Example 1 with TrustBundleDomainReltn
use of org.nhindirect.config.model.TrustBundleDomainReltn in project nhin-d by DirectProject.
the class TrustBundleResource method getTrustBundlesByDomain.
/**
* Gets all trust bundles associated to a domain.
* @param domainName The name of the domain to fetch trust bundles for.
* @param fetchAnchors Indicates if the retrieval should also include the trust anchors in the bundle. When only needing bundle names,
* this parameter should be set to false for better performance.
* @return A JSON representation of a collection of trust bundle that are associated to the given domain. Returns a status of
* 404 if a domain with the given name does not exist or a status of 404 if no trust bundles are associated with the given name.
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
@Path("domains/{domainName}")
public Response getTrustBundlesByDomain(@PathParam("domainName") String domainName, @QueryParam("fetchAnchors") @DefaultValue("true") boolean fetchAnchors) {
// make sure the domain exists
org.nhindirect.config.store.Domain entityDomain;
try {
entityDomain = domainDao.getDomainByName(domainName);
if (entityDomain == null)
return Response.status(Status.NOT_FOUND).cacheControl(noCache).build();
} catch (Exception e) {
log.error("Error looking up domain.", e);
return Response.serverError().cacheControl(noCache).build();
}
Collection<org.nhindirect.config.store.TrustBundleDomainReltn> retBundles = null;
try {
retBundles = bundleDao.getTrustBundlesByDomain(entityDomain.getId());
if (retBundles.isEmpty())
return Response.noContent().cacheControl(noCache).build();
} catch (Throwable e) {
log.error("Error looking up trust bundles", e);
return Response.serverError().cacheControl(noCache).build();
}
final Collection<TrustBundleDomainReltn> modelBundles = new ArrayList<TrustBundleDomainReltn>();
for (org.nhindirect.config.store.TrustBundleDomainReltn bundleReltn : retBundles) {
if (!fetchAnchors)
bundleReltn.getTrustBundle().setTrustBundleAnchors(new ArrayList<TrustBundleAnchor>());
final TrustBundleDomainReltn newReltn = new TrustBundleDomainReltn();
newReltn.setIncoming(bundleReltn.isIncoming());
newReltn.setOutgoing(bundleReltn.isOutgoing());
newReltn.setDomain(EntityModelConversion.toModelDomain(bundleReltn.getDomain()));
newReltn.setTrustBundle(EntityModelConversion.toModelTrustBundle(bundleReltn.getTrustBundle()));
modelBundles.add(newReltn);
}
final GenericEntity<Collection<TrustBundleDomainReltn>> entity = new GenericEntity<Collection<TrustBundleDomainReltn>>(modelBundles) {
};
return Response.ok(entity).cacheControl(noCache).build();
}
Also used :
ArrayList(java.util.ArrayList)
CertificateConversionException(org.nhindirect.config.model.exceptions.CertificateConversionException)
TrustBundleDomainReltn(org.nhindirect.config.model.TrustBundleDomainReltn)
GenericEntity(javax.ws.rs.core.GenericEntity)
Collection(java.util.Collection)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 2 with TrustBundleDomainReltn
use of org.nhindirect.config.model.TrustBundleDomainReltn in project nhin-d by DirectProject.
the class DomainController method updateBundleDirection.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/updateBundleDirection", method = RequestMethod.POST)
public ModelAndView updateBundleDirection(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, @RequestParam(required = true) String domainName, @RequestParam(required = true) String bundle, @RequestParam(required = true) String direction, @RequestParam(required = true) String directionValue, HttpSession session, Model model) {
Collection<TrustBundleDomainReltn> bundles = null;
try {
bundles = bundleService.getTrustBundlesByDomain(domainName, false);
} catch (ServiceException ex) {
Logger.getLogger(DomainController.class.getName()).log(Level.SEVERE, null, ex);
}
for (TrustBundleDomainReltn bundleReltn : bundles) {
if (bundleReltn.getId() == Long.parseLong(bundle)) {
if (direction.toLowerCase().equals("incoming")) {
if (Integer.parseInt(directionValue) == 1) {
bundleReltn.setIncoming(true);
} else {
bundleReltn.setIncoming(false);
}
} else {
if (Integer.parseInt(directionValue) == 1) {
bundleReltn.setOutgoing(true);
} else {
bundleReltn.setOutgoing(false);
}
}
}
}
final ModelAndView mav = new ModelAndView();
mav.setViewName("updateBundleDirection");
return mav;
}
Also used :
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException)
ModelAndView(org.springframework.web.servlet.ModelAndView)
TrustBundleDomainReltn(org.nhindirect.config.model.TrustBundleDomainReltn)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 3 with TrustBundleDomainReltn
use of org.nhindirect.config.model.TrustBundleDomainReltn in project nhin-d by DirectProject.
the class RESTSmtpAgentConfig method buildTrustAnchorResolver.
public void buildTrustAnchorResolver() {
Provider<TrustAnchorResolver> provider = null;
Map<String, Collection<X509Certificate>> incomingAnchors = new HashMap<String, Collection<X509Certificate>>();
Map<String, Collection<X509Certificate>> outgoingAnchors = new HashMap<String, Collection<X509Certificate>>();
/*
* first determine how anchors are stored... possibilities are LDAP, keystore, and WS
*
*/
Setting setting = null;
String storeType;
String resolverType;
try {
setting = settingsService.getSetting("AnchorStoreType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor store type: " + e.getMessage(), e);
}
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty())
// default to WS
storeType = STORE_TYPE_WS;
else
storeType = setting.getValue();
// if the store type is anything other than WS, then we need to get the anchor names so we can look them up in the repository
if (!storeType.equalsIgnoreCase(STORE_TYPE_WS)) {
getAnchorsFromNonWS(incomingAnchors, outgoingAnchors, storeType);
} else {
// trust bundles are shared objects across domains, so just pull the entire bundle list and associate
// the anchors in the bundles to the appropriate domains as we go... this will not always be the most efficient
// algorithm, but it most cases it will be when there are several domains configured (in which case this
// loading algorithm will be much more efficient)
final Map<String, TrustBundle> bundleMap = new HashMap<String, TrustBundle>();
try {
final Collection<TrustBundle> bundles = trustBundleService.getTrustBundles(true);
// put the bundles in a Map by name
if (bundles != null)
for (TrustBundle bundle : bundles) bundleMap.put(bundle.getBundleName(), bundle);
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting trust bundles: " + e.getMessage(), e);
}
// hit up the web service for each domains anchor
for (Domain domain : lookedupRESTServiceDomains) {
try {
final Collection<X509Certificate> incomingAnchorsToAdd = new ArrayList<X509Certificate>();
final Collection<X509Certificate> outgoingAnchorsToAdd = new ArrayList<X509Certificate>();
// get the anchors for the domain
final Collection<Anchor> anchors = anchorService.getAnchorsForOwner(domain.getDomainName(), false, false, null);
if (anchors != null) {
for (Anchor anchor : anchors) {
final X509Certificate anchorToAdd = certFromData(anchor.getCertificateData());
if (anchor.isIncoming())
incomingAnchorsToAdd.add(anchorToAdd);
if (anchor.isOutgoing())
outgoingAnchorsToAdd.add(anchorToAdd);
}
}
// check to see if there is a bundle associated to this domain
final Collection<TrustBundleDomainReltn> domainAssocs = trustBundleService.getTrustBundlesByDomain(domain.getDomainName(), false);
if (domainAssocs != null) {
for (TrustBundleDomainReltn domainAssoc : domainAssocs) {
final TrustBundle bundle = bundleMap.get(domainAssoc.getTrustBundle().getBundleName());
if (bundle != null && bundle.getTrustBundleAnchors() != null) {
for (TrustBundleAnchor anchor : bundle.getTrustBundleAnchors()) {
final X509Certificate anchorToAdd = certFromData(anchor.getAnchorData());
if (domainAssoc.isIncoming())
incomingAnchorsToAdd.add(anchorToAdd);
if (domainAssoc.isOutgoing())
outgoingAnchorsToAdd.add(anchorToAdd);
}
}
}
}
incomingAnchors.put(domain.getDomainName(), incomingAnchorsToAdd);
outgoingAnchors.put(domain.getDomainName(), outgoingAnchorsToAdd);
} catch (SmtpAgentException e) {
// rethrow
throw e;
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings, "WebService error getting trust anchors for domain " + domain + ":" + e.getMessage(), e);
}
}
}
try {
setting = settingsService.getSetting("AnchorResolverType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor resolver type: " + e.getMessage(), e);
}
if (incomingAnchors.size() == 0 && outgoingAnchors.size() == 0)
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings, "No trust anchors defined.");
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty()) {
// multi domain should be the default... uniform really only makes sense for dev purposes
resolverType = ANCHOR_RES_TYPE_MULTIDOMAIN;
} else
resolverType = setting.getValue();
if (resolverType.equalsIgnoreCase(ANCHOR_RES_TYPE_UNIFORM)) {
// the same... just get the first collection in the incoming map
if (incomingAnchors.size() > 0)
provider = new UniformTrustAnchorResolverProvider(incomingAnchors.values().iterator().next());
else
provider = new UniformTrustAnchorResolverProvider(outgoingAnchors.values().iterator().next());
} else if (resolverType.equalsIgnoreCase(ANCHOR_RES_TYPE_MULTIDOMAIN)) {
provider = new MultiDomainTrustAnchorResolverProvider(incomingAnchors, outgoingAnchors);
} else {
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings);
}
certAnchorModule = TrustAnchorModule.create(provider);
}
Also used :
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
HashMap(java.util.HashMap)
Setting(org.nhindirect.config.model.Setting)
ArrayList(java.util.ArrayList)
X509Certificate(java.security.cert.X509Certificate)
AddressException(javax.mail.internet.AddressException)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
PolicyParseException(org.nhindirect.policy.PolicyParseException)
TrustBundleDomainReltn(org.nhindirect.config.model.TrustBundleDomainReltn)
Anchor(org.nhindirect.config.model.Anchor)
TrustBundleAnchor(org.nhindirect.config.model.TrustBundleAnchor)
TrustAnchorResolver(org.nhindirect.stagent.trust.TrustAnchorResolver)
UniformTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.UniformTrustAnchorResolverProvider)
Collection(java.util.Collection)
TrustBundle(org.nhindirect.config.model.TrustBundle)
Domain(org.nhindirect.config.model.Domain)
MultiDomainTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.MultiDomainTrustAnchorResolverProvider)
TrustBundleAnchor(org.nhindirect.config.model.TrustBundleAnchor)
Example 4 with TrustBundleDomainReltn
use of org.nhindirect.config.model.TrustBundleDomainReltn in project nhin-d by DirectProject.
the class BundlesController method addMoreBundlesForm.
@PreAuthorize("hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/addMoreBundlesForm", method = RequestMethod.GET)
public ModelAndView addMoreBundlesForm(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, HttpSession session, @ModelAttribute BundleForm simpleForm, @RequestParam(value = "domainName") String domainName, Model model) {
ModelAndView mav = new ModelAndView();
if (log.isDebugEnabled()) {
log.debug("Enter bundles/addMoreBundlesForm");
}
// Process data for Trust Bundle View
try {
// Get Trust Bundles
final Collection<TrustBundle> trustBundles = new ArrayList<TrustBundle>();
Collection<TrustBundle> newBundles = new ArrayList<TrustBundle>();
final Collection<TrustBundleDomainReltn> bundleRelationships = bundleService.getTrustBundlesByDomain(domainName, false);
final Collection<TrustBundle> allBundles = bundleService.getTrustBundles(false);
boolean bundleMatch = false;
if (bundleRelationships != null && !bundleRelationships.isEmpty()) {
for (TrustBundleDomainReltn relationship : bundleRelationships) {
trustBundles.add(relationship.getTrustBundle());
}
for (TrustBundle bundle : allBundles) {
bundleMatch = false;
for (TrustBundle subBundle : trustBundles) {
if (subBundle.getId() == bundle.getId()) {
bundleMatch = true;
}
}
if (!bundleMatch) {
newBundles.add(bundle);
}
}
} else {
newBundles = bundleService.getTrustBundles(false);
}
//if(trustBundles != null) {
model.addAttribute("trustBundles", newBundles);
//}
} catch (ServiceException e1) {
}
model.addAttribute("domainName", domainName);
BundleForm bform = new BundleForm();
bform.setId(0);
bform.setDomainName((String) session.getAttribute("currentDomainName"));
model.addAttribute("bundleForm", bform);
mav.setViewName("addMoreBundlesForm");
return mav;
}
Also used :
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
BundleForm(org.nhindirect.config.ui.form.BundleForm)
ModelAndView(org.springframework.web.servlet.ModelAndView)
ArrayList(java.util.ArrayList)
TrustBundle(org.nhindirect.config.model.TrustBundle)
TrustBundleDomainReltn(org.nhindirect.config.model.TrustBundleDomainReltn)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 5 with TrustBundleDomainReltn
use of org.nhindirect.config.model.TrustBundleDomainReltn in project nhin-d by DirectProject.
the class DomainController method viewDomain.
/**
* Display a Domain
*/
@RequestMapping(method = RequestMethod.GET)
public ModelAndView viewDomain(@RequestHeader(value = "X-Requested-With", required = false) String requestedWith, @RequestParam(required = false) String domainName, HttpSession session, Model model) throws java.security.cert.CertificateException {
if (log.isDebugEnabled()) {
log.debug("Enter View Domain");
}
if (StringUtils.isEmpty(domainName))
domainName = (String) session.getAttribute("currentDomainName");
ModelAndView mav = new ModelAndView();
mav.setViewName("domain");
String action = "Add";
DomainForm form = (DomainForm) session.getAttribute("domainForm");
if (form == null) {
form = new DomainForm();
}
model.addAttribute("domainForm", form);
model.addAttribute("action", action);
model.addAttribute("ajaxRequest", AjaxUtils.isAjaxRequest(requestedWith));
mav.addObject("action", action);
mav.addObject("privKeyTypeList", PrivateKeyType.getPrivKeyTypeList());
mav.addObject("statusList", EntityStatus.getEntityStatusList());
session.setAttribute("currentDomainName", domainName);
if ((domainName != null) && (domainName.length() > 0)) {
if (log.isDebugEnabled()) {
log.debug("Need to search for Domain ID: " + domainName);
}
Domain results = null;
model.addAttribute("domainName", domainName);
AddressForm addrform = new AddressForm();
addrform.setDomainName(domainName);
model.addAttribute("addressForm", addrform);
final CertificateForm cform = new CertificateForm();
cform.setDomainName(domainName);
final AnchorForm aform = new AnchorForm();
aform.setDomainName(domainName);
model.addAttribute("certificateForm", cform);
model.addAttribute("anchorForm", aform);
if (domainService != null) {
try {
results = domainService.getDomain(domainName);
} catch (ServiceException e) {
e.printStackTrace();
}
if (results != null) {
if (log.isDebugEnabled()) {
log.debug("Found a valid domain" + results.toString());
}
Collection<TrustBundleDomainReltn> bundles = null;
// Get Trust Bundles
try {
bundles = bundleService.getTrustBundlesByDomain(domainName, true);
} catch (ServiceException cse) {
}
if (bundles != null) {
model.addAttribute("trustBundles", bundles);
final Map<String, Object> bundleMap = new HashMap<String, Object>(bundles.size());
// Store anchors for each bundle
Collection<TrustBundleAnchor> tbAnchors;
for (TrustBundleDomainReltn bundle : bundles) {
tbAnchors = bundle.getTrustBundle().getTrustBundleAnchors();
final Map<TrustBundleAnchor, String> anchorMap = new HashMap<TrustBundleAnchor, String>(tbAnchors.size());
// Loop through anchors to collect some information about the certificates
for (TrustBundleAnchor anchor : tbAnchors) {
final X509Certificate cert = anchor.getAsX509Certificate();
final String subjectDN = cert.getSubjectDN().toString();
anchorMap.put(anchor, subjectDN);
}
bundleMap.put(bundle.getTrustBundle().getBundleName(), anchorMap);
}
model.addAttribute("bundleMap", bundleMap);
}
form.populate(results);
action = "Update";
model.addAttribute("action", action);
// SETTING THE ADDRESSES OBJECT
model.addAttribute("addressesResults", results.getAddresses());
// BEGIN: temporary code for mocking purposes
String owner = "";
owner = results.getDomainName();
model.addAttribute("addressesResults", results.getAddresses());
Collection<Certificate> certlist = null;
try {
certlist = certService.getCertificatesByOwner(owner);
} catch (ServiceException e) {
e.printStackTrace();
}
Collection<Anchor> anchorlist = null;
try {
anchorlist = anchorService.getAnchorsForOwner(owner, false, false, "");
} catch (ServiceException e) {
e.printStackTrace();
}
model.addAttribute("certificatesResults", certlist);
// convert Anchor to AnchorForm
final Collection<AnchorForm> convertedanchors = convertAnchors(anchorlist);
// now set anchorsResults
model.addAttribute("anchorsResults", convertedanchors);
// END: temporary code for mocking purposes
final SimpleForm simple = new SimpleForm();
simple.setDomainName(domainName);
model.addAttribute("simpleForm", simple);
mav.addObject("action", action);
} else {
log.warn("Service returned a null Domain for a known key: " + domainName);
}
} else {
log.error("Web Service bean is null. Configuration error detected.");
}
if (AjaxUtils.isAjaxRequest(requestedWith)) {
// prepare model for rendering success message in this request
model.addAttribute("message", "");
model.addAttribute("ajaxRequest", true);
model.addAttribute("action", action);
return null;
}
}
if (log.isDebugEnabled())
log.debug("Exit");
return mav;
}
Also used :
CertificateForm(org.nhindirect.config.ui.form.CertificateForm)
SimpleForm(org.nhindirect.config.ui.form.SimpleForm)
AnchorForm(org.nhindirect.config.ui.form.AnchorForm)
HashMap(java.util.HashMap)
ModelAndView(org.springframework.web.servlet.ModelAndView)
X509Certificate(java.security.cert.X509Certificate)
DomainForm(org.nhindirect.config.ui.form.DomainForm)
SearchDomainForm(org.nhindirect.config.ui.form.SearchDomainForm)
TrustBundleDomainReltn(org.nhindirect.config.model.TrustBundleDomainReltn)
Anchor(org.nhindirect.config.model.Anchor)
TrustBundleAnchor(org.nhindirect.config.model.TrustBundleAnchor)
AddressForm(org.nhindirect.config.ui.form.AddressForm)
ServiceException(org.nhindirect.common.rest.exceptions.ServiceException)
ConfigurationServiceException(org.nhindirect.config.service.ConfigurationServiceException)
Domain(org.nhindirect.config.model.Domain)
TrustBundleAnchor(org.nhindirect.config.model.TrustBundleAnchor)
X509Certificate(java.security.cert.X509Certificate)
Certificate(org.nhindirect.config.model.Certificate)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
TrustBundleDomainReltn (org.nhindirect.config.model.TrustBundleDomainReltn)5
ArrayList (java.util.ArrayList)3
ServiceException (org.nhindirect.common.rest.exceptions.ServiceException)3
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)3
ModelAndView (org.springframework.web.servlet.ModelAndView)3
X509Certificate (java.security.cert.X509Certificate)2
Collection (java.util.Collection)2
HashMap (java.util.HashMap)2
Anchor (org.nhindirect.config.model.Anchor)2
Domain (org.nhindirect.config.model.Domain)2
TrustBundle (org.nhindirect.config.model.TrustBundle)2
TrustBundleAnchor (org.nhindirect.config.model.TrustBundleAnchor)2
ConfigurationServiceException (org.nhindirect.config.service.ConfigurationServiceException)2
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)2
AddressException (javax.mail.internet.AddressException)1
GET (javax.ws.rs.GET)1
Path (javax.ws.rs.Path)1
Produces (javax.ws.rs.Produces)1
GenericEntity (javax.ws.rs.core.GenericEntity)1
Certificate (org.nhindirect.config.model.Certificate)1
