protected void init() throws Exception {
   prikey = globusCred.getPrivateKey();
   pubkey = globusCred.getCertificateChain()[0].getPublicKey();
   if (pubkey == null) {
     throw new Exception("public key null");
   }
 }
  /**
   * Remove all associations between InvocationHelpers and the given GlobusCredential
   *
   * @param proxyEPR EPR of GlobusCredential that we want to be associated with no service anymore
   */
  public void removeCredential(EndpointReferenceType proxyEPR) {

    GlobusCredential credential = this.eprCredential.get(proxyEPR);

    // First, remove Credential from the [credential, EPR] association
    this.eprCredential.remove(credential);

    // Verify if the received credential is associated with any service
    boolean credentialIsKnown = this.servicesCredentials.containsValue(credential);

    // If any service is associated with the received credential, remove each of these associations
    if (credentialIsKnown) {
      Set<Entry<String, GlobusCredential>> entries = this.servicesCredentials.entrySet();
      Iterator<Entry<String, GlobusCredential>> entries_iter = entries.iterator();

      // Iterate over the associations, removing those in which the received credential is present
      while (entries_iter.hasNext()) {

        Entry<String, GlobusCredential> curr_pair = entries_iter.next();
        GlobusCredential curr_value = curr_pair.getValue();

        if (curr_value.equals(credential)) {

          String curr_key = curr_pair.getKey();
          this.servicesCredentials.remove(curr_key);
        }
      }
    }
  }
Example #3
0
 public static void main(String args[]) throws Exception {
   String username = "******";
   String password = "******";
   GridAuthenticationHelper loginHelper =
       new GridAuthenticationHelper("@CAGRID_LOGIN_MODULE_NAME@");
   GlobusCredential proxy = loginHelper.login(username, password);
   System.out.println(proxy);
   System.out.println("Identity:" + proxy.getIdentity());
 }
Example #4
0
  /* (non-Javadoc)
   * @see org.apache.servicemix.components.util.TransformComponentSupport#transform(javax.jbi.messaging.MessageExchange, javax.jbi.messaging.NormalizedMessage, javax.jbi.messaging.NormalizedMessage)
   */
  @Override
  protected boolean transform(
      MessageExchange exchange, NormalizedMessage inMsg, NormalizedMessage outMsg)
      throws Exception {
    boolean success = false;

    try {
      Subject subject = inMsg.getSecuritySubject();

      // Get principal
      Principal principal = null;
      Set<GridIdentifierPrincipal> principals =
          subject.getPrincipals(GridIdentifierPrincipal.class);
      if (principals == null || principals.size() == 0) {
        throw new RuntimeException("No GridIdentifierPrincipal found!");
      } else if (principals.size() > 1) {
        throw new RuntimeException(principals.size() + " GridIdentifierPrincipals found!");
      }
      principal = principals.iterator().next();
      System.out.println("## Principal is: " + principal.getName());

      // Get cert chain
      X509Certificate[] chain = null;
      Set<X509Certificate[]> chains = subject.getPublicCredentials(X509Certificate[].class);
      if (chains == null || chains.size() == 0) {
        throw new RuntimeException("No X509Certificate[] found!");
      } else if (chains.size() > 1) {
        throw new RuntimeException(chains.size() + " X509Certificate[]s found!");
      }
      chain = chains.iterator().next();

      // Get private key
      PrivateKey privateKey = null;
      Set<PrivateKey> privateKeys = subject.getPrivateCredentials(PrivateKey.class);
      if (privateKeys == null || privateKeys.size() == 0) {
        throw new RuntimeException("No PrivateKey found!");
      } else if (privateKeys.size() > 1) {
        throw new RuntimeException(chains.size() + " PrivateKeys found!");
      }
      privateKey = privateKeys.iterator().next();

      GlobusCredential cred = new GlobusCredential(privateKey, chain);

      System.out.println("## Identity is: " + cred.getIdentity());

      String inMsgXml = new SourceTransformer().contentToString(inMsg);
      outMsg.setContent(new StreamSource(new ByteArrayInputStream(inMsgXml.getBytes())));

      success = true;
    } catch (Exception ex) {
      ex.printStackTrace();
    }

    return success;
  }
Example #5
0
  private void setPlainProxyDetails() {
    getIdentityTextField().setToolTipText(proxy.getSubject());
    getIdentityTextField().setText(calculateIdentity(proxy.getSubject()));
    getAuthenticatedTextField().setText("Yes");

    if (timer == null) {
      timer = new Timer();
      timerTask = new CredentialStatusTimerTask(proxy);
      timerTask.addCredentialStatusListener(this);
      timer.schedule(timerTask, new Date(), 1000);
    }
  }
Example #6
0
 /** Extracts the identity and certificate issuer from the host certificate. */
 private void configureTargetServiceInfo() throws GSSException {
   GlobusCredential serviceCredential;
   try {
     serviceCredential =
         new GlobusCredential(
             _properties.getProperty(SERVICE_CERT), _properties.getProperty(SERVICE_KEY));
   } catch (GlobusCredentialException gce) {
     throw new GSSException(GSSException.NO_CRED, 0, HOST_CREDENTIAL_ERROR + gce.toString());
   }
   _targetServiceName = serviceCredential.getIdentity();
   _targetServiceIssuer = X509Utils.toGlobusDN(serviceCredential.getIssuer(), true);
 }
Example #7
0
  private void updateStatus() {

    try {
      proxy.verify();
    } catch (Exception e) {
      // means proxy is not valid anymore
      getIdentityTextField().setText(NO_VALID_PROXY_MESSAGE);
      getIdentityTextField().setToolTipText(null);
      getAuthenticatedTextField().setText("No");
      getRemainingTextField().setText(NO_TIME_REMAINING);
      getVoTextField().setText(NO_VO_PROXY);
      getDetailsButton().setEnabled(false);
      return;
    }

    setPlainProxyDetails();

    // now we try to make a voms proxy out of our credential
    try {
      vomsProxy = new VomsProxy(proxy);
    } catch (Exception e) {
      getVoTextField().setText(NO_VO_PROXY);
      getDetailsButton().setEnabled(false);
      return;
    }

    // nice, it's really a voms proxy
    setVomsProxyDetails();
  }
 public static GSSCredential createUserCredential(String x509UserProxy)
     throws GlobusCredentialException, GSSException {
   if (x509UserProxy != null) {
     GlobusCredential gcred = new GlobusCredential(x509UserProxy);
     GSSCredential cred = new GlobusGSSCredentialImpl(gcred, GSSCredential.INITIATE_ONLY);
     return cred;
   }
   GlobusCredential gcred = GlobusCredential.getDefaultCredential();
   GSSCredential cred = new GlobusGSSCredentialImpl(gcred, GSSCredential.INITIATE_ONLY);
   return cred;
 }
Example #9
0
 private void writeProxy(GlobusCredential proxy, File f) throws GeneralSecurityException {
   try {
     OutputStream fw = openStream(f);
     if (!SHARED_PROXIES) {
       f.deleteOnExit();
     }
     try {
       proxy.save(fw);
     } finally {
       fw.close();
     }
   } catch (Exception e) {
     throw new GeneralSecurityException("Failed to save proxy certificate", e);
   }
 }
  /**
   * Retrieve the GlobusCredential associated with a service-operation. If credential retrieval is
   * pending, caller is blocked until the credential becomes available.
   *
   * @param serviceOperationEPR EPR of the InvocationHelper
   * @return The associated GlobusCredential, or null if no such association does exist
   * @throws RemoteException
   */
  public GlobusCredential getCredential(EndpointReference serviceOperationEPR)
      throws RemoteException {

    this.printCredentials();

    String eprStr = null;
    try {
      WorkflowInvocationHelperClient client =
          new WorkflowInvocationHelperClient(serviceOperationEPR);
      eprStr = client.getEPRString();

    } catch (MalformedURIException e1) {
      e1.printStackTrace();
    } catch (RemoteException e1) {
      e1.printStackTrace();
    }

    GlobusCredential credential = null;
    boolean serviceIsUnsecure = this.unsecureInvocations.contains(eprStr);

    if (serviceIsUnsecure) {
      logger.info(
          "[WorkflowInstanceHelperResource.getCredential] Service is unsecure, returning null credential");
      return null;
    } else {

      logger.info("[WorkflowInstanceHelperResource.getCredential] Service is secure");

      Lock key = this.servicelLock.get(eprStr);
      Condition credentialAvailability = this.serviceConditionVariable.get(eprStr);

      // Mutual exclusive access session: we can only return the credential if it was already
      // retrieved from the
      // Credential Delegation Service
      key.lock();
      try {

        printCredentials();

        // If credential is unavailable, block until it is available
        boolean credentialIsNotSet = (!this.servicesCredentials.containsKey(eprStr));

        if (credentialIsNotSet) {

          boolean explicitlyAwaken = credentialAvailability.await(60, TimeUnit.SECONDS);
          if (!explicitlyAwaken)
            throw new RemoteException(
                "[WorkflowInstanceHelperResource.getCredential] Couldn't retrieve credential. "
                    + "Was it registered into the InstanceHelper? Is the EndpointReference for the credential proxy valid?");
        }
        credential = this.servicesCredentials.get(eprStr);

        logger.info("[getCredential] Retrieved credential: " + credential.getIdentity());

      } catch (InterruptedException e) {
        logger.error("[getCredential] Error retrieving credential");
        e.printStackTrace();
      } finally {
        key.unlock();
      }

      logger.info(
          "Returning credential: " + ((credential != null) ? credential.getIdentity() : null));
      return credential;
    }
  }
 protected void loadCertificate(ServerResponseTokenType srt) throws Exception {
   srt.setPublicKey(globusCred.getCertificateChain()[0].getEncoded());
 }
 public GlobusCredServerNegotiator() throws GlobusCredentialException {
   globusCred = GlobusCredential.getDefaultCredential();
   trustedCerts = CapabilityUtil.getTrustedCertificates(null);
 }