Added new link for resteasy dependency

Resteasy 3.0.1 uses apache-commons-io.  Also fixed PKIErrorInterceptor
with correct method call and reformatted the interceptors.

8 files changed, 28 insertions, 16 deletions

diff --git a/base/common/src/com/netscape/certsrv/client/PKIErrorInterceptor.java b/base/common/src/com/netscape/certsrv/client/PKIErrorInterceptor.java
index 7d20bab86..965b37470 100644
--- a/base/common/src/com/netscape/certsrv/client/PKIErrorInterceptor.java
+++ b/base/common/src/com/netscape/certsrv/client/PKIErrorInterceptor.java
@@ -34,7 +34,7 @@ public class PKIErrorInterceptor implements ClientErrorInterceptor {
         if (code < 400)
             return;
 
-        MultivaluedMap<String, String> headers = response.getStringHeaders();
+        MultivaluedMap<String, String> headers = response.getResponseHeaders();
         String contentType = headers.getFirst("Content-Type");
 
         // handle XML content only
diff --git a/base/common/src/com/netscape/cms/authorization/ACLInterceptor.java b/base/common/src/com/netscape/cms/authorization/ACLInterceptor.java
index 590f548f7..1a3a09752 100644
--- a/base/common/src/com/netscape/cms/authorization/ACLInterceptor.java
+++ b/base/common/src/com/netscape/cms/authorization/ACLInterceptor.java
@@ -43,7 +43,6 @@ import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.ForbiddenException;
 import com.netscape.cmscore.realm.PKIPrincipal;
 
-
 /**
  * @author Endi S. Dewata
  */
@@ -60,7 +59,8 @@ public class ACLInterceptor implements ContainerRequestFilter {
 
     public synchronized void loadAuthProperties() throws IOException {
 
-        if (authProperties != null) return;
+        if (authProperties != null)
+            return;
 
         URL url = servletContext.getResource("/WEB-INF/auth.properties");
         authProperties = new Properties();
@@ -69,7 +69,8 @@ public class ACLInterceptor implements ContainerRequestFilter {
 
     @Override
     public void filter(ContainerRequestContext requestContext) throws IOException {
-        ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) requestContext.getProperty("org.jboss.resteasy.core.ResourceMethodInvoker");
+        ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) requestContext
+                .getProperty("org.jboss.resteasy.core.ResourceMethodInvoker");
         Method method = methodInvoker.getMethod();
 
         ACLMapping aclMapping = method.getAnnotation(ACLMapping.class);
@@ -100,7 +101,7 @@ public class ACLInterceptor implements ContainerRequestFilter {
             throw new ForbiddenException("Invalid user principal.");
         }
 
-        PKIPrincipal pkiPrincipal = (PKIPrincipal)principal;
+        PKIPrincipal pkiPrincipal = (PKIPrincipal) principal;
         IAuthToken authToken = pkiPrincipal.getAuthToken();
 
         // If missing auth token, reject request.
@@ -147,7 +148,7 @@ public class ACLInterceptor implements ContainerRequestFilter {
             CMS.debug("ACLInterceptor: " + e.getMessage());
             throw new ForbiddenException(e.toString());
 
-        } catch (IOException|EBaseException e) {
+        } catch (IOException | EBaseException e) {
             e.printStackTrace();
             throw new Failure(e);
         }
diff --git a/base/common/src/com/netscape/cms/authorization/AuthMethodInterceptor.java b/base/common/src/com/netscape/cms/authorization/AuthMethodInterceptor.java
index 527b9f685..257e0ae81 100644
--- a/base/common/src/com/netscape/cms/authorization/AuthMethodInterceptor.java
+++ b/base/common/src/com/netscape/cms/authorization/AuthMethodInterceptor.java
@@ -42,7 +42,6 @@ import com.netscape.certsrv.authentication.IAuthToken;
 import com.netscape.certsrv.base.ForbiddenException;
 import com.netscape.cmscore.realm.PKIPrincipal;
 
-
 /**
  * @author Endi S. Dewata
  */
@@ -59,7 +58,8 @@ public class AuthMethodInterceptor implements ContainerRequestFilter {
 
     public synchronized void loadAuthProperties() throws IOException {
 
-        if (authProperties != null) return;
+        if (authProperties != null)
+            return;
 
         authProperties = new Properties();
 
@@ -79,11 +79,12 @@ public class AuthMethodInterceptor implements ContainerRequestFilter {
 
     @Override
     public void filter(ContainerRequestContext requestContext) throws IOException {
-        ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) requestContext.getProperty("org.jboss.resteasy.core.ResourceMethodInvoker");
+        ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) requestContext
+                .getProperty("org.jboss.resteasy.core.ResourceMethodInvoker");
         Method method = methodInvoker.getMethod();
         Class<?> clazz = methodInvoker.getResourceClass();
 
-        CMS.debug("AuthMethodInterceptor: "+clazz.getSimpleName()+"."+method.getName()+"()");
+        CMS.debug("AuthMethodInterceptor: " + clazz.getSimpleName() + "." + method.getName() + "()");
 
         // Get authentication mapping for the method.
         AuthMethodMapping authMapping = method.getAnnotation(AuthMethodMapping.class);
@@ -102,7 +103,7 @@ public class AuthMethodInterceptor implements ContainerRequestFilter {
             name = authMapping.value();
         }
 
-        CMS.debug("AuthMethodInterceptor: mapping name: "+name);
+        CMS.debug("AuthMethodInterceptor: mapping name: " + name);
 
         try {
             loadAuthProperties();
@@ -115,7 +116,7 @@ public class AuthMethodInterceptor implements ContainerRequestFilter {
                 }
             }
 
-            CMS.debug("AuthMethodInterceptor: required auth methods: "+authMethods);
+            CMS.debug("AuthMethodInterceptor: required auth methods: " + authMethods);
 
             Principal principal = securityContext.getUserPrincipal();
 
@@ -135,7 +136,7 @@ public class AuthMethodInterceptor implements ContainerRequestFilter {
                 throw new ForbiddenException("Unknown user principal");
             }
 
-            PKIPrincipal pkiPrincipal = (PKIPrincipal)principal;
+            PKIPrincipal pkiPrincipal = (PKIPrincipal) principal;
             IAuthToken authToken = pkiPrincipal.getAuthToken();
 
             // If missing auth token, reject request.
@@ -144,8 +145,8 @@ public class AuthMethodInterceptor implements ContainerRequestFilter {
                 throw new ForbiddenException("Missing authentication token.");
             }
 
-            String authManager = (String)authToken.get(AuthToken.TOKEN_AUTHMGR_INST_NAME);
-            CMS.debug("AuthMethodInterceptor: authentication manager: "+authManager);
+            String authManager = (String) authToken.get(AuthToken.TOKEN_AUTHMGR_INST_NAME);
+            CMS.debug("AuthMethodInterceptor: authentication manager: " + authManager);
 
             if (authManager == null) {
                 CMS.debug("AuthMethodInterceptor: missing authentication manager");
@@ -153,7 +154,7 @@ public class AuthMethodInterceptor implements ContainerRequestFilter {
             }
 
             if (authMethods.isEmpty() || authMethods.contains(authManager) || authMethods.contains("*")) {
-                CMS.debug("AuthMethodInterceptor: "+authManager+" allowed");
+                CMS.debug("AuthMethodInterceptor: " + authManager + " allowed");
                 return;
             }
 
diff --git a/base/java-tools/pki b/base/java-tools/pki
index b7d9bfe26..582162010 100755
--- a/base/java-tools/pki
+++ b/base/java-tools/pki
@@ -80,6 +80,7 @@ $ENV{CLASSPATH} = "/usr/share/java/${PRODUCT}/pki-certsrv.jar:"
                 . "/usr/share/java/${PRODUCT}/pki-tools.jar:"
                 . "/usr/share/java/apache-commons-cli.jar:"
                 . "/usr/share/java/apache-commons-codec.jar:"
+                . "/usr/share/java/apache-commons-io.jar:"
                 . "/usr/share/java/apache-commons-lang.jar:"
                 . "/usr/share/java/apache-commons-logging.jar:"
                 . "/usr/share/java/commons-httpclient.jar:"
diff --git a/base/server/etc/default.cfg b/base/server/etc/default.cfg
index 641ed7881..d8ca7fe1f 100644
--- a/base/server/etc/default.cfg
+++ b/base/server/etc/default.cfg
@@ -278,6 +278,7 @@ pki_nsutil_jar_link=%(pki_tomcat_webapps_subsystem_webinf_lib_path)s/pki-nsutil.
 pki_jss_jar=%(jni_jar_dir)s/jss4.jar
 pki_symkey_jar=%(jni_jar_dir)s/symkey.jar
 pki_apache_commons_collections_jar=/usr/share/java/apache-commons-collections.jar
+pki_apache_commons_io_jar=/usr/share/java/apache-commons-io.jar
 pki_apache_commons_lang_jar=/usr/share/java/apache-commons-lang.jar
 pki_apache_commons_logging_jar=/usr/share/java/apache-commons-logging.jar
 pki_commons_codec_jar=/usr/share/java/commons-codec.jar
@@ -307,6 +308,7 @@ pki_xml_commons_resolver_jar=/usr/share/java/xml-commons-resolver.jar
 pki_jss_jar_link=%(pki_tomcat_common_lib_path)s/jss4.jar
 pki_symkey_jar_link=%(pki_tomcat_common_lib_path)s/symkey.jar
 pki_apache_commons_collections_jar_link=%(pki_tomcat_common_lib_path)s/apache-commons-collections.jar
+pki_apache_commons_io_jar_link=%(pki_tomcat_common_lib_path)s/apache-commons-io.jar
 pki_apache_commons_lang_jar_link=%(pki_tomcat_common_lib_path)s/apache-commons-lang.jar
 pki_apache_commons_logging_jar_link=%(pki_tomcat_common_lib_path)s/apache-commons-logging.jar
 pki_commons_codec_jar_link=%(pki_tomcat_common_lib_path)s/apache-commons-codec.jar
diff --git a/base/server/python/pki/server/deployment/scriptlets/instance_layout.py b/base/server/python/pki/server/deployment/scriptlets/instance_layout.py
index 081d64029..6ca9a374d 100644
--- a/base/server/python/pki/server/deployment/scriptlets/instance_layout.py
+++ b/base/server/python/pki/server/deployment/scriptlets/instance_layout.py
@@ -86,6 +86,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
             # establish Tomcat instance common lib jar symbolic links
             deployer.symlink.create(deployer.master_dict['pki_apache_commons_collections_jar'],
                 deployer.master_dict['pki_apache_commons_collections_jar_link'])
+            deployer.symlink.create(deployer.master_dict['pki_apache_commons_io_jar'],
+                deployer.master_dict['pki_apache_commons_io_jar_link'])
             deployer.symlink.create(deployer.master_dict['pki_apache_commons_lang_jar'],
                 deployer.master_dict['pki_apache_commons_lang_jar_link'])
             deployer.symlink.create(deployer.master_dict['pki_apache_commons_logging_jar'],
diff --git a/base/server/scripts/operations b/base/server/scripts/operations
index 1537e3461..6d5ee1476 100644
--- a/base/server/scripts/operations
+++ b/base/server/scripts/operations
@@ -1141,6 +1141,7 @@ verify_symlinks()
     common_jar_symlinks=(
         [apache-commons-codec.jar]=${java_dir}/commons-codec.jar
         [apache-commons-collections.jar]=${java_dir}/apache-commons-collections.jar
+        [apache-commons-io.jar]=${java_dir}/apache-commons-io.jar
         [apache-commons-lang.jar]=${java_dir}/apache-commons-lang.jar
         [apache-commons-logging.jar]=${java_dir}/apache-commons-logging.jar
         [httpclient.jar]=${java_dir}/httpcomponents/httpclient.jar
diff --git a/base/server/share/conf/pki.policy b/base/server/share/conf/pki.policy
index 52e3d7fe1..df9157e70 100644
--- a/base/server/share/conf/pki.policy
+++ b/base/server/share/conf/pki.policy
@@ -46,6 +46,10 @@ grant codeBase "file:/usr/share/java/apache-commons-collections.jar" {
         permission java.security.AllPermission;
 };
 
+grant codeBase "file:/usr/share/java/apache-commons-io.jar" {
+        permission java.security.AllPermission;
+};
+
 grant codeBase "file:/usr/share/java/apache-commons-lang.jar" {
         permission java.security.AllPermission;
 };