Author: alexoree
Date: Fri Jul 19 20:35:25 2013
New Revision: 1505003
URL: http://svn.apache.org/r1505003
Log:
JUDDI-627 - removing older juddiv3.properties file
JUDDI-602 - adding support for encrypted configuration values, only SMTP
credentials are currently supported
JUDDI-628 - All authentication relate settings are now grouped. Several
unreferenced Property entries were removed
JUDDI-629 - several of the crypto functions did not decrypt properly, fixed
now. added conditional test for AES256 based on JCE installation
Removed:
juddi/trunk/juddi-core-openjpa/src/test/resources/juddiv3.properties
juddi/trunk/juddi-core/src/test/resources/juddiv3.properties
juddi/trunk/juddi-examples/uddi-annotations/src/main/webapp/WEB-INF/classes/juddiv3.properties
juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/classes/juddiv3.properties
Modified:
juddi/trunk/juddi-core-openjpa/src/test/resources/juddiv3.xml
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AES128Cryptor.java
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AES256Cryptor.java
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AESCryptorAbstract.java
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/Cryptor.java
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/DefaultCryptor.java
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/TripleDESCrytor.java
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/subscription/notify/SMTPNotifier.java
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/validation/ValidateSubscription.java
juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/AuthenticatorTest.java
juddi/trunk/juddi-core/src/test/resources/juddiv3.xml
juddi/trunk/juddi-examples/uddi-annotations/src/main/webapp/WEB-INF/classes/juddiv3.xml
juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/classes/juddiv3.xml
Modified: juddi/trunk/juddi-core-openjpa/src/test/resources/juddiv3.xml
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core-openjpa/src/test/resources/juddiv3.xml?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
--- juddi/trunk/juddi-core-openjpa/src/test/resources/juddiv3.xml (original)
+++ juddi/trunk/juddi-core-openjpa/src/test/resources/juddiv3.xml Fri Jul 19
20:35:25 2013
@@ -76,9 +76,6 @@
<maxentities>1000</maxentities>
</subscription>
- <!-- jUDDI Authentication module to use-->
-
<authenticator>org.apache.juddi.v3.auth.JUDDIAuthenticator</authenticator>
-
<!-- jUDDI UUIDGen implementation to use-->
<uuidgen>org.apache.juddi.uuidgen.DefaultUUIDGen</uuidgen>
@@ -88,10 +85,6 @@
<!-- jUDDI Key Generator to use-->
<keygenerator>org.apache.juddi.keygen.DefaultKeyGenerator</keygenerator>
- <!-- Specifies whether the inquiry API requires authentication,
all other APIs require authN-->
- <authenticate>
- <Inquiry>false</Inquiry>
- </authenticate>
<notification>
<!-- Specifies the interval at which the notification
timer triggers-->
<interval>5000</interval>
@@ -100,11 +93,27 @@
<buffer>0</buffer>
</start>
</notification>
-
+ <!-- All Authentication related settings -->
<auth>
+ <!-- Specifies whether the inquiry API requires
authentication, all other APIs require authN-->
+ <Inquiry>false</Inquiry>
+ <!-- jUDDI Authentication module to use-->
+
+ <authenticator>
+
<class>org.apache.juddi.v3.auth.JUDDIAuthenticator</class>
+ <!-- other settings
+ url
+ initialcontext
+ style
+ ldapexp
+ -->
+ </authenticator>
+
<token>
- <!-- As of 3.1.5 Duration of time for tokens to
expire-->
+ <!-- Time in minutes to expire tokes after
inactivity-->
<Timeout>15</Timeout>
+ <!-- As of 3.1.5 Duration of time for tokens to
expire, regardless of inactivity -->
+ <Expiration>15</Expiration>
</token>
</auth>
Modified:
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java
(original)
+++ juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java
Fri Jul 19 20:35:25 2013
@@ -10,39 +10,24 @@ import org.apache.juddi.v3.auth.MD5XMLDo
* @author various
*/
public interface Property {
- public final static String
JDDU_SUBSCRIPTION_MAXENTITIES="juddi.subscription.maxentities";
+
public final static String JUDDI_ROOT_PUBLISHER = "juddi.root.publisher";
public final static String JUDDI_LOAD_INSTALL_DATA =
"juddi.load.install.data";
public final static String JUDDI_PERSISTENCEUNIT_NAME =
"juddi.persistenceunit.name";
- public final static String JUDDI_AUTHENTICATOR = "juddi.authenticator";
- /**
- * @see LdapSimpleAuthenticator
- */
- public final static String JUDDI_AUTHENTICATOR_URL =
"juddi.authenticator.url";
- /**
- * @see LdapSimpleAuthenticator
- */
- public final static String JUDDI_AUTHENTICATOR_INITIAL_CONTEXT =
"juddi.authenticator.initialcontext";
- /**
- * @see LdapSimpleAuthenticator
- */
- public final static String JUDDI_AUTHENTICATOR_STYLE =
"juddi.authenticator.style";
- /**
- * @see LdapExpandedAuthenticator
- */
- public final static String JUDDI_AUTHENTICATOR_LDAP_EXPANDED_STR=
"juddi.authenticator.ldapexp";
public final static String JUDDI_CONFIGURATION_RELOAD_DELAY =
"juddi.configuration.reload.delay";
- public final static String JUDDI_LOCALE = "juddi.locale";
- public final static String JUDDI_OPERATOR_EMAIL_ADDRESS =
"juddi.operatorEmailAddress";
- public final static String JUDDI_MAX_LENGTH = "juddi.maxNameLength";
- public final static String JUDDI_MAX_NAME_ELEMENTS =
"juddi.maxNameElementsAllowed";
+ //public final static String JUDDI_LOCALE = "juddi.locale";
+
+ //public final static String JUDDI_OPERATOR_EMAIL_ADDRESS =
"juddi.operatorEmailAddress";
+
+ //public final static String JUDDI_MAX_LENGTH = "juddi.maxNameLength";
+ //public final static String JUDDI_MAX_NAME_ELEMENTS =
"juddi.maxNameElementsAllowed";
public final static String JUDDI_MAX_BUSINESSES_PER_PUBLISHER =
"juddi.maxBusinessesPerPublisher";
public final static String JUDDI_MAX_SERVICES_PER_BUSINESS =
"juddi.maxServicesPerBusiness";
public final static String JUDDI_MAX_BINDINGS_PER_SERVICE =
"juddi.maxBindingsPerService";
public final static String JUDDI_MAX_TMODELS_PER_PUBLISHER =
"juddi.maxTModelsPerPublisher";
public final static String JUDDI_CRYPTOR = "juddi.cryptor";
public final static String JUDDI_KEYGENERATOR = "juddi.keygenerator";
- public final static String JUDDI_SECURITY_DOMAIN = "juddi.securityDomain";
+ //public final static String JUDDI_SECURITY_DOMAIN =
"juddi.securityDomain";
public final static String JUDDI_USERSFILE = "juddi.usersfile";
public final static String JUDDI_MAX_ROWS = "juddi.maxRows";
public final static String JUDDI_MAX_IN_CLAUSE = "juddi.maxInClause";
@@ -52,22 +37,47 @@ public interface Property {
/**
* identifies whether or not authentication is required for the Inquiry
endpoint
*/
- public final static String JUDDI_AUTHENTICATE_INQUIRY =
"juddi.authenticate.Inquiry";
+ public final static String JUDDI_AUTHENTICATE_INQUIRY =
"juddi.auth.Inquiry";
public final static String JUDDI_AUTH_TOKEN_EXPIRATION =
"juddi.auth.token.Expiration";
public final static String JUDDI_AUTH_TOKEN_TIMEOUT =
"juddi.auth.token.Timeout";
+
+ public final static String JUDDI_AUTHENTICATOR =
"juddi.auth.authenticator.class";
+ /**
+ * @see LdapSimpleAuthenticator
+ */
+ public final static String JUDDI_AUTHENTICATOR_URL =
"juddi.auth.authenticator.url";
+ /**
+ * @see LdapSimpleAuthenticator
+ */
+ public final static String JUDDI_AUTHENTICATOR_INITIAL_CONTEXT =
"juddi.auth.authenticator.initialcontext";
+ /**
+ * @see LdapSimpleAuthenticator
+ */
+ public final static String JUDDI_AUTHENTICATOR_STYLE =
"juddi.auth.authenticator.style";
+ /**
+ * @see LdapExpandedAuthenticator
+ */
+ public final static String JUDDI_AUTHENTICATOR_LDAP_EXPANDED_STR=
"juddi.auth.authenticator.ldapexp";
+
+
+
public final static String JUDDI_ENFORCE_REFERENTIAL_INTEGRITY =
"juddi.validation.enforceReferentialIntegrity";
public final static String JUDDI_SUBSCRIPTION_EXPIRATION_DAYS =
"juddi.subscription.expiration.days";
+ public final static String JUDDI_SUBSCRIPTION_NOTIFICATION =
"juddi.subscription.notification";
+ public final static String JUDDI_SUBSCRIPTION_CHUNKEXPIRATION_MINUTES =
"juddi.subscription.chunkexpiration.minutes";
+ public final static String
JUDDI_SUBSCRIPTION_MAXENTITIES="juddi.subscription.maxentities";
+
public final static String JUDDI_NOTIFICATION_START_BUFFER =
"juddi.notification.start.buffer";
public final static String JUDDI_NOTIFICATION_INTERVAL =
"juddi.notification.interval";
public final static String JUDDI_NOTIFICATION_ACCEPTABLE_LAGTIME =
"juddi.notification.acceptable.lagtime";
public final static String JUDDI_NOTIFICATION_MAX_TRIES =
"juddi.notification.max.tries";
public final static String JUDDI_NOTIFICATION_LIST_RESET_INTERVAL =
"juddi.notification.list.reset.interval";
- public final static String JUDDI_SUBSCRIPTION_CHUNKEXPIRATION_MINUTES =
"juddi.subscription.chunkexpiration.minutes";
+
public final static String JUDDI_JNDI_REGISTRATION =
"juddi.jndi.registration";
public final static String JUDDI_RMI_PORT = "juddi.rmi.port";
public final static String JUDDI_RMI_REGISTRATION =
"juddi.rmi.registration";
public final static String JUDDI_RMI_REGISTRY_PORT =
"juddi.rmi.registry.port";
- public final static String JUDDI_SUBSCRIPTION_NOTIFICATION =
"juddi.subscription.notification";
+
public final static String JUDDI_EMAIL_PREFIX = "juddi.mail.smtp.prefix";
public final static String JUDDI_EMAIL_FROM = "juddi.mail.smtp.from";
public final static String DEFAULT_JUDDI_EMAIL_PREFIX = "juddi.";
@@ -92,7 +102,11 @@ public interface Property {
public final static String DEFAULT_SCHEMA = "hibernate.default_schema";
public final static String HIBERNATE_DIALECT = "hibernate.dialect";
/**
- * @since 3.2
+ * @since 3.3 FUTURE USE
*/
public final static String JUDDI_ACCESS_CONTROL_PROVIDER =
"juddi.accessControlProvider";
+ /**
+ * @since 3.2, used for Apache Commons Configuration XML config file
+ */
+ public static final String ENCRYPTED_ATTRIBUTE="[@encrypted]";
}
Modified:
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AES128Cryptor.java
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AES128Cryptor.java?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
---
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AES128Cryptor.java
(original)
+++
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AES128Cryptor.java
Fri Jul 19 20:35:25 2013
@@ -52,5 +52,10 @@ public class AES128Cryptor extends AESC
return super.encrypt(str);
}
+ @Override
+ public String decrypt(String str) throws NoSuchPaddingException,
NoSuchAlgorithmException, InvalidAlgorithmParameterException,
InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
+ return super.decrypt(str);
+ }
+
}
Modified:
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AES256Cryptor.java
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AES256Cryptor.java?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
---
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AES256Cryptor.java
(original)
+++
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AES256Cryptor.java
Fri Jul 19 20:35:25 2013
@@ -27,13 +27,14 @@ import javax.crypto.IllegalBlockSizeExce
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
-
-/** AES 256 bit encryption.
- * <h1> Requires Unlimited Strength Java Cryptographic Extensions</h1>
+/**
+ * AES 256 bit encryption. <h1> Requires Unlimited Strength Java Cryptographic
+ * Extensions</h1>
+ *
* @author Alex O'Ree
*/
-public class AES256Cryptor extends AESCryptorAbstract {
-
+public class AES256Cryptor extends AESCryptorAbstract {
+
/**
* Constructor for DefaultCryptor.
*/
@@ -41,10 +42,9 @@ public class AES256Cryptor extends AESC
throws NoSuchAlgorithmException, InvalidKeySpecException,
NoSuchPaddingException, InvalidKeyException {
super();
}
-
+
@Override
- protected String getKey()
- {
+ protected String getKey() {
return
"ef057ce3abd9dd9a161a2888c9d7025f104a42eceda5947b083186e7190fcc46";
}
@@ -53,5 +53,8 @@ public class AES256Cryptor extends AESC
return super.encrypt(str);
}
-
+ @Override
+ public String decrypt(String str) throws NoSuchPaddingException,
NoSuchAlgorithmException, InvalidAlgorithmParameterException,
InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
+ return super.decrypt(str);
+ }
}
\ No newline at end of file
Modified:
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AESCryptorAbstract.java
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AESCryptorAbstract.java?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
---
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AESCryptorAbstract.java
(original)
+++
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/AESCryptorAbstract.java
Fri Jul 19 20:35:25 2013
@@ -91,6 +91,26 @@ public abstract class AESCryptorAbstract
byte[] encrypted = cipher.doFinal(cleartext.getBytes());
return asHex(encrypted);
}
+
+ /**
+ * Encrypt the string
+ */
+ public String decrypt(String str)
+ throws NoSuchPaddingException,
+ NoSuchAlgorithmException,
+ InvalidAlgorithmParameterException,
+ InvalidKeyException,
+ IllegalBlockSizeException,
+ BadPaddingException {
+ byte[] raw = hexToBytes(getKey()); //
+ SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+ // Instantiate the cipher
+ Cipher cipher = Cipher.getInstance("AES");
+ cipher.init(Cipher.DECRYPT_MODE, skeySpec);
+ byte[] original = cipher.doFinal(hexToBytes(str));
+
+ return new String(original);
+ }
private static String asHex(byte buf[]) {
//return new String(buf);
Modified:
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/Cryptor.java
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/Cryptor.java?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/Cryptor.java
(original)
+++ juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/Cryptor.java
Fri Jul 19 20:35:25 2013
@@ -31,7 +31,7 @@ import javax.crypto.NoSuchPaddingExcepti
public interface Cryptor
{
/**
- * Encrypt the string
+ * Encrypt the string, if unable to encrypt, return null
*/
String encrypt(String str)
throws NoSuchPaddingException,
@@ -40,6 +40,24 @@ public interface Cryptor
InvalidKeyException,
IllegalBlockSizeException,
BadPaddingException;
+ /**
+ * decrypts the string
+ * @param str
+ * @return, if the password can be decrypted, the decrypted value
is returned, otherwise the original value is returned<br>
+ * In the event that decryption fails, the error message must be
logged.
+ * @throws NoSuchPaddingException
+ * @throws NoSuchAlgorithmException
+ * @throws InvalidAlgorithmParameterException
+ * @throws InvalidKeyException
+ * @throws IllegalBlockSizeException
+ * @throws BadPaddingException
+ */
+ public String decrypt(String str) throws NoSuchPaddingException,
+ NoSuchAlgorithmException,
+ InvalidAlgorithmParameterException,
+ InvalidKeyException,
+ IllegalBlockSizeException,
+ BadPaddingException;
}
\ No newline at end of file
Modified:
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/DefaultCryptor.java
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/DefaultCryptor.java?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
---
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/DefaultCryptor.java
(original)
+++
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/DefaultCryptor.java
Fri Jul 19 20:35:25 2013
@@ -106,4 +106,19 @@ public class DefaultCryptor implements C
encs = Base64.encodeBase64(encs);
return new String(encs);
}
+
+
+ public String decrypt(String str) throws NoSuchPaddingException,
+ NoSuchAlgorithmException,
+ InvalidAlgorithmParameterException,
+ InvalidKeyException,
+ IllegalBlockSizeException,
+ BadPaddingException{
+ byte[] encs =
crypt(Cipher.DECRYPT_MODE,Base64.decodeBase64(str.getBytes()));
+ return new String(encs);
+ }
+
+
+
+
}
\ No newline at end of file
Modified:
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/TripleDESCrytor.java
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/TripleDESCrytor.java?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
---
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/TripleDESCrytor.java
(original)
+++
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/cryptor/TripleDESCrytor.java
Fri Jul 19 20:35:25 2013
@@ -90,4 +90,18 @@ public class TripleDESCrytor implements
}
return null;
}
+
+ @Override
+ public String decrypt(String str) throws NoSuchPaddingException,
NoSuchAlgorithmException, InvalidAlgorithmParameterException,
InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
+ String encryptedString = str;
+ try {
+ cipher.init(Cipher.DECRYPT_MODE, key);
+ byte[] encryptedText = Base64.decodeBase64(str.getBytes());
+ byte[] plainTest = cipher.doFinal(encryptedText);
+ encryptedString = new String(plainTest);
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ return encryptedString;
+ }
}
Modified:
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/subscription/notify/SMTPNotifier.java
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/subscription/notify/SMTPNotifier.java?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
---
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/subscription/notify/SMTPNotifier.java
(original)
+++
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/subscription/notify/SMTPNotifier.java
Fri Jul 19 20:35:25 2013
@@ -4,8 +4,13 @@ import java.io.File;
import java.io.FileInputStream;
import java.net.URISyntaxException;
import java.rmi.RemoteException;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
import java.util.Properties;
-
+import javax.crypto.BadPaddingException;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
import javax.mail.Address;
import javax.mail.Message.RecipientType;
import javax.mail.PasswordAuthentication;
@@ -13,13 +18,13 @@ import javax.mail.Session;
import javax.mail.Transport;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeMessage;
-
import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.juddi.api_v3.AccessPointType;
import org.apache.juddi.config.AppConfig;
import org.apache.juddi.config.Property;
+import org.apache.juddi.cryptor.CryptorFactory;
import org.apache.juddi.jaxb.JAXBMarshaller;
import org.apache.juddi.model.BindingTemplate;
import org.apache.juddi.v3.client.Release;
@@ -28,6 +33,10 @@ import org.uddi.api_v3.Result;
import org.uddi.subr_v3.NotifySubscriptionListener;
import org.uddi.v3_service.DispositionReportFaultMessage;
+/**
+ * This class sends Email alerts when a specific subscription is tripped
+ * @author probably Kurt Stam
+ */
public class SMTPNotifier implements Notifier {
Log log = LogFactory.getLog(this.getClass());
@@ -94,7 +103,26 @@ public class SMTPNotifier implements Not
notificationEmailAddress =
accessPointUrl.substring(accessPointUrl.indexOf(":")+1);
if
(Boolean.getBoolean(getEMailProperties().getProperty("mail.smtp.starttls.enable")))
{
final String username =
getEMailProperties().getProperty("mail.smtp.username");
- final String password =
getEMailProperties().getProperty("mail.smtp.password");
+ String pwd =
getEMailProperties().getProperty("mail.smtp.password");
+ if
(getEMailProperties().getProperty("mail.smtp.password" +
Property.ENCRYPTED_ATTRIBUTE, "false").equalsIgnoreCase("true"))
+ {
+ try {
+ pwd =
CryptorFactory.getCryptor().decrypt(pwd);
+ } catch (NoSuchPaddingException ex) {
+ log.error("Unable to decrypt
settings",ex);
+ } catch (NoSuchAlgorithmException ex) {
+ log.error("Unable to decrypt
settings",ex);
+ } catch
(InvalidAlgorithmParameterException ex) {
+ log.error("Unable to decrypt
settings",ex);
+ } catch (InvalidKeyException ex) {
+ log.error("Unable to decrypt
settings",ex);
+ } catch (IllegalBlockSizeException ex) {
+ log.error("Unable to decrypt
settings",ex);
+ } catch (BadPaddingException ex) {
+ log.error("Unable to decrypt
settings",ex);
+ }
+ }
+ final String password = pwd;
session =
Session.getInstance(getEMailProperties(), new javax.mail.Authenticator() {
protected PasswordAuthentication
getPasswordAuthentication() {
return new
PasswordAuthentication(username, password);
Modified:
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/validation/ValidateSubscription.java
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/validation/ValidateSubscription.java?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
---
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/validation/ValidateSubscription.java
(original)
+++
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/validation/ValidateSubscription.java
Fri Jul 19 20:35:25 2013
@@ -138,8 +138,8 @@ public class ValidateSubscription extend
//If not specified, the number of entities sent is not limited, unless
by node policy.
try {
if (subscription.getMaxEntities() == null
- || subscription.getMaxEntities().intValue() >
AppConfig.getConfiguration().getInt(Property.JDDU_SUBSCRIPTION_MAXENTITIES,
1000)) {
-
subscription.setMaxEntities(AppConfig.getConfiguration().getInt(Property.JDDU_SUBSCRIPTION_MAXENTITIES,
1000));
+ || subscription.getMaxEntities().intValue() >
AppConfig.getConfiguration().getInt(Property.JUDDI_SUBSCRIPTION_MAXENTITIES,
1000)) {
+
subscription.setMaxEntities(AppConfig.getConfiguration().getInt(Property.JUDDI_SUBSCRIPTION_MAXENTITIES,
1000));
}
} catch (ConfigurationException x) {
subscription.setMaxEntities(1000);
Modified:
juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/AuthenticatorTest.java
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/AuthenticatorTest.java?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
---
juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/AuthenticatorTest.java
(original)
+++
juddi/trunk/juddi-core/src/test/java/org/apache/juddi/auth/AuthenticatorTest.java
Fri Jul 19 20:35:25 2013
@@ -16,17 +16,24 @@ package org.apache.juddi.auth;
import java.io.IOException;
import java.io.StringWriter;
+import java.security.InvalidKeyException;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
+import org.apache.commons.configuration.Configuration;
+import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.juddi.api.impl.API_010_PublisherTest;
+import org.apache.juddi.config.AppConfig;
+import org.apache.juddi.config.Property;
import org.apache.juddi.cryptor.AES128Cryptor;
+import org.apache.juddi.cryptor.AES256Cryptor;
import org.apache.juddi.cryptor.Cryptor;
import org.apache.juddi.cryptor.CryptorFactory;
+import org.apache.juddi.cryptor.DefaultCryptor;
import org.apache.juddi.cryptor.TripleDESCrytor;
import org.apache.juddi.v3.auth.Authenticator;
import org.apache.juddi.v3.auth.CryptedXMLDocAuthenticator;
@@ -219,6 +226,8 @@ public class AuthenticatorTest
String encrypt = auth.encrypt("test");
Assert.assertNotNull(encrypt);
Assert.assertNotSame(encrypt, "test");
+ String test=auth.decrypt(encrypt);
+ Assert.assertEquals(test, "test");
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
@@ -235,9 +244,88 @@ public class AuthenticatorTest
String encrypt = auth.encrypt("test");
Assert.assertNotNull(encrypt);
Assert.assertNotSame(encrypt, "test");
+ String test=auth.decrypt(encrypt);
+ Assert.assertEquals(test, "test");
} catch (Exception e) {
logger.error(e.getMessage(),e);
Assert.fail("unexpected");
}
}
+
+
+ @Test
+ public void testDefaultCryptor()
+ {
+ System.out.println("testDefaultCryptor");
+ try {
+ Cryptor auth = new DefaultCryptor();
+ String encrypt = auth.encrypt("test");
+ Assert.assertNotNull(encrypt);
+ Assert.assertNotSame(encrypt, "test");
+ String test=auth.decrypt(encrypt);
+ Assert.assertEquals(test, "test");
+ } catch (Exception e) {
+ logger.error(e.getMessage(),e);
+ Assert.fail("unexpected");
+ }
+ }
+
+
+ @Test
+ public void testAES256Cryptor()
+ {
+ System.out.println("testAES256Cryptor");
+ try {
+ Cryptor auth = new AES256Cryptor();
+ String encrypt = auth.encrypt("test");
+ Assert.assertNotNull(encrypt);
+ Assert.assertNotSame(encrypt, "test");
+ String test=auth.decrypt(encrypt);
+ Assert.assertEquals(test, "test");
+ }
+ catch (InvalidKeyException e)
+ {
+ logger.error("Hey, you're probably using the Oracle JRE
without the Unlimited Strength Java Crypto Extensions installed. AES256 won't
work until you download and install it", e);
+ } catch (Exception e) {
+ logger.error(e.getMessage(),e);
+ Assert.fail("unexpected");
+ }
+ }
+
+ @Test
+ public void testDecryptFromConfigXML()
+ {
+ System.out.println("testDecryptFromConfigXML");
+ try {
+ Configuration config =AppConfig.getConfiguration();
+
+ Cryptor auth = new AES128Cryptor();
+ String encrypt = auth.encrypt("test");
+ Assert.assertNotNull(encrypt);
+ Assert.assertNotSame(encrypt, "test");
+
+ //add to the config
+ config.addProperty("testDecryptFromConfigXML",
encrypt);
+ config.addProperty("testDecryptFromConfigXML"+
Property.ENCRYPTED_ATTRIBUTE, "true");
+
+ //retrieve it
+ String pwd =
config.getString("testDecryptFromConfigXML");
+
+ //test for encryption
+ if (config.getBoolean("testDecryptFromConfigXML" +
Property.ENCRYPTED_ATTRIBUTE, false))
+ {
+ String test=auth.decrypt(pwd);
+ Assert.assertEquals(test, "test");
+ }
+ else
+ {
+ Assert.fail("config reports that the setting is
not encrypted");
+ }
+ }
+ catch (Exception e) {
+ logger.error(e.getMessage(),e);
+ Assert.fail("unexpected");
+ }
+ }
+
}
Modified: juddi/trunk/juddi-core/src/test/resources/juddiv3.xml
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/test/resources/juddiv3.xml?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/test/resources/juddiv3.xml (original)
+++ juddi/trunk/juddi-core/src/test/resources/juddiv3.xml Fri Jul 19 20:35:25
2013
@@ -76,9 +76,6 @@
<maxentities>1000</maxentities>
</subscription>
- <!-- jUDDI Authentication module to use-->
-
<authenticator>org.apache.juddi.v3.auth.JUDDIAuthenticator</authenticator>
-
<!-- jUDDI UUIDGen implementation to use-->
<uuidgen>org.apache.juddi.uuidgen.DefaultUUIDGen</uuidgen>
@@ -88,10 +85,6 @@
<!-- jUDDI Key Generator to use-->
<keygenerator>org.apache.juddi.keygen.DefaultKeyGenerator</keygenerator>
- <!-- Specifies whether the inquiry API requires authentication,
all other APIs require authN-->
- <authenticate>
- <Inquiry>false</Inquiry>
- </authenticate>
<notification>
<!-- Specifies the interval at which the notification
timer triggers-->
<interval>5000</interval>
@@ -100,11 +93,27 @@
<buffer>0</buffer>
</start>
</notification>
-
+ <!-- All Authentication related settings -->
<auth>
+ <!-- Specifies whether the inquiry API requires
authentication, all other APIs require authN-->
+ <Inquiry>false</Inquiry>
+ <!-- jUDDI Authentication module to use-->
+
+ <authenticator>
+
<class>org.apache.juddi.v3.auth.JUDDIAuthenticator</class>
+ <!-- other settings
+ url
+ initialcontext
+ style
+ ldapexp
+ -->
+ </authenticator>
+
<token>
- <!-- As of 3.1.5 Duration of time for tokens to
expire-->
+ <!-- Time in minutes to expire tokes after
inactivity-->
<Timeout>15</Timeout>
+ <!-- As of 3.1.5 Duration of time for tokens to
expire, regardless of inactivity -->
+ <Expiration>15</Expiration>
</token>
</auth>
Modified:
juddi/trunk/juddi-examples/uddi-annotations/src/main/webapp/WEB-INF/classes/juddiv3.xml
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddi-examples/uddi-annotations/src/main/webapp/WEB-INF/classes/juddiv3.xml?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
---
juddi/trunk/juddi-examples/uddi-annotations/src/main/webapp/WEB-INF/classes/juddiv3.xml
(original)
+++
juddi/trunk/juddi-examples/uddi-annotations/src/main/webapp/WEB-INF/classes/juddiv3.xml
Fri Jul 19 20:35:25 2013
@@ -76,9 +76,6 @@
<maxentities>1000</maxentities>
</subscription>
- <!-- jUDDI Authentication module to use-->
-
<authenticator>org.apache.juddi.v3.auth.JUDDIAuthenticator</authenticator>
-
<!-- jUDDI UUIDGen implementation to use-->
<uuidgen>org.apache.juddi.uuidgen.DefaultUUIDGen</uuidgen>
@@ -88,10 +85,6 @@
<!-- jUDDI Key Generator to use-->
<keygenerator>org.apache.juddi.keygen.DefaultKeyGenerator</keygenerator>
- <!-- Specifies whether the inquiry API requires authentication,
all other APIs require authN-->
- <authenticate>
- <Inquiry>false</Inquiry>
- </authenticate>
<notification>
<!-- Specifies the interval at which the notification
timer triggers-->
<interval>5000</interval>
@@ -100,11 +93,27 @@
<buffer>0</buffer>
</start>
</notification>
-
+ <!-- All Authentication related settings -->
<auth>
+ <!-- Specifies whether the inquiry API requires
authentication, all other APIs require authN-->
+ <Inquiry>false</Inquiry>
+ <!-- jUDDI Authentication module to use-->
+
+ <authenticator>
+
<class>org.apache.juddi.v3.auth.JUDDIAuthenticator</class>
+ <!-- other settings
+ url
+ initialcontext
+ style
+ ldapexp
+ -->
+ </authenticator>
+
<token>
- <!-- As of 3.1.5 Duration of time for tokens to
expire-->
+ <!-- Time in minutes to expire tokes after
inactivity-->
<Timeout>15</Timeout>
+ <!-- As of 3.1.5 Duration of time for tokens to
expire, regardless of inactivity -->
+ <Expiration>15</Expiration>
</token>
</auth>
Modified: juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/classes/juddiv3.xml
URL:
http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/classes/juddiv3.xml?rev=1505003&r1=1505002&r2=1505003&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/classes/juddiv3.xml
(original)
+++ juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/classes/juddiv3.xml Fri Jul
19 20:35:25 2013
@@ -76,9 +76,6 @@
<maxentities>1000</maxentities>
</subscription>
- <!-- jUDDI Authentication module to use-->
-
<authenticator>org.apache.juddi.v3.auth.JUDDIAuthenticator</authenticator>
-
<!-- jUDDI UUIDGen implementation to use-->
<uuidgen>org.apache.juddi.uuidgen.DefaultUUIDGen</uuidgen>
@@ -88,10 +85,6 @@
<!-- jUDDI Key Generator to use-->
<keygenerator>org.apache.juddi.keygen.DefaultKeyGenerator</keygenerator>
- <!-- Specifies whether the inquiry API requires authentication,
all other APIs require authN-->
- <authenticate>
- <Inquiry>false</Inquiry>
- </authenticate>
<notification>
<!-- Specifies the interval at which the notification
timer triggers-->
<interval>5000</interval>
@@ -100,11 +93,27 @@
<buffer>0</buffer>
</start>
</notification>
-
+ <!-- All Authentication related settings -->
<auth>
+ <!-- Specifies whether the inquiry API requires
authentication, all other APIs require authN-->
+ <Inquiry>false</Inquiry>
+ <!-- jUDDI Authentication module to use-->
+
+ <authenticator>
+
<class>org.apache.juddi.v3.auth.JUDDIAuthenticator</class>
+ <!-- other settings
+ url
+ initialcontext
+ style
+ ldapexp
+ -->
+ </authenticator>
+
<token>
- <!-- As of 3.1.5 Duration of time for tokens to
expire-->
+ <!-- Time in minutes to expire tokes after
inactivity-->
<Timeout>15</Timeout>
+ <!-- As of 3.1.5 Duration of time for tokens to
expire, regardless of inactivity -->
+ <Expiration>15</Expiration>
</token>
</auth>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
