import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.io.StringWriter;
+import java.net.Authenticator;
+import java.net.PasswordAuthentication;
import java.net.URL;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
+import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import org.apache.log4j.SimpleLayout;
import jalview.datamodel.PDBEntry;
+import jalview.gui.Preferences;
import jalview.gui.UserDefinedColours;
import jalview.schemes.ColourSchemeLoader;
import jalview.schemes.ColourSchemes;
import jalview.structure.StructureImportSettings;
import jalview.urls.IdOrgSettings;
import jalview.util.ColorUtils;
+import jalview.util.MessageManager;
import jalview.util.Platform;
import jalview.ws.sifts.SiftsSettings;
System.getProperty("http.proxyHost"),
System.getProperty("http.proxyPort"),
System.getProperty("https.proxyHost"),
- System.getProperty("https.proxyPort") };
+ System.getProperty("https.proxyPort"),
+ System.getProperty("http.proxyUser"),
+ System.getProperty("http.proxyPassword"),
+ System.getProperty("https.proxyUser"),
+ System.getProperty("https.proxyPassword"),
+ System.getProperty("http.nonProxyHosts") };
+
+ public final static String PROXYTYPE_NONE = "none";
+
+ // "false" and "true" for backward compatibility
+ public final static String PROXYTYPE_SYSTEM = "false";
+
+ public final static String PROXYTYPE_CUSTOM = "true";
+
+ // in-memory only storage of proxy password, safer to use char array
+ public static char[] proxyAuthPassword = null;
/** Jalview Properties */
public static Properties applicationProperties = new Properties()
// PROXY TYPE settings (now three options "none", "false", "true", but using
// backward compatible strings)
- String proxyType = getDefault("USE_PROXY", "false");
+ String proxyType = getDefault("USE_PROXY", PROXYTYPE_SYSTEM);
// default to upgrading old settings
switch (proxyType)
{
- case "none":
- setProxyProperties(null, null, null, null);
+ case PROXYTYPE_NONE:
+ clearProxyProperties();
break;
- case "false": // use system settings
+ case PROXYTYPE_SYSTEM: // use system settings
resetProxyProperties();
break;
- case "true": // use specified proxy settings
+ case PROXYTYPE_CUSTOM: // use specified proxy settings
String httpHost = getDefault("PROXY_SERVER", "");
String httpPort = getDefault("PROXY_PORT", "8080");
String httpsHost = getDefault("PROXY_SERVER_HTTPS", httpHost);
String httpsPort = getDefault("PROXY_PORT_HTTPS", httpPort);
- setProxyProperties(httpHost, httpPort, httpsHost, httpsPort);
+ String httpUser = getDefault("PROXY_AUTH_USER", null);
+ // https.proxyUser and https.proxyPassword are not able to be
+ // independently set in Preferences yet (or http.nonProxyHosts)
+ String httpsUser = getDefault("PROXY_AUTH_USER_HTTPS", httpUser);
+ setProxyProperties(httpHost, httpPort, httpsHost, httpsPort, httpUser,
+ proxyAuthPassword, httpsUser, proxyAuthPassword, "localhost");
break;
default:
String message = "Incorrect PROXY_TYPE - should be 'none' (clear proxy properties), 'false' (system settings), 'true' (custom settings): "
+ proxyType;
- if (Cache.log == null)
- {
- System.out.println(message);
- }
- else
- {
- Cache.log.warn(message);
- }
+ Cache.warn(message);
}
// LOAD THE AUTHORS FROM THE authors.props file
}
// proxy properties methods
+ public static void clearProxyProperties()
+ {
+ setProxyProperties(null, null, null, null, null, null, null, null,
+ null);
+ }
+
public static void resetProxyProperties()
{
setProxyProperties(startupProxyProperties[0], startupProxyProperties[1],
- startupProxyProperties[2], startupProxyProperties[3]);
+ startupProxyProperties[2], startupProxyProperties[3],
+ startupProxyProperties[4],
+ startupProxyProperties[5] == null ? null
+ : startupProxyProperties[5].toCharArray(),
+ startupProxyProperties[6],
+ startupProxyProperties[7] == null ? null
+ : startupProxyProperties[7].toCharArray(),
+ startupProxyProperties[8]);
StringBuilder sb = new StringBuilder();
sb.append("Setting proxy properties to: http.proxyHost=")
.append(startupProxyProperties[0]).append(", http.proxyPort=")
- .append(startupProxyProperties[1]).append(", https.proxyHost=")
- .append(startupProxyProperties[2]).append(", https.proxyPort=")
- .append(startupProxyProperties[3]);
- if (Cache.log == null)
+ .append(startupProxyProperties[1])
+ .append(startupProxyProperties[4] != null
+ && !startupProxyProperties[4].isEmpty()
+ ? " [" + startupProxyProperties[4] + "]"
+ : "")
+ .append(", https.proxyHost=").append(startupProxyProperties[2])
+ .append(", https.proxyPort=").append(startupProxyProperties[3])
+ .append(startupProxyProperties[6] != null
+ && !startupProxyProperties[6].isEmpty()
+ ? " [" + startupProxyProperties[6] + "]"
+ : "");
+
+ Cache.debug(sb.toString());
+ }
+
+ public static void setProxyPropertiesFromPreferences()
+ {
+ setProxyPropertiesFromPreferences(Cache.PROXYTYPE_SYSTEM);
+ }
+
+ public static void setProxyPropertiesFromPreferences(
+ String previousProxyType)
+ {
+ String proxyType = Cache.getDefault("USE_PROXY",
+ Cache.PROXYTYPE_SYSTEM);
+ if (previousProxyType != null
+ && !proxyType.equals(Cache.PROXYTYPE_CUSTOM) // always apply
+ // customProxy
+ && proxyType.equals(previousProxyType))
{
- System.err.println(sb.toString());
+ // no change
+ return;
}
- else
+ switch (proxyType)
{
- Cache.log.debug(sb.toString());
+ case Cache.PROXYTYPE_NONE:
+ if (!previousProxyType.equals(proxyType))
+ {
+ Cache.log.info("Setting no proxy settings");
+ Cache.setProxyProperties(null, null, null, null, null, null, null,
+ null, null);
+ }
+ break;
+ case Cache.PROXYTYPE_CUSTOM:
+ // always re-set a custom proxy -- it might have changed, particularly
+ // password
+ Cache.log.info("Setting custom proxy settings");
+ boolean proxyAuthSet = Cache.getDefault("PROXY_AUTH", false);
+ Cache.setProxyProperties(Cache.getDefault("PROXY_SERVER", null),
+ Cache.getDefault("PROXY_PORT", null),
+ Cache.getDefault("PROXY_SERVER_HTTPS", null),
+ Cache.getDefault("PROXY_PORT_HTTPS", null),
+ proxyAuthSet ? Cache.getDefault("PROXY_AUTH_USERNAME", "")
+ : null,
+ proxyAuthSet ? Cache.proxyAuthPassword : null,
+ proxyAuthSet ? Cache.getDefault("PROXY_AUTH_USERNAME", "")
+ : null,
+ proxyAuthSet ? Cache.proxyAuthPassword : null, "localhost");
+ break;
+ default: // system proxy settings by default
+ Cache.log.info("Setting system proxy settings");
+ Cache.resetProxyProperties();
}
}
- public static void setProxyProperties(String host, String port)
- {
- setProxyProperties(host, port, host, port);
- }
-
public static void setProxyProperties(String httpHost, String httpPort,
- String httpsHost, String httpsPort)
+ String httpsHost, String httpsPort, String httpUser,
+ char[] httpPassword, String httpsUser, char[] httpsPassword,
+ String nonProxyHosts)
{
- // cannot set property to null -- use clearProperty instead
+ setOrClearSystemProperty("http.proxyHost", httpHost);
+ setOrClearSystemProperty("http.proxyPort", httpPort);
+ setOrClearSystemProperty("https.proxyHost", httpsHost);
+ setOrClearSystemProperty("https.proxyPort", httpsPort);
+ setOrClearSystemProperty("http.proxyUser", httpUser);
+ setOrClearSystemProperty("https.proxyUser", httpsUser);
+ // note: passwords for http.proxyPassword and https.proxyPassword are sent
+ // via the Authenticator, properties do not need to be set
+
+ // are we using a custom proxy (password prompt might be required)?
+ boolean customProxySet = getDefault("USE_PROXY", PROXYTYPE_SYSTEM)
+ .equals(PROXYTYPE_CUSTOM);
- // http.proxyHost
- if (httpHost == null)
+ /*
+ * A bug in Java means the AuthCache does not get reset, so once it has working credentials,
+ * it never asks for more, so changing the Authenticator has no effect (as getPasswordAuthentication()
+ * is not re-called).
+ * This could lead to password leak to a hostile proxy server, so I'm putting in a hack to clear
+ * the AuthCache.
+ * see https://www.generacodice.com/en/articolo/154918/Reset-the-Authenticator-credentials
+ * ...
+ * Turns out this is only accessible in Java 8, and not in Java 9 onwards, so commenting out
+ */
+ /*
+ try
{
- System.clearProperty("http.proxyHost");
- }
- else
+ sun.net.www.protocol.http.AuthCacheValue
+ .setAuthCache(new sun.net.www.protocol.http.AuthCacheImpl());
+ } catch (Throwable t)
{
- System.setProperty("http.proxyHost", httpHost);
+ Cache.error(t.getMessage());
+ Cache.debug(getStackTraceString(t));
}
+ */
- // http.proxyPort
- if (httpPort == null)
+ if (httpUser != null || httpsUser != null)
{
- System.clearProperty("http.proxyPort");
+ try
+ {
+ char[] displayHttpPw = new char[httpPassword == null ? 0
+ : httpPassword.length];
+ Arrays.fill(displayHttpPw, '*');
+ Cache.debug("CACHE Proxy: setting new Authenticator with httpUser='"
+ + httpUser + "' httpPassword='" + displayHttpPw + "'");
+ Authenticator.setDefault(new Authenticator()
+ {
+ @Override
+ protected PasswordAuthentication getPasswordAuthentication()
+ {
+ if (getRequestorType() == RequestorType.PROXY)
+ {
+ String protocol = getRequestingProtocol();
+ boolean needProxyPasswordSet = false;
+ if (customProxySet &&
+ // we have a username but no password for the scheme being
+ // requested
+ (protocol.equalsIgnoreCase("http")
+ && (httpUser != null && httpUser.length() > 0
+ && (httpPassword == null
+ || httpPassword.length == 0)))
+ || (protocol.equalsIgnoreCase("https")
+ && (httpsUser != null
+ && httpsUser.length() > 0
+ && (httpsPassword == null
+ || httpsPassword.length == 0))))
+ {
+ // open Preferences -> Connections
+ String message = MessageManager
+ .getString("label.proxy_password_required");
+ Preferences.openPreferences(Preferences.CONNECTIONS_TAB,
+ message);
+ Preferences.getInstance()
+ .proxyAuthPasswordCheckHighlight(true, true);
+ }
+ else
+ {
+ try
+ {
+ if (protocol.equalsIgnoreCase("http")
+ && getRequestingHost().equalsIgnoreCase(httpHost)
+ && getRequestingPort() == Integer
+ .valueOf(httpPort))
+ {
+ Cache.debug(
+ "AUTHENTICATOR returning PasswordAuthentication(\""
+ + httpUser + "\", '"
+ + new String(displayHttpPw) + "')");
+ return new PasswordAuthentication(httpUser,
+ httpPassword);
+ }
+ if (protocol.equalsIgnoreCase("https")
+ && getRequestingHost().equalsIgnoreCase(httpsHost)
+ && getRequestingPort() == Integer
+ .valueOf(httpsPort))
+ {
+ char[] displayHttpsPw = new char[httpPassword.length];
+ Arrays.fill(displayHttpsPw, '*');
+ Cache.debug(
+ "AUTHENTICATOR returning PasswordAuthentication(\""
+ + httpsUser + "\", '" + displayHttpsPw
+ + "'");
+ return new PasswordAuthentication(httpsUser,
+ httpsPassword);
+ }
+ } catch (NumberFormatException e)
+ {
+ Cache.error("Problem with proxy port values [http:"
+ + httpPort + ", https:" + httpsPort + "]");
+ }
+ Cache.debug(
+ "AUTHENTICATOR after trying to get PasswordAuthentication");
+ }
+ }
+ // non proxy request
+ Cache.debug("AUTHENTICATOR returning null");
+ return null;
+ }
+ });
+ // required to re-enable basic authentication (should be okay for a
+ // local proxy)
+ Cache.debug(
+ "AUTHENTICATOR setting property 'jdk.http.auth.tunneling.disabledSchemes' to \"\"");
+ System.setProperty("jdk.http.auth.tunneling.disabledSchemes", "");
+ } catch (SecurityException e)
+ {
+ Cache.error("Could not set default Authenticator");
+ Cache.debug(getStackTraceString(e));
+ }
}
else
{
- System.setProperty("http.proxyPort", httpPort);
+ // reset the Authenticator to protect http.proxyUser and
+ // http.proxyPassword Just In Case
+ /* as noted above, due to bug in java this doesn't work if the sun.net.www.protocol.http.AuthCache
+ * has working credentials. No workaround for Java 11.
+ */
+ Cache.debug("AUTHENTICATOR setting default Authenticator to null");
+ Authenticator.setDefault(null);
}
- // https.proxyHost
- if (httpsHost == null)
+ // nonProxyHosts not currently configurable in Preferences
+ Cache.debug("AUTHENTICATOR setting property 'http.nonProxyHosts' to \""
+ + nonProxyHosts + "\"");
+ setOrClearSystemProperty("http.nonProxyHosts", nonProxyHosts);
+ }
+
+ public static void setOrClearSystemProperty(String key, char[] value)
+ {
+ setOrClearSystemProperty(key,
+ (value == null) ? null : new String(value));
+ }
+
+ public static void setOrClearSystemProperty(String key, String value)
+ {
+ if (key == null)
{
- System.clearProperty("https.proxyHost");
+ return;
+ }
+ if (value == null)
+ {
+ System.clearProperty(key);
}
else
{
- System.setProperty("https.proxyHost", httpsHost);
+ System.setProperty(key, value);
}
+ }
+
+ public final static int TRACE = 10;
+
+ public final static int DEBUG = 20;
+
+ public final static int INFO = 30;
- // https.proxyPort
- if (httpsPort == null)
+ public final static int WARN = 40;
+
+ public final static int ERROR = 50;
+
+ public static boolean println(int level, String message)
+ {
+ if (Cache.log == null)
{
- System.clearProperty("https.proxyPort");
+ if (level >= WARN)
+ System.err.println(message);
+ else if (level >= INFO)
+ System.out.println(message);
+ // not printing debug or trace messages
+ return false;
+ }
+ if (level >= ERROR)
+ {
+ Cache.log.error(message);
+ }
+ else if (level >= WARN)
+ {
+ Cache.log.warn(message);
+ }
+ else if (level >= INFO)
+ {
+ Cache.log.info(message);
+ }
+ else if (level >= DEBUG)
+ {
+ Cache.log.debug(message);
}
else
{
- System.setProperty("https.proxyPort", httpsPort);
+ Cache.log.trace(message);
}
+ return true;
+ }
+
+ public static void trace(String message)
+ {
+ println(TRACE, message);
+ }
+
+ public static void debug(String message)
+ {
+ println(DEBUG, message);
+ }
+ public static void info(String message)
+ {
+ println(INFO, message);
+ }
+
+ public static void warn(String message)
+ {
+ println(WARN, message);
+ }
+
+ public static void error(String message)
+ {
+ println(ERROR, message);
}
-}
+}
\ No newline at end of file