summaryrefslogtreecommitdiffstats
path: root/base/server/tomcat
diff options
context:
space:
mode:
Diffstat (limited to 'base/server/tomcat')
-rw-r--r--base/server/tomcat/CMakeLists.txt3
-rw-r--r--base/server/tomcat/src/CMakeLists.txt145
-rw-r--r--base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStore.java104
-rw-r--r--base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStoreInitializer.java33
4 files changed, 285 insertions, 0 deletions
diff --git a/base/server/tomcat/CMakeLists.txt b/base/server/tomcat/CMakeLists.txt
new file mode 100644
index 000000000..8c862145e
--- /dev/null
+++ b/base/server/tomcat/CMakeLists.txt
@@ -0,0 +1,3 @@
+project(server-tomcat)
+
+add_subdirectory(src)
diff --git a/base/server/tomcat/src/CMakeLists.txt b/base/server/tomcat/src/CMakeLists.txt
new file mode 100644
index 000000000..669cc8883
--- /dev/null
+++ b/base/server/tomcat/src/CMakeLists.txt
@@ -0,0 +1,145 @@
+project(pki-tomcat)
+
+find_file(JSS_JAR
+ NAMES
+ jss4.jar
+ PATHS
+ ${JAVA_LIB_INSTALL_DIR}
+ /usr/share/java
+)
+
+find_file(LDAPJDK_JAR
+ NAMES
+ ldapjdk.jar
+ PATHS
+ ${JAVA_LIB_INSTALL_DIR}
+ /usr/share/java
+)
+
+find_file(COMMONS_CODEC_JAR
+ NAMES
+ commons-codec.jar
+ PATHS
+ /usr/share/java
+)
+
+find_file(COMMONS_HTTPCLIENT_JAR
+ NAMES
+ commons-httpclient.jar
+ PATHS
+ /usr/share/java
+)
+
+find_file(APACHE_COMMONS_LANG_JAR
+ NAMES
+ apache-commons-lang.jar
+ PATHS
+ /usr/share/java
+)
+
+find_file(TOMCAT_CATALINA_JAR
+ NAMES
+ catalina.jar
+ PATHS
+ /usr/share/java/tomcat
+)
+
+find_file(TOMCAT_UTIL_SCAN_JAR
+ NAMES
+ tomcat-util-scan.jar
+ PATHS
+ /usr/share/java/tomcat
+)
+
+find_file(SERVLET_JAR
+ NAMES
+ servlet.jar
+ PATHS
+ ${JAVA_LIB_INSTALL_DIR}
+ /usr/share/java
+)
+
+find_file(VELOCITY_JAR
+ NAMES
+ velocity.jar
+ PATHS
+ ${JAVA_LIB_INSTALL_DIR}
+ /usr/share/java
+)
+
+find_file(XALAN_JAR
+ NAMES
+ xalan-j2.jar
+ PATHS
+ ${JAVA_LIB_INSTALL_DIR}
+ /usr/share/java
+)
+
+find_file(XERCES_JAR
+ NAMES
+ xerces-j2.jar
+ PATHS
+ ${JAVA_LIB_INSTALL_DIR}
+ /usr/share/java
+)
+
+find_file(JAXRS_API_JAR
+ NAMES
+ jaxrs-api.jar
+ PATHS
+ ${RESTEASY_LIB}
+)
+
+find_file(RESTEASY_JAXRS_JAR
+ NAMES
+ resteasy-jaxrs.jar
+ PATHS
+ ${RESTEASY_LIB}
+)
+
+find_file(RESTEASY_ATOM_PROVIDER_JAR
+ NAMES
+ resteasy-atom-provider.jar
+ PATHS
+ ${RESTEASY_LIB}
+)
+
+find_file(HTTPCLIENT_JAR
+ NAMES
+ httpclient.jar
+ PATHS
+ /usr/share/java/httpcomponents
+)
+
+find_file(HTTPCORE_JAR
+ NAMES
+ httpcore.jar
+ PATHS
+ /usr/share/java/httpcomponents
+)
+
+find_file(TOMCATJSS_JAR
+ NAMES
+ tomcatjss.jar
+ PATHS
+ /usr/share/java
+)
+
+find_file(NUXWDOG_JAR
+ NAMES
+ nuxwdog.jar
+ PATHS
+ ${JAVA_LIB_INSTALL_DIR}
+ /usr/share/java
+)
+
+# build pki-tomcat
+javac(pki-tomcat-classes
+ SOURCES
+ com/netscape/cms/tomcat/*.java
+ CLASSPATH
+ ${SERVLET_JAR} ${TOMCAT_CATALINA_JAR} ${TOMCAT_UTIL_SCAN_JAR}
+ ${NUXWDOG_JAR} ${APACHE_COMMONS_LANG_JAR} ${TOMCATJSS_JAR}
+ OUTPUT_DIR
+ ${CMAKE_BINARY_DIR}/../../tomcat
+)
diff --git a/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStore.java b/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStore.java
new file mode 100644
index 000000000..4a4f6ccfb
--- /dev/null
+++ b/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStore.java
@@ -0,0 +1,104 @@
+package com.netscape.cms.tomcat;
+
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Properties;
+
+import org.apache.commons.lang.StringUtils;
+
+import com.redhat.nuxwdog.WatchdogClient;
+
+
+public class NuxwdogPasswordStore implements org.apache.tomcat.util.net.jss.IPasswordStore {
+
+ // Note: pwCache is a temporary construct needed because nuxwdog currently
+ // does not expose a putPassword() method. When this is added, pwCache will
+ // no longer be needed.
+ private Hashtable<String, String> pwCache = null;
+ private ArrayList<String> tags = null;
+
+ private final String PROMPT_PREFIX = "Please provide the password for ";
+
+ @Override
+ public void init(String confFile) throws IOException {
+ if (!startedByNuxwdog()) {
+ throw new IOException("process not started by nuxwdog");
+ }
+
+ tags = new ArrayList<String>();
+
+ if (confFile != null) {
+ populateTokenTags(confFile);
+ }
+
+ pwCache = new Hashtable<String, String>();
+ }
+
+ private boolean startedByNuxwdog() {
+ // confirm that process was started by nuxwdog
+ String wdPipeName = System.getenv("WD_PIPE_NAME");
+ if (StringUtils.isNotEmpty(wdPipeName)) {
+ return true;
+ }
+ return false;
+
+ }
+
+ private void populateTokenTags(String confFile) throws IOException {
+ Properties props = new Properties();
+ InputStream in = new FileInputStream(confFile);
+ props.load(in);
+
+ tags.add("internal");
+
+ String tokenList = props.getProperty("cms.tokenList");
+ if (StringUtils.isNotEmpty(tokenList)) {
+ for (String token: StringUtils.split(tokenList,',')) {
+ tags.add("hardware-" + token);
+ }
+ }
+ }
+
+ private void addTag(String tag) {
+ if (!tags.contains(tag)) {
+ tags.add(tag);
+ }
+ }
+
+ @Override
+ public String getPassword(String tag, int iteration) {
+ if (pwCache.containsKey(tag)) {
+ return pwCache.get(tag);
+ }
+
+ String prompt = PROMPT_PREFIX + tag + ":";
+ String pwd = WatchdogClient.getPassword(prompt, iteration);
+
+ if (pwd != null) {
+ addTag(tag);
+ }
+ return pwd;
+ }
+
+ @Override
+ public Enumeration<String> getTags() {
+ return Collections.enumeration(tags);
+ }
+
+ @Override
+ public Object putPassword(String tag, String password) {
+ addTag(tag);
+ return pwCache.put(tag, password);
+ }
+
+ @Override
+ public void commit() throws IOException, ClassCastException, NullPointerException {
+ // Nothing required here
+ }
+
+}
diff --git a/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStoreInitializer.java b/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStoreInitializer.java
new file mode 100644
index 000000000..a4c25306d
--- /dev/null
+++ b/base/server/tomcat/src/com/netscape/cms/tomcat/NuxwdogPasswordStoreInitializer.java
@@ -0,0 +1,33 @@
+package com.netscape.cms.tomcat;
+import org.apache.catalina.Lifecycle;
+import org.apache.catalina.LifecycleEvent;
+import org.apache.catalina.LifecycleListener;
+import org.apache.commons.lang.StringUtils;
+
+import com.redhat.nuxwdog.WatchdogClient;
+
+public class NuxwdogPasswordStoreInitializer implements LifecycleListener {
+
+ private boolean startedByWD = false;
+
+ @Override
+ public void lifecycleEvent(LifecycleEvent event) {
+ String method = "NuxwdogReader:lifecycleEvent";
+ if (event.getType().equals(Lifecycle.BEFORE_INIT_EVENT)) {
+ System.out.println(method + ": before init event");
+ String wdPipeName = System.getenv("WD_PIPE_NAME");
+ if (StringUtils.isNotEmpty(wdPipeName)) {
+ startedByWD = true;
+ System.out.println(method + ": Initializing the watchdog");
+ WatchdogClient.init();
+ }
+ } else if (event.getType().equals(Lifecycle.AFTER_START_EVENT)) {
+ System.out.println(method + "After start event");
+ if (startedByWD) {
+ System.out.println(method + ": Sending endInit to the Watchdog");
+ WatchdogClient.sendEndInit(0);
+ }
+ }
+ }
+
+}
generated by cgit (git 2.34.1) at 2024-06-28 04:17:50 +0000