From 7803732fe0f46a8f3e162e582a13bd506b2f3962 Mon Sep 17 00:00:00 2001
From: Nicolas Capponi <nicolas.capponi@forgerock.com>
Date: Mon, 23 Sep 2013 10:29:02 +0000
Subject: [PATCH] Fix OPENDJ-737 - OpenDJ Administration Connector KeyStore Pin File must be defined and non empty Review CR-2344

---
 opends/src/server/org/opends/server/admin/AdministrationConnector.java |   37 ++++++++++++++++++++++++++++++++-----
 1 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/opends/src/server/org/opends/server/admin/AdministrationConnector.java b/opends/src/server/org/opends/server/admin/AdministrationConnector.java
index 2221182..9607bfa 100644
--- a/opends/src/server/org/opends/server/admin/AdministrationConnector.java
+++ b/opends/src/server/org/opends/server/admin/AdministrationConnector.java
@@ -23,7 +23,7 @@
  *
  *
  *      Copyright 2006-2010 Sun Microsystems, Inc.
- *      Portions copyright 2011-2012 ForgeRock AS
+ *      Portions copyright 2011-2013 ForgeRock AS
  */
 package org.opends.server.admin;
 
@@ -618,10 +618,9 @@
       TrustManagerProviderCfg trustMgrConfig = root
           .getTrustManagerProvider(config.getTrustManagerProvider());
 
-      if (!(keyMgrConfig instanceof FileBasedKeyManagerProviderCfg)
-          || !(trustMgrConfig instanceof FileBasedTrustManagerProviderCfg))
+      if (hasDefaultConfigChanged(keyMgrConfig, trustMgrConfig))
       {
-        // The default config has been changed, nothing to do
+        // nothing to do
         return;
       }
 
@@ -762,7 +761,35 @@
     }
   }
 
-
+  /**
+   * Check if default configuration for administrator's key manager and trust
+   * manager provider has changed.
+   *
+   * @param keyConfig
+   *          key manager provider configuration
+   * @param trustConfig
+   *          trust manager provider configuration
+   * @return true if default configuration has changed, false otherwise
+   */
+  private static boolean hasDefaultConfigChanged(
+      KeyManagerProviderCfg keyConfig, TrustManagerProviderCfg trustConfig)
+  {
+    if (keyConfig.isEnabled()
+        && (keyConfig instanceof FileBasedKeyManagerProviderCfg)
+        && trustConfig.isEnabled()
+        && (trustConfig instanceof FileBasedTrustManagerProviderCfg))
+    {
+      FileBasedKeyManagerProviderCfg fileKeyConfig =
+          (FileBasedKeyManagerProviderCfg) keyConfig;
+      boolean pinIsProvidedByFileOnly =
+          (fileKeyConfig.getKeyStorePinFile() != null)
+              && (fileKeyConfig.getKeyStorePin() == null)
+              && (fileKeyConfig.getKeyStorePinEnvironmentVariable() == null)
+              && (fileKeyConfig.getKeyStorePinProperty() == null);
+      return !pinIsProvidedByFileOnly;
+    }
+    return true;
+  }
 
   private static String getFullPath(String path)
   {

--
Gitblit v1.10.0