svndigest - svndigest

src/core/net/sf/basedb/util/uri/ConnectionParameters.java

: Code
: Comments
: Other

Rev	Date	Author	Line
5582	15 Mar 11	nicklas	1	/**
5582	15 Mar 11	nicklas	2	$Id$
5582	15 Mar 11	nicklas	3
5582	15 Mar 11	nicklas	4	Copyright (C) 2011 Nicklas Nordborg
5582	15 Mar 11	nicklas	5
5582	15 Mar 11	nicklas	6	This file is part of BASE - BioArray Software Environment.
5582	15 Mar 11	nicklas	7	Available at http://base.thep.lu.se/
5582	15 Mar 11	nicklas	8
5582	15 Mar 11	nicklas	9	BASE is free software; you can redistribute it and/or
5582	15 Mar 11	nicklas	10	modify it under the terms of the GNU General Public License
5582	15 Mar 11	nicklas	11	as published by the Free Software Foundation; either version 3
5582	15 Mar 11	nicklas	12	of the License, or (at your option) any later version.
5582	15 Mar 11	nicklas	13
5582	15 Mar 11	nicklas	14	BASE is distributed in the hope that it will be useful,
5582	15 Mar 11	nicklas	15	but WITHOUT ANY WARRANTY; without even the implied warranty of
5582	15 Mar 11	nicklas	16	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
5582	15 Mar 11	nicklas	17	GNU General Public License for more details.
5582	15 Mar 11	nicklas	18
5582	15 Mar 11	nicklas	19	You should have received a copy of the GNU General Public License
5582	15 Mar 11	nicklas	20	along with BASE. If not, see <http://www.gnu.org/licenses/>.
5582	15 Mar 11	nicklas	21	*/
5582	15 Mar 11	nicklas	22	package net.sf.basedb.util.uri;
5582	15 Mar 11	nicklas	23
5618	28 Apr 11	nicklas	24	import java.net.URI;
5618	28 Apr 11	nicklas	25	import java.net.URISyntaxException;
5618	28 Apr 11	nicklas	26
7471	09 Apr 18	nicklas	27	import org.bouncycastle.util.Arrays;
7471	09 Apr 18	nicklas	28
5582	15 Mar 11	nicklas	29	import net.sf.basedb.core.FileServer;
6497	26 Jun 14	nicklas	30	import net.sf.basedb.core.PermissionDeniedException;
5582	15 Mar 11	nicklas	31	import net.sf.basedb.core.data.FileServerData;
5618	28 Apr 11	nicklas	32	import net.sf.basedb.util.Values;
5582	15 Mar 11	nicklas	33
5582	15 Mar 11	nicklas	34	/**
5582	15 Mar 11	nicklas	35	Connection parameters, such as username/password, that may be needed
5582	15 Mar 11	nicklas	36	to connect to a server.
5582	15 Mar 11	nicklas	37
5582	15 Mar 11	nicklas	38	@author Nicklas
5582	15 Mar 11	nicklas	39	@since 3.0
5582	15 Mar 11	nicklas	40	@base.modified $Date$
5582	15 Mar 11	nicklas	41	*/
5582	15 Mar 11	nicklas	42	public class ConnectionParameters
5582	15 Mar 11	nicklas	43	{
5582	15 Mar 11	nicklas	44
5582	15 Mar 11	nicklas	45	/**
5582	15 Mar 11	nicklas	46	Create a parameters object using information from the
5582	15 Mar 11	nicklas	47	{@link FileServer} object.
5582	15 Mar 11	nicklas	48	*/
5582	15 Mar 11	nicklas	49	public static ConnectionParameters create(FileServerData fileServer)
5582	15 Mar 11	nicklas	50	{
5582	15 Mar 11	nicklas	51	if (fileServer == null) return null;
5582	15 Mar 11	nicklas	52
5582	15 Mar 11	nicklas	53	ConnectionParameters parameters = new ConnectionParameters();
5599	31 Mar 11	nicklas	54	parameters.setConnectionManagerFactoryId(fileServer.getConnectionManagerFactory());
5618	28 Apr 11	nicklas	55	parameters.setHost(fileServer.getHost());
5582	15 Mar 11	nicklas	56	parameters.setUsername(fileServer.getUsername());
5582	15 Mar 11	nicklas	57	parameters.setPassword(fileServer.getPassword());
7471	09 Apr 18	nicklas	58	parameters.setServerCertificate(Arrays.clone(fileServer.getServerCertificate()));
7471	09 Apr 18	nicklas	59	parameters.setClientCertificate(Arrays.clone(fileServer.getClientCertificate()));
5582	15 Mar 11	nicklas	60	parameters.setClientCertificatePassword(fileServer.getClientCertificatePassword());
6497	26 Jun 14	nicklas	61	parameters.setRootPath(fileServer.getRootPath());
6497	26 Jun 14	nicklas	62	parameters.setSshFingerprint(fileServer.getSshFingerprint());
7471	09 Apr 18	nicklas	63	parameters.setSshPrivateKey(Arrays.clone(fileServer.getSshPrivateKey()));
7471	09 Apr 18	nicklas	64	parameters.setSshPrivateKeyPassword(fileServer.getSshPrivateKeyPassword());
7471	09 Apr 18	nicklas	65	parameters.setSshPrivateKeyFormat(fileServer.getSshPrivateKeyFormat());
5582	15 Mar 11	nicklas	66	return parameters;
5582	15 Mar 11	nicklas	67	}
5582	15 Mar 11	nicklas	68
5599	31 Mar 11	nicklas	69	private String factoryId;
5618	28 Apr 11	nicklas	70	private String host;
5582	15 Mar 11	nicklas	71	private String username;
5582	15 Mar 11	nicklas	72	private String password;
6497	26 Jun 14	nicklas	73	private String rootPath;
6497	26 Jun 14	nicklas	74	private String sshFingerprint;
7471	09 Apr 18	nicklas	75	private byte[] sshPrivateKey;
7471	09 Apr 18	nicklas	76	private String sshPrivateKeyPassword;
7471	09 Apr 18	nicklas	77	private String sshPrivateKeyFormat;
5582	15 Mar 11	nicklas	78	private byte[] serverCertificate;
5582	15 Mar 11	nicklas	79	private byte[] clientCertificate;
5582	15 Mar 11	nicklas	80	private String clientCertificatePassword;
5582	15 Mar 11	nicklas	81
5582	15 Mar 11	nicklas	82	/**
5582	15 Mar 11	nicklas	83	Create a new empty parameters object.
5582	15 Mar 11	nicklas	84	*/
5582	15 Mar 11	nicklas	85	public ConnectionParameters()
5582	15 Mar 11	nicklas	86	{}
5582	15 Mar 11	nicklas	87
5582	15 Mar 11	nicklas	88	/**
5599	31 Mar 11	nicklas	89	Get the connection manager factory that we should use to
5599	31 Mar 11	nicklas	90	access the file, or null to use auto-detection.
5599	31 Mar 11	nicklas	91	*/
5599	31 Mar 11	nicklas	92	public String getConnectionManagerFactoryId()
5599	31 Mar 11	nicklas	93	{
5599	31 Mar 11	nicklas	94	return factoryId;
5599	31 Mar 11	nicklas	95	}
5599	31 Mar 11	nicklas	96	public void setConnectionManagerFactoryId(String factoryId)
5599	31 Mar 11	nicklas	97	{
5599	31 Mar 11	nicklas	98	this.factoryId = factoryId;
5599	31 Mar 11	nicklas	99	}
5599	31 Mar 11	nicklas	100
5599	31 Mar 11	nicklas	101	/**
5618	28 Apr 11	nicklas	102	Get the host:port that should override the host:port
5618	28 Apr 11	nicklas	103	specified by the file URI.
5618	28 Apr 11	nicklas	104	*/
5618	28 Apr 11	nicklas	105	public String getHost()
5618	28 Apr 11	nicklas	106	{
5618	28 Apr 11	nicklas	107	return host;
5618	28 Apr 11	nicklas	108	}
5618	28 Apr 11	nicklas	109	public void setHost(String host)
5618	28 Apr 11	nicklas	110	{
5618	28 Apr 11	nicklas	111	this.host = host;
5618	28 Apr 11	nicklas	112	}
5618	28 Apr 11	nicklas	113
5618	28 Apr 11	nicklas	114	/**
5582	15 Mar 11	nicklas	115	Get the username that should be used to authenticate the user.
5582	15 Mar 11	nicklas	116	*/
5582	15 Mar 11	nicklas	117	public String getUsername()
5582	15 Mar 11	nicklas	118	{
5582	15 Mar 11	nicklas	119	return username;
5582	15 Mar 11	nicklas	120	}
5582	15 Mar 11	nicklas	121	public void setUsername(String username)
5582	15 Mar 11	nicklas	122	{
5582	15 Mar 11	nicklas	123	this.username = username;
5582	15 Mar 11	nicklas	124	}
5582	15 Mar 11	nicklas	125
5582	15 Mar 11	nicklas	126	/**
5582	15 Mar 11	nicklas	127	Get the password that should be used to authenticate the user.
5582	15 Mar 11	nicklas	128	*/
5582	15 Mar 11	nicklas	129	public String getPassword()
5582	15 Mar 11	nicklas	130	{
5582	15 Mar 11	nicklas	131	return password;
5582	15 Mar 11	nicklas	132	}
5582	15 Mar 11	nicklas	133	public void setPassword(String password)
5582	15 Mar 11	nicklas	134	{
5582	15 Mar 11	nicklas	135	this.password = password;
5582	15 Mar 11	nicklas	136	}
5582	15 Mar 11	nicklas	137
5582	15 Mar 11	nicklas	138	/**
6497	26 Jun 14	nicklas	139	Get the root path that must be added to all URI:s used with these
6497	26 Jun 14	nicklas	140	connection parameters.
6497	26 Jun 14	nicklas	141	@since 3.3
6497	26 Jun 14	nicklas	142	*/
6497	26 Jun 14	nicklas	143	public String getRootPath()
6497	26 Jun 14	nicklas	144	{
6497	26 Jun 14	nicklas	145	return rootPath;
6497	26 Jun 14	nicklas	146	}
6497	26 Jun 14	nicklas	147	public void setRootPath(String rootPath)
6497	26 Jun 14	nicklas	148	{
6497	26 Jun 14	nicklas	149	this.rootPath = rootPath;
6497	26 Jun 14	nicklas	150	}
6497	26 Jun 14	nicklas	151
6497	26 Jun 14	nicklas	152	/**
5582	15 Mar 11	nicklas	153	Get the public server certificate that indicates that we should only trust the
5582	15 Mar 11	nicklas	154	server if it can present a certificate that matches this. This property is typically
5582	15 Mar 11	nicklas	155	only needed when using SSL to access servers that has a self-signed certificate. Servers
5582	15 Mar 11	nicklas	156	which has a certificate signed by a trusted certification authority should be
5582	15 Mar 11	nicklas	157	automatically trusted by BASE without this property. The certificate
5582	15 Mar 11	nicklas	158	is a X.509 certificate in either binary or base64-encoded DER format.
5582	15 Mar 11	nicklas	159
5582	15 Mar 11	nicklas	160	@return A byte array with the certificate or null if no certificate has been set
5582	15 Mar 11	nicklas	161	@see FileServer#getServerCertificate()
5582	15 Mar 11	nicklas	162	*/
5582	15 Mar 11	nicklas	163	public byte[] getServerCertificate()
5582	15 Mar 11	nicklas	164	{
5582	15 Mar 11	nicklas	165	return serverCertificate;
5582	15 Mar 11	nicklas	166	}
5582	15 Mar 11	nicklas	167	public void setServerCertificate(byte[] certificate)
5582	15 Mar 11	nicklas	168	{
5582	15 Mar 11	nicklas	169	this.serverCertificate = certificate;
5582	15 Mar 11	nicklas	170	}
5582	15 Mar 11	nicklas	171
5582	15 Mar 11	nicklas	172	/**
5582	15 Mar 11	nicklas	173	Get the client certificate that BASE should use to authenticate with the server
5582	15 Mar 11	nicklas	174	when connecting using SSL. This property is typically needed when the server
5582	15 Mar 11	nicklas	175	requires clients to authenticate themselves using a certificate. The certificate
5582	15 Mar 11	nicklas	176	must be a PKCS #12 certificate in binary format, and it should contain only
5582	15 Mar 11	nicklas	177	one certificate.
5582	15 Mar 11	nicklas	178
5582	15 Mar 11	nicklas	179	@return A byte array with the certificate or null if no certificate has been set
5582	15 Mar 11	nicklas	180	@see FileServer#getClientCertificate()
5582	15 Mar 11	nicklas	181	*/
5582	15 Mar 11	nicklas	182	public byte[] getClientCertificate()
5582	15 Mar 11	nicklas	183	{
5582	15 Mar 11	nicklas	184	return clientCertificate;
5582	15 Mar 11	nicklas	185	}
5582	15 Mar 11	nicklas	186	public void setClientCertificate(byte[] certificate)
5582	15 Mar 11	nicklas	187	{
5582	15 Mar 11	nicklas	188	this.clientCertificate = certificate;
5582	15 Mar 11	nicklas	189	}
5582	15 Mar 11	nicklas	190
5582	15 Mar 11	nicklas	191	/**
5582	15 Mar 11	nicklas	192	Get the password that is needed to unlock the client certificate.
5582	15 Mar 11	nicklas	193	@return The password (which may be null)
5582	15 Mar 11	nicklas	194	*/
5582	15 Mar 11	nicklas	195	public String getClientCertificatePassword()
5582	15 Mar 11	nicklas	196	{
5582	15 Mar 11	nicklas	197	return clientCertificatePassword;
5582	15 Mar 11	nicklas	198	}
5582	15 Mar 11	nicklas	199	public void setClientCertificatePassword(String password)
5582	15 Mar 11	nicklas	200	{
5582	15 Mar 11	nicklas	201	this.clientCertificatePassword = password;
5582	15 Mar 11	nicklas	202	}
5582	15 Mar 11	nicklas	203
5618	28 Apr 11	nicklas	204	/**
6497	26 Jun 14	nicklas	205	Get the SSH fingerprint of the server. Should be used to verify the
6497	26 Jun 14	nicklas	206	connection when connecting via SSH.
6497	26 Jun 14	nicklas	207	@since 3.3
6497	26 Jun 14	nicklas	208	*/
6497	26 Jun 14	nicklas	209	public String getSshFingerprint()
6497	26 Jun 14	nicklas	210	{
6497	26 Jun 14	nicklas	211	return sshFingerprint;
6497	26 Jun 14	nicklas	212	}
6497	26 Jun 14	nicklas	213	public void setSshFingerprint(String sshFingerprint)
6497	26 Jun 14	nicklas	214	{
6497	26 Jun 14	nicklas	215	this.sshFingerprint = sshFingerprint;
6497	26 Jun 14	nicklas	216	}
6497	26 Jun 14	nicklas	217
7471	09 Apr 18	nicklas	218	/**
7471	09 Apr 18	nicklas	219	Get the private key that should be used to authenticate with the server
7471	09 Apr 18	nicklas	220	when connecting using SSH.
7471	09 Apr 18	nicklas	221	@since 3.13
7471	09 Apr 18	nicklas	222	*/
7471	09 Apr 18	nicklas	223	public byte[] getSshPrivateKey()
7471	09 Apr 18	nicklas	224	{
7471	09 Apr 18	nicklas	225	return sshPrivateKey;
7471	09 Apr 18	nicklas	226	}
7471	09 Apr 18	nicklas	227	public void setSshPrivateKey(byte[] sshPrivateKey)
7471	09 Apr 18	nicklas	228	{
7471	09 Apr 18	nicklas	229	this.sshPrivateKey = sshPrivateKey;
7471	09 Apr 18	nicklas	230	}
6497	26 Jun 14	nicklas	231
6497	26 Jun 14	nicklas	232	/**
7471	09 Apr 18	nicklas	233	Get the password that is needed to unlock the SSH private key.
7471	09 Apr 18	nicklas	234	@return The password (which may be null)
7471	09 Apr 18	nicklas	235	@since 3.13
7471	09 Apr 18	nicklas	236	*/
7471	09 Apr 18	nicklas	237	public String getSshPrivateKeyPassword()
7471	09 Apr 18	nicklas	238	{
7471	09 Apr 18	nicklas	239	return sshPrivateKeyPassword;
7471	09 Apr 18	nicklas	240	}
7471	09 Apr 18	nicklas	241	public void setSshPrivateKeyPassword(String password)
7471	09 Apr 18	nicklas	242	{
7471	09 Apr 18	nicklas	243	this.sshPrivateKeyPassword = password;
7471	09 Apr 18	nicklas	244	}
7471	09 Apr 18	nicklas	245
7471	09 Apr 18	nicklas	246	/**
7471	09 Apr 18	nicklas	247	Get the format of the SSH private key (if known).
7471	09 Apr 18	nicklas	248	@return The private key format (or null to try auto-detection)
7471	09 Apr 18	nicklas	249	@since 3.13
7471	09 Apr 18	nicklas	250	*/
7471	09 Apr 18	nicklas	251	public String getSshPrivateKeyFormat()
7471	09 Apr 18	nicklas	252	{
7471	09 Apr 18	nicklas	253	return sshPrivateKeyFormat;
7471	09 Apr 18	nicklas	254	}
7471	09 Apr 18	nicklas	255	public void setSshPrivateKeyFormat(String format)
7471	09 Apr 18	nicklas	256	{
7471	09 Apr 18	nicklas	257	this.sshPrivateKeyFormat = format;
7471	09 Apr 18	nicklas	258	}
7471	09 Apr 18	nicklas	259
7471	09 Apr 18	nicklas	260	/**
6497	26 Jun 14	nicklas	261	If the connection parameters include a specific host:port or root path
6497	26 Jun 14	nicklas	262	a new URI is created were the host:port is replaced and the root path is added
6497	26 Jun 14	nicklas	263	to the URI path. Otherwise the original URI is returned unmodified.
5618	28 Apr 11	nicklas	264	@param uri The URI to change
5618	28 Apr 11	nicklas	265	@return The new URI
6497	26 Jun 14	nicklas	266	@throws PermissionDeniedException If the given URI tries to move outside the
6497	26 Jun 14	nicklas	267	root path by including '..' to step up one or more levels
5618	28 Apr 11	nicklas	268	*/
5618	28 Apr 11	nicklas	269	public URI changeHost(URI uri)
5618	28 Apr 11	nicklas	270	{
5618	28 Apr 11	nicklas	271	String host = getHost();
6497	26 Jun 14	nicklas	272	String rootPath = getRootPath();
6497	26 Jun 14	nicklas	273	if (host == null && rootPath == null) return uri;
5618	28 Apr 11	nicklas	274
5618	28 Apr 11	nicklas	275	int port = -1;
6497	26 Jun 14	nicklas	276	if (host != null)
5618	28 Apr 11	nicklas	277	{
6497	26 Jun 14	nicklas	278	int colon = host.indexOf(':');
6497	26 Jun 14	nicklas	279	if (colon > 0)
6497	26 Jun 14	nicklas	280	{
6497	26 Jun 14	nicklas	281	port = Values.getInt(host.substring(colon+1), -1);
6497	26 Jun 14	nicklas	282	host = host.substring(0, colon);
6497	26 Jun 14	nicklas	283	}
5618	28 Apr 11	nicklas	284	}
6497	26 Jun 14	nicklas	285	else
6497	26 Jun 14	nicklas	286	{
6497	26 Jun 14	nicklas	287	host = uri.getHost();
6497	26 Jun 14	nicklas	288	port = uri.getPort();
6497	26 Jun 14	nicklas	289	}
6497	26 Jun 14	nicklas	290
6497	26 Jun 14	nicklas	291	String path = uri.getPath();
6497	26 Jun 14	nicklas	292	if (rootPath != null)
6497	26 Jun 14	nicklas	293	{
6497	26 Jun 14	nicklas	294	path = rootPath + path;
6497	26 Jun 14	nicklas	295	}
6497	26 Jun 14	nicklas	296
5618	28 Apr 11	nicklas	297	try
5618	28 Apr 11	nicklas	298	{
6497	26 Jun 14	nicklas	299	uri = new URI(uri.getScheme(), uri.getUserInfo(), host, port, path, uri.getQuery(), uri.getFragment()).normalize();
5618	28 Apr 11	nicklas	300	}
5618	28 Apr 11	nicklas	301	catch (URISyntaxException ex)
5618	28 Apr 11	nicklas	302	{} // Shouldn't happen if the original URI is ok
6497	26 Jun 14	nicklas	303
6497	26 Jun 14	nicklas	304	if (rootPath != null && !uri.getPath().startsWith(rootPath))
6497	26 Jun 14	nicklas	305	{
6497	26 Jun 14	nicklas	306	throw new PermissionDeniedException(uri.toString() + " is outside allowed root: " + rootPath);
6497	26 Jun 14	nicklas	307	}
6497	26 Jun 14	nicklas	308
5618	28 Apr 11	nicklas	309	return uri;
5618	28 Apr 11	nicklas	310	}
5618	28 Apr 11	nicklas	311
5582	15 Mar 11	nicklas	312	}