Java tutorial
/* * JBoss, Home of Professional Open Source. * Copyright 2011, Red Hat, Inc., and individual contributors * as indicated by the @author tags. See the copyright.txt file in the * distribution for a full listing of individual contributors. * * This is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * This software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this software; if not, write to the Free * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA * 02110-1301 USA, or see the FSF site: http://www.fsf.org. */ package org.jboss.as.security.vault; import java.io.Console; import java.util.InputMismatchException; import java.util.Scanner; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.CommandLineParser; import org.apache.commons.cli.HelpFormatter; import org.apache.commons.cli.Option; import org.apache.commons.cli.OptionGroup; import org.apache.commons.cli.Options; import org.apache.commons.cli.ParseException; import org.apache.commons.cli.PosixParser; import org.jboss.as.security.logging.SecurityLogger; /** * Command Line Tool for the default implementation of the {@link org.jboss.security.vault.SecurityVault} * * @author Anil Saldhana * @author Peter Skopek */ public class VaultTool { public static final String KEYSTORE_PARAM = "keystore"; public static final String KEYSTORE_PASSWORD_PARAM = "keystore-password"; public static final String ENC_DIR_PARAM = "enc-dir"; public static final String SALT_PARAM = "salt"; public static final String ITERATION_PARAM = "iteration"; public static final String ALIAS_PARAM = "alias"; public static final String VAULT_BLOCK_PARAM = "vault-block"; public static final String ATTRIBUTE_PARAM = "attribute"; public static final String SEC_ATTR_VALUE_PARAM = "sec-attr"; public static final String CHECK_SEC_ATTR_EXISTS_PARAM = "check-sec-attr"; public static final String REMOVE_SEC_ATTR_PARAM = "remove-sec-attr"; public static final String CREATE_KEYSTORE_PARAM = "create-keystore"; public static final String HELP_PARAM = "help"; private VaultInteractiveSession session = null; private VaultSession nonInteractiveSession = null; private Options options = null; private CommandLineParser parser = null; private CommandLine cmdLine = null; public void setSession(VaultInteractiveSession sess) { session = sess; } public VaultInteractiveSession getSession() { return session; } public static void main(String[] args) { VaultTool tool = null; if (args != null && args.length > 0) { int returnVal = 0; try { tool = new VaultTool(args); returnVal = tool.execute(); } catch (Exception e) { System.err.println(SecurityLogger.ROOT_LOGGER.problemOcurred()); e.printStackTrace(System.err); System.exit(1); } System.exit(returnVal); } else { tool = new VaultTool(); System.out.println("**********************************"); System.out.println("**** JBoss Vault ***************"); System.out.println("**********************************"); Console console = System.console(); if (console == null) { System.err.println(SecurityLogger.ROOT_LOGGER.noConsole()); System.exit(1); } Scanner in = new Scanner(System.in); while (true) { System.out.println(SecurityLogger.ROOT_LOGGER.interactiveCommandString()); try { int choice = in.nextInt(); switch (choice) { case 0: System.out.println(SecurityLogger.ROOT_LOGGER.startingInteractiveSession()); VaultInteractiveSession vsession = new VaultInteractiveSession(); tool.setSession(vsession); vsession.start(); break; case 1: System.out.println(SecurityLogger.ROOT_LOGGER.removingInteractiveSession()); tool.setSession(null); break; default: in.close(); System.exit(0); } } catch (InputMismatchException e) { in.close(); System.exit(0); } } } } public VaultTool(String[] args) { initOptions(); parser = new PosixParser(); try { cmdLine = parser.parse(options, args, true); } catch (ParseException e) { System.out.println(SecurityLogger.ROOT_LOGGER.problemParsingCommandLineParameters()); e.printStackTrace(System.err); System.exit(2); } } public VaultTool() { } /** * Build options for non-interactive VaultTool usage scenario. * * @return */ private void initOptions() { options = new Options(); options.addOption("k", KEYSTORE_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineKeyStoreURL()); options.addOption("p", KEYSTORE_PASSWORD_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineKeyStorePassword()); options.addOption("e", ENC_DIR_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineEncryptionDirectory()); options.addOption("s", SALT_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineSalt()); options.addOption("i", ITERATION_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineIterationCount()); options.addOption("v", ALIAS_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineVaultKeyStoreAlias()); options.addOption("b", VAULT_BLOCK_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineVaultBlock()); options.addOption("a", ATTRIBUTE_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineAttributeName()); options.addOption("t", CREATE_KEYSTORE_PARAM, false, SecurityLogger.ROOT_LOGGER.cmdLineAutomaticallyCreateKeystore()); OptionGroup og = new OptionGroup(); Option x = new Option("x", SEC_ATTR_VALUE_PARAM, true, SecurityLogger.ROOT_LOGGER.cmdLineSecuredAttribute()); Option c = new Option("c", CHECK_SEC_ATTR_EXISTS_PARAM, false, SecurityLogger.ROOT_LOGGER.cmdLineCheckAttribute()); Option r = new Option("r", REMOVE_SEC_ATTR_PARAM, false, SecurityLogger.ROOT_LOGGER.cmdLineRemoveSecuredAttribute()); Option h = new Option("h", HELP_PARAM, false, SecurityLogger.ROOT_LOGGER.cmdLineHelp()); og.addOption(x); og.addOption(c); og.addOption(r); og.addOption(h); og.setRequired(true); options.addOptionGroup(og); } private int execute() throws Exception { if (cmdLine.hasOption(HELP_PARAM)) { printUsage(); return 100; } String keystoreURL = cmdLine.getOptionValue(KEYSTORE_PARAM, "vault.keystore"); String keystorePassword = cmdLine.getOptionValue(KEYSTORE_PASSWORD_PARAM, ""); String encryptionDirectory = cmdLine.getOptionValue(ENC_DIR_PARAM, "vault"); String salt = cmdLine.getOptionValue(SALT_PARAM, "12345678"); int iterationCount = Integer.parseInt(cmdLine.getOptionValue(ITERATION_PARAM, "23")); boolean createKeyStore = cmdLine.hasOption(CREATE_KEYSTORE_PARAM); nonInteractiveSession = new VaultSession(keystoreURL, keystorePassword, encryptionDirectory, salt, iterationCount, createKeyStore); nonInteractiveSession.startVaultSession(cmdLine.getOptionValue("alias", "vault")); String vaultBlock = cmdLine.getOptionValue(VAULT_BLOCK_PARAM, "vb"); String attributeName = cmdLine.getOptionValue(ATTRIBUTE_PARAM, "password"); if (cmdLine.hasOption(CHECK_SEC_ATTR_EXISTS_PARAM)) { // check password if (nonInteractiveSession.checkSecuredAttribute(vaultBlock, attributeName)) { System.out.println(SecurityLogger.ROOT_LOGGER.cmdLineSecuredAttributeAlreadyExists()); return 0; } else { System.out.println(SecurityLogger.ROOT_LOGGER.cmdLineSecuredAttributeDoesNotExist()); return 5; } } if (cmdLine.hasOption(REMOVE_SEC_ATTR_PARAM)) { // remove password if (nonInteractiveSession.removeSecuredAttribute(vaultBlock, attributeName)) { System.out.println(SecurityLogger.ROOT_LOGGER.messageAttributeRemovedSuccessfuly( VaultSession.blockAttributeDisplayFormat(vaultBlock, attributeName))); return 0; } else { System.out.println(SecurityLogger.ROOT_LOGGER.messageAttributeNotRemoved( VaultSession.blockAttributeDisplayFormat(vaultBlock, attributeName))); return 6; } } else if (cmdLine.hasOption(SEC_ATTR_VALUE_PARAM)) { // add password String password = cmdLine.getOptionValue(SEC_ATTR_VALUE_PARAM, "password"); nonInteractiveSession.addSecuredAttributeWithDisplay(vaultBlock, attributeName, password.toCharArray()); summary(); return 0; } else { System.out.println(SecurityLogger.ROOT_LOGGER.actionNotSpecified()); return -1; } } private void summary() { nonInteractiveSession.vaultConfigurationDisplay(); } private void printUsage() { HelpFormatter help = new HelpFormatter(); String suffix = (VaultTool.isWindows() ? ".bat" : ".sh"); help.printHelp("vault" + suffix + " <empty> | ", options, true); } public static boolean isWindows() { String opsys = System.getProperty("os.name").toLowerCase(); return (opsys.indexOf("win") >= 0); } }