Java tutorial
/**************************************************************************** * Copyright 2013 Tobias Wich * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * ***************************************************************************/ package org.electrologic.convergence.server; import java.io.IOException; import java.net.URL; import java.security.cert.Certificate; import java.security.cert.CertificateEncodingException; import javax.servlet.ServletConfig; import javax.servlet.ServletContext; import javax.servlet.ServletException; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.electrologic.convergence.server.util.Sha1RSASignature; import org.json.JSONArray; import org.json.JSONException; import org.json.JSONObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import util.Base64; /** * Servlet for the .notary bundle. * It uses the certificate used for signing and extracts all other parameters from the HTTP request. * * @author Tobias Wich <tobias.wich@ecsec.de> */ @WebServlet("/convergence.notary") public class NotaryBundleServlet extends HttpServlet { private static final long serialVersionUID = 1L; private static final Logger logger = LoggerFactory.getLogger(NotaryBundleServlet.class); private String pemCert; @Override public void init(ServletConfig config) throws ServletException { try { super.init(config); ServletContext ctx = config.getServletContext(); Sha1RSASignature signer = (Sha1RSASignature) ctx.getAttribute(TargetConfigurator.SIGNERPATH); Certificate cert = signer.getCertificate(); // convert certificate to PEM format byte[] derCert = cert.getEncoded(); String base64Cert = Base64.encodeToString(derCert, true); base64Cert = base64Cert.replace("\r", ""); StringBuilder buf = new StringBuilder(10000); buf.append("-----BEGIN CERTIFICATE-----\n"); buf.append(base64Cert); buf.append("\n-----END CERTIFICATE-----\n"); pemCert = buf.toString(); } catch (CertificateEncodingException ex) { String msg = "Failed to convert certificate to PEM format."; logger.error(msg, ex); throw new ServletException(msg, ex); } } @Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { try { // get request URL, hostname and port and REST interface anddress URL requestUrl = new URL(req.getRequestURL().toString()); String host = requestUrl.getHost(); int port = requestUrl.getPort(); if (port == -1) { port = requestUrl.getDefaultPort(); } // create JSON object JSONObject result = new JSONObject(); result.put("version", 1); JSONObject hostElement = new JSONObject(); hostElement.put("host", host); hostElement.put("http_port", 80); // the FF addon seems to have a problem when this is not present hostElement.put("ssl_port", port); hostElement.put("certificate", pemCert); JSONArray hostList = new JSONArray(); hostList.put(hostElement); result.put("hosts", hostList); result.put("name", "Convergence J2EE Server"); result.put("bundle_location", requestUrl.toString()); String resultStr = result.toString(); resp.setCharacterEncoding("UTF-8"); resp.setContentType("application/json"); resp.getOutputStream().print(resultStr); } catch (JSONException ex) { String msg = "Failed to construct JSON result."; logger.error(msg, ex); throw new ServletException(msg, ex); } } }