svn commit: r1305945 - in /activemq/activemq-apollo/trunk: apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/ apollo-dto/src/main/java/org/apache/activemq/apollo/dto/ apollo-website/src/documentation/

[chirino]

Author: chirino
Date: Tue Mar 27 18:30:37 2012
New Revision: 1305945

URL: http://svn.apache.org/viewvc?rev=1305945&view=rev
Log:
Fixes APLO-174 : Add a key_alias attribute to the key_storage configuration 
element to allow selecting which SSL cert is used in keystore.

Modified:
    
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/KeyStorage.scala
    
activemq/activemq-apollo/trunk/apollo-dto/src/main/java/org/apache/activemq/apollo/dto/KeyStorageDTO.java
    
activemq/activemq-apollo/trunk/apollo-website/src/documentation/user-manual.md

Modified: 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/KeyStorage.scala
URL: 
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/KeyStorage.scala?rev=1305945&r1=1305944&r2=1305945&view=diff
==============================================================================
--- 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/KeyStorage.scala
 (original)
+++ 
activemq/activemq-apollo/trunk/apollo-broker/src/main/scala/org/apache/activemq/apollo/broker/KeyStorage.scala
 Tue Mar 27 18:30:37 2012
@@ -18,8 +18,9 @@ package org.apache.activemq.apollo.broke
 
 import org.apache.activemq.apollo.dto.KeyStorageDTO
 import javax.net.ssl._
-import java.security.KeyStore
 import java.io.FileInputStream
+import java.security.{Principal, KeyStore}
+import java.net.Socket
 
 /**
  *
@@ -62,8 +63,26 @@ class KeyStorage(val config:KeyStorageDT
       val factory = 
KeyManagerFactory.getInstance(opt(config.key_algorithm).getOrElse("SunX509"))
       factory.init(create_key_store, 
opt(config.key_password).getOrElse("").toCharArray())
       key_managers = factory.getKeyManagers
+
+      if( config.key_alias!=null ) {
+        key_managers = key_managers.map  { m =>
+          m match {
+            case m:X509KeyManager => 
AliasFilteringKeyManager(config.key_alias, m)
+            case _ => m
+          }
+        }
+      }
     }
     key_managers
   }
 
+}
+
+case class AliasFilteringKeyManager(alias: String, next:X509KeyManager) 
extends X509KeyManager {
+  def chooseClientAlias(keyType: Array[String], issuers: Array[Principal], 
socket: Socket) = alias
+  def chooseServerAlias(keyType: String, issuers: Array[Principal], socket: 
Socket) = alias
+  def getClientAliases(keyType: String, issuers: Array[Principal]) = 
next.getClientAliases(keyType, issuers).filter(_==alias)
+  def getServerAliases(keyType: String, issuers: Array[Principal]) = 
next.getServerAliases(keyType, issuers).filter(_==alias)
+  def getCertificateChain(alias: String) = next.getCertificateChain(alias)
+  def getPrivateKey(alias: String) = next.getPrivateKey(alias)
 }
\ No newline at end of file

Modified: 
activemq/activemq-apollo/trunk/apollo-dto/src/main/java/org/apache/activemq/apollo/dto/KeyStorageDTO.java
URL: 
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-dto/src/main/java/org/apache/activemq/apollo/dto/KeyStorageDTO.java?rev=1305945&r1=1305944&r2=1305945&view=diff
==============================================================================
--- 
activemq/activemq-apollo/trunk/apollo-dto/src/main/java/org/apache/activemq/apollo/dto/KeyStorageDTO.java
 (original)
+++ 
activemq/activemq-apollo/trunk/apollo-dto/src/main/java/org/apache/activemq/apollo/dto/KeyStorageDTO.java
 Tue Mar 27 18:30:37 2012
@@ -47,6 +47,12 @@ public class KeyStorageDTO {
     public String password;
 
     /**
+     * The alias of the key to use.  Defaults to the first key found.
+     */
+    @XmlAttribute(name="key_alias")
+    public String key_alias;
+
+    /**
      * The password to the keys in the key store.
      */
     @XmlAttribute(name="key_password")

Modified: 
activemq/activemq-apollo/trunk/apollo-website/src/documentation/user-manual.md
URL: 
http://svn.apache.org/viewvc/activemq/activemq-apollo/trunk/apollo-website/src/documentation/user-manual.md?rev=1305945&r1=1305944&r2=1305945&view=diff
==============================================================================
--- 
activemq/activemq-apollo/trunk/apollo-website/src/documentation/user-manual.md 
(original)
+++ 
activemq/activemq-apollo/trunk/apollo-website/src/documentation/user-manual.md 
Tue Mar 27 18:30:37 2012
@@ -580,6 +580,8 @@ The attributes that you can configure on
 
 * `file` : Path to where the key store is located.
 * `password` : The key store password
+* `key_alias` : The alias of private key to use.  Defaults to the first key 
found
+   in the key store.
 * `key_password` : The password to the keys in the key store.
 * `store_type` : The type of key store, defaults to `JKS`.
 * `trust_algorithm` : The trust management algorithm, defaults to `SunX509`.