diff options
Diffstat (limited to 'base/tps/src/org/dogtagpki/server/tps/cms/ConnectionManager.java')
-rw-r--r-- | base/tps/src/org/dogtagpki/server/tps/cms/ConnectionManager.java | 229 |
1 files changed, 229 insertions, 0 deletions
diff --git a/base/tps/src/org/dogtagpki/server/tps/cms/ConnectionManager.java b/base/tps/src/org/dogtagpki/server/tps/cms/ConnectionManager.java new file mode 100644 index 000000000..2b5ab2208 --- /dev/null +++ b/base/tps/src/org/dogtagpki/server/tps/cms/ConnectionManager.java @@ -0,0 +1,229 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2013 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package org.dogtagpki.server.tps.cms; + +import java.util.Arrays; +import java.util.Enumeration; +import java.util.Hashtable; +import java.util.List; + +import javax.ws.rs.core.MediaType; + +import org.dogtagpki.server.tps.TPSSubsystem; + +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.connector.IConnector; +import com.netscape.cmscore.connector.HttpConnector; +import com.netscape.cmscore.connector.RemoteAuthority; + +/** + * ConnectionManager is a class for connection management + * of its Remote Authorities + * + * @author cfu + */ +public class ConnectionManager +{ + private Hashtable<String, IConnector> connectors; + List<String> caList; + + public ConnectionManager() { + // initialize the ca list for revocation routing: + // tps.connCAList=ca1,ca2...ca<n> + TPSSubsystem subsystem = + (TPSSubsystem) CMS.getSubsystem(TPSSubsystem.ID); + IConfigStore conf = subsystem.getConfigStore(); + String caListString; + try { + caListString = conf.getString("connCAList"); + CMS.debug("ConnectionManager: ConnectionManager(): Initializing CA routing list"); + } catch (EBaseException e) { + CMS.debug("ConnectionManager: ConnectionManager(): no connCAList for ca discovery. No revocation routing"); + return; + } + + caList = Arrays.asList(caListString.split(",")); + CMS.debug("ConnectionManager: ConnectionManager(): CA routing list initialized."); + } + + public List<String> getCAList() { + return caList; + } + + /* + * connector establishment with multi-uri support + * + * Initialize all connectors + * tps.connector.<connID>.xxx + * + * e.g. (with Failover list under "host", separated by a space) + * + * tps.connector.ca1.enable=true + * tps.connector.ca1.minHttpConns=1 + * tps.connector.ca1.maxHttpConns=15 + * tps.connector.ca1.host=host1.EXAMPLE.com:8445 host2.EXAMPLE.com:8445 + * tps.connector.ca1.port=<port number; unused if for failover case> + * tps.connector.ca1.nickName=subsystemCert cert-pki-tomcat TPS + * tps.connector.ca1.timeout=30 + * # In the example below, + * # "enrollment", "getcert", "renewal", "revoke", and "unrevoke" + * # are what's being referred to as "op" in the multi-uri support code + * tps.connector.ca1.uri.enrollment=/ca/ee/ca/profileSubmitSSLClient + * tps.connector.ca1.uri.renewal=/ca/ee/ca/profileSubmitSSLClient + * tps.connector.ca1.uri.getcert=/ca/ee/ca/displayBySerial + * tps.connector.ca1.uri.revoke=/ca/ee/subsystem/ca/doRevoke + * tps.connector.ca1.uri.unrevoke=/ca/ee/subsystem/ca/doUnrevoke + */ + public void initConnectors() throws EBaseException { + CMS.debug("ConnectionManager: initConnectors(): begins."); + TPSSubsystem subsystem = + (TPSSubsystem) CMS.getSubsystem(TPSSubsystem.ID); + IConfigStore conf = subsystem.getConfigStore(); + IConfigStore connectorSubstore = conf.getSubStore("connector"); + Enumeration<String> connector_enu = connectorSubstore.getSubStoreNames(); + connectors = new Hashtable<String, IConnector>(); + while (connector_enu.hasMoreElements()) { + String connectorID = connector_enu.nextElement(); + CMS.debug("ConnectionManager: initConnectors(): initializing connector " + connectorID); + IConfigStore connectorConfig = + connectorSubstore.getSubStore(connectorID); + IConnector conn = null; + boolean enable = connectorConfig.getBoolean("enable", false); + if (!enable) { + CMS.debug("ConnectionManager: initConnectors(): connector disabled."); + continue; + } + CMS.debug("ConnectionManager: initConnectors(): connector enabled."); + conn = createConnector(connectorConfig); + + connectors.put(connectorID, conn); + CMS.debug("ConnectionManager: initConnectors(): connector " + + connectorID + + " initialized."); + } + CMS.debug("ConnectionManager: initConnectors(): ends."); + } + + /* + * Creates and returns a connector + * + * @param conf config store of the connector + * @return IConnector the connector if created successfully; null if not + */ + private IConnector createConnector(IConfigStore conf) + throws EBaseException { + IConnector connector = null; + + CMS.debug("ConnectionManager: createConnector(): begins."); + if (conf == null || conf.size() <= 0) { + CMS.debug("ConnectionManager: createConnector(): conf null or empty."); + throw new EBaseException("called with null config store"); + } + + String host = conf.getString("host"); + if (host == null) { + CMS.debug("ConnectionManager: createConnector(): host not found in config."); + throw new EBaseException("host not found in config"); + } + // port doesn't have to contain anything if failover supplied in host + int port = conf.getInteger("port"); + + Hashtable<String, String> uris = new Hashtable<String, String>(); + IConfigStore uriSubstore = conf.getSubStore("uri"); + if (uriSubstore == null) { + CMS.debug("ConnectionManager: createConnector(): uri(s) not found in config."); + throw new EBaseException("uri(s) not found in config"); + } + CMS.debug("ConnectionManager: createConnector(): uriSubstore name=" + uriSubstore.getName() + " size =" + + uriSubstore.size()); + + Enumeration<String> uri_enu = uriSubstore.getPropertyNames(); + while (uri_enu.hasMoreElements()) { + String op = uri_enu.nextElement(); + if ((op != null) && !op.equals("")) + CMS.debug("ConnectionManager: createConnector(): op name=" + op); + else + continue; + + String uriValue = uriSubstore.getString(op); + if ((uriValue != null) && !uriValue.equals("")) + CMS.debug("ConnectionManager: createConnector(): uri value=" + uriValue); + else + continue; + uris.put(op, uriValue); + } + + String nickname = conf.getString("nickName", null); + if (nickname != null) + CMS.debug("ConnectionManager: createConnector(): nickName=" + nickname); + else { + CMS.debug("ConnectionManager: createConnector(): nickName not found in config"); + throw new EBaseException("nickName not found in config"); + } + + // "resendInterval" is for Request Queue, and not supported in TPS + int resendInterval = -1; + int timeout = conf.getInteger("timeout", 0); + RemoteAuthority remauthority = + new RemoteAuthority(host, port, uris, timeout, MediaType.APPLICATION_FORM_URLENCODED); + + CMS.debug("ConnectionManager: createConnector(): establishing HttpConnector"); + if (timeout == 0) { + connector = + new HttpConnector(null, nickname, remauthority, resendInterval, conf); + } else { + connector = + new HttpConnector(null, nickname, remauthority, resendInterval, conf, timeout); + } + + CMS.debug("ConnectionManager: createConnector(): ends."); + return connector; + } + + /* + * Gets an established connector to be used to send requests + * to a remote Authority (Note that Failover is supported in the + * underlying connector framework. + * + * Example usage (with example config for "ca1" defined above + * in initConnectors(): + * + * TPSSubsystem subsystem = (TPSSubsystem)CMS.getSubsystem(TPSSubsystem.ID); + * HttpConnector testConn = + * (HttpConnector) subsystem.getConnectionManager().getConnector(connectionID); + * HttpResponse resp = + * testConn.send("renewal", + * "serial_num=6&profileId=caTokenUserEncryptionKeyRenewal&renewal=true"); + * if (resp != null) { + * CMS.debug("Connector test: HttpResponse content:"+ + * resp.getContent()); + * } else { + * CMS.debug("Connector test: HttpResponse content null"); + * } + * + * @param connID connection id per defined in the configuration + * @return IConnector the connector matching the connection id + */ + public IConnector getConnector(String connID) { + return connectors.get(connID); + } + +} |