summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--base/common/src/com/netscape/certsrv/system/DomainInfo.java203
-rw-r--r--base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java4
-rw-r--r--base/common/src/com/netscape/certsrv/system/SecurityDomainHost.java210
-rw-r--r--base/common/src/com/netscape/certsrv/system/SecurityDomainHostList.java53
-rw-r--r--base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java5
-rw-r--r--base/common/src/com/netscape/certsrv/system/SecurityDomainSubsystem.java136
-rw-r--r--base/common/src/com/netscape/certsrv/system/SystemConfigResource.java7
-rw-r--r--base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainProcessor.java280
-rw-r--r--base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainService.java12
-rw-r--r--base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java8
-rw-r--r--base/common/src/com/netscape/cmscore/policy/PolicySet.java6
-rw-r--r--base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java27
-rw-r--r--base/java-tools/src/com/netscape/cmstools/system/SecurityDomainShowCLI.java66
13 files changed, 843 insertions, 174 deletions
diff --git a/base/common/src/com/netscape/certsrv/system/DomainInfo.java b/base/common/src/com/netscape/certsrv/system/DomainInfo.java
index 50b606af3..3f38c64ab 100644
--- a/base/common/src/com/netscape/certsrv/system/DomainInfo.java
+++ b/base/common/src/com/netscape/certsrv/system/DomainInfo.java
@@ -14,142 +14,151 @@
//
// (C) 2012 Red Hat, Inc.
// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
+// --- END COPYRIGHT BLOCK ---
package com.netscape.certsrv.system;
+import java.io.StringReader;
+import java.io.StringWriter;
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Marshaller;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* @author alee
- *
*/
@XmlRootElement(name="DomainInfo")
+@XmlAccessorType(XmlAccessType.NONE)
public class DomainInfo {
-
- @XmlElement(name="CAList")
- protected SecurityDomainHostList caList;
-
- @XmlElement(name="KRAList")
- protected SecurityDomainHostList kraList;
-
- @XmlElement(name="OCSPList")
- protected SecurityDomainHostList ocspList;
-
- @XmlElement(name="TKSList")
- protected SecurityDomainHostList tksList;
-
- @XmlElement(name="TPSList")
- protected SecurityDomainHostList tpsList;
-
- @XmlElement(name="RAList")
- protected SecurityDomainHostList raList;
-
- @XmlElement
- protected String name;
-
- /**
- * @return the name
- */
+
+ String name;
+ Map<String, SecurityDomainSubsystem> subsystems = new LinkedHashMap<String, SecurityDomainSubsystem>();
+
+ @XmlAttribute(name="id")
public String getName() {
return name;
}
- /**
- * @param name the name to set
- */
public void setName(String name) {
this.name = name;
}
- /**
- * @return the caList
- */
- public SecurityDomainHostList getCaList() {
- return caList;
+ @XmlElement(name="Subsystem")
+ public SecurityDomainSubsystem[] getSubsystems() {
+ return subsystems.values().toArray(new SecurityDomainSubsystem[subsystems.size()]);
}
- /**
- * @param caList the caList to set
- */
- public void setCaList(SecurityDomainHostList caList) {
- this.caList = caList;
+ public void setSubsystems(SecurityDomainSubsystem[] subsystems) {
+ this.subsystems.clear();
+ for (SecurityDomainSubsystem subsystem : subsystems) {
+ this.subsystems.put(subsystem.name, subsystem);
+ }
}
- /**
- * @return the kraList
- */
- public SecurityDomainHostList getKraList() {
- return kraList;
+ public SecurityDomainSubsystem getSubsystem(String type) {
+ return subsystems.get(type);
}
- /**
- * @param kraList the kraList to set
- */
- public void setKraList(SecurityDomainHostList kraList) {
- this.kraList = kraList;
+ public void addSubsystem(SecurityDomainSubsystem subsystem) {
+ subsystems.put(subsystem.getName(), subsystem);
}
- /**
- * @return the ocspList
- */
- public SecurityDomainHostList getOcspList() {
- return ocspList;
+ public void removeSubsystem(String type) {
+ subsystems.remove(type);
}
- /**
- * @param ocspList the ocspList to set
- */
- public void setOcspList(SecurityDomainHostList ocspList) {
- this.ocspList = ocspList;
+ public void addHost(String type, SecurityDomainHost host) {
+ SecurityDomainSubsystem subsystem = getSubsystem(type);
+ if (subsystem == null) {
+ subsystem = new SecurityDomainSubsystem();
+ subsystem.setName(type);
+ addSubsystem(subsystem);
+ }
+ subsystem.addHost(host);
}
- /**
- * @return the tksList
- */
- public SecurityDomainHostList getTksList() {
- return tksList;
+ public void removeHost(String type, String hostId) {
+ SecurityDomainSubsystem subsystem = getSubsystem(type);
+ if (subsystem == null) return;
+ subsystem.removeHost(hostId);
}
-
- /**
- * @param tksList the tksList to set
- */
- public void setTksList(SecurityDomainHostList tksList) {
- this.tksList = tksList;
+ public String toString() {
+ try {
+ StringWriter sw = new StringWriter();
+ Marshaller marshaller = JAXBContext.newInstance(DomainInfo.class).createMarshaller();
+ marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+ marshaller.marshal(this, sw);
+ return sw.toString();
+
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
}
- /**
- * @return the tpsList
- */
- public SecurityDomainHostList getTpsList() {
- return tpsList;
+ public static DomainInfo valueOf(String string) throws Exception {
+ try {
+ Unmarshaller unmarshaller = JAXBContext.newInstance(DomainInfo.class).createUnmarshaller();
+ return (DomainInfo)unmarshaller.unmarshal(new StringReader(string));
+ } catch (Exception e) {
+ return null;
+ }
}
- /**
- * @param tpsList the tpsList to set
- */
- public void setTpsList(SecurityDomainHostList tpsList) {
- this.tpsList = tpsList;
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ result = prime * result + ((subsystems == null) ? 0 : subsystems.hashCode());
+ return result;
}
- /**
- * @return the raList
- */
- public SecurityDomainHostList getRaList() {
- return raList;
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ DomainInfo other = (DomainInfo) obj;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ if (subsystems == null) {
+ if (other.subsystems != null)
+ return false;
+ } else if (!subsystems.equals(other.subsystems))
+ return false;
+ return true;
}
- /**
- * @param raList the raList to set
- */
- public void setRaList(SecurityDomainHostList raList) {
- this.raList = raList;
- }
+ public static void main(String args[]) throws Exception {
-
-
-
-
-
+ DomainInfo before = new DomainInfo();
+ before.setName("EXAMPLE");
+ SecurityDomainHost host = new SecurityDomainHost();
+ host.setId("CA localhost:8443");
+ host.setHostname("localhost");
+ host.setPort("8080");
+ host.setSecurePort("8443");
+
+ before.addHost("CA", host);
+
+ String string = before.toString();
+ System.out.println(string);
+
+ DomainInfo after = DomainInfo.valueOf(string);
+ System.out.println(before.equals(after));
+ }
}
diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java
index fd7eb342b..553e849fa 100644
--- a/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java
+++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java
@@ -39,4 +39,8 @@ public class SecurityDomainClient extends PKIClient {
public InstallToken getInstallToken(String hostname, String subsystem) {
return client.getInstallToken(hostname, subsystem);
}
+
+ public DomainInfo getDomainInfo() {
+ return client.getDomainInfo();
+ }
}
diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainHost.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainHost.java
index 9dbf4e8a9..e4357ffe8 100644
--- a/base/common/src/com/netscape/certsrv/system/SecurityDomainHost.java
+++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainHost.java
@@ -17,24 +17,224 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.certsrv.system;
+import java.io.StringReader;
+import java.io.StringWriter;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Marshaller;
+import javax.xml.bind.Unmarshaller;
import javax.xml.bind.annotation.XmlAccessType;
import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
import javax.xml.bind.annotation.XmlRootElement;
/**
* @author alee
*
*/
-@XmlRootElement(name="DomainInfo")
-@XmlAccessorType(XmlAccessType.FIELD)
+@XmlRootElement(name="SecurityDomainHost")
+@XmlAccessorType(XmlAccessType.NONE)
public class SecurityDomainHost {
- protected String host;
+
+ protected String id;
+ protected String hostname;
+ protected String port;
protected String securePort;
protected String secureAgentPort;
protected String secureAdminPort;
protected String secureEEClientAuthPort;
- protected String unSecurePort;
protected String clone;
- protected String subsystemName;
protected String domainManager;
+
+ @XmlAttribute(name="id")
+ public String getId() {
+ return id;
+ }
+
+ public void setId(String id) {
+ this.id = id;
+ }
+
+ @XmlElement(name="Hostname")
+ public String getHostname() {
+ return hostname;
+ }
+
+ public void setHostname(String hostname) {
+ this.hostname = hostname;
+ }
+
+ @XmlElement(name="Port")
+ public String getPort() {
+ return port;
+ }
+
+ public void setPort(String port) {
+ this.port = port;
+ }
+
+ @XmlElement(name="SecurePort")
+ public String getSecurePort() {
+ return securePort;
+ }
+
+ public void setSecurePort(String securePort) {
+ this.securePort = securePort;
+ }
+
+ @XmlElement(name="SecureAgentPort")
+ public String getSecureAgentPort() {
+ return secureAgentPort;
+ }
+
+ public void setSecureAgentPort(String secureAgentPort) {
+ this.secureAgentPort = secureAgentPort;
+ }
+
+ @XmlElement(name="SecureAdminPort")
+ public String getSecureAdminPort() {
+ return secureAdminPort;
+ }
+
+ public void setSecureAdminPort(String secureAdminPort) {
+ this.secureAdminPort = secureAdminPort;
+ }
+
+ @XmlElement(name="SecureEEClientAuthPort")
+ public String getSecureEEClientAuthPort() {
+ return secureEEClientAuthPort;
+ }
+
+ public void setSecureEEClientAuthPort(String secureEEClientAuthPort) {
+ this.secureEEClientAuthPort = secureEEClientAuthPort;
+ }
+
+ @XmlElement(name="Clone")
+ public String getClone() {
+ return clone;
+ }
+
+ public void setClone(String clone) {
+ this.clone = clone;
+ }
+
+ @XmlElement(name="DomainManager")
+ public String getDomainManager() {
+ return domainManager;
+ }
+
+ public void setDomainManager(String domainManager) {
+ this.domainManager = domainManager;
+ }
+
+ public String toString() {
+ try {
+ StringWriter sw = new StringWriter();
+ Marshaller marshaller = JAXBContext.newInstance(SecurityDomainHost.class).createMarshaller();
+ marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+ marshaller.marshal(this, sw);
+ return sw.toString();
+
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public static SecurityDomainHost valueOf(String string) throws Exception {
+ try {
+ Unmarshaller unmarshaller = JAXBContext.newInstance(SecurityDomainHost.class).createUnmarshaller();
+ return (SecurityDomainHost)unmarshaller.unmarshal(new StringReader(string));
+ } catch (Exception e) {
+ return null;
+ }
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((clone == null) ? 0 : clone.hashCode());
+ result = prime * result + ((domainManager == null) ? 0 : domainManager.hashCode());
+ result = prime * result + ((hostname == null) ? 0 : hostname.hashCode());
+ result = prime * result + ((id == null) ? 0 : id.hashCode());
+ result = prime * result + ((port == null) ? 0 : port.hashCode());
+ result = prime * result + ((secureAgentPort == null) ? 0 : secureAgentPort.hashCode());
+ result = prime * result + ((secureAdminPort == null) ? 0 : secureAdminPort.hashCode());
+ result = prime * result + ((secureEEClientAuthPort == null) ? 0 : secureEEClientAuthPort.hashCode());
+ result = prime * result + ((securePort == null) ? 0 : securePort.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ SecurityDomainHost other = (SecurityDomainHost) obj;
+ if (clone == null) {
+ if (other.clone != null)
+ return false;
+ } else if (!clone.equals(other.clone))
+ return false;
+ if (domainManager == null) {
+ if (other.domainManager != null)
+ return false;
+ } else if (!domainManager.equals(other.domainManager))
+ return false;
+ if (hostname == null) {
+ if (other.hostname != null)
+ return false;
+ } else if (!hostname.equals(other.hostname))
+ return false;
+ if (id == null) {
+ if (other.id != null)
+ return false;
+ } else if (!id.equals(other.id))
+ return false;
+ if (port == null) {
+ if (other.port != null)
+ return false;
+ } else if (!port.equals(other.port))
+ return false;
+ if (secureAgentPort == null) {
+ if (other.secureAgentPort != null)
+ return false;
+ } else if (!secureAgentPort.equals(other.secureAgentPort))
+ return false;
+ if (secureAdminPort == null) {
+ if (other.secureAdminPort != null)
+ return false;
+ } else if (!secureAdminPort.equals(other.secureAdminPort))
+ return false;
+ if (secureEEClientAuthPort == null) {
+ if (other.secureEEClientAuthPort != null)
+ return false;
+ } else if (!secureEEClientAuthPort.equals(other.secureEEClientAuthPort))
+ return false;
+ if (securePort == null) {
+ if (other.securePort != null)
+ return false;
+ } else if (!securePort.equals(other.securePort))
+ return false;
+ return true;
+ }
+
+ public static void main(String args[]) throws Exception {
+
+ SecurityDomainHost before = new SecurityDomainHost();
+ before.setId("CA localhost:8443");
+ before.setHostname("localhost");
+ before.setPort("8080");
+ before.setSecurePort("8443");
+
+ String string = before.toString();
+ System.out.println(string);
+
+ SecurityDomainHost after = SecurityDomainHost.valueOf(string);
+ System.out.println(before.equals(after));
+ }
}
diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainHostList.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainHostList.java
deleted file mode 100644
index 375dee754..000000000
--- a/base/common/src/com/netscape/certsrv/system/SecurityDomainHostList.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- *
- */
-package com.netscape.certsrv.system;
-
-import java.util.Collection;
-
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlElementRef;
-import javax.xml.bind.annotation.XmlRootElement;
-
-/**
- * @author alee
- *
- */
-@XmlRootElement
-public class SecurityDomainHostList {
- protected Collection<SecurityDomainHost> systems;
-
- @XmlElement(name="SubsystemCount")
- protected int count;
-
- /**
- * @return the systems
- */
- @XmlElementRef
- public Collection<SecurityDomainHost> getSystems() {
- return systems;
- }
-
- /**
- * @param systems the systems to set
- */
- public void setSystems(Collection<SecurityDomainHost> systems) {
- this.systems = systems;
- }
-
- /**
- * @return the count
- */
- public int getCount() {
- return count;
- }
-
- /**
- * @param count the count to set
- */
- public void setCount(int count) {
- this.count = count;
- }
-
-
-}
diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java
index 41bbf779e..1805d15c4 100644
--- a/base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java
+++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java
@@ -35,4 +35,9 @@ public interface SecurityDomainResource {
public InstallToken getInstallToken(
@QueryParam("hostname") String hostname,
@QueryParam("subsystem") String subsystem);
+
+ @GET
+ @Path("domainInfo")
+ @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+ public DomainInfo getDomainInfo();
}
diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainSubsystem.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainSubsystem.java
new file mode 100644
index 000000000..74273c244
--- /dev/null
+++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainSubsystem.java
@@ -0,0 +1,136 @@
+/**
+ *
+ */
+package com.netscape.certsrv.system;
+
+import java.io.StringReader;
+import java.io.StringWriter;
+import java.util.LinkedHashMap;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Marshaller;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlAttribute;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+
+/**
+ * @author alee
+ */
+@XmlRootElement(name="SecurityDomainSubsystem")
+@XmlAccessorType(XmlAccessType.NONE)
+ public class SecurityDomainSubsystem {
+
+ String name;
+ LinkedHashMap<String, SecurityDomainHost> hosts = new LinkedHashMap<String, SecurityDomainHost>();
+
+ @XmlAttribute(name="id")
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the systems
+ */
+ @XmlElement(name="Host")
+ public SecurityDomainHost[] getHosts() {
+ return hosts.values().toArray(new SecurityDomainHost[hosts.size()]);
+ }
+
+ /**
+ * @param hosts the systems to set
+ */
+ public void setHosts(SecurityDomainHost[] hosts) {
+ this.hosts.clear();
+ for (SecurityDomainHost host : hosts) {
+ addHost(host);
+ }
+ }
+
+ public void addHost(SecurityDomainHost host) {
+ hosts.put(host.getId(), host);
+ }
+
+ public void removeHost(String hostId) {
+ hosts.remove(hostId);
+ }
+
+ public String toString() {
+ try {
+ StringWriter sw = new StringWriter();
+ Marshaller marshaller = JAXBContext.newInstance(SecurityDomainSubsystem.class).createMarshaller();
+ marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+ marshaller.marshal(this, sw);
+ return sw.toString();
+
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public static SecurityDomainSubsystem valueOf(String string) throws Exception {
+ try {
+ Unmarshaller unmarshaller = JAXBContext.newInstance(SecurityDomainSubsystem.class).createUnmarshaller();
+ return (SecurityDomainSubsystem)unmarshaller.unmarshal(new StringReader(string));
+ } catch (Exception e) {
+ return null;
+ }
+ }
+
+ @Override
+ public int hashCode() {
+ final int prime = 31;
+ int result = 1;
+ result = prime * result + ((hosts == null) ? 0 : hosts.hashCode());
+ result = prime * result + ((name == null) ? 0 : name.hashCode());
+ return result;
+ }
+
+ @Override
+ public boolean equals(Object obj) {
+ if (this == obj)
+ return true;
+ if (obj == null)
+ return false;
+ if (getClass() != obj.getClass())
+ return false;
+ SecurityDomainSubsystem other = (SecurityDomainSubsystem) obj;
+ if (hosts == null) {
+ if (other.hosts != null)
+ return false;
+ } else if (!hosts.equals(other.hosts))
+ return false;
+ if (name == null) {
+ if (other.name != null)
+ return false;
+ } else if (!name.equals(other.name))
+ return false;
+ return true;
+ }
+
+ public static void main(String args[]) throws Exception {
+
+ SecurityDomainSubsystem before = new SecurityDomainSubsystem();
+ before.setName("CA");
+
+ SecurityDomainHost host = new SecurityDomainHost();
+ host.setId("CA localhost:8443");
+ host.setHostname("localhost");
+ host.setPort("8080");
+ host.setSecurePort("8443");
+
+ before.addHost(host);
+
+ String string = before.toString();
+ System.out.println(string);
+
+ SecurityDomainSubsystem after = SecurityDomainSubsystem.valueOf(string);
+ System.out.println(before.equals(after));
+ }
+}
diff --git a/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java b/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java
index ca06ededb..2809baaa6 100644
--- a/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java
+++ b/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java
@@ -18,7 +18,6 @@
package com.netscape.certsrv.system;
import javax.ws.rs.Consumes;
-import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
@@ -43,10 +42,4 @@ public interface SystemConfigResource {
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public ConfigurationResponse configure(ConfigurationRequest data);
-
- @GET
- @Path("domainInfo")
- @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
- @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
- public DomainInfo getDomainInfo();
}
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainProcessor.java b/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainProcessor.java
index f6cb4c638..97e9d41b7 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainProcessor.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainProcessor.java
@@ -17,28 +17,57 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.csadmin;
+import java.io.StringWriter;
import java.net.InetAddress;
+import java.util.Enumeration;
import java.util.Locale;
import java.util.Random;
+import java.util.Vector;
+
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.OutputKeys;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+
+import netscape.ldap.LDAPAttribute;
+import netscape.ldap.LDAPAttributeSet;
+import netscape.ldap.LDAPConnection;
+import netscape.ldap.LDAPEntry;
+import netscape.ldap.LDAPSearchConstraints;
+import netscape.ldap.LDAPSearchResults;
+
+import org.w3c.dom.Document;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
import com.netscape.certsrv.apps.CMS;
import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.EPropertyNotFound;
+import com.netscape.certsrv.base.IConfigStore;
import com.netscape.certsrv.base.ISecurityDomainSessionTable;
import com.netscape.certsrv.base.PKIException;
import com.netscape.certsrv.base.UnauthorizedException;
+import com.netscape.certsrv.ldap.ILdapConnFactory;
import com.netscape.certsrv.logging.ILogger;
+import com.netscape.certsrv.system.DomainInfo;
import com.netscape.certsrv.system.InstallToken;
+import com.netscape.certsrv.system.SecurityDomainHost;
+import com.netscape.certsrv.system.SecurityDomainSubsystem;
import com.netscape.cms.servlet.processors.Processor;
+import com.netscape.cmsutil.xml.XMLObject;
/**
* @author Endi S. Dewata
*/
public class SecurityDomainProcessor extends Processor {
- private final static String LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE =
+ public final static String LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE =
"LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE_1";
+ public final static String[] TYPES = { "CA", "KRA", "OCSP", "TKS", "RA", "TPS" };
+
Random random = new Random();
public SecurityDomainProcessor(Locale locale) throws EPropertyNotFound, EBaseException {
@@ -109,4 +138,253 @@ public class SecurityDomainProcessor extends Processor {
return new InstallToken(cookie);
}
+
+ public DomainInfo getDomainInfo() throws EBaseException {
+
+ ILdapConnFactory connFactory = null;
+ LDAPConnection conn = null;
+
+ try {
+ LDAPSearchConstraints cons = null;
+ String[] attrs = null;
+
+ IConfigStore cs = CMS.getConfigStore();
+ String basedn = cs.getString("internaldb.basedn");
+ String dn = "ou=Security Domain," + basedn;
+ String filter = "objectclass=pkiSecurityGroup";
+
+ IConfigStore ldapConfig = cs.getSubStore("internaldb");
+ connFactory = CMS.getLdapBoundConnFactory();
+ connFactory.init(ldapConfig);
+ conn = connFactory.getConn();
+
+ // get the security domain name
+ String name = (String) conn.read(dn).getAttribute("name").getStringValues().nextElement();
+ CMS.debug("SecurityDomainProcessor: name: "+name);
+
+ DomainInfo domain = new DomainInfo();
+ domain.setName(name);
+
+ // this should return CAList, KRAList etc.
+ LDAPSearchResults res = conn.search(dn, LDAPConnection.SCOPE_ONE, filter,
+ attrs, true, cons);
+
+ while (res.hasMoreElements()) {
+ dn = res.next().getDN();
+ String listName = dn.substring(3, dn.indexOf(","));
+ String subType = listName.substring(0, listName.indexOf("List"));
+ CMS.debug("SecurityDomainProcessor: subtype: "+subType);
+
+ filter = "objectclass=pkiSubsystem";
+ LDAPSearchResults res2 = conn.search(dn, LDAPConnection.SCOPE_ONE, filter,
+ attrs, false, cons);
+
+ while (res2.hasMoreElements()) {
+ LDAPEntry entry = res2.next();
+ CMS.debug("SecurityDomainProcessor: - "+entry.getDN());
+
+ SecurityDomainHost host = new SecurityDomainHost();
+
+ LDAPAttributeSet entryAttrs = entry.getAttributeSet();
+
+ @SuppressWarnings("unchecked")
+ Enumeration<LDAPAttribute> attrsInSet = entryAttrs.getAttributes();
+ while (attrsInSet.hasMoreElements()) {
+ LDAPAttribute nextAttr = attrsInSet.nextElement();
+ String attrName = nextAttr.getName();
+ String attrValue = (String) nextAttr.getStringValues().nextElement();
+ CMS.debug("SecurityDomainProcessor: - "+attrName+": "+attrValue);
+
+ if ("SubsystemName".equalsIgnoreCase(attrName)) {
+ host.setId(attrValue);
+
+ } else if ("Host".equalsIgnoreCase(attrName)) {
+ host.setHostname(attrValue);
+
+ } else if ("SecurePort".equalsIgnoreCase(attrName)) {
+ host.setSecurePort(attrValue);
+
+ } else if ("Clone".equalsIgnoreCase(attrName)) {
+ host.setClone(attrValue);
+
+ } else if ("DomainManager".equalsIgnoreCase(attrName)) {
+ host.setDomainManager(attrValue);
+
+ } else if ("UnSecurePort".equalsIgnoreCase(attrName)) {
+ host.setPort(attrValue);
+
+ } else if ("SecureAgentPort".equalsIgnoreCase(attrName)) {
+ host.setSecureAgentPort(attrValue);
+
+ } else if ("SecureAdminPort".equalsIgnoreCase(attrName)) {
+ host.setSecureAdminPort(attrValue);
+
+ } else if ("SecureEEClientAuthPort".equalsIgnoreCase(attrName)) {
+ host.setSecureEEClientAuthPort(attrValue);
+ }
+ }
+
+ domain.addHost(subType, host);
+ }
+ }
+
+ return domain;
+
+ } catch (Exception e) {
+ CMS.debug("SecurityDomainProcessor: Failed to read domain info from ldap " + e);
+ throw new EBaseException(e.getMessage(), e);
+
+ } finally {
+ if (conn != null && connFactory != null) {
+ CMS.debug("Releasing ldap connection");
+ connFactory.returnConn(conn);
+ }
+ }
+ }
+
+ public XMLObject getDomainXML() throws EBaseException, ParserConfigurationException {
+ return convertDomainInfoToXMLObject(getDomainInfo());
+ }
+
+ public static XMLObject convertDomainInfoToXMLObject(DomainInfo domain) throws ParserConfigurationException {
+
+ XMLObject xmlObject = new XMLObject();
+
+ Node domainInfo = xmlObject.createRoot("DomainInfo");
+ xmlObject.addItemToContainer(domainInfo, "Name", domain.getName());
+
+ for (String subType : TYPES) {
+ SecurityDomainSubsystem subsystem = domain.getSubsystem(subType);
+ Node listNode = xmlObject.createContainer(domainInfo, subType+"List");
+
+ int counter;
+ if (subsystem == null) {
+ counter = 0;
+
+ } else {
+ counter = subsystem.getHosts().length;
+
+ for (SecurityDomainHost host : subsystem.getHosts()) {
+ Node node = xmlObject.createContainer(listNode, subType);
+
+ String value = host.getHostname();
+ if (value != null) xmlObject.addItemToContainer(node, "Host", value);
+
+ value = host.getSecurePort();
+ if (value != null) xmlObject.addItemToContainer(node, "SecurePort", value);
+
+ value = host.getSecureAgentPort();
+ if (value != null) xmlObject.addItemToContainer(node, "SecureAgentPort", value);
+
+ value = host.getSecureAdminPort();
+ if (value != null) xmlObject.addItemToContainer(node, "SecureAdminPort", value);
+
+ value = host.getSecureEEClientAuthPort();
+ if (value != null) xmlObject.addItemToContainer(node, "SecureEEClientAuthPort", value);
+
+ value = host.getPort();
+ if (value != null) xmlObject.addItemToContainer(node, "UnSecurePort", value);
+
+ value = host.getClone();
+ if (value != null) xmlObject.addItemToContainer(node, "Clone", value);
+
+ value = host.getId();
+ if (value != null) xmlObject.addItemToContainer(node, "SubsystemName", value);
+
+ value = host.getDomainManager();
+ if (value != null) xmlObject.addItemToContainer(node, "DomainManager", value);
+ }
+ }
+
+ xmlObject.addItemToContainer(
+ listNode, "SubsystemCount", Integer.toString(counter));
+ }
+
+ return xmlObject;
+ }
+
+ public static DomainInfo convertXMLObjectToDomainInfo(XMLObject xmlObject) {
+
+ DomainInfo domain = new DomainInfo();
+ Document doc = xmlObject.getDocument();
+ Node rootNode = doc.getFirstChild();
+
+ Vector<String> values = xmlObject.getValuesFromContainer(rootNode, "Name");
+ if (!values.isEmpty()) domain.setName(values.firstElement());
+
+ for (String type : TYPES) {
+ NodeList hosts = doc.getElementsByTagName(type);
+ for (int j=0; j<hosts.getLength(); j++) {
+ Node hostNode = hosts.item(j);
+ SecurityDomainHost host = new SecurityDomainHost();
+
+ values = xmlObject.getValuesFromContainer(hostNode, "SubsystemName");
+ if (!values.isEmpty()) host.setId(values.firstElement());
+
+ values = xmlObject.getValuesFromContainer(hostNode, "Host");
+ if (!values.isEmpty()) host.setHostname(values.firstElement());
+
+ values = xmlObject.getValuesFromContainer(hostNode, "SecurePort");
+ if (!values.isEmpty()) host.setSecurePort(values.firstElement());
+
+ values = xmlObject.getValuesFromContainer(hostNode, "Clone");
+ if (!values.isEmpty()) host.setClone(values.firstElement());
+
+ values = xmlObject.getValuesFromContainer(hostNode, "DomainManager");
+ if (!values.isEmpty()) host.setDomainManager(values.firstElement());
+
+ values = xmlObject.getValuesFromContainer(hostNode, "UnSecurePort");
+ if (!values.isEmpty()) host.setPort(values.firstElement());
+
+ values = xmlObject.getValuesFromContainer(hostNode, "SecureAgentPort");
+ if (!values.isEmpty()) host.setSecureAgentPort(values.firstElement());
+
+ values = xmlObject.getValuesFromContainer(hostNode, "SecureAdminPort");
+ if (!values.isEmpty()) host.setSecureAdminPort(values.firstElement());
+
+ values = xmlObject.getValuesFromContainer(hostNode, "SecureEEClientAuthPort");
+ if (!values.isEmpty()) host.setSecureEEClientAuthPort(values.firstElement());
+
+ domain.addHost(type, host);
+ }
+ }
+
+ return domain;
+ }
+
+ public static void main(String args[]) throws Exception {
+
+ DomainInfo before = new DomainInfo();
+ before.setName("EXAMPLE");
+
+ SecurityDomainHost host = new SecurityDomainHost();
+ host.setId("CA localhost:8443");
+ host.setHostname("localhost");
+ host.setPort("8080");
+ host.setSecurePort("8443");
+ host.setDomainManager("TRUE");
+
+ before.addHost("CA", host);
+
+ System.out.println("Before:");
+ System.out.println(before);
+
+ XMLObject xmlObject = convertDomainInfoToXMLObject(before);
+ Document document = xmlObject.getDocument();
+
+ Transformer transformer = TransformerFactory.newInstance().newTransformer();
+ transformer.setOutputProperty(OutputKeys.INDENT, "yes");
+ transformer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "4");
+
+ StringWriter sw = new StringWriter();
+ transformer.transform(new DOMSource(document), new StreamResult(sw));
+
+ System.out.println("Domain XML:");
+ System.out.println(sw);
+
+ DomainInfo after = convertXMLObjectToDomainInfo(xmlObject);
+
+ System.out.println("After:");
+ System.out.println(after);
+ }
}
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainService.java b/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainService.java
index 3a2bac49c..feec685dd 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainService.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainService.java
@@ -19,6 +19,7 @@ package com.netscape.cms.servlet.csadmin;
import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.PKIException;
+import com.netscape.certsrv.system.DomainInfo;
import com.netscape.certsrv.system.InstallToken;
import com.netscape.certsrv.system.SecurityDomainResource;
import com.netscape.cms.servlet.base.PKIService;
@@ -41,4 +42,15 @@ public class SecurityDomainService extends PKIService implements SecurityDomainR
throw new PKIException(e.getMessage(), e);
}
}
+
+ @Override
+ public DomainInfo getDomainInfo() throws PKIException {
+ try {
+ SecurityDomainProcessor processor = new SecurityDomainProcessor(getLocale());
+ return processor.getDomainInfo();
+
+ } catch (EBaseException e) {
+ throw new PKIException(e.getMessage(), e);
+ }
+ }
}
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java b/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java
index 27ee8a506..6f126f8ce 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java
@@ -50,7 +50,6 @@ import com.netscape.certsrv.dbs.certdb.ICertificateRepository;
import com.netscape.certsrv.ocsp.IOCSPAuthority;
import com.netscape.certsrv.system.ConfigurationRequest;
import com.netscape.certsrv.system.ConfigurationResponse;
-import com.netscape.certsrv.system.DomainInfo;
import com.netscape.certsrv.system.SystemCertData;
import com.netscape.certsrv.system.SystemConfigResource;
import com.netscape.certsrv.usrgrp.IUGSubsystem;
@@ -911,11 +910,4 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
}
}
-
- @Override
- public DomainInfo getDomainInfo() {
- // TODO Auto-generated method stub for a RESTful method that returns the security domain
- return null;
- }
-
}
diff --git a/base/common/src/com/netscape/cmscore/policy/PolicySet.java b/base/common/src/com/netscape/cmscore/policy/PolicySet.java
index 8e8d60046..b5e3459d1 100644
--- a/base/common/src/com/netscape/cmscore/policy/PolicySet.java
+++ b/base/common/src/com/netscape/cmscore/policy/PolicySet.java
@@ -89,7 +89,7 @@ public class PolicySet implements IPolicySet {
/**
* Remplaces a policy rule identified by the given name.
*
- * @param name The name of the rule to be replaced.
+ * @param id The name of the rule to be replaced.
* @param rule The rule to be replaced.
*/
public void replaceRule(String ruleName, IPolicyRule rule) {
@@ -107,7 +107,7 @@ public class PolicySet implements IPolicySet {
/**
* Removes a policy rule identified by the given name.
*
- * @param name The name of the rule to be removed.
+ * @param id The name of the rule to be removed.
*/
public void removeRule(String ruleName) {
int index = mRuleNames.indexOf(ruleName);
@@ -123,7 +123,7 @@ public class PolicySet implements IPolicySet {
* Returns the rule identified by a given name.
* <P>
*
- * @param name The name of the rule to be return.
+ * @param id The name of the rule to be return.
* @return The rule identified by the given name or null if none exists.
*/
public IPolicyRule getRule(String ruleName) {
diff --git a/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java b/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java
index a6441e2fc..ed107f831 100644
--- a/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java
@@ -22,7 +22,10 @@ import java.util.Arrays;
import org.apache.commons.lang.StringUtils;
+import com.netscape.certsrv.system.DomainInfo;
import com.netscape.certsrv.system.SecurityDomainClient;
+import com.netscape.certsrv.system.SecurityDomainHost;
+import com.netscape.certsrv.system.SecurityDomainSubsystem;
import com.netscape.cmstools.cli.CLI;
import com.netscape.cmstools.cli.MainCLI;
@@ -39,6 +42,7 @@ public class SecurityDomainCLI extends CLI {
this.parent = parent;
addModule(new SecurityDomainGetInstallTokenCLI(this));
+ addModule(new SecurityDomainShowCLI(this));
}
public void printHelp() {
@@ -89,4 +93,27 @@ public class SecurityDomainCLI extends CLI {
System.exit(1);
}
}
+
+ public static void printSecurityDomain(DomainInfo domain) {
+ System.out.println(" Domain: " + domain.getName());
+ System.out.println();
+
+ for (SecurityDomainSubsystem subsystem : domain.getSubsystems()) {
+
+ SecurityDomainHost[] hosts = subsystem.getHosts();
+ if (hosts.length == 0) continue;
+
+ System.out.println(" " + subsystem.getName() + " Subsystem:");
+ System.out.println();
+
+ for (SecurityDomainHost host : hosts) {
+ System.out.println(" Host ID: " + host.getId());
+ System.out.println(" Hostname: " + host.getHostname());
+ System.out.println(" Port: " + host.getPort());
+ System.out.println(" Secure Port: " + host.getSecurePort());
+ if (host.getDomainManager() != null) System.out.println(" Domain Manager: " + host.getDomainManager());
+ System.out.println();
+ }
+ }
+ }
}
diff --git a/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainShowCLI.java b/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainShowCLI.java
new file mode 100644
index 000000000..14664dbcf
--- /dev/null
+++ b/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainShowCLI.java
@@ -0,0 +1,66 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+
+package com.netscape.cmstools.system;
+
+import org.apache.commons.cli.CommandLine;
+
+import com.netscape.certsrv.system.DomainInfo;
+import com.netscape.cmstools.cli.CLI;
+
+/**
+ * @author Endi S. Dewata
+ */
+public class SecurityDomainShowCLI extends CLI {
+
+ public SecurityDomainCLI parent;
+
+ public SecurityDomainShowCLI(SecurityDomainCLI parent) {
+ super("show", "Show domain info");
+ this.parent = parent;
+ }
+
+ public void printHelp() {
+ formatter.printHelp(parent.name + "-" + name, options);
+ }
+
+ public void execute(String[] args) throws Exception {
+
+ CommandLine cmd = null;
+
+ try {
+ cmd = parser.parse(options, args);
+
+ } catch (Exception e) {
+ System.err.println("Error: " + e.getMessage());
+ printHelp();
+ System.exit(1);
+ }
+
+ String[] cmdArgs = cmd.getArgs();
+
+ if (cmdArgs.length != 0) {
+ printHelp();
+ System.exit(1);
+ }
+
+ DomainInfo domain = parent.client.getDomainInfo();
+
+ SecurityDomainCLI.printSecurityDomain(domain);
+ }
+}