From: <jav...@us...> - 2010-02-26 20:00:03
|
Revision: 12836 http://dcm4che.svn.sourceforge.net/dcm4che/?rev=12836&view=rev Author: javawilli Date: 2010-02-26 19:59:57 +0000 (Fri, 26 Feb 2010) Log Message: ----------- [#WEB-34] Move to Trash Added Paths: ----------- dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/pom.xml dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/java/ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/java/org/ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/java/org/dcm4chee/ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/java/org/dcm4chee/web/ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/java/org/dcm4chee/web/service/ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/java/org/dcm4chee/web/service/tlscfg/ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/java/org/dcm4chee/web/service/tlscfg/TlsCfgService.java dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/resources/ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/resources/META-INF/ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/resources/META-INF/jboss-service.xml Added: dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/pom.xml =================================================================== --- dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/pom.xml (rev 0) +++ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/pom.xml 2010-02-26 19:59:57 UTC (rev 12836) @@ -0,0 +1,73 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project> + <modelVersion>4.0.0</modelVersion> + <parent> + <artifactId>dcm4chee-web-sar</artifactId> + <groupId>dcm4che.dcm4chee</groupId> + <version>3.0.0-SNAPSHOT</version> + </parent> + <groupId>dcm4che.dcm4chee</groupId> + <artifactId>dcm4chee-web-sar-tlscfg</artifactId> + <version>3.0.0-SNAPSHOT</version> + <packaging>jboss-sar</packaging> + <name>DICOM TLS Configuration Service</name> + <dependencies> + <dependency> + <groupId>jboss</groupId> + <artifactId>jboss-jmx</artifactId> + <version>4.2.3.GA</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>jboss</groupId> + <artifactId>jboss-system</artifactId> + <version>4.2.3.GA</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>jboss</groupId> + <artifactId>jboss-common</artifactId> + <version>4.2.3.GA</version> + <scope>provided</scope> + </dependency> + + <dependency> + <groupId>dcm4che</groupId> + <artifactId>dcm4che-core</artifactId> + <version>2.0.22-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>dcm4che</groupId> + <artifactId>dcm4che-net</artifactId> + <version>2.0.22-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>dcm4che.dcm4chee</groupId> + <artifactId>dcm4chee-web-sar-common</artifactId> + <version>3.0.0-SNAPSHOT</version> + <scope>provided</scope> + </dependency> + </dependencies> + <build> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>jboss-packaging-maven-plugin</artifactId> + <version>2.0-SNAPSHOT</version> + <extensions>true</extensions> + </plugin> + <plugin> + <inherited>true</inherited> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <configuration> + <source>1.5</source> + <target>1.5</target> + <optimise>true</optimise> + <debug>true</debug> + </configuration> + </plugin> + </plugins> + </build> +</project> + Added: dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/java/org/dcm4chee/web/service/tlscfg/TlsCfgService.java =================================================================== --- dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/java/org/dcm4chee/web/service/tlscfg/TlsCfgService.java (rev 0) +++ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/java/org/dcm4chee/web/service/tlscfg/TlsCfgService.java 2010-02-26 19:59:57 UTC (rev 12836) @@ -0,0 +1,176 @@ +/* ***** BEGIN LICENSE BLOCK ***** + * Version: MPL 1.1/GPL 2.0/LGPL 2.1 + * + * The contents of this file are subject to the Mozilla Public License Version + * 1.1 (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License + * for the specific language governing rights and limitations under the + * License. + * + * The Original Code is part of dcm4che, an implementation of DICOM(TM) in + * Java(TM), available at http://sourceforge.net/projects/dcm4che. + * + * The Initial Developer of the Original Code is + * TIANI Medgraph AG. + * Portions created by the Initial Developer are Copyright (C) 2003-2005 + * the Initial Developer. All Rights Reserved. + * + * Contributor(s): + * Gunter Zeilinger <gun...@ti...> + * Franz Willer <fra...@gw...> + * + * Alternatively, the contents of this file may be used under the terms of + * either the GNU General Public License Version 2 or later (the "GPL"), or + * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), + * in which case the provisions of the GPL or the LGPL are applicable instead + * of those above. If you wish to allow use of your version of this file only + * under the terms of either the GPL or the LGPL, and not to allow others to + * use your version of this file under the terms of the MPL, indicate your + * decision by deleting the provisions above and replace them with the notice + * and other provisions required by the GPL or the LGPL. If you do not delete + * the provisions above, a recipient may use your version of this file under + * the terms of any one of the MPL, the GPL or the LGPL. + * + * ***** END LICENSE BLOCK ***** */ +package org.dcm4chee.web.service.tlscfg; + +import java.io.FileInputStream; +import java.io.IOException; +import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URL; +import java.security.GeneralSecurityException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; + +import org.dcm4che2.net.Device; +import org.dcm4che2.net.NetworkConnection; +import org.dcm4che2.util.StringUtils; +import org.jboss.system.ServiceMBeanSupport; + +/** + * @author fra...@gm... + * @version $Revision$ $Date$ + * @since Feb 11, 2010 + */ +public class TlsCfgService extends ServiceMBeanSupport { + + private String keyStoreURL; + private String trustStoreURL; + private char[] keyStorePassword; + private char[] trustStorePassword; + private char[] keyPassword; + private String keyStoreType; + private String trustStoreType; + private String[] tlsProtocol; + private boolean needClientAuth; + + protected String NONE ="NONE"; + + public TlsCfgService() { + } + + public String getKeyStoreURL() { + return keyStoreURL; + } + + public void setKeyStoreURL(String keyStoreURL) { + this.keyStoreURL = keyStoreURL; + } + + public void setKeyStorePassword(String keyStorePassword) { + this.keyStorePassword = none2null(keyStorePassword); + } + + public String getTrustStoreURL() { + return trustStoreURL; + } + + public void setTrustStoreURL(String trustStoreURL) { + this.trustStoreURL = trustStoreURL; + } + + public void setTrustStorePassword(String trustStorePassword) { + this.trustStorePassword = none2null(trustStorePassword); + } + + public void setKeyPassword(String keyPassword) { + this.keyPassword = none2null(keyPassword); + } + public String getKeyPassword() { + return keyPassword == null ? NONE : "******"; + } + + public String getTlsProtocol() { + return StringUtils.join(tlsProtocol, ','); + } + + public void setTlsProtocol(String tlsProtocol) { + this.tlsProtocol = StringUtils.split(tlsProtocol, ','); + } + + public String getKeyStoreType() { + return keyStoreType; + } + + public void setKeyStoreType(String type) { + this.keyStoreType = type; + } + + public String getTrustStoreType() { + return trustStoreType; + } + + public void setTrustStoreType(String type) { + this.trustStoreType = type; + } + + public boolean isNeedClientAuth() { + return needClientAuth; + } + + public void setNeedClientAuth(boolean needClientAuth) { + this.needClientAuth = needClientAuth; + } + + private char[] none2null(String s) { + return NONE.equals(s) ? null : s.toCharArray(); + } + + public void initTLS(NetworkConnection remoteConn, Device device, String[] ciphers) throws IOException, GeneralSecurityException { + if (ciphers!= null && ciphers.length > 0) { + NetworkConnection localConn = device.getNetworkConnection()[0]; + remoteConn.setTlsCipherSuite(ciphers); + localConn.setTlsCipherSuite(ciphers); + localConn.setTlsProtocol(tlsProtocol); + localConn.setTlsNeedClientAuth(needClientAuth); + KeyStore keyStore = loadKeyStore(keyStoreURL, keyStorePassword, keyStoreType); + KeyStore trustStore = loadKeyStore(trustStoreURL, trustStorePassword, trustStoreType); + device.initTLS(keyStore, keyPassword == null ? keyStorePassword : keyPassword, trustStore); + device.getNetworkConnection(); + } + } + + private KeyStore loadKeyStore(String keyStoreURL, char[] password, String type) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException { + InputStream in; + try { + in = new URL(keyStoreURL).openStream(); + } catch (MalformedURLException e) { + in = new FileInputStream(keyStoreURL); + } + KeyStore key = KeyStore.getInstance(type); + try { + key.load(in, password); + } finally { + in.close(); + } + return key; + } +} + Added: dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/resources/META-INF/jboss-service.xml =================================================================== --- dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/resources/META-INF/jboss-service.xml (rev 0) +++ dcm4chee/dcm4chee-web/trunk/dcm4chee-web-sar/dcm4chee-web-sar-tlscfg/src/main/resources/META-INF/jboss-service.xml 2010-02-26 19:59:57 UTC (rev 12836) @@ -0,0 +1,162 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE mbean PUBLIC "-//JBoss//DTD JBOSS XMBEAN 1.1//EN" "http://www.jboss.org/j2ee/dtd/jboss_xmbean_1_1.dtd"> + +<!-- Version $Revision:$ $Date:$ --> +<server> + <mbean code="org.dcm4chee.web.service.tlscfg.TlsCfgService" + name="dcm4chee.web:service=TlsConfig" + xmbean-dd=""> + + <xmbean> + <description><![CDATA[<b>DICOM TLS Configuration Service</b> + ]]> </description> + + <descriptors> + <persistence persistPolicy="OnUpdate"/> + <persistence-manager value="org.jboss.mx.persistence.DelegatingPersistenceManager" /> + </descriptors> + + <class>org.dcm4chee.web.service.tlscfg.TlsCfgService</class> + + <constructor> + <description>The default constructor</description> + <name>TlsCfgService</name> + </constructor> + + <attribute access="read-write" + getMethod="getKeyStoreURL" + setMethod="setKeyStoreURL"> + <description>URL of key store containing key used in SSL handshake, + when running in TLS mode. + </description> + <name>KeyStoreURL</name> + <type>java.lang.String</type> + <descriptors> + <value value="resource:certificates/test_sys_1.p12" /> + </descriptors> + </attribute> + <attribute access="write-only" + setMethod="setKeyStorePassword"> + <description>The password for access to key store, + specified by attribute KeyStoreURL. + </description> + <name>KeyStorePassword</name> + <type>java.lang.String</type> + <descriptors> + <value value="secret" /> + </descriptors> + </attribute> + <attribute access="read-write" + getMethod="getKeyPassword" + setMethod="setKeyPassword"> + <description>The password for the private key, + Set NONE to use KeyStorePassword. Note: return ****** for not NONE values! + </description> + <name>KeyPassword</name> + <type>java.lang.String</type> + <descriptors> + <value value="NONE" /> + </descriptors> + </attribute> + <attribute access="read-write" + getMethod="getKeyStoreType" + setMethod="setKeyStoreType"> + <description>Type of KeyStore for private key. + </description> + <name>KeyStoreType</name> + <type>java.lang.String</type> + <descriptors> + <value value="PKCS12" /> + </descriptors> + </attribute> + <attribute access="read-write" + getMethod="getTrustStoreURL" + setMethod="setTrustStoreURL"> + <description>URL of trust store containing accepted certificates, + when running in TLS mode. + </description> + <name>TrustStoreURL</name> + <type>java.lang.String</type> + <descriptors> + <value value="resource:certificates/mesa_certs.jks" /> + </descriptors> + </attribute> + <attribute access="write-only" + setMethod="setTrustStorePassword"> + <description>The password for access to trust store, + specified by attribute TrustStoreURL. + </description> + <name>TrustStorePassword</name> + <type>java.lang.String</type> + <descriptors> + <value value="secret" /> + </descriptors> + </attribute> + <attribute access="read-write" + getMethod="getTrustStoreType" + setMethod="setTrustStoreType"> + <description>Type of KeyStore for trusted public keys. + </description> + <name>TrustStoreType</name> + <type>java.lang.String</type> + <descriptors> + <value value="JKS" /> + </descriptors> + </attribute> + <attribute access="read-write" + getMethod="getTlsProtocol" + setMethod="setTlsProtocol"> + <!-- Security --> + <description><![CDATA[Comma separated list of protocol versions enabled + for use on this connection. Possible values: TLSv1,SSLv3,SSLv2Hello]]> + </description> + <name>TLSProtocols</name> + <type>java.lang.String</type> + <descriptors> + <value value="TLSv1,SSLv3" /> + </descriptors> + </attribute> + <attribute access="read-write" + getMethod="isNeedClientAuth" + setMethod="setNeedClientAuth"> + <!-- Security --> + <description><![CDATA[Set to <tt>true</tt> if client authentication is + required, or <tt>false</tt> if no client authentication is desired.]]> + </description> + <name>NeedClientAuthentication</name> + <type>boolean</type> + <descriptors> + <value value="true" /> + </descriptors> + </attribute> + + &defaultAttributes; + + <!-- Operations --> + &defaultOperations; + + <operation impact="ACTION"> + <description><![CDATA[ Initialize device and remote connection with TLS configuration and gicven cipher suites. + ]]> </description> + <name>initTLS</name> + <parameter> + <description>Remote Connection Object</description> + <name>remoteConn</name> + <type>org.dcm4che2.net.NetworkConnection</type> + </parameter> + <parameter> + <description>Device Object to initialize for TLS</description> + <name>device</name> + <type>org.dcm4che2.net.Device</type> + </parameter> + <parameter> + <description>List of Cipher Suites</description> + <name>ciphers</name> + <type>[Ljava.lang.String;</type> + </parameter> + <return-type>void</return-type> + </operation> + + </xmbean> + </mbean> +</server> \ No newline at end of file This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |