コード例 #1
0
ファイル: TestClient.java プロジェクト: NCIP/lexevs-remote
 public static void main(String args[]) throws Exception {
   String username = "******";
   String password = "******";
   GridAuthenticationHelper loginHelper =
       new GridAuthenticationHelper("@CAGRID_LOGIN_MODULE_NAME@");
   GlobusCredential proxy = loginHelper.login(username, password);
   System.out.println(proxy);
   System.out.println("Identity:" + proxy.getIdentity());
 }
コード例 #2
0
  /* (non-Javadoc)
   * @see org.apache.servicemix.components.util.TransformComponentSupport#transform(javax.jbi.messaging.MessageExchange, javax.jbi.messaging.NormalizedMessage, javax.jbi.messaging.NormalizedMessage)
   */
  @Override
  protected boolean transform(
      MessageExchange exchange, NormalizedMessage inMsg, NormalizedMessage outMsg)
      throws Exception {
    boolean success = false;

    try {
      Subject subject = inMsg.getSecuritySubject();

      // Get principal
      Principal principal = null;
      Set<GridIdentifierPrincipal> principals =
          subject.getPrincipals(GridIdentifierPrincipal.class);
      if (principals == null || principals.size() == 0) {
        throw new RuntimeException("No GridIdentifierPrincipal found!");
      } else if (principals.size() > 1) {
        throw new RuntimeException(principals.size() + " GridIdentifierPrincipals found!");
      }
      principal = principals.iterator().next();
      System.out.println("## Principal is: " + principal.getName());

      // Get cert chain
      X509Certificate[] chain = null;
      Set<X509Certificate[]> chains = subject.getPublicCredentials(X509Certificate[].class);
      if (chains == null || chains.size() == 0) {
        throw new RuntimeException("No X509Certificate[] found!");
      } else if (chains.size() > 1) {
        throw new RuntimeException(chains.size() + " X509Certificate[]s found!");
      }
      chain = chains.iterator().next();

      // Get private key
      PrivateKey privateKey = null;
      Set<PrivateKey> privateKeys = subject.getPrivateCredentials(PrivateKey.class);
      if (privateKeys == null || privateKeys.size() == 0) {
        throw new RuntimeException("No PrivateKey found!");
      } else if (privateKeys.size() > 1) {
        throw new RuntimeException(chains.size() + " PrivateKeys found!");
      }
      privateKey = privateKeys.iterator().next();

      GlobusCredential cred = new GlobusCredential(privateKey, chain);

      System.out.println("## Identity is: " + cred.getIdentity());

      String inMsgXml = new SourceTransformer().contentToString(inMsg);
      outMsg.setContent(new StreamSource(new ByteArrayInputStream(inMsgXml.getBytes())));

      success = true;
    } catch (Exception ex) {
      ex.printStackTrace();
    }

    return success;
  }
コード例 #3
0
ファイル: XACMLPlugin.java プロジェクト: paulmillar/dcache
 /** Extracts the identity and certificate issuer from the host certificate. */
 private void configureTargetServiceInfo() throws GSSException {
   GlobusCredential serviceCredential;
   try {
     serviceCredential =
         new GlobusCredential(
             _properties.getProperty(SERVICE_CERT), _properties.getProperty(SERVICE_KEY));
   } catch (GlobusCredentialException gce) {
     throw new GSSException(GSSException.NO_CRED, 0, HOST_CREDENTIAL_ERROR + gce.toString());
   }
   _targetServiceName = serviceCredential.getIdentity();
   _targetServiceIssuer = X509Utils.toGlobusDN(serviceCredential.getIssuer(), true);
 }
コード例 #4
0
  /**
   * Retrieve the GlobusCredential associated with a service-operation. If credential retrieval is
   * pending, caller is blocked until the credential becomes available.
   *
   * @param serviceOperationEPR EPR of the InvocationHelper
   * @return The associated GlobusCredential, or null if no such association does exist
   * @throws RemoteException
   */
  public GlobusCredential getCredential(EndpointReference serviceOperationEPR)
      throws RemoteException {

    this.printCredentials();

    String eprStr = null;
    try {
      WorkflowInvocationHelperClient client =
          new WorkflowInvocationHelperClient(serviceOperationEPR);
      eprStr = client.getEPRString();

    } catch (MalformedURIException e1) {
      e1.printStackTrace();
    } catch (RemoteException e1) {
      e1.printStackTrace();
    }

    GlobusCredential credential = null;
    boolean serviceIsUnsecure = this.unsecureInvocations.contains(eprStr);

    if (serviceIsUnsecure) {
      logger.info(
          "[WorkflowInstanceHelperResource.getCredential] Service is unsecure, returning null credential");
      return null;
    } else {

      logger.info("[WorkflowInstanceHelperResource.getCredential] Service is secure");

      Lock key = this.servicelLock.get(eprStr);
      Condition credentialAvailability = this.serviceConditionVariable.get(eprStr);

      // Mutual exclusive access session: we can only return the credential if it was already
      // retrieved from the
      // Credential Delegation Service
      key.lock();
      try {

        printCredentials();

        // If credential is unavailable, block until it is available
        boolean credentialIsNotSet = (!this.servicesCredentials.containsKey(eprStr));

        if (credentialIsNotSet) {

          boolean explicitlyAwaken = credentialAvailability.await(60, TimeUnit.SECONDS);
          if (!explicitlyAwaken)
            throw new RemoteException(
                "[WorkflowInstanceHelperResource.getCredential] Couldn't retrieve credential. "
                    + "Was it registered into the InstanceHelper? Is the EndpointReference for the credential proxy valid?");
        }
        credential = this.servicesCredentials.get(eprStr);

        logger.info("[getCredential] Retrieved credential: " + credential.getIdentity());

      } catch (InterruptedException e) {
        logger.error("[getCredential] Error retrieving credential");
        e.printStackTrace();
      } finally {
        key.unlock();
      }

      logger.info(
          "Returning credential: " + ((credential != null) ? credential.getIdentity() : null));
      return credential;
    }
  }