summaryrefslogtreecommitdiffstats
path: root/base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java
diff options
context:
space:
mode:
Diffstat (limited to 'base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java')
-rw-r--r--base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java15
1 files changed, 10 insertions, 5 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java b/base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java
index 8aa0d21ee..04bb6f2ec 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/key/KeyRequestDAO.java
@@ -37,6 +37,7 @@ import org.mozilla.jss.crypto.KeyPairAlgorithm;
import com.netscape.certsrv.apps.CMS;
import com.netscape.certsrv.authentication.IAuthToken;
+import com.netscape.certsrv.authorization.EAuthzUnknownRealm;
import com.netscape.certsrv.base.BadRequestException;
import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.PKIException;
@@ -259,13 +260,15 @@ public class KeyRequestDAO extends CMSRequestDAO {
try {
rec = repo.readKeyRecord(keyId.toBigInteger());
} catch (EDBRecordNotFoundException e) {
- throw new KeyNotFoundException(keyId);
+ throw new KeyNotFoundException(keyId, "key not found to recover", e);
}
try {
authz.checkRealm(rec.getRealm(), authToken, rec.getOwnerName(), "key", "recover");
+ } catch (EAuthzUnknownRealm e) {
+ throw new UnauthorizedException("Invalid realm", e);
} catch (EBaseException e) {
- throw new UnauthorizedException("Agent not authorized by realm");
+ throw new UnauthorizedException("Agent not authorized by realm", e);
}
Hashtable<String, Object> requestParams;
@@ -315,13 +318,15 @@ public class KeyRequestDAO extends CMSRequestDAO {
try {
rec = repo.readKeyRecord(keyId.toBigInteger());
} catch (EDBRecordNotFoundException e) {
- throw new KeyNotFoundException(keyId);
+ throw new KeyNotFoundException(keyId, "key not found to recover", e);
}
try {
authz.checkRealm(rec.getRealm(), authToken, rec.getOwnerName(), "key", "recover");
+ } catch (EAuthzUnknownRealm e) {
+ throw new UnauthorizedException("Invalid realm", e);
} catch (EBaseException e) {
- throw new UnauthorizedException("Agent not authorized by realm");
+ throw new UnauthorizedException("Agent not authorized by realm", e);
}
String b64Certificate = data.getCertificate();
@@ -332,7 +337,7 @@ public class KeyRequestDAO extends CMSRequestDAO {
// TODO - update request with realm
} catch (EBaseException | CertificateException e) {
e.printStackTrace();
- throw new PKIException(e.toString());
+ throw new PKIException(e.toString(), e);
}
IRequest request = null;
try {
generated by cgit (git 2.34.1) at 2024-04-26 01:05:26 +0000