[GovWayCore]

Aggiunto supporto 'multipropfile' alle configurazioni sulla sicurezza messaggio	tramite	wss4j

core/src/org/openspcoop2/security/keystore/MerlinTruststore.java

@@ -199,4 +199,15 @@ public org.openspcoop2.utils.certificate.KeyStore getTrustStore() throws Securit
 		}
 	}
 
+	public String getTipoStore() {
+		return this.tipoStore;
+	}
+
+	public String getPathStore() {
+		return this.pathStore;
+	}
+
+	public String getPasswordStore() {
+		return this.passwordStore;
+	}
 }

core/src/org/openspcoop2/security/keystore/MultiKeystore.java

@@ -58,6 +58,9 @@ public class MultiKeystore implements Serializable  {
 
 	private List<String> aliasesList = new ArrayList<>();
 	private Map<String, Serializable> keystores = new HashMap<>();
+	private Map<String, String> mappingAliasToKeystorePath = new HashMap<>();
+	private Map<String, String> mappingAliasToKeystorePassword = new HashMap<>();
+	private Map<String, String> mappingAliasToKeystoreType = new HashMap<>();
 	private Map<String, String> mappingAliasToKeyAlias = new HashMap<>();
 	private Map<String, String> mappingAliasToKeyPassword = new HashMap<>();
 
@@ -132,6 +135,9 @@ private void addSymmetricKeystore(String alias, String keyAlias, String keyValue
 	private void addMerlinKeystore(String alias, String keyAlias, String keystoreType, String keystorePath, String keystorePassword, String keyPassword, BYOKRequestParams requestParams) {
 		try {
 			this.keystores.put(alias, new MerlinKeystore(keystorePath, keystoreType, keystorePassword, keyPassword, requestParams));
+			this.mappingAliasToKeystoreType.put(alias, keystoreType);
+			this.mappingAliasToKeystorePath.put(alias, keystorePath);
+			this.mappingAliasToKeystorePassword.put(alias, keystorePassword);
 		}catch(Exception e) {
 			String idKeystore = "!!! Errore durante il caricamento del MerlinKeystore !!! [keyAlias:"+keyAlias+"] ";
 			LoggerWrapperFactory.getLogger(MultiKeystore.class).error(idKeystore+e.getMessage(),e);
@@ -227,4 +233,58 @@ public String getKeyPassword(String alias) throws SecurityException {
 			throw new SecurityException(e.getMessage(),e);
 		}
 	}
+
+	public String getKeystorePath(String alias) throws SecurityException {
+		try{
+			if(!this.aliasesList.contains(alias)){
+				throw new SecurityException(getErrorAlias(alias));
+			}
+
+			return this.mappingAliasToKeystorePath.get(alias);
+		}catch(Exception e){
+			throw new SecurityException(e.getMessage(),e);
+		}
+	}
+
+	public String getKeystorePassword(String alias) throws SecurityException {
+		try{
+			if(!this.aliasesList.contains(alias)){
+				throw new SecurityException(getErrorAlias(alias));
+			}
+
+			return this.mappingAliasToKeystorePassword.get(alias);
+		}catch(Exception e){
+			throw new SecurityException(e.getMessage(),e);
+		}
+	}
+
+	public String getKeystoreType(String alias) throws SecurityException {
+		try{
+			if(!this.aliasesList.contains(alias)){
+				throw new SecurityException(getErrorAlias(alias));
+			}
+
+			return this.mappingAliasToKeystoreType.get(alias);
+		}catch(Exception e){
+			throw new SecurityException(e.getMessage(),e);
+		}
+	}
+
+	public String getInternalConfigAlias(String keyAlias) throws SecurityException {
+		try{
+			if(!this.mappingAliasToKeyAlias.containsValue(keyAlias)){
+				throw new SecurityException(getErrorAlias(keyAlias));
+			}
+			for (Map.Entry<String,String> entry : this.mappingAliasToKeyAlias.entrySet()) {
+				if(entry.getValue().equals(keyAlias)) {
+					return entry.getKey();
+				}
+			}
+
+			throw new SecurityException(getErrorAlias(keyAlias));
+		}catch(Exception e){
+			throw new SecurityException(e.getMessage(),e);
+		}
+	}
+
 }

core/src/org/openspcoop2/security/message/MessageSecurityContext.java

@@ -654,28 +654,7 @@ private void resolvePWCallback(boolean incoming) throws SecurityException{
     			}
 
     			if(mapAliasToPassword.size()>0) {
-
-    				CallbackHandler pwCallbackHandler = new CallbackHandler() {
-
-						private HashMap<String, String> mapAliasToPasswordParam = mapAliasToPassword;
-
-						@Override
-						public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
-							 for (int i = 0; i < callbacks.length; i++) {
-								 if (callbacks[i] instanceof WSPasswordCallback) {
-						                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
-						                if(this.mapAliasToPasswordParam.containsKey(pc.getIdentifier())) {
-						                	pc.setPassword(this.mapAliasToPasswordParam.get(pc.getIdentifier()));
-						                }
-						            } else {
-						                throw new UnsupportedCallbackException(callbacks[i],
-						                        "Unrecognized Callback");
-						            }
-						        }
-						}
-
-					};
-
+    				CallbackHandler pwCallbackHandler = newCallbackHandler(mapAliasToPassword);
     				props.put(SecurityConstants.PASSWORD_CALLBACK_REF, pwCallbackHandler);
     			}
 
@@ -685,6 +664,28 @@ public void handle(Callback[] callbacks) throws IOException, UnsupportedCallback
     	}
     }
 
+    public static CallbackHandler newCallbackHandler(Map<String, String> mapAliasToPassword) {
+    	return new CallbackHandler() {
+
+			private Map<String, String> mapAliasToPasswordParam = mapAliasToPassword;
+
+			@Override
+			public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+				 for (int i = 0; i < callbacks.length; i++) {
+					 if (callbacks[i] instanceof WSPasswordCallback) {
+			                WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
+			                if(this.mapAliasToPasswordParam.containsKey(pc.getIdentifier())) {
+			                	pc.setPassword(this.mapAliasToPasswordParam.get(pc.getIdentifier()));
+			                }
+			            } else {
+			                throw new UnsupportedCallbackException(callbacks[i],
+			                        "Unrecognized Callback");
+			            }
+			        }
+			}
+
+		};
+    }
 
     /** Utility per verificare l'esistenza di un header di sicurezza */
     public boolean existsSecurityHeader(OpenSPCoop2Message msg,String actor){

core/src/org/openspcoop2/security/message/utils/BaseSecurityBean.java

@@ -21,6 +21,7 @@
 
 import java.util.Properties;
 
+import org.openspcoop2.security.keystore.MultiKeystore;
 import org.openspcoop2.utils.certificate.JWKSet;
 import org.openspcoop2.utils.certificate.KeyStore;
 
@@ -40,6 +41,8 @@ public abstract class BaseSecurityBean {
 	private String user;
 	private String password;
 
+	private MultiKeystore multiKeystore; // per mantenere la configurazione multikeystpre
+
 	public Properties getProperties() {
 		return this.properties;
 	}
@@ -87,5 +90,10 @@ public void setPassword(String password) {
 		this.password = password;
 	}
 
-
+	public MultiKeystore getMultiKeystore() {
+		return this.multiKeystore;
+	}
+	public void setMultiKeystore(MultiKeystore multiKeystore) {
+		this.multiKeystore = multiKeystore;
+	}
 }

core/src/org/openspcoop2/security/message/utils/KeystoreUtils.java

@@ -70,6 +70,7 @@ public static EncryptionBean getSenderEncryptionBean(MessageSecurityContext mess
 			requestInfo = (RequestInfo) ctx.get(Costanti.REQUEST_INFO);
 		}
 
+		MultiKeystore multiKeystore = null;
 		JWKSet encryptionJWKSet = null;
 		KeyStore encryptionKS = null;
 		KeyStore encryptionTrustStoreKS = null;
@@ -164,7 +165,7 @@ else if(encryptionStoreProperties!=null){
 		}
 		// 2. Multi Property
 		else if(multiEncryptionStore!=null){
-			MultiKeystore multiKeystore = GestoreKeystoreCache.getMultiKeystore(requestInfo, multiEncryptionStore);
+			multiKeystore = GestoreKeystoreCache.getMultiKeystore(requestInfo, multiEncryptionStore);
 			if(SecurityConstants.MULTI_USER_KEYWORD_FRUITORE.equals(aliasEncryptUser) && 
 					messageSecurityContext.getIdFruitore()!=null && messageSecurityContext.getIdFruitore().getNome()!=null){
 				String fruitore = messageSecurityContext.getIdFruitore().getNome();
@@ -270,6 +271,7 @@ else if(encryptionSymmetricKeyValue!=null){
 		bean.setUser(aliasEncryptUser);
 		bean.setPassword(aliasEncryptPassword);
 		bean.setEncryptionSimmetric(encryptionSymmetric);
+		bean.setMultiKeystore(multiKeystore);
 
 		return bean;
 	}
@@ -284,6 +286,7 @@ public static EncryptionBean getReceiverEncryptionBean(MessageSecurityContext me
 			requestInfo = (RequestInfo) ctx.get(Costanti.REQUEST_INFO);
 		}
 
+		MultiKeystore multiKeystore = null;
 		JWKSet decryptionJWKSet = null;
 		KeyStore decryptionKS = null;
 		KeyStore decryptionTrustStoreKS = null;
@@ -378,7 +381,7 @@ else if(decryptionStoreProperties!=null){
 		}
 		// 2. Multi Property
 		else if(multiDecryptionStore!=null){
-			MultiKeystore multiKeystore = GestoreKeystoreCache.getMultiKeystore(requestInfo, multiDecryptionStore);
+			multiKeystore = GestoreKeystoreCache.getMultiKeystore(requestInfo, multiDecryptionStore);
 			if(SecurityConstants.MULTI_USER_KEYWORD_FRUITORE.equals(aliasDecryptUser) && 
 					messageSecurityContext.getIdFruitore()!=null && messageSecurityContext.getIdFruitore().getNome()!=null){
 				String fruitore = messageSecurityContext.getIdFruitore().getNome();
@@ -484,6 +487,7 @@ else if(decryptionJWKSetFile!=null) {
 		bean.setUser(aliasDecryptUser);
 		bean.setPassword(aliasDecryptPassword);
 		bean.setEncryptionSimmetric(decryptionSymmetric);
+		bean.setMultiKeystore(multiKeystore);
 
 		return bean;
 	}
@@ -499,6 +503,7 @@ public static SignatureBean getSenderSignatureBean(MessageSecurityContext messag
 			requestInfo = (RequestInfo) ctx.get(Costanti.REQUEST_INFO);
 		}
 
+		MultiKeystore multiKeystore = null;
 		JWKSet signatureJWKSet = null;
 		KeyStore signatureKS = null;
 		KeyStore signatureTrustStoreKS = null;
@@ -582,7 +587,7 @@ else if(signatureStoreProperties!=null) {
 		}
 		// 2. Multi Property
 		else if(multiSignatureStore!=null){
-			MultiKeystore multiKeystore = GestoreKeystoreCache.getMultiKeystore(requestInfo, multiSignatureStore);
+			multiKeystore = GestoreKeystoreCache.getMultiKeystore(requestInfo, multiSignatureStore);
 			if(SecurityConstants.MULTI_USER_KEYWORD_FRUITORE.equals(aliasSignatureUser) && 
 					messageSecurityContext.getIdFruitore()!=null && messageSecurityContext.getIdFruitore().getNome()!=null){
 				String fruitore = messageSecurityContext.getIdFruitore().getNome();
@@ -672,6 +677,7 @@ else if(signatureJWKSetFile!=null) {
 		bean.setJwkSet(signatureJWKSet);
 		bean.setUser(aliasSignatureUser);
 		bean.setPassword(aliasSignaturePassword);
+		bean.setMultiKeystore(multiKeystore);
 
 		return bean;
 
@@ -687,6 +693,7 @@ public static SignatureBean getReceiverSignatureBean(MessageSecurityContext mess
 			requestInfo = (RequestInfo) ctx.get(Costanti.REQUEST_INFO);
 		}
 
+		MultiKeystore multiKeystore = null;
 		JWKSet signatureJWKSet = null;
 		KeyStore signatureKS = null;
 		KeyStore signatureTrustStoreKS = null;
@@ -772,7 +779,7 @@ else if(signatureStoreProperties!=null) {
 		}
 		// 2. Multi Property
 		else if(multiSignatureStore!=null){
-			MultiKeystore multiKeystore = GestoreKeystoreCache.getMultiKeystore(requestInfo, multiSignatureStore);
+			multiKeystore = GestoreKeystoreCache.getMultiKeystore(requestInfo, multiSignatureStore);
 			if(SecurityConstants.MULTI_USER_KEYWORD_FRUITORE.equals(aliasSignatureUser) && 
 					messageSecurityContext.getIdFruitore()!=null && messageSecurityContext.getIdFruitore().getNome()!=null){
 				String fruitore = messageSecurityContext.getIdFruitore().getNome();
@@ -866,6 +873,7 @@ else if(SecurityConstants.MULTI_USER_KEYWORD_IDENTIFICATIVO_PORTA_EROGATORE.equa
 		bean.setUser(aliasSignatureUser);
 		bean.setPassword(aliasSignaturePassword);
 		bean.setCrlPath(crlPath);
+		bean.setMultiKeystore(multiKeystore);
 
 		return bean;