Java tutorial
/* * HSM Proxy Project. * Copyright (C) 2013 FedICT. * Copyright (C) 2013 Frank Cornelis. * * This is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License version * 3.0 as published by the Free Software Foundation. * * This software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this software; if not, see * http://www.gnu.org/licenses/. */ package be.fedict.hsm.model.admin; import java.util.List; import javax.annotation.security.RolesAllowed; import javax.ejb.EJB; import javax.ejb.Stateless; import javax.persistence.EntityManager; import javax.persistence.PersistenceContext; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.jboss.ejb3.annotation.SecurityDomain; import be.fedict.hsm.entity.ApplicationEntity; import be.fedict.hsm.entity.ApplicationKeyEntity; import be.fedict.hsm.entity.ApplicationKeyId; import be.fedict.hsm.entity.CredentialEntity; import be.fedict.hsm.entity.KeyStoreEntity; import be.fedict.hsm.model.exception.ExistingApplicationException; import be.fedict.hsm.model.exception.ExistingApplicationKeyException; import be.fedict.hsm.model.exception.ExistingCredentialException; import be.fedict.hsm.model.security.AdministratorRoles; import be.fedict.hsm.model.security.AdministratorSecurityDomain; import be.fedict.hsm.model.security.JBossSecurityManagerBean; @Stateless @SecurityDomain(AdministratorSecurityDomain.NAME) @RolesAllowed(AdministratorRoles.ADMINISTRATOR) public class ApplicationManagerBean { private static final Log LOG = LogFactory.getLog(ApplicationManagerBean.class); @PersistenceContext private EntityManager entityManager; @EJB private JBossSecurityManagerBean jbossSecurityManagerBean; public List<ApplicationEntity> getApplications() { return ApplicationEntity.getApplications(this.entityManager); } public void addApplication(String applicationName) throws ExistingApplicationException { if (ApplicationEntity.hasApplication(this.entityManager, applicationName)) { throw new ExistingApplicationException(); } ApplicationEntity applicationEntity = new ApplicationEntity(applicationName); this.entityManager.persist(applicationEntity); } public void removeApplication(ApplicationEntity application) { ApplicationEntity applicationEntity = this.entityManager.find(ApplicationEntity.class, application.getId()); List<ApplicationKeyEntity> applicationKeyEntities = ApplicationKeyEntity .getApplicationKeys(this.entityManager, applicationEntity); for (ApplicationKeyEntity applicationKeyEntity : applicationKeyEntities) { this.entityManager.remove(applicationKeyEntity); } List<CredentialEntity> credentialEntities = CredentialEntity.getCredentials(this.entityManager, applicationEntity); for (CredentialEntity credentialEntity : credentialEntities) { this.entityManager.remove(credentialEntity); this.jbossSecurityManagerBean.flushApplicationCache(credentialEntity.getHash()); } this.entityManager.remove(applicationEntity); } public List<ApplicationKeyEntity> getKeys(ApplicationEntity application) { return ApplicationKeyEntity.getApplicationKeys(this.entityManager, application); } public void addApplicationKey(String keyName, ApplicationEntity application) throws ExistingApplicationKeyException { ApplicationKeyId applicationKeyId = new ApplicationKeyId(application.getId(), keyName); ApplicationKeyEntity applicationKeyEntity = this.entityManager.find(ApplicationKeyEntity.class, applicationKeyId); if (null != applicationKeyEntity) { throw new ExistingApplicationKeyException(); } ApplicationEntity applicationEntity = this.entityManager.find(ApplicationEntity.class, application.getId()); applicationKeyEntity = new ApplicationKeyEntity(applicationEntity, keyName); this.entityManager.persist(applicationKeyEntity); } public void removeApplicationKey(ApplicationKeyEntity applicationKey) { ApplicationKeyEntity applicationKeyEntity = this.entityManager.find(ApplicationKeyEntity.class, applicationKey.getId()); this.entityManager.remove(applicationKeyEntity); } public void updateApplicationKey(ApplicationKeyEntity applicationKey, String keyStoreId, String keyStoreKeyAlias) { ApplicationKeyEntity applicationKeyEntity = this.entityManager.find(ApplicationKeyEntity.class, applicationKey.getId()); if (null == keyStoreId || keyStoreId.isEmpty()) { applicationKeyEntity.setKeyStore(null); applicationKeyEntity.setKeyStoreKeyAlias(null); } else { KeyStoreEntity keyStoreEntity = this.entityManager.find(KeyStoreEntity.class, Long.parseLong(keyStoreId)); applicationKeyEntity.setKeyStore(keyStoreEntity); applicationKeyEntity.setKeyStoreKeyAlias(keyStoreKeyAlias); } } public List<CredentialEntity> getCredentials(ApplicationEntity application) { ApplicationEntity applicationEntity = this.entityManager.find(ApplicationEntity.class, application.getId()); return CredentialEntity.getCredentials(this.entityManager, applicationEntity); } public void addApplicationCredential(ApplicationEntity application, byte[] credential) throws ExistingCredentialException { LOG.debug("addApplicationCredential"); ApplicationEntity applicationEntity = this.entityManager.find(ApplicationEntity.class, application.getId()); String hash = DigestUtils.sha1Hex(credential); CredentialEntity existingCredentialEntity = this.entityManager.find(CredentialEntity.class, hash); if (null != existingCredentialEntity) { throw new ExistingCredentialException(); } CredentialEntity credentialEntity = new CredentialEntity(hash, credential, applicationEntity); this.entityManager.persist(credentialEntity); } public void removeCredential(CredentialEntity credential) { LOG.debug("removeCredential: " + credential.getHash()); CredentialEntity credentialEntity = this.entityManager.find(CredentialEntity.class, credential.getHash()); this.entityManager.remove(credentialEntity); /* * Next really has to be on credential.hash, not on app.id */ this.jbossSecurityManagerBean.flushApplicationCache(credential.getHash()); } }