use of org.wso2.carbon.identity.thrift.authentication.ThriftAuthenticatorService in project carbon-identity-framework by wso2.
the class ThriftAuthenticationServiceComponent method startThriftTcpAuthenticatorService.
private void startThriftTcpAuthenticatorService(ThriftAuthenticatorService thriftAuthenticatorService) throws Exception {
int portOffset = readPortOffset();
ServerConfiguration serverConfig = ServerConfiguration.getInstance();
String serverUrl = CarbonUtils.getServerURL(serverConfig, configurationContext.getServerConfigContext());
OMElement hostnameElement = ThriftAuthenticationConfigParser.getInstance().getConfigElement("Hostname");
String hostName;
if (hostnameElement == null) {
try {
hostName = new URL(serverUrl).getHost();
} catch (MalformedURLException e) {
hostName = HostAddressFinder.findAddress("localhost");
if (!serverUrl.matches("local:/.*/services/")) {
log.info("Thrift Authentication Service url :" + serverUrl + " is using local, hence hostname is assigned as '" + hostName + "'");
}
}
} else {
hostName = hostnameElement.getText();
}
OMElement portElement = ThriftAuthenticationConfigParser.getInstance().getConfigElement("Port");
int port;
if (portElement != null) {
port = Integer.parseInt(portElement.getText());
} else {
throw new Exception("Error, Thrift Authentication Service config does not have a port defined!");
}
port = port + portOffset;
String keyStore = serverConfig.getFirstProperty("Security.KeyStore.Location");
if (keyStore == null) {
keyStore = System.getProperty("Security.KeyStore.Location");
if (keyStore == null) {
throw new Exception("Cannot initialize Thrift Authentication Service, Security.KeyStore.Location is null");
}
}
String keyStorePassword = serverConfig.getFirstProperty("Security.KeyStore.Password");
if (keyStorePassword == null) {
keyStorePassword = System.getProperty("Security.KeyStore.Password");
if (keyStorePassword == null) {
throw new Exception("Cannot initialize Thrift Authentication Service, Security.KeyStore.Password is null ");
}
}
OMElement clientTimeoutElement = ThriftAuthenticationConfigParser.getInstance().getConfigElement(ThriftAuthenticationConstants.CLIENT_TIMEOUT);
int clientTimeout;
if (clientTimeoutElement != null) {
try {
clientTimeout = Integer.parseInt(clientTimeoutElement.getText());
} catch (Throwable e) {
String msg = "Error, in Thrift Auth Client Timeout, hence using the default timeout: " + ThriftAuthenticationConstants.DEFAULT_CLIENT_TIMEOUT + "ms";
log.error(msg, e);
clientTimeout = ThriftAuthenticationConstants.DEFAULT_CLIENT_TIMEOUT;
}
} else {
String msg = "Thrift Authentication Service Client Timeout is not set, hence using the default timeout: " + ThriftAuthenticationConstants.DEFAULT_CLIENT_TIMEOUT + "ms";
log.info(msg);
clientTimeout = ThriftAuthenticationConstants.DEFAULT_CLIENT_TIMEOUT;
}
TCPThriftAuthenticationService = new TCPThriftAuthenticationService(hostName, port, keyStore, keyStorePassword, clientTimeout, thriftAuthenticatorService);
TCPThriftAuthenticationService.start();
}
use of org.wso2.carbon.identity.thrift.authentication.ThriftAuthenticatorService in project carbon-identity-framework by wso2.
the class TCPThriftAuthenticationService method start.
public void start() throws TTransportException, UnknownHostException {
InetAddress inetAddress = InetAddress.getByName(hostName);
TSSLTransportFactory.TSSLTransportParameters params = new TSSLTransportFactory.TSSLTransportParameters();
params.setKeyStore(keyStore, keyStorePassword);
TServerSocket serverTransport;
serverTransport = TSSLTransportFactory.getServerSocket(port, clientTimeout, inetAddress, params);
SSLServerSocket sslServerSocket = (javax.net.ssl.SSLServerSocket) serverTransport.getServerSocket();
OMElement sslEnabledProtocolsElement = ThriftAuthenticationConfigParser.getInstance().getConfigElement(ThriftAuthenticationConstants.CONFIG_SSL_ENABLED_PROTOCOLS);
if (sslEnabledProtocolsElement != null) {
String sslEnabledProtocols = sslEnabledProtocolsElement.getText();
if (StringUtils.isNotBlank(sslEnabledProtocols)) {
String[] sslProtocolsArray = sslEnabledProtocols.split(",");
sslServerSocket.setEnabledProtocols(sslProtocolsArray);
}
}
OMElement ciphersElement = ThriftAuthenticationConfigParser.getInstance().getConfigElement(ThriftAuthenticationConstants.CONFIG_CIPHERS);
if (ciphersElement != null) {
String ciphers = ciphersElement.getText();
if (StringUtils.isNotBlank(ciphers)) {
String[] ciphersArray = ciphers.split(",");
sslServerSocket.setEnabledCipherSuites(ciphersArray);
}
}
AuthenticatorService.Processor<AuthenticatorServiceImpl> processor = new AuthenticatorService.Processor<AuthenticatorServiceImpl>(new AuthenticatorServiceImpl(thriftAuthenticatorService));
authenticationServer = new TThreadPoolServer(new TThreadPoolServer.Args(serverTransport).processor(processor));
Thread thread = new Thread(new ServerRunnable(authenticationServer));
if (log.isDebugEnabled()) {
log.debug("Thrift Authentication Service started at ssl://" + hostName + ":" + port);
}
thread.start();
}
use of org.wso2.carbon.identity.thrift.authentication.ThriftAuthenticatorService in project carbon-identity-framework by wso2.
the class ThriftAuthenticationServiceComponent method startThriftHttpAuthenticatorService.
private void startThriftHttpAuthenticatorService(ThriftAuthenticatorService thriftAuthenticatorService) {
// servlet based authenticator service for authentication for now.
try {
AuthenticatorService.Processor authServiceProcessor = new AuthenticatorService.Processor(new AuthenticatorServiceImpl(thriftAuthenticatorService));
TCompactProtocol.Factory inProtFactory = new TCompactProtocol.Factory();
TCompactProtocol.Factory outProtFactory = new TCompactProtocol.Factory();
getHttpServiceInstance().registerServlet("/thriftAuthenticator", new AuthenticatorServlet(authServiceProcessor, inProtFactory, outProtFactory), new Hashtable(), getHttpServiceInstance().createDefaultHttpContext());
} catch (ServletException e) {
log.error("Unable to start Thrift Authenticator Service.", e);
} catch (NamespaceException e) {
log.error("Unable to start Thrift Authenticator Service", e);
}
}
Aggregations