|
Glassfish example source code file (SecureAdminConfigUpgrade.java)
The Glassfish SecureAdminConfigUpgrade.java source code/* * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. * * Copyright (c) 2010 Oracle and/or its affiliates. All rights reserved. * * The contents of this file are subject to the terms of either the GNU * General Public License Version 2 only ("GPL") or the Common Development * and Distribution License("CDDL") (collectively, the "License"). You * may not use this file except in compliance with the License. You can * obtain a copy of the License at * https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html * or packager/legal/LICENSE.txt. See the License for the specific * language governing permissions and limitations under the License. * * When distributing the software, include this License Header Notice in each * file and include the License file at packager/legal/LICENSE.txt. * * GPL Classpath Exception: * Oracle designates this particular file as subject to the "Classpath" * exception as provided by Oracle in the GPL Version 2 section of the License * file that accompanied this code. * * Modifications: * If applicable, add the following below the License Header, with the fields * enclosed by brackets [] replaced by your own identifying information: * "Portions Copyright [year] [name of copyright owner]" * * Contributor(s): * If you wish your version of this file to be governed by only the CDDL or * only the GPL Version 2, indicate your decision by adding "[Contributor] * elects to include this software in this distribution under the [CDDL or GPL * Version 2] license." If you don't indicate a single choice of license, a * recipient has the option to distribute your version of this file under * either the CDDL, the GPL Version 2 or to extend the choice of license to * its licensees as provided above. However, if you add GPL Version 2 code * and therefore, elected the GPL Version 2 license, then the option applies * only if the new code is made subject to such option by the copyright * holder. */ package com.sun.enterprise.v3.admin.cluster; import com.sun.enterprise.config.serverbeans.Config; import com.sun.enterprise.config.serverbeans.Configs; import com.sun.enterprise.config.serverbeans.HttpService; import com.sun.enterprise.config.serverbeans.VirtualServer; import com.sun.enterprise.security.SecurityUpgradeService; import com.sun.grizzly.config.dom.NetworkConfig; import com.sun.grizzly.config.dom.NetworkListener; import com.sun.grizzly.config.dom.NetworkListeners; import com.sun.grizzly.config.dom.Protocol; import com.sun.grizzly.config.dom.Ssl; import java.beans.PropertyVetoException; import java.util.logging.Level; import java.util.logging.Logger; import org.glassfish.api.admin.config.ConfigurationUpgrade; import org.glassfish.config.support.GrizzlyConfigSchemaMigrator; import org.jvnet.hk2.annotations.Inject; import org.jvnet.hk2.annotations.Service; import org.jvnet.hk2.component.Habitat; import org.jvnet.hk2.component.PostConstruct; import org.jvnet.hk2.config.ConfigSupport; import org.jvnet.hk2.config.RetryableException; import org.jvnet.hk2.config.SingleConfigCode; import org.jvnet.hk2.config.Transaction; import org.jvnet.hk2.config.TransactionFailure; /** * Upgrades older config to current. * * @author Tim Quinn */ @Service public class SecureAdminConfigUpgrade implements ConfigurationUpgrade, PostConstruct { private final static String DAS_CONFIG_NAME = "server-config"; private final static String ADMIN_LISTENER_NAME = "admin-listener"; /* * Constants used for creating a missing network-listener during upgrade. * Ideally this will be handled in the grizzly upgrade code. */ private final static String ASADMIN_LISTENER_PORT = "${ASADMIN_LISTENER_PORT}"; private final static String ASADMIN_LISTENER_TRANSPORT = "tcp"; private final static String ASADMIN_LISTENER_THREADPOOL = "http-thread-pool"; private final static String ASADMIN_VS_NAME = "__asadmin"; private static final Logger logger = Logger.getAnonymousLogger(); // Thanks to Jerome for suggesting this injection to make sure the // Grizzly migration runs before this migration @Inject private GrizzlyConfigSchemaMigrator grizzlyMigrator; @Inject private SecurityUpgradeService securityUpgradeService; @Inject private Habitat habitat; @Inject private Configs configs; @Override public void postConstruct() { try { ensureNonDASConfigsHaveAdminNetworkListener(); logger.log(Level.INFO, "Added admin-listener network listeners to non-DAS configurations"); } catch (TransactionFailure tf) { logger.log(Level.SEVERE, "Error adding admin-listener to non-DAS configuration", tf); return; } /* * See if we need to set up secure admin during the upgrade. */ if (requiresSecureAdmin()) { final EnableSecureAdminCommand enableSecureAdminCommand = habitat.getComponent(EnableSecureAdminCommand.class); try { enableSecureAdminCommand.run(); logger.log(Level.INFO, "Upgraded secure admin set-up"); } catch (TransactionFailure tf){ Logger.getAnonymousLogger().log(Level.SEVERE, "Error upgrading secure admin set-up", tf); } } else { logger.log(Level.INFO, "No secure admin set-up was detected in the original configuration so no upgrade of it was needed"); } } private boolean requiresSecureAdmin() { return isOriginalAdminSecured() || securityUpgradeService.requiresSecureAdmin(); } private void ensureNonDASConfigsHaveAdminNetworkListener() throws TransactionFailure { final Transaction t = new Transaction(); for (Config c : configs.getConfig()) { final NetworkConfig nc = c.getNetworkConfig(); final NetworkListener nl = nc.getNetworkListener(SecureAdminCommand.ADMIN_LISTENER_NAME); if (nl != null) { continue; } /* * Create an admin-listener for this configuration. */ ConfigSupport.apply(new SingleConfigCode<Config>() { @Override public Object run(Config config_w) throws PropertyVetoException, TransactionFailure { final NetworkListener nl_w = createAdminNetworkListener(t, nc); final VirtualServer vs_w = createAdminVirtualServer(t, config_w); return config_w; } }, c); } try { t.commit(); } catch (RetryableException ex) { throw new TransactionFailure("Error adding admin-listener for a non-DAS config", ex); } } private NetworkListener createAdminNetworkListener( final Transaction t, final NetworkConfig nc) throws TransactionFailure { final NetworkListeners nls_w = t.enroll(nc.getNetworkListeners()); final NetworkListener nl_w = nls_w.createChild(NetworkListener.class); nls_w.getNetworkListener().add(nl_w); nl_w.setName(ADMIN_LISTENER_NAME); nl_w.setProtocol(ADMIN_LISTENER_NAME); nl_w.setPort(ASADMIN_LISTENER_PORT); nl_w.setTransport(ASADMIN_LISTENER_TRANSPORT); nl_w.setThreadPool(ASADMIN_LISTENER_THREADPOOL); return nl_w; } private VirtualServer createAdminVirtualServer( final Transaction t, final Config config_w) throws TransactionFailure, PropertyVetoException { final HttpService hs_w = t.enroll(config_w.getHttpService()); final VirtualServer vs_w = hs_w.createChild(VirtualServer.class); hs_w.getVirtualServer().add(vs_w); vs_w.setId(ASADMIN_VS_NAME); vs_w.setNetworkListeners(ADMIN_LISTENER_NAME); return vs_w; } private boolean isOriginalAdminSecured() { /* * The Grizzly conversion has already occurred. So look for * * <server-config> * <network-config> * <protocols> * <protocol name="admin-listener"> * <ssl ...> * */ final Config serverConfig; final NetworkConfig nc; final Protocol p; final Ssl ssl ; if ((serverConfig = configs.getConfigByName(DAS_CONFIG_NAME)) == null) { return false; } if ((nc = serverConfig.getNetworkConfig()) == null) { return false; } if ((p = nc.findProtocol(ADMIN_LISTENER_NAME)) == null) { return false; } if ((ssl = p.getSsl()) == null) { return false; } return true; } } Other Glassfish examples (source code examples)Here is a short list of links related to this Glassfish SecureAdminConfigUpgrade.java source code file: |
... this post is sponsored by my books ... | |
#1 New Release! |
FP Best Seller |
Copyright 1998-2021 Alvin Alexander, alvinalexander.com
All Rights Reserved.
A percentage of advertising revenue from
pages under the /java/jwarehouse
URI on this website is
paid back to open source projects.