From c61b9a2369b35b73c807bece01593ab8b5049469 Mon Sep 17 00:00:00 2001
From: Jean-Noel Rouvignac <jean-noel.rouvignac@forgerock.com>
Date: Mon, 18 May 2015 11:13:48 +0000
Subject: [PATCH] Get rid of calls to Throwable.initCause() + code cleanup
---
opendj-sdk/opendj-server-legacy/src/main/java/org/opends/server/protocols/jmx/RmiAuthenticator.java | 54 ++++-------------
opendj-sdk/opendj-server-legacy/src/main/java/org/opends/admin/ads/util/ApplicationTrustManager.java | 40 +++++--------
opendj-sdk/opendj-server-legacy/src/main/java/org/opends/quicksetup/util/ZipExtractor.java | 59 +++++++------------
opendj-sdk/opendj-server-legacy/src/main/java/org/opends/admin/ads/util/OpendsCertificateException.java | 17 ++++-
4 files changed, 66 insertions(+), 104 deletions(-)
diff --git a/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/admin/ads/util/ApplicationTrustManager.java b/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/admin/ads/util/ApplicationTrustManager.java
index 395f241..38e885e 100644
--- a/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/admin/ads/util/ApplicationTrustManager.java
+++ b/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/admin/ads/util/ApplicationTrustManager.java
@@ -36,15 +36,14 @@
import java.security.cert.X509Certificate;
import java.util.ArrayList;
-import org.forgerock.i18n.LocalizableMessage;
-import org.forgerock.i18n.slf4j.LocalizedLogger;
-
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
+import org.forgerock.i18n.LocalizableMessage;
+import org.forgerock.i18n.slf4j.LocalizedLogger;
import org.opends.server.util.Platform;
/**
@@ -105,15 +104,11 @@
*/
public ApplicationTrustManager(KeyStore keystore)
{
- TrustManagerFactory tmf = null;
this.keystore = keystore;
- String userSpecifiedAlgo =
- System.getProperty("org.opends.admin.trustmanageralgo");
- String userSpecifiedProvider =
- System.getProperty("org.opends.admin.trustmanagerprovider");
+ String userSpecifiedAlgo = System.getProperty("org.opends.admin.trustmanageralgo");
+ String userSpecifiedProvider = System.getProperty("org.opends.admin.trustmanagerprovider");
- //Handle IBM specific cases if the user did not specify a algorithm and/or
- //provider.
+ //Handle IBM specific cases if the user did not specify a algorithm and/or provider.
if(userSpecifiedAlgo == null && Platform.isVendor("IBM"))
{
userSpecifiedAlgo = "IbmX509";
@@ -123,10 +118,10 @@
userSpecifiedProvider = "IBMJSSE2";
}
- // Have some fallbacks to choose the provider and algorith of the key
- // manager. First see if the user wanted to use something specific,
- // then try with the SunJSSE provider and SunX509 algorithm. Finally,
- // fallback to the default algorithm of the JVM.
+ // Have some fallbacks to choose the provider and algorithm of the key manager.
+ // First see if the user wanted to use something specific,
+ // then try with the SunJSSE provider and SunX509 algorithm.
+ // Finally,fallback to the default algorithm of the JVM.
String[] preferredProvider =
{ userSpecifiedProvider, "SunJSSE", null, null };
String[] preferredAlgo =
@@ -143,6 +138,7 @@
}
try
{
+ TrustManagerFactory tmf = null;
if (provider != null)
{
tmf = TrustManagerFactory.getInstance(algo, provider);
@@ -152,12 +148,11 @@
tmf = TrustManagerFactory.getInstance(algo);
}
tmf.init(keystore);
- TrustManager[] trustManagers = tmf.getTrustManagers();
- for (int j=0; j < trustManagers.length; j++)
+ for (TrustManager tm : tmf.getTrustManagers())
{
- if (trustManagers[j] instanceof X509TrustManager)
+ if (tm instanceof X509TrustManager)
{
- trustManager = (X509TrustManager)trustManagers[j];
+ trustManager = (X509TrustManager) tm;
break;
}
}
@@ -270,9 +265,7 @@
lastRefusedChain = chain;
lastRefusedAuthType = authType;
lastRefusedCause = cause;
- final OpendsCertificateException e = new OpendsCertificateException(chain);
- e.initCause(ce);
- throw e;
+ throw new OpendsCertificateException(chain, ce);
}
/** {@inheritDoc} */
@@ -289,8 +282,7 @@
* This method is called when the user accepted a certificate.
* @param chain the certificate chain accepted by the user.
* @param authType the authentication type.
- * @param host the host we tried to connect and that presented the
- * certificate.
+ * @param host the host we tried to connect and that presented the certificate.
*/
public void acceptCertificate(X509Certificate[] chain, String authType,
String host)
@@ -302,7 +294,7 @@
/**
* Sets the host name we are trying to contact in a secure mode. This
- * method is used if we want to verify the correspondance between the
+ * method is used if we want to verify the correspondence between the
* hostname and the subject DN of the certificate that is being presented.
* If this method is never called (or called passing null) no verification
* will be made on the host name.
diff --git a/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/admin/ads/util/OpendsCertificateException.java b/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/admin/ads/util/OpendsCertificateException.java
index 28a45c5..b0e20dc 100644
--- a/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/admin/ads/util/OpendsCertificateException.java
+++ b/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/admin/ads/util/OpendsCertificateException.java
@@ -27,7 +27,7 @@
package org.opends.admin.ads.util;
import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate ;
+import java.security.cert.X509Certificate;
/**
* When a remote client (dsconfig for instance) wants to establish a
@@ -38,11 +38,9 @@
*/
public class OpendsCertificateException extends CertificateException
{
-
/** The serial version UUID. */
private static final long serialVersionUID = 1151044344529478436L;
-
/** Private certificate chain. */
private X509Certificate[] chain;
@@ -77,6 +75,19 @@
}
/**
+ * Build a new OpendsCertificationException object.
+ *
+ * @param chain the certificate chain which is unknown and has caused
+ * the SSL handcheck failure.
+ * @param cause the cause
+ */
+ public OpendsCertificateException(X509Certificate[] chain, CertificateException cause)
+ {
+ super(cause);
+ this.chain = chain;
+ }
+
+ /**
* Return the certificate chain which is unknown and has caused
* the SSL handcheck failure.
*
diff --git a/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/quicksetup/util/ZipExtractor.java b/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/quicksetup/util/ZipExtractor.java
index f39fcc2..b4a6f3d 100644
--- a/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/quicksetup/util/ZipExtractor.java
+++ b/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/quicksetup/util/ZipExtractor.java
@@ -24,12 +24,12 @@
* Copyright 2007-2008 Sun Microsystems, Inc.
* Portions Copyright 2011-2015 ForgeRock AS
*/
-
package org.opends.quicksetup.util;
+import static com.forgerock.opendj.cli.Utils.*;
+import static com.forgerock.opendj.util.OperatingSystem.*;
+
import static org.opends.messages.QuickSetupMessages.*;
-import static com.forgerock.opendj.util.OperatingSystem.isUnix;
-import static com.forgerock.opendj.cli.Utils.getThrowableMsg;
import java.io.File;
import java.io.FileInputStream;
@@ -169,7 +169,6 @@
public void extract(String destDir, boolean removeFirstPath)
throws ApplicationException
{
-
ZipInputStream zipIn = new ZipInputStream(is);
int nEntries = 1;
@@ -179,18 +178,19 @@
* these files. This is done this way to group the number of calls to
* Runtime.exec (which is required to update the file system permissions).
*/
- Map<String, ArrayList<String>> permissions =
- new HashMap<String, ArrayList<String>>();
- ArrayList<String> list = new ArrayList<String>();
+ Map<String, ArrayList<String>> permissions = new HashMap<>();
+ ArrayList<String> list = new ArrayList<>();
list.add(destDir);
permissions.put(getProtectedDirectoryPermissionUnix(), list);
try {
- if(application != null)
- application.checkAbort();
+ if(application != null) {
+ application.checkAbort();
+ }
ZipEntry entry = zipIn.getNextEntry();
while (entry != null) {
- if(application != null)
- application.checkAbort();
+ if(application != null) {
+ application.checkAbort();
+ }
int ratioBeforeCompleted = minRatio
+ ((nEntries - 1) * (maxRatio - minRatio) / numberZipEntries);
int ratioWhenCompleted =
@@ -212,15 +212,11 @@
File destination = new File(destDir, name);
copyZipEntry(entry, destination, zipIn,
ratioBeforeCompleted, ratioWhenCompleted, permissions);
-
} catch (IOException ioe) {
- LocalizableMessage errorMsg =
- getThrowableMsg(
- INFO_ERROR_COPYING.get(entry.getName()), ioe);
-
throw new ApplicationException(
ReturnCode.FILE_SYSTEM_ACCESS_ERROR,
- errorMsg, ioe);
+ getThrowableMsg(INFO_ERROR_COPYING.get(entry.getName()), ioe),
+ ioe);
}
}
@@ -240,23 +236,16 @@
+ paths + ". The chmod error code was: " + result);
}
} catch (InterruptedException ie) {
- IOException ioe =
- new IOException("Could not set permissions on files " +
- paths + ". The chmod call returned an " +
- "InterruptedException.");
- ioe.initCause(ie);
- throw ioe;
+ throw new IOException("Could not set permissions on files " + paths
+ + ". The chmod call returned an InterruptedException.", ie);
}
}
}
-
} catch (IOException ioe) {
- LocalizableMessage errorMsg =
- getThrowableMsg(
- INFO_ERROR_ZIP_STREAM.get(zipFileName), ioe);
throw new ApplicationException(
ReturnCode.FILE_SYSTEM_ACCESS_ERROR,
- errorMsg, ioe);
+ getThrowableMsg(INFO_ERROR_ZIP_STREAM.get(zipFileName), ioe),
+ ioe);
}
}
@@ -265,12 +254,9 @@
* @param entry the ZipEntry object.
* @param destination File where the entry will be copied.
* @param is the ZipInputStream that contains the contents to be copied.
- * @param ratioBeforeCompleted the progress ratio before the zip file is
- * copied.
- * @param ratioWhenCompleted the progress ratio after the zip file is
- * copied.
- * @param permissions an ArrayList with permissions whose contents will be
- * updated.
+ * @param ratioBeforeCompleted the progress ratio before the zip file is copied.
+ * @param ratioWhenCompleted the progress ratio after the zip file is copied.
+ * @param permissions an ArrayList with permissions whose contents will be updated.
* @throws IOException if an error occurs.
*/
private void copyZipEntry(ZipEntry entry, File destination,
@@ -300,7 +286,7 @@
ArrayList<String> list = permissions.get(perm);
if (list == null)
{
- list = new ArrayList<String>();
+ list = new ArrayList<>();
}
list.add(Utils.getPath(destination));
permissions.put(perm, list);
@@ -315,7 +301,7 @@
ArrayList<String> list = permissions.get(perm);
if (list == null)
{
- list = new ArrayList<String>();
+ list = new ArrayList<>();
}
list.add(Utils.getPath(destination));
permissions.put(perm, list);
@@ -350,5 +336,4 @@
// TODO We should get this dynamically during build?
return "755";
}
-
}
diff --git a/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/server/protocols/jmx/RmiAuthenticator.java b/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/server/protocols/jmx/RmiAuthenticator.java
index 97c5ece..d915f42 100644
--- a/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/server/protocols/jmx/RmiAuthenticator.java
+++ b/opendj-sdk/opendj-server-legacy/src/main/java/org/opends/server/protocols/jmx/RmiAuthenticator.java
@@ -67,10 +67,7 @@
*/
private boolean finalizedPhase;
- /**
- * The JMX Client connection to be used to perform the bind (auth)
- * call.
- */
+ /** The JMX Client connection to be used to perform the bind (auth) call. */
private JmxConnectionHandler jmxConnectionHandler;
/**
@@ -131,16 +128,11 @@
throw new SecurityException();
}
- if (logger.isTraceEnabled())
- {
- logger.trace("UserName = %s", authcID);
- }
-
- // Declare the client connection
- JmxClientConnection jmxClientConnection;
+ logger.trace("UserName = %s", authcID);
// Try to see if we have an Ldap Authentication
// Which should be the case in the current implementation
+ JmxClientConnection jmxClientConnection;
try
{
jmxClientConnection = bind(authcID, password);
@@ -152,13 +144,10 @@
throw se;
}
- // If we've gotten here, then the authentication was
- // successful. We'll take the connection so
- // invoke the post-connect plugins.
- PluginConfigManager pluginManager = DirectoryServer
- .getPluginConfigManager();
- PluginResult.PostConnect pluginResult = pluginManager
- .invokePostConnectPlugins(jmxClientConnection);
+ // If we've gotten here, then the authentication was successful.
+ // We'll take the connection so invoke the post-connect plugins.
+ PluginConfigManager pluginManager = DirectoryServer.getPluginConfigManager();
+ PluginResult.PostConnect pluginResult = pluginManager.invokePostConnectPlugins(jmxClientConnection);
if (!pluginResult.continueProcessing())
{
jmxClientConnection.disconnect(pluginResult.getDisconnectReason(),
@@ -182,8 +171,7 @@
s.getPrincipals().add(new OpendsJmxPrincipal(authcID));
// add the connection client object
- // this connection client is used at forwarder level to identify the
- // calling client
+ // this connection client is used at forwarder level to identify the calling client
s.getPrivateCredentials().add(new Credential(jmxClientConnection));
return s;
@@ -199,8 +187,6 @@
*/
private JmxClientConnection bind(String authcID, String password)
{
- ArrayList<Control> requestControls = new ArrayList<Control>();
-
try
{
DN.valueOf(authcID);
@@ -210,19 +196,11 @@
LDAPException ldapEx = new LDAPException(
LDAPResultCode.INVALID_CREDENTIALS,
CoreMessages.INFO_RESULT_INVALID_CREDENTIALS.get());
- SecurityException se = new SecurityException();
- se.initCause(ldapEx);
- throw se;
+ throw new SecurityException(ldapEx);
}
- ByteString bindPW;
- if (password == null)
- {
- bindPW = null;
- }
- else
- {
- bindPW = ByteString.valueOf(password);
- }
+
+ ArrayList<Control> requestControls = new ArrayList<>();
+ ByteString bindPW = password != null ? ByteString.valueOf(password) : null;
AuthenticationInfo authInfo = new AuthenticationInfo();
JmxClientConnection jmxClientConnection = new JmxClientConnection(
@@ -237,10 +215,7 @@
bindOp.run();
if (bindOp.getResultCode() == ResultCode.SUCCESS)
{
- if (logger.isTraceEnabled())
- {
- logger.trace("User is authenticated");
- }
+ logger.trace("User is authenticated");
authInfo = bindOp.getAuthenticationInfo();
jmxClientConnection.setAuthenticationInfo(authInfo);
@@ -263,8 +238,7 @@
LDAPException ldapEx = new LDAPException(
LDAPResultCode.INVALID_CREDENTIALS,
CoreMessages.INFO_RESULT_INVALID_CREDENTIALS.get());
- SecurityException se = new SecurityException("return code: "
- + bindOp.getResultCode());
+ SecurityException se = new SecurityException("return code: " + bindOp.getResultCode());
se.initCause(ldapEx);
throw se;
}
--
Gitblit v1.10.0