Merge pull request #1005 from sameerawickramasekara/master
Test cases for CertificateManagementServiceImplmerge-requests/1/head
commit
3534d3753a
@ -0,0 +1,133 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.certificate.mgt.core.common;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.apache.tomcat.jdbc.pool.PoolProperties;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.BeforeSuite;
|
||||
import org.w3c.dom.Document;
|
||||
import org.wso2.carbon.base.MultitenantConstants;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.TestUtils;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
|
||||
import org.wso2.carbon.device.mgt.core.dao.DeviceManagementDAOFactory;
|
||||
import org.wso2.carbon.device.mgt.core.dao.GroupManagementDAOFactory;
|
||||
import org.wso2.carbon.device.mgt.core.util.DeviceManagerUtil;
|
||||
|
||||
import javax.sql.DataSource;
|
||||
import javax.xml.bind.JAXBContext;
|
||||
import javax.xml.bind.JAXBException;
|
||||
import javax.xml.bind.Unmarshaller;
|
||||
import java.io.File;
|
||||
import java.sql.Connection;
|
||||
import java.sql.Statement;
|
||||
|
||||
|
||||
public abstract class BaseDeviceManagementCertificateTest {
|
||||
private DataSource dataSource;
|
||||
private static final Log log = LogFactory.getLog(BaseDeviceManagementCertificateTest.class);
|
||||
private static final String DATASOURCE_LOCATION = "src/test/resources/data-source-config.xml";
|
||||
|
||||
@BeforeSuite
|
||||
public void setupDataSource() throws Exception {
|
||||
this.initDataSource();
|
||||
this.initSQLScript();
|
||||
initializeCarbonContext();
|
||||
}
|
||||
|
||||
public void initDataSource() throws Exception {
|
||||
this.dataSource = this.getDataSource(this.readDataSourceConfig());
|
||||
DeviceManagementDAOFactory.init(dataSource);
|
||||
GroupManagementDAOFactory.init(dataSource);
|
||||
}
|
||||
|
||||
public void initDataSource(DataSource ds) throws Exception {
|
||||
this.dataSource = ds;
|
||||
DeviceManagementDAOFactory.init(dataSource);
|
||||
GroupManagementDAOFactory.init(dataSource);
|
||||
}
|
||||
|
||||
@BeforeClass
|
||||
public abstract void init() throws Exception;
|
||||
|
||||
private DataSource getDataSource(DataSourceConfig config) {
|
||||
PoolProperties properties = new PoolProperties();
|
||||
properties.setUrl(config.getUrl());
|
||||
properties.setDriverClassName(config.getDriverClassName());
|
||||
properties.setUsername(config.getUser());
|
||||
properties.setPassword(config.getPassword());
|
||||
return new org.apache.tomcat.jdbc.pool.DataSource(properties);
|
||||
}
|
||||
|
||||
private DataSourceConfig readDataSourceConfig() throws DeviceManagementException {
|
||||
try {
|
||||
File file = new File(DATASOURCE_LOCATION);
|
||||
Document doc = DeviceManagerUtil.convertToDocument(file);
|
||||
JAXBContext testDBContext = JAXBContext.newInstance(DataSourceConfig.class);
|
||||
Unmarshaller unmarshaller = testDBContext.createUnmarshaller();
|
||||
return (DataSourceConfig) unmarshaller.unmarshal(doc);
|
||||
} catch (JAXBException e) {
|
||||
throw new DeviceManagementException("Error occurred while reading data source configuration", e);
|
||||
}
|
||||
}
|
||||
|
||||
private void initSQLScript() throws Exception {
|
||||
Connection conn = null;
|
||||
Statement stmt = null;
|
||||
try {
|
||||
conn = this.getDataSource().getConnection();
|
||||
stmt = conn.createStatement();
|
||||
stmt.executeUpdate("RUNSCRIPT FROM './src/test/resources/sql/h2.sql'");
|
||||
} finally {
|
||||
TestUtils.cleanupResources(conn, stmt, null);
|
||||
}
|
||||
}
|
||||
|
||||
private void initializeCarbonContext() {
|
||||
|
||||
if (System.getProperty("carbon.home") == null) {
|
||||
File file = new File("src/test/resources/carbon-home");
|
||||
if (file.exists()) {
|
||||
System.setProperty("carbon.home", file.getAbsolutePath());
|
||||
}
|
||||
file = new File("../resources/carbon-home");
|
||||
if (file.exists()) {
|
||||
System.setProperty("carbon.home", file.getAbsolutePath());
|
||||
}
|
||||
file = new File("../../resources/carbon-home");
|
||||
if (file.exists()) {
|
||||
System.setProperty("carbon.home", file.getAbsolutePath());
|
||||
}
|
||||
file = new File("../../../resources/carbon-home");
|
||||
if (file.exists()) {
|
||||
System.setProperty("carbon.home", file.getAbsolutePath());
|
||||
}
|
||||
}
|
||||
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(MultitenantConstants
|
||||
.SUPER_TENANT_DOMAIN_NAME);
|
||||
PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantId(MultitenantConstants.SUPER_TENANT_ID);
|
||||
}
|
||||
|
||||
public DataSource getDataSource() {
|
||||
return dataSource;
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,80 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.common;
|
||||
|
||||
import javax.xml.bind.annotation.XmlElement;
|
||||
import javax.xml.bind.annotation.XmlRootElement;
|
||||
|
||||
/**
|
||||
* Model class for DataSourceConfig.
|
||||
*/
|
||||
@XmlRootElement(name = "DataSourceConfig")
|
||||
public class DataSourceConfig {
|
||||
|
||||
private String url;
|
||||
private String driverClassName;
|
||||
private String user;
|
||||
private String password;
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "DataSourceConfig[" +
|
||||
" Url ='" + url + '\'' +
|
||||
", DriverClassName ='" + driverClassName + '\'' +
|
||||
", UserName ='" + user + '\'' +
|
||||
", Password ='" + password + '\'' +
|
||||
"]";
|
||||
}
|
||||
|
||||
@XmlElement(name = "Url", nillable = false)
|
||||
public String getUrl() {
|
||||
return url;
|
||||
}
|
||||
|
||||
public void setUrl(String url) {
|
||||
this.url = url;
|
||||
}
|
||||
|
||||
@XmlElement(name = "DriverClassName", nillable = false)
|
||||
public String getDriverClassName() {
|
||||
return driverClassName;
|
||||
}
|
||||
|
||||
public void setDriverClassName(String driverClassName) {
|
||||
this.driverClassName = driverClassName;
|
||||
}
|
||||
|
||||
@XmlElement(name = "User", nillable = false)
|
||||
public String getUser() {
|
||||
return user;
|
||||
}
|
||||
|
||||
public void setUser(String user) {
|
||||
this.user = user;
|
||||
}
|
||||
|
||||
@XmlElement(name = "Password", nillable = false)
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
public void setPassword(String password) {
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,334 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.certificate.mgt.core.impl;
|
||||
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.bouncycastle.cert.jcajce.JcaCertStore;
|
||||
import org.bouncycastle.cms.CMSAbsentContent;
|
||||
import org.bouncycastle.cms.CMSException;
|
||||
import org.bouncycastle.cms.CMSSignedData;
|
||||
import org.bouncycastle.cms.CMSSignedDataGenerator;
|
||||
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
|
||||
import org.testng.Assert;
|
||||
import org.testng.annotations.BeforeClass;
|
||||
import org.testng.annotations.Test;
|
||||
import org.wso2.carbon.certificate.mgt.core.common.BaseDeviceManagementCertificateTest;
|
||||
import org.wso2.carbon.certificate.mgt.core.dao.CertificateManagementDAOFactory;
|
||||
import org.wso2.carbon.certificate.mgt.core.dto.CAStatus;
|
||||
import org.wso2.carbon.certificate.mgt.core.dto.CertificateResponse;
|
||||
import org.wso2.carbon.certificate.mgt.core.dto.SCEPResponse;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.CertificateManagementException;
|
||||
import org.wso2.carbon.certificate.mgt.core.exception.KeystoreException;
|
||||
import org.wso2.carbon.certificate.mgt.core.service.CertificateManagementServiceImpl;
|
||||
import org.wso2.carbon.certificate.mgt.core.service.PaginationResult;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.CSRGenerator;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.CertificateManagementConstants;
|
||||
import org.wso2.carbon.certificate.mgt.core.util.DummyCertificate;
|
||||
import org.wso2.carbon.context.PrivilegedCarbonContext;
|
||||
import org.wso2.carbon.device.mgt.common.DeviceManagementException;
|
||||
import org.wso2.carbon.device.mgt.core.config.DeviceConfigurationManager;
|
||||
import sun.misc.BASE64Encoder;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.security.KeyPair;
|
||||
import java.security.PrivateKey;
|
||||
import java.security.Security;
|
||||
import java.security.cert.*;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Test cases for for CertificateManagementServiceImpl class methods.
|
||||
*
|
||||
*/
|
||||
public class CertificateManagementServiceImplTests extends BaseDeviceManagementCertificateTest {
|
||||
|
||||
private static Log log = LogFactory.getLog(CertificateManagementServiceImplTests.class);
|
||||
private static final String CA_CERT_PEM = "src/test/resources/ca_cert.pem";
|
||||
private static final String RA_CERT_PEM = "src/test/resources/ra_cert.pem";
|
||||
private CertificateManagementServiceImpl managementService;
|
||||
|
||||
@BeforeClass
|
||||
public void init() throws Exception {
|
||||
initDataSource();
|
||||
CertificateManagementDAOFactory.init(this.getDataSource());
|
||||
//set Bouncycastle as a provider for testing
|
||||
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
|
||||
//save certificatemanagementservice instance as class variable
|
||||
managementService = CertificateManagementServiceImpl.getInstance();
|
||||
Assert.assertNotNull(managementService);
|
||||
log.info("getInstance Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests retrieval of CA Certificate from the keystore")
|
||||
public void testGetCACertificate() throws KeystoreException {
|
||||
CertificateManagementServiceImpl instance = CertificateManagementServiceImpl.getInstance();
|
||||
Certificate caCertificate = instance.getCACertificate();
|
||||
Assert.assertNotNull(caCertificate);
|
||||
Assert.assertEquals(caCertificate.getType(), CertificateManagementConstants.X_509);
|
||||
log.info("GetCACertificate Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests retrieval of RA Certificate from the keystore")
|
||||
public void testGetRACertificate() throws KeystoreException {
|
||||
Certificate raCertificate = managementService.getRACertificate();
|
||||
Assert.assertNotNull(raCertificate);
|
||||
Assert.assertEquals(raCertificate.getType(), CertificateManagementConstants.X_509);
|
||||
log.info("GetRACertificate Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case test generation of root certificates")
|
||||
public void testGetRootCertificate() throws IOException, KeystoreException {
|
||||
File caCert = new File(CA_CERT_PEM);
|
||||
File raCert = new File(RA_CERT_PEM);
|
||||
//read file to byte arrays
|
||||
byte[] caBytes = FileUtils.readFileToByteArray(caCert);
|
||||
byte[] raBytes = FileUtils.readFileToByteArray(raCert);
|
||||
List<X509Certificate> rootCertificates = managementService.getRootCertificates(caBytes, raBytes);
|
||||
Assert.assertNotNull(rootCertificates);
|
||||
Assert.assertEquals(rootCertificates.get(0).getType(), CertificateManagementConstants.X_509);
|
||||
Assert.assertEquals(rootCertificates.get(1).getType(), CertificateManagementConstants.X_509);
|
||||
log.info("GetRootCertificate Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests generation of X509Certificate")
|
||||
public void testGenerateX509Certificate() throws KeystoreException {
|
||||
X509Certificate x509Certificate = managementService.generateX509Certificate();
|
||||
Assert.assertNotNull(x509Certificate);
|
||||
Assert.assertEquals(x509Certificate.getType(), CertificateManagementConstants.X_509);
|
||||
log.info("GenerateX509Certificate Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests retrieving SCEP CA Certificate")
|
||||
public void testGetCACertSCEP() throws KeystoreException {
|
||||
SCEPResponse caCertSCEP = managementService.getCACertSCEP();
|
||||
Assert.assertNotNull(caCertSCEP);
|
||||
Assert.assertEquals(caCertSCEP.getResultCriteria(), CAStatus.CA_RA_CERT_RECEIVED);
|
||||
log.info("GetCACertSCEP Test Successful");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testGetCACapsSCEP() {
|
||||
byte[] caCapsSCEP = managementService.getCACapsSCEP();
|
||||
Assert.assertNotNull(caCapsSCEP);
|
||||
Assert.assertEquals(caCapsSCEP, CertificateManagementConstants.POST_BODY_CA_CAPS.getBytes());
|
||||
log.info("GetCACapsSCEP Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests generation of a X509Certificate from a CSR")
|
||||
public void testGenerateCertificateFromCSR() throws KeystoreException, IOException {
|
||||
CSRGenerator csrGeneration = new CSRGenerator();
|
||||
KeyStoreReader keyStoreReader = new KeyStoreReader();
|
||||
// Generate key pair
|
||||
KeyPair keyPair = csrGeneration.generateKeyPair("RSA", 1024);
|
||||
byte[] csrData = csrGeneration.generateCSR("SHA256WithRSA", keyPair);
|
||||
PKCS10CertificationRequest certificationRequest;
|
||||
PrivateKey privateKeyCA = keyStoreReader.getCAPrivateKey();
|
||||
X509Certificate certCA = (X509Certificate) keyStoreReader.getCACertificate();
|
||||
certificationRequest = new PKCS10CertificationRequest(csrData);
|
||||
X509Certificate x509Certificate = managementService.generateCertificateFromCSR(privateKeyCA,
|
||||
certificationRequest, certCA.getIssuerX500Principal().getName());
|
||||
Assert.assertNotNull(x509Certificate);
|
||||
Assert.assertEquals(x509Certificate.getType(), CertificateManagementConstants.X_509);
|
||||
log.info("GenerateCertificateFromCSR Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests retrieval of a Certificate from the keystore from the Serial Number")
|
||||
public void testGetCertificateBySerial() throws KeystoreException, DeviceManagementException {
|
||||
X509Certificate x509Certificate = null;
|
||||
//generate and save a certificate
|
||||
x509Certificate = managementService.generateX509Certificate();
|
||||
//initialize DeviceConfigurationManager
|
||||
DeviceConfigurationManager.getInstance().initConfig();
|
||||
CertificateResponse certificateBySerial = managementService.getCertificateBySerial(x509Certificate.getSerialNumber().toString());
|
||||
Assert.assertNotNull(certificateBySerial);
|
||||
Assert.assertEquals(certificateBySerial.getSerialNumber(), x509Certificate.getSerialNumber().toString());
|
||||
log.info("GetCertificateBySerial Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests retrieval of a Certificate from the keystore from the Alias")
|
||||
public void testGetCertificateByAlias() throws KeystoreException, DeviceManagementException {
|
||||
X509Certificate x509Certificate = null;
|
||||
//generate and save a certificate
|
||||
x509Certificate = managementService.generateX509Certificate();
|
||||
//initialize DeviceConfigurationManager
|
||||
DeviceConfigurationManager.getInstance().initConfig();
|
||||
Certificate certificateByAlias = managementService.getCertificateByAlias(x509Certificate.getSerialNumber().toString());
|
||||
Assert.assertNotNull(certificateByAlias);
|
||||
Assert.assertEquals(certificateByAlias.getType(), CertificateManagementConstants.X_509);
|
||||
log.info("GetCertificateByAlias Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests Signature verification of a Certificate against the keystore")
|
||||
public void testVerifySignature() throws KeystoreException, CertificateEncodingException, CMSException, IOException {
|
||||
BASE64Encoder encoder = new BASE64Encoder();
|
||||
//generate and save a certificate in the keystore
|
||||
X509Certificate x509Certificate = managementService.generateX509Certificate();
|
||||
//Generate CMSdata
|
||||
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
|
||||
List<X509Certificate> list = new ArrayList<>();
|
||||
list.add(x509Certificate);
|
||||
JcaCertStore store = new JcaCertStore(list);
|
||||
generator.addCertificates(store);
|
||||
CMSSignedData degenerateSd = generator.generate(new CMSAbsentContent());
|
||||
byte[] signature = degenerateSd.getEncoded();
|
||||
boolean verifySignature = managementService.verifySignature(encoder.encode(signature));
|
||||
Assert.assertNotNull(verifySignature);
|
||||
Assert.assertTrue(verifySignature);
|
||||
log.info("VerifySignature Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests DN verification of a Certificate against the keystore")
|
||||
public void testVerifySubjectDN() throws DeviceManagementException, KeystoreException {
|
||||
DeviceConfigurationManager.getInstance().initConfig();
|
||||
X509Certificate x509Certificate = managementService.generateX509Certificate();
|
||||
log.info(x509Certificate.getIssuerX500Principal().getName());
|
||||
managementService.verifySubjectDN(x509Certificate.getIssuerDN().getName());
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests retrieval of a Certificate from the keystore from the Serial")
|
||||
public void testRetrieveCertificate() throws KeystoreException, CertificateManagementException {
|
||||
X509Certificate x509Certificate = managementService.generateX509Certificate();
|
||||
CertificateResponse certificateResponse = managementService.retrieveCertificate(x509Certificate.getSerialNumber().toString());
|
||||
Assert.assertNotNull(certificateResponse);
|
||||
Assert.assertEquals(x509Certificate.getSerialNumber(), certificateResponse.getCertificateserial());
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests the retrieval of Certificates from keystore in desired pagination")
|
||||
public void testGetAllCertificatesPaginated() throws CertificateManagementException, KeystoreException {
|
||||
managementService.generateX509Certificate();
|
||||
managementService.generateX509Certificate();
|
||||
PaginationResult allCertificates = managementService.getAllCertificates(0, 2);
|
||||
Assert.assertEquals(allCertificates.getData().size(), 2);
|
||||
log.info("GetAllCertificatesPaginated Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test casae tests retrieval of all Certificates from keystore")
|
||||
public void testGetCertificates() throws CertificateManagementException, KeystoreException {
|
||||
List<CertificateResponse> certificatesBefore = managementService.getCertificates();
|
||||
managementService.generateX509Certificate();
|
||||
managementService.generateX509Certificate();
|
||||
List<CertificateResponse> certificatesAfter = managementService.getCertificates();
|
||||
Assert.assertNotNull(certificatesBefore);
|
||||
Assert.assertNotNull(certificatesAfter);
|
||||
Assert.assertEquals((certificatesBefore.size() + 2), certificatesAfter.size());
|
||||
log.info("GetCertificates Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests deleting Certificate from the keystore")
|
||||
public void testRemoveCertificate() throws CertificateManagementException, KeystoreException {
|
||||
X509Certificate x509Certificate = managementService.generateX509Certificate();
|
||||
List<CertificateResponse> certificates = managementService.getCertificates();
|
||||
int size = certificates.size();
|
||||
boolean removed = managementService.removeCertificate(x509Certificate.getSerialNumber().toString());
|
||||
certificates = managementService.getCertificates();
|
||||
int sizeAfter = certificates.size();
|
||||
Assert.assertNotNull(removed);
|
||||
Assert.assertTrue(removed);
|
||||
Assert.assertEquals((size - 1), sizeAfter);
|
||||
log.info("RemoveCertificate Test Successful");
|
||||
}
|
||||
|
||||
|
||||
@Test(description = "This test case tests searching for a list of certificates by the serial number")
|
||||
public void testSearchCertificates() throws CertificateManagementException, KeystoreException {
|
||||
X509Certificate x509Certificate = managementService.generateX509Certificate();
|
||||
List<CertificateResponse> certificateResponses = managementService.searchCertificates(x509Certificate.getSerialNumber().toString());
|
||||
Assert.assertNotNull(certificateResponses);
|
||||
Assert.assertEquals(1, certificateResponses.size());
|
||||
Assert.assertEquals(certificateResponses.get(0).getSerialNumber(), x509Certificate.getSerialNumber().toString());
|
||||
log.info("SearchCertificates Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests generation of signed Certificate from a CSR")
|
||||
public void testGetSignedCertificateFromCSR() throws KeystoreException {
|
||||
CSRGenerator csrGeneration = new CSRGenerator();
|
||||
BASE64Encoder encoder = new BASE64Encoder();
|
||||
// Generate key pair
|
||||
KeyPair keyPair = csrGeneration.generateKeyPair("RSA", 1024);
|
||||
byte[] csrData = csrGeneration.generateCSR("SHA256WithRSA", keyPair);
|
||||
X509Certificate signedCertificateFromCSR = managementService.getSignedCertificateFromCSR(encoder.encode(csrData));
|
||||
Assert.assertNotNull(signedCertificateFromCSR);
|
||||
Assert.assertEquals(signedCertificateFromCSR.getType(), CertificateManagementConstants.X_509);
|
||||
log.info("GetSignedCertificateFromCSR Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests the extraction of Challenge token from a Certificate")
|
||||
public void testExtractChallengeToken() throws KeystoreException {
|
||||
X509Certificate x509Certificate1 = new DummyCertificate();
|
||||
String token = managementService.extractChallengeToken(x509Certificate1);
|
||||
Assert.assertNotNull(token);
|
||||
Assert.assertEquals(token, DummyCertificate.EXT);
|
||||
log.info("extractChallengeToken Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests saving a list of Certificates in the keystore")
|
||||
public void testSaveCertificate() throws CertificateManagementException, IOException, CertificateException, KeystoreException {
|
||||
File caCert = new File(CA_CERT_PEM);
|
||||
int before = managementService.getCertificates().size();
|
||||
byte[] caBytes = FileUtils.readFileToByteArray(caCert);
|
||||
CertificateFactory cf = CertificateFactory.getInstance("X.509");
|
||||
X509Certificate cert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(caBytes));
|
||||
List<org.wso2.carbon.certificate.mgt.core.bean.Certificate> certificates = new ArrayList<>();
|
||||
org.wso2.carbon.certificate.mgt.core.bean.Certificate certificateToStore =
|
||||
new org.wso2.carbon.certificate.mgt.core.bean.Certificate();
|
||||
certificateToStore.setTenantId(PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId());
|
||||
certificateToStore.setCertificate(cert);
|
||||
certificates.add(certificateToStore);
|
||||
managementService.saveCertificate(certificates);
|
||||
int after = managementService.getCertificates().size();
|
||||
Assert.assertEquals((before + 1), after);
|
||||
log.info("SaveCertificate Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests converting a pem file to X509 Certificate")
|
||||
public void testPemToX509Certificate() throws IOException, KeystoreException {
|
||||
File caCert = new File(CA_CERT_PEM);
|
||||
BASE64Encoder encoder = new BASE64Encoder();
|
||||
byte[] caBytes = FileUtils.readFileToByteArray(caCert);
|
||||
X509Certificate certificate = managementService.pemToX509Certificate(encoder.encode(caBytes));
|
||||
Assert.assertNotNull(certificate);
|
||||
Assert.assertEquals(certificate.getType(), CertificateManagementConstants.X_509);
|
||||
log.info("PemToX509Certificate Test Successful");
|
||||
}
|
||||
|
||||
@Test(description = "This test case tests extracting Certificate from the header Signature")
|
||||
public void testExtractCertificateFromSignature() throws KeystoreException, CertificateEncodingException, CMSException, IOException {
|
||||
BASE64Encoder encoder = new BASE64Encoder();
|
||||
//generate and save a certificate in the keystore
|
||||
X509Certificate x509Certificate = managementService.generateX509Certificate();
|
||||
//Generate CMSdata
|
||||
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
|
||||
List<X509Certificate> list = new ArrayList<>();
|
||||
list.add(x509Certificate);
|
||||
JcaCertStore store = new JcaCertStore(list);
|
||||
generator.addCertificates(store);
|
||||
CMSSignedData degenerateSd = generator.generate(new CMSAbsentContent());
|
||||
byte[] signature = degenerateSd.getEncoded();
|
||||
X509Certificate certificate = managementService.extractCertificateFromSignature(encoder.encode(signature));
|
||||
Assert.assertNotNull(certificate);
|
||||
Assert.assertEquals(certificate.getType(), CertificateManagementConstants.X_509);
|
||||
log.info("ExtractCertificateFromSignature Test Successful");
|
||||
}
|
||||
|
||||
|
||||
}
|
@ -0,0 +1,87 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.certificate.mgt.core.util;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
import org.bouncycastle.operator.ContentSigner;
|
||||
import org.bouncycastle.operator.OperatorCreationException;
|
||||
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
|
||||
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
|
||||
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
|
||||
import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
|
||||
|
||||
import javax.security.auth.x500.X500Principal;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.PrintStream;
|
||||
import java.security.KeyPair;
|
||||
import java.security.KeyPairGenerator;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
|
||||
/**
|
||||
* Test class for generating a mock CSR request.
|
||||
*/
|
||||
public class CSRGenerator {
|
||||
private static Log log = LogFactory.getLog(CSRGenerator.class);
|
||||
|
||||
/**
|
||||
* Generate the desired CSR for signing
|
||||
*
|
||||
* @param sigAlg
|
||||
* @param keyPair
|
||||
* @return
|
||||
*/
|
||||
public byte[] generateCSR(String sigAlg, KeyPair keyPair) {
|
||||
ByteArrayOutputStream outStream = new ByteArrayOutputStream();
|
||||
PrintStream printStream = new PrintStream(outStream);
|
||||
try {
|
||||
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
|
||||
new X500Principal("CN=Requested Test Certificate"), keyPair.getPublic());
|
||||
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
|
||||
ContentSigner signer = csBuilder.build(keyPair.getPrivate());
|
||||
PKCS10CertificationRequest csr = p10Builder.build(signer);
|
||||
return csr.getEncoded();
|
||||
} catch (OperatorCreationException ex) {
|
||||
log.error("Error while Key generation operation", ex);
|
||||
} catch (IOException ex) {
|
||||
log.error("Error while generating CSR,ex");
|
||||
}
|
||||
return new byte[0];
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate the desired keypair
|
||||
*
|
||||
* @param alg
|
||||
* @param keySize
|
||||
* @return
|
||||
*/
|
||||
public KeyPair generateKeyPair(String alg, int keySize) {
|
||||
try {
|
||||
KeyPairGenerator keyPairGenerator = null;
|
||||
keyPairGenerator = KeyPairGenerator.getInstance(alg);
|
||||
keyPairGenerator.initialize(keySize);
|
||||
return keyPairGenerator.generateKeyPair();
|
||||
} catch (NoSuchAlgorithmException e) {
|
||||
log.error("The provided algorithm is not found ",e);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
@ -0,0 +1,180 @@
|
||||
/*
|
||||
* Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
package org.wso2.carbon.certificate.mgt.core.util;
|
||||
|
||||
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.Principal;
|
||||
import java.security.PublicKey;
|
||||
import java.security.cert.CertificateEncodingException;
|
||||
import java.security.cert.CertificateExpiredException;
|
||||
import java.security.cert.CertificateNotYetValidException;
|
||||
import java.security.cert.CertificateException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.SignatureException;
|
||||
import java.security.NoSuchProviderException;
|
||||
import java.security.cert.X509Certificate;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.util.Date;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* A Mock Certificate class with an extension provided.(Used only to test the extension)
|
||||
*/
|
||||
public class DummyCertificate extends X509Certificate {
|
||||
|
||||
public static final String EXT = "Dummy extension";
|
||||
public static final String DN = "O=WSO2,OU=Mobile,C=LK,CN=123456789";
|
||||
|
||||
@Override
|
||||
public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getVersion() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@Override
|
||||
public BigInteger getSerialNumber() {
|
||||
return new BigInteger("123456789");
|
||||
}
|
||||
|
||||
@Override
|
||||
public Principal getIssuerDN() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Principal getSubjectDN() {
|
||||
return new Principal() {
|
||||
@Override
|
||||
public String getName() {
|
||||
return DN;
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
@Override
|
||||
public Date getNotBefore() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Date getNotAfter() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public byte[] getTBSCertificate() throws CertificateEncodingException {
|
||||
return new byte[0];
|
||||
}
|
||||
|
||||
@Override
|
||||
public byte[] getSignature() {
|
||||
return new byte[0];
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getSigAlgName() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getSigAlgOID() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public byte[] getSigAlgParams() {
|
||||
return new byte[0];
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean[] getIssuerUniqueID() {
|
||||
return new boolean[0];
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean[] getSubjectUniqueID() {
|
||||
return new boolean[0];
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean[] getKeyUsage() {
|
||||
return new boolean[0];
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getBasicConstraints() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@Override
|
||||
public byte[] getEncoded() throws CertificateEncodingException {
|
||||
return new byte[0];
|
||||
}
|
||||
|
||||
@Override
|
||||
public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
|
||||
}
|
||||
|
||||
@Override
|
||||
public void verify(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public PublicKey getPublicKey() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean hasUnsupportedCriticalExtension() {
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<String> getCriticalExtensionOIDs() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<String> getNonCriticalExtensionOIDs() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public byte[] getExtensionValue(String oid) {
|
||||
if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_challengePassword.toString())) {
|
||||
return EXT.getBytes();
|
||||
} else {
|
||||
return new byte[0];
|
||||
}
|
||||
}
|
||||
}
|
@ -0,0 +1,56 @@
|
||||
/*
|
||||
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
*
|
||||
* WSO2 Inc. licenses this file to you under the Apache License,
|
||||
* Version 2.0 (the "License"); you may not use this file except
|
||||
* in compliance with the License.
|
||||
* you may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
package org.wso2.carbon.certificate.mgt.core.util;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import java.sql.Connection;
|
||||
import java.sql.ResultSet;
|
||||
import java.sql.SQLException;
|
||||
import java.sql.Statement;
|
||||
|
||||
public class TestUtils {
|
||||
|
||||
private static final Log log = LogFactory.getLog(TestUtils.class);
|
||||
|
||||
public static void cleanupResources(Connection conn, Statement stmt, ResultSet rs) {
|
||||
if (rs != null) {
|
||||
try {
|
||||
rs.close();
|
||||
} catch (SQLException e) {
|
||||
log.warn("Error occurred while closing result set", e);
|
||||
}
|
||||
}
|
||||
if (stmt != null) {
|
||||
try {
|
||||
stmt.close();
|
||||
} catch (SQLException e) {
|
||||
log.warn("Error occurred while closing prepared statement", e);
|
||||
}
|
||||
}
|
||||
if (conn != null) {
|
||||
try {
|
||||
conn.close();
|
||||
} catch (SQLException e) {
|
||||
log.warn("Error occurred while closing database connection", e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
Binary file not shown.
@ -0,0 +1,655 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
<!--
|
||||
~ Copyright 2005-2017 WSO2 Inc. (http://wso2.com)
|
||||
~
|
||||
~ Licensed under the Apache License, Version 2.0 (the "License");
|
||||
~ you may not use this file except in compliance with the License.
|
||||
~ You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing, software
|
||||
~ distributed under the License is distributed on an "AS IS" BASIS,
|
||||
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
~ See the License for the specific language governing permissions and
|
||||
~ limitations under the License.
|
||||
-->
|
||||
|
||||
<!--
|
||||
This is the main server configuration file
|
||||
|
||||
${carbon.home} represents the carbon.home system property.
|
||||
Other system properties can be specified in a similar manner.
|
||||
-->
|
||||
<Server xmlns="http://wso2.org/projects/carbon/carbon.xml">
|
||||
|
||||
<!--
|
||||
Product Name
|
||||
-->
|
||||
<Name>${product.name}</Name>
|
||||
|
||||
<!--
|
||||
machine readable unique key to identify each product
|
||||
-->
|
||||
<ServerKey>${product.key}</ServerKey>
|
||||
|
||||
<!--
|
||||
Product Version
|
||||
-->
|
||||
<Version>${product.version}</Version>
|
||||
|
||||
<!--
|
||||
Host name or IP address of the machine hosting this server
|
||||
e.g. www.wso2.org, 192.168.1.10
|
||||
This is will become part of the End Point Reference of the
|
||||
services deployed on this server instance.
|
||||
-->
|
||||
<!--HostName>www.wso2.org</HostName-->
|
||||
|
||||
<!--
|
||||
Host name to be used for the Carbon management console
|
||||
-->
|
||||
<!--MgtHostName>mgt.wso2.org</MgtHostName-->
|
||||
|
||||
<!--
|
||||
The URL of the back end server. This is where the admin services are hosted and
|
||||
will be used by the clients in the front end server.
|
||||
This is required only for the Front-end server. This is used when seperating BE server from FE server
|
||||
-->
|
||||
<ServerURL>local:/${carbon.context}/services/</ServerURL>
|
||||
<!--
|
||||
<ServerURL>https://${carbon.local.ip}:${carbon.management.port}${carbon.context}/services/</ServerURL>
|
||||
-->
|
||||
<!--
|
||||
The URL of the index page. This is where the user will be redirected after signing in to the
|
||||
carbon server.
|
||||
-->
|
||||
<!-- IndexPageURL>/carbon/admin/index.jsp</IndexPageURL-->
|
||||
|
||||
<!--
|
||||
For cApp deployment, we have to identify the roles that can be acted by the current server.
|
||||
The following property is used for that purpose. Any number of roles can be defined here.
|
||||
Regular expressions can be used in the role.
|
||||
Ex : <Role>.*</Role> means this server can act any role
|
||||
-->
|
||||
<ServerRoles>
|
||||
<Role>${default.server.role}</Role>
|
||||
</ServerRoles>
|
||||
|
||||
<!-- uncommnet this line to subscribe to a bam instance automatically -->
|
||||
<!--<BamServerURL>https://bamhost:bamport/services/</BamServerURL>-->
|
||||
|
||||
<!--
|
||||
The fully qualified name of the server
|
||||
-->
|
||||
<Package>org.wso2.carbon</Package>
|
||||
|
||||
<!--
|
||||
Webapp context root of WSO2 Carbon management console.
|
||||
-->
|
||||
<WebContextRoot>/</WebContextRoot>
|
||||
|
||||
<!--
|
||||
Proxy context path is a useful parameter to add a proxy path when a Carbon server is fronted by reverse proxy. In addtion
|
||||
to the proxy host and proxy port this parameter allows you add a path component to external URLs. e.g.
|
||||
URL of the Carbon server -> https://10.100.1.1:9443/carbon
|
||||
URL of the reverse proxy -> https://prod.abc.com/appserver/carbon
|
||||
|
||||
appserver - proxy context path. This specially required whenever you are generating URLs to displace in
|
||||
Carbon UI components.
|
||||
-->
|
||||
<!--
|
||||
<MgtProxyContextPath></MgtProxyContextPath>
|
||||
<ProxyContextPath></ProxyContextPath>
|
||||
-->
|
||||
|
||||
<!-- In-order to get the registry http Port from the back-end when the default http transport is not the same-->
|
||||
<!--RegistryHttpPort>9763</RegistryHttpPort-->
|
||||
|
||||
<!--
|
||||
Number of items to be displayed on a management console page. This is used at the
|
||||
backend server for pagination of various items.
|
||||
-->
|
||||
<ItemsPerPage>15</ItemsPerPage>
|
||||
|
||||
<!-- The endpoint URL of the cloud instance management Web service -->
|
||||
<!--<InstanceMgtWSEndpoint>https://ec2.amazonaws.com/</InstanceMgtWSEndpoint>-->
|
||||
|
||||
<!--
|
||||
Ports used by this server
|
||||
-->
|
||||
<Ports>
|
||||
|
||||
<!-- Ports offset. This entry will set the value of the ports defined below to
|
||||
the define value + Offset.
|
||||
e.g. Offset=2 and HTTPS port=9443 will set the effective HTTPS port to 9445
|
||||
-->
|
||||
<Offset>0</Offset>
|
||||
|
||||
<!-- The JMX Ports -->
|
||||
<JMX>
|
||||
<!--The port RMI registry is exposed-->
|
||||
<RMIRegistryPort>9999</RMIRegistryPort>
|
||||
<!--The port RMI server should be exposed-->
|
||||
<RMIServerPort>11111</RMIServerPort>
|
||||
</JMX>
|
||||
|
||||
<!-- Embedded LDAP server specific ports -->
|
||||
<EmbeddedLDAP>
|
||||
<!-- Port which embedded LDAP server runs -->
|
||||
<LDAPServerPort>10389</LDAPServerPort>
|
||||
<!-- Port which KDC (Kerberos Key Distribution Center) server runs -->
|
||||
<KDCServerPort>8000</KDCServerPort>
|
||||
</EmbeddedLDAP>
|
||||
|
||||
<!--
|
||||
Override datasources JNDIproviderPort defined in bps.xml and datasources.properties files
|
||||
-->
|
||||
<!--<JNDIProviderPort>2199</JNDIProviderPort>-->
|
||||
<!--Override receive port of thrift based entitlement service.-->
|
||||
<ThriftEntitlementReceivePort>10500</ThriftEntitlementReceivePort>
|
||||
|
||||
</Ports>
|
||||
|
||||
<!--
|
||||
JNDI Configuration
|
||||
-->
|
||||
<JNDI>
|
||||
<!--
|
||||
The fully qualified name of the default initial context factory
|
||||
-->
|
||||
<DefaultInitialContextFactory>org.wso2.carbon.tomcat.jndi.CarbonJavaURLContextFactory</DefaultInitialContextFactory>
|
||||
<!--
|
||||
The restrictions that are done to various JNDI Contexts in a Multi-tenant environment
|
||||
-->
|
||||
<Restrictions>
|
||||
<!--
|
||||
Contexts that will be available only to the super-tenant
|
||||
-->
|
||||
<!-- <SuperTenantOnly>
|
||||
<UrlContexts>
|
||||
<UrlContext>
|
||||
<Scheme>foo</Scheme>
|
||||
</UrlContext>
|
||||
<UrlContext>
|
||||
<Scheme>bar</Scheme>
|
||||
</UrlContext>
|
||||
</UrlContexts>
|
||||
</SuperTenantOnly> -->
|
||||
<!--
|
||||
Contexts that are common to all tenants
|
||||
-->
|
||||
<AllTenants>
|
||||
<UrlContexts>
|
||||
<UrlContext>
|
||||
<Scheme>java</Scheme>
|
||||
</UrlContext>
|
||||
<!-- <UrlContext>
|
||||
<Scheme>foo</Scheme>
|
||||
</UrlContext> -->
|
||||
</UrlContexts>
|
||||
</AllTenants>
|
||||
<!--
|
||||
All other contexts not mentioned above will be available on a per-tenant basis
|
||||
(i.e. will not be shared among tenants)
|
||||
-->
|
||||
</Restrictions>
|
||||
</JNDI>
|
||||
|
||||
<!--
|
||||
Property to determine if the server is running an a cloud deployment environment.
|
||||
This property should only be used to determine deployment specific details that are
|
||||
applicable only in a cloud deployment, i.e when the server deployed *-as-a-service.
|
||||
-->
|
||||
<IsCloudDeployment>false</IsCloudDeployment>
|
||||
|
||||
<!--
|
||||
Property to determine whether usage data should be collected for metering purposes
|
||||
-->
|
||||
<EnableMetering>false</EnableMetering>
|
||||
|
||||
<!-- The Max time a thread should take for execution in seconds -->
|
||||
<MaxThreadExecutionTime>600</MaxThreadExecutionTime>
|
||||
|
||||
<!--
|
||||
A flag to enable or disable Ghost Deployer. By default this is set to false. That is
|
||||
because the Ghost Deployer works only with the HTTP/S transports. If you are using
|
||||
other transports, don't enable Ghost Deployer.
|
||||
-->
|
||||
<GhostDeployment>
|
||||
<Enabled>false</Enabled>
|
||||
</GhostDeployment>
|
||||
|
||||
|
||||
<!--
|
||||
Eager loading or lazy loading is a design pattern commonly used in computer programming which
|
||||
will initialize an object upon creation or load on-demand. In carbon, lazy loading is used to
|
||||
load tenant when a request is received only. Similarly Eager loading is used to enable load
|
||||
existing tenants after carbon server starts up. Using this feature, you will be able to include
|
||||
or exclude tenants which are to be loaded when server startup.
|
||||
|
||||
We can enable only one LoadingPolicy at a given time.
|
||||
|
||||
1. Tenant Lazy Loading
|
||||
This is the default behaviour and enabled by default. With this policy, tenants are not loaded at
|
||||
server startup, but loaded based on-demand (i.e when a request is received for a tenant).
|
||||
The default tenant idle time is 30 minutes.
|
||||
|
||||
2. Tenant Eager Loading
|
||||
This is by default not enabled. It can be be enabled by un-commenting the <EagerLoading> section.
|
||||
The eager loading configurations supported are as below. These configurations can be given as the
|
||||
value for <Include> element with eager loading.
|
||||
(i)Load all tenants when server startup - *
|
||||
(ii)Load all tenants except foo.com & bar.com - *,!foo.com,!bar.com
|
||||
(iii)Load only foo.com & bar.com to be included - foo.com,bar.com
|
||||
-->
|
||||
<Tenant>
|
||||
<LoadingPolicy>
|
||||
<LazyLoading>
|
||||
<IdleTime>30</IdleTime>
|
||||
</LazyLoading>
|
||||
<!-- <EagerLoading>
|
||||
<Include>*,!foo.com,!bar.com</Include>
|
||||
</EagerLoading>-->
|
||||
</LoadingPolicy>
|
||||
</Tenant>
|
||||
|
||||
<!--
|
||||
Caching related configurations
|
||||
-->
|
||||
<Cache>
|
||||
<!-- Default cache timeout in minutes -->
|
||||
<DefaultCacheTimeout>15</DefaultCacheTimeout>
|
||||
</Cache>
|
||||
|
||||
<!--
|
||||
Axis2 related configurations
|
||||
-->
|
||||
<Axis2Config>
|
||||
<!--
|
||||
Location of the Axis2 Services & Modules repository
|
||||
|
||||
This can be a directory in the local file system, or a URL.
|
||||
|
||||
e.g.
|
||||
1. /home/wso2wsas/repository/ - An absolute path
|
||||
2. repository - In this case, the path is relative to CARBON_HOME
|
||||
3. file:///home/wso2wsas/repository/
|
||||
4. http://wso2wsas/repository/
|
||||
-->
|
||||
<RepositoryLocation>${carbon.home}/repository/deployment/server/</RepositoryLocation>
|
||||
|
||||
<!--
|
||||
Deployment update interval in seconds. This is the interval between repository listener
|
||||
executions.
|
||||
-->
|
||||
<DeploymentUpdateInterval>15</DeploymentUpdateInterval>
|
||||
|
||||
<!--
|
||||
Location of the main Axis2 configuration descriptor file, a.k.a. axis2.xml file
|
||||
|
||||
This can be a file on the local file system, or a URL
|
||||
|
||||
e.g.
|
||||
1. /home/repository/axis2.xml - An absolute path
|
||||
2. conf/axis2.xml - In this case, the path is relative to CARBON_HOME
|
||||
3. file:///home/carbon/repository/axis2.xml
|
||||
4. http://repository/conf/axis2.xml
|
||||
-->
|
||||
<ConfigurationFile>${carbon.home}/repository/conf/axis2/axis2.xml</ConfigurationFile>
|
||||
|
||||
<!--
|
||||
ServiceGroupContextIdleTime, which will be set in ConfigurationContex
|
||||
for multiple clients which are going to access the same ServiceGroupContext
|
||||
Default Value is 30 Sec.
|
||||
-->
|
||||
<ServiceGroupContextIdleTime>30000</ServiceGroupContextIdleTime>
|
||||
|
||||
<!--
|
||||
This repository location is used to crete the client side configuration
|
||||
context used by the server when calling admin services.
|
||||
-->
|
||||
<ClientRepositoryLocation>${carbon.home}/repository/deployment/client/</ClientRepositoryLocation>
|
||||
<!-- This axis2 xml is used in createing the configuration context by the FE server
|
||||
calling to BE server -->
|
||||
<clientAxis2XmlLocation>${carbon.home}/repository/conf/axis2/axis2_client.xml</clientAxis2XmlLocation>
|
||||
<!-- If this parameter is set, the ?wsdl on an admin service will not give the admin service wsdl. -->
|
||||
<HideAdminServiceWSDLs>true</HideAdminServiceWSDLs>
|
||||
|
||||
<!--WARNING-Use With Care! Uncommenting bellow parameter would expose all AdminServices in HTTP transport.
|
||||
With HTTP transport your credentials and data routed in public channels are vulnerable for sniffing attacks.
|
||||
Use bellow parameter ONLY if your communication channels are confirmed to be secured by other means -->
|
||||
<!--HttpAdminServices>*</HttpAdminServices-->
|
||||
|
||||
</Axis2Config>
|
||||
|
||||
<!--
|
||||
The default user roles which will be created when the server
|
||||
is started up for the first time.
|
||||
-->
|
||||
<ServiceUserRoles>
|
||||
<Role>
|
||||
<Name>admin</Name>
|
||||
<Description>Default Administrator Role</Description>
|
||||
</Role>
|
||||
<Role>
|
||||
<Name>user</Name>
|
||||
<Description>Default User Role</Description>
|
||||
</Role>
|
||||
</ServiceUserRoles>
|
||||
|
||||
<!--
|
||||
Enable following config to allow Emails as usernames.
|
||||
-->
|
||||
<!--EnableEmailUserName>true</EnableEmailUserName-->
|
||||
|
||||
<!--
|
||||
Security configurations
|
||||
-->
|
||||
<Security>
|
||||
<!--
|
||||
KeyStore which will be used for encrypting/decrypting passwords
|
||||
and other sensitive information.
|
||||
-->
|
||||
<KeyStore>
|
||||
<!-- Keystore file location-->
|
||||
<Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>
|
||||
<!-- Keystore type (JKS/PKCS12 etc.)-->
|
||||
<Type>JKS</Type>
|
||||
<!-- Keystore password-->
|
||||
<Password>wso2carbon</Password>
|
||||
<!-- Private Key alias-->
|
||||
<KeyAlias>wso2carbon</KeyAlias>
|
||||
<!-- Private Key password-->
|
||||
<KeyPassword>wso2carbon</KeyPassword>
|
||||
</KeyStore>
|
||||
|
||||
<!--
|
||||
System wide trust-store which is used to maintain the certificates of all
|
||||
the trusted parties.
|
||||
-->
|
||||
<TrustStore>
|
||||
<!-- trust-store file location -->
|
||||
<Location>${carbon.home}/repository/resources/security/client-truststore.jks</Location>
|
||||
<!-- trust-store type (JKS/PKCS12 etc.) -->
|
||||
<Type>JKS</Type>
|
||||
<!-- trust-store password -->
|
||||
<Password>wso2carbon</Password>
|
||||
</TrustStore>
|
||||
|
||||
<!--
|
||||
The Authenticator configuration to be used at the JVM level. We extend the
|
||||
java.net.Authenticator to make it possible to authenticate to given servers and
|
||||
proxies.
|
||||
-->
|
||||
<NetworkAuthenticatorConfig>
|
||||
<!--
|
||||
Below is a sample configuration for a single authenticator. Please note that
|
||||
all child elements are mandatory. Not having some child elements would lead to
|
||||
exceptions at runtime.
|
||||
-->
|
||||
<!-- <Credential> -->
|
||||
<!--
|
||||
the pattern that would match a subset of URLs for which this authenticator
|
||||
would be used
|
||||
-->
|
||||
<!-- <Pattern>regularExpression</Pattern> -->
|
||||
<!--
|
||||
the type of this authenticator. Allowed values are:
|
||||
1. server
|
||||
2. proxy
|
||||
-->
|
||||
<!-- <Type>proxy</Type> -->
|
||||
<!-- the username used to log in to server/proxy -->
|
||||
<!-- <Username>username</Username> -->
|
||||
<!-- the password used to log in to server/proxy -->
|
||||
<!-- <Password>password</Password> -->
|
||||
<!-- </Credential> -->
|
||||
</NetworkAuthenticatorConfig>
|
||||
|
||||
<!--
|
||||
The Tomcat realm to be used for hosted Web applications. Allowed values are;
|
||||
1. UserManager
|
||||
2. Memory
|
||||
|
||||
If this is set to 'UserManager', the realm will pick users & roles from the system's
|
||||
WSO2 User Manager. If it is set to 'memory', the realm will pick users & roles from
|
||||
CARBON_HOME/repository/conf/tomcat/tomcat-users.xml
|
||||
-->
|
||||
<TomcatRealm>UserManager</TomcatRealm>
|
||||
|
||||
<!--Option to disable storing of tokens issued by STS-->
|
||||
<DisableTokenStore>false</DisableTokenStore>
|
||||
|
||||
<!--
|
||||
Security token store class name. If this is not set, default class will be
|
||||
org.wso2.carbon.security.util.SecurityTokenStore
|
||||
-->
|
||||
<!--TokenStoreClassName>org.wso2.carbon.identity.sts.store.DBTokenStore</TokenStoreClassName-->
|
||||
</Security>
|
||||
|
||||
<!--
|
||||
The temporary work directory
|
||||
-->
|
||||
<WorkDirectory>${carbon.home}/tmp/work</WorkDirectory>
|
||||
|
||||
<!--
|
||||
House-keeping configuration
|
||||
-->
|
||||
<HouseKeeping>
|
||||
|
||||
<!--
|
||||
true - Start House-keeping thread on server startup
|
||||
false - Do not start House-keeping thread on server startup.
|
||||
The user will run it manually as and when he wishes.
|
||||
-->
|
||||
<AutoStart>true</AutoStart>
|
||||
|
||||
<!--
|
||||
The interval in *minutes*, between house-keeping runs
|
||||
-->
|
||||
<Interval>10</Interval>
|
||||
|
||||
<!--
|
||||
The maximum time in *minutes*, temp files are allowed to live
|
||||
in the system. Files/directories which were modified more than
|
||||
"MaxTempFileLifetime" minutes ago will be removed by the
|
||||
house-keeping task
|
||||
-->
|
||||
<MaxTempFileLifetime>30</MaxTempFileLifetime>
|
||||
</HouseKeeping>
|
||||
|
||||
<!--
|
||||
Configuration for handling different types of file upload & other file uploading related
|
||||
config parameters.
|
||||
To map all actions to a particular FileUploadExecutor, use
|
||||
<Action>*</Action>
|
||||
-->
|
||||
<FileUploadConfig>
|
||||
<!--
|
||||
The total file upload size limit in MB
|
||||
-->
|
||||
<TotalFileSizeLimit>100</TotalFileSizeLimit>
|
||||
|
||||
<Mapping>
|
||||
<Actions>
|
||||
<Action>keystore</Action>
|
||||
<Action>certificate</Action>
|
||||
<Action>*</Action>
|
||||
</Actions>
|
||||
<Class>org.wso2.carbon.ui.transports.fileupload.AnyFileUploadExecutor</Class>
|
||||
</Mapping>
|
||||
|
||||
<Mapping>
|
||||
<Actions>
|
||||
<Action>jarZip</Action>
|
||||
</Actions>
|
||||
<Class>org.wso2.carbon.ui.transports.fileupload.JarZipUploadExecutor</Class>
|
||||
</Mapping>
|
||||
<Mapping>
|
||||
<Actions>
|
||||
<Action>dbs</Action>
|
||||
</Actions>
|
||||
<Class>org.wso2.carbon.ui.transports.fileupload.DBSFileUploadExecutor</Class>
|
||||
</Mapping>
|
||||
<Mapping>
|
||||
<Actions>
|
||||
<Action>tools</Action>
|
||||
</Actions>
|
||||
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsFileUploadExecutor</Class>
|
||||
</Mapping>
|
||||
<Mapping>
|
||||
<Actions>
|
||||
<Action>toolsAny</Action>
|
||||
</Actions>
|
||||
<Class>org.wso2.carbon.ui.transports.fileupload.ToolsAnyFileUploadExecutor</Class>
|
||||
</Mapping>
|
||||
</FileUploadConfig>
|
||||
|
||||
<!--
|
||||
Processors which process special HTTP GET requests such as ?wsdl, ?policy etc.
|
||||
|
||||
In order to plug in a processor to handle a special request, simply add an entry to this
|
||||
section.
|
||||
|
||||
The value of the Item element is the first parameter in the query string(e.g. ?wsdl)
|
||||
which needs special processing
|
||||
|
||||
The value of the Class element is a class which implements
|
||||
org.wso2.carbon.transport.HttpGetRequestProcessor
|
||||
-->
|
||||
<HttpGetRequestProcessors>
|
||||
<Processor>
|
||||
<Item>info</Item>
|
||||
<Class>org.wso2.carbon.core.transports.util.InfoProcessor</Class>
|
||||
</Processor>
|
||||
<Processor>
|
||||
<Item>wsdl</Item>
|
||||
<Class>org.wso2.carbon.core.transports.util.Wsdl11Processor</Class>
|
||||
</Processor>
|
||||
<Processor>
|
||||
<Item>wsdl2</Item>
|
||||
<Class>org.wso2.carbon.core.transports.util.Wsdl20Processor</Class>
|
||||
</Processor>
|
||||
<Processor>
|
||||
<Item>xsd</Item>
|
||||
<Class>org.wso2.carbon.core.transports.util.XsdProcessor</Class>
|
||||
</Processor>
|
||||
</HttpGetRequestProcessors>
|
||||
|
||||
<!-- Deployment Synchronizer Configuration. t Enabled value to true when running with "svn based" dep sync.
|
||||
In master nodes you need to set both AutoCommit and AutoCheckout to true
|
||||
and in worker nodes set only AutoCheckout to true.
|
||||
-->
|
||||
<DeploymentSynchronizer>
|
||||
<Enabled>false</Enabled>
|
||||
<AutoCommit>false</AutoCommit>
|
||||
<AutoCheckout>true</AutoCheckout>
|
||||
<RepositoryType>svn</RepositoryType>
|
||||
<SvnUrl>http://svnrepo.example.com/repos/</SvnUrl>
|
||||
<SvnUser>username</SvnUser>
|
||||
<SvnPassword>password</SvnPassword>
|
||||
<SvnUrlAppendTenantId>true</SvnUrlAppendTenantId>
|
||||
</DeploymentSynchronizer>
|
||||
|
||||
<!-- Deployment Synchronizer Configuration. Uncomment the following section when running with "registry based" dep sync.
|
||||
In master nodes you need to set both AutoCommit and AutoCheckout to true
|
||||
and in worker nodes set only AutoCheckout to true.
|
||||
-->
|
||||
<!--<DeploymentSynchronizer>
|
||||
<Enabled>true</Enabled>
|
||||
<AutoCommit>false</AutoCommit>
|
||||
<AutoCheckout>true</AutoCheckout>
|
||||
</DeploymentSynchronizer>-->
|
||||
|
||||
<!-- Mediation persistence configurations. Only valid if mediation features are available i.e. ESB -->
|
||||
<!--<MediationConfig>
|
||||
<LoadFromRegistry>false</LoadFromRegistry>
|
||||
<SaveToFile>false</SaveToFile>
|
||||
<Persistence>enabled</Persistence>
|
||||
<RegistryPersistence>enabled</RegistryPersistence>
|
||||
</MediationConfig>-->
|
||||
|
||||
<!--
|
||||
Server intializing code, specified as implementation classes of org.wso2.carbon.core.ServerInitializer.
|
||||
This code will be run when the Carbon server is initialized
|
||||
-->
|
||||
<ServerInitializers>
|
||||
<!--<Initializer></Initializer>-->
|
||||
</ServerInitializers>
|
||||
|
||||
<!--
|
||||
Indicates whether the Carbon Servlet is required by the system, and whether it should be
|
||||
registered
|
||||
-->
|
||||
<RequireCarbonServlet>${require.carbon.servlet}</RequireCarbonServlet>
|
||||
|
||||
<!--
|
||||
Carbon H2 OSGI Configuration
|
||||
By default non of the servers start.
|
||||
name="web" - Start the web server with the H2 Console
|
||||
name="webPort" - The port (default: 8082)
|
||||
name="webAllowOthers" - Allow other computers to connect
|
||||
name="webSSL" - Use encrypted (HTTPS) connections
|
||||
name="tcp" - Start the TCP server
|
||||
name="tcpPort" - The port (default: 9092)
|
||||
name="tcpAllowOthers" - Allow other computers to connect
|
||||
name="tcpSSL" - Use encrypted (SSL) connections
|
||||
name="pg" - Start the PG server
|
||||
name="pgPort" - The port (default: 5435)
|
||||
name="pgAllowOthers" - Allow other computers to connect
|
||||
name="trace" - Print additional trace information; for all servers
|
||||
name="baseDir" - The base directory for H2 databases; for all servers
|
||||
-->
|
||||
<!--H2DatabaseConfiguration>
|
||||
<property name="web" />
|
||||
<property name="webPort">8082</property>
|
||||
<property name="webAllowOthers" />
|
||||
<property name="webSSL" />
|
||||
<property name="tcp" />
|
||||
<property name="tcpPort">9092</property>
|
||||
<property name="tcpAllowOthers" />
|
||||
<property name="tcpSSL" />
|
||||
<property name="pg" />
|
||||
<property name="pgPort">5435</property>
|
||||
<property name="pgAllowOthers" />
|
||||
<property name="trace" />
|
||||
<property name="baseDir">${carbon.home}</property>
|
||||
</H2DatabaseConfiguration-->
|
||||
<!--Disabling statistics reporter by default-->
|
||||
<StatisticsReporterDisabled>true</StatisticsReporterDisabled>
|
||||
|
||||
<!-- Enable accessing Admin Console via HTTP -->
|
||||
<!-- EnableHTTPAdminConsole>true</EnableHTTPAdminConsole -->
|
||||
|
||||
<!--
|
||||
Default Feature Repository of WSO2 Carbon.
|
||||
-->
|
||||
<FeatureRepository>
|
||||
<RepositoryName>default repository</RepositoryName>
|
||||
<RepositoryURL>${p2.repo.url}</RepositoryURL>
|
||||
</FeatureRepository>
|
||||
|
||||
<!--
|
||||
Configure API Management
|
||||
-->
|
||||
<APIManagement>
|
||||
|
||||
<!--Uses the embedded API Manager by default. If you want to use an external
|
||||
API Manager instance to manage APIs, configure below externalAPIManager-->
|
||||
|
||||
<Enabled>true</Enabled>
|
||||
|
||||
<!--Uncomment and configure API Gateway and
|
||||
Publisher URLs to use external API Manager instance-->
|
||||
|
||||
<!--ExternalAPIManager>
|
||||
|
||||
<APIGatewayURL>http://localhost:8281</APIGatewayURL>
|
||||
<APIPublisherURL>http://localhost:8281/publisher</APIPublisherURL>
|
||||
|
||||
</ExternalAPIManager-->
|
||||
|
||||
<LoadAPIContextsInServerStartup>true</LoadAPIContextsInServerStartup>
|
||||
</APIManagement>
|
||||
</Server>
|
@ -0,0 +1,62 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
<!--
|
||||
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ you may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<DeviceMgtConfiguration>
|
||||
<ManagementRepository>
|
||||
<DataSourceConfiguration>
|
||||
<JndiLookupDefinition>
|
||||
<Name>jdbc/DM_DS</Name>
|
||||
</JndiLookupDefinition>
|
||||
</DataSourceConfiguration>
|
||||
</ManagementRepository>
|
||||
<EmailClientConfiguration>
|
||||
<minimumThread>8</minimumThread>
|
||||
<maximumThread>100</maximumThread>
|
||||
<keepAliveTime>20</keepAliveTime>
|
||||
<ThreadQueueCapacity>1000</ThreadQueueCapacity>
|
||||
</EmailClientConfiguration>
|
||||
<IdentityConfiguration>
|
||||
<ServerUrl>https://localhost:9443</ServerUrl>
|
||||
<AdminUsername>admin</AdminUsername>
|
||||
<AdminPassword>admin</AdminPassword>
|
||||
</IdentityConfiguration>
|
||||
<PolicyConfiguration>
|
||||
<monitoringClass>org.wso2.carbon.policy.mgt</monitoringClass>
|
||||
<monitoringEnable>true</monitoringEnable>
|
||||
<monitoringFrequency>60000</monitoringFrequency>
|
||||
<maxRetries>5</maxRetries>
|
||||
<minRetriesToMarkUnreachable>8</minRetriesToMarkUnreachable>
|
||||
<minRetriesToMarkInactive>20</minRetriesToMarkInactive>
|
||||
<!--<PolicyEvaluationPoint>Simple</PolicyEvaluationPoint>-->
|
||||
<PolicyEvaluationPoint>Simple</PolicyEvaluationPoint>
|
||||
</PolicyConfiguration>
|
||||
<!--This specifies whether to enable the DeviceStatus Task in this node.-->
|
||||
<DeviceStatusTaskConfig>
|
||||
<Enable>true</Enable>
|
||||
</DeviceStatusTaskConfig>
|
||||
<CertificateCacheConfiguration>
|
||||
<Enable>true</Enable>
|
||||
<ExpiryTime>86400</ExpiryTime>
|
||||
</CertificateCacheConfiguration>
|
||||
<DeviceCacheConfiguration>
|
||||
<Enable>true</Enable>
|
||||
<ExpiryTime>300</ExpiryTime>
|
||||
</DeviceCacheConfiguration>
|
||||
</DeviceMgtConfiguration>
|
||||
|
@ -0,0 +1,36 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
<!--
|
||||
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ you may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
<CertificateConfigurations>
|
||||
<CertificateKeystore>
|
||||
<!-- Certificate Keystore file location-->
|
||||
<CertificateKeystoreLocation>${carbon.home}/repository/conf/security/wso2certs.jks</CertificateKeystoreLocation>
|
||||
<!-- Certificate Keystore type (JKS/PKCS12 etc.)-->
|
||||
<CertificateKeystoreType>JKS</CertificateKeystoreType>
|
||||
<!-- Certificate Keystore password-->
|
||||
<CertificateKeystorePassword>wso2carbon</CertificateKeystorePassword>
|
||||
<!-- Certificate authority certificate alias -->
|
||||
<CACertAlias>cacert</CACertAlias>
|
||||
<!-- Certificate authority private key password -->
|
||||
<CAPrivateKeyPassword>cacert</CAPrivateKeyPassword>
|
||||
<!-- Registration authority certificate alias -->
|
||||
<RACertAlias>racert</RACertAlias>
|
||||
<!-- Registration authority private key password -->
|
||||
<RAPrivateKeyPassword>racert</RAPrivateKeyPassword>
|
||||
</CertificateKeystore>
|
||||
</CertificateConfigurations>
|
@ -0,0 +1,85 @@
|
||||
<!--
|
||||
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ you may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
<datasources-configuration xmlns:svns="http://org.wso2.securevault/configuration">
|
||||
|
||||
<providers>
|
||||
<provider>org.wso2.carbon.ndatasource.rdbms.RDBMSDataSourceReader</provider>
|
||||
</providers>
|
||||
|
||||
<datasources>
|
||||
|
||||
<datasource>
|
||||
<name>WSO2_CARBON_DB</name>
|
||||
<description>The datasource used for registry and user manager</description>
|
||||
<jndiConfig>
|
||||
<name>jdbc/WSO2CarbonDB</name>
|
||||
</jndiConfig>
|
||||
<definition type="RDBMS">
|
||||
<configuration>
|
||||
<url>jdbc:h2:repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=60000</url>
|
||||
<username>wso2carbon</username>
|
||||
<password>wso2carbon</password>
|
||||
<driverClassName>org.h2.Driver</driverClassName>
|
||||
<maxActive>50</maxActive>
|
||||
<maxWait>60000</maxWait>
|
||||
<testOnBorrow>true</testOnBorrow>
|
||||
<validationQuery>SELECT 1</validationQuery>
|
||||
<validationInterval>30000</validationInterval>
|
||||
<defaultAutoCommit>false</defaultAutoCommit>
|
||||
</configuration>
|
||||
</definition>
|
||||
</datasource>
|
||||
|
||||
<!-- For an explanation of the properties, see: http://people.apache.org/~fhanik/jdbc-pool/jdbc-pool.html -->
|
||||
<!--datasource>
|
||||
<name>SAMPLE_DATA_SOURCE</name>
|
||||
<jndiConfig>
|
||||
<name></name>
|
||||
<environment>
|
||||
<property name="java.naming.factory.initial"></property>
|
||||
<property name="java.naming.provider.url"></property>
|
||||
</environment>
|
||||
</jndiConfig>
|
||||
<definition type="RDBMS">
|
||||
<configuration>
|
||||
|
||||
<defaultAutoCommit></defaultAutoCommit>
|
||||
<defaultReadOnly></defaultReadOnly>
|
||||
<defaultTransactionIsolation>NONE|READ_COMMITTED|READ_UNCOMMITTED|REPEATABLE_READ|SERIALIZABLE</defaultTransactionIsolation>
|
||||
<defaultCatalog></defaultCatalog>
|
||||
<username></username>
|
||||
<password svns:secretAlias="WSO2.DB.Password"></password>
|
||||
<maxActive></maxActive>
|
||||
<maxIdle></maxIdle>
|
||||
<initialSize></initialSize>
|
||||
<maxWait></maxWait>
|
||||
|
||||
<dataSourceClassName>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</dataSourceClassName>
|
||||
<dataSourceProps>
|
||||
<property name="url">jdbc:mysql://localhost:3306/Test1</property>
|
||||
<property name="user">root</property>
|
||||
<property name="password">123</property>
|
||||
</dataSourceProps>
|
||||
|
||||
</configuration>
|
||||
</definition>
|
||||
</datasource-->
|
||||
|
||||
</datasources>
|
||||
|
||||
</datasources-configuration>
|
@ -0,0 +1,165 @@
|
||||
#
|
||||
# Copyright 2017 WSO2, Inc. (http://wso2.com)
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
#
|
||||
# This is the log4j configuration file used by WSO2 Carbon
|
||||
#
|
||||
# IMPORTANT : Please do not remove or change the names of any
|
||||
# of the Appenders defined here. The layout pattern & log file
|
||||
# can be changed using the WSO2 Carbon Management Console, and those
|
||||
# settings will override the settings in this file.
|
||||
#
|
||||
|
||||
log4j.rootLogger=INFO, CARBON_CONSOLE, CARBON_LOGFILE, CARBON_MEMORY, CARBON_SYS_LOG
|
||||
|
||||
log4j.logger.AUDIT_LOG=INFO, AUDIT_LOGFILE
|
||||
log4j.logger.org.apache.axis2.wsdl.codegen.writer.PrettyPrinter=ERROR, CARBON_LOGFILE, CARBON_MEMORY
|
||||
log4j.logger.org.apache.axis2.clustering=INFO, CARBON_CONSOLE, CARBON_LOGFILE
|
||||
log4j.logger.org.apache=INFO, CARBON_LOGFILE, CARBON_MEMORY
|
||||
log4j.logger.org.apache.catalina=WARN
|
||||
log4j.logger.org.apache.tomcat=WARN
|
||||
log4j.logger.org.wso2.carbon.apacheds=WARN
|
||||
log4j.logger.org.apache.directory.server.ldap=ERROR
|
||||
log4j.logger.org.apache.directory.server.core.event=WARN
|
||||
log4j.logger.com.atomikos=INFO,ATOMIKOS
|
||||
log4j.logger.org.quartz=WARN
|
||||
log4j.logger.org.apache.jackrabbit.webdav=WARN
|
||||
log4j.logger.org.apache.juddi=ERROR
|
||||
log4j.logger.org.apache.commons.digester.Digester=WARN
|
||||
log4j.logger.org.apache.jasper.compiler.TldLocationsCache=WARN
|
||||
log4j.logger.org.apache.qpid=WARN
|
||||
log4j.logger.org.apache.qpid.server.Main=INFO
|
||||
log4j.logger.qpid.message=WARN
|
||||
log4j.logger.qpid.message.broker.listening=INFO
|
||||
log4j.logger.org.apache.tiles=WARN
|
||||
log4j.logger.org.apache.commons.httpclient=ERROR
|
||||
log4j.logger.org.apache.coyote=WARN
|
||||
log4j.logger.org.apache.solr=ERROR
|
||||
log4j.logger.me.prettyprint.cassandra.hector.TimingLogger=ERROR
|
||||
log4j.logger.org.wso2=INFO
|
||||
log4j.logger.org.apache.axis2.enterprise=FATAL, CARBON_LOGFILE, CARBON_MEMORY
|
||||
log4j.logger.org.opensaml.xml=WARN, CARBON_LOGFILE, CARBON_MEMORY
|
||||
log4j.logger.org.apache.directory.shared.ldap=WARN, CARBON_LOGFILE, CARBON_MEMORY
|
||||
log4j.logger.org.apache.directory.server.ldap.handlers=WARN, CARBON_LOGFILE, CARBON_MEMORY
|
||||
#Following are to remove false error messages from startup (IS)
|
||||
log4j.logger.org.apache.directory.shared.ldap.entry.DefaultServerAttribute=FATAL, CARBON_LOGFILE, CARBON_MEMORY
|
||||
log4j.logger.org.apache.directory.server.core.DefaultDirectoryService=ERROR, CARBON_LOGFILE, CARBON_MEMORY
|
||||
log4j.logger.org.apache.directory.shared.ldap.ldif.LdifReader=ERROR, CARBON_LOGFILE, CARBON_MEMORY
|
||||
log4j.logger.org.apache.directory.server.ldap.LdapProtocolHandler=ERROR, CARBON_LOGFILE, CARBON_MEMORY
|
||||
log4j.logger.org.apache.directory.server.core=ERROR, CARBON_LOGFILE, CARBON_MEMORY
|
||||
log4j.logger.org.apache.directory.server.ldap.LdapSession=ERROR, CARBON_LOGFILE, CARBON_MEMORY
|
||||
#Hive Related Log configurations
|
||||
log4j.logger.DataNucleus=ERROR
|
||||
log4j.logger.Datastore=ERROR
|
||||
log4j.logger.Datastore.Schema=ERROR
|
||||
log4j.logger.JPOX.Datastore=ERROR
|
||||
log4j.logger.JPOX.Plugin=ERROR
|
||||
log4j.logger.JPOX.MetaData=ERROR
|
||||
log4j.logger.JPOX.Query=ERROR
|
||||
log4j.logger.JPOX.General=ERROR
|
||||
log4j.logger.JPOX.Enhancer=ERROR
|
||||
log4j.logger.org.apache.hadoop.hive=WARN
|
||||
log4j.logger.hive=WARN
|
||||
log4j.logger.ExecMapper=WARN
|
||||
log4j.logger.ExecReducer=WARN
|
||||
log4j.logger.net.sf.ehcache.config.ConfigurationFactory=ERROR
|
||||
|
||||
log4j.logger.trace.messages=TRACE,CARBON_TRACE_LOGFILE
|
||||
|
||||
log4j.additivity.org.apache.axis2.clustering=false
|
||||
log4j.additivity.com.atomikos=false
|
||||
log4j.additivity.org.apache=false
|
||||
|
||||
# CARBON_CONSOLE is set to be a ConsoleAppender using a PatternLayout.
|
||||
log4j.appender.CARBON_CONSOLE=org.wso2.carbon.utils.logging.appenders.CarbonConsoleAppender
|
||||
log4j.appender.CARBON_CONSOLE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
|
||||
# ConversionPattern will be overridden by the configuration setting in the DB
|
||||
log4j.appender.CARBON_CONSOLE.layout.ConversionPattern=[%d] %P%5p {%c} - %x %m%n
|
||||
log4j.appender.CARBON_CONSOLE.layout.TenantPattern=%U%@%D[%T]
|
||||
log4j.appender.CARBON_CONSOLE.threshold=DEBUG
|
||||
|
||||
# CARBON_MEMORY is set to be a MemoryAppender using a PatternLayout.
|
||||
log4j.appender.CARBON_MEMORY=org.wso2.carbon.utils.logging.appenders.MemoryAppender
|
||||
log4j.appender.CARBON_MEMORY.layout=org.apache.log4j.PatternLayout
|
||||
log4j.appender.CARBON_MEMORY.bufferSize=200
|
||||
# ConversionPattern will be overridden by the configuration setting in the DB
|
||||
#log4j.appender.CARBON_MEMORY.layout.ConversionPattern=[%d] %5p - %x %m {%c}%n
|
||||
log4j.appender.CARBON_MEMORY.layout.ConversionPattern=[%d] %5p {%c} - %x %m %n
|
||||
log4j.appender.CARBON_MEMORY.threshold=DEBUG
|
||||
|
||||
|
||||
# CARBON_LOGFILE is set to be a DailyRollingFileAppender using a PatternLayout.
|
||||
log4j.appender.CARBON_LOGFILE=org.wso2.carbon.utils.logging.appenders.CarbonDailyRollingFileAppender
|
||||
# Log file will be overridden by the configuration setting in the DB
|
||||
# This path should be relative to WSO2 Carbon Home
|
||||
log4j.appender.CARBON_LOGFILE.File=${carbon.home}/repository/logs/${instance.log}/wso2carbon${instance.log}.log
|
||||
log4j.appender.CARBON_LOGFILE.Append=true
|
||||
log4j.appender.CARBON_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
|
||||
# ConversionPattern will be overridden by the configuration setting in the DB
|
||||
log4j.appender.CARBON_LOGFILE.layout.ConversionPattern=TID: [%T] [%S] [%d] %P%5p {%c} - %x %m %n
|
||||
log4j.appender.CARBON_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
|
||||
log4j.appender.CARBON_LOGFILE.threshold=DEBUG
|
||||
|
||||
log4j.appender.CARBON_SYS_LOG = org.apache.log4j.net.SyslogAppender
|
||||
log4j.appender.CARBON_SYS_LOG.layout=org.apache.log4j.PatternLayout
|
||||
log4j.appender.CARBON_SYS_LOG.layout.ConversionPattern=[%d] %5p {%c} - %x %m %n
|
||||
log4j.appender.CARBON_SYS_LOG.SyslogHost=localhost
|
||||
log4j.appender.CARBON_SYS_LOG.Facility=USER
|
||||
log4j.appender.CARBON_SYS_LOG.threshold=DEBUG
|
||||
|
||||
# LOGEVENT is set to be a LogEventAppender using a PatternLayout to send logs to LOGEVENT
|
||||
log4j.appender.LOGEVENT=org.wso2.carbon.logging.service.appender.LogEventAppender
|
||||
log4j.appender.LOGEVENT.url=tcp://10.100.3.103:7611
|
||||
log4j.appender.LOGEVENT.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
|
||||
log4j.appender.LOGEVENT.columnList=%T,%S,%A,%d,%c,%p,%m,%H,%I,%Stacktrace
|
||||
log4j.appender.LOGEVENT.userName=admin
|
||||
log4j.appender.LOGEVENT.password=admin
|
||||
#log4j.appender.LOGEVENT.password=secretAlias:Log4j.Appender.LOGEVENT.Password
|
||||
|
||||
# Appender config to CARBON_TRACE_LOGFILE
|
||||
log4j.appender.CARBON_TRACE_LOGFILE=org.apache.log4j.DailyRollingFileAppender
|
||||
log4j.appender.CARBON_TRACE_LOGFILE.File=${carbon.home}/repository/logs/${instance.log}/wso2carbon-trace-messages${instance.log}.log
|
||||
log4j.appender.CARBON_TRACE_LOGFILE.Append=true
|
||||
log4j.appender.CARBON_TRACE_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
|
||||
log4j.appender.CARBON_TRACE_LOGFILE.layout.ConversionPattern=[%d] %P%5p {%c} - %x %m %n
|
||||
log4j.appender.CARBON_TRACE_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
|
||||
log4j.appender.CARBON_TRACE_LOGFILE.threshold=TRACE
|
||||
log4j.additivity.trace.messages=false
|
||||
|
||||
# Appender config to AUDIT_LOGFILE
|
||||
log4j.appender.AUDIT_LOGFILE=org.apache.log4j.DailyRollingFileAppender
|
||||
log4j.appender.AUDIT_LOGFILE.File=${carbon.home}/repository/logs/audit.log
|
||||
log4j.appender.AUDIT_LOGFILE.Append=true
|
||||
log4j.appender.AUDIT_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
|
||||
log4j.appender.AUDIT_LOGFILE.layout.ConversionPattern=[%d] %P%5p {%c}- %x %m %n
|
||||
log4j.appender.AUDIT_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
|
||||
log4j.appender.AUDIT_LOGFILE.threshold=INFO
|
||||
log4j.additivity.AUDIT_LOG=false
|
||||
|
||||
# Appender config to send Atomikos transaction logs to new log file tm.out.
|
||||
log4j.appender.ATOMIKOS = org.apache.log4j.RollingFileAppender
|
||||
log4j.appender.ATOMIKOS.File = repository/logs/tm.out
|
||||
log4j.appender.ATOMIKOS.Append = true
|
||||
log4j.appender.ATOMIKOS.layout = org.apache.log4j.PatternLayout
|
||||
log4j.appender.ATOMIKOS.layout.ConversionPattern=%p %t %c - %m%n
|
||||
|
||||
# This file is used to override the default logger settings, and is used to remove unwanted logs from Shindig appearing on the console.
|
||||
|
||||
# Specification of Handler used by Console Logger
|
||||
handlers=java.util.logging.ConsoleHandler
|
||||
|
||||
# Replacing default INFO level with SEVERE
|
||||
java.util.logging.ConsoleHandler.level=SEVERE
|
Binary file not shown.
@ -0,0 +1,33 @@
|
||||
<?xml version="1.0" encoding="ISO-8859-1"?>
|
||||
<!--
|
||||
~ Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
~
|
||||
~ WSO2 Inc. licenses this file to you under the Apache License,
|
||||
~ Version 2.0 (the "License"); you may not use this file except
|
||||
~ in compliance with the License.
|
||||
~ you may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<DataSourceConfig>
|
||||
<Url>jdbc:h2:mem:cdm-test-db;DB_CLOSE_ON_EXIT=FALSE;MVCC=true</Url>
|
||||
<DriverClassName>org.h2.Driver</DriverClassName>
|
||||
<User>wso2carbon</User>
|
||||
<Password>wso2carbon</Password>
|
||||
|
||||
|
||||
<!-- For MySql -->
|
||||
|
||||
<!--<Url>jdbc:mysql://localhost:3306/WSO2CDM</Url>-->
|
||||
<!--<DriverClassName>com.mysql.jdbc.Driver</DriverClassName>-->
|
||||
<!--<User>root</User>-->
|
||||
<!--<Password></Password>-->
|
||||
</DataSourceConfig>
|
@ -1,33 +0,0 @@
|
||||
#
|
||||
# Copyright 2015 WSO2, Inc. (http://wso2.com)
|
||||
#
|
||||
# WSO2 Inc. licenses this file to you under the Apache License,
|
||||
# version 2.0 (the "License"); you may not use this file except
|
||||
# in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
#
|
||||
# This is the log4j configuration file used by WSO2 Carbon
|
||||
#
|
||||
# IMPORTANT : Please do not remove or change the names of any
|
||||
# of the Appenders defined here. The layout pattern & log file
|
||||
# can be changed using the WSO2 Carbon Management Console, and those
|
||||
# settings will override the settings in this file.
|
||||
#
|
||||
|
||||
log4j.rootLogger=INFO, STD_OUT
|
||||
|
||||
# Redirect log messages to console
|
||||
log4j.appender.STD_OUT=org.apache.log4j.ConsoleAppender
|
||||
log4j.appender.STD_OUT.Target=System.out
|
||||
log4j.appender.STD_OUT.layout=org.apache.log4j.PatternLayout
|
||||
log4j.appender.STD_OUT.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n
|
@ -0,0 +1,25 @@
|
||||
--
|
||||
-- Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
--
|
||||
-- WSO2 Inc. licenses this file to you under the Apache License,
|
||||
-- Version 2.0 (the "License"); you may not use this file except
|
||||
-- in compliance with the License.
|
||||
-- You may obtain a copy of the License at
|
||||
--
|
||||
-- http://www.apache.org/licenses/LICENSE-2.0
|
||||
--
|
||||
-- Unless required by applicable law or agreed to in writing,
|
||||
-- software distributed under the License is distributed on an
|
||||
-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
-- KIND, either express or implied. See the License for the
|
||||
-- specific language governing permissions and limitations
|
||||
-- under the License.
|
||||
|
||||
CREATE TABLE IF NOT EXISTS DM_DEVICE_CERTIFICATE (
|
||||
ID INTEGER auto_increment NOT NULL,
|
||||
SERIAL_NUMBER VARCHAR(500) DEFAULT NULL,
|
||||
CERTIFICATE BLOB DEFAULT NULL,
|
||||
TENANT_ID INTEGER DEFAULT 0,
|
||||
USERNAME VARCHAR(500) DEFAULT NULL,
|
||||
PRIMARY KEY (ID)
|
||||
);
|
Loading…
Reference in new issue