public boolean login() throws LoginException { // prompt for a user name and password if (callbackHandler == null) throw new LoginException( "Error: no CallbackHandler available " + "to garner authentication information from the user"); Callback[] callbacks = new Callback[1]; callbacks[0] = new CMCCArtifactIDCallback(); try { this.callbackHandler.handle(callbacks); this.artifactID = ((CMCCArtifactIDCallback) callbacks[0]).getArtifactID(); this.artifactDomain = ((CMCCArtifactIDCallback) callbacks[0]).getArtifactDomain(); if (StringUtils.isEmpty(artifactID)) { succeeded = false; artifactID = null; return false; } Helper.validateArtifactID(artifactID); } catch (java.io.IOException e) { log.error(e.getMessage(), e); throw new LoginException(e.toString()); } catch (UnsupportedCallbackException e) { log.error(e.getMessage(), e); throw new LoginException( "Error: " + e.getCallback().toString() + " not available to garner authentication information " + "from the user"); } // print debugging information if (debug) { log.info("Resolv artifactId from cookie: " + artifactID); } // verify the artifactID/password boolean correct; try { correct = authenticate(artifactID, artifactDomain); } catch (Exception e) { log.error("Failure to check artifactID.", e); throw new LoginException(e.getMessage()); } if (correct) { // authentication succeeded!!! if (debug) log.info("Success to verify artifactID: [" + artifactID + "]"); succeeded = true; return true; } else { // authentication failed -- clean out state if (debug) log.info("Invalidate artifactID: [" + artifactID + "]"); succeeded = false; artifactID = null; artifactDomain = null; return false; } }
/** * @return * @throws NoSuchAlgorithmException * @throws KeyStoreException * @throws UnrecoverableKeyException * @throws IOException * @throws CertificateException */ private KeyManager[] initKeyManagers() throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, IOException, CertificateException { // Initialize trust manager factory and set trusted CA list using keystore if (StringUtils.isEmpty(this.keyStorePath)) { log.info("Unset [keyStorePath] parameter, disable local private and certificate."); return null; } else { log.info( String.format("Loading private key and certificate from store: [%s]", this.keyStorePath)); // Load key store KeyStore keystore = KeyStore.getInstance("JKS"); InputStream in = Helper.getResourceAsStream(this.getClass(), this.keyStorePath); if (in == null) { throw new IOException( String.format("Could not reading from : [%s]", this.trustCertsStorePath)); } keystore.load(in, this.keyStorePassword); KeyManagerFactory kmf = KeyManagerFactory.getInstance(this.getKeyManagerAlgorithm()); kmf.init(keystore, this.keyStoreKeyPassword); log.info(String.format("Initialized key store: [%s]", this.keyStorePath)); KeyManager[] keyManagers = kmf.getKeyManagers(); return keyManagers; } }
/** * @return * @throws KeyStoreException * @throws IOException * @throws NoSuchAlgorithmException * @throws CertificateException */ private TrustManager[] initTrustManagers() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException { // Initialize trust manager factory and set trusted CA list using keystore if (StringUtils.isEmpty(this.trustCertsStorePath)) { // Unset trustCertsStorePath, disable trust manager log.info("Unset [trustCertsStorePath] parameter, disable TrustManager"); TrustManager[] trustAllCerts = new TrustManager[] { new X509TrustManager() { public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; } public void checkClientTrusted(X509Certificate[] certs, String authType) { log.debug(String.format("Client certs;[%s], authType: [%s]", certs, authType)); } public void checkServerTrusted(X509Certificate[] certs, String authType) { log.debug(String.format("Client certs;[%s], authType: [%s]", certs, authType)); } } }; return trustAllCerts; } else { log.info(String.format("Loading trust certs from store: [%s]", this.trustCertsStorePath)); // Load key store KeyStore keystore = KeyStore.getInstance("JKS"); InputStream in = Helper.getResourceAsStream(this.getClass(), this.trustCertsStorePath); if (in == null) { throw new IOException( String.format("Could not reading from : [%s]", this.trustCertsStorePath)); } keystore.load(in, this.trustCertsStorePassword); TrustManagerFactory tmf = TrustManagerFactory.getInstance(this.getKeyManagerAlgorithm()); tmf.init(keystore); TrustManager[] trustManagers = tmf.getTrustManagers(); return trustManagers; } }