Java tutorial
// Description: Java 7 Security Manager Add Device Servlet /* * CFEnSyntax * * Copyright (c) 2014 Mark Sobkow * * This program is available as free software under the GNU GPL v3, or * under a commercial license from Mark Sobkow. For commercial licensing * details, please contact msobkow@sasktel.net. * * Under the terms of the GPL: * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * * This source code incorporates modified modules originally licensed * under the Apache 2.0 license by MSS Code Factory including CFSecurity * (net-sourceforge-msscodefactory-2.2-cfsecurity.xml), * CFInternet (net-sourceforge-msscodefactory-2.2-cfinternet.xml), and * CFCrm 2.2 (net-sourceforge-msscodefactory-2.2-cfcrm.xml), with all of the * required models being available as part of the MSS Code Factory 2.1 * distribution source and install zips. * * You can download installations of MSS Code Factory 2.1 from * http://msscodefactory.sourceforge.net/ * * *********************************************************************** * * Code manufactured by MSS Code Factory */ package net.sourceforge.msscodefactory.cfensyntax.v2_2.CFEnSyntaxSMWar; import java.io.*; import java.security.*; import java.util.*; import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.*; import org.apache.commons.codec.binary.Base64; import net.sourceforge.msscodefactory.cflib.v2_1.CFLib.CFLib; import net.sourceforge.msscodefactory.cfensyntax.v2_2.CFEnSyntax.*; import net.sourceforge.msscodefactory.cfensyntax.v2_2.CFEnSyntaxObj.*; /** * Servlet implementation class CFEnSyntaxSMWarLoginHtml */ @WebServlet("/CFEnSyntaxSMWarAddDeviceHtml") public class CFEnSyntaxSMWarAddDeviceHtml extends HttpServlet { private static final long serialVersionUID = 1L; /** * @see HttpServlet#HttpServlet() */ public CFEnSyntaxSMWarAddDeviceHtml() { super(); // TODO Auto-generated constructor stub } /** * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response) */ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { final String S_ProcName = "doGet"; ICFEnSyntaxSchemaObj schemaObj; HttpSession sess = request.getSession(false); if (sess == null) { sess = request.getSession(true); schemaObj = new CFEnSyntaxSchemaObj(); sess.setAttribute("SchemaObj", schemaObj); } else { schemaObj = (ICFEnSyntaxSchemaObj) sess.getAttribute("SchemaObj"); if (schemaObj == null) { response.sendRedirect("CFEnSyntaxSMWarLoginHtml"); return; } } CFEnSyntaxAuthorization auth = schemaObj.getAuthorization(); if (auth == null) { response.sendRedirect("CFEnSyntaxSMWarLoginHtml"); return; } ICFEnSyntaxSchema dbSchema = null; try { dbSchema = CFEnSyntaxSchemaPool.getSchemaPool().getInstance(); schemaObj.setBackingStore(dbSchema); schemaObj.beginTransaction(); ICFEnSyntaxSecUserObj secUser = schemaObj.getSecUserTableObj().readSecUserByIdIdx(auth.getSecUserId()); ICFEnSyntaxClusterObj secCluster = schemaObj.getClusterTableObj() .readClusterByIdIdx(auth.getSecClusterId()); if (secCluster == null) { throw CFLib.getDefaultExceptionFactory().newNullArgumentException(getClass(), S_ProcName, 0, "secCluster"); } String clusterDescription = secCluster.getRequiredDescription(); String thisURI = request.getScheme() + "://" + request.getServerName() + ":" + request.getServerPort() + request.getRequestURI().toString(); int lastSlash = thisURI.lastIndexOf('/'); String baseURI = thisURI.substring(0, lastSlash); response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println("<form method=\"post\" formaction=\"CFEnSyntaxSMWarAddDeviceHtml\">"); out.println("<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<H2 style=\"text-align:center\">Add new device for " + secUser.getRequiredEMailAddress() + "</H2>"); out.println("<p>"); out.println("<table style=\"width:90%\">"); out.println( "<tr><th style=\"text-align:left\">Device Name:</th><td><input type=\"text\" name=\"DeviceName\"/></td></tr>"); out.println( "<tr><th style=\"text-align:left\">Public Key:</th><td><textarea name=\"PublicKey\" cols=\"60\" rows=\"10\"></textarea></td></tr>"); out.println("</table>"); out.println( "<p style=\"text-align:center\"><button type=\"submit\" name=\"Ok\"\">Add Device</button> <button type=\"button\" name=\"Cancel\"\" onclick=\"window.location.href='CFEnSyntaxSMWarSecurityMainHtml'\">Cancel;</button>"); out.println("</form>"); out.println("</BODY>"); out.println("</HTML>"); } catch (RuntimeException e) { throw CFLib.getDefaultExceptionFactory().newRuntimeException(getClass(), S_ProcName, "Caught RuntimeException -- " + e.getMessage(), e); } finally { if (dbSchema != null) { try { if (schemaObj.isTransactionOpen()) { schemaObj.rollback(); } } catch (RuntimeException e) { } schemaObj.setBackingStore(null); CFEnSyntaxSchemaPool.getSchemaPool().releaseInstance(dbSchema); } } } /** * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response) */ protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { final String S_ProcName = "doPost"; ICFEnSyntaxSchemaObj schemaObj; HttpSession sess = request.getSession(false); if (sess == null) { sess = request.getSession(true); schemaObj = new CFEnSyntaxSchemaObj(); sess.setAttribute("SchemaObj", schemaObj); } else { schemaObj = (ICFEnSyntaxSchemaObj) sess.getAttribute("SchemaObj"); if (schemaObj == null) { response.sendRedirect("CFEnSyntaxSMWarLoginHtml"); return; } } CFEnSyntaxAuthorization auth = schemaObj.getAuthorization(); if (auth == null) { response.sendRedirect("CFEnSyntaxSMWarLoginHtml"); return; } ICFEnSyntaxSecUserObj secUser = schemaObj.getSecUserTableObj().readSecUserByIdIdx(auth.getSecUserId()); ICFEnSyntaxClusterObj secCluster = schemaObj.getClusterTableObj() .readClusterByIdIdx(auth.getSecClusterId()); if (secCluster == null) { throw CFLib.getDefaultExceptionFactory().newNullArgumentException(getClass(), S_ProcName, 0, "secCluster"); } String clusterDescription = secCluster.getRequiredDescription(); ICFEnSyntaxSchema dbSchema = null; try { dbSchema = CFEnSyntaxSchemaPool.getSchemaPool().getInstance(); schemaObj.setBackingStore(dbSchema); schemaObj.beginTransaction(); String deviceName = request.getParameter("DeviceName"); if ((deviceName == null) || (deviceName.length() <= 0)) { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println("<form method=\"post\" formaction=\"CFEnSyntaxSMWarAddDeviceHtml\">"); out.println("<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<H2 style=\"text-align:center\">ERROR</H2>"); out.println("<p style=\"text-align:center\">Device Name must be specified."); out.println("<H2 style=\"text-align:center\">Add new device for " + secUser.getRequiredEMailAddress() + "</H2>"); out.println("<p>"); out.println("<table style=\"width:90%\">"); out.println( "<tr><th style=\"text-align:left\">Device Name:</th><td><input type=\"text\" name=\"DeviceName\"/></td></tr>"); out.println( "<tr><th style=\"text-align:left\">Public Key:</th><td><textarea name=\"PublicKey\" cols=\"60\" rows=\"10\"></textarea></td></tr>"); out.println("</table>"); out.println( "<p style=\"text-align:center\"><button type=\"submit\" name=\"Ok\"\">Add Device</button> <button type=\"button\" name=\"Cancel\"\" onclick=\"window.location.href='CFEnSyntaxSMWarSecurityMainHtml'\">Cancel</button>"); out.println("</form>"); out.println("</BODY>"); out.println("</HTML>"); return; } ICFEnSyntaxSecDeviceObj secDev = schemaObj.getSecDeviceTableObj() .readSecDeviceByIdIdx(secUser.getRequiredSecUserId(), deviceName); if (secDev != null) { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println("<form method=\"post\" formaction=\"CFEnSyntaxSMWarAddDeviceHtml\">"); out.println("<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<H2 style=\"text-align:center\">ERROR</H2>"); out.println("<p style=\"text-align:center\">Device Name \"" + deviceName + "\" already in use."); out.println("<H2 style=\"text-align:center\">Add new device for " + secUser.getRequiredEMailAddress() + "</H2>"); out.println("<p>"); out.println("<table style=\"width:90%\">"); out.println( "<tr><th style=\"text-align:left\">Device Name:</th><td><input type=\"text\" name=\"DeviceName\"/></td></tr>"); out.println( "<tr><th style=\"text-align:left\">Public Key:</th><td><textarea name=\"PublicKey\" cols=\"60\" rows=\"10\"></textarea></td></tr>"); out.println("</table>"); out.println( "<p style=\"text-align:center\"><button type=\"submit\" name=\"Ok\"\">Add Device</button> <button type=\"button\" name=\"Cancel\"\" onclick=\"window.location.href='CFEnSyntaxSMWarSecurityMainHtml'\">Cancel</button>"); out.println("</form>"); out.println("</BODY>"); out.println("</HTML>"); return; } String publicKey = request.getParameter("PublicKey"); if ((publicKey == null) || (publicKey.length() <= 0)) { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println("<form method=\"post\" formaction=\"CFEnSyntaxSMWarAddDeviceHtml\">"); out.println("<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<p style=\"text-align:center\">Public Key must be specified."); out.println("<H2 style=\"text-align:center\">Add new device for " + secUser.getRequiredEMailAddress() + "</H2>"); out.println("<p>"); out.println("<table style=\"width:90%\">"); out.println( "<tr><th style=\"text-align:left\">Device Name:</th><td><input type=\"text\" name=\"DeviceName\"/></td></tr>"); out.println( "<tr><th style=\"text-align:left\">Public Key:</th><td><textarea name=\"PublicKey\" cols=\"60\" rows=\"10\"></textarea></td></tr>"); out.println("</table>"); out.println( "<p style=\"text-align:center\"><button type=\"submit\" name=\"Ok\"\">Add Device</button> <button type=\"button\" name=\"Cancel\"\" onclick=\"window.location.href='CFEnSyntaxSMWarSecurityMainHtml'\">Cancel</button>"); out.println("</form>"); out.println("</BODY>"); out.println("</HTML>"); return; } byte wrapped[] = Base64.decodeBase64(publicKey); Cipher cipher = Cipher.getInstance("AES"); if (cipher == null) { throw CFLib.getDefaultExceptionFactory().newNullArgumentException(getClass(), S_ProcName, 0, "cipher"); } Key key = cipher.unwrap(wrapped, "AES", Cipher.PUBLIC_KEY); if ((key == null) || (!(key instanceof PublicKey))) { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println("<form method=\"post\" formaction=\"CFEnSyntaxSMWarAddDeviceHtml\">"); out.println("<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<p style=\"text-align:center\">Public Key must be a valid Client AES Key."); out.println("<H2 style=\"text-align:center\">Add new device for " + secUser.getRequiredEMailAddress() + "</H2>"); out.println("<p>"); out.println("<table style=\"width:90%\">"); out.println( "<tr><th style=\"text-align:left\">Device Name:</th><td><input type=\"text\" name=\"DeviceName\"/></td></tr>"); out.println( "<tr><th style=\"text-align:left\">Public Key:</th><td><textarea name=\"PublicKey\" cols=\"60\" rows=\"10\"></textarea></td></tr>"); out.println("</table>"); out.println( "<p style=\"text-align:center\"><button type=\"submit\" name=\"Ok\"\">Add Device</button> <button type=\"button\" name=\"Cancel\"\" onclick=\"window.location.href='CFEnSyntaxSMWarSecurityMainHtml'\">Cancel</button>"); out.println("</form>"); out.println("</BODY>"); out.println("</HTML>"); return; } ICFEnSyntaxClusterObj systemCluster = schemaObj.getClusterTableObj() .readClusterByUDomainNameIdx("system"); ICFEnSyntaxTenantObj systemTenant = schemaObj.getTenantTableObj() .readTenantByUNameIdx(systemCluster.getRequiredId(), "system"); ICFEnSyntaxSecUserObj systemUser = schemaObj.getSecUserTableObj().readSecUserByULoginIdx("system"); ICFEnSyntaxSecSessionObj systemSession = schemaObj.getSecSessionTableObj().newInstance(); ICFEnSyntaxSecSessionEditObj editSystemSession = (ICFEnSyntaxSecSessionEditObj) systemSession .beginEdit(); editSystemSession.setRequiredContainerSecUser(systemUser); editSystemSession.setRequiredStart(Calendar.getInstance()); systemSession = editSystemSession.create(); editSystemSession.endEdit(); CFEnSyntaxAuthorization secAuth = new CFEnSyntaxAuthorization(); secAuth.setSecCluster(systemCluster); secAuth.setSecTenant(systemTenant); secAuth.setSecSession(systemSession); schemaObj.setAuthorization(secAuth); secDev = schemaObj.getSecDeviceTableObj().newInstance(); ICFEnSyntaxSecDeviceEditObj editDev = secDev.beginEdit(); editDev.setRequiredContainerSecUser(secUser); editDev.setRequiredDevName(deviceName); editDev.setOptionalPubKey(publicKey); secDev = editDev.create(); editDev.endEdit(); if (null == secUser.getOptionalLookupDefDev()) { ICFEnSyntaxSecUserEditObj editSecUser = secUser.beginEdit(); editSecUser.setOptionalLookupDefDev(secDev); editSecUser.update(); editSecUser.endEdit(); } editSystemSession = (ICFEnSyntaxSecSessionEditObj) systemSession.beginEdit(); editSystemSession.setOptionalFinish(Calendar.getInstance()); editSystemSession.update(); editSystemSession.endEdit(); schemaObj.commit(); schemaObj.setAuthorization(auth); response.sendRedirect("CFEnSyntaxSMWarSecurityMainHtml"); } catch (InvalidKeyException e) { response.setContentType("text/html"); PrintWriter out = response.getWriter(); out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\">"); out.println("<HTML>"); out.println("<BODY>"); out.println("<form method=\"post\" formaction=\"CFEnSyntaxSMWarAddDeviceHtml\">"); out.println("<H1 style=\"text-align:center\">" + clusterDescription + " Security Manager</H1>"); out.println("<p style=\"text-align:center\">Public Key must be a valid Client AES Key."); out.println("<H2 style=\"text-align:center\">Add new device for " + secUser.getRequiredEMailAddress() + "</H2>"); out.println("<p>"); out.println("<table style=\"width:90%\">"); out.println( "<tr><th style=\"text-align:left\">Device Name:</th><td><input type=\"text\" name=\"DeviceName\"/></td></tr>"); out.println( "<tr><th style=\"text-align:left\">Public Key:</th><td><textarea name=\"PublicKey\" cols=\"60\" rows=\"10\"></textarea></td></tr>"); out.println("</table>"); out.println( "<p style=\"text-align:center\"><button type=\"submit\" name=\"Ok\"\">Add Device</button> <button type=\"button\" name=\"Cancel\"\" onclick=\"window.location.href='CFEnSyntaxSMWarSecurityMainHtml'\">Cancel</button>"); out.println("</form>"); out.println("</BODY>"); out.println("</HTML>"); } catch (NoSuchAlgorithmException e) { throw CFLib.getDefaultExceptionFactory().newRuntimeException(getClass(), S_ProcName, "Caught NoSuchAlgorithmException -- " + e.getMessage(), e); } catch (NoSuchPaddingException e) { throw CFLib.getDefaultExceptionFactory().newRuntimeException(getClass(), S_ProcName, "Caught NoSuchPaddingException -- " + e.getMessage(), e); } catch (RuntimeException e) { throw CFLib.getDefaultExceptionFactory().newRuntimeException(getClass(), S_ProcName, "Caught RuntimeException -- " + e.getMessage(), e); } finally { schemaObj.setAuthorization(auth); if (dbSchema != null) { try { if (schemaObj.isTransactionOpen()) { schemaObj.rollback(); } } catch (RuntimeException e) { } schemaObj.setBackingStore(null); CFEnSyntaxSchemaPool.getSchemaPool().releaseInstance(dbSchema); } } } }