diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2013-09-25 23:54:39 -0400 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2013-10-01 19:26:38 -0400 |
| commit | a4a492ef370053764b7dacbbf2f9f36069ea46b2 (patch) | |
| tree | 6ba47cbd79602db1f323e232f31cb72f1a31dabc | |
| parent | 7c0fb95b77f0f91c572e0242c09a88605497a455 (diff) | |
| download | pki-a4a492ef370053764b7dacbbf2f9f36069ea46b2.tar.gz pki-a4a492ef370053764b7dacbbf2f9f36069ea46b2.tar.xz pki-a4a492ef370053764b7dacbbf2f9f36069ea46b2.zip | |
Fixed CLI authentication issue.
Previously the CLI authentication could fail because it's using a
fixed default subsystem which may not match the command it's trying
to execute. The CLI has now been modified to use the appropriate
default subsystem depending on the command to be executed.
30 files changed, 245 insertions, 180 deletions
diff --git a/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java b/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java index f74ab714d..145575697 100644 --- a/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java +++ b/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java @@ -188,9 +188,9 @@ public class ConfigurationTest { SystemConfigClient client = null; try { ClientConfig config = new ClientConfig(); - config.setServerURI(protocol + "://" + host + ":" + port + "/" + cstype); + config.setServerURI(protocol + "://" + host + ":" + port); - client = new SystemConfigClient(new PKIClient(config)); + client = new SystemConfigClient(new PKIClient(config), cstype); } catch (URISyntaxException e1) { e1.printStackTrace(); System.exit(1); diff --git a/base/common/src/com/netscape/certsrv/account/AccountClient.java b/base/common/src/com/netscape/certsrv/account/AccountClient.java index 333f65679..dcf8975b5 100644 --- a/base/common/src/com/netscape/certsrv/account/AccountClient.java +++ b/base/common/src/com/netscape/certsrv/account/AccountClient.java @@ -30,10 +30,6 @@ public class AccountClient extends Client { public AccountResource resource; public boolean loggedIn; - public AccountClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public AccountClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "account"); init(); diff --git a/base/common/src/com/netscape/certsrv/cert/CertClient.java b/base/common/src/com/netscape/certsrv/cert/CertClient.java index 7ff6af397..b0ebc04bf 100644 --- a/base/common/src/com/netscape/certsrv/cert/CertClient.java +++ b/base/common/src/com/netscape/certsrv/cert/CertClient.java @@ -33,10 +33,6 @@ public class CertClient extends Client { public CertResource certClient; public CertRequestResource certRequestResource; - public CertClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public CertClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "cert"); init(); diff --git a/base/common/src/com/netscape/certsrv/group/GroupClient.java b/base/common/src/com/netscape/certsrv/group/GroupClient.java index 33be6e772..2f11e21b4 100644 --- a/base/common/src/com/netscape/certsrv/group/GroupClient.java +++ b/base/common/src/com/netscape/certsrv/group/GroupClient.java @@ -32,10 +32,6 @@ public class GroupClient extends Client { public GroupResource groupClient; public GroupMemberResource groupMemberClient; - public GroupClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public GroupClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "group"); init(); diff --git a/base/common/src/com/netscape/certsrv/key/KeyClient.java b/base/common/src/com/netscape/certsrv/key/KeyClient.java index be4e5ed58..385996eed 100644 --- a/base/common/src/com/netscape/certsrv/key/KeyClient.java +++ b/base/common/src/com/netscape/certsrv/key/KeyClient.java @@ -31,10 +31,6 @@ public class KeyClient extends Client { public KeyResource keyClient; public KeyRequestResource keyRequestClient; - public KeyClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public KeyClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "key"); init(); diff --git a/base/common/src/com/netscape/certsrv/logging/ActivityClient.java b/base/common/src/com/netscape/certsrv/logging/ActivityClient.java index 251183ec5..48ecdd5c4 100644 --- a/base/common/src/com/netscape/certsrv/logging/ActivityClient.java +++ b/base/common/src/com/netscape/certsrv/logging/ActivityClient.java @@ -29,10 +29,6 @@ public class ActivityClient extends Client { public ActivityResource resource; - public ActivityClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public ActivityClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "activity"); init(); diff --git a/base/common/src/com/netscape/certsrv/profile/ProfileClient.java b/base/common/src/com/netscape/certsrv/profile/ProfileClient.java index c4ecf6bec..64a53b209 100644 --- a/base/common/src/com/netscape/certsrv/profile/ProfileClient.java +++ b/base/common/src/com/netscape/certsrv/profile/ProfileClient.java @@ -29,10 +29,6 @@ public class ProfileClient extends Client { public ProfileResource profileClient; - public ProfileClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public ProfileClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "profile"); init(); diff --git a/base/common/src/com/netscape/certsrv/system/KRAConnectorClient.java b/base/common/src/com/netscape/certsrv/system/KRAConnectorClient.java index 514390eae..4a29ca154 100644 --- a/base/common/src/com/netscape/certsrv/system/KRAConnectorClient.java +++ b/base/common/src/com/netscape/certsrv/system/KRAConnectorClient.java @@ -29,10 +29,6 @@ public class KRAConnectorClient extends Client { public KRAConnectorResource kraConnectorClient; - public KRAConnectorClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public KRAConnectorClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "kraconnector"); init(); diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java index 3eb21cfce..6c6a5d3d5 100644 --- a/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java +++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java @@ -30,10 +30,6 @@ public class SecurityDomainClient extends Client { private SecurityDomainResource securityDomainClient; - public SecurityDomainClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public SecurityDomainClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "securitydomain"); init(); diff --git a/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java b/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java index 07d728896..242f00531 100644 --- a/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java +++ b/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java @@ -31,10 +31,6 @@ public class SystemConfigClient extends Client { private SystemConfigResource configClient; - public SystemConfigClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public SystemConfigClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "systemconfig"); init(); diff --git a/base/common/src/com/netscape/certsrv/system/TPSConnectorClient.java b/base/common/src/com/netscape/certsrv/system/TPSConnectorClient.java index d2009d6cf..b247db907 100644 --- a/base/common/src/com/netscape/certsrv/system/TPSConnectorClient.java +++ b/base/common/src/com/netscape/certsrv/system/TPSConnectorClient.java @@ -12,10 +12,6 @@ public class TPSConnectorClient extends Client { private TPSConnectorResource tpsConnectorClient; - public TPSConnectorClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public TPSConnectorClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "tpsconnector"); init(); diff --git a/base/common/src/com/netscape/certsrv/tps/authenticator/AuthenticatorClient.java b/base/common/src/com/netscape/certsrv/tps/authenticator/AuthenticatorClient.java index 8f4d4fe2b..893d98e7c 100644 --- a/base/common/src/com/netscape/certsrv/tps/authenticator/AuthenticatorClient.java +++ b/base/common/src/com/netscape/certsrv/tps/authenticator/AuthenticatorClient.java @@ -31,10 +31,6 @@ public class AuthenticatorClient extends Client { public AuthenticatorResource resource; - public AuthenticatorClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public AuthenticatorClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "authenticator"); init(); diff --git a/base/common/src/com/netscape/certsrv/tps/cert/TPSCertClient.java b/base/common/src/com/netscape/certsrv/tps/cert/TPSCertClient.java index 003ec7b9b..810c64758 100644 --- a/base/common/src/com/netscape/certsrv/tps/cert/TPSCertClient.java +++ b/base/common/src/com/netscape/certsrv/tps/cert/TPSCertClient.java @@ -29,10 +29,6 @@ public class TPSCertClient extends Client { public TPSCertResource resource; - public TPSCertClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public TPSCertClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "cert"); init(); diff --git a/base/common/src/com/netscape/certsrv/tps/config/ConfigClient.java b/base/common/src/com/netscape/certsrv/tps/config/ConfigClient.java index 9c707e494..98699035a 100644 --- a/base/common/src/com/netscape/certsrv/tps/config/ConfigClient.java +++ b/base/common/src/com/netscape/certsrv/tps/config/ConfigClient.java @@ -31,10 +31,6 @@ public class ConfigClient extends Client { public ConfigResource resource; - public ConfigClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public ConfigClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "config"); init(); diff --git a/base/common/src/com/netscape/certsrv/tps/connection/ConnectionClient.java b/base/common/src/com/netscape/certsrv/tps/connection/ConnectionClient.java index 08f71b32a..6c67e6b2a 100644 --- a/base/common/src/com/netscape/certsrv/tps/connection/ConnectionClient.java +++ b/base/common/src/com/netscape/certsrv/tps/connection/ConnectionClient.java @@ -31,10 +31,6 @@ public class ConnectionClient extends Client { public ConnectionResource resource; - public ConnectionClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public ConnectionClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "connection"); init(); diff --git a/base/common/src/com/netscape/certsrv/tps/profile/ProfileMappingClient.java b/base/common/src/com/netscape/certsrv/tps/profile/ProfileMappingClient.java index dd02825c8..58f4e2673 100644 --- a/base/common/src/com/netscape/certsrv/tps/profile/ProfileMappingClient.java +++ b/base/common/src/com/netscape/certsrv/tps/profile/ProfileMappingClient.java @@ -31,10 +31,6 @@ public class ProfileMappingClient extends Client { public ProfileMappingResource resource; - public ProfileMappingClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public ProfileMappingClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "profile-mapping"); init(); diff --git a/base/common/src/com/netscape/certsrv/tps/token/TokenClient.java b/base/common/src/com/netscape/certsrv/tps/token/TokenClient.java index 48bddded6..602e8f966 100644 --- a/base/common/src/com/netscape/certsrv/tps/token/TokenClient.java +++ b/base/common/src/com/netscape/certsrv/tps/token/TokenClient.java @@ -31,10 +31,6 @@ public class TokenClient extends Client { public TokenResource resource; - public TokenClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public TokenClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "token"); init(); diff --git a/base/common/src/com/netscape/certsrv/user/UserClient.java b/base/common/src/com/netscape/certsrv/user/UserClient.java index 0c51821fe..85b7f0592 100644 --- a/base/common/src/com/netscape/certsrv/user/UserClient.java +++ b/base/common/src/com/netscape/certsrv/user/UserClient.java @@ -33,10 +33,6 @@ public class UserClient extends Client { public UserCertResource userCertClient; public UserMembershipResource userMembershipClient; - public UserClient(PKIClient client) throws URISyntaxException { - this(client, client.getSubsystem()); - } - public UserClient(PKIClient client, String subsystem) throws URISyntaxException { super(client, subsystem, "user"); init(); diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index d86aa0770..3c409690a 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -333,7 +333,7 @@ public class ConfigurationUtils { String csType = cs.getString("cs.type"); ClientConfig config = new ClientConfig(); - config.setServerURI("https://" + sdhost + ":" + sdport + "/ca"); + config.setServerURI("https://" + sdhost + ":" + sdport); config.setUsername(user); config.setPassword(passwd); @@ -350,8 +350,8 @@ public class ConfigurationUtils { // utilizing an untrusted temporary CA cert. connection.addIgnoredCertStatus(SSLCertificateApprovalCallback.ValidityStatus.CA_CERT_INVALID); - AccountClient accountClient = new AccountClient(client); - SecurityDomainClient sdClient = new SecurityDomainClient(client); + AccountClient accountClient = new AccountClient(client, "ca"); + SecurityDomainClient sdClient = new SecurityDomainClient(client, "ca"); try { accountClient.login(); @@ -3585,7 +3585,7 @@ public class ConfigurationUtils { String dbPass = psStore.getString("internal"); ClientConfig config = new ClientConfig(); - config.setServerURI("https://" + tksHost + ":" + tksPort + "/tks"); + config.setServerURI("https://" + tksHost + ":" + tksPort); config.setCertDatabase(dbDir); config.setCertNickname(dbNick); config.setCertPassword(dbPass); @@ -3598,8 +3598,8 @@ public class ConfigurationUtils { connection.addIgnoredCertStatus(SSLCertificateApprovalCallback.ValidityStatus.UNTRUSTED_ISSUER); connection.addIgnoredCertStatus(SSLCertificateApprovalCallback.ValidityStatus.CA_CERT_INVALID); - AccountClient accountClient = new AccountClient(client); - TPSConnectorClient tpsConnectorClient = new TPSConnectorClient(client); + AccountClient accountClient = new AccountClient(client, "tks"); + TPSConnectorClient tpsConnectorClient = new TPSConnectorClient(client, "tks"); accountClient.login(); TPSConnectorData data = null; diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertCLI.java index 83cd6851c..c3f43401c 100644 --- a/base/java-tools/src/com/netscape/cmstools/cert/CertCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cert/CertCLI.java @@ -68,7 +68,14 @@ public class CertCLI extends CLI { public void execute(String[] args) throws Exception { - certClient = new CertClient(parent.getClient()); + client = parent.getClient(); + + // determine the subsystem + String subsystem = client.getSubsystem(); + if (subsystem == null) subsystem = "ca"; + + // create new cert client + certClient = new CertClient(client, subsystem); super.execute(args); } diff --git a/base/java-tools/src/com/netscape/cmstools/cli/CLI.java b/base/java-tools/src/com/netscape/cmstools/cli/CLI.java index 0adecc171..abe0883b1 100644 --- a/base/java-tools/src/com/netscape/cmstools/cli/CLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cli/CLI.java @@ -87,14 +87,22 @@ public class CLI { this.description = description; } - public void addModule(CLI module) { - modules.put(module.getName(), module); + public CLI getParent() { + return parent; } public CLI getModule(String name) { return modules.get(name); } + public void addModule(CLI module) { + modules.put(module.getName(), module); + } + + public CLI removeModule(String name) { + return modules.remove(name); + } + public PKIClient getClient() { return client; } diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java index 5808254ef..f77dc8183 100644 --- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java @@ -35,7 +35,6 @@ import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; import org.mozilla.jss.util.IncorrectPasswordException; import org.mozilla.jss.util.Password; -import com.netscape.certsrv.account.AccountClient; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; import com.netscape.certsrv.client.PKIConnection; @@ -60,26 +59,26 @@ public class MainCLI extends CLI { public File certDatabase; - public AccountClient accountClient; - String output; public MainCLI() throws Exception { super("pki", "PKI command-line interface"); addModule(new CACLI(this)); - addModule(new CertCLI(this)); - addModule(new ClientCLI(this)); - addModule(new GroupCLI(this)); - addModule(new KeyCLI(this)); addModule(new KRACLI(this)); - addModule(new KRAConnectorCLI(this)); addModule(new OCSPCLI(this)); - addModule(new ProfileCLI(this)); - addModule(new SecurityDomainCLI(this)); addModule(new TKSCLI(this)); addModule(new TPSCLI(this)); - addModule(new UserCLI(this)); + + addModule(new ClientCLI(this)); + + addModule(new ProxyCLI(new CertCLI(this), "ca")); + addModule(new ProxyCLI(new GroupCLI(this), "ca")); + addModule(new ProxyCLI(new KeyCLI(this), "kra")); + addModule(new ProxyCLI(new KRAConnectorCLI(this), "ca")); + addModule(new ProxyCLI(new ProfileCLI(this), "ca")); + addModule(new ProxyCLI(new SecurityDomainCLI(this), "ca")); + addModule(new ProxyCLI(new UserCLI(this), "ca")); } public String getFullModuleName(String moduleName) { @@ -96,7 +95,43 @@ public class MainCLI extends CLI { formatter.printHelp(name+" [OPTIONS..] <command> [ARGS..]", options); System.out.println(); - super.printHelp(); + int leftPadding = 1; + int rightPadding = 25; + + System.out.println("Subsystems:"); + + for (CLI module : modules.values()) { + if (!(module instanceof SubsystemCLI)) continue; + + String label = module.getFullName(); + + int padding = rightPadding - leftPadding - label.length(); + if (padding < 1) + padding = 1; + + System.out.print(StringUtils.repeat(" ", leftPadding)); + System.out.print(label); + System.out.print(StringUtils.repeat(" ", padding)); + System.out.println(module.getDescription()); + } + + System.out.println(); + System.out.println("Commands:"); + + for (CLI module : modules.values()) { + if (module instanceof SubsystemCLI) continue; + + String label = module.getFullName(); + + int padding = rightPadding - leftPadding - label.length(); + if (padding < 1) + padding = 1; + + System.out.print(StringUtils.repeat(" ", leftPadding)); + System.out.print(label); + System.out.print(StringUtils.repeat(" ", padding)); + System.out.println(module.getDescription()); + } } public void createOptions(Options options) throws UnknownHostException { @@ -117,7 +152,7 @@ public class MainCLI extends CLI { option.setArgName("port"); options.addOption(option); - option = new Option("t", true, "Subsystem type (default: ca)"); + option = new Option("t", true, "Subsystem type"); option.setArgName("type"); options.addOption(option); @@ -168,13 +203,18 @@ public class MainCLI extends CLI { String protocol = cmd.getOptionValue("P", "http"); String hostname = cmd.getOptionValue("h", InetAddress.getLocalHost().getCanonicalHostName()); String port = cmd.getOptionValue("p", "8080"); - String type = cmd.getOptionValue("t", "ca"); + String subsystem = cmd.getOptionValue("t"); if (uri == null) - uri = protocol + "://" + hostname + ":" + port + "/" + type; + uri = protocol + "://" + hostname + ":" + port; + + if (subsystem != null) + uri = uri + "/" + subsystem; config.setServerURI(uri); + if (verbose) System.out.println("Server URI: "+uri); + String certDatabase = cmd.getOptionValue("d"); String certNickname = cmd.getOptionValue("n"); String certPassword = cmd.getOptionValue("c"); @@ -270,20 +310,10 @@ public class MainCLI extends CLI { file.mkdirs(); connection.setOutput(file); } - - String subsystem = config.getSubsystem(); - if (subsystem != null) { - // if server URI includes subsystem, perform authentication - // against that subsystem - accountClient = new AccountClient(client, subsystem); - } } public void execute(String[] args) throws Exception { - CLI module; - String[] moduleArgs; - try { createOptions(options); @@ -308,6 +338,8 @@ public class MainCLI extends CLI { parseOptions(cmd); + init(); + if (verbose) { System.out.print("Command:"); for (String arg : cmdArgs) { @@ -317,65 +349,7 @@ public class MainCLI extends CLI { System.out.println(); } - String command = cmdArgs[0]; - String moduleName; - String moduleCommand; - - // If a command contains a '-' sign it will be - // split into module name and module command. - // Otherwise it's a single command. - int i = command.indexOf('-'); - if (i >= 0) { // <module name>-<module command> - moduleName = command.substring(0, i); - moduleCommand = command.substring(i+1); - - } else { // <command> - moduleName = command; - moduleCommand = null; - } - - // get command module - if (verbose) System.out.println("Module: " + moduleName); - module = getModule(moduleName); - if (module == null) - throw new Error("Invalid module \"" + moduleName + "\"."); - - // prepare module arguments - if (moduleCommand != null) { - moduleArgs = new String[cmdArgs.length]; - moduleArgs[0] = moduleCommand; - System.arraycopy(cmdArgs, 1, moduleArgs, 1, cmdArgs.length-1); - - } else { - moduleArgs = new String[cmdArgs.length-1]; - System.arraycopy(cmdArgs, 1, moduleArgs, 0, cmdArgs.length-1); - } - - } catch (Throwable t) { - if (verbose) { - t.printStackTrace(System.err); - } else { - System.err.println(t.getClass().getSimpleName()+": "+t.getMessage()); - } - printHelp(); - System.exit(1); - return; - } - - if (verbose) System.out.println("Server URI: "+config.getServerURI()); - - // execute command - try { - init(); - - // login if subsystem and username/nickname is specified - if (config.getSubsystem() != null && - (config.getUsername() != null || config.getCertNickname() != null)) { - accountClient.login(); - } - - // execute module command - module.execute(moduleArgs); + super.execute(cmdArgs); } catch (Throwable t) { if (verbose) { @@ -384,10 +358,6 @@ public class MainCLI extends CLI { System.err.println(t.getClass().getSimpleName()+": "+t.getMessage()); } System.exit(1); - - } finally { - // logout if subsystem is specified - if (config.getSubsystem() != null) accountClient.logout(); } } diff --git a/base/java-tools/src/com/netscape/cmstools/cli/ProxyCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/ProxyCLI.java new file mode 100644 index 000000000..7d76cb1b2 --- /dev/null +++ b/base/java-tools/src/com/netscape/cmstools/cli/ProxyCLI.java @@ -0,0 +1,119 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2013 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package com.netscape.cmstools.cli; + +import com.netscape.certsrv.account.AccountClient; +import com.netscape.certsrv.client.ClientConfig; +import com.netscape.certsrv.client.PKIClient; + + +/** + * This class provides a mechanism to authenticate against + * the appropriate subsystem for the CLI command. + * + * @author Endi S. Dewata + */ +public class ProxyCLI extends CLI { + + CLI module; + String defaultSubsystem; + + public ProxyCLI(CLI module, String defaultSubsystem) { + super(module.getName(), module.getDescription(), module.getParent()); + + this.module = module; + this.defaultSubsystem = defaultSubsystem; + } + + public String getName() { + return module.getName(); + } + + public void setName(String name) { + module.setName(name); + } + + public String getFullName() { + return module.getFullName(); + } + + public String getFullModuleName(String moduleName) { + return module.getFullModuleName(moduleName); + } + + public String getDescription() { + return module.getDescription(); + } + + public void setDescription(String description) { + module.setDescription(description); + } + + public CLI getParent() { + return module.getParent(); + } + + public CLI getModule(String name) { + return module.getModule(name); + } + + public void addModule(CLI module) { + this.module.addModule(module); + } + + public CLI removeModule(String name) { + return module.removeModule(name); + } + + public PKIClient getClient() { + return module.getClient(); + } + + public Object getClient(String name) { + return module.getClient(name); + } + + public void printHelp() { + module.printHelp(); + } + + public void execute(String[] args) throws Exception { + + PKIClient client = module.getParent().getClient(); + AccountClient accountClient = null; + + try { + // login if username or nickname is specified + ClientConfig config = client.getConfig(); + if (config.getUsername() != null || config.getCertNickname() != null) { + + String subsystem = config.getSubsystem(); + if (subsystem == null) subsystem = defaultSubsystem; + + accountClient = new AccountClient(client, subsystem); + accountClient.login(); + } + + module.execute(args); + + } finally { + if (accountClient != null) accountClient.logout(); + } + } +} diff --git a/base/java-tools/src/com/netscape/cmstools/group/GroupCLI.java b/base/java-tools/src/com/netscape/cmstools/group/GroupCLI.java index a7b414e1d..dba9d9ab3 100644 --- a/base/java-tools/src/com/netscape/cmstools/group/GroupCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/group/GroupCLI.java @@ -63,9 +63,14 @@ public class GroupCLI extends CLI { client = parent.getClient(); groupClient = (GroupClient)parent.getClient("group"); + // if this is a top-level command if (groupClient == null) { - // if parent doesn't have group client then create a new one - groupClient = new GroupClient(client); + // determine the subsystem + String subsystem = client.getSubsystem(); + if (subsystem == null) subsystem = "ca"; + + // create new group client + groupClient = new GroupClient(client, subsystem); } super.execute(args); diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java index bbae43688..e93cc32f0 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java @@ -50,7 +50,13 @@ public class KeyCLI extends CLI { public void execute(String[] args) throws Exception { client = parent.getClient(); - keyClient = new KeyClient(client); + + // determine the subsystem + String subsystem = client.getSubsystem(); + if (subsystem == null) subsystem = "kra"; + + // create new key client + keyClient = new KeyClient(client, subsystem); super.execute(args); } diff --git a/base/java-tools/src/com/netscape/cmstools/profile/ProfileCLI.java b/base/java-tools/src/com/netscape/cmstools/profile/ProfileCLI.java index 7ba472454..775398283 100644 --- a/base/java-tools/src/com/netscape/cmstools/profile/ProfileCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/profile/ProfileCLI.java @@ -49,7 +49,13 @@ public class ProfileCLI extends CLI { public void execute(String[] args) throws Exception { client = parent.getClient(); - profileClient = new ProfileClient(client); + + // determine the subsystem + String subsystem = client.getSubsystem(); + if (subsystem == null) subsystem = "ca"; + + // create new profile client + profileClient = new ProfileClient(client, subsystem); super.execute(args); } diff --git a/base/java-tools/src/com/netscape/cmstools/system/KRAConnectorCLI.java b/base/java-tools/src/com/netscape/cmstools/system/KRAConnectorCLI.java index e45072de1..a59809e26 100644 --- a/base/java-tools/src/com/netscape/cmstools/system/KRAConnectorCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/system/KRAConnectorCLI.java @@ -47,7 +47,13 @@ public class KRAConnectorCLI extends CLI { public void execute(String[] args) throws Exception { client = parent.getClient(); - kraConnectorClient = new KRAConnectorClient(client); + + // determine the subsystem + String subsystem = client.getSubsystem(); + if (subsystem == null) subsystem = "ca"; + + // create new KRA connector client + kraConnectorClient = new KRAConnectorClient(client, subsystem); super.execute(args); } diff --git a/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java b/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java index b7b54942a..224e215a8 100644 --- a/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java @@ -51,7 +51,13 @@ public class SecurityDomainCLI extends CLI { public void execute(String[] args) throws Exception { client = parent.getClient(); - securityDomainClient = new SecurityDomainClient(client); + + // determine the subsystem + String subsystem = client.getSubsystem(); + if (subsystem == null) subsystem = "ca"; + + // create new security domain client + securityDomainClient = new SecurityDomainClient(client, subsystem); super.execute(args); } diff --git a/base/java-tools/src/com/netscape/cmstools/system/TPSConnectorCLI.java b/base/java-tools/src/com/netscape/cmstools/system/TPSConnectorCLI.java index 093e5203a..28c99dd7b 100644 --- a/base/java-tools/src/com/netscape/cmstools/system/TPSConnectorCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/system/TPSConnectorCLI.java @@ -50,11 +50,6 @@ public class TPSConnectorCLI extends CLI { client = parent.getClient(); tpsConnectorClient = (TPSConnectorClient)parent.getClient("tpsconnector"); - if (tpsConnectorClient == null) { - // if parent doesn't have user client then create a new one - tpsConnectorClient = new TPSConnectorClient(client); - } - if (args.length == 0) { printHelp(); System.exit(1); diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserCLI.java index 74f4df9dd..edbb62cab 100644 --- a/base/java-tools/src/com/netscape/cmstools/user/UserCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/user/UserCLI.java @@ -69,9 +69,14 @@ public class UserCLI extends CLI { client = parent.getClient(); userClient = (UserClient)parent.getClient("user"); + // if this is a top-level command if (userClient == null) { - // if parent doesn't have user client then create a new one - userClient = new UserClient(client); + // determine the subsystem + String subsystem = client.getSubsystem(); + if (subsystem == null) subsystem = "ca"; + + // create new user client + userClient = new UserClient(client, subsystem); } super.execute(args); |