diff options
author | Ade Lee <alee@redhat.com> | 2011-12-07 16:58:12 -0500 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2011-12-07 16:58:12 -0500 |
commit | 32150d3ee32f8ac27118af7c792794b538c78a2f (patch) | |
tree | 52dd96f664a6fa51be25b28b6f10adc5f2c9f660 /pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java | |
parent | f05d58a46795553beb8881039cc922974b40db34 (diff) | |
download | pki-32150d3ee32f8ac27118af7c792794b538c78a2f.tar.gz pki-32150d3ee32f8ac27118af7c792794b538c78a2f.tar.xz pki-32150d3ee32f8ac27118af7c792794b538c78a2f.zip |
Formatting
Formatted project according to eclipse project settings
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java | 226 |
1 files changed, 120 insertions, 106 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java b/pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java index 5909bc4b1..7dcec5cd7 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.cert; - import java.io.IOException; import java.util.Locale; @@ -52,10 +51,9 @@ import com.netscape.cms.servlet.common.CMSTemplateParams; import com.netscape.cms.servlet.common.ECMSGWException; import com.netscape.cms.servlet.common.ICMSTemplateFiller; - /** - * Gets a issued certificate from a request id. - * + * Gets a issued certificate from a request id. + * * @version $Revision$, $Date$ */ public class GetCertFromRequest extends CMSServlet { @@ -64,27 +62,26 @@ public class GetCertFromRequest extends CMSServlet { */ private static final long serialVersionUID = 5310646832256611066L; private final static String PROP_IMPORT = "importCert"; - protected static final String - GET_CERT_FROM_REQUEST_TEMPLATE = "ImportCert.template"; - protected static final String - DISPLAY_CERT_FROM_REQUEST_TEMPLATE = "displayCertFromRequest.template"; + protected static final String GET_CERT_FROM_REQUEST_TEMPLATE = "ImportCert.template"; + protected static final String DISPLAY_CERT_FROM_REQUEST_TEMPLATE = "displayCertFromRequest.template"; protected static final String REQUEST_ID = "requestId"; protected static final String CERT_TYPE = "certtype"; - protected String mCertFrReqSuccessTemplate = null; + protected String mCertFrReqSuccessTemplate = null; protected ICMSTemplateFiller mCertFrReqFiller = null; protected IRequestQueue mQueue = null; protected boolean mImportCert = true; - public GetCertFromRequest() { + public GetCertFromRequest() { super(); } /** * initialize the servlet. This servlet uses the template files - * "displayCertFromRequest.template" and "ImportCert.template" + * "displayCertFromRequest.template" and "ImportCert.template" + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -92,8 +89,7 @@ public class GetCertFromRequest extends CMSServlet { mTemplates.remove(CMSRequest.SUCCESS); mQueue = mAuthority.getRequestQueue(); try { - String tmp = sc.getInitParameter( - PROP_IMPORT); + String tmp = sc.getInitParameter(PROP_IMPORT); if (tmp != null && tmp.trim().equalsIgnoreCase("false")) mImportCert = false; @@ -102,46 +98,43 @@ public class GetCertFromRequest extends CMSServlet { if (mImportCert) defTemplate = GET_CERT_FROM_REQUEST_TEMPLATE; - else + else defTemplate = DISPLAY_CERT_FROM_REQUEST_TEMPLATE; if (mAuthority instanceof IRegistrationAuthority) defTemplate = "/ra/" + defTemplate; - else + else defTemplate = "/ca/" + defTemplate; - mCertFrReqSuccessTemplate = sc.getInitParameter( - PROP_SUCCESS_TEMPLATE); + mCertFrReqSuccessTemplate = sc + .getInitParameter(PROP_SUCCESS_TEMPLATE); if (mCertFrReqSuccessTemplate == null) mCertFrReqSuccessTemplate = defTemplate; - String fillername = - sc.getInitParameter(PROP_SUCCESS_TEMPLATE_FILLER); + String fillername = sc + .getInitParameter(PROP_SUCCESS_TEMPLATE_FILLER); if (fillername != null) { ICMSTemplateFiller filler = newFillerObject(fillername); - if (filler != null) + if (filler != null) mCertFrReqFiller = filler; } else { mCertFrReqFiller = new CertFrRequestFiller(); } } catch (Exception e) { // should never happen. - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_IMP_INIT_SERV_ERR", e.toString(), - mId)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSGW_IMP_INIT_SERV_ERR", e.toString(), mId)); } } - /** - * Process the HTTP request. + * Process the HTTP request. * <ul> - * <li>http.param requestId The request ID to search on + * <li>http.param requestId The request ID to search on * </ul> - * + * * @param cmsReq the object holding the request and response information */ - protected void process(CMSRequest cmsReq) - throws EBaseException { + protected void process(CMSRequest cmsReq) throws EBaseException { IArgBlock httpParams = cmsReq.getHttpParams(); HttpServletRequest httpReq = cmsReq.getHttpReq(); @@ -150,14 +143,14 @@ public class GetCertFromRequest extends CMSServlet { AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, - mAuthzResourceName, "read"); + authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, + "read"); } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); } if (authzToken == null) { @@ -165,96 +158,104 @@ public class GetCertFromRequest extends CMSServlet { return; } - String requestId = httpParams.getValueAsString(REQUEST_ID, null); + String requestId = httpParams.getValueAsString(REQUEST_ID, null); if (requestId == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_NO_REQUEST_ID_PROVIDED")); - throw new ECMSGWException(CMS.getUserMessage("CMS_GW_NO_REQUEST_ID_PROVIDED")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_NO_REQUEST_ID_PROVIDED")); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_NO_REQUEST_ID_PROVIDED")); } // check if request Id is valid. try { Integer.parseInt(requestId); } catch (NumberFormatException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_INVALID_REQ_ID_FORMAT", requestId)); - throw new EBaseException( - CMS.getUserMessage(getLocale(httpReq), "CMS_BASE_INVALID_NUMBER_FORMAT_1", requestId)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_INVALID_REQ_ID_FORMAT", requestId)); + throw new EBaseException(CMS.getUserMessage(getLocale(httpReq), + "CMS_BASE_INVALID_NUMBER_FORMAT_1", requestId)); } IRequest r = mQueue.findRequest(new RequestId(requestId)); if (r == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_REQUEST_ID_NOT_FOUND", requestId)); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_REQUEST_ID_NOT_FOUND", requestId)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_REQUEST_ID_NOT_FOUND", requestId)); + throw new ECMSGWException(CMS.getUserMessage( + "CMS_GW_REQUEST_ID_NOT_FOUND", requestId)); } if (authToken != null) { - //if RA, group and requestOwner must match - String group = authToken.getInString("group"); - if ((group != null) && (group != "") && - group.equals("Registration Manager Agents")) { - boolean groupMatched = false; - String reqOwner = r.getRequestOwner(); - if (reqOwner != null) { - CMS.debug("GetCertFromRequest process: req owner="+reqOwner); - if (reqOwner.equals(group)) - groupMatched = true; - } - if (groupMatched == false) { - CMS.debug("RA group unmatched"); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_REQUEST_ID_NOT_FOUND", requestId)); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_REQUEST_ID_NOT_FOUND", requestId)); + // if RA, group and requestOwner must match + String group = authToken.getInString("group"); + if ((group != null) && (group != "") + && group.equals("Registration Manager Agents")) { + boolean groupMatched = false; + String reqOwner = r.getRequestOwner(); + if (reqOwner != null) { + CMS.debug("GetCertFromRequest process: req owner=" + + reqOwner); + if (reqOwner.equals(group)) + groupMatched = true; + } + if (groupMatched == false) { + CMS.debug("RA group unmatched"); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSGW_REQUEST_ID_NOT_FOUND", requestId)); + throw new ECMSGWException(CMS.getUserMessage( + "CMS_GW_REQUEST_ID_NOT_FOUND", requestId)); + } } - } } - if (!((r.getRequestType().equals(IRequest.ENROLLMENT_REQUEST)) || (r.getRequestType().equals(IRequest.RENEWAL_REQUEST)))) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_REQUEST_NOT_ENROLLMENT_1", requestId)); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_REQUEST_NOT_ENROLLMENT", requestId)); + if (!((r.getRequestType().equals(IRequest.ENROLLMENT_REQUEST)) || (r + .getRequestType().equals(IRequest.RENEWAL_REQUEST)))) { + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSGW_REQUEST_NOT_ENROLLMENT_1", requestId)); + throw new ECMSGWException(CMS.getUserMessage( + "CMS_GW_REQUEST_NOT_ENROLLMENT", requestId)); } RequestStatus status = r.getRequestStatus(); if (!status.equals(RequestStatus.COMPLETE)) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_REQUEST_NOT_COMPLETED_1", requestId)); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_REQUEST_NOT_COMPLETED", requestId)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSGW_REQUEST_NOT_COMPLETED_1", requestId)); + throw new ECMSGWException(CMS.getUserMessage( + "CMS_GW_REQUEST_NOT_COMPLETED", requestId)); } Integer result = r.getExtDataInInteger(IRequest.RESULT); if (result != null && !result.equals(IRequest.RES_SUCCESS)) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_REQUEST_HAD_ERROR_1", requestId)); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_REQUEST_HAD_ERROR", requestId)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_REQUEST_HAD_ERROR_1", requestId)); + throw new ECMSGWException(CMS.getUserMessage( + "CMS_GW_REQUEST_HAD_ERROR", requestId)); } Object o = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); if (r.getExtDataInString("profile") != null) { // handle profile-based request - X509CertImpl cert = r.getExtDataInCert(IEnrollProfile.REQUEST_ISSUED_CERT); + X509CertImpl cert = r + .getExtDataInCert(IEnrollProfile.REQUEST_ISSUED_CERT); X509CertImpl certs[] = new X509CertImpl[1]; certs[0] = cert; o = certs; } if (o == null || !(o instanceof X509CertImpl[])) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_REQUEST_HAD_NO_CERTS_1", requestId)); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_REQUEST_HAD_NO_CERTS", requestId)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSGW_REQUEST_HAD_NO_CERTS_1", requestId)); + throw new ECMSGWException(CMS.getUserMessage( + "CMS_GW_REQUEST_HAD_NO_CERTS", requestId)); } if (o instanceof X509CertImpl[]) { X509CertImpl[] certs = (X509CertImpl[]) o; if (certs == null || certs.length == 0 || certs[0] == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_REQUEST_HAD_NO_CERTS_1", requestId)); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_REQUEST_HAD_NO_CERTS", requestId)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSGW_REQUEST_HAD_NO_CERTS_1", requestId)); + throw new ECMSGWException(CMS.getUserMessage( + "CMS_GW_REQUEST_HAD_NO_CERTS", requestId)); } // for importsCert to get the crmf_reqid. @@ -262,58 +263,66 @@ public class GetCertFromRequest extends CMSServlet { cmsReq.setStatus(CMSRequest.SUCCESS); - if (mImportCert && - checkImportCertToNav(cmsReq.getHttpResp(), httpParams, certs[0])) { + if (mImportCert + && checkImportCertToNav(cmsReq.getHttpResp(), httpParams, + certs[0])) { return; } try { cmsReq.setResult(certs); - renderTemplate(cmsReq, mCertFrReqSuccessTemplate, mCertFrReqFiller); + renderTemplate(cmsReq, mCertFrReqSuccessTemplate, + mCertFrReqFiller); } catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGE_ERROR_DISPLAY_TEMPLATE_1", + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSGE_ERROR_DISPLAY_TEMPLATE_1", mCertFrReqSuccessTemplate, e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); } } return; } } - class CertFrRequestFiller extends ImportCertsTemplateFiller { public CertFrRequestFiller() { } - public CMSTemplateParams getTemplateParams( - CMSRequest cmsReq, IAuthority authority, Locale locale, Exception e) - throws Exception { - CMSTemplateParams tparams = - super.getTemplateParams(cmsReq, authority, locale, e); + public CMSTemplateParams getTemplateParams(CMSRequest cmsReq, + IAuthority authority, Locale locale, Exception e) throws Exception { + CMSTemplateParams tparams = super.getTemplateParams(cmsReq, authority, + locale, e); String reqId = cmsReq.getHttpParams().getValueAsString( GetCertFromRequest.REQUEST_ID); - tparams.getHeader().addStringValue(GetCertFromRequest.REQUEST_ID, reqId); + tparams.getHeader() + .addStringValue(GetCertFromRequest.REQUEST_ID, reqId); if (reqId != null) { - IRequest r = authority.getRequestQueue().findRequest(new RequestId(reqId)); + IRequest r = authority.getRequestQueue().findRequest( + new RequestId(reqId)); if (r != null) { boolean noCertImport = true; - String certType = r.getExtDataInString(IRequest.HTTP_PARAMS, IRequest.CERT_TYPE); + String certType = r.getExtDataInString(IRequest.HTTP_PARAMS, + IRequest.CERT_TYPE); if (certType != null && certType.equals(IRequest.CLIENT_CERT)) { noCertImport = false; } - tparams.getHeader().addBooleanValue("noCertImport", noCertImport); + tparams.getHeader().addBooleanValue("noCertImport", + noCertImport); - X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); + X509CertImpl[] certs = r + .getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs != null) { - X509CertInfo info = (X509CertInfo) certs[0].get(X509CertImpl.NAME + "." + X509CertImpl.INFO); - CertificateExtensions extensions = (CertificateExtensions) info.get(X509CertInfo.EXTENSIONS); + X509CertInfo info = (X509CertInfo) certs[0] + .get(X509CertImpl.NAME + "." + X509CertImpl.INFO); + CertificateExtensions extensions = (CertificateExtensions) info + .get(X509CertInfo.EXTENSIONS); - tparams.getHeader().addStringValue(GetCertFromRequest.CERT_TYPE, "x509"); + tparams.getHeader().addStringValue( + GetCertFromRequest.CERT_TYPE, "x509"); boolean emailCert = false; @@ -324,16 +333,21 @@ class CertFrRequestFiller extends ImportCertsTemplateFiller { if (ext instanceof NSCertTypeExtension) { NSCertTypeExtension type = (NSCertTypeExtension) ext; - if (((Boolean) type.get(NSCertTypeExtension.EMAIL)).booleanValue()) + if (((Boolean) type + .get(NSCertTypeExtension.EMAIL)) + .booleanValue()) emailCert = true; } if (ext instanceof KeyUsageExtension) { - KeyUsageExtension usage = - (KeyUsageExtension) ext; + KeyUsageExtension usage = (KeyUsageExtension) ext; try { - if (((Boolean) usage.get(KeyUsageExtension.DIGITAL_SIGNATURE)).booleanValue() || - ((Boolean) usage.get(KeyUsageExtension.DATA_ENCIPHERMENT)).booleanValue()) + if (((Boolean) usage + .get(KeyUsageExtension.DIGITAL_SIGNATURE)) + .booleanValue() + || ((Boolean) usage + .get(KeyUsageExtension.DATA_ENCIPHERMENT)) + .booleanValue()) emailCert = true; } catch (ArrayIndexOutOfBoundsException e0) { // bug356108: |