openjpa-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mik...@apache.org
Subject svn commit: r800504 - in /openjpa/trunk: openjpa-kernel/src/main/java/org/apache/openjpa/conf/ openjpa-lib/src/main/java/org/apache/openjpa/lib/encryption/ openjpa-persistence/src/test/java/org/apache/openjpa/persistence/ openjpa-persistence/src/test/r...
Date Mon, 03 Aug 2009 19:25:45 GMT
Author: mikedd
Date: Mon Aug  3 19:25:44 2009
New Revision: 800504

URL: http://svn.apache.org/viewvc?rev=800504&view=rev
Log:
OPENJPA-1089: 
Adding EncryptionProvider configuration option.
Submitted By : Rick Curtis

Added:
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/encryption/
    openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/encryption/EncryptionProvider.java
  (with props)
    openjpa/trunk/openjpa-project/src/doc/manual/ref_guide_encryption.xml   (with props)
Modified:
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/conf/OpenJPAConfiguration.java
    openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/conf/OpenJPAConfigurationImpl.java
    openjpa/trunk/openjpa-persistence/src/test/java/org/apache/openjpa/persistence/TestPersistenceProductDerivation.java
    openjpa/trunk/openjpa-persistence/src/test/resources/META-INF/persistence.xml
    openjpa/trunk/openjpa-project/src/doc/manual/manual.xml
    openjpa/trunk/openjpa-project/src/doc/manual/ref_guide_conf.xml

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/conf/OpenJPAConfiguration.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/conf/OpenJPAConfiguration.java?rev=800504&r1=800503&r2=800504&view=diff
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/conf/OpenJPAConfiguration.java
(original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/conf/OpenJPAConfiguration.java
Mon Aug  3 19:25:44 2009
@@ -47,6 +47,7 @@
 import org.apache.openjpa.kernel.exps.AggregateListener;
 import org.apache.openjpa.kernel.exps.FilterListener;
 import org.apache.openjpa.lib.conf.Configuration;
+import org.apache.openjpa.lib.encryption.EncryptionProvider;
 import org.apache.openjpa.meta.MetaDataFactory;
 import org.apache.openjpa.meta.MetaDataRepository;
 import org.apache.openjpa.util.ClassResolver;
@@ -1815,4 +1816,18 @@
      * @Since 2.0.0
      */
     public void setValidationGroupPreRemove(String vgPreRemove);
+    
+    /**
+     * Sets the {@link EncryptionProvider}.
+     * 
+     * @param className
+     */
+    public void setEncryptionProvider(String className);
+    
+    /**
+     * Gets the {@link EncryptionProvider}.
+     * 
+     * @return EncryptionProvider
+     */
+    public EncryptionProvider getEncryptionProvider();
 }

Modified: openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/conf/OpenJPAConfigurationImpl.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/conf/OpenJPAConfigurationImpl.java?rev=800504&r1=800503&r2=800504&view=diff
==============================================================================
--- openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/conf/OpenJPAConfigurationImpl.java
(original)
+++ openjpa/trunk/openjpa-kernel/src/main/java/org/apache/openjpa/conf/OpenJPAConfigurationImpl.java
Mon Aug  3 19:25:44 2009
@@ -58,6 +58,7 @@
 import org.apache.openjpa.lib.conf.ProductDerivations;
 import org.apache.openjpa.lib.conf.StringListValue;
 import org.apache.openjpa.lib.conf.StringValue;
+import org.apache.openjpa.lib.encryption.EncryptionProvider;
 import org.apache.openjpa.lib.log.Log;
 import org.apache.openjpa.lib.util.Localizer;
 import org.apache.openjpa.meta.MetaDataFactory;
@@ -119,6 +120,7 @@
     public ObjectValue proxyManagerPlugin;
     public StringValue connectionUserName;
     public StringValue connectionPassword;
+    public PluginValue encryptionProvider;
     public StringValue connectionURL;
     public StringValue connectionDriverName;
     public ObjectValue connectionFactory;
@@ -360,6 +362,8 @@
         connectionPassword = addString("ConnectionPassword");
         connectionPassword.addEquivalentKey("javax.persistence.jdbc.password");
         connectionPassword.setVisible(false);
+        
+        encryptionProvider = addPlugin("EncryptionProvider",true);
 
         connectionURL = addString("ConnectionURL");
         connectionURL.addEquivalentKey("javax.persistence.jdbc.url");
@@ -1020,6 +1024,10 @@
     }
 
     public String getConnectionPassword() {
+    	EncryptionProvider p = getEncryptionProvider();
+    	if(p != null) {
+    		return p.decrypt(connectionPassword.getString());
+    	}
         return connectionPassword.getString();
     }
 
@@ -1120,6 +1128,10 @@
     }
 
     public String getConnection2Password() {
+    	EncryptionProvider p = getEncryptionProvider();
+    	if(p != null){
+    		return p.decrypt(connection2Password.getString());
+    	}
         return connection2Password.getString();
     }
 
@@ -1793,5 +1805,15 @@
     public void setWriteBehindCallback(String writeBehindCallback) {
         writeBehindCallbackPlugin.setString(writeBehindCallback);
     }
+    
+    public void setEncryptionProvider(String p) {
+        encryptionProvider.setString(p);
+    }
+    
+    public EncryptionProvider getEncryptionProvider() {
+        if (encryptionProvider.get() == null)
+            encryptionProvider.instantiate(EncryptionProvider.class, this);
+        return (EncryptionProvider) encryptionProvider.get();
+    }
 }
 

Added: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/encryption/EncryptionProvider.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/encryption/EncryptionProvider.java?rev=800504&view=auto
==============================================================================
--- openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/encryption/EncryptionProvider.java
(added)
+++ openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/encryption/EncryptionProvider.java
Mon Aug  3 19:25:44 2009
@@ -0,0 +1,49 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package org.apache.openjpa.lib.encryption;
+
+/**
+ * Interface for providing encryption/decryption capabilities to the OpenJPA
+ * runtime.
+ * 
+ * Currently method is ONLY called to decrypt openjpa.ConnectionPassword and
+ * openjpa.Connection2Password properties.
+ */
+public interface EncryptionProvider {
+
+	/**
+	 * This method will decrypt the provided string. If null is passed into this
+	 * method it should noop and return null. No exceptions should ever escape
+	 * from this method.
+	 * 
+	 * Note: Currently method is ONLY called to decrypt
+	 * openjpa.ConnectionPassword and openjpa.Connection2Password properties.
+	 */
+	public String decrypt(String password);
+
+	/**
+	 * This method will encrypt the provided string. If null is passed into this
+	 * method it should noop and return null. No exceptions should ever escape
+	 * from this method.
+	 * 
+	 * NOTE : This method is not called by the OpenJPA runtime. It is here for
+	 * possible future uses.
+	 */
+	public String encrypt(String password);
+}

Propchange: openjpa/trunk/openjpa-lib/src/main/java/org/apache/openjpa/lib/encryption/EncryptionProvider.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: openjpa/trunk/openjpa-persistence/src/test/java/org/apache/openjpa/persistence/TestPersistenceProductDerivation.java
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-persistence/src/test/java/org/apache/openjpa/persistence/TestPersistenceProductDerivation.java?rev=800504&r1=800503&r2=800504&view=diff
==============================================================================
--- openjpa/trunk/openjpa-persistence/src/test/java/org/apache/openjpa/persistence/TestPersistenceProductDerivation.java
(original)
+++ openjpa/trunk/openjpa-persistence/src/test/java/org/apache/openjpa/persistence/TestPersistenceProductDerivation.java
Mon Aug  3 19:25:44 2009
@@ -31,10 +31,14 @@
 import java.util.jar.JarEntry;
 import java.util.jar.JarOutputStream;
 
-import org.apache.openjpa.lib.util.J2DoPrivHelper;
-
 import junit.framework.TestCase;
 
+import org.apache.openjpa.conf.OpenJPAConfiguration;
+import org.apache.openjpa.conf.OpenJPAConfigurationImpl;
+import org.apache.openjpa.lib.conf.ConfigurationProvider;
+import org.apache.openjpa.lib.encryption.EncryptionProvider;
+import org.apache.openjpa.lib.util.J2DoPrivHelper;
+
 public class TestPersistenceProductDerivation extends TestCase {
     private File sourceFile;
     private File targetFile;
@@ -89,7 +93,7 @@
         }
     }
     /**
-     * Added for OPENJPA-932. Verifies a ppd properly loads pu's from multiple 
+     * Added for OPENJPA-932. Verifies a PersistenceProductDerivation properly loads pu's
from multiple 
      * archives.
      * 
      * @throws Exception
@@ -100,11 +104,46 @@
             new String[]{"pu_1","pu_2","pu_3"});
         
         PersistenceProductDerivation ppd = new PersistenceProductDerivation();
-        List actual = ppd.getAnchorsInResource("META-INF/persistence.xml");
+        List<String> actual = ppd.getAnchorsInResource("META-INF/persistence.xml");
         
-        assertEquals(expectedPUs, actual);        
+        assertTrue(actual.containsAll(expectedPUs));
     }
-    
+    public void testEncryptionPluginConfiguration() throws Exception {
+		PersistenceProductDerivation ppd = new PersistenceProductDerivation();
+		OpenJPAConfiguration conf = new OpenJPAConfigurationImpl();
+		String encryptedPassword = "encrypted_password";
+		ClassLoader loader = null;
+
+		ConfigurationProvider provider = ppd.load(
+				PersistenceProductDerivation.RSRC_DEFAULT,
+				"encryption_plugin_pu", loader);
+		provider.setInto(conf);
+		EncryptionProvider ep = conf.getEncryptionProvider();
+		assertNotNull(ep);
+		// Cast to test impl
+		TestEncryptionProvider tep = (TestEncryptionProvider) ep;
+
+		conf.setConnectionPassword(encryptedPassword);
+		// Validate that when we get the ConnectionPassword from configuration
+		// that it is decrypted
+		assertEquals(TestEncryptionProvider.decryptedPassword, conf
+				.getConnectionPassword());
+		// Validate that the EncryptionProvider is called with the 'encrypted'
+		// password
+		assertEquals(encryptedPassword, tep.getEncryptedPassword());
+	}
+    public void testEncryptionPluginConfigurationDefaultValue() throws Exception {
+		PersistenceProductDerivation ppd = new PersistenceProductDerivation();
+		OpenJPAConfiguration conf = new OpenJPAConfigurationImpl();
+		ClassLoader loader = null;
+
+		ConfigurationProvider provider = ppd.load(
+				PersistenceProductDerivation.RSRC_DEFAULT,
+				"encryption_plugin_default_pu", loader);
+		provider.setInto(conf);
+
+		assertNull(conf.getEncryptionProvider());
+	}
     private void buildJar(File sourceFile, File targetFile) throws Exception {
         
         JarOutputStream out = new JarOutputStream(
@@ -131,4 +170,31 @@
             super(urls,parent);
         }
     }
+    public static class TestEncryptionProvider implements EncryptionProvider {
+		public static final String decryptedPassword = "decypted_password";
+		// Save the 'encrypted' password so our UT can perform validation.
+		private String encryptedPassword;
+
+		public String getEncryptedPassword() {
+			return encryptedPassword;
+		}
+
+		/**
+		 * This method ALWAYS returns the String "decypted_password".
+		 * 
+		 * @see EncryptionProvider#decrypt(String)
+		 */
+		public String decrypt(String password) {
+			encryptedPassword = password;
+
+			return decryptedPassword;
+		}
+
+		/**
+		 * @see EncryptionProvider#encrypt(String)
+		 */
+		public String encrypt(String password) {
+			return password;
+		}
+	}
 }

Modified: openjpa/trunk/openjpa-persistence/src/test/resources/META-INF/persistence.xml
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-persistence/src/test/resources/META-INF/persistence.xml?rev=800504&r1=800503&r2=800504&view=diff
==============================================================================
--- openjpa/trunk/openjpa-persistence/src/test/resources/META-INF/persistence.xml (original)
+++ openjpa/trunk/openjpa-persistence/src/test/resources/META-INF/persistence.xml Mon Aug
 3 19:25:44 2009
@@ -23,5 +23,13 @@
     <persistence-unit name="pu_1" transaction-type="RESOURCE_LOCAL">
     </persistence-unit>      
     <persistence-unit name="pu_2" transaction-type="RESOURCE_LOCAL">
-    </persistence-unit>      
+    </persistence-unit>
+    <persistence-unit name="encryption_plugin_pu" transaction-type="RESOURCE_LOCAL">
+        <properties>
+            <property name="openjpa.EncryptionProvider"
+                value="org.apache.openjpa.persistence.TestPersistenceProductDerivation$TestEncryptionProvider"
/>
+        </properties>
+    </persistence-unit>
+    <persistence-unit name="encryption_plugin_default_pu" transaction-type="RESOURCE_LOCAL">
+    </persistence-unit>
 </persistence>

Modified: openjpa/trunk/openjpa-project/src/doc/manual/manual.xml
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-project/src/doc/manual/manual.xml?rev=800504&r1=800503&r2=800504&view=diff
==============================================================================
--- openjpa/trunk/openjpa-project/src/doc/manual/manual.xml (original)
+++ openjpa/trunk/openjpa-project/src/doc/manual/manual.xml Mon Aug  3 19:25:44 2009
@@ -47,6 +47,7 @@
     <!ENTITY ref_guide_deploy.xml SYSTEM "ref_guide_deploy.xml">
     <!ENTITY ref_guide_runtime.xml SYSTEM "ref_guide_runtime.xml">
     <!ENTITY ref_guide_caching.xml SYSTEM "ref_guide_caching.xml">
+    <!ENTITY ref_guide_encryption.xml SYSTEM "ref_guide_encryption.xml">
     <!ENTITY ref_guide_remote.xml SYSTEM "ref_guide_remote.xml">
     <!ENTITY ref_guide_slice.xml SYSTEM "ref_guide_slice.xml">
     <!ENTITY ref_guide_integration.xml SYSTEM "ref_guide_integration.xml">
@@ -105,6 +106,7 @@
         &ref_guide_deploy.xml;
         &ref_guide_runtime.xml;
         &ref_guide_caching.xml;
+        &ref_guide_encryption.xml;
         &ref_guide_remote.xml;
         &ref_guide_slice.xml;
         &ref_guide_integration.xml;

Modified: openjpa/trunk/openjpa-project/src/doc/manual/ref_guide_conf.xml
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-project/src/doc/manual/ref_guide_conf.xml?rev=800504&r1=800503&r2=800504&view=diff
==============================================================================
--- openjpa/trunk/openjpa-project/src/doc/manual/ref_guide_conf.xml (original)
+++ openjpa/trunk/openjpa-project/src/doc/manual/ref_guide_conf.xml Mon Aug  3 19:25:44 2009
@@ -1800,6 +1800,47 @@
 runtime. See <xref linkend="ref_guide_dbsetup_lrs"/> for details.
             </para>
         </section>
+<!-- start -->     
+<section id="openjpa.EncryptionProvider">
+            <title>
+                openjpa.EncryptionProvider
+            </title>
+            <indexterm zone="openjpa.EncryptionProvider">
+                <primary>
+                    DataCache
+                </primary>
+            </indexterm>
+            <indexterm zone="openjpa.EncryptionProvider">
+                <primary>
+                    encryption
+                </primary>
+            </indexterm>
+            <para>
+		<emphasis role="bold">Property name: </emphasis><literal>openjpa.EncryptionProvider</literal>
+            </para>
+            <para>
+		<emphasis role="bold">Configuration API:</emphasis>
+		<ulink url="../javadoc/org/apache/openjpa/conf/OpenJPAConfiguration.html#getEncryptionProvider()">
+			<methodname>org.apache.openjpa.conf.OpenJPAConfiguration.getEncryptionProvider</methodname>
+		</ulink>
+            </para>
+            <para>
+		<emphasis role="bold">Resource adaptor config-property: </emphasis>
+		<literal>EncryptionProvider</literal>
+            </para>
+            <para>
+		<emphasis role="bold">Default: </emphasis><literal>false</literal>
+            </para>
+            <para>
+<emphasis role="bold">Description:</emphasis> A plugin list string (see
+<xref linkend="ref_guide_conf_plugins"/>) describing the
+<ulink url="../javadoc/org/apache/openjpa/lib/EncryptionProvider.html"><classname>
+org.apache.openjpa.lib.EncryptionProvider</classname></ulink>s to use for connection
password
+encryption. See <xref linkend="ref_guide_encryption1"/> for details.
+            </para>
+        </section>
+
+<!-- end -->        
         <section id="openjpa.FetchGroups">
             <title>
                 openjpa.FetchGroups

Added: openjpa/trunk/openjpa-project/src/doc/manual/ref_guide_encryption.xml
URL: http://svn.apache.org/viewvc/openjpa/trunk/openjpa-project/src/doc/manual/ref_guide_encryption.xml?rev=800504&view=auto
==============================================================================
--- openjpa/trunk/openjpa-project/src/doc/manual/ref_guide_encryption.xml (added)
+++ openjpa/trunk/openjpa-project/src/doc/manual/ref_guide_encryption.xml Mon Aug  3 19:25:44
2009
@@ -0,0 +1,48 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements.  See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership.  The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License.  You may obtain a copy of the License at
+ 
+ http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied.  See the License for the
+ specific language governing permissions and limitations
+ under the License.   
+-->
+<chapter id="ref_guide_encryption">
+    <title>
+        Encryption Provider
+    </title>
+    <para>
+	OpenJPA provides an interface for a provider to implement to allow 
+	connection passwords to be encrypted. Whenever a connection password 
+	is needed, the decrypt(String) method will be invoked. See 
+	<ulink url="../javadoc/org/apache/openjpa/lib/encryption/EncryptionProvider.html">
+	<classname>org.apache.openjpa.lib.encryption.EncryptionProvider</classname>
+	</ulink> for the detailed javadoc. 
+    </para>
+    <para>
+    	Notes:
+    <itemizedlist>
+        <listitem>
+            <para>
+                It is an OpenJPA users responsibility to implement the EncryptionProvider
+                interface. There is not a default implementation.
+            </para>
+        </listitem>
+        <listitem>
+            <para>
+                The interface has an encrypt(String) method, but it is not called by the
OpenJPA runtime. 
+            </para>
+        </listitem>        
+    </itemizedlist>        
+    </para>
+</chapter>

Propchange: openjpa/trunk/openjpa-project/src/doc/manual/ref_guide_encryption.xml
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message