Added ACLInterceptor.

Previously ACL checking was done in PKIRealm by matching the URL. This code has been replaced by ACLInterceptor which will intercept RESTEasy method invocations. This allows more precise mapping of REST methods to ACL entries in acl.ldif. Ticket #287
author: Endi Sukma Dewata <edewata@redhat.com> 2012-10-10 04:38:05 -0500
committer: Endi Sukma Dewata <edewata@redhat.com> 2012-11-08 11:20:05 -0500
commit: cb209df95c4dee11f2a912e20b417fa3bc41c88f (patch)
tree: b50824cdfd3bc4ec3db905b94ef7750d9ff74844 /base/common/src/com/netscape/cms/servlet
parent: 906acfd2c82d195a7c55a2af7c4d7abe8ed2655a (diff)
download: pki-cb209df95c4dee11f2a912e20b417fa3bc41c88f.tar.gz
pki-cb209df95c4dee11f2a912e20b417fa3bc41c88f.tar.xz
pki-cb209df95c4dee11f2a912e20b417fa3bc41c88f.zip
3 files changed, 18 insertions, 8 deletions
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
index 2a2c3b3ab..a7ec566ce 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
@@ -129,6 +129,7 @@ import org.w3c.dom.Node;
 import org.w3c.dom.NodeList;
 import org.xml.sax.SAXException;
 
+import com.netscape.certsrv.account.AccountClient;
 import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.authentication.EAuthException;
 import com.netscape.certsrv.authentication.IAuthSubsystem;
@@ -325,10 +326,14 @@ public class ConfigurationUtils {
         config.setUsername(user);
         config.setPassword(passwd);
 
-        SecurityDomainClient client = new SecurityDomainClient(config);
+        PKIConnection connection = new PKIConnection(config);
+        AccountClient accountClient = new AccountClient(connection);
+        SecurityDomainClient sdClient = new SecurityDomainClient(connection);
 
         try {
-            InstallToken token = client.getInstallToken(sdhost, csType);
+            accountClient.login();
+            InstallToken token = sdClient.getInstallToken(sdhost, csType);
+            accountClient.logout();
             return token.getToken();
 
         } catch (ClientResponseFailure e) {
diff --git a/base/common/src/com/netscape/cms/servlet/key/KeyService.java b/base/common/src/com/netscape/cms/servlet/key/KeyService.java
index fe82d5fcd..01c8a0ee9 100644
--- a/base/common/src/com/netscape/cms/servlet/key/KeyService.java
+++ b/base/common/src/com/netscape/cms/servlet/key/KeyService.java
@@ -52,7 +52,7 @@ import com.netscape.cmsutil.ldap.LDAPUtil;
  * @author alee
  *
  */
-public class KeyService extends PKIService implements KeyResource{
+public class KeyService extends PKIService implements KeyResource {
 
     public static final int DEFAULT_MAXRESULTS = 100;
     public static final int DEFAULT_MAXTIME = 10;
diff --git a/base/common/src/com/netscape/cms/servlet/request/CertRequestService.java b/base/common/src/com/netscape/cms/servlet/request/CertRequestService.java
index a8099003f..dba6d9c01 100644
--- a/base/common/src/com/netscape/cms/servlet/request/CertRequestService.java
+++ b/base/common/src/com/netscape/cms/servlet/request/CertRequestService.java
@@ -50,6 +50,11 @@ import com.netscape.cmsutil.ldap.LDAPUtil;
  */
 public class CertRequestService extends PKIService implements CertRequestResource {
 
+    public static final int DEFAULT_START = 0;
+    public static final int DEFAULT_PAGESIZE = 20;
+    public static final int DEFAULT_MAXRESULTS = 100;
+    public static final int DEFAULT_MAXTIME = 10;
+
     /**
      * Used to retrieve key request info for a specific request
      */
@@ -194,17 +199,17 @@ public class CertRequestService extends PKIService implements CertRequestResourc
      * Used to generate list of cert requests based on the search parameters
      */
     public CertRequestInfos listRequests(String requestState, String requestType,
-            RequestId start, int pageSize, int maxResults, int maxTime) {
+            RequestId start, Integer pageSize, Integer maxResults, Integer maxTime) {
         // auth and authz
 
         // get ldap filter
         String filter = createSearchFilter(requestState, requestType);
         CMS.debug("listRequests: filter is " + filter);
 
-        // get start marker
-        if (start == null) {
-            start = new RequestId(CertRequestResource.DEFAULT_START);
-        }
+        start = start == null ? new RequestId(CertRequestService.DEFAULT_START) : start;
+        pageSize = pageSize == null ? DEFAULT_PAGESIZE : pageSize;
+        maxResults = maxResults == null ? DEFAULT_MAXRESULTS : maxResults;
+        maxTime = maxTime == null ? DEFAULT_MAXTIME : maxTime;
 
         CertRequestDAO reqDAO = new CertRequestDAO();
         CertRequestInfos requests;
author	Endi Sukma Dewata <edewata@redhat.com>	2012-10-10 04:38:05 -0500
committer	Endi Sukma Dewata <edewata@redhat.com>	2012-11-08 11:20:05 -0500
commit	cb209df95c4dee11f2a912e20b417fa3bc41c88f (patch)
tree	b50824cdfd3bc4ec3db905b94ef7750d9ff74844 /base/common/src/com/netscape/cms/servlet
parent	906acfd2c82d195a7c55a2af7c4d7abe8ed2655a (diff)
download	pki-cb209df95c4dee11f2a912e20b417fa3bc41c88f.tar.gz pki-cb209df95c4dee11f2a912e20b417fa3bc41c88f.tar.xz pki-cb209df95c4dee11f2a912e20b417fa3bc41c88f.zip