd);
if (anchor.isOutgoing())
outgoingAnchorsToAdd.add(anchorToAdd);
}
}
// check to see if there is a bundle associated to this domain
final TrustBundleDomainReltn[] domainAssocs = cfService.getTrustBundlesByDomain(domain.getId(), false);
if (domainAssocs != null) {
for (TrustBundleDomainReltn domainAssoc : domainAssocs) {
final TrustBundle bundle = bundleMap.get(domainAssoc.getTrustBundle().getBundleName());
if (bundle != null && bundle.getTrustBundleAnchors() != null) {
for (TrustBundleAnchor anchor : bundle.getTrustBundleAnchors()) {
final X509Certificate anchorToAdd = certFromData(anchor.getData());
if (domainAssoc.isIncoming())
incomingAnchorsToAdd.add(anchorToAdd);
if (domainAssoc.isOutgoing())
outgoingAnchorsToAdd.add(anchorToAdd);
}
}
}
}
incomingAnchors.put(domain.getDomainName(), incomingAnchorsToAdd);
outgoingAnchors.put(domain.getDomainName(), outgoingAnchorsToAdd);
} catch (SmtpAgentException e) {
// rethrow
throw e;
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings, "WebService error getting trust anchors for domain " + domain + ":" + e.getMessage(), e);
}
}
}
try {
setting = cfService.getSettingByName("AnchorResolverType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor resolver type: " + e.getMessage(), e);
}
if (incomingAnchors.size() == 0 && outgoingAnchors.size() == 0)
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings, "No trust anchors defined.");
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty()) {
// multi domain should be the default... uniform really only makes sense for dev purposes
resolverType = ANCHOR_RES_TYPE_MULTIDOMAIN;
} else
resolverType = setting.getValue();
if (resolverType.equalsIgnoreCase(ANCHOR_RES_TYPE_UNIFORM)) {
// the same... just get the first collection in the incoming map
if (incomingAnchors.size() > 0)
provider = new UniformTrustAnchorResolverProvider(incomingAnchors.values().iterator().next());
else
provider = new UniformTrustAnchorResolverProvider(outgoingAnchors.values().iterator().next());
} else if (resolverType.equalsIgnoreCase(ANCHOR_RES_TYPE_MULTIDOMAIN)) {
provider = new MultiDomainTrustAnchorResolverProvider(incomingAnchors, outgoingAnchors);
} else {
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings);
}
certAnchorModule = TrustAnchorModule.create(provider);
}
Also used :
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
HashMap(java.util.HashMap)
Setting(org.nhind.config.Setting)
ArrayList(java.util.ArrayList)
X509Certificate(java.security.cert.X509Certificate)
AddressException(javax.mail.internet.AddressException)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
PolicyParseException(org.nhindirect.policy.PolicyParseException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
TrustBundleDomainReltn(org.nhind.config.TrustBundleDomainReltn)
TrustBundleAnchor(org.nhind.config.TrustBundleAnchor)
Anchor(org.nhind.config.Anchor)
TrustAnchorResolver(org.nhindirect.stagent.trust.TrustAnchorResolver)
UniformTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.UniformTrustAnchorResolverProvider)
Collection(java.util.Collection)
TrustBundle(org.nhind.config.TrustBundle)
Domain(org.nhind.config.Domain)
MultiDomainTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.MultiDomainTrustAnchorResolverProvider)
TrustBundleAnchor(org.nhind.config.TrustBundleAnchor)
Example 9 with Domain
use of org.nhind.config.Domain in project nhin-d by DirectProject.
the class AddDomainCAAndPrivCert method main.
public static void main(String[] args) {
final String configServiceUrl = args[0];
final String domainName = args[1];
final String caCommonName = args[2];
final String certCommonName = args[3];
try {
final ConfigurationServiceProxy cfService = new ConfigurationServiceProxy(configServiceUrl);
final Domain domain = new Domain();
domain.setDomainName(domainName);
domain.setPostMasterEmail("postmaster@" + domainName);
domain.setStatus(EntityStatus.ENABLED);
cfService.addDomain(domain);
// now add the anchor and cert
final File caFile = AbstractCertCreator.createNewFileName(caCommonName, false);
final Anchor anchor = new Anchor();
anchor.setData(FileUtils.readFileToByteArray(caFile));
anchor.setOwner(domainName);
anchor.setIncoming(true);
anchor.setOutgoing(true);
anchor.setStatus(EntityStatus.ENABLED);
cfService.addAnchor(new Anchor[] { anchor });
final File certFile = AbstractCertCreator.createNewFileName(certCommonName, false);
final String certFileName = certFile.getName();
int idx = certFileName.lastIndexOf(".der");
final String p12FileName = certFileName.substring(0, idx) + ".p12";
final Certificate cert = new Certificate();
cert.setData(FileUtils.readFileToByteArray(new File(p12FileName)));
cert.setStatus(EntityStatus.ENABLED);
cfService.addCertificates(new Certificate[] { cert });
} catch (Exception e) {
e.printStackTrace();
}
}
Also used :
Anchor(org.nhind.config.Anchor)
Domain(org.nhind.config.Domain)
File(java.io.File)
ConfigurationServiceProxy(org.nhind.config.ConfigurationServiceProxy)
Certificate(org.nhind.config.Certificate)
Example 10 with Domain
use of org.nhind.config.Domain in project nhin-d by DirectProject.
the class RoutingResolverImplTest method testResolverWithConfigService.
/**
* Test the resolver with a configuration service backing.
*
* @throws Exception
*/
public void testResolverWithConfigService() throws Exception {
startService();
Address[] addrs = new Address[3];
List<String> smtpEndpoints = Arrays.asList("smtp@nologs.org");
List<String> xdEndpoints = Arrays.asList("xd@nologs.org");
List<String> emptyEndpoints = Arrays.asList("empty@nologs.org");
List<String> endpoints = new ArrayList<String>();
endpoints.addAll(smtpEndpoints);
endpoints.addAll(xdEndpoints);
endpoints.addAll(emptyEndpoints);
// SMTP
addrs[0] = new Address();
addrs[0].setEmailAddress(smtpEndpoints.get(0));
addrs[0].setDisplayName("displayName");
addrs[0].setType("SMTP");
addrs[0].setStatus(EntityStatus.ENABLED);
// XD
addrs[1] = new Address();
addrs[1].setEmailAddress(xdEndpoints.get(0));
addrs[1].setDisplayName("displayName");
addrs[1].setType("XD");
addrs[1].setEndpoint("xd_endpoint");
addrs[1].setStatus(EntityStatus.ENABLED);
// EMPTY
addrs[2] = new Address();
addrs[2].setEmailAddress(emptyEndpoints.get(0));
addrs[2].setDisplayName("displayName");
addrs[2].setStatus(EntityStatus.ENABLED);
Domain d = new Domain();
d.setDomainName("domainName");
d.setAddress(addrs);
proxy.addDomain(d);
RoutingResolver resolver = new RoutingResolverImpl(configServiceURL);
Collection<String> smtpResolved = resolver.getSmtpEndpoints(endpoints);
assertEquals("List does not match expected size", 2, smtpResolved.size());
assertEquals("List does not contain expected element", (new ArrayList<String>(smtpResolved)).get(0), smtpEndpoints.get(0));
assertEquals("List does not contain expected element", (new ArrayList<String>(emptyEndpoints)).get(0), emptyEndpoints.get(0));
Collection<String> xdResolved = resolver.getXdEndpoints(endpoints);
assertEquals("List does not match expected size", 1, xdResolved.size());
assertEquals("List does not contain expected element", (new ArrayList<String>(xdResolved)).get(0), xdEndpoints.get(0));
assertEquals("List does not match expected size", 1, xdResolved.size());
assertEquals("List does not contain expected element", (new ArrayList<String>(xdResolved)).get(0), xdEndpoints.get(0));
String endpoint = resolver.resolve(xdEndpoints.get(0));
assertEquals("Output does not match expected", addrs[1].getEndpoint(), endpoint);
stopService();
}
Also used :
Address(org.nhind.config.Address)
RoutingResolver(org.nhindirect.xd.routing.RoutingResolver)
ArrayList(java.util.ArrayList)
Domain(org.nhind.config.Domain)
Aggregations
Domain (org.nhind.config.Domain)19
Command (org.nhindirect.dns.tools.utils.Command)9
IOException (java.io.IOException)6
CertPolicyGroupDomainReltn (org.nhind.config.CertPolicyGroupDomainReltn)6
PolicyParseException (org.nhindirect.policy.PolicyParseException)5
ArrayList (java.util.ArrayList)4
Test (org.junit.Test)4
Anchor (org.nhind.config.Anchor)4
CertPolicy (org.nhind.config.CertPolicy)4
CertPolicyGroup (org.nhind.config.CertPolicyGroup)4
TrustBundle (org.nhind.config.TrustBundle)4
TrustBundleDomainReltn (org.nhind.config.TrustBundleDomainReltn)4
File (java.io.File)2
CertificateException (java.security.cert.CertificateException)2
HashMap (java.util.HashMap)2
AddressException (javax.mail.internet.AddressException)2
Certificate (org.nhind.config.Certificate)2
ConfigurationServiceProxy (org.nhind.config.ConfigurationServiceProxy)2
Setting (org.nhind.config.Setting)2
SmtpAgentException (org.nhindirect.gateway.smtp.SmtpAgentException)2
