JUDDI-895 done with support for tokens

JUDDI-861 dialing back the logging a bit

juddi-core/src/main/java/org/apache/juddi/api/impl/JUDDIApiImpl.java

@@ -26,12 +26,8 @@
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
-import javax.jws.WebMethod;
-import javax.jws.WebParam;
-import javax.jws.WebResult;
 
 import javax.jws.WebService;
-import javax.jws.soap.SOAPBinding;
 import javax.persistence.EntityManager;
 import javax.persistence.EntityTransaction;
 import javax.persistence.Query;
@@ -1242,7 +1238,6 @@ public DispositionReport adminSaveBusiness(String authInfo, List<AdminSaveBusine
                                 stm.getBusinessEntity().addAll(values.get(i).getBusinessEntity());
                                 pub.saveBusiness(stm);
                         }
-                        //TODO replication?
 
                         tx.commit();
                         long procTime = System.currentTimeMillis() - startTime;
@@ -1286,7 +1281,6 @@ public DispositionReport adminSaveTModel(String authInfo, List<AdminSaveTModelWr
                                 stm.getTModel().addAll(values.get(i).getTModel());
                                 pub.saveTModel(stm);
                         }
-                        //TODO replication?
                         tx.commit();
                         long procTime = System.currentTimeMillis() - startTime;
                         serviceCounter.update(JUDDIQuery.ADMIN_SAVE_TMODEL,
@@ -1371,7 +1365,7 @@ public synchronized DispositionReport setReplicationNodes(String authInfo, org.u
                         if (!((Publisher) publisher).isAdmin()) {
                                 throw new UserMismatchException(new ErrorMessage("errors.AdminReqd"));
                         }
-                        new ValidateReplication(publisher).validateSetReplicationNodes(replicationConfiguration, em, node);
+                        new ValidateReplication(publisher).validateSetReplicationNodes(replicationConfiguration, em, node, AppConfig.getConfiguration());
 
                         //StringWriter sw = new StringWriter();
                         //JAXB.marshal(replicationConfiguration, sw);
@@ -1472,14 +1466,12 @@ public org.uddi.repl_v3.ReplicationConfiguration getReplicationNodes(String auth
                         throw drfm;
                 } catch (Exception ex) {
                         //possible that there is no config to return
-                        //logger.warn("Error caught, is there a replication config is avaiable? Returning a default config (no replication): " + ex.getMessage());
                         logger.debug("Error caught, is there a replication config is avaiable? Returning a default config (no replication): ", ex);
 
                         r.setCommunicationGraph(new CommunicationGraph());
                         Operator op = new Operator();
                         op.setOperatorNodeID(node);
                         op.setSoapReplicationURL(baseUrlSSL + "/services/replication");
-                        //TODO lookup from the root business
 
                         op.getContact().add(new Contact());
                         op.getContact().get(0).getPersonName().add(new PersonName("Unknown", null));

juddi-core/src/main/java/org/apache/juddi/replication/ReplicationNotifier.java

@@ -221,7 +221,7 @@ private void SendNotifications(Long id, String origin_node, boolean isRetrans) {
 
                 UDDIReplicationPortType x = uddiService.getUDDIReplicationPort();
                 if (destinationUrls.isEmpty()) {
-                        log.fatal("Something is bizarre with the replication config. I should have had at least one node to notify, but I have none!");
+                        log.debug("Something is bizarre with the replication config. I should have had at least one node to notify, but I have none!");
                 }
                 for (Object s : destinationUrls) {
 

juddi-core/src/main/java/org/apache/juddi/subscription/notify/USERFRIENDLYSMTPNotifier.java

@@ -175,7 +175,8 @@ protected PasswordAuthentication getPasswordAuthentication() {
                         Transport.send(message);
 
                 } catch (Throwable t) {
-                        log.error("Error sending email!" + t.getMessage(), t);
+                        log.warn("Error sending email!" + t.getMessage());
+                        log.debug("Error sending email!" + t.getMessage(),t);
                 }
         }
 
@@ -271,7 +272,8 @@ protected PasswordAuthentication getPasswordAuthentication() {
                         Transport.send(message);
 
                 } catch (Throwable t) {
-                        log.error("Error sending email!" + t.getMessage(), t);
+                        log.warn("Error sending email!" + t.getMessage());
+                        log.debug("Error sending email!" + t.getMessage(), t);
                 }
         }
 

juddi-core/src/main/java/org/apache/juddi/validation/ValidateReplication.java

@@ -17,11 +17,22 @@
 package org.apache.juddi.validation;
 
 import java.math.BigInteger;
+import java.security.cert.CertificateException;
 import java.util.List;
+import java.util.Properties;
+import java.util.concurrent.atomic.AtomicReference;
 import javax.persistence.EntityManager;
 import javax.xml.ws.WebServiceContext;
+import org.apache.commons.configuration.Configuration;
+import org.apache.commons.configuration.ConfigurationException;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.juddi.config.AppConfig;
+import org.apache.juddi.config.Property;
 import org.apache.juddi.model.Node;
 import org.apache.juddi.model.UddiEntityPublisher;
+import org.apache.juddi.v3.client.cryptor.CryptorFactory;
+import org.apache.juddi.v3.client.cryptor.DigSigUtil;
 import org.apache.juddi.v3.error.ErrorMessage;
 import org.apache.juddi.v3.error.FatalErrorException;
 import org.apache.juddi.v3.error.InvalidValueException;
@@ -45,9 +56,14 @@
  */
 public class ValidateReplication extends ValidateUDDIApi {
 
+        private final static Log log = LogFactory.getLog(ValidateReplication.class);
         public ValidateReplication(UddiEntityPublisher publisher) {
                 super(publisher);
         }
+
+       public ValidateReplication(UddiEntityPublisher publisher, String nodeid) {
+		 super(publisher, nodeid);
+	}
 
         public void validateNotifyChangeRecordsAvailable(NotifyChangeRecordsAvailable body, WebServiceContext ctx) throws DispositionReportFaultMessage {
                 //TODO
@@ -120,7 +136,7 @@ private static boolean ContainsNode(String requestingNode, ReplicationConfigurat
                 return false;
         }
 
-        public void validateSetReplicationNodes(ReplicationConfiguration replicationConfiguration, EntityManager em, String thisnode) throws DispositionReportFaultMessage {
+        public void validateSetReplicationNodes(ReplicationConfiguration replicationConfiguration, EntityManager em, String thisnode, Configuration config) throws DispositionReportFaultMessage, ConfigurationException {
                 if (replicationConfiguration == null) {
                         throw new InvalidValueException(new ErrorMessage("errors.replication.configNull"));
 
@@ -182,8 +198,71 @@ public void validateSetReplicationNodes(ReplicationConfiguration replicationConf
 
                         }
                 }
+                boolean shouldcheck = config.getBoolean(Property.JUDDI_REJECT_ENTITIES_WITH_INVALID_SIG_ENABLE, false);
+                initDigSig(config);
+                if (shouldcheck && !replicationConfiguration.getSignature().isEmpty() && ds != null) {
+                        AtomicReference<String> outmsg = new AtomicReference<String>();
+                        boolean ok = ds.verifySignedUddiEntity(replicationConfiguration, outmsg);
+                        if (!ok) {
+                                throw new FatalErrorException(new ErrorMessage("errors.digitalsignature.validationfailure" + " " + outmsg.get()));
+                        }
+
+                }
+        }
+
+         private org.apache.juddi.v3.client.cryptor.DigSigUtil ds = null;
+
+        private synchronized void initDigSig(Configuration config) {
+                if (ds == null) {
+
+                        Properties p = new Properties();
+                        /**
+                         * <trustStorePath>truststore.jks</trustStorePath>
+                         * <trustStoreType>JKS</trustStoreType>
+                         * <trustStorePassword
+                         * isPasswordEncrypted="false"
+                         * cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">password</trustStorePassword>
+                         *
+                         * <checkTimestamps>true</checkTimestamps>
+                         * <checkTrust>true</checkTrust>
+                         * <checkRevocationCRL>true</checkRevocationCRL>
+                         */
+                        p.put(DigSigUtil.TRUSTSTORE_FILE, config.getString(Property.JUDDI_REJECT_ENTITIES_WITH_INVALID_SIG_PREFIX + "trustStorePath", ""));
+                        p.put(DigSigUtil.TRUSTSTORE_FILETYPE, config.getString(Property.JUDDI_REJECT_ENTITIES_WITH_INVALID_SIG_PREFIX + "trustStoreType", ""));
+
+                        String enc = config.getString(Property.JUDDI_REJECT_ENTITIES_WITH_INVALID_SIG_PREFIX + "trustStorePassword", "");
+                        if (config.getBoolean(Property.JUDDI_REJECT_ENTITIES_WITH_INVALID_SIG_PREFIX + "trustStorePassword[@isPasswordEncrypted]", false)) {
+                                log.info("trust password is encrypted, decrypting...");
+
+                                String prov = config.getString(Property.JUDDI_REJECT_ENTITIES_WITH_INVALID_SIG_PREFIX + "trustStorePassword[@cryptoProvider]", "");
+                                try {
+                                        p.setProperty(DigSigUtil.TRUSTSTORE_FILE_PASSWORD, CryptorFactory.getCryptor(prov).decrypt(enc));
+                                } catch (Exception ex) {
+                                        log.warn("unable to decrypt trust store password " + ex.getMessage());
+                                        log.debug("unable to decrypt trust store password " + ex.getMessage(), ex);
+                                }
+
+                        } else if (!"".equals(enc)){
+                                log.warn("Hey, you should consider encrypting your trust store password!");
+                                p.setProperty(DigSigUtil.TRUSTSTORE_FILE_PASSWORD, enc);
+                        }
+
+                        p.put(DigSigUtil.CHECK_REVOCATION_STATUS_CRL, config.getString(Property.JUDDI_REJECT_ENTITIES_WITH_INVALID_SIG_PREFIX + "checkRevocationCRL", "true"));
+                        p.put(DigSigUtil.CHECK_TRUST_CHAIN, config.getString(Property.JUDDI_REJECT_ENTITIES_WITH_INVALID_SIG_PREFIX + "checkTrust", "true"));
+                        p.put(DigSigUtil.CHECK_TIMESTAMPS, config.getString(Property.JUDDI_REJECT_ENTITIES_WITH_INVALID_SIG_PREFIX + "checkTimestamps", "true"));
+
+                        try {
+                                ds = new DigSigUtil(p);
+                        } catch (CertificateException ex) {
+                                log.error("", ex);
+                        }
+                        //System.out.println("loaded from " + AppConfig.getConfigFileURL());
+                        //p.list(System.out);
+                }
         }
 
+
+
         private boolean Contains(List<Operator> operator, String s) {
                 if (operator == null) {
                         return false;

juddi-core/src/main/resources/juddi_install_data/root_replicationConfiguration.xml

@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Copyright 2015 The Apache Software Foundation.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<replicationConfiguration xmlns="urn:uddi-org:repl_v3" xmlns:ns2="urn:uddi-org:api_v3" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#">
+    <serialNumber>0</serialNumber>
+    <timeOfConfigurationUpdate></timeOfConfigurationUpdate>
+    <registryContact>
+        <ns2:contact>
+            <ns2:personName>Unknown</ns2:personName>
+        </ns2:contact>
+    </registryContact>
+    <operator>
+        <operatorNodeID>${juddi.nodeId}</operatorNodeID>
+        <operatorStatus>normal</operatorStatus>
+        <ns2:contact>
+            <ns2:personName>Unknown</ns2:personName>
+        </ns2:contact>
+        <soapReplicationURL>${juddi.server.baseurl}/services/replication</soapReplicationURL>
+    </operator>
+    <communicationGraph>
+        <node>${juddi.nodeId}</node>
+        <controlledMessage>*</controlledMessage>
+    </communicationGraph>
+    <maximumTimeToSyncRegistry>1</maximumTimeToSyncRegistry>
+    <maximumTimeToGetChanges>1</maximumTimeToGetChanges>
+</replicationConfiguration>

juddi-core/src/test/java/org/apache/juddi/config/InstallTest.java

@@ -0,0 +1,89 @@
+/*
+ * Copyright 2015 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.juddi.config;
+
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.StringWriter;
+import java.util.Properties;
+import javax.persistence.EntityManager;
+import javax.xml.bind.JAXB;
+import org.apache.commons.configuration.Configuration;
+import org.apache.commons.configuration.MapConfiguration;
+import org.apache.juddi.model.UddiEntityPublisher;
+import org.junit.After;
+import org.junit.AfterClass;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import static org.junit.Assert.*;
+import org.uddi.api_v3.BusinessEntity;
+import org.uddi.api_v3.TModel;
+import org.uddi.repl_v3.ReplicationConfiguration;
+
+/**
+ *
+ * @author alex
+ */
+public class InstallTest {
+
+        public InstallTest() {
+        }
+
+        @BeforeClass
+        public static void setUpClass() {
+        }
+
+        @AfterClass
+        public static void tearDownClass() {
+        }
+
+        @Before
+        public void setUp() {
+        }
+
+        @After
+        public void tearDown() {
+        }
+
+        /**
+         * Test of applyReplicationTokenChanges method, of class Install.
+         */
+        @Test
+        public void testApplyReplicationTokenChanges() throws Exception {
+                System.out.println("applyReplicationTokenChanges");
+                FileInputStream fis = new FileInputStream("./src/main/resources/juddi_install_data/root_replicationConfiguration.xml");
+
+                ReplicationConfiguration replicationCfg = JAXB.unmarshal(fis, ReplicationConfiguration.class);
+                Properties props = new Properties();
+                props.put(Property.JUDDI_NODE_ID, "uddi:a_custom_node");
+                props.put(Property.JUDDI_BASE_URL, "http://juddi.apache.org");
+                props.put(Property.JUDDI_BASE_URL_SECURE, "https://juddi.apache.org");
+
+                Configuration config = new MapConfiguration(props);
+                String thisnode = "uddi:a_custom_node";
+
+                ReplicationConfiguration result = Install.applyReplicationTokenChanges(replicationCfg, config, thisnode);
+                StringWriter sw = new StringWriter();
+                JAXB.marshal(result, sw);
+                Assert.assertFalse(sw.toString().contains("${juddi.nodeId}"));
+                Assert.assertFalse(sw.toString().contains("${juddi.server.baseurlsecure}"));
+                Assert.assertFalse(sw.toString().contains("${juddi.server.baseurl}"));
+
+        }
+
+}

juddi-core/src/test/resources/juddiv3DisabledTModelKeybag.xml

@@ -176,8 +176,9 @@
                             <trustStorePath>./src/test/resources/truststore.jks</trustStorePath>
                             <trustStoreType>JKS</trustStoreType>
                             <trustStorePassword
-                                    isPasswordEncrypted="false" 
-                                    cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">Test</trustStorePassword>
+                                    isPasswordEncrypted="true" 
+                                    cryptoProvider="org.apache.juddi.v3.client.crypto.AES128Cryptor">8133dcd169105875a711e4b8b3e03bce</trustStorePassword>
+                                    <!-- Test -->
 
                             <checkTimestamps>true</checkTimestamps>
                             <checkTrust>true</checkTrust>

uddi-tck/src/test/java/org/apache/juddi/v3/tck/JUDDI_300_MultiNodeIntegrationTest.java

@@ -744,7 +744,9 @@ public void testReplicationServiceBindingAddRemove() throws Exception {
 
                         resetBusinesses();
                         resetTmodels();
-
+                        try{
+                        samTModelNode2.saveTmodels(rootNode2Token);
+                        }catch (Exception ex){}
                         samTModelNode2.saveSamSyndicatorTmodel(samTokenNode2);
                         samBizNode2.saveSamSyndicatorBusiness(samTokenNode2);