Fixed missing cert request hostname and address.

The CA services have been modified to inject request hostname and address into the certificate request object such that they will be stored in the database. This fixes the problem with requests submitted either via the UI or the CLI. An unused method in CertRequestResource has been removed. Some debug messages have been cleaned as well. https://fedorahosted.org/pki/ticket/1535
author: Endi S. Dewata <edewata@redhat.com> 2015-08-05 19:10:19 +0200
committer: Endi S. Dewata <edewata@redhat.com> 2015-08-05 21:14:24 +0200
commit: fec55e3cfa8c0917ef63f3d6289fe3788f80bf33 (patch)
tree: c937cced832af56e63e710f2572efadcf3e7f47a /base/server
parent: 6999197b067af920b53c75e17dc20181ba49e997 (diff)
download: pki-fec55e3cfa8c0917ef63f3d6289fe3788f80bf33.tar.gz
pki-fec55e3cfa8c0917ef63f3d6289fe3788f80bf33.tar.xz
pki-fec55e3cfa8c0917ef63f3d6289fe3788f80bf33.zip
4 files changed, 33 insertions, 27 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/CertEnrollmentRequestFactory.java b/base/server/cms/src/com/netscape/cms/servlet/cert/CertEnrollmentRequestFactory.java
index 7a26e8e21..d74a285f3 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/cert/CertEnrollmentRequestFactory.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/cert/CertEnrollmentRequestFactory.java
@@ -20,6 +20,8 @@ package com.netscape.cms.servlet.cert;
 import java.util.Enumeration;
 import java.util.Locale;
 
+import javax.servlet.http.HttpServletRequest;
+
 import com.netscape.certsrv.base.IArgBlock;
 import com.netscape.certsrv.cert.CertEnrollmentRequest;
 import com.netscape.certsrv.profile.EProfileException;
@@ -35,18 +37,22 @@ public class CertEnrollmentRequestFactory {
             throws EProfileException {
         IArgBlock params = cmsReq.getHttpParams();
 
-        CertEnrollmentRequest ret = new CertEnrollmentRequest();
-        ret.setProfileId(profile.getId());
+        CertEnrollmentRequest request = new CertEnrollmentRequest();
+        request.setProfileId(profile.getId());
 
         // populate profile inputs
         Enumeration<String> inputIds = profile.getProfileInputIds();
         while (inputIds.hasMoreElements()) {
             IProfileInput input = profile.getProfileInput(inputIds.nextElement());
             ProfileInput addInput = ProfileInputFactory.create(input, params, locale);
-            ret.addInput(addInput);
+            request.addInput(addInput);
         }
 
-        return ret;
+        HttpServletRequest httpRequest = cmsReq.getHttpReq();
+        request.setRemoteHost(httpRequest.getRemoteHost());
+        request.setRemoteAddr(httpRequest.getRemoteAddr());
+
+        return request;
     }
 
 }
diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/CertProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/cert/CertProcessor.java
index 4cd54a257..f1a147eb4 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/cert/CertProcessor.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/cert/CertProcessor.java
@@ -172,13 +172,14 @@ public class CertProcessor extends CAProcessor {
                 auditRequesterID = auditRequesterID(req);
 
                 // print request debug
+                CMS.debug("CertProcessor: Request:");
                 if (req != null) {
                     Enumeration<String> reqKeys = req.getExtDataKeys();
                     while (reqKeys.hasMoreElements()) {
                         String reqKey = reqKeys.nextElement();
                         String reqVal = req.getExtDataInString(reqKey);
                         if (reqVal != null) {
-                            CMS.debug("CertRequestSubmitter: key=$request." + reqKey + "$ value=" + reqVal);
+                            CMS.debug("CertProcessor: - " + reqKey + ": " + reqVal);
                         }
                     }
                 }
@@ -213,7 +214,7 @@ public class CertProcessor extends CAProcessor {
                     notify.notify(req);
                 }
 
-                CMS.debug("CertRequestSubmitter: submit " + e.toString());
+                CMS.debug("CertProcessor: submit " + e);
                 errorCode = "2";
                 errorReason = CMS.getUserMessage(locale, "CMS_PROFILE_DEFERRED", e.toString());
 
@@ -223,7 +224,7 @@ public class CertProcessor extends CAProcessor {
             } catch (ERejectException e) {
                 // return error to the user
                 req.setRequestStatus(RequestStatus.REJECTED);
-                CMS.debug("CertRequestSubmitter: submit " + e.toString());
+                CMS.debug("CertProcessor: submit " + e);
                 errorCode = "3";
                 errorReason = CMS.getUserMessage(locale, "CMS_PROFILE_REJECTED", e.toString());
 
@@ -239,8 +240,8 @@ public class CertProcessor extends CAProcessor {
                 audit(auditMessage);
             } catch (Throwable e) {
                 // return error to the user
-                e.printStackTrace();
-                CMS.debug("CertRequestSubmitter: submit " + e.toString());
+                CMS.debug(e);
+                CMS.debug("CertProcessor: submit " + e);
                 errorCode = "1";
                 errorReason = CMS.getUserMessage(locale, "CMS_INTERNAL_ERROR");
                 auditMessage = CMS.getLogMessage(
@@ -261,8 +262,8 @@ public class CertProcessor extends CAProcessor {
                     profile.getRequestQueue().updateRequest(req);
                 }
             } catch (EBaseException e) {
-                e.printStackTrace();
-                CMS.debug("CertRequestSubmitter: updateRequest " + e.toString());
+                CMS.debug(e);
+                CMS.debug("CertProcessor: updateRequest " + e);
             }
         }
         return errorCode;
@@ -312,7 +313,7 @@ public class CertProcessor extends CAProcessor {
             }
 
             if (fromRA) {
-                CMS.debug("CertRequestSubmitter: request from RA: " + uid);
+                CMS.debug("CertProcessor: request from RA: " + uid);
                 req.setExtData(ARG_REQUEST_OWNER, uid);
             }
 
@@ -326,18 +327,18 @@ public class CertProcessor extends CAProcessor {
 
             if (setId == null) {
                 // no profile set found
-                CMS.debug("CertRequestSubmitter: no profile policy set found");
+                CMS.debug("CertProcessor: no profile policy set found");
                 throw new EBaseException(CMS.getUserMessage(locale, "CMS_PROFILE_NO_POLICY_SET_FOUND"));
             }
 
-            CMS.debug("CertRequestSubmitter profileSetid=" + setId);
+            CMS.debug("CertProcessor: profileSetid=" + setId);
             req.setExtData(ARG_PROFILE_SET_ID, setId);
             req.setExtData(ARG_PROFILE_REMOTE_HOST, data.getRemoteHost());
             req.setExtData(ARG_PROFILE_REMOTE_ADDR, data.getRemoteAddr());
 
-            CMS.debug("CertRequestSubmitter: request " + req.getRequestId().toString());
+            CMS.debug("CertProcessor: request " + req.getRequestId());
 
-            CMS.debug("CertRequestSubmitter: populating request inputs");
+            CMS.debug("CertProcessor: populating request inputs");
             // give authenticator a chance to populate the request
             if (authenticator != null) {
                 authenticator.populate(authToken, req);
diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java
index 8d9d05cb7..960f997cd 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java
@@ -127,13 +127,13 @@ public class EnrollmentProcessor extends CertProcessor {
                 printParameterValues(params);
             }
 
-            CMS.debug("EnrollmentSubmitter: isRenewal false");
+            CMS.debug("EnrollmentProcessor: isRenewal false");
             startTiming("enrollment");
 
             // if we did not configure profileId in xml file,
             // then accept the user-provided one
             String profileId = (this.profileID == null) ? data.getProfileId() : this.profileID;
-            CMS.debug("EnrollmentSubmitter: profileId " + profileId);
+            CMS.debug("EnrollmentProcessor: profileId " + profileId);
 
             IProfile profile = ps.getProfile(profileId);
             if (profile == null) {
@@ -141,17 +141,17 @@ public class EnrollmentProcessor extends CertProcessor {
                 throw new BadRequestDataException(CMS.getUserMessage(locale, "CMS_PROFILE_NOT_FOUND", CMSTemplate.escapeJavaScriptStringHTML(profileId)));
             }
             if (!ps.isProfileEnable(profileId)) {
-                CMS.debug("EnrollmentSubmitter: Profile " + profileId + " not enabled");
+                CMS.debug("EnrollmentProcessor: Profile " + profileId + " not enabled");
                 throw new BadRequestDataException("Profile " + profileId + " not enabled");
             }
 
             IProfileContext ctx = profile.createContext();
-            CMS.debug("EnrollmentSubmitter: set Inputs into profile Context");
+            CMS.debug("EnrollmentProcessor: set Inputs into profile Context");
             setInputsIntoContext(data, profile, ctx);
 
             IProfileAuthenticator authenticator = profile.getAuthenticator();
             if (authenticator != null) {
-                CMS.debug("EnrollmentSubmitter: authenticator " + authenticator.getName() + " found");
+                CMS.debug("EnrollmentProcessor: authenticator " + authenticator.getName() + " found");
                 setCredentialsIntoContext(request, authenticator, ctx);
             }
 
@@ -160,7 +160,7 @@ public class EnrollmentProcessor extends CertProcessor {
             SessionContext context = SessionContext.getContext();
             context.put("profileContext", ctx);
             context.put("sslClientCertProvider", new SSLClientCertProvider(request));
-            CMS.debug("EnrollmentSubmitter: set sslClientCertProvider");
+            CMS.debug("EnrollmentProcessor: set sslClientCertProvider");
 
             // before creating the request, authenticate the request
             IAuthToken authToken = authenticate(request, null, authenticator, context, false);
diff --git a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java
index 28b1b5130..b9af84bc9 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java
@@ -257,7 +257,8 @@ public class CAProcessor extends Processor {
     }
 
     protected void printParameterValues(HashMap<String, String> data) {
-        CMS.debug("Start of CertProcessor Input Parameters");
+
+        CMS.debug("CAProcessor: Input Parameters:");
 
         for (Entry<String, String> entry : data.entrySet()) {
             String paramName = entry.getKey();
@@ -280,13 +281,11 @@ public class CAProcessor extends Processor {
                     paramName.equalsIgnoreCase("pwd") ||
                     paramName.equalsIgnoreCase("pwdagain") ||
                     paramName.equalsIgnoreCase("uPasswd")) {
-                CMS.debug("CertProcessor Input Parameter " + paramName + "='(sensitive)'");
+                CMS.debug("CAProcessor: - " + paramName + ": (sensitive)");
             } else {
-                CMS.debug("CertProcessor Input Parameter " + paramName + "='" + entry.getValue() + "'");
+                CMS.debug("CAProcessor: - " + paramName + ": " + entry.getValue());
             }
         }
-
-        CMS.debug("End of CertProcessor Input Parameters");
     }
 
     /**
author	Endi S. Dewata <edewata@redhat.com>	2015-08-05 19:10:19 +0200
committer	Endi S. Dewata <edewata@redhat.com>	2015-08-05 21:14:24 +0200
commit	fec55e3cfa8c0917ef63f3d6289fe3788f80bf33 (patch)
tree	c937cced832af56e63e710f2572efadcf3e7f47a /base/server
parent	6999197b067af920b53c75e17dc20181ba49e997 (diff)
download	pki-fec55e3cfa8c0917ef63f3d6289fe3788f80bf33.tar.gz pki-fec55e3cfa8c0917ef63f3d6289fe3788f80bf33.tar.xz pki-fec55e3cfa8c0917ef63f3d6289fe3788f80bf33.zip