+ LoginContext kernelLc = new LoginContext(
+ KernelConstants.LOGIN_CONTEXT_KERNEL, kernelSubject);
+ kernelLc.logout();
+ } catch (LoginException e) {
+ throw new CmsException("Cannot log out kernel", e);
+ }
+
+ // Security.removeProvider(SECURITY_PROVIDER);
+ }
+
+ public Subject getKernelSubject() {
+ return kernelSubject;
+ }
+
+ public synchronized int getSecurityLevel() {
+ return securityLevel;
+ }
+
+ public boolean isFirstInit() {
+ return firstInit;
+ }
+
+ public void setSecurityLevel(int newValue) {
+ if (newValue != STAGING || newValue != DEV)
+ throw new CmsException("Invalid value for security level "
+ + newValue);
+ if (newValue >= securityLevel)
+ throw new CmsException(
+ "Impossible to increase security level (from "
+ + securityLevel + " to " + newValue + ")");
+ securityLevel = newValue;
+ }
+
+ private void createKeyStoreIfNeeded() {
+ char[] ksPwd = "changeit".toCharArray();
+ char[] keyPwd = Arrays.copyOf(ksPwd, ksPwd.length);
+ if (!keyStoreFile.exists()) {
+ try {
+ keyStoreFile.getParentFile().mkdirs();
+ KeyStore keyStore = PkiUtils.getKeyStore(keyStoreFile, ksPwd);
+ PkiUtils.generateSelfSignedCertificate(keyStore,
+ new X500Principal(AuthConstants.ROLE_KERNEL), keyPwd);
+ PkiUtils.saveKeyStore(keyStoreFile, ksPwd, keyStore);
+ } catch (Exception e) {
+ throw new CmsException("Cannot create key store "
+ + keyStoreFile, e);
+ }