diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/profile/common/CAEnrollProfile.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/profile/common/CAEnrollProfile.java | 109 |
1 files changed, 50 insertions, 59 deletions
diff --git a/pki/base/common/src/com/netscape/cms/profile/common/CAEnrollProfile.java b/pki/base/common/src/com/netscape/cms/profile/common/CAEnrollProfile.java index 32cd51b5f..aa18acd3b 100644 --- a/pki/base/common/src/com/netscape/cms/profile/common/CAEnrollProfile.java +++ b/pki/base/common/src/com/netscape/cms/profile/common/CAEnrollProfile.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.profile.common; - import java.util.Enumeration; import netscape.security.x509.X500Name; @@ -41,27 +40,24 @@ import com.netscape.certsrv.profile.IProfileUpdater; import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.request.RequestStatus; - /** * This class implements a Certificate Manager enrollment * profile. - * + * * @version $Revision$, $Date$ */ public class CAEnrollProfile extends EnrollProfile { - private final static String - LOGGING_SIGNED_AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST = - "LOGGING_SIGNED_AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST_4"; - + private final static String LOGGING_SIGNED_AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST = + "LOGGING_SIGNED_AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST_4"; public CAEnrollProfile() { super(); } public IAuthority getAuthority() { - IAuthority authority = (IAuthority) - CMS.getSubsystem(CMS.SUBSYSTEM_CA); + IAuthority authority = (IAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_CA); if (authority == null) return null; @@ -70,17 +66,17 @@ public class CAEnrollProfile extends EnrollProfile { public X500Name getIssuerName() { ICertificateAuthority ca = (ICertificateAuthority) - CMS.getSubsystem(CMS.SUBSYSTEM_CA); + CMS.getSubsystem(CMS.SUBSYSTEM_CA); X500Name issuerName = ca.getX500Name(); return issuerName; } public void execute(IRequest request) - throws EProfileException { + throws EProfileException { long startTime = CMS.getCurrentDate().getTime(); - + if (!isEnable()) { CMS.debug("CAEnrollProfile: Profile Not Enabled"); throw new EProfileException("Profile Not Enabled"); @@ -91,14 +87,13 @@ public class CAEnrollProfile extends EnrollProfile { String auditRequesterID = auditRequesterID(request); String auditArchiveID = ILogger.UNIDENTIFIED; - String id = request.getRequestId().toString(); if (id != null) { auditArchiveID = id.trim(); } - CMS.debug("CAEnrollProfile: execute reqId=" + - request.getRequestId().toString()); + CMS.debug("CAEnrollProfile: execute reqId=" + + request.getRequestId().toString()); ICertificateAuthority ca = (ICertificateAuthority) getAuthority(); ICAService caService = (ICAService) ca.getCAService(); @@ -113,41 +108,39 @@ public class CAEnrollProfile extends EnrollProfile { // do not archive keys for renewal requests if ((optionsData != null) && (!request.getRequestType().equals(IRequest.RENEWAL_REQUEST))) { PKIArchiveOptions options = (PKIArchiveOptions) - toPKIArchiveOptions(optionsData); + toPKIArchiveOptions(optionsData); if (options != null) { CMS.debug("CAEnrollProfile: execute found " + - "PKIArchiveOptions"); + "PKIArchiveOptions"); try { IConnector kraConnector = caService.getKRAConnector(); if (kraConnector == null) { CMS.debug("CAEnrollProfile: KRA connector " + - "not configured"); + "not configured"); auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST, - auditSubjectID, - ILogger.FAILURE, - auditRequesterID, - auditArchiveID); + LOGGING_SIGNED_AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST, + auditSubjectID, + ILogger.FAILURE, + auditRequesterID, + auditArchiveID); audit(auditMessage); - + } else { CMS.debug("CAEnrollProfile: execute send request"); kraConnector.send(request); - - // check response if (!request.isSuccess()) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST, - auditSubjectID, - ILogger.FAILURE, - auditRequesterID, - auditArchiveID); + LOGGING_SIGNED_AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST, + auditSubjectID, + ILogger.FAILURE, + auditRequesterID, + auditArchiveID); audit(auditMessage); throw new ERejectException( @@ -155,17 +148,16 @@ public class CAEnrollProfile extends EnrollProfile { } auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST, - auditSubjectID, - ILogger.SUCCESS, - auditRequesterID, - auditArchiveID); + LOGGING_SIGNED_AUDIT_PRIVATE_KEY_ARCHIVE_REQUEST, + auditSubjectID, + ILogger.SUCCESS, + auditRequesterID, + auditArchiveID); audit(auditMessage); } } catch (Exception e) { - if (e instanceof ERejectException) { throw (ERejectException) e; } @@ -194,12 +186,12 @@ public class CAEnrollProfile extends EnrollProfile { sc.put("profileId", getId()); String setId = request.getExtDataInString("profileSetId"); if (setId != null) { - sc.put("profileSetId", setId); + sc.put("profileSetId", setId); } try { theCert = caService.issueX509Cert(info, getId() /* profileId */, - id /* requestId */); + id /* requestId */); } catch (EBaseException e) { CMS.debug(e.toString()); @@ -211,24 +203,24 @@ public class CAEnrollProfile extends EnrollProfile { String initiative = AuditFormat.FROMAGENT + " userID: " - + (String)sc.get(SessionContext.USER_ID); - String authMgr = (String)sc.get(SessionContext.AUTH_MANAGER_ID); + + (String) sc.get(SessionContext.USER_ID); + String authMgr = (String) sc.get(SessionContext.AUTH_MANAGER_ID); ILogger logger = CMS.getLogger(); - if( logger != null ) { - logger.log( ILogger.EV_AUDIT, - ILogger.S_OTHER, AuditFormat.LEVEL, AuditFormat.FORMAT, - new Object[] { - request.getRequestType(), - request.getRequestId(), - initiative, - authMgr, - "completed", - theCert.getSubjectDN(), - "cert issued serial number: 0x" + - theCert.getSerialNumber().toString(16) + - " time: " + (endTime - startTime) } - ); + if (logger != null) { + logger.log(ILogger.EV_AUDIT, + ILogger.S_OTHER, AuditFormat.LEVEL, AuditFormat.FORMAT, + new Object[] { + request.getRequestType(), + request.getRequestId(), + initiative, + authMgr, + "completed", + theCert.getSubjectDN(), + "cert issued serial number: 0x" + + theCert.getSerialNumber().toString(16) + + " time: " + (endTime - startTime) } + ); } request.setRequestStatus(RequestStatus.COMPLETE); @@ -236,9 +228,9 @@ public class CAEnrollProfile extends EnrollProfile { // notifies updater plugins Enumeration updaterIds = getProfileUpdaterIds(); while (updaterIds.hasMoreElements()) { - String updaterId = (String)updaterIds.nextElement(); - IProfileUpdater updater = getProfileUpdater(updaterId); - updater.update(request, RequestStatus.COMPLETE); + String updaterId = (String) updaterIds.nextElement(); + IProfileUpdater updater = getProfileUpdater(updaterId); + updater.update(request, RequestStatus.COMPLETE); } // set value for predicate value - checking in getRule @@ -248,4 +240,3 @@ public class CAEnrollProfile extends EnrollProfile { request.setExtData("isEncryptionCert", "false"); } } - |