OFBiz › OFBiz - Commits

svn commit: r532598 - in /ofbiz/trunk/applications: party/config/ party/webapp/partymgr/WEB-INF/ party/webapp/partymgr/security/ party/widget/partymgr/ securityext/servicedef/ securityext/src/org/ofbiz/securityext/cert/

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

1 message

jaz-3

svn commit: r532598 - in /ofbiz/trunk/applications: party/config/ party/webapp/partymgr/WEB-INF/ party/webapp/partymgr/security/ party/widget/partymgr/ securityext/servicedef/ securityext/src/org/ofbiz/securityext/cert/

Author: jaz
Date: Wed Apr 25 20:48:21 2007
New Revision: 532598

URL: http://svn.apache.org/viewvc?view=rev&rev=532598
Log:
added first pass of X509 issuer import screen; will import into trust store; and create the issuer record

Added:
ofbiz/trunk/applications/party/webapp/partymgr/security/ViewCertificate.ftl (with props)
ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/cert/
ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/cert/CertificateServices.java (with props)
Modified:
ofbiz/trunk/applications/party/config/PartyUiLabels.properties
ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/controller.xml
ofbiz/trunk/applications/party/widget/partymgr/CommonScreens.xml
ofbiz/trunk/applications/party/widget/partymgr/SecurityForms.xml
ofbiz/trunk/applications/party/widget/partymgr/SecurityScreens.xml
ofbiz/trunk/applications/securityext/servicedef/services.xml

Modified: ofbiz/trunk/applications/party/config/PartyUiLabels.properties
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/config/PartyUiLabels.properties?view=diff&rev=532598&r1=532597&r2=532598
==============================================================================
--- ofbiz/trunk/applications/party/config/PartyUiLabels.properties (original)
+++ ofbiz/trunk/applications/party/config/PartyUiLabels.properties Wed Apr 25 20:48:21 2007
@@ -84,6 +84,7 @@
PageTitleEditEftAccount=Edit EFT Account
PageTitleEditGiftCard=Edit Gift Card
PageTitleEditGroupInformation=Edit Group Information
+PageTitleEditIssuerProvisions=Edit Issuer Provisions
PageTitleEditPartyAttribute=Edit Party Attribute
PageTitleEditPartyClassificationGroup=Edit Party Classification Group
PageTitleEditPartyClassificationGroupParties=Edit Classification Group Parties
@@ -100,6 +101,7 @@
PageTitleFindParty=Find Party(s)
PageTitleFindPartyClassificationGroups=Find Party Classification Groups
PageTitleFindSecurityGroup=Find Security Group
+PageTitleImportCertificate=Import Certificate
PageTitleListCommCustRequests=List Comm Customer Requests
PageTitleListCommunications=List Communications
PageTitleListCommWorkEfforts=List Comm WorkEfforts

Modified: ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/controller.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/controller.xml?view=diff&rev=532598&r1=532597&r2=532598
==============================================================================
--- ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/controller.xml (original)
+++ ofbiz/trunk/applications/party/webapp/partymgr/WEB-INF/controller.xml Wed Apr 25 20:48:21 2007
@@ -500,6 +500,21 @@
<response name="error" type="view" value="EditSecurityGroupUserLogins"/>
</request-map>

+ <request-map uri="EditCertIssuerProvisions">
+ <security https="true" auth="true"/>
+ <response name="success" type="view" value="CertIssuerProvisions"/>
+ </request-map>
+ <request-map uri="ViewCertificate">
+ <security https="true" auth="true"/>
+ <response name="success" type="view" value="ViewCertificate"/>
+ </request-map>
+ <request-map uri="importIssuerProvision">
+ <security https="true" auth="true"/>
+ <event type="service" invoke="importIssuerProvision"/>
+ <response name="success" type="view" value="CertIssuerProvisions"/>
+ <response name="error" type="view" value="ViewCertificate"/>
+ </request-map>
+
<request-map uri="AddPartyNote"><security https="true" auth="true"/><response name="success" type="view" value="AddPartyNote"/></request-map>
<request-map uri="createPartyNote">
<security https="true" auth="true"/>
@@ -951,6 +966,9 @@
<view-map name="EditSecurityGroup" type="screen" page="component://party/widget/partymgr/SecurityScreens.xml#EditSecurityGroup"/>
<view-map name="EditSecurityGroupPermissions" type="screen" page="component://party/widget/partymgr/SecurityScreens.xml#EditSecurityGroupPermissions"/>
<view-map name="EditSecurityGroupUserLogins" type="screen" page="component://party/widget/partymgr/SecurityScreens.xml#EditSecurityGroupUserLogins"/>
+
+ <view-map name="CertIssuerProvisions" type="screen" page="component://party/widget/partymgr/SecurityScreens.xml#EditX509IssuerProvisions"/>
+ <view-map name="ViewCertificate" type="screen" page="component://party/widget/partymgr/SecurityScreens.xml#ViewCertificate"/>

<view-map name="showvisits" type="screen" page="component://party/widget/partymgr/VisitScreens.xml#showvisits"/>
<view-map name="visitdetail" type="screen" page="component://party/widget/partymgr/VisitScreens.xml#visitdetail"/>

Added: ofbiz/trunk/applications/party/webapp/partymgr/security/ViewCertificate.ftl
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/webapp/partymgr/security/ViewCertificate.ftl?view=auto&rev=532598
==============================================================================
--- ofbiz/trunk/applications/party/webapp/partymgr/security/ViewCertificate.ftl (added)
+++ ofbiz/trunk/applications/party/webapp/partymgr/security/ViewCertificate.ftl Wed Apr 25 20:48:21 2007
@@ -0,0 +1,64 @@
+<#--
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+-->
+
+<#assign components = Static["org.ofbiz.base.component.ComponentConfig"].getAllComponents()?if_exists/>
+<#if (requestParameters.certString?has_content)>
+ <#assign cert = Static["org.ofbiz.base.util.KeyStoreUtil"].pemToCert(requestParameters.certString)/>
+</#if>
+<br/>
+
+<#if (cert?has_content)>
+ <div><b>Cert: ${cert.getType()} : ${cert.getSubjectX500Principal()}</b></div>
+ <div><b>Name: ${cert.getSubjectX500Principal().getName()}</b></div>
+ <div><b>Serial Number: ${cert.getSerialNumber().toString(16)}</b></div>
+<#else>
+ <h3>Invalid certificate</h3>
+</#if>
+
+<br/>
+<h1>Save to KeyStore</h1>
+<table cellspacing="0" class="basic-table form-widget-table dark-grid">
+ <tr class="header-row">
+ <td>Component</td>
+ <td>Keystore</td>
+ <td>Import Issuer</td>
+ <td>Key Alias</td>
+ <td> </td>
+ </tr>
+ <#list components as component>
+ <#assign keystores = component.getKeystoreInfos()?if_exists/>
+ <#list keystores as store>
+ <#if (store.isTrustStore())>
+ <tr>
+ <form method="post" action="<@ofbizUrl>/importIssuerProvision</@ofbizUrl>">
+ <input type="hidden" name="componentName" value="${component.getComponentName()}"/>
+ <input type="hidden" name="keystoreName" value="${store.getName()}"/>
+ <input type="hidden" name="certString" value="${requestParameters.certString}"/>
+
+ <td>${component.getComponentName()}</td>
+ <td>${store.getName()}</td>
+ <td align="center"><input type="checkbox" name="importIssuer" value="Y"/>
+ <td><input type="text" class="inputBox" name="alias" size="20"/>
+ <td align="right"><input type="submit" value="Save"/>
+ </form>
+ </tr>
+ </#if>
+ </#list>
+ </#list>
+</table>
\ No newline at end of file

Propchange: ofbiz/trunk/applications/party/webapp/partymgr/security/ViewCertificate.ftl
------------------------------------------------------------------------------
svn:eol-style = native

Propchange: ofbiz/trunk/applications/party/webapp/partymgr/security/ViewCertificate.ftl
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/trunk/applications/party/webapp/partymgr/security/ViewCertificate.ftl
------------------------------------------------------------------------------
svn:mime-type = text/plain

Modified: ofbiz/trunk/applications/party/widget/partymgr/CommonScreens.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/widget/partymgr/CommonScreens.xml?view=diff&rev=532598&r1=532597&r2=532598
==============================================================================
--- ofbiz/trunk/applications/party/widget/partymgr/CommonScreens.xml (original)
+++ ofbiz/trunk/applications/party/widget/partymgr/CommonScreens.xml Wed Apr 25 20:48:21 2007
@@ -165,6 +165,7 @@
</container>
<container style="button-bar">
<link target="EditSecurityGroup" style="smallSubmit" text="${uiLabelMap.PartyNewSecurityGroup}"/>
+ <link target="EditCertIssuerProvisions" style="smallSubmit" text="Cert Issuers"/>
</container>

<decorator-section-include name="body"/>

Modified: ofbiz/trunk/applications/party/widget/partymgr/SecurityForms.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/widget/partymgr/SecurityForms.xml?view=diff&rev=532598&r1=532597&r2=532598
==============================================================================
--- ofbiz/trunk/applications/party/widget/partymgr/SecurityForms.xml (original)
+++ ofbiz/trunk/applications/party/widget/partymgr/SecurityForms.xml Wed Apr 25 20:48:21 2007
@@ -147,4 +147,19 @@
<field name="submitButton" title="${uiLabelMap.CommonAdd}"><submit button-type="button"/></field>
</form>

+ <form name="CertIssuerList" type="list" list-name="issuerProvisions">
+ <actions>
+ <entity-condition entity-name="X509IssuerProvision">
+ <order-by field-name="commonName"/>
+ </entity-condition>
+ </actions>
+ <auto-fields-entity entity-name="X509IssuerProvision" default-field-type="display"/>
+ </form>
+
+ <form name="ViewCertificate" type="single" target="ViewCertificate">
+ <field name="certString">
+ <textarea rows="10"/>
+ </field>
+ <field name="View Cert"><submit/></field>
+ </form>
</forms>

Modified: ofbiz/trunk/applications/party/widget/partymgr/SecurityScreens.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/party/widget/partymgr/SecurityScreens.xml?view=diff&rev=532598&r1=532597&r2=532598
==============================================================================
--- ofbiz/trunk/applications/party/widget/partymgr/SecurityScreens.xml (original)
+++ ofbiz/trunk/applications/party/widget/partymgr/SecurityScreens.xml Wed Apr 25 20:48:21 2007
@@ -44,6 +44,7 @@
</container>
<container style="button-bar">
<link target="EditSecurityGroup" style="smallSubmit" text="${uiLabelMap.PartyNewSecurityGroup}"/>
+ <link target="EditCertIssuerProvisions" style="smallSubmit" text="Cert Issuers"/>
</container>
<include-form name="ListSecurityGroups" location="component://party/widget/partymgr/SecurityForms.xml"/>
</widgets>
@@ -114,6 +115,83 @@
<include-form name="ListSecurityGroupUserLogins" location="component://party/widget/partymgr/SecurityForms.xml"/>
<container><label style="head2" text="${uiLabelMap.PartyAddUserLoginToSecurityGroup}"/></container>
<include-form name="AddSecurityGroupUserLogin" location="component://party/widget/partymgr/SecurityForms.xml"/>
+ </decorator-section>
+ </decorator-screen>
+ </widgets>
+ </section>
+ </screen>
+
+ <screen name="EditX509IssuerProvisions">
+ <section>
+ <actions>
+ <set field="titleProperty" value="PageTitleEditIssuerProvisions"/>
+ <set field="headerItem" value="security"/>
+ <set field="tabButtonItem" value="EditX509IssuerProvisions"/>
+
+ <set field="viewIndex" from-field="parameters.VIEW_INDEX" type="Integer" default-value="0"/>
+ <set field="viewSize" from-field="parameters.VIEW_SIZE" type="Integer" default-value="20"/>
+ </actions>
+ <widgets>
+ <decorator-screen name="main-decorator" location="${parameters.mainDecoratorLocation}">
+ <decorator-section name="body">
+ <section>
+ <condition>
+ <if-has-permission permission="SECURITY" action="_VIEW"/>
+ </condition>
+ <widgets>
+ <container>
+ <label style="head1" text="${uiLabelMap.PageTitleEditIssuerProvisions}"/>
+ </container>
+ <container style="button-bar">
+ <link target="EditSecurityGroup" style="smallSubmit" text="${uiLabelMap.PartyNewSecurityGroup}"/>
+ <link target="EditCertIssuerProvisions" style="smallSubmit" text="Cert Issuers"/>
+ </container>
+ <container style="widget-container">
+ <include-form name="CertIssuerList" location="component://party/widget/partymgr/SecurityForms.xml"/>
+ </container>
+ <container style="widget-container">
+ <include-form name="ViewCertificate" location="component://party/widget/partymgr/SecurityForms.xml"/>
+ </container>
+ </widgets>
+ <fail-widgets>
+ <label style="head3">${uiLabelMap.PartySecurityViewPermissionError}</label>
+ </fail-widgets>
+ </section>
+ </decorator-section>
+ </decorator-screen>
+ </widgets>
+ </section>
+ </screen>
+
+ <screen name="ViewCertificate">
+ <section>
+ <actions>
+ <set field="titleProperty" value="PageTitleImportCertificate"/>
+ <set field="headerItem" value="security"/>
+ </actions>
+ <widgets>
+ <decorator-screen name="main-decorator" location="${parameters.mainDecoratorLocation}">
+ <decorator-section name="body">
+ <section>
+ <condition>
+ <if-has-permission permission="SECURITY" action="_VIEW"/>
+ </condition>
+ <widgets>
+ <container>
+ <label style="head1" text="${uiLabelMap.PageTitleImportCertificate}"/>
+ </container>
+ <container style="widget-container">
+ <platform-specific>
+ <html>
+ <html-template location="component://party/webapp/partymgr/security/ViewCertificate.ftl"/>
+ </html>
+ </platform-specific>
+ </container>
+ </widgets>
+ <fail-widgets>
+ <label style="head3">${uiLabelMap.PartySecurityViewPermissionError}</label>
+ </fail-widgets>
+ </section>
</decorator-section>
</decorator-screen>
</widgets>

Modified: ofbiz/trunk/applications/securityext/servicedef/services.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/securityext/servicedef/services.xml?view=diff&rev=532598&r1=532597&r2=532598
==============================================================================
--- ofbiz/trunk/applications/securityext/servicedef/services.xml (original)
+++ ofbiz/trunk/applications/securityext/servicedef/services.xml Wed Apr 25 20:48:21 2007
@@ -80,4 +80,23 @@
<attribute name="groupId" type="String" mode="IN" optional="false"/>
<attribute name="fromDate" type="Timestamp" mode="IN" optional="false"/>
</service>
+
+ 
+ <service name="importIssuerProvision" engine="java" auth="true"
+ location="org.ofbiz.securityext.cert.CertificateServices" invoke="importIssuerCertificate">
+ <description>Import an x.509 certificate into a defined keystore and create the provision data</description>
+ <permission-service service-name="securityPermissionCheck" main-action="CREATE"/>
+ <attribute name="componentName" type="String" mode="IN" optional="false"/>
+ <attribute name="keystoreName" type="String" mode="IN" optional="false"/>
+ <attribute name="certString" type="String" mode="IN" optional="false"/>
+ <attribute name="importIssuer" type="String" mode="IN" optional="true"/>
+ <attribute name="alias" type="String" mode="IN" optional="false"/>
+ </service>
+
+ 
+ <service name="securityPermissionCheck" engine="simple"
+ location="org/ofbiz/common/permission/CommonPermissionServices.xml" invoke="genericBasePermissionCheck">
+ <implements service="permissionInterface"/>
+ <attribute name="primaryPermission" type="String" mode="IN" optional="true" default-value="SECURITY"/>
+ </service>
</services>

Added: ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/cert/CertificateServices.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/cert/CertificateServices.java?view=auto&rev=532598
==============================================================================
--- ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/cert/CertificateServices.java (added)
+++ ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/cert/CertificateServices.java Wed Apr 25 20:48:21 2007
@@ -0,0 +1,105 @@
+/*
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+ */
+
+package org.ofbiz.securityext.cert;
+
+import org.ofbiz.base.util.KeyStoreUtil;
+import org.ofbiz.base.util.Debug;
+import org.ofbiz.entity.GenericDelegator;
+import org.ofbiz.entity.GenericEntityException;
+import org.ofbiz.entity.GenericValue;
+import org.ofbiz.service.DispatchContext;
+import org.ofbiz.service.ServiceUtil;
+
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+import java.util.Map;
+
+/**
+ * CertificateServices
+ */
+public class CertificateServices {
+
+ public static final String module = CertificateServices.class.getName();
+
+ public static Map importIssuerCertificate(DispatchContext dctx, Map context) {
+ GenericDelegator delegator = dctx.getDelegator();
+ String certString = (String) context.get("certString");
+ String componentName = (String) context.get("componentName");
+ String keystoreName = (String) context.get("keystoreName");
+ String alias = (String) context.get("alias");
+ String importIssuer = (String) context.get("importIssuer");
+
+ // load the keystore
+ KeyStore ks;
+ try {
+ ks = KeyStoreUtil.getComponentKeyStore(componentName, keystoreName);
+ } catch (Exception e) {
+ return ServiceUtil.returnError(e.getMessage());
+ }
+
+ // read the certificate
+ X509Certificate cert;
+ try {
+ cert = (X509Certificate) KeyStoreUtil.pemToCert(certString);
+ } catch (CertificateException e) {
+ return ServiceUtil.returnError(e.getMessage());
+ } catch (IOException e) {
+ return ServiceUtil.returnError(e.getMessage());
+ }
+
+ // store the cert
+ try {
+ ks.setCertificateEntry(alias, cert);
+ } catch (Exception e) {
+ return ServiceUtil.returnError(e.getMessage());
+ }
+
+ // save the keystore
+ try {
+ KeyStoreUtil.storeComponentKeyStore(componentName, keystoreName, ks);
+ } catch (Exception e) {
+ return ServiceUtil.returnError(e.getMessage());
+ }
+
+ // set the issuer provision
+ Map x500Map = KeyStoreUtil.getCertX500Map(cert);
+ if (importIssuer != null && "Y".equalsIgnoreCase(importIssuer)) {
+ GenericValue provision = delegator.makeValue("X509IssuerProvision", null);
+ provision.set("certProvisionId", delegator.getNextSeqId("X509IssuerProvision"));
+ provision.set("commonName", x500Map.get("CN"));
+ provision.set("organizationalUnit", x500Map.get("OU"));
+ provision.set("organizationName", x500Map.get("O"));
+ provision.set("cityLocality", x500Map.get("L"));
+ provision.set("stateProvince", x500Map.get("ST"));
+ provision.set("country", x500Map.get("C"));
+ provision.set("serialNumber", cert.getSerialNumber().toString(16));
+
+ try {
+ delegator.create(provision);
+ } catch (GenericEntityException e) {
+ return ServiceUtil.returnError(e.getMessage());
+ }
+ }
+
+ return ServiceUtil.returnSuccess();
+ }
+}

Propchange: ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/cert/CertificateServices.java
------------------------------------------------------------------------------
svn:eol-style = native

Propchange: ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/cert/CertificateServices.java
------------------------------------------------------------------------------
svn:keywords = "Date Rev Author URL Id"

Propchange: ofbiz/trunk/applications/securityext/src/org/ofbiz/securityext/cert/CertificateServices.java
------------------------------------------------------------------------------
svn:mime-type = text/plain