Hi Ashish, The EncryptionManagerWrapperGBean has a method to decrypt password. so I think we don't need create a new GBean to do that.
-Rex 2010/11/17 <[email protected]> > Author: ashishjain > Date: Wed Nov 17 12:40:13 2010 > New Revision: 1036002 > > URL: http://svn.apache.org/viewvc?rev=1036002&view=rev > Log: > GERONIMO-5692 Fix for 2.1 > > Added: > > > geronimo/server/branches/2.1/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/util/EncryptionManagerGBean.java > Modified: > > > geronimo/server/branches/2.1/framework/configs/rmi-naming/src/main/plan/plan.xml > > > geronimo/server/branches/2.1/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/CommandUnlockKeystore.java > > Modified: > geronimo/server/branches/2.1/framework/configs/rmi-naming/src/main/plan/plan.xml > URL: > http://svn.apache.org/viewvc/geronimo/server/branches/2.1/framework/configs/rmi-naming/src/main/plan/plan.xml?rev=1036002&r1=1036001&r2=1036002&view=diff > > ============================================================================== > --- > geronimo/server/branches/2.1/framework/configs/rmi-naming/src/main/plan/plan.xml > (original) > +++ > geronimo/server/branches/2.1/framework/configs/rmi-naming/src/main/plan/plan.xml > Wed Nov 17 12:40:13 2010 > @@ -64,5 +64,6 @@ > > <gbean name="EncryptionManagerWrapper" > class="org.apache.geronimo.system.util.EncryptionManagerWrapperGBean"> > </gbean> > + <gbean name="EncryptionManagerGBean" > class="org.apache.geronimo.system.util.EncryptionManagerGBean"/> > > </module> > > Modified: > geronimo/server/branches/2.1/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/CommandUnlockKeystore.java > URL: > http://svn.apache.org/viewvc/geronimo/server/branches/2.1/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/CommandUnlockKeystore.java?rev=1036002&r1=1036001&r2=1036002&view=diff > > ============================================================================== > --- > geronimo/server/branches/2.1/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/CommandUnlockKeystore.java > (original) > +++ > geronimo/server/branches/2.1/framework/modules/geronimo-deploy-tool/src/main/java/org/apache/geronimo/deployment/cli/CommandUnlockKeystore.java > Wed Nov 17 12:40:13 2010 > @@ -30,7 +30,6 @@ import jline.ConsoleReader; > > import org.apache.geronimo.cli.deployer.CommandArgs; > import org.apache.geronimo.common.DeploymentException; > -import org.apache.geronimo.crypto.EncryptionManager; > import org.apache.geronimo.deployment.plugin.jmx.RemoteDeploymentManager; > import org.apache.geronimo.gbean.AbstractName; > import org.apache.geronimo.gbean.AbstractNameQuery; > @@ -118,12 +117,28 @@ public class CommandUnlockKeystore exten > /* > * Returns the password for private key alias > */ > - private String getKeyAliasPassword(Properties properties, String > keyStoreName, String aliasName) throws DeploymentException { > + private String getKeyAliasPassword(Properties properties, String > keyStoreName, String aliasName, Kernel kernel) throws DeploymentException { > String aliasPassword = properties.getProperty(aliasName); > + AbstractName abstractName=null; > + String decryptedPassword=null; > if (aliasPassword == null) { > throw new DeploymentException("No alias with the name " + > aliasName + " exists in the kyeStoreTruststore password properties file::" + > System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE, > DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE)); > } > - return (String) EncryptionManager.decrypt(aliasPassword); > + AbstractNameQuery abstractNameQuery = new > AbstractNameQuery("org.apache.geronimo.system.util.EncryptionManagerGBean"); > + Iterator it = kernel.listGBeans(abstractNameQuery).iterator(); > + abstractName = (AbstractName) it.next(); > + try { > + > decryptedPassword=(String)kernel.invoke(abstractName,"decrypt",new > Object[]{aliasPassword},new String[] {"java.lang.String"}); > + } catch (GBeanNotFoundException e) { > + throw new DeploymentException("Unable to find the > gbean with the abstractname:: " + abstractName, e); > + } catch (NoSuchOperationException e) { > + throw new DeploymentException("No method decrypt > available with:: " + abstractName, e); > + } catch (InternalKernelException e) { > + throw new DeploymentException(); > + } catch (Exception e) { > + throw new DeploymentException(); > + } > + return decryptedPassword; > } > > /* > @@ -149,20 +164,36 @@ public class CommandUnlockKeystore exten > /* > * Returns the key store password > */ > - private String getKeyStorePassword(Properties properties, String > keyStoreName) throws DeploymentException { > + private String getKeyStorePassword(Properties properties, String > keyStoreName, Kernel kernel) throws DeploymentException { > String keyStorePassword = properties.getProperty(keyStoreName); > + AbstractName abstractName=null; > + String decryptedPassword=null; > if (keyStorePassword == null) { > throw new DeploymentException("No keyStorePassword attribute > named " + keyStoreName + " exists in the kyeStoreTruststore password > properties file::" + System.getProperty(KEYSTORE_TRUSTSTORE_PASSWORD_FILE, > DEFAULT_KEYSTORE_TRUSTSTORE_PASSWORD_FILE)); > } > - return (String) EncryptionManager.decrypt(keyStorePassword); > + AbstractNameQuery abstractNameQuery = new > AbstractNameQuery("org.apache.geronimo.system.util.EncryptionManagerGBean"); > + Iterator it = kernel.listGBeans(abstractNameQuery).iterator(); > + abstractName = (AbstractName) it.next(); > + try { > + > decryptedPassword=(String)kernel.invoke(abstractName,"decrypt",new > Object[]{keyStorePassword},new String[] {"java.lang.String"}); > + } catch (GBeanNotFoundException e) { > + throw new DeploymentException("Unable to find the > gbean with the abstractname:: " + abstractName, e); > + } catch (NoSuchOperationException e) { > + throw new DeploymentException("No method decrypt > available with:: " + abstractName, e); > + } catch (InternalKernelException e) { > + throw new DeploymentException(); > + } catch (Exception e) { > + throw new DeploymentException(); > + } > + return decryptedPassword; > } > > /* > * method to unlock a private key > */ > public boolean unlockKeyAlias(Kernel kernel, AbstractName > keyStoreAbName, Properties properties, String keyStoreName, String > aliasName) throws DeploymentException, FileNotFoundException { > - char[] aliasPassword = getKeyAliasPassword(properties, > keyStoreName, aliasName).toCharArray(); > - char[] keyStorePassword = getKeyStorePassword(properties, > keyStoreName).toCharArray(); > + char[] aliasPassword = getKeyAliasPassword(properties, > keyStoreName, aliasName,kernel).toCharArray(); > + char[] keyStorePassword = getKeyStorePassword(properties, > keyStoreName,kernel).toCharArray(); > boolean success = false; > Object[] argsVariable = new Object[] { aliasName, keyStorePassword, > aliasPassword }; > String[] argsType = new String[] { aliasName.getClass().getName(), > keyStorePassword.getClass().getName(), aliasPassword.getClass().getName() }; > @@ -183,7 +214,7 @@ public class CommandUnlockKeystore exten > * Method to unlock a keystore > */ > public void unLockKeyStore(Kernel kernel, AbstractName keyStoreAbName, > Properties properties, String keyStoreName) throws DeploymentException { > - char[] keyStorepassword = getKeyStorePassword(properties, > keyStoreName).toCharArray(); > + char[] keyStorepassword = getKeyStorePassword(properties, > keyStoreName,kernel).toCharArray(); > try { > kernel.invoke(keyStoreAbName, "unlockKeystore", new Object[] { > keyStorepassword }, new String[] { keyStorepassword.getClass().getName() }); > } catch (GBeanNotFoundException e) { > > Added: > geronimo/server/branches/2.1/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/util/EncryptionManagerGBean.java > URL: > http://svn.apache.org/viewvc/geronimo/server/branches/2.1/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/util/EncryptionManagerGBean.java?rev=1036002&view=auto > > ============================================================================== > --- > geronimo/server/branches/2.1/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/util/EncryptionManagerGBean.java > (added) > +++ > geronimo/server/branches/2.1/framework/modules/geronimo-system/src/main/java/org/apache/geronimo/system/util/EncryptionManagerGBean.java > Wed Nov 17 12:40:13 2010 > @@ -0,0 +1,46 @@ > +package org.apache.geronimo.system.util; > + > +import java.io.Serializable; > + > +import org.apache.geronimo.crypto.EncryptionManager; > +import org.apache.geronimo.gbean.GBeanInfo; > +import org.apache.geronimo.gbean.GBeanInfoBuilder; > +import org.apache.geronimo.gbean.GBeanLifecycle; > +/** > + * A GBean class to invoke EncryptionManager decrypt > + * method for command line utility for example unlockKeystore > + * > + */ > +public class EncryptionManagerGBean implements GBeanLifecycle, > Serializable { > + > + public void doFail() { > + // TODO Auto-generated method stub > + > + } > + > + public void doStart() throws Exception { > + // TODO Auto-generated method stub > + > + } > + > + public void doStop() throws Exception { > + // TODO Auto-generated method stub > + > + } > + > + public String decrypt(String text){ > + return (String)EncryptionManager.decrypt(text); > + } > + > + public static final GBeanInfo GBEAN_INFO; > + > + static { > + GBeanInfoBuilder infoBuilder = > GBeanInfoBuilder.createStatic(EncryptionManagerGBean.class, "GBean"); > + infoBuilder.addOperation("decrypt", new Class[] {String.class}, > "java.lang.String"); > + GBEAN_INFO = infoBuilder.getBeanInfo(); > + } > + > + public static GBeanInfo getGBeanInfo() { > + return GBEAN_INFO; > + } > +} > > > -- Lei Wang (Rex) rwonly AT apache.org
