View Javadoc
1   /*
2    * Copyright 2001-2013 The Apache Software Foundation.
3    * 
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    * 
8    *      http://www.apache.org/licenses/LICENSE-2.0
9    * 
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   *
16   */
17  package org.apache.juddi.webconsole;
18  
19  import java.io.FileOutputStream;
20  import java.io.InputStream;
21  import java.util.Properties;
22  import java.util.logging.Level;
23  import java.util.logging.Logger;
24  import javax.servlet.ServletContextEvent;
25  
26  /**
27   * This startup servlet's job is to generate an encryption key which will be
28   * used for encrypting cached user credentials in the http session object
29   *
30   * @author <a href="mailto:alexoree@apache.org">Alex O'Ree</a>
31   */
32  public class StartupServlet implements javax.servlet.ServletContextListener {
33  
34          static final Logger log = Logger.getLogger(StartupServlet.class.getCanonicalName());
35  
36          /**
37           * creates a new AES key and stores it to the properties files
38           *
39           * @param sce
40           */
41          public void contextInitialized(ServletContextEvent sce) {
42                  log.info("juddi-gui startup");
43                  FileOutputStream fos = null;
44                  try {
45                          //URL resource = sce.getServletContext().getResource("/META-INF/config.properties");
46                          Properties p = new Properties();
47  
48                          log.info("Attempting to generate 256 bit AES key");
49                          boolean ok = false;
50                          String key = AES.GEN(256);
51                          if (key == null) {
52                                  ok = false;
53                          } else {
54                                  if (AES.ValidateKey(key)) {
55                                          log.info("Generation of 256 bit AES key successful");
56                                          ok = true;
57                                  } else {
58                                          log.warning("256 bit key validation failed. To use higher key sizes, try installing the Java Cryptographic Extensions (JCE) Unlimited Strength");
59                                  }
60                          }
61                          if (!ok) {
62                                  log.info("Attempting to generate 128 bit AES key");
63                                  key = AES.GEN(128);
64                                  if (key == null) {
65                                          log.log(Level.SEVERE, "128 bit key generation failed! user's won't be able to login!");
66                                          return;
67                                  } else if (AES.ValidateKey(key)) {
68                                          log.info("Generation of 128 bit AES key successful");
69                                  } else {
70                                          log.severe("128 bit key validation failed! giving up, user's won't be able to login! ");
71                                          return;
72  
73                                  }
74                          }
75  
76                          p.put("key", key);
77                          fos = new FileOutputStream(sce.getServletContext().getRealPath("/META-INF/config.properties"));
78  
79                          log.log(Level.INFO, "Storing key to " + sce.getServletContext().getRealPath("/META-INF/config.properties"));
80                          p.store(fos, "No comments");
81                          fos.flush();
82                          fos.close();
83                  } catch (Exception ex) {
84                          log.log(Level.WARNING, null, ex);
85                          try {
86                                  if (fos != null) {
87                                          fos.close();
88                                  }
89                          } catch (Exception e) {
90                          }
91                  }
92          }
93  
94          /**
95           * does nothing
96           *
97           * @param sce
98           */
99          public void contextDestroyed(ServletContextEvent sce) {
100                 FileOutputStream fos = null;
101                 try {
102                         log.info("Cleaning up juddi-gui");
103                         Properties p = new Properties();
104                         InputStream is = sce.getServletContext().getResourceAsStream("/META-INF/config.properties");
105                         p.load(is);
106                         p.remove("key");
107                         is.close();
108                         fos = new FileOutputStream(sce.getServletContext().getRealPath("/META-INF/config.properties"));
109                         p.store(fos, "No comments");
110                         fos.flush();
111                         fos.close();
112                 } catch (Exception ex) {
113                         log.log(Level.WARNING, null, ex);
114                         try {
115                                 if (fos != null) {
116                                         fos.close();
117                                 }
118                         } catch (Exception e) {
119                         }
120                 }
121                 try {
122                         sce.getServletContext().removeAttribute("username");
123                         sce.getServletContext().removeAttribute("password");
124                         sce.getServletContext().removeAttribute("locale");
125                         sce.getServletContext().removeAttribute("hub");
126                 } catch (Exception ex) {
127                         log.log(Level.WARNING, null, ex);
128                 }
129 
130         }
131 }