diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-10-10 04:38:05 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-11-03 00:47:49 -0400 |
commit | 07b24a4d1dcf600f48ce59626c09c2fd3c644d88 (patch) | |
tree | d40e13641ba511ea6eb5ffba33d4491f8e70331f /base/common/src/com/netscape/cms | |
parent | d9a9e23aae83f1d3d6c0e5968097fde12cfff3d2 (diff) | |
download | pki-07b24a4d1dcf600f48ce59626c09c2fd3c644d88.tar.gz pki-07b24a4d1dcf600f48ce59626c09c2fd3c644d88.tar.xz pki-07b24a4d1dcf600f48ce59626c09c2fd3c644d88.zip |
Added ACLInterceptor.
Previously ACL checking was done in PKIRealm by matching the URL.
This code has been replaced by ACLInterceptor which will intercept
RESTEasy method invocations. This allows more precise mapping of
REST methods to ACL entries in acl.ldif.
Ticket #287
Diffstat (limited to 'base/common/src/com/netscape/cms')
3 files changed, 18 insertions, 8 deletions
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index 2a2c3b3ab..a7ec566ce 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -129,6 +129,7 @@ import org.w3c.dom.Node; import org.w3c.dom.NodeList; import org.xml.sax.SAXException; +import com.netscape.certsrv.account.AccountClient; import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.authentication.EAuthException; import com.netscape.certsrv.authentication.IAuthSubsystem; @@ -325,10 +326,14 @@ public class ConfigurationUtils { config.setUsername(user); config.setPassword(passwd); - SecurityDomainClient client = new SecurityDomainClient(config); + PKIConnection connection = new PKIConnection(config); + AccountClient accountClient = new AccountClient(connection); + SecurityDomainClient sdClient = new SecurityDomainClient(connection); try { - InstallToken token = client.getInstallToken(sdhost, csType); + accountClient.login(); + InstallToken token = sdClient.getInstallToken(sdhost, csType); + accountClient.logout(); return token.getToken(); } catch (ClientResponseFailure e) { diff --git a/base/common/src/com/netscape/cms/servlet/key/KeyService.java b/base/common/src/com/netscape/cms/servlet/key/KeyService.java index fe82d5fcd..01c8a0ee9 100644 --- a/base/common/src/com/netscape/cms/servlet/key/KeyService.java +++ b/base/common/src/com/netscape/cms/servlet/key/KeyService.java @@ -52,7 +52,7 @@ import com.netscape.cmsutil.ldap.LDAPUtil; * @author alee * */ -public class KeyService extends PKIService implements KeyResource{ +public class KeyService extends PKIService implements KeyResource { public static final int DEFAULT_MAXRESULTS = 100; public static final int DEFAULT_MAXTIME = 10; diff --git a/base/common/src/com/netscape/cms/servlet/request/CertRequestService.java b/base/common/src/com/netscape/cms/servlet/request/CertRequestService.java index a8099003f..dba6d9c01 100644 --- a/base/common/src/com/netscape/cms/servlet/request/CertRequestService.java +++ b/base/common/src/com/netscape/cms/servlet/request/CertRequestService.java @@ -50,6 +50,11 @@ import com.netscape.cmsutil.ldap.LDAPUtil; */ public class CertRequestService extends PKIService implements CertRequestResource { + public static final int DEFAULT_START = 0; + public static final int DEFAULT_PAGESIZE = 20; + public static final int DEFAULT_MAXRESULTS = 100; + public static final int DEFAULT_MAXTIME = 10; + /** * Used to retrieve key request info for a specific request */ @@ -194,17 +199,17 @@ public class CertRequestService extends PKIService implements CertRequestResourc * Used to generate list of cert requests based on the search parameters */ public CertRequestInfos listRequests(String requestState, String requestType, - RequestId start, int pageSize, int maxResults, int maxTime) { + RequestId start, Integer pageSize, Integer maxResults, Integer maxTime) { // auth and authz // get ldap filter String filter = createSearchFilter(requestState, requestType); CMS.debug("listRequests: filter is " + filter); - // get start marker - if (start == null) { - start = new RequestId(CertRequestResource.DEFAULT_START); - } + start = start == null ? new RequestId(CertRequestService.DEFAULT_START) : start; + pageSize = pageSize == null ? DEFAULT_PAGESIZE : pageSize; + maxResults = maxResults == null ? DEFAULT_MAXRESULTS : maxResults; + maxTime = maxTime == null ? DEFAULT_MAXTIME : maxTime; CertRequestDAO reqDAO = new CertRequestDAO(); CertRequestInfos requests; |