summaryrefslogtreecommitdiffstats
path: root/base/server/cms/src/com/netscape/cms/servlet/admin
diff options
context:
space:
mode:
authorEndi S. Dewata <edewata@redhat.com>2017-04-26 20:04:46 +0200
committerEndi S. Dewata <edewata@redhat.com>2017-05-16 03:18:20 +0200
commitcec9efefe027ed4e7592827889eb3b487e7e485a (patch)
tree15f5508877f5f29a7097904102fb64fbc692bc52 /base/server/cms/src/com/netscape/cms/servlet/admin
parent3abf731d9e6f02ac8d315978d31c28c2f9c85db9 (diff)
downloadpki-cec9efefe027ed4e7592827889eb3b487e7e485a.tar.gz
pki-cec9efefe027ed4e7592827889eb3b487e7e485a.tar.xz
pki-cec9efefe027ed4e7592827889eb3b487e7e485a.zip
Added ConfigTrustedPublicKeyEvent.
A new ConfigTrustedPublicKeyEvent class of has been added to encapsulate the CONFIG_TRUSTED_PUBLIC_KEY events. https://pagure.io/dogtagpki/issue/2641 Change-Id: I2fb4b46dfd63daf3c0c08dc08b3dbac9108ec908
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/admin')
-rw-r--r--base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java218
1 files changed, 72 insertions, 146 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
index f8bc34a50..8d28408a3 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java
@@ -62,6 +62,7 @@ import com.netscape.certsrv.dbs.certdb.ICertificateRepository;
import com.netscape.certsrv.kra.IKeyRecoveryAuthority;
import com.netscape.certsrv.logging.AuditEvent;
import com.netscape.certsrv.logging.ILogger;
+import com.netscape.certsrv.logging.event.ConfigTrustedPublicKeyEvent;
import com.netscape.certsrv.ocsp.IOCSPAuthority;
import com.netscape.certsrv.ra.IRegistrationAuthority;
import com.netscape.certsrv.security.ICryptoSubsystem;
@@ -1434,7 +1435,7 @@ public final class CMSAdminServlet extends AdminServlet {
private void issueImportCert(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
- String auditMessage = null;
+
String auditSubjectID = auditSubjectID();
// ensure that any low-level exceptions are reported
@@ -1484,14 +1485,11 @@ public final class CMSAdminServlet extends AdminServlet {
nicknameWithoutTokenName = nickname.substring(index + 1);
oldtokenname = nickname.substring(0, index);
} else {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
throw new EBaseException(CMS.getLogMessage("BASE_CERT_NOT_FOUND"));
}
@@ -1504,14 +1502,11 @@ public final class CMSAdminServlet extends AdminServlet {
} else if (index > 0 && (index < (canickname.length() - 1))) {
canicknameWithoutTokenName = canickname.substring(index + 1);
} else {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
throw new EBaseException(CMS.getLogMessage("BASE_CERT_NOT_FOUND"));
}
@@ -1524,14 +1519,11 @@ public final class CMSAdminServlet extends AdminServlet {
KeyPair pair = null;
if (nickname.equals("")) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
throw new EBaseException(CMS.getLogMessage("BASE_CERT_NOT_FOUND"));
}
@@ -1771,40 +1763,30 @@ public final class CMSAdminServlet extends AdminServlet {
properties.clear();
properties = null;
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
mConfig.commit(true);
sendResponse(SUCCESS, null, null, resp);
} catch (EBaseException eAudit1) {
CMS.debug("CMSAdminServlet: issueImportCert: EBaseException thrown: " + eAudit1.toString());
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
// rethrow the specific exception to be handled later
throw eAudit1;
} catch (IOException eAudit2) {
CMS.debug("CMSAdminServlet: issueImportCert: IOException thrown: " + eAudit2.toString());
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
// rethrow the specific exception to be handled later
throw eAudit2;
@@ -1890,14 +1872,11 @@ public final class CMSAdminServlet extends AdminServlet {
try {
if (pkcs == null || pkcs.equals("")) {
if (certpath == null || certpath.equals("")) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
EBaseException ex = new EBaseException(
CMS.getLogMessage("BASE_INVALID_FILE_PATH"));
@@ -1924,14 +1903,11 @@ public final class CMSAdminServlet extends AdminServlet {
}
}
} catch (IOException ee) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
throw new EBaseException(
CMS.getLogMessage("BASE_OPEN_FILE_FAILED"));
@@ -1954,14 +1930,11 @@ public final class CMSAdminServlet extends AdminServlet {
tokenName = nickname.substring(0, index);
nicknameWithoutTokenName = nickname.substring(index + 1);
} else {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
throw new EBaseException(
CMS.getLogMessage("BASE_CERT_NOT_FOUND"));
@@ -2203,14 +2176,10 @@ public final class CMSAdminServlet extends AdminServlet {
audit(auditMessage);
}
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
mConfig.commit(true);
if (verified == true) {
@@ -2220,26 +2189,20 @@ public final class CMSAdminServlet extends AdminServlet {
null, resp);
}
} catch (EBaseException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
// rethrow the specific exception to be handled later
throw eAudit1;
} catch (IOException eAudit2) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
// rethrow the specific exception to be handled later
throw eAudit2;
@@ -2275,7 +2238,7 @@ public final class CMSAdminServlet extends AdminServlet {
private void importXCert(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
- String auditMessage = null;
+
String auditSubjectID = auditSubjectID();
// ensure that any low-level exceptions are reported
@@ -2309,14 +2272,11 @@ public final class CMSAdminServlet extends AdminServlet {
try {
if (b64Cert == null || b64Cert.equals("")) {
if (certpath == null || certpath.equals("")) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
EBaseException ex = new EBaseException(
CMS.getLogMessage("BASE_INVALID_FILE_PATH"));
@@ -2342,14 +2302,11 @@ public final class CMSAdminServlet extends AdminServlet {
}
}
} catch (IOException ee) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
throw new EBaseException(
CMS.getLogMessage("BASE_OPEN_FILE_FAILED"));
@@ -2376,14 +2333,11 @@ public final class CMSAdminServlet extends AdminServlet {
//this will import into internal ldap crossCerts entry
ccps.importCert(bCert);
} catch (Exception e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
sendResponse(1, "xcert importing failure:" + e.toString(),
null, resp);
@@ -2395,14 +2349,11 @@ public final class CMSAdminServlet extends AdminServlet {
// db to publishing directory, if turned on
ccps.publishCertPairs();
} catch (EBaseException e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
sendResponse(1, "xcerts publishing failure:" + e.toString(), null, resp);
return;
@@ -2416,37 +2367,27 @@ public final class CMSAdminServlet extends AdminServlet {
results.put(Constants.PR_NICKNAME, "FBCA cross-signed cert");
results.put(Constants.PR_CERT_CONTENT, content);
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
sendResponse(SUCCESS, null, results, resp);
} catch (EBaseException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
// rethrow the specific exception to be handled later
throw eAudit1;
} catch (IOException eAudit2) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
// rethrow the specific exception to be handled later
throw eAudit2;
@@ -2929,7 +2870,7 @@ public final class CMSAdminServlet extends AdminServlet {
public void setRootCertTrust(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
- String auditMessage = null;
+
String auditSubjectID = auditSubjectID();
String nickname = req.getParameter(Constants.PR_NICK_NAME);
String serialno = req.getParameter(Constants.PR_SERIAL_NUMBER);
@@ -2943,25 +2884,20 @@ public final class CMSAdminServlet extends AdminServlet {
try {
jssSubSystem.setRootCertTrust(nickname, serialno, issuername, trust);
} catch (EBaseException e) {
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
+ auditParams(req)));
- audit(auditMessage);
// rethrow the specific exception to be handled later
throw e;
}
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
sendResponse(SUCCESS, null, null, resp);
}
@@ -2982,7 +2918,7 @@ public final class CMSAdminServlet extends AdminServlet {
private void trustCACert(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
- String auditMessage = null;
+
String auditSubjectID = auditSubjectID();
CMS.debug("CMSAdminServlet: trustCACert()");
@@ -3010,38 +2946,28 @@ public final class CMSAdminServlet extends AdminServlet {
}
}
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
//sendResponse(SUCCESS, null, null, resp);
sendResponse(RESTART, null, null, resp);
} catch (EBaseException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
// rethrow the specific exception to be handled later
throw eAudit1;
} catch (IOException eAudit2) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- AuditEvent.CONFIG_TRUSTED_PUBLIC_KEY,
+
+ audit(new ConfigTrustedPublicKeyEvent(
auditSubjectID,
ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
+ auditParams(req)));
// rethrow the specific exception to be handled later
throw eAudit2;
generated by cgit (git 2.34.1) at 2024-06-22 02:43:02 +0000