diff options
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java')
-rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java b/base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java index 04bb6f2ec..00e313a80 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java +++ b/base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java @@ -169,7 +169,7 @@ public class KeyRequestDAO extends CMSRequestDAO { } authz.checkRealm(request.getRealm(), authToken, request.getExtDataInString(IRequest.ATTR_REQUEST_OWNER), - "keyRequest", "read"); + "certServer.kra.request", "read"); KeyRequestInfo info = createKeyRequestInfo(request, uriInfo); return info; @@ -264,7 +264,7 @@ public class KeyRequestDAO extends CMSRequestDAO { } try { - authz.checkRealm(rec.getRealm(), authToken, rec.getOwnerName(), "key", "recover"); + authz.checkRealm(rec.getRealm(), authToken, rec.getOwnerName(), "certServer.kra.key", "recover"); } catch (EAuthzUnknownRealm e) { throw new UnauthorizedException("Invalid realm", e); } catch (EBaseException e) { @@ -322,7 +322,7 @@ public class KeyRequestDAO extends CMSRequestDAO { } try { - authz.checkRealm(rec.getRealm(), authToken, rec.getOwnerName(), "key", "recover"); + authz.checkRealm(rec.getRealm(), authToken, rec.getOwnerName(), "certServer.kra.key", "recover"); } catch (EAuthzUnknownRealm e) { throw new UnauthorizedException("Invalid realm", e); } catch (EBaseException e) { @@ -504,7 +504,7 @@ public class KeyRequestDAO extends CMSRequestDAO { IRequest request = queue.findRequest(id); authz.checkRealm(request.getRealm(), authToken, request.getExtDataInString(IRequest.ATTR_REQUEST_OWNER), - "keyRequest", "approve"); + "certServer.kra.requests", "execute"); service.addAgentAsyncKeyRecovery(id.toString(), requestor); } @@ -514,7 +514,7 @@ public class KeyRequestDAO extends CMSRequestDAO { String realm = request.getRealm(); authz.checkRealm(realm, authToken, request.getExtDataInString(IRequest.ATTR_REQUEST_OWNER), - "keyRequest", "reject"); + "certServer.kra.requests", "execute"); request.setRequestStatus(RequestStatus.REJECTED); queue.updateRequest(request); } @@ -524,7 +524,7 @@ public class KeyRequestDAO extends CMSRequestDAO { String realm = request.getRealm(); authz.checkRealm(realm, authToken, request.getExtDataInString(IRequest.ATTR_REQUEST_OWNER), - "keyRequest", "cancel"); + "certServer.kra.requests", "execute"); request.setRequestStatus(RequestStatus.CANCELED); queue.updateRequest(request); } |