diff options
Diffstat (limited to 'base/server/tomcat')
4 files changed, 285 insertions, 0 deletions
diff --git a/base/server/tomcat/CMakeLists.txt b/base/server/tomcat/CMakeLists.txt new file mode 100644 index 000000000..8c862145e --- /dev/null +++ b/base/server/tomcat/CMakeLists.txt @@ -0,0 +1,3 @@ +project(server-tomcat) + +add_subdirectory(src) diff --git a/base/server/tomcat/src/CMakeLists.txt b/base/server/tomcat/src/CMakeLists.txt new file mode 100644 index 000000000..669cc8883 --- /dev/null +++ b/base/server/tomcat/src/CMakeLists.txt @@ -0,0 +1,145 @@ +project(pki-tomcat) + +find_file(JSS_JAR + NAMES + jss4.jar + PATHS + ${JAVA_LIB_INSTALL_DIR} + /usr/share/java +) + +find_file(LDAPJDK_JAR + NAMES + ldapjdk.jar + PATHS + ${JAVA_LIB_INSTALL_DIR} + /usr/share/java +) + +find_file(COMMONS_CODEC_JAR + NAMES + commons-codec.jar + PATHS + /usr/share/java +) + +find_file(COMMONS_HTTPCLIENT_JAR + NAMES + commons-httpclient.jar + PATHS + /usr/share/java +) + +find_file(APACHE_COMMONS_LANG_JAR + NAMES + apache-commons-lang.jar + PATHS + /usr/share/java +) + +find_file(TOMCAT_CATALINA_JAR + NAMES + catalina.jar + PATHS + /usr/share/java/tomcat +) + +find_file(TOMCAT_UTIL_SCAN_JAR + NAMES + tomcat-util-scan.jar + PATHS + /usr/share/java/tomcat +) + +find_file(SERVLET_JAR + NAMES + servlet.jar + PATHS + ${JAVA_LIB_INSTALL_DIR} + /usr/share/java +) + +find_file(VELOCITY_JAR + NAMES + velocity.jar + PATHS + ${JAVA_LIB_INSTALL_DIR} + /usr/share/java +) + +find_file(XALAN_JAR + NAMES + xalan-j2.jar + PATHS + ${JAVA_LIB_INSTALL_DIR} + /usr/share/java +) + +find_file(XERCES_JAR + NAMES + xerces-j2.jar + PATHS + ${JAVA_LIB_INSTALL_DIR} + /usr/share/java +) + +find_file(JAXRS_API_JAR + NAMES + jaxrs-api.jar + PATHS + ${RESTEASY_LIB} +) + +find_file(RESTEASY_JAXRS_JAR + NAMES + resteasy-jaxrs.jar + PATHS + ${RESTEASY_LIB} +) + +find_file(RESTEASY_ATOM_PROVIDER_JAR + NAMES + resteasy-atom-provider.jar + PATHS + ${RESTEASY_LIB} +) + +find_file(HTTPCLIENT_JAR + NAMES + httpclient.jar + PATHS + /usr/share/java/httpcomponents +) + +find_file(HTTPCORE_JAR + NAMES + httpcore.jar + PATHS + /usr/share/java/httpcomponents +) + +find_file(TOMCATJSS_JAR + NAMES + tomcatjss.jar + PATHS + /usr/share/java +) + +find_file(NUXWDOG_JAR + NAMES + nuxwdog.jar + PATHS + ${JAVA_LIB_INSTALL_DIR} + /usr/share/java +) + +# build pki-tomcat +javac(pki-tomcat-classes + SOURCES + com/netscape/cms/tomcat/*.java + CLASSPATH + ${SERVLET_JAR} ${TOMCAT_CATALINA_JAR} ${TOMCAT_UTIL_SCAN_JAR} + ${NUXWDOG_JAR} ${APACHE_COMMONS_LANG_JAR} ${TOMCATJSS_JAR} + OUTPUT_DIR + ${CMAKE_BINARY_DIR}/../../tomcat +) diff --git a/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStore.java b/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStore.java new file mode 100644 index 000000000..4a4f6ccfb --- /dev/null +++ b/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStore.java @@ -0,0 +1,104 @@ +package com.netscape.cms.tomcat; + +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.util.ArrayList; +import java.util.Collections; +import java.util.Enumeration; +import java.util.Hashtable; +import java.util.Properties; + +import org.apache.commons.lang.StringUtils; + +import com.redhat.nuxwdog.WatchdogClient; + + +public class NuxwdogPasswordStore implements org.apache.tomcat.util.net.jss.IPasswordStore { + + // Note: pwCache is a temporary construct needed because nuxwdog currently + // does not expose a putPassword() method. When this is added, pwCache will + // no longer be needed. + private Hashtable<String, String> pwCache = null; + private ArrayList<String> tags = null; + + private final String PROMPT_PREFIX = "Please provide the password for "; + + @Override + public void init(String confFile) throws IOException { + if (!startedByNuxwdog()) { + throw new IOException("process not started by nuxwdog"); + } + + tags = new ArrayList<String>(); + + if (confFile != null) { + populateTokenTags(confFile); + } + + pwCache = new Hashtable<String, String>(); + } + + private boolean startedByNuxwdog() { + // confirm that process was started by nuxwdog + String wdPipeName = System.getenv("WD_PIPE_NAME"); + if (StringUtils.isNotEmpty(wdPipeName)) { + return true; + } + return false; + + } + + private void populateTokenTags(String confFile) throws IOException { + Properties props = new Properties(); + InputStream in = new FileInputStream(confFile); + props.load(in); + + tags.add("internal"); + + String tokenList = props.getProperty("cms.tokenList"); + if (StringUtils.isNotEmpty(tokenList)) { + for (String token: StringUtils.split(tokenList,',')) { + tags.add("hardware-" + token); + } + } + } + + private void addTag(String tag) { + if (!tags.contains(tag)) { + tags.add(tag); + } + } + + @Override + public String getPassword(String tag, int iteration) { + if (pwCache.containsKey(tag)) { + return pwCache.get(tag); + } + + String prompt = PROMPT_PREFIX + tag + ":"; + String pwd = WatchdogClient.getPassword(prompt, iteration); + + if (pwd != null) { + addTag(tag); + } + return pwd; + } + + @Override + public Enumeration<String> getTags() { + return Collections.enumeration(tags); + } + + @Override + public Object putPassword(String tag, String password) { + addTag(tag); + return pwCache.put(tag, password); + } + + @Override + public void commit() throws IOException, ClassCastException, NullPointerException { + // Nothing required here + } + +} diff --git a/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStoreInitializer.java b/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStoreInitializer.java new file mode 100644 index 000000000..a4c25306d --- /dev/null +++ b/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStoreInitializer.java @@ -0,0 +1,33 @@ +package com.netscape.cms.tomcat; +import org.apache.catalina.Lifecycle; +import org.apache.catalina.LifecycleEvent; +import org.apache.catalina.LifecycleListener; +import org.apache.commons.lang.StringUtils; + +import com.redhat.nuxwdog.WatchdogClient; + +public class NuxwdogPasswordStoreInitializer implements LifecycleListener { + + private boolean startedByWD = false; + + @Override + public void lifecycleEvent(LifecycleEvent event) { + String method = "NuxwdogReader:lifecycleEvent"; + if (event.getType().equals(Lifecycle.BEFORE_INIT_EVENT)) { + System.out.println(method + ": before init event"); + String wdPipeName = System.getenv("WD_PIPE_NAME"); + if (StringUtils.isNotEmpty(wdPipeName)) { + startedByWD = true; + System.out.println(method + ": Initializing the watchdog"); + WatchdogClient.init(); + } + } else if (event.getType().equals(Lifecycle.AFTER_START_EVENT)) { + System.out.println(method + "After start event"); + if (startedByWD) { + System.out.println(method + ": Sending endInit to the Watchdog"); + WatchdogClient.sendEndInit(0); + } + } + } + +} |