diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-24 02:27:47 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-26 11:43:54 -0500 |
commit | 621d9e5c413e561293d7484b93882d985b3fe15f (patch) | |
tree | 638f3d75761c121d9a8fb50b52a12a6686c5ac5c /base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java | |
parent | 40d3643b8d91886bf210aa27f711731c81a11e49 (diff) | |
download | pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.gz pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.xz pki-621d9e5c413e561293d7484b93882d985b3fe15f.zip |
Removed unnecessary pki folder.
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
Diffstat (limited to 'base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java')
-rw-r--r-- | base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java | 500 |
1 files changed, 500 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java new file mode 100644 index 000000000..f3a4169e8 --- /dev/null +++ b/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java @@ -0,0 +1,500 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cms.servlet.csadmin; + +import java.io.IOException; +import java.net.MalformedURLException; +import java.net.URL; +import java.util.StringTokenizer; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.apache.velocity.context.Context; + +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.property.PropertySet; +import com.netscape.certsrv.util.HttpInput; +import com.netscape.cms.servlet.wizard.WizardServlet; + +public class SecurityDomainPanel extends WizardPanelBase { + + public SecurityDomainPanel() { + } + + /** + * Initializes this panel. + */ + public void init(ServletConfig config, int panelno) + throws ServletException { + setPanelNo(panelno); + setName("Security Domain"); + } + + public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) + throws ServletException { + setPanelNo(panelno); + setName("Security Domain"); + setId(id); + } + + public void cleanUp() throws IOException { + IConfigStore cs = CMS.getConfigStore(); + cs.putString("preop.securitydomain.select", ""); + cs.putString("securitydomain.select", ""); + } + + public boolean isPanelDone() { + IConfigStore cs = CMS.getConfigStore(); + try { + String s = cs.getString("preop.securitydomain.select", ""); + if (s == null || s.equals("")) { + return false; + } else { + return true; + } + } catch (EBaseException e) { + } + return false; + } + + public PropertySet getUsage() { + PropertySet set = new PropertySet(); + + /* XXX */ + + return set; + } + + /** + * Display the panel. + */ + public void display(HttpServletRequest request, + HttpServletResponse response, + Context context) { + context.put("title", "Security Domain"); + IConfigStore config = CMS.getConfigStore(); + String errorString = ""; + String default_admin_url = ""; + String name = ""; + String systemdService = ""; + + try { + default_admin_url = config.getString("preop.securitydomain.admin_url", ""); + name = config.getString("preop.securitydomain.name", ""); + systemdService = config.getString("pkicreate.systemd.servicename", ""); + } catch (Exception e) { + CMS.debug(e.toString()); + } + if (isPanelDone()) { + try { + String s = config.getString("preop.securitydomain.select"); + + if (s.equals("new")) { + context.put("check_newdomain", "checked"); + context.put("check_existingdomain", ""); + } else if (s.equals("existing")) { + context.put("check_newdomain", ""); + context.put("check_existingdomain", "checked"); + } + } catch (Exception e) { + CMS.debug(e.toString()); + } + } else { + context.put("check_newdomain", "checked"); + context.put("check_existingdomain", ""); + } + + try { + context.put("cstype", config.getString("cs.type")); + context.put("wizardname", config.getString("preop.wizard.name")); + context.put("panelname", "Security Domain Configuration"); + context.put("systemname", config.getString("preop.system.name")); + context.put("machineName", config.getString("machineName")); + context.put("http_ee_port", CMS.getEENonSSLPort()); + context.put("https_agent_port", CMS.getAgentPort()); + context.put("https_ee_port", CMS.getEESSLPort()); + context.put("https_admin_port", CMS.getAdminPort()); + context.put("sdomainAdminURL", default_admin_url); + } catch (EBaseException e) { + } + + context.put("panel", "admin/console/config/securitydomainpanel.vm"); + context.put("errorString", errorString); + + // from default_admin_url, find hostname, if fully qualified, get + // network domain name and generate default security domain name + if (name.equals("") && (default_admin_url != null)) { + try { + URL u = new URL(default_admin_url); + + String hostname = u.getHost(); + StringTokenizer st = new StringTokenizer(hostname, "."); + boolean first = true; + int numTokens = st.countTokens(); + int count = 0; + String defaultDomain = ""; + StringBuffer sb = new StringBuffer(); + while (st.hasMoreTokens()) { + count++; + String n = st.nextToken(); + if (first) { //skip the hostname + first = false; + continue; + } + if (count == numTokens) // skip the last element (e.g. com) + continue; + sb.append((defaultDomain.length() == 0) ? "" : " "); + sb.append(capitalize(n)); + } + defaultDomain = sb.toString() + " " + "Domain"; + name = defaultDomain; + CMS.debug("SecurityDomainPanel: defaultDomain generated:" + name); + } catch (MalformedURLException e) { + errorString = "Malformed URL"; + // not being able to come up with default domain name is ok + } + } + context.put("sdomainName", name); + + if (default_admin_url != null) { + String r = null; + + try { + // check to see if "default" security domain exists + // on local machine + URL u = new URL(default_admin_url); + + String hostname = u.getHost(); + int port = u.getPort(); + ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); + r = pingCS(hostname, port, true, certApprovalCallback); + } catch (Exception e) { + CMS.debug("SecurityDomainPanel: exception caught: " + + e.toString()); + } + + if (r != null) { + // "default" security domain exists on local machine; + // fill "sdomainURL" in with "default" security domain + // as an initial "guess" + CMS.debug("SecurityDomainPanel: pingCS returns: " + r); + context.put("sdomainURL", default_admin_url); + } else { + // "default" security domain does NOT exist on local machine; + // leave "sdomainURL" blank + CMS.debug("SecurityDomainPanel: pingCS no successful response"); + context.put("sdomainURL", ""); + } + } + + // Information for "existing" Security Domain CAs + String initDaemon = "pki-cad"; + String instanceId = "<security_domain_instance_name>"; + String os = System.getProperty("os.name"); + if (os.equalsIgnoreCase("Linux")) { + if (!systemdService.equals("")) { + context.put("initCommand", "/usr/bin/pkicontrol"); + context.put("instanceId", "ca " + systemdService); + } else { + context.put("initCommand", "/sbin/service " + initDaemon); + context.put("instanceId", instanceId); + } + } else { + /* default case: e. g. - ( os.equalsIgnoreCase( "SunOS" ) */ + context.put("initCommand", "/etc/init.d/" + initDaemon); + context.put("instanceId", instanceId); + } + } + + public static String capitalize(String s) { + if (s.length() == 0) { + return s; + } else { + return s.substring(0, 1).toUpperCase() + s.substring(1); + } + } + + /** + * Checks if the given parameters are valid. + */ + public void validate(HttpServletRequest request, + HttpServletResponse response, + Context context) throws IOException { + + String select = HttpInput.getID(request, "choice"); + if (select.equals("newdomain")) { + String name = HttpInput.getSecurityDomainName(request, "sdomainName"); + if (name == null || name.equals("")) { + initParams(request, context); + context.put("updateStatus", "validate-failure"); + throw new IOException("Missing name value for the security domain"); + } + } else if (select.equals("existingdomain")) { + CMS.debug("SecurityDomainPanel: validating " + + "SSL Admin HTTPS . . ."); + String admin_url = HttpInput.getURL(request, "sdomainURL"); + if (admin_url == null || admin_url.equals("")) { + initParams(request, context); + context.put("updateStatus", "validate-failure"); + throw new IOException("Missing SSL Admin HTTPS url value " + + "for the security domain"); + } else { + String r = null; + + try { + URL u = new URL(admin_url); + + String hostname = u.getHost(); + int admin_port = u.getPort(); + ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); + r = pingCS(hostname, admin_port, true, + certApprovalCallback); + } catch (Exception e) { + CMS.debug("SecurityDomainPanel: exception caught: " + + e.toString()); + context.put("updateStatus", "validate-failure"); + throw new IOException("Illegal SSL Admin HTTPS url value " + + "for the security domain"); + } + + if (r != null) { + CMS.debug("SecurityDomainPanel: pingAdminCS returns: " + + r); + context.put("sdomainURL", admin_url); + } else { + CMS.debug("SecurityDomainPanel: pingAdminCS " + + "no successful response for SSL Admin HTTPS"); + context.put("sdomainURL", ""); + } + } + } + } + + public void initParams(HttpServletRequest request, Context context) + throws IOException { + IConfigStore config = CMS.getConfigStore(); + try { + context.put("cstype", config.getString("cs.type")); + } catch (Exception e) { + } + + String select = request.getParameter("choice"); + if (select.equals("newdomain")) { + context.put("check_newdomain", "checked"); + context.put("check_existingdomain", ""); + } else if (select.equals("existingdomain")) { + context.put("check_newdomain", ""); + context.put("check_existingdomain", "checked"); + } + + String name = request.getParameter("sdomainName"); + if (name == null) + name = ""; + context.put("sdomainName", name); + + String admin_url = request.getParameter("sdomainURL"); + if (admin_url == null) + admin_url = ""; + context.put("sdomainURL", admin_url); + } + + /** + * Commit parameter changes + */ + public void update(HttpServletRequest request, + HttpServletResponse response, + Context context) throws IOException { + String errorString = ""; + String select = HttpInput.getID(request, "choice"); + + if (select == null) { + CMS.debug("SecurityDomainPanel: choice not found"); + context.put("updateStatus", "failure"); + throw new IOException("choice not found"); + } + IConfigStore config = CMS.getConfigStore(); + + if (select.equals("newdomain")) { + config.putString("preop.securitydomain.select", "new"); + config.putString("securitydomain.select", "new"); + config.putString("preop.securitydomain.name", + HttpInput.getDomainName(request, "sdomainName")); + config.putString("securitydomain.name", + HttpInput.getDomainName(request, "sdomainName")); + config.putString("securitydomain.host", + CMS.getEENonSSLHost()); + config.putString("securitydomain.httpport", + CMS.getEENonSSLPort()); + config.putString("securitydomain.httpsagentport", + CMS.getAgentPort()); + config.putString("securitydomain.httpseeport", + CMS.getEESSLPort()); + config.putString("securitydomain.httpsadminport", + CMS.getAdminPort()); + + // make sure the subsystem certificate is issued by the security + // domain + config.putString("preop.cert.subsystem.type", "local"); + config.putString("preop.cert.subsystem.profile", "subsystemCert.profile"); + + try { + config.commit(false); + } catch (EBaseException e) { + } + + } else if (select.equals("existingdomain")) { + config.putString("preop.securitydomain.select", "existing"); + config.putString("securitydomain.select", "existing"); + + // make sure the subsystem certificate is issued by the security + // domain + config.putString("preop.cert.subsystem.type", "remote"); + config.putString("preop.cert.subsystem.profile", "caInternalAuthSubsystemCert"); + + String admin_url = HttpInput.getURL(request, "sdomainURL"); + String hostname = ""; + int admin_port = -1; + + if (admin_url != null) { + try { + URL admin_u = new URL(admin_url); + + hostname = admin_u.getHost(); + admin_port = admin_u.getPort(); + } catch (MalformedURLException e) { + errorString = "Malformed SSL Admin HTTPS URL"; + context.put("updateStatus", "failure"); + throw new IOException(errorString); + } + + context.put("sdomainURL", admin_url); + config.putString("securitydomain.host", hostname); + config.putInteger("securitydomain.httpsadminport", + admin_port); + } + + try { + config.commit(false); + } catch (EBaseException e) { + } + + ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); + updateCertChain(config, "securitydomain", hostname, admin_port, + true, context, certApprovalCallback); + } else { + CMS.debug("SecurityDomainPanel: invalid choice " + select); + errorString = "Invalid choice"; + context.put("updateStatus", "failure"); + throw new IOException("invalid choice " + select); + } + + try { + config.commit(false); + } catch (EBaseException e) { + } + + try { + context.put("cstype", config.getString("cs.type")); + context.put("wizardname", config.getString("preop.wizard.name")); + context.put("panelname", "Security Domain Configuration"); + context.put("systemname", config.getString("preop.system.name")); + } catch (EBaseException e) { + } + + context.put("errorString", errorString); + context.put("updateStatus", "success"); + } + + /** + * If validate() returns false, this method will be called. + */ + public void displayError(HttpServletRequest request, + HttpServletResponse response, + Context context) { + IConfigStore config = CMS.getConfigStore(); + String default_admin_url = ""; + try { + initParams(request, context); + } catch (IOException e) { + } + + try { + default_admin_url = config.getString("preop.securitydomain.admin_url", ""); + } catch (Exception e) { + } + + if (default_admin_url != null) { + String r = null; + + try { + // check to see if "default" security domain exists + // on local machine + URL u = new URL(default_admin_url); + + String hostname = u.getHost(); + int port = u.getPort(); + ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); + r = pingCS(hostname, port, true, certApprovalCallback); + } catch (Exception e) { + } + + if (r != null) { + // "default" security domain exists on local machine; + // refill "sdomainURL" in with "default" security domain + // as an initial "guess" + context.put("sdomainURL", default_admin_url); + } else { + // "default" security domain does NOT exist on local machine; + // leave "sdomainURL" blank + context.put("sdomainURL", ""); + } + } + + try { + context.put("machineName", config.getString("machineName")); + context.put("http_ee_port", CMS.getEENonSSLPort()); + context.put("https_agent_port", CMS.getAgentPort()); + context.put("https_ee_port", CMS.getEESSLPort()); + context.put("https_admin_port", CMS.getAdminPort()); + context.put("sdomainAdminURL", + config.getString("preop.securitydomain.admin_url")); + } catch (EBaseException e) { + } + + // Information for "existing" Security Domain CAs + String initDaemon = "pki-cad"; + String instanceId = "<security_domain_instance_name>"; + String os = System.getProperty("os.name"); + if (os.equalsIgnoreCase("Linux")) { + context.put("initCommand", "/sbin/service " + initDaemon); + context.put("instanceId", instanceId); + } else { + /* default case: e. g. - ( os.equalsIgnoreCase( "SunOS" ) */ + context.put("initCommand", "/etc/init.d/" + initDaemon); + context.put("instanceId", instanceId); + } + + context.put("title", "Security Domain"); + context.put("panel", "admin/console/config/securitydomainpanel.vm"); + } +} |