diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java | 192 |
1 files changed, 91 insertions, 101 deletions
diff --git a/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java b/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java index 9b7fa4c00..d1cc3d808 100644 --- a/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java +++ b/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.listeners; + import java.io.File; import java.io.IOException; import java.security.cert.X509Certificate; @@ -46,11 +47,12 @@ import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.request.IRequestListener; import com.netscape.certsrv.request.RequestId; + /** * a listener for every completed enrollment request * <p> - * Here is a list of available $TOKENs for email notification templates if - * certificate is successfully issued: + * Here is a list of available $TOKENs for email notification + templates if certificate is successfully issued: * <UL> * <LI>$InstanceID * <LI>$SerialNumber @@ -66,13 +68,13 @@ import com.netscape.certsrv.request.RequestId; * <LI>$RecipientEmail * </UL> * <p> - * Here is a list of available $TOKENs for email notification templates if - * certificate request is revoked: + * Here is a list of available $TOKENs for email notification + templates if certificate request is revoked: * <UL> * <LI>$RequestId * <LI>$InstanceID * </UL> - * + * * @version $Revision$, $Date$ */ public class CertificateRevokedListener implements IRequestListener { @@ -107,7 +109,7 @@ public class CertificateRevokedListener implements IRequestListener { } public void init(ISubsystem sub, IConfigStore config) - throws EListenersException, EPropertyNotFound, EBaseException { + throws EListenersException, EPropertyNotFound, EBaseException { mSubsystem = (ICertAuthority) sub; mConfig = mSubsystem.getConfigStore(); @@ -118,27 +120,27 @@ public class CertificateRevokedListener implements IRequestListener { mSenderEmail = rc.getString(PROP_SENDER_EMAIL); if (mSenderEmail == null) { - throw new EListenersException( - CMS.getLogMessage("NO_NOTIFY_SENDER_EMAIL_CONFIG_FOUND")); + throw new EListenersException(CMS.getLogMessage("NO_NOTIFY_SENDER_EMAIL_CONFIG_FOUND")); } mFormPath = rc.getString(PROP_EMAIL_TEMPLATE); String mDir = null; // figure out the reject email path: same dir as form path, - // same ending as form path + // same ending as form path int ridx = mFormPath.lastIndexOf(File.separator); if (ridx == -1) { - CMS.debug("CertificateRevokedListener: file separator: " - + File.separator + " not found. Use default /"); + CMS.debug("CertificateRevokedListener: file separator: " + File.separator + + + " not found. Use default /"); ridx = mFormPath.lastIndexOf("/"); mDir = mFormPath.substring(0, ridx + 1); } else { - mDir = mFormPath.substring(0, ridx + File.separator.length()); + mDir = mFormPath.substring(0, ridx + + File.separator.length()); } - CMS.debug("CertificateRevokedListener: template file directory: " - + mDir); + CMS.debug("CertificateRevokedListener: template file directory: " + mDir); mRejectPath = mDir + REJECT_FILE_NAME; if (mFormPath.endsWith(".html")) mRejectPath += ".html"; @@ -149,13 +151,12 @@ public class CertificateRevokedListener implements IRequestListener { else if (mFormPath.endsWith(".HTM")) mRejectPath += ".HTM"; - CMS.debug("CertificateRevokedListener: Reject file path: " - + mRejectPath); + CMS.debug("CertificateRevokedListener: Reject file path: " + mRejectPath); mDateFormat = DateFormat.getDateTimeInstance(); mSubject_Success = rc.getString(PROP_EMAIL_SUBJECT, - "Your Certificate Request"); + "Your Certificate Request"); mSubject = new String(mSubject_Success); // form the cert retrieval URL for the notification @@ -167,8 +168,7 @@ public class CertificateRevokedListener implements IRequestListener { } public void accept(IRequest r) { - if (mEnabled != true) - return; + if (mEnabled != true) return; mSubject = mSubject_Success; mReqId = r.getRequestId(); @@ -180,7 +180,7 @@ public class CertificateRevokedListener implements IRequestListener { return; if (rs.equals("complete") == false) { CMS.debug("CertificateRevokedListener: Request status: " + rs); - // revoked(r); + //revoked(r); return; } @@ -189,19 +189,19 @@ public class CertificateRevokedListener implements IRequestListener { return; if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) { - CMS.debug("CertificateRevokedListener: Request errored. " - + "No need to email notify for enrollment request id " - + mReqId); + CMS.debug("CertificateRevokedListener: Request errored. " + + "No need to email notify for enrollment request id " + + mReqId); return; } - + if (requestType.equals(IRequest.REVOCATION_REQUEST)) { CMS.debug("CertificateRevokedListener: accept() revocation request..."); // Get the certificate from the request - // X509CertImpl issuedCert[] = - // (X509CertImpl[]) - RevokedCertImpl crlentries[] = r - .getExtDataInRevokedCertArray(IRequest.CERT_INFO); + //X509CertImpl issuedCert[] = + // (X509CertImpl[]) + RevokedCertImpl crlentries[] = + r.getExtDataInRevokedCertArray(IRequest.CERT_INFO); if (crlentries != null) { CMS.debug("CertificateRevokedListener: Sending email notification.."); @@ -212,10 +212,11 @@ public class CertificateRevokedListener implements IRequestListener { try { keys.set(IEmailResolverKeys.KEY_REQUEST, r); - keys.set(IEmailResolverKeys.KEY_CERT, crlentries[0]); + keys.set(IEmailResolverKeys.KEY_CERT, + crlentries[0]); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString())); } IEmailResolver er = CMS.getReqCertSANameEmailResolver(); @@ -223,29 +224,31 @@ public class CertificateRevokedListener implements IRequestListener { try { mEmail = er.getEmail(keys); } catch (ENotificationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "LISTENERS_CERT_ISSUED_EXCEPTION", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("LISTENERS_CERT_ISSUED_EXCEPTION", + e.toString())); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "LISTENERS_CERT_ISSUED_EXCEPTION", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("LISTENERS_CERT_ISSUED_EXCEPTION", + e.toString())); } catch (Exception e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "LISTENERS_CERT_ISSUED_EXCEPTION", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("LISTENERS_CERT_ISSUED_EXCEPTION", + e.toString())); } - + // now we can mail if ((mEmail != null) && (!mEmail.equals(""))) { mailIt(mEmail, crlentries); } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "LISTENERS_CERT_ISSUED_NOTIFY_ERROR", crlentries[0] - .getSerialNumber().toString(), mReqId - .toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("LISTENERS_CERT_ISSUED_NOTIFY_ERROR", + crlentries[0].getSerialNumber().toString(), mReqId.toString())); // send failure notification to "sender" mSubject = "Certificate Issued notification undeliverable"; mailIt(mSenderEmail, crlentries); } - } + } } } @@ -268,7 +271,7 @@ public class CertificateRevokedListener implements IRequestListener { if (!template.init()) { return; } - + buildContentParams(crlentries, mEmail); IEmailFormProcessor et = CMS.getEmailFormProcessor(); String c = et.getEmailContent(template.toString(), mContentParams); @@ -278,23 +281,22 @@ public class CertificateRevokedListener implements IRequestListener { } mn.setContent(c); } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "LISTENERS_CERT_ISSUED_TEMPLATE_ERROR", crlentries[0] - .getSerialNumber().toString(), mReqId.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("LISTENERS_CERT_ISSUED_TEMPLATE_ERROR", + crlentries[0].getSerialNumber().toString(), mReqId.toString())); - mn.setContent("Serial Number = " + crlentries[0].getSerialNumber() - + "; Request ID = " + mReqId); + mn.setContent("Serial Number = " + + crlentries[0].getSerialNumber() + + "; Request ID = " + mReqId); } - + try { mn.sendNotification(); } catch (ENotificationException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); - + log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); + } catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); } } @@ -307,8 +309,7 @@ public class CertificateRevokedListener implements IRequestListener { keys.set(IEmailResolverKeys.KEY_REQUEST, r); } catch (EBaseException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", - e.toString())); + CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString())); } IEmailResolver er = CMS.getReqCertSANameEmailResolver(); @@ -316,14 +317,11 @@ public class CertificateRevokedListener implements IRequestListener { try { mEmail = er.getEmail(keys); } catch (ENotificationException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); } catch (Exception e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); } // now we can mail @@ -343,25 +341,23 @@ public class CertificateRevokedListener implements IRequestListener { if (!template.init()) { return; } - + if (template.isHTML()) { mn.setContentType("text/html"); } // build some token data mContentParams.put(IEmailFormProcessor.TOKEN_ID, - mConfig.getName()); + mConfig.getName()); mReqId = r.getRequestId(); mContentParams.put(IEmailFormProcessor.TOKEN_REQUEST_ID, - (Object) mReqId.toString()); + (Object) mReqId.toString()); IEmailFormProcessor et = CMS.getEmailFormProcessor(); - String c = et.getEmailContent(template.toString(), - mContentParams); + String c = et.getEmailContent(template.toString(), mContentParams); mn.setContent(c); } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION")); mn.setContent("Your Certificate Request has been revoked. Please contact your administrator for assistance"); } @@ -369,61 +365,55 @@ public class CertificateRevokedListener implements IRequestListener { mn.sendNotification(); } catch (ENotificationException e) { // already logged, lets audit - log(ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); - + log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); + } catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("OPERATION_ERROR", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); } } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "LISTENERS_CERT_ISSUED_REJECTION_NOTIFICATION", - mReqId.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION_NOTIFICATION", mReqId.toString())); } } private void buildContentParams(RevokedCertImpl crlentries[], String mEmail) { - mContentParams.put(IEmailFormProcessor.TOKEN_ID, mConfig.getName()); + mContentParams.put(IEmailFormProcessor.TOKEN_ID, + mConfig.getName()); mContentParams.put(IEmailFormProcessor.TOKEN_SERIAL_NUM, - (Object) crlentries[0].getSerialNumber().toString()); + (Object) crlentries[0].getSerialNumber().toString()); mContentParams.put(IEmailFormProcessor.TOKEN_HEX_SERIAL_NUM, - (Object) Long.toHexString(crlentries[0].getSerialNumber() - .longValue())); + (Object) Long.toHexString(crlentries[0].getSerialNumber().longValue())); mContentParams.put(IEmailFormProcessor.TOKEN_REQUEST_ID, - (Object) mReqId.toString()); + (Object) mReqId.toString()); mContentParams.put(IEmailFormProcessor.TOKEN_HTTP_HOST, - (Object) mHttpHost); + (Object) mHttpHost); mContentParams.put(IEmailFormProcessor.TOKEN_HTTP_PORT, - (Object) mHttpPort); - + (Object) mHttpPort); + try { RevokedCertImpl revCert = (RevokedCertImpl) crlentries[0]; - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); + ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_CA); ICertificateRepository certDB = ca.getCertificateRepository(); - X509Certificate cert = certDB.getX509Certificate(revCert - .getSerialNumber()); + X509Certificate cert = certDB.getX509Certificate(revCert.getSerialNumber()); mContentParams.put(IEmailFormProcessor.TOKEN_ISSUER_DN, - (Object) cert.getIssuerDN().toString()); + (Object) cert.getIssuerDN().toString()); mContentParams.put(IEmailFormProcessor.TOKEN_SUBJECT_DN, - (Object) cert.getSubjectDN().toString()); + (Object) cert.getSubjectDN().toString()); Date date = (Date) crlentries[0].getRevocationDate(); - + mContentParams.put(IEmailFormProcessor.TOKEN_REVOCATION_DATE, - mDateFormat.format(date)); + mDateFormat.format(date)); } catch (EBaseException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", - e.toString())); + CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString())); } mContentParams.put(IEmailFormProcessor.TOKEN_SENDER_EMAIL, - (Object) mSenderEmail); + (Object) mSenderEmail); mContentParams.put(IEmailFormProcessor.TOKEN_RECIPIENT_EMAIL, - (Object) mEmail); + (Object) mEmail); // ... and more } @@ -445,15 +435,15 @@ public class CertificateRevokedListener implements IRequestListener { } else if (name.equalsIgnoreCase(PROP_EMAIL_TEMPLATE)) { mFormPath = val; } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET")); } } private void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER, level, msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER, + level, msg); } } |