diff options
Diffstat (limited to 'base/server/cms/src')
| -rw-r--r-- | base/server/cms/src/com/netscape/cms/realm/PKIRealm.java | 33 | ||||
| -rw-r--r-- | base/server/cms/src/org/dogtagpki/server/rest/SessionContextInterceptor.java | 10 |
2 files changed, 20 insertions, 23 deletions
diff --git a/base/server/cms/src/com/netscape/cms/realm/PKIRealm.java b/base/server/cms/src/com/netscape/cms/realm/PKIRealm.java index 73fae47fd..1933601db 100644 --- a/base/server/cms/src/com/netscape/cms/realm/PKIRealm.java +++ b/base/server/cms/src/com/netscape/cms/realm/PKIRealm.java @@ -6,8 +6,6 @@ import java.util.ArrayList; import java.util.Enumeration; import java.util.List; -import netscape.security.x509.X509CertImpl; - import org.apache.catalina.realm.RealmBase; import org.apache.commons.lang.StringUtils; @@ -25,6 +23,8 @@ import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; import com.netscape.cms.servlet.common.AuthCredentials; +import netscape.security.x509.X509CertImpl; + /** * PKI Realm * @@ -47,7 +47,7 @@ public class PKIRealm extends RealmBase { @Override public Principal authenticate(String username, String password) { - logDebug("Authenticating username "+username+" with password."); + CMS.debug("PKIRealm: Authenticating user " + username + " with password."); String auditMessage = null; String auditSubjectID = ILogger.UNIDENTIFIED; String attemptedAuditUID = username; @@ -61,7 +61,7 @@ public class PKIRealm extends RealmBase { creds.set(IPasswdUserDBAuthentication.CRED_PWD, password); IAuthToken authToken = authMgr.authenticate(creds); // throws exception if authentication fails - authToken.set(SessionContext.AUTH_MANAGER_ID,IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID); + authToken.set(SessionContext.AUTH_MANAGER_ID, IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID); auditSubjectID = authToken.getInString(IAuthToken.USER_ID); // store a message in the signed audit log file @@ -91,7 +91,7 @@ public class PKIRealm extends RealmBase { @Override public Principal authenticate(final X509Certificate certs[]) { - logDebug("Authenticating certificate chain:"); + CMS.debug("PKIRealm: Authenticating certificate chain:"); String auditMessage = null; // get the cert from the ssl client auth @@ -105,7 +105,7 @@ public class PKIRealm extends RealmBase { X509CertImpl certImpls[] = new X509CertImpl[certs.length]; for (int i=0; i<certs.length; i++) { X509Certificate cert = certs[i]; - logDebug(" "+cert.getSubjectDN()); + CMS.debug("PKIRealm: " + cert.getSubjectDN()); // Convert sun.security.x509.X509CertImpl to netscape.security.x509.X509CertImpl certImpls[i] = new X509CertImpl(cert.getEncoded()); @@ -123,7 +123,7 @@ public class PKIRealm extends RealmBase { // reset it to the one authenticated with authManager auditSubjectID = authToken.getInString(IAuthToken.USER_ID); - logDebug("User ID: "+username); + CMS.debug("PKIRealm: User ID: " + username); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_AUTH_SUCCESS, @@ -181,7 +181,7 @@ public class PKIRealm extends RealmBase { protected IUser getUser(String username) throws EUsrGrpException { IUGSubsystem ugSub = (IUGSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_UG); IUser user = ugSub.getUser(username); - logDebug("User DN: "+user.getUserDN()); + CMS.debug("PKIRealm: User DN: " + user.getUserDN()); return user; } @@ -192,12 +192,12 @@ public class PKIRealm extends RealmBase { IUGSubsystem ugSub = (IUGSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_UG); Enumeration<IGroup> groups = ugSub.findGroupsByUser(user.getUserDN(), null); - logDebug("Roles:"); + CMS.debug("PKIRealm: Roles:"); while (groups.hasMoreElements()) { IGroup group = groups.nextElement(); String name = group.getName(); - logDebug(" "+name); + CMS.debug("PKIRealm: " + name); roles.add(name); } @@ -209,19 +209,6 @@ public class PKIRealm extends RealmBase { return null; } - /* - * TODO: Figure out how to do real logging - */ - public void logErr(String msg) { - System.err.println(msg); - CMS.debug("PKIRealm.logErr: " + msg); - } - - public void logDebug(String msg) { - System.out.println("PKIRealm: "+msg); - CMS.debug("PKIRealm.logDebug: " + msg); - } - /** * Signed Audit Log * diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SessionContextInterceptor.java b/base/server/cms/src/org/dogtagpki/server/rest/SessionContextInterceptor.java index bae25b660..b6461abfd 100644 --- a/base/server/cms/src/org/dogtagpki/server/rest/SessionContextInterceptor.java +++ b/base/server/cms/src/org/dogtagpki/server/rest/SessionContextInterceptor.java @@ -18,6 +18,7 @@ package org.dogtagpki.server.rest; import java.io.IOException; +import java.lang.reflect.Method; import java.security.Principal; import java.util.Locale; @@ -28,6 +29,8 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.SecurityContext; import javax.ws.rs.ext.Provider; +import org.jboss.resteasy.core.ResourceMethodInvoker; + import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.authentication.IAuthToken; import com.netscape.certsrv.base.ForbiddenException; @@ -59,6 +62,13 @@ public class SessionContextInterceptor implements ContainerRequestFilter { @Override public void filter(ContainerRequestContext requestContext) throws IOException { + ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) requestContext + .getProperty("org.jboss.resteasy.core.ResourceMethodInvoker"); + Method method = methodInvoker.getMethod(); + Class<?> clazz = methodInvoker.getResourceClass(); + + CMS.debug("SessionContextInterceptor: " + clazz.getSimpleName() + "." + method.getName() + "()"); + Principal principal = securityContext.getUserPrincipal(); // If unauthenticated, ignore. |