public static void main(String args[]) throws Exception {
String username = "******";
String password = "******";
GridAuthenticationHelper loginHelper =
new GridAuthenticationHelper("@CAGRID_LOGIN_MODULE_NAME@");
GlobusCredential proxy = loginHelper.login(username, password);
System.out.println(proxy);
System.out.println("Identity:" + proxy.getIdentity());
}
/* (non-Javadoc)
* @see org.apache.servicemix.components.util.TransformComponentSupport#transform(javax.jbi.messaging.MessageExchange, javax.jbi.messaging.NormalizedMessage, javax.jbi.messaging.NormalizedMessage)
*/
@Override
protected boolean transform(
MessageExchange exchange, NormalizedMessage inMsg, NormalizedMessage outMsg)
throws Exception {
boolean success = false;
try {
Subject subject = inMsg.getSecuritySubject();
// Get principal
Principal principal = null;
Set<GridIdentifierPrincipal> principals =
subject.getPrincipals(GridIdentifierPrincipal.class);
if (principals == null || principals.size() == 0) {
throw new RuntimeException("No GridIdentifierPrincipal found!");
} else if (principals.size() > 1) {
throw new RuntimeException(principals.size() + " GridIdentifierPrincipals found!");
}
principal = principals.iterator().next();
System.out.println("## Principal is: " + principal.getName());
// Get cert chain
X509Certificate[] chain = null;
Set<X509Certificate[]> chains = subject.getPublicCredentials(X509Certificate[].class);
if (chains == null || chains.size() == 0) {
throw new RuntimeException("No X509Certificate[] found!");
} else if (chains.size() > 1) {
throw new RuntimeException(chains.size() + " X509Certificate[]s found!");
}
chain = chains.iterator().next();
// Get private key
PrivateKey privateKey = null;
Set<PrivateKey> privateKeys = subject.getPrivateCredentials(PrivateKey.class);
if (privateKeys == null || privateKeys.size() == 0) {
throw new RuntimeException("No PrivateKey found!");
} else if (privateKeys.size() > 1) {
throw new RuntimeException(chains.size() + " PrivateKeys found!");
}
privateKey = privateKeys.iterator().next();
GlobusCredential cred = new GlobusCredential(privateKey, chain);
System.out.println("## Identity is: " + cred.getIdentity());
String inMsgXml = new SourceTransformer().contentToString(inMsg);
outMsg.setContent(new StreamSource(new ByteArrayInputStream(inMsgXml.getBytes())));
success = true;
} catch (Exception ex) {
ex.printStackTrace();
}
return success;
}
/** Extracts the identity and certificate issuer from the host certificate. */
private void configureTargetServiceInfo() throws GSSException {
GlobusCredential serviceCredential;
try {
serviceCredential =
new GlobusCredential(
_properties.getProperty(SERVICE_CERT), _properties.getProperty(SERVICE_KEY));
} catch (GlobusCredentialException gce) {
throw new GSSException(GSSException.NO_CRED, 0, HOST_CREDENTIAL_ERROR + gce.toString());
}
_targetServiceName = serviceCredential.getIdentity();
_targetServiceIssuer = X509Utils.toGlobusDN(serviceCredential.getIssuer(), true);
}
/**
* Retrieve the GlobusCredential associated with a service-operation. If credential retrieval is
* pending, caller is blocked until the credential becomes available.
*
* @param serviceOperationEPR EPR of the InvocationHelper
* @return The associated GlobusCredential, or null if no such association does exist
* @throws RemoteException
*/
public GlobusCredential getCredential(EndpointReference serviceOperationEPR)
throws RemoteException {
this.printCredentials();
String eprStr = null;
try {
WorkflowInvocationHelperClient client =
new WorkflowInvocationHelperClient(serviceOperationEPR);
eprStr = client.getEPRString();
} catch (MalformedURIException e1) {
e1.printStackTrace();
} catch (RemoteException e1) {
e1.printStackTrace();
}
GlobusCredential credential = null;
boolean serviceIsUnsecure = this.unsecureInvocations.contains(eprStr);
if (serviceIsUnsecure) {
logger.info(
"[WorkflowInstanceHelperResource.getCredential] Service is unsecure, returning null credential");
return null;
} else {
logger.info("[WorkflowInstanceHelperResource.getCredential] Service is secure");
Lock key = this.servicelLock.get(eprStr);
Condition credentialAvailability = this.serviceConditionVariable.get(eprStr);
// Mutual exclusive access session: we can only return the credential if it was already
// retrieved from the
// Credential Delegation Service
key.lock();
try {
printCredentials();
// If credential is unavailable, block until it is available
boolean credentialIsNotSet = (!this.servicesCredentials.containsKey(eprStr));
if (credentialIsNotSet) {
boolean explicitlyAwaken = credentialAvailability.await(60, TimeUnit.SECONDS);
if (!explicitlyAwaken)
throw new RemoteException(
"[WorkflowInstanceHelperResource.getCredential] Couldn't retrieve credential. "
+ "Was it registered into the InstanceHelper? Is the EndpointReference for the credential proxy valid?");
}
credential = this.servicesCredentials.get(eprStr);
logger.info("[getCredential] Retrieved credential: " + credential.getIdentity());
} catch (InterruptedException e) {
logger.error("[getCredential] Error retrieving credential");
e.printStackTrace();
} finally {
key.unlock();
}
logger.info(
"Returning credential: " + ((credential != null) ? credential.getIdentity() : null));
return credential;
}
}
