Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
dariah
dariahsp
Commits
950188a0
Commit
950188a0
authored
Oct 20, 2017
by
Gradl, Tobias
Browse files
865: Simplify installation
Task-Url:
https://minfba.de.dariah.eu/mantisbt/view.php?id=865
parent
1b51d08f
Changes
1
Hide whitespace changes
Inline
Side-by-side
dariahsp-core/src/main/java/eu/dariah/de/dariahsp/saml/KeyManagerWrapper.java
0 → 100755
View file @
950188a0
package
eu.dariah.de.dariahsp.saml
;
import
java.io.IOException
;
import
java.io.InputStream
;
import
java.security.KeyStore
;
import
java.security.cert.X509Certificate
;
import
java.util.Map
;
import
java.util.Set
;
import
org.opensaml.xml.security.CriteriaSet
;
import
org.opensaml.xml.security.SecurityException
;
import
org.opensaml.xml.security.credential.Credential
;
import
org.slf4j.Logger
;
import
org.slf4j.LoggerFactory
;
import
org.springframework.core.io.Resource
;
import
org.springframework.security.saml.key.JKSKeyManager
;
import
org.springframework.security.saml.key.KeyManager
;
public
class
KeyManagerWrapper
implements
KeyManager
{
protected
static
final
Logger
logger
=
LoggerFactory
.
getLogger
(
KeyManagerWrapper
.
class
);
private
JKSKeyManager
innerKeyManager
;
public
KeyManagerWrapper
(
KeyStore
keyStore
,
Map
<
String
,
String
>
passwords
,
String
defaultKey
)
{
innerKeyManager
=
new
JKSKeyManager
(
keyStore
,
passwords
,
defaultKey
);
}
public
KeyManagerWrapper
(
Resource
storeFile
,
String
storePass
,
Map
<
String
,
String
>
passwords
,
String
defaultKey
)
{
KeyStore
jks
=
initialize
(
storeFile
,
storePass
,
"JKS"
);
if
(
jks
!=
null
)
{
innerKeyManager
=
new
JKSKeyManager
(
jks
,
passwords
,
defaultKey
);
}
}
@Override
public
Iterable
<
Credential
>
resolve
(
CriteriaSet
criteriaSet
)
throws
SecurityException
{
return
!
this
.
isInitialized
()
?
null
:
innerKeyManager
.
resolve
(
criteriaSet
);
}
@Override
public
Credential
resolveSingle
(
CriteriaSet
criteriaSet
)
throws
SecurityException
{
return
!
this
.
isInitialized
()
?
null
:
innerKeyManager
.
resolveSingle
(
criteriaSet
);
}
@Override
public
Credential
getCredential
(
String
keyName
)
{
return
!
this
.
isInitialized
()
?
null
:
innerKeyManager
.
getCredential
(
keyName
);
}
@Override
public
Credential
getDefaultCredential
()
{
return
!
this
.
isInitialized
()
?
null
:
innerKeyManager
.
getDefaultCredential
();
}
@Override
public
String
getDefaultCredentialName
()
{
return
!
this
.
isInitialized
()
?
null
:
innerKeyManager
.
getDefaultCredentialName
();
}
@Override
public
Set
<
String
>
getAvailableCredentials
()
{
return
!
this
.
isInitialized
()
?
null
:
innerKeyManager
.
getAvailableCredentials
();
}
@Override
public
X509Certificate
getCertificate
(
String
alias
)
{
return
!
this
.
isInitialized
()
?
null
:
innerKeyManager
.
getCertificate
(
alias
);
}
private
boolean
isInitialized
()
{
return
this
.
innerKeyManager
!=
null
;
}
private
KeyStore
initialize
(
Resource
storeFile
,
String
storePass
,
String
storeType
)
{
InputStream
inputStream
=
null
;
// No keystore available might be desired in local installations
try
{
inputStream
=
storeFile
.
getInputStream
();
}
catch
(
Exception
e
)
{
logger
.
warn
(
"No keystore file specified or file not available. No SAML functionality will be available."
);
return
null
;
}
// If configured, however, it must be correctly configured
try
{
KeyStore
ks
=
KeyStore
.
getInstance
(
storeType
);
ks
.
load
(
inputStream
,
storePass
==
null
?
null
:
storePass
.
toCharArray
());
return
ks
;
}
catch
(
Exception
e
)
{
logger
.
error
(
"Error initializing key store"
,
e
);
throw
new
RuntimeException
(
"Error initializing keystore"
,
e
);
}
finally
{
if
(
inputStream
!=
null
)
{
try
{
inputStream
.
close
();
}
catch
(
IOException
e
)
{
logger
.
debug
(
"Error closing input stream for keystore."
,
e
);
}
}
}
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment