Example 1 with TrustBundle
use of org.nhindirect.config.model.TrustBundle in project nhin-d by DirectProject.
the class BundlesController method addBundle.
/*********************************
*
* Add Bundle Method
*
*********************************/
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/addbundle", method = RequestMethod.POST)
public ModelAndView addBundle(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute BundleForm bundleForm, Model model, @RequestParam(value = "submitType") String actionPath) {
final ModelAndView mav = new ModelAndView();
// Debug Statement
if (log.isDebugEnabled())
log.debug("Enter Add Trust Bundle");
if (actionPath.equalsIgnoreCase("cancel")) {
if (log.isDebugEnabled()) {
log.debug("trying to cancel from saveupdate");
}
// If cancel then clear form
final SearchDomainForm form2 = (SearchDomainForm) session.getAttribute("searchDomainForm");
model.addAttribute(form2 != null ? form2 : new SearchDomainForm());
model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
mav.setViewName("main");
mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
mav.addObject("statusList", EntityStatus.getEntityStatusList());
return mav;
}
if (actionPath.equalsIgnoreCase("newbundle") || actionPath.equalsIgnoreCase("add bundle")) {
Boolean formValidated = true;
if (log.isDebugEnabled()) {
log.debug("Beginning to process signing certificate file");
}
model.addAttribute("signingCertError", false);
model.addAttribute("URLError", false);
final TrustBundle trustBundle = new TrustBundle();
String bundleName = bundleForm.getBundleName();
trustBundle.setBundleName(bundleName);
// Convert Hours to Seconds for backend
trustBundle.setRefreshInterval(bundleForm.getRefreshInterval() * 3600);
// Check if signing certificate is uploaded
if (!bundleForm.getFileData().isEmpty()) {
byte[] bytes = bundleForm.getFileData().getBytes();
final String fileType = bundleForm.getFileData().getContentType();
if (!fileType.matches("application/x-x509-ca-cert") && !fileType.matches("application/x-x509-user-cert") && !fileType.matches("application/pkix-cert")) {
model.addAttribute("signingCertError", true);
formValidated = false;
} else {
try {
trustBundle.setSigningCertificateData(bytes);
} catch (Exception ce) {
}
}
} else {
if (log.isDebugEnabled())
log.debug("DO NOT store the bundle into database BECAUSE THERE IS NO FILE");
}
// Check for empty bundle name
if (bundleName.isEmpty()) {
model.addAttribute("EmptyBundleError", true);
formValidated = false;
} else {
// Check if trust bundle name is already used
TrustBundle dupeBundle = null;
try {
dupeBundle = bundleService.getTrustBundle(bundleName);
} catch (ServiceException cse) {
log.error("Could not get bundle information from config service");
}
if (dupeBundle != null) {
model.addAttribute("DupeBundleError", true);
formValidated = false;
}
}
// Check for valid URL
final String trustURL = bundleForm.getTrustURL();
try {
new URL(trustURL);
} catch (MalformedURLException mu) {
model.addAttribute("URLError", true);
formValidated = false;
}
if (formValidated) {
trustBundle.setBundleURL(trustURL);
try {
trustBundle.setCheckSum("");
bundleService.addTrustBundle(trustBundle);
if (log.isDebugEnabled()) {
log.debug("Add Trust Bundle to Database");
}
} catch (Exception e) {
if (log.isDebugEnabled())
log.error(e);
e.printStackTrace();
}
final BundleForm bform = new BundleForm();
model.addAttribute("bundleForm", bform);
}
// Process data for Trust Bundle View
try {
// Get Trust Bundles
final Collection<TrustBundle> trustBundles = bundleService.getTrustBundles(false);
if (trustBundles != null) {
model.addAttribute("trustBundles", trustBundles);
}
} catch (ServiceException e1) {
}
model.addAttribute("bundlesSelected");
model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
mav.setViewName("bundles");
}
return mav;
}
Also used :
SearchDomainForm(org.nhindirect.config.ui.form.SearchDomainForm)
MalformedURLException(java.net.MalformedURLException)
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
BundleForm(org.nhindirect.config.ui.form.BundleForm)
ModelAndView(org.springframework.web.servlet.ModelAndView)
TrustBundle(org.nhindirect.config.model.TrustBundle)
MalformedURLException(java.net.MalformedURLException)
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
IOException(java.io.IOException)
URL(java.net.URL)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 2 with TrustBundle
use of org.nhindirect.config.model.TrustBundle in project nhin-d by DirectProject.
the class BundlesController method removeCertificates.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/removebundle", method = RequestMethod.POST)
public ModelAndView removeCertificates(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute BundleForm simpleForm, Model model) {
final ModelAndView mav = new ModelAndView();
if (log.isDebugEnabled()) {
log.debug("Enter bundles/removebundle");
}
if (simpleForm.getBundlesSelected() != null) {
if (log.isDebugEnabled()) {
log.debug("Bundles marked for removal: " + simpleForm.getBundlesSelected().toString());
}
}
if (bundleService != null && simpleForm != null && simpleForm.getBundlesSelected() != null) {
final int bundleCount = simpleForm.getBundlesSelected().size();
if (log.isDebugEnabled()) {
log.debug("Removing Bundles");
}
for (int i = 0; i < bundleCount; i++) {
final String bundleName = simpleForm.getBundlesSelected().get(i);
log.error(bundleName);
// Delete Trust Bundle(s)
try {
bundleService.deleteTrustBundle(bundleName);
} catch (ServiceException cse) {
log.error("Problem removing bundles");
}
}
}
model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
final BundleForm bform = new BundleForm();
bform.setId(0);
model.addAttribute("bundleForm", bform);
mav.setViewName("bundles");
// Process data for Trust Bundle View
try {
// Get Trust Bundles
final Collection<TrustBundle> trustBundles = bundleService.getTrustBundles(false);
if (trustBundles != null) {
model.addAttribute("trustBundles", trustBundles);
}
} catch (ServiceException e1) {
}
return mav;
}
Also used :
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
BundleForm(org.nhindirect.config.ui.form.BundleForm)
ModelAndView(org.springframework.web.servlet.ModelAndView)
TrustBundle(org.nhindirect.config.model.TrustBundle)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 3 with TrustBundle
use of org.nhindirect.config.model.TrustBundle in project nhin-d by DirectProject.
the class BundlesController method assignBundlesForm.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/assignBundlesForm", method = RequestMethod.GET)
public ModelAndView assignBundlesForm(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute BundleForm simpleForm, Model model) {
ModelAndView mav = new ModelAndView();
if (log.isDebugEnabled()) {
log.debug("Enter bundles/assignBundles");
}
// Process data for Trust Bundle View
try {
// Get Trust Bundles
final Collection<TrustBundle> trustBundles = bundleService.getTrustBundles(false);
if (trustBundles != null) {
model.addAttribute("trustBundles", trustBundles);
}
} catch (ServiceException e1) {
}
BundleForm bform = new BundleForm();
bform.setId(0);
bform.setDomainName((String) session.getAttribute("currentDomainName"));
model.addAttribute("bundleForm", bform);
mav.setViewName("assignBundlesForm");
return mav;
}
Also used :
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
BundleForm(org.nhindirect.config.ui.form.BundleForm)
ModelAndView(org.springframework.web.servlet.ModelAndView)
TrustBundle(org.nhindirect.config.model.TrustBundle)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 4 with TrustBundle
use of org.nhindirect.config.model.TrustBundle in project nhin-d by DirectProject.
the class RESTSmtpAgentConfig method buildTrustAnchorResolver.
public void buildTrustAnchorResolver() {
Provider<TrustAnchorResolver> provider = null;
Map<String, Collection<X509Certificate>> incomingAnchors = new HashMap<String, Collection<X509Certificate>>();
Map<String, Collection<X509Certificate>> outgoingAnchors = new HashMap<String, Collection<X509Certificate>>();
/*
* first determine how anchors are stored... possibilities are LDAP, keystore, and WS
*
*/
Setting setting = null;
String storeType;
String resolverType;
try {
setting = settingsService.getSetting("AnchorStoreType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor store type: " + e.getMessage(), e);
}
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty())
// default to WS
storeType = STORE_TYPE_WS;
else
storeType = setting.getValue();
// if the store type is anything other than WS, then we need to get the anchor names so we can look them up in the repository
if (!storeType.equalsIgnoreCase(STORE_TYPE_WS)) {
getAnchorsFromNonWS(incomingAnchors, outgoingAnchors, storeType);
} else {
// trust bundles are shared objects across domains, so just pull the entire bundle list and associate
// the anchors in the bundles to the appropriate domains as we go... this will not always be the most efficient
// algorithm, but it most cases it will be when there are several domains configured (in which case this
// loading algorithm will be much more efficient)
final Map<String, TrustBundle> bundleMap = new HashMap<String, TrustBundle>();
try {
final Collection<TrustBundle> bundles = trustBundleService.getTrustBundles(true);
// put the bundles in a Map by name
if (bundles != null)
for (TrustBundle bundle : bundles) bundleMap.put(bundle.getBundleName(), bundle);
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting trust bundles: " + e.getMessage(), e);
}
// hit up the web service for each domains anchor
for (Domain domain : lookedupRESTServiceDomains) {
try {
final Collection<X509Certificate> incomingAnchorsToAdd = new ArrayList<X509Certificate>();
final Collection<X509Certificate> outgoingAnchorsToAdd = new ArrayList<X509Certificate>();
// get the anchors for the domain
final Collection<Anchor> anchors = anchorService.getAnchorsForOwner(domain.getDomainName(), false, false, null);
if (anchors != null) {
for (Anchor anchor : anchors) {
final X509Certificate anchorToAdd = certFromData(anchor.getCertificateData());
if (anchor.isIncoming())
incomingAnchorsToAdd.add(anchorToAdd);
if (anchor.isOutgoing())
outgoingAnchorsToAdd.add(anchorToAdd);
}
}
// check to see if there is a bundle associated to this domain
final Collection<TrustBundleDomainReltn> domainAssocs = trustBundleService.getTrustBundlesByDomain(domain.getDomainName(), false);
if (domainAssocs != null) {
for (TrustBundleDomainReltn domainAssoc : domainAssocs) {
final TrustBundle bundle = bundleMap.get(domainAssoc.getTrustBundle().getBundleName());
if (bundle != null && bundle.getTrustBundleAnchors() != null) {
for (TrustBundleAnchor anchor : bundle.getTrustBundleAnchors()) {
final X509Certificate anchorToAdd = certFromData(anchor.getAnchorData());
if (domainAssoc.isIncoming())
incomingAnchorsToAdd.add(anchorToAdd);
if (domainAssoc.isOutgoing())
outgoingAnchorsToAdd.add(anchorToAdd);
}
}
}
}
incomingAnchors.put(domain.getDomainName(), incomingAnchorsToAdd);
outgoingAnchors.put(domain.getDomainName(), outgoingAnchorsToAdd);
} catch (SmtpAgentException e) {
// rethrow
throw e;
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings, "WebService error getting trust anchors for domain " + domain + ":" + e.getMessage(), e);
}
}
}
try {
setting = settingsService.getSetting("AnchorResolverType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor resolver type: " + e.getMessage(), e);
}
if (incomingAnchors.size() == 0 && outgoingAnchors.size() == 0)
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings, "No trust anchors defined.");
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty()) {
// multi domain should be the default... uniform really only makes sense for dev purposes
resolverType = ANCHOR_RES_TYPE_MULTIDOMAIN;
} else
resolverType = setting.getValue();
if (resolverType.equalsIgnoreCase(ANCHOR_RES_TYPE_UNIFORM)) {
// the same... just get the first collection in the incoming map
if (incomingAnchors.size() > 0)
provider = new UniformTrustAnchorResolverProvider(incomingAnchors.values().iterator().next());
else
provider = new UniformTrustAnchorResolverProvider(outgoingAnchors.values().iterator().next());
} else if (resolverType.equalsIgnoreCase(ANCHOR_RES_TYPE_MULTIDOMAIN)) {
provider = new MultiDomainTrustAnchorResolverProvider(incomingAnchors, outgoingAnchors);
} else {
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings);
}
certAnchorModule = TrustAnchorModule.create(provider);
}
Also used :
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
HashMap(java.util.HashMap)
Setting(org.nhindirect.config.model.Setting)
ArrayList(java.util.ArrayList)
X509Certificate(java.security.cert.X509Certificate)
AddressException(javax.mail.internet.AddressException)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
PolicyParseException(org.nhindirect.policy.PolicyParseException)
TrustBundleDomainReltn(org.nhindirect.config.model.TrustBundleDomainReltn)
Anchor(org.nhindirect.config.model.Anchor)
TrustBundleAnchor(org.nhindirect.config.model.TrustBundleAnchor)
TrustAnchorResolver(org.nhindirect.stagent.trust.TrustAnchorResolver)
UniformTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.UniformTrustAnchorResolverProvider)
Collection(java.util.Collection)
TrustBundle(org.nhindirect.config.model.TrustBundle)
Domain(org.nhindirect.config.model.Domain)
MultiDomainTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.MultiDomainTrustAnchorResolverProvider)
TrustBundleAnchor(org.nhindirect.config.model.TrustBundleAnchor)
Example 5 with TrustBundle
use of org.nhindirect.config.model.TrustBundle in project nhin-d by DirectProject.
the class TrustBundleResource method getTrustBundleByName.
/**
* Gets a trust bundle by name.
* @param bundleName The name of the trust bundle to retrieve.
* @return A JSON representation of a the trust bundle. Returns a status of 404 if a trust bundle with the given name
* does not exist.
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
@Path("{bundleName}")
public Response getTrustBundleByName(@PathParam("bundleName") String bundleName) {
try {
final org.nhindirect.config.store.TrustBundle retBundle = bundleDao.getTrustBundleByName(bundleName);
if (retBundle == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
final TrustBundle modelBundle = EntityModelConversion.toModelTrustBundle(retBundle);
return Response.ok(modelBundle).cacheControl(noCache).build();
} catch (Throwable e) {
log.error("Error looking up trust bundles", e);
return Response.serverError().cacheControl(noCache).build();
}
}
Also used :
TrustBundle(org.nhindirect.config.model.TrustBundle)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Aggregations
TrustBundle (org.nhindirect.config.model.TrustBundle)10
ServiceException (org.nhindirect.common.rest.exceptions.ServiceException)6
BundleForm (org.nhindirect.config.ui.form.BundleForm)6
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)6
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)6
ModelAndView (org.springframework.web.servlet.ModelAndView)6
ArrayList (java.util.ArrayList)5
TrustBundleAnchor (org.nhindirect.config.model.TrustBundleAnchor)4
IOException (java.io.IOException)2
X509Certificate (java.security.cert.X509Certificate)2
Collection (java.util.Collection)2
HashMap (java.util.HashMap)2
Setting (org.nhindirect.config.model.Setting)2
TrustBundleDomainReltn (org.nhindirect.config.model.TrustBundleDomainReltn)2
SearchDomainForm (org.nhindirect.config.ui.form.SearchDomainForm)2
MalformedURLException (java.net.MalformedURLException)1
URL (java.net.URL)1
KeyStore (java.security.KeyStore)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
PrivateKey (java.security.PrivateKey)1
