diff options
Diffstat (limited to 'base')
8 files changed, 71 insertions, 33 deletions
diff --git a/base/ca/src/org/dogtagpki/server/ca/rest/CAInstallerService.java b/base/ca/src/org/dogtagpki/server/ca/rest/CAInstallerService.java index e1b71604d..d9b6f81ca 100644 --- a/base/ca/src/org/dogtagpki/server/ca/rest/CAInstallerService.java +++ b/base/ca/src/org/dogtagpki/server/ca/rest/CAInstallerService.java @@ -24,8 +24,6 @@ import java.net.MalformedURLException; import java.net.URL; import java.util.StringTokenizer; -import netscape.ldap.LDAPAttribute; - import org.dogtagpki.server.rest.SystemConfigService; import com.netscape.certsrv.apps.CMS; @@ -37,10 +35,13 @@ import com.netscape.certsrv.ldap.ILdapConnFactory; import com.netscape.certsrv.registry.IPluginInfo; import com.netscape.certsrv.registry.IPluginRegistry; import com.netscape.certsrv.system.ConfigurationRequest; +import com.netscape.certsrv.system.ConfigurationResponse; import com.netscape.cms.servlet.csadmin.ConfigurationUtils; import com.netscape.cmscore.base.LDAPConfigStore; import com.netscape.cmscore.profile.LDAPProfileSubsystem; +import netscape.ldap.LDAPAttribute; + /** * @author alee * @@ -51,9 +52,7 @@ public class CAInstallerService extends SystemConfigService { } @Override - public void finalizeConfiguration(ConfigurationRequest request) { - - super.finalizeConfiguration(request); + public void finalizeConfiguration(ConfigurationRequest request, ConfigurationResponse response) { try { if (!request.isClone()) { @@ -91,6 +90,8 @@ public class CAInstallerService extends SystemConfigService { CMS.debug(e); throw new PKIException("Error enabling profile subsystem"); } + + super.finalizeConfiguration(request, response); } @Override diff --git a/base/common/python/pki/system.py b/base/common/python/pki/system.py index 45aa0d637..46b1d4051 100644 --- a/base/common/python/pki/system.py +++ b/base/common/python/pki/system.py @@ -275,6 +275,19 @@ class SystemConfigClient(object): headers) return response.json() + def finalize(self): + """ + Contacts the server and invokes the Java configuration REST API to + finalize subsystem configuration. + + :return: ConfigurationResponse -- response from configuration servlet. + """ + headers = {'Content-type': 'application/json', + 'Accept': 'application/json'} + response = self.connection.post('/rest/installer/finalize', None, + headers) + return response.json() + class SystemStatusClient(object): """ diff --git a/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java b/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java index 9c570eb2b..104a0af08 100644 --- a/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java +++ b/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java @@ -30,4 +30,8 @@ public interface SystemConfigResource { @POST @Path("configure") public ConfigurationResponse configure(ConfigurationRequest data) throws Exception; + + @POST + @Path("finalize") + public ConfigurationResponse finalizeConfiguration() throws Exception; } diff --git a/base/kra/src/org/dogtagpki/server/kra/rest/KRAInstallerService.java b/base/kra/src/org/dogtagpki/server/kra/rest/KRAInstallerService.java index 52c85a674..5e0eae11b 100644 --- a/base/kra/src/org/dogtagpki/server/kra/rest/KRAInstallerService.java +++ b/base/kra/src/org/dogtagpki/server/kra/rest/KRAInstallerService.java @@ -23,6 +23,7 @@ import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.PKIException; import com.netscape.certsrv.system.ConfigurationRequest; +import com.netscape.certsrv.system.ConfigurationResponse; import com.netscape.cms.servlet.csadmin.ConfigurationUtils; /** @@ -35,9 +36,7 @@ public class KRAInstallerService extends SystemConfigService { } @Override - public void finalizeConfiguration(ConfigurationRequest request) { - - super.finalizeConfiguration(request); + public void finalizeConfiguration(ConfigurationRequest request, ConfigurationResponse response) { try { String ca_host = cs.getString("preop.ca.hostname", ""); @@ -62,5 +61,7 @@ public class KRAInstallerService extends SystemConfigService { CMS.debug(e); throw new PKIException("Errors in updating next serial number ranges in DB: " + e); } + + super.finalizeConfiguration(request, response); } } diff --git a/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java b/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java index 4b0fe0d2a..8a7838c34 100644 --- a/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java +++ b/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPInstallerService.java @@ -24,6 +24,7 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.PKIException; import com.netscape.certsrv.ocsp.IOCSPAuthority; import com.netscape.certsrv.system.ConfigurationRequest; +import com.netscape.certsrv.system.ConfigurationResponse; import com.netscape.cms.servlet.csadmin.ConfigurationUtils; /** @@ -38,9 +39,7 @@ public class OCSPInstallerService extends SystemConfigService { } @Override - public void finalizeConfiguration(ConfigurationRequest request) { - - super.finalizeConfiguration(request); + public void finalizeConfiguration(ConfigurationRequest request, ConfigurationResponse response) { try { String ca_host = cs.getString("preop.ca.hostname", ""); @@ -75,6 +74,8 @@ public class OCSPInstallerService extends SystemConfigService { CMS.debug(e); throw new PKIException("Errors in configuring CA publishing to OCSP: " + e); } + + super.finalizeConfiguration(request, response); } private void configureCloneRefresh(ConfigurationRequest request) { diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java index f9415f520..2b8e109a0 100644 --- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java +++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java @@ -29,6 +29,7 @@ import java.util.Collection; import java.util.Random; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; import javax.ws.rs.core.Context; import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Request; @@ -223,28 +224,22 @@ public class SystemConfigService extends PKIService implements SystemConfigResou CMS.debug("=== Finalization ==="); setupSecurityDomain(data); setupDBUser(data); - finalizeConfiguration(data); - cs.putInteger("cs.state", 1); + HttpSession session = servletRequest.getSession(true); + session.setAttribute("request", data); + session.setAttribute("response", response); + } - // update serial numbers for clones + @Override + public ConfigurationResponse finalizeConfiguration() { - // save some variables, remove remaining preops - try { - ConfigurationUtils.removePreopConfigEntries(); - } catch (EBaseException e) { - CMS.debug(e); - throw new PKIException("Errors when removing preop config entries: " + e, e); - } + HttpSession session = servletRequest.getSession(); + ConfigurationRequest request = (ConfigurationRequest)session.getAttribute("request"); + ConfigurationResponse response = (ConfigurationResponse)session.getAttribute("response"); - // Create an empty file that designates the fact that although - // this server instance has been configured, it has NOT yet - // been restarted! - String restart_server = instanceRoot + "/conf/" + RESTART_SERVER_AFTER_CONFIGURATION; - Utils.exec("touch " + restart_server); - Utils.exec("chmod 00660 " + restart_server); + finalizeConfiguration(request, response); - response.setStatus(SUCCESS); + return response; } private void setupDBUser(ConfigurationRequest data) { @@ -605,7 +600,28 @@ public class SystemConfigService extends PKIService implements SystemConfigResou } } - public void finalizeConfiguration(ConfigurationRequest request) { + public void finalizeConfiguration(ConfigurationRequest request, ConfigurationResponse response) { + + cs.putInteger("cs.state", 1); + + // update serial numbers for clones + + // save some variables, remove remaining preops + try { + ConfigurationUtils.removePreopConfigEntries(); + } catch (EBaseException e) { + CMS.debug(e); + throw new PKIException("Errors when removing preop config entries: " + e, e); + } + + // Create an empty file that designates the fact that although + // this server instance has been configured, it has NOT yet + // been restarted! + String restart_server = instanceRoot + "/conf/" + RESTART_SERVER_AFTER_CONFIGURATION; + Utils.exec("touch " + restart_server); + Utils.exec("chmod 00660 " + restart_server); + + response.setStatus(SUCCESS); } public void configureAdministrator(ConfigurationRequest data, ConfigurationResponse response) { diff --git a/base/server/python/pki/server/deployment/pkihelper.py b/base/server/python/pki/server/deployment/pkihelper.py index ad9a88e63..f4bc518b9 100644 --- a/base/server/python/pki/server/deployment/pkihelper.py +++ b/base/server/python/pki/server/deployment/pkihelper.py @@ -3817,7 +3817,8 @@ class ConfigClient: try: client = pki.system.SystemConfigClient(connection) - response = client.configure(data) + client.configure(data) + response = client.finalize() config.pki_log.debug( log.PKI_CONFIG_RESPONSE_STATUS + " " + str(response['status']), diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java b/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java index fe4e12446..3999949c9 100644 --- a/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java +++ b/base/tps/src/org/dogtagpki/server/tps/rest/TPSInstallerService.java @@ -29,6 +29,7 @@ import com.netscape.certsrv.base.BadRequestException; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.PKIException; import com.netscape.certsrv.system.ConfigurationRequest; +import com.netscape.certsrv.system.ConfigurationResponse; import com.netscape.certsrv.system.SystemCertData; import com.netscape.cms.servlet.csadmin.ConfigurationUtils; @@ -112,9 +113,7 @@ public class TPSInstallerService extends SystemConfigService { } @Override - public void finalizeConfiguration(ConfigurationRequest request) { - - super.finalizeConfiguration(request); + public void finalizeConfiguration(ConfigurationRequest request, ConfigurationResponse response) { try { ConfigurationUtils.addProfilesToTPSUser(request.getAdminUID()); @@ -149,5 +148,7 @@ public class TPSInstallerService extends SystemConfigService { CMS.debug(e); throw new PKIException("Errors in registering TPS to CA, TKS or KRA: " + e); } + + super.finalizeConfiguration(request, response); } } |