upstream/oracle/vpanels: usr/src/java/vpanels/client/org/opensolaris/os/vp/client/common/RadLoginManager.java@7fa83d27b9f3 (annotated)

391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	1	/*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	2	* CDDL HEADER START
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	3	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	4	* The contents of this file are subject to the terms of the
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	5	* Common Development and Distribution License (the "License").
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	6	* You may not use this file except in compliance with the License.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	7	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	8	* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	9	* or http://www.opensolaris.org/os/licensing.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	10	* See the License for the specific language governing permissions
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	11	* and limitations under the License.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	12	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	13	* When distributing Covered Code, include this CDDL HEADER in each
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	14	* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	15	* If applicable, add the following below this CDDL HEADER, with the
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	16	* fields enclosed by brackets "[]" replaced with your own identifying
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	17	* information: Portions Copyright [yyyy] [name of copyright owner]
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	18	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	19	* CDDL HEADER END
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	20	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	21
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	22	/*
433 e629b84699e3 14567 JMX connector needs more precise failure handling David Powell <David.Powell@sun.com> parents: 396 diff changeset	23	* Copyright 2010 Sun Microsystems, Inc. All rights reserved.
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	24	* Use is subject to license terms.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	25	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	26
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	27	package org.opensolaris.os.vp.client.common;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	28
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	29	import java.io.*;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	30	import java.net.MalformedURLException;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	31	import java.security.*;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	32	import java.security.cert.*;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	33	import java.security.cert.Certificate;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	34	import java.util.*;
438 5341dd3e7a04 14761 simplify login dialog Stephen Talley <stephen.talley@sun.com> parents: 433 diff changeset	35	import javax.management.*;
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	36	import javax.management.remote.*;
438 5341dd3e7a04 14761 simplify login dialog Stephen Talley <stephen.talley@sun.com> parents: 433 diff changeset	37	import org.opensolaris.os.rad.*;
5341dd3e7a04 14761 simplify login dialog Stephen Talley <stephen.talley@sun.com> parents: 433 diff changeset	38	import org.opensolaris.os.rad.api.pam.*;
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	39	import org.opensolaris.os.rad.jmx.RadConnector;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	40	import org.opensolaris.os.vp.common.panel.MBeanUtil;
438 5341dd3e7a04 14761 simplify login dialog Stephen Talley <stephen.talley@sun.com> parents: 433 diff changeset	41	import org.opensolaris.os.vp.panel.common.ConnectionInfo;
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	42	import org.opensolaris.os.vp.panel.common.action.ActionAbortedException;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	43	import org.opensolaris.os.vp.util.misc.*;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	44
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	45	public abstract class RadLoginManager {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	46	//
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	47	// Static data
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	48	//
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	49
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	50	public static final String TRUSTSTORE_PASSWORD = "trustpass";
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	51
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	52	//
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	53	// Instance data
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	54	//
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	55
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	56	private ConnectionManager connManager;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	57
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	58	//
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	59	// Constructors
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	60	//
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	61
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	62	public RadLoginManager(ConnectionManager connManager) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	63	this.connManager = connManager;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	64	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	65
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	66	//
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	67	// RadLoginManager methods
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	68	//
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	69
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	70	/**
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	71	* Verify the given {@code Certificate} can be added to the truststore.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	72	* This default implementation does nothing. Subclasses may wish to
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	73	* override this method to display the {@code Certificate} details and
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	74	* prompt for user confirmation.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	75	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	76	* @param host
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	77	* the owner of the {@code Certificate}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	78	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	79	* @param certificate
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	80	* the {@code Certificate} to verify
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	81	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	82	* @exception ActionAbortedException
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	83	* if the given {@code Certificate} cannot be added to the
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	84	* truststore
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	85	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	86	protected abstract void acceptCertificate(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	87	String host, Certificate certificate) throws ActionAbortedException;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	88
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	89	/**
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	90	* Checks to see if the login process has been cancelled. Subclasses should
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	91	* override this method if they provide a method for the user to cancel the
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	92	* login process. This default implementation does nothing.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	93	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	94	* @exception ActionAbortedException
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	95	* if the action has been cancelled
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	96	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	97	protected void checkForCancel() throws ActionAbortedException {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	98	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	99
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	100	/**
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	101	* Creates an empty truststore file.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	102	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	103	protected void createTrustStore(File truststore) throws KeyStoreException,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	104	IOException, NoSuchAlgorithmException, CertificateException {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	105
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	106	File truststoreDir = truststore.getParentFile();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	107
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	108	if (!truststoreDir.exists()) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	109	if (!truststoreDir.mkdirs()) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	110	throw new IOException(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	111	"could not create truststore directory: " +
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	112	truststoreDir.getAbsolutePath());
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	113	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	114	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	115
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	116	KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	117	char[] password = getTrustStorePassword().toCharArray();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	118
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	119	// Create empty keystore
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	120	keyStore.load(null, password);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	121
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	122	FileOutputStream fos = new FileOutputStream(truststore);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	123	keyStore.store(fos, password);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	124	fos.close();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	125	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	126
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	127
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	128	protected boolean handleCertFailure(String host, File truststore,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	129	Certificate certificate) throws ActionAbortedException,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	130	KeyStoreException, IOException, NoSuchAlgorithmException,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	131	CertificateException {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	132
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	133	KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	134	char[] password = getTrustStorePassword().toCharArray();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	135
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	136	// Load truststore
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	137	FileInputStream fis = new FileInputStream(truststore);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	138	keyStore.load(fis, password);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	139	fis.close();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	140
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	141	checkForCancel();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	142
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	143	// Does the truststore already contain the certificate?
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	144	String alias = keyStore.getCertificateAlias(certificate);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	145	if (alias != null)
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	146	return false;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	147
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	148	boolean acceptNeeded = true;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	149
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	150	if (NetUtil.isLocalAddress(host)) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	151	FileInputStream certFileIn = null;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	152	try {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	153	File certFile = new File("/etc/rad/cert.pem");
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	154	certFileIn = new FileInputStream(certFile);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	155	Certificate localCert = CertificateFactory.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	156	getInstance("X.509").generateCertificate(certFileIn);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	157
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	158	if (localCert.equals(certificate)) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	159	acceptNeeded = false;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	160	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	161	} catch (Throwable ignore) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	162	} finally {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	163	IOUtil.closeIgnore(certFileIn);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	164	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	165	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	166
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	167	if (acceptNeeded) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	168	// Display the certificate, prompt user to accept
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	169	acceptCertificate(host, certificate);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	170	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	171
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	172	// Add certificate
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	173	alias = ((X509Certificate)certificate).getIssuerDN().toString();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	174	KeyStore.Entry entry =
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	175	new KeyStore.TrustedCertificateEntry(certificate);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	176	keyStore.setEntry(alias, entry, null);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	177
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	178	FileOutputStream fos = new FileOutputStream(truststore);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	179	keyStore.store(fos, password);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	180	fos.close();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	181
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	182	return true;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	183	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	184
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	185	/**
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	186	* Opens a connection to the server.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	187	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	188	* @exception ActionAbortedException
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	189	* if the action is aborted
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	190	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	191	public ConnectionInfo getConnectionInfo(ConnectionInfo oldinfo)
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	192	throws ActionAbortedException {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	193
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	194	// Repeat until a ConnectionInfo is created or an
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	195	// ActionAbortedException is thrown
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	196	while (true) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	197
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	198	// Retrieve login info, presumably from the user -- throws
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	199	// ActionAbortedException if user cancels
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	200	LoginInfo info = getLoginInfo();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	201
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	202	try {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	203	return toConnectionInfo(info, oldinfo);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	204	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	205
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	206	// Error logging in, display error and restart login process
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	207	catch (LoginFailedException e) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	208	showError(e.getMessage(), e.getLoginField(), e.getCause());
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	209	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	210
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	211	// User has chosen to restart login process
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	212	catch (ActionAbortedException e) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	213	// Do nothing
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	214	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	215	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	216	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	217
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	218	public ConnectionManager getConnectionManager() {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	219	return connManager;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	220	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	221
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	222	/**
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	223	* Returns the information needed to login to the server.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	224	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	225	protected abstract LoginInfo getLoginInfo() throws ActionAbortedException;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	226
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	227	/**
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	228	* Gets the truststore file.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	229	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	230	public abstract File getTrustStoreFile();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	231
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	232	/**
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	233	* Gets the truststore password. This default implementation returns
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	234	* "{@code trustpass}".
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	235	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	236	public String getTrustStorePassword() {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	237	return TRUSTSTORE_PASSWORD;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	238	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	239
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	240	/**
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	241	* Sets the (localized) message and cause when an error occurs. Subclasses
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	242	* may wish to override this method -- this default implementation does
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	243	* nothing.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	244	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	245	* @param message
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	246	* the localized message to display
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	247	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	248	* @param field
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	249	* the login field that caused this error
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	250	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	251	* @param cause
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	252	* the detailed cause of this error
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	253	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	254	protected void showError(String message, LoginField field,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	255	Throwable cause) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	256	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	257
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	258	/**
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	259	* Sets the (localized) status of this {@code RadLoginManager}. Subclasses
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	260	* may wish to override this method -- this default implementation does
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	261	* nothing.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	262	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	263	protected void showStatus(String status) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	264	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	265
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	266	//
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	267	// Private methods
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	268	//
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	269
468 7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	270	private void fauxResponse(AuthenticatorMXBean abean, Block answer,
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	271	char[] uPassword) throws ObjectException {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	272
468 7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	273	boolean sentPassword = false;
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	274	String errorMessage = null;
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	275
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	276	while (answer.getType() != BlockType.success) {
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	277	if (answer.getType() == BlockType.error) {
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	278	if (errorMessage != null)
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	279	throw new SecurityException(errorMessage);
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	280	throw new SecurityException();
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	281	}
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	282
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	283	assert (answer.getType() == BlockType.conv);
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	284	List<String> response = new LinkedList<String>();
468 7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	285	for (Message m : answer.getMessages()) {
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	286	if (!sentPassword && m.getStyle() == MsgType.prompt_echo_off) {
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	287	/* Assume it's Password: */
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	288	response.add(new String(uPassword));
468 7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	289	sentPassword = true;
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	290	errorMessage = null; /* prompt > error */
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	291	break;
468 7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	292	} else if (m.getStyle() == MsgType.error_msg) {
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	293	errorMessage = m.getMessage();
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	294	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	295	}
442 1998ce99dcb0 14787 explicit user login appears to succeed for roles David Powell <David.Powell@sun.com> parents: 438 diff changeset	296
468 7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	297	answer = abean.submit(response);
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	298	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	299	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	300
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	301	/**
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	302	* Attempts to create a {@link ConnectionInfo} from the given {@link
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	303	* LoginInfo}.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	304	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	305	* @param oldinfo the previous connection, if any.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	306	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	307	private ConnectionInfo toConnectionInfo(LoginInfo info,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	308	ConnectionInfo oldinfo)
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	309	throws LoginFailedException, ActionAbortedException {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	310
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	311	// Throws LoginFailedException on bad data
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	312	validate(info);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	313
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	314	String host = info.getHost();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	315	String user = info.getUser();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	316	String role = info.getRole();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	317	int port = info.getPort();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	318
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	319	// Search for an existing connection established for the specified
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	320	// host/user
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	321	ConnectionInfo cInfo =
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	322	getConnectionManager().getConnection(host, port, user, role);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	323	if (cInfo != null) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	324	return cInfo;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	325	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	326
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	327	char[] uPassword = info.getUserPassword();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	328	char[] rPassword = info.getRolePassword();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	329
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	330	showStatus(Finder.getString(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	331	"login.status.host.trusted", host, user));
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	332
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	333	String urlString = "service:jmx:" + RadConnector.PROTOCOL_TLS + "://" +
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	334	host;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	335	if (port != -1) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	336	urlString += ":" + port;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	337	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	338
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	339	try {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	340	File truststore = getTrustStoreFile();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	341	if (!truststore.exists())
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	342	createTrustStore(truststore);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	343
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	344	checkForCancel();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	345
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	346	showStatus(Finder.getString("login.status.loggingin", host, user));
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	347
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	348	Map<String, Object> env = new HashMap<String, Object>();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	349	env.put(RadConnector.KEY_TLS_TRUSTSTORE,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	350	truststore.getAbsolutePath());
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	351	env.put(RadConnector.KEY_TLS_TRUSTPASS,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	352	getTrustStorePassword());
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	353
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	354	JMXServiceURL url = new JMXServiceURL(urlString);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	355	JMXConnector connector =
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	356	JMXConnectorFactory.newJMXConnector(url, null);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	357
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	358	for (;;) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	359	RadTrustManager mtm = null;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	360	try {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	361	mtm = new RadTrustManager();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	362	env.put(RadConnector.KEY_TLS_RADMANAGER, mtm);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	363	checkForCancel();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	364	connector.connect(env);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	365	break;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	366	} catch (IOException e) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	367	if (mtm.getBadChain() == null \|\| !handleCertFailure(host,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	368	truststore, mtm.getBadChain()[0])) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	369
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	370	throw e;
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	371	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	372	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	373	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	374
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	375	MBeanServerConnection mbsc = connector.getMBeanServerConnection();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	376	AuthenticatorMXBean abean = JMX.newMXBeanProxy(mbsc,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	377	MBeanUtil.makeObjectName("org.opensolaris.os.rad",
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	378	"authentication"), AuthenticatorMXBean.class);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	379
468 7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	380	Block answer = abean.login("C", user);
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	381	fauxResponse(abean, answer, uPassword);
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	382
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	383	if (role != null) {
468 7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	384	answer = abean.assume("C", role);
7fa83d27b9f3 14970 python client misformats setattr requests David Powell <David.Powell@sun.com> parents: 442 diff changeset	385	fauxResponse(abean, answer, rPassword);
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	386	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	387
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	388	abean.complete();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	389
396 ec97b6c8d665 13390 reinstate remote panel access David Powell <David.Powell@sun.com> parents: 391 diff changeset	390	return new ConnectionInfo(host, port, user, role, connector);
391 71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	391	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	392
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	393	catch (ObjectException e) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	394	throw new LoginFailedException(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	395	Finder.getString("login.err.security"), e,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	396	LoginField.USER_PASSWORD);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	397	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	398
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	399	// Thrown by createTrustStore
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	400	catch (KeyStoreException e) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	401	throw new LoginFailedException(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	402	Finder.getString("login.err.keystore"), e);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	403	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	404
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	405	// Thrown by createTrustStore
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	406	catch (NoSuchAlgorithmException e) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	407	throw new LoginFailedException(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	408	Finder.getString("login.err.keystore"), e);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	409	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	410
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	411	// Thrown by getDaemonCertificateChain
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	412	catch (CertificateException e) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	413	throw new LoginFailedException(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	414	Finder.getString("login.err.nocerts", host), e,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	415	LoginField.HOST);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	416	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	417
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	418	// Thrown by getDaemonCertificateChain, new JMXServiceURL
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	419	catch (MalformedURLException e) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	420	e.printStackTrace();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	421	throw new LoginFailedException(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	422	Finder.getString("login.err.url.invalid", urlString),
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	423	e, LoginField.HOST);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	424	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	425
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	426	// Thrown by JMXConnector.connect()
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	427	catch (SecurityException e) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	428	throw new LoginFailedException(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	429	Finder.getString("login.err.security"), e,
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	430	LoginField.USER_PASSWORD);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	431	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	432
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	433	// Thrown by JMXConnector methods
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	434	catch (IOException e) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	435	throw new LoginFailedException(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	436	Finder.getString("login.err.io", host), e);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	437	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	438
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	439	finally {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	440	// Before throwing any of the above exceptions
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	441	checkForCancel();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	442	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	443	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	444
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	445	/**
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	446	* Runs a simple validation test of the given {@code LoginInfo}.
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	447	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	448	* @param info
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	449	* the data to validate
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	450	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	451	* @exception ActionAbortedException
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	452	* if the action has been cancelled
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	453	*
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	454	* @exception LoginFailedException
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	455	* if the data is invalid
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	456	*/
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	457	private void validate(LoginInfo info)
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	458	throws ActionAbortedException, LoginFailedException {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	459
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	460	checkForCancel();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	461	showStatus(Finder.getString("login.status.field.validation"));
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	462
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	463	String host = info.getHost();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	464	if (host == null \|\| host.isEmpty()) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	465	throw new LoginFailedException(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	466	Finder.getString("login.err.host.empty"),
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	467	LoginField.HOST);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	468	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	469
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	470	String port = info.getPortStr();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	471	if (port != null && !port.isEmpty()) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	472	try {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	473	info.setPort(Integer.parseInt(port));
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	474	} catch (NumberFormatException e) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	475	throw new LoginFailedException(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	476	Finder.getString("login.err.port.invalid", port),
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	477	LoginField.PORT);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	478	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	479	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	480
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	481	String user = info.getUser();
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	482	if (user == null \|\| user.isEmpty()) {
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	483	throw new LoginFailedException(
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	484	Finder.getString("login.err.user.empty"),
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	485	LoginField.USER);
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	486	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	487	}
71abce159a62 13357 rad David Powell <David.Powell@sun.com> parents: diff changeset	488	}

author	David Powell <David.Powell@sun.com>
	Sat, 13 Mar 2010 18:48:51 -0800
changeset 468	7fa83d27b9f3
parent 442	1998ce99dcb0
child 473	18f221b572ce
permissions	-rw-r--r--