Redid file I/O for keystore.
authorcantor <cantor@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Wed, 12 Jun 2002 14:37:35 +0000 (14:37 +0000)
committercantor <cantor@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Wed, 12 Jun 2002 14:37:35 +0000 (14:37 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@84 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

src/edu/internet2/middleware/shibboleth/shire/ShireServlet.java

index d36d9f4..c1cc36c 100755 (executable)
@@ -49,6 +49,8 @@ public class ShireServlet extends HttpServlet
      *  <DL>
      *    <DT> keystore-path <I>(required)</I> </DT>
      *    <DD> A pathname to the trusted CA roots to accept</DD>
+     *    <DT> keystore-password <I>(required)</I> </DT>
+     *    <DD> The root keystore password</DD>
      *    <DT> registry-alias <I>(optional)</I> </DT>
      *    <DD> An alias in the provided keystore for the cert that can verify
      *    the origin site registry signature</DD>
@@ -99,7 +101,8 @@ public class ShireServlet extends HttpServlet
         {
             Key k = null;
             KeyStore ks = KeyStore.getInstance("JKS");
-            ks.load(new FileInputStream(conf.getInitParameter("keystore-path")), null);
+            ks.load(conf.getServletContext().getResourceAsStream(conf.getInitParameter("keystore-path")),
+                    conf.getInitParameter("keystore-password").toCharArray());
             if (conf.getInitParameter("keystore-alias") != null)
             {
                 Certificate cert = ks.getCertificate(conf.getInitParameter("keystore-alias"));