summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cmscore/authentication
diff options
context:
space:
mode:
authorAde Lee <alee@redhat.com>2012-01-11 12:57:53 -0500
committerAde Lee <alee@redhat.com>2012-01-11 13:49:04 -0500
commit10cfe7756e967ac91c66d33b392aeab9cf3780fb (patch)
treed5ac9b58442265d2ce5ef60e31f041ddacba1b4f /pki/base/common/src/com/netscape/cmscore/authentication
parentedcb24f65cc3700e75d0a1d14dc2483f210b0ee4 (diff)
downloadpki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.tar.gz
pki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.tar.xz
pki-10cfe7756e967ac91c66d33b392aeab9cf3780fb.zip
Formatting (no line wrap in comments or code)
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/authentication')
-rw-r--r--pki/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java103
-rw-r--r--pki/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java71
-rw-r--r--pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java79
-rw-r--r--pki/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java52
-rw-r--r--pki/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java68
-rw-r--r--pki/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java64
-rw-r--r--pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java17
-rw-r--r--pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java29
8 files changed, 243 insertions, 240 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java b/pki/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java
index 252d69d6a..e015c5e6c 100644
--- a/pki/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java
+++ b/pki/base/common/src/com/netscape/cmscore/authentication/AuthSubsystem.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.authentication;
-
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
@@ -40,11 +39,10 @@ import com.netscape.certsrv.base.ISubsystem;
import com.netscape.certsrv.logging.ILogger;
import com.netscape.cmscore.util.Debug;
-
/**
* Default authentication subsystem
* <P>
- *
+ *
* @author cfu
* @author lhsiao
* @version $Revision$, $Date$
@@ -75,27 +73,28 @@ public class AuthSubsystem implements IAuthSubsystem {
/**
* Initializes the authentication subsystem from the config store.
* Load Authentication manager plugins, create and initialize
- * initialize authentication manager instances.
+ * initialize authentication manager instances.
+ *
* @param owner The owner of this module.
* @param config The configuration store.
*/
public void init(ISubsystem owner, IConfigStore config)
- throws EBaseException {
+ throws EBaseException {
try {
mLogger = CMS.getLogger();
mConfig = config;
-
+
// hardcode admin and agent plugins required for the server to be
// functional.
AuthMgrPlugin newPlugin = null;
- newPlugin = new AuthMgrPlugin(PASSWDUSERDB_PLUGIN_ID,
+ newPlugin = new AuthMgrPlugin(PASSWDUSERDB_PLUGIN_ID,
PasswdUserDBAuthentication.class.getName());
newPlugin.setVisible(false);
mAuthMgrPlugins.put(PASSWDUSERDB_PLUGIN_ID, newPlugin);
- newPlugin = new AuthMgrPlugin(CERTUSERDB_PLUGIN_ID,
+ newPlugin = new AuthMgrPlugin(CERTUSERDB_PLUGIN_ID,
CertUserDBAuthentication.class.getName());
newPlugin.setVisible(false);
mAuthMgrPlugins.put(CERTUSERDB_PLUGIN_ID, newPlugin);
@@ -128,7 +127,7 @@ public class AuthSubsystem implements IAuthSubsystem {
while (mImpls.hasMoreElements()) {
String id = (String) mImpls.nextElement();
String pluginPath = c.getString(id + "." + PROP_CLASS);
-
+
AuthMgrPlugin plugin = new AuthMgrPlugin(id, pluginPath);
mAuthMgrPlugins.put(id, plugin);
@@ -143,8 +142,8 @@ public class AuthSubsystem implements IAuthSubsystem {
IAuthManager passwdUserDBAuth = new PasswdUserDBAuthentication();
passwdUserDBAuth.init(PASSWDUSERDB_AUTHMGR_ID, PASSWDUSERDB_PLUGIN_ID, null);
- mAuthMgrInsts.put(PASSWDUSERDB_AUTHMGR_ID, new
- AuthManagerProxy(true, passwdUserDBAuth));
+ mAuthMgrInsts.put(PASSWDUSERDB_AUTHMGR_ID, new
+ AuthManagerProxy(true, passwdUserDBAuth));
if (Debug.ON) {
Debug.trace("loaded password based auth manager");
}
@@ -164,7 +163,7 @@ public class AuthSubsystem implements IAuthSubsystem {
if (Debug.ON) {
Debug.trace("loaded challenge phrase auth manager");
}
-
+
IAuthManager cmcAuth = new com.netscape.cms.authentication.CMCAuth();
cmcAuth.init(CMCAUTH_AUTHMGR_ID, CMCAUTH_PLUGIN_ID, config);
@@ -172,7 +171,7 @@ public class AuthSubsystem implements IAuthSubsystem {
if (Debug.ON) {
Debug.trace("loaded cmc auth manager");
}
-
+
// #56659
// IAuthManager nullAuth = new NullAuthentication();
@@ -197,8 +196,8 @@ public class AuthSubsystem implements IAuthSubsystem {
while (instances.hasMoreElements()) {
String insName = (String) instances.nextElement();
String implName = c.getString(insName + "." + PROP_PLUGIN);
- AuthMgrPlugin plugin =
- (AuthMgrPlugin) mAuthMgrPlugins.get(implName);
+ AuthMgrPlugin plugin =
+ (AuthMgrPlugin) mAuthMgrPlugins.get(implName);
if (plugin == null) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_CANT_FIND_PLUGIN", implName));
@@ -211,8 +210,8 @@ public class AuthSubsystem implements IAuthSubsystem {
IAuthManager authMgrInst = null;
try {
- authMgrInst = (IAuthManager)
- Class.forName(className).newInstance();
+ authMgrInst = (IAuthManager)
+ Class.forName(className).newInstance();
IConfigStore authMgrConfig = c.getSubStore(insName);
authMgrInst.init(insName, implName, authMgrConfig);
@@ -221,16 +220,13 @@ public class AuthSubsystem implements IAuthSubsystem {
log(ILogger.LL_INFO, CMS.getLogMessage("CMSCORE_AUTH_ADD_AUTH_INSTANCE", insName));
} catch (ClassNotFoundException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AUTHSUB_ERROR", e.toString()));
- throw new
- EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
+ throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
} catch (IllegalAccessException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AUTHSUB_ERROR", e.toString()));
- throw new
- EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
+ throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
} catch (InstantiationException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AUTHSUB_ERROR", e.toString()));
- throw new
- EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
+ throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
} catch (EBaseException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_AUTH_INIT_ERROR", insName, e.toString()));
// Skip the authenticaiton instance if
@@ -245,8 +241,8 @@ public class AuthSubsystem implements IAuthSubsystem {
// fix the problem via console
}
// add manager instance to list.
- mAuthMgrInsts.put(insName, new
- AuthManagerProxy(isEnable, authMgrInst));
+ mAuthMgrInsts.put(insName, new
+ AuthManagerProxy(isEnable, authMgrInst));
if (Debug.ON) {
Debug.trace("loaded auth instance " + insName + " impl " + implName);
}
@@ -262,23 +258,24 @@ public class AuthSubsystem implements IAuthSubsystem {
/**
* Authenticate to the named authentication manager instance
* <p>
+ *
* @param authCred authentication credentials subject to the
- * requirements of each authentication manager
+ * requirements of each authentication manager
* @param authMgrName name of the authentication manager instance
- * @return authentication token with individualized authenticated
- * information.
+ * @return authentication token with individualized authenticated
+ * information.
* @exception EMissingCredential If a required credential for the
- * authentication manager is missing.
+ * authentication manager is missing.
* @exception EInvalidCredentials If the credentials cannot be authenticated
* @exception EAuthMgrNotFound The auth manager is not found.
* @exception EBaseException If an internal error occurred.
*/
public IAuthToken authenticate(
- IAuthCredentials authCred, String authMgrInstName)
- throws EMissingCredential, EInvalidCredentials,
+ IAuthCredentials authCred, String authMgrInstName)
+ throws EMissingCredential, EInvalidCredentials,
EAuthMgrNotFound, EBaseException {
AuthManagerProxy proxy = (AuthManagerProxy)
- mAuthMgrInsts.get(authMgrInstName);
+ mAuthMgrInsts.get(authMgrInstName);
if (proxy == null) {
throw new EAuthMgrNotFound(CMS.getUserMessage("CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", authMgrInstName));
@@ -296,10 +293,10 @@ public class AuthSubsystem implements IAuthSubsystem {
/**
* Gets a list of required authentication credential names
- * of the specified authentication manager.
+ * of the specified authentication manager.
*/
public String[] getRequiredCreds(String authMgrInstName)
- throws EAuthMgrNotFound {
+ throws EAuthMgrNotFound {
IAuthManager authMgrInst = get(authMgrInstName);
if (authMgrInst == null) {
@@ -309,13 +306,14 @@ public class AuthSubsystem implements IAuthSubsystem {
}
/**
- * Gets configuration parameters for the given
+ * Gets configuration parameters for the given
* authentication manager plugin.
+ *
* @param implName Name of the authentication plugin.
* @return Hashtable of required parameters.
*/
public String[] getConfigParams(String implName)
- throws EAuthMgrPluginNotFound, EBaseException {
+ throws EAuthMgrPluginNotFound, EBaseException {
// is this a registered implname?
AuthMgrPlugin plugin = (AuthMgrPlugin) mAuthMgrPlugins.get(implName);
@@ -334,21 +332,19 @@ public class AuthSubsystem implements IAuthSubsystem {
return (authMgrInst.getConfigParams());
} catch (InstantiationException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_INSTANCE_NOT_CREATED", e.toString()));
- throw new
- EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
+ throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
} catch (ClassNotFoundException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_INSTANCE_NOT_CREATED", e.toString()));
- throw new
- EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
+ throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
} catch (IllegalAccessException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_AUTH_INSTANCE_NOT_CREATED", e.toString()));
- throw new
- EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
+ throw new EAuthException(CMS.getUserMessage("CMS_ACL_CLASS_LOAD_FAIL", className));
}
}
/**
* Add an authentication manager instance.
+ *
* @param name name of the authentication manager instance
* @param authMgr the authentication manager instance to be added
*/
@@ -366,6 +362,7 @@ public class AuthSubsystem implements IAuthSubsystem {
/**
* Gets the authentication manager instance of the specified name.
+ *
* @param name name of the authentication manager instance
* @return the named authentication manager instance
*/
@@ -385,7 +382,7 @@ public class AuthSubsystem implements IAuthSubsystem {
Enumeration<String> e = mAuthMgrInsts.keys();
while (e.hasMoreElements()) {
- IAuthManager p = get( e.nextElement());
+ IAuthManager p = get(e.nextElement());
if (p != null) {
inst.addElement(p);
@@ -409,9 +406,9 @@ public class AuthSubsystem implements IAuthSubsystem {
}
/**
- * Retrieve a single auth manager instance
+ * Retrieve a single auth manager instance
*/
-
+
/* getconfigparams above should be recoded to use this func */
public IAuthManager getAuthManagerPlugin(String name) {
AuthMgrPlugin plugin = (AuthMgrPlugin) mAuthMgrPlugins.get(name);
@@ -429,16 +426,18 @@ public class AuthSubsystem implements IAuthSubsystem {
/**
* Retrieves id (name) of this subsystem.
+ *
* @return name of the authentication subsystem
*/
public String getId() {
return (mId);
}
-
+
/**
* Sets id string to this subsystem.
* <p>
- * Use with caution. Should not do it when sharing with others
+ * Use with caution. Should not do it when sharing with others
+ *
* @param id name to be applied to an authentication sybsystem
*/
public void setId(String id) throws EBaseException {
@@ -455,12 +454,11 @@ public class AuthSubsystem implements IAuthSubsystem {
}
/**
- * shuts down authentication managers one by one.
+ * shuts down authentication managers one by one.
* <P>
*/
public void shutdown() {
- for (Enumeration<String> e = mAuthMgrInsts.keys();
- e.hasMoreElements();) {
+ for (Enumeration<String> e = mAuthMgrInsts.keys(); e.hasMoreElements();) {
IAuthManager mgr = (IAuthManager) get((String) e.nextElement());
@@ -486,7 +484,7 @@ public class AuthSubsystem implements IAuthSubsystem {
/**
* Returns the root configuration storage of this system.
* <P>
- *
+ *
* @return configuration store of this subsystem
*/
public IConfigStore getConfigStore() {
@@ -495,6 +493,7 @@ public class AuthSubsystem implements IAuthSubsystem {
/**
* gets the named authentication manager
+ *
* @param name of the authentication manager
* @return the named authentication manager
*/
@@ -509,7 +508,7 @@ public class AuthSubsystem implements IAuthSubsystem {
if (mLogger == null)
return;
mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION,
- level, msg);
+ level, msg);
}
}
diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java
index c82142942..b2fc49b5d 100644
--- a/pki/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java
+++ b/pki/base/common/src/com/netscape/cmscore/authentication/CertUserDBAuthentication.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.authentication;
-
import java.security.cert.X509Certificate;
import netscape.security.x509.X509CertImpl;
@@ -38,13 +37,12 @@ import com.netscape.certsrv.usrgrp.ICertUserLocator;
import com.netscape.cmscore.usrgrp.ExactMatchCertUserLocator;
import com.netscape.cmscore.usrgrp.User;
-
/**
- * Certificate server agent authentication.
- * Maps a SSL client authenticate certificate to a user (agent) entry in the
- * internal database.
+ * Certificate server agent authentication.
+ * Maps a SSL client authenticate certificate to a user (agent) entry in the
+ * internal database.
* <P>
- *
+ *
* @author lhsiao
* @author cfu
* @version $Revision$, $Date$
@@ -81,15 +79,15 @@ public class CertUserDBAuthentication implements IAuthManager {
/**
* initializes the CertUserDBAuthentication auth manager
* <p>
- * called by AuthSubsystem init() method, when initializing
- * all available authentication managers.
+ * called by AuthSubsystem init() method, when initializing all available authentication managers.
+ *
* @param owner - The authentication subsystem that hosts this
- * auth manager
+ * auth manager
* @param config - The configuration store used by the
- * authentication subsystem
+ * authentication subsystem
*/
public void init(String name, String implName, IConfigStore config)
- throws EBaseException {
+ throws EBaseException {
mName = name;
mImplName = implName;
mConfig = config;
@@ -112,7 +110,7 @@ public class CertUserDBAuthentication implements IAuthManager {
mCULocator = new ExactMatchCertUserLocator();
log(ILogger.LL_INFO, CMS.getLogMessage("INIT_DONE", name));
}
-
+
/**
* Gets the name of this authentication manager.
*/
@@ -126,28 +124,28 @@ public class CertUserDBAuthentication implements IAuthManager {
public String getImplName() {
return mImplName;
}
-
+
/**
* authenticates user(agent) by certificate
* <p>
- * called by other subsystems or their servlets to authenticate
- * users (agents)
+ * called by other subsystems or their servlets to authenticate users (agents)
+ *
* @param authCred - authentication credential that contains
- * an usrgrp.Certificates of the user (agent)
+ * an usrgrp.Certificates of the user (agent)
* @return the authentication token that contains the following
- *
+ *
* @exception com.netscape.certsrv.base.EAuthsException any
- * authentication failure or insufficient credentials
+ * authentication failure or insufficient credentials
* @see com.netscape.certsrv.authentication.AuthToken
* @see com.netscape.certsrv.usrgrp.Certificates
*/
public IAuthToken authenticate(IAuthCredentials authCred)
- throws EMissingCredential, EInvalidCredentials, EBaseException {
+ throws EMissingCredential, EInvalidCredentials, EBaseException {
CMS.debug("CertUserDBAuth: started");
AuthToken authToken = new AuthToken(this);
CMS.debug("CertUserDBAuth: Retrieving client certificate");
- X509Certificate[] x509Certs =
- (X509Certificate[]) authCred.get(CRED_CERT);
+ X509Certificate[] x509Certs =
+ (X509Certificate[]) authCred.get(CRED_CERT);
if (x509Certs == null) {
CMS.debug("CertUserDBAuth: no client certificate found");
@@ -198,7 +196,7 @@ public class CertUserDBAuthentication implements IAuthManager {
authToken.set(TOKEN_USER_DN, user.getUserDN());
authToken.set(TOKEN_USERID, user.getUserID());
authToken.set(TOKEN_UID, user.getUserID());
- authToken.set(CRED_CERT, certs);
+ authToken.set(CRED_CERT, certs);
log(ILogger.LL_INFO, CMS.getLogMessage("CMS_AUTH_AUTHENTICATED", user.getUserID()));
CMS.debug("authenticated " + user.getUserDN());
@@ -208,10 +206,11 @@ public class CertUserDBAuthentication implements IAuthManager {
/**
* get the list of authentication credential attribute names
- * required by this authentication manager. Generally used by
- * the servlets that handle agent operations to authenticate its
- * users. It calls this method to know which are the
- * required credentials from the user (e.g. Javascript form data)
+ * required by this authentication manager. Generally used by
+ * the servlets that handle agent operations to authenticate its
+ * users. It calls this method to know which are the
+ * required credentials from the user (e.g. Javascript form data)
+ *
* @return attribute names in Vector
*/
public String[] getRequiredCreds() {
@@ -220,14 +219,15 @@ public class CertUserDBAuthentication implements IAuthManager {
/**
* get the list of configuration parameter names
- * required by this authentication manager. Generally used by
- * the Certificate Server Console to display the table for
- * configuration purposes. CertUserDBAuthentication is currently not
- * exposed in this case, so this method is not to be used.
+ * required by this authentication manager. Generally used by
+ * the Certificate Server Console to display the table for
+ * configuration purposes. CertUserDBAuthentication is currently not
+ * exposed in this case, so this method is not to be used.
+ *
* @return configuration parameter names in Hashtable of Vectors
- * where each hashtable entry's key is the substore name, value is a
- * Vector of parameter names. If no substore, the parameter name
- * is the Hashtable key itself, with value same as key.
+ * where each hashtable entry's key is the substore name, value is a
+ * Vector of parameter names. If no substore, the parameter name
+ * is the Hashtable key itself, with value same as key.
*/
public String[] getConfigParams() {
return (mConfigParams);
@@ -241,7 +241,8 @@ public class CertUserDBAuthentication implements IAuthManager {
/**
* gets the configuretion substore used by this authentication
- * manager
+ * manager
+ *
* @return configuration store
*/
public IConfigStore getConfigStore() {
@@ -252,7 +253,7 @@ public class CertUserDBAuthentication implements IAuthManager {
if (mLogger == null)
return;
mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION,
- level, msg);
+ level, msg);
}
}
diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java
index 38901f3be..f2eb5afe1 100644
--- a/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java
+++ b/pki/base/common/src/com/netscape/cmscore/authentication/ChallengePhraseAuthentication.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.authentication;
-
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
@@ -50,14 +49,13 @@ import com.netscape.cmscore.dbs.CertRecord;
import com.netscape.cmscore.dbs.CertificateRepository;
import com.netscape.cmscore.util.Debug;
-
/**
* Challenge phrase based authentication.
* Maps a certificate to the request in the
* internal database and further compares the challenge phrase with
* that from the EE input.
* <P>
- *
+ *
* @author cfu chrisho
* @version $Revision$, $Date$
*/
@@ -69,7 +67,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
/* required credentials */
public static final String CRED_CERT_SERIAL = IAuthManager.CRED_CERT_SERIAL_TO_REVOKE;
public static final String CRED_CHALLENGE = "challengePhrase";
- protected String[] mRequiredCreds = { CRED_CERT_SERIAL, CRED_CHALLENGE};
+ protected String[] mRequiredCreds = { CRED_CERT_SERIAL, CRED_CHALLENGE };
/* config parameters to pass to console (none) */
protected static String[] mConfigParams = null;
@@ -98,14 +96,14 @@ public class ChallengePhraseAuthentication implements IAuthManager {
/**
* initializes the ChallengePhraseAuthentication auth manager
* <p>
- * called by AuthSubsystem init() method, when initializing
- * all available authentication managers.
+ * called by AuthSubsystem init() method, when initializing all available authentication managers.
+ *
* @param name The name of this authentication manager instance.
* @param implName The name of the authentication manager plugin.
* @param config The configuration store for this authentication manager.
*/
public void init(String name, String implName, IConfigStore config)
- throws EBaseException {
+ throws EBaseException {
mName = name;
mImplName = implName;
mConfig = config;
@@ -118,7 +116,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
log(ILogger.LL_INFO, CMS.getLogMessage("INIT_DONE", name));
}
-
+
/**
* Gets the name of this authentication manager.
*/
@@ -132,24 +130,24 @@ public class ChallengePhraseAuthentication implements IAuthManager {
public String getImplName() {
return mImplName;
}
-
+
/**
* authenticates revocation of a certification by a challenge phrase
* <p>
- * called by other subsystems or their servlets to authenticate
- * a revocation request
+ * called by other subsystems or their servlets to authenticate a revocation request
+ *
* @param authCred - authentication credential that contains
- * a Certificate to revoke
+ * a Certificate to revoke
* @return the authentication token that contains the request id
- *
+ *
* @exception EMissingCredential If a required credential for this
- * authentication manager is missing.
+ * authentication manager is missing.
* @exception EInvalidCredentials If credentials cannot be authenticated.
* @exception EBaseException If an internal error occurred.
* @see com.netscape.certsrv.authentication.AuthToken
*/
public IAuthToken authenticate(IAuthCredentials authCred)
- throws EMissingCredential, EInvalidCredentials, EBaseException {
+ throws EMissingCredential, EInvalidCredentials, EBaseException {
mCA = (ICertificateAuthority)
SubsystemRegistry.getInstance().get("ca");
@@ -186,7 +184,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
serialNum = new
BigInteger(serialNumString);
}
-
+
} catch (NumberFormatException e) {
throw new EAuthUserError(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_ATTRIBUTE_VALUE", "Invalid serial number."));
}
@@ -240,7 +238,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
if (samepwd) {
bigIntArray = new BigInteger[1];
bigIntArray[0] = record.getSerialNumber();
- } else
+ } else
throw new EAuthUserError(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_ATTRIBUTE_VALUE", "Invalid password."));
} else {
@@ -283,7 +281,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
if (bigIntArray != null && bigIntArray.length > 0) {
if (Debug.ON) {
Debug.trace("challenge authentication serialno array not null");
- for (int i = 0; i < bigIntArray.length; i++)
+ for (int i = 0; i < bigIntArray.length; i++)
Debug.trace("challenge auth serialno " + bigIntArray[i]);
}
}
@@ -295,8 +293,8 @@ public class ChallengePhraseAuthentication implements IAuthManager {
return authToken;
}
- private boolean compareChallengePassword(CertRecord record, String pwd)
- throws EBaseException {
+ private boolean compareChallengePassword(CertRecord record, String pwd)
+ throws EBaseException {
MetaInfo metaInfo = (MetaInfo) record.get(CertRecord.ATTR_META_INFO);
if (metaInfo == null) {
@@ -312,8 +310,8 @@ public class ChallengePhraseAuthentication implements IAuthManager {
String hashpwd = hashPassword(pwd);
// got metaInfo
- String challengeString =
- (String) metaInfo.get(CertRecord.META_CHALLENGE_PHRASE);
+ String challengeString =
+ (String) metaInfo.get(CertRecord.META_CHALLENGE_PHRASE);
if (challengeString == null) {
if (Debug.ON) {
@@ -330,16 +328,17 @@ public class ChallengePhraseAuthentication implements IAuthManager {
"Incorrect challenge phrase password used for revocation");
throw new EInvalidCredentials();
*/
- } else
+ } else
return true;
}
/**
* get the list of authentication credential attribute names
- * required by this authentication manager. Generally used by
- * the servlets that handle agent operations to authenticate its
- * users. It calls this method to know which are the
- * required credentials from the user (e.g. Javascript form data)
+ * required by this authentication manager. Generally used by
+ * the servlets that handle agent operations to authenticate its
+ * users. It calls this method to know which are the
+ * required credentials from the user (e.g. Javascript form data)
+ *
* @return attribute names in Vector
*/
public String[] getRequiredCreds() {
@@ -348,14 +347,15 @@ public class ChallengePhraseAuthentication implements IAuthManager {
/**
* get the list of configuration parameter names
- * required by this authentication manager. Generally used by
- * the Certificate Server Console to display the table for
- * configuration purposes. ChallengePhraseAuthentication is currently not
- * exposed in this case, so this method is not to be used.
+ * required by this authentication manager. Generally used by
+ * the Certificate Server Console to display the table for
+ * configuration purposes. ChallengePhraseAuthentication is currently not
+ * exposed in this case, so this method is not to be used.
+ *
* @return configuration parameter names in Hashtable of Vectors
- * where each hashtable entry's key is the substore name, value is a
- * Vector of parameter names. If no substore, the parameter name
- * is the Hashtable key itself, with value same as key.
+ * where each hashtable entry's key is the substore name, value is a
+ * Vector of parameter names. If no substore, the parameter name
+ * is the Hashtable key itself, with value same as key.
*/
public String[] getConfigParams() {
return (mConfigParams);
@@ -369,7 +369,8 @@ public class ChallengePhraseAuthentication implements IAuthManager {
/**
* gets the configuretion substore used by this authentication
- * manager
+ * manager
+ *
* @return configuration store
*/
public IConfigStore getConfigStore() {
@@ -380,7 +381,7 @@ public class ChallengePhraseAuthentication implements IAuthManager {
if (mLogger == null)
return;
mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION,
- level, msg);
+ level, msg);
}
private IRequestQueue getReqQueue() {
@@ -388,15 +389,15 @@ public class ChallengePhraseAuthentication implements IAuthManager {
try {
IRegistrationAuthority ra = (IRegistrationAuthority)
- SubsystemRegistry.getInstance().get("ra");
+ SubsystemRegistry.getInstance().get("ra");
if (ra != null) {
queue = ra.getRequestQueue();
mRequestor = IRequest.REQUESTOR_RA;
}
} catch (Exception e) {
- log(ILogger.LL_FAILURE,
- " cannot get access to the request queue.");
+ log(ILogger.LL_FAILURE,
+ " cannot get access to the request queue.");
}
return queue;
diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java
index e9bcbcb6b..e124f1407 100644
--- a/pki/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java
+++ b/pki/base/common/src/com/netscape/cmscore/authentication/NullAuthentication.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.authentication;
-
import com.netscape.certsrv.apps.CMS;
import com.netscape.certsrv.authentication.AuthToken;
import com.netscape.certsrv.authentication.EInvalidCredentials;
@@ -29,10 +28,10 @@ import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.IConfigStore;
import com.netscape.certsrv.logging.ILogger;
-
/**
* This authentication does nothing but just returns an empty authToken.
* <P>
+ *
* @author chrisho
* @version $Revision$, $Date$
*/
@@ -53,15 +52,15 @@ public class NullAuthentication implements IAuthManager {
/**
* initializes the NullAuthentication auth manager
* <p>
- * called by AuthSubsystem init() method, when initializing
- * all available authentication managers.
+ * called by AuthSubsystem init() method, when initializing all available authentication managers.
+ *
* @param name - Name assigned to this authentication manager instance.
* @param implName - Name of the authentication plugin.
* @param config - The configuration store used by the
- * authentication subsystem.
+ * authentication subsystem.
*/
public void init(String name, String implName, IConfigStore config)
- throws EBaseException {
+ throws EBaseException {
mName = name;
mImplName = implName;
mConfig = config;
@@ -73,20 +72,21 @@ public class NullAuthentication implements IAuthManager {
* authenticates nothing
* <p>
* called by other subsystems or their servlets to authenticate administrators
- * @param authCred Authentication credentials.
- * "uid" and "pwd" are required.
+ *
+ * @param authCred Authentication credentials.
+ * "uid" and "pwd" are required.
* @return the authentication token (authToken) that contains the following
- * userdn = [userdn, in case of success]<br>
- * authMgrName = [authMgrName]<br>
- * @exception com.netscape.certsrv.base.MissingCredential If either
- * "uid" or "pwd" is missing from the given credentials.
- * @exception com.netscape.certsrv.base.InvalidCredentials If the
- * the credentials failed to authenticate.
- * @exception com.netscape.certsrv.base.EBaseException If an internal
- * error occurred.
+ * userdn = [userdn, in case of success]<br>
+ * authMgrName = [authMgrName]<br>
+ * @exception com.netscape.certsrv.base.MissingCredential If either
+ * "uid" or "pwd" is missing from the given credentials.
+ * @exception com.netscape.certsrv.base.InvalidCredentials If the
+ * the credentials failed to authenticate.
+ * @exception com.netscape.certsrv.base.EBaseException If an internal
+ * error occurred.
*/
public IAuthToken authenticate(IAuthCredentials authCred)
- throws EMissingCredential, EInvalidCredentials, EBaseException {
+ throws EMissingCredential, EInvalidCredentials, EBaseException {
AuthToken authToken = new AuthToken(this);
authToken.set("authType", "NOAUTH");
@@ -110,9 +110,10 @@ public class NullAuthentication implements IAuthManager {
/**
* get the list of authentication credential attribute names
- * required by this authentication manager. Generally used by
- * servlets that use this authentication manager, to retrieve
- * required credentials from the user (e.g. Javascript form data)
+ * required by this authentication manager. Generally used by
+ * servlets that use this authentication manager, to retrieve
+ * required credentials from the user (e.g. Javascript form data)
+ *
* @return attribute names in Vector
*/
public String[] getRequiredCreds() {
@@ -121,8 +122,9 @@ public class NullAuthentication implements IAuthManager {
/**
* Get the list of configuration parameter names
- * required by this authentication manager. In this case, an empty list.
- * @return String array of configuration parameters.
+ * required by this authentication manager. In this case, an empty list.
+ *
+ * @return String array of configuration parameters.
*/
public String[] getConfigParams() {
return (mConfigParams);
@@ -136,7 +138,8 @@ public class NullAuthentication implements IAuthManager {
/**
* gets the configuration substore used by this authentication
- * manager
+ * manager
+ *
* @return configuration store
*/
public IConfigStore getConfigStore() {
@@ -145,6 +148,7 @@ public class NullAuthentication implements IAuthManager {
/**
* Log a message.
+ *
* @param level The logging level.
* @param msg The message to log.
*/
@@ -152,6 +156,6 @@ public class NullAuthentication implements IAuthManager {
if (mLogger == null)
return;
mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION,
- level, msg);
+ level, msg);
}
}
diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java
index 88dc72969..f20bd5f07 100644
--- a/pki/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java
+++ b/pki/base/common/src/com/netscape/cmscore/authentication/PasswdUserDBAuthentication.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.authentication;
-
import netscape.ldap.LDAPConnection;
import netscape.ldap.LDAPEntry;
import netscape.ldap.LDAPException;
@@ -43,13 +42,13 @@ import com.netscape.cmscore.ldapconn.LdapConnInfo;
import com.netscape.cmscore.usrgrp.UGSubsystem;
import com.netscape.cmscore.util.Debug;
-
/**
- * Certificate Server admin authentication.
+ * Certificate Server admin authentication.
* Used to authenticate administrators in the Certificate Server Console.
- * Authentications by checking the uid and password against the
+ * Authentications by checking the uid and password against the
* database.
* <P>
+ *
* @author lhsiao, cfu
* @version $Revision$, $Date$
*/
@@ -81,15 +80,15 @@ public class PasswdUserDBAuthentication implements IAuthManager {
/**
* initializes the PasswdUserDBAuthentication auth manager
* <p>
- * called by AuthSubsystem init() method, when initializing
- * all available authentication managers.
+ * called by AuthSubsystem init() method, when initializing all available authentication managers.
+ *
* @param name - Name assigned to this authentication manager instance.
* @param implName - Name of the authentication plugin.
* @param config - The configuration store used by the
- * authentication subsystem.
+ * authentication subsystem.
*/
public void init(String name, String implName, IConfigStore config)
- throws EBaseException {
+ throws EBaseException {
mName = name;
mImplName = implName;
mConfig = config;
@@ -111,20 +110,21 @@ public class PasswdUserDBAuthentication implements IAuthManager {
* authenticates administratrators by LDAP uid/pwd
* <p>
* called by other subsystems or their servlets to authenticate administrators
- * @param authCred Authentication credentials.
- * "uid" and "pwd" are required.
+ *
+ * @param authCred Authentication credentials.
+ * "uid" and "pwd" are required.
* @return the authentication token (authToken) that contains the following
- * userdn = [userdn, in case of success]<br>
- * authMgrName = [authMgrName]<br>
- * @exception com.netscape.certsrv.base.MissingCredential If either
- * "uid" or "pwd" is missing from the given credentials.
- * @exception com.netscape.certsrv.base.InvalidCredentials If the
- * the credentials failed to authenticate.
- * @exception com.netscape.certsrv.base.EBaseException If an internal
- * error occurred.
+ * userdn = [userdn, in case of success]<br>
+ * authMgrName = [authMgrName]<br>
+ * @exception com.netscape.certsrv.base.MissingCredential If either
+ * "uid" or "pwd" is missing from the given credentials.
+ * @exception com.netscape.certsrv.base.InvalidCredentials If the
+ * the credentials failed to authenticate.
+ * @exception com.netscape.certsrv.base.EBaseException If an internal
+ * error occurred.
*/
public IAuthToken authenticate(IAuthCredentials authCred)
- throws EMissingCredential, EInvalidCredentials, EBaseException {
+ throws EMissingCredential, EInvalidCredentials, EBaseException {
AuthToken authToken = new AuthToken(this);
// make sure the required credentials are provided
@@ -171,32 +171,32 @@ public class PasswdUserDBAuthentication implements IAuthManager {
log(ILogger.LL_SECURITY, CMS.getLogMessage("CMSCORE_AUTH_AUTH_FAILED", uid, e.toString()));
throw new EInvalidCredentials(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL"));
} finally {
- if (conn != null)
+ if (conn != null)
mConnFactory.returnConn(conn);
- if (anonConn != null)
+ if (anonConn != null)
mAnonConnFactory.returnConn(anonConn);
}
UGSubsystem ug = UGSubsystem.getInstance();
authToken.set(TOKEN_USERDN, userdn);
- authToken.set(CRED_UID, uid); // return original uid for info
+ authToken.set(CRED_UID, uid); // return original uid for info
IUser user = null;
try {
user = ug.getUser(uid);
} catch (EBaseException e) {
- if (Debug.ON)
+ if (Debug.ON)
e.printStackTrace();
- // not a user in our user/group database.
+ // not a user in our user/group database.
log(ILogger.LL_SECURITY, CMS.getLogMessage("CMSCORE_AUTH_UID_NOT_FOUND", uid, e.toString()));
throw new EInvalidCredentials(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_CREDENTIAL"));
}
authToken.set(TOKEN_USERDN, user.getUserDN());
authToken.set(TOKEN_USERID, user.getUserID());
log(ILogger.LL_INFO, CMS.getLogMessage("CMS_AUTH_AUTHENTICATED", uid));
-
+
return authToken;
}
@@ -216,9 +216,10 @@ public class PasswdUserDBAuthentication implements IAuthManager {
/**
* get the list of authentication credential attribute names
- * required by this authentication manager. Generally used by
- * servlets that use this authentication manager, to retrieve
- * required credentials from the user (e.g. Javascript form data)
+ * required by this authentication manager. Generally used by
+ * servlets that use this authentication manager, to retrieve
+ * required credentials from the user (e.g. Javascript form data)
+ *
* @return attribute names in Vector
*/
public String[] getRequiredCreds() {
@@ -227,8 +228,9 @@ public class PasswdUserDBAuthentication implements IAuthManager {
/**
* Get the list of configuration parameter names
- * required by this authentication manager. In this case, an empty list.
- * @return String array of configuration parameters.
+ * required by this authentication manager. In this case, an empty list.
+ *
+ * @return String array of configuration parameters.
*/
public String[] getConfigParams() {
return (mConfigParams);
@@ -249,7 +251,8 @@ public class PasswdUserDBAuthentication implements IAuthManager {
/**
* gets the configuretion substore used by this authentication
- * manager
+ * manager
+ *
* @return configuration store
*/
public IConfigStore getConfigStore() {
@@ -258,6 +261,7 @@ public class PasswdUserDBAuthentication implements IAuthManager {
/**
* Log a message.
+ *
* @param level The logging level.
* @param msg The message to log.
*/
@@ -265,6 +269,6 @@ public class PasswdUserDBAuthentication implements IAuthManager {
if (mLogger == null)
return;
mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION,
- level, msg);
+ level, msg);
}
}
diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java b/pki/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java
index 569275376..13533200d 100644
--- a/pki/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java
+++ b/pki/base/common/src/com/netscape/cmscore/authentication/SSLClientCertAuthentication.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.authentication;
-
// ldap java sdk
// cert server imports.
@@ -47,10 +46,10 @@ import com.netscape.certsrv.request.IRequestQueue;
import com.netscape.certsrv.request.RequestStatus;
import com.netscape.cmscore.util.Debug;
-
/**
* SSL client based authentication.
* <P>
+ *
* @author chrisho
* @version $Revision$, $Date$
*/
@@ -75,8 +74,8 @@ public class SSLClientCertAuthentication implements IAuthManager {
* for instances of this implementation can be configured through the
* console.
*/
- protected static String[] mConfigParams =
- new String[] {};
+ protected static String[] mConfigParams =
+ new String[] {};
/**
* Default constructor, initialization must follow.
@@ -86,7 +85,7 @@ public class SSLClientCertAuthentication implements IAuthManager {
}
public void init(String name, String implName, IConfigStore config)
- throws EBaseException {
+ throws EBaseException {
mName = name;
mImplName = implName;
mConfig = config;
@@ -95,18 +94,18 @@ public class SSLClientCertAuthentication implements IAuthManager {
}
public IAuthToken authenticate(IAuthCredentials authCred)
- throws EMissingCredential, EInvalidCredentials, EBaseException {
+ throws EMissingCredential, EInvalidCredentials, EBaseException {
AuthToken authToken = new AuthToken(this);
CMS.debug("SSLCertAuth: Retrieving client certificates");
X509Certificate[] x509Certs =
- (X509Certificate[]) authCred.get(CRED_CERT);
+ (X509Certificate[]) authCred.get(CRED_CERT);
if (x509Certs == null) {
CMS.debug("SSLCertAuth: No client certificate found");
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_AUTH_MISSING_CERT"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSCORE_AUTH_MISSING_CERT"));
throw new EMissingCredential(CMS.getUserMessage("CMS_AUTHENTICATION_NULL_CREDENTIAL", CRED_CERT));
}
CMS.debug("SSLCertAuth: Got client certificate");
@@ -118,7 +117,7 @@ public class SSLClientCertAuthentication implements IAuthManager {
}
X509CertImpl clientCert = (X509CertImpl) x509Certs[0];
-
+
BigInteger serialNum = null;
try {
@@ -128,7 +127,7 @@ public class SSLClientCertAuthentication implements IAuthManager {
throw new EAuthUserError(CMS.getUserMessage("CMS_AUTHENTICATION_INVALID_ATTRIBUTE_VALUE", "Invalid serial number."));
}
- String clientCertIssuerDN = clientCert.getIssuerDN().toString();
+ String clientCertIssuerDN = clientCert.getIssuerDN().toString();
BigInteger[] bigIntArray = null;
if (mCertDB != null) { /* is CA */
@@ -145,13 +144,13 @@ public class SSLClientCertAuthentication implements IAuthManager {
String status = record.getStatus();
if (status.equals("VALID")) {
-
+
X509CertImpl cacert = mCA.getCACert();
Principal p = cacert.getSubjectDN();
if (!p.toString().equals(clientCertIssuerDN)) {
- throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ISSUER_NAME"));
- }
+ throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ISSUER_NAME"));
+ }
} else {
throw new EBaseException(
CMS.getUserMessage("CMS_BASE_INVALID_CERT_STATUS", status));
@@ -182,30 +181,30 @@ public class SSLClientCertAuthentication implements IAuthManager {
RequestStatus status = getCertStatusReq.getRequestStatus();
if (status == RequestStatus.COMPLETE) {
- String certStatus =
- getCertStatusReq.getExtDataInString(IRequest.CERT_STATUS);
+ String certStatus =
+ getCertStatusReq.getExtDataInString(IRequest.CERT_STATUS);
- if (certStatus == null) {
- String[] params = {"null status"};
+ if (certStatus == null) {
+ String[] params = { "null status" };
throw new EBaseException(
CMS.getUserMessage("CMS_BASE_INVALID_CERT_STATUS", params));
} else if (certStatus.equals("INVALIDCERTROOT")) {
- throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ISSUER_NAME"));
+ throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ISSUER_NAME"));
} else if (!certStatus.equals("VALID")) {
- String[] params = {status.toString()};
+ String[] params = { status.toString() };
throw new EBaseException(
CMS.getUserMessage("CMS_BASE_INVALID_CERT_STATUS", params));
}
} else {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_AUTH_INCOMPLETE_REQUEST"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSCORE_AUTH_INCOMPLETE_REQUEST"));
throw new EBaseException(CMS.getUserMessage("CMS_BASE_REQUEST_IN_BAD_STATE"));
}
} else {
- log(ILogger.LL_FAILURE,
- CMS.getLogMessage("CMSCORE_AUTH_FAILED_GET_QUEUE"));
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSCORE_AUTH_FAILED_GET_QUEUE"));
throw new EBaseException(CMS.getUserMessage("CMS_BASE_GET_QUEUE_FAILED"));
}
} // else, ra
@@ -222,10 +221,10 @@ public class SSLClientCertAuthentication implements IAuthManager {
}
/**
- * Returns a list of configuration parameter names.
- * The list is passed to the configuration console so instances of
+ * Returns a list of configuration parameter names.
+ * The list is passed to the configuration console so instances of
* this implementation can be configured through the console.
- *
+ *
* @return String array of configuration parameter names.
*/
public String[] getConfigParams() {
@@ -234,6 +233,7 @@ public class SSLClientCertAuthentication implements IAuthManager {
/**
* Returns array of required credentials for this authentication manager.
+ *
* @return Array of required credentials.
*/
public String[] getRequiredCreds() {
@@ -244,15 +244,15 @@ public class SSLClientCertAuthentication implements IAuthManager {
if (mLogger == null)
return;
mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_AUTHENTICATION,
- level, msg);
+ level, msg);
}
private IRequestQueue getReqQueue() {
IRequestQueue queue = null;
try {
- IRegistrationAuthority ra =
- (IRegistrationAuthority) CMS.getSubsystem("ra");
+ IRegistrationAuthority ra =
+ (IRegistrationAuthority) CMS.getSubsystem("ra");
if (ra != null) {
queue = ra.getRequestQueue();
@@ -260,7 +260,7 @@ public class SSLClientCertAuthentication implements IAuthManager {
}
} catch (Exception e) {
log(ILogger.LL_FAILURE,
- " cannot get access to the request queue.");
+ " cannot get access to the request queue.");
}
return queue;
@@ -268,6 +268,7 @@ public class SSLClientCertAuthentication implements IAuthManager {
/**
* Gets the configuration substore used by this authentication manager
+ *
* @return configuration store
*/
public IConfigStore getConfigStore() {
@@ -288,4 +289,3 @@ public class SSLClientCertAuthentication implements IAuthManager {
return mImplName;
}
}
-
diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java b/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java
index 69192f3f0..173d69f89 100644
--- a/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java
+++ b/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCert.java
@@ -17,16 +17,14 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.authentication;
-
import java.math.BigInteger;
import java.util.Date;
import com.netscape.certsrv.apps.CMS;
-
-/**
+/**
* class storing verified certificate.
- *
+ *
* @version $Revision$, $Date$
*/
@@ -45,9 +43,9 @@ public class VerifiedCert {
/**
* Constructs verified certiificate record
*/
-
+
public VerifiedCert(BigInteger serialNumber, byte[] certEncoded,
- int status) {
+ int status) {
mStatus = status;
mSerialNumber = serialNumber;
mCertEncoded = certEncoded;
@@ -55,13 +53,13 @@ public class VerifiedCert {
}
public int check(BigInteger serialNumber, byte[] certEncoded,
- long interval, long unknownStateInterval) {
+ long interval, long unknownStateInterval) {
int status = UNKNOWN;
-
+
if (mSerialNumber.equals(serialNumber)) {
if (mCertEncoded != null) {
if (certEncoded != null &&
- mCertEncoded.length == certEncoded.length) {
+ mCertEncoded.length == certEncoded.length) {
int i;
for (i = 0; i < mCertEncoded.length; i++) {
@@ -90,4 +88,3 @@ public class VerifiedCert {
return status;
}
}
-
diff --git a/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java b/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java
index ca0f63e55..52ce91fdf 100644
--- a/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java
+++ b/pki/base/common/src/com/netscape/cmscore/authentication/VerifiedCerts.java
@@ -17,15 +17,13 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.authentication;
-
import java.math.BigInteger;
import netscape.security.x509.X509CertImpl;
-
-/**
+/**
* class storing verified certificates.
- *
+ *
* @version $Revision$, $Date$
*/
@@ -38,11 +36,11 @@ public class VerifiedCerts {
private VerifiedCert[] mVCerts = null;
private long mInterval = 0;
private long mUnknownStateInterval = 0;
-
+
/**
* Constructs verified certiificates list
*/
-
+
public VerifiedCerts(int size, long interval) {
mVCerts = new VerifiedCert[size];
mInterval = interval;
@@ -64,8 +62,8 @@ public class VerifiedCerts {
} catch (Exception e) {
}
if ((certEncoded != null ||
- (status == VerifiedCert.CHECKED && mUnknownStateInterval > 0))
- && mInterval > 0) {
+ (status == VerifiedCert.CHECKED && mUnknownStateInterval > 0))
+ && mInterval > 0) {
update(cert.getSerialNumber(), certEncoded, status);
}
}
@@ -75,7 +73,7 @@ public class VerifiedCerts {
if ((status == VerifiedCert.NOT_REVOKED ||
status == VerifiedCert.REVOKED ||
(status == VerifiedCert.CHECKED && mUnknownStateInterval > 0))
- && mInterval > 0) {
+ && mInterval > 0) {
if (mLast == mNext && mFirst == mNext) { // empty
mVCerts[mNext] = new VerifiedCert(serialNumber, certEncoded, status);
mNext = next(mNext);
@@ -94,8 +92,8 @@ public class VerifiedCerts {
public int check(X509CertImpl cert) {
int status = VerifiedCert.UNKNOWN;
-
- if (mLast != mNext && mInterval > 0) { // if not empty and
+
+ if (mLast != mNext && mInterval > 0) { // if not empty and
if (cert != null) {
byte[] certEncoded = null;
@@ -116,10 +114,10 @@ public class VerifiedCerts {
int status = VerifiedCert.UNKNOWN;
int i = mLast;
- if (mVCerts != null && mLast != mNext && mInterval > 0) { // if not empty and
- while (status == VerifiedCert.UNKNOWN) {
- if (mVCerts[i] == null)
- return status;
+ if (mVCerts != null && mLast != mNext && mInterval > 0) { // if not empty and
+ while (status == VerifiedCert.UNKNOWN) {
+ if (mVCerts[i] == null)
+ return status;
status = mVCerts[i].check(serialNumber, certEncoded,
mInterval, mUnknownStateInterval);
if (status == VerifiedCert.EXPIRED) {
@@ -158,4 +156,3 @@ public class VerifiedCerts {
return i;
}
}
-
generated by cgit (git 2.34.1) at 2024-07-07 21:51:05 +0000