446685 - LDAP publisher doesn't store the bind password properly

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@63 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
author: cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2008-06-26 17:45:10 +0000
committer: cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2008-06-26 17:45:10 +0000
commit: a9f7f6c2e7cf66967dbd093da18557455311ebe1 (patch)
tree: cb09194520fd8d2d236f8b2d4b80205b53142cb6 /pki/base/common/src/com/netscape/cms/servlet/admin
parent: 3cd29ec6ca12bc86df562c4481b48c3b46c3c5c9 (diff)
download: pki-a9f7f6c2e7cf66967dbd093da18557455311ebe1.tar.gz
pki-a9f7f6c2e7cf66967dbd093da18557455311ebe1.tar.xz
pki-a9f7f6c2e7cf66967dbd093da18557455311ebe1.zip
1 files changed, 58 insertions, 6 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java
index c8d3555d9..90037f4ca 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java
@@ -41,6 +41,7 @@ import com.netscape.certsrv.apps.*;
 import com.netscape.certsrv.ca.*; 
 import com.netscape.certsrv.ldap.*;
 import com.netscape.certsrv.publish.*;
+import com.netscape.cmsutil.password.*;
 
 
 /**
@@ -499,13 +500,40 @@ public class PublisherAdminServlet extends AdminServlet {
 			
         commit(true);
 
-        /* Do a "PUT" of the new pw to the watchdog" */
+        /* Do a "PUT" of the new pw to the watchdog" 
+         ** do not remove - cfu
         if (pwd != null)
             CMS.putPasswordCache(PW_TAG_CA_LDAP_PUBLISHING, pwd);
+         */
+
+        // support publishing dirsrv with different pwd than internaldb
+        // update passwordFile
+        String prompt = ldap.getString(Constants.PR_BINDPWD_PROMPT);
+        IPasswordStore pwdStore = CMS.getPasswordStore();
+        CMS.debug("PublisherAdminServlet: setLDAPDest(): saving password for "+            prompt + " to password file");
+        pwdStore.putPassword(prompt,
+            req.getParameter(Constants.PR_BIND_PASSWD));
+        pwdStore.commit();
+        CMS.debug("PublisherAdminServlet: setLDAPDest(): password saved");
+
+        // what a hack to  do this without require restart server
+//        ILdapAuthInfo authInfo = CMS.getLdapAuthInfo();
+        ILdapConnModule connModule = mProcessor.getLdapConnModule();
+        ILdapAuthInfo authInfo = null;
+        if (connModule != null) {
+            authInfo = connModule.getLdapAuthInfo();
+        }
+
+//        authInfo.addPassword(PW_TAG_CA_LDAP_PUBLISHING, pwd);
+        if (authInfo != null)
+            CMS.debug("PublisherAdminServlet: setLDAPDest(): adding password to memory cache");
+            authInfo.addPassword(prompt, pwd);
 
         try {
+            CMS.debug("PublisherAdminServlet: setLDAPDest(): restarting publishing processor");
             mProcessor.shutdown();
             mProcessor.startup();
+            CMS.debug("PublisherAdminServlet: setLDAPDest(): publishing processor restarted");
         } catch (Exception ex) {
             // force to save the config even there is error
             // ignore any exception
@@ -756,12 +784,36 @@ public class PublisherAdminServlet extends AdminServlet {
         if (ldapcfg.getBoolean(IPublisherProcessor.PROP_ENABLE) &&
             pwd != null) {
 
-            /* Do a "PUT" of the new pw to the watchdog" */
+            /* Do a "PUT" of the new pw to the watchdog"
+             ** do not remove - cfu
             CMS.putPasswordCache(PW_TAG_CA_LDAP_PUBLISHING, pwd);
-            // what a hack to  do this without require restart server
-            ILdapAuthInfo authInfo = CMS.getLdapAuthInfo();
-
-            authInfo.addPassword(PW_TAG_CA_LDAP_PUBLISHING, pwd);
+             */
+
+            // support publishing dirsrv with different pwd than internaldb
+            // update passwordFile
+            String prompt = ldap.getString(Constants.PR_BINDPWD_PROMPT);
+            IPasswordStore pwdStore = CMS.getPasswordStore();
+            CMS.debug("PublisherAdminServlet: testSetLDAPDest(): saving password for "+
+                prompt + " to password file");
+            pwdStore.putPassword(prompt, pwd);
+            pwdStore.commit();
+            CMS.debug("PublisherAdminServlet: testSetLDAPDest(): password saved");
+
+             // what a hack to  do this without require restart server
+//        ILdapAuthInfo authInfo = CMS.getLdapAuthInfo();
+            ILdapConnModule connModule = mProcessor.getLdapConnModule();
+            ILdapAuthInfo authInfo = null;
+            if (connModule != null) {
+                authInfo = connModule.getLdapAuthInfo();
+            } else
+                CMS.debug("PublisherAdminServlet: testSetLDAPDest(): connModule null");
+
+//        authInfo.addPassword(PW_TAG_CA_LDAP_PUBLISHING, pwd);
+            if (authInfo != null) {
+                CMS.debug("PublisherAdminServlet: testSetLDAPDest(): adding password to memory cache");
+                authInfo.addPassword(prompt, pwd);
+            } else
+                CMS.debug("PublisherAdminServlet: testSetLDAPDest(): authInfo null");
         }
         //params.add(Constants.PR_SAVE_OK, 
         //		   "\n \nConfiguration changes are now committed.");
author	cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2008-06-26 17:45:10 +0000
committer	cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2008-06-26 17:45:10 +0000
commit	a9f7f6c2e7cf66967dbd093da18557455311ebe1 (patch)
tree	cb09194520fd8d2d236f8b2d4b80205b53142cb6 /pki/base/common/src/com/netscape/cms/servlet/admin
parent	3cd29ec6ca12bc86df562c4481b48c3b46c3c5c9 (diff)
download	pki-a9f7f6c2e7cf66967dbd093da18557455311ebe1.tar.gz pki-a9f7f6c2e7cf66967dbd093da18557455311ebe1.tar.xz pki-a9f7f6c2e7cf66967dbd093da18557455311ebe1.zip