diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2015-02-24 21:02:13 -0500 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2015-04-21 16:53:17 -0400 |
| commit | 42667acb21cee0ce73c58aaf55aea8fee19620ff (patch) | |
| tree | 6f3671276e1f76f4535e11cafd20542ab2bbe36e /base/server/tomcat/src | |
| parent | ab5f54371519010c72f4947901c3a76cb5105e41 (diff) | |
| download | pki-42667acb21cee0ce73c58aaf55aea8fee19620ff.tar.gz pki-42667acb21cee0ce73c58aaf55aea8fee19620ff.tar.xz pki-42667acb21cee0ce73c58aaf55aea8fee19620ff.zip | |
Added support for Tomcat 8.
The Dogtag code has been modified to support both Tomcat 7 and 8.
All files depending on a specific Tomcat version are now stored
in separate folders. The build scripts have been modified to use
the proper folder for the target platform. The tomcatjss
dependency has been updated as well.
The upgrade script will be added in a separate patch.
https://fedorahosted.org/pki/ticket/1264
Diffstat (limited to 'base/server/tomcat/src')
4 files changed, 0 insertions, 472 deletions
diff --git a/base/server/tomcat/src/CMakeLists.txt b/base/server/tomcat/src/CMakeLists.txt deleted file mode 100644 index d9808a803..000000000 --- a/base/server/tomcat/src/CMakeLists.txt +++ /dev/null @@ -1,158 +0,0 @@ -project(pki-tomcat) - -find_file(JSS_JAR - NAMES - jss4.jar - PATHS - ${JAVA_LIB_INSTALL_DIR} - /usr/share/java -) - -find_file(LDAPJDK_JAR - NAMES - ldapjdk.jar - PATHS - ${JAVA_LIB_INSTALL_DIR} - /usr/share/java -) - -find_file(COMMONS_CODEC_JAR - NAMES - commons-codec.jar - PATHS - /usr/share/java -) - -find_file(COMMONS_HTTPCLIENT_JAR - NAMES - commons-httpclient.jar - PATHS - /usr/share/java -) - -find_file(APACHE_COMMONS_LANG_JAR - NAMES - apache-commons-lang.jar - PATHS - /usr/share/java -) - -find_file(TOMCAT_CATALINA_JAR - NAMES - catalina.jar - PATHS - /usr/share/java/tomcat -) - -find_file(TOMCAT_UTIL_JAR - NAMES - tomcat-util.jar - PATHS - /usr/share/java/tomcat -) - -find_file(SERVLET_JAR - NAMES - servlet.jar - PATHS - ${JAVA_LIB_INSTALL_DIR} - /usr/share/java -) - -find_file(VELOCITY_JAR - NAMES - velocity.jar - PATHS - ${JAVA_LIB_INSTALL_DIR} - /usr/share/java -) - -find_file(XALAN_JAR - NAMES - xalan-j2.jar - PATHS - ${JAVA_LIB_INSTALL_DIR} - /usr/share/java -) - -find_file(XERCES_JAR - NAMES - xerces-j2.jar - PATHS - ${JAVA_LIB_INSTALL_DIR} - /usr/share/java -) - -find_file(JAXRS_API_JAR - NAMES - jaxrs-api.jar - PATHS - ${RESTEASY_LIB} -) - -find_file(RESTEASY_JAXRS_JAR - NAMES - resteasy-jaxrs.jar - PATHS - ${RESTEASY_LIB} -) - -find_file(RESTEASY_ATOM_PROVIDER_JAR - NAMES - resteasy-atom-provider.jar - PATHS - ${RESTEASY_LIB} -) - -find_file(HTTPCLIENT_JAR - NAMES - httpclient.jar - PATHS - /usr/share/java/httpcomponents -) - -find_file(HTTPCORE_JAR - NAMES - httpcore.jar - PATHS - /usr/share/java/httpcomponents -) - -# build pki-tomcat -javac(pki-tomcat-classes - SOURCES - com/netscape/cms/tomcat/*.java - CLASSPATH - ${SERVLET_JAR} ${TOMCAT_CATALINA_JAR} - OUTPUT_DIR - ${CMAKE_BINARY_DIR}/classes -) - -configure_file( - ${CMAKE_CURRENT_SOURCE_DIR}/pki-tomcat.mf - ${CMAKE_CURRENT_BINARY_DIR}/pki-tomcat.mf -) - -jar(pki-tomcat-jar - CREATE - ${CMAKE_BINARY_DIR}/dist/pki-tomcat.jar - OPTIONS - m - PARAMS - ${CMAKE_CURRENT_BINARY_DIR}/pki-tomcat.mf - INPUT_DIR - ${CMAKE_BINARY_DIR}/classes - FILES - com/netscape/cms/tomcat/*.class - DEPENDS - pki-tomcat-classes -) - -install( - FILES - ${CMAKE_BINARY_DIR}/dist/pki-tomcat.jar - DESTINATION - ${JAVA_JAR_INSTALL_DIR}/pki -) - -set(PKI_TOMCAT_JAR ${CMAKE_BINARY_DIR}/dist/pki-tomcat.jar CACHE INTERNAL "pki-tomcat jar file") diff --git a/base/server/tomcat/src/com/netscape/cms/tomcat/ProxyRealm.java b/base/server/tomcat/src/com/netscape/cms/tomcat/ProxyRealm.java deleted file mode 100644 index 094c0561f..000000000 --- a/base/server/tomcat/src/com/netscape/cms/tomcat/ProxyRealm.java +++ /dev/null @@ -1,139 +0,0 @@ -package com.netscape.cms.tomcat; - -import java.beans.PropertyChangeListener; -import java.io.IOException; -import java.security.Principal; -import java.security.cert.X509Certificate; -import java.util.HashMap; -import java.util.Map; - -import org.apache.catalina.Container; -import org.apache.catalina.Context; -import org.apache.catalina.Realm; -import org.apache.catalina.Wrapper; -import org.apache.catalina.connector.Request; -import org.apache.catalina.connector.Response; -import org.apache.catalina.deploy.SecurityConstraint; -import org.ietf.jgss.GSSContext; - -/** - * @author Endi S. Dewata - */ -public class ProxyRealm implements Realm { - - public static Map<String, ProxyRealm> proxies = new HashMap<String, ProxyRealm>(); - - public Container container; - public Realm realm; - - public ProxyRealm() { - } - - @Override - public Container getContainer() { - return container; - } - - @Override - public void setContainer(Container container) { - this.container = container; - if (container instanceof Context) { - Context context = (Context)container; - proxies.put(context.getBaseName(), this); - } - } - - public Realm getRealm() { - return realm; - } - - public void setRealm(Realm realm) { - this.realm = realm; - realm.setContainer(container); - } - - public static void registerRealm(String contextName, Realm realm) { - ProxyRealm proxy = proxies.get(contextName); - if (proxy == null) return; - - proxy.setRealm(realm); - } - - @Override - public Principal authenticate(String username, String password) { - return realm.authenticate(username, password); - } - - @Override - public Principal authenticate(X509Certificate certs[]) { - return realm.authenticate(certs); - } - - @Override - public Principal authenticate( - String username, - String digest, - String nonce, - String nc, - String cnonce, - String qop, - String realmName, - String md5a2 - ) { - return realm.authenticate(username, digest, nonce, nc, cnonce, qop, realmName, md5a2); - } - - @Override - public Principal authenticate(GSSContext gssContext, boolean storeCreds) { - return realm.authenticate(gssContext, storeCreds); - } - - @Override - public boolean hasResourcePermission( - Request request, - Response response, - SecurityConstraint[] constraints, - Context context - ) throws IOException { - return realm.hasResourcePermission(request, response, constraints, context); - } - - @Override - public String getInfo() { - return realm.getInfo(); - } - - @Override - public void backgroundProcess() { - realm.backgroundProcess(); - } - - @Override - public SecurityConstraint[] findSecurityConstraints(Request request, Context context) { - return realm.findSecurityConstraints(request, context); - } - - @Override - public boolean hasRole(Wrapper wrapper, Principal principal, String role) { - return realm.hasRole(wrapper, principal, role); - } - - @Override - public boolean hasUserDataPermission( - Request request, - Response response, - SecurityConstraint[] constraint - ) throws IOException { - return realm.hasUserDataPermission(request, response, constraint); - } - - @Override - public void addPropertyChangeListener(PropertyChangeListener listener) { - realm.addPropertyChangeListener(listener); - } - - @Override - public void removePropertyChangeListener(PropertyChangeListener listener) { - realm.removePropertyChangeListener(listener); - } -} diff --git a/base/server/tomcat/src/com/netscape/cms/tomcat/SSLAuthenticatorWithFallback.java b/base/server/tomcat/src/com/netscape/cms/tomcat/SSLAuthenticatorWithFallback.java deleted file mode 100644 index 20bf85d22..000000000 --- a/base/server/tomcat/src/com/netscape/cms/tomcat/SSLAuthenticatorWithFallback.java +++ /dev/null @@ -1,172 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2012 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- - -package com.netscape.cms.tomcat; - -import java.io.IOException; -import java.security.cert.X509Certificate; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpServletResponseWrapper; - -import org.apache.catalina.Container; -import org.apache.catalina.Globals; -import org.apache.catalina.LifecycleException; -import org.apache.catalina.authenticator.AuthenticatorBase; -import org.apache.catalina.authenticator.BasicAuthenticator; -import org.apache.catalina.authenticator.FormAuthenticator; -import org.apache.catalina.authenticator.SSLAuthenticator; -import org.apache.catalina.connector.Request; -import org.apache.catalina.deploy.LoginConfig; - -/** - * @author Endi S. Dewata - */ -public class SSLAuthenticatorWithFallback extends AuthenticatorBase { - - public final static String BASIC_AUTHENTICATOR = "BASIC"; - public final static String FORM_AUTHENTICATOR = "FORM"; - - String fallbackMethod = BASIC_AUTHENTICATOR; - - AuthenticatorBase sslAuthenticator = new SSLAuthenticator(); - AuthenticatorBase fallbackAuthenticator = new BasicAuthenticator(); - - public SSLAuthenticatorWithFallback() { - log("Creating SSL authenticator with fallback"); - } - - @Override - public String getInfo() { - return "SSL authenticator with "+fallbackMethod+" fallback."; - } - - public String getFallbackMethod() { - return fallbackMethod; - } - - public void setFallbackMethod(String fallbackMethod) { - log("Fallback method: "+fallbackMethod); - this.fallbackMethod = fallbackMethod; - - if (BASIC_AUTHENTICATOR.equalsIgnoreCase(fallbackMethod)) { - fallbackAuthenticator = new BasicAuthenticator(); - - } else if (FORM_AUTHENTICATOR.equalsIgnoreCase(fallbackMethod)) { - fallbackAuthenticator = new FormAuthenticator(); - } - - } - - @Override - public boolean authenticate(Request request, HttpServletResponse response, LoginConfig config) throws IOException { - - X509Certificate certs[] = (X509Certificate[]) request.getAttribute(Globals.CERTIFICATES_ATTR); - boolean result; - - if (certs != null && certs.length > 0) { - log("Authenticate with client certificate authentication"); - HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper(response) { - public void setHeader(String name, String value) { - log("SSL auth header: "+name+"="+value); - }; - public void sendError(int code) { - log("SSL auth return code: "+code); - } - }; - result = sslAuthenticator.authenticate(request, wrapper, config); - - } else { - log("Authenticating with "+fallbackMethod+" authentication"); - HttpServletResponseWrapper wrapper = new HttpServletResponseWrapper(response) { - public void setHeader(String name, String value) { - log("Fallback auth header: "+name+"="+value); - }; - public void sendError(int code) { - log("Fallback auth return code: "+code); - } - }; - result = fallbackAuthenticator.authenticate(request, wrapper, config); - } - - if (result) - return true; - - log("Result: "+result); - - StringBuilder value = new StringBuilder(16); - value.append("Basic realm=\""); - if (config.getRealmName() == null) { - value.append(REALM_NAME); - } else { - value.append(config.getRealmName()); - } - value.append('\"'); - response.setHeader(AUTH_HEADER_NAME, value.toString()); - response.sendError(HttpServletResponse.SC_UNAUTHORIZED); - - return false; - } - - @Override - protected String getAuthMethod() { - return HttpServletRequest.CLIENT_CERT_AUTH; - }; - - @Override - public void setContainer(Container container) { - log("Setting container"); - super.setContainer(container); - sslAuthenticator.setContainer(container); - fallbackAuthenticator.setContainer(container); - } - - @Override - protected void initInternal() throws LifecycleException { - log("Initializing authenticators"); - - super.initInternal(); - - sslAuthenticator.setAlwaysUseSession(alwaysUseSession); - sslAuthenticator.init(); - - fallbackAuthenticator.setAlwaysUseSession(alwaysUseSession); - fallbackAuthenticator.init(); - } - - @Override - public void startInternal() throws LifecycleException { - log("Starting authenticators"); - super.startInternal(); - sslAuthenticator.start(); - fallbackAuthenticator.start(); - } - - @Override - public void stopInternal() throws LifecycleException { - log("Stopping authenticators"); - super.stopInternal(); - sslAuthenticator.stop(); - fallbackAuthenticator.stop(); - } - - public void log(String message) { - System.out.println("SSLAuthenticatorWithFallback: "+message); - } -} diff --git a/base/server/tomcat/src/pki-tomcat.mf b/base/server/tomcat/src/pki-tomcat.mf deleted file mode 100644 index ca8d3bf1b..000000000 --- a/base/server/tomcat/src/pki-tomcat.mf +++ /dev/null @@ -1,3 +0,0 @@ -Name: pki-tomcat -Specification-Version: ${APPLICATION_VERSION} -Implementation-Version: ${VERSION} |