Example 1 with SecretResolver
use of org.wso2.securevault.SecretResolver in project wso2-synapse by wso2.
the class DataSourceInformationRepository method addDataSourceInformation.
/**
* Adding a DataSourceInformation instance
*
* @param dataSourceInformation <code>DataSourceInformation</code> instance
*/
public void addDataSourceInformation(DataSourceInformation dataSourceInformation) {
if (dataSourceInformation == null) {
throw new SynapseCommonsException("DataSource information is null", log);
}
// Sets the global secret resolver
SecretInformation secretInformation = dataSourceInformation.getSecretInformation();
if (secretInformation != null) {
secretInformation.setGlobalSecretResolver(secretResolver);
}
dataSourceInformationMap.put(dataSourceInformation.getAlias(), dataSourceInformation);
if (assertListerNotNull()) {
listener.addDataSourceInformation(dataSourceInformation);
}
}
Also used :
SynapseCommonsException(org.apache.synapse.commons.SynapseCommonsException)
SecretInformation(org.wso2.securevault.secret.SecretInformation)
Example 2 with SecretResolver
use of org.wso2.securevault.SecretResolver in project wso2-synapse by wso2.
the class VFSTransportListener method generateSecureVaultProperties.
/**
* Helper method to generate securevault properties from given transport configuration.
*
* @param inDescription
* @return properties
*/
private Properties generateSecureVaultProperties(TransportInDescription inDescription) {
Properties properties = new Properties();
SecretResolver secretResolver = getConfigurationContext().getAxisConfiguration().getSecretResolver();
for (Parameter parameter : inDescription.getParameters()) {
String propertyValue = parameter.getValue().toString();
OMElement paramElement = parameter.getParameterElement();
if (paramElement != null) {
OMAttribute attribute = paramElement.getAttribute(new QName(CryptoConstants.SECUREVAULT_NAMESPACE, CryptoConstants.SECUREVAULT_ALIAS_ATTRIBUTE));
if (attribute != null && attribute.getAttributeValue() != null && !attribute.getAttributeValue().isEmpty()) {
if (secretResolver == null) {
throw new SecureVaultException("Cannot resolve secret password because axis2 secret resolver " + "is null");
}
if (secretResolver.isTokenProtected(attribute.getAttributeValue())) {
propertyValue = secretResolver.resolve(attribute.getAttributeValue());
}
}
}
properties.setProperty(parameter.getName().toString(), propertyValue);
}
return properties;
}
Also used :
SecretResolver(org.wso2.securevault.SecretResolver)
SecureVaultException(org.wso2.securevault.SecureVaultException)
QName(javax.xml.namespace.QName)
Parameter(org.apache.axis2.description.Parameter)
OMElement(org.apache.axiom.om.OMElement)
Properties(java.util.Properties)
OMAttribute(org.apache.axiom.om.OMAttribute)
Example 3 with SecretResolver
use of org.wso2.securevault.SecretResolver in project carbon-business-process by wso2.
the class BPSAnalyticsConfiguration method initConfigurationFromFile.
/**
* Initialize the configuration object from the properties in the BPS Analytics config xml file.
*/
private void initConfigurationFromFile(File BPSAnalyticsConfigurationFile) {
SecretResolver secretResolver = null;
try (InputStream in = new FileInputStream(BPSAnalyticsConfigurationFile)) {
StAXOMBuilder builder = new StAXOMBuilder(in);
secretResolver = SecretResolverFactory.create(builder.getDocumentElement(), true);
} catch (Exception e) {
log.warn("Error occurred while retrieving secured BPS Analytics configuration.", e);
}
TBPSAnalytics tBPSAnalytics = bpsAnalyticsDocument.getBPSAnalytics();
if (tBPSAnalytics == null) {
return;
}
if (tBPSAnalytics.getAnalyticServer() != null) {
initAnalytics(secretResolver, tBPSAnalytics.getAnalyticServer());
}
if (tBPSAnalytics.getBPMN() != null) {
initBPMNAnalytics(tBPSAnalytics.getBPMN());
}
}
Also used :
SecretResolver(org.wso2.securevault.SecretResolver)
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
StAXOMBuilder(org.apache.axiom.om.impl.builder.StAXOMBuilder)
FileInputStream(java.io.FileInputStream)
IOException(java.io.IOException)
FileNotFoundException(java.io.FileNotFoundException)
XmlException(org.apache.xmlbeans.XmlException)
TBPSAnalytics(org.wso2.carbon.bps.common.analytics.config.TBPSAnalytics)
Example 4 with SecretResolver
use of org.wso2.securevault.SecretResolver in project carbon-business-process by wso2.
the class UnifiedEndpointFactory method createEndpoint.
public UnifiedEndpoint createEndpoint(OMElement uEPConfigEle) throws AxisFault {
UnifiedEndpoint unifiedEndpoint = new UnifiedEndpoint();
EndpointReferenceHelper.fromOM(unifiedEndpoint, uEPConfigEle, AddressingConstants.Final.WSA_NAMESPACE);
OMElement metadataElem = uEPConfigEle.getFirstChildWithName(UnifiedEndpointConstants.METADATA_Q);
if (metadataElem != null) {
OMElement idElem = metadataElem.getFirstChildWithName(UnifiedEndpointConstants.METADATA_ID_Q);
if (idElem != null) {
unifiedEndpoint.setUepId(idElem.getText());
} else {
log.error("UEP Configuration violation: " + UnifiedEndpointConstants.METADATA_ID_Q + " not found");
}
/**
* Discovery
*/
if (metadataElem.getFirstChildWithName(UnifiedEndpointConstants.METADATA_DISCOVERY_Q) != null) {
extractDiscoveryConfig(unifiedEndpoint, metadataElem.getFirstChildWithName(UnifiedEndpointConstants.METADATA_DISCOVERY_Q));
}
/**
* Timeout
*/
if (metadataElem.getFirstChildWithName(UnifiedEndpointConstants.TIMEOUT_Q) != null) {
extractTimeoutConfig(unifiedEndpoint, metadataElem.getFirstChildWithName(UnifiedEndpointConstants.TIMEOUT_Q));
}
/**
* WSDL Definitions
*/
if (metadataElem.getFirstChildWithName(UnifiedEndpointConstants.METADATA_WSDL11_DEFINITIONS_Q) != null) {
unifiedEndpoint.setWsdl11Definitions(metadataElem.getFirstChildWithName(UnifiedEndpointConstants.METADATA_WSDL11_DEFINITIONS_Q));
}
/**
* MessageOutput
*/
if (metadataElem.getFirstChildWithName(UnifiedEndpointConstants.MESSAGE_OUTPUT_Q) != null) {
extractMessageOutPutConfig(unifiedEndpoint, metadataElem.getFirstChildWithName(UnifiedEndpointConstants.MESSAGE_OUTPUT_Q));
}
/**
* Transport
*/
if (metadataElem.getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_Q) != null) {
extractTransportConfig(unifiedEndpoint, metadataElem.getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_Q));
if (metadataElem.getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_Q).getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_AUTHORIZATION_USERNAME_Q) != null) {
unifiedEndpoint.setAuthorizationUserName(metadataElem.getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_Q).getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_AUTHORIZATION_USERNAME_Q).getText());
}
if (metadataElem.getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_Q).getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_AUTHORIZATION_PASSWORD_Q) != null) {
OMElement transport_auth_password = metadataElem.getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_Q).getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_AUTHORIZATION_PASSWORD_Q);
String secretAlias = transport_auth_password.getAttributeValue(new QName(UnifiedEndpointConstants.SECURE_VAULT_NS, UnifiedEndpointConstants.SECRET_ALIAS_ATTR_NAME));
if (secretAlias != null && secretAlias.trim().length() > 0) {
secretAlias = secretAlias.trim();
SecretResolver secretResolver = SecretResolverFactory.create(metadataElem.getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_Q), false);
/* Setting the secured password */
if (secretResolver != null && secretResolver.isInitialized() && secretResolver.isTokenProtected(secretAlias)) {
String adminPassword = secretResolver.resolve(secretAlias);
unifiedEndpoint.setAuthorizationPassword(adminPassword);
} else {
/* If secure vault is not configured properly, Reading plain text password */
unifiedEndpoint.setAuthorizationPassword(metadataElem.getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_Q).getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_AUTHORIZATION_PASSWORD_Q).getText());
}
} else {
unifiedEndpoint.setAuthorizationPassword(metadataElem.getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_Q).getFirstChildWithName(UnifiedEndpointConstants.TRANSPORT_AUTHORIZATION_PASSWORD_Q).getText());
}
}
}
/**
* Monitoring
*/
if (metadataElem.getFirstChildWithName(UnifiedEndpointConstants.MONITORING_Q) != null) {
extractMetadataMonitoringConfig(unifiedEndpoint, metadataElem.getFirstChildWithName(UnifiedEndpointConstants.MONITORING_Q));
}
/**
* QoS
*/
if (metadataElem.getFirstChildWithName(UnifiedEndpointConstants.QOS_Q) != null) {
extractQoSConfig(unifiedEndpoint, metadataElem.getFirstChildWithName(UnifiedEndpointConstants.QOS_Q));
}
/**
* Session
*/
if (metadataElem.getFirstChildWithName(UnifiedEndpointConstants.SESSION_Q) != null) {
if (metadataElem.getFirstChildWithName(UnifiedEndpointConstants.SESSION_Q).getAttributeValue(UnifiedEndpointConstants.SESSION_TYPE_Q) != null) {
unifiedEndpoint.setSessionType(metadataElem.getFirstChildWithName(UnifiedEndpointConstants.SESSION_Q).getAttributeValue(UnifiedEndpointConstants.SESSION_TYPE_Q));
}
}
}
return unifiedEndpoint;
}
Also used :
SecretResolver(org.wso2.securevault.SecretResolver)
QName(javax.xml.namespace.QName)
OMElement(org.apache.axiom.om.OMElement)
Example 5 with SecretResolver
use of org.wso2.securevault.SecretResolver in project carbon-business-process by wso2.
the class HumanTaskServerConfiguration method getAuthenticationConfig.
private void getAuthenticationConfig(File file, TRegServiceAuth authentication) {
// Since secretResolver only accept Element we have to build Element here.
SecretResolver secretResolver = null;
InputStream in = null;
try {
in = new FileInputStream(file);
StAXOMBuilder builder = new StAXOMBuilder(in);
secretResolver = SecretResolverFactory.create(builder.getDocumentElement(), true);
} catch (Exception e) {
log.warn("Error occurred while retrieving secured TaskEngineProtocolHandler configuration.", e);
} finally {
try {
if (in != null) {
in.close();
}
} catch (IOException e) {
log.error(e.getLocalizedMessage(), e);
}
}
// Get Username
if (secretResolver != null && secretResolver.isInitialized() && secretResolver.isTokenProtected(HumanTaskConstants.B4P_REGISTRATIONS_USERNAME_ALIAS)) {
this.registrationServiceAuthUsername = secretResolver.resolve(HumanTaskConstants.B4P_REGISTRATIONS_USERNAME_ALIAS);
if (log.isDebugEnabled()) {
log.debug("Loaded Registration service admin username from secure vault");
}
} else {
if (authentication.getUsername() != null) {
this.registrationServiceAuthUsername = authentication.getUsername();
}
}
// Get Password
if (secretResolver != null && secretResolver.isInitialized() && secretResolver.isTokenProtected(HumanTaskConstants.B4P_REGISTRATIONS_PASSWORD_ALIAS)) {
this.registrationServiceAuthPassword = secretResolver.resolve(HumanTaskConstants.B4P_REGISTRATIONS_PASSWORD_ALIAS);
if (log.isDebugEnabled()) {
log.debug("Loaded Registration service admin password from secure vault");
}
} else {
if (authentication.getPassword() != null) {
this.registrationServiceAuthPassword = authentication.getPassword();
}
}
}
Also used :
SecretResolver(org.wso2.securevault.SecretResolver)
StAXOMBuilder(org.apache.axiom.om.impl.builder.StAXOMBuilder)
XmlException(org.apache.xmlbeans.XmlException)
Aggregations
QName (javax.xml.namespace.QName)11
OMElement (org.apache.axiom.om.OMElement)11
SecretResolver (org.wso2.securevault.SecretResolver)11
Iterator (java.util.Iterator)7
StAXOMBuilder (org.apache.axiom.om.impl.builder.StAXOMBuilder)7
Properties (java.util.Properties)5
InputStream (java.io.InputStream)4
HashMap (java.util.HashMap)4
GatewayArtifactSynchronizerProperties (org.wso2.carbon.apimgt.impl.dto.GatewayArtifactSynchronizerProperties)4
ThrottleProperties (org.wso2.carbon.apimgt.impl.dto.ThrottleProperties)4
WorkflowProperties (org.wso2.carbon.apimgt.impl.dto.WorkflowProperties)4
IOException (java.io.IOException)3
LinkedHashMap (java.util.LinkedHashMap)3
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)3
AxisFault (org.apache.axis2.AxisFault)3
XmlException (org.apache.xmlbeans.XmlException)3
APIManagementException (org.wso2.carbon.apimgt.api.APIManagementException)3
FileInputStream (java.io.FileInputStream)2
FileNotFoundException (java.io.FileNotFoundException)2
XMLStreamException (javax.xml.stream.XMLStreamException)2
