merge-requests/7/head
Dileesha Rajapakse 9 years ago
commit a54fc4a254

@ -71,11 +71,12 @@
org.bouncycastle.operator.jcajce, org.bouncycastle.operator.jcajce,
org.bouncycastle.pkcs, org.bouncycastle.pkcs,
org.bouncycastle.util, org.bouncycastle.util,
org.bouncycastle.asn1.util,
org.jscep.message, org.jscep.message,
org.jscep.transaction, org.jscep.transaction,
org.w3c.dom, org.w3c.dom,
org.xml.sax org.xml.sax,
javax.xml.bind,
org.bouncycastle.pkcs.jcajce
</Import-Package> </Import-Package>
<Export-Package> <Export-Package>
!org.wso2.carbon.certificate.mgt.core.internal.*, !org.wso2.carbon.certificate.mgt.core.internal.*,

@ -44,14 +44,7 @@ import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest; import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.util.Store; import org.bouncycastle.util.Store;
import org.jscep.message.CertRep; import org.jscep.message.*;
import org.jscep.message.MessageDecodingException;
import org.jscep.message.MessageEncodingException;
import org.jscep.message.PkcsPkiEnvelopeDecoder;
import org.jscep.message.PkcsPkiEnvelopeEncoder;
import org.jscep.message.PkiMessage;
import org.jscep.message.PkiMessageDecoder;
import org.jscep.message.PkiMessageEncoder;
import org.jscep.transaction.FailInfo; import org.jscep.transaction.FailInfo;
import org.jscep.transaction.Nonce; import org.jscep.transaction.Nonce;
import org.jscep.transaction.TransactionId; import org.jscep.transaction.TransactionId;
@ -62,32 +55,11 @@ import org.wso2.carbon.certificate.mgt.core.util.CommonUtil;
import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil; import org.wso2.carbon.certificate.mgt.core.util.ConfigurationUtil;
import javax.security.auth.x500.X500Principal; import javax.security.auth.x500.X500Principal;
import java.io.ByteArrayInputStream; import javax.xml.bind.DatatypeConverter;
import java.io.DataInputStream; import java.io.*;
import java.io.File; import java.security.*;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.Certificate; import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException; import java.security.cert.*;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException; import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList; import java.util.ArrayList;
@ -598,4 +570,31 @@ public class CertificateGenerator {
return null; return null;
} }
/**
* Get Signed certificate by parsing certificate.
* @param binarySecurityToken CSR that comes from the client as a String value.It is base 64 encoded request
* security token.
* @return Return signed certificate in X508Certificate type object.
* @throws KeystoreException
*/
public X509Certificate getSignedCertificateFromCSR(String binarySecurityToken)
throws KeystoreException {
byte[] byteArrayBst = DatatypeConverter.parseBase64Binary(binarySecurityToken);
PKCS10CertificationRequest certificationRequest;
KeyStoreReader keyStoreReader = new KeyStoreReader();
PrivateKey privateKeyCA = keyStoreReader.getCAPrivateKey();
X509Certificate certCA = (X509Certificate) keyStoreReader.getCACertificate();
try {
certificationRequest = new PKCS10CertificationRequest(byteArrayBst);
} catch (IOException e) {
String msg = "CSR cannot be recovered.";
log.error(msg, e);
throw new KeystoreException(msg, e);
}
X509Certificate signedCertificate = generateCertificateFromCSR(privateKeyCA, certificationRequest,
certCA.getIssuerX500Principal().getName());
return signedCertificate;
}
} }

@ -53,4 +53,6 @@ public interface CertificateManagementService {
public X509Certificate extractCertificateFromSignature(String headerSignature) throws KeystoreException; public X509Certificate extractCertificateFromSignature(String headerSignature) throws KeystoreException;
String extractChallengeToken(X509Certificate certificate); String extractChallengeToken(X509Certificate certificate);
X509Certificate getSignedCertificateFromCSR(String binarySecurityToken) throws KeystoreException;
} }

@ -100,4 +100,9 @@ public class CertificateManagementServiceImpl implements CertificateManagementSe
public String extractChallengeToken(X509Certificate certificate) { public String extractChallengeToken(X509Certificate certificate) {
return certificateGenerator.extractChallengeToken(certificate); return certificateGenerator.extractChallengeToken(certificate);
} }
public X509Certificate getSignedCertificateFromCSR(String binarySecurityToken) throws KeystoreException {
return certificateGenerator.getSignedCertificateFromCSR(binarySecurityToken);
}
} }

@ -37,7 +37,7 @@ public class ConfigurationUtil {
public static final String KEYSTORE_RA_CERT_PRIV_PASSWORD = "RAPrivateKeyPassword"; public static final String KEYSTORE_RA_CERT_PRIV_PASSWORD = "RAPrivateKeyPassword";
public static final String CA_CERT_ALIAS = "CACertAlias"; public static final String CA_CERT_ALIAS = "CACertAlias";
public static final String RA_CERT_ALIAS = "RACertAlias"; public static final String RA_CERT_ALIAS = "RACertAlias";
public static final String SIGNATUREALGO = "SHA1withRSA"; public static final String SIGNATURE_ALGORITHM = "SHA1withRSA";
public static final String PROVIDER = "BC"; public static final String PROVIDER = "BC";
public static final String KEYSTORE = "Type"; public static final String KEYSTORE = "Type";
public static final String CERTIFICATE_KEYSTORE = "CertificateKeystoreType"; public static final String CERTIFICATE_KEYSTORE = "CertificateKeystoreType";
@ -56,6 +56,7 @@ public class ConfigurationUtil {
public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----"; public static final String RSA_PRIVATE_KEY_END_TEXT = "-----END RSA PRIVATE KEY-----";
public static final String EMPTY_TEXT = ""; public static final String EMPTY_TEXT = "";
public static final int RSA_KEY_LENGTH = 1024; public static final int RSA_KEY_LENGTH = 1024;
public static final long MILLI_SECONDS = 1000L * 60 * 60 * 24;
private static ConfigurationUtil configurationUtil; private static ConfigurationUtil configurationUtil;

@ -41,6 +41,8 @@ public interface PolicyDAO {
*/ */
Policy addPolicyToRole(List<String> roleNames, Policy policy) throws PolicyManagerDAOException; Policy addPolicyToRole(List<String> roleNames, Policy policy) throws PolicyManagerDAOException;
Policy updateRolesOfPolicy(List<String> rolesToAdd, Policy policy) throws PolicyManagerDAOException;
/** /**
* This method is used to add/update the users associated with the policy. * This method is used to add/update the users associated with the policy.
* @param usernameList - List of the users that needs to be applied * @param usernameList - List of the users that needs to be applied
@ -50,6 +52,8 @@ public interface PolicyDAO {
*/ */
Policy addPolicyToUser(List<String> usernameList, Policy policy) throws PolicyManagerDAOException; Policy addPolicyToUser(List<String> usernameList, Policy policy) throws PolicyManagerDAOException;
Policy updateUserOfPolicy(List<String> usersToAdd, Policy policy) throws PolicyManagerDAOException;
Policy addPolicyToDevice(List<Device> devices, Policy policy) throws PolicyManagerDAOException; Policy addPolicyToDevice(List<Device> devices, Policy policy) throws PolicyManagerDAOException;
boolean updatePolicyPriorities(List<Policy> policies) throws PolicyManagerDAOException; boolean updatePolicyPriorities(List<Policy> policies) throws PolicyManagerDAOException;
@ -114,6 +118,8 @@ public interface PolicyDAO {
boolean deleteAllPolicyRelatedConfigs(int policyId) throws PolicyManagerDAOException; boolean deleteAllPolicyRelatedConfigs(int policyId) throws PolicyManagerDAOException;
boolean deleteCriteriaAndDeviceRelatedConfigs(int policyId) throws PolicyManagerDAOException;
List<String> getPolicyAppliedRoles(int policyId) throws PolicyManagerDAOException; List<String> getPolicyAppliedRoles(int policyId) throws PolicyManagerDAOException;
List<String> getPolicyAppliedUsers(int policyId) throws PolicyManagerDAOException; List<String> getPolicyAppliedUsers(int policyId) throws PolicyManagerDAOException;

@ -71,8 +71,52 @@ public class PolicyDAOImpl implements PolicyDAO {
public Policy addPolicyToRole(List<String> rolesToAdd, Policy policy) throws PolicyManagerDAOException { public Policy addPolicyToRole(List<String> rolesToAdd, Policy policy) throws PolicyManagerDAOException {
Connection conn; Connection conn;
PreparedStatement insertStmt = null; PreparedStatement insertStmt = null;
// PreparedStatement deleteStmt = null;
// final List<String> currentRoles = this.getPolicy(policy.getId()).getRoles();
//
// SetReferenceTransformer<String> transformer = new SetReferenceTransformer<String>();
//
// transformer.transform(currentRoles, rolesToAdd);
// rolesToAdd = transformer.getObjectsToAdd();
// List<String> rolesToDelete = transformer.getObjectsToRemove();
try {
conn = this.getConnection();
if (rolesToAdd.size() > 0) {
String query = "INSERT INTO DM_ROLE_POLICY (ROLE_NAME, POLICY_ID) VALUES (?, ?)";
insertStmt = conn.prepareStatement(query);
for (String role : rolesToAdd) {
insertStmt.setString(1, role);
insertStmt.setInt(2, policy.getId());
insertStmt.addBatch();
}
insertStmt.executeBatch();
}
// if (rolesToDelete.size() > 0){
// String deleteQuery = "DELETE FROM DM_ROLE_POLICY WHERE ROLE_NAME=? AND POLICY_ID=?";
// deleteStmt = conn.prepareStatement(deleteQuery);
// for (String role : rolesToDelete) {
// deleteStmt.setString(1, role);
// deleteStmt.setInt(2, policy.getId());
// deleteStmt.addBatch();
// }
// deleteStmt.executeBatch();
// }
} catch (SQLException e) {
throw new PolicyManagerDAOException("Error occurred while adding the role name with policy to database", e);
} finally {
PolicyManagementDAOUtil.cleanupResources(insertStmt, null);
}
return policy;
}
@Override
public Policy updateRolesOfPolicy(List<String> rolesToAdd, Policy previousPolicy) throws PolicyManagerDAOException {
Connection conn;
PreparedStatement insertStmt = null;
PreparedStatement deleteStmt = null; PreparedStatement deleteStmt = null;
final List<String> currentRoles = policy.getRoles();
final List<String> currentRoles = previousPolicy.getRoles();
SetReferenceTransformer<String> transformer = new SetReferenceTransformer<String>(); SetReferenceTransformer<String> transformer = new SetReferenceTransformer<String>();
@ -81,22 +125,22 @@ public class PolicyDAOImpl implements PolicyDAO {
List<String> rolesToDelete = transformer.getObjectsToRemove(); List<String> rolesToDelete = transformer.getObjectsToRemove();
try { try {
conn = this.getConnection(); conn = this.getConnection();
if (rolesToAdd.size() > 0){ if (rolesToAdd.size() > 0) {
String query = "INSERT INTO DM_ROLE_POLICY (ROLE_NAME, POLICY_ID) VALUES (?, ?)"; String query = "INSERT INTO DM_ROLE_POLICY (ROLE_NAME, POLICY_ID) VALUES (?, ?)";
insertStmt = conn.prepareStatement(query); insertStmt = conn.prepareStatement(query);
for (String role : rolesToAdd) { for (String role : rolesToAdd) {
insertStmt.setString(1, role); insertStmt.setString(1, role);
insertStmt.setInt(2, policy.getId()); insertStmt.setInt(2, previousPolicy.getId());
insertStmt.addBatch(); insertStmt.addBatch();
} }
insertStmt.executeBatch(); insertStmt.executeBatch();
} }
if (rolesToAdd.size() > 0){ if (rolesToDelete.size() > 0) {
String deleteQuery = "DELETE FROM DM_ROLE_POLICY WHERE ROLE_NAME=? AND POLICY_ID=?"; String deleteQuery = "DELETE FROM DM_ROLE_POLICY WHERE ROLE_NAME=? AND POLICY_ID=?";
deleteStmt = conn.prepareStatement(deleteQuery); deleteStmt = conn.prepareStatement(deleteQuery);
for (String role : rolesToDelete) { for (String role : rolesToDelete) {
deleteStmt.setString(1, role); deleteStmt.setString(1, role);
deleteStmt.setInt(2, policy.getId()); deleteStmt.setInt(2, previousPolicy.getId());
deleteStmt.addBatch(); deleteStmt.addBatch();
} }
deleteStmt.executeBatch(); deleteStmt.executeBatch();
@ -105,14 +149,60 @@ public class PolicyDAOImpl implements PolicyDAO {
throw new PolicyManagerDAOException("Error occurred while adding the role name with policy to database", e); throw new PolicyManagerDAOException("Error occurred while adding the role name with policy to database", e);
} finally { } finally {
PolicyManagementDAOUtil.cleanupResources(insertStmt, null); PolicyManagementDAOUtil.cleanupResources(insertStmt, null);
PolicyManagementDAOUtil.cleanupResources(deleteStmt, null);
} }
return policy; return previousPolicy;
} }
@Override @Override
public Policy addPolicyToUser(List<String> usersToAdd, Policy policy) throws PolicyManagerDAOException { public Policy addPolicyToUser(List<String> usersToAdd, Policy policy) throws PolicyManagerDAOException {
Connection conn; Connection conn;
PreparedStatement insertStmt = null; PreparedStatement insertStmt = null;
// PreparedStatement deleteStmt = null;
// final List<String> currentUsers = this.getPolicy(policy.getId()).getUsers();
//
// SetReferenceTransformer<String> transformer = new SetReferenceTransformer<String>();
//
// transformer.transform(currentUsers, usersToAdd);
// usersToAdd = transformer.getObjectsToAdd();
// List<String> usersToDelete = transformer.getObjectsToRemove();
try {
conn = this.getConnection();
if (usersToAdd.size() > 0) {
String query = "INSERT INTO DM_USER_POLICY (POLICY_ID, USERNAME) VALUES (?, ?)";
insertStmt = conn.prepareStatement(query);
for (String username : usersToAdd) {
insertStmt.setInt(1, policy.getId());
insertStmt.setString(2, username);
insertStmt.addBatch();
}
insertStmt.executeBatch();
}
// if (usersToDelete.size() > 0){
// String deleteQuery = "DELETE FROM DM_USER_POLICY WHERE USERNAME=? AND POLICY_ID=?";
// deleteStmt = conn.prepareStatement(deleteQuery);
// for (String username : usersToDelete) {
// deleteStmt.setString(1, username);
// deleteStmt.setInt(2, policy.getId());
// deleteStmt.addBatch();
// }
// deleteStmt.executeBatch();
// }
} catch (SQLException e) {
throw new PolicyManagerDAOException("Error occurred while adding the user name with policy to database", e);
} finally {
PolicyManagementDAOUtil.cleanupResources(insertStmt, null);
// PolicyManagementDAOUtil.cleanupResources(deleteStmt, null);
}
return policy;
}
@Override
public Policy updateUserOfPolicy(List<String> usersToAdd, Policy policy) throws PolicyManagerDAOException {
Connection conn;
PreparedStatement insertStmt = null;
PreparedStatement deleteStmt = null; PreparedStatement deleteStmt = null;
final List<String> currentUsers = policy.getUsers(); final List<String> currentUsers = policy.getUsers();
@ -123,7 +213,7 @@ public class PolicyDAOImpl implements PolicyDAO {
List<String> usersToDelete = transformer.getObjectsToRemove(); List<String> usersToDelete = transformer.getObjectsToRemove();
try { try {
conn = this.getConnection(); conn = this.getConnection();
if (usersToAdd.size() > 0){ if (usersToAdd.size() > 0) {
String query = "INSERT INTO DM_USER_POLICY (POLICY_ID, USERNAME) VALUES (?, ?)"; String query = "INSERT INTO DM_USER_POLICY (POLICY_ID, USERNAME) VALUES (?, ?)";
insertStmt = conn.prepareStatement(query); insertStmt = conn.prepareStatement(query);
for (String username : usersToAdd) { for (String username : usersToAdd) {
@ -133,7 +223,7 @@ public class PolicyDAOImpl implements PolicyDAO {
} }
insertStmt.executeBatch(); insertStmt.executeBatch();
} }
if (usersToDelete.size() > 0){ if (usersToDelete.size() > 0) {
String deleteQuery = "DELETE FROM DM_USER_POLICY WHERE USERNAME=? AND POLICY_ID=?"; String deleteQuery = "DELETE FROM DM_USER_POLICY WHERE USERNAME=? AND POLICY_ID=?";
deleteStmt = conn.prepareStatement(deleteQuery); deleteStmt = conn.prepareStatement(deleteQuery);
for (String username : usersToDelete) { for (String username : usersToDelete) {
@ -153,6 +243,7 @@ public class PolicyDAOImpl implements PolicyDAO {
return policy; return policy;
} }
@Override @Override
public Policy addPolicyToDevice(List<Device> devices, Policy policy) throws PolicyManagerDAOException { public Policy addPolicyToDevice(List<Device> devices, Policy policy) throws PolicyManagerDAOException {
Connection conn; Connection conn;
@ -1202,6 +1293,46 @@ public class PolicyDAOImpl implements PolicyDAO {
} }
} }
@Override
public boolean deleteCriteriaAndDeviceRelatedConfigs(int policyId) throws PolicyManagerDAOException {
Connection conn;
PreparedStatement stmt = null;
try {
conn = this.getConnection();
// String userPolicy = "DELETE FROM DM_USER_POLICY WHERE POLICY_ID = ?";
// stmt = conn.prepareStatement(userPolicy);
// stmt.setInt(1, policyId);
// stmt.executeUpdate();
//
// String rolePolicy = "DELETE FROM DM_ROLE_POLICY WHERE POLICY_ID = ?";
// stmt = conn.prepareStatement(rolePolicy);
// stmt.setInt(1, policyId);
// stmt.executeUpdate();
String devicePolicy = "DELETE FROM DM_DEVICE_POLICY WHERE POLICY_ID = ?";
stmt = conn.prepareStatement(devicePolicy);
stmt.setInt(1, policyId);
stmt.executeUpdate();
String deleteCriteria = "DELETE FROM DM_POLICY_CRITERIA WHERE POLICY_ID = ?";
stmt = conn.prepareStatement(deleteCriteria);
stmt.setInt(1, policyId);
stmt.executeUpdate();
if (log.isDebugEnabled()) {
log.debug("Policy (" + policyId + ") related configs deleted from database.");
}
return true;
} catch (SQLException e) {
throw new PolicyManagerDAOException("Unable to delete the policy (" + policyId +
") related configs from database", e);
} finally {
PolicyManagementDAOUtil.cleanupResources(stmt, null);
}
}
private Connection getConnection() throws PolicyManagerDAOException { private Connection getConnection() throws PolicyManagerDAOException {
return PolicyManagementDAOFactory.getConnection(); return PolicyManagementDAOFactory.getConnection();
} }
@ -1345,7 +1476,8 @@ public class PolicyDAOImpl implements PolicyDAO {
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId(); int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
try { try {
conn = this.getConnection(); conn = this.getConnection();
String query = "SELECT * FROM DM_DEVICE_POLICY_APPLIED WHERE DEVICE_ID = ? AND TENANT_ID = ? AND ENROLMENT_ID = ?"; String query = "SELECT * FROM DM_DEVICE_POLICY_APPLIED WHERE DEVICE_ID = ? AND TENANT_ID = ? AND " +
"ENROLMENT_ID = ?";
stmt = conn.prepareStatement(query); stmt = conn.prepareStatement(query);
stmt.setInt(1, deviceId); stmt.setInt(1, deviceId);
stmt.setInt(2, tenantId); stmt.setInt(2, tenantId);

@ -180,15 +180,15 @@ public class PolicyManagerImpl implements PolicyManager {
if (!newFeaturesList.isEmpty()) { if (!newFeaturesList.isEmpty()) {
featureDAO.addProfileFeatures(newFeaturesList, profileId); featureDAO.addProfileFeatures(newFeaturesList, profileId);
} }
policyDAO.deleteAllPolicyRelatedConfigs(policy.getId()); policyDAO.deleteCriteriaAndDeviceRelatedConfigs(policy.getId());
if (policy.getUsers() != null) { if (policy.getUsers() != null) {
policyDAO.addPolicyToUser(policy.getUsers(), previousPolicy); policyDAO.updateUserOfPolicy(policy.getUsers(), previousPolicy);
} }
if (policy.getRoles() != null) { if (policy.getRoles() != null) {
policyDAO.addPolicyToRole(policy.getRoles(), previousPolicy); policyDAO.updateRolesOfPolicy(policy.getRoles(), previousPolicy);
} }
if (policy.getDevices() != null) { if (policy.getDevices() != null) {
@ -539,7 +539,7 @@ public class PolicyManagerImpl implements PolicyManager {
policy.setDevices(deviceList); policy.setDevices(deviceList);
try { try {
// PolicyManagementDAOFactory.openConnection(); // PolicyManagementDAOFactory.openConnection();
Profile profile = profileManager.getProfile(policy.getProfileId()); Profile profile = profileManager.getProfile(policy.getProfileId());
policy.setProfile(profile); policy.setProfile(profile);
} catch (ProfileManagementException e) { } catch (ProfileManagementException e) {

@ -90,6 +90,7 @@
org.wso2.carbon.utils, org.wso2.carbon.utils,
org.wso2.carbon.utils.multitenancy, org.wso2.carbon.utils.multitenancy,
org.xml.sax, org.xml.sax,
javax.servlet,
javax.servlet.http, javax.servlet.http,
javax.xml, javax.xml,
org.apache.axis2.transport.http, org.apache.axis2.transport.http,

@ -26,6 +26,7 @@ import org.wso2.carbon.webapp.authenticator.framework.authenticator.WebappAuthen
public class AuthenticationInfo { public class AuthenticationInfo {
private WebappAuthenticator.Status status = WebappAuthenticator.Status.FAILURE; private WebappAuthenticator.Status status = WebappAuthenticator.Status.FAILURE;
private String message;
private String username; private String username;
private String tenantDomain; private String tenantDomain;
private int tenantId = -1; private int tenantId = -1;
@ -43,6 +44,14 @@ public class AuthenticationInfo {
return username; return username;
} }
public String getMessage() {
return message;
}
public void setMessage(String message) {
this.message = message;
}
public void setUsername(String username) { public void setUsername(String username) {
this.username = username; this.username = username;
} }

@ -74,12 +74,12 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
privilegedCarbonContext.setTenantId(authenticationInfo.getTenantId()); privilegedCarbonContext.setTenantId(authenticationInfo.getTenantId());
privilegedCarbonContext.setTenantDomain(authenticationInfo.getTenantDomain()); privilegedCarbonContext.setTenantDomain(authenticationInfo.getTenantDomain());
privilegedCarbonContext.setUsername(authenticationInfo.getUsername()); privilegedCarbonContext.setUsername(authenticationInfo.getUsername());
this.processRequest(request, response, compositeValve, authenticationInfo.getStatus()); this.processRequest(request, response, compositeValve, authenticationInfo);
} finally { } finally {
PrivilegedCarbonContext.endTenantFlow(); PrivilegedCarbonContext.endTenantFlow();
} }
} else { } else {
this.processRequest(request, response, compositeValve, authenticationInfo.getStatus()); this.processRequest(request, response, compositeValve, authenticationInfo);
} }
} }
@ -113,14 +113,18 @@ public class WebappAuthenticationValve extends CarbonTomcatValve {
} }
private void processRequest(Request request, Response response, CompositeValve compositeValve, private void processRequest(Request request, Response response, CompositeValve compositeValve,
WebappAuthenticator.Status status) { AuthenticationInfo authenticationInfo) {
switch (status) { switch (authenticationInfo.getStatus()) {
case SUCCESS: case SUCCESS:
case CONTINUE: case CONTINUE:
this.getNext().invoke(request, response, compositeValve); this.getNext().invoke(request, response, compositeValve);
break; break;
case FAILURE: case FAILURE:
String msg = "Failed to authorize incoming request"; String msg = "Failed to authorize incoming request";
if(authenticationInfo.getMessage() != null && !authenticationInfo.getMessage().isEmpty()) {
msg = authenticationInfo.getMessage();
response.setHeader("WWW-Authenticate", msg);
}
log.error(msg); log.error(msg);
AuthenticationFrameworkUtil AuthenticationFrameworkUtil
.handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED, .handleResponse(request, response, HttpServletResponse.SC_UNAUTHORIZED,

@ -51,7 +51,8 @@ public class CertificateAuthenticator implements WebappAuthenticator {
if (certHeader != null && if (certHeader != null &&
AuthenticatorFrameworkDataHolder.getInstance().getCertificateManagementService(). AuthenticatorFrameworkDataHolder.getInstance().getCertificateManagementService().
verifySignature(certHeader)) { verifySignature(certHeader)) {
AuthenticatorFrameworkDataHolder.getInstance().getCertificateManagementService().
extractCertificateFromSignature(certHeader);
X509Certificate certificate = X509Certificate certificate =
AuthenticatorFrameworkDataHolder.getInstance().getCertificateManagementService(). AuthenticatorFrameworkDataHolder.getInstance().getCertificateManagementService().
extractCertificateFromSignature(certHeader); extractCertificateFromSignature(certHeader);

@ -117,6 +117,8 @@ public class OAuthAuthenticator implements WebappAuthenticator {
if (oAuth2TokenValidationResponseDTO.isValid()) { if (oAuth2TokenValidationResponseDTO.isValid()) {
authenticationInfo.setStatus(Status.CONTINUE); authenticationInfo.setStatus(Status.CONTINUE);
} }
} else {
authenticationInfo.setMessage(oAuth2TokenValidationResponseDTO.getErrorMsg());
} }
} }
} catch (AuthenticationException e) { } catch (AuthenticationException e) {

Loading…
Cancel
Save