+ LoginContext kernelLc = new LoginContext(KernelConstants.LOGIN_CONTEXT_KERNEL, kernelSubject);
+ kernelLc.logout();
+ } catch (LoginException e) {
+ throw new CmsException("Cannot log out kernel", e);
+ }
+
+ // Security.removeProvider(SECURITY_PROVIDER);
+ }
+
+ public Subject getKernelSubject() {
+ return kernelSubject;
+ }
+
+ public synchronized int getSecurityLevel() {
+ return securityLevel;
+ }
+
+ public boolean isFirstInit() {
+ return firstInit;
+ }
+
+ public void setSecurityLevel(int newValue) {
+ if (newValue != STAGING || newValue != DEV)
+ throw new CmsException("Invalid value for security level " + newValue);
+ if (newValue >= securityLevel)
+ throw new CmsException(
+ "Impossible to increase security level (from " + securityLevel + " to " + newValue + ")");
+ securityLevel = newValue;
+ }
+
+ private void createKeyStoreIfNeeded() {
+ // for (Provider provider : Security.getProviders())
+ // System.out.println(provider.getName());
+
+ char[] ksPwd = "changeit".toCharArray();
+ char[] keyPwd = Arrays.copyOf(ksPwd, ksPwd.length);
+ if (!keyStoreFile.exists()) {
+ try {
+ keyStoreFile.getParentFile().mkdirs();
+ KeyStore keyStore = PkiUtils.getKeyStore(keyStoreFile, ksPwd);
+ PkiUtils.generateSelfSignedCertificate(keyStore, new X500Principal(AuthConstants.ROLE_KERNEL), 1024,
+ keyPwd);
+ PkiUtils.saveKeyStore(keyStoreFile, ksPwd, keyStore);
+ if (log.isDebugEnabled())
+ log.debug("Created keystore " + keyStoreFile);
+ } catch (Exception e) {
+ if (keyStoreFile.length() == 0)
+ keyStoreFile.delete();
+ log.error("Cannot create keystore " + keyStoreFile, e);
+ }