From 38963cb807212126ec1436c25f885a9a86bf24b3 Mon Sep 17 00:00:00 2001 From: sinthuja Date: Thu, 15 Jun 2017 13:42:18 +0530 Subject: [PATCH] Fixing #1003. --- .../src/analytics/bin/ciphertool.bat | 89 ++++++++++++ .../src/analytics/bin/ciphertool.sh | 127 ++++++++++++++++++ .../conf/cipher-standalone-config.properties | 7 + .../conf/security/cipher-tool.properties | 14 +- modules/distribution/src/assembly/bin.xml | 46 +++++-- .../src/broker/bin/ciphertool.bat | 89 ++++++++++++ .../distribution/src/broker/bin/ciphertool.sh | 127 ++++++++++++++++++ .../conf/cipher-standalone-config.properties | 7 + .../conf/cipher-standalone-config.properties | 7 + .../core/conf/security/cipher-tool.properties | 12 ++ 10 files changed, 508 insertions(+), 17 deletions(-) create mode 100644 modules/distribution/src/analytics/bin/ciphertool.bat create mode 100755 modules/distribution/src/analytics/bin/ciphertool.sh create mode 100644 modules/distribution/src/analytics/conf/cipher-standalone-config.properties create mode 100644 modules/distribution/src/broker/bin/ciphertool.bat create mode 100755 modules/distribution/src/broker/bin/ciphertool.sh create mode 100644 modules/distribution/src/broker/conf/cipher-standalone-config.properties create mode 100644 modules/distribution/src/core/conf/cipher-standalone-config.properties create mode 100644 modules/distribution/src/core/conf/security/cipher-tool.properties diff --git a/modules/distribution/src/analytics/bin/ciphertool.bat b/modules/distribution/src/analytics/bin/ciphertool.bat new file mode 100644 index 00000000..bbf4ae79 --- /dev/null +++ b/modules/distribution/src/analytics/bin/ciphertool.bat @@ -0,0 +1,89 @@ +@echo off +REM Copyright 2005-2009 WSO2, Inc. (http://wso2.com) +REM Licensed to the Apache Software Foundation (ASF) under one +REM or more contributor license agreements. See the NOTICE file +REM distributed with this work for additional information +REM regarding copyright ownership. The ASF licenses this file +REM to you under the Apache License, Version 2.0 (the +REM "License"); you may not use this file except in compliance +REM with the License. You may obtain a copy of the License at +REM +REM http://www.apache.org/licenses/LICENSE-2.0 +REM +REM Unless required by applicable law or agreed to in writing, +REM software distributed under the License is distributed on an +REM # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +REM KIND, either express or implied. See the License for the +REM specific language governing permissions and limitations +REM under the License. + +rem --------------------------------------------------------------------------- +rem Startup script for the ciphertool +rem +rem Environment Variable Prerequisites +rem +rem CARBON_HOME Must point at your CARBON directory +rem +rem JAVA_HOME Must point at your Java Development Kit installation. +rem +rem JAVA_OPTS (Optional) Java runtime options +rem --------------------------------------------------------------------------- + +rem Make sure prerequisite environment variables are set +if not "%JAVA_HOME%" == "" goto gotJavaHome +echo The JAVA_HOME environment variable is not defined +echo This environment variable is needed to run this program +goto end + +:gotJavaHome +if not exist "%JAVA_HOME%\bin\java.exe" goto noJavaHome +goto okJavaHome + +:noJavaHome +echo The JAVA_HOME environment variable is not defined correctly +echo This environment variable is needed to run this program +echo NB: JAVA_HOME should point to a JDK/JRE +goto end + +:okJavaHome +rem check the CARBON_HOME environment variable + +set CURRENT_DIR=%cd% +if not "%CARBON_HOME%" == "" goto gotHome +set CARBON_HOME=%CURRENT_DIR% +if exist "%CARBON_HOME%\bin\ciphertool.bat" goto okHome + +rem guess the home. Jump one directory up to check if that is the home +cd .. +set CARBON_HOME=%cd% +cd %CARBON_HOME% + +:gotHome +if exist "%CARBON_HOME%\bin\ciphertool.bat" goto okHome + +rem set CARBON_HOME=%~sdp0.. +set CARBON_HOME=%~sdp0.. +if exist "%CARBON_HOME%\bin\ciphertool.bat" goto okHome + +echo The CARBON_HOME environment variable is not defined correctly +echo This environment variable is needed to run this program +goto end + +:okHome +rem set the classes +setlocal EnableDelayedExpansion +rem loop through the libs and add them to the class path +cd "%CARBON_HOME%" +call ant -buildfile "%CARBON_HOME%\bin\build.xml" -q +set CARBON_CLASSPATH=.\conf +FOR %%c in ("%CARBON_HOME%\..\lib\*.jar") DO set CARBON_CLASSPATH=!CARBON_CLASSPATH!;".\..\lib\%%~nc%%~xc" +FOR %%C in ("%CARBON_HOME%\repository\lib\*.jar") DO set CARBON_CLASSPATH=!CARBON_CLASSPATH!;".\repository\lib\%%~nC%%~xC" + +rem ----- Execute The Requested Command --------------------------------------- +echo Using CARBON_HOME: %CARBON_HOME% +echo Using JAVA_HOME: %JAVA_HOME% +set _RUNJAVA="%JAVA_HOME%\bin\java" + +%_RUNJAVA% %JAVA_OPTS% -Dcarbon.home="%CARBON_HOME%" -cp "%CARBON_CLASSPATH%" org.wso2.ciphertool.CipherTool %* +endlocal +:end \ No newline at end of file diff --git a/modules/distribution/src/analytics/bin/ciphertool.sh b/modules/distribution/src/analytics/bin/ciphertool.sh new file mode 100755 index 00000000..b80a9641 --- /dev/null +++ b/modules/distribution/src/analytics/bin/ciphertool.sh @@ -0,0 +1,127 @@ +#!/bin/sh +# ---------------------------------------------------------------------------- +# Copyright 2005-2009 WSO2, Inc. (http://wso2.com) +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# ----------------------------------------------------------------------------- +# ciphertool script for generating stub, skeleton and other required classes +# +# Environment Variable Prequisites +# +# CARBON_HOME Home of CARBON installation. If not set I will try +# to figure it out. +# +# JAVA_HOME Must point at your Java Development Kit installation. +# +# NOTE: Borrowed generously from Apache Tomcat startup scripts. + +# if JAVA_HOME is not set we're not happy +if [ -z "$JAVA_HOME" ]; then + echo "You must set the JAVA_HOME variable before running CARBON." + exit 1 +fi + +# OS specific support. $var _must_ be set to either true or false. +cygwin=false; +darwin=false; +os400=false; +mingw=false; +case "`uname`" in +CYGWIN*) cygwin=true;; +MINGW*) mingw=true;; +OS400*) os400=true;; +Darwin*) darwin=true + if [ -z "$JAVA_VERSION" ] ; then + JAVA_VERSION="CurrentJDK" + else + echo "Using Java version: $JAVA_VERSION" + fi + if [ -z "$JAVA_HOME" ] ; then + JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home + fi + ;; +esac + +# resolve links - $0 may be a softlink +PRG="$0" + +while [ -h "$PRG" ]; do + ls=`ls -ld "$PRG"` + link=`expr "$ls" : '.*-> \(.*\)$'` + if expr "$link" : '.*/.*' > /dev/null; then + PRG="$link" + else + PRG=`dirname "$PRG"`/"$link" + fi +done + +# Get standard environment variables +PRGDIR=`dirname "$PRG"` + +# Only set CARBON_HOME if not already set +[ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$PRGDIR/.." ; pwd` + +# For Cygwin, ensure paths are in UNIX format before anything is touched +if $cygwin; then + [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` + [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` + [ -n "$CLASSPATH" ] && CLASSPATH=`cygpath --path --unix "$CLASSPATH"` +fi + +# For OS400 +if $os400; then + # Set job priority to standard for interactive (interactive - 6) by using + # the interactive priority - 6, the helper threads that respond to requests + # will be running at the same priority as interactive jobs. + COMMAND='chgjob job('$JOBNAME') runpty(6)' + system $COMMAND + + # Enable multi threading + QIBM_MULTI_THREADED=Y + export QIBM_MULTI_THREADED +fi + +# For Migwn, ensure paths are in UNIX format before anything is touched +if $mingw ; then + [ -n "$CARBON_HOME" ] && + CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" + [ -n "$JAVA_HOME" ] && + JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" + [ -n "$AXIS2_HOME" ] && + CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" + # TODO classpath? +fi + +# update classpath +CARBON_CLASSPATH="" +for f in "$CARBON_HOME"/../lib/org.wso2.ciphertool*.jar +do + CARBON_CLASSPATH=$CARBON_CLASSPATH:$f +done +for h in "$CARBON_HOME"/../components/plugins/*.jar +do + CARBON_CLASSPATH=$CARBON_CLASSPATH:$h +done +CARBON_CLASSPATH=$CARBON_CLASSPATH:$CLASSPATH + +# For Cygwin, switch paths to Windows format before running java +if $cygwin; then + JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` + CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` + CLASSPATH=`cygpath --path --windows "$CLASSPATH"` + JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` +fi + +# ----- Execute The Requested Command ----------------------------------------- + +$JAVA_HOME/bin/java -Dcarbon.home="$CARBON_HOME" -classpath "$CARBON_CLASSPATH" org.wso2.ciphertool.CipherTool $* diff --git a/modules/distribution/src/analytics/conf/cipher-standalone-config.properties b/modules/distribution/src/analytics/conf/cipher-standalone-config.properties new file mode 100644 index 00000000..274d8dcf --- /dev/null +++ b/modules/distribution/src/analytics/conf/cipher-standalone-config.properties @@ -0,0 +1,7 @@ +# this file contains the optional Ciphertool configuration parameters for it to work in non-Carbon environments +primary.key.location=repository/resources/security/wso2carbon.jks +primary.key.type=JKS +primary.key.alias=wso2carbon +cipher.text.properties.file=conf/security/cipher-text.properties +cipher.tool.properties.file=conf/security/cipher-tool.properties +secret.conf.properties.file=conf/security/secret-conf.properties diff --git a/modules/distribution/src/analytics/conf/security/cipher-tool.properties b/modules/distribution/src/analytics/conf/security/cipher-tool.properties index dfb51832..e826b9fc 100644 --- a/modules/distribution/src/analytics/conf/security/cipher-tool.properties +++ b/modules/distribution/src/analytics/conf/security/cipher-tool.properties @@ -4,13 +4,13 @@ # - is the xpath to the property value to be secured # - This is true if the last parameter in the xpath is parameter (starts with [ and ends with ]) and you want its value to be replaced with "password" -Carbon.Security.KeyStore.Password=repository/conf/carbon.xml//Server/Security/KeyStore/Password,false -Carbon.Security.KeyStore.KeyPassword=repository/conf/carbon.xml//Server/Security/KeyStore/KeyPassword,false -Carbon.Security.TrustStore.Password=repository/conf/carbon.xml//Server/Security/TrustStore/Password,false -UserManager.AdminUser.Password=repository/conf/user-mgt.xml//UserManager/Realm/Configuration/AdminUser/Password,false -Datasources.WSO2_CARBON_DB.Configuration.Password=repository/conf/datasources/master-datasources.xml//datasources-configuration/datasources/datasource[name='WSO2_CARBON_DB']/definition[@type='RDBMS']/configuration/password,false -Server.Service.Connector.keystorePass=repository/conf/tomcat/catalina-server.xml//Server/Service/Connector[@keystorePass],true -Analytics.Data.Config.Password=repository/conf/analytics/analytics-data-config.xml//AnalyticsDataConfiguration/Password,false +Carbon.Security.KeyStore.Password=conf/carbon.xml//Server/Security/KeyStore/Password,false +Carbon.Security.KeyStore.KeyPassword=conf/carbon.xml//Server/Security/KeyStore/KeyPassword,false +Carbon.Security.TrustStore.Password=conf/carbon.xml//Server/Security/TrustStore/Password,false +UserManager.AdminUser.Password=conf/user-mgt.xml//UserManager/Realm/Configuration/AdminUser/Password,false +Datasources.WSO2_CARBON_DB.Configuration.Password=conf/datasources/master-datasources.xml//datasources-configuration/datasources/datasource[name='WSO2_CARBON_DB']/definition[@type='RDBMS']/configuration/password,false +Server.Service.Connector.keystorePass=conf/tomcat/catalina-server.xml//Server/Service/Connector[@keystorePass],true +Analytics.Data.Config.Password=conf/analytics/analytics-data-config.xml//AnalyticsDataConfiguration/Password,false #Analytics.Data.Config.TrustStorePassword=repository/conf/analytics/analytics-data-config.xml//AnalyticsDataConfiguration/TrustStorePassword,false #Carbon.DeploymentSynchronizer.SvnPassword=repository/conf/carbon.xml//Sever/DeploymentSynchronizer/SvnPassword,false #UserStoreManager.Property.ConnectionPassword=repository/conf/user-mgt.xml//UserManager/Realm/UserStoreManager/Property[@name='ConnectionPassword'],false diff --git a/modules/distribution/src/assembly/bin.xml b/modules/distribution/src/assembly/bin.xml index 2f293cd5..41361479 100755 --- a/modules/distribution/src/assembly/bin.xml +++ b/modules/distribution/src/assembly/bin.xml @@ -147,6 +147,7 @@ **/tomcat/context.xml **/security/Owasp.CsrfGuard.Carbon.properties **/security/Owasp.CsrfGuard.dashboard.properties + **/security/cipher-tool.properties **/security/application-authenticators.xml **/identity/application-authentication.xml **/identity/identity-providers/iot_default.xml @@ -752,11 +753,13 @@ **/wso2server* **/load-spark-env-vars* + **/cipher* **/java2wsdl* **/tcpmon* **/wsdl2java* **/build.xml + 755 @@ -897,22 +900,23 @@ src/analytics/bin ${pom.artifactId}-${pom.version}/wso2/analytics/bin/ - - **/*.sh - **/*.bat - + + **/*.sh + **/*.bat + true - 755 + src/analytics/bin ${pom.artifactId}-${pom.version}/wso2/analytics/bin/ - - **/*.sh - **/*.bat - + + **/*.sh + **/*.bat + true + 755 @@ -1020,18 +1024,20 @@ ${pom.artifactId}-${pom.version}/wso2/broker/bin + **/cipher* **/wso2server* **/java2wsdl* **/tcpmon* **/wsdl2java* + 755 ../p2-profile/broker-profile/target/wso2carbon-core-${carbon.kernel.version}/wso2/deployment/server/webapps - ${pom.artifactId}-${pom.version}/wso2/borker/repository/deployment/server/webapps + ${pom.artifactId}-${pom.version}/wso2/broker/repository/deployment/server/webapps @@ -1237,6 +1243,10 @@ src/core/conf/security/Owasp.CsrfGuard.dashboard.properties ${pom.artifactId}-${pom.version}/conf/security + + src/core/conf/security/cipher-tool.properties + ${pom.artifactId}-${pom.version}/conf/security + src/core/README ${pom.artifactId}-${pom.version} @@ -1310,6 +1320,11 @@ ${pom.artifactId}-${pom.version}/conf 644 + + src/core/conf/cipher-standalone-config.properties + ${pom.artifactId}-${pom.version}/conf + 644 + @@ -1676,6 +1691,12 @@ 644 + + src/analytics/conf/cipher-standalone-config.properties + ${pom.artifactId}-${pom.version}/wso2/analytics/conf/ + 644 + + src/analytics/conf/tomcat/webapp-classloading-environments.xml ${pom.artifactId}-${pom.version}/wso2/analytics/conf/tomcat @@ -1747,6 +1768,11 @@ true 644 + + src/broker/conf/cipher-standalone-config.properties + ${pom.artifactId}-${pom.version}/wso2/broker/conf/ + true + src/broker/conf/carbon.xml ${pom.artifactId}-${pom.version}/wso2/broker/conf/ diff --git a/modules/distribution/src/broker/bin/ciphertool.bat b/modules/distribution/src/broker/bin/ciphertool.bat new file mode 100644 index 00000000..bbf4ae79 --- /dev/null +++ b/modules/distribution/src/broker/bin/ciphertool.bat @@ -0,0 +1,89 @@ +@echo off +REM Copyright 2005-2009 WSO2, Inc. (http://wso2.com) +REM Licensed to the Apache Software Foundation (ASF) under one +REM or more contributor license agreements. See the NOTICE file +REM distributed with this work for additional information +REM regarding copyright ownership. The ASF licenses this file +REM to you under the Apache License, Version 2.0 (the +REM "License"); you may not use this file except in compliance +REM with the License. You may obtain a copy of the License at +REM +REM http://www.apache.org/licenses/LICENSE-2.0 +REM +REM Unless required by applicable law or agreed to in writing, +REM software distributed under the License is distributed on an +REM # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +REM KIND, either express or implied. See the License for the +REM specific language governing permissions and limitations +REM under the License. + +rem --------------------------------------------------------------------------- +rem Startup script for the ciphertool +rem +rem Environment Variable Prerequisites +rem +rem CARBON_HOME Must point at your CARBON directory +rem +rem JAVA_HOME Must point at your Java Development Kit installation. +rem +rem JAVA_OPTS (Optional) Java runtime options +rem --------------------------------------------------------------------------- + +rem Make sure prerequisite environment variables are set +if not "%JAVA_HOME%" == "" goto gotJavaHome +echo The JAVA_HOME environment variable is not defined +echo This environment variable is needed to run this program +goto end + +:gotJavaHome +if not exist "%JAVA_HOME%\bin\java.exe" goto noJavaHome +goto okJavaHome + +:noJavaHome +echo The JAVA_HOME environment variable is not defined correctly +echo This environment variable is needed to run this program +echo NB: JAVA_HOME should point to a JDK/JRE +goto end + +:okJavaHome +rem check the CARBON_HOME environment variable + +set CURRENT_DIR=%cd% +if not "%CARBON_HOME%" == "" goto gotHome +set CARBON_HOME=%CURRENT_DIR% +if exist "%CARBON_HOME%\bin\ciphertool.bat" goto okHome + +rem guess the home. Jump one directory up to check if that is the home +cd .. +set CARBON_HOME=%cd% +cd %CARBON_HOME% + +:gotHome +if exist "%CARBON_HOME%\bin\ciphertool.bat" goto okHome + +rem set CARBON_HOME=%~sdp0.. +set CARBON_HOME=%~sdp0.. +if exist "%CARBON_HOME%\bin\ciphertool.bat" goto okHome + +echo The CARBON_HOME environment variable is not defined correctly +echo This environment variable is needed to run this program +goto end + +:okHome +rem set the classes +setlocal EnableDelayedExpansion +rem loop through the libs and add them to the class path +cd "%CARBON_HOME%" +call ant -buildfile "%CARBON_HOME%\bin\build.xml" -q +set CARBON_CLASSPATH=.\conf +FOR %%c in ("%CARBON_HOME%\..\lib\*.jar") DO set CARBON_CLASSPATH=!CARBON_CLASSPATH!;".\..\lib\%%~nc%%~xc" +FOR %%C in ("%CARBON_HOME%\repository\lib\*.jar") DO set CARBON_CLASSPATH=!CARBON_CLASSPATH!;".\repository\lib\%%~nC%%~xC" + +rem ----- Execute The Requested Command --------------------------------------- +echo Using CARBON_HOME: %CARBON_HOME% +echo Using JAVA_HOME: %JAVA_HOME% +set _RUNJAVA="%JAVA_HOME%\bin\java" + +%_RUNJAVA% %JAVA_OPTS% -Dcarbon.home="%CARBON_HOME%" -cp "%CARBON_CLASSPATH%" org.wso2.ciphertool.CipherTool %* +endlocal +:end \ No newline at end of file diff --git a/modules/distribution/src/broker/bin/ciphertool.sh b/modules/distribution/src/broker/bin/ciphertool.sh new file mode 100755 index 00000000..b80a9641 --- /dev/null +++ b/modules/distribution/src/broker/bin/ciphertool.sh @@ -0,0 +1,127 @@ +#!/bin/sh +# ---------------------------------------------------------------------------- +# Copyright 2005-2009 WSO2, Inc. (http://wso2.com) +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# ----------------------------------------------------------------------------- +# ciphertool script for generating stub, skeleton and other required classes +# +# Environment Variable Prequisites +# +# CARBON_HOME Home of CARBON installation. If not set I will try +# to figure it out. +# +# JAVA_HOME Must point at your Java Development Kit installation. +# +# NOTE: Borrowed generously from Apache Tomcat startup scripts. + +# if JAVA_HOME is not set we're not happy +if [ -z "$JAVA_HOME" ]; then + echo "You must set the JAVA_HOME variable before running CARBON." + exit 1 +fi + +# OS specific support. $var _must_ be set to either true or false. +cygwin=false; +darwin=false; +os400=false; +mingw=false; +case "`uname`" in +CYGWIN*) cygwin=true;; +MINGW*) mingw=true;; +OS400*) os400=true;; +Darwin*) darwin=true + if [ -z "$JAVA_VERSION" ] ; then + JAVA_VERSION="CurrentJDK" + else + echo "Using Java version: $JAVA_VERSION" + fi + if [ -z "$JAVA_HOME" ] ; then + JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home + fi + ;; +esac + +# resolve links - $0 may be a softlink +PRG="$0" + +while [ -h "$PRG" ]; do + ls=`ls -ld "$PRG"` + link=`expr "$ls" : '.*-> \(.*\)$'` + if expr "$link" : '.*/.*' > /dev/null; then + PRG="$link" + else + PRG=`dirname "$PRG"`/"$link" + fi +done + +# Get standard environment variables +PRGDIR=`dirname "$PRG"` + +# Only set CARBON_HOME if not already set +[ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$PRGDIR/.." ; pwd` + +# For Cygwin, ensure paths are in UNIX format before anything is touched +if $cygwin; then + [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` + [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` + [ -n "$CLASSPATH" ] && CLASSPATH=`cygpath --path --unix "$CLASSPATH"` +fi + +# For OS400 +if $os400; then + # Set job priority to standard for interactive (interactive - 6) by using + # the interactive priority - 6, the helper threads that respond to requests + # will be running at the same priority as interactive jobs. + COMMAND='chgjob job('$JOBNAME') runpty(6)' + system $COMMAND + + # Enable multi threading + QIBM_MULTI_THREADED=Y + export QIBM_MULTI_THREADED +fi + +# For Migwn, ensure paths are in UNIX format before anything is touched +if $mingw ; then + [ -n "$CARBON_HOME" ] && + CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" + [ -n "$JAVA_HOME" ] && + JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" + [ -n "$AXIS2_HOME" ] && + CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" + # TODO classpath? +fi + +# update classpath +CARBON_CLASSPATH="" +for f in "$CARBON_HOME"/../lib/org.wso2.ciphertool*.jar +do + CARBON_CLASSPATH=$CARBON_CLASSPATH:$f +done +for h in "$CARBON_HOME"/../components/plugins/*.jar +do + CARBON_CLASSPATH=$CARBON_CLASSPATH:$h +done +CARBON_CLASSPATH=$CARBON_CLASSPATH:$CLASSPATH + +# For Cygwin, switch paths to Windows format before running java +if $cygwin; then + JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` + CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` + CLASSPATH=`cygpath --path --windows "$CLASSPATH"` + JAVA_ENDORSED_DIRS=`cygpath --path --windows "$JAVA_ENDORSED_DIRS"` +fi + +# ----- Execute The Requested Command ----------------------------------------- + +$JAVA_HOME/bin/java -Dcarbon.home="$CARBON_HOME" -classpath "$CARBON_CLASSPATH" org.wso2.ciphertool.CipherTool $* diff --git a/modules/distribution/src/broker/conf/cipher-standalone-config.properties b/modules/distribution/src/broker/conf/cipher-standalone-config.properties new file mode 100644 index 00000000..274d8dcf --- /dev/null +++ b/modules/distribution/src/broker/conf/cipher-standalone-config.properties @@ -0,0 +1,7 @@ +# this file contains the optional Ciphertool configuration parameters for it to work in non-Carbon environments +primary.key.location=repository/resources/security/wso2carbon.jks +primary.key.type=JKS +primary.key.alias=wso2carbon +cipher.text.properties.file=conf/security/cipher-text.properties +cipher.tool.properties.file=conf/security/cipher-tool.properties +secret.conf.properties.file=conf/security/secret-conf.properties diff --git a/modules/distribution/src/core/conf/cipher-standalone-config.properties b/modules/distribution/src/core/conf/cipher-standalone-config.properties new file mode 100644 index 00000000..274d8dcf --- /dev/null +++ b/modules/distribution/src/core/conf/cipher-standalone-config.properties @@ -0,0 +1,7 @@ +# this file contains the optional Ciphertool configuration parameters for it to work in non-Carbon environments +primary.key.location=repository/resources/security/wso2carbon.jks +primary.key.type=JKS +primary.key.alias=wso2carbon +cipher.text.properties.file=conf/security/cipher-text.properties +cipher.tool.properties.file=conf/security/cipher-tool.properties +secret.conf.properties.file=conf/security/secret-conf.properties diff --git a/modules/distribution/src/core/conf/security/cipher-tool.properties b/modules/distribution/src/core/conf/security/cipher-tool.properties new file mode 100644 index 00000000..9ca78f68 --- /dev/null +++ b/modules/distribution/src/core/conf/security/cipher-tool.properties @@ -0,0 +1,12 @@ +# Important: This properties file contains all the aliases to be used in carbon components. If any property need to be secured, you need to add alias name, file name and the xpath as follows:. +# The value goes as, the //, +# where - is the file (along with the file path) to be secured, +# - is the xpath to the property value to be secured +# - This is true if the last parameter in the xpath is parameter (starts with [ and ends with ]) and you want its value to be replaced with "password" + +Carbon.Security.KeyStore.Password=conf/carbon.xml//Server/Security/KeyStore/Password,false +Carbon.Security.KeyStore.KeyPassword=conf/carbon.xml//Server/Security/KeyStore/KeyPassword,false +Carbon.Security.TrustStore.Password=conf/carbon.xml//Server/Security/TrustStore/Password,false +UserManager.AdminUser.Password=conf/user-mgt.xml//UserManager/Realm/Configuration/AdminUser/Password,false +Datasources.WSO2_CARBON_DB.Configuration.Password=conf/datasources/master-datasources.xml//datasources-configuration/datasources/datasource[name='WSO2_CARBON_DB']/definition[@type='RDBMS']/configuration/password,false +Server.Service.Connector.keystorePass=conf/tomcat/catalina-server.xml//Server/Service/Connector[@keystorePass],true