diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-05-16 02:42:12 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-05-17 21:53:16 +0200 |
commit | 579ed7eed16c9fc6e02928f71656d2a326d68c22 (patch) | |
tree | c0b3f270c976712a18450e6fff957f187431898e /base/server/cms/src/com/netscape | |
parent | 8751cd2c5cc0c41c5d85724fddfd5d872ad994ed (diff) | |
download | pki-579ed7eed16c9fc6e02928f71656d2a326d68c22.tar.gz pki-579ed7eed16c9fc6e02928f71656d2a326d68c22.tar.xz pki-579ed7eed16c9fc6e02928f71656d2a326d68c22.zip |
Added CertStatusChangeRequestProcessedEvent.
A new CertStatusChangeRequestProcessedEvent class has been added to
encapsulate the CERT_STATUS_CHANGE_REQUEST_PROCESSED events.
https://pagure.io/dogtagpki/issue/2636
Change-Id: I41cf0ce94b176a2036b9f1f433212bf3c414fb0b
Diffstat (limited to 'base/server/cms/src/com/netscape')
4 files changed, 46 insertions, 67 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java b/base/server/cms/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java index f4d7f8fd1..24ba49473 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java @@ -31,13 +31,6 @@ import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import netscape.security.x509.CRLExtensions; -import netscape.security.x509.CRLReasonExtension; -import netscape.security.x509.InvalidityDateExtension; -import netscape.security.x509.RevocationReason; -import netscape.security.x509.RevokedCertImpl; -import netscape.security.x509.X509CertImpl; - import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.authentication.AuthToken; import com.netscape.certsrv.authentication.EMissingCredential; @@ -56,6 +49,7 @@ import com.netscape.certsrv.dbs.certdb.ICertificateRepository; import com.netscape.certsrv.logging.AuditEvent; import com.netscape.certsrv.logging.AuditFormat; import com.netscape.certsrv.logging.ILogger; +import com.netscape.certsrv.logging.event.CertStatusChangeRequestProcessedEvent; import com.netscape.certsrv.publish.IPublisherProcessor; import com.netscape.certsrv.ra.IRegistrationAuthority; import com.netscape.certsrv.request.IRequest; @@ -69,6 +63,13 @@ import com.netscape.cms.servlet.common.CMSTemplateParams; import com.netscape.cms.servlet.common.ECMSGWException; import com.netscape.cmsutil.util.Utils; +import netscape.security.x509.CRLExtensions; +import netscape.security.x509.CRLReasonExtension; +import netscape.security.x509.InvalidityDateExtension; +import netscape.security.x509.RevocationReason; +import netscape.security.x509.RevokedCertImpl; +import netscape.security.x509.X509CertImpl; + /** * Revoke a certificate with a CMC-formatted revocation request * @@ -810,17 +811,15 @@ public class CMCRevReqServlet extends CMSServlet { if (auditApprovalStatus == RequestStatus.COMPLETE || auditApprovalStatus == RequestStatus.REJECTED || auditApprovalStatus == RequestStatus.CANCELED) { - auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + + audit(new CertStatusChangeRequestProcessedEvent( auditSubjectID, ILogger.SUCCESS, auditRequesterID, auditSerialNumber, auditRequestType, auditReasonNum, - auditApprovalStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : auditApprovalStatus.toString()); - - audit(auditMessage); + auditApprovalStatus)); } } catch (CertificateException e) { @@ -844,17 +843,15 @@ public class CMCRevReqServlet extends CMSServlet { if (auditApprovalStatus == RequestStatus.COMPLETE || auditApprovalStatus == RequestStatus.REJECTED || auditApprovalStatus == RequestStatus.CANCELED) { - auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + + audit(new CertStatusChangeRequestProcessedEvent( auditSubjectID, ILogger.FAILURE, auditRequesterID, auditSerialNumber, auditRequestType, auditReasonNum, - auditApprovalStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : auditApprovalStatus.toString()); - - audit(auditMessage); + auditApprovalStatus)); } } @@ -882,17 +879,15 @@ public class CMCRevReqServlet extends CMSServlet { if (auditApprovalStatus == RequestStatus.COMPLETE || auditApprovalStatus == RequestStatus.REJECTED || auditApprovalStatus == RequestStatus.CANCELED) { - auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + + audit(new CertStatusChangeRequestProcessedEvent( auditSubjectID, ILogger.FAILURE, auditRequesterID, auditSerialNumber, auditRequestType, auditReasonNum, - auditApprovalStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : auditApprovalStatus.toString()); - - audit(auditMessage); + auditApprovalStatus)); } } @@ -921,17 +916,15 @@ public class CMCRevReqServlet extends CMSServlet { if (auditApprovalStatus == RequestStatus.COMPLETE || auditApprovalStatus == RequestStatus.REJECTED || auditApprovalStatus == RequestStatus.CANCELED) { - auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + + audit(new CertStatusChangeRequestProcessedEvent( auditSubjectID, ILogger.FAILURE, auditRequesterID, auditSerialNumber, auditRequestType, auditReasonNum, - auditApprovalStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : auditApprovalStatus.toString()); - - audit(auditMessage); + auditApprovalStatus)); } } @@ -957,17 +950,15 @@ public class CMCRevReqServlet extends CMSServlet { if (auditApprovalStatus == RequestStatus.COMPLETE || auditApprovalStatus == RequestStatus.REJECTED || auditApprovalStatus == RequestStatus.CANCELED) { - auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + + audit(new CertStatusChangeRequestProcessedEvent( auditSubjectID, ILogger.FAILURE, auditRequesterID, auditSerialNumber, auditRequestType, auditReasonNum, - auditApprovalStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : auditApprovalStatus.toString()); - - audit(auditMessage); + auditApprovalStatus)); } } diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java b/base/server/cms/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java index 68ac6da26..a9a62389f 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java +++ b/base/server/cms/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java @@ -49,6 +49,7 @@ import com.netscape.certsrv.dbs.certdb.ICertificateRepository; import com.netscape.certsrv.logging.AuditEvent; import com.netscape.certsrv.logging.AuditFormat; import com.netscape.certsrv.logging.ILogger; +import com.netscape.certsrv.logging.event.CertStatusChangeRequestProcessedEvent; import com.netscape.certsrv.publish.IPublisherProcessor; import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.request.IRequestQueue; @@ -557,17 +558,15 @@ public class DoRevokeTPS extends CMSServlet { if (auditApprovalStatus == RequestStatus.COMPLETE || auditApprovalStatus == RequestStatus.REJECTED || auditApprovalStatus == RequestStatus.CANCELED) { - auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + + audit(new CertStatusChangeRequestProcessedEvent( auditSubjectID, ILogger.FAILURE, auditRequesterID, auditSerialNumber, auditRequestType, auditReasonNum, - auditApprovalStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : auditApprovalStatus.toString()); - - audit(auditMessage); + auditApprovalStatus)); } return; @@ -748,17 +747,15 @@ public class DoRevokeTPS extends CMSServlet { if (auditApprovalStatus == RequestStatus.COMPLETE || auditApprovalStatus == RequestStatus.REJECTED || auditApprovalStatus == RequestStatus.CANCELED) { - auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + + audit(new CertStatusChangeRequestProcessedEvent( auditSubjectID, ILogger.SUCCESS, auditRequesterID, auditSerialNumber, auditRequestType, auditReasonNum, - auditApprovalStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : auditApprovalStatus.toString()); - - audit(auditMessage); + auditApprovalStatus)); } } catch (EBaseException e) { log(ILogger.LL_FAILURE, "error " + e); @@ -783,17 +780,15 @@ public class DoRevokeTPS extends CMSServlet { if (auditApprovalStatus == RequestStatus.COMPLETE || auditApprovalStatus == RequestStatus.REJECTED || auditApprovalStatus == RequestStatus.CANCELED) { - auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + + audit(new CertStatusChangeRequestProcessedEvent( auditSubjectID, ILogger.FAILURE, auditRequesterID, auditSerialNumber, auditRequestType, auditReasonNum, - auditApprovalStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : auditApprovalStatus.toString()); - - audit(auditMessage); + auditApprovalStatus)); } } @@ -822,17 +817,15 @@ public class DoRevokeTPS extends CMSServlet { if (auditApprovalStatus == RequestStatus.COMPLETE || auditApprovalStatus == RequestStatus.REJECTED || auditApprovalStatus == RequestStatus.CANCELED) { - auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + + audit(new CertStatusChangeRequestProcessedEvent( auditSubjectID, ILogger.FAILURE, auditRequesterID, auditSerialNumber, auditRequestType, auditReasonNum, - auditApprovalStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : auditApprovalStatus.toString()); - - audit(auditMessage); + auditApprovalStatus)); } } diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java b/base/server/cms/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java index 30bde7613..36a6802d6 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java +++ b/base/server/cms/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java @@ -46,6 +46,7 @@ import com.netscape.certsrv.dbs.certdb.ICertificateRepository; import com.netscape.certsrv.logging.AuditEvent; import com.netscape.certsrv.logging.AuditFormat; import com.netscape.certsrv.logging.ILogger; +import com.netscape.certsrv.logging.event.CertStatusChangeRequestProcessedEvent; import com.netscape.certsrv.publish.IPublisherProcessor; import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.request.IRequestQueue; @@ -461,17 +462,15 @@ public class DoUnrevokeTPS extends CMSServlet { if (auditApprovalStatus == RequestStatus.COMPLETE || auditApprovalStatus == RequestStatus.REJECTED || auditApprovalStatus == RequestStatus.CANCELED) { - auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + + audit(new CertStatusChangeRequestProcessedEvent( auditSubjectID, ILogger.SUCCESS, auditRequesterID, auditSerialNumber, auditRequestType, auditReasonNum, - auditApprovalStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : auditApprovalStatus.toString()); - - audit(auditMessage); + auditApprovalStatus)); } } catch (EBaseException eAudit1) { @@ -495,17 +494,15 @@ public class DoUnrevokeTPS extends CMSServlet { if (auditApprovalStatus == RequestStatus.COMPLETE || auditApprovalStatus == RequestStatus.REJECTED || auditApprovalStatus == RequestStatus.CANCELED) { - auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + + audit(new CertStatusChangeRequestProcessedEvent( auditSubjectID, ILogger.FAILURE, auditRequesterID, auditSerialNumber, auditRequestType, auditReasonNum, - auditApprovalStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : auditApprovalStatus.toString()); - - audit(auditMessage); + auditApprovalStatus)); } } } diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/RevocationProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/cert/RevocationProcessor.java index b90966e0f..570aea294 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/cert/RevocationProcessor.java +++ b/base/server/cms/src/com/netscape/cms/servlet/cert/RevocationProcessor.java @@ -39,6 +39,7 @@ import com.netscape.certsrv.dbs.certdb.ICertificateRepository; import com.netscape.certsrv.logging.AuditEvent; import com.netscape.certsrv.logging.AuditFormat; import com.netscape.certsrv.logging.ILogger; +import com.netscape.certsrv.logging.event.CertStatusChangeRequestProcessedEvent; import com.netscape.certsrv.publish.IPublisherProcessor; import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.request.IRequestQueue; @@ -505,17 +506,14 @@ public class RevocationProcessor extends CertProcessor { || requestStatus == RequestStatus.REJECTED || requestStatus == RequestStatus.CANCELED)) return; - String auditMessage = CMS.getLogMessage( - AuditEvent.CERT_STATUS_CHANGE_REQUEST_PROCESSED, + auditor.log(new CertStatusChangeRequestProcessedEvent( auditor.getSubjectID(), status, requestID == null ? ILogger.UNIDENTIFIED : requestID.toString(), serialNumber == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : serialNumber.toHexString(), requestType, String.valueOf(revocationReason.toInt()), - requestStatus == null ? ILogger.SIGNED_AUDIT_EMPTY_VALUE : requestStatus.toString()); - - auditor.log(auditMessage); + requestStatus)); } public void log(int level, String message) { |