Example 1 with PublicLdapCertificateStoreProvider
use of org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider in project nhin-d by DirectProject.
the class LdapCertificateStoreTest method testPublicLdapSearch_requestUserLevelCert_fallbackToOrgLevelCert_assertCertExists.
public void testPublicLdapSearch_requestUserLevelCert_fallbackToOrgLevelCert_assertCertExists() throws Exception {
addStockPublicLDAPCertificats();
PublicLdapCertificateStoreProvider provider = new PublicLdapCertificateStoreProvider(null, null);
CertificateResolver resolver = provider.get();
Collection<X509Certificate> certs = resolver.getCertificates(new InternetAddress("bogus_user@testdomain.com"));
assertEquals(1, certs.size());
X509Certificate cert = certs.iterator().next();
assertTrue(cert.getSubjectX500Principal().toString().contains("direct.fnhubapp01.qa.medplus.com"));
}
Also used :
InternetAddress(javax.mail.internet.InternetAddress)
CertificateResolver(org.nhindirect.stagent.cert.CertificateResolver)
PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)
X509Certificate(java.security.cert.X509Certificate)
Example 2 with PublicLdapCertificateStoreProvider
use of org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider in project nhin-d by DirectProject.
the class LdapCertificateStoreTest method testPublicLdapSearch_userLevelCert_assertCertExists.
public void testPublicLdapSearch_userLevelCert_assertCertExists() throws Exception {
addStockPublicLDAPCertificats();
PublicLdapCertificateStoreProvider provider = new PublicLdapCertificateStoreProvider(null, null);
CertificateResolver resolver = provider.get();
Collection<X509Certificate> certs = resolver.getCertificates(new InternetAddress("user@testdomain.com"));
assertEquals(1, certs.size());
X509Certificate cert = certs.iterator().next();
assertTrue(cert.getSubjectX500Principal().toString().contains("moe@direct.fnhubapp01.qa.medplus.com"));
}
Also used :
InternetAddress(javax.mail.internet.InternetAddress)
CertificateResolver(org.nhindirect.stagent.cert.CertificateResolver)
PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)
X509Certificate(java.security.cert.X509Certificate)
Example 3 with PublicLdapCertificateStoreProvider
use of org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider in project nhin-d by DirectProject.
the class LDAPCertDumper method main.
public static void main(String[] args) {
if (args.length == 0) {
printUsage();
System.exit(-1);
}
//"beau@direct3.h1sp.com";
String emailAddress = "";
String outFile = null;
// Check parameters
for (int i = 0; i < args.length; i++) {
String arg = args[i];
// Options
if (!arg.startsWith("-")) {
System.err.println("Error: Unexpected argument [" + arg + "]\n");
printUsage();
System.exit(-1);
} else if (arg.equalsIgnoreCase("-add")) {
if (i == args.length - 1 || args[i + 1].startsWith("-")) {
System.err.println("Error: Missing email address");
System.exit(-1);
}
emailAddress = args[++i];
} else if (arg.equals("-out")) {
if (i == args.length - 1 || args[i + 1].startsWith("-")) {
System.err.println("Error: Missing output file.");
System.exit(-1);
}
outFile = args[++i];
} else if (arg.equals("-help")) {
printUsage();
System.exit(-1);
} else {
System.err.println("Error: Unknown argument " + arg + "\n");
printUsage();
System.exit(-1);
}
}
if (emailAddress == null || emailAddress.isEmpty()) {
System.err.println("You must provide an email address.");
printUsage();
} else {
LDAPCertificateStore ldapStore = (LDAPCertificateStore) new PublicLdapCertificateStoreProvider(null, null).get();
try {
Collection<X509Certificate> certs = ldapStore.getCertificates(new InternetAddress(emailAddress));
if (certs == null || certs.size() == 0) {
System.out.println("No certs found");
} else {
int idx = 1;
for (X509Certificate cert : certs) {
String certFileName = "";
String certFileHold = (outFile == null || outFile.isEmpty()) ? emailAddress + ".der" : outFile;
if (certs.size() > 1) {
int index = certFileHold.lastIndexOf(".");
if (index < 0)
certFileHold += "(" + idx + ")";
else {
certFileName = certFileHold.substring(0, index - 1) + "(" + idx + ")" + certFileHold.substring(index);
}
} else
certFileName = certFileHold;
File certFile = new File(certFileName);
if (certFile.exists())
certFile.delete();
System.out.println("Writing cert file: " + certFile.getAbsolutePath());
FileUtils.writeByteArrayToFile(certFile, cert.getEncoded());
++idx;
}
}
} catch (Exception e) {
e.printStackTrace();
}
}
System.exit(0);
}
Also used :
InternetAddress(javax.mail.internet.InternetAddress)
LDAPCertificateStore(org.nhindirect.stagent.cert.impl.LDAPCertificateStore)
PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)
File(java.io.File)
X509Certificate(java.security.cert.X509Certificate)
Example 4 with PublicLdapCertificateStoreProvider
use of org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider in project nhin-d by DirectProject.
the class RESTSmtpAgentConfig method buildPublicCertStore.
@Override
@SuppressWarnings("unchecked")
protected void buildPublicCertStore() {
Provider<CertificateResolver> resolverProvider = null;
Collection<Provider<CertificateResolver>> resolverProviders = new ArrayList<Provider<CertificateResolver>>();
Setting setting = null;
String storeTypes;
try {
setting = settingsService.getSetting("PublicStoreType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting public store type: " + e.getMessage(), e);
}
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty())
// default to DNS
storeTypes = STORE_TYPE_DNS + "," + STORE_TYPE_PUBLIC_LDAP;
else
storeTypes = setting.getValue();
/*
* KeyStore based resolver
*/
String[] types = storeTypes.split(",");
for (String storeType : types) {
if (storeType.equalsIgnoreCase(STORE_TYPE_KEYSTORE)) {
Setting file;
Setting pass;
Setting privKeyPass;
try {
file = settingsService.getSetting("PublicStoreFile");
pass = settingsService.getSetting("PublicStoreFilePass");
privKeyPass = settingsService.getSetting("PublicStorePrivKeyPass");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting public store file settings: " + e.getMessage(), e);
}
resolverProvider = new KeyStoreCertificateStoreProvider((file == null) ? "PublicStoreKeyFile" : file.getValue(), (pass == null) ? "DefaultFilePass" : pass.getValue(), (privKeyPass == null) ? "DefaultKeyPass" : privKeyPass.getValue());
} else /*
* DNS resolver
*/
if (storeType.equalsIgnoreCase(STORE_TYPE_DNS)) {
resolverProvider = new DNSCertStoreProvider(Collections.EMPTY_LIST, null, new DNSCertificateStore.DefaultDNSCachePolicy());
} else /*
* Web Services
*/
if (storeType.equalsIgnoreCase(STORE_TYPE_WS)) {
resolverProvider = new ConfigServiceRESTCertificateStoreProvider(certificateService, null, new ConfigServiceCertificateStore.DefaultConfigStoreCachePolicy(), this.storeProvider);
} else /*
* Public LDAP resolver
*/
if (storeType.equalsIgnoreCase(STORE_TYPE_PUBLIC_LDAP)) {
resolverProvider = new PublicLdapCertificateStoreProvider(null, new LDAPCertificateStore.DefaultLDAPCachePolicy());
} else /*
* Default to DNS with a default cache policy
*/
{
resolverProvider = new DNSCertStoreProvider(Collections.EMPTY_LIST, null, new DNSCertificateStore.DefaultDNSCachePolicy());
}
resolverProviders.add(resolverProvider);
}
publicCertModule = new PublicCertStoreModule(resolverProviders);
}
Also used :
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
KeyStoreCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.KeyStoreCertificateStoreProvider)
Setting(org.nhindirect.config.model.Setting)
PublicCertStoreModule(org.nhindirect.stagent.module.PublicCertStoreModule)
ArrayList(java.util.ArrayList)
ConfigServiceRESTCertificateStoreProvider(org.nhindirect.gateway.smtp.config.cert.impl.provider.ConfigServiceRESTCertificateStoreProvider)
PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)
AddressException(javax.mail.internet.AddressException)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
PolicyParseException(org.nhindirect.policy.PolicyParseException)
ConfigServiceRESTCertificateStoreProvider(org.nhindirect.gateway.smtp.config.cert.impl.provider.ConfigServiceRESTCertificateStoreProvider)
KeyStoreCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.KeyStoreCertificateStoreProvider)
MultiDomainTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.MultiDomainTrustAnchorResolverProvider)
UniformTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.UniformTrustAnchorResolverProvider)
DNSCertStoreProvider(org.nhindirect.stagent.cert.impl.provider.DNSCertStoreProvider)
PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)
DomainPolicyResolverProvider(org.nhindirect.stagent.policy.impl.provider.DomainPolicyResolverProvider)
LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)
Provider(com.google.inject.Provider)
DNSCertificateStore(org.nhindirect.stagent.cert.impl.DNSCertificateStore)
LDAPCertificateStore(org.nhindirect.stagent.cert.impl.LDAPCertificateStore)
DNSCertStoreProvider(org.nhindirect.stagent.cert.impl.provider.DNSCertStoreProvider)
CertificateResolver(org.nhindirect.stagent.cert.CertificateResolver)
Example 5 with PublicLdapCertificateStoreProvider
use of org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider in project nhin-d by DirectProject.
the class WSSmtpAgentConfig method buildPublicCertStore.
/*
* Build the certificate resolver for public certificates
*/
@SuppressWarnings("unchecked")
protected void buildPublicCertStore() {
Provider<CertificateResolver> resolverProvider = null;
Collection<Provider<CertificateResolver>> resolverProviders = new ArrayList<Provider<CertificateResolver>>();
Setting setting = null;
String storeTypes;
try {
setting = cfService.getSettingByName("PublicStoreType");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting public store type: " + e.getMessage(), e);
}
if (setting == null || setting.getValue() == null || setting.getValue().isEmpty())
// default to DNS
storeTypes = STORE_TYPE_DNS + "," + STORE_TYPE_PUBLIC_LDAP;
else
storeTypes = setting.getValue();
/*
* KeyStore based resolver
*/
String[] types = storeTypes.split(",");
for (String storeType : types) {
if (storeType.equalsIgnoreCase(STORE_TYPE_KEYSTORE)) {
Setting file;
Setting pass;
Setting privKeyPass;
try {
file = cfService.getSettingByName("PublicStoreFile");
pass = cfService.getSettingByName("PublicStoreFilePass");
privKeyPass = cfService.getSettingByName("PublicStorePrivKeyPass");
} catch (Exception e) {
throw new SmtpAgentException(SmtpAgentError.InvalidConfigurationFormat, "WebService error getting public store file settings: " + e.getMessage(), e);
}
resolverProvider = new KeyStoreCertificateStoreProvider((file == null) ? "PublicStoreKeyFile" : file.getValue(), (pass == null) ? "DefaultFilePass" : pass.getValue(), (privKeyPass == null) ? "DefaultKeyPass" : privKeyPass.getValue());
} else /*
* DNS resolver
*/
if (storeType.equalsIgnoreCase(STORE_TYPE_DNS)) {
resolverProvider = new DNSCertStoreProvider(Collections.EMPTY_LIST, null, new DNSCertificateStore.DefaultDNSCachePolicy());
} else /*
* Web Services
*/
if (storeType.equalsIgnoreCase(STORE_TYPE_WS)) {
resolverProvider = new ConfigServiceCertificateStoreProvider(cfService, null, new ConfigServiceCertificateStore.DefaultConfigStoreCachePolicy(), this.storeProvider);
} else /*
* Public LDAP resolver
*/
if (storeType.equalsIgnoreCase(STORE_TYPE_PUBLIC_LDAP)) {
resolverProvider = new PublicLdapCertificateStoreProvider(null, new LDAPCertificateStore.DefaultLDAPCachePolicy());
} else /*
* Default to DNS with a default cache policy
*/
{
resolverProvider = new DNSCertStoreProvider(Collections.EMPTY_LIST, null, new DNSCertificateStore.DefaultDNSCachePolicy());
}
resolverProviders.add(resolverProvider);
}
publicCertModule = new PublicCertStoreModule(resolverProviders);
}
Also used :
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
ConfigServiceCertificateStoreProvider(org.nhindirect.gateway.smtp.config.cert.impl.provider.ConfigServiceCertificateStoreProvider)
KeyStoreCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.KeyStoreCertificateStoreProvider)
Setting(org.nhind.config.Setting)
PublicCertStoreModule(org.nhindirect.stagent.module.PublicCertStoreModule)
ArrayList(java.util.ArrayList)
PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)
AddressException(javax.mail.internet.AddressException)
SmtpAgentException(org.nhindirect.gateway.smtp.SmtpAgentException)
PolicyParseException(org.nhindirect.policy.PolicyParseException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
DefaultSmtpAgentProvider(org.nhindirect.gateway.smtp.provider.DefaultSmtpAgentProvider)
KeyStoreCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.KeyStoreCertificateStoreProvider)
ConfigServiceCertificateStoreProvider(org.nhindirect.gateway.smtp.config.cert.impl.provider.ConfigServiceCertificateStoreProvider)
MultiDomainTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.MultiDomainTrustAnchorResolverProvider)
UniformTrustAnchorResolverProvider(org.nhindirect.stagent.trust.provider.UniformTrustAnchorResolverProvider)
DNSCertStoreProvider(org.nhindirect.stagent.cert.impl.provider.DNSCertStoreProvider)
PublicLdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)
DomainPolicyResolverProvider(org.nhindirect.stagent.policy.impl.provider.DomainPolicyResolverProvider)
LdapCertificateStoreProvider(org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)
Provider(com.google.inject.Provider)
DNSCertificateStore(org.nhindirect.stagent.cert.impl.DNSCertificateStore)
LDAPCertificateStore(org.nhindirect.stagent.cert.impl.LDAPCertificateStore)
DNSCertStoreProvider(org.nhindirect.stagent.cert.impl.provider.DNSCertStoreProvider)
CertificateResolver(org.nhindirect.stagent.cert.CertificateResolver)
Aggregations
PublicLdapCertificateStoreProvider (org.nhindirect.stagent.cert.impl.provider.PublicLdapCertificateStoreProvider)6
CertificateResolver (org.nhindirect.stagent.cert.CertificateResolver)5
X509Certificate (java.security.cert.X509Certificate)4
InternetAddress (javax.mail.internet.InternetAddress)4
LDAPCertificateStore (org.nhindirect.stagent.cert.impl.LDAPCertificateStore)3
Provider (com.google.inject.Provider)2
ArrayList (java.util.ArrayList)2
AddressException (javax.mail.internet.AddressException)2
SmtpAgentException (org.nhindirect.gateway.smtp.SmtpAgentException)2
PolicyParseException (org.nhindirect.policy.PolicyParseException)2
DNSCertificateStore (org.nhindirect.stagent.cert.impl.DNSCertificateStore)2
DNSCertStoreProvider (org.nhindirect.stagent.cert.impl.provider.DNSCertStoreProvider)2
KeyStoreCertificateStoreProvider (org.nhindirect.stagent.cert.impl.provider.KeyStoreCertificateStoreProvider)2
LdapCertificateStoreProvider (org.nhindirect.stagent.cert.impl.provider.LdapCertificateStoreProvider)2
PublicCertStoreModule (org.nhindirect.stagent.module.PublicCertStoreModule)2
DomainPolicyResolverProvider (org.nhindirect.stagent.policy.impl.provider.DomainPolicyResolverProvider)2
MultiDomainTrustAnchorResolverProvider (org.nhindirect.stagent.trust.provider.MultiDomainTrustAnchorResolverProvider)2
UniformTrustAnchorResolverProvider (org.nhindirect.stagent.trust.provider.UniformTrustAnchorResolverProvider)2
File (java.io.File)1
IOException (java.io.IOException)1
