cancel
Showing results for 
Search instead for 
Did you mean: 

Get a KeyStore from EJB SessionBean

Former Member
0 Kudos
297

Hi,

i've trying to access a Keystore from a Session Bean, but i don't know the best way to do that. I tried the following code:

public String getMessage(String name) {
		
		try {
			
			InitialContext ctx = new InitialContext();
			Object o = (Object) ctx.lookup("keystore");
			KeyStoreManager manager = (KeyStoreManager) o;
			KeyStore keyStore = manager.getKeyStore("ICM_SSL_93090");     
			String alias = "ssl-credentials";  
			
			ISsfProfile profile = null;			
			X509Certificate cert = null;
			String sName = null;
			
			profile = manager.getISsfProfile(keyStore, alias, null);
			cert = profile.getCertificate();
			sName = cert.getSubjectDN().getName();
			cert.checkValidity();
			return sName;			
			
		} catch (Exception e) {
			e.printStackTrace();
			return e.getMessage();
		}		
	}

but when i run a client for this component i receive the message:

class $Proxy420_10002:sap.com/TestEJBEARcom.sap.engine.boot.loader.ResourceMultiParentClassLoader124d0daalive incompatible with interface com.sap.aii.security.lib.KeyStoreManager:library:com.sap.aii.sec.libcom.sap.engine.boot.loader.ResourceMultiParentClassLoaderd9c6e2alive

Can somebody help me with this?

thank's in advance

Accepted Solutions (0)

Answers (5)

Answers (5)

Former Member
0 Kudos

thanks a lot...it was very helpful..works perfectly...so, follow my method until the moment:


try {

			InitialContext ctx = new InitialContext();
			Object o = (Object) ctx.lookup("keystore");
			KeystoreManager manager = (KeystoreManager) o;
			String[] keyStores = manager.getKeystoreViewAliases();
			
			Enumeration aliases = null;
			KeyStore keyStore = null; 
			String alias = null;
			String res = "";
			
			for(int i = 0; i < keyStores.length; i++){
				keyStore = manager.getKeystore(keyStores<i>);
				aliases = keyStore.aliases();
				
				while(aliases.hasMoreElements()){
					alias = (String) aliases.nextElement();
					res += keyStores<i> + " : " + alias + "\n";
				}				
			}
			return res;

		} catch (Exception e) {
			e.printStackTrace();
			return e.getMessage();
		}

my purpose with this session bean, is get all keystores and all alias (certificates) and do something...apparently, the 2 loops already do it, but when i run the client application, just one keystore with it alias are listed. Why can't i get all keystores and alias?..looking for, i found out that could be the permissions set on the server...but i'm not sure how i can allow each keystore to be used....could you help me with that?

Former Member
0 Kudos

cs.santos0, what is the right import?

I use com.sap.engine.interfaces.keystore.KeystoreManager and I have a ClassCastException in the line:

KeyStoreManager manager = (KeyStoreManager) o;

Regards.

Thanks.

Former Member
0 Kudos

Hi,

I am also having the same issue. I receive a cast error.

Code:

InitialContext context = new InitialContext();

Object o = (Object) context.lookup("keystore");

KeystoreManager manager = (KeystoreManager) o; <----


[Cast errror]

[Cast error]

java.lang.ClassCastException: com/sap/engine/services/keystore/interfaces/KeystoreManagerWrapper_Stub incompatible with com/sap/engine/interfaces/keystore/KeystoreManager at FtpGetServlet.improvedGetData(FtpGetServlet.java:268)

Former Member
0 Kudos

Try to add a dependency to the keystore_api library in the file application-j2ee.engine.xml of the ear DC (type weak).

Greetings.

Former Member
0 Kudos

thanks again..

i got that the right import which i need is:

import com.sap.engine.interfaces.keystore.KeystoreManager

Right?..but about it...

where can i find this?...i mean, which Jar file contain this class?

because, i tried to insert this import on my class, and i got a error for i do not have this class on my classpath....could you give a tip?

thanks

Former Member
0 Kudos

com.sap.engine.interfaces.keystore.KeystoreManager

is that the right import which i need?...and about this class, where can i find this?...i mean, which Jar file contain this class?

an about the document that you recommend for me, is exactly the one which i'm using......

Vlado
Advisor
Advisor
0 Kudos

/usr/sap/<SID>/<instance>/j2ee/cluster/bin/interfaces/keystore_api/lib/private/sap.comtcjekeystore_apiAPI.jar - which means you need a reference to interface keystore_api in your application.

Former Member
0 Kudos

hi, thanks for reply!

follow my whole Session Bean:


package br.com.cienci.teste;

import java.security.KeyStore;
import java.security.cert.X509Certificate;

import javax.ejb.Stateless;
import javax.naming.InitialContext;

import com.sap.aii.security.lib.KeyStoreManager;
import com.sap.security.api.ssf.ISsfProfile;
import javax.jws.WebService;
import javax.jws.WebMethod;
import javax.jws.WebParam;

/**
 * @author Ciro S. Santos
 * 
 */
@WebService(serviceName = "TestSessionService", name = "TestSession", portName = "TestSessionBeanPort", targetNamespace = "http://com.br/cienci/teste/")
@Stateless
public class TestSessionBean implements TestSessionRemote, TestSessionLocal {

	@WebMethod(operationName = "getMessage", exclude = false)
	public String getMessage(@WebParam(name = "name") String name) {

		try {

			InitialContext ctx = new InitialContext();
			Object o = (Object) ctx.lookup("keystore");
			KeyStoreManager manager = (KeyStoreManager) o;
			KeyStore keyStore = manager.getKeyStore("ICM_SSL_93090");
			String alias = "ssl-credentials";

			ISsfProfile profile = null;
			X509Certificate cert = null;
			String sName = null;

			profile = manager.getISsfProfile(keyStore, alias, null);
			cert = profile.getCertificate();
			sName = cert.getSubjectDN().getName();
			cert.checkValidity();
			return sName;

		} catch (Exception e) {
			e.printStackTrace();
			return e.getMessage();
		}
	}
}

import com.sap.aii.security.lib.KeyStoreManager;

that's my keyStoreManager...is it wrong?...if yes, Which one i need?

Vlado
Advisor
Advisor
0 Kudos

Please read carefully my previous post - the answer is there:

> You should be using com.sap.engine.interfaces.keystore.KeystoreManager instead.

Vlado
Advisor
Advisor
0 Kudos

Seems you're casting to the wrong KeyStoreManager. You should be using com.sap.engine.interfaces.keystore.KeystoreManager instead.

This [document|http://help.sap.com/saphelp_nwce10/helpdata/en/a4/d0201854fb6a4cb9545892b49d4851/frameset.htm] might also be helpful.

Cheers,

-- Vladimir