diff options
| author | Christina Fu <cfu@redhat.com> | 2016-04-05 11:44:00 -0700 |
|---|---|---|
| committer | Christina Fu <cfu@redhat.com> | 2016-04-13 14:51:54 -0700 |
| commit | e832349f8846ab398b17b98ebe9862bc700d1b7f (patch) | |
| tree | e9d6da783634e9cc9ad81794d7178c8126710a13 /base/kra/src/com/netscape/kra | |
| parent | 8e291fba835f6640a262e01333aa58cf9bd5220f (diff) | |
| download | pki-e832349f8846ab398b17b98ebe9862bc700d1b7f.tar.gz pki-e832349f8846ab398b17b98ebe9862bc700d1b7f.tar.xz pki-e832349f8846ab398b17b98ebe9862bc700d1b7f.zip | |
Ticket #2271 TMS- clean up key archival request records in ldap
This patch does the following:
* it adds in the kra request an extra field called "delayLDAPCommit"
* when the request comes in to be processed, it sets this field to "false"
* by default, if this field does not exist, the updateRequest() method will just write to ldap, just like before; however, if this field exists and it contains "true" then it will delay the write
* once the request is processed and all unwanted fields are cleared from the request record, it will set "delayLDAPCommit" to "false", and call updateRequest(), which will then do the actual write to ldap
* In addition, I also screened through both KRA and TPS code and removed debug messages that contain those fields.
Diffstat (limited to 'base/kra/src/com/netscape/kra')
| -rw-r--r-- | base/kra/src/com/netscape/kra/NetkeyKeygenService.java | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/base/kra/src/com/netscape/kra/NetkeyKeygenService.java b/base/kra/src/com/netscape/kra/NetkeyKeygenService.java index f409eea96..e77ef25db 100644 --- a/base/kra/src/com/netscape/kra/NetkeyKeygenService.java +++ b/base/kra/src/com/netscape/kra/NetkeyKeygenService.java @@ -410,6 +410,12 @@ public class NetkeyKeygenService implements IService { audit(auditMessage); String rWrappedDesKeyString = request.getExtDataInString(IRequest.NETKEY_ATTR_DRMTRANS_DES_KEY); + // the request reocrd field delayLDAPCommit == "true" will cause + // updateRequest() to delay actual write to ldap + request.setExtData("delayLDAPCommit", "true"); + // wrappedDesKey no longer needed. removing. + request.setExtData(IRequest.NETKEY_ATTR_DRMTRANS_DES_KEY, ""); + // CMS.debug("NetkeyKeygenService: received DRM-trans-wrapped DES key ="+rWrappedDesKeyString); wrapped_des_key = com.netscape.cmsutil.util.Utils.SpecialDecode(rWrappedDesKeyString); CMS.debug("NetkeyKeygenService: wrapped_des_key specialDecoded"); |