diff options
author | Ade Lee <alee@redhat.com> | 2011-12-08 21:15:59 -0500 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2011-12-08 21:15:59 -0500 |
commit | 171aaece4f23709d33d180cf36eb3af5e454b0c9 (patch) | |
tree | 1485f9f0a7bd10de4ff25030db575dbb8dafae74 /pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java | |
parent | adad2fcee8a29fdb82376fbce07dedb11fccc182 (diff) | |
download | pki-171aaece4f23709d33d180cf36eb3af5e454b0c9.tar.gz pki-171aaece4f23709d33d180cf36eb3af5e454b0c9.tar.xz pki-171aaece4f23709d33d180cf36eb3af5e454b0c9.zip |
Revert "Formatting"
This reverts commit 32150d3ee32f8ac27118af7c792794b538c78a2f.
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java | 1406 |
1 files changed, 760 insertions, 646 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java index 2ef01b243..bd96bbeca 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.security.cert.CertificateException; import java.security.cert.CertificateExpiredException; @@ -57,14 +58,16 @@ import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; import com.netscape.cmsutil.util.Cert; + /** - * A class representing an administration servlet for User/Group Manager. It - * communicates with client SDK to allow remote administration of User/Group + * A class representing an administration servlet for + * User/Group Manager. It communicates with client + * SDK to allow remote administration of User/Group * manager. - * - * This servlet will be registered to remote administration subsystem by usrgrp - * manager. - * + * + * This servlet will be registered to remote + * administration subsystem by usrgrp manager. + * * @version $Revision$, $Date$ */ public class UsrGrpAdminServlet extends AdminServlet { @@ -80,20 +83,22 @@ public class UsrGrpAdminServlet extends AdminServlet { private final static String RES_OCSP_GROUP = "certServer.ocsp.group"; private final static String RES_TKS_GROUP = "certServer.tks.group"; private final static String SYSTEM_USER = "$System$"; - // private final static String RES_GROUP = "root.common.goldfish"; + // private final static String RES_GROUP = "root.common.goldfish"; private final static String BACK_SLASH = "\\"; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_ROLE = "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_ROLE = + "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3"; private IUGSubsystem mMgr = null; private IAuthzSubsystem mAuthz = null; - private static String[] mMultiRoleGroupEnforceList = null; - private final static String MULTI_ROLE_ENABLE = "multiroles.enable"; + private static String [] mMultiRoleGroupEnforceList = null; + private final static String MULTI_ROLE_ENABLE= "multiroles.enable"; private final static String MULTI_ROLE_ENFORCE_GROUP_LIST = "multiroles.false.groupEnforceList"; + /** * Constructs User/Group manager servlet. */ @@ -121,17 +126,17 @@ public class UsrGrpAdminServlet extends AdminServlet { * Serves incoming User/Group management request. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); String scope = super.getParameter(req, Constants.OP_SCOPE); String op = super.getParameter(req, Constants.OP_TYPE); if (op == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_INVALID_PROTOCOL")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_INVALID_PROTOCOL")); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), + null, resp); return; } @@ -142,57 +147,64 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (IOException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHS_FAILED"), + null, resp); return; } // authorization // temporary test before servlets are exposed with authtoken /* - * SessionContext sc = SessionContext.getContext(); AuthToken authToken - * = (AuthToken) sc.get(SessionContext.AUTH_TOKEN); - * - * AuthzToken authzTok = null; CMS.debug("UserGrpAdminServlet: " + - * CMS.getLogMessage("ADMIN_SRVLT_CHECK_AUTHZ_SUB")); // hardcoded for - * now .. just testing try { authzTok = mAuthz.authorize("DirAclAuthz", - * authToken, RES_GROUP, "read"); } catch (EBaseException e) { - * log(ILogger.LL_FAILURE, - * CMS.getLogMessage("ADMIN_SRVLT_AUTH_CALL_FAIL",e.toString())); } if - * (AuthzToken - * .AUTHZ_STATUS_FAIL.equals(authzTok.get(AuthzToken.TOKEN_AUTHZ_STATUS - * ))) { // audit would have been needed here if this weren't just a - * test... - * - * log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS")); - * - * sendResponse(ERROR, MessageFormatter.getLocalizedString( - * getLocale(req), AdminResources.class.getName(), - * AdminResources.SRVLT_FAIL_AUTHS), null, resp); return; } + SessionContext sc = SessionContext.getContext(); + AuthToken authToken = (AuthToken) sc.get(SessionContext.AUTH_TOKEN); + + AuthzToken authzTok = null; + CMS.debug("UserGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CHECK_AUTHZ_SUB")); + // hardcoded for now .. just testing + try { + authzTok = mAuthz.authorize("DirAclAuthz", authToken, RES_GROUP, "read"); + } catch (EBaseException e) { + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_CALL_FAIL",e.toString())); + } + if (AuthzToken.AUTHZ_STATUS_FAIL.equals(authzTok.get(AuthzToken.TOKEN_AUTHZ_STATUS))) { + // audit would have been needed here if this weren't just a test... + + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS")); + + sendResponse(ERROR, + MessageFormatter.getLocalizedString( + getLocale(req), + AdminResources.class.getName(), + AdminResources.SRVLT_FAIL_AUTHS), + null, resp); + return; + } */ + try { ISubsystem subsystem = CMS.getSubsystem("ca"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_CA_GROUP; subsystem = CMS.getSubsystem("ra"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_RA_GROUP; subsystem = CMS.getSubsystem("kra"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_KRA_GROUP; subsystem = CMS.getSubsystem("ocsp"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_OCSP_GROUP; subsystem = CMS.getSubsystem("tks"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_TKS_GROUP; if (scope != null) { if (scope.equals(ScopeDef.SC_USER_TYPE)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } @@ -203,8 +215,9 @@ public class UsrGrpAdminServlet extends AdminServlet { if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -220,8 +233,9 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -237,8 +251,9 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_ADD)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -254,8 +269,9 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_DELETE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -268,8 +284,9 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -279,30 +296,33 @@ public class UsrGrpAdminServlet extends AdminServlet { findUsers(req, resp); return; } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_INVALID_OP_SCOPE")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_INVALID_OP_SCOPE")); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } } // if } catch (EBaseException e) { log(ILogger.LL_FAILURE, e.toString()); - sendResponse(ERROR, e.toString(getLocale(req)), null, resp); + sendResponse(ERROR, e.toString(getLocale(req)), + null, resp); return; } catch (Exception e) { log(ILogger.LL_FAILURE, e.toString()); - log(ILogger.LL_FAILURE, - CMS.getLogMessage(" ADMIN_SRVLT_FAIL_PERFORM")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_PERFORM_FAILED"), null, resp); + log(ILogger.LL_FAILURE, CMS.getLogMessage(" ADMIN_SRVLT_FAIL_PERFORM")); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_PERFORM_FAILED"), + null, resp); return; } } - private void getUserType(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void getUserType(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = super.getParameter(req, Constants.RS_ID); IUser user = mMgr.getUser(id); @@ -317,42 +337,44 @@ public class UsrGrpAdminServlet extends AdminServlet { } /** - * Retrieves configuration parameters of authentication manager. + * Retrieves configuration parameters of + * authentication manager. */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { super.getConfig(mMgr.getConfigStore(), req, resp); } /** - * Sets configuration parameters of User/Group manager. + * Sets configuration parameters of + * User/Group manager. */ - private synchronized void setConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void setConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { super.setConfig(mMgr.getConfigStore(), req, resp); } /** * Lists configuration parameters. */ - private synchronized void listConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { super.listConfig(mMgr.getConfigStore(), req, resp); } /** - * Searches for users in LDAP directory. List uids only - * + * Searches for users in LDAP directory. List uids only + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findUsers(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void findUsers(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); @@ -362,8 +384,7 @@ public class UsrGrpAdminServlet extends AdminServlet { e = mMgr.listUsers("*"); } catch (Exception ex) { sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), - null, resp); + CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -391,25 +412,27 @@ public class UsrGrpAdminServlet extends AdminServlet { } /** - * List user information. Certificates covered in a separate protocol for - * findUserCerts(). List of group memberships are also provided. - * + * List user information. Certificates covered in a separate + * protocol for findUserCerts(). List of group memberships are + * also provided. + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void findUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -422,8 +445,7 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (Exception e) { e.printStackTrace(); sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), - null, resp); + CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -434,15 +456,15 @@ public class UsrGrpAdminServlet extends AdminServlet { params.add(Constants.PR_USER_STATE, user.getState()); // get list of groups, and get a list of those that this - // uid belongs to + // uid belongs to Enumeration e = null; try { e = mMgr.findGroups("*"); } catch (Exception ex) { ex.printStackTrace(); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_INTERNAL_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -452,7 +474,7 @@ public class UsrGrpAdminServlet extends AdminServlet { IGroup group = (IGroup) e.nextElement(); if (group.isMember(id) == true) { - if (grpString.length() != 0) { + if (grpString.length()!=0) { grpString.append(","); } grpString.append(group.getGroupID()); @@ -465,33 +487,34 @@ public class UsrGrpAdminServlet extends AdminServlet { return; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); return; } /** * List user certificate(s) - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findUserCerts(HttpServletRequest req, - HttpServletResponse resp, Locale clientLocale) - throws ServletException, IOException, EBaseException { + private synchronized void findUserCerts(HttpServletRequest req, + HttpServletResponse resp, Locale clientLocale) + throws ServletException, + IOException, EBaseException { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -503,33 +526,32 @@ public class UsrGrpAdminServlet extends AdminServlet { user = mMgr.getUser(id); } catch (Exception e) { e.printStackTrace(); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); return; } if (user == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); return; } - X509Certificate[] certs = (X509Certificate[]) user - .getX509Certificates(); + X509Certificate[] certs = + (X509Certificate[]) user.getX509Certificates(); if (certs != null) { for (int i = 0; i < certs.length; i++) { ICertPrettyPrint print = CMS.getCertPrettyPrint(certs[i]); - // add base64 encoding - String base64 = CMS.getEncodedCert(certs[i]); - + // add base64 encoding + String base64 = CMS.getEncodedCert(certs[i]); + // pretty print certs params.add(getCertificateString(certs[i]), - print.toString(clientLocale) + "\n" + base64); + print.toString(clientLocale) + "\n" + base64); } sendResponse(SUCCESS, null, params, resp); return; @@ -548,20 +570,20 @@ public class UsrGrpAdminServlet extends AdminServlet { } // note that it did not represent a certificate fully - return cert.getVersion() + ";" + cert.getSerialNumber().toString() - + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); + return cert.getVersion() + ";" + cert.getSerialNumber().toString() + + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); } /** * Searchess for groups in LDAP server - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group */ - private synchronized void findGroups(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void findGroups(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = null; @@ -570,9 +592,7 @@ public class UsrGrpAdminServlet extends AdminServlet { e = mMgr.listGroups("*"); } catch (Exception ex) { ex.printStackTrace(); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -591,23 +611,25 @@ public class UsrGrpAdminServlet extends AdminServlet { } /** - * finds a group Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * finds a group + * Request/Response Syntax: + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void findGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -617,9 +639,7 @@ public class UsrGrpAdminServlet extends AdminServlet { e = mMgr.findGroups(id); } catch (Exception ex) { ex.printStackTrace(); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -627,14 +647,15 @@ public class UsrGrpAdminServlet extends AdminServlet { IGroup group = (IGroup) e.nextElement(); params.add(Constants.PR_GROUP_GROUP, group.getGroupID()); - params.add(Constants.PR_GROUP_DESC, group.getDescription()); + params.add(Constants.PR_GROUP_DESC, + group.getDescription()); Enumeration members = group.getMemberNames(); StringBuffer membersString = new StringBuffer(); if (members != null) { while (members.hasMoreElements()) { - if (membersString.length() != 0) { + if (membersString.length()!=0) { membersString.append(", "); } @@ -649,11 +670,10 @@ public class UsrGrpAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, params, resp); return; } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("USRGRP_SRVLT_GROUP_NOT_EXIST")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_GROUP_NOT_EXIST")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_GROUP_NOT_EXIST"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_GROUP_NOT_EXIST"), null, resp); return; } @@ -662,26 +682,25 @@ public class UsrGrpAdminServlet extends AdminServlet { /** * Adds a new user to LDAP server * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void addUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -692,52 +711,58 @@ public class UsrGrpAdminServlet extends AdminServlet { String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } if (id.indexOf(BACK_SLASH) != -1) { // backslashes (BS) are not allowed - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_RS_ID_BS")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_RS_ID_BS")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_RS_ID_BS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_RS_ID_BS"), + null, resp); return; } if (id.equals(SYSTEM_USER)) { // backslashes (BS) are not allowed - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_SPECIAL_ID", id)); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_SPECIAL_ID", id)); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_SPECIAL_ID", id), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_SPECIAL_ID", id), + null, resp); return; } @@ -745,21 +770,22 @@ public class UsrGrpAdminServlet extends AdminServlet { String fname = super.getParameter(req, Constants.PR_USER_FULLNAME); if ((fname == null) || (fname.length() == 0)) { - String msg = CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED_1", "full name"); + String msg = CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED_1", "full name"); log(ILogger.LL_FAILURE, msg); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); sendResponse(ERROR, msg, null, resp); return; - } else + } else user.setFullName(fname); String email = super.getParameter(req, Constants.PR_USER_EMAIL); @@ -777,14 +803,16 @@ public class UsrGrpAdminServlet extends AdminServlet { if (!passwdCheck.isGoodPassword(pword)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); throw new EUsrGrpException(passwdCheck.getReason(pword)); - // UsrGrpResources.BAD_PASSWD); + //UsrGrpResources.BAD_PASSWD); } user.setPassword(pword); @@ -828,17 +856,18 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } - + if (e.hasMoreElements()) { IGroup group = (IGroup) e.nextElement(); @@ -850,34 +879,36 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage( - getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } } // for audit log SessionContext sContext = SessionContext.getContext(); - String adminId = (String) sContext - .get(SessionContext.USER_ID); - + String adminId = (String) sContext.get(SessionContext.USER_ID); + mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.ADDUSERGROUPFORMAT, - new Object[] { adminId, id, groupName }); + AuditFormat.LEVEL, AuditFormat.ADDUSERGROUPFORMAT, + new Object[] {adminId, id, groupName} + ); } NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -888,54 +919,61 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); if (user.getUserID() == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED_1", "uid"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED_1", "uid"), null, resp); } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); } return; } catch (LDAPException e) { String errMsg = "addUser()" + e.toString(); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_ADD_USER_FAIL", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_ADD_USER_FAIL", e.toString())); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } catch (Exception e) { log(ILogger.LL_FAILURE, e.toString()); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -943,51 +981,53 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Adds a certificate to a user * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addUserCert(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void addUserCert(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -998,18 +1038,20 @@ public class UsrGrpAdminServlet extends AdminServlet { String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1023,8 +1065,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1038,8 +1082,7 @@ public class UsrGrpAdminServlet extends AdminServlet { // Base64 decode cert try { - byte bCert[] = (byte[]) (com.netscape.osutil.OSUtil - .AtoB(certsString)); + byte bCert[] = (byte[]) (com.netscape.osutil.OSUtil.AtoB(certsString)); X509Certificate cert = new X509CertImpl(bCert); certs = new X509Certificate[1]; @@ -1049,14 +1092,12 @@ public class UsrGrpAdminServlet extends AdminServlet { boolean assending = true; // could it be a pkcs7 blob? - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_IS_PK_BLOB")); - byte p7Cert[] = (byte[]) (com.netscape.osutil.OSUtil - .AtoB(certsString)); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_IS_PK_BLOB")); + byte p7Cert[] = (byte[]) (com.netscape.osutil.OSUtil.AtoB(certsString)); try { CryptoManager manager = CryptoManager.getInstance(); - + PKCS7 pkcs7 = new PKCS7(p7Cert); X509Certificate p7certs[] = pkcs7.getCertificates(); @@ -1064,14 +1105,15 @@ public class UsrGrpAdminServlet extends AdminServlet { if (p7certs.length == 0) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); return; } // fix for 370099 - cert ordering can not be assumed @@ -1080,44 +1122,37 @@ public class UsrGrpAdminServlet extends AdminServlet { // self-signed and alone? take it. otherwise test // the ordering - if (p7certs[0].getSubjectDN().toString() - .equals(p7certs[0].getIssuerDN().toString()) - && (p7certs.length == 1)) { + if (p7certs[0].getSubjectDN().toString().equals( + p7certs[0].getIssuerDN().toString()) && + (p7certs.length == 1)) { certs[0] = p7certs[0]; - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_SINGLE_CERT_IMPORT")); - } else if (p7certs[0].getIssuerDN().toString() - .equals(p7certs[1].getSubjectDN().toString())) { + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_SINGLE_CERT_IMPORT")); + } else if (p7certs[0].getIssuerDN().toString().equals(p7certs[1].getSubjectDN().toString())) { certs[0] = p7certs[0]; - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_ACEND_ORD")); - } else if (p7certs[1].getIssuerDN().toString() - .equals(p7certs[0].getSubjectDN().toString())) { + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_ACEND_ORD")); + } else if (p7certs[1].getIssuerDN().toString().equals(p7certs[0].getSubjectDN().toString())) { assending = false; - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_DESC_ORD")); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_DESC_ORD")); certs[0] = p7certs[p7certs.length - 1]; } else { // not a chain, or in random order - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_CERT_BAD_CHAIN")); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_BAD_CHAIN")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); return; } - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_CHAIN_STORED_DB", - String.valueOf(p7certs.length))); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CHAIN_STORED_DB", String.valueOf(p7certs.length))); int j = 0; int jBegin = 0; @@ -1132,82 +1167,72 @@ public class UsrGrpAdminServlet extends AdminServlet { } // store the chain into cert db, except for the user cert for (j = jBegin; j < jEnd; j++) { - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage( - "ADMIN_SRVLT_CERT_IN_CHAIN", String - .valueOf(j), String - .valueOf(p7certs[j] - .getSubjectDN()))); - org.mozilla.jss.crypto.X509Certificate leafCert = null; - - leafCert = manager.importCACertPackage(p7certs[j] - .getEncoded()); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_IN_CHAIN", String.valueOf(j), String.valueOf(p7certs[j].getSubjectDN()))); + org.mozilla.jss.crypto.X509Certificate leafCert = + null; + + leafCert = + manager.importCACertPackage(p7certs[j].getEncoded()); if (leafCert == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NULL")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NULL")); } else { - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NON_NULL")); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NON_NULL")); } if (leafCert instanceof InternalCertificate) { - ((InternalCertificate) leafCert) - .setSSLTrust(InternalCertificate.VALID_CA - | InternalCertificate.TRUSTED_CA - | InternalCertificate.TRUSTED_CLIENT_CA); + ((InternalCertificate) leafCert).setSSLTrust( + InternalCertificate.VALID_CA | + InternalCertificate.TRUSTED_CA | + InternalCertificate.TRUSTED_CLIENT_CA); } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "ADMIN_SRVLT_NOT_INTERNAL_CERT", + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NOT_INTERNAL_CERT", String.valueOf(p7certs[j].getSubjectDN()))); } } /* - * } catch (CryptoManager.UserCertConflictException ex) { // - * got a "user cert" in the chain, most likely the CA // - * cert of this instance, which has a private key. Ignore - * log(ILogger.LL_FAILURE, - * CMS.getLogMessage("ADMIN_SRVLT_PKS7_IGNORED", - * ex.toString())); - */ + } catch (CryptoManager.UserCertConflictException ex) { + // got a "user cert" in the chain, most likely the CA + // cert of this instance, which has a private key. Ignore + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_PKS7_IGNORED", ex.toString())); + */ } catch (Exception ex) { - // ----- - log(ILogger.LL_FAILURE, - CMS.getLogMessage("USRGRP_SRVLT_CERT_ERROR", - ex.toString())); + //----- + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_CERT_ERROR", ex.toString())); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); return; } } catch (Exception e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("USRGRP_SRVLT_CERT_O_ERROR", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_CERT_O_ERROR", e.toString())); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_O_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_O_ERROR"), null, resp); return; } try { - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_BEFORE_VALIDITY")); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_BEFORE_VALIDITY")); certs[0].checkValidity(); // throw exception if fails user.setX509Certificates(certs); @@ -1216,8 +1241,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1225,50 +1252,55 @@ public class UsrGrpAdminServlet extends AdminServlet { return; } catch (CertificateExpiredException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "ADMIN_SRVLT_ADD_CERT_EXPIRED", + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_ADD_CERT_EXPIRED", String.valueOf(certs[0].getSubjectDN()))); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_EXPIRED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_EXPIRED"), null, resp); return; } catch (CertificateNotYetValidException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "USRGRP_SRVLT_CERT_NOT_YET_VALID", + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_CERT_NOT_YET_VALID", String.valueOf(certs[0].getSubjectDN()))); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_NOT_YET_VALID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_NOT_YET_VALID"), null, resp); return; } catch (LDAPException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - if (e.getLDAPResultCode() == LDAPException.ATTRIBUTE_OR_VALUE_EXISTS) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_USER_CERT_EXISTS"), null, resp); + if (e.getLDAPResultCode() == + LDAPException.ATTRIBUTE_OR_VALUE_EXISTS) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_CERT_EXISTS"), null, resp); } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); } return; } catch (Exception e) { @@ -1276,78 +1308,82 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); return; } // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Removes a certificate for a user * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * In this method, "certDN" is actually a combination of version, - * serialNumber, issuerDN, and SubjectDN. + * serialNumber, issuerDN, and SubjectDN. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modifyUserCert(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void modifyUserCert(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1358,18 +1394,20 @@ public class UsrGrpAdminServlet extends AdminServlet { String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1382,8 +1420,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1398,8 +1438,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1410,76 +1452,81 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); return; } // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** - * removes a user. user not removed if belongs to any group (Administrators - * should remove the user from "uniquemember" of any group he/she belongs to - * before trying to remove the user itself. + * removes a user. user not removed if belongs to any group + * (Administrators should remove the user from "uniquemember" of + * any group he/she belongs to before trying to remove the user + * itself. * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void removeUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void removeUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1487,7 +1534,7 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); boolean mustDelete = false; int index = 0; @@ -1498,18 +1545,20 @@ public class UsrGrpAdminServlet extends AdminServlet { } if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // get list of groups, and see if uid belongs to any @@ -1522,13 +1571,14 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_INTERNAL_ERROR"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -1541,14 +1591,16 @@ public class UsrGrpAdminServlet extends AdminServlet { } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_FAIL_USER_RMV_G"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_FAIL_USER_RMV_G"), + null, resp); return; } } @@ -1561,8 +1613,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1571,19 +1625,24 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (Exception ex) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_FAIL_USER_RMV"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_FAIL_USER_RMV"), null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1591,51 +1650,53 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Adds a new group in local scope. * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void addGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1643,28 +1704,32 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } IGroup group = mMgr.createGroup(id); - String members = super.getParameter(req, Constants.PR_GROUP_USER); - String desc = super.getParameter(req, Constants.PR_GROUP_DESC); + String members = super.getParameter(req, + Constants.PR_GROUP_USER); + String desc = super.getParameter(req, + Constants.PR_GROUP_DESC); if (desc != null) { group.set("description", (Object) desc); @@ -1687,8 +1752,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1697,19 +1764,25 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_GROUP_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_GROUP_ADD_FAILED"), + null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1717,51 +1790,53 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * removes a group * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void removeGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void removeGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1769,22 +1844,24 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1793,16 +1870,22 @@ public class UsrGrpAdminServlet extends AdminServlet { NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1810,54 +1893,56 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * modifies a group * <P> - * - * last person of the super power group "Certificate Server Administrators" - * can never be removed. + * + * last person of the super power group "Certificate + * Server Administrators" can never be removed. * <P> - * - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modifyGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void modifyGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1865,28 +1950,31 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } IGroup group = mMgr.createGroup(id); - String desc = super.getParameter(req, Constants.PR_GROUP_DESC); + String desc = super.getParameter(req, + Constants.PR_GROUP_DESC); if (desc != null) { group.set("description", (Object) desc); @@ -1909,20 +1997,20 @@ public class UsrGrpAdminServlet extends AdminServlet { if (multiRole) { group.addMemberName(memberName); } else { - if (isGroupInMultiRoleEnforceList(groupName)) { + if( isGroupInMultiRoleEnforceList(groupName)) { if (!isDuplicate(groupName, memberName)) { group.addMemberName(memberName); } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_DUPLICATE_ROLES", memberName)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_DUPLICATE_ROLES", memberName)); } } else { group.addMemberName(memberName); @@ -1939,8 +2027,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1950,19 +2040,25 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_GROUP_MODIFY_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_GROUP_MODIFY_FAILED"), + null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1970,58 +2066,61 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } - private boolean isGroupInMultiRoleEnforceList(String groupName) { + private boolean isGroupInMultiRoleEnforceList(String groupName) + { String groupList = null; if (groupName == null || groupName.equals("")) { return true; } if (mMultiRoleGroupEnforceList == null) { - try { - groupList = mConfig.getString(MULTI_ROLE_ENFORCE_GROUP_LIST); - } catch (Exception e) { - } - - if (groupList != null && !groupList.equals("")) { - mMultiRoleGroupEnforceList = groupList.split(","); - for (int j = 0; j < mMultiRoleGroupEnforceList.length; j++) { - mMultiRoleGroupEnforceList[j] = mMultiRoleGroupEnforceList[j] - .trim(); - } - } - } - - if (mMultiRoleGroupEnforceList == null) - return true; - - for (int i = 0; i < mMultiRoleGroupEnforceList.length; i++) { - if (groupName.equals(mMultiRoleGroupEnforceList[i])) { - return true; - } - } - return false; + try { + groupList = mConfig.getString(MULTI_ROLE_ENFORCE_GROUP_LIST); + } catch (Exception e) { + } + + if (groupList != null && !groupList.equals("")) { + mMultiRoleGroupEnforceList = groupList.split(","); + for (int j = 0 ; j < mMultiRoleGroupEnforceList.length; j++) { + mMultiRoleGroupEnforceList[j] = mMultiRoleGroupEnforceList[j].trim(); + } + } + } + + if (mMultiRoleGroupEnforceList == null) + return true; + + for (int i = 0; i < mMultiRoleGroupEnforceList.length; i++) { + if (groupName.equals(mMultiRoleGroupEnforceList[i])) { + return true; + } + } + return false; } private boolean isDuplicate(String groupName, String memberName) { @@ -2030,7 +2129,7 @@ public class UsrGrpAdminServlet extends AdminServlet { // Let's not mess with users that are already a member of this group boolean isMember = false; try { - isMember = mMgr.isMemberOf(memberName, groupName); + isMember = mMgr.isMemberOf(memberName,groupName); } catch (Exception e) { } @@ -2064,26 +2163,25 @@ public class UsrGrpAdminServlet extends AdminServlet { /** * Modifies an existing user in local scope. * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modifyUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void modifyUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -2091,22 +2189,24 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -2114,15 +2214,17 @@ public class UsrGrpAdminServlet extends AdminServlet { String fname = super.getParameter(req, Constants.PR_USER_FULLNAME); if ((fname == null) || (fname.length() == 0)) { - String msg = CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_MOD_FAILED", "full name"); + String msg = + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED", "full name"); log(ILogger.LL_FAILURE, msg); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2144,14 +2246,16 @@ public class UsrGrpAdminServlet extends AdminServlet { if (!passwdCheck.isGoodPassword(pword)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); throw new EUsrGrpException(passwdCheck.getReason(pword)); - // UsrGrpResources.BAD_PASSWD); + //UsrGrpResources.BAD_PASSWD); } user.setPassword(pword); @@ -2173,8 +2277,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -2185,19 +2291,24 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2205,32 +2316,35 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } private void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_USRGRP, level, - "UsrGrpAdminServlet: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_USRGRP, + level, "UsrGrpAdminServlet: " + msg); } } |