diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2015-09-28 10:40:32 +0200 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2015-09-30 15:27:11 +0200 |
| commit | 6a1606ee52022e2abc023efc5be155f4fe76e84b (patch) | |
| tree | 69a35c76f3df65b350c0360f3dec09f5bfcd6d28 /base/server | |
| parent | 2cc49770d1351e451fecacf0ed12aa7f2a968ac0 (diff) | |
| download | pki-6a1606ee52022e2abc023efc5be155f4fe76e84b.tar.gz pki-6a1606ee52022e2abc023efc5be155f4fe76e84b.tar.xz pki-6a1606ee52022e2abc023efc5be155f4fe76e84b.zip | |
Relocated legacy cert enrollment methods.
The EnrollmentProcessor.processEnrollment() and RenewalProcessor.
processRenewal() methods that take CMSRequest object have been
moved into ProfileSubmitServlet because they are only used by
the legacy servlet.
https://fedorahosted.org/pki/ticket/1463
Diffstat (limited to 'base/server')
4 files changed, 73 insertions, 52 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java index e5b9a14df..c1faabf39 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java +++ b/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java @@ -29,8 +29,8 @@ import com.netscape.certsrv.base.BadRequestDataException; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.EPropertyNotFound; import com.netscape.certsrv.base.SessionContext; -import com.netscape.certsrv.cert.CertEnrollmentRequest; import com.netscape.certsrv.ca.AuthorityID; +import com.netscape.certsrv.cert.CertEnrollmentRequest; import com.netscape.certsrv.profile.IEnrollProfile; import com.netscape.certsrv.profile.IProfile; import com.netscape.certsrv.profile.IProfileAuthenticator; @@ -39,7 +39,6 @@ import com.netscape.certsrv.profile.IProfileInput; import com.netscape.certsrv.profile.ProfileAttribute; import com.netscape.certsrv.profile.ProfileInput; import com.netscape.certsrv.request.IRequest; -import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.profile.SSLClientCertProvider; import com.netscape.cmsutil.ldap.LDAPUtil; @@ -84,26 +83,6 @@ public class EnrollmentProcessor extends CertProcessor { } /** - * Called by the legacy servlets to access the Processor function - * @param request - * @return - * @throws EBaseException - */ - public HashMap<String, Object> processEnrollment(CMSRequest cmsReq) throws EBaseException { - HttpServletRequest req = cmsReq.getHttpReq(); - String profileId = (this.profileID == null) ? req.getParameter("profileId") : this.profileID; - IProfile profile = ps.getProfile(profileId); - - if (profile == null) { - CMS.debug(CMS.getUserMessage(locale, "CMS_PROFILE_NOT_FOUND", CMSTemplate.escapeJavaScriptStringHTML(profileId))); - throw new BadRequestDataException(CMS.getUserMessage(locale, "CMS_PROFILE_NOT_FOUND",CMSTemplate.escapeJavaScriptStringHTML(profileId))); - } - - CertEnrollmentRequest data = CertEnrollmentRequestFactory.create(cmsReq, profile, locale); - return processEnrollment(data, cmsReq.getHttpReq(), null); - } - - /** * Process the HTTP request * <P> * diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/RenewalProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/cert/RenewalProcessor.java index efd1d7b0c..5ebbbff8f 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/cert/RenewalProcessor.java +++ b/base/server/cms/src/com/netscape/cms/servlet/cert/RenewalProcessor.java @@ -26,9 +26,6 @@ import java.util.Locale; import javax.servlet.http.HttpServletRequest; -import netscape.security.x509.BasicConstraintsExtension; -import netscape.security.x509.X509CertImpl; - import org.apache.commons.lang.StringUtils; import com.netscape.certsrv.apps.CMS; @@ -45,33 +42,18 @@ import com.netscape.certsrv.profile.IProfileAuthenticator; import com.netscape.certsrv.profile.IProfileContext; import com.netscape.certsrv.profile.IProfileInput; import com.netscape.certsrv.request.IRequest; -import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.profile.SSLClientCertProvider; +import netscape.security.x509.BasicConstraintsExtension; +import netscape.security.x509.X509CertImpl; + public class RenewalProcessor extends CertProcessor { public RenewalProcessor(String id, Locale locale) throws EPropertyNotFound, EBaseException { super(id, locale); } - public HashMap<String, Object> processRenewal(CMSRequest cmsReq) throws EBaseException { - HttpServletRequest req = cmsReq.getHttpReq(); - String profileId = (this.profileID == null) ? req.getParameter("profileId") : this.profileID; - IProfile profile = ps.getProfile(profileId); - if (profile == null) { - throw new BadRequestDataException(CMS.getUserMessage(locale, "CMS_PROFILE_NOT_FOUND", - CMSTemplate.escapeJavaScriptStringHTML(profileId))); - } - - CertEnrollmentRequest data = CertEnrollmentRequestFactory.create(cmsReq, profile, locale); - - //only used in renewal - data.setSerialNum(req.getParameter("serial_num")); - - return processRenewal(data, req); - } - /* * Renewal - Renewal is retrofitted into the Profile Enrollment * Framework. The authentication and authorization are taken from diff --git a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java index b9af84bc9..5f6f45cb8 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java +++ b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java @@ -34,8 +34,6 @@ import java.util.StringTokenizer; import javax.servlet.http.HttpServletRequest; -import netscape.security.x509.X509CertImpl; - import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.authentication.AuthToken; import com.netscape.certsrv.authentication.IAuthToken; @@ -69,6 +67,8 @@ import com.netscape.cms.servlet.common.CMSGateway; import com.netscape.cms.servlet.common.ServletUtils; import com.netscape.cmsutil.util.Utils; +import netscape.security.x509.X509CertImpl; + public class CAProcessor extends Processor { public final static String ARG_AUTH_TOKEN = "auth_token"; @@ -196,6 +196,14 @@ public class CAProcessor extends Processor { } } + public String getProfileID() { + return profileID; + } + + public IProfileSubsystem getProfileSubsystem() { + return ps; + } + /****************************************** * Stats - to be moved to Stats module ******************************************/ diff --git a/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java b/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java index 3f8d4c479..c26853db5 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java @@ -26,9 +26,6 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import netscape.security.x509.X509CertImpl; -import netscape.security.x509.X509CertInfo; - import org.w3c.dom.Node; import com.netscape.certsrv.apps.CMS; @@ -36,21 +33,28 @@ import com.netscape.certsrv.authentication.EAuthException; import com.netscape.certsrv.authorization.EAuthzException; import com.netscape.certsrv.base.BadRequestDataException; import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.cert.CertEnrollmentRequest; import com.netscape.certsrv.profile.EProfileException; import com.netscape.certsrv.profile.IEnrollProfile; import com.netscape.certsrv.profile.IProfile; import com.netscape.certsrv.profile.IProfileOutput; +import com.netscape.certsrv.profile.IProfileSubsystem; import com.netscape.certsrv.property.IDescriptor; import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.template.ArgList; import com.netscape.certsrv.template.ArgSet; +import com.netscape.cms.servlet.cert.CertEnrollmentRequestFactory; import com.netscape.cms.servlet.cert.EnrollmentProcessor; import com.netscape.cms.servlet.cert.RenewalProcessor; import com.netscape.cms.servlet.common.CMSRequest; +import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.processors.CAProcessor; import com.netscape.cmsutil.util.Cert; import com.netscape.cmsutil.xml.XMLObject; +import netscape.security.x509.X509CertImpl; +import netscape.security.x509.X509CertInfo; + /** * This servlet submits end-user request into the profile framework. * @@ -114,12 +118,10 @@ public class ProfileSubmitServlet extends ProfileServlet { try { if ((renewal != null) && (renewal.equalsIgnoreCase("true"))) { CMS.debug("ProfileSubmitServlet: isRenewal true"); - RenewalProcessor processor = new RenewalProcessor("caProfileSubmit", locale); - results = processor.processRenewal(cmsReq); + results = processRenewal(cmsReq); } else { CMS.debug("ProfileSubmitServlet: isRenewal false"); - EnrollmentProcessor processor = new EnrollmentProcessor("caProfileSubmit", locale); - results = processor.processEnrollment(cmsReq); + results = processEnrollment(cmsReq); } } catch (BadRequestDataException e) { CMS.debug("ProfileSubmitServlet: bad data provided in processing request: " + e.toString()); @@ -199,6 +201,56 @@ public class ProfileSubmitServlet extends ProfileServlet { } } + public HashMap<String, Object> processEnrollment(CMSRequest cmsReq) throws EBaseException { + + HttpServletRequest request = cmsReq.getHttpReq(); + Locale locale = getLocale(request); + + EnrollmentProcessor processor = new EnrollmentProcessor("caProfileSubmit", locale); + + String profileId = processor.getProfileID() == null ? request.getParameter("profileId") : processor.getProfileID(); + CMS.debug("ProfileSubmitServlet: profile: " + profileId); + + IProfileSubsystem ps = processor.getProfileSubsystem(); + IProfile profile = ps.getProfile(profileId); + + if (profile == null) { + CMS.debug("ProfileSubmitServlet: Profile " + profileId + " not found"); + throw new BadRequestDataException(CMS.getUserMessage(locale, "CMS_PROFILE_NOT_FOUND", + CMSTemplate.escapeJavaScriptStringHTML(profileId))); + } + + CertEnrollmentRequest data = CertEnrollmentRequestFactory.create(cmsReq, profile, locale); + return processor.processEnrollment(data, request, null); + } + + public HashMap<String, Object> processRenewal(CMSRequest cmsReq) throws EBaseException { + + HttpServletRequest request = cmsReq.getHttpReq(); + Locale locale = getLocale(request); + + RenewalProcessor processor = new RenewalProcessor("caProfileSubmit", locale); + + String profileId = processor.getProfileID() == null ? request.getParameter("profileId") : processor.getProfileID(); + CMS.debug("ProfileSubmitServlet: profile: " + profileId); + + IProfileSubsystem ps = processor.getProfileSubsystem(); + IProfile profile = ps.getProfile(profileId); + + if (profile == null) { + CMS.debug("ProfileSubmitServlet: Profile " + profileId + " not found"); + throw new BadRequestDataException(CMS.getUserMessage(locale, "CMS_PROFILE_NOT_FOUND", + CMSTemplate.escapeJavaScriptStringHTML(profileId))); + } + + CertEnrollmentRequest data = CertEnrollmentRequestFactory.create(cmsReq, profile, locale); + + //only used in renewal + data.setSerialNum(request.getParameter("serial_num")); + + return processor.processRenewal(data, request); + } + private void setOutputIntoArgs(IProfile profile, ArgList outputlist, Locale locale, IRequest req) { Enumeration<String> outputIds = profile.getProfileOutputIds(); |