Rename home repository into ego repository.

[lgpl/argeo-commons.git] / org.argeo.cms / src / org / argeo / cms / internal / kernel / InitUtils.java
diff --git a/org.argeo.cms/src/org/argeo/cms/internal/kernel/InitUtils.java b/org.argeo.cms/src/org/argeo/cms/internal/kernel/InitUtils.java

index 1efedd7595f59280ed646758067d651bd4b1302d..6eaebeb6499c612449bc82543faee65392264cff 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/internal/kernel/InitUtils.java
+++ b/org.argeo.cms/src/org/argeo/cms/internal/kernel/InitUtils.java
@@ -22,7 +22,7 @@ import org.apache.commons.io.FileUtils;
  import org.apache.commons.logging.Log;
  import org.apache.commons.logging.LogFactory;
  import org.argeo.cms.CmsException;
-import org.argeo.cms.internal.http.HttpConstants;
+import org.argeo.cms.internal.http.InternalHttpConstants;
  import org.argeo.cms.internal.jcr.RepoConf;
  import org.argeo.node.NodeConstants;
  import org.argeo.osgi.useradmin.UserAdminConf;
@@ -47,7 +47,7 @@ class InitUtils {
         }
  
         static Dictionary<String, Object> getRepositoryConfig(String dataModelName, Dictionary<String, Object> provided) {
-               if (dataModelName.equals(NodeConstants.NODE) || dataModelName.equals(NodeConstants.HOME))
+               if (dataModelName.equals(NodeConstants.NODE) || dataModelName.equals(NodeConstants.EGO))
                         throw new IllegalArgumentException("Data model '" + dataModelName + "' is reserved.");
                 Dictionary<String, Object> props = provided != null ? provided : new Hashtable<String, Object>();
                 for (RepoConf repoConf : RepoConf.values()) {
@@ -66,35 +66,56 @@ class InitUtils {
                 String httpPort = getFrameworkProp("org.osgi.service.http.port");
                 String httpsPort = getFrameworkProp("org.osgi.service.http.port.secure");
                 /// TODO make it more generic
-               String httpHost = getFrameworkProp(HttpConstants.JETTY_PROPERTY_PREFIX + HttpConstants.HTTP_HOST);
-               String httpsHost = getFrameworkProp(HttpConstants.JETTY_PROPERTY_PREFIX + HttpConstants.HTTPS_HOST);
+               String httpHost = getFrameworkProp(InternalHttpConstants.JETTY_PROPERTY_PREFIX + InternalHttpConstants.HTTP_HOST);
+               String httpsHost = getFrameworkProp(InternalHttpConstants.JETTY_PROPERTY_PREFIX + InternalHttpConstants.HTTPS_HOST);
+               String webSocketEnabled = getFrameworkProp(
+                               InternalHttpConstants.JETTY_PROPERTY_PREFIX + InternalHttpConstants.WEBSOCKET_ENABLED);
  
                 final Hashtable<String, Object> props = new Hashtable<String, Object>();
                 // try {
                 if (httpPort != null || httpsPort != null) {
-                       if (httpPort != null) {
-                               props.put(HttpConstants.HTTP_PORT, httpPort);
-                               props.put(HttpConstants.HTTP_ENABLED, true);
+                       boolean httpEnabled = httpPort != null;
+                       props.put(InternalHttpConstants.HTTP_ENABLED, httpEnabled);
+                       boolean httpsEnabled = httpsPort != null;
+                       props.put(InternalHttpConstants.HTTPS_ENABLED, httpsEnabled);
+
+                       if (httpEnabled) {
+                               props.put(InternalHttpConstants.HTTP_PORT, httpPort);
+                               if (httpHost != null)
+                                       props.put(InternalHttpConstants.HTTP_HOST, httpHost);
                         }
-                       if (httpsPort != null) {
-                               props.put(HttpConstants.HTTPS_PORT, httpsPort);
-                               props.put(HttpConstants.HTTPS_ENABLED, true);
+
+                       if (httpsEnabled) {
+                               props.put(InternalHttpConstants.HTTPS_PORT, httpsPort);
+                               if (httpsHost != null)
+                                       props.put(InternalHttpConstants.HTTPS_HOST, httpsHost);
+
+                               // server certificate
                                 Path keyStorePath = KernelUtils.getOsgiInstancePath(KernelConstants.DEFAULT_KEYSTORE_PATH);
                                 String keyStorePassword = getFrameworkProp(
-                                               HttpConstants.JETTY_PROPERTY_PREFIX + HttpConstants.SSL_PASSWORD);
+                                               InternalHttpConstants.JETTY_PROPERTY_PREFIX + InternalHttpConstants.SSL_PASSWORD);
                                 if (keyStorePassword == null)
                                         keyStorePassword = "changeit";
                                 if (!Files.exists(keyStorePath))
-                                       createSelfSignedKeyStore(keyStorePath, keyStorePassword);
-                               props.put(HttpConstants.SSL_KEYSTORETYPE, "PKCS12");
-                               props.put(HttpConstants.SSL_KEYSTORE, keyStorePath.toString());
-                               props.put(HttpConstants.SSL_PASSWORD, keyStorePassword);
-                               props.put(HttpConstants.SSL_WANTCLIENTAUTH, true);
+                                       createSelfSignedKeyStore(keyStorePath, keyStorePassword, PkiUtils.PKCS12);
+                               props.put(InternalHttpConstants.SSL_KEYSTORETYPE, PkiUtils.PKCS12);
+                               props.put(InternalHttpConstants.SSL_KEYSTORE, keyStorePath.toString());
+                               props.put(InternalHttpConstants.SSL_PASSWORD, keyStorePassword);
+
+                               // client certificate authentication
+                               String wantClientAuth = getFrameworkProp(
+                                               InternalHttpConstants.JETTY_PROPERTY_PREFIX + InternalHttpConstants.SSL_WANTCLIENTAUTH);
+                               if (wantClientAuth != null)
+                                       props.put(InternalHttpConstants.SSL_WANTCLIENTAUTH, Boolean.parseBoolean(wantClientAuth));
+                               String needClientAuth = getFrameworkProp(
+                                               InternalHttpConstants.JETTY_PROPERTY_PREFIX + InternalHttpConstants.SSL_NEEDCLIENTAUTH);
+                               if (needClientAuth != null)
+                                       props.put(InternalHttpConstants.SSL_NEEDCLIENTAUTH, Boolean.parseBoolean(needClientAuth));
                         }
-                       if (httpHost != null)
-                               props.put(HttpConstants.HTTP_HOST, httpHost);
-                       if (httpsHost != null)
-                               props.put(HttpConstants.HTTPS_HOST, httpHost);
+
+                       // web socket
+                       if (webSocketEnabled != null && webSocketEnabled.equals("true"))
+                               props.put(InternalHttpConstants.WEBSOCKET_ENABLED, true);
  
                         props.put(NodeConstants.CN, NodeConstants.DEFAULT);
                 }
@@ -146,12 +167,16 @@ class InitUtils {
                         String demoBaseDn = "dc=example,dc=com";
                         userAdminUris = demoBaseDn + ".ldif";
                         File businessRolesFile = new File(nodeBaseDir, userAdminUris);
+                       File systemRolesFile = new File(nodeBaseDir, "ou=roles,ou=node.ldif");
                         if (!businessRolesFile.exists())
                                 try {
                                         FileUtils.copyInputStreamToFile(InitUtils.class.getResourceAsStream(demoBaseDn + ".ldif"),
                                                         businessRolesFile);
+                                       if (!systemRolesFile.exists())
+                                               FileUtils.copyInputStreamToFile(
+                                                               InitUtils.class.getResourceAsStream("example-ou=roles,ou=node.ldif"), systemRolesFile);
                                 } catch (IOException e) {
-                                       throw new CmsException("Cannot copy demo resource", e);
+                                       throw new CmsException("Cannot copy demo resources", e);
                                 }
                         // userAdminUris = businessRolesFile.toURI().toString();
                         log.warn("## DEV Using dummy base DN " + demoBaseDn);
@@ -225,7 +250,7 @@ class InitUtils {
                         }
         }
  
-       private static void createSelfSignedKeyStore(Path keyStorePath, String keyStorePassword) {
+       private static void createSelfSignedKeyStore(Path keyStorePath, String keyStorePassword, String keyStoreType) {
                 // for (Provider provider : Security.getProviders())
                 // System.out.println(provider.getName());
                 File keyStoreFile = keyStorePath.toFile();
@@ -234,7 +259,7 @@ class InitUtils {
                 if (!keyStoreFile.exists()) {
                         try {
                                 keyStoreFile.getParentFile().mkdirs();
-                               KeyStore keyStore = PkiUtils.getKeyStore(keyStoreFile, ksPwd);
+                               KeyStore keyStore = PkiUtils.getKeyStore(keyStoreFile, ksPwd, keyStoreType);
                                 PkiUtils.generateSelfSignedCertificate(keyStore,
                                                 new X500Principal("CN=" + InetAddress.getLocalHost().getHostName() + ",OU=UNSECURE,O=UNSECURE"),
                                                 1024, keyPwd);