summaryrefslogtreecommitdiffstats
path: root/base/java-tools
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-08-18 02:30:44 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-08-29 23:42:53 -0500
commit60835ed008586f85a22737d0161cb026f2dbffec (patch)
tree363e447f38aa7bfe9835955e7f1f7345228c14ff /base/java-tools
parent88176c5c8caf146a1a408dc3a7f6b23e1a8e63b7 (diff)
downloadpki-60835ed008586f85a22737d0161cb026f2dbffec.tar.gz
pki-60835ed008586f85a22737d0161cb026f2dbffec.tar.xz
pki-60835ed008586f85a22737d0161cb026f2dbffec.zip
Moved REST CLI into pki-tools.
The pki-client.jar has been split and merged into pki-certsrv.jar and pki-tools.jar. The REST client classes are now packaged in com.netscape.certsrv.<component> packages. The REST CLI classes are now packaged in com.netscape.cmstools.<component> packages. The "pki" script has been moved into pki-tools RPM package. Ticket #215
Diffstat (limited to 'base/java-tools')
-rw-r--r--base/java-tools/CMakeLists.txt12
-rwxr-xr-xbase/java-tools/pki111
-rw-r--r--base/java-tools/src/CMakeLists.txt61
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cert/CertCLI.java152
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java388
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cert/CertHoldCLI.java118
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cert/CertReleaseHoldCLI.java109
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cert/CertRequestApproveCLI.java69
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cert/CertRequestReviewCLI.java103
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java85
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cert/CertRevokeCLI.java164
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cert/CertShowCLI.java95
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cli/CLI.java88
-rw-r--r--base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java281
-rw-r--r--base/java-tools/src/com/netscape/cmstools/group/GroupAddCLI.java81
-rw-r--r--base/java-tools/src/com/netscape/cmstools/group/GroupAddMemberCLI.java57
-rw-r--r--base/java-tools/src/com/netscape/cmstools/group/GroupCLI.java125
-rw-r--r--base/java-tools/src/com/netscape/cmstools/group/GroupFindCLI.java98
-rw-r--r--base/java-tools/src/com/netscape/cmstools/group/GroupFindMemberCLI.java104
-rw-r--r--base/java-tools/src/com/netscape/cmstools/group/GroupModifyCLI.java80
-rw-r--r--base/java-tools/src/com/netscape/cmstools/group/GroupRemoveCLI.java54
-rw-r--r--base/java-tools/src/com/netscape/cmstools/group/GroupRemoveMemberCLI.java54
-rw-r--r--base/java-tools/src/com/netscape/cmstools/group/GroupShowCLI.java56
-rw-r--r--base/java-tools/src/com/netscape/cmstools/group/GroupShowMemberCLI.java57
-rw-r--r--base/java-tools/src/com/netscape/cmstools/user/UserAddCLI.java106
-rw-r--r--base/java-tools/src/com/netscape/cmstools/user/UserAddCertCLI.java97
-rw-r--r--base/java-tools/src/com/netscape/cmstools/user/UserCLI.java163
-rw-r--r--base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java98
-rw-r--r--base/java-tools/src/com/netscape/cmstools/user/UserFindCertCLI.java104
-rw-r--r--base/java-tools/src/com/netscape/cmstools/user/UserModifyCLI.java107
-rw-r--r--base/java-tools/src/com/netscape/cmstools/user/UserRemoveCLI.java53
-rw-r--r--base/java-tools/src/com/netscape/cmstools/user/UserRemoveCertCLI.java61
-rw-r--r--base/java-tools/src/com/netscape/cmstools/user/UserShowCLI.java56
-rw-r--r--base/java-tools/src/com/netscape/cmstools/user/UserShowCertCLI.java96
34 files changed, 3540 insertions, 3 deletions
diff --git a/base/java-tools/CMakeLists.txt b/base/java-tools/CMakeLists.txt
index 427ded555..0ba83caa3 100644
--- a/base/java-tools/CMakeLists.txt
+++ b/base/java-tools/CMakeLists.txt
@@ -1,4 +1,16 @@
project(java-tools Java)
+
+install(
+ FILES
+ pki
+ DESTINATION
+ ${BIN_INSTALL_DIR}
+ PERMISSIONS
+ OWNER_EXECUTE OWNER_WRITE OWNER_READ
+ GROUP_EXECUTE GROUP_READ
+ WORLD_EXECUTE WORLD_READ
+)
+
add_subdirectory(src)
add_subdirectory(templates)
diff --git a/base/java-tools/pki b/base/java-tools/pki
new file mode 100755
index 000000000..e465fa926
--- /dev/null
+++ b/base/java-tools/pki
@@ -0,0 +1,111 @@
+#!/usr/bin/perl
+# --- BEGIN COPYRIGHT BLOCK ---
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor,
+# Boston, MA 02110-1301 USA
+#
+# Copyright (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# --- END COPYRIGHT BLOCK ---
+
+###############################################################################
+## (1) Specify variables used by this script. ##
+###############################################################################
+
+my $PRODUCT="pki";
+my $libpath="";
+
+
+###############################################################################
+## (2) Define helper functions. ##
+###############################################################################
+
+sub invalid_architecture()
+{
+ print "\n";
+ print "ERROR: pki does not execute on this architecture\n";
+ print "ERROR: check to make sure pki-tools package is installed!\n";
+ print "\n";
+}
+
+
+###############################################################################
+## (3) Set the LD_LIBRARY_PATH environment variable ##
+## (as well as the ${libpath} java property) to determine the ##
+## search order this command uses to find shared libraries. ##
+###############################################################################
+
+my $ARCHITECTURE=`uname -i`;
+chop( $ARCHITECTURE );
+
+if( $ARCHITECTURE eq "i386" ) {
+ $libpath="/usr/lib";
+
+ $ENV{LD_LIBRARY_PATH} = "/usr/lib/jss:"
+ . "/usr/lib:/lib";
+} elsif($ARCHITECTURE eq "x86_64") {
+ $libpath="/usr/lib64";
+
+ $ENV{LD_LIBRARY_PATH} = "/usr/lib64/jss:"
+ . "/usr/lib64:/lib64:"
+ . "/usr/lib/jss:"
+ . "/usr/lib:/lib";
+} else {
+ invalid_architecture();
+ exit(255);
+}
+
+
+###############################################################################
+## (4) Set the CP environment variable to determine the search ##
+## order this command wrapper uses to find jar files. ##
+###############################################################################
+
+$ENV{CLASSPATH} = "/usr/share/java/${PRODUCT}/pki-certsrv.jar:"
+ . "/usr/share/java/${PRODUCT}/pki-nsutil.jar:"
+ . "/usr/share/java/${PRODUCT}/pki-tools.jar:"
+ . "/usr/share/java/apache-commons-cli.jar:"
+ . "/usr/share/java/apache-commons-codec.jar:"
+ . "/usr/share/java/apache-commons-lang.jar:"
+ . "/usr/share/java/apache-commons-logging.jar:"
+ . "/usr/share/java/commons-httpclient.jar:"
+ . "/usr/share/java/httpcomponents/httpclient.jar:"
+ . "/usr/share/java/httpcomponents/httpcore.jar:"
+ . "/usr/share/java/jaxb-api.jar:"
+ . "/usr/share/java/resteasy/jaxrs-api.jar:"
+ . "/usr/share/java/resteasy/resteasy-atom-provider.jar:"
+ . "/usr/share/java/resteasy/resteasy-jaxb-provider.jar:"
+ . "/usr/share/java/resteasy/resteasy-jaxrs.jar:"
+ . "/usr/share/java/servlet.jar:";
+
+if( $ARCHITECTURE eq "x86_64" ) {
+ $ENV{CLASSPATH} = $ENV{CLASSPATH}
+ . "/usr/lib64/java/jss4.jar:"
+ . "/usr/lib/java/jss4.jar:";
+} else {
+ $ENV{CLASSPATH} = $ENV{CLASSPATH}
+ . "/usr/lib/java/jss4.jar:";
+}
+
+
+###############################################################################
+## (5) Execute the java command specified by this java command wrapper ##
+## based upon the preset LD_LIBRARY_PATH and CP environment variables. ##
+###############################################################################
+
+my @args = ();
+foreach (@ARGV) {
+ push(@args, quotemeta($_));
+}
+
+system("java -cp $ENV{CLASSPATH} com.netscape.cmstools.cli.MainCLI @args");
diff --git a/base/java-tools/src/CMakeLists.txt b/base/java-tools/src/CMakeLists.txt
index 8249a0086..a0c50d25b 100644
--- a/base/java-tools/src/CMakeLists.txt
+++ b/base/java-tools/src/CMakeLists.txt
@@ -8,6 +8,20 @@ find_file(JSS_JAR
/usr/share/java
)
+find_file(APACHE_COMMONS_CLI_JAR
+ NAMES
+ apache-commons-cli.jar
+ PATHS
+ /usr/share/java
+)
+
+find_file(APACHE_COMMONS_LANG_JAR
+ NAMES
+ apache-commons-lang.jar
+ PATHS
+ /usr/share/java
+)
+
find_file(COMMONS_CODEC_JAR
NAMES
commons-codec.jar
@@ -31,18 +45,56 @@ find_file(XERCES_JAR
/usr/share/java
)
+find_file(JAXRS_API_JAR
+ NAMES
+ jaxrs-api.jar
+ PATHS
+ /usr/share/java/resteasy
+)
+
+find_file(RESTEASY_JAXRS_JAR
+ NAMES
+ resteasy-jaxrs.jar
+ PATHS
+ /usr/share/java/resteasy
+)
+
+find_file(RESTEASY_ATOM_PROVIDER_JAR
+ NAMES
+ resteasy-atom-provider.jar
+ PATHS
+ /usr/share/java/resteasy
+)
+
+find_file(HTTPCLIENT_JAR
+ NAMES
+ httpclient.jar
+ PATHS
+ /usr/share/java/httpcomponents
+)
+
+find_file(HTTPCORE_JAR
+ NAMES
+ httpcore.jar
+ PATHS
+ /usr/share/java/httpcomponents
+)
+
# build pki-tools
javac(pki-tools-classes
SOURCES
com/netscape/cmstools/*.java
CLASSPATH
- ${PKI_NSUTIL_JAR} ${PKI_CMSUTIL_JAR}
+ ${PKI_NSUTIL_JAR} ${PKI_CMSUTIL_JAR} ${PKI_CERTSRV_JAR}
${XALAN_JAR} ${XERCES_JAR}
${JSS_JAR} ${COMMONS_CODEC_JAR}
+ ${APACHE_COMMONS_CLI_JAR} ${APACHE_COMMONS_LANG_JAR}
+ ${JAXRS_API_JAR} ${RESTEASY_JAXRS_JAR} ${RESTEASY_ATOM_PROVIDER_JAR}
+ ${HTTPCLIENT_JAR} ${HTTPCORE_JAR}
OUTPUT_DIR
${CMAKE_BINARY_DIR}/classes
DEPENDS
- pki-nsutil pki-cmsutil
+ pki-nsutil pki-cmsutil pki-certsrv
)
jar(pki-tools-jar
@@ -89,9 +141,12 @@ if(WITH_JAVADOC)
SUBPACKAGES
com.netscape.cmstools
CLASSPATH
- ${PKI_NSUTIL_JAR} ${PKI_CMSUTIL_JAR}
+ ${PKI_NSUTIL_JAR} ${PKI_CMSUTIL_JAR} ${PKI_CERTSRV_JAR}
${XALAN_JAR} ${XERCES_JAR}
${JSS_JAR} ${COMMONS_CODEC_JAR}
+ ${APACHE_COMMONS_CLI_JAR} ${APACHE_COMMONS_LANG_JAR}
+ ${JAXRS_API_JAR} ${RESTEASY_JAXRS_JAR} ${RESTEASY_ATOM_PROVIDER_JAR}
+ ${HTTPCLIENT_JAR} ${HTTPCORE_JAR}
OPTIONS
-windowtitle 'pki-java-tools'
-doctitle '<h1>pki-java-tools</h1>'
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertCLI.java
new file mode 100644
index 000000000..6857b689e
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertCLI.java
@@ -0,0 +1,152 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.cert;
+
+import java.util.Arrays;
+
+import org.apache.commons.lang.StringUtils;
+import org.jboss.resteasy.plugins.providers.atom.Link;
+
+import com.netscape.certsrv.cert.CertClient;
+import com.netscape.certsrv.cert.CertData;
+import com.netscape.certsrv.cert.CertDataInfo;
+import com.netscape.certsrv.cert.CertRequestInfo;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class CertCLI extends CLI {
+
+ public MainCLI parent;
+ public CertClient client;
+
+ public CertCLI(MainCLI parent) {
+ super("cert", "Certificate management commands");
+ this.parent = parent;
+
+ addModule(new CertFindCLI(this));
+ addModule(new CertShowCLI(this));
+
+ addModule(new CertRevokeCLI(this));
+ addModule(new CertHoldCLI(this));
+ addModule(new CertReleaseHoldCLI(this));
+ addModule(new CertRequestSubmitCLI(this));
+ addModule(new CertRequestReviewCLI(this));
+ addModule(new CertRequestApproveCLI(this));
+ }
+
+ public void printHelp() {
+
+ System.out.println("Commands:");
+
+ int leftPadding = 1;
+ int rightPadding = 25;
+
+ for (CLI module : modules.values()) {
+ String label = name + "-" + module.getName();
+
+ int padding = rightPadding - leftPadding - label.length();
+ if (padding < 1)
+ padding = 1;
+
+ System.out.print(StringUtils.repeat(" ", leftPadding));
+ System.out.print(label);
+ System.out.print(StringUtils.repeat(" ", padding));
+ System.out.println(module.getDescription());
+ }
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ client = new CertClient(parent.config);
+ client.setVerbose(verbose);
+
+ if (args.length == 0) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String command = args[0];
+ String[] commandArgs = Arrays.copyOfRange(args, 1, args.length);
+
+ if (command == null) {
+ printHelp();
+ System.exit(1);
+ }
+
+ CLI module = getModule(command);
+ if (module != null) {
+ module.execute(commandArgs);
+
+ } else {
+ System.err.println("Error: Invalid command \"" + command + "\"");
+ printHelp();
+ System.exit(1);
+ }
+ }
+
+ public static void printCertInfo(CertDataInfo info) {
+ System.out.println(" Serial Number: "+info.getID().toHexString());
+ System.out.println(" Subject DN: "+info.getSubjectDN());
+ System.out.println(" Status: "+info.getStatus());
+
+ Link link = info.getLink();
+ if (verbose && link != null) {
+ System.out.println(" Link: " + link.getHref());
+ }
+ }
+
+ public static void printCertData(
+ CertData certData,
+ boolean showPrettyPrint,
+ boolean showEncoded) {
+
+ System.out.println(" Serial Number: " + certData.getSerialNumber().toHexString());
+ System.out.println(" Issuer: " + certData.getIssuerDN());
+ System.out.println(" Subject: " + certData.getSubjectDN());
+ System.out.println(" Status: " + certData.getStatus());
+ System.out.println(" Not Before: " + certData.getNotBefore());
+ System.out.println(" Not After: " + certData.getNotAfter());
+
+ Link link = certData.getLink();
+ if (verbose && link != null) {
+ System.out.println(" Link: " + link.getHref());
+ }
+
+ String prettyPrint = certData.getPrettyPrint();
+ if (showPrettyPrint && prettyPrint != null) {
+ System.out.println();
+ System.out.println(prettyPrint);
+ }
+
+ String encoded = certData.getEncoded();
+ if (showEncoded && encoded != null) {
+ System.out.println();
+ System.out.println(encoded);
+ }
+ }
+
+ public static void printCertRequestInfo(CertRequestInfo info) {
+ System.out.println(" Request ID: " + info.getRequestId());
+ System.out.println(" Status: " + info.getRequestStatus());
+ System.out.println(" Type: " + info.getRequestType());
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
new file mode 100644
index 000000000..397df3f93
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertFindCLI.java
@@ -0,0 +1,388 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.cert;
+
+import java.io.FileNotFoundException;
+import java.io.FileReader;
+import java.io.IOException;
+
+import javax.xml.bind.JAXBException;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+import org.apache.commons.cli.ParseException;
+
+import com.netscape.certsrv.base.PKIException;
+import com.netscape.certsrv.cert.CertDataInfo;
+import com.netscape.certsrv.cert.CertDataInfos;
+import com.netscape.certsrv.cert.CertSearchRequest;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class CertFindCLI extends CLI {
+
+ public CertCLI parent;
+
+ public CertFindCLI(CertCLI parent) {
+ super("find", "Find certificates");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) {
+
+ addOptions();
+
+ CommandLine cmd = null;
+ CertSearchRequest searchData = null;
+ try {
+ cmd = parser.parse(options, args);
+ } catch (ParseException e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(-1);
+ }
+
+ if (cmd.hasOption("help")) {
+ printHelp();
+ System.exit(-1);
+ }
+
+ String fileName = null;
+
+ if (cmd.hasOption("input")) {
+ fileName = cmd.getOptionValue("input");
+ if (fileName == null || fileName.length() < 1) {
+ System.err.println("Error: No file name specified.");
+ printHelp();
+ System.exit(-1);
+ }
+ }
+ if (fileName != null) {
+ FileReader reader = null;
+ try {
+ reader = new FileReader(fileName);
+ searchData = CertSearchRequest.valueOf(reader);
+ } catch (FileNotFoundException e) {
+ System.err.println("Error: " + e.getMessage());
+ System.exit(-1);
+ } catch (JAXBException e) {
+ System.err.println("Error: " + e.getMessage());
+ System.exit(-1);
+ } finally {
+ if (reader != null)
+ try {
+ reader.close();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ }
+ } else {
+ searchData = new CertSearchRequest();
+ searchData.setSerialNumberRangeInUse(true);
+ }
+ String s = cmd.getOptionValue("start");
+ Integer start = s == null ? null : Integer.valueOf(s);
+
+ s = cmd.getOptionValue("size");
+ Integer size = s == null ? null : Integer.valueOf(s);
+
+ addSearchAttribute(cmd, searchData);
+ CertDataInfos certs = null;
+ try {
+ certs = parent.client.findCerts(searchData, start, size);
+ } catch (PKIException e) {
+ System.err.println("Error: Cannot list certificates. " + e.getMessage());
+ System.exit(-1);
+ }
+ if (certs.getCertInfos() == null || certs.getCertInfos().isEmpty()) {
+ MainCLI.printMessage("No matches found.");
+ System.exit(-1);
+ }
+ MainCLI.printMessage(certs.getCertInfos().size() + " certificate(s) matched");
+
+ boolean first = true;
+
+ for (CertDataInfo cert : certs.getCertInfos()) {
+ if (first) {
+ first = false;
+ } else {
+ System.out.println();
+ }
+
+ CertCLI.printCertInfo(cert);
+ }
+
+ MainCLI.printMessage("Number of entries returned " + certs.getCertInfos().size());
+ }
+
+ public void addOptions() {
+
+ Option option = null;
+
+ //pagination options
+ option = new Option(null, "start", true, "Page start");
+ option.setArgName("start");
+ options.addOption(option);
+
+ option = new Option(null, "size", true, "Page size");
+ option.setArgName("size");
+ options.addOption(option);
+
+ //help
+ options.addOption(null, "help", false, "Show help options");
+
+ //file input
+ option = new Option(null, "input", true, "File containing the search constraints");
+ option.setArgName("file path");
+ options.addOption(option);
+
+ //serialNumberinUse
+ option = new Option(null, "minSerialNumber", true, "Minimum serial number");
+ option.setArgName("serial number");
+ options.addOption(option);
+ option = new Option(null, "maxSerialNumber", true, "Maximum serial number");
+ option.setArgName("serial number");
+ options.addOption(option);
+
+ //subjectNameinUse
+ option = new Option(null, "name", true, "Subject's common name");
+ option.setArgName("name");
+ options.addOption(option);
+ option = new Option(null, "email", true, "Subject's email address");
+ option.setArgName("email");
+ options.addOption(option);
+ option = new Option(null, "uid", true, "Subject's userid");
+ option.setArgName("user id");
+ options.addOption(option);
+ option = new Option(null, "org", true, "Subject's organization");
+ option.setArgName("name");
+ options.addOption(option);
+ option = new Option(null, "orgUnit", true, "Subject's organization unit");
+ option.setArgName("name");
+ options.addOption(option);
+ option = new Option(null, "locality", true, "Subject's locality");
+ option.setArgName("name");
+ options.addOption(option);
+ option = new Option(null, "state", true, "Subject's state");
+ option.setArgName("name");
+ options.addOption(option);
+ option = new Option(null, "country", true, "Subject's country");
+ option.setArgName("name");
+ options.addOption(option);
+ options.addOption(null, "matchExactly", false, "Match exactly with the details provided");
+
+ //revokedByInUse
+ option = new Option(null, "revokedBy", true, "Certificate revoked by");
+ option.setArgName("user id");
+ options.addOption(option);
+
+ //revocationPeriod
+ option = new Option(null, "revokedOnFrom", true, "Revoked on or after this date");
+ option.setArgName("date");
+ options.addOption(option);
+ option = new Option(null, "revokedOnTo", true, "Revoked on or before this date");
+ option.setArgName("date");
+ options.addOption(option);
+
+ //revocationReason
+ option = new Option(null, "revocationReason", true, "Reason for revocation");
+ option.setArgName("reason");
+ options.addOption(option);
+
+ //issuedBy
+ option = new Option(null, "issuedBy", true, "Issued by");
+ option.setArgName("user id");
+ options.addOption(option);
+
+ //issuedFor(period)
+ option = new Option(null, "issuedOn", true, "Date issued");
+ option.setArgName("date");
+ options.addOption(option);
+
+ //certTypeinUse
+ option = new Option(null, "certTypeSubEmailCA", true, "Certifiate type: Subject Email CA");
+ option.setArgName("on|off");
+ options.addOption(option);
+ option = new Option(null, "certTypeSubSSLCA", true, "Certificate type: Subject SSL CA");
+ option.setArgName("on|off");
+ options.addOption(option);
+ option = new Option(null, "certTypeSecureEmail", true, "Certifiate Type: Secure Email");
+ option.setArgName("on|off");
+ options.addOption(option);
+ option = new Option(null, "certTypeSSLClient", true, "Certifiate Type: SSL Client");
+ option.setArgName("on|off");
+ options.addOption(option);
+ option = new Option(null, "certTypeSSLServer", true, "Certifiate Type: SSL Server");
+ option.setArgName("on|off");
+ options.addOption(option);
+
+ //validationNotBeforeInUse
+ option = new Option(null, "validNotBeforeFrom", true, "Valid not before start date");
+ option.setArgName("date");
+ options.addOption(option);
+ option = new Option(null, "validNotBeforeTo", true, "Valid not before end date");
+ option.setArgName("date");
+ options.addOption(option);
+
+ //validityNotAfterinUse
+ option = new Option(null, "validNotAfterFrom", true, "Valid not after start date");
+ option.setArgName("date");
+ options.addOption(option);
+ option = new Option(null, "validNotAfterTo", true, "Valid not after end date");
+ option.setArgName("date");
+ options.addOption(option);
+
+ //validityLengthinUse
+ option = new Option(null, "validityOperation", true, "Validity operation: \"<=\" or \">=\"");
+ option.setArgName("operation");
+ options.addOption(option);
+ option = new Option(null, "validityCount", true, "Validity count");
+ option.setArgName("count");
+ options.addOption(option);
+ option = new Option(null, "validityUnit", true, "Validity unit");
+ option.setArgName("milliseconds");
+ options.addOption(option);
+ }
+
+ public void addSearchAttribute(CommandLine cmd, CertSearchRequest csd) {
+ if (cmd.hasOption("minSerialNumber")) {
+ csd.setSerialNumberRangeInUse(true);
+ csd.setSerialFrom(cmd.getOptionValue("minSerialNumber"));
+ }
+ if (cmd.hasOption("maxSerialNumber")) {
+ csd.setSerialNumberRangeInUse(true);
+ csd.setSerialTo(cmd.getOptionValue("maxSerialNumber"));
+ }
+ if (cmd.hasOption("name")) {
+ csd.setSubjectInUse(true);
+ csd.setCommonName(cmd.getOptionValue("name"));
+ }
+ if (cmd.hasOption("email")) {
+ csd.setSubjectInUse(true);
+ csd.setEmail(cmd.getOptionValue("email"));
+ }
+ if (cmd.hasOption("uid")) {
+ csd.setSubjectInUse(true);
+ csd.setUserID(cmd.getOptionValue("uid"));
+ }
+ if (cmd.hasOption("org")) {
+ csd.setSubjectInUse(true);
+ csd.setOrg(cmd.getOptionValue("org"));
+ }
+ if (cmd.hasOption("orgUnit")) {
+ csd.setSubjectInUse(true);
+ csd.setOrgUnit(cmd.getOptionValue("orgUnit"));
+ }
+ if (cmd.hasOption("locality")) {
+ csd.setSubjectInUse(true);
+ csd.setLocality(cmd.getOptionValue("locality"));
+ }
+ if (cmd.hasOption("state")) {
+ csd.setSubjectInUse(true);
+ csd.setState(cmd.getOptionValue("state"));
+ }
+ if (cmd.hasOption("country")) {
+ csd.setSubjectInUse(true);
+ csd.setCountry(cmd.getOptionValue("country"));
+ }
+ if (cmd.hasOption("matchExactly")) {
+ csd.setMatchExactly(true);
+ }
+ if (cmd.hasOption("revokedBy")) {
+ csd.setRevokedByInUse(true);
+ csd.setRevokedBy(cmd.getOptionValue("revokedBy"));
+ }
+ if (cmd.hasOption("revokedOnFrom")) {
+ csd.setRevokedOnInUse(true);
+ csd.setRevokedOnFrom(cmd.getOptionValue("revokedOnFrom"));
+ }
+ if (cmd.hasOption("revokedOnTo")) {
+ csd.setRevokedOnInUse(true);
+ csd.setRevokedOnTo(cmd.getOptionValue("revokedOnTo"));
+ }
+ if (cmd.hasOption("revocationReason")) {
+ csd.setRevocationReasonInUse(true);
+ csd.setRevocationReason(cmd.getOptionValue("revocationReason"));
+ }
+ if (cmd.hasOption("issuedBy")) {
+ csd.setIssuedByInUse(true);
+ csd.setIssuedBy(cmd.getOptionValue("issuedBy"));
+ }
+ if (cmd.hasOption("issuedOn")) {
+ csd.setIssuedOnInUse(true);
+ csd.setIssuedOnFrom(cmd.getOptionValue("issuedOn"));
+ }
+ if (cmd.hasOption("certTypeSubEmailCA")) {
+ csd.setCertTypeInUse(true);
+ csd.setCertTypeSubEmailCA(cmd.getOptionValue("certTypeSubEmailCA"));
+ }
+ if (cmd.hasOption("certTypeSubSSLCA")) {
+ csd.setCertTypeInUse(true);
+ csd.setCertTypeSubSSLCA(cmd.getOptionValue("certTypeSubSSLCA"));
+ }
+ if (cmd.hasOption("certTypeSecureEmail")) {
+ csd.setCertTypeInUse(true);
+ csd.setCertTypeSecureEmail(cmd.getOptionValue("certTypeSecureEmail"));
+ }
+ if (cmd.hasOption("certTypeSSLClient")) {
+ csd.setCertTypeInUse(true);
+ csd.setCertTypeSSLClient(cmd.getOptionValue("certTypeSSLCllient"));
+ }
+ if (cmd.hasOption("certTypeSSLServer")) {
+ csd.setCertTypeInUse(true);
+ csd.setCertTypeSSLServer(cmd.getOptionValue("certTypeSSLServer"));
+ }
+ if (cmd.hasOption("validNotBeforeFrom")) {
+ csd.setValidNotBeforeInUse(true);
+ csd.setValidNotBeforeFrom(cmd.getOptionValue("validNotBeforeFrom"));
+ }
+ if (cmd.hasOption("validNotBeforeTo")) {
+ csd.setValidNotBeforeInUse(true);
+ csd.setValidNotBeforeTo(cmd.getOptionValue("validNotBeforeTo"));
+ }
+ if (cmd.hasOption("validNotAfterFrom")) {
+ csd.setValidNotAfterInUse(true);
+ csd.setValidNotAfterFrom(cmd.getOptionValue("validNotAfterFrom"));
+ }
+ if (cmd.hasOption("validNotAfterTo")) {
+ csd.setValidNotAfterInUse(true);
+ csd.setValidNotAfterTo(cmd.getOptionValue("validNotAfterTo"));
+ }
+ if (cmd.hasOption("validityOperation")) {
+ csd.setValidityLengthInUse(true);
+ csd.setValidityOperation(cmd.getOptionValue("validityOperation"));
+ }
+ if (cmd.hasOption("validityCount")) {
+ csd.setValidityLengthInUse(true);
+ csd.setValidityCount(cmd.getOptionValue("validityCount"));
+ }
+ if (cmd.hasOption("validityUnit")) {
+ csd.setValidityLengthInUse(true);
+ csd.setValidityUnit(cmd.getOptionValue("validityUnit"));
+ }
+
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertHoldCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertHoldCLI.java
new file mode 100644
index 000000000..b5c604a86
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertHoldCLI.java
@@ -0,0 +1,118 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.cert;
+
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
+
+import netscape.security.x509.RevocationReason;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.cert.CertData;
+import com.netscape.certsrv.cert.CertRequestInfo;
+import com.netscape.certsrv.cert.CertRevokeRequest;
+import com.netscape.certsrv.dbs.certdb.CertId;
+import com.netscape.certsrv.request.RequestStatus;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class CertHoldCLI extends CLI {
+
+ public CertCLI parent;
+
+ public CertHoldCLI(CertCLI parent) {
+ super("hold", "Place certificate on-hold");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Serial Number> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "comments", true, "Comments");
+ option.setArgName("comments");
+ options.addOption(option);
+
+ options.addOption(null, "force", false, "Force");
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ CertId certID = new CertId(cmdArgs[0]);
+
+ if (!cmd.hasOption("force")) {
+
+ CertData certData = parent.client.getCert(certID);
+
+ System.out.println("Placing certificate on-hold:");
+
+ CertCLI.printCertData(certData, false, false);
+
+ System.out.print("Are you sure (Y/N)? ");
+ System.out.flush();
+
+ BufferedReader reader = new BufferedReader(new InputStreamReader(System.in));
+ String line = reader.readLine();
+ if (!line.equalsIgnoreCase("Y")) {
+ System.exit(1);
+ }
+ }
+
+ CertRevokeRequest request = new CertRevokeRequest();
+ request.setReason(RevocationReason.CERTIFICATE_HOLD);
+ request.setComments(cmd.getOptionValue("comments"));
+
+ CertRequestInfo certRequestInfo = parent.client.revokeCert(certID, request);
+
+ if (verbose) {
+ CertCLI.printCertRequestInfo(certRequestInfo);
+ }
+
+ if (certRequestInfo.getRequestStatus() == RequestStatus.COMPLETE) {
+ MainCLI.printMessage("Placed certificate \"" + certID.toHexString() + "\" on-hold");
+ CertData certData = parent.client.getCert(certID);
+ CertCLI.printCertData(certData, false, false);
+
+ } else {
+ MainCLI.printMessage("Request \"" + certRequestInfo.getRequestId() + "\": " + certRequestInfo.getRequestStatus());
+ }
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertReleaseHoldCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertReleaseHoldCLI.java
new file mode 100644
index 000000000..184976f1e
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertReleaseHoldCLI.java
@@ -0,0 +1,109 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.cert;
+
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
+
+import org.apache.commons.cli.CommandLine;
+
+import com.netscape.certsrv.cert.CertData;
+import com.netscape.certsrv.cert.CertRequestInfo;
+import com.netscape.certsrv.cert.CertUnrevokeRequest;
+import com.netscape.certsrv.dbs.certdb.CertId;
+import com.netscape.certsrv.request.RequestStatus;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class CertReleaseHoldCLI extends CLI {
+
+ public CertCLI parent;
+
+ public CertReleaseHoldCLI(CertCLI parent) {
+ super("release-hold", "Place certificate off-hold");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Serial Number> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ options.addOption(null, "force", false, "Force");
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ CertId certID = new CertId(cmdArgs[0]);
+
+ if (!cmd.hasOption("force")) {
+
+ CertData certData = parent.client.getCert(certID);
+
+ System.out.println("Placing certificate off-hold:");
+
+ CertCLI.printCertData(certData, false, false);
+
+ System.out.print("Are you sure (Y/N)? ");
+ System.out.flush();
+
+ BufferedReader reader = new BufferedReader(new InputStreamReader(System.in));
+ String line = reader.readLine();
+ if (!line.equalsIgnoreCase("Y")) {
+ System.exit(1);
+ }
+ }
+
+ CertUnrevokeRequest request = new CertUnrevokeRequest();
+
+ CertRequestInfo certRequestInfo = parent.client.unrevokeCert(certID, request);
+
+ if (verbose) {
+ CertCLI.printCertRequestInfo(certRequestInfo);
+ }
+
+ if (certRequestInfo.getRequestStatus() == RequestStatus.COMPLETE) {
+ MainCLI.printMessage("Placed certificate \"" + certID.toHexString() + "\" off-hold");
+ CertData certData = parent.client.getCert(certID);
+ CertCLI.printCertData(certData, false, false);
+
+ } else {
+ MainCLI.printMessage("Request \"" + certRequestInfo.getRequestId() + "\": " + certRequestInfo.getRequestStatus());
+ }
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertRequestApproveCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestApproveCLI.java
new file mode 100644
index 000000000..98a3a2b4f
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestApproveCLI.java
@@ -0,0 +1,69 @@
+package com.netscape.cmstools.cert;
+
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.ParseException;
+
+import com.netscape.certsrv.base.PKIException;
+import com.netscape.certsrv.cert.CertReviewResponse;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+public class CertRequestApproveCLI extends CLI {
+ CertCLI parent;
+
+ public CertRequestApproveCLI(CertCLI parent) {
+ super("request-approve", "Approve certificate request");
+ this.parent = parent;
+ }
+
+ @Override
+ public void execute(String[] args) {
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+ } catch (ParseException e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(-1);
+ }
+
+ String[] cLineArgs = cmd.getArgs();
+
+ if (cLineArgs.length < 1) {
+ System.err.println("Error: No file name specified.");
+ printHelp();
+ System.exit(-1);
+ }
+ CertReviewResponse reviewInfo = null;
+ try {
+ JAXBContext context = JAXBContext.newInstance(CertReviewResponse.class);
+ Unmarshaller unmarshaller = context.createUnmarshaller();
+ FileInputStream fis = new FileInputStream(cLineArgs[0].trim());
+ reviewInfo = (CertReviewResponse) unmarshaller.unmarshal(fis);
+ parent.client.approveRequest(reviewInfo.getRequestId(), reviewInfo);
+ } catch (PKIException e) {
+ System.err.println(e.getMessage());
+ System.exit(-1);
+ } catch (JAXBException e) {
+ System.err.println("Error: " + e.getMessage());
+ System.exit(-1);
+ } catch (FileNotFoundException e) {
+ System.err.println("Error: " + e.getMessage());
+ System.exit(-1);
+ }
+ MainCLI.printMessage("Approved certificate request " + reviewInfo.getRequestId().toString());
+ }
+
+ @Override
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <file name>", options);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertRequestReviewCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestReviewCLI.java
new file mode 100644
index 000000000..682314b25
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestReviewCLI.java
@@ -0,0 +1,103 @@
+package com.netscape.cmstools.cert;
+
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+import org.apache.commons.cli.ParseException;
+
+import com.netscape.certsrv.base.PKIException;
+import com.netscape.certsrv.cert.CertReviewResponse;
+import com.netscape.certsrv.request.RequestId;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+public class CertRequestReviewCLI extends CLI {
+
+ CertCLI parent;
+
+ public CertRequestReviewCLI(CertCLI parent) {
+ super("request-review", "Review certificate request");
+ this.parent = parent;
+ }
+
+ @Override
+ public void execute(String[] args) {
+ CommandLine cmd = null;
+
+ Option output = new Option(null, "output", true, "Output Filename");
+ options.addOption(output);
+
+ try {
+ cmd = parser.parse(options, args);
+ } catch (ParseException e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(-1);
+ }
+
+ String[] cLineArgs = cmd.getArgs();
+
+ if (cLineArgs.length < 1) {
+ System.err.println("Error: No request id specified.");
+ printHelp();
+ System.exit(-1);
+ }
+ String filename = null;
+ if (cmd.hasOption("output")) {
+ filename = cmd.getOptionValue("output");
+ } else {
+ System.err.println("No output option specified.");
+ printHelp();
+ System.exit(-1);
+ }
+
+ if (filename == null || filename.trim().length() == 0) {
+ System.err.println("Specify the filename to write the request information");
+ printHelp();
+ System.exit(-1);
+ }
+
+ RequestId reqId = null;
+ try {
+ reqId = new RequestId(cLineArgs[0]);
+ } catch (NumberFormatException e) {
+ System.err.println("Error: Invalid RequestID: " + cLineArgs[0]);
+ System.exit(-1);
+ }
+
+ CertReviewResponse reviewInfo = null;
+ try {
+ reviewInfo = parent.client.reviewRequest(reqId);
+ } catch (PKIException e) {
+ System.err.println(e.getMessage());
+ System.exit(-1);
+ }
+
+ try {
+ JAXBContext context = JAXBContext.newInstance(CertReviewResponse.class);
+ Marshaller marshaller = context.createMarshaller();
+ marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+
+ FileOutputStream stream = new FileOutputStream(filename);
+
+ marshaller.marshal(reviewInfo, stream);
+ MainCLI.printMessage("Downloaded certificate request " + cLineArgs[0]);
+ } catch (JAXBException e) {
+ System.err.println("Cannot write to the file. " + e);
+ } catch (FileNotFoundException e) {
+ System.err.println("File not found at " + filename);
+ }
+
+ }
+
+ @Override
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <request id>", options);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java
new file mode 100644
index 000000000..3562d48f0
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertRequestSubmitCLI.java
@@ -0,0 +1,85 @@
+package com.netscape.cmstools.cert;
+
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.util.Collection;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.ParseException;
+
+import com.netscape.certsrv.cert.CertEnrollmentRequest;
+import com.netscape.certsrv.cert.CertRequestInfo;
+import com.netscape.certsrv.cert.CertRequestInfos;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+public class CertRequestSubmitCLI extends CLI {
+
+ CertCLI parent;
+
+ public CertRequestSubmitCLI(CertCLI parent) {
+ super("request-submit", "Submit certificate request");
+ this.parent = parent;
+ }
+
+ @Override
+ public void execute(String[] args) {
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+ } catch (ParseException e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(-1);
+ }
+
+ String[] cLineArgs = cmd.getArgs();
+
+ if (cLineArgs.length < 1) {
+ System.err.println("Error: No filename specified.");
+ printHelp();
+ System.exit(-1);
+ }
+
+ CertEnrollmentRequest erd = null;
+
+ try {
+ erd = getEnrollmentRequest(cLineArgs[0]);
+ CertRequestInfos cri = parent.client.enrollRequest(erd);
+ MainCLI.printMessage("Submitted certificate request");
+ printRequestInformation(cri);
+ } catch (FileNotFoundException e) {
+ System.err.println("Error: " + e.getMessage());
+ System.exit(-1);
+ } catch (JAXBException e) {
+ System.err.println("Error: " + e.getMessage());
+ System.exit(-1);
+ }
+ }
+
+ private CertEnrollmentRequest getEnrollmentRequest(String fileName) throws JAXBException, FileNotFoundException {
+ CertEnrollmentRequest erd = null;
+ JAXBContext context = JAXBContext.newInstance(CertEnrollmentRequest.class);
+ Unmarshaller unmarshaller = context.createUnmarshaller();
+ FileInputStream fis = new FileInputStream(fileName);
+ erd = (CertEnrollmentRequest) unmarshaller.unmarshal(fis);
+ return erd;
+ }
+
+ private void printRequestInformation(CertRequestInfos cri) {
+ Collection<CertRequestInfo> allRequests = cri.getRequests();
+ for (CertRequestInfo x : allRequests) {
+ CertCLI.printCertRequestInfo(x);
+ }
+ System.out.println();
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <filename>", options);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertRevokeCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertRevokeCLI.java
new file mode 100644
index 000000000..d8a4d5295
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertRevokeCLI.java
@@ -0,0 +1,164 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.cert;
+
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
+
+import netscape.security.x509.RevocationReason;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.cert.CertData;
+import com.netscape.certsrv.cert.CertRequestInfo;
+import com.netscape.certsrv.cert.CertRevokeRequest;
+import com.netscape.certsrv.dbs.certdb.CertId;
+import com.netscape.certsrv.request.RequestStatus;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class CertRevokeCLI extends CLI {
+
+ public CertCLI parent;
+
+ public CertRevokeCLI(CertCLI parent) {
+ super("revoke", "Revoke certificate");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Serial Number> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ StringBuilder sb = new StringBuilder();
+
+ for (RevocationReason reason : RevocationReason.INSTANCES) {
+ if (sb.length() > 0) {
+ sb.append(", ");
+ }
+ sb.append(reason);
+ if (reason == RevocationReason.UNSPECIFIED) {
+ sb.append(" (default)");
+ }
+ }
+
+ Option option = new Option(null, "reason", true, "Revocation reason: " + sb);
+ option.setArgName("reason");
+ options.addOption(option);
+
+ option = new Option(null, "comments", true, "Comments");
+ option.setArgName("comments");
+ options.addOption(option);
+
+ options.addOption(null, "ca", false, "CA signing certificate");
+ options.addOption(null, "force", false, "Force");
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ CertId certID = new CertId(cmdArgs[0]);
+
+ String string = cmd.getOptionValue("reason", RevocationReason.UNSPECIFIED.toString());
+ RevocationReason reason = RevocationReason.valueOf(string);
+
+ if (reason == null) {
+ System.err.println("Error: Invalid revocation reason: "+string);
+ printHelp();
+ System.exit(1);
+ return;
+ }
+
+ if (!cmd.hasOption("force")) {
+
+ CertData certData = parent.client.getCert(certID);
+
+ if (reason == RevocationReason.CERTIFICATE_HOLD) {
+ System.out.println("Placing certificate on-hold:");
+ } else if (reason == RevocationReason.REMOVE_FROM_CRL) {
+ System.out.println("Placing certificate off-hold:");
+ } else {
+ System.out.println("Revoking certificate:");
+ }
+
+ CertCLI.printCertData(certData, false, false);
+
+ System.out.print("Are you sure (Y/N)? ");
+ System.out.flush();
+
+ BufferedReader reader = new BufferedReader(new InputStreamReader(System.in));
+ String line = reader.readLine();
+ if (!line.equalsIgnoreCase("Y")) {
+ System.exit(1);
+ }
+ }
+
+ CertRevokeRequest request = new CertRevokeRequest();
+ request.setReason(reason);
+ request.setComments(cmd.getOptionValue("comments"));
+
+ CertRequestInfo certRequestInfo;
+
+ if (cmd.hasOption("ca")) {
+ certRequestInfo = parent.client.revokeCACert(certID, request);
+ } else {
+ certRequestInfo = parent.client.revokeCert(certID, request);
+ }
+
+ if (verbose) {
+ CertCLI.printCertRequestInfo(certRequestInfo);
+ }
+
+ if (certRequestInfo.getRequestStatus() == RequestStatus.COMPLETE) {
+ if (reason == RevocationReason.CERTIFICATE_HOLD) {
+ MainCLI.printMessage("Placed certificate \"" + certID.toHexString() + "\" on-hold");
+ } else if (reason == RevocationReason.REMOVE_FROM_CRL) {
+ MainCLI.printMessage("Placed certificate \"" + certID.toHexString() + "\" off-hold");
+ } else {
+ MainCLI.printMessage("Revoked certificate \"" + certID.toHexString() + "\"");
+ }
+
+ CertData certData = parent.client.getCert(certID);
+ CertCLI.printCertData(certData, false, false);
+
+ } else {
+ MainCLI.printMessage("Request \"" + certRequestInfo.getRequestId() + "\": " + certRequestInfo.getRequestStatus());
+ }
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/cert/CertShowCLI.java b/base/java-tools/src/com/netscape/cmstools/cert/CertShowCLI.java
new file mode 100644
index 000000000..798514814
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/cert/CertShowCLI.java
@@ -0,0 +1,95 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.cert;
+
+import java.io.FileWriter;
+import java.io.PrintWriter;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.cert.CertData;
+import com.netscape.certsrv.dbs.certdb.CertId;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class CertShowCLI extends CLI {
+
+ public CertCLI parent;
+
+ public CertShowCLI(CertCLI parent) {
+ super("show", "Show certificate");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Serial Number> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "output", true, "Output file");
+ option.setArgName("file");
+ options.addOption(option);
+
+ options.addOption(null, "pretty", false, "Pretty print");
+ options.addOption(null, "encoded", false, "Base-64 encoded");
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ boolean showPrettyPrint = cmd.hasOption("pretty");
+ boolean showEncoded = cmd.hasOption("encoded");
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ CertId certID = new CertId(cmdArgs[0]);
+ String file = cmd.getOptionValue("output");
+
+ CertData certData = parent.client.getCert(certID);
+
+ String encoded = certData.getEncoded();
+ if (encoded != null && file != null) {
+ // store cert to file
+ PrintWriter out = new PrintWriter(new FileWriter(file));
+ out.print(encoded);
+ out.close();
+ }
+
+ MainCLI.printMessage("Certificate \"" + certID.toHexString() + "\"");
+
+ CertCLI.printCertData(certData, showPrettyPrint, showEncoded);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/CLI.java b/base/java-tools/src/com/netscape/cmstools/cli/CLI.java
new file mode 100644
index 000000000..a1fc4f7f9
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/cli/CLI.java
@@ -0,0 +1,88 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.cli;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+import org.apache.commons.cli.CommandLineParser;
+import org.apache.commons.cli.HelpFormatter;
+import org.apache.commons.cli.Options;
+import org.apache.commons.cli.PosixParser;
+
+
+/**
+ * @author Endi S. Dewata
+ */
+public class CLI {
+
+ public static boolean verbose;
+
+ public static CommandLineParser parser = new PosixParser();
+ public static HelpFormatter formatter = new HelpFormatter();
+
+ public String name;
+ public String description;
+
+ public Options options = new Options();
+ public Map<String, CLI> modules = new LinkedHashMap<String, CLI>();
+
+ public CLI(String name, String description) {
+ this.name = name;
+ this.description = description;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ public void setDescription(String description) {
+ this.description = description;
+ }
+
+ public void addModule(CLI module) {
+ modules.put(module.getName(), module);
+ }
+
+ public CLI getModule(String name) {
+ return modules.get(name);
+ }
+
+ public void execute(String[] args) throws Exception {
+ }
+
+ public void printHelp() {
+ }
+
+ public static boolean isVerbose() {
+ return verbose;
+ }
+
+ public static void setVerbose(boolean verbose) {
+ CLI.verbose = verbose;
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
new file mode 100644
index 000000000..a6350e5d8
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java
@@ -0,0 +1,281 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.cli;
+
+import java.io.File;
+import java.net.URISyntaxException;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+import org.apache.commons.cli.Options;
+import org.apache.commons.lang.StringUtils;
+import org.mozilla.jss.CryptoManager;
+import org.mozilla.jss.crypto.CryptoToken;
+import org.mozilla.jss.util.IncorrectPasswordException;
+import org.mozilla.jss.util.Password;
+
+import com.netscape.certsrv.client.ClientConfig;
+import com.netscape.cmstools.cert.CertCLI;
+import com.netscape.cmstools.group.GroupCLI;
+import com.netscape.cmstools.user.UserCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class MainCLI extends CLI {
+
+ public ClientConfig config = new ClientConfig();
+
+ public MainCLI() throws Exception {
+ super("pki", "PKI command-line interface");
+
+ addModule(new CertCLI(this));
+ addModule(new GroupCLI(this));
+ addModule(new UserCLI(this));
+ }
+
+ public void printHelp() {
+
+ formatter.printHelp(name+" [OPTIONS..] <command> [ARGS..]", options);
+
+ System.out.println();
+ System.out.println("Commands:");
+
+ int leftPadding = 1;
+ int rightPadding = 18;
+
+ for (CLI plugin : modules.values()) {
+ String label = plugin.getName();
+
+ int padding = rightPadding - leftPadding - label.length();
+ if (padding < 1) padding = 1;
+
+ System.out.print(StringUtils.repeat(" ", leftPadding));
+ System.out.print(label);
+ System.out.print(StringUtils.repeat(" ", padding));
+ System.out.println(plugin.getDescription());
+ }
+ }
+
+ public void printHelpCommand(String pluginName) {
+ CLI plugin = getModule(pluginName);
+ plugin.printHelp();
+ }
+
+ public void createOptions(Options options) {
+
+ Option option = new Option("U", true, "Server URI");
+ option.setArgName("uri");
+ options.addOption(option);
+
+ option = new Option("P", true, "Protocol (default: http)");
+ option.setArgName("protocol");
+ options.addOption(option);
+
+ option = new Option("h", true, "Hostname (default: localhost)");
+ option.setArgName("hostname");
+ options.addOption(option);
+
+ option = new Option("p", true, "Port (default: 8080)");
+ option.setArgName("port");
+ options.addOption(option);
+
+ option = new Option("t", true, "Subsystem type (default: ca)");
+ option.setArgName("type");
+ options.addOption(option);
+
+ option = new Option("d", true, "Certificate database");
+ option.setArgName("database");
+ options.addOption(option);
+
+ option = new Option("n", true, "Certificate nickname");
+ option.setArgName("nickname");
+ options.addOption(option);
+
+ option = new Option("u", true, "Username");
+ option.setArgName("username");
+ options.addOption(option);
+
+ option = new Option("w", true, "Password");
+ option.setArgName("password");
+ options.addOption(option);
+
+ options.addOption("v", false, "Verbose");
+ options.addOption(null, "help", false, "Help");
+ }
+
+ public void parseOptions(CommandLine cmd) throws URISyntaxException {
+
+ String uri = cmd.getOptionValue("U");
+
+ String protocol = cmd.getOptionValue("P", "http");
+ String hostname = cmd.getOptionValue("h", "localhost");
+ String port = cmd.getOptionValue("p", "8080");
+ String type = cmd.getOptionValue("t", "ca");
+
+ if (uri == null)
+ uri = protocol + "://" + hostname + ":" + port + "/" + type;
+
+ config.setServerURI(uri);
+
+ String certDatabase = cmd.getOptionValue("d");
+ String certNickname = cmd.getOptionValue("n");
+ String username = cmd.getOptionValue("u");
+ String password = cmd.getOptionValue("w");
+
+ // convert into absolute path
+ if (certDatabase != null)
+ config.setCertDatabase(new File(certDatabase).getAbsolutePath());
+
+ if (certNickname != null)
+ config.setCertNickname(certNickname);
+
+ if (username != null)
+ config.setUsername(username);
+
+ if (password != null)
+ config.setPassword(password);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ CLI module;
+ String[] moduleArgs;
+
+ try {
+ createOptions(options);
+
+ CommandLine cmd;
+ try {
+ cmd = parser.parse(options, args, true);
+ } catch (Exception e) {
+ throw new Error(e.getMessage(), e);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length == 0 || cmd.hasOption("help")) {
+ printHelp();
+ System.exit(1);
+ }
+
+ verbose = cmd.hasOption("v");
+
+ if (verbose) {
+ System.out.print("Command:");
+ for (String arg : cmdArgs) {
+ if (arg.contains(" ")) arg = "\""+arg+"\"";
+ System.out.print(" "+arg);
+ }
+ System.out.println();
+ }
+
+ parseOptions(cmd);
+
+ String command = cmdArgs[0];
+ String moduleName;
+ String moduleCommand;
+
+ // If a command contains a '-' sign it will be
+ // split into module name and module command.
+ // Otherwise it's a single command.
+ int i = command.indexOf('-');
+ if (i >= 0) { // <module name>-<module command>
+ moduleName = command.substring(0, i);
+ moduleCommand = command.substring(i+1);
+
+ } else { // <command>
+ moduleName = command;
+ moduleCommand = null;
+ }
+
+ // get command module
+ module = getModule(moduleName);
+ if (module == null)
+ throw new Error("Invalid command \"" + command + "\".");
+
+ // prepare module arguments
+ if (moduleCommand != null) {
+ moduleArgs = new String[cmdArgs.length];
+ moduleArgs[0] = moduleCommand;
+ System.arraycopy(cmdArgs, 1, moduleArgs, 1, cmdArgs.length-1);
+
+ } else {
+ moduleArgs = new String[cmdArgs.length-1];
+ System.arraycopy(cmdArgs, 1, moduleArgs, 0, cmdArgs.length-1);
+ }
+
+ } catch (Throwable t) {
+ if (verbose) {
+ t.printStackTrace(System.err);
+ } else {
+ System.err.println(t.getClass().getSimpleName()+": "+t.getMessage());
+ }
+ printHelp();
+ System.exit(1);
+ return;
+ }
+
+ // execute module command
+ try {
+ if (verbose) System.out.println("Server URI: "+config.getServerURI());
+
+ // initialize certificate database if specified
+ if (config.getCertDatabase() != null) {
+
+ if (verbose) System.out.println("Certificate database: "+config.getCertDatabase());
+ CryptoManager.initialize(config.getCertDatabase());
+
+ if (config.getPassword() != null) {
+ try {
+ CryptoManager manager = CryptoManager.getInstance();
+ CryptoToken token = manager.getInternalKeyStorageToken();
+ Password password = new Password(config.getPassword().toCharArray());
+ token.login(password);
+
+ } catch (IncorrectPasswordException e) {
+ throw new Error("Incorrect certificate database password.", e);
+ }
+ }
+ }
+
+ // execute module command
+ module.execute(moduleArgs);
+
+ } catch (Throwable t) {
+ if (verbose) {
+ t.printStackTrace(System.err);
+ } else {
+ System.err.println(t.getClass().getSimpleName()+": "+t.getMessage());
+ }
+ System.exit(1);
+ }
+ }
+
+ public static void printMessage(String message) {
+ System.out.println(StringUtils.repeat("-", message.length()));
+ System.out.println(message);
+ System.out.println(StringUtils.repeat("-", message.length()));
+ }
+
+ public static void main(String args[]) throws Exception {
+ MainCLI cli = new MainCLI();
+ cli.execute(args);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/group/GroupAddCLI.java b/base/java-tools/src/com/netscape/cmstools/group/GroupAddCLI.java
new file mode 100644
index 000000000..b4814fbcc
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/group/GroupAddCLI.java
@@ -0,0 +1,81 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.group;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.group.GroupData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class GroupAddCLI extends CLI {
+
+ public GroupCLI parent;
+
+ public GroupAddCLI(GroupCLI parent) {
+ super("add", "Add group");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Group ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "description", true, "Description");
+ option.setArgName("description");
+ option.setRequired(true);
+ options.addOption(option);
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String groupID = cmdArgs[0];
+
+ GroupData groupData = new GroupData();
+ groupData.setID(groupID);
+ groupData.setDescription(cmd.getOptionValue("description"));
+
+ groupData = parent.client.addGroup(groupData);
+
+ MainCLI.printMessage("Added group \""+groupID+"\"");
+
+ GroupCLI.printGroup(groupData);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/group/GroupAddMemberCLI.java b/base/java-tools/src/com/netscape/cmstools/group/GroupAddMemberCLI.java
new file mode 100644
index 000000000..92766cf99
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/group/GroupAddMemberCLI.java
@@ -0,0 +1,57 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.group;
+
+import com.netscape.certsrv.group.GroupMemberData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class GroupAddMemberCLI extends CLI {
+
+ public GroupCLI parent;
+
+ public GroupAddMemberCLI(GroupCLI parent) {
+ super("add-member", "Add group member");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Group ID> <Member ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ if (args.length != 2) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String groupID = args[0];
+ String memberID = args[1];
+
+ GroupMemberData groupMemberData = parent.client.addGroupMember(groupID, memberID);
+
+ MainCLI.printMessage("Added group member \""+memberID+"\"");
+
+ GroupCLI.printGroupMember(groupMemberData);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/group/GroupCLI.java b/base/java-tools/src/com/netscape/cmstools/group/GroupCLI.java
new file mode 100644
index 000000000..ce28af243
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/group/GroupCLI.java
@@ -0,0 +1,125 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.group;
+
+import java.util.Arrays;
+
+import org.apache.commons.lang.StringUtils;
+import org.jboss.resteasy.plugins.providers.atom.Link;
+
+import com.netscape.certsrv.group.GroupClient;
+import com.netscape.certsrv.group.GroupData;
+import com.netscape.certsrv.group.GroupMemberData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class GroupCLI extends CLI {
+
+ public MainCLI parent;
+ public GroupClient client;
+
+ public GroupCLI(MainCLI parent) {
+ super("group", "Group management commands");
+ this.parent = parent;
+
+ addModule(new GroupFindCLI(this));
+ addModule(new GroupShowCLI(this));
+ addModule(new GroupAddCLI(this));
+ addModule(new GroupModifyCLI(this));
+ addModule(new GroupRemoveCLI(this));
+
+ addModule(new GroupFindMemberCLI(this));
+ addModule(new GroupShowMemberCLI(this));
+ addModule(new GroupAddMemberCLI(this));
+ addModule(new GroupRemoveMemberCLI(this));
+ }
+
+ public void printHelp() {
+
+ System.out.println("Commands:");
+
+ int leftPadding = 1;
+ int rightPadding = 25;
+
+ for (CLI module : modules.values()) {
+ String label = name+"-"+module.getName();
+
+ int padding = rightPadding - leftPadding - label.length();
+ if (padding < 1) padding = 1;
+
+ System.out.print(StringUtils.repeat(" ", leftPadding));
+ System.out.print(label);
+ System.out.print(StringUtils.repeat(" ", padding));
+ System.out.println(module.getDescription());
+ }
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ client = new GroupClient(parent.config);
+ client.setVerbose(verbose);
+
+ if (args.length == 0) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String command = args[0];
+ String[] commandArgs = Arrays.copyOfRange(args, 1, args.length);
+
+ if (command == null) {
+ printHelp();
+ System.exit(1);
+ }
+
+ CLI module = getModule(command);
+ if (module != null) {
+ module.execute(commandArgs);
+
+ } else {
+ System.err.println("Error: Invalid command \""+command+"\"");
+ printHelp();
+ System.exit(1);
+ }
+ }
+
+ public static void printGroup(GroupData groupData) {
+ System.out.println(" Group ID: "+groupData.getID());
+
+ String description = groupData.getDescription();
+ if (!StringUtils.isEmpty(description)) System.out.println(" Description: "+description);
+
+ Link link = groupData.getLink();
+ if (verbose && link != null) {
+ System.out.println(" Link: " + link.getHref());
+ }
+ }
+
+ public static void printGroupMember(GroupMemberData groupMemberData) {
+ System.out.println(" Member: "+groupMemberData.getID());
+
+ Link link = groupMemberData.getLink();
+ if (verbose && link != null) {
+ System.out.println(" Link: " + link.getHref());
+ }
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/group/GroupFindCLI.java b/base/java-tools/src/com/netscape/cmstools/group/GroupFindCLI.java
new file mode 100644
index 000000000..272e3a8fd
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/group/GroupFindCLI.java
@@ -0,0 +1,98 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.group;
+
+import java.util.Collection;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.group.GroupCollection;
+import com.netscape.certsrv.group.GroupData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class GroupFindCLI extends CLI {
+
+ public GroupCLI parent;
+
+ public GroupFindCLI(GroupCLI parent) {
+ super("find", "Find groups");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " [FILTER] [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "start", true, "Page start");
+ option.setArgName("start");
+ options.addOption(option);
+
+ option = new Option(null, "size", true, "Page size");
+ option.setArgName("size");
+ options.addOption(option);
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+ String filter = cmdArgs.length > 0 ? cmdArgs[0] : null;
+
+ String s = cmd.getOptionValue("start");
+ Integer start = s == null ? null : Integer.valueOf(s);
+
+ s = cmd.getOptionValue("size");
+ Integer size = s == null ? null : Integer.valueOf(s);
+
+ GroupCollection response = parent.client.findGroups(filter, start, size);
+
+ Collection<GroupData> entries = response.getGroups();
+
+ MainCLI.printMessage(entries.size()+" group(s) matched");
+
+ boolean first = true;
+
+ for (GroupData groupData : entries) {
+
+ if (first) {
+ first = false;
+ } else {
+ System.out.println();
+ }
+
+ GroupCLI.printGroup(groupData);
+ }
+
+ MainCLI.printMessage("Number of entries returned "+entries.size());
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/group/GroupFindMemberCLI.java b/base/java-tools/src/com/netscape/cmstools/group/GroupFindMemberCLI.java
new file mode 100644
index 000000000..f0498f0d2
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/group/GroupFindMemberCLI.java
@@ -0,0 +1,104 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.group;
+
+import java.util.Collection;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.group.GroupMemberCollection;
+import com.netscape.certsrv.group.GroupMemberData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class GroupFindMemberCLI extends CLI {
+
+ public GroupCLI parent;
+
+ public GroupFindMemberCLI(GroupCLI parent) {
+ super("find-member", "Find group members");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Group ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "start", true, "Page start");
+ option.setArgName("start");
+ options.addOption(option);
+
+ option = new Option(null, "size", true, "Page size");
+ option.setArgName("size");
+ options.addOption(option);
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String groupID = cmdArgs[0];
+
+ String s = cmd.getOptionValue("start");
+ Integer start = s == null ? null : Integer.valueOf(s);
+
+ s = cmd.getOptionValue("size");
+ Integer size = s == null ? null : Integer.valueOf(s);
+
+ GroupMemberCollection response = parent.client.findGroupMembers(groupID, start, size);
+
+ Collection<GroupMemberData> entries = response.getMembers();
+
+ MainCLI.printMessage(entries.size()+" group member(s) matched");
+
+ boolean first = true;
+
+ for (GroupMemberData groupMemberData : entries) {
+
+ if (first) {
+ first = false;
+ } else {
+ System.out.println();
+ }
+
+ GroupCLI.printGroupMember(groupMemberData);
+ }
+
+ MainCLI.printMessage("Number of entries returned "+entries.size());
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/group/GroupModifyCLI.java b/base/java-tools/src/com/netscape/cmstools/group/GroupModifyCLI.java
new file mode 100644
index 000000000..2869ce19d
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/group/GroupModifyCLI.java
@@ -0,0 +1,80 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.group;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.group.GroupData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class GroupModifyCLI extends CLI {
+
+ public GroupCLI parent;
+
+ public GroupModifyCLI(GroupCLI parent) {
+ super("mod", "Modify group");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Group ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "description", true, "Description");
+ option.setArgName("description");
+ options.addOption(option);
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String groupID = cmdArgs[0];
+
+ GroupData groupData = new GroupData();
+ groupData.setID(groupID);
+ groupData.setDescription(cmd.getOptionValue("description"));
+
+ groupData = parent.client.modifyGroup(groupID, groupData);
+
+ MainCLI.printMessage("Modified group \""+groupID+"\"");
+
+ GroupCLI.printGroup(groupData);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/group/GroupRemoveCLI.java b/base/java-tools/src/com/netscape/cmstools/group/GroupRemoveCLI.java
new file mode 100644
index 000000000..744f13b8c
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/group/GroupRemoveCLI.java
@@ -0,0 +1,54 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.group;
+
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+
+/**
+ * @author Endi S. Dewata
+ */
+public class GroupRemoveCLI extends CLI {
+
+ public GroupCLI parent;
+
+ public GroupRemoveCLI(GroupCLI parent) {
+ super("del", "Remove group");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Group ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ if (args.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String groupID = args[0];
+
+ parent.client.removeGroup(groupID);
+
+ MainCLI.printMessage("Deleted group \""+groupID+"\"");
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/group/GroupRemoveMemberCLI.java b/base/java-tools/src/com/netscape/cmstools/group/GroupRemoveMemberCLI.java
new file mode 100644
index 000000000..f46885631
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/group/GroupRemoveMemberCLI.java
@@ -0,0 +1,54 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.group;
+
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class GroupRemoveMemberCLI extends CLI {
+
+ public GroupCLI parent;
+
+ public GroupRemoveMemberCLI(GroupCLI parent) {
+ super("remove-member", "Remove group member");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Group ID> <Member ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ if (args.length != 2) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String groupID = args[0];
+ String memberID = args[1];
+
+ parent.client.removeGroupMember(groupID, memberID);
+
+ MainCLI.printMessage("Deleted group member \""+memberID+"\"");
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/group/GroupShowCLI.java b/base/java-tools/src/com/netscape/cmstools/group/GroupShowCLI.java
new file mode 100644
index 000000000..3209c2b37
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/group/GroupShowCLI.java
@@ -0,0 +1,56 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.group;
+
+import com.netscape.certsrv.group.GroupData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class GroupShowCLI extends CLI {
+
+ public GroupCLI parent;
+
+ public GroupShowCLI(GroupCLI parent) {
+ super("show", "Show group");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Group ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ if (args.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String groupID = args[0];
+
+ GroupData groupData = parent.client.getGroup(groupID);
+
+ MainCLI.printMessage("Group \""+groupID+"\"");
+
+ GroupCLI.printGroup(groupData);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/group/GroupShowMemberCLI.java b/base/java-tools/src/com/netscape/cmstools/group/GroupShowMemberCLI.java
new file mode 100644
index 000000000..8a4afb688
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/group/GroupShowMemberCLI.java
@@ -0,0 +1,57 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.group;
+
+import com.netscape.certsrv.group.GroupMemberData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class GroupShowMemberCLI extends CLI {
+
+ public GroupCLI parent;
+
+ public GroupShowMemberCLI(GroupCLI parent) {
+ super("show-member", "Show group member");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <Group ID> <Member ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ if (args.length != 2) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String groupID = args[0];
+ String memberID = args[1];
+
+ GroupMemberData groupMemberData = parent.client.getGroupMember(groupID, memberID);
+
+ MainCLI.printMessage("Group member \""+memberID+"\"");
+
+ GroupCLI.printGroupMember(groupMemberData);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserAddCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserAddCLI.java
new file mode 100644
index 000000000..3db8fe533
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/user/UserAddCLI.java
@@ -0,0 +1,106 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.user;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.user.UserData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class UserAddCLI extends CLI {
+
+ public UserCLI parent;
+
+ public UserAddCLI(UserCLI parent) {
+ super("add", "Add user");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <User ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "fullName", true, "Full name");
+ option.setArgName("fullName");
+ option.setRequired(true);
+ options.addOption(option);
+
+ option = new Option(null, "email", true, "Email");
+ option.setArgName("email");
+ options.addOption(option);
+
+ option = new Option(null, "password", true, "Password");
+ option.setArgName("password");
+ options.addOption(option);
+
+ option = new Option(null, "phone", true, "Phone");
+ option.setArgName("phone");
+ options.addOption(option);
+
+ option = new Option(null, "type", true, "Type");
+ option.setArgName("type");
+ options.addOption(option);
+
+ option = new Option(null, "state", true, "State");
+ option.setArgName("state");
+ options.addOption(option);
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String userId = cmdArgs[0];
+
+ UserData userData = new UserData();
+ userData.setID(userId);
+ userData.setFullName(cmd.getOptionValue("fullName"));
+ userData.setEmail(cmd.getOptionValue("email"));
+ userData.setPassword(cmd.getOptionValue("password"));
+ userData.setPhone(cmd.getOptionValue("phone"));
+ userData.setType(cmd.getOptionValue("type"));
+ userData.setState(cmd.getOptionValue("state"));
+
+ userData = parent.client.addUser(userData);
+
+ MainCLI.printMessage("Added user \"" + userId + "\"");
+
+ UserCLI.printUser(userData);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserAddCertCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserAddCertCLI.java
new file mode 100644
index 000000000..7bec2ff19
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/user/UserAddCertCLI.java
@@ -0,0 +1,97 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.user;
+
+import java.io.File;
+import java.util.Scanner;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.user.UserCertData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class UserAddCertCLI extends CLI {
+
+ public UserCLI parent;
+
+ public UserAddCertCLI(UserCLI parent) {
+ super("add-cert", "Add user cert");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <User ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "input", true, "Input file");
+ option.setArgName("file");
+ option.setRequired(true);
+ options.addOption(option);
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String userId = cmdArgs[0];
+ String file = cmd.getOptionValue("input");
+
+ // get cert from file
+ if (verbose) {
+ System.out.println("Reading cert from "+file+".");
+ }
+ String encoded = new Scanner(new File(file)).useDelimiter("\\A").next();
+ if (verbose) {
+ System.out.println(encoded);
+ }
+
+ UserCertData userCertData = new UserCertData();
+ userCertData.setEncoded(encoded);
+
+ if (verbose) {
+ System.out.println(userCertData);
+ }
+
+ userCertData = parent.client.addUserCert(userId, userCertData);
+
+ MainCLI.printMessage("Added certificate \"" + userCertData.getID() + "\"");
+
+ UserCLI.printCert(userCertData, false, false);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserCLI.java
new file mode 100644
index 000000000..301754a22
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/user/UserCLI.java
@@ -0,0 +1,163 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.user;
+
+import java.util.Arrays;
+
+import org.apache.commons.lang.StringUtils;
+import org.jboss.resteasy.plugins.providers.atom.Link;
+
+import com.netscape.certsrv.user.UserCertData;
+import com.netscape.certsrv.user.UserClient;
+import com.netscape.certsrv.user.UserData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class UserCLI extends CLI {
+
+ public MainCLI parent;
+ public UserClient client;
+
+ public UserCLI(MainCLI parent) {
+ super("user", "User management commands");
+ this.parent = parent;
+
+ addModule(new UserFindCLI(this));
+ addModule(new UserShowCLI(this));
+ addModule(new UserAddCLI(this));
+ addModule(new UserModifyCLI(this));
+ addModule(new UserRemoveCLI(this));
+
+ addModule(new UserFindCertCLI(this));
+ addModule(new UserShowCertCLI(this));
+ addModule(new UserAddCertCLI(this));
+ addModule(new UserRemoveCertCLI(this));
+ }
+
+ public void printHelp() {
+
+ System.out.println("Commands:");
+
+ int leftPadding = 1;
+ int rightPadding = 25;
+
+ for (CLI module : modules.values()) {
+ String label = name + "-" + module.getName();
+
+ int padding = rightPadding - leftPadding - label.length();
+ if (padding < 1)
+ padding = 1;
+
+ System.out.print(StringUtils.repeat(" ", leftPadding));
+ System.out.print(label);
+ System.out.print(StringUtils.repeat(" ", padding));
+ System.out.println(module.getDescription());
+ }
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ client = new UserClient(parent.config);
+ client.setVerbose(verbose);
+
+ if (args.length == 0) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String command = args[0];
+ String[] commandArgs = Arrays.copyOfRange(args, 1, args.length);
+
+ if (command == null) {
+ printHelp();
+ System.exit(1);
+ }
+
+ CLI module = getModule(command);
+ if (module != null) {
+ module.execute(commandArgs);
+
+ } else {
+ System.err.println("Error: Invalid command \"" + command + "\"");
+ printHelp();
+ System.exit(1);
+ }
+ }
+
+ public static void printUser(UserData userData) {
+ System.out.println(" User ID: " + userData.getID());
+
+ String fullName = userData.getFullName();
+ if (!StringUtils.isEmpty(fullName))
+ System.out.println(" Full name: " + fullName);
+
+ String email = userData.getEmail();
+ if (!StringUtils.isEmpty(email))
+ System.out.println(" Email: " + email);
+
+ String phone = userData.getPhone();
+ if (!StringUtils.isEmpty(phone))
+ System.out.println(" Phone: " + phone);
+
+ String type = userData.getType();
+ if (!StringUtils.isEmpty(type))
+ System.out.println(" Type: " + type);
+
+ String state = userData.getState();
+ if (!StringUtils.isEmpty(state))
+ System.out.println(" State: " + state);
+
+ Link link = userData.getLink();
+ if (verbose && link != null) {
+ System.out.println(" Link: " + link.getHref());
+ }
+ }
+
+ public static void printCert(
+ UserCertData userCertData,
+ boolean showPrettyPrint,
+ boolean showEncoded) {
+
+ System.out.println(" Cert ID: " + userCertData.getID());
+ System.out.println(" Version: " + userCertData.getVersion());
+ System.out.println(" Serial Number: " + userCertData.getSerialNumber().toHexString());
+ System.out.println(" Issuer: " + userCertData.getIssuerDN());
+ System.out.println(" Subject: " + userCertData.getSubjectDN());
+
+ Link link = userCertData.getLink();
+ if (verbose && link != null) {
+ System.out.println(" Link: " + link.getHref());
+ }
+
+ String prettyPrint = userCertData.getPrettyPrint();
+ if (showPrettyPrint && prettyPrint != null) {
+ System.out.println();
+ System.out.println(prettyPrint);
+ }
+
+ String encoded = userCertData.getEncoded();
+ if (showEncoded && encoded != null) {
+ System.out.println();
+ System.out.println(encoded);
+ }
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java
new file mode 100644
index 000000000..a5b96d1c3
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java
@@ -0,0 +1,98 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.user;
+
+import java.util.Collection;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.user.UserCollection;
+import com.netscape.certsrv.user.UserData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class UserFindCLI extends CLI {
+
+ public UserCLI parent;
+
+ public UserFindCLI(UserCLI parent) {
+ super("find", "Find users");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " [FILTER] [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "start", true, "Page start");
+ option.setArgName("start");
+ options.addOption(option);
+
+ option = new Option(null, "size", true, "Page size");
+ option.setArgName("size");
+ options.addOption(option);
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();;
+ String filter = cmdArgs.length > 0 ? cmdArgs[0] : null;
+
+ String s = cmd.getOptionValue("start");
+ Integer start = s == null ? null : Integer.valueOf(s);
+
+ s = cmd.getOptionValue("size");
+ Integer size = s == null ? null : Integer.valueOf(s);
+
+ UserCollection response = parent.client.findUsers(filter, start, size);
+
+ Collection<UserData> entries = response.getUsers();
+
+ MainCLI.printMessage(entries.size() + " user(s) matched");
+
+ boolean first = true;
+
+ for (UserData userData : entries) {
+
+ if (first) {
+ first = false;
+ } else {
+ System.out.println();
+ }
+
+ UserCLI.printUser(userData);
+ }
+
+ MainCLI.printMessage("Number of entries returned " + entries.size());
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserFindCertCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserFindCertCLI.java
new file mode 100644
index 000000000..08f687933
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/user/UserFindCertCLI.java
@@ -0,0 +1,104 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.user;
+
+import java.util.Collection;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.user.UserCertCollection;
+import com.netscape.certsrv.user.UserCertData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class UserFindCertCLI extends CLI {
+
+ public UserCLI parent;
+
+ public UserFindCertCLI(UserCLI parent) {
+ super("find-cert", "Find user certs");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <User ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "start", true, "Page start");
+ option.setArgName("start");
+ options.addOption(option);
+
+ option = new Option(null, "size", true, "Page size");
+ option.setArgName("size");
+ options.addOption(option);
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String userID = cmdArgs[0];
+
+ String s = cmd.getOptionValue("start");
+ Integer start = s == null ? null : Integer.valueOf(s);
+
+ s = cmd.getOptionValue("size");
+ Integer size = s == null ? null : Integer.valueOf(s);
+
+ UserCertCollection response = parent.client.findUserCerts(userID, start, size);
+
+ Collection<UserCertData> entries = response.getCerts();
+
+ MainCLI.printMessage(entries.size() + " user cert(s) matched");
+
+ boolean first = true;
+
+ for (UserCertData userCertData : entries) {
+
+ if (first) {
+ first = false;
+ } else {
+ System.out.println();
+ }
+
+ UserCLI.printCert(userCertData, false, false);
+ }
+
+ MainCLI.printMessage("Number of entries returned " + entries.size());
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserModifyCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserModifyCLI.java
new file mode 100644
index 000000000..706224ef9
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/user/UserModifyCLI.java
@@ -0,0 +1,107 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.user;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.user.UserData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class UserModifyCLI extends CLI {
+
+ public UserCLI parent;
+
+ public UserModifyCLI(UserCLI parent) {
+ super("mod", "Modify user");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <User ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "fullName", true, "Full name");
+ option.setArgName("fullName");
+ options.addOption(option);
+
+ option = new Option(null, "email", true, "Email");
+ option.setArgName("email");
+ options.addOption(option);
+
+ option = new Option(null, "password", true, "Password");
+ option.setArgName("password");
+ options.addOption(option);
+
+ option = new Option(null, "phone", true, "Phone");
+ option.setArgName("phone");
+ options.addOption(option);
+
+ // type cannot be modified
+ // option = new Option(null, "type", true, "Type");
+ // option.setArgName("type");
+ // options.addOption(option);
+
+ option = new Option(null, "state", true, "State");
+ option.setArgName("state");
+ options.addOption(option);
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String userId = cmdArgs[0];
+
+ UserData userData = new UserData();
+ userData.setID(userId);
+ userData.setFullName(cmd.getOptionValue("fullName"));
+ userData.setEmail(cmd.getOptionValue("email"));
+ userData.setPassword(cmd.getOptionValue("password"));
+ userData.setPhone(cmd.getOptionValue("phone"));
+ // type cannot be modified
+ // userData.setType(cmd.getOptionValue("type"));
+ userData.setState(cmd.getOptionValue("state"));
+
+ userData = parent.client.modifyUser(userId, userData);
+
+ MainCLI.printMessage("Modified user \"" + userId + "\"");
+
+ UserCLI.printUser(userData);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserRemoveCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserRemoveCLI.java
new file mode 100644
index 000000000..6bafba8a4
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/user/UserRemoveCLI.java
@@ -0,0 +1,53 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.user;
+
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class UserRemoveCLI extends CLI {
+
+ public UserCLI parent;
+
+ public UserRemoveCLI(UserCLI parent) {
+ super("del", "Remove user");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <User ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ if (args.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String userID = args[0];
+
+ parent.client.removeUser(userID);
+
+ MainCLI.printMessage("Deleted user \"" + userID + "\"");
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserRemoveCertCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserRemoveCertCLI.java
new file mode 100644
index 000000000..203e48f52
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/user/UserRemoveCertCLI.java
@@ -0,0 +1,61 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.user;
+
+import java.net.URLEncoder;
+
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+
+/**
+ * @author Endi S. Dewata
+ */
+public class UserRemoveCertCLI extends CLI {
+
+ public UserCLI parent;
+
+ public UserRemoveCertCLI(UserCLI parent) {
+ super("remove-cert", "Remove user cert");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <User ID> <Cert ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ if (args.length != 2) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String userID = args[0];
+ String certID = args[1];
+
+ if (verbose) {
+ System.out.println("Removing cert "+certID+" from user "+userID+".");
+ }
+
+ parent.client.removeUserCert(userID, URLEncoder.encode(certID, "UTF-8"));
+
+ MainCLI.printMessage("Deleted certificate \"" + certID + "\"");
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserShowCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserShowCLI.java
new file mode 100644
index 000000000..679b67791
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/user/UserShowCLI.java
@@ -0,0 +1,56 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.user;
+
+import com.netscape.certsrv.user.UserData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class UserShowCLI extends CLI {
+
+ public UserCLI parent;
+
+ public UserShowCLI(UserCLI parent) {
+ super("show", "Show user");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <User ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ if (args.length != 1) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String userId = args[0];
+
+ UserData userData = parent.client.getUser(userId);
+
+ MainCLI.printMessage("User \"" + userId + "\"");
+
+ UserCLI.printUser(userData);
+ }
+}
diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserShowCertCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserShowCertCLI.java
new file mode 100644
index 000000000..f30c72327
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/user/UserShowCertCLI.java
@@ -0,0 +1,96 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.user;
+
+import java.io.FileWriter;
+import java.io.PrintWriter;
+import java.net.URLEncoder;
+
+import org.apache.commons.cli.CommandLine;
+import org.apache.commons.cli.Option;
+
+import com.netscape.certsrv.user.UserCertData;
+import com.netscape.cmstools.cli.CLI;
+import com.netscape.cmstools.cli.MainCLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class UserShowCertCLI extends CLI {
+
+ public UserCLI parent;
+
+ public UserShowCertCLI(UserCLI parent) {
+ super("show-cert", "Show user cert");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name + " <User ID> <Cert ID> [OPTIONS...]", options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ Option option = new Option(null, "output", true, "Output file");
+ option.setArgName("file");
+ options.addOption(option);
+
+ options.addOption(null, "pretty", false, "Pretty print");
+ options.addOption(null, "encoded", false, "Base-64 encoded");
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ boolean showPrettyPrint = cmd.hasOption("pretty");
+ boolean showEncoded = cmd.hasOption("encoded");
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 2) {
+ printHelp();
+ System.exit(1);
+ }
+
+ String userID = cmdArgs[0];
+ String certID = cmdArgs[1];
+ String file = cmd.getOptionValue("output");
+
+ UserCertData userCertData = parent.client.getUserCert(userID, URLEncoder.encode(certID, "UTF-8"));
+
+ String encoded = userCertData.getEncoded();
+ if (encoded != null && file != null) {
+ // store cert to file
+ PrintWriter out = new PrintWriter(new FileWriter(file));
+ out.print(encoded);
+ out.close();
+ }
+
+ MainCLI.printMessage("Certificate \"" + userCertData.getID() + "\"");
+
+ UserCLI.printCert(userCertData, showPrettyPrint, showEncoded);
+ }
+}