diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java')
| -rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java | 1074 |
1 files changed, 585 insertions, 489 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java index 9945171fd..ff9b99115 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.util.Enumeration; import java.util.Locale; @@ -45,12 +46,13 @@ import com.netscape.certsrv.common.ScopeDef; import com.netscape.certsrv.ldap.ILdapAuthInfo; import com.netscape.certsrv.logging.ILogger; + /** - * A class representing an administration servlet for the Authentication - * Management subsystem. This servlet is responsible to serve configuration - * requests for the Auths Management subsystem. - * + * A class representing an administration servlet for the + * Authentication Management subsystem. This servlet is responsible + * to serve configuration requests for the Auths Management subsystem. * + * * @version $Revision$, $Date$ */ public class AuthAdminServlet extends AdminServlet { @@ -62,11 +64,13 @@ public class AuthAdminServlet extends AdminServlet { private final static String INFO = "AuthAdminServlet"; private IAuthSubsystem mAuths = null; - private final static String PW_PASSWORD_CACHE_ADD = "PASSWORD_CACHE_ADD"; + private final static String PW_PASSWORD_CACHE_ADD = + "PASSWORD_CACHE_ADD"; private final static String VIEW = ";" + Constants.VIEW; private final static String EDIT = ";" + Constants.EDIT; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_AUTH = "LOGGING_SIGNED_AUDIT_CONFIG_AUTH_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_AUTH = + "LOGGING_SIGNED_AUDIT_CONFIG_AUTH_3"; public AuthAdminServlet() { super(); @@ -84,19 +88,19 @@ public class AuthAdminServlet extends AdminServlet { /** * Returns serlvet information. */ - public String getServletInfo() { - return INFO; + public String getServletInfo() { + return INFO; } /** - * retrieve extended plugin info such as brief description, type info from - * policy, authentication, need to add: listener, mapper and publishing - * plugins --- same as policy, should we move this into - * extendedpluginhelper? + * retrieve extended plugin info such as brief description, type info + * from policy, authentication, + * need to add: listener, mapper and publishing plugins + * --- same as policy, should we move this into extendedpluginhelper? */ private void getExtendedPluginInfo(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); @@ -105,14 +109,13 @@ public class AuthAdminServlet extends AdminServlet { String implType = id.substring(0, colon); String implName = id.substring(colon + 1); - NameValuePairs params = getExtendedPluginInfo(getLocale(req), implType, - implName); + NameValuePairs params = + getExtendedPluginInfo(getLocale(req), implType, implName); sendResponse(SUCCESS, null, params, resp); } - private NameValuePairs getExtendedPluginInfo(Locale locale, - String implType, String implName) { + private NameValuePairs getExtendedPluginInfo(Locale locale, String implType, String implName) { IExtendedPluginInfo ext_info = null; Object impl = null; @@ -128,8 +131,7 @@ public class AuthAdminServlet extends AdminServlet { if (ext_info == null) { nvps = new NameValuePairs(); } else { - nvps = convertStringArrayToNVPairs(ext_info - .getExtendedPluginInfo(locale)); + nvps = convertStringArrayToNVPairs(ext_info.getExtendedPluginInfo(locale)); } return nvps; @@ -140,41 +142,42 @@ public class AuthAdminServlet extends AdminServlet { * Serves HTTP admin request. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); String scope = req.getParameter(Constants.OP_SCOPE); String op = req.getParameter(Constants.OP_TYPE); if (op == null) { - // System.out.println("SRVLT_INVALID_PROTOCOL"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); + //System.out.println("SRVLT_INVALID_PROTOCOL"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), + null, resp); return; } // if it is not authentication, that means it is for CSC admin ping. // the best way to do is to define another protocol for ping and move // it to the generic servlet which is admin servlet. - if (!op.equals(OpDef.OP_AUTH)) { + if (!op.equals(OpDef.OP_AUTH)) { if (scope.equals(ScopeDef.SC_AUTH)) { String id = req.getParameter(Constants.RS_ID); // for CSC admin ping only - if (op.equals(OpDef.OP_READ) - && id.equals(Constants.RS_ID_CONFIG)) { + if (op.equals(OpDef.OP_READ) && + id.equals(Constants.RS_ID_CONFIG)) { - // no need to authenticate this. if we're alive, return - // true. + // no need to authenticate this. if we're alive, return true. NameValuePairs params = new NameValuePairs(); params.add(Constants.PR_PING, Constants.TRUE); sendResponse(SUCCESS, null, params, resp); return; } else { - // System.out.println("SRVLT_INVALID_OP_TYPE"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), null, resp); + //System.out.println("SRVLT_INVALID_OP_TYPE"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), + null, resp); return; } } @@ -183,7 +186,7 @@ public class AuthAdminServlet extends AdminServlet { try { if (op.equals(OpDef.OP_AUTH)) { if (scope.equals(ScopeDef.SC_AUTHTYPE)) { - IConfigStore configStore = CMS.getConfigStore(); + IConfigStore configStore = CMS.getConfigStore(); String val = configStore.getString("authType", "pwd"); NameValuePairs params = new NameValuePairs(); @@ -193,11 +196,11 @@ public class AuthAdminServlet extends AdminServlet { } } } catch (Exception e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); + sendResponse(ERROR,CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHS_FAILED"), + null, resp); return; } - // for the rest + // for the rest try { super.authenticate(req); if (op.equals(OpDef.OP_AUTH)) { // for admin authentication only @@ -205,9 +208,9 @@ public class AuthAdminServlet extends AdminServlet { return; } } catch (IOException e) { - // System.out.println("SRVLT_FAIL_AUTHS"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_AUTHS"); + sendResponse(ERROR,CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHS_FAILED"), + null, resp); return; } @@ -219,24 +222,24 @@ public class AuthAdminServlet extends AdminServlet { try { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage( - getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } getExtendedPluginInfo(req, resp); return; } catch (EBaseException e) { - sendResponse(ERROR, e.toString(getLocale(req)), null, - resp); + sendResponse(ERROR, e.toString(getLocale(req)), null, resp); return; } } if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -246,15 +249,17 @@ public class AuthAdminServlet extends AdminServlet { listAuthMgrInsts(req, resp); return; } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -264,15 +269,17 @@ public class AuthAdminServlet extends AdminServlet { getInstConfig(req, resp); return; } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_ADD)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -282,15 +289,17 @@ public class AuthAdminServlet extends AdminServlet { addAuthMgrInst(req, resp, scope); return; } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_DELETE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -300,15 +309,17 @@ public class AuthAdminServlet extends AdminServlet { delAuthMgrInst(req, resp, scope); return; } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_MGR_INSTANCE)) { @@ -316,17 +327,19 @@ public class AuthAdminServlet extends AdminServlet { return; } } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } - } + } } catch (EBaseException e) { sendResponse(ERROR, e.toString(getLocale(req)), null, resp); return; - } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_PERFORM_FAILED"), null, resp); + } + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_PERFORM_FAILED"), + null, resp); return; } @@ -343,23 +356,22 @@ public class AuthAdminServlet extends AdminServlet { /** * Add authentication manager plug-in * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addAuthMgrPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addAuthMgrPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -372,30 +384,33 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // is the manager id unique? if (mAuths.getPlugins().containsKey((Object) id)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - new EAuthException(CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)) - .toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)).toString(), + null, resp); return; } @@ -404,36 +419,39 @@ public class AuthAdminServlet extends AdminServlet { if (classPath == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_NULL_AUTHMGR_CLASSNAME"), null, - resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_NULL_AUTHMGR_CLASSNAME"), + null, resp); return; } - if (classPath - .equals("com.netscape.cmscore.authentication.PasswdUserDBAuthentication") - || classPath - .equals("com.netscape.cmscore.authentication.CertUserDBAuthentication")) { + if (classPath.equals("com.netscape.cmscore.authentication.PasswdUserDBAuthentication") || + classPath.equals("com.netscape.cmscore.authentication.CertUserDBAuthentication")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_BASE_PERMISSION_DENIED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); return; } - IConfigStore destStore = mConfig - .getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); // Does the class exist? Class newImpl = null; @@ -443,26 +461,30 @@ public class AuthAdminServlet extends AdminServlet { } catch (ClassNotFoundException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), null, - resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), + null, resp); return; } catch (IllegalArgumentException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), null, - resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), + null, resp); return; } @@ -471,26 +493,31 @@ public class AuthAdminServlet extends AdminServlet { if (IAuthManager.class.isAssignableFrom(newImpl) == false) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_ILL_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_ILL_CLASS"), + null, resp); return; } - } catch (NullPointerException e) { // unlikely, only if newImpl - // null. + } catch (NullPointerException e) { // unlikely, only if newImpl null. // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_ILL_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_ILL_CLASS"), + null, resp); return; } @@ -504,14 +531,17 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -519,75 +549,80 @@ public class AuthAdminServlet extends AdminServlet { AuthMgrPlugin plugin = new AuthMgrPlugin(id, classPath); mAuths.getPlugins().put(id, plugin); - mAuths.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_PLUGIN_ADD", id)); + mAuths.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_PLUGIN_ADD", id)); NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Add authentication manager instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addAuthMgrInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addAuthMgrInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -600,13 +635,16 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -614,13 +652,16 @@ public class AuthAdminServlet extends AdminServlet { if (mAuths.getInstances().containsKey((Object) id)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_ILL_MGR_INST_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_ILL_MGR_INST_ID"), + null, resp); return; } @@ -632,41 +673,43 @@ public class AuthAdminServlet extends AdminServlet { if (implname == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_MISSING_PARAMS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_MISSING_PARAMS"), + null, resp); return; } // prevent agent & admin creation. - if (implname.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) - || implname.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (implname.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) || + implname.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); } // check if implementation exists. - AuthMgrPlugin plugin = (AuthMgrPlugin) mAuths.getPlugins().get( - implname); + AuthMgrPlugin plugin = + (AuthMgrPlugin) mAuths.getPlugins().get(implname); if (plugin == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - new EAuthMgrPluginNotFound(CMS.getUserMessage( - getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", - implname)).toString(), null, resp); + sendResponse(ERROR, + new EAuthMgrPluginNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", implname)).toString(), + null, resp); return; } @@ -675,9 +718,10 @@ public class AuthAdminServlet extends AdminServlet { // are there, but not checking the values are valid String[] configParams = mAuths.getConfigParams(implname); - IConfigStore destStore = mConfig - .getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); IConfigStore substore = instancesConfig.makeSubStore(id); if (configParams != null) { @@ -703,56 +747,52 @@ public class AuthAdminServlet extends AdminServlet { IAuthManager authMgrInst = null; try { - authMgrInst = (IAuthManager) Class.forName(className) - .newInstance(); + authMgrInst = (IAuthManager) Class.forName(className).newInstance(); } catch (ClassNotFoundException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // cleanup instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (InstantiationException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } @@ -762,8 +802,10 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -779,31 +821,37 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // clean up. instancesConfig.removeSubStore(id); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // inited and commited ok. now add manager instance to list. mAuths.add(id, authMgrInst); - mAuths.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_ADD", id)); + mAuths.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_ADD", id)); NameValuePairs params = new NameValuePairs(); params.add(Constants.PR_AUTH_IMPL_NAME, implname); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -811,8 +859,11 @@ public class AuthAdminServlet extends AdminServlet { return; } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -820,38 +871,42 @@ public class AuthAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } - private synchronized void listAuthMgrPlugins(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listAuthMgrPlugins(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = mAuths.getPlugins().keys(); while (e.hasMoreElements()) { String name = (String) e.nextElement(); - AuthMgrPlugin value = (AuthMgrPlugin) mAuths.getPlugins().get(name); + AuthMgrPlugin value = (AuthMgrPlugin) + mAuths.getPlugins().get(name); if (value.isVisible()) { params.add(name, value.getClassPath() + EDIT); @@ -861,16 +916,16 @@ public class AuthAdminServlet extends AdminServlet { return; } - private synchronized void listAuthMgrInsts(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listAuthMgrInsts(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); - for (Enumeration e = mAuths.getInstances().keys(); e.hasMoreElements();) { + for (Enumeration e = mAuths.getInstances().keys(); + e.hasMoreElements();) { String name = (String) e.nextElement(); - AuthManagerProxy proxy = (AuthManagerProxy) mAuths.getInstances() - .get(name); + AuthManagerProxy proxy = (AuthManagerProxy) mAuths.getInstances().get(name); IAuthManager value = proxy.getAuthManager(); String enableStr = "enabled"; @@ -878,12 +933,11 @@ public class AuthAdminServlet extends AdminServlet { enableStr = "disabled"; } - AuthMgrPlugin amgrplugin = (AuthMgrPlugin) mAuths.getPlugins().get( - value.getImplName()); + AuthMgrPlugin amgrplugin = (AuthMgrPlugin) + mAuths.getPlugins().get(value.getImplName()); if (!amgrplugin.isVisible()) { - params.add(name, value.getImplName() + ";invisible;" - + enableStr); + params.add(name, value.getImplName() + ";invisible;" + enableStr); } else { params.add(name, value.getImplName() + ";visible;" + enableStr); } @@ -895,22 +949,21 @@ public class AuthAdminServlet extends AdminServlet { /** * Delete authentication manager plug-in * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void delAuthMgrPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, + private synchronized void delAuthMgrPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, IOException, EBaseException { String auditMessage = null; @@ -925,69 +978,74 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // prevent deletion of admin and agent. - if (id.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) - || id.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (id.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) || + id.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); } // does auth manager exist? if (mAuths.getPlugins().containsKey(id) == false) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - new EAuthMgrPluginNotFound(CMS.getUserMessage( - getLocale(req), - "CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)) - .toString(), null, resp); + sendResponse(ERROR, + new EAuthMgrPluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)).toString(), + null, resp); return; } // first check if any instances from this auth manager // DON'T remove auth manager if any instance - for (Enumeration e = mAuths.getInstances().keys(); e - .hasMoreElements();) { - IAuthManager authMgr = (IAuthManager) mAuths.get((String) e - .nextElement()); + for (Enumeration e = mAuths.getInstances().keys(); + e.hasMoreElements();) { + IAuthManager authMgr = (IAuthManager) mAuths.get((String) e.nextElement()); if (authMgr.getImplName() == id) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_MGR_IN_USE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_MGR_IN_USE"), + null, resp); return; } } - + // then delete this auth manager mAuths.getPlugins().remove((Object) id); - IConfigStore destStore = mConfig - .getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); instancesConfig.removeSubStore(id); // commiting @@ -996,79 +1054,87 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } } /** * Delete authentication manager instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void delAuthMgrInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, + private synchronized void delAuthMgrInst(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, IOException, EBaseException { String auditMessage = null; @@ -1083,52 +1149,56 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // prevent deletion of admin and agent. - if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) - || id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) || + id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); } // does auth manager instance exist? if (mAuths.getInstances().containsKey(id) == false) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)) - .toString(), null, resp); + sendResponse(ERROR, + new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)).toString(), + null, resp); return; } // only remove from memory // cannot shutdown because we don't keep track of whether it's - // being used. + // being used. IAuthManager mgrInst = (IAuthManager) mAuths.get(id); mAuths.getInstances().remove((Object) id); // remove the configuration. - IConfigStore destStore = mConfig - .getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); instancesConfig.removeSubStore(id); // commiting @@ -1137,85 +1207,96 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } - // This only works in the fact that we only support one instance per - // auth plugin. + //This only works in the fact that we only support one instance per + //auth plugin. ILdapAuthInfo authInfo = CMS.getLdapAuthInfo(); authInfo.removePassword("Rule " + id); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** - * used for getting the required configuration parameters (with possible - * default values) for a particular auth manager plugin implementation name - * specified in the RS_ID. Actually, there is no logic in here to set any - * default value here...there's no default value for any parameter in this - * authentication subsystem at this point. Later, if we do have one (or - * some), it can be added. The interface remains the same. + * used for getting the required configuration parameters (with + * possible default values) for a particular auth manager plugin + * implementation name specified in the RS_ID. Actually, there is + * no logic in here to set any default value here...there's no + * default value for any parameter in this authentication subsystem + * at this point. Later, if we do have one (or some), it can be + * added. The interface remains the same. */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String implname = req.getParameter(Constants.RS_ID); if (implname == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1233,26 +1314,25 @@ public class AuthAdminServlet extends AdminServlet { return; } - private synchronized void getInstConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getInstConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does auth manager instance exist? if (mAuths.getInstances().containsKey(id) == false) { - sendResponse( - ERROR, - new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)) - .toString(), null, resp); + sendResponse(ERROR, + new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)).toString(), + null, resp); return; } @@ -1281,29 +1361,29 @@ public class AuthAdminServlet extends AdminServlet { } /** - * Modify authentication manager instance This will actually create a new - * instance with new configuration parameters and replace the old instance - * if the new instance is created and initialized successfully. The old - * instance is left running, so this is very expensive. Restart of server - * recommended. + * Modify authentication manager instance + * This will actually create a new instance with new configuration + * parameters and replace the old instance if the new instance is + * created and initialized successfully. + * The old instance is left running, so this is very expensive. + * Restart of server recommended. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modAuthMgrInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void modAuthMgrInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { // expensive operation. @@ -1318,37 +1398,41 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // prevent modification of admin and agent. - if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) - || id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) || + id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); } // Does the manager instance exist? if (!mAuths.getInstances().containsKey((Object) id)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - CMS.getUserMessage("CMS_AUTHENTICATION_MGR_IMPL_NOT_FOUND"), - null, resp); + sendResponse(ERROR, + CMS.getUserMessage("CMS_AUTHENTICATION_MGR_IMPL_NOT_FOUND"), + null, resp); return; } @@ -1358,42 +1442,43 @@ public class AuthAdminServlet extends AdminServlet { if (implname == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - CMS.getUserMessage("CMS_AUTHENTICATION_MISSING_PARAMS"), - null, resp); + sendResponse(ERROR, + CMS.getUserMessage("CMS_AUTHENTICATION_MISSING_PARAMS"), + null, resp); return; } - // get plugin for implementation - AuthMgrPlugin plugin = (AuthMgrPlugin) mAuths.getPlugins().get( - implname); + // get plugin for implementation + AuthMgrPlugin plugin = + (AuthMgrPlugin) mAuths.getPlugins().get(implname); if (plugin == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - new EAuthMgrPluginNotFound(CMS.getUserMessage( - getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", - implname)).toString(), null, resp); + sendResponse(ERROR, + new EAuthMgrPluginNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", implname)).toString(), + null, resp); return; } - // save old instance substore params in case new one fails. + // save old instance substore params in case new one fails. - IAuthManager oldinst = (IAuthManager) mAuths.get(id); + IAuthManager oldinst = + (IAuthManager) mAuths.get(id); IConfigStore oldConfig = oldinst.getConfigStore(); String[] oldConfigParms = oldinst.getConfigParams(); @@ -1401,7 +1486,7 @@ public class AuthAdminServlet extends AdminServlet { // implName is always required so always include it it. saveParams.add(IAuthSubsystem.PROP_PLUGIN, - (String) oldConfig.get(IAuthSubsystem.PROP_PLUGIN)); + (String) oldConfig.get(IAuthSubsystem.PROP_PLUGIN)); if (oldConfigParms != null) { for (int i = 0; i < oldConfigParms.length; i++) { String key = oldConfigParms[i]; @@ -1417,9 +1502,10 @@ public class AuthAdminServlet extends AdminServlet { // remove old substore. - IConfigStore destStore = mConfig - .getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); instancesConfig.removeSubStore(id); @@ -1447,56 +1533,52 @@ public class AuthAdminServlet extends AdminServlet { IAuthManager newMgrInst = null; try { - newMgrInst = (IAuthManager) Class.forName(className) - .newInstance(); + newMgrInst = (IAuthManager) Class.forName(className).newInstance(); } catch (ClassNotFoundException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // cleanup restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (InstantiationException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } @@ -1507,8 +1589,10 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1518,22 +1602,25 @@ public class AuthAdminServlet extends AdminServlet { return; } - // initialized ok. commiting + // initialized ok. commiting try { mConfig.commit(true); } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // clean up. restore(instancesConfig, id, saveParams); - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -1541,14 +1628,17 @@ public class AuthAdminServlet extends AdminServlet { mAuths.add(id, newMgrInst); - mAuths.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_REPL", id)); + mAuths.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_REPL", id)); NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1556,8 +1646,11 @@ public class AuthAdminServlet extends AdminServlet { return; } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1565,31 +1658,34 @@ public class AuthAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } // convenience routine. - private static void restore(IConfigStore store, String id, - NameValuePairs saveParams) { + private static void restore(IConfigStore store, + String id, NameValuePairs saveParams) { store.removeSubStore(id); IConfigStore rstore = store.makeSubStore(id); @@ -1599,7 +1695,7 @@ public class AuthAdminServlet extends AdminServlet { String key = (String) keys.nextElement(); String value = saveParams.getValue(key); - if (value != null) + if (value != null) rstore.put(key, value); } } |