Search in sources :

Example 11 with MutableKeyStoreProtectionManager

use of org.nhindirect.common.crypto.MutableKeyStoreProtectionManager in project nhin-d by DirectProject.

the class MainController method search.

/**
	 * Execute the search and return the results
	 */
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/search", method = RequestMethod.GET)
public ModelAndView search(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute SimpleForm simpleForm, Model model, @RequestParam(value = "submitType") String actionPath, @RequestParam(value = "domainName", required = false) String searchDomainName, @RequestParam(value = "status", required = false) EntityStatus searchStatus) {
    log.error("Hit Search Controller");
    if (log.isDebugEnabled()) {
        log.debug("Enter search");
    }
    String message = "Search complete";
    ModelAndView mav = new ModelAndView();
    if (actionPath.equalsIgnoreCase("gotosettings") || actionPath.equalsIgnoreCase("settings")) {
        if (log.isDebugEnabled()) {
            log.debug("trying to go to the settings page");
        }
        String action = "add";
        model.addAttribute("action", action);
        // Set view for this method
        mav.setViewName("settings");
        mav.addObject("actionPath", "gotosettings");
        // Initialize default settings form 
        SettingsForm form = (SettingsForm) session.getAttribute("settingsForm");
        if (form == null) {
            form = new SettingsForm();
        }
        model.addAttribute("settingsForm", form);
        // Retrieve list of settings for settingsResults
        List<Setting> results = null;
        if (settingsService != null) {
            try {
                final Collection<Setting> settings = settingsService.getSettings();
                if (settings != null) {
                    results = new ArrayList<Setting>(settings);
                } else {
                    results = new ArrayList<Setting>();
                }
            } catch (ServiceException e) {
            }
        }
        model.addAttribute("simpleForm", new SimpleForm());
        model.addAttribute("settingsResults", results);
    } else if (actionPath.equalsIgnoreCase("gotocertificates") || actionPath.equalsIgnoreCase("certificates")) {
        /*************************************
                 * Manage Certificates
                 * 
                 *************************************/
        //if (log.isDebugEnabled()) {
        log.error("trying to go to the certificates page");
        //}
        final String action = "Update";
        model.addAttribute("action", action);
        mav.setViewName("certificates");
        mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
        mav.addObject("actionPath", "gotocertificates");
        CertificateForm form = (CertificateForm) session.getAttribute("certificateForm");
        if (form == null) {
            form = new CertificateForm();
        }
        model.addAttribute("certificateForm", form);
        // retrieve list of settings for settingsResults
        List<Certificate> results = null;
        if (certService != null) {
            try {
                final Collection<Certificate> certs = certService.getAllCertificates();
                if (certs != null) {
                    if (this.keyManager != null && this.keyManager instanceof MutableKeyStoreProtectionManager) {
                        final KeyStore keyStore = ((MutableKeyStoreProtectionManager) keyManager).getKS();
                        // the key store manager to see if they have private keys
                        for (Certificate cert : certs) {
                            if (!cert.isPrivateKey()) {
                                try {
                                    final X509Certificate checkCert = CertUtils.toX509Certificate(cert.getData());
                                    final String alias = keyStore.getCertificateAlias(checkCert);
                                    if (!StringUtils.isEmpty(alias)) {
                                        // check if this entry has a private key associated with
                                        // it
                                        final PrivateKey privKey = (PrivateKey) keyStore.getKey(alias, "".toCharArray());
                                        if (privKey != null)
                                            cert.setPrivateKey(true);
                                    }
                                } catch (Exception e) {
                                }
                            }
                        }
                    }
                    results = new ArrayList<Certificate>(certs);
                } else {
                    results = new ArrayList<Certificate>();
                }
            } catch (ServiceException e) {
            }
        }
        model.addAttribute("simpleForm", new SimpleForm());
        model.addAttribute("certificatesResults", results);
    } else if (actionPath.equalsIgnoreCase("newdomain") || actionPath.equalsIgnoreCase("new domain")) {
        if (log.isDebugEnabled()) {
            log.debug("trying to go to the new domain page");
        }
        final HashMap<String, String> msgs = new HashMap<String, String>();
        mav.addObject("msgs", msgs);
        model.addAttribute("simpleForm", new SimpleForm());
        final AddressForm addrform = new AddressForm();
        addrform.setId(0L);
        model.addAttribute("addressForm", addrform);
        // TODO: once certificates and anchors are available change code accordingly
        final CertificateForm cform = new CertificateForm();
        //cform.setId(0L);
        final AnchorForm aform = new AnchorForm();
        aform.setId(0L);
        model.addAttribute("certificateForm", cform);
        model.addAttribute("anchorForm", aform);
        final String action = "Add";
        DomainForm form = (DomainForm) session.getAttribute("domainForm");
        if (form == null) {
            form = new DomainForm();
        }
        model.addAttribute("domainForm", form);
        model.addAttribute("action", action);
        mav.setViewName("domain");
        mav.addObject("actionPath", "newdomain");
        mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
        mav.addObject("statusList", EntityStatus.getEntityStatusList());
    } else if (actionPath.equalsIgnoreCase("gotodns") || actionPath.equalsIgnoreCase("DNS Entries")) {
        if (log.isDebugEnabled()) {
            log.debug("Entering DNS Management page");
        }
        final HashMap<String, String> msgs = new HashMap<String, String>();
        mav.addObject("msgs", msgs);
        final String action = "Update";
        model.addAttribute("action", action);
        // get all DNSType.A.getValue() records
        // GET A RECORDS
        Collection<DNSRecord> arecords = null;
        arecords = getDnsRecords(DNSType.A.getValue());
        model.addAttribute("dnsARecordResults", arecords);
        // GET A4 RECORDS
        Collection<DNSRecord> a4records = null;
        a4records = getDnsRecords(DNSType.AAAA.getValue());
        model.addAttribute("dnsA4RecordResults", a4records);
        // GET C RECORDS
        Collection<DNSRecord> crecords = null;
        crecords = getDnsRecords(DNSType.CNAME.getValue());
        model.addAttribute("dnsCnameRecordResults", crecords);
        // GET Cert RECORDS
        Collection<DNSRecord> certrecords = null;
        certrecords = getDnsRecords(DNSType.CERT.getValue());
        model.addAttribute("dnsCertRecordResults", certrecords);
        // GET MX RECORDS
        Collection<DNSRecord> mxrecords = null;
        mxrecords = getDnsRecords(DNSType.MX.getValue());
        model.addAttribute("dnsMxRecordResults", mxrecords);
        // GET SRV RECORDS
        Collection<DNSRecord> srvrecords = null;
        srvrecords = getDnsRecords(DNSType.SRV.getValue());
        model.addAttribute("dnsSrvRecordResults", srvrecords);
        mav.setViewName("dns");
        mav.addObject("actionPath", "gotodns");
        model.addAttribute("AdnsForm", new DNSEntryForm());
        model.addAttribute("AAdnsForm", new DNSEntryForm());
        model.addAttribute("CdnsForm", new DNSEntryForm());
        model.addAttribute("CertdnsForm", new DNSEntryForm());
        model.addAttribute("MXdnsForm", new DNSEntryForm());
        model.addAttribute("SrvdnsForm", new DNSEntryForm());
        refreshModelFromService(model);
        model.addAttribute("simpleForm", new SimpleForm());
    } else if (actionPath.equalsIgnoreCase("ManagePolicies") || actionPath.equalsIgnoreCase("Policies")) {
        if (log.isDebugEnabled()) {
            log.debug("trying to go to the Policies page");
        }
        final String action = "Update";
        model.addAttribute("action", action);
        mav.setViewName("policies");
        mav.addObject("actionPath", "gotopolicies");
        PolicyForm form = (PolicyForm) session.getAttribute("policyForm");
        if (form == null) {
            form = new PolicyForm();
        }
        model.addAttribute("policyForm", form);
        Collection<CertPolicy> policies = null;
        try {
            policies = policyService.getPolicies();
        } catch (Exception e) {
            System.out.println("Failed to lookup policies: " + e.getMessage());
        }
        if (policies != null) {
            model.addAttribute("policies", policies);
        } else {
            model.addAttribute("policies", "");
        }
        /*
                // retrieve list of settings for settingsResults
                List<Certificate> results = null;
                if (configSvc != null) {
                    // Process data for Trust Bundle View
                    try {

                        // Get Trust Bundles
                        Collection<TrustBundle> trustBundles = configSvc.getTrustBundles(true); 
                        
                        if (trustBundles == null)
                        	trustBundles = Collections.emptyList();
                        
                        Map<String, Object> bundleMap = new HashMap<String, Object>(trustBundles.size());                                                                                                            
                                    
                        Collection<TrustBundleAnchor> tbAnchors;    // Store anchors for each bundle   



                        for(TrustBundle bundle : trustBundles) 
                        {                                        
                            tbAnchors = bundle.getTrustBundleAnchors();    
                            Map<TrustBundleAnchor, String> anchorMap = new HashMap<TrustBundleAnchor, String>(tbAnchors.size());                                                                                

                            //String[] anchorDNs = new String[tbAnchors.size()];  // String array for storing anchor DNs
                            int curAnchor = 0;  // Counter as we iterate through anchor list

                            // Loop through anchors to collect some information about the certificates
                            for(TrustBundleAnchor anchor : tbAnchors) {

                                try {
                                    X509Certificate cert = anchor.toCertificate();                                            

                                    String subjectDN = cert.getSubjectDN().toString();
                                    anchorMap.put(anchor, subjectDN);

                                } catch (org.nhindirect.config.store.CertificateException ex) {                                                
                                }

                                curAnchor++;
                            }

                            bundleMap.put(bundle.getBundleName(), anchorMap);

                        }

                        model.addAttribute("bundleMap", bundleMap);  
                        
                        
                        
                        model.addAttribute("trustBundles", trustBundles);                                

                    } catch (ConfigurationServiceException e1) {
                            e1.printStackTrace();
                    }								
                }
                */
        model.addAttribute("simpleForm", new SimpleForm());
    } else if (actionPath.equalsIgnoreCase("ManageTrustBundles") || actionPath.equalsIgnoreCase("Bundles")) {
        if (log.isDebugEnabled()) {
            log.debug("trying to go to the Bundles page");
        }
        final String action = "Update";
        model.addAttribute("action", action);
        mav.setViewName("bundles");
        mav.addObject("actionPath", "gotobundles");
        BundleForm form = (BundleForm) session.getAttribute("BundleForm");
        if (form == null) {
            form = new BundleForm();
        }
        model.addAttribute("bundleForm", form);
        // retrieve list of settings for settingsResults
        if (bundleService != null) {
            // Process data for Trust Bundle View
            try {
                // Get Trust Bundles
                Collection<TrustBundle> trustBundles = bundleService.getTrustBundles(true);
                if (trustBundles == null) {
                    trustBundles = Collections.emptyList();
                }
                final Map<String, Object> bundleMap = new HashMap<String, Object>(trustBundles.size());
                // Store anchors for each bundle   
                Collection<TrustBundleAnchor> tbAnchors;
                for (TrustBundle bundle : trustBundles) {
                    tbAnchors = bundle.getTrustBundleAnchors();
                    final Map<TrustBundleAnchor, String> anchorMap = new HashMap<TrustBundleAnchor, String>(tbAnchors.size());
                    // Loop through anchors to collect some information about the certificates
                    for (TrustBundleAnchor anchor : tbAnchors) {
                        final X509Certificate cert = anchor.getAsX509Certificate();
                        final String subjectDN = cert.getSubjectDN().toString();
                        anchorMap.put(anchor, subjectDN);
                    }
                    bundleMap.put(bundle.getBundleName(), anchorMap);
                }
                model.addAttribute("bundleMap", bundleMap);
                model.addAttribute("trustBundles", trustBundles);
            } catch (ServiceException e1) {
                e1.printStackTrace();
            }
        }
        model.addAttribute("simpleForm", new SimpleForm());
    } else {
        SearchDomainForm form = (SearchDomainForm) session.getAttribute("searchDomainForm");
        if (form == null) {
            form = new SearchDomainForm();
        }
        model.addAttribute(form);
        model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
        final String domain = (!searchDomainName.isEmpty()) ? searchDomainName : "%";
        mav.addObject("searchTerm", searchDomainName);
        EntityStatus status = searchStatus;
        List<Domain> results = null;
        if (domainService != null) {
            try {
                final Collection<Domain> domains = domainService.searchDomains(domain, org.nhindirect.config.model.EntityStatus.valueOf(status.toString()));
                if (domains != null) {
                    results = new ArrayList<Domain>(domains);
                } else {
                    results = new ArrayList<Domain>();
                }
            } catch (ServiceException e1) {
                e1.printStackTrace();
            }
        }
        if (AjaxUtils.isAjaxRequest(requestedWith)) {
            // prepare model for rendering success message in this request
            model.addAttribute("message", new Message(MessageType.success, message));
            model.addAttribute("ajaxRequest", true);
            model.addAttribute("searchResults", results);
            return null;
        }
        mav.setViewName("main");
        mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
        mav.addObject("statusList", EntityStatus.getEntityStatusList());
        mav.addObject("searchResults", results);
    }
    if (log.isDebugEnabled()) {
        log.debug("Exit");
    }
    return mav;
}
Also used : SimpleForm(org.nhindirect.config.ui.form.SimpleForm) CertificateForm(org.nhindirect.config.ui.form.CertificateForm) AnchorForm(org.nhindirect.config.ui.form.AnchorForm) PrivateKey(java.security.PrivateKey) Message(org.nhindirect.config.ui.flash.FlashMap.Message) HashMap(java.util.HashMap) ModelAndView(org.springframework.web.servlet.ModelAndView) ArrayList(java.util.ArrayList) DNSEntryForm(org.nhindirect.config.ui.form.DNSEntryForm) SearchDomainForm(org.nhindirect.config.ui.form.SearchDomainForm) MutableKeyStoreProtectionManager(org.nhindirect.common.crypto.MutableKeyStoreProtectionManager) TrustBundle(org.nhindirect.config.model.TrustBundle) EntityStatus(org.nhindirect.config.store.EntityStatus) List(java.util.List) ArrayList(java.util.ArrayList) BundleForm(org.nhindirect.config.ui.form.BundleForm) Setting(org.nhindirect.config.model.Setting) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) CertificateEncodingException(javax.security.cert.CertificateEncodingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) TextParseException(org.xbill.DNS.TextParseException) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) IOException(java.io.IOException) DomainForm(org.nhindirect.config.ui.form.DomainForm) SearchDomainForm(org.nhindirect.config.ui.form.SearchDomainForm) PolicyForm(org.nhindirect.config.ui.form.PolicyForm) AddressForm(org.nhindirect.config.ui.form.AddressForm) ServiceException(org.nhindirect.common.rest.exceptions.ServiceException) CertPolicy(org.nhindirect.config.model.CertPolicy) SettingsForm(org.nhindirect.config.ui.form.SettingsForm) Collection(java.util.Collection) Map(java.util.Map) HashMap(java.util.HashMap) TrustBundleAnchor(org.nhindirect.config.model.TrustBundleAnchor) X509Certificate(java.security.cert.X509Certificate) Certificate(org.nhindirect.config.model.Certificate) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

MutableKeyStoreProtectionManager (org.nhindirect.common.crypto.MutableKeyStoreProtectionManager)11 KeyStore (java.security.KeyStore)7 PrivateKey (java.security.PrivateKey)7 X509Certificate (java.security.cert.X509Certificate)7 IOException (java.io.IOException)5 Key (java.security.Key)4 ArrayList (java.util.ArrayList)4 ServiceException (org.nhindirect.common.rest.exceptions.ServiceException)4 Certificate (org.nhindirect.config.model.Certificate)4 CertificateForm (org.nhindirect.config.ui.form.CertificateForm)4 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)4 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)4 ModelAndView (org.springframework.web.servlet.ModelAndView)4 PKCS11Credential (org.nhindirect.common.crypto.PKCS11Credential)3 CryptoException (org.nhindirect.common.crypto.exceptions.CryptoException)3 BootstrappedPKCS11Credential (org.nhindirect.common.crypto.impl.BootstrappedPKCS11Credential)3 StaticPKCS11TokenKeyStoreProtectionManager (org.nhindirect.common.crypto.impl.StaticPKCS11TokenKeyStoreProtectionManager)3 SearchDomainForm (org.nhindirect.config.ui.form.SearchDomainForm)3 SimpleForm (org.nhindirect.config.ui.form.SimpleForm)3 NHINDException (org.nhindirect.stagent.NHINDException)3