inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-07 17:49:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactoring to support ALF-9510, ALF-8702

Browse Source 
ALF-8702: Solr-Repository SSL Communications (see solr/source/solr/instance/HowToSetUpSolr.txt
ALF-9510: Initial checkin

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@30005 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Steven Glover
2011-08-23 18:34:15 +00:00
parent 6f73e4153c
commit f7f23f6eb7
22 changed files with 1109 additions and 269 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
source/java/org/alfresco/repo/domain/node/NodeDAO.java
View File

@@ -27,6 +27,7 @@ import java.util.Set;
import org.alfresco.repo.node.NodeBulkLoader;
import org.alfresco.service.cmr.dictionary.InvalidTypeException;
import org.alfresco.service.cmr.dictionary.PropertyDefinition;
import org.alfresco.service.cmr.repository.AssociationRef;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.InvalidNodeRefException;
@@ -36,6 +37,7 @@ import org.alfresco.service.cmr.repository.StoreExistsException;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.namespace.QName;
import org.alfresco.util.Pair;
import org.springframework.dao.ConcurrencyFailureException;
/**
* DAO services for <b>alf_node</b> and related tables
@@ -671,4 +673,5 @@ public interface NodeDAO extends NodeBulkLoader
*/
public void setNodeDefiningAclId(Long nodeId, long id);
public List<NodePropertyEntity> getProperties(Collection<PropertyDefinition> propertyDefs);
}

27
source/java/org/alfresco/repo/domain/node/ibatis/NodeDAOImpl.java
View File

@@ -49,6 +49,7 @@ import org.alfresco.repo.domain.node.TransactionEntity;
import org.alfresco.repo.domain.node.TransactionQueryEntity;
import org.alfresco.repo.domain.qname.QNameDAO;
import org.alfresco.service.cmr.dictionary.DictionaryService;
import org.alfresco.service.cmr.dictionary.PropertyDefinition;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.StoreRef;
@@ -90,6 +91,7 @@ public class NodeDAOImpl extends AbstractNodeDAOImpl
private static final String SELECT_NODES_BY_UUIDS = "alfresco.node.select_NodesByUuids";
private static final String SELECT_NODES_BY_IDS = "alfresco.node.select_NodesByIds";
private static final String SELECT_NODE_PROPERTIES = "alfresco.node.select_NodeProperties";
private static final String SELECT_PROPERTIES_BY_TYPE = "alfresco.node.select_PropertiesByType";
private static final String SELECT_NODE_ASPECTS = "alfresco.node.select_NodeAspects";
private static final String INSERT_NODE_PROPERTY = "alfresco.node.insert.insert_NodeProperty";
private static final String UPDATE_PRIMARY_CHILDREN_SHARED_ACL = "alfresco.node.update.update_PrimaryChildrenSharedAcl";
@@ -1482,6 +1484,31 @@ public class NodeDAOImpl extends AbstractNodeDAOImpl
}
}
// TODO - use a callback approach
public List<NodePropertyEntity> getProperties(Collection<PropertyDefinition> propertyDefs)
{
Set<QName> qnames = new HashSet<QName>();
for(PropertyDefinition propDef : propertyDefs)
{
qnames.add(propDef.getName());
}
final List<NodePropertyEntity> props = new ArrayList<NodePropertyEntity>();
// qnames of properties that are encrypted
Set<Long> qnameIds = qnameDAO.convertQNamesToIds(qnames, false);
template.select(SELECT_PROPERTIES_BY_TYPE, qnameIds, new ResultHandler()
{
@Override
public void handleResult(ResultContext context)
{
props.add((NodePropertyEntity)context.getResultObject());
}
});
return props;
}
/*
* DAO OVERRIDES
*/

23
source/java/org/alfresco/repo/node/encryption/MetadataEncryptor.java
View File

@@ -1,6 +1,7 @@
package org.alfresco.repo.node.encryption;
import java.io.Serializable;
import java.security.InvalidKeyException;
import java.security.KeyException;
import java.util.HashMap;
import java.util.HashSet;
@@ -10,6 +11,7 @@ import java.util.Set;
import javax.crypto.SealedObject;
import org.alfresco.encryption.Encryptor;
import org.alfresco.encryption.FallbackEncryptor;
import org.alfresco.encryption.KeyProvider;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.repo.security.authentication.AuthenticationException;
@@ -221,4 +223,23 @@ public class MetadataEncryptor
// Done
return outbound;
}
}
public Serializable reencrypt(QName propertyQName, Serializable sealed) throws InvalidKeyException
{
// metadataEncryptor uses a fallback encryptor; decryption will try the
// default (new) keys first (which will fail for properties created before the
// change in keys), followed by the backup keys.
Serializable decrypted = decrypt(propertyQName, sealed);
// Re-encrypt. The new keys will be used.
Serializable resealed = encrypt(propertyQName, decrypted);
return resealed;
}
public boolean isFallbackAvailable()
{
return false;
// return encryptor.isFallbackAvailable();
}
}

77
source/java/org/alfresco/repo/search/impl/solr/SolrQueryHTTPClient.java
View File

@@ -29,7 +29,7 @@ import java.util.Map;
import javax.servlet.http.HttpServletResponse;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel;
import org.alfresco.httpclient.HttpClientFactory;
import org.alfresco.repo.domain.node.NodeDAO;
import org.alfresco.repo.search.impl.lucene.LuceneQueryParserException;
import org.alfresco.repo.search.impl.lucene.SolrJSONResultSet;
@@ -44,12 +44,8 @@ import org.alfresco.service.cmr.security.PermissionService;
import org.apache.commons.codec.net.URLCodec;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.commons.httpclient.methods.ByteArrayRequestEntity;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.params.HttpClientParams;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.json.JSONArray;
@@ -73,21 +69,35 @@ public class SolrQueryHTTPClient
private Map<String, String> storeMappings;
private String solrHost;
private int solrPort;
private String baseUrl;
private HttpClient httpClient;
private HttpClientFactory httpClientFactory;
public SolrQueryHTTPClient()
{
MultiThreadedHttpConnectionManager connectionManager = new MultiThreadedHttpConnectionManager();
httpClient = new HttpClient(connectionManager);
HttpClientParams params = httpClient.getParams();
params.setBooleanParameter("http.tcp.nodelay", true);
params.setBooleanParameter("http.connection.stalecheck", false);
params.setBooleanParameter(HttpClientParams.PREEMPTIVE_AUTHENTICATION, true);
httpClient.getState().setCredentials(new AuthScope(AuthScope.ANY_HOST, AuthScope.ANY_PORT), new UsernamePasswordCredentials("admin", "admin"));
}
public void init()
{
StringBuilder sb = new StringBuilder();
// sb.append("http://");
// sb.append(solrHost);
// sb.append(":");
// sb.append(solrPort);
sb.append("/solr");
this.baseUrl = sb.toString();
httpClient = httpClientFactory.getHttpClient(solrHost, solrPort);
}
public void setHttpClientFactory(HttpClientFactory httpClientFactory)
{
this.httpClientFactory = httpClientFactory;
}
public void setNodeDAO(NodeDAO nodeDAO)
{
this.nodeDAO = nodeDAO;
@@ -108,12 +118,47 @@ public class SolrQueryHTTPClient
this.storeMappings = storeMappings;
}
public void setBaseUrl(String baseUrl)
public void setSolrHost(String solrHost)
{
this.baseUrl = baseUrl;
this.solrHost = solrHost;
}
public void setSolrPort(int solrPort)
{
this.solrPort = solrPort;
}
// public void setBaseUrl(String baseUrl)
// {
// this.baseUrl = baseUrl;
// }
public ResultSet executeQuery(SearchParameters searchParameters, String language)
// public void setKeyStoreLocation(String keyStoreLocation)
// {
// this.keyStoreLocation = keyStoreLocation;
// }
//
// public void setTrustStoreLocation(String trustStoreLocation)
// {
// this.trustStoreLocation = trustStoreLocation;
// }
//
// public void setKeyStoreType(String keyStoreType)
// {
// this.keyStoreType = keyStoreType;
// }
//
// public void setTrustStoreType(String trustStoreType)
// {
// this.trustStoreType = trustStoreType;
// }
//
// public void setPasswordFileLocation(String passwordFileLocation)
// {
// this.passwordFileLocation = passwordFileLocation;
// }
public ResultSet executeQuery(SearchParameters searchParameters, String language)
{
try
{

45
source/java/org/alfresco/repo/solr/SOLRAdminClient.java
View File

@@ -29,8 +29,10 @@ import java.util.concurrent.locks.ReentrantReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock.WriteLock;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.httpclient.HttpClientFactory;
import org.alfresco.util.ParameterCheck;
import org.apache.commons.httpclient.Credentials;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.solr.client.solrj.SolrServerException;
@@ -68,6 +70,8 @@ public class SOLRAdminClient implements ApplicationEventPublisherAware
private ApplicationEventPublisher applicationEventPublisher;
private SolrTracker solrTracker;
private HttpClientFactory httpClientFactory;
public SOLRAdminClient()
{
@@ -83,11 +87,6 @@ public class SOLRAdminClient implements ApplicationEventPublisherAware
this.solrPort = Integer.parseInt(solrPort);
}
public void setSolrUrl(String url)
{
this.solrUrl = url;
}
public void setSolrUser(String solrUser)
{
this.solrUser = solrUser;
@@ -114,7 +113,29 @@ public class SOLRAdminClient implements ApplicationEventPublisherAware
this.solrPingCronExpression = solrPingCronExpression;
}
public void init()
public void setHttpClientFactory(HttpClientFactory httpClientFactory)
{
this.httpClientFactory = httpClientFactory;
}
// protected HttpClient getHttpClient()
// {
// return httpClientFactory.getHttpClient(solrHost, solrPort);
//// HttpClient httpClient = new HttpClient();
////
//// HttpClientParams params = httpClient.getParams();
//// params.setBooleanParameter("http.tcp.nodelay", true);
//// params.setBooleanParameter("http.connection.stalecheck", false);
////
//// ProtocolSocketFactory socketFactory = new AuthSSLProtocolSocketFactory(
//// keyResourceLoader, encryptionParameters);
//// Protocol myhttps = new Protocol("https", socketFactory, 8843);
//// httpClient.getHostConfiguration().setHost(solrHost, 8080, myhttps);
////
//// return httpClient;
// }
public void init()
{
ParameterCheck.mandatory("solrHost", solrHost);
ParameterCheck.mandatory("solrPort", solrPort);
@@ -126,7 +147,17 @@ public class SOLRAdminClient implements ApplicationEventPublisherAware
try
{
server = new CommonsHttpSolrServer(solrUrl);
StringBuilder sb = new StringBuilder();
sb.append(httpClientFactory.isSSL() ? "https://" : "http://");
sb.append(solrHost);
sb.append(":");
sb.append(solrPort);
sb.append("/solr");
this.solrUrl = sb.toString();
HttpClient httpClient = httpClientFactory.getHttpClient(solrHost, solrPort);
server = new CommonsHttpSolrServer(solrUrl, httpClient);
// TODO remove credentials because we're using SSL?
Credentials defaultcreds = new UsernamePasswordCredentials(solrUser, solrPassword);
server.getHttpClient().getState().setCredentials(new AuthScope(solrHost, solrPort, AuthScope.ANY_REALM),
defaultcreds);