Refactored ConfigurationUtils.updateCloneConfig().

The ConfigurationUtils.updateCloneConfig() invocation has been modified such that it will only be executed once. https://pagure.io/dogtagpki/issue/2280 Change-Id: I1d42acb8cf7c7ffedcd109fcd5252a03fb9622e7
author: Endi S. Dewata <edewata@redhat.com> 2017-07-07 19:36:56 +0200
committer: Endi S. Dewata <edewata@redhat.com> 2017-07-08 04:52:44 +0200
commit: 2dc3c84777dcd8fe20611511ed5fc422c8b05541 (patch)
tree: 9ea2ab1b14f752b7df665b2b83a6f469431edbcb /base/server/cms
parent: eb08fba8a15e044802e9fa32ba0d4ed6c8eb31bc (diff)
download: pki-2dc3c84777dcd8fe20611511ed5fc422c8b05541.tar.gz
pki-2dc3c84777dcd8fe20611511ed5fc422c8b05541.tar.xz
pki-2dc3c84777dcd8fe20611511ed5fc422c8b05541.zip
2 files changed, 20 insertions, 14 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
index b8f771238..cca753404 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
@@ -2946,15 +2946,20 @@ public class ConfigurationUtils {
         return 0;
     }
 
-    public static void updateCloneConfig()
-            throws EBaseException, IOException {
+    public static void updateCloneConfig() throws EBaseException, IOException {
+
         IConfigStore config = CMS.getConfigStore();
         String cstype = config.getString("cs.type", null);
         cstype = cstype.toLowerCase();
+
         if (cstype.equals("kra")) {
+
             String token = config.getString("preop.module.token");
+
             if (!CryptoUtil.isInternalToken(token)) {
+
                 CMS.debug("ConfigurationUtils: updating configuration for KRA clone with hardware token");
+
                 String subsystem = config.getString(PCERT_PREFIX + "storage.subsystem");
                 String storageNickname = getNickname(config, "storage");
                 String transportNickname = getNickname(config, "transport");
@@ -2962,22 +2967,23 @@ public class ConfigurationUtils {
                 config.putString(subsystem + ".storageUnit.hardware", token);
                 config.putString(subsystem + ".storageUnit.nickName", token + ":" + storageNickname);
                 config.putString(subsystem + ".transportUnit.nickName", token + ":" + transportNickname);
+
                 config.commit(false);
+
             } else { // software token
                 // parameters already set
             }
         }
 
         // audit signing cert
-        String audit_nn = config.getString(cstype + ".audit_signing" + ".nickname", "");
-        String audit_tk = config.getString(cstype + ".audit_signing" + ".tokenname", "");
-        if (!CryptoUtil.isInternalToken(audit_tk)) {
-            config.putString("log.instance.SignedAudit.signedAuditCertNickname",
-                    audit_tk + ":" + audit_nn);
-        } else {
-            config.putString("log.instance.SignedAudit.signedAuditCertNickname",
-                    audit_nn);
+        String nickname = config.getString(cstype + ".audit_signing.nickname", "");
+        String token = config.getString(cstype + ".audit_signing.tokenname", "");
+
+        if (!CryptoUtil.isInternalToken(token)) {
+            nickname = token + ":" + nickname;
         }
+
+        config.putString("log.instance.SignedAudit.signedAuditCertNickname", nickname);
     }
 
     public static void loadCertRequest(IConfigStore config, String tag, Cert cert) throws Exception {
diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
index 87cf963d9..a92d04ae9 100644
--- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
+++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
@@ -399,6 +399,10 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
         }
 
         ConfigurationUtils.updateServerCertNickConf();
+
+        if (request.isClone()) {
+            ConfigurationUtils.updateCloneConfig();
+        }
     }
 
     public void processCert(
@@ -524,10 +528,6 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
             ConfigurationUtils.generateCertRequest(cs, tag, cert);
         }
 
-        if (request.isClone()) {
-            ConfigurationUtils.updateCloneConfig();
-        }
-
         if (request.isExternal() && tag.equals("signing")) { // external/existing CA
             CMS.debug("SystemConfigService: External CA has signing cert");
             hasSigningCert.setValue(true);
author	Endi S. Dewata <edewata@redhat.com>	2017-07-07 19:36:56 +0200
committer	Endi S. Dewata <edewata@redhat.com>	2017-07-08 04:52:44 +0200
commit	2dc3c84777dcd8fe20611511ed5fc422c8b05541 (patch)
tree	9ea2ab1b14f752b7df665b2b83a6f469431edbcb /base/server/cms
parent	eb08fba8a15e044802e9fa32ba0d4ed6c8eb31bc (diff)
download	pki-2dc3c84777dcd8fe20611511ed5fc422c8b05541.tar.gz pki-2dc3c84777dcd8fe20611511ed5fc422c8b05541.tar.xz pki-2dc3c84777dcd8fe20611511ed5fc422c8b05541.zip