svn commit: r527755 - in /ofbiz/trunk/framework: shark/webapp/shark/WEB-INF/con
Locked
svn commit: r527755 - in /ofbiz/trunk/framework: shark/webapp/shark/WEB-INF/con
 
|
Author: jaz
Date: Wed Apr 11 20:12:56 2007 New Revision: 527755 URL: http://svn.apache.org/viewvc?view=rev&rev=527755 Log: fixed bug in x509 code where the ofbiz default trust store failed to load (bad protocol) Modified: ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml Modified: ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml?view=diff&rev=527755&r1=527754&r2=527755 ============================================================================== --- ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml (original) +++ ofbiz/trunk/framework/shark/webapp/shark/WEB-INF/controller.xml Wed Apr 11 20:12:56 2007 @@ -38,7 +38,7 @@ <preprocessor> <!-- Events to run on every request before security (chains exempt) --> - <!-- <event type="java" path="org.ofbiz.webapp.event.TestEvent" invoke="test"/> --> + <event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="check509CertLogin"/> <event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="checkExternalLoginKey"/> </preprocessor> <postprocessor> Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java?view=diff&rev=527755&r1=527754&r2=527755 ============================================================================== --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java (original) +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java Wed Apr 11 20:12:56 2007 @@ -141,6 +141,9 @@ if (clientCerts == null) { clientCerts = (X509Certificate[]) request.getAttribute("javax.net.ssl.peer_certificates"); // 2.1 spec } + if (clientCerts == null) { + Debug.logWarning("Received no client certificates from browser", module); + } // check if the client has a valid certificate (in our db store) String keyStorePass = requestManager.get509CertKeyStorePass(requestUri); @@ -150,9 +153,6 @@ if (clientCerts == null) { throw new RequestHandlerException("Unknown request [" + requestUri + "]; this request does not exist or cannot be called directly."); } else { - // key the trust store info - - // load the trust store KeyStore keyStore; try { @@ -181,12 +181,10 @@ throw new RequestHandlerException("Unable to read certificate from keystore", e); } - for (int i = 0; i < clientCerts.length; i++) { - if (!foundValidCert && trustedCert.equals(clientCerts[i])) { - byte[] publicKey = clientCerts[i].getPublicKey().getEncoded(); - session.setAttribute(LoginWorker.X509_CERT_ATTR, StringUtil.toHexString(publicKey)); - //Debug.log("Cert Hex: " + session.getAttribute(LoginWorker.X509_CERT_ATTR)); + for (int ci = 0; ci < clientCerts.length; ci++) { + if (!foundValidCert && trustedCert.equals(clientCerts[ci])) { foundValidCert = true; + break; } } } Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java?view=diff&rev=527755&r1=527754&r2=527755 ============================================================================== --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java (original) +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestManager.java Wed Apr 11 20:12:56 2007 @@ -316,7 +316,7 @@ } public URL get509CertKeyStore(String uriStr) { - String defaultTrustStore = KeyStoreUtil.getTrustStoreFileName(); + String defaultTrustStore = "file://" + KeyStoreUtil.getTrustStoreFileName(); Map uri = getRequestMapMap(uriStr); if (uri != null) { @@ -353,7 +353,7 @@ if (uri != null) { String value = (String) uri.get(ConfigXMLReader.SECURITY_KEYSTORE); - if (value.indexOf(";") > -1) { + if (value != null && value.indexOf(";") > -1) { return value.substring(value.indexOf(";") + 1); } } Modified: ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml?view=diff&rev=527755&r1=527754&r2=527755 ============================================================================== --- ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml (original) +++ ofbiz/trunk/framework/webtools/webapp/webtools/WEB-INF/controller.xml Wed Apr 11 20:12:56 2007 @@ -41,6 +41,7 @@ <preprocessor> <!-- Events to run on every request before security (chains exempt) --> <!-- <event type="java" path="org.ofbiz.webapp.event.TestEvent" invoke="test"/> --> + <event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="check509CertLogin"/> <event type="java" path="org.ofbiz.webapp.control.LoginWorker" invoke="checkExternalLoginKey"/> </preprocessor> <postprocessor> |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |