diff options
author | Christina Fu <cfu@redhat.com> | 2014-09-05 11:16:02 -0700 |
---|---|---|
committer | Christina Fu <cfu@redhat.com> | 2014-09-05 11:32:24 -0700 |
commit | 3f14aa5c6a29170eedfc5a04b863bd7d13a03f34 (patch) | |
tree | 836d6040d366456f3f34906a5044a6b1afab4faa /base/tps | |
parent | 0bcedd2ab1b1c4e7a687ed61167bc7e0bfaf764a (diff) | |
download | pki-3f14aa5c6a29170eedfc5a04b863bd7d13a03f34.tar.gz pki-3f14aa5c6a29170eedfc5a04b863bd7d13a03f34.tar.xz pki-3f14aa5c6a29170eedfc5a04b863bd7d13a03f34.zip |
Ticket #882 - remove all certs belong to a token in tokendb before add
Diffstat (limited to 'base/tps')
-rw-r--r-- | base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java index ff0cdf043..1cb869079 100644 --- a/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java +++ b/base/tps/src/org/dogtagpki/server/tps/processor/TPSEnrollProcessor.java @@ -316,8 +316,17 @@ public class TPSEnrollProcessor extends TPSProcessor { } //update the tokendb with new certs CMS.debug("TPSEnrollProcessor.enroll: updating tokendb with certs."); + try { + // clean up the cert records used to belong to this token in tokendb + tps.tdb.tdbRemoveCertificatesByCUID(tokenRecord.getId()); + } catch (Exception e) { + auditMsg = "Attempt to clean up record with tdbRemoveCertificatesByCUID failed; token probably clean; continue anyway:" + e; + CMS.debug("TPSEnrollProcessor.enroll:" + auditMsg); + } + CMS.debug("TPSEnrollProcessor.enroll: adding certs to token with tdbAddCertificatesForCUID..."); ArrayList<TPSCertRecord> certRecords = certsInfo.toTPSCertRecords(tokenRecord.getId(), tokenRecord.getUserID()); tps.tdb.tdbAddCertificatesForCUID(tokenRecord.getId(), certRecords); + CMS.debug("TPSEnrollProcessor.enroll: tokendb updated with certs to the cuid so that it reflects what's on the token"); auditMsg = "appletVersion=" + lastObjVer + "; tokenType =" + selectedTokenType + "; userid =" + userid; if (renewed) { |