use of org.nhindirect.gateway.smtp.SmtpAgentException in project nhin-d by DirectProject.
the class RESTSmtpAgentConfig method buildLdapCertificateStoreProvider.
@Override
protected LdapCertificateStoreProvider buildLdapCertificateStoreProvider(String type, String cacheStoreName) {
//required
Setting ldapURLSetting;
Setting ldapSearchBaseSetting;
Setting ldapSearchAttrSetting;
Setting ldapCertAttrSetting;
Setting ldapCertFormatSetting;
//optional
Setting ldapUserSetting;
Setting ldapPasswordSetting;
Setting ldapConnTimeoutSetting;
Setting ldapCertPassphraseSetting;
try {
ldapURLSetting = settingsService.getSetting(type + "LDAPUrl");
ldapSearchBaseSetting = settingsService.getSetting(type + "LDAPSearchBase");
ldapSearchAttrSetting = settingsService.getSetting(type + "LDAPSearchAttr");
ldapCertAttrSetting = settingsService.getSetting(type + "LDAPCertAttr");
ldapCertFormatSetting = settingsService.getSetting(type + "LDAPCertFormat");
//optional
ldapUserSetting = settingsService.getSetting(type + "LDAPUser");
ldapPasswordSetting = settingsService.getSetting(type + "LDAPPassword");
ldapConnTimeoutSetting = settingsService.getSetting(type + "LDAPConnTimeout");
ldapCertPassphraseSetting = settingsService.getSetting(type + "LDAPCertPassphrase");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting LDAP store settings: " + e.getMessage(), e);
}
if (ldapURLSetting == null || ldapURLSetting.getValue() == null || ldapURLSetting.getValue().isEmpty())
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "Missing LDAP URL");
String ldapSearchBase = (ldapSearchBaseSetting == null) ? null : ldapSearchBaseSetting.getValue();
String ldapSearchAttr = (ldapSearchAttrSetting == null) ? null : ldapSearchAttrSetting.getValue();
String ldapCertAttr = (ldapCertAttrSetting == null) ? null : ldapCertAttrSetting.getValue();
String ldapCertFormat = (ldapCertFormatSetting == null) ? null : ldapCertFormatSetting.getValue();
String[] ldapURL = ldapURLSetting.getValue().split(",");
if (ldapURL[0].isEmpty() || ldapSearchBase.isEmpty() || ldapSearchAttr.isEmpty() || ldapCertAttr.isEmpty() || ldapCertFormat.isEmpty()) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "Missing required LDAP parameters.");
}
String ldapUser = (ldapUserSetting == null) ? null : ldapUserSetting.getValue();
String ldapPassword = (ldapPasswordSetting == null) ? null : ldapPasswordSetting.getValue();
String ldapConnTimeout = (ldapConnTimeoutSetting == null) ? null : ldapConnTimeoutSetting.getValue();
String ldapCertPassphrase = (ldapCertPassphraseSetting == null) ? null : ldapCertPassphraseSetting.getValue();
if (ldapCertFormat.equalsIgnoreCase("pkcs12") && (ldapCertPassphrase == null || ldapCertPassphrase.isEmpty())) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat);
}
LdapStoreConfiguration ldapStoreConfiguration = new LdapStoreConfiguration(ldapURL, ldapSearchBase, ldapSearchAttr, ldapCertAttr, ldapCertFormat);
if (ldapUser != null && !ldapUser.isEmpty() && ldapPassword != null && !ldapPassword.isEmpty()) {
ldapStoreConfiguration.setEmployLdapAuthInformation(new EmployLdapAuthInformation(ldapUser, ldapPassword));
}
if (ldapConnTimeout != null && !ldapConnTimeout.isEmpty()) {
ldapStoreConfiguration.setLdapConnectionTimeOut(ldapConnTimeout);
}
if (ldapCertPassphrase != null && !ldapCertPassphrase.isEmpty()) {
ldapStoreConfiguration.setLdapCertPassphrase(ldapCertPassphrase);
}
LdapCertificateStoreProvider ldapCertificateStoreProvider = new LdapCertificateStoreProvider(ldapStoreConfiguration, null, new LDAPCertificateStore.DefaultLDAPCachePolicy());
return ldapCertificateStoreProvider;
}
use of org.nhindirect.gateway.smtp.SmtpAgentException in project nhin-d by DirectProject.
the class NHINDSecurityAndTrustMailet method init.
/**
* {@inheritDoc}
*/
@Override
public void init() throws MessagingException {
LOGGER.info("Initializing NHINDSecurityAndTrustMailet");
super.init();
// set the outbound policy for notifications if possible
try {
final boolean useOutboundPolicy = Boolean.parseBoolean(GatewayConfiguration.getConfigurationParam(SecurityAndTrustMailetOptions.USE_OUTGOING_POLICY_FOR_INCOMING_NOTIFICATIONS, this, "false"));
// we don't know if this parameter came from the mailet config or the options manager, so just go ahead and set it at
// the options manager level because that it where the agent reads the value... no danger that we will overwrite the value that we want...
// we would just be writing the same value if the information came from the options manager module
// the mailet parameter gets precedence, so we want to overwrite the options manager if the value exists in the mailet configuration
OptionsManager.getInstance().setOptionsParameter(new OptionsParameter(OptionsParameter.USE_OUTGOING_POLICY_FOR_INCOMING_NOTIFICATIONS, Boolean.toString(useOutboundPolicy)));
} catch (Exception e) {
// log a warning that the parameter could not be set
}
// set the rejection policy for tampered routing headers
try {
final boolean rejectOnTamperPolicy = Boolean.parseBoolean(GatewayConfiguration.getConfigurationParam(SecurityAndTrustMailetOptions.REJECT_ON_ROUTING_TAMPER, this, "false"));
OptionsManager.getInstance().setOptionsParameter(new OptionsParameter(OptionsParameter.REJECT_ON_ROUTING_TAMPER, Boolean.toString(rejectOnTamperPolicy)));
} catch (Exception e) {
// log a warning that the parameter could not be set
}
// set the JCE providers if available
final String JCEName = GatewayConfiguration.getConfigurationParam(SecurityAndTrustMailetOptions.JCE_PROVIDER_NAME, this, "");
if (!StringUtils.isEmpty(JCEName))
OptionsManager.getInstance().setOptionsParameter(new OptionsParameter(OptionsParameter.JCE_PROVIDER, JCEName));
final String sensitiveJCEName = GatewayConfiguration.getConfigurationParam(SecurityAndTrustMailetOptions.JCE_SENTITIVE_PROVIDER, this, "");
if (!StringUtils.isEmpty(sensitiveJCEName))
OptionsManager.getInstance().setOptionsParameter(new OptionsParameter(OptionsParameter.JCE_SENTITIVE_PROVIDER, sensitiveJCEName));
// Get the configuration URL
final String configURLParam = getInitParameter(SecurityAndTrustMailetOptions.CONFIG_URL_PARAM);
if (StringUtils.isEmpty(configURLParam)) {
LOGGER.error("NHINDSecurityAndTrustMailet Configuration URL cannot be empty or null.");
throw new MessagingException("NHINDSecurityAndTrustMailet Configuration URL cannot be empty or null.");
}
// parse into a URL and validate it is properly formed
URL configURL = null;
try {
configURL = new URL(configURLParam);
} catch (MalformedURLException ex) {
LOGGER.error("Invalid configuration URL:" + ex.getMessage(), ex);
throw new MessagingException("NHINDSecurityAndTrustMailet Configuration URL cannot be empty or null.", ex);
}
final Collection<Module> modules = getInitModules();
Provider<SmtpAgentConfig> configProvider;
try {
configProvider = this.getConfigProvider();
if (configProvider == null)
configProvider = createCompatConfigProvider(configURL);
if (configProvider instanceof URLAccessedConfigProvider)
((URLAccessedConfigProvider) configProvider).setConfigURL(configURL);
final Provider<ServiceSecurityManager> srvSecMgr = getServiceSecurityManagerProvider();
if (configProvider instanceof SecureURLAccessedConfigProvider)
((SecureURLAccessedConfigProvider) configProvider).setServiceSecurityManager(srvSecMgr);
final Provider<KeyStoreProtectionManager> keyStoreManagerProvider = getKeyStoreManagerProvider();
if (configProvider instanceof KeyStoreProtectionConfigProvider && keyStoreManagerProvider != null)
((KeyStoreProtectionConfigProvider) configProvider).setKeyStoreProtectionManger(keyStoreManagerProvider);
agent = SmtpAgentFactory.createAgent(configURL, configProvider, null, modules);
} catch (SmtpAgentException e) {
LOGGER.error("Failed to create the SMTP agent: " + e.getMessage(), e);
throw new MessagingException("Failed to create the SMTP agent: " + e.getMessage(), e);
}
///CLOVER:OFF
if (agent == null) {
LOGGER.error("Failed to create the SMTP agent. Reason unknown.");
throw new MessagingException("Failed to create the SMTP agent. Reason unknown.");
}
///CLOVER:ON
// get the DSN creation options
// default is RELIABLE_DSN_OPTION
final String dnsCreateOptions = GatewayConfiguration.getConfigurationParam(SecurityAndTrustMailetOptions.AUTO_DSN_FAILURE_CREATION_PARAM, this, RELIABLE_DSN_OPTION);
for (String dsnOption : dnsCreateOptions.split(",")) {
if (dsnOption.equalsIgnoreCase(RELIABLE_DSN_OPTION))
autoDSNForTimelyAndReliable = true;
else if (dsnOption.equalsIgnoreCase(GENERAL_DSN_OPTION))
autoDSNForGeneral = true;
}
// set the agent and config in the Gateway state
final GatewayState gwState = GatewayState.getInstance();
if (gwState.isAgentSettingManagerRunning())
gwState.stopAgentSettingsManager();
gwState.setSmtpAgent(agent);
gwState.setSmptAgentConfig(SmptAgentConfigFactory.createSmtpAgentConfig(configURL, configProvider, null));
gwState.startAgentSettingsManager();
LOGGER.info("NHINDSecurityAndTrustMailet initialization complete.");
}
use of org.nhindirect.gateway.smtp.SmtpAgentException in project nhin-d by DirectProject.
the class RESTSmtpAgentConfig method buildDomains.
@Override
protected void buildDomains() {
domains = new ArrayList<String>();
domainPostmasters = new HashMap<String, DomainPostmaster>();
// get the domain list first
try {
lookedupRESTServiceDomains = domainService.searchDomains("", null);
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting domains list: " + e.getMessage(), e);
}
if (lookedupRESTServiceDomains != null) {
for (Domain dom : lookedupRESTServiceDomains) {
domains.add(dom.getDomainName());
try {
String configuredAddress = (dom.getPostmasterAddress() == null) ? "" : dom.getPostmasterAddress().getEmailAddress();
configuredAddress = (configuredAddress == null || configuredAddress.trim().isEmpty()) ? DomainPostmaster.getDefaultPostmaster(dom.getDomainName()) : configuredAddress;
domainPostmasters.put(dom.getDomainName().toUpperCase(Locale.getDefault()), new DomainPostmaster(dom.getDomainName(), new InternetAddress(configuredAddress)));
} catch (AddressException e) {
}
}
}
if (domains.size() == 0)
throw new SmtpAgentException(SmtpAgentError.MissingDomains);
// now get the trust anchors
buildTrustAnchorResolver();
}
use of org.nhindirect.gateway.smtp.SmtpAgentException in project nhin-d by DirectProject.
the class RESTSmtpAgentConfig method buildTrustAnchorResolver.
public void buildTrustAnchorResolver() {
Provider<TrustAnchorResolver> provider = null;
Map<String, Collection<X509Certificate>> incomingAnchors = new HashMap<String, Collection<X509Certificate>>();
Map<String, Collection<X509Certificate>> outgoingAnchors = new HashMap<String, Collection<X509Certificate>>();
/*
* first determine how anchors are stored... possibilities are LDAP, keystore, and WS
*
*/
Setting setting = null;
String storeType;
String resolverType;
try {
setting = settingsService.getSetting("AnchorStoreType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor store type: " + e.getMessage(), e);
}
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty())
// default to WS
storeType = STORE_TYPE_WS;
else
storeType = setting.getValue();
// if the store type is anything other than WS, then we need to get the anchor names so we can look them up in the repository
if (!storeType.equalsIgnoreCase(STORE_TYPE_WS)) {
getAnchorsFromNonWS(incomingAnchors, outgoingAnchors, storeType);
} else {
// trust bundles are shared objects across domains, so just pull the entire bundle list and associate
// the anchors in the bundles to the appropriate domains as we go... this will not always be the most efficient
// algorithm, but it most cases it will be when there are several domains configured (in which case this
// loading algorithm will be much more efficient)
final Map<String, TrustBundle> bundleMap = new HashMap<String, TrustBundle>();
try {
final Collection<TrustBundle> bundles = trustBundleService.getTrustBundles(true);
// put the bundles in a Map by name
if (bundles != null)
for (TrustBundle bundle : bundles) bundleMap.put(bundle.getBundleName(), bundle);
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting trust bundles: " + e.getMessage(), e);
}
// hit up the web service for each domains anchor
for (Domain domain : lookedupRESTServiceDomains) {
try {
final Collection<X509Certificate> incomingAnchorsToAdd = new ArrayList<X509Certificate>();
final Collection<X509Certificate> outgoingAnchorsToAdd = new ArrayList<X509Certificate>();
// get the anchors for the domain
final Collection<Anchor> anchors = anchorService.getAnchorsForOwner(domain.getDomainName(), false, false, null);
if (anchors != null) {
for (Anchor anchor : anchors) {
final X509Certificate anchorToAdd = certFromData(anchor.getCertificateData());
if (anchor.isIncoming())
incomingAnchorsToAdd.add(anchorToAdd);
if (anchor.isOutgoing())
outgoingAnchorsToAdd.add(anchorToAdd);
}
}
// check to see if there is a bundle associated to this domain
final Collection<TrustBundleDomainReltn> domainAssocs = trustBundleService.getTrustBundlesByDomain(domain.getDomainName(), false);
if (domainAssocs != null) {
for (TrustBundleDomainReltn domainAssoc : domainAssocs) {
final TrustBundle bundle = bundleMap.get(domainAssoc.getTrustBundle().getBundleName());
if (bundle != null && bundle.getTrustBundleAnchors() != null) {
for (TrustBundleAnchor anchor : bundle.getTrustBundleAnchors()) {
final X509Certificate anchorToAdd = certFromData(anchor.getAnchorData());
if (domainAssoc.isIncoming())
incomingAnchorsToAdd.add(anchorToAdd);
if (domainAssoc.isOutgoing())
outgoingAnchorsToAdd.add(anchorToAdd);
}
}
}
}
incomingAnchors.put(domain.getDomainName(), incomingAnchorsToAdd);
outgoingAnchors.put(domain.getDomainName(), outgoingAnchorsToAdd);
} catch (SmtpAgentException e) {
// rethrow
throw e;
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings, "WebService error getting trust anchors for domain " + domain + ":" + e.getMessage(), e);
}
}
}
try {
setting = settingsService.getSetting("AnchorResolverType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting anchor resolver type: " + e.getMessage(), e);
}
if (incomingAnchors.size() == 0 && outgoingAnchors.size() == 0)
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings, "No trust anchors defined.");
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty()) {
// multi domain should be the default... uniform really only makes sense for dev purposes
resolverType = ANCHOR_RES_TYPE_MULTIDOMAIN;
} else
resolverType = setting.getValue();
if (resolverType.equalsIgnoreCase(ANCHOR_RES_TYPE_UNIFORM)) {
// the same... just get the first collection in the incoming map
if (incomingAnchors.size() > 0)
provider = new UniformTrustAnchorResolverProvider(incomingAnchors.values().iterator().next());
else
provider = new UniformTrustAnchorResolverProvider(outgoingAnchors.values().iterator().next());
} else if (resolverType.equalsIgnoreCase(ANCHOR_RES_TYPE_MULTIDOMAIN)) {
provider = new MultiDomainTrustAnchorResolverProvider(incomingAnchors, outgoingAnchors);
} else {
throw new SmtpAgentException(SmtpAgentError.InvalidTrustAnchorSettings);
}
certAnchorModule = TrustAnchorModule.create(provider);
}
use of org.nhindirect.gateway.smtp.SmtpAgentException in project nhin-d by DirectProject.
the class WSSmtpAgentConfig method buildMDNSettings.
protected void buildMDNSettings() {
Setting autoResponseSettings;
Setting prodNameSetting;
Setting textSetting;
try {
autoResponseSettings = cfService.getSettingByName("MDNAutoResponse");
prodNameSetting = cfService.getSettingByName("MDNProdName");
textSetting = cfService.getSettingByName("MDNText");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting MDN settings: " + e.getMessage(), e);
}
boolean autoResponse = (autoResponseSettings == null) ? true : Boolean.parseBoolean(autoResponseSettings.getValue());
String prodName = (prodNameSetting == null) ? "" : prodNameSetting.getValue();
String text = (textSetting == null) ? "" : textSetting.getValue();
notificationProducer = new NotificationProducer(new NotificationSettings(autoResponse, prodName, text));
}
Aggregations