diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2014-12-02 17:25:55 -0500 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2014-12-15 11:57:07 -0500 |
| commit | 5d82ad42001875e28a48ba374d4a467c9ec91f5c (patch) | |
| tree | 2c32fd69b42077d8fa424ffa8194f4bcddc3f6d6 /base | |
| parent | aab703ab457ff02d8623933a15574a556dae5e99 (diff) | |
| download | pki-5d82ad42001875e28a48ba374d4a467c9ec91f5c.tar.gz pki-5d82ad42001875e28a48ba374d4a467c9ec91f5c.tar.xz pki-5d82ad42001875e28a48ba374d4a467c9ec91f5c.zip | |
Added rangeUnit property to certificate profiles.
A new optional property has been added to certificate profiles to
specify the range unit. The default range unit is 'day'. The code
has been modified to use the Calendar API to calculate the end of
validity range based on the range unit.
https://fedorahosted.org/pki/ticket/1226
Diffstat (limited to 'base')
13 files changed, 213 insertions, 55 deletions
diff --git a/base/ca/src/org/dogtagpki/server/ca/rest/CertService.java b/base/ca/src/org/dogtagpki/server/ca/rest/CertService.java index 6b5ea2ca4..ee974d446 100644 --- a/base/ca/src/org/dogtagpki/server/ca/rest/CertService.java +++ b/base/ca/src/org/dogtagpki/server/ca/rest/CertService.java @@ -487,8 +487,9 @@ public class CertService extends PKIService implements CertResource { infos.addLink(new Link("next", uri)); } - } catch (Exception e1) { - throw new PKIException("Error searching certs in CertService.searchCerts!", e1); + } catch (Exception e) { + CMS.debug(e); + throw new PKIException("Unable to search certificates: " + e, e); } return createOKResponse(infos); diff --git a/base/server/cms/src/com/netscape/cms/profile/constraint/EnrollConstraint.java b/base/server/cms/src/com/netscape/cms/profile/constraint/EnrollConstraint.java index eb3eb14f6..96b29d669 100644 --- a/base/server/cms/src/com/netscape/cms/profile/constraint/EnrollConstraint.java +++ b/base/server/cms/src/com/netscape/cms/profile/constraint/EnrollConstraint.java @@ -88,18 +88,36 @@ public abstract class EnrollConstraint implements IPolicyConstraint { } public String getConfig(String name) { + return getConfig(name, ""); + } + + /** + * Get constraint parameter in profile configuration. + * + * @param name parameter name + * @param defval default value if parameter does not exist + * @return parameter value if exists, defval if does not exist, or null if error occured + */ + public String getConfig(String name, String defval) { + + if (mConfig == null) { + CMS.debug("Error: Missing profile configuration"); + return null; + } + + IConfigStore params = mConfig.getSubStore("params"); + if (params == null) { + CMS.debug("Error: Missing constraint parameters"); + return null; + } + try { - if (mConfig == null) - return null; - if (mConfig.getSubStore("params") != null) { - String val = mConfig.getSubStore("params").getString(name); + return params.getString(name, defval); - return val; - } } catch (EBaseException e) { - CMS.debug(e.toString()); + CMS.debug(e); + return null; } - return ""; } public void init(IProfile profile, IConfigStore config) diff --git a/base/server/cms/src/com/netscape/cms/profile/constraint/ValidityConstraint.java b/base/server/cms/src/com/netscape/cms/profile/constraint/ValidityConstraint.java index accbd9d2d..eaf0b3bbf 100644 --- a/base/server/cms/src/com/netscape/cms/profile/constraint/ValidityConstraint.java +++ b/base/server/cms/src/com/netscape/cms/profile/constraint/ValidityConstraint.java @@ -18,6 +18,7 @@ package com.netscape.cms.profile.constraint; import java.io.IOException; +import java.util.Calendar; import java.util.Date; import java.util.Locale; @@ -50,6 +51,7 @@ import com.netscape.cms.profile.def.ValidityDefault; public class ValidityConstraint extends EnrollConstraint { public static final String CONFIG_RANGE = "range"; + public static final String CONFIG_RANGE_UNIT = "rangeUnit"; public static final String CONFIG_NOT_BEFORE_GRACE_PERIOD = "notBeforeGracePeriod"; public static final String CONFIG_CHECK_NOT_BEFORE = "notBeforeCheck"; public static final String CONFIG_CHECK_NOT_AFTER = "notAfterCheck"; @@ -58,6 +60,7 @@ public class ValidityConstraint extends EnrollConstraint { public ValidityConstraint() { super(); addConfigName(CONFIG_RANGE); + addConfigName(CONFIG_RANGE_UNIT); addConfigName(CONFIG_NOT_BEFORE_GRACE_PERIOD); addConfigName(CONFIG_CHECK_NOT_BEFORE); addConfigName(CONFIG_CHECK_NOT_AFTER); @@ -86,6 +89,9 @@ public class ValidityConstraint extends EnrollConstraint { if (name.equals(CONFIG_RANGE)) { return new Descriptor(IDescriptor.INTEGER, null, "365", CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_RANGE")); + } else if (name.equals(CONFIG_RANGE_UNIT)) { + return new Descriptor(IDescriptor.STRING, null, "day", + CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_RANGE_UNIT")); } else if (name.equals(CONFIG_NOT_BEFORE_GRACE_PERIOD)) { return new Descriptor(IDescriptor.INTEGER, null, "0", CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_NOT_BEFORE_GRACE_PERIOD")); @@ -99,33 +105,57 @@ public class ValidityConstraint extends EnrollConstraint { return null; } + public int convertRangeUnit(String unit) throws Exception { + + if (unit.equals("year")) { + return Calendar.YEAR; + + } else if (unit.equals("month")) { + return Calendar.MONTH; + + } else if (unit.equals("day")) { + return Calendar.DAY_OF_YEAR; + + } else if (unit.equals("hour")) { + return Calendar.HOUR_OF_DAY; + + } else if (unit.equals("minute")) { + return Calendar.MINUTE; + + } else { + throw new Exception("Invalid range unit: " + unit); + } + } + /** * Validates the request. The request is not modified * during the validation. */ public void validate(IRequest request, X509CertInfo info) throws ERejectException { - CertificateValidity v = null; + CertificateValidity v; try { v = (CertificateValidity) info.get(X509CertInfo.VALIDITY); } catch (Exception e) { throw new ERejectException(CMS.getUserMessage(getLocale(request), "CMS_PROFILE_VALIDITY_NOT_FOUND")); } - Date notBefore = null; + Date notBefore; try { notBefore = (Date) v.get(CertificateValidity.NOT_BEFORE); + CMS.debug("ValidityConstraint: not before: " + notBefore); } catch (IOException e) { CMS.debug("ValidityConstraint: not before not found"); throw new ERejectException(CMS.getUserMessage(getLocale(request), "CMS_PROFILE_VALIDITY_NOT_FOUND")); } - Date notAfter = null; + Date notAfter; try { notAfter = (Date) v.get(CertificateValidity.NOT_AFTER); + CMS.debug("ValidityConstraint: not after: " + notAfter); } catch (IOException e) { CMS.debug("ValidityConstraint: not after not found"); throw new ERejectException(CMS.getUserMessage(getLocale(request), @@ -138,18 +168,34 @@ public class ValidityConstraint extends EnrollConstraint { "CMS_PROFILE_NOT_AFTER_BEFORE_NOT_BEFORE")); } - long millisDiff = notAfter.getTime() - notBefore.getTime(); - CMS.debug("ValidityConstraint: millisDiff=" - + millisDiff + " notAfter=" + notAfter.getTime() + " notBefore=" + notBefore.getTime()); - long long_days = (millisDiff / 1000) / 86400; - CMS.debug("ValidityConstraint: long_days: " + long_days); - int days = (int) long_days; - CMS.debug("ValidityConstraint: days: " + days); + String rangeStr = getConfig(CONFIG_RANGE, "365"); + CMS.debug("ValidityConstraint: range: " + rangeStr); + int range = Integer.parseInt(rangeStr); + + String rangeUnitStr = getConfig(CONFIG_RANGE_UNIT, "day"); + CMS.debug("ValidityConstraint: range unit: " + rangeUnitStr); + + int rangeUnit; + try { + rangeUnit = convertRangeUnit(rangeUnitStr); + } catch (Exception e) { + throw new ERejectException(CMS.getUserMessage(getLocale(request), + "CMS_PROFILE_VALIDITY_INVALID_RANGE_UNIT", + rangeUnitStr)); + } + + // calculate the end of validity range + Calendar date = Calendar.getInstance(); + date.setTime(notBefore); + date.add(rangeUnit, range); + + Date limit = date.getTime(); + CMS.debug("ValidityConstraint: limit: " + limit); - if (days > Integer.parseInt(getConfig(CONFIG_RANGE))) { + if (notAfter.after(limit)) { throw new ERejectException(CMS.getUserMessage(getLocale(request), "CMS_PROFILE_VALIDITY_OUT_OF_RANGE", - Integer.toString(days))); + notAfter.toString(), limit.toString())); } // 613828 diff --git a/base/server/cms/src/com/netscape/cms/profile/def/EnrollDefault.java b/base/server/cms/src/com/netscape/cms/profile/def/EnrollDefault.java index 417f78123..5c2029a0f 100644 --- a/base/server/cms/src/com/netscape/cms/profile/def/EnrollDefault.java +++ b/base/server/cms/src/com/netscape/cms/profile/def/EnrollDefault.java @@ -107,15 +107,36 @@ public abstract class EnrollDefault implements IPolicyDefault, ICertInfoPolicyDe } public String getConfig(String name) { + return getConfig(name, ""); + } + + /** + * Get constraint parameter in profile configuration. + * + * @param name parameter name + * @param defval default value if parameter does not exist + * @return parameter value if exists, defval if does not exist, or null if error occured + */ + public String getConfig(String name, String defval) { + + if (mConfig == null) { + CMS.debug("Error: Missing profile configuration"); + return null; + } + + IConfigStore params = mConfig.getSubStore("params"); + if (params == null) { + CMS.debug("Error: Missing constraint parameters"); + return null; + } + try { - if (mConfig == null) - return null; - if (mConfig.getSubStore("params") != null) { - return mConfig.getSubStore("params").getString(name); - } + return params.getString(name, defval); + } catch (EBaseException e) { + CMS.debug(e); + return null; } - return ""; } public void init(IProfile profile, IConfigStore config) diff --git a/base/server/cms/src/com/netscape/cms/profile/def/ValidityDefault.java b/base/server/cms/src/com/netscape/cms/profile/def/ValidityDefault.java index b649c7076..02807346f 100644 --- a/base/server/cms/src/com/netscape/cms/profile/def/ValidityDefault.java +++ b/base/server/cms/src/com/netscape/cms/profile/def/ValidityDefault.java @@ -20,6 +20,7 @@ package com.netscape.cms.profile.def; import java.io.IOException; import java.text.ParsePosition; import java.text.SimpleDateFormat; +import java.util.Calendar; import java.util.Date; import java.util.Locale; @@ -44,6 +45,7 @@ import com.netscape.certsrv.request.IRequest; */ public class ValidityDefault extends EnrollDefault { public static final String CONFIG_RANGE = "range"; + public static final String CONFIG_RANGE_UNIT = "rangeUnit"; public static final String CONFIG_START_TIME = "startTime"; public static final String VAL_NOT_BEFORE = "notBefore"; @@ -51,11 +53,10 @@ public class ValidityDefault extends EnrollDefault { public static final String DATE_FORMAT = "yyyy-MM-dd HH:mm:ss"; - private long mDefault = 86400000; // 1 days - public ValidityDefault() { super(); addConfigName(CONFIG_RANGE); + addConfigName(CONFIG_RANGE_UNIT); addConfigName(CONFIG_START_TIME); addValueName(VAL_NOT_BEFORE); addValueName(VAL_NOT_AFTER); @@ -93,6 +94,12 @@ public class ValidityDefault extends EnrollDefault { "7305", CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_RANGE")); + } else if (name.equals(CONFIG_RANGE_UNIT)) { + return new Descriptor(IDescriptor.STRING, + null, + "day", + CMS.getUserMessage(locale, + "CMS_PROFILE_VALIDITY_RANGE_UNIT")); } else if (name.equals(CONFIG_START_TIME)) { return new Descriptor(IDescriptor.STRING, null, @@ -216,13 +223,37 @@ public class ValidityDefault extends EnrollDefault { getConfig(CONFIG_RANGE)); } + public int convertRangeUnit(String unit) throws Exception { + + if (unit.equals("year")) { + return Calendar.YEAR; + + } else if (unit.equals("month")) { + return Calendar.MONTH; + + } else if (unit.equals("day")) { + return Calendar.DAY_OF_YEAR; + + } else if (unit.equals("hour")) { + return Calendar.HOUR_OF_DAY; + + } else if (unit.equals("minute")) { + return Calendar.MINUTE; + + } else { + throw new Exception("Invalid range unit: " + unit); + } + } + /** * Populates the request with this policy default. */ public void populate(IRequest request, X509CertInfo info) throws EProfileException { + // always + 60 seconds String startTimeStr = getConfig(CONFIG_START_TIME); + CMS.debug("ValidityDefault: start time: " + startTimeStr); try { startTimeStr = mapPattern(request, startTimeStr); } catch (IOException e) { @@ -233,21 +264,43 @@ public class ValidityDefault extends EnrollDefault { startTimeStr = "60"; } int startTime = Integer.parseInt(startTimeStr); + Date notBefore = new Date(CMS.getCurrentDate().getTime() + (1000 * startTime)); - long notAfterVal = 0; + CMS.debug("ValidityDefault: not before: " + notBefore); + + String rangeStr = getConfig(CONFIG_RANGE, "7305"); + CMS.debug("ValidityDefault: range: " + rangeStr); + int range; try { - String rangeStr = getConfig(CONFIG_RANGE); rangeStr = mapPattern(request, rangeStr); - notAfterVal = notBefore.getTime() + - (mDefault * Integer.parseInt(rangeStr)); - } catch (Exception e) { - // configured value is not correct - CMS.debug("ValidityDefault: populate " + e.toString()); + range = Integer.parseInt(rangeStr); + } catch (IOException e) { + CMS.debug(e); throw new EProfileException(CMS.getUserMessage( getLocale(request), "CMS_INVALID_PROPERTY", CONFIG_RANGE)); } - Date notAfter = new Date(notAfterVal); + + String rangeUnitStr = getConfig(CONFIG_RANGE_UNIT, "day"); + CMS.debug("ValidityDefault: range unit: " + rangeUnitStr); + + int rangeUnit; + try { + rangeUnit = convertRangeUnit(rangeUnitStr); + } catch (Exception e) { + CMS.debug(e); + throw new EProfileException(CMS.getUserMessage( + getLocale(request), "CMS_INVALID_PROPERTY", CONFIG_RANGE_UNIT)); + } + + // calculate the end of validity range + Calendar date = Calendar.getInstance(); + date.setTime(notBefore); + date.add(rangeUnit, range); + + Date notAfter = date.getTime(); + CMS.debug("ValidityDefault: not after: " + notAfter); + CertificateValidity validity = new CertificateValidity(notBefore, notAfter); diff --git a/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java index 74c1a94a6..b8cf27cc5 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java @@ -1898,6 +1898,8 @@ public final class CMSAdminServlet extends AdminServlet { certpath = value; } + CMS.debug("CMSAdminServlet: installCert(" + nickname + ")"); + try { if (pkcs == null || pkcs.equals("")) { if (certpath == null || certpath.equals("")) { @@ -2191,7 +2193,7 @@ public final class CMSAdminServlet extends AdminServlet { boolean verified = CMS.verifySystemCertByNickname(nickname, null); if (verified == true) { - CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() succeeded:" + nickname); + CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() succeeded: " + nickname); auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION, auditSubjectID, @@ -2200,7 +2202,7 @@ public final class CMSAdminServlet extends AdminServlet { audit(auditMessage); } else { - CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() failed:" + nickname); + CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() failed: " + nickname); auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION, auditSubjectID, diff --git a/base/server/cmsbundle/src/UserMessages.properties b/base/server/cmsbundle/src/UserMessages.properties index fe43094e6..2dc1f268c 100644 --- a/base/server/cmsbundle/src/UserMessages.properties +++ b/base/server/cmsbundle/src/UserMessages.properties @@ -833,12 +833,14 @@ CMS_PROFILE_GENERAL_NAMES=General Names CMS_PROFILE_VALIDITY_CHECK_NOT_BEFORE=Check Not Before against current time CMS_PROFILE_VALIDITY_CHECK_NOT_AFTER=Check Not After against Not Before CMS_PROFILE_VALIDITY_NOT_BEFORE_GRACE_PERIOD=Grace period for Not Before being set in the future (in seconds). -CMS_PROFILE_VALIDITY_RANGE=Validity Range (in days) +CMS_PROFILE_VALIDITY_RANGE=Validity Range +CMS_PROFILE_VALIDITY_RANGE_UNIT=Validity Range Unit (default: day) CMS_PROFILE_VALIDITY_START_TIME=Relative Start Time (in seconds) CMS_PROFILE_NOT_BEFORE_RANDOM_BITS=Not Before Random Bits CMS_PROFILE_NOT_AFTER_RANDOM_BITS=Not After Random Bits CMS_PROFILE_BYPASS_CA_NOTAFTER=Bypass CA notAfter constraint -CMS_PROFILE_VALIDITY_OUT_OF_RANGE=Validity Out of Range {0} days +CMS_PROFILE_VALIDITY_INVALID_RANGE_UNIT=Invalid Range Unit: {0} +CMS_PROFILE_VALIDITY_OUT_OF_RANGE=Validity Out of Range: {0} is after {1} CMS_PROFILE_RENEW_GRACE_BEFORE=Renewal Grace Period Before CMS_PROFILE_RENEW_GRACE_AFTER=Renewal Grace Period After CMS_PROFILE_RENEW_OUTSIDE_GRACE_PERIOD=Outside of Renewal Grace Period: {0} diff --git a/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java b/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java index 68c64824e..04ff5ec46 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java +++ b/base/server/cmscore/src/com/netscape/cmscore/apps/CMSEngine.java @@ -1420,6 +1420,7 @@ public class CMSEngine implements ICMSEngine { } public boolean verifySystemCertByNickname(String nickname, String certificateUsage) { + CMS.debug("CMSEngine: verifySystemCertByNickname(" + nickname + ", " + certificateUsage + ")"); return CertUtils.verifySystemCertByNickname(nickname, certificateUsage); } diff --git a/base/server/cmscore/src/com/netscape/cmscore/cert/CertUtils.java b/base/server/cmscore/src/com/netscape/cmscore/cert/CertUtils.java index 9dc33e541..244c36dc7 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/cert/CertUtils.java +++ b/base/server/cmscore/src/com/netscape/cmscore/cert/CertUtils.java @@ -831,6 +831,7 @@ public class CertUtils { * returns true if it verifies; false if any not */ public static boolean verifySystemCertByNickname(String nickname, String certusage) { + CMS.debug("CertUtils: verifySystemCertByNickname(" + nickname + "," + certusage + ")"); boolean r = true; CertificateUsage cu = null; cu = getCertificateUsage(certusage); @@ -850,9 +851,9 @@ public class CertUtils { if (cu.getUsage() != CryptoManager.CertificateUsage.CheckAllUsages.getUsage()) { if (cm.isCertValid(nickname, true, cu)) { r = true; - CMS.debug("CertUtils: verifySystemCertByNickname() passed:" + nickname); + CMS.debug("CertUtils: verifySystemCertByNickname() passed: " + nickname); } else { - CMS.debug("CertUtils: verifySystemCertByNickname() failed:" + nickname); + CMS.debug("CertUtils: verifySystemCertByNickname() failed: " + nickname); r = false; } } else { @@ -864,7 +865,7 @@ public class CertUtils { CMS.debug("CertUtils: verifySystemCertByNickname() failed: cert is good for nothing:" + nickname); } else { r = true; - CMS.debug("CertUtils: verifySystemCertByNickname() passed:" + nickname); + CMS.debug("CertUtils: verifySystemCertByNickname() passed: " + nickname); if ((ccu & CryptoManager.CertificateUsage.SSLServer.getUsage()) != 0) CMS.debug("CertUtils: verifySystemCertByNickname(): cert is SSLServer"); @@ -905,6 +906,9 @@ public class CertUtils { * returns true if it verifies; false if any not */ public static boolean verifySystemCertByTag(String tag) { + + CMS.debug("CertUtils: verifySystemCertByTag(" + tag + ")"); + String auditMessage = null; IConfigStore config = CMS.getConfigStore(); boolean r = true; diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java index 653850e02..cd475cd56 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBRegistry.java @@ -460,7 +460,7 @@ public class DBRegistry implements IDBRegistry, ISubsystem { throw new EDBException(CMS.getLogMessage("CMS_DBS_MISSING_OBJECT_CLASS")); } - //CMS.debug("createObject: attrs " + attrs.toString()); + CMS.debug("createObject: attrs " + attrs); attrs.remove("objectclass"); diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java index be674bfd5..46b835472 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSubsystem.java @@ -640,6 +640,7 @@ public class DBSubsystem implements IDBSubsystem { tmpConfig.putString(PROP_BASEDN, mBaseDN); } catch (EBaseException e) { + CMS.debug(e); if (CMS.isPreOpMode()) return; throw e; @@ -648,15 +649,18 @@ public class DBSubsystem implements IDBSubsystem { try { mLdapConnFactory.init(tmpConfig); } catch (ELdapServerDownException e) { + CMS.debug(e); if (CMS.isPreOpMode()) return; throw new EDBNotAvailException( CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE")); - } catch (ELdapException ex) { + } catch (ELdapException e) { + CMS.debug(e); if (CMS.isPreOpMode()) return; - throw new EDBException(CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_ERROR", ex.toString())); + throw new EDBException(CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_ERROR", e.toString())); } catch (EBaseException e) { + CMS.debug(e); if (CMS.isPreOpMode()) return; throw e; @@ -767,8 +771,9 @@ public class DBSubsystem implements IDBSubsystem { reg.registerAttribute(ICRLIssuingPointRecord.ATTR_EXPIRED_CERTS, new ObjectStreamMapper(CRLDBSchema.LDAP_ATTR_EXPIRED_CERTS)); - if (!reg.isObjectClassRegistered( - RepositoryRecord.class.getName())) { + boolean registered = reg.isObjectClassRegistered(RepositoryRecord.class.getName()); + CMS.debug("registered: " + registered); + if (!registered) { String repRecordOC[] = new String[2]; repRecordOC[0] = RepositorySchema.LDAP_OC_TOP; @@ -776,6 +781,7 @@ public class DBSubsystem implements IDBSubsystem { reg.registerObjectClass( RepositoryRecord.class.getName(), repRecordOC); } + if (!reg.isAttributeRegistered(IRepositoryRecord.ATTR_SERIALNO)) { reg.registerAttribute(IRepositoryRecord.ATTR_SERIALNO, new BigIntegerMapper(RepositorySchema.LDAP_ATTR_SERIALNO)); @@ -790,6 +796,7 @@ public class DBSubsystem implements IDBSubsystem { } } catch (EBaseException e) { + CMS.debug(e); if (CMS.isPreOpMode()) return; throw e; diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java index cfe958807..0e3ffc13b 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/LDAPDatabase.java @@ -55,6 +55,9 @@ public abstract class LDAPDatabase<E extends IDBObj> extends Database<E> { } public void register(Class<E> recordType) throws EBaseException { + + CMS.debug("registering " + recordType.getName()); + IDBRegistry dbRegistry = dbSubsystem.getRegistry(); // register object classes diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/Repository.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/Repository.java index e6b6e831e..0d789cc64 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/dbs/Repository.java +++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/Repository.java @@ -132,7 +132,7 @@ public abstract class Repository implements IRepository { protected BigInteger getSerialNumber() throws EBaseException { IDBSSession s = mDB.createSession(); - CMS.debug("Repository: getSerialNumber."); + CMS.debug("Repository: getSerialNumber()"); RepositoryRecord rec = null; try { @@ -327,7 +327,7 @@ public abstract class Repository implements IRepository { } protected void initCacheIfNeeded() throws EBaseException { - if (mLastSerialNo == null) + if (mLastSerialNo == null) initCache(); } @@ -401,15 +401,15 @@ public abstract class Repository implements IRepository { BigInteger retSerial = new BigInteger(mLastSerialNo.toString()); CMS.debug("Repository: getNextSerialNumber: returning retSerial " + retSerial); - return retSerial; + return retSerial; } /** * Checks to see if range needs to be switched. - * + * * @exception EBaseException thrown when next range is not allocated */ - protected void checkRange() throws EBaseException + protected void checkRange() throws EBaseException { // check if we have reached the end of the range // if so, move to next range |