Enabled authentication for key services.

The web.xml in KRA has been modified to enable the authentication
for key and key request services. Some tools have been added to
access the services via command-line.

Ticket #376

5 files changed, 341 insertions, 1 deletions

diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
index d7cb293a7..2e661fcc6 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
@@ -35,6 +35,7 @@ import com.netscape.certsrv.client.ClientConfig;
 import com.netscape.certsrv.client.PKIConnection;
 import com.netscape.cmstools.cert.CertCLI;
 import com.netscape.cmstools.group.GroupCLI;
+import com.netscape.cmstools.key.KeyCLI;
 import com.netscape.cmstools.system.SecurityDomainCLI;
 import com.netscape.cmstools.user.UserCLI;
 
@@ -53,6 +54,7 @@ public class MainCLI extends CLI {
 
         addModule(new CertCLI(this));
         addModule(new GroupCLI(this));
+        addModule(new KeyCLI(this));
         addModule(new SecurityDomainCLI(this));
         addModule(new UserCLI(this));
     }
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java
new file mode 100644
index 000000000..f3922d5da
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java
@@ -0,0 +1,111 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.key;
+
+import java.util.Arrays;
+
+import org.apache.commons.lang.StringUtils;
+
+import com.netscape.certsrv.key.KeyClient;
+import com.netscape.certsrv.key.KeyDataInfo;
+import com.netscape.certsrv.key.KeyRequestInfo;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class KeyCLI extends CLI {
+
+    public MainCLI parent;
+    public KeyClient keyClient;
+
+    public KeyCLI(MainCLI parent) {
+        super("key", "Key management commands");
+        this.parent = parent;
+
+        addModule(new KeyFindCLI(this));
+        addModule(new KeyRequestFindCLI(this));
+    }
+
+    public void printHelp() {
+
+        System.out.println("Commands:");
+
+        int leftPadding = 1;
+        int rightPadding = 25;
+
+        for (CLI module : modules.values()) {
+            String label = name + "-" + module.getName();
+
+            int padding = rightPadding - leftPadding - label.length();
+            if (padding < 1)
+                padding = 1;
+
+            System.out.print(StringUtils.repeat(" ", leftPadding));
+            System.out.print(label);
+            System.out.print(StringUtils.repeat(" ", padding));
+            System.out.println(module.getDescription());
+        }
+    }
+
+    public void execute(String[] args) throws Exception {
+
+        keyClient = new KeyClient(parent.connection);
+
+        if (args.length == 0) {
+            printHelp();
+            System.exit(1);
+        }
+
+        String command = args[0];
+        String[] commandArgs = Arrays.copyOfRange(args, 1, args.length);
+
+        if (command == null) {
+            printHelp();
+            System.exit(1);
+        }
+
+        CLI module = getModule(command);
+        if (module != null) {
+            module.execute(commandArgs);
+
+        } else {
+            System.err.println("Error: Invalid command \"" + command + "\"");
+            printHelp();
+            System.exit(1);
+        }
+    }
+
+    public static void printKeyInfo(KeyDataInfo info) {
+        System.out.println("  Key ID: "+info.getKeyId().toHexString());
+        if (info.getClientID() != null) System.out.println("  Client ID: "+info.getClientID());
+        if (info.getStatus() != null) System.out.println("  Status: "+info.getStatus());
+        if (info.getAlgorithm() != null) System.out.println("  Algorithm: "+info.getAlgorithm());
+        if (info.getSize() != null) System.out.println("  Size: "+info.getSize());
+        if (info.getOwnerName() != null) System.out.println("  Owner: "+info.getOwnerName());
+    }
+
+    public static void printKeyRequestInfo(KeyRequestInfo info) {
+        System.out.println("  Request ID: "+info.getRequestId().toHexString());
+        if (info.getKeyId() != null) System.out.println("  Key ID: "+info.getKeyId().toHexString());
+        if (info.getRequestType() != null) System.out.println("  Type: "+info.getRequestType());
+        if (info.getRequestStatus() != null) System.out.println("  Status: "+info.getRequestStatus());
+    }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java
new file mode 100644
index 000000000..014a9b60e
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java
@@ -0,0 +1,107 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.key;
+
+import java.util.Collection;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+import org.apache.commons.cli.ParseException;
+
+import com.netscape.certsrv.key.KeyDataInfo;
+import com.netscape.certsrv.key.KeyDataInfos;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class KeyFindCLI extends CLI {
+
+    public KeyCLI parent;
+
+    public KeyFindCLI(KeyCLI parent) {
+        super("find", "Find keys");
+        this.parent = parent;
+    }
+
+    public void printHelp() {
+        formatter.printHelp(parent.name + "-" + name + " [OPTIONS...]", options);
+    }
+
+    public void execute(String[] args) {
+
+        Option option = new Option(null, "client", true, "Client ID");
+        option.setArgName("client ID");
+        options.addOption(option);
+
+        option = new Option(null, "status", true, "Status");
+        option.setArgName("status");
+        options.addOption(option);
+
+        option = new Option(null, "maxResults", true, "Maximum results");
+        option.setArgName("max results");
+        options.addOption(option);
+
+        option = new Option(null, "maxTime", true, "Maximum time");
+        option.setArgName("max time");
+        options.addOption(option);
+
+        CommandLine cmd = null;
+
+        try {
+            cmd = parser.parse(options, args);
+
+        } catch (ParseException e) {
+            System.err.println("Error: " + e.getMessage());
+            printHelp();
+            System.exit(1);
+        }
+
+        String clientID = cmd.getOptionValue("client");
+        String status = cmd.getOptionValue("status");
+
+        String s = cmd.getOptionValue("maxResults");
+        Integer maxResults = s == null ? null : Integer.valueOf(s);
+
+        s = cmd.getOptionValue("maxTime");
+        Integer maxTime = s == null ? null : Integer.valueOf(s);
+
+        KeyDataInfos keys = parent.keyClient.findKeys(clientID, status, maxResults, maxTime);
+
+        Collection<KeyDataInfo> entries = keys.getKeyInfos();
+
+        MainCLI.printMessage(entries.size() + " key(s) matched");
+
+        boolean first = true;
+
+        for (KeyDataInfo info : entries) {
+
+            if (first) {
+                first = false;
+            } else {
+                System.out.println();
+            }
+
+            KeyCLI.printKeyInfo(info);
+        }
+
+        MainCLI.printMessage("Number of entries returned " + entries.size());
+    }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java
new file mode 100644
index 000000000..83ce42318
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java
@@ -0,0 +1,120 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.key;
+
+import java.util.Collection;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+import org.apache.commons.cli.ParseException;
+
+import com.netscape.certsrv.key.KeyRequestInfo;
+import com.netscape.certsrv.key.KeyRequestInfos;
+import com.netscape.certsrv.request.RequestId;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class KeyRequestFindCLI extends CLI {
+
+    public KeyCLI parent;
+
+    public KeyRequestFindCLI(KeyCLI parent) {
+        super("request-find", "Find key requests");
+        this.parent = parent;
+    }
+
+    public void printHelp() {
+        formatter.printHelp(parent.name + "-" + name + " [OPTIONS...]", options);
+    }
+
+    public void execute(String[] args) {
+
+        Option option = new Option(null, "status", true, "Request status");
+        option.setArgName("status");
+        options.addOption(option);
+
+        option = new Option(null, "type", true, "Request type");
+        option.setArgName("type");
+        options.addOption(option);
+
+        option = new Option(null, "client", true, "Client ID");
+        option.setArgName("client ID");
+        options.addOption(option);
+
+        option = new Option(null, "maxResults", true, "Maximum results");
+        option.setArgName("max results");
+        options.addOption(option);
+
+        option = new Option(null, "maxTime", true, "Maximum time");
+        option.setArgName("max time");
+        options.addOption(option);
+
+        CommandLine cmd = null;
+
+        try {
+            cmd = parser.parse(options, args);
+
+        } catch (ParseException e) {
+            System.err.println("Error: " + e.getMessage());
+            printHelp();
+            System.exit(1);
+        }
+
+        String status = cmd.getOptionValue("status");
+        String type = cmd.getOptionValue("type");
+        String clientID = cmd.getOptionValue("client");
+
+        String s = cmd.getOptionValue("start");
+        RequestId start = s == null ? null : new RequestId(s);
+
+        s = cmd.getOptionValue("pageSize");
+        Integer pageSize = s == null ? null : Integer.valueOf(s);
+
+        s = cmd.getOptionValue("maxResults");
+        Integer maxResults = s == null ? null : Integer.valueOf(s);
+
+        s = cmd.getOptionValue("maxTime");
+        Integer maxTime = s == null ? null : Integer.valueOf(s);
+
+        KeyRequestInfos keys = parent.keyClient.findKeyRequests(
+                status, type, clientID, start, pageSize, maxResults, maxTime);
+
+        Collection<KeyRequestInfo> entries = keys.getRequests();
+
+        MainCLI.printMessage(entries.size() + " key request(s) matched");
+
+        boolean first = true;
+
+        for (KeyRequestInfo info : entries) {
+
+            if (first) {
+                first = false;
+            } else {
+                System.out.println();
+            }
+
+            KeyCLI.printKeyRequestInfo(info);
+        }
+
+        MainCLI.printMessage("Number of entries returned " + entries.size());
+    }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java
index a5b96d1c3..187d4596d 100644
--- a/base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java
@@ -65,7 +65,7 @@ public class UserFindCLI extends CLI {
             System.exit(1);
         }
 
-        String[] cmdArgs = cmd.getArgs();;
+        String[] cmdArgs = cmd.getArgs();
         String filter = cmdArgs.length > 0 ? cmdArgs[0] : null;
 
         String s = cmd.getOptionValue("start");