summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAde Lee <alee@redhat.com>2012-11-28 13:48:30 -0500
committerAde Lee <alee@redhat.com>2012-12-03 09:08:35 -0500
commit6be1194058b64e24848b0f12eaa3d6cee0cadf2e (patch)
treef002f40b11708871433499cdce8756c27ba2f698
parent083e130dbe6a43152b01bbb0cbd107ec8b69b345 (diff)
downloadpki-6be1194058b64e24848b0f12eaa3d6cee0cadf2e.zip
pki-6be1194058b64e24848b0f12eaa3d6cee0cadf2e.tar.gz
pki-6be1194058b64e24848b0f12eaa3d6cee0cadf2e.tar.xz
Common admin user: config servlet changes
As oer review, changed useCommonAdmin to importAdminCert
-rw-r--r--base/common/src/com/netscape/certsrv/system/ConfigurationRequest.java28
-rw-r--r--base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java85
2 files changed, 78 insertions, 35 deletions
diff --git a/base/common/src/com/netscape/certsrv/system/ConfigurationRequest.java b/base/common/src/com/netscape/certsrv/system/ConfigurationRequest.java
index 444aa9a..217f84b 100644
--- a/base/common/src/com/netscape/certsrv/system/ConfigurationRequest.java
+++ b/base/common/src/com/netscape/certsrv/system/ConfigurationRequest.java
@@ -70,6 +70,8 @@ public class ConfigurationRequest {
private static final String ADMIN_SUBJECT_DN = "adminSubjectDN";
private static final String ADMIN_NAME = "adminName";
private static final String ADMIN_PROFILE_ID = "adminProfileID";
+ private static final String IMPORT_ADMIN_CERT = "importAdminCert";
+ private static final String ADMIN_CERT = "adminCert";
private static final String STEP_TWO = "stepTwo";
private static final String GENERATE_SERVER_CERT = "generateServerCert";
@@ -195,6 +197,12 @@ public class ConfigurationRequest {
@XmlElement
protected String adminProfileID;
+ @XmlElement(defaultValue = "false")
+ protected String importAdminCert;
+
+ @XmlElement
+ protected String adminCert;
+
@XmlElement
protected String stepTwo;
@@ -244,6 +252,8 @@ public class ConfigurationRequest {
adminSubjectDN = form.getFirst(ADMIN_SUBJECT_DN);
adminName = form.getFirst(ADMIN_NAME);
adminProfileID = form.getFirst(ADMIN_PROFILE_ID);
+ adminCert = form.getFirst(ADMIN_CERT);
+ importAdminCert = form.getFirst(IMPORT_ADMIN_CERT);
stepTwo = form.getFirst(STEP_TWO);
generateServerCert = form.getFirst(GENERATE_SERVER_CERT);
}
@@ -723,6 +733,22 @@ public class ConfigurationRequest {
this.adminProfileID = adminProfileID;
}
+ public String getImportAdminCert() {
+ return importAdminCert;
+ }
+
+ public void setImportAdminCert(String importAdminCert) {
+ this.importAdminCert = importAdminCert;
+ }
+
+ public String getAdminCert() {
+ return adminCert;
+ }
+
+ public void setAdminCert(String adminCert) {
+ this.adminCert = adminCert;
+ }
+
public String getStepTwo() {
return stepTwo;
}
@@ -787,6 +813,8 @@ public class ConfigurationRequest {
", adminSubjectDN=" + adminSubjectDN +
", adminName=" + adminName +
", adminProfileID=" + adminProfileID +
+ ", adminCert=" + adminCert +
+ ", importAdminCert=" + importAdminCert +
", generateServerCert=" + generateServerCert +
", stepTwo=" + stepTwo + "]";
}
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java b/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java
index 31fcaac..e4f9445 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java
@@ -72,7 +72,6 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
public static String SUCCESS = "0";
public static final String RESTART_SERVER_AFTER_CONFIGURATION =
"restart_server_after_configuration";
- private Random random = null;
public SystemConfigService() throws EPropertyNotFound, EBaseException {
cs = CMS.getConfigStore();
@@ -83,7 +82,6 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
isMasterCA = true;
}
instanceRoot = cs.getString("instanceRoot");
- random = new Random();
}
/* (non-Javadoc)
@@ -598,31 +596,37 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
X509CertImpl admincerts[] = new X509CertImpl[1];
ConfigurationUtils.createAdmin(data.getAdminUID(), data.getAdminEmail(),
data.getAdminName(), data.getAdminPassword());
- if (csType.equals("CA")) {
- ConfigurationUtils.createAdminCertificate(data.getAdminCertRequest(),
- data.getAdminCertRequestType(), data.getAdminSubjectDN());
-
- String serialno = cs.getString("preop.admincert.serialno.0");
- ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(ICertificateAuthority.ID);
- ICertificateRepository repo = ca.getCertificateRepository();
- admincerts[0] = repo.getX509Certificate(new BigInteger(serialno, 16));
+ if (data.getImportAdminCert().equalsIgnoreCase("true")) {
+ String b64 = CryptoUtil.stripCertBrackets(data.getAdminCert().trim());
+ byte[] b = CryptoUtil.base64Decode(b64);
+ admincerts[0] = new X509CertImpl(b);
} else {
- String type = cs.getString("preop.ca.type", "");
- String ca_hostname = "";
- int ca_port = -1;
- if (type.equals("sdca")) {
- ca_hostname = cs.getString("preop.ca.hostname");
- ca_port = cs.getInteger("preop.ca.httpsport");
+ if (csType.equals("CA")) {
+ ConfigurationUtils.createAdminCertificate(data.getAdminCertRequest(),
+ data.getAdminCertRequestType(), data.getAdminSubjectDN());
+
+ String serialno = cs.getString("preop.admincert.serialno.0");
+ ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(ICertificateAuthority.ID);
+ ICertificateRepository repo = ca.getCertificateRepository();
+ admincerts[0] = repo.getX509Certificate(new BigInteger(serialno, 16));
} else {
- ca_hostname = cs.getString("securitydomain.host", "");
- ca_port = cs.getInteger("securitydomain.httpseeport");
+ String type = cs.getString("preop.ca.type", "");
+ String ca_hostname = "";
+ int ca_port = -1;
+ if (type.equals("sdca")) {
+ ca_hostname = cs.getString("preop.ca.hostname");
+ ca_port = cs.getInteger("preop.ca.httpsport");
+ } else {
+ ca_hostname = cs.getString("securitydomain.host", "");
+ ca_port = cs.getInteger("securitydomain.httpseeport");
+ }
+ String b64 = ConfigurationUtils.submitAdminCertRequest(ca_hostname, ca_port,
+ data.getAdminProfileID(), data.getAdminCertRequestType(),
+ data.getAdminCertRequest(), data.getAdminSubjectDN());
+ b64 = CryptoUtil.stripCertBrackets(b64.trim());
+ byte[] b = CryptoUtil.base64Decode(b64);
+ admincerts[0] = new X509CertImpl(b);
}
- String b64 = ConfigurationUtils.submitAdminCertRequest(ca_hostname, ca_port,
- data.getAdminProfileID(), data.getAdminCertRequestType(),
- data.getAdminCertRequest(), data.getAdminSubjectDN());
- b64 = CryptoUtil.stripCertBrackets(b64.trim());
- byte[] b = CryptoUtil.base64Decode(b64);
- admincerts[0] = new X509CertImpl(b);
}
CMS.reinit(IUGSubsystem.ID);
@@ -902,26 +906,37 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
}
if (data.getIsClone().equals("false")) {
- if ((data.getAdminUID() == null) || (data.getAdminUID().length()==0)) {
+ if ((data.getAdminUID() == null) || (data.getAdminUID().length() == 0)) {
throw new PKIException(Response.Status.BAD_REQUEST, "Admin UID not provided");
}
- if ((data.getAdminPassword() == null) || (data.getAdminPassword().length()==0)) {
+ if ((data.getAdminPassword() == null) || (data.getAdminPassword().length() == 0)) {
throw new PKIException(Response.Status.BAD_REQUEST, "Admin Password not provided");
}
- if ((data.getAdminEmail() == null) || (data.getAdminEmail().length()==0)) {
+ if ((data.getAdminEmail() == null) || (data.getAdminEmail().length() == 0)) {
throw new PKIException(Response.Status.BAD_REQUEST, "Admin UID not provided");
}
- if ((data.getAdminName() == null) || (data.getAdminName().length()==0)) {
+ if ((data.getAdminName() == null) || (data.getAdminName().length() == 0)) {
throw new PKIException(Response.Status.BAD_REQUEST, "Admin name not provided");
}
- if ((data.getAdminCertRequest() == null) || (data.getAdminCertRequest().length()==0)) {
- throw new PKIException(Response.Status.BAD_REQUEST, "Admin cert request not provided");
- }
- if ((data.getAdminCertRequestType() == null) || (data.getAdminCertRequestType().length()==0)) {
- throw new PKIException(Response.Status.BAD_REQUEST, "Admin cert request type not provided");
+
+ if (data.getImportAdminCert() == null) {
+ data.setImportAdminCert("false");
}
- if ((data.getAdminSubjectDN() == null) || (data.getAdminSubjectDN().length()==0)) {
- throw new PKIException(Response.Status.BAD_REQUEST, "Admin subjectDN not provided");
+
+ if (data.getImportAdminCert().equalsIgnoreCase("true")) {
+ if (data.getAdminCert() == null) {
+ throw new PKIException(Response.Status.BAD_REQUEST, "Admin Cert not provided");
+ }
+ } else {
+ if ((data.getAdminCertRequest() == null) || (data.getAdminCertRequest().length() == 0)) {
+ throw new PKIException(Response.Status.BAD_REQUEST, "Admin cert request not provided");
+ }
+ if ((data.getAdminCertRequestType() == null) || (data.getAdminCertRequestType().length() == 0)) {
+ throw new PKIException(Response.Status.BAD_REQUEST, "Admin cert request type not provided");
+ }
+ if ((data.getAdminSubjectDN() == null) || (data.getAdminSubjectDN().length() == 0)) {
+ throw new PKIException(Response.Status.BAD_REQUEST, "Admin subjectDN not provided");
+ }
}
}