diff options
author | Endi S. Dewata <edewata@redhat.com> | 2017-06-06 16:41:02 +0200 |
---|---|---|
committer | Endi S. Dewata <edewata@redhat.com> | 2017-06-06 22:41:48 +0200 |
commit | 7af36652d58db983a1063125271003f06e9b3fb4 (patch) | |
tree | 0893b252f4d43d8d2cd2d919f6f3aaa174ebbdf0 /base | |
parent | 6c436a1e138bab76650277a25e608e07ef256ac1 (diff) | |
download | pki-7af36652d58db983a1063125271003f06e9b3fb4.tar.gz pki-7af36652d58db983a1063125271003f06e9b3fb4.tar.xz pki-7af36652d58db983a1063125271003f06e9b3fb4.zip |
Fixed client cert auth in PKI console.
The changes in 70520762af91b5dab41415028b1a6bfe66d42628 have been
reverted since it broke client cert auth in PKI console.
The PKI console session timeout is now detected by checking for
empty server response.
https://pagure.io/dogtagpki/issue/2643
Change-Id: Id075556620bc72cabcca3f303af54570d3ca1009
Diffstat (limited to 'base')
3 files changed, 54 insertions, 11 deletions
diff --git a/base/console/src/com/netscape/admin/certsrv/connection/AdminConnection.java b/base/console/src/com/netscape/admin/certsrv/connection/AdminConnection.java index 320531351..14b9c218d 100644 --- a/base/console/src/com/netscape/admin/certsrv/connection/AdminConnection.java +++ b/base/console/src/com/netscape/admin/certsrv/connection/AdminConnection.java @@ -18,6 +18,8 @@ package com.netscape.admin.certsrv.connection; import java.io.IOException; +import java.io.InterruptedIOException; +import java.net.SocketException; import java.net.UnknownHostException; import java.util.Enumeration; @@ -670,9 +672,45 @@ public class AdminConnection { //all errors will set the connection to null //to force re-connection and avoid null ptr exception - } catch (Exception e) { + } catch (IOException e) { + + // retry the connection to trigger client cert selection + retryConnection(); + + try { + return processRequest(request, useGET); - System.err.println("Session expired. Please restart PKI console to continue."); + } catch (InterruptedIOException ex) { + ex.printStackTrace(); + // timeout occurred + mConn = null; + + // set time out back to original + mCurrentTimeout = mDefaultTimeout; + throw new EAdminException(CMSAdminResources.SERVER_NORESPONSE, false); + + } catch (SocketException ex) { + ex.printStackTrace(); + mConn = null; + throw new EAdminException(CMSAdminResources.SERVER_UNREACHABLE, false); + + } catch (IOException ex) { + ex.printStackTrace(); + mConn = null; + throw new EAdminException(CMSAdminResources.SERVER_UNREACHABLE, false); + + } catch (EAdminException ex) { + ex.printStackTrace(); + throw ex; + + } catch (Exception ex) { + ex.printStackTrace(); + mConn = null; + throw new EAdminException(CMSAdminResources.UNKNOWNEXCEPTION, false); + } + + } catch (Exception e) { + System.err.println(e.getMessage()); System.exit(0); return null; diff --git a/base/console/src/com/netscape/admin/certsrv/connection/IConnection.java b/base/console/src/com/netscape/admin/certsrv/connection/IConnection.java index 3e4f76c1b..09e55eee2 100644 --- a/base/console/src/com/netscape/admin/certsrv/connection/IConnection.java +++ b/base/console/src/com/netscape/admin/certsrv/connection/IConnection.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.admin.certsrv.connection; -import java.io.IOException; import java.net.SocketException; /** @@ -34,7 +33,7 @@ public interface IConnection { /** * Send request to the server using this connection */ - public int sendRequest(String req) throws IOException; + public int sendRequest(String req) throws Exception; /** * Returns the response in byte array format diff --git a/base/console/src/com/netscape/admin/certsrv/connection/JSSConnection.java b/base/console/src/com/netscape/admin/certsrv/connection/JSSConnection.java index 551315505..8fbc2b768 100644 --- a/base/console/src/com/netscape/admin/certsrv/connection/JSSConnection.java +++ b/base/console/src/com/netscape/admin/certsrv/connection/JSSConnection.java @@ -339,7 +339,7 @@ public class JSSConnection implements IConnection, SSLCertificateApprovalCallbac * @excpetion IOExcpetion */ public int sendRequest(String req) - throws IOException { + throws Exception { int stat = 1; if (req == null) @@ -450,7 +450,7 @@ public class JSSConnection implements IConnection, SSLCertificateApprovalCallbac } private void initReadResponse() - throws IOException { + throws Exception { readHeader(); readBody(); @@ -475,7 +475,7 @@ public class JSSConnection implements IConnection, SSLCertificateApprovalCallbac return count > 0 ? count : -1; } - private void readHeader() throws IOException + private void readHeader() throws Exception { // Read the status line of response and parse for // Errors. @@ -484,10 +484,16 @@ public class JSSConnection implements IConnection, SSLCertificateApprovalCallbac //System.out.println("XXX read " + nRead); - if (requestFailed(new String(headerLine))) { - Debug.println("JSSConnection Debug: in readHeader requestFailed"); - throw new IOException(getReasonPhrase(new String (headerLine))); - } + String line = new String(headerLine).trim(); + + if ("".equals(line)) { + throw new Exception("Session expired. Please restart PKI console to continue."); + } + + if (requestFailed(line)) { + Debug.println("JSSConnection Debug: in readHeader requestFailed"); + throw new IOException(getReasonPhrase(line)); + } while (true) { nRead = readLineFromStream(httpIn, headerLine, 0, 1096); |