diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java | 192 |
1 files changed, 101 insertions, 91 deletions
diff --git a/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java b/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java index d1cc3d808..9b7fa4c00 100644 --- a/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java +++ b/pki/base/common/src/com/netscape/cms/listeners/CertificateRevokedListener.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.listeners; - import java.io.File; import java.io.IOException; import java.security.cert.X509Certificate; @@ -47,12 +46,11 @@ import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.request.IRequestListener; import com.netscape.certsrv.request.RequestId; - /** * a listener for every completed enrollment request * <p> - * Here is a list of available $TOKENs for email notification - templates if certificate is successfully issued: + * Here is a list of available $TOKENs for email notification templates if + * certificate is successfully issued: * <UL> * <LI>$InstanceID * <LI>$SerialNumber @@ -68,13 +66,13 @@ import com.netscape.certsrv.request.RequestId; * <LI>$RecipientEmail * </UL> * <p> - * Here is a list of available $TOKENs for email notification - templates if certificate request is revoked: + * Here is a list of available $TOKENs for email notification templates if + * certificate request is revoked: * <UL> * <LI>$RequestId * <LI>$InstanceID * </UL> - * + * * @version $Revision$, $Date$ */ public class CertificateRevokedListener implements IRequestListener { @@ -109,7 +107,7 @@ public class CertificateRevokedListener implements IRequestListener { } public void init(ISubsystem sub, IConfigStore config) - throws EListenersException, EPropertyNotFound, EBaseException { + throws EListenersException, EPropertyNotFound, EBaseException { mSubsystem = (ICertAuthority) sub; mConfig = mSubsystem.getConfigStore(); @@ -120,27 +118,27 @@ public class CertificateRevokedListener implements IRequestListener { mSenderEmail = rc.getString(PROP_SENDER_EMAIL); if (mSenderEmail == null) { - throw new EListenersException(CMS.getLogMessage("NO_NOTIFY_SENDER_EMAIL_CONFIG_FOUND")); + throw new EListenersException( + CMS.getLogMessage("NO_NOTIFY_SENDER_EMAIL_CONFIG_FOUND")); } mFormPath = rc.getString(PROP_EMAIL_TEMPLATE); String mDir = null; // figure out the reject email path: same dir as form path, - // same ending as form path + // same ending as form path int ridx = mFormPath.lastIndexOf(File.separator); if (ridx == -1) { - CMS.debug("CertificateRevokedListener: file separator: " + File.separator - + - " not found. Use default /"); + CMS.debug("CertificateRevokedListener: file separator: " + + File.separator + " not found. Use default /"); ridx = mFormPath.lastIndexOf("/"); mDir = mFormPath.substring(0, ridx + 1); } else { - mDir = mFormPath.substring(0, ridx + - File.separator.length()); + mDir = mFormPath.substring(0, ridx + File.separator.length()); } - CMS.debug("CertificateRevokedListener: template file directory: " + mDir); + CMS.debug("CertificateRevokedListener: template file directory: " + + mDir); mRejectPath = mDir + REJECT_FILE_NAME; if (mFormPath.endsWith(".html")) mRejectPath += ".html"; @@ -151,12 +149,13 @@ public class CertificateRevokedListener implements IRequestListener { else if (mFormPath.endsWith(".HTM")) mRejectPath += ".HTM"; - CMS.debug("CertificateRevokedListener: Reject file path: " + mRejectPath); + CMS.debug("CertificateRevokedListener: Reject file path: " + + mRejectPath); mDateFormat = DateFormat.getDateTimeInstance(); mSubject_Success = rc.getString(PROP_EMAIL_SUBJECT, - "Your Certificate Request"); + "Your Certificate Request"); mSubject = new String(mSubject_Success); // form the cert retrieval URL for the notification @@ -168,7 +167,8 @@ public class CertificateRevokedListener implements IRequestListener { } public void accept(IRequest r) { - if (mEnabled != true) return; + if (mEnabled != true) + return; mSubject = mSubject_Success; mReqId = r.getRequestId(); @@ -180,7 +180,7 @@ public class CertificateRevokedListener implements IRequestListener { return; if (rs.equals("complete") == false) { CMS.debug("CertificateRevokedListener: Request status: " + rs); - //revoked(r); + // revoked(r); return; } @@ -189,19 +189,19 @@ public class CertificateRevokedListener implements IRequestListener { return; if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) { - CMS.debug("CertificateRevokedListener: Request errored. " + - "No need to email notify for enrollment request id " + - mReqId); + CMS.debug("CertificateRevokedListener: Request errored. " + + "No need to email notify for enrollment request id " + + mReqId); return; } - + if (requestType.equals(IRequest.REVOCATION_REQUEST)) { CMS.debug("CertificateRevokedListener: accept() revocation request..."); // Get the certificate from the request - //X509CertImpl issuedCert[] = - // (X509CertImpl[]) - RevokedCertImpl crlentries[] = - r.getExtDataInRevokedCertArray(IRequest.CERT_INFO); + // X509CertImpl issuedCert[] = + // (X509CertImpl[]) + RevokedCertImpl crlentries[] = r + .getExtDataInRevokedCertArray(IRequest.CERT_INFO); if (crlentries != null) { CMS.debug("CertificateRevokedListener: Sending email notification.."); @@ -212,11 +212,10 @@ public class CertificateRevokedListener implements IRequestListener { try { keys.set(IEmailResolverKeys.KEY_REQUEST, r); - keys.set(IEmailResolverKeys.KEY_CERT, - crlentries[0]); + keys.set(IEmailResolverKeys.KEY_CERT, crlentries[0]); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString())); } IEmailResolver er = CMS.getReqCertSANameEmailResolver(); @@ -224,31 +223,29 @@ public class CertificateRevokedListener implements IRequestListener { try { mEmail = er.getEmail(keys); } catch (ENotificationException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_EXCEPTION", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "LISTENERS_CERT_ISSUED_EXCEPTION", e.toString())); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_EXCEPTION", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "LISTENERS_CERT_ISSUED_EXCEPTION", e.toString())); } catch (Exception e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_EXCEPTION", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "LISTENERS_CERT_ISSUED_EXCEPTION", e.toString())); } - + // now we can mail if ((mEmail != null) && (!mEmail.equals(""))) { mailIt(mEmail, crlentries); } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_NOTIFY_ERROR", - crlentries[0].getSerialNumber().toString(), mReqId.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "LISTENERS_CERT_ISSUED_NOTIFY_ERROR", crlentries[0] + .getSerialNumber().toString(), mReqId + .toString())); // send failure notification to "sender" mSubject = "Certificate Issued notification undeliverable"; mailIt(mSenderEmail, crlentries); } - } + } } } @@ -271,7 +268,7 @@ public class CertificateRevokedListener implements IRequestListener { if (!template.init()) { return; } - + buildContentParams(crlentries, mEmail); IEmailFormProcessor et = CMS.getEmailFormProcessor(); String c = et.getEmailContent(template.toString(), mContentParams); @@ -281,22 +278,23 @@ public class CertificateRevokedListener implements IRequestListener { } mn.setContent(c); } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_TEMPLATE_ERROR", - crlentries[0].getSerialNumber().toString(), mReqId.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "LISTENERS_CERT_ISSUED_TEMPLATE_ERROR", crlentries[0] + .getSerialNumber().toString(), mReqId.toString())); - mn.setContent("Serial Number = " + - crlentries[0].getSerialNumber() + - "; Request ID = " + mReqId); + mn.setContent("Serial Number = " + crlentries[0].getSerialNumber() + + "; Request ID = " + mReqId); } - + try { mn.sendNotification(); } catch (ENotificationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - + log(ILogger.LL_FAILURE, + CMS.getLogMessage("OPERATION_ERROR", e.toString())); + } catch (IOException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("OPERATION_ERROR", e.toString())); } } @@ -309,7 +307,8 @@ public class CertificateRevokedListener implements IRequestListener { keys.set(IEmailResolverKeys.KEY_REQUEST, r); } catch (EBaseException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString())); + CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", + e.toString())); } IEmailResolver er = CMS.getReqCertSANameEmailResolver(); @@ -317,11 +316,14 @@ public class CertificateRevokedListener implements IRequestListener { try { mEmail = er.getEmail(keys); } catch (ENotificationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("OPERATION_ERROR", e.toString())); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("OPERATION_ERROR", e.toString())); } catch (Exception e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("OPERATION_ERROR", e.toString())); } // now we can mail @@ -341,23 +343,25 @@ public class CertificateRevokedListener implements IRequestListener { if (!template.init()) { return; } - + if (template.isHTML()) { mn.setContentType("text/html"); } // build some token data mContentParams.put(IEmailFormProcessor.TOKEN_ID, - mConfig.getName()); + mConfig.getName()); mReqId = r.getRequestId(); mContentParams.put(IEmailFormProcessor.TOKEN_REQUEST_ID, - (Object) mReqId.toString()); + (Object) mReqId.toString()); IEmailFormProcessor et = CMS.getEmailFormProcessor(); - String c = et.getEmailContent(template.toString(), mContentParams); + String c = et.getEmailContent(template.toString(), + mContentParams); mn.setContent(c); } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION")); mn.setContent("Your Certificate Request has been revoked. Please contact your administrator for assistance"); } @@ -365,55 +369,61 @@ public class CertificateRevokedListener implements IRequestListener { mn.sendNotification(); } catch (ENotificationException e) { // already logged, lets audit - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); - + log(ILogger.LL_FAILURE, + CMS.getLogMessage("OPERATION_ERROR", e.toString())); + } catch (IOException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("OPERATION_ERROR", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("OPERATION_ERROR", e.toString())); } } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_REJECTION_NOTIFICATION", mReqId.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "LISTENERS_CERT_ISSUED_REJECTION_NOTIFICATION", + mReqId.toString())); } } private void buildContentParams(RevokedCertImpl crlentries[], String mEmail) { - mContentParams.put(IEmailFormProcessor.TOKEN_ID, - mConfig.getName()); + mContentParams.put(IEmailFormProcessor.TOKEN_ID, mConfig.getName()); mContentParams.put(IEmailFormProcessor.TOKEN_SERIAL_NUM, - (Object) crlentries[0].getSerialNumber().toString()); + (Object) crlentries[0].getSerialNumber().toString()); mContentParams.put(IEmailFormProcessor.TOKEN_HEX_SERIAL_NUM, - (Object) Long.toHexString(crlentries[0].getSerialNumber().longValue())); + (Object) Long.toHexString(crlentries[0].getSerialNumber() + .longValue())); mContentParams.put(IEmailFormProcessor.TOKEN_REQUEST_ID, - (Object) mReqId.toString()); + (Object) mReqId.toString()); mContentParams.put(IEmailFormProcessor.TOKEN_HTTP_HOST, - (Object) mHttpHost); + (Object) mHttpHost); mContentParams.put(IEmailFormProcessor.TOKEN_HTTP_PORT, - (Object) mHttpPort); - + (Object) mHttpPort); + try { RevokedCertImpl revCert = (RevokedCertImpl) crlentries[0]; - ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_CA); + ICertificateAuthority ca = (ICertificateAuthority) CMS + .getSubsystem(CMS.SUBSYSTEM_CA); ICertificateRepository certDB = ca.getCertificateRepository(); - X509Certificate cert = certDB.getX509Certificate(revCert.getSerialNumber()); + X509Certificate cert = certDB.getX509Certificate(revCert + .getSerialNumber()); mContentParams.put(IEmailFormProcessor.TOKEN_ISSUER_DN, - (Object) cert.getIssuerDN().toString()); + (Object) cert.getIssuerDN().toString()); mContentParams.put(IEmailFormProcessor.TOKEN_SUBJECT_DN, - (Object) cert.getSubjectDN().toString()); + (Object) cert.getSubjectDN().toString()); Date date = (Date) crlentries[0].getRevocationDate(); - + mContentParams.put(IEmailFormProcessor.TOKEN_REVOCATION_DATE, - mDateFormat.format(date)); + mDateFormat.format(date)); } catch (EBaseException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", e.toString())); + CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET_RESOLVER", + e.toString())); } mContentParams.put(IEmailFormProcessor.TOKEN_SENDER_EMAIL, - (Object) mSenderEmail); + (Object) mSenderEmail); mContentParams.put(IEmailFormProcessor.TOKEN_RECIPIENT_EMAIL, - (Object) mEmail); + (Object) mEmail); // ... and more } @@ -435,15 +445,15 @@ public class CertificateRevokedListener implements IRequestListener { } else if (name.equalsIgnoreCase(PROP_EMAIL_TEMPLATE)) { mFormPath = val; } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("LISTENERS_CERT_ISSUED_SET")); } } private void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER, - level, msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER, level, msg); } } |