Author: indika
Date: Mon Jul 7 04:24:42 2008
New Revision: 674455
URL: http://svn.apache.org/viewvc?rev=674455&view=rev
Log:
add more logs
Modified:
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/core/axis2/ProxyService.java
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/enumeration/KeyStoreType.java
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/interfaces/ICACertsLoader.java
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/interfaces/IKeyStoreLoader.java
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/AbstractKeyStoreLoader.java
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/CACertsLoader.java
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/JKSKeyStoreLoader.java
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/PKCS12KeyStoreLoader.java
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/PKCS8KeyStoreLoader.java
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/tool/CipherTool.java
Modified:
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/core/axis2/ProxyService.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/core/axis2/ProxyService.java?rev=674455&r1=674454&r2=674455&view=diff
==============================================================================
---
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/core/axis2/ProxyService.java
(original)
+++
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/core/axis2/ProxyService.java
Mon Jul 7 04:24:42 2008
@@ -215,7 +215,7 @@
/**
* Build the underlying Axis2 service from the Proxy service definition
*
- * @param synCfg the Synapse configuration
+ * @param synCfg the Synapse configuration
* @param axisCfg the Axis2 configuration
* @return the Axis2 service for the Proxy
*/
@@ -250,7 +250,7 @@
try {
URL url = wsdlURI.toURL();
publishWSDL = url.toString();
-
+
OMNode node =
SynapseConfigUtils.getOMElementFromURL(publishWSDL);
if (node instanceof OMElement) {
wsdlElement = (OMElement) node;
@@ -259,44 +259,46 @@
} catch (MalformedURLException e) {
handleException("Malformed URI for wsdl", e);
} catch (IOException e) {
- //handleException("Error reading from wsdl URI", e);
- boolean enablePublishWSDLSafeMode = false;
- Map proxyParameters = null;
+ //handleException("Error reading from wsdl URI", e);
+ boolean enablePublishWSDLSafeMode = false;
+ Map proxyParameters = null;
proxyParameters = this.getParameterMap();
- if(!proxyParameters.isEmpty()){
-
if(proxyParameters.containsKey("enablePublishWSDLSafeMode")){
- enablePublishWSDLSafeMode =
+ if (!proxyParameters.isEmpty()) {
+ if
(proxyParameters.containsKey("enablePublishWSDLSafeMode")) {
+ enablePublishWSDLSafeMode =
Boolean.parseBoolean(
-
proxyParameters.get("enablePublishWSDLSafeMode").toString().toLowerCase());
- }else{
- if (trace()){
- trace.info("WSDL was unable to load for: " +
publishWSDL);
- trace.info("Please add <syn:parameter
name=\"enableURISafeMode\">true</syn:parameter> to proxy service.");
- }
- handleException("Error reading from wsdl URI", e);
- }
- }
-
- if(enablePublishWSDLSafeMode){
- // this is if the wsdl cannot be loaded... create a
dummy service and an operation for which
- // our SynapseDispatcher will properly dispatch to
-
- //!!!Need to add a reload function... And display that
the wsdl/service is offline!!!
- if (trace()){
- trace.info("WSDL was unable to load for: " +
publishWSDL);
- trace.info("enableURISafeMode: true");
- }
-
- proxyService = new AxisService();
- AxisOperation mediateOperation = new
InOutAxisOperation(new QName("mediate"));
- proxyService.addOperation(mediateOperation);
- } else{
- if (trace()){
- trace.info("WSDL was unable to load for: " +
publishWSDL);
- trace.info("enableURISafeMode: false");
- }
-
- handleException("Error reading from wsdl URI", e);
+
proxyParameters.get("enablePublishWSDLSafeMode").
+ toString().toLowerCase());
+ } else {
+ if (trace()) {
+ trace.info("WSDL was unable to load for: " +
publishWSDL);
+ trace.info("Please add <syn:parameter
name=\"enableURISafeMode\">true" +
+ "</syn:parameter> to proxy service.");
+ }
+ handleException("Error reading from wsdl URI", e);
+ }
+ }
+
+ if (enablePublishWSDLSafeMode) {
+ // this is if the wsdl cannot be loaded... create a dummy
service and an operation for which
+ // our SynapseDispatcher will properly dispatch to
+
+ //!!!Need to add a reload function... And display that the
wsdl/service is offline!!!
+ if (trace()) {
+ trace.info("WSDL was unable to load for: " +
publishWSDL);
+ trace.info("enableURISafeMode: true");
+ }
+
+ proxyService = new AxisService();
+ AxisOperation mediateOperation = new
InOutAxisOperation(new QName("mediate"));
+ proxyService.addOperation(mediateOperation);
+ } else {
+ if (trace()) {
+ trace.info("WSDL was unable to load for: " +
publishWSDL);
+ trace.info("enableURISafeMode: false");
+ }
+
+ handleException("Error reading from wsdl URI", e);
}
}
} else {
@@ -304,7 +306,8 @@
// our SynapseDispatcher will properly dispatch to
if (trace()) trace.info("Did not find a WSDL. Assuming a POX or
Legacy service");
proxyService = new AxisService();
- AxisOperation mediateOperation = new
InOutAxisOperation(SynapseConstants.SYNAPSE_OPERATION_NAME);
+ AxisOperation mediateOperation = new InOutAxisOperation(
+ SynapseConstants.SYNAPSE_OPERATION_NAME);
// Set the names of the two messages so that Axis2 is able to
produce a WSDL (see SYNAPSE-366):
mediateOperation.getMessage(WSDLConstants.MESSAGE_LABEL_IN_VALUE).setName("in");
mediateOperation.getMessage(WSDLConstants.MESSAGE_LABEL_OUT_VALUE).setName("out");
@@ -479,7 +482,7 @@
handleException("Couldn't find the operation specified
" +
"by the QName : " + pi.getOperation());
}
-
+
} else if (pi.isMessagePolicy()) {
if (pi.getOperation() != null) {
@@ -493,7 +496,7 @@
handleException("Couldn't find the operation " +
"specified by the QName : " +
pi.getOperation());
}
-
+
} else {
// operation is not specified and hence apply to all
the applicable messages
for (Iterator itr = proxyService.getOperations();
itr.hasNext();) {
@@ -598,7 +601,7 @@
public void start(SynapseConfiguration synCfg) {
AxisConfiguration axisConfig = synCfg.getAxisConfiguration();
if (axisConfig != null) {
-
+
Parameter param =
axisConfig.getParameter(SynapseConstants.SYNAPSE_ENV);
if (param != null && param.getValue() instanceof
SynapseEnvironment) {
SynapseEnvironment env = (SynapseEnvironment) param.getValue();
@@ -622,7 +625,7 @@
this.setRunning(true);
auditInfo("Started the proxy service : " + name);
} else {
- auditWarn("Unable to start proxy service : " + name +
+ auditWarn("Unable to start proxy service : " + name +
". Couldn't access Axis configuration");
}
}
@@ -909,11 +912,11 @@
}
public List getPinnedServers() {
- return pinnedServers;
+ return pinnedServers;
}
public void setPinnedServers(List pinnedServers) {
- this.pinnedServers = pinnedServers;
+ this.pinnedServers = pinnedServers;
}
public ResourceMap getResourceMap() {
Modified:
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/enumeration/KeyStoreType.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/enumeration/KeyStoreType.java?rev=674455&r1=674454&r2=674455&view=diff
==============================================================================
---
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/enumeration/KeyStoreType.java
(original)
+++
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/enumeration/KeyStoreType.java
Mon Jul 7 04:24:42 2008
@@ -1,5 +1,9 @@
package org.apache.synapse.security.enumeration;
+/**
+ * KeyStore Types
+ */
+
public enum KeyStoreType {
JKS,
PKCS8,
Modified:
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/interfaces/ICACertsLoader.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/interfaces/ICACertsLoader.java?rev=674455&r1=674454&r2=674455&view=diff
==============================================================================
---
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/interfaces/ICACertsLoader.java
(original)
+++
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/interfaces/ICACertsLoader.java
Mon Jul 7 04:24:42 2008
@@ -3,8 +3,13 @@
import java.security.KeyStore;
/**
- * ICACertsLoader provides an uniform interface to create a keystore
containing CA certs (truststore)
+ * ICACertsLoader provides an uniform interface to create a keystore
containing CA certs
+ * (truststore)
*/
public interface ICACertsLoader {
+ /**
+ * @param CACertificateFilesPath Path to the CA certificates directory
+ * @return KeyStore Instance
+ */
public abstract KeyStore loadTrustStore(String CACertificateFilesPath);
}
Modified:
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/interfaces/IKeyStoreLoader.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/interfaces/IKeyStoreLoader.java?rev=674455&r1=674454&r2=674455&view=diff
==============================================================================
---
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/interfaces/IKeyStoreLoader.java
(original)
+++
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/interfaces/IKeyStoreLoader.java
Mon Jul 7 04:24:42 2008
@@ -7,8 +7,7 @@
/**
* returns an instance of KeyStore object
*
- * @return
- * @throws Exception
+ * @return KeyStore Instance
*/
public abstract KeyStore getKeyStore();
}
Modified:
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/AbstractKeyStoreLoader.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/AbstractKeyStoreLoader.java?rev=674455&r1=674454&r2=674455&view=diff
==============================================================================
---
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/AbstractKeyStoreLoader.java
(original)
+++
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/AbstractKeyStoreLoader.java
Mon Jul 7 04:24:42 2008
@@ -53,7 +53,8 @@
BufferedInputStream bis = null;
try {
if (log.isDebugEnabled()) {
- log.debug("Loading KeyStore form : " + location);
+ log.debug("Loading KeyStore from : " + location + " Store-Type
: " +
+ storeType + " Provider : " + provider);
}
bis = new BufferedInputStream(new FileInputStream(keyStoreFile));
KeyStore keyStore;
Modified:
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/CACertsLoader.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/CACertsLoader.java?rev=674455&r1=674454&r2=674455&view=diff
==============================================================================
---
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/CACertsLoader.java
(original)
+++
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/CACertsLoader.java
Mon Jul 7 04:24:42 2008
@@ -1,24 +1,40 @@
package org.apache.synapse.security.keystore;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.apache.synapse.security.interfaces.ICACertsLoader;
+import org.apache.synapse.SynapseException;
-import java.io.BufferedInputStream;
-import java.io.File;
-import java.io.FileInputStream;
+import java.io.*;
import java.security.KeyStore;
+import java.security.NoSuchAlgorithmException;
+import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
+import java.security.cert.CertificateException;
+/**
+ * Constructs a keyStore from CA certificates
+ */
public class CACertsLoader implements ICACertsLoader {
+ private static Log log = LogFactory.getLog(CACertsLoader.class);
+
/**
* Constructs a keyStore from the path provided.
*
- * @param CACertificateFilesPath - directory which contains Certificate
Authority Certificates in PEM encoding.
+ * @param CACertificateFilesPath - directory which contains Certificate
Authority
+ * Certificates in PEM encoding.
*/
public KeyStore loadTrustStore(String CACertificateFilesPath) {
+
try {
+ if (log.isDebugEnabled()) {
+ log.debug("Creating KeyStore from given CA certificates" +
+ " in the given directory : " + CACertificateFilesPath);
+ }
+
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(null, null);
@@ -41,8 +57,20 @@
}
return trustStore;
- } catch (Exception e) {
- return null;
+ } catch (IOException e) {
+ handleException("IOError", e);
+ } catch (NoSuchAlgorithmException e) {
+ handleException("Error creating a KeyStore", e);
+ } catch (KeyStoreException e) {
+ handleException("Error creating a KeyStore", e);
+ } catch (CertificateException e) {
+ handleException("Error creating a KeyStore", e);
}
+ return null;
+ }
+
+ private void handleException(String msg, Exception e) {
+ log.error(msg, e);
+ throw new SynapseException(msg, e);
}
}
Modified:
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/JKSKeyStoreLoader.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/JKSKeyStoreLoader.java?rev=674455&r1=674454&r2=674455&view=diff
==============================================================================
---
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/JKSKeyStoreLoader.java
(original)
+++
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/JKSKeyStoreLoader.java
Mon Jul 7 04:24:42 2008
@@ -6,7 +6,7 @@
import java.security.KeyStore;
/**
- *
+ * Loads KeyStore from JKS file
*/
public class JKSKeyStoreLoader extends AbstractKeyStoreLoader {
@@ -25,6 +25,11 @@
this.keyStorePassword = keyStorePassword;
}
+ /**
+ * Returns KeyStore to be used
+ *
+ * @return KeyStore instance
+ */
public KeyStore getKeyStore() {
return getKeyStore(keyStorePath, keyStorePassword, "JKS", null);
}
Modified:
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/PKCS12KeyStoreLoader.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/PKCS12KeyStoreLoader.java?rev=674455&r1=674454&r2=674455&view=diff
==============================================================================
---
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/PKCS12KeyStoreLoader.java
(original)
+++
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/PKCS12KeyStoreLoader.java
Mon Jul 7 04:24:42 2008
@@ -25,5 +25,4 @@
public KeyStore getKeyStore() {
return getKeyStore(keyStorePath, keyStorePassword, "PKCS12",
"SunJSSE");
}
-
}
Modified:
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/PKCS8KeyStoreLoader.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/PKCS8KeyStoreLoader.java?rev=674455&r1=674454&r2=674455&view=diff
==============================================================================
---
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/PKCS8KeyStoreLoader.java
(original)
+++
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/keystore/PKCS8KeyStoreLoader.java
Mon Jul 7 04:24:42 2008
@@ -6,10 +6,7 @@
import org.apache.synapse.SynapseException;
import org.apache.synapse.security.interfaces.IKeyStoreLoader;
-import java.io.BufferedInputStream;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
+import java.io.*;
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
@@ -34,9 +31,11 @@
/**
* constructs an instance of KeyStoreLoader
*
- * @param pkcs8PrivateKeyPath - path to a private key file. Key must be
in PKCS8 format, PEM encoded and unencrypted.
+ * @param pkcs8PrivateKeyPath - path to a private key file. Key must be
in PKCS8 format,
+ * PEM encoded and unencrypted.
* @param certFilePath - path to certificate file. File must be
PEM encoded.
- * @param keyPass - password to secure the private key within
the keystore. This will be required later to retrieve the private key back
from the keystore.
+ * @param keyPass - password to secure the private key within
the keystore.
+ * This will be required later to retrieve the
private key back from the keystore.
* @param entryAlias - alias for the given entry within the
keystore.
*/
public PKCS8KeyStoreLoader(String pkcs8PrivateKeyPath, String
certFilePath, String keyPass, String entryAlias) {
@@ -47,31 +46,65 @@
}
/**
- * returns a JKS keystore from the given private key, certificate path,
key password and alias.
+ * Returns a JKS keyStore from the given private key, certificate path,
key password and alias.
*/
public KeyStore getKeyStore() {
- FileInputStream keyFile = null;
- try {
- keyFile = new FileInputStream(pkPath);
- BufferedInputStream kis = new BufferedInputStream(keyFile);
- byte[] keyBytes = new byte[kis.available()];
- kis.read(keyBytes);
+ File file = new File(pkPath);
+ if (!file.exists()) {
+ if (log.isDebugEnabled()) {
+ log.debug("There is no private key in the given path : " +
pkPath);
+ }
+ return null;
+ }
- kis.close();
- keyFile.close();
+ File certFile = new File(certPath);
+ if (!certFile.exists()) {
+ if (log.isDebugEnabled()) {
+ log.debug("There is no certificate in the given path : " +
certPath);
+ }
+ return null;
+ }
+
+ try {
+ if (log.isDebugEnabled()) {
+ log.debug("Reading a private key(unencrypted) from given path
: " + pkPath);
+ }
+
+ FileInputStream fileInputStream = new FileInputStream(file);
+ BufferedInputStream bufferedInputStream = new
BufferedInputStream(fileInputStream);
+
+ byte[] keyBytes = new byte[bufferedInputStream.available()];
+ bufferedInputStream.read(keyBytes);
+
+ bufferedInputStream.close();
+ fileInputStream.close();
+
+ if (log.isDebugEnabled()) {
+ log.debug("Creating a private key in PKCS8Encoded using given"
+
+ " (unencrypted) RSA private key ");
+ }
PrivateKey key = createPrivateKey(keyBytes);
- FileInputStream certificateFile = new FileInputStream(certPath);
- BufferedInputStream bis = new BufferedInputStream(certificateFile);
+ if (log.isDebugEnabled()) {
+ log.debug("Generating a X509 certificate form given
certificate file");
+ }
+
+ FileInputStream certInputStream = new FileInputStream(certFile);
+ BufferedInputStream certBufferedInputStream = new
BufferedInputStream(certInputStream);
CertificateFactory certFactory =
CertificateFactory.getInstance("X509");
+ Certificate cert =
certFactory.generateCertificate(certBufferedInputStream);
+
+ certBufferedInputStream.close();
+ certInputStream.close();
- Certificate cert = certFactory.generateCertificate(bis);
- bis.close();
- certificateFile.close();
+ if (log.isDebugEnabled()) {
+ log.debug("Creating a KeyStore instance of type JKS from a" +
+ " PKCS8 private key and X509 certificate");
+ }
KeyStore newKeyStore = KeyStore.getInstance("JKS");
newKeyStore.load(null, null);
@@ -102,7 +135,7 @@
/**
- * takes the (unencrypted) RSA private key in pkcs8 format, and creates a
private key out of it
+ * Takes the (unencrypted) RSA private key in pkcs8 format, and creates a
private key out of it
*
* @param keyBytes
* @return
@@ -116,26 +149,20 @@
System.arraycopy(keyBytes, dataStart, keyContent, 0, dataLength);
- PKCS8EncodedKeySpec pkcs8SpecPriv = new PKCS8EncodedKeySpec(new
Base64().decode(keyContent));
-
- KeyFactory keyFactory = null;
+ PKCS8EncodedKeySpec pkcs8SpecPriv = new PKCS8EncodedKeySpec(
+ new Base64().decode(keyContent));
try {
- keyFactory = KeyFactory.getInstance("RSA");
+ KeyFactory keyFactory = KeyFactory.getInstance("RSA");
return keyFactory.generatePrivate(pkcs8SpecPriv);
} catch (NoSuchAlgorithmException e) {
- handleException("Error getting KeyFactory instance", e);
+ handleException("Error getting a KeyFactory instance", e);
} catch (InvalidKeySpecException e) {
- handleException("Error generating private key", e);
+ handleException("Error generating a private key", e);
}
return null;
}
- protected void handleException(String msg) {
- log.error(msg);
- throw new SynapseException(msg);
- }
-
- protected void handleException(String msg, Exception e) {
+ private void handleException(String msg, Exception e) {
log.error(msg, e);
throw new SynapseException(msg, e);
}
Modified:
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/tool/CipherTool.java
URL:
http://svn.apache.org/viewvc/synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/tool/CipherTool.java?rev=674455&r1=674454&r2=674455&view=diff
==============================================================================
---
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/tool/CipherTool.java
(original)
+++
synapse/trunk/java/modules/core/src/main/java/org/apache/synapse/security/tool/CipherTool.java
Mon Jul 7 04:24:42 2008
@@ -105,7 +105,6 @@
CommandLine cmd = parser.parse(options, args);
// Loads the cipher relate information
CipherInformation cipherInformation = getCipherInformation(cmd);
-
//Key information must not contain any password
//Password for access KeyStore
String storePass = getArgument(cmd, STORE_PASS);
@@ -235,7 +234,7 @@
}
/**
- * Factoyr method to create a @see keyStoreInformation from command line
options
+ * Factory method to create a @see keyStoreInformation from command line
options
*
* @param cmd Command line which capture all command line arguments
* @return KeyStoreInformation object
