Example 46 with Parameter
use of org.wso2.carbon.apimgt.api.doc.model.Parameter in project wso2-synapse by wso2.
the class ClientConnFactoryBuilder method getCustomSSLContexts.
/**
* Looks for a transport parameter named customSSLProfiles and initializes zero or more
* custom SSLContext instances. The syntax for defining custom SSL profiles is as follows.
* <p>
* <parameter name="customSSLProfiles>
* <profile>
* <servers>www.test.org:80, www.test2.com:9763</servers>
* <KeyStore>
* <Location>/path/to/identity/store</Location>
* <Type>JKS</Type>
* <Password>password</Password>
* <KeyPassword>password</KeyPassword>
* </KeyStore>
* <TrustStore>
* <Location>path/tp/trust/store</Location>
* <Type>JKS</Type>
* <Password>password</Password>
* </TrustStore>
* </profile>
* </parameter>
* <p>
* Any number of profiles can be defined under the customSSLProfiles parameter.
*
* @param transportOut transport out description
* @return a map of server addresses and SSL contexts
* @throws AxisFault if at least on SSL profile is not properly configured
*/
private Map<String, SSLContext> getCustomSSLContexts(TransportOutDescription transportOut) throws AxisFault {
TransportOutDescription customSSLProfileTransport = loadDynamicSSLConfig(transportOut);
Parameter customProfilesParam = customSSLProfileTransport.getParameter("customSSLProfiles");
if (customProfilesParam == null) {
return null;
}
if (log.isInfoEnabled()) {
log.info(name + " Loading custom SSL profiles for the HTTPS sender");
}
OMElement customProfilesElt = customProfilesParam.getParameterElement();
Utils.resolveOMElementChildValues(customProfilesElt);
SecretResolver secretResolver = SecretResolverFactory.create(customProfilesElt, true);
Iterator<?> profiles = customProfilesElt.getChildrenWithName(new QName("profile"));
Map<String, SSLContext> contextMap = new HashMap<String, SSLContext>();
while (profiles.hasNext()) {
OMElement profile = (OMElement) profiles.next();
OMElement serversElt = profile.getFirstChildWithName(new QName("servers"));
if (serversElt == null || serversElt.getText() == null) {
String msg = "Each custom SSL profile must define at least one host:port " + "pair under the servers element";
log.error(name + " " + msg);
throw new AxisFault(msg);
}
String[] servers = serversElt.getText().split(",");
OMElement ksElt = profile.getFirstChildWithName(new QName("KeyStore"));
OMElement trElt = profile.getFirstChildWithName(new QName("TrustStore"));
String noValCert = profile.getAttributeValue(new QName("novalidatecert"));
boolean novalidatecert = "true".equals(noValCert);
SSLContext sslContext = null;
try {
sslContext = createSSLContext(ksElt, trElt, novalidatecert, secretResolver);
} catch (AxisFault axisFault) {
String err = "Error occurred while creating SSL context for the servers " + serversElt.getText();
// This runtime exception stop the server startup But it will not affect for dynamic change
throw new InvalidConfigurationException(err, axisFault);
}
for (String server : servers) {
server = server.trim();
if (!contextMap.containsKey(server)) {
contextMap.put(server, sslContext);
} else {
if (log.isWarnEnabled()) {
log.warn(name + " Multiple SSL profiles were found for the server : " + server + ". Ignoring the excessive profiles.");
}
}
}
}
if (contextMap.size() > 0) {
if (log.isInfoEnabled()) {
log.info(name + " Custom SSL profiles initialized for " + contextMap.size() + " servers");
}
return contextMap;
}
return null;
}
Also used :
AxisFault(org.apache.axis2.AxisFault)
HashMap(java.util.HashMap)
QName(javax.xml.namespace.QName)
OMElement(org.apache.axiom.om.OMElement)
SSLContext(javax.net.ssl.SSLContext)
InvalidConfigurationException(org.apache.synapse.transport.exceptions.InvalidConfigurationException)
SecretResolver(org.wso2.securevault.SecretResolver)
Parameter(org.apache.axis2.description.Parameter)
TransportOutDescription(org.apache.axis2.description.TransportOutDescription)
Example 47 with Parameter
use of org.wso2.carbon.apimgt.api.doc.model.Parameter in project wso2-synapse by wso2.
the class ClientConnFactoryBuilder method createSSLContext.
private SSLContext createSSLContext(OMElement keyStoreElt, OMElement trustStoreElt, boolean novalidatecert) throws AxisFault {
KeyManager[] keymanagers = null;
TrustManager[] trustManagers = null;
SecretResolver resolver;
if (configurationContext != null && configurationContext.getAxisConfiguration() != null) {
resolver = configurationContext.getAxisConfiguration().getSecretResolver();
} else {
resolver = SecretResolverFactory.create(keyStoreElt, false);
}
if (keyStoreElt != null) {
String location = keyStoreElt.getFirstChildWithName(new QName("Location")).getText();
String type = keyStoreElt.getFirstChildWithName(new QName("Type")).getText();
OMElement passwordElement = keyStoreElt.getFirstChildWithName(new QName("Password"));
OMElement keyPasswordElement = keyStoreElt.getFirstChildWithName(new QName("KeyPassword"));
if (passwordElement == null) {
throw new AxisFault("Cannot proceed because Password element is missing in KeyStore");
}
if (keyPasswordElement == null) {
throw new AxisFault("Cannot proceed because KeyPassword element is missing in KeyStore");
}
String storePassword = SecureVaultValueReader.getSecureVaultValue(resolver, passwordElement);
String keyPassword = SecureVaultValueReader.getSecureVaultValue(resolver, keyPasswordElement);
FileInputStream fis = null;
try {
KeyStore keyStore = KeyStore.getInstance(type);
fis = new FileInputStream(location);
if (log.isDebugEnabled()) {
log.debug(name + " Loading Identity Keystore from : " + location);
}
keyStore.load(fis, storePassword.toCharArray());
KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmfactory.init(keyStore, keyPassword.toCharArray());
keymanagers = kmfactory.getKeyManagers();
} catch (GeneralSecurityException gse) {
log.error(name + " Error loading Keystore : " + location, gse);
throw new AxisFault("Error loading Keystore : " + location, gse);
} catch (IOException ioe) {
log.error(name + " Error opening Keystore : " + location, ioe);
throw new AxisFault("Error opening Keystore : " + location, ioe);
} finally {
if (fis != null) {
try {
fis.close();
} catch (IOException ignore) {
}
}
}
}
if (trustStoreElt != null) {
if (novalidatecert && log.isWarnEnabled()) {
log.warn(name + " Ignoring novalidatecert parameter since a truststore has been specified");
}
String location = trustStoreElt.getFirstChildWithName(new QName("Location")).getText();
String type = trustStoreElt.getFirstChildWithName(new QName("Type")).getText();
OMElement passwordElement = trustStoreElt.getFirstChildWithName(new QName("Password"));
if (passwordElement == null) {
throw new AxisFault("Cannot proceed because Password element is missing in TrustStore");
}
String storePassword = SecureVaultValueReader.getSecureVaultValue(resolver, passwordElement);
FileInputStream fis = null;
try {
KeyStore trustStore = KeyStore.getInstance(type);
fis = new FileInputStream(location);
if (log.isDebugEnabled()) {
log.debug(name + " Loading Trust Keystore from : " + location);
}
trustStore.load(fis, storePassword.toCharArray());
TrustManagerFactory trustManagerfactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerfactory.init(trustStore);
trustManagers = trustManagerfactory.getTrustManagers();
} catch (GeneralSecurityException gse) {
log.error(name + " Error loading Key store : " + location, gse);
throw new AxisFault("Error loading Key store : " + location, gse);
} catch (IOException ioe) {
log.error(name + " Error opening Key store : " + location, ioe);
throw new AxisFault("Error opening Key store : " + location, ioe);
} finally {
if (fis != null) {
try {
fis.close();
} catch (IOException ignore) {
}
}
}
} else if (novalidatecert) {
if (log.isWarnEnabled()) {
log.warn(name + " Server certificate validation (trust) has been disabled. " + "DO NOT USE IN PRODUCTION!");
}
trustManagers = new TrustManager[] { new NoValidateCertTrustManager() };
}
try {
final Parameter sslpParameter = transportOut.getParameter("SSLProtocol");
final String sslProtocol = sslpParameter != null ? sslpParameter.getValue().toString() : "TLS";
SSLContext sslcontext = SSLContext.getInstance(sslProtocol);
sslcontext.init(keymanagers, trustManagers, null);
return sslcontext;
} catch (GeneralSecurityException gse) {
log.error(name + " Unable to create SSL context with the given configuration", gse);
throw new AxisFault("Unable to create SSL context with the given configuration", gse);
}
}
Also used :
AxisFault(org.apache.axis2.AxisFault)
QName(javax.xml.namespace.QName)
GeneralSecurityException(java.security.GeneralSecurityException)
OMElement(org.apache.axiom.om.OMElement)
IOException(java.io.IOException)
SSLContext(javax.net.ssl.SSLContext)
KeyStore(java.security.KeyStore)
FileInputStream(java.io.FileInputStream)
TrustManager(javax.net.ssl.TrustManager)
NoValidateCertTrustManager(org.apache.synapse.transport.nhttp.NoValidateCertTrustManager)
KeyManagerFactory(javax.net.ssl.KeyManagerFactory)
NoValidateCertTrustManager(org.apache.synapse.transport.nhttp.NoValidateCertTrustManager)
SecretResolver(org.wso2.securevault.SecretResolver)
TrustManagerFactory(javax.net.ssl.TrustManagerFactory)
Parameter(org.apache.axis2.description.Parameter)
KeyManager(javax.net.ssl.KeyManager)
Example 48 with Parameter
use of org.wso2.carbon.apimgt.api.doc.model.Parameter in project wso2-synapse by wso2.
the class ClientConnFactoryBuilder method loadDynamicSSLConfig.
/**
* Extracts Dynamic SSL profiles configuration from given TransportOut Configuration
*
* @param transportOut TransportOut Configuration of the connection
* @return TransportOut configuration with extracted Dynamic SSL profiles information
*/
public TransportOutDescription loadDynamicSSLConfig(TransportOutDescription transportOut) {
Parameter profilePathParam = transportOut.getParameter("dynamicSSLProfilesConfig");
// No Separate configuration file configured. Therefore using Axis2 Configuration
if (profilePathParam == null) {
return transportOut;
}
// Using separate SSL Profile configuration file, ignore Axis2 configurations
OMElement pathEl = profilePathParam.getParameterElement();
String path = pathEl.getFirstChildWithName(new QName("filePath")).getText();
try {
if (path != null) {
String separator = path.startsWith(System.getProperty("file.separator")) ? "" : System.getProperty("file.separator");
String fullPath = System.getProperty("user.dir") + separator + path;
OMElement profileEl = new StAXOMBuilder(fullPath).getDocumentElement();
Parameter profileParam = new Parameter();
profileParam.setParameterElement(profileEl);
profileParam.setName("customSSLProfiles");
profileParam.setValue(profileEl);
transportOut.addParameter(profileParam);
log.info("customSSLProfiles configuration is loaded from path: " + fullPath);
return transportOut;
}
} catch (XMLStreamException xmlEx) {
log.error("XMLStreamException - Could not load customSSLProfiles from file path: " + path, xmlEx);
} catch (FileNotFoundException fileEx) {
log.error("FileNotFoundException - Could not load customSSLProfiles from file path: " + path, fileEx);
} catch (AxisFault axisFault) {
log.error("AxisFault - Could not load customSSLProfiles from file path: " + path, axisFault);
} catch (Exception ex) {
log.error("Exception - Could not load customSSLProfiles from file path: " + path, ex);
}
return null;
}
Also used :
AxisFault(org.apache.axis2.AxisFault)
XMLStreamException(javax.xml.stream.XMLStreamException)
QName(javax.xml.namespace.QName)
FileNotFoundException(java.io.FileNotFoundException)
Parameter(org.apache.axis2.description.Parameter)
OMElement(org.apache.axiom.om.OMElement)
StAXOMBuilder(org.apache.axiom.om.impl.builder.StAXOMBuilder)
InvalidConfigurationException(org.apache.synapse.transport.exceptions.InvalidConfigurationException)
GeneralSecurityException(java.security.GeneralSecurityException)
XMLStreamException(javax.xml.stream.XMLStreamException)
SecureVaultException(org.wso2.securevault.SecureVaultException)
IOException(java.io.IOException)
FileNotFoundException(java.io.FileNotFoundException)
Example 49 with Parameter
use of org.wso2.carbon.apimgt.api.doc.model.Parameter in project wso2-synapse by wso2.
the class VFSTransportListener method generateSecureVaultProperties.
/**
* Helper method to generate securevault properties from given transport configuration.
*
* @param inDescription
* @return properties
*/
private Properties generateSecureVaultProperties(TransportInDescription inDescription) {
Properties properties = new Properties();
SecretResolver secretResolver = getConfigurationContext().getAxisConfiguration().getSecretResolver();
for (Parameter parameter : inDescription.getParameters()) {
String propertyValue = parameter.getValue().toString();
OMElement paramElement = parameter.getParameterElement();
if (paramElement != null) {
if (secretResolver == null) {
throw new SecureVaultException("Cannot resolve secret password because axis2 secret resolver " + "is null");
}
propertyValue = MiscellaneousUtil.resolve(paramElement, secretResolver);
}
properties.setProperty(parameter.getName().toString(), propertyValue);
}
return properties;
}
Also used :
SecretResolver(org.wso2.securevault.SecretResolver)
SecureVaultException(org.wso2.securevault.SecureVaultException)
Parameter(org.apache.axis2.description.Parameter)
OMElement(org.apache.axiom.om.OMElement)
Properties(java.util.Properties)
Example 50 with Parameter
use of org.wso2.carbon.apimgt.api.doc.model.Parameter in project wso2-synapse by wso2.
the class VFSTransportListenerTest method testVFSTransportListenerBasics.
/**
* Testcase to test basic functionality of {@link VFSTransportListener}
* @throws Exception
*/
public void testVFSTransportListenerBasics() throws Exception {
MockFileHolder.getInstance().clear();
String fileUri = "test1:///foo/bar/test-" + System.currentTimeMillis() + "/DIR/IN/";
String moveAfterFailure = "test1:///foo/bar/test-" + System.currentTimeMillis() + "/DIR/FAIL/";
AxisService axisService = new AxisService("testVFSService");
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_FILE_FILE_URI, fileUri));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_FILE_CONTENT_TYPE, "text/xml"));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_FILE_FILE_NAME_PATTERN, ".*\\.txt"));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_FILE_ACTION_AFTER_PROCESS, VFSTransportListener.MOVE));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_FILE_ACTION_AFTER_FAILURE, VFSTransportListener.MOVE));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_FILE_MOVE_AFTER_FAILURE, moveAfterFailure));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_FILE_MOVE_AFTER_FAILED_MOVE, moveAfterFailure));
axisService.addParameter(new Parameter(VFSConstants.STREAMING, "false"));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_FILE_LOCKING, VFSConstants.TRANSPORT_FILE_LOCKING_ENABLED));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_FILE_INTERVAL, "1000"));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_FILE_COUNT, "1"));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_AUTO_LOCK_RELEASE, "true"));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_AUTO_LOCK_RELEASE_INTERVAL, "20000"));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_AUTO_LOCK_RELEASE_SAME_NODE, "true"));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_DISTRIBUTED_LOCK, "true"));
axisService.addParameter(new Parameter(VFSConstants.TRANSPORT_DISTRIBUTED_LOCK_TIMEOUT, "20000"));
axisService.addParameter(new Parameter(VFSConstants.FILE_SORT_PARAM, VFSConstants.FILE_SORT_VALUE_NAME));
axisService.addParameter(new Parameter(VFSConstants.FILE_SORT_ORDER, "true"));
TransportDescriptionFactory transportDescriptionFactory = new VFSTransportDescriptionFactory();
TransportInDescription transportInDescription = null;
try {
transportInDescription = transportDescriptionFactory.createTransportInDescription();
} catch (Exception e) {
Assert.fail("Error occurred while creating transport in description");
}
VFSTransportListener vfsTransportListener = getListener(transportInDescription);
// initialize listener
vfsTransportListener.init(new ConfigurationContext(new AxisConfiguration()), transportInDescription);
// Initialize VFSTransportListener
vfsTransportListener.doInit();
// Start listener
vfsTransportListener.start();
// Create poll entry
PollTableEntry pollTableEntry = vfsTransportListener.createEndpoint();
Assert.assertTrue("Global file locking not applied to created poll entry", pollTableEntry.isFileLockingEnabled());
// Load configuration of poll entry
pollTableEntry.loadConfiguration(axisService);
populatePollTableEntry(pollTableEntry, axisService, vfsTransportListener);
vfsTransportListener.poll(pollTableEntry);
MockFile targetDir = MockFileHolder.getInstance().getFile(fileUri);
Assert.assertNotNull("Failed target directory creation", targetDir);
Assert.assertEquals("Created target directory is not Folder type", targetDir.getName().getType(), FileType.FOLDER);
MockFile failDir = MockFileHolder.getInstance().getFile(moveAfterFailure);
Assert.assertNotNull("Fail to create expected directory to move files when failure", failDir);
MockFileHolder.getInstance().clear();
}
Also used :
ConfigurationContext(org.apache.axis2.context.ConfigurationContext)
AxisConfiguration(org.apache.axis2.engine.AxisConfiguration)
MockFile(org.wso2.carbon.inbound.endpoint.protocol.file.MockFile)
AxisService(org.apache.axis2.description.AxisService)
Parameter(org.apache.axis2.description.Parameter)
TransportInDescription(org.apache.axis2.description.TransportInDescription)
TransportDescriptionFactory(org.apache.axis2.transport.testkit.axis2.TransportDescriptionFactory)
Aggregations
HashMap (java.util.HashMap)35
ArrayList (java.util.ArrayList)32
Parameter (org.apache.axis2.description.Parameter)14
BLangEndpoint (org.wso2.ballerinalang.compiler.tree.BLangEndpoint)14
APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)13
JSONDecoder (org.wso2.charon3.core.encoder.JSONDecoder)11
BadRequestException (org.wso2.charon3.core.exceptions.BadRequestException)11
CharonException (org.wso2.charon3.core.exceptions.CharonException)11
InternalErrorException (org.wso2.charon3.core.exceptions.InternalErrorException)11
NotFoundException (org.wso2.charon3.core.exceptions.NotFoundException)11
SCIMResponse (org.wso2.charon3.core.protocol.SCIMResponse)11
SCIMResourceTypeSchema (org.wso2.charon3.core.schema.SCIMResourceTypeSchema)11
List (java.util.List)10
Map (java.util.Map)10
ConstantExpressionExecutor (org.wso2.siddhi.core.executor.ConstantExpressionExecutor)9
IOException (java.io.IOException)8
PreparedStatement (java.sql.PreparedStatement)8
ResultSet (java.sql.ResultSet)8
Test (org.testng.annotations.Test)8
BInvokableSymbol (org.wso2.ballerinalang.compiler.semantics.model.symbols.BInvokableSymbol)8
