Refactored SystemConfigService.finalizeConfiguration().

8 files changed, 71 insertions, 33 deletions

diff --git a/base/ca/src/org/dogtagpki/server/ca/rest/CAInstallerService.java b/base/ca/src/org/dogtagpki/server/ca/rest/CAInstallerService.java
index e1b71604d..d9b6f81ca 100644
--- a/base/ca/src/org/dogtagpki/server/ca/rest/CAInstallerService.java
+++ b/base/ca/src/org/dogtagpki/server/ca/rest/CAInstallerService.java
@@ -24,8 +24,6 @@ import java.net.MalformedURLException;
 import java.net.URL;
 import java.util.StringTokenizer;
 
-import netscape.ldap.LDAPAttribute;
-
 import org.dogtagpki.server.rest.SystemConfigService;
 
 import com.netscape.certsrv.apps.CMS;
@@ -37,10 +35,13 @@ import com.netscape.certsrv.ldap.ILdapConnFactory;
 import com.netscape.certsrv.registry.IPluginInfo;
 import com.netscape.certsrv.registry.IPluginRegistry;
 import com.netscape.certsrv.system.ConfigurationRequest;
+import com.netscape.certsrv.system.ConfigurationResponse;
 import com.netscape.cms.servlet.csadmin.ConfigurationUtils;
 import com.netscape.cmscore.base.LDAPConfigStore;
 import com.netscape.cmscore.profile.LDAPProfileSubsystem;
 
+import netscape.ldap.LDAPAttribute;
+
 /**
  * @author alee
  *
@@ -51,9 +52,7 @@ public class CAInstallerService extends SystemConfigService {
     }
 
     @Override
-    public void finalizeConfiguration(ConfigurationRequest request) {
-
-        super.finalizeConfiguration(request);
+    public void finalizeConfiguration(ConfigurationRequest request, ConfigurationResponse response) {
 
         try {
             if (!request.isClone()) {
@@ -91,6 +90,8 @@ public class CAInstallerService extends SystemConfigService {
             CMS.debug(e);
             throw new PKIException("Error enabling profile subsystem");
         }
+
+        super.finalizeConfiguration(request, response);
     }
 
     @Override
diff --git a/base/common/python/pki/system.py b/base/common/python/pki/system.py
index 45aa0d637..46b1d4051 100644
--- a/base/common/python/pki/system.py
+++ b/base/common/python/pki/system.py
@@ -275,6 +275,19 @@ class SystemConfigClient(object):
                                         headers)
         return response.json()
 
+    def finalize(self):
+        """
+        Contacts the server and invokes the Java configuration REST API to
+        finalize subsystem configuration.
+
+        :return: ConfigurationResponse -- response from configuration servlet.
+        """
+        headers = {'Content-type': 'application/json',
+                   'Accept': 'application/json'}
+        response = self.connection.post('/rest/installer/finalize', None,
+                                        headers)
+        return response.json()
+
 
 class SystemStatusClient(object):
     """
diff --git a/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java b/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java
index 9c570eb2b..104a0af08 100644
--- a/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java
+++ b/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java
@@ -30,4 +30,8 @@ public interface SystemConfigResource {
     @POST
     @Path("configure")
     public ConfigurationResponse configure(ConfigurationRequest data) throws Exception;
+
+    @POST
+    @Path("finalize")
+    public ConfigurationResponse finalizeConfiguration() throws Exception;
 }
diff --git a/base/kra/src/org/dogtagpki/server/kra/rest/KRAInstallerService.java b/base/kra/src/org/dogtagpki/server/kra/rest/KRAInstallerService.java
index 52c85a674..5e0eae11b 100644
--- a/base/kra/src/org/dogtagpki/server/kra/rest/KRAInstallerService.java
+++ b/base/kra/src/org/dogtagpki/server/kra/rest/KRAInstallerService.java
@@ -23,6 +23,7 @@ import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.PKIException;
 import com.netscape.certsrv.system.ConfigurationRequest;
+import com.netscape.certsrv.system.ConfigurationResponse;
 import com.netscape.cms.servlet.csadmin.ConfigurationUtils;
 
 /**
@@ -35,9 +36,7 @@ public class KRAInstallerService extends SystemConfigService {
     }
 
     @Override
-    public void finalizeConfiguration(ConfigurationRequest request) {
-
-        super.finalizeConfiguration(request);
+    public void finalizeConfiguration(ConfigurationRequest request, ConfigurationResponse response) {
 
         try {
             String ca_host = cs.getString("preop.ca.hostname", "");
@@ -62,5 +61,7 @@ public class KRAInstallerService extends SystemConfigService {
             CMS.debug(e);
             throw new PKIException("Errors in updating next serial number ranges in DB: " + e);
         }
+
+        super.finalizeConfiguration(request, response);
     }
 }
diff --git a/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java b/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java
index 4b0fe0d2a..8a7838c34 100644
--- a/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java
+++ b/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java
@@ -24,6 +24,7 @@ import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.PKIException;
 import com.netscape.certsrv.ocsp.IOCSPAuthority;
 import com.netscape.certsrv.system.ConfigurationRequest;
+import com.netscape.certsrv.system.ConfigurationResponse;
 import com.netscape.cms.servlet.csadmin.ConfigurationUtils;
 
 /**
@@ -38,9 +39,7 @@ public class OCSPInstallerService extends SystemConfigService {
     }
 
     @Override
-    public void finalizeConfiguration(ConfigurationRequest request) {
-
-        super.finalizeConfiguration(request);
+    public void finalizeConfiguration(ConfigurationRequest request, ConfigurationResponse response) {
 
         try {
             String ca_host = cs.getString("preop.ca.hostname", "");
@@ -75,6 +74,8 @@ public class OCSPInstallerService extends SystemConfigService {
             CMS.debug(e);
             throw new PKIException("Errors in configuring CA publishing to OCSP: " + e);
         }
+
+        super.finalizeConfiguration(request, response);
     }
 
     private void configureCloneRefresh(ConfigurationRequest request) {
diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
index f9415f520..2b8e109a0 100644
--- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
+++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
@@ -29,6 +29,7 @@ import java.util.Collection;
 import java.util.Random;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.Request;
@@ -223,28 +224,22 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
         CMS.debug("=== Finalization ===");
         setupSecurityDomain(data);
         setupDBUser(data);
-        finalizeConfiguration(data);
 
-        cs.putInteger("cs.state", 1);
+        HttpSession session = servletRequest.getSession(true);
+        session.setAttribute("request", data);
+        session.setAttribute("response", response);
+    }
 
-        // update serial numbers for clones
+    @Override
+    public ConfigurationResponse finalizeConfiguration() {
 
-        // save some variables, remove remaining preops
-        try {
-            ConfigurationUtils.removePreopConfigEntries();
-        } catch (EBaseException e) {
-            CMS.debug(e);
-            throw new PKIException("Errors when removing preop config entries: " + e, e);
-        }
+        HttpSession session = servletRequest.getSession();
+        ConfigurationRequest request = (ConfigurationRequest)session.getAttribute("request");
+        ConfigurationResponse response = (ConfigurationResponse)session.getAttribute("response");
 
-        // Create an empty file that designates the fact that although
-        // this server instance has been configured, it has NOT yet
-        // been restarted!
-        String restart_server = instanceRoot + "/conf/" + RESTART_SERVER_AFTER_CONFIGURATION;
-        Utils.exec("touch " + restart_server);
-        Utils.exec("chmod 00660 " + restart_server);
+        finalizeConfiguration(request, response);
 
-        response.setStatus(SUCCESS);
+        return response;
     }
 
     private void setupDBUser(ConfigurationRequest data) {
@@ -605,7 +600,28 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
         }
     }
 
-    public void finalizeConfiguration(ConfigurationRequest request) {
+    public void finalizeConfiguration(ConfigurationRequest request, ConfigurationResponse response) {
+
+        cs.putInteger("cs.state", 1);
+
+        // update serial numbers for clones
+
+        // save some variables, remove remaining preops
+        try {
+            ConfigurationUtils.removePreopConfigEntries();
+        } catch (EBaseException e) {
+            CMS.debug(e);
+            throw new PKIException("Errors when removing preop config entries: " + e, e);
+        }
+
+        // Create an empty file that designates the fact that although
+        // this server instance has been configured, it has NOT yet
+        // been restarted!
+        String restart_server = instanceRoot + "/conf/" + RESTART_SERVER_AFTER_CONFIGURATION;
+        Utils.exec("touch " + restart_server);
+        Utils.exec("chmod 00660 " + restart_server);
+
+        response.setStatus(SUCCESS);
     }
 
     public void configureAdministrator(ConfigurationRequest data, ConfigurationResponse response) {
diff --git a/base/server/python/pki/server/deployment/pkihelper.py b/base/server/python/pki/server/deployment/pkihelper.py
index ad9a88e63..f4bc518b9 100644
--- a/base/server/python/pki/server/deployment/pkihelper.py
+++ b/base/server/python/pki/server/deployment/pkihelper.py
@@ -3817,7 +3817,8 @@ class ConfigClient:
 
         try:
             client = pki.system.SystemConfigClient(connection)
-            response = client.configure(data)
+            client.configure(data)
+            response = client.finalize()
 
             config.pki_log.debug(
                 log.PKI_CONFIG_RESPONSE_STATUS + " " + str(response['status']),
diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java b/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java
index fe4e12446..3999949c9 100644
--- a/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java
+++ b/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java
@@ -29,6 +29,7 @@ import com.netscape.certsrv.base.BadRequestException;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.PKIException;
 import com.netscape.certsrv.system.ConfigurationRequest;
+import com.netscape.certsrv.system.ConfigurationResponse;
 import com.netscape.certsrv.system.SystemCertData;
 import com.netscape.cms.servlet.csadmin.ConfigurationUtils;
 
@@ -112,9 +113,7 @@ public class TPSInstallerService extends SystemConfigService  {
     }
 
     @Override
-    public void finalizeConfiguration(ConfigurationRequest request) {
-
-        super.finalizeConfiguration(request);
+    public void finalizeConfiguration(ConfigurationRequest request, ConfigurationResponse response) {
 
         try {
             ConfigurationUtils.addProfilesToTPSUser(request.getAdminUID());
@@ -149,5 +148,7 @@ public class TPSInstallerService extends SystemConfigService  {
             CMS.debug(e);
             throw new PKIException("Errors in registering TPS to CA, TKS or KRA: " + e);
         }
+
+        super.finalizeConfiguration(request, response);
     }
 }