merge changes for sni

hsarback/conf/META-INF/persistence-with-sql-logging.xml

@@ -6,7 +6,6 @@
 		<class>de.hsadmin.core.qserv.QueueTask</class> 
 		<class>de.hsadmin.mods.cust.Customer</class> 
 		<class>de.hsadmin.mods.cust.Contact</class> 
-		<class>de.hsadmin.mods.cust.BankAccount</class> 
 		<class>de.hsadmin.mods.pac.Pac</class> 
 		<class>de.hsadmin.mods.pac.BasePac</class> 
 		<class>de.hsadmin.mods.pac.BaseComponent</class>

hsarback/conf/META-INF/persistence.xml

@@ -6,7 +6,6 @@
 		<class>de.hsadmin.core.qserv.QueueTask</class> 
 		<class>de.hsadmin.mods.cust.Customer</class> 
 		<class>de.hsadmin.mods.cust.Contact</class> 
-		<class>de.hsadmin.mods.cust.BankAccount</class> 
 		<class>de.hsadmin.mods.pac.Pac</class> 
 		<class>de.hsadmin.mods.pac.BasePac</class> 
 		<class>de.hsadmin.mods.pac.BaseComponent</class>

hsarback/conf/WEB-INF/prod-web.xml

@@ -11,6 +11,14 @@
     <servlet>
         <servlet-name>Queue Status Servlet</servlet-name>
         <servlet-class>de.hsadmin.core.qserv.QueueStatusReceiverServlet</servlet-class>
+  		<init-param>
+	  		<param-name>proxyValidateUrl</param-name>
+		  	<param-value>https://@LOGIN_HOST@:@LOGIN_PORT@/cas/proxyValidate</param-value>
+  		</init-param>
+  		<init-param>
+	  		<param-name>proxyServiceUrl</param-name>
+		  	<param-value>https://@CONFIG_HOST@:@CONFIG_PORT@/hsar/backend</param-value>
+  		</init-param>
         <load-on-startup>1</load-on-startup>
     </servlet>
 
@@ -28,11 +36,6 @@
         <url-pattern>/queueStatus</url-pattern>
     </servlet-mapping>
 
-    <servlet-mapping>
-        <servlet-name>CLI Client Connector</servlet-name>
-        <url-pattern>/hsadmin/cli-interface/</url-pattern>
-    </servlet-mapping>
-
     <servlet-mapping>
         <servlet-name>XmlRpcServlet</servlet-name>
         <url-pattern>/xmlrpc/*</url-pattern>

hsarback/conf/WEB-INF/test-web.xml

@@ -11,6 +11,14 @@
     <servlet>
         <servlet-name>Queue Status Servlet</servlet-name>
         <servlet-class>de.hsadmin.core.qserv.QueueStatusReceiverServlet</servlet-class>
+  		<init-param>
+	  		<param-name>proxyValidateUrl</param-name>
+		  	<param-value>https://@LOGIN_HOST@:@LOGIN_PORT@/cas/proxyValidate</param-value>
+  		</init-param>
+  		<init-param>
+	  		<param-name>proxyServiceUrl</param-name>
+		  	<param-value>https://@CONFIG_HOST@:@CONFIG_PORT@/hsar/backend</param-value>
+  		</init-param>
         <load-on-startup>1</load-on-startup>
     </servlet>
 
@@ -28,11 +36,6 @@
         <url-pattern>/queueStatus</url-pattern>
     </servlet-mapping>
 
-    <servlet-mapping>
-        <servlet-name>CLI Client Connector</servlet-name>
-        <url-pattern>/hsadmin/cli-interface/</url-pattern>
-    </servlet-mapping>
-
     <servlet-mapping>
         <servlet-name>XmlRpcServlet</servlet-name>
         <url-pattern>/xmlrpc/*</url-pattern>

hsarback/src/de/hsadmin/core/qserv/QueueStatusReceiverServlet.java

@@ -18,12 +18,14 @@ import javax.naming.Context;
 import javax.naming.InitialContext;
 import javax.naming.NamingException;
 import javax.persistence.EntityManager;
+import javax.servlet.ServletConfig;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import de.hsadmin.core.model.TechnicalException;
+import de.hsadmin.core.model.TicketValidator;
 import de.hsadmin.core.model.Transaction;
 import de.hsadmin.core.util.Config;
 
@@ -43,6 +45,10 @@ public class QueueStatusReceiverServlet extends HttpServlet
 
 	@Override
 	public void init() throws ServletException {
+		final ServletConfig cfg = getServletConfig();
+		final String validateURL = cfg.getInitParameter("proxyValidateUrl");
+		final String serviceURL = cfg.getInitParameter("proxyServiceUrl");
+		TicketValidator.getInstance().initialize(validateURL, serviceURL);	
 		isConnected = false;
 		messageCount = 0;
 		errorCount = 0;

hsarback/src/de/hsadmin/mods/dom/DomainProcessorFactory.java

@@ -256,25 +256,26 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
 		return domDirsProcessor;
 	}
 
-	private Processor createApacheVHostSetupProcessor(EntityManager em, Domain dom)  throws ProcessorException {
+	private Processor createApacheVHostSetupProcessor(final EntityManager em, final Domain dom)  throws ProcessorException {
-		Map<String, Object> templateVars = new HashMap<String, Object>();
+		final Map<String, Object> templateVars = new HashMap<String, Object>();
 		templateVars.put("dynamicWeb", new Boolean(dom.isDynamic()));
-		String domName = dom.getName();
+		final String domName = dom.getName();
 		int level = domName.split("\\.").length;
-		String linkPrefix = Integer.toString(100 - level);
+		final String linkPrefix = Integer.toString(100 - level);
-		String pac = dom.getUser().getPac().getName();
+		final Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
-		Query query = em.createQuery("SELECT d FROM Domains d WHERE d.domainoptions.name = :option AND d.name = :domname");
 		query.setParameter("domname", dom.getName());
 		ifOption(templateVars, query, "indexes", "+Indexes", "-Indexes");
 		ifOption(templateVars, query, "includes", "+IncludesNoExec", "-Includes");
 		ifOption(templateVars, query, "multiviews", "+MultiViews", "-MultiViews");
 		ifOption(templateVars, query, "htdocsfallback", Boolean.TRUE, Boolean.FALSE);
-		Processor domSetupProcessor = new CompoundProcessor(
+		final Processor domSetupProcessor = new CompoundProcessor(
+			new ShellProcessor("export PEMS_DIR=/etc/apache2/pems-enabled/" + dom.getUser().getName() + " && "
+					+ "mkdir -p $PEMS_DIR/ && "
+					+ "cd $PEMS_DIR && "
+					+ "( ls " + domName + ".crt || ( echo \"\" > " + domName + ".chain && "
+					+ "openssl req -x509 -newkey rsa:2048 -keyout " + domName + ".key -out " + domName + ".crt -days 1100 -nodes -sha256 -subj '/CN=" + domName + "' ) ) &&"
+					+ "chmod 400 " + domName + "*"),
 			new CreateFileProcessor("/de/hsadmin/mods/dom/apache-vhost.vm", templateVars, dom, "/etc/apache2/sites-available/" + domName + ".tmp", "root", "root", "644", true),
-			new ShellProcessor("ls /etc/apache2/pems/" + pac + ".pem >/dev/null 2>&1" +
-					" && sed -i '/SSLCertificate.*default/d' " + "/etc/apache2/sites-available/" + domName + ".tmp" + 
-					" && (ls /etc/apache2/pems/" + pac + ".chain.pem >/dev/null 2>&1 || sed -i '/SSLCertificateChain.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp )" + 
-					" || sed -i '/SSLCertificate.*" + pac + "/d' " + "/etc/apache2/sites-available/" + domName + ".tmp"),
 			new ShellProcessor(
 					" (diff -q /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName + " && rm /etc/apache2/sites-available/" + domName + ".tmp ) " +
 					" || (mv /etc/apache2/sites-available/" + domName + ".tmp /etc/apache2/sites-available/" + domName + 
@@ -302,6 +303,7 @@ public class DomainProcessorFactory implements EntityProcessorFactory {
 			new ShellProcessor("rm -f /home/doms/" + domName +
 				" && rm -f /etc/apache2/sites-enabled/" + linkPrefix + "-" + domName +
 				" && rm -f /etc/apache2/sites-available/" + domName +
+				" && rm -f /etc/apache2/pems-enabled/" + dom.getUser().getName() + "/" + domName + ".*" +
 				" && rm -rf " + dom.getUser().getHomedir() + "/doms/" + domName +
 				" && invoke-rc.d apache2 reload >/dev/null 2>&1");
 		return vhostDelProcessor;

hsarback/src/de/hsadmin/mods/dom/apache-vhost.vm

@@ -90,10 +90,9 @@
 #end    
 
     SSLEngine On
-    SSLCertificateFile /etc/apache2/pems/default.pem
+    SSLCertificateFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.crt
-    SSLCertificateChainFile /etc/apache2/pems/default.chain.pem
+    SSLCertificateKeyFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.key
-    SSLCertificateFile /etc/apache2/pems/${pac.name}.pem
+    SSLCertificateChainFile /etc/apache2/pems-enabled/${dom.user.name}/${dom.name}.chain
-    SSLCertificateChainFile /etc/apache2/pems/${pac.name}.chain.pem
        
     DocumentRoot /home/doms/${dom.name}/htdocs-ssl