xan/awips2
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Issue #2180 encrypt credential storage

Browse source 
Change-Id: If617535df024216c8d089a67c326c098e906724e

Former-commit-id: f912ce7c2806abdce17c2b994d9226cdacf1ff34
This commit is contained in:
Dave Hladky 2013-07-12 09:33:48 -05:00
parent 450af19c9c
commit adf02a83c0
21 changed files with 976 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
edexOsgi/com.raytheon.uf.common.datadelivery.registry/META-INF/MANIFEST.MF
View file

@ -23,7 +23,8 @@ Require-Bundle: com.raytheon.uf.common.registry.schemas.ebxml;bundle-version="1.
com.raytheon.uf.common.dataplugin;bundle-version="1.12.1174",
com.raytheon.uf.common.geospatial;bundle-version="1.12.1174",
javax.measure;bundle-version="1.0.0",
com.raytheon.uf.common.datadelivery.request;bundle-version="1.0.0"
com.raytheon.uf.common.datadelivery.request;bundle-version="1.0.0",
org.apache.commons.codec;bundle-version="1.4.0"
Export-Package: com.raytheon.uf.common.datadelivery.registry,
com.raytheon.uf.common.datadelivery.registry.ebxml,
com.raytheon.uf.common.datadelivery.registry.handlers

120
edexOsgi/com.raytheon.uf.common.datadelivery.registry/src/com/raytheon/uf/common/datadelivery/registry/Connection.java
View file

@ -25,12 +25,13 @@ import java.io.Serializable;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlRootElement;
import com.raytheon.uf.common.serialization.ISerializableObject;
import com.raytheon.uf.common.serialization.annotations.DynamicSerialize;
import com.raytheon.uf.common.serialization.annotations.DynamicSerializeElement;
import com.raytheon.uf.common.status.IUFStatusHandler;
import com.raytheon.uf.common.status.UFStatus;
/**
* Connection XML
@ -57,6 +58,9 @@ import com.raytheon.uf.common.serialization.annotations.DynamicSerializeElement;
public class Connection implements ISerializableObject, Serializable {
private static final long serialVersionUID = 8223819912383198409L;
private static final IUFStatusHandler statusHandler = UFStatus
.getHandler(Connection.class);
public Connection() {
@ -82,6 +86,8 @@ public class Connection implements ISerializableObject, Serializable {
@XmlElement(name = "password")
@DynamicSerializeElement
private String password;
private String providerKey;
@XmlElement(name = "encryption")
@DynamicSerializeElement
@ -111,30 +117,106 @@ public class Connection implements ISerializableObject, Serializable {
return password;
}
/**
* You pass in the providerKey to the local DD client
* The reason for this is you don't want the key and
* password ever stored in the same place. providerKey is kept
* in the registry at the WFO & NCF. The password is stored
* encrypted in a connection object file stored in localization.
* You can only decrypt when they come together in code here.
*
*
* @param providerKey
* @return
*/
public String getUnencryptedPassword() {
if (password != null && encryption != null) {
return encryption.decrypt(password);
if (password != null && providerKey != null) {
try {
return encryption.decrypt(providerKey, password);
} catch (Exception e) {
statusHandler.error("Unable to decrypt password!"+e);
}
}
return null;
}
/**
* encrypt password with providerKey
*
*
* @param providerKey
* @return
*/
public void encryptPassword() {
String encryptPassword = null;
if (password != null && providerKey != null) {
try {
encryptPassword = encryption.encrypt(providerKey, password);
setPassword(encryptPassword);
} catch (Exception e) {
statusHandler.error("Unable to crypt password!" + e);
}
}
}
/**
* You pass in the providerKey to the local DD client
* The reason for this is you don't want the key and
* password ever stored in the same place. providerKey is kept
* in the registry at the WFO & NCF. The password is stored
* encrypted in a connection object file stored in localization.
* You can only decrypt when they come together in code here.
*
*
* @param providerKey
* @return
*/
public String getUnencryptedUsername() {
if (userName != null && providerKey != null) {
try {
return encryption.decrypt(providerKey, userName);
} catch (Exception e) {
statusHandler.error("Unable to decrypt userName!"+e);
}
}
return null;
}
/**
* encrypt userName with providerKey
*
*
* @param providerKey
* @return
*/
public void encryptUserName() {
String encryptUserName = null;
if (userName != null && providerKey != null) {
try {
encryptUserName = encryption.encrypt(providerKey, userName);
setUserName(encryptUserName);
} catch (Exception e) {
statusHandler.error("Unable to crypt userName!" + e);
}
}
}
public void setUserName(String userName) {
this.userName = userName;
}
@XmlEnum
public enum Encryption {
// will have a map of these eventually
CLEAR;
// clear text for now so nothing happens here
public String decrypt(String password) {
return password;
}
}
public Encryption getEncryption() {
return encryption;
}
@ -143,4 +225,12 @@ public class Connection implements ISerializableObject, Serializable {
this.encryption = encryption;
}
public String getProviderKey() {
return providerKey;
}
public void setProviderKey(String providerKey) {
this.providerKey = providerKey;
}
}

188
edexOsgi/com.raytheon.uf.common.datadelivery.registry/src/com/raytheon/uf/common/datadelivery/registry/Encryption.java Normal file
View file

@ -0,0 +1,188 @@
package com.raytheon.uf.common.datadelivery.registry;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlEnumValue;
import javax.xml.bind.annotation.XmlRootElement;
import org.apache.commons.codec.binary.Base64;
import com.raytheon.uf.common.serialization.annotations.DynamicSerialize;
import com.raytheon.uf.common.serialization.annotations.DynamicSerializeElement;
/**
* Encryption
*
* <pre>
*
* SOFTWARE HISTORY
* Date Ticket# Engineer Description
* ------------ ---------- ----------- --------------------------
* Jul 10, 2013 2180 dhladky Initial creation
*
* </pre>
*
* @author dhladky
* @version 1.0
*/
@XmlRootElement(name = "encryption")
@XmlAccessorType(XmlAccessType.NONE)
@DynamicSerialize
public class Encryption {
// entropy
private static final int IV_LENGTH = 16;
private IvParameterSpec ivSpec;
private SecretKeySpec key;
private Cipher deCipher;
private Cipher enCipher;
@XmlElement(name = "algorithim")
@DynamicSerializeElement
public Algorithim algorithim;
@XmlElement(name = "padding")
@DynamicSerializeElement
public Padding padding;
public Encryption() {
}
@XmlEnum
public enum Algorithim {
// CLEAR, No encryption
// AES, AES encryption
// DES, DES encryption
@XmlEnumValue(Algorithim.aes)
AES("AES"), @XmlEnumValue(Algorithim.des)
DES("DES");
private static final String aes = "AES";
private static final String des = "DES";
private final String algo;
private Algorithim(String name) {
algo = name;
}
@Override
public String toString() {
return algo;
}
}
@XmlEnum
public enum Padding {
// CLEAR, No encryption
// AES, AES encryption
// DES, DES encryption
@XmlEnumValue(Padding.aes_pad)
AES("AES/CFB8/NoPadding"), @XmlEnumValue(Padding.des_pad)
DES("DES/CBC/PKCS5Padding");
private static final String aes_pad = "AES/CFB8/NoPadding";
private static final String des_pad = "DES/CBC/PKCS5Padding";
private final String padd;
private Padding(String name) {
padd = name;
}
@Override
public String toString() {
return padd;
}
}
public Algorithim getAlgorithim() {
return algorithim;
}
public void setAlgorithim(Algorithim algorithim) {
this.algorithim = algorithim;
}
public Padding getPadding() {
return padding;
}
public void setPadding(Padding padding) {
this.padding = padding;
}
/**
* Sets up the cipher using the sharedKey
*
* @param sharedKey
* @throws NoSuchAlgorithmException
*/
private void setupCipher(String sharedKey) throws Exception {
byte[] keyBytes = null;
MessageDigest sha = MessageDigest.getInstance("SHA-1");
keyBytes = sha.digest(Base64.decodeBase64(sharedKey));
keyBytes = Arrays.copyOf(keyBytes, 16); // use only first 128 bit
byte[] ivBytes = new byte[IV_LENGTH];
ivSpec = new IvParameterSpec(ivBytes);
// create the cipher with the algorithm you choose
// see javadoc for Cipher class for more info, e.g.
key = new SecretKeySpec(keyBytes, getAlgorithim().algo);
deCipher = Cipher.getInstance(getPadding().padd);
enCipher = Cipher.getInstance(getPadding().padd);
}
/**
* Encrypts a string using AES/DES encoding
*
* @param sharedKey
* @param password
* @return
* @throws Exception
*/
public String encrypt(String sharedKey, String password)
throws Exception {
setupCipher(sharedKey);
enCipher.init(Cipher.ENCRYPT_MODE, key, ivSpec);
return Base64.encodeBase64String(enCipher.doFinal(password.getBytes()));
}
/**
* Decrypts an AES/DES encoded string
*
* @param sharedKey
* @param encryptedPass
* @return
* @throws Exception
*/
public String decrypt(String sharedKey, String encryptedPass)
throws Exception {
setupCipher(sharedKey);
deCipher.init(Cipher.DECRYPT_MODE, key, ivSpec);
return new String(deCipher.doFinal(Base64.decodeBase64(encryptedPass)));
}
}

4
edexOsgi/com.raytheon.uf.common.datadelivery.registry/src/com/raytheon/uf/common/datadelivery/registry/Provider.java
View file

@ -153,11 +153,11 @@ public class Provider implements ISerializableObject {
@XmlElements({ @XmlElement(name = "projection", type = Projection.class) })
@DynamicSerializeElement
private List<Projection> projection;;
private List<Projection> projection;
public Provider() {
};
}
// TODO: Need to add a bunch of things here!

159
edexOsgi/com.raytheon.uf.common.datadelivery.registry/src/com/raytheon/uf/common/datadelivery/registry/ProviderKeyRequest.java Normal file
View file

@ -0,0 +1,159 @@
package com.raytheon.uf.common.datadelivery.registry;
/**
* This software was developed and / or modified by Raytheon Company,
* pursuant to Contract DG133W-05-CQ-1067 with the US Government.
*
* U.S. EXPORT CONTROLLED TECHNICAL DATA
* This software product contains export-restricted data whose
* export/transfer/disclosure is restricted by U.S. law. Dissemination
* to non-U.S. persons whether in the United States or abroad requires
* an export license or other authorization.
*
* Contractor Name: Raytheon Company
* Contractor Address: 6825 Pine Street, Suite 340
* Mail Stop B8
* Omaha, NE 68106
* 402.291.0100
*
* See the AWIPS II Master Rights File ("Master Rights File.pdf") for
* further licensing information.
**/
import com.raytheon.uf.common.serialization.annotations.DynamicSerializeElement;
import com.raytheon.uf.common.serialization.comm.IServerRequest;
/**
* A request providerKey.
*
* <pre>
*
* SOFTWARE HISTORY
*
* Date Ticket# Engineer Description
* ------------ ---------- ----------- --------------------------
* July 14, 2013 2184 dhladky Initial creation
*
* @author dhladky
* @version 1.0
*/
public class ProviderKeyRequest implements IServerRequest {
@DynamicSerializeElement
private Provider provider;
@DynamicSerializeElement
private String providerKey;
@DynamicSerializeElement
private RequestType requestType;
@DynamicSerializeElement
private Status status;
public ProviderKeyRequest() {
}
public ProviderKeyRequest(String providerKey, Provider provider, RequestType requestType) {
this.providerKey = providerKey;
this.provider = provider;
this.requestType = requestType;
}
public Provider getProvider() {
return provider;
}
public void setProvider(Provider provider) {
this.provider = provider;
}
public String getProviderKey() {
return providerKey;
}
public void setProviderKey(String providerKey) {
this.providerKey = providerKey;
}
public RequestType getRequestType() {
return requestType;
}
public void setRequestType(RequestType requestType) {
this.requestType = requestType;
}
/**
* Request Type
*
* <pre>
*
* SOFTWARE HISTORY
*
* Date Ticket# Engineer Description
* ------------ ---------- ----------- --------------------------
* July 16, 2013 2184 dhladky Initial creation
*
* </pre>
*
* @author dhladky
* @version 1.0
*/
public enum RequestType {
SAVE("SAVE"), RETRIEVE("RETRIEVE");
private final String requestType;
private RequestType(String name) {
requestType = name;
}
@Override
public String toString() {
return requestType;
}
}
/**
* Transaction Status
*
* <pre>
*
* SOFTWARE HISTORY
*
* Date Ticket# Engineer Description
* ------------ ---------- ----------- --------------------------
* July 16, 2013 2184 dhladky Initial creation
*
* </pre>
*
* @author dhladky
* @version 1.0
*/
public enum Status {
SUCCESS("SUCCESS"), FAILURE("FAILURE");
private final String status;
private Status(String name) {
status = name;
}
@Override
public String toString() {
return status;
}
}
public Status getStatus() {
return status;
}
public void setStatus(Status status) {
this.status = status;
}
}

5
edexOsgi/com.raytheon.uf.common.datadelivery.retrieval/META-INF/MANIFEST.MF
View file

@ -13,7 +13,10 @@ Require-Bundle: com.raytheon.uf.common.serialization;bundle-version="1.12.1174",
com.raytheon.uf.common.geospatial;bundle-version="1.12.1174",
com.raytheon.uf.common.gridcoverage;bundle-version="1.0.0",
com.raytheon.uf.common.dataplugin;bundle-version="1.12.1174",
com.raytheon.uf.common.util;bundle-version="1.12.1174"
com.raytheon.uf.common.util;bundle-version="1.12.1174",
javax.persistence;bundle-version="1.0.0",
com.raytheon.uf.common.dataquery;bundle-version="1.0.0",
org.apache.commons.lang;bundle-version="2.3.0"
Bundle-RequiredExecutionEnvironment: JavaSE-1.6
Bundle-ActivationPolicy: lazy
Export-Package: com.raytheon.uf.common.datadelivery.retrieval.util,

1
edexOsgi/com.raytheon.uf.common.datadelivery.retrieval/META-INF/services/com.raytheon.uf.common.serialization.ISerializableObject
View file

@ -13,3 +13,4 @@ com.raytheon.uf.common.datadelivery.retrieval.xml.UnitConfig
com.raytheon.uf.common.datadelivery.retrieval.xml.UnitLookup

36
edexOsgi/com.raytheon.uf.common.dataplugin.madis/src/com/raytheon/uf/common/dataplugin/madis/MadisRecord.java
View file

@ -72,6 +72,7 @@ import com.raytheon.uf.common.serialization.annotations.DynamicSerializeElement;
* June 03, 2013 1763 dhladky Added ValMap lookups for QCD
* July 08, 2013 2171 dhladky Removed dataURI
* July 12, 2013 2096 mpduff Changed temperature unit to F.
* July 14, 2013 2180 dhladky GUI update for mouse over display
* </pre>
*
* @author dhladky
@ -571,22 +572,21 @@ public class MadisRecord extends PersistablePluginDataObject implements
*/
@XmlEnum
public enum QCD {
// C - Coarse pass, passed level 1
// S - Screened, passed levels 1 and 2
// V - Verified, passed levels 1, 2, and 3
// X - Rejected/erroneous, failed level 1
// Q - Questioned, passed level 1, failed 2 or 3
// G - Subjective good
// B - Subjective bad
@XmlEnumValue(QCD.V)
VERIFIED("V"), @XmlEnumValue(QCD.S)
SCREENDED("S"), @XmlEnumValue(QCD.Q)
QUESTIONED("Q"), @XmlEnumValue(QCD.B)
BAD("B"), @XmlEnumValue(QCD.C)
COARSEPASS("C"), @XmlEnumValue(QCD.G)
GOOD("G"), @XmlEnumValue(QCD.Z)
MISSING("Z"), @XmlEnumValue(QCD.X)
REJECTED("X");
//C - Coarse pass, passed level 1
//S - Screened, passed levels 1 and 2
//V - Verified, passed levels 1, 2, and 3
//X - Rejected/erroneous, failed level 1
//Q - Questioned, passed level 1, failed 2 or 3
//G - Subjective good
//B - Subjective bad
@XmlEnumValue(QCD.V) VERIFIED("V"),
@XmlEnumValue(QCD.S) SCREENED("S"),
@XmlEnumValue(QCD.Q) QUESTIONED("Q"),
@XmlEnumValue(QCD.B) BAD("B"),
@XmlEnumValue(QCD.C) COARSEPASS("C"),
@XmlEnumValue(QCD.G) GOOD("G"),
@XmlEnumValue(QCD.Z) MISSING("Z"),
@XmlEnumValue(QCD.X) REJECTED("X");
private static final String V = "V";
@ -611,7 +611,7 @@ public class MadisRecord extends PersistablePluginDataObject implements
static {
Map<String, QCD> map = new HashMap<String, QCD>();
map.put(V, QCD.VERIFIED);
map.put(S, QCD.SCREENDED);
map.put(S, QCD.SCREENED);
map.put(Q, QCD.QUESTIONED);
map.put(C, QCD.COARSEPASS);
map.put(B, QCD.BAD);
@ -622,7 +622,7 @@ public class MadisRecord extends PersistablePluginDataObject implements
Map<String, QCD> map2 = new HashMap<String, QCD>();
map2.put(QCD.VERIFIED.name(), QCD.VERIFIED);
map2.put(QCD.SCREENDED.name(), QCD.SCREENDED);
map2.put(QCD.SCREENED.name(), QCD.SCREENED);
map2.put(QCD.QUESTIONED.name(), QCD.QUESTIONED);
map2.put(QCD.COARSEPASS.name(), QCD.COARSEPASS);
map2.put(QCD.BAD.name(), QCD.BAD);

3
edexOsgi/com.raytheon.uf.common.pointdata/src/com/raytheon/uf/common/pointdata/spatial/SurfaceObsLocation.java
View file

@ -60,6 +60,7 @@ import com.vividsolutions.jts.geom.Point;
* hibernate spatial.
* Jul 16, 2013 2181 bsteffen Convert geometry types to use hibernate-
* spatial
* July 15, 2013 2180 dhladky Changed to hibernate spatial type (Done in 13.51) not in dev
*
* </pre>
*
@ -103,7 +104,7 @@ public class SurfaceObsLocation implements ISpatialObject, Cloneable {
@DynamicSerializeElement
private Boolean locationDefined = Boolean.FALSE;
@Column
@Column(name = "location", columnDefinition = "geometry")
@Type(type = "org.hibernatespatial.GeometryUserType")
@XmlJavaTypeAdapter(value = GeometryAdapter.class)
@DynamicSerializeElement

1
edexOsgi/com.raytheon.uf.edex.datadelivery.retrieval/META-INF/services/com.raytheon.uf.common.serialization.ISerializableObject
View file

@ -1,5 +1,6 @@
com.raytheon.uf.edex.datadelivery.retrieval.db.RetrievalRequestRecord
com.raytheon.uf.edex.datadelivery.retrieval.db.RetrievalRequestRecordPK
com.raytheon.uf.edex.datadelivery.retrieval.db.ProviderKeyRecord
com.raytheon.uf.edex.datadelivery.retrieval.Link
com.raytheon.uf.edex.datadelivery.retrieval.LinkStore

79
edexOsgi/com.raytheon.uf.edex.datadelivery.retrieval/src/com/raytheon/uf/edex/datadelivery/retrieval/db/ProviderKeyDao.java Normal file
View file

@ -0,0 +1,79 @@
package com.raytheon.uf.edex.datadelivery.retrieval.db;
/**
* This software was developed and / or modified by Raytheon Company,
* pursuant to Contract DG133W-05-CQ-1067 with the US Government.
*
* U.S. EXPORT CONTROLLED TECHNICAL DATA
* This software product contains export-restricted data whose
* export/transfer/disclosure is restricted by U.S. law. Dissemination
* to non-U.S. persons whether in the United States or abroad requires
* an export license or other authorization.
*
* Contractor Name: Raytheon Company
* Contractor Address: 6825 Pine Street, Suite 340
* Mail Stop B8
* Omaha, NE 68106
* 402.291.0100
*
* See the AWIPS II Master Rights File ("Master Rights File.pdf") for
* further licensing information.
**/
import java.util.List;
import com.raytheon.uf.edex.database.DataAccessLayerException;
import com.raytheon.uf.edex.database.dao.CoreDao;
import com.raytheon.uf.edex.database.dao.DaoConfig;
/**
* Provider Key Dao
*
* <pre>
*
* SOFTWARE HISTORY
* Date Ticket# Engineer Description
* ------------ ---------- ----------- --------------------------
* Jul 13, 2012 2180 dhladky Provider Key storage
*
* </pre>
*
* @author dhladky
* @version 1.0
*/
public class ProviderKeyDao extends CoreDao {
/**
* Creates a new ProviderKeyDao
*/
public ProviderKeyDao() {
super(DaoConfig.forClass(ProviderKeyRecord.class));
}
/**
* Retrieves a ProviderkeyRecord with the providerName
*
* @param providerName
* @return The Providerkey with the corresponding providerName
*/
public ProviderKeyRecord queryByProvider(String providerName)
throws DataAccessLayerException {
List<?> providers = queryBySingleCriteria("providerName", providerName);
if (providers.isEmpty()) {
return null;
} else {
return (ProviderKeyRecord) providers.get(0);
}
}
/**
* Add or update an existing ProviderKey Record
*
* @param record
*/
public void addOrUpdateRecord(ProviderKeyRecord record) throws Exception {
persist(record);
}
}

92
edexOsgi/com.raytheon.uf.edex.datadelivery.retrieval/src/com/raytheon/uf/edex/datadelivery/retrieval/db/ProviderKeyRecord.java Normal file
View file

@ -0,0 +1,92 @@
package com.raytheon.uf.edex.datadelivery.retrieval.db;
/**
* This software was developed and / or modified by Raytheon Company,
* pursuant to Contract DG133W-05-CQ-1067 with the US Government.
*
* U.S. EXPORT CONTROLLED TECHNICAL DATA
* This software product contains export-restricted data whose
* export/transfer/disclosure is restricted by U.S. law. Dissemination
* to non-U.S. persons whether in the United States or abroad requires
* an export license or other authorization.
*
* Contractor Name: Raytheon Company
* Contractor Address: 6825 Pine Street, Suite 340
* Mail Stop B8
* Omaha, NE 68106
* 402.291.0100
*
* See the AWIPS II Master Rights File ("Master Rights File.pdf") for
* further licensing information.
**/
import java.io.Serializable;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Table;
import com.raytheon.uf.common.dataplugin.persist.IPersistableDataObject;
import com.raytheon.uf.common.serialization.ISerializableObject;
import com.raytheon.uf.common.serialization.annotations.DynamicSerialize;
import com.raytheon.uf.common.serialization.annotations.DynamicSerializeElement;
/**
* Provider Key Record
*
* <pre>
*
* SOFTWARE HISTORY
* Date Ticket# Engineer Description
* ------------ ---------- ----------- --------------------------
* Jul 13, 2012 2180 dhladky Provider Key storage
*
* </pre>
*
* @author dhladky
* @version 1.0
*/
@Entity
@Table(name = "dataDeliveryProviderKey")
@DynamicSerialize
public class ProviderKeyRecord implements IPersistableDataObject<String>,
Serializable, ISerializableObject {
private static final long serialVersionUID = 177884683888461814L;
@Id
@DynamicSerializeElement
private String providerName;
@Column(nullable = false)
@DynamicSerializeElement
private String providerKey;
public ProviderKeyRecord(String providerName, String providerKey) {
this.providerName = providerName;
this.providerKey = providerKey;
}
public String getProviderKey() {
return providerKey;
}
public void setProviderKey(String providerKey) {
this.providerKey = providerKey;
}
@Override
public String getIdentifier() {
return providerName;
}
public String getProviderName() {
return providerName;
}
public void setProviderName(String providerName) {
this.providerName = providerName;
}
}

195
edexOsgi/com.raytheon.uf.edex.datadelivery.retrieval/src/com/raytheon/uf/edex/datadelivery/retrieval/util/ProviderCredentialsUtil.java Normal file
View file

@ -0,0 +1,195 @@
package com.raytheon.uf.edex.datadelivery.retrieval.util;
import java.io.File;
import com.raytheon.uf.common.datadelivery.registry.Connection;
import com.raytheon.uf.common.datadelivery.registry.Provider;
import com.raytheon.uf.common.localization.IPathManager;
import com.raytheon.uf.common.localization.LocalizationContext;
import com.raytheon.uf.common.localization.LocalizationContext.LocalizationLevel;
import com.raytheon.uf.common.localization.LocalizationContext.LocalizationType;
import com.raytheon.uf.common.localization.LocalizationFile;
import com.raytheon.uf.common.localization.PathManagerFactory;
import com.raytheon.uf.common.serialization.SerializationUtil;
import com.raytheon.uf.common.status.IUFStatusHandler;
import com.raytheon.uf.common.status.UFStatus;
import com.raytheon.uf.common.status.UFStatus.Priority;
import com.raytheon.uf.edex.datadelivery.retrieval.db.ProviderKeyDao;
import com.raytheon.uf.edex.datadelivery.retrieval.db.ProviderKeyRecord;
/**
* This software was developed and / or modified by Raytheon Company,
* pursuant to Contract DG133W-05-CQ-1067 with the US Government.
*
* U.S. EXPORT CONTROLLED TECHNICAL DATA
* This software product contains export-restricted data whose
* export/transfer/disclosure is restricted by U.S. law. Dissemination
* to non-U.S. persons whether in the United States or abroad requires
* an export license or other authorization.
*
* Contractor Name: Raytheon Company
* Contractor Address: 6825 Pine Street, Suite 340
* Mail Stop B8
* Omaha, NE 68106
* 402.291.0100
*
* See the AWIPS II Master Rights File ("Master Rights File.pdf") for
* further licensing information.
**/
/**
*
* Provider Credentials Util
*
* <pre>
*
* SOFTWARE HISTORY
*
* Date Ticket# Engineer Description
* ------------ ---------- ----------- --------------------------
* Jul 10, 2013 2180 dhladky Initial
*
* </pre>
*
* @author dhladky
* @version 1.0
*/
public class ProviderCredentialsUtil {
private static final IUFStatusHandler statusHandler = UFStatus
.getHandler(ProviderCredentialsUtil.class);
private static final String CONNECTION_FILE_PREFIX = "datadelivery"
+ IPathManager.SEPARATOR + "connection" + IPathManager.SEPARATOR;
private static final String CONNECTION_FILE_SUFFIX = "-connection.xml";
/**
* Saves the connection for the provider encrypted to Localization by providerKey
* This will be used by the SSMI to update userName and password stores
* @param providerKey
* @param conn
*/
public static boolean saveCredentials(String providerKey, Provider provider) {
Connection conn = null;
try {
// encrypt userName and password
conn = provider.getConnection();
conn.setProviderKey(providerKey);
conn.encryptUserName();
conn.encryptPassword();
} catch (Exception e) {
statusHandler.handle(Priority.ERROR,
"Failed! Couldn't encrypt credentials!", e);
return false;
}
try {
ProviderKeyRecord pkr = new ProviderKeyRecord(provider.getName(), providerKey);
ProviderKeyDao pkd = new ProviderKeyDao();
pkd.addOrUpdateRecord(pkr);
} catch (Exception e) {
statusHandler.handle(Priority.ERROR,
"Failed! Couldn't store provider key record!", e);
return false;
}
if (conn != null && providerKey != null) {
try {
storeConnection(conn, providerKey);
} catch (Exception e) {
statusHandler
.handle(Priority.ERROR,
"Failed! Couldn't store encrypted Connection to Localization!",
e);
return false;
}
}
return true;
}
/**
* Gets the encrypted credentials connection object stored locally
*
* @param providerKey
* @return
*/
public static Connection retrieveCredentials(String providerName)
throws Exception {
// retrieve the providerKey from the name
Connection conn = getConnection(providerName);
if (conn != null) {
ProviderKeyDao pkd = new ProviderKeyDao();
ProviderKeyRecord pkr = pkd.queryByProvider(providerName);
if (pkr != null) {
conn.setProviderKey(pkr.getProviderKey());
}
}
return conn;
}
/**
* Gets the connection file containing the encryption method, username, and
* encrypted password.
*
* @param providerName
* @return
*/
private static Connection getConnection(String providerName) throws Exception {
IPathManager pm = PathManagerFactory.getPathManager();
LocalizationContext lc = pm.getContext(LocalizationType.COMMON_STATIC,
LocalizationLevel.SITE);
String connectionFileName = CONNECTION_FILE_PREFIX + providerName
+ CONNECTION_FILE_SUFFIX;
LocalizationFile lf = pm.getLocalizationFile(lc, connectionFileName);
File file = lf.getFile();
// System.out.println("Reading -- " + file.getAbsolutePath());
if (!file.exists()) {
statusHandler.handle(Priority.DEBUG, providerName
+ " connection file: " + file.getAbsolutePath()
+ " does not exist.");
return null;
}
Connection conn = SerializationUtil.jaxbUnmarshalFromXmlFile(
Connection.class, file.getAbsolutePath());
return conn;
}
/**
* Stores the local connection file containing the encryption method,
* username, and encrypted password.
*
* @param Connection
* @param providerName
* @return
*/
private static void storeConnection(Connection conn, String providerName)
throws Exception {
IPathManager pm = PathManagerFactory.getPathManager();
LocalizationContext lc = pm.getContext(LocalizationType.COMMON_STATIC,
LocalizationLevel.SITE);
String connectionFileName = CONNECTION_FILE_PREFIX + providerName
+ CONNECTION_FILE_SUFFIX;
LocalizationFile lf = pm.getLocalizationFile(lc, connectionFileName);
File file = lf.getFile();
SerializationUtil.jaxbMarshalToXmlFile(conn, file.getAbsolutePath());
}
}

28
edexOsgi/com.raytheon.uf.edex.datadelivery.retrieval/src/com/raytheon/uf/edex/datadelivery/retrieval/util/WfsConnectionUtil.java
View file

@ -28,6 +28,7 @@ import com.raytheon.uf.common.status.UFStatus.Priority;
* May 31, 2013 1763 dhladky refined.
* Jun 17, 2013 2106 djohnson Use getUnencryptedPassword().
* Jun 18, 2013 2120 dhladky Times fixes and SSL changes
* Jul 10, 2013 2180 dhladky Updated credential requests
*
* </pre>
*
@ -39,8 +40,8 @@ public class WfsConnectionUtil {
private static final IUFStatusHandler statusHandler = UFStatus
.getHandler(WfsConnectionUtil.class);
public static String wfsConnect(String url, Connection conn,
public static String wfsConnect(String url, Connection providerConn,
String providerName) {
String xmlResponse = null;
HttpClient http = null;
@ -51,15 +52,23 @@ public class WfsConnectionUtil {
HttpGet get = new HttpGet();
URI uri = new URI(url);
// check for the need to do a username password auth check
if (conn != null && conn.getUserName() != null
&& conn.getPassword() != null) {
Connection localConnection = ProviderCredentialsUtil.retrieveCredentials(providerName);
if (localConnection != null && localConnection.getProviderKey() != null) {
statusHandler.handle(Priority.INFO,
"Attempting credential request: " + providerName);
http.setHandler(new WfsCredentialsHandler(conn.getUserName(),
conn.getUnencryptedPassword()));
"Attempting credentialed request: " + providerName);
// Local Connection object contains the username, password and
// encryption method for
// password storage and decrypt.
String userName = localConnection
.getUnencryptedUsername();
String password = localConnection
.getUnencryptedPassword();
http.setHandler(new WfsCredentialsHandler(userName, password));
http.setHttpsConfiguration(new WfsHttpsConfiguration(uri));
http.setCredentials(uri.getHost(), uri.getPort(), providerName,
conn.getUserName(), conn.getUnencryptedPassword());
userName, password);
}
get.setURI(uri);
@ -74,6 +83,7 @@ public class WfsConnectionUtil {
return xmlResponse;
}
/**
*
@ -162,5 +172,5 @@ public class WfsConnectionUtil {
return httpPort;
}
}
}

3
edexOsgi/com.raytheon.uf.edex.datadelivery.service/META-INF/MANIFEST.MF
View file

@ -23,4 +23,5 @@ Require-Bundle: com.raytheon.uf.common.auth;bundle-version="1.12.1174",
com.google.guava;bundle-version="1.0.0",
com.raytheon.uf.common.datadelivery.event;bundle-version="1.0.0",
com.raytheon.uf.common.datadelivery.service;bundle-version="1.0.0",
org.springframework;bundle-version="2.5.6"
org.springframework;bundle-version="2.5.6",
com.raytheon.uf.edex.datadelivery.retrieval;bundle-version="1.0.0"

9
edexOsgi/com.raytheon.uf.edex.datadelivery.service/res/spring/datadelivery-service-handlers.xml
View file

@ -12,6 +12,9 @@
<bean id="subscriptionDeleteServiceHandler"
class="com.raytheon.uf.edex.datadelivery.service.services.SubscriptionDeleteHandler" />
<bean id="providerKeyRequestServiceHandler"
class="com.raytheon.uf.edex.datadelivery.service.services.ProviderKeyRequestHandler" />
<bean id="groupDefinitionServiceHandler"
class="com.raytheon.uf.edex.datadelivery.service.services.GroupDefinitionServiceHandler">
@ -29,5 +32,11 @@
value="com.raytheon.uf.common.datadelivery.registry.GroupDefinitionServiceRequest" />
<constructor-arg ref="groupDefinitionServiceHandler" />
</bean>
<bean factory-bean="handlerRegistry" factory-method="register">
<constructor-arg
value="com.raytheon.uf.common.datadelivery.registry.ProviderKeyRequest" />
<constructor-arg ref="providerKeyRequestServiceHandler" />
</bean>
</beans>

76
edexOsgi/com.raytheon.uf.edex.datadelivery.service/src/com/raytheon/uf/edex/datadelivery/service/services/ProviderKeyRequestHandler.java Normal file
View file

@ -0,0 +1,76 @@
package com.raytheon.uf.edex.datadelivery.service.services;
/**
* This software was developed and / or modified by Raytheon Company,
* pursuant to Contract DG133W-05-CQ-1067 with the US Government.
*
* U.S. EXPORT CONTROLLED TECHNICAL DATA
* This software product contains export-restricted data whose
* export/transfer/disclosure is restricted by U.S. law. Dissemination
* to non-U.S. persons whether in the United States or abroad requires
* an export license or other authorization.
*
* Contractor Name: Raytheon Company
* Contractor Address: 6825 Pine Street, Suite 340
* Mail Stop B8
* Omaha, NE 68106
* 402.291.0100
*
* See the AWIPS II Master Rights File ("Master Rights File.pdf") for
* further licensing information.
**/
import com.raytheon.uf.common.datadelivery.registry.Connection;
import com.raytheon.uf.common.datadelivery.registry.Provider;
import com.raytheon.uf.common.datadelivery.registry.ProviderKeyRequest;
import com.raytheon.uf.common.datadelivery.registry.ProviderKeyRequest.RequestType;
import com.raytheon.uf.common.datadelivery.registry.ProviderKeyRequest.Status;
import com.raytheon.uf.common.serialization.comm.IRequestHandler;
import com.raytheon.uf.edex.datadelivery.retrieval.util.ProviderCredentialsUtil;
/**
* A ProviderKeyRequestHandler.
*
* <pre>
*
* SOFTWARE HISTORY
*
* Date Ticket# Engineer Description
* ------------ ---------- ----------- --------------------------
* July 14, 2013 2184 dhladky Initial creation
*
* @author dhladky
* @version 1.0
*/
public class ProviderKeyRequestHandler implements IRequestHandler<ProviderKeyRequest> {
@Override
public Object handleRequest(ProviderKeyRequest request) throws Exception {
if (request.getRequestType() == RequestType.SAVE) {
boolean status = ProviderCredentialsUtil.saveCredentials(request.getProviderKey(),
request.getProvider());
if (status) {
request.setStatus(Status.SUCCESS);
} else {
request.setStatus(Status.FAILURE);
}
} else if (request.getRequestType() == RequestType.RETRIEVE) {
Provider provider = request.getProvider();
Connection conn = ProviderCredentialsUtil
.retrieveCredentials(request.getProvider().getName());
if (conn != null) {
provider.setConnection(conn);
request.setProvider(provider);
request.setStatus(Status.SUCCESS);
} else {
request.setStatus(Status.FAILURE);
}
}
return request;
}
}

3
edexOsgi/com.raytheon.uf.edex.plugin.madis/src/com/raytheon/uf/edex/plugin/madis/MadisPointDataTransform.java
View file

@ -251,8 +251,9 @@ public class MadisPointDataTransform {
PointDataView pdv = container.append();
// I think this is inefficient but, PlotData for SVG reads
// the pointDataView so, the first 3 that are already in the
// the pointDataView so, the first 4 that are already in the
// DB have to be here.
pdv.setLong(TIME_OBS, record.getDataTime().getRefTime().getTime());
pdv.setString(PROVIDER, record.getProvider());
pdv.setString(SUB_PROVIDER, record.getSubProvider());
pdv.setInt(RESTRICTION, record.getRestriction());

19
tests/manual/com/raytheon/uf/common/comm/HttpProxiedClientValidCredentialsTest.java
View file

@ -34,8 +34,9 @@ import org.junit.Test;
import com.raytheon.uf.common.comm.HttpClient.HttpClientResponse;
import com.raytheon.uf.common.datadelivery.registry.Connection;
import com.raytheon.uf.common.datadelivery.registry.Connection.Encryption;
import com.raytheon.uf.common.datadelivery.registry.DataType;
import com.raytheon.uf.common.datadelivery.registry.Encryption.Algorithim;
import com.raytheon.uf.common.datadelivery.registry.Encryption.Padding;
import com.raytheon.uf.common.datadelivery.registry.Projection;
import com.raytheon.uf.common.datadelivery.registry.Provider;
import com.raytheon.uf.common.datadelivery.registry.Provider.ServiceType;
@ -54,6 +55,7 @@ import com.raytheon.uf.common.util.ProxiedJettyServer;
* ------------ ---------- ----------- --------------------------
* Jun 11, 2013 1763 dhladky Initial creation
* Jun 17, 2013 2106 djohnson Use unencrypted password getter.
* July15, 2103 2180 dhladky Updated encryption
*
* </pre>
*
@ -115,7 +117,14 @@ public class HttpProxiedClientValidCredentialsTest {
Connection conn = new Connection();
conn.setUserName(HttpProxyTestConstants.USERNAME);
conn.setPassword(HttpProxyTestConstants.PASSWD);
conn.setEncryption(Encryption.CLEAR);
conn.setProviderKey(HttpProxyTestConstants.PROVIDER_KEY);
com.raytheon.uf.common.datadelivery.registry.Encryption encryption = new com.raytheon.uf.common.datadelivery.registry.Encryption();
encryption.setAlgorithim(Algorithim.AES);
encryption.setPadding(Padding.AES);
conn.setEncryption(encryption);
// encrypt credentials
conn.encryptUserName();
conn.encryptPassword();
conn.setUrl(HttpProxyTestConstants.HTTPS_URI);
// projection object
Projection proj = new Projection();
@ -146,12 +155,14 @@ public class HttpProxiedClientValidCredentialsTest {
if (conn1 != null && conn1.getUserName() != null
&& conn1.getPassword() != null) {
conn1.setProviderKey(HttpProxyTestConstants.PROVIDER_KEY);
final String unencryptedPassword = conn1.getUnencryptedPassword();
final String unencryptedUsername = conn1.getUnencryptedUsername();
http.setCredentials(uri.getHost(), uri.getPort(),
provider.getName(), conn1.getUserName(),
provider.getName(), unencryptedUsername,
unencryptedPassword);
System.out.println("Credentials set! " + conn1.getUserName()
System.out.println("Credentials set! " + unencryptedUsername
+ " " + unencryptedPassword);
}

4
tests/manual/com/raytheon/uf/common/comm/HttpProxyTestConstants.java
View file

@ -32,6 +32,7 @@ import org.junit.Ignore;
* ------------ ---------- ----------- --------------------------
* Jun 11, 2013 1763 dhladky Initial creation
* Jun 17, 2013 2106 djohnson Use username/password from HttpTestConstants.
* Jul 15, 2013 2180 dhladky Updated for encryption
*
* </pre>
*
@ -46,6 +47,9 @@ public class HttpProxyTestConstants extends HttpTestConstants {
public static final String REALM = "MADISOGC";
public static final String CONTEXT = "wfs";
// 32 character length
public static final String PROVIDER_KEY = "1qaz2wsx3edc4rfv5tgb6yhn6yhn7ujm8";
public static final String HOST = "dev11";

1
tests/manual/com/raytheon/uf/common/comm/TestProxyHttpsConfiguration.java
View file

@ -31,6 +31,7 @@ import org.junit.Ignore;
* Date Ticket# Engineer Description
* ------------ ---------- ----------- --------------------------
* Apr 9, 2013 mpduff Initial creation
* July 15, 2013 2180 dhladky Updated for encryption
*
* </pre>
*