summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-07-19 01:51:50 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-07-30 11:21:45 -0500
commitc4636a5b56bd3e0f18fb3afd0b930729d58ce1f6 (patch)
tree57452b5a630dc4c3deda724f992180e7ba4cafeb
parent70681bc83ccc25639da1b87940661b2649044629 (diff)
downloadpki-c4636a5b56bd3e0f18fb3afd0b930729d58ce1f6.tar.gz
pki-c4636a5b56bd3e0f18fb3afd0b930729d58ce1f6.tar.xz
pki-c4636a5b56bd3e0f18fb3afd0b930729d58ce1f6.zip
Added ClientConfig.
A new ClientConfig class has been added to encapsulate client configuration parameters. These parameters include server URI, certificate database, certificate nickname, and password. Ticket #107
-rw-r--r--base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java14
-rw-r--r--base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java8
-rw-r--r--base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java7
-rw-r--r--base/common/src/com/netscape/cms/client/cert/CertCLI.java7
-rw-r--r--base/common/src/com/netscape/cms/client/cert/CertFindCLI.java23
-rw-r--r--base/common/src/com/netscape/cms/client/cert/CertRestClient.java16
-rw-r--r--base/common/src/com/netscape/cms/client/cert/CertShowCLI.java3
-rw-r--r--base/common/src/com/netscape/cms/client/cli/ClientConfig.java173
-rw-r--r--base/common/src/com/netscape/cms/client/cli/MainCLI.java273
-rw-r--r--base/common/src/com/netscape/cms/client/group/GroupCLI.java7
-rw-r--r--base/common/src/com/netscape/cms/client/group/GroupRestClient.java9
-rw-r--r--base/common/src/com/netscape/cms/client/group/GroupShowCLI.java3
-rw-r--r--base/common/src/com/netscape/cms/client/group/GroupShowMemberCLI.java3
-rw-r--r--base/common/src/com/netscape/cms/client/user/UserCLI.java7
-rw-r--r--base/common/src/com/netscape/cms/client/user/UserRestClient.java9
-rw-r--r--base/common/src/com/netscape/cms/client/user/UserShowCLI.java3
-rw-r--r--base/common/src/com/netscape/cms/client/user/UserShowCertCLI.java3
-rw-r--r--base/common/src/com/netscape/cms/servlet/csadmin/CMSRestClient.java28
-rw-r--r--base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationRESTClient.java9
-rw-r--r--base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java10
-rw-r--r--base/deploy/src/scriptlets/configuration.jy10
-rw-r--r--base/deploy/src/scriptlets/pkijython.py6
-rw-r--r--base/deploy/src/scriptlets/pkiparser.py2
-rw-r--r--base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java13
-rw-r--r--base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java9
25 files changed, 427 insertions, 228 deletions
diff --git a/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java b/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java
index ffd3330cf..24ce21277 100644
--- a/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java
+++ b/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java
@@ -20,10 +20,9 @@ package com.netscape.cms.servlet.test;
import java.net.URISyntaxException;
import java.util.Collection;
-import org.jboss.resteasy.client.ProxyFactory;
-
import com.netscape.certsrv.dbs.certdb.CertId;
import com.netscape.certsrv.request.RequestId;
+import com.netscape.cms.client.cli.ClientConfig;
import com.netscape.cms.servlet.cert.CertResource;
import com.netscape.cms.servlet.cert.model.CertDataInfos;
import com.netscape.cms.servlet.cert.model.CertSearchData;
@@ -44,11 +43,12 @@ public class CARestClient extends CMSRestClient {
private CertRequestResource certRequestClient;
private ProfileResource profileClient;
- public CARestClient(String baseUri, String clientCertNick) throws URISyntaxException {
- super(baseUri, clientCertNick);
- certRequestClient = ProxyFactory.create(CertRequestResource.class, uri, executor, providerFactory);
- certClient = ProxyFactory.create(CertResource.class, uri, executor, providerFactory);
- profileClient = ProxyFactory.create(ProfileResource.class, uri, executor, providerFactory);
+ public CARestClient(ClientConfig config) throws URISyntaxException {
+ super(config);
+
+ certRequestClient = createProxy(CertRequestResource.class);
+ certClient = createProxy(CertResource.class);
+ profileClient = createProxy(ProfileResource.class);
}
public Collection<CertRequestInfo> listRequests(String requestState, String requestType) {
diff --git a/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java b/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java
index 807d014c4..8fa4b9bb4 100644
--- a/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java
+++ b/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java
@@ -35,6 +35,7 @@ import org.mozilla.jss.util.Password;
import com.netscape.certsrv.dbs.certdb.CertId;
import com.netscape.certsrv.request.RequestId;
+import com.netscape.cms.client.cli.ClientConfig;
import com.netscape.cms.servlet.cert.CertNotFoundException;
import com.netscape.cms.servlet.cert.model.CertDataInfo;
import com.netscape.cms.servlet.cert.model.CertDataInfos;
@@ -147,10 +148,13 @@ public class CATest {
log("Exception in logging into token:" + e.toString());
}
- String baseUri = protocol + "://" + host + ":" + port + "/ca/pki";
CARestClient client;
try {
- client = new CARestClient(baseUri, clientCertNickname);
+ ClientConfig config = new ClientConfig();
+ config.setServerURI(protocol + "://" + host + ":" + port + "/ca");
+ config.setCertNickname(clientCertNickname);
+
+ client = new CARestClient(config);
} catch (Exception e) {
e.printStackTrace();
return;
diff --git a/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java b/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java
index 4ac322d63..67b67fca0 100644
--- a/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java
+++ b/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java
@@ -56,6 +56,7 @@ import org.mozilla.jss.pkix.primitive.Name;
import org.mozilla.jss.pkix.primitive.SubjectPublicKeyInfo;
import org.mozilla.jss.util.Password;
+import com.netscape.cms.client.cli.ClientConfig;
import com.netscape.cms.servlet.csadmin.ConfigurationRESTClient;
import com.netscape.cms.servlet.csadmin.model.CertData;
import com.netscape.cms.servlet.csadmin.model.ConfigurationData;
@@ -183,10 +184,12 @@ public class ConfigurationTest {
System.out.println("Exception in logging into token:" + e.toString());
}
- String baseUri = protocol + "://" + host + ":" + port + "/" + cstype + "/pki";
ConfigurationRESTClient client = null;
try {
- client = new ConfigurationRESTClient(baseUri, null);
+ ClientConfig config = new ClientConfig();
+ config.setServerURI(protocol + "://" + host + ":" + port + "/" + cstype);
+
+ client = new ConfigurationRESTClient(config);
} catch (URISyntaxException e1) {
e1.printStackTrace();
System.exit(1);
diff --git a/base/common/src/com/netscape/cms/client/cert/CertCLI.java b/base/common/src/com/netscape/cms/client/cert/CertCLI.java
index 9340752b9..70ad9021e 100644
--- a/base/common/src/com/netscape/cms/client/cert/CertCLI.java
+++ b/base/common/src/com/netscape/cms/client/cert/CertCLI.java
@@ -75,9 +75,14 @@ public class CertCLI extends CLI {
public void execute(String[] args) throws Exception {
- client = new CertRestClient(parent.url + "/pki", parent.certNickname);
+ client = new CertRestClient(parent.config);
client.setVerbose(verbose);
+ if (args.length == 0) {
+ printHelp();
+ System.exit(1);
+ }
+
String command = args[0];
String[] commandArgs = Arrays.copyOfRange(args, 1, args.length);
diff --git a/base/common/src/com/netscape/cms/client/cert/CertFindCLI.java b/base/common/src/com/netscape/cms/client/cert/CertFindCLI.java
index 32457d6df..921419733 100644
--- a/base/common/src/com/netscape/cms/client/cert/CertFindCLI.java
+++ b/base/common/src/com/netscape/cms/client/cert/CertFindCLI.java
@@ -18,11 +18,13 @@
package com.netscape.cms.client.cert;
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
import com.netscape.cms.client.cli.CLI;
import com.netscape.cms.client.cli.MainCLI;
import com.netscape.cms.servlet.cert.model.CertDataInfo;
import com.netscape.cms.servlet.cert.model.CertDataInfos;
-import com.netscape.cms.servlet.cert.model.CertSearchData;
/**
* @author Endi S. Dewata
@@ -42,10 +44,23 @@ public class CertFindCLI extends CLI {
public void execute(String[] args) throws Exception {
- CertSearchData searchData = new CertSearchData();
- searchData.setSerialNumberRangeInUse(true);
+ Option option = new Option(null, "status", true, "Certificate status");
+ option.setArgName("status");
+ options.addOption(option);
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
- CertDataInfos certs = parent.client.findCerts(searchData);
+ String status = cmd.getOptionValue("status");
+ CertDataInfos certs = parent.client.findCerts(status);
MainCLI.printMessage(certs.getCertInfos().size() + " certificate(s) matched");
diff --git a/base/common/src/com/netscape/cms/client/cert/CertRestClient.java b/base/common/src/com/netscape/cms/client/cert/CertRestClient.java
index b83912fae..44249523f 100644
--- a/base/common/src/com/netscape/cms/client/cert/CertRestClient.java
+++ b/base/common/src/com/netscape/cms/client/cert/CertRestClient.java
@@ -21,10 +21,10 @@ import java.net.URISyntaxException;
import com.netscape.certsrv.dbs.certdb.CertId;
import com.netscape.certsrv.request.RequestId;
+import com.netscape.cms.client.cli.ClientConfig;
import com.netscape.cms.servlet.cert.CertResource;
import com.netscape.cms.servlet.cert.model.CertDataInfos;
import com.netscape.cms.servlet.cert.model.CertRevokeRequest;
-import com.netscape.cms.servlet.cert.model.CertSearchData;
import com.netscape.cms.servlet.cert.model.CertUnrevokeRequest;
import com.netscape.cms.servlet.cert.model.CertificateData;
import com.netscape.cms.servlet.csadmin.CMSRestClient;
@@ -42,12 +42,8 @@ public class CertRestClient extends CMSRestClient {
public CertResource certClient;
public CertRequestResource certRequestResource;
- public CertRestClient(String baseUri) throws URISyntaxException {
- this(baseUri, null);
- }
-
- public CertRestClient(String baseUri, String nickname) throws URISyntaxException {
- super(baseUri, nickname);
+ public CertRestClient(ClientConfig config) throws URISyntaxException {
+ super(config);
certClient = createProxy(CertResource.class);
certRequestResource = createProxy(CertRequestResource.class);
@@ -57,9 +53,9 @@ public class CertRestClient extends CMSRestClient {
return certClient.getCert(id);
}
- public CertDataInfos findCerts(CertSearchData searchData) {
- return certClient.searchCerts(
- searchData,
+ public CertDataInfos findCerts(String status) {
+ return certClient.listCerts(
+ status,
CertResource.DEFAULT_MAXRESULTS,
CertResource.DEFAULT_MAXTIME);
}
diff --git a/base/common/src/com/netscape/cms/client/cert/CertShowCLI.java b/base/common/src/com/netscape/cms/client/cert/CertShowCLI.java
index b050459c4..1389a0a42 100644
--- a/base/common/src/com/netscape/cms/client/cert/CertShowCLI.java
+++ b/base/common/src/com/netscape/cms/client/cert/CertShowCLI.java
@@ -26,6 +26,7 @@ import org.apache.commons.cli.Option;
import com.netscape.certsrv.dbs.certdb.CertId;
import com.netscape.cms.client.cli.CLI;
+import com.netscape.cms.client.cli.MainCLI;
import com.netscape.cms.servlet.cert.model.CertificateData;
/**
@@ -87,6 +88,8 @@ public class CertShowCLI extends CLI {
out.close();
}
+ MainCLI.printMessage("Certificate \"" + certID.toHexString() + "\"");
+
CertCLI.printCertData(certData, showPrettyPrint, showEncoded);
}
}
diff --git a/base/common/src/com/netscape/cms/client/cli/ClientConfig.java b/base/common/src/com/netscape/cms/client/cli/ClientConfig.java
new file mode 100644
index 000000000..bad8ba626
--- /dev/null
+++ b/base/common/src/com/netscape/cms/client/cli/ClientConfig.java
@@ -0,0 +1,173 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cms.client.cli;
+
+import java.io.StringReader;
+import java.io.StringWriter;
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Marshaller;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+
+/**
+ * @author Endi S. Dewata
+ */
+@XmlRootElement(name="Client")
+public class ClientConfig {
+
+ public static Marshaller marshaller;
+ public static Unmarshaller unmarshaller;
+
+ static {
+ try {
+ marshaller = JAXBContext.newInstance(ClientConfig.class).createMarshaller();
+ marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+ unmarshaller = JAXBContext.newInstance(ClientConfig.class).createUnmarshaller();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ URI serverURI;
+
+ String certDatabase;
+ String certNickname;
+ String password;
+
+ @XmlElement(name="ServerURI")
+ public URI getServerURI() {
+ return serverURI;
+ }
+
+ public void setServerURI(String serverUri) throws URISyntaxException {
+ this.serverURI = new URI(serverUri);
+ }
+
+ public void setServerURI(URI serverUri) {
+ this.serverURI = serverUri;
+ }
+
+ @XmlElement(name="CertDatabase")
+ public String getCertDatabase() {
+ return certDatabase;
+ }
+
+ public void setCertDatabase(String certDatabase) {
+ this.certDatabase = certDatabase;
+ }
+
+ @XmlElement(name="CertNickname")
+ public String getCertNickname() {
+ return certNickname;
+ }
+
+ public void setCertNickname(String certNickname) {
+ this.certNickname = certNickname;
+ }
+
+ @XmlElement(name="Password")
+ public String getPassword() {
+ return password;
+ }
+
+ public void setPassword(String password) {
+ this.password = password;
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((certDatabase == null) ? 0 : certDatabase.hashCode());
+ result = prime * result + ((certNickname == null) ? 0 : certNickname.hashCode());
+ result = prime * result + ((password == null) ? 0 : password.hashCode());
+ result = prime * result + ((serverURI == null) ? 0 : serverURI.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ ClientConfig other = (ClientConfig) obj;
+ if (certDatabase == null) {
+ if (other.certDatabase != null)
+ return false;
+ } else if (!certDatabase.equals(other.certDatabase))
+ return false;
+ if (certNickname == null) {
+ if (other.certNickname != null)
+ return false;
+ } else if (!certNickname.equals(other.certNickname))
+ return false;
+ if (password == null) {
+ if (other.password != null)
+ return false;
+ } else if (!password.equals(other.password))
+ return false;
+ if (serverURI == null) {
+ if (other.serverURI != null)
+ return false;
+ } else if (!serverURI.equals(other.serverURI))
+ return false;
+ return true;
+ }
+
+ public String toString() {
+ try {
+ StringWriter sw = new StringWriter();
+ marshaller.marshal(this, sw);
+ return sw.toString();
+
+ } catch (Exception e) {
+ return super.toString();
+ }
+ }
+
+ public static ClientConfig valueOf(String string) throws Exception {
+ try {
+ return (ClientConfig)unmarshaller.unmarshal(new StringReader(string));
+ } catch (Exception e) {
+ return null;
+ }
+ }
+
+ public static void main(String args[]) throws Exception {
+
+ ClientConfig before = new ClientConfig();
+ before.setServerURI("http://localhost:9180/ca");
+ before.setCertDatabase("certs");
+ before.setCertNickname("caadmin");
+ before.setPassword("12345");
+
+ String string = before.toString();
+ System.out.println(string);
+
+ ClientConfig after = ClientConfig.valueOf(string);
+ System.out.println(before.equals(after));
+ }
+}
diff --git a/base/common/src/com/netscape/cms/client/cli/MainCLI.java b/base/common/src/com/netscape/cms/client/cli/MainCLI.java
index 55cac0b64..0367cbbfd 100644
--- a/base/common/src/com/netscape/cms/client/cli/MainCLI.java
+++ b/base/common/src/com/netscape/cms/client/cli/MainCLI.java
@@ -18,12 +18,16 @@
package com.netscape.cms.client.cli;
+import java.io.File;
+import java.net.URISyntaxException;
+
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.Option;
+import org.apache.commons.cli.Options;
import org.apache.commons.lang.StringUtils;
import org.mozilla.jss.CryptoManager;
-import org.mozilla.jss.crypto.AlreadyInitializedException;
import org.mozilla.jss.crypto.CryptoToken;
+import org.mozilla.jss.util.IncorrectPasswordException;
import org.mozilla.jss.util.Password;
import com.netscape.cms.client.cert.CertCLI;
@@ -35,16 +39,7 @@ import com.netscape.cms.client.user.UserCLI;
*/
public class MainCLI extends CLI {
- public String protocol;
- public String hostname;
- public String port;
- public String type;
-
- public String certDBDirectory;
- public String certDBPassword;
- public String certNickname;
-
- public String url;
+ public ClientConfig config = new ClientConfig();
public MainCLI() throws Exception {
super("pki", "PKI command-line interface");
@@ -54,65 +49,9 @@ public class MainCLI extends CLI {
addModule(new UserCLI(this));
}
- public String getProtocol() {
- return protocol;
- }
-
- public void setProtocol(String protocol) {
- this.protocol = protocol;
- }
-
- public String getHostname() {
- return hostname;
- }
-
- public void setHostname(String hostname) {
- this.hostname = hostname;
- }
-
- public String getPort() {
- return port;
- }
-
- public void setPort(String port) {
- this.port = port;
- }
-
- public String getType() {
- return type;
- }
-
- public void setType(String type) {
- this.type = type;
- }
-
- public String getCertDBDirectory() {
- return certDBDirectory;
- }
-
- public void setCertDBDirectory(String certDBDirectory) {
- this.certDBDirectory = certDBDirectory;
- }
-
- public String getCertDBPassword() {
- return certDBPassword;
- }
-
- public void setCertDBPassword(String certDBPassword) {
- this.certDBPassword = certDBPassword;
- }
-
- public String getCertNickname() {
- return certNickname;
- }
-
- public void setCertNickname(String certNickname) {
- this.certNickname = certNickname;
- }
-
public void printHelp() {
- formatter.printHelp(getName()+" [OPTIONS..] <command> [ARGS..]", options);
+ formatter.printHelp(name+" [OPTIONS..] <command> [ARGS..]", options);
System.out.println();
System.out.println("Commands:");
@@ -138,10 +77,10 @@ public class MainCLI extends CLI {
plugin.printHelp();
}
- public void execute(String[] args) throws Exception {
+ public void createOptions(Options options) {
- Option option = new Option("U", true, "URL");
- option.setArgName("url");
+ Option option = new Option("U", true, "Server URI");
+ option.setArgName("uri");
options.addOption(option);
option = new Option("P", true, "Protocol (default: http)");
@@ -160,133 +99,163 @@ public class MainCLI extends CLI {
option.setArgName("type");
options.addOption(option);
- option = new Option("d", true, "Certificate database directory");
- option.setArgName("directory");
+ option = new Option("d", true, "Certificate database");
+ option.setArgName("database");
options.addOption(option);
- option = new Option("w", true, "Certificate database password");
- option.setArgName("password");
+ option = new Option("n", true, "Certificate nickname");
+ option.setArgName("nickname");
options.addOption(option);
- option = new Option("n", true, "Certificate nickname");
- option.setArgName("cert");
+ option = new Option("w", true, "Password");
+ option.setArgName("password");
options.addOption(option);
options.addOption("v", false, "Verbose");
options.addOption(null, "help", false, "Help");
+ }
- CommandLine cmd = null;
+ public void parseOptions(CommandLine cmd) throws URISyntaxException {
- try {
- cmd = parser.parse(options, args, true);
+ String uri = cmd.getOptionValue("U");
- } catch (Exception e) {
- System.err.println("Error: " + e.getMessage());
- printHelp();
- System.exit(1);
- }
+ String protocol = cmd.getOptionValue("P", "http");
+ String hostname = cmd.getOptionValue("h", "localhost");
+ String port = cmd.getOptionValue("p", "8080");
+ String type = cmd.getOptionValue("t", "ca");
- String[] cmdArgs = cmd.getArgs();
+ if (uri == null)
+ uri = protocol + "://" + hostname + ":" + port + "/" + type;
- if (cmd.hasOption("help") || cmdArgs.length == 0) {
- printHelp();
- System.exit(1);
- }
+ config.setServerURI(uri);
- verbose = cmd.hasOption("v");
+ String certDatabase = cmd.getOptionValue("d");
+ String certNickname = cmd.getOptionValue("n");
+ String password = cmd.getOptionValue("w");
- url = cmd.getOptionValue("U");
- protocol = cmd.getOptionValue("P", "http");
- hostname = cmd.getOptionValue("h", "localhost");
- port = cmd.getOptionValue("p", "9180");
- type = cmd.getOptionValue("t", "ca");
+ // convert into absolute path
+ if (certDatabase != null)
+ config.setCertDatabase(new File(certDatabase).getAbsolutePath());
- if (url == null) {
- url = protocol + "://" + hostname + ":" + port + "/" + type;
- }
+ if (certNickname != null)
+ config.setCertNickname(certNickname);
- if (verbose) System.out.println("Server URL: "+url);
+ if (password != null)
+ config.setPassword(password);
+ }
- certDBDirectory = cmd.getOptionValue("d");
- certDBPassword = cmd.getOptionValue("w");
- certNickname = cmd.getOptionValue("n");
+ public void execute(String[] args) throws Exception {
- if (certDBDirectory != null && certDBPassword != null) {
+ CLI module;
+ String[] moduleArgs;
- if (verbose) System.out.println("Certificate DB: "+certDBDirectory);
+ try {
+ createOptions(options);
+ CommandLine cmd;
try {
- CryptoManager.initialize(certDBDirectory);
- } catch (AlreadyInitializedException e) {
- // ignore
+ cmd = parser.parse(options, args, true);
+ } catch (Exception e) {
+ throw new Error(e.getMessage(), e);
}
- CryptoManager manager = CryptoManager.getInstance();
- CryptoToken token = manager.getInternalKeyStorageToken();
- Password password = new Password(certDBPassword.toCharArray());
+ String[] cmdArgs = cmd.getArgs();
- try {
- token.login(password);
- } catch (Exception e) {
- System.err.println("Error: " + e.getMessage());
- if (!token.isLoggedIn()) {
- token.initPassword(password, password);
- }
+ if (cmdArgs.length == 0 || cmd.hasOption("help")) {
+ printHelp();
+ System.exit(1);
}
- }
- if (verbose) {
- System.out.print("Command:");
- for (String arg : cmdArgs) {
- System.out.print(" "+arg);
+ verbose = cmd.hasOption("v");
+
+ if (verbose) {
+ System.out.print("Command:");
+ for (String arg : cmdArgs) {
+ if (arg.contains(" ")) arg = "\""+arg+"\"";
+ System.out.print(" "+arg);
+ }
+ System.out.println();
}
- System.out.println();
- }
- // command-line args: <command> [command args...]
- if (cmdArgs.length == 0) {
- printHelp();
- System.exit(1);
- }
+ parseOptions(cmd);
- String command = cmdArgs[0];
+ String command = cmdArgs[0];
+ String moduleName;
+ String moduleCommand;
- String moduleName;
- String moduleCommand;
+ // If a command contains a '-' sign it will be
+ // split into module name and module command.
+ // Otherwise it's a single command.
+ int i = command.indexOf('-');
+ if (i >= 0) { // <module name>-<module command>
+ moduleName = command.substring(0, i);
+ moduleCommand = command.substring(i+1);
- // parse command: <module name>-<module command>
- int i = command.indexOf('-');
- if (i >= 0) {
- moduleName = command.substring(0, i);
- moduleCommand = command.substring(i+1);
- } else {
- moduleName = command;
- moduleCommand = null;
- }
+ } else { // <command>
+ moduleName = command;
+ moduleCommand = null;
+ }
+
+ // get command module
+ module = getModule(moduleName);
+ if (module == null)
+ throw new Error("Invalid command \"" + command + "\".");
+
+ // prepare module arguments
+ if (moduleCommand != null) {
+ moduleArgs = new String[cmdArgs.length];
+ moduleArgs[0] = moduleCommand;
+ System.arraycopy(cmdArgs, 1, moduleArgs, 1, cmdArgs.length-1);
+
+ } else {
+ moduleArgs = new String[cmdArgs.length-1];
+ System.arraycopy(cmdArgs, 1, moduleArgs, 0, cmdArgs.length-1);
+ }
- // get command module
- CLI module = getModule(moduleName);
- if (module == null) {
- System.err.println("Error: Invalid command \"" + command + "\"");
+ } catch (Throwable t) {
+ if (verbose) {
+ t.printStackTrace(System.err);
+ } else {
+ System.err.println(t.getClass().getSimpleName()+": "+t.getMessage());
+ }
printHelp();
System.exit(1);
+ return;
}
- // prepare module arguments
- String[] moduleArgs = new String[cmdArgs.length];
- moduleArgs[0] = moduleCommand;
- System.arraycopy(cmdArgs, 1, moduleArgs, 1, cmdArgs.length-1);
-
// execute module command
try {
+ if (verbose) System.out.println("Server URI: "+config.getServerURI());
+
+ // initialize certificate database if specified
+ if (config.getCertDatabase() != null) {
+
+ if (verbose) System.out.println("Certificate database: "+config.getCertDatabase());
+ CryptoManager.initialize(config.getCertDatabase());
+
+ if (config.getPassword() != null) {
+ try {
+ CryptoManager manager = CryptoManager.getInstance();
+ CryptoToken token = manager.getInternalKeyStorageToken();
+ Password password = new Password(config.getPassword().toCharArray());
+ token.login(password);
+
+ } catch (IncorrectPasswordException e) {
+ throw new Error("Incorrect certificate database password.", e);
+ }
+ }
+ }
+
+ // execute module command
module.execute(moduleArgs);
} catch (Throwable t) {
if (verbose) {
- t.printStackTrace();
+ t.printStackTrace(System.err);
} else {
System.err.println(t.getClass().getSimpleName()+": "+t.getMessage());
}
+ System.exit(1);
}
}
diff --git a/base/common/src/com/netscape/cms/client/group/GroupCLI.java b/base/common/src/com/netscape/cms/client/group/GroupCLI.java
index 7ea449426..fefc1b0c9 100644
--- a/base/common/src/com/netscape/cms/client/group/GroupCLI.java
+++ b/base/common/src/com/netscape/cms/client/group/GroupCLI.java
@@ -74,9 +74,14 @@ public class GroupCLI extends CLI {
public void execute(String[] args) throws Exception {
- client = new GroupRestClient(parent.url + "/pki", parent.certNickname);
+ client = new GroupRestClient(parent.config);
client.setVerbose(verbose);
+ if (args.length == 0) {
+ printHelp();
+ System.exit(1);
+ }
+
String command = args[0];
String[] commandArgs = Arrays.copyOfRange(args, 1, args.length);
diff --git a/base/common/src/com/netscape/cms/client/group/GroupRestClient.java b/base/common/src/com/netscape/cms/client/group/GroupRestClient.java
index 54b31fef6..1b98035ea 100644
--- a/base/common/src/com/netscape/cms/client/group/GroupRestClient.java
+++ b/base/common/src/com/netscape/cms/client/group/GroupRestClient.java
@@ -27,6 +27,7 @@ import com.netscape.certsrv.group.GroupMemberCollection;
import com.netscape.certsrv.group.GroupMemberData;
import com.netscape.certsrv.group.GroupMemberResource;
import com.netscape.certsrv.group.GroupResource;
+import com.netscape.cms.client.cli.ClientConfig;
import com.netscape.cms.servlet.csadmin.CMSRestClient;
/**
@@ -37,12 +38,8 @@ public class GroupRestClient extends CMSRestClient {
public GroupResource groupClient;
public GroupMemberResource groupMemberClient;
- public GroupRestClient(String baseUri) throws URISyntaxException {
- this(baseUri, null);
- }
-
- public GroupRestClient(String baseUri, String nickname) throws URISyntaxException {
- super(baseUri, nickname);
+ public GroupRestClient(ClientConfig config) throws URISyntaxException {
+ super(config);
groupClient = createProxy(GroupResource.class);
groupMemberClient = createProxy(GroupMemberResource.class);
diff --git a/base/common/src/com/netscape/cms/client/group/GroupShowCLI.java b/base/common/src/com/netscape/cms/client/group/GroupShowCLI.java
index 59a4a07de..3e24f3e5d 100644
--- a/base/common/src/com/netscape/cms/client/group/GroupShowCLI.java
+++ b/base/common/src/com/netscape/cms/client/group/GroupShowCLI.java
@@ -20,6 +20,7 @@ package com.netscape.cms.client.group;
import com.netscape.certsrv.group.GroupData;
import com.netscape.cms.client.cli.CLI;
+import com.netscape.cms.client.cli.MainCLI;
/**
* @author Endi S. Dewata
@@ -48,6 +49,8 @@ public class GroupShowCLI extends CLI {
GroupData groupData = parent.client.getGroup(groupID);
+ MainCLI.printMessage("Group \""+groupID+"\"");
+
GroupCLI.printGroup(groupData);
}
}
diff --git a/base/common/src/com/netscape/cms/client/group/GroupShowMemberCLI.java b/base/common/src/com/netscape/cms/client/group/GroupShowMemberCLI.java
index 7490799bd..9d828416f 100644
--- a/base/common/src/com/netscape/cms/client/group/GroupShowMemberCLI.java
+++ b/base/common/src/com/netscape/cms/client/group/GroupShowMemberCLI.java
@@ -20,6 +20,7 @@ package com.netscape.cms.client.group;
import com.netscape.certsrv.group.GroupMemberData;
import com.netscape.cms.client.cli.CLI;
+import com.netscape.cms.client.cli.MainCLI;
/**
* @author Endi S. Dewata
@@ -49,6 +50,8 @@ public class GroupShowMemberCLI extends CLI {
GroupMemberData groupMemberData = parent.client.getGroupMember(groupID, memberID);
+ MainCLI.printMessage("Group member \""+memberID+"\"");
+
GroupCLI.printGroupMember(groupMemberData);
}
}
diff --git a/base/common/src/com/netscape/cms/client/user/UserCLI.java b/base/common/src/com/netscape/cms/client/user/UserCLI.java
index 0e18d0692..a5104135b 100644
--- a/base/common/src/com/netscape/cms/client/user/UserCLI.java
+++ b/base/common/src/com/netscape/cms/client/user/UserCLI.java
@@ -75,9 +75,14 @@ public class UserCLI extends CLI {
public void execute(String[] args) throws Exception {
- client = new UserRestClient(parent.url + "/pki", parent.certNickname);
+ client = new UserRestClient(parent.config);
client.setVerbose(verbose);
+ if (args.length == 0) {
+ printHelp();
+ System.exit(1);
+ }
+
String command = args[0];
String[] commandArgs = Arrays.copyOfRange(args, 1, args.length);
diff --git a/base/common/src/com/netscape/cms/client/user/UserRestClient.java b/base/common/src/com/netscape/cms/client/user/UserRestClient.java
index 8bbdefe26..54c1e3fa1 100644
--- a/base/common/src/com/netscape/cms/client/user/UserRestClient.java
+++ b/base/common/src/com/netscape/cms/client/user/UserRestClient.java
@@ -27,6 +27,7 @@ import com.netscape.certsrv.user.UserCertResource;
import com.netscape.certsrv.user.UserCollection;
import com.netscape.certsrv.user.UserData;
import com.netscape.certsrv.user.UserResource;
+import com.netscape.cms.client.cli.ClientConfig;
import com.netscape.cms.servlet.csadmin.CMSRestClient;
/**
@@ -37,12 +38,8 @@ public class UserRestClient extends CMSRestClient {
public UserResource userClient;
public UserCertResource userCertClient;
- public UserRestClient(String baseUri) throws URISyntaxException {
- this(baseUri, null);
- }
-
- public UserRestClient(String baseUri, String nickname) throws URISyntaxException {
- super(baseUri, nickname);
+ public UserRestClient(ClientConfig config) throws URISyntaxException {
+ super(config);
userClient = createProxy(UserResource.class);
userCertClient = createProxy(UserCertResource.class);
diff --git a/base/common/src/com/netscape/cms/client/user/UserShowCLI.java b/base/common/src/com/netscape/cms/client/user/UserShowCLI.java
index 9549c0505..d46c5578c 100644
--- a/base/common/src/com/netscape/cms/client/user/UserShowCLI.java
+++ b/base/common/src/com/netscape/cms/client/user/UserShowCLI.java
@@ -20,6 +20,7 @@ package com.netscape.cms.client.user;
import com.netscape.certsrv.user.UserData;
import com.netscape.cms.client.cli.CLI;
+import com.netscape.cms.client.cli.MainCLI;
/**
* @author Endi S. Dewata
@@ -48,6 +49,8 @@ public class UserShowCLI extends CLI {
UserData userData = parent.client.getUser(userId);
+ MainCLI.printMessage("User \"" + userId + "\"");
+
UserCLI.printUser(userData);
}
}
diff --git a/base/common/src/com/netscape/cms/client/user/UserShowCertCLI.java b/base/common/src/com/netscape/cms/client/user/UserShowCertCLI.java
index 71e14b4fc..99bc55af0 100644
--- a/base/common/src/com/netscape/cms/client/user/UserShowCertCLI.java
+++ b/base/common/src/com/netscape/cms/client/user/UserShowCertCLI.java
@@ -27,6 +27,7 @@ import org.apache.commons.cli.Option;
import com.netscape.certsrv.user.UserCertData;
import com.netscape.cms.client.cli.CLI;
+import com.netscape.cms.client.cli.MainCLI;
/**
* @author Endi S. Dewata
@@ -88,6 +89,8 @@ public class UserShowCertCLI extends CLI {
out.close();
}
+ MainCLI.printMessage("Certificate \"" + userCertData.getID() + "\"");
+
UserCLI.printCert(userCertData, showPrettyPrint, showEncoded);
}
}
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/CMSRestClient.java b/base/common/src/com/netscape/cms/servlet/csadmin/CMSRestClient.java
index 7667dc70d..6a38464dc 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/CMSRestClient.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/CMSRestClient.java
@@ -32,29 +32,25 @@ import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.mozilla.jss.ssl.SSLCertificateApprovalCallback;
import org.mozilla.jss.ssl.SSLSocket;
+import com.netscape.cms.client.cli.ClientConfig;
+
public abstract class CMSRestClient {
protected boolean verbose;
- protected String clientCertNickname;
+ protected ClientConfig config;
+
protected ResteasyProviderFactory providerFactory;
protected ClientErrorHandler errorHandler;
protected ClientExecutor executor;
- protected URI uri;
-
- public CMSRestClient(String baseUri) throws URISyntaxException {
- this(baseUri, null);
- }
-
- public CMSRestClient(String baseUri, String clientCertNick) throws URISyntaxException {
-
- clientCertNickname = clientCertNick;
- uri = new URI(baseUri);
+ public CMSRestClient(ClientConfig config) {
+ this.config = config;
DefaultHttpClient httpclient = new DefaultHttpClient();
httpclient.addRequestInterceptor(new HttpRequestInterceptor() {
+ @Override
public void process(HttpRequest request, HttpContext context) throws HttpException, IOException {
if (verbose) System.out.println("HTTP Request: "+request.getRequestLine());
}
@@ -153,9 +149,10 @@ public abstract class CMSRestClient {
socket = new SSLSocket(sock, hostName, new ServerCertApprovalCB(), null);
}
- if (clientCertNickname != null) {
- if (verbose) System.out.println("Client certificate: "+clientCertNickname);
- socket.setClientCertNickname(clientCertNickname);
+ String certNickname = config.getCertNickname();
+ if (certNickname != null) {
+ if (verbose) System.out.println("Client certificate: "+certNickname);
+ socket.setClientCertNickname(certNickname);
}
return socket;
@@ -176,7 +173,8 @@ public abstract class CMSRestClient {
}
- public <T> T createProxy(Class<T> clazz) {
+ public <T> T createProxy(Class<T> clazz) throws URISyntaxException {
+ URI uri = new URI(config.getServerURI()+"/pki");
return ProxyFactory.create(clazz, uri, executor, providerFactory);
}
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationRESTClient.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationRESTClient.java
index 92563d7d6..7fe8af2f3 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationRESTClient.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationRESTClient.java
@@ -19,8 +19,7 @@ package com.netscape.cms.servlet.csadmin;
import java.net.URISyntaxException;
-import org.jboss.resteasy.client.ProxyFactory;
-
+import com.netscape.cms.client.cli.ClientConfig;
import com.netscape.cms.servlet.csadmin.model.ConfigurationData;
import com.netscape.cms.servlet.csadmin.model.ConfigurationResponseData;
import com.netscape.cms.servlet.csadmin.model.InstallToken;
@@ -35,10 +34,10 @@ public class ConfigurationRESTClient extends CMSRestClient {
private SystemConfigurationResource configClient;
- public ConfigurationRESTClient(String baseUri, String clientCertNick) throws URISyntaxException {
- super(baseUri, clientCertNick);
+ public ConfigurationRESTClient(ClientConfig config) throws URISyntaxException {
+ super(config);
- configClient = ProxyFactory.create(SystemConfigurationResource.class, uri, executor, providerFactory);
+ configClient = createProxy(SystemConfigurationResource.class);
}
public ConfigurationResponseData configure(ConfigurationData data) {
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
index 93de638eb..cc8808498 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
@@ -143,6 +143,7 @@ import com.netscape.certsrv.ocsp.IOCSPAuthority;
import com.netscape.certsrv.usrgrp.IGroup;
import com.netscape.certsrv.usrgrp.IUGSubsystem;
import com.netscape.certsrv.usrgrp.IUser;
+import com.netscape.cms.client.cli.ClientConfig;
import com.netscape.cms.servlet.csadmin.model.InstallToken;
import com.netscape.cms.servlet.csadmin.model.InstallTokenRequest;
import com.netscape.cmsutil.crypto.CryptoUtil;
@@ -294,9 +295,12 @@ public class ConfigurationUtils {
String csType = cs.getString("cs.type");
InstallTokenRequest data = new InstallTokenRequest(user, passwd, csType, CMS.getEEHost(), CMS.getAdminPort());
- String baseUri = "https://" + sdhost + ":" + sdport + "/ca/pki";
- ConfigurationRESTClient client = null;
- client = new ConfigurationRESTClient(baseUri, null);
+
+ ClientConfig config = new ClientConfig();
+ config.setServerURI("https://" + sdhost + ":" + sdport + "/ca");
+
+ ConfigurationRESTClient client = new ConfigurationRESTClient(config);
+
InstallToken token = client.getInstallToken(data);
return token.getToken();
diff --git a/base/deploy/src/scriptlets/configuration.jy b/base/deploy/src/scriptlets/configuration.jy
index 2e72f4060..0746d40fc 100644
--- a/base/deploy/src/scriptlets/configuration.jy
+++ b/base/deploy/src/scriptlets/configuration.jy
@@ -16,6 +16,10 @@ import pkimessages as log
from java.lang import System as javasystem
+# PKI Java Imports
+from com.netscape.cms.client.cli import ClientConfig
+
+
def main(argv):
rv = 0
@@ -71,9 +75,13 @@ def main(argv):
master['pki_dry_run_flag'],
master['pki_jython_log_level'])
+ # Setup connection parameters
+ client_config = ClientConfig()
+ client_config.setServerURI(master['pki_jython_base_uri'])
+
# Establish REST Client
client = jyutil.rest_client.initialize(
- master['pki_jython_base_uri'],
+ client_config,
master['pki_dry_run_flag'],
master['pki_jython_log_level'])
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py
index cb1c1d918..ffd8884cd 100644
--- a/base/deploy/src/scriptlets/pkijython.py
+++ b/base/deploy/src/scriptlets/pkijython.py
@@ -271,15 +271,15 @@ class security_databases:
class rest_client:
client = None
- def initialize(self, base_uri, pki_dry_run_flag, log_level):
+ def initialize(self, client_config, pki_dry_run_flag, log_level):
try:
if log_level >= config.PKI_JYTHON_INFO_LOG_LEVEL:
print "%s %s '%s'" %\
(log.PKI_JYTHON_INDENTATION_2,
log.PKI_JYTHON_INITIALIZING_REST_CLIENT,
- base_uri)
+ client_config.serverURI)
if not pki_dry_run_flag:
- self.client = ConfigurationRESTClient(base_uri, None)
+ self.client = ConfigurationRESTClient(client_config)
return self.client
except URISyntaxException, e:
e.printStackTrace()
diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py
index 7f27d8940..6e1404180 100644
--- a/base/deploy/src/scriptlets/pkiparser.py
+++ b/base/deploy/src/scriptlets/pkiparser.py
@@ -1506,7 +1506,7 @@ def compose_pki_master_dictionary():
config.pki_master_dict['pki_jython_base_uri'] =\
"https" + "://" + config.pki_master_dict['pki_hostname'] + ":" +\
config.pki_master_dict['pki_https_port'] + "/" +\
- config.pki_master_dict['pki_subsystem'].lower() + "/" + "pki"
+ config.pki_master_dict['pki_subsystem'].lower()
# Jython scriptlet
# 'Security Domain' Configuration name/value pairs
# 'Subsystem Name' Configuration name/value pairs
diff --git a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java
index 243e0d91c..372b8aea6 100644
--- a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java
+++ b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java
@@ -5,10 +5,10 @@ import java.util.Collection;
import java.util.Iterator;
import org.jboss.resteasy.client.ClientResponse;
-import org.jboss.resteasy.client.ProxyFactory;
import com.netscape.certsrv.dbs.keydb.KeyId;
import com.netscape.certsrv.request.RequestId;
+import com.netscape.cms.client.cli.ClientConfig;
import com.netscape.cms.servlet.admin.SystemCertificateResource;
import com.netscape.cms.servlet.cert.model.CertificateData;
import com.netscape.cms.servlet.csadmin.CMSRestClient;
@@ -29,11 +29,12 @@ public class DRMRestClient extends CMSRestClient {
private KeyRequestResource keyRequestClient;
private SystemCertificateResource systemCertClient;
- public DRMRestClient(String baseUri, String clientCertNick) throws URISyntaxException {
- super(baseUri,clientCertNick);
- systemCertClient = ProxyFactory.create(SystemCertificateResource.class, uri, executor, providerFactory);
- keyRequestClient = ProxyFactory.create(KeyRequestResource.class, uri, executor, providerFactory);
- keyClient = ProxyFactory.create(KeyResource.class, uri, executor, providerFactory);
+ public DRMRestClient(ClientConfig config) throws URISyntaxException {
+ super(config);
+
+ systemCertClient = createProxy(SystemCertificateResource.class);
+ keyRequestClient = createProxy(KeyRequestResource.class);
+ keyClient = createProxy(KeyResource.class);
}
public String getTransportCert() {
diff --git a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java
index 5323777bd..62cdfe992 100644
--- a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java
+++ b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java
@@ -39,6 +39,7 @@ import org.mozilla.jss.util.Password;
import com.netscape.certsrv.dbs.keydb.KeyId;
import com.netscape.certsrv.request.RequestId;
+import com.netscape.cms.client.cli.ClientConfig;
import com.netscape.cms.servlet.base.CMSResourceService;
import com.netscape.cms.servlet.key.model.KeyData;
import com.netscape.cms.servlet.key.model.KeyDataInfo;
@@ -193,10 +194,14 @@ public class DRMTest {
// Set base URI and get client
- String baseUri = protocol + "://" + host + ":" + port + "/kra/pki";
DRMRestClient client;
try {
- client = new DRMRestClient(baseUri, clientCertNickname);
+ ClientConfig config = new ClientConfig();
+ config.setServerURI(protocol + "://" + host + ":" + port + "/kra");
+ config.setCertNickname(clientCertNickname);
+
+ client = new DRMRestClient(config);
+
} catch (Exception e) {
e.printStackTrace();
return;