diff options
| author | Endi Sukma Dewata <edewata@redhat.com> | 2012-10-25 11:52:15 -0500 |
|---|---|---|
| committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-10-29 10:38:38 -0500 |
| commit | c1aa8b2d05cb1873990d1a3e9cf007cca240f135 (patch) | |
| tree | f12c76eaa1c385a79e40e7b38123360279c05fc0 /base/common/src/com/netscape/cms/servlet | |
| parent | 748605a324266bb515a3d1124bc55deb3be4df71 (diff) | |
| download | pki-c1aa8b2d05cb1873990d1a3e9cf007cca240f135.tar.gz pki-c1aa8b2d05cb1873990d1a3e9cf007cca240f135.tar.xz pki-c1aa8b2d05cb1873990d1a3e9cf007cca240f135.zip | |
Enabled authentication for key services.
The web.xml in KRA has been modified to enable the authentication
for key and key request services. Some tools have been added to
access the services via command-line.
Ticket #376
Diffstat (limited to 'base/common/src/com/netscape/cms/servlet')
5 files changed, 41 insertions, 52 deletions
diff --git a/base/common/src/com/netscape/cms/servlet/cert/CertRequestDAO.java b/base/common/src/com/netscape/cms/servlet/cert/CertRequestDAO.java index bcb19a70b..4d0fc38b2 100644 --- a/base/common/src/com/netscape/cms/servlet/cert/CertRequestDAO.java +++ b/base/common/src/com/netscape/cms/servlet/cert/CertRequestDAO.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.cert; -import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; import java.util.List; @@ -92,28 +91,20 @@ public class CertRequestDAO extends CMSRequestDAO { public CertRequestInfos listRequests(String filter, RequestId start, int pageSize, int maxResults, int maxTime, UriInfo uriInfo) throws EBaseException { - CMSRequestInfos cmsInfos = listCMSRequests(filter, start, pageSize, maxResults, maxTime, uriInfo); - CertRequestInfos ret = new CertRequestInfos(); - if (cmsInfos == null) { - ret.setRequests(null); - ret.setLinks(null); - return ret; - } + CMSRequestInfos cmsInfos = listCMSRequests(filter, start, pageSize, maxResults, maxTime, uriInfo); - List<CertRequestInfo> list = new ArrayList<CertRequestInfo>(); - ; Collection<? extends CMSRequestInfo> cmsList = cmsInfos.getRequests(); // We absolutely know 100% that this list is a list // of CertRequestInfo objects. This is because the method // createCMSRequestInfo. Is the only one adding to it - list = (List<CertRequestInfo>) cmsList; + List<CertRequestInfo> list = (List<CertRequestInfo>) cmsList; + ret.setRequests(list); ret.setLinks(cmsInfos.getLinks()); - ret.setRequests(list); return ret; } @@ -176,6 +167,9 @@ public class CertRequestDAO extends CMSRequestDAO { */ public CertRequestInfos submitRequest(CertEnrollmentRequest data, HttpServletRequest request, UriInfo uriInfo, Locale locale) throws EBaseException { + + CertRequestInfos ret = new CertRequestInfos(); + HashMap<String, Object> results = null; if (data.getIsRenewal()) { RenewalProcessor processor = new RenewalProcessor("caProfileSubmit", locale); @@ -185,16 +179,13 @@ public class CertRequestDAO extends CMSRequestDAO { results = processor.processEnrollment(data, request); } - CertRequestInfos ret = new CertRequestInfos(); - ArrayList<CertRequestInfo> infos = new ArrayList<CertRequestInfo>(); IRequest reqs[] = (IRequest[]) results.get(Processor.ARG_REQUESTS); for (IRequest req : reqs) { CertRequestInfo info = CertRequestInfoFactory.create(req, uriInfo); - infos.add(info); + ret.addRequest(info); } + // TODO - what happens if the errorCode is internal error ? - ret.setRequests(infos); - ret.setLinks(null); return ret; } diff --git a/base/common/src/com/netscape/cms/servlet/key/KeyRequestDAO.java b/base/common/src/com/netscape/cms/servlet/key/KeyRequestDAO.java index e64bcb2dc..bef0455a9 100644 --- a/base/common/src/com/netscape/cms/servlet/key/KeyRequestDAO.java +++ b/base/common/src/com/netscape/cms/servlet/key/KeyRequestDAO.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.key; -import java.util.ArrayList; import java.util.Collection; import java.util.Enumeration; import java.util.Hashtable; @@ -85,30 +84,22 @@ public class KeyRequestDAO extends CMSRequestDAO { public KeyRequestInfos listRequests(String filter, RequestId start, int pageSize, int maxResults, int maxTime, UriInfo uriInfo) throws EBaseException { - CMSRequestInfos cmsInfos = listCMSRequests(filter, start, pageSize, maxResults, maxTime, uriInfo); KeyRequestInfos ret = new KeyRequestInfos(); - if (cmsInfos == null) { - ret.setRequests(null); - ret.setLinks(null); - return ret; - } + CMSRequestInfos cmsInfos = listCMSRequests(filter, start, pageSize, maxResults, maxTime, uriInfo); - List<KeyRequestInfo> list = new ArrayList<KeyRequestInfo>(); - ; Collection<? extends CMSRequestInfo> cmsList = cmsInfos.getRequests(); // We absolutely know 100% that this list is a list // of KeyRequestInfo objects. This is because the method // createCMSRequestInfo. Is the only one adding to it - list = (List<KeyRequestInfo>) cmsList; + List<KeyRequestInfo> list = (List<KeyRequestInfo>) cmsList; + ret.setRequests(list); ret.setLinks(cmsInfos.getLinks()); - ret.setRequests(list); return ret; - } /** diff --git a/base/common/src/com/netscape/cms/servlet/key/KeyService.java b/base/common/src/com/netscape/cms/servlet/key/KeyService.java index 4db2fed0a..fe82d5fcd 100644 --- a/base/common/src/com/netscape/cms/servlet/key/KeyService.java +++ b/base/common/src/com/netscape/cms/servlet/key/KeyService.java @@ -20,10 +20,8 @@ package com.netscape.cms.servlet.key; import java.math.BigInteger; -import java.util.ArrayList; import java.util.Enumeration; import java.util.Hashtable; -import java.util.List; import javax.ws.rs.Path; import javax.ws.rs.WebApplicationException; @@ -56,6 +54,9 @@ import com.netscape.cmsutil.ldap.LDAPUtil; */ public class KeyService extends PKIService implements KeyResource{ + public static final int DEFAULT_MAXRESULTS = 100; + public static final int DEFAULT_MAXTIME = 10; + private IKeyRepository repo; private IKeyRecoveryAuthority kra; private IRequestQueue queue; @@ -245,16 +246,18 @@ public class KeyService extends PKIService implements KeyResource{ /** * Used to generate list of key infos based on the search parameters */ - public KeyDataInfos listKeys(String clientID, String status, int maxResults, int maxTime) { + public KeyDataInfos listKeys(String clientID, String status, Integer maxResults, Integer maxTime) { // auth and authz // get ldap filter String filter = createSearchFilter(status, clientID); CMS.debug("listKeys: filter is " + filter); + maxResults = maxResults == null ? DEFAULT_MAXRESULTS : maxResults; + maxTime = maxTime == null ? DEFAULT_MAXTIME : maxTime; + KeyDataInfos infos = new KeyDataInfos(); try { - List <KeyDataInfo> list = new ArrayList<KeyDataInfo>(); Enumeration<IKeyRecord> e = null; e = repo.searchKeys(filter, maxResults, maxTime); @@ -265,11 +268,10 @@ public class KeyService extends PKIService implements KeyResource{ while (e.hasMoreElements()) { IKeyRecord rec = e.nextElement(); if (rec != null) { - list.add(createKeyDataInfo(rec)); + infos.addKeyInfo(createKeyDataInfo(rec)); } } - infos.setKeyInfos(list); } catch (EBaseException e) { e.printStackTrace(); throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR); @@ -280,6 +282,11 @@ public class KeyService extends PKIService implements KeyResource{ public KeyDataInfo createKeyDataInfo(IKeyRecord rec) throws EBaseException { KeyDataInfo ret = new KeyDataInfo(); + ret.setClientID(rec.getClientId()); + ret.setStatus(rec.getKeyStatus()); + ret.setAlgorithm(rec.getAlgorithm()); + ret.setSize(rec.getKeySize()); + ret.setOwnerName(rec.getOwnerName()); Path keyPath = KeyResource.class.getAnnotation(Path.class); BigInteger serial = rec.getSerialNumber(); diff --git a/base/common/src/com/netscape/cms/servlet/request/CMSRequestDAO.java b/base/common/src/com/netscape/cms/servlet/request/CMSRequestDAO.java index f7c9f7aae..e54f8a4c6 100644 --- a/base/common/src/com/netscape/cms/servlet/request/CMSRequestDAO.java +++ b/base/common/src/com/netscape/cms/servlet/request/CMSRequestDAO.java @@ -18,8 +18,6 @@ package com.netscape.cms.servlet.request; import java.net.URI; -import java.util.ArrayList; -import java.util.List; import javax.ws.rs.core.MultivaluedMap; import javax.ws.rs.core.UriBuilder; @@ -84,8 +82,8 @@ public abstract class CMSRequestDAO { */ public CMSRequestInfos listCMSRequests(String filter, RequestId start, int pageSize, int maxResults, int maxTime, UriInfo uriInfo) throws EBaseException { - List<CMSRequestInfo> list = new ArrayList<CMSRequestInfo>(); - List<Link> links = new ArrayList<Link>(); + + CMSRequestInfos ret = new CMSRequestInfos(); int totalSize = 0; int current = 0; @@ -100,7 +98,7 @@ public abstract class CMSRequestDAO { for (int i = 0; i < numRecords; i++) { IRequest request = vlvlist.getElementAt(i); - list.add(createCMSRequestInfo(request, uriInfo)); + ret.addRequest(createCMSRequestInfo(request, uriInfo)); } } else { // The non-vlv requests are indexed, but are not paginated. @@ -109,13 +107,13 @@ public abstract class CMSRequestDAO { IRequestList requests = queue.listRequestsByFilter(filter, maxResults, maxTime); if (requests == null) { - return null; + return ret; } while (requests.hasMoreElements()) { RequestId rid = requests.nextElement(); IRequest request = queue.findRequest(rid); if (request != null) { - list.add(createCMSRequestInfo(request, uriInfo)); + ret.addRequest(createCMSRequestInfo(request, uriInfo)); } } } @@ -137,7 +135,7 @@ public abstract class CMSRequestDAO { int next = current + pageSize + 1; URI nextUri = builder.clone().build(next, pageSize); Link nextLink = new Link("next", nextUri.toString(), "application/xml"); - links.add(nextLink); + ret.addLink(nextLink); } // previous link @@ -145,12 +143,9 @@ public abstract class CMSRequestDAO { int previous = current - pageSize; URI previousUri = builder.clone().build(previous, pageSize); Link previousLink = new Link("previous", previousUri.toString(), "application/xml"); - links.add(previousLink); + ret.addLink(previousLink); } - CMSRequestInfos ret = new CMSRequestInfos(); - ret.setRequests(list); - ret.setLinks(links); return ret; } diff --git a/base/common/src/com/netscape/cms/servlet/request/KeyRequestService.java b/base/common/src/com/netscape/cms/servlet/request/KeyRequestService.java index 775c0ed28..12f3bb7ee 100644 --- a/base/common/src/com/netscape/cms/servlet/request/KeyRequestService.java +++ b/base/common/src/com/netscape/cms/servlet/request/KeyRequestService.java @@ -42,6 +42,11 @@ import com.netscape.cmsutil.ldap.LDAPUtil; */ public class KeyRequestService extends PKIService implements KeyRequestResource { + public static final int DEFAULT_START = 0; + public static final int DEFAULT_PAGESIZE = 20; + public static final int DEFAULT_MAXRESULTS = 100; + public static final int DEFAULT_MAXTIME = 10; + /** * Used to retrieve key request info for a specific request */ @@ -169,17 +174,17 @@ public class KeyRequestService extends PKIService implements KeyRequestResource * Used to generate list of key requests based on the search parameters */ public KeyRequestInfos listRequests(String requestState, String requestType, String clientID, - RequestId start, int pageSize, int maxResults, int maxTime) { + RequestId start, Integer pageSize, Integer maxResults, Integer maxTime) { // auth and authz // get ldap filter String filter = createSearchFilter(requestState, requestType, clientID); CMS.debug("listRequests: filter is " + filter); - // get start marker - if (start == null) { - start = new RequestId(KeyRequestResource.DEFAULT_START); - } + start = start == null ? new RequestId(KeyRequestService.DEFAULT_START) : start; + pageSize = pageSize == null ? DEFAULT_PAGESIZE : pageSize; + maxResults = maxResults == null ? DEFAULT_MAXRESULTS : maxResults; + maxTime = maxTime == null ? DEFAULT_MAXTIME : maxTime; KeyRequestDAO reqDAO = new KeyRequestDAO(); KeyRequestInfos requests; |