Fixed LDAP error handling in TokenService.

The DBSSession has been modified to attach the LDAPException
to the EDBException. The TokenService will catch the EDBException
and obtain the orignal LDAPException. This way the TokenService
can obtain the LDAP error code and throw the proper exception
the client.

https://fedorahosted.org/pki/ticket/1646

3 files changed, 71 insertions, 14 deletions

diff --git a/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java b/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
index a7df8bac7..1b1835989 100644
--- a/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
+++ b/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
@@ -37,4 +37,8 @@ public class EDBNotAvailException extends EDBException {
     public EDBNotAvailException(String errorString) {
         super(errorString);
     }
+
+    public EDBNotAvailException(String errorString, Exception e) {
+        super(errorString, e);
+    }
 }
diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSSession.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSSession.java
index ad1be6602..2bfd5f2da 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSSession.java
+++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSSession.java
@@ -19,18 +19,6 @@ package com.netscape.cmscore.dbs;
 
 import java.util.Enumeration;
 
-import netscape.ldap.LDAPAttribute;
-import netscape.ldap.LDAPAttributeSet;
-import netscape.ldap.LDAPConnection;
-import netscape.ldap.LDAPEntry;
-import netscape.ldap.LDAPException;
-import netscape.ldap.LDAPModification;
-import netscape.ldap.LDAPModificationSet;
-import netscape.ldap.LDAPSearchConstraints;
-import netscape.ldap.LDAPSearchResults;
-import netscape.ldap.LDAPv2;
-import netscape.ldap.controls.LDAPPersistSearchControl;
-
 import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.ISubsystem;
@@ -46,6 +34,18 @@ import com.netscape.certsrv.dbs.Modification;
 import com.netscape.certsrv.dbs.ModificationSet;
 import com.netscape.certsrv.logging.ILogger;
 
+import netscape.ldap.LDAPAttribute;
+import netscape.ldap.LDAPAttributeSet;
+import netscape.ldap.LDAPConnection;
+import netscape.ldap.LDAPEntry;
+import netscape.ldap.LDAPException;
+import netscape.ldap.LDAPModification;
+import netscape.ldap.LDAPModificationSet;
+import netscape.ldap.LDAPSearchConstraints;
+import netscape.ldap.LDAPSearchResults;
+import netscape.ldap.LDAPv2;
+import netscape.ldap.controls.LDAPPersistSearchControl;
+
 /**
  * A class represents the database session. Operations
  * can be performed with a session.
@@ -119,9 +119,9 @@ public class DBSSession implements IDBSSession {
         } catch (LDAPException e) {
             if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE)
                 throw new EDBNotAvailException(
-                        CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE"));
+                        CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE"), e);
             throw new EDBException(CMS.getUserMessage("CMS_DBS_LDAP_OP_FAILURE",
-                        name + " " + e.toString()));
+                        name + ": " + e.getMessage()), e);
         }
     }
 
diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
index 92ca882fd..1a3a4e96a 100644
--- a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
+++ b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
@@ -45,12 +45,16 @@ import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.base.BadRequestException;
 import com.netscape.certsrv.base.IConfigStore;
 import com.netscape.certsrv.base.PKIException;
+import com.netscape.certsrv.dbs.EDBException;
+import com.netscape.certsrv.ldap.LDAPExceptionConverter;
 import com.netscape.certsrv.tps.token.TokenCollection;
 import com.netscape.certsrv.tps.token.TokenData;
 import com.netscape.certsrv.tps.token.TokenResource;
 import com.netscape.certsrv.tps.token.TokenStatus;
 import com.netscape.cms.servlet.base.PKIService;
 
+import netscape.ldap.LDAPException;
+
 /**
  * @author Endi S. Dewata
  */
@@ -280,6 +284,13 @@ public class TokenService extends PKIService implements TokenResource {
 
             return createOKResponse(response);
 
+        } catch (EDBException e) {
+            Throwable t = e.getCause();
+            if (t != null && t instanceof LDAPException) {
+                throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+            }
+            throw new PKIException(e);
+
         } catch (PKIException e) {
             throw e;
 
@@ -302,6 +313,13 @@ public class TokenService extends PKIService implements TokenResource {
 
             return createOKResponse(createTokenData(database.getRecord(tokenID)));
 
+        } catch (EDBException e) {
+            Throwable t = e.getCause();
+            if (t != null && t instanceof LDAPException) {
+                throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+            }
+            throw new PKIException(e);
+
         } catch (PKIException e) {
             throw e;
 
@@ -348,6 +366,13 @@ public class TokenService extends PKIService implements TokenResource {
             subsystem.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord,
                 ipAddress, msg, "failure", remoteUser);
 
+            if (e instanceof EDBException) {
+                Throwable t = e.getCause();
+                if (t != null && t instanceof LDAPException) {
+                    throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+                }
+            }
+
             if (e instanceof PKIException) {
                 throw (PKIException)e;
             }
@@ -395,6 +420,13 @@ public class TokenService extends PKIService implements TokenResource {
                 ipAddress, msg, "failure",
                 remoteUser);
 
+            if (e instanceof EDBException) {
+                Throwable t = e.getCause();
+                if (t != null && t instanceof LDAPException) {
+                    throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+                }
+            }
+
             if (e instanceof PKIException) {
                 throw (PKIException)e;
             }
@@ -489,6 +521,13 @@ public class TokenService extends PKIService implements TokenResource {
                 ipAddress, msg, "failure",
                 remoteUser);
 
+            if (e instanceof EDBException) {
+                Throwable t = e.getCause();
+                if (t != null && t instanceof LDAPException) {
+                    throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+                }
+            }
+
             if (e instanceof PKIException) {
                 throw (PKIException)e;
             }
@@ -546,6 +585,13 @@ public class TokenService extends PKIService implements TokenResource {
                 ipAddress, msg, "failure",
                 remoteUser);
 
+            if (e instanceof EDBException) {
+                Throwable t = e.getCause();
+                if (t != null && t instanceof LDAPException) {
+                    throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+                }
+            }
+
             if (e instanceof PKIException) {
                 throw (PKIException)e;
             }
@@ -589,6 +635,13 @@ public class TokenService extends PKIService implements TokenResource {
                 ipAddress, msg, "failure",
                 remoteUser);
 
+            if (e instanceof EDBException) {
+                Throwable t = e.getCause();
+                if (t != null && t instanceof LDAPException) {
+                    throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+                }
+            }
+
             if (e instanceof PKIException) {
                 throw (PKIException)e;
             }