View Javadoc
1   /**
2    * Copyright 2005-2014 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.ksb.security.admin.web;
17  
18  import java.io.ByteArrayOutputStream;
19  import java.io.IOException;
20  import java.security.KeyStore;
21  import java.security.KeyStoreException;
22  import java.security.NoSuchAlgorithmException;
23  import java.security.cert.CertificateException;
24  import java.util.Collection;
25  
26  import javax.servlet.http.HttpServletRequest;
27  import javax.servlet.http.HttpServletResponse;
28  
29  import org.apache.struts.action.ActionForm;
30  import org.apache.struts.action.ActionForward;
31  import org.apache.struts.action.ActionMapping;
32  import org.apache.struts.action.ActionMessages;
33  import org.kuali.rice.ksb.messaging.web.KSBAction;
34  import org.kuali.rice.ksb.security.admin.ExportServlet;
35  import org.kuali.rice.ksb.security.admin.KeyStoreEntryDataContainer;
36  import org.kuali.rice.ksb.service.KSBServiceLocator;
37  
38  
39  /**
40   * Struts action for admin users to manage keys and keystore files for client applications 
41   * 
42   * @author Kuali Rice Team (rice.collab@kuali.org)
43   *
44   */
45  public class JavaSecurityManagementAction extends KSBAction {
46  
47      private static final org.apache.log4j.Logger LOG = org.apache.log4j.Logger.getLogger(JavaSecurityManagementAction.class);
48  
49      /**
50       * @see org.kuali.rice.ksb.messaging.web.KSBAction#establishRequiredState(javax.servlet.http.HttpServletRequest, org.apache.struts.action.ActionForm)
51       */
52      @Override
53      public ActionMessages establishRequiredState(HttpServletRequest request, ActionForm form) throws Exception {
54          request.setAttribute("rice_constant", getServlet().getServletContext().getAttribute("RiceConstants"));
55          request.setAttribute("entryListPageSize", 30);
56          Collection<KeyStoreEntryDataContainer> keyStoreEntryList = KSBServiceLocator.getJavaSecurityManagementService().getListOfModuleKeyStoreEntries();
57          LOG.info("Found " + keyStoreEntryList.size() + " entries in module keystore");
58          request.setAttribute("keyStoreEntryList", keyStoreEntryList);
59          return null;
60      }
61  
62      /**
63       * @see org.kuali.rice.ksb.messaging.web.KSBAction#start(org.apache.struts.action.ActionMapping, org.apache.struts.action.ActionForm, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
64       */
65      @Override
66      public ActionForward start(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
67          return mapping.findForward("report");
68      }
69  
70      /**
71       *  Method to sort the list of keystore entries
72       */
73      public ActionForward sort(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
74          return mapping.findForward("report");
75      }
76  
77      /**
78       *  Clear the form
79       */
80      public ActionForward clear(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
81          form = new JavaSecurityManagementForm();
82          return mapping.findForward("restart");
83      }
84  
85      /**
86       *  Remove the entry associated with the given alias parameter
87       */
88      public ActionForward removeEntry(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
89          String aliasToRemove = request.getParameter("aliasToRemove");
90          LOG.info("Removing alias " + aliasToRemove + " from module keystore file");
91          KSBServiceLocator.getJavaSecurityManagementService().removeClientCertificate(aliasToRemove);
92          return mapping.findForward("restart");
93      }
94  
95      public ActionForward generateClientKeyStore(ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception {
96          JavaSecurityManagementForm managementForm = (JavaSecurityManagementForm)form;
97          ActionMessages errors = managementForm.validateGenerateClientKeystore(mapping, request);
98          if (errors == null || errors.isEmpty()) {
99              KeyStore clientKeyStore = KSBServiceLocator.getJavaSecurityManagementService().generateClientKeystore(managementForm.getAlias(), managementForm.getPassword());
100             byte[] data = {};
101             ByteArrayOutputStream baos = null;
102             try {
103                 baos = new ByteArrayOutputStream();
104                 clientKeyStore.store(baos, managementForm.getPassword().toCharArray());
105                 data = baos.toByteArray();
106             } catch (KeyStoreException e) {
107                 e.printStackTrace();
108                 throw new RuntimeException(e);
109             } catch (NoSuchAlgorithmException e) {
110                 e.printStackTrace();
111                 throw new RuntimeException(e);
112             } catch (CertificateException e) {
113                 e.printStackTrace();
114                 throw new RuntimeException(e);
115             } finally {
116                 try {
117                     baos.close();
118                 } catch (IOException e) {}
119             }
120 
121             form = new JavaSecurityManagementForm();
122             request.getSession().setAttribute(ExportServlet.CLIENT_KEYSTORE_DATA, data);
123             return new ActionForward(ExportServlet.generateExportPath(managementForm.getAlias() + "_keystore", request), true);
124         } else {
125             // found at least one error
126             saveErrors(request, errors);
127             return mapping.findForward("report");
128         }
129     }
130 }