Example 1 with TrustBundleDomainReltn
use of org.nhind.config.TrustBundleDomainReltn in project nhin-d by DirectProject.
the class TrustBundleCommands method addTrustBundleToDomain.
@Command(name = "AddTrustBundleToDomain", usage = ADD_BUNDLE_TO_DOMAIN)
public void addTrustBundleToDomain(String[] args) {
final long bundleId = Long.parseLong(StringArrayUtil.getRequiredValue(args, 0));
final long domainId = Long.parseLong(StringArrayUtil.getRequiredValue(args, 1));
final boolean trustIncoming = Boolean.parseBoolean(StringArrayUtil.getRequiredValue(args, 2));
final boolean trustOutgoing = Boolean.parseBoolean(StringArrayUtil.getRequiredValue(args, 3));
try {
final TrustBundle bundle = proxy.getTrustBundleById(bundleId);
if (bundle == null) {
System.out.println("Bundle with id " + bundleId + " does not exist.");
return;
}
final Domain domain = proxy.getDomain(domainId);
if (domain == null) {
System.out.println("Domain with id " + domainId + " does not exist.");
return;
}
// make sure there isn't already an association
final TrustBundleDomainReltn[] reltns = proxy.getTrustBundlesByDomain(domainId, false);
if (reltns != null && reltns.length > 0) {
for (TrustBundleDomainReltn reltn : reltns) {
if (reltn.getTrustBundle().getId() == bundleId) {
System.out.println("Bundle " + bundle.getBundleName() + " is already associated with domain " + domain.getDomainName());
return;
}
}
}
proxy.associateTrustBundleToDomain(domainId, bundleId, trustIncoming, trustOutgoing);
System.out.println("Trust bundle " + bundle.getBundleName() + " added to domain " + domain.getDomainName());
} catch (Exception e) {
System.out.println("Error associating bundle to domain : " + e.getMessage());
}
}
Also used :
TrustBundle(org.nhind.config.TrustBundle)
Domain(org.nhind.config.Domain)
TrustBundleDomainReltn(org.nhind.config.TrustBundleDomainReltn)
Command(org.nhindirect.dns.tools.utils.Command)
Example 2 with TrustBundleDomainReltn
use of org.nhind.config.TrustBundleDomainReltn in project nhin-d by DirectProject.
the class WSSmtpAgentConfig method buildTrustAnchorResolver.
public void buildTrustAnchorResolver() {
Provider<TrustAnchorResolver> provider = null;
Map<String, Collection<X509Certificate>> incomingAnchors = new HashMap<String, Collection<X509Certificate>>();
Map<String, Collection<X509Certificate>> outgoingAnchors = new HashMap<String, Collection<X509Certificate>>();
/*
* first determine how anchors are stored... possibilities are LDAP, keystore, and WS
*
*/
Setting setting = null;
String storeType;
String resolverType;
try {
setting = cfService.getSettingByName("AnchorStoreType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor store type: " + e.getMessage(), e);
}
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty())
// default to WS
storeType = STORE_TYPE_WS;
else
storeType = setting.getValue();
// if the store type is anything other than WS, then we need to get the anchor names so we can look them up in the repository
if (!storeType.equalsIgnoreCase(STORE_TYPE_WS)) {
getAnchorsFromNonWS(incomingAnchors, outgoingAnchors, storeType);
} else {
// trust bundles are shared objects across domains, so just pull the entire bundle list and associate
// the anchors in the bundles to the appropriate domains as we go... this will not always be the most efficient
// algorithm, but it most cases it will be when there are several domains configured (in which case this
// loading algorithm will be much more efficient)
final Map<String, TrustBundle> bundleMap = new HashMap<String, TrustBundle>();
try {
final TrustBundle[] bundles = cfService.getTrustBundles(true);
// put the bundles in a Map by name
if (bundles != null)
for (TrustBundle bundle : bundles) bundleMap.put(bundle.getBundleName(), bundle);
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting trust bundles: " + e.getMessage(), e);
}
// hit up the web service for each domains anchor
for (Domain domain : lookedupWSDomains) {
try {
final Collection<X509Certificate> incomingAnchorsToAdd = new ArrayList<X509Certificate>();
final Collection<X509Certificate> outgoingAnchorsToAdd = new ArrayList<X509Certificate>();
// get the anchors for the domain
final Anchor[] anchors = cfService.getAnchorsForOwner(domain.getDomainName(), null);
if (anchors != null) {
for (Anchor anchor : anchors) {
final X509Certificate anchorToAdd = certFromData(anchor.getData());
if (anchor.isIncoming())
incomingAnchorsToAdd.add(anchorToAdd);
if (anchor.isOutgoing())
outgoingAnchorsToAdd.add(anchorToAdd);
}
}
// check to see if there is a bundle associated to this domain
final TrustBundleDomainReltn[] domainAssocs = cfService.getTrustBundlesByDomain(domain.getId(), false);
if (domainAssocs != null) {
for (TrustBundleDomainReltn domainAssoc : domainAssocs) {
final TrustBundle bundle = bundleMap.get(domainAssoc.getTrustBundle().getBundleName());
if (bundle != null && bundle.getTrustBundleAnchors() != null) {
for (TrustBundleAnchor anchor : bundle.getTrustBundleAnchors()) {
final X509Certificate anchorToAdd = certFromData(anchor.getData());
if (domainAssoc.isIncoming())
incomingAnchorsToAdd.add(anchorToAdd);
if (domainAssoc.isOutgoing())
outgoingAnchorsToAdd.add(anchorToAdd);
}
}
}
}
incomingAnchors.put(domain.getDomainName(), incomingAnchorsToAdd);
outgoingAnchors.put(domain.getDomainName(), outgoingAnchorsToAdd);
} catch (SmtpAgentException e) {
// rethrow
throw e;
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings, "WebService error getting trust anchors for domain " + domain + ":" + e.getMessage(), e);
}
}
}
try {
setting = cfService.getSettingByName("AnchorResolverType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor resolver type: " + e.getMessage(), e);
}
if (incomingAnchors.size() == 0 && outgoingAnchors.size() == 0)
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings, "No trust anchors defined.");
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty()) {
// multi domain should be the default... uniform really only makes sense for dev purposes
resolverType = ANCHOR_RES_TYPE_MULTIDOMAIN;
} else
resolverType = setting.getValue();
if (resolverType.equalsIgnoreCase(ANCHOR_RES_TYPE_UNIFORM)) {
// the same... just get the first collection in the incoming map
if (incomingAnchors.size() > 0)
provider = new UniformTrustAnchorResolverProvider(incomingAnchors.values().iterator().next());
else
provider = new UniformTrustAnchorResolverProvider(outgoingAnchors.values().iterator().next());
} else if (resolverType.equalsIgnoreCase(ANCHOR_RES_TYPE_MULTIDOMAIN)) {
provider = new MultiDomainTrustAnchorResolverProvider(incomingAnchors, outgoingAnchors);
} else {
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings);
}
certAnchorModule = TrustAnchorModule.create(provider);
}
Also used :
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
HashMap(java.util.HashMap)
Setting(org.nhind.config.Setting)
ArrayList(java.util.ArrayList)
X509Certificate(java.security.cert.X509Certificate)
AddressException(javax.mail.internet.AddressException)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
PolicyParseException(org.nhindirect.policy.PolicyParseException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
TrustBundleDomainReltn(org.nhind.config.TrustBundleDomainReltn)
TrustBundleAnchor(org.nhind.config.TrustBundleAnchor)
Anchor(org.nhind.config.Anchor)
TrustAnchorResolver(org.nhindirect.stagent.trust.TrustAnchorResolver)
UniformTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.UniformTrustAnchorResolverProvider)
Collection(java.util.Collection)
TrustBundle(org.nhind.config.TrustBundle)
Domain(org.nhind.config.Domain)
MultiDomainTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.MultiDomainTrustAnchorResolverProvider)
TrustBundleAnchor(org.nhind.config.TrustBundleAnchor)
Example 3 with TrustBundleDomainReltn
use of org.nhind.config.TrustBundleDomainReltn in project nhin-d by DirectProject.
the class TrustBundleCommands method listDomainBundles.
@Command(name = "ListDomainBundles", usage = LIST_DOMAIN_BUNDLES_USAGE)
public void listDomainBundles(String[] args) {
final long domainId = Long.parseLong(StringArrayUtil.getRequiredValue(args, 0));
try {
final Domain domain = proxy.getDomain(domainId);
if (domain == null) {
System.out.println("Domain with id " + domainId + " does not exist.");
return;
}
// make sure there isn't already an association
final TrustBundleDomainReltn[] reltns = proxy.getTrustBundlesByDomain(domainId, false);
if (reltns == null || reltns.length == 0) {
System.out.println("No bundles associated with domain " + domain.getDomainName());
return;
}
List<TrustBundle> bundles = new ArrayList<TrustBundle>();
for (TrustBundleDomainReltn reltn : reltns) bundles.add(reltn.getTrustBundle());
System.out.println("Bundles associated with domain " + domain.getDomainName());
bundlePrinter.printRecords(bundles);
} catch (Exception e) {
System.out.println("Error getting domain bundles : " + e.getMessage());
}
}
Also used :
ArrayList(java.util.ArrayList)
TrustBundle(org.nhind.config.TrustBundle)
Domain(org.nhind.config.Domain)
TrustBundleDomainReltn(org.nhind.config.TrustBundleDomainReltn)
Command(org.nhindirect.dns.tools.utils.Command)
Example 4 with TrustBundleDomainReltn
use of org.nhind.config.TrustBundleDomainReltn in project nhin-d by DirectProject.
the class TrustBundleCommands method deleteTrustBundleFromDomain.
@Command(name = "DeleteTrustBundleFromDomain", usage = REMOVE_BUNDLE_FROM_DOMAIN)
public void deleteTrustBundleFromDomain(String[] args) {
final long bundleId = Long.parseLong(StringArrayUtil.getRequiredValue(args, 0));
final long domainId = Long.parseLong(StringArrayUtil.getRequiredValue(args, 1));
try {
final TrustBundle bundle = proxy.getTrustBundleById(bundleId);
if (bundle == null) {
System.out.println("Bundle with id " + bundleId + " does not exist.");
return;
}
final Domain domain = proxy.getDomain(domainId);
if (domain == null) {
System.out.println("Domain with id " + domainId + " does not exist.");
return;
}
// make sure there is already an association
boolean associationExists = false;
final TrustBundleDomainReltn[] reltns = proxy.getTrustBundlesByDomain(domainId, false);
if (reltns != null && reltns.length > 0) {
for (TrustBundleDomainReltn reltn : reltns) {
if (reltn.getTrustBundle().getId() == bundleId) {
associationExists = true;
break;
}
}
}
if (!associationExists) {
System.out.println("Bundle " + bundle.getBundleName() + " is not associated with domain " + domain.getDomainName());
return;
}
proxy.disassociateTrustBundleFromDomain(domainId, bundleId);
System.out.println("Trust bundle " + bundle.getBundleName() + " removed from domain " + domain.getDomainName());
} catch (Exception e) {
System.out.println("Error removing bundle from domain : " + e.getMessage());
}
}
Also used :
TrustBundle(org.nhind.config.TrustBundle)
Domain(org.nhind.config.Domain)
TrustBundleDomainReltn(org.nhind.config.TrustBundleDomainReltn)
Command(org.nhindirect.dns.tools.utils.Command)
Aggregations
Domain (org.nhind.config.Domain)4
TrustBundle (org.nhind.config.TrustBundle)4
TrustBundleDomainReltn (org.nhind.config.TrustBundleDomainReltn)4
Command (org.nhindirect.dns.tools.utils.Command)3
ArrayList (java.util.ArrayList)2
IOException (java.io.IOException)1
CertificateException (java.security.cert.CertificateException)1
X509Certificate (java.security.cert.X509Certificate)1
Collection (java.util.Collection)1
HashMap (java.util.HashMap)1
AddressException (javax.mail.internet.AddressException)1
Anchor (org.nhind.config.Anchor)1
Setting (org.nhind.config.Setting)1
TrustBundleAnchor (org.nhind.config.TrustBundleAnchor)1
SmtpAgentException (org.nhindirect.gateway.smtp.SmtpAgentException)1
PolicyParseException (org.nhindirect.policy.PolicyParseException)1
TrustAnchorResolver (org.nhindirect.stagent.trust.TrustAnchorResolver)1
MultiDomainTrustAnchorResolverProvider (org.nhindirect.stagent.trust.provider.MultiDomainTrustAnchorResolverProvider)1
UniformTrustAnchorResolverProvider (org.nhindirect.stagent.trust.provider.UniformTrustAnchorResolverProvider)1
