FileDocCategorySizeDatePackage
IdentityManager.javaAPI DocGlassfish v2 API17593Tue Jun 19 18:51:02 BST 2007com.sun.enterprise.security.store

IdentityManager

public class IdentityManager extends Object

Fields Summary
public static final String
PROPMPT_FOR_IDENTITY_SYSTEM_PROPERTY
private static final String
USER_ALIAS
private static final String
PASSWORD_ALIAS
private static final String
MASTER_PASSWORD_ALIAS
private static final String
IDENTITY_STORE_FILE_NAME
private static String
_user
private static String
_password
private static String
_masterPassword
private static Hashtable
_htIdentity
private static boolean
bDebug
private static boolean
_keystorePropertyWasSet
private static boolean
_truststorePropertyWasSet
private static boolean
_nssDbPasswordPropertyWasSet
Constructors Summary
private IdentityManager()


    // make private so it can't be instantiated
Methods Summary
public static voidaddToMap(java.util.HashMap map)

        Iterator it = map.keySet().iterator();
        String key = null;
        while(it.hasNext()) {
            key = (String)it.next();
            put(key, (String)map.get(key));
        }
public static voidcreateIdentityStore()
createIdentityStore - This method takes the IdentityManager singleton and writes its information into a keystore for later retrieval. This method is used for temportary storage of Identity information for use by task such as restart. The extra token information is read in through the appropriate manager because its variable nature was problematic to store.


        // create temporary keystore for start to read from
        Properties aliasPasswordProps=new Properties();
        aliasPasswordProps.setProperty(USER_ALIAS, getUser());
        aliasPasswordProps.setProperty(PASSWORD_ALIAS, getPassword());
        aliasPasswordProps.setProperty(MASTER_PASSWORD_ALIAS, getMasterPassword());
        
        File instanceRoot = new File(System.getProperty(SystemPropertyConstants.INSTANCE_ROOT_PROPERTY), IDENTITY_STORE_FILE_NAME);        

        // get the password for the keystore
        PasswordAdapter p = new PasswordAdapter(instanceRoot.getAbsolutePath(), 
           getMasterPasswordPassword());

        // loop through properties and set passwords for aliases
        Iterator iter=aliasPasswordProps.keySet().iterator();
        String alias=null, pass=null;
        while(iter.hasNext()) {
            alias=(String)iter.next();
            pass=aliasPasswordProps.getProperty(alias);
            p.setPasswordForAlias(alias, pass.getBytes());
        }
public static voiddeleteIdentityStore()

        File instanceRoot = new File(System.getProperty(SystemPropertyConstants.INSTANCE_ROOT_PROPERTY), IDENTITY_STORE_FILE_NAME);        
        instanceRoot.delete();
public static java.lang.Stringget(java.lang.String key)

        return (String)_htIdentity.get(key);
public static java.lang.StringgetFormatedContents()
This method is used instead of the toString method for static instances

        
        StringBuffer sb=new StringBuffer("IdentityManager Data: User:" + getUser());
        //Only display password information if compiling with debug enabled; otherwise, this 
        //is a security violation.
        if (bDebug) {
            sb.append(", ");
            sb.append("Password:" + getPassword() + ", ");
            sb.append("MasterPassword:" + getMasterPassword() + ", ");
            Iterator it=_htIdentity.keySet().iterator();
            String key=null;
            while(it.hasNext()) {
                key=(String)it.next();
                sb.append(key + ":" + (String)_htIdentity.get(key) + ", ");
            }
        }
        return sb.toString();
public static java.lang.String[]getIdentityArray()
getIdentityArray - This method is used when the identity information needs to be passed to another process

        ArrayList ar=new ArrayList();
        // add in standard values
        ar.add(getUser());
        ar.add(getPassword());
        ar.add(getMasterPassword());
        
        // add in other identity info
        Iterator it=_htIdentity.keySet().iterator();
        String key=null;
        while(it.hasNext()) {
            key=(String)it.next();
            ar.add(key + "=" + (String)_htIdentity.get(key));
        }
        
        String[] identity=new String[ar.size()];
        identity=(String[])ar.toArray(identity);

        return identity;
public static java.util.MapgetMap()

        // create a deep copy of the map so it can't be
        // side effected by a thirdparty util
        HashMap hm=new HashMap();
        Iterator it=_htIdentity.keySet().iterator();
        String key=null;
        while(it.hasNext()) {
            key=(String)it.next();
            hm.put(new String(key), new String((String)_htIdentity.get(key)));
        }
        return hm;
public static java.lang.StringgetMasterPassword()

        return _masterPassword;
private static char[]getMasterPasswordPassword()

return
The password protecting the master password keywtore

        //FIXTHIS: Need a better password which varies across machines but is not the ip address.      
        return MASTER_PASSWORD_ALIAS.toCharArray();
public static java.lang.StringgetPassword()

        return _password;
public static java.lang.StringgetUser()

        return _user;
public static voidpopulateFromInputStream()
populateFromInputStream - This method uses the stdin to populate the variables of this class in the order user, password, masterpassword

        populateFromInputStream(System.in);
public static voidpopulateFromInputStream(java.io.InputStream in)
populateFromInputStream - This method uses the passed in InputStream to populate the variables of this class in the order user, password, masterpassword

        populateFromInputStream(in, false);
public static voidpopulateFromInputStream(java.io.InputStream in, boolean quiet)
populateFromInputStream - This method uses the passed in InputStream to populate the variables of this class in the order user, password, masterpassword

param
in the InputStream to read
param
quiet if set to true, don't write to stdout


        // if not input stream or read identity is not enables (usually processLauncher.xml)
        // then retirn.  Wanted to make sure we could turn of the prompting if java command ran from
        // comman line
        if (bDebug) System.out.println("IM seeing if need to read in security properties from stdin");
        if (in == null || System.getProperty(PROPMPT_FOR_IDENTITY_SYSTEM_PROPERTY) == null) {
            return;
        }

        BufferedReader br=null;
        try {
            // read in each line and populate structure in the order user, password, masterpassword
            if (bDebug) System.out.println("IM attempting to read from inputstream");
            br=new BufferedReader(new InputStreamReader(System.in));
            String sxLine=null;
            int cnt=0, ipos=0;
            // help for users who are not running the command through the exposed asadmin command
            if(!quiet)
                System.out.println("Enter Admin User:");
            while ((sxLine=br.readLine()) != null) {
                if (bDebug) System.out.println("IM Number read - Reading Line:" + cnt + " - " + sxLine);
                
                // get input lines from process if any
                switch (cnt) {
                    case 0:
                        setUser(sxLine);
                        // print next prompt
                        if(!quiet)
                            System.out.println("Enter Admin Password:");
                        break;
                    case 1:
                        setPassword(sxLine);
                        // print next prompt
                        if(!quiet)
                            System.out.println("Enter Master Password:");
                        break;
                    case 2:
                        setMasterPassword(sxLine);
                        if(!quiet)
                            System.out.println("Enter Other Password Information (or ctrl-D or ctrl-Z):");
                        break;
                    default:
                        // see if tokenized string separated by and "="
                        putTokenizedString(sxLine)                        ;
                        if(!quiet)
                            System.out.println("Enter Other Password Information (or ctrl-D or ctrl-Z):");
                }
                // increment cound for next input field
                cnt++;

            }
        } catch (IOException e) {
            throw e;
        }
public static voidpopulateFromInputStreamQuietly()
populateFromInputStream - This method uses the stdin to populate the variables of this class in the order user, password, masterpassword It will not write noise to stdout.

        populateFromInputStream(System.in, true);
public static voidput(java.lang.String key, java.lang.String value)

        // put value in mapped file for use by nssutils and unknown numbers of input
        _htIdentity.put(key, value);
public static voidputTokenizedString(java.lang.String sxToken)

        // put value in mapped file for use by nssutils and unknown numbers of input
        // see if tokenized string separated by and "="
        int ipos=sxToken.indexOf("=");
        if (ipos > 0) {
            // break into key value pair and put into map
            put(sxToken.substring(0, ipos), sxToken.substring(ipos + 1));
        }
public static voidreadIdentityStore()
readIdentityManagerFile - This method us used to populate the IdentityManager singleton and reas its information from a keystore that was previously created. This method is used to retrieve temportarily storaged Identity information for use by task such as restart. The extra token information is read in through the appropriate manager because its variable nature was problematic to store.

        
        
        File instanceRoot = new File(System.getProperty(SystemPropertyConstants.INSTANCE_ROOT_PROPERTY), IDENTITY_STORE_FILE_NAME);        
        
        System.out.println("****** READING IDENTITY FROM ====>" + instanceRoot.getAbsolutePath());
        
        if (instanceRoot.exists()) {            
            PasswordAdapter p = new PasswordAdapter(instanceRoot.getAbsolutePath(), 
                getMasterPasswordPassword());

            setUser(p.getPasswordForAlias(USER_ALIAS));
            setPassword(p.getPasswordForAlias(PASSWORD_ALIAS));
            setMasterPassword(p.getPasswordForAlias(MASTER_PASSWORD_ALIAS));
        }
public static voidsetMasterPassword(java.lang.String masterPasswordx)

        _masterPassword=masterPasswordx;
        //We set the keystore and truststore password properties (used for JSSE) 
        //to the master password value if they are not already set. This is necessary
        //for PE only and not for SE/EE since NSS is used.
        //The xxxWasSet booleans keep track of whether the system property was initially set 
        //(e.g. in domain.xml). When false, this indicates that we have set the property and 
        //that we should continue to set it if the master password is changed. This is necessary
        //since the master password can be changed (e.g. asadmin change-master-password) and
        //setMasterPassword called multiple times.
        if (System.getProperty(SystemPropertyConstants.KEYSTORE_PROPERTY) != null) {
            if (!_keystorePropertyWasSet || 
                System.getProperty(SystemPropertyConstants.KEYSTORE_PASSWORD_PROPERTY) == null) 
            {
                System.setProperty(SystemPropertyConstants.KEYSTORE_PASSWORD_PROPERTY, 
                    getMasterPassword());
                _keystorePropertyWasSet = false;
            }
        }
        if (System.getProperty(SystemPropertyConstants.TRUSTSTORE_PROPERTY) != null) {
            if (!_truststorePropertyWasSet || 
                System.getProperty(SystemPropertyConstants.TRUSTSTORE_PASSWORD_PROPERTY) == null) 
            {
                System.setProperty(SystemPropertyConstants.TRUSTSTORE_PASSWORD_PROPERTY, 
                    getMasterPassword());
                _truststorePropertyWasSet = false;
            }
        }
        if (System.getProperty(SystemPropertyConstants.NSS_DB_PROPERTY) != null) {
            if (!_nssDbPasswordPropertyWasSet ||
                System.getProperty(SystemPropertyConstants.NSS_DB_PASSWORD_PROPERTY) == null) 
            {
                System.setProperty(SystemPropertyConstants.NSS_DB_PASSWORD_PROPERTY, 
                    getMasterPassword());
                _nssDbPasswordPropertyWasSet = false;
            }
        }
public static voidsetPassword(java.lang.String passwordx)

        _password=passwordx;
public static voidsetUser(java.lang.String userx)

        _user=userx;
public static voidwriteToOutputStream(java.io.OutputStream out)
writeToOutputStream - This method is used to writeout the contents of this class to the outputstream

        // return if no output
        if (out == null) return;
        
        PrintWriter writer=null;
        // open the output stream
        writer = new PrintWriter(new BufferedWriter(new OutputStreamWriter(out)));
        if (bDebug) System.out.println("Writing to OutputStream: " + getFormatedContents());
        // get input lines from process if any
        writer.println(getUser());
        writer.println(getPassword());
        writer.println(getMasterPassword());

        // add in other identity items
        Iterator it=_htIdentity.keySet().iterator();
        String key=null;
        while(it.hasNext()) {
            key=(String)it.next();
            writer.println(key + "=" + (String)_htIdentity.get(key));
        }
        writer.flush();
        writer.close();