import javax.swing.JLabel;\r
import javax.swing.JOptionPane;\r
import javax.swing.JPanel;\r
+import javax.swing.JPasswordField;\r
import javax.swing.JScrollPane;\r
import javax.swing.JSplitPane;\r
import javax.swing.JTable;\r
\r
private IUserService userService;\r
\r
- private String caKeystorePassword = null;\r
+ private String caKeystorePassword;\r
\r
private JTable table;\r
\r
}\r
gitblitSettings = new FileSettings(file.getAbsolutePath());\r
mail = new MailExecutor(gitblitSettings);\r
- caKeystorePassword = gitblitSettings.getString(Keys.server.storePassword, null);\r
String us = gitblitSettings.getString(Keys.realm.userService, "users.conf");\r
String ext = us.substring(us.lastIndexOf(".") + 1).toLowerCase();\r
IUserService service = null;\r
}\r
}\r
\r
- private void prepareX509Infrastructure() {\r
+ private boolean prepareX509Infrastructure() {\r
+ if (caKeystorePassword == null) {\r
+ caKeystorePassword = gitblitSettings.getString(Keys.server.storePassword, null);\r
+ JPasswordField pass = new JPasswordField(10){\r
+ private static final long serialVersionUID = 1L;\r
+\r
+ public void addNotify() \r
+ { \r
+ super.addNotify();\r
+ requestFocusInWindow(); \r
+ } \r
+ }; \r
+ pass.setText(caKeystorePassword);\r
+ JPanel panel = new JPanel(new BorderLayout());\r
+ panel.add(new JLabel(Translation.get("gb.enterKeystorePassword")), BorderLayout.NORTH);\r
+ panel.add(pass, BorderLayout.CENTER);\r
+ int result = JOptionPane.showConfirmDialog(GitblitAuthority.this, panel, Translation.get("gb.password"), JOptionPane.OK_CANCEL_OPTION);\r
+ if (result == JOptionPane.OK_OPTION) {\r
+ caKeystorePassword = new String(pass.getPassword());\r
+ } else {\r
+ caKeystorePassword = null;\r
+ return false;\r
+ }\r
+ }\r
+\r
X509Metadata metadata = new X509Metadata("localhost", caKeystorePassword);\r
X509Utils.prepareX509Infrastructure(metadata, folder, this);\r
+ return true;\r
}\r
\r
private List<X509Certificate> findCerts(File folder, String username) {\r
}\r
\r
@Override\r
- public void saveUser(String username, UserCertificateModel ucm) {\r
- userService.updateUserModel(username, ucm.user);\r
+ public boolean saveUser(String username, UserCertificateModel ucm) {\r
+ return userService.updateUserModel(username, ucm.user);\r
}\r
\r
@Override\r
- public void newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail) {\r
- prepareX509Infrastructure();\r
+ public boolean newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail) {\r
+ if (!prepareX509Infrastructure()) {\r
+ return false;\r
+ }\r
+\r
Date notAfter = metadata.notAfter;\r
metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);\r
if (StringUtils.isEmpty(metadata.serverHostname)) {\r
File zip = X509Utils.newClientBundle(metadata, caKeystoreFile, caKeystorePassword, GitblitAuthority.this);\r
\r
// save latest expiration date\r
- if (ucm.expires == null || metadata.notAfter.after(ucm.expires)) {\r
+ if (ucm.expires == null || metadata.notAfter.before(ucm.expires)) {\r
ucm.expires = metadata.notAfter;\r
}\r
ucm.update(config);\r
if (sendEmail) {\r
sendEmail(user, metadata, zip);\r
}\r
+ return true;\r
}\r
\r
@Override\r
- public void revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason) {\r
+ public boolean revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason) {\r
+ if (!prepareX509Infrastructure()) {\r
+ return false;\r
+ }\r
+\r
File caRevocationList = new File(folder, X509Utils.CA_REVOCATION_LIST);\r
File caKeystoreFile = new File(folder, X509Utils.CA_KEY_STORE);\r
if (X509Utils.revoke(cert, reason, caRevocationList, caKeystoreFile, caKeystorePassword, GitblitAuthority.this)) {\r
tableModel.fireTableDataChanged();\r
table.getSelectionModel().setSelectionInterval(modelIndex, modelIndex);\r
\r
+ return true;\r
}\r
+ \r
+ return false;\r
}\r
};\r
\r
certificateConfig.duration = Integer.parseInt(durationTF.getText());\r
certificateConfig.store(config, metadata);\r
config.save();\r
- \r
- prepareX509Infrastructure();\r
} catch (Exception e1) {\r
Utils.showException(GitblitAuthority.this, e1);\r
}\r
\r
@Override\r
protected Boolean doRequest() throws IOException {\r
- prepareX509Infrastructure();\r
+ if (!prepareX509Infrastructure()) {\r
+ return false;\r
+ }\r
\r
// read CA private key and certificate\r
File caKeystoreFile = new File(folder, X509Utils.CA_KEY_STORE);\r
AuthorityWorker worker = new AuthorityWorker(UserCertificatePanel.this.owner) {\r
@Override\r
protected Boolean doRequest() throws IOException {\r
- newCertificate(ucm, metadata, sendEmail);\r
- return true;\r
+ return newCertificate(ucm, metadata, sendEmail);\r
}\r
\r
@Override\r
\r
@Override\r
protected Boolean doRequest() throws IOException {\r
- revoke(ucm, cert, reason);\r
- return true;\r
+ return revoke(ucm, cert, reason);\r
}\r
\r
@Override\r
public abstract Date getDefaultExpiration();\r
public abstract boolean isAllowEmail();\r
\r
- public abstract void saveUser(String username, UserCertificateModel ucm);\r
- public abstract void newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail);\r
- public abstract void revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason);\r
+ public abstract boolean saveUser(String username, UserCertificateModel ucm);\r
+ public abstract boolean newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail);\r
+ public abstract boolean revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason);\r
}\r
projects / gitblit.git / commitdiff