This project has retired. For details please refer to its Attic page.
StartupServlet xref
View Javadoc
1   /*
2    * Copyright 2001-2008 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   */
17  package org.apache.juddi.adminconsole;
18  
19  import javax.servlet.ServletContextEvent;
20  import java.io.FileOutputStream;
21  import java.io.InputStream;
22  import java.util.Properties;
23  import java.util.logging.Level;
24  import java.util.logging.Logger;
25  
26  /**
27   * This startup servlet's job is to generate an encryption key which will be
28   * used for encrypting cached user credentials in the http session object
29   *
30   * @author <a href="mailto:alexoree@apache.org">Alex O'Ree</a>
31   */
32  public class StartupServlet implements javax.servlet.ServletContextListener {
33  
34      static final Logger log = Logger.getLogger(StartupServlet.class.getCanonicalName());
35  
36      /**
37       * creates a new AES key and stores it to the properties files
38       *
39       * @param sce
40       */
41      @Override
42      public void contextInitialized(ServletContextEvent sce) {
43          log.info("juddi-admin gui startup");
44          FileOutputStream fos = null;
45          try {
46              Properties p = new Properties();
47              String key = generateKey();
48              if (key == null) return;
49              p.put("key", key);
50              fos = new FileOutputStream(sce.getServletContext().getRealPath("/WEB-INF/config.properties"));
51              log.log(Level.INFO, "Storing key to " + sce.getServletContext().getRealPath("/WEB-INF/config.properties"));
52              p.store(fos, "No comments");
53              fos.flush();
54              fos.close();
55          } catch (Exception ex) {
56              log.log(Level.WARNING, null, ex);
57              try {
58                  if (fos != null) {
59                      fos.close();
60                  }
61              } catch (Exception e) {
62              }
63          }
64      }
65  
66      private String generateKey() {
67          String key = generateKey(256);
68          if (key == null) {
69              key = generateKey(128);
70          }
71          if (key == null) {
72              log.severe("128 bit key validation failed! giving up, user's won't be able to login! ");
73              return null;
74          }
75          return key;
76      }
77  
78      private String generateKey(int length) {
79          log.info("Attempting to generate "+length+" bit AES key");
80          String key = AES.GEN(length);
81          if (key != null) {
82              if (AES.ValidateKey(key)) {
83                  log.info("Generation of "+length+" bit AES key successful");
84              } else {
85                  log.warning(length+" bit key validation failed. To use higher key sizes, try installing the Java Cryptographic Extensions (JCE) Unlimited Strength");
86                  return null;
87              }
88          }
89          return key;
90      }
91  
92      /**
93       *
94       * @param sce
95       */
96      @Override
97      public void contextDestroyed(ServletContextEvent sce) {
98          removeKeyFromConfigurationFile(sce);
99      }
100 
101     private void removeKeyFromConfigurationFile(ServletContextEvent sce) {
102         FileOutputStream fos = null;
103         try {
104             log.info("Cleaning up juddi-admin");
105             Properties p = new Properties();
106             InputStream is = sce.getServletContext().getResourceAsStream("/WEB-INF/config.properties");
107             p.load(is);
108             p.remove("key");
109             is.close();
110             fos = new FileOutputStream(sce.getServletContext().getRealPath("/WEB-INF/config.properties"));
111             p.store(fos, "No comments");
112             fos.flush();
113             fos.close();
114         } catch (Exception ex) {
115             log.log(Level.WARNING, null, ex);
116             try {
117                 if (fos != null) {
118                     fos.close();
119                 }
120             } catch (Exception e) {
121             }
122         }
123         try {
124             sce.getServletContext().removeAttribute("username");
125             sce.getServletContext().removeAttribute("password");
126             sce.getServletContext().removeAttribute("locale");
127             sce.getServletContext().removeAttribute("hub");
128         } catch (Exception ex) {
129             log.log(Level.WARNING, null, ex);
130         }
131     }
132 }