use of org.wildfly.security.credential.store.CredentialStore in project fuse-karaf by jboss-fuse.
the class ActivatorTest method initializeCredentialStore.
@Before
public void initializeCredentialStore() throws Exception {
activator.start(null);
final WildFlyElytronProvider elytron = new WildFlyElytronProvider();
Security.addProvider(elytron);
final PasswordFactory passwordFactory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR, elytron);
final Password password = passwordFactory.generatePassword(new ClearPasswordSpec("it was the best of times it was the worst of times".toCharArray()));
final Credential credential = new PasswordCredential(password);
final CredentialSource credentialSource = IdentityCredentials.NONE.withCredential(credential);
credentialStore = CredentialStore.getInstance(KeyStoreCredentialStore.KEY_STORE_CREDENTIAL_STORE, elytron);
final String storePath = new File(tmp.getRoot(), "credential.store").getAbsolutePath();
final Map<String, String> parameters = new HashMap<>();
parameters.put("location", storePath);
parameters.put("keyStoreType", "JCEKS");
credentialStore.initialize(parameters, new CredentialStore.CredentialSourceProtectionParameter(credentialSource));
final Password secret = passwordFactory.generatePassword(new ClearPasswordSpec("this is a password".toCharArray()));
final Credential value = new PasswordCredential(secret);
credentialStore.store("alias", value);
credentialStore.flush();
}
use of org.wildfly.security.credential.store.CredentialStore in project fuse-karaf by jboss-fuse.
the class Activator method start.
/**
* If there are any Credential store references as values in the system properties, adds
* {@link WildFlyElytronProvider} to {@link Security} providers, replaces those values with the values from the
* Credential store and installs the JMX filter to prevent the clear text value leakage.
*
* @param context
* OSGI bundle context
*/
@Override
public void start(final BundleContext context) throws Exception {
this.context = context;
final WildFlyElytronProvider elytronProvider = new WildFlyElytronProvider();
providerName = elytronProvider.getName();
Security.addProvider(elytronProvider);
final Properties properties = System.getProperties();
@SuppressWarnings("unchecked") final Collection<String> values = (Collection) properties.values();
final boolean hasValuesFromCredentialStore = CredentialStoreHelper.containsStoreReferences(values);
if (!hasValuesFromCredentialStore) {
return;
}
CredentialStore credentialStore;
try {
credentialStore = CredentialStoreHelper.credentialStoreFromEnvironment();
} catch (final Exception e) {
final String message = e.getMessage();
System.err.println("\r\nUnable to initialize credential store, destroying container: " + message);
LOG.error("Unable to initialize credential store, destroying container: {}", message);
if (LOG.isDebugEnabled()) {
LOG.debug("Logging exception stack trace", e);
}
final Bundle frameworkBundle = context.getBundle(0);
frameworkBundle.stop();
return;
}
@SuppressWarnings("unchecked") final Hashtable<String, String> propertiesAsStringEntries = (Hashtable) properties;
for (final Entry<String, String> property : propertiesAsStringEntries.entrySet()) {
final String key = property.getKey();
final String value = property.getValue();
if (replaced(credentialStore, key, value)) {
replacedProperties.put(key, value);
}
}
if (!replacedProperties.isEmpty()) {
mbeanServerTracker = new ServiceTracker<>(context, MBeanServer.class, this);
mbeanServerTracker.open();
}
}
use of org.wildfly.security.credential.store.CredentialStore in project fuse-karaf by jboss-fuse.
the class CreateCredentialStore method createCredentialStore.
/**
* Performs the {@link CredentialStore} creation, by the way of instantiation, initialization and in the end
* flushing the Credential store implementation. The given attributes are combined with the default attributes so
* that the user doesn't need to specify a lot of parameters needed for the initialization of the Credential source.
*
* @see CredentialStoreHelper#defaultCredentialStoreAttributesFor(String)
*
* @param algorithm
* of the Credential store, must be one supported by the provider
* @param givenAttributes
* configuration parameters that will be combined with default to initialize the Credential store
* @param credentialSource
* the protection of the Credential store
* @param provider
* provider whose implementation will be used for the Credential store
* @throws GeneralSecurityException
*/
static void createCredentialStore(final String algorithm, final Map<String, String> givenAttributes, final CredentialSource credentialSource, final Provider provider) throws GeneralSecurityException {
final CredentialStore credentialStore = CredentialStore.getInstance(algorithm, provider);
final CredentialStore.ProtectionParameter protectionParameter = new CredentialStore.CredentialSourceProtectionParameter(credentialSource);
final Map<String, String> attributes = CredentialStoreHelper.defaultCredentialStoreAttributesFor(algorithm);
attributes.putAll(givenAttributes);
credentialStore.initialize(attributes, protectionParameter);
credentialStore.flush();
}
use of org.wildfly.security.credential.store.CredentialStore in project fuse-karaf by jboss-fuse.
the class ListCredentialStore method execute.
@Override
public Object execute() throws Exception {
final ShellTable table = new ShellTable();
table.column(new Col("Alias"));
table.column(new Col("Reference"));
final CredentialStore credentialStore = CredentialStoreHelper.credentialStoreFromEnvironment();
for (final String alias : credentialStore.getAliases()) {
table.addRow().addContent(alias, CredentialStoreHelper.referenceForAlias(alias));
}
table.print(System.out);
return null;
}
use of org.wildfly.security.credential.store.CredentialStore in project fuse-karaf by jboss-fuse.
the class StoreInCredentialStore method execute.
@Override
public Object execute() throws Exception {
final CredentialStore credentialStore = CredentialStoreHelper.credentialStoreFromEnvironment();
final PasswordFactory passwordFactory = PasswordFactory.getInstance("clear", ProviderHelper.provider(ProviderHelper.WILDFLY_PROVIDER));
final Password password = passwordFactory.generatePassword(new ClearPasswordSpec(secret.toCharArray()));
credentialStore.store(alias, new PasswordCredential(password));
credentialStore.flush();
System.out.println("Value stored in the credential store to reference it use: " + CredentialStoreHelper.referenceForAlias(alias));
return null;
}
Aggregations