001: /**
002: * JOnAS: Java(TM) Open Application Server
003: * Copyright (C) 1999-2004 Bull S.A.S.
004: * Contact: jonas-team@objectweb.org
005: *
006: * This library is free software; you can redistribute it and/or
007: * modify it under the terms of the GNU Lesser General Public
008: * License as published by the Free Software Foundation; either
009: * version 2.1 of the License, or any later version.
010: *
011: * This library is distributed in the hope that it will be useful,
012: * but WITHOUT ANY WARRANTY; without even the implied warranty of
013: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
014: * Lesser General Public License for more details.
015: *
016: * You should have received a copy of the GNU Lesser General Public
017: * License along with this library; if not, write to the Free Software
018: * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
019: * USA
020: *
021: * --------------------------------------------------------------------------
022: * $Id: CtxCheckConfig.java 9905 2007-01-05 12:34:30Z benoitf $
023: * --------------------------------------------------------------------------
024: *
025: */package org.objectweb.jonas.security.interceptors.jrmp.ctxcheck;
026:
027: import java.io.BufferedInputStream;
028: import java.io.File;
029: import java.io.FileInputStream;
030: import java.io.FileNotFoundException;
031: import java.io.IOException;
032: import java.security.KeyStore;
033: import java.security.KeyStoreException;
034: import java.security.NoSuchAlgorithmException;
035: import java.security.PublicKey;
036: import java.security.cert.Certificate;
037: import java.security.cert.CertificateException;
038:
039: import org.objectweb.jonas.common.JProp;
040:
041: /**
042: * Class used to store the public key used to check the signature of a security context.
043: * @author Florent Benoit
044: */
045: public class CtxCheckConfig {
046:
047: /**
048: * Instance of the public key.
049: */
050: private static PublicKey publicKey = null;
051:
052: /**
053: * Default constructor.
054: */
055: public CtxCheckConfig() {
056: if (publicKey == null) {
057: initConfig();
058: }
059: }
060:
061: /**
062: * @return the public key to use to validate the security context signature.
063: */
064: public PublicKey getPublicKey() {
065: return publicKey;
066: }
067:
068: /**
069: * Init a configuration which include the public key to use.
070: */
071: protected synchronized void initConfig() {
072:
073: // Get JOnAS properties
074: JProp props = JProp.getInstance();
075:
076: // Keystore file
077: String keystoreFile = props
078: .getValue("jonas.security.context.check.keystoreFile");
079: if (keystoreFile == null) {
080: throw new IllegalStateException(
081: "The 'jonas.security.context.check.keystoreFile' attribute was not found in the JOnAS configuration file but this attribute is mandatory");
082: }
083:
084: // Keystore pass
085: String keystorePass = (String) props
086: .getValue("jonas.security.context.check.keystorePass");
087: if (keystorePass == null) {
088: throw new IllegalStateException(
089: "The 'jonas.security.context.check.keystorePass' attribute was not found in the JOnAS configuration file but this attribute is mandatory");
090: }
091:
092: // Alias
093: String alias = (String) props
094: .getValue("jonas.security.context.check.alias");
095: if (alias == null) {
096: throw new IllegalStateException(
097: "The 'jonas.security.context.check.alias' attribute was not found in the JOnAS configuration file but this attribute is mandatory");
098: }
099:
100: // Check that the file exists
101: File f = new File(keystoreFile);
102: if (!f.exists()) {
103: throw new IllegalStateException("The keystore file named '"
104: + f + "' was not found.");
105: }
106:
107: // Gets the keystore instance
108: KeyStore keyStore = null;
109: try {
110: keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
111: } catch (KeyStoreException e) {
112: throw new IllegalStateException(
113: "Error while getting a keystore ':"
114: + e.getMessage());
115: }
116:
117: // Load the keystore file
118: try {
119: keyStore
120: .load(new BufferedInputStream(
121: new FileInputStream(f)), keystorePass
122: .toCharArray());
123: } catch (NoSuchAlgorithmException e) {
124: throw new IllegalStateException(
125: "Error while loading the keystore file '" + f
126: + "'." + e.getMessage());
127: } catch (CertificateException e) {
128: throw new IllegalStateException(
129: "Error while loading the keystore file '" + f
130: + "'." + e.getMessage());
131: } catch (FileNotFoundException e) {
132: throw new IllegalStateException(
133: "Error while loading the keystore file '" + f
134: + "'." + e.getMessage());
135: } catch (IOException e) {
136: throw new IllegalStateException(
137: "Error while loading the keystore file '" + f
138: + "'." + e.getMessage());
139: }
140:
141: // Get certificate
142: Certificate cert;
143: try {
144: cert = keyStore.getCertificate(alias);
145: } catch (KeyStoreException e) {
146: throw new IllegalStateException(
147: "Error while getting the alias '" + alias
148: + "' in the keystore file '" + keystoreFile
149: + "':" + e.getMessage());
150: }
151:
152: // Get the public key
153: publicKey = cert.getPublicKey();
154:
155: }
156:
157: }
|