diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java | 1074 |
1 files changed, 489 insertions, 585 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java index ff9b99115..9945171fd 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; - import java.io.IOException; import java.util.Enumeration; import java.util.Locale; @@ -46,13 +45,12 @@ import com.netscape.certsrv.common.ScopeDef; import com.netscape.certsrv.ldap.ILdapAuthInfo; import com.netscape.certsrv.logging.ILogger; - /** - * A class representing an administration servlet for the - * Authentication Management subsystem. This servlet is responsible - * to serve configuration requests for the Auths Management subsystem. + * A class representing an administration servlet for the Authentication + * Management subsystem. This servlet is responsible to serve configuration + * requests for the Auths Management subsystem. + * * - * * @version $Revision$, $Date$ */ public class AuthAdminServlet extends AdminServlet { @@ -64,13 +62,11 @@ public class AuthAdminServlet extends AdminServlet { private final static String INFO = "AuthAdminServlet"; private IAuthSubsystem mAuths = null; - private final static String PW_PASSWORD_CACHE_ADD = - "PASSWORD_CACHE_ADD"; + private final static String PW_PASSWORD_CACHE_ADD = "PASSWORD_CACHE_ADD"; private final static String VIEW = ";" + Constants.VIEW; private final static String EDIT = ";" + Constants.EDIT; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_AUTH = - "LOGGING_SIGNED_AUDIT_CONFIG_AUTH_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_AUTH = "LOGGING_SIGNED_AUDIT_CONFIG_AUTH_3"; public AuthAdminServlet() { super(); @@ -88,19 +84,19 @@ public class AuthAdminServlet extends AdminServlet { /** * Returns serlvet information. */ - public String getServletInfo() { - return INFO; + public String getServletInfo() { + return INFO; } /** - * retrieve extended plugin info such as brief description, type info - * from policy, authentication, - * need to add: listener, mapper and publishing plugins - * --- same as policy, should we move this into extendedpluginhelper? + * retrieve extended plugin info such as brief description, type info from + * policy, authentication, need to add: listener, mapper and publishing + * plugins --- same as policy, should we move this into + * extendedpluginhelper? */ private void getExtendedPluginInfo(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { String id = req.getParameter(Constants.RS_ID); @@ -109,13 +105,14 @@ public class AuthAdminServlet extends AdminServlet { String implType = id.substring(0, colon); String implName = id.substring(colon + 1); - NameValuePairs params = - getExtendedPluginInfo(getLocale(req), implType, implName); + NameValuePairs params = getExtendedPluginInfo(getLocale(req), implType, + implName); sendResponse(SUCCESS, null, params, resp); } - private NameValuePairs getExtendedPluginInfo(Locale locale, String implType, String implName) { + private NameValuePairs getExtendedPluginInfo(Locale locale, + String implType, String implName) { IExtendedPluginInfo ext_info = null; Object impl = null; @@ -131,7 +128,8 @@ public class AuthAdminServlet extends AdminServlet { if (ext_info == null) { nvps = new NameValuePairs(); } else { - nvps = convertStringArrayToNVPairs(ext_info.getExtendedPluginInfo(locale)); + nvps = convertStringArrayToNVPairs(ext_info + .getExtendedPluginInfo(locale)); } return nvps; @@ -142,42 +140,41 @@ public class AuthAdminServlet extends AdminServlet { * Serves HTTP admin request. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); String scope = req.getParameter(Constants.OP_SCOPE); String op = req.getParameter(Constants.OP_TYPE); if (op == null) { - //System.out.println("SRVLT_INVALID_PROTOCOL"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), - null, resp); + // System.out.println("SRVLT_INVALID_PROTOCOL"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); return; } // if it is not authentication, that means it is for CSC admin ping. // the best way to do is to define another protocol for ping and move // it to the generic servlet which is admin servlet. - if (!op.equals(OpDef.OP_AUTH)) { + if (!op.equals(OpDef.OP_AUTH)) { if (scope.equals(ScopeDef.SC_AUTH)) { String id = req.getParameter(Constants.RS_ID); // for CSC admin ping only - if (op.equals(OpDef.OP_READ) && - id.equals(Constants.RS_ID_CONFIG)) { + if (op.equals(OpDef.OP_READ) + && id.equals(Constants.RS_ID_CONFIG)) { - // no need to authenticate this. if we're alive, return true. + // no need to authenticate this. if we're alive, return + // true. NameValuePairs params = new NameValuePairs(); params.add(Constants.PR_PING, Constants.TRUE); sendResponse(SUCCESS, null, params, resp); return; } else { - //System.out.println("SRVLT_INVALID_OP_TYPE"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), - null, resp); + // System.out.println("SRVLT_INVALID_OP_TYPE"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), null, resp); return; } } @@ -186,7 +183,7 @@ public class AuthAdminServlet extends AdminServlet { try { if (op.equals(OpDef.OP_AUTH)) { if (scope.equals(ScopeDef.SC_AUTHTYPE)) { - IConfigStore configStore = CMS.getConfigStore(); + IConfigStore configStore = CMS.getConfigStore(); String val = configStore.getString("authType", "pwd"); NameValuePairs params = new NameValuePairs(); @@ -196,11 +193,11 @@ public class AuthAdminServlet extends AdminServlet { } } } catch (Exception e) { - sendResponse(ERROR,CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHS_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); return; } - // for the rest + // for the rest try { super.authenticate(req); if (op.equals(OpDef.OP_AUTH)) { // for admin authentication only @@ -208,9 +205,9 @@ public class AuthAdminServlet extends AdminServlet { return; } } catch (IOException e) { - //System.out.println("SRVLT_FAIL_AUTHS"); - sendResponse(ERROR,CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHS_FAILED"), - null, resp); + // System.out.println("SRVLT_FAIL_AUTHS"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); return; } @@ -222,24 +219,24 @@ public class AuthAdminServlet extends AdminServlet { try { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage( + getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } getExtendedPluginInfo(req, resp); return; } catch (EBaseException e) { - sendResponse(ERROR, e.toString(getLocale(req)), null, resp); + sendResponse(ERROR, e.toString(getLocale(req)), null, + resp); return; } } if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -249,17 +246,15 @@ public class AuthAdminServlet extends AdminServlet { listAuthMgrInsts(req, resp); return; } else { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); return; } } else if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -269,17 +264,15 @@ public class AuthAdminServlet extends AdminServlet { getInstConfig(req, resp); return; } else { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); return; } } else if (op.equals(OpDef.OP_ADD)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -289,17 +282,15 @@ public class AuthAdminServlet extends AdminServlet { addAuthMgrInst(req, resp, scope); return; } else { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); return; } } else if (op.equals(OpDef.OP_DELETE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -309,17 +300,15 @@ public class AuthAdminServlet extends AdminServlet { delAuthMgrInst(req, resp, scope); return; } else { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); return; } } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_MGR_INSTANCE)) { @@ -327,19 +316,17 @@ public class AuthAdminServlet extends AdminServlet { return; } } else { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); return; } - } + } } catch (EBaseException e) { sendResponse(ERROR, e.toString(getLocale(req)), null, resp); return; - } - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_PERFORM_FAILED"), - null, resp); + } + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_PERFORM_FAILED"), null, resp); return; } @@ -356,22 +343,23 @@ public class AuthAdminServlet extends AdminServlet { /** * Add authentication manager plug-in * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addAuthMgrPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) - throws ServletException, IOException, EBaseException { + private synchronized void addAuthMgrPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -384,33 +372,30 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - //System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + // System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } // is the manager id unique? if (mAuths.getPlugins().containsKey((Object) id)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)) + .toString(), null, resp); return; } @@ -419,39 +404,36 @@ public class AuthAdminServlet extends AdminServlet { if (classPath == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_NULL_AUTHMGR_CLASSNAME"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_NULL_AUTHMGR_CLASSNAME"), null, + resp); return; } - if (classPath.equals("com.netscape.cmscore.authentication.PasswdUserDBAuthentication") || - classPath.equals("com.netscape.cmscore.authentication.CertUserDBAuthentication")) { + if (classPath + .equals("com.netscape.cmscore.authentication.PasswdUserDBAuthentication") + || classPath + .equals("com.netscape.cmscore.authentication.CertUserDBAuthentication")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_BASE_PERMISSION_DENIED"), null, resp); return; } - IConfigStore destStore = - mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = - destStore.getSubStore(scope); + IConfigStore destStore = mConfig + .getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = destStore.getSubStore(scope); // Does the class exist? Class newImpl = null; @@ -461,30 +443,26 @@ public class AuthAdminServlet extends AdminServlet { } catch (ClassNotFoundException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), null, + resp); return; } catch (IllegalArgumentException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), null, + resp); return; } @@ -493,31 +471,26 @@ public class AuthAdminServlet extends AdminServlet { if (IAuthManager.class.isAssignableFrom(newImpl) == false) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_ILL_CLASS"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_ILL_CLASS"), null, resp); return; } - } catch (NullPointerException e) { // unlikely, only if newImpl null. + } catch (NullPointerException e) { // unlikely, only if newImpl + // null. // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_ILL_CLASS"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_ILL_CLASS"), null, resp); return; } @@ -531,17 +504,14 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - //System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), - null, resp); + // System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); return; } @@ -549,80 +519,75 @@ public class AuthAdminServlet extends AdminServlet { AuthMgrPlugin plugin = new AuthMgrPlugin(id, classPath); mAuths.getPlugins().put(id, plugin); - mAuths.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_PLUGIN_ADD", id)); + mAuths.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_PLUGIN_ADD", id)); NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.SUCCESS, auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Add authentication manager instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addAuthMgrInst(HttpServletRequest req, - HttpServletResponse resp, String scope) - throws ServletException, IOException, EBaseException { + private synchronized void addAuthMgrInst(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -635,16 +600,13 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } @@ -652,16 +614,13 @@ public class AuthAdminServlet extends AdminServlet { if (mAuths.getInstances().containsKey((Object) id)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_ILL_MGR_INST_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_ILL_MGR_INST_ID"), null, resp); return; } @@ -673,43 +632,41 @@ public class AuthAdminServlet extends AdminServlet { if (implname == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_MISSING_PARAMS"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_MISSING_PARAMS"), null, resp); return; } // prevent agent & admin creation. - if (implname.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) || - implname.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (implname.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) + || implname.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_BASE_PERMISSION_DENIED"), null, resp); } // check if implementation exists. - AuthMgrPlugin plugin = - (AuthMgrPlugin) mAuths.getPlugins().get(implname); + AuthMgrPlugin plugin = (AuthMgrPlugin) mAuths.getPlugins().get( + implname); if (plugin == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - new EAuthMgrPluginNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", implname)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthMgrPluginNotFound(CMS.getUserMessage( + getLocale(req), + "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", + implname)).toString(), null, resp); return; } @@ -718,10 +675,9 @@ public class AuthAdminServlet extends AdminServlet { // are there, but not checking the values are valid String[] configParams = mAuths.getConfigParams(implname); - IConfigStore destStore = - mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = - destStore.getSubStore(scope); + IConfigStore destStore = mConfig + .getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = destStore.getSubStore(scope); IConfigStore substore = instancesConfig.makeSubStore(id); if (configParams != null) { @@ -747,52 +703,56 @@ public class AuthAdminServlet extends AdminServlet { IAuthManager authMgrInst = null; try { - authMgrInst = (IAuthManager) Class.forName(className).newInstance(); + authMgrInst = (IAuthManager) Class.forName(className) + .newInstance(); } catch (ClassNotFoundException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); // cleanup instancesConfig.removeSubStore(id); - sendResponse(ERROR, - new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthException(CMS + .getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", + className)).toString(), null, resp); return; } catch (InstantiationException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); instancesConfig.removeSubStore(id); - sendResponse(ERROR, - new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthException(CMS + .getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", + className)).toString(), null, resp); return; } catch (IllegalAccessException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); instancesConfig.removeSubStore(id); - sendResponse(ERROR, - new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthException(CMS + .getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", + className)).toString(), null, resp); return; } @@ -802,10 +762,8 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); @@ -821,37 +779,31 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); // clean up. instancesConfig.removeSubStore(id); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); return; } // inited and commited ok. now add manager instance to list. mAuths.add(id, authMgrInst); - mAuths.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_ADD", id)); + mAuths.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_ADD", id)); NameValuePairs params = new NameValuePairs(); params.add(Constants.PR_AUTH_IMPL_NAME, implname); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.SUCCESS, auditParams(req)); audit(auditMessage); @@ -859,11 +811,8 @@ public class AuthAdminServlet extends AdminServlet { return; } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); @@ -871,42 +820,38 @@ public class AuthAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } - private synchronized void listAuthMgrPlugins(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void listAuthMgrPlugins(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = mAuths.getPlugins().keys(); while (e.hasMoreElements()) { String name = (String) e.nextElement(); - AuthMgrPlugin value = (AuthMgrPlugin) - mAuths.getPlugins().get(name); + AuthMgrPlugin value = (AuthMgrPlugin) mAuths.getPlugins().get(name); if (value.isVisible()) { params.add(name, value.getClassPath() + EDIT); @@ -916,16 +861,16 @@ public class AuthAdminServlet extends AdminServlet { return; } - private synchronized void listAuthMgrInsts(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void listAuthMgrInsts(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { NameValuePairs params = new NameValuePairs(); - for (Enumeration e = mAuths.getInstances().keys(); - e.hasMoreElements();) { + for (Enumeration e = mAuths.getInstances().keys(); e.hasMoreElements();) { String name = (String) e.nextElement(); - AuthManagerProxy proxy = (AuthManagerProxy) mAuths.getInstances().get(name); + AuthManagerProxy proxy = (AuthManagerProxy) mAuths.getInstances() + .get(name); IAuthManager value = proxy.getAuthManager(); String enableStr = "enabled"; @@ -933,11 +878,12 @@ public class AuthAdminServlet extends AdminServlet { enableStr = "disabled"; } - AuthMgrPlugin amgrplugin = (AuthMgrPlugin) - mAuths.getPlugins().get(value.getImplName()); + AuthMgrPlugin amgrplugin = (AuthMgrPlugin) mAuths.getPlugins().get( + value.getImplName()); if (!amgrplugin.isVisible()) { - params.add(name, value.getImplName() + ";invisible;" + enableStr); + params.add(name, value.getImplName() + ";invisible;" + + enableStr); } else { params.add(name, value.getImplName() + ";visible;" + enableStr); } @@ -949,21 +895,22 @@ public class AuthAdminServlet extends AdminServlet { /** * Delete authentication manager plug-in * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void delAuthMgrPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, + private synchronized void delAuthMgrPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, IOException, EBaseException { String auditMessage = null; @@ -978,74 +925,69 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - //System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + // System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } // prevent deletion of admin and agent. - if (id.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) || - id.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (id.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) + || id.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_BASE_PERMISSION_DENIED"), null, resp); } // does auth manager exist? if (mAuths.getPlugins().containsKey(id) == false) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - new EAuthMgrPluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthMgrPluginNotFound(CMS.getUserMessage( + getLocale(req), + "CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)) + .toString(), null, resp); return; } // first check if any instances from this auth manager // DON'T remove auth manager if any instance - for (Enumeration e = mAuths.getInstances().keys(); - e.hasMoreElements();) { - IAuthManager authMgr = (IAuthManager) mAuths.get((String) e.nextElement()); + for (Enumeration e = mAuths.getInstances().keys(); e + .hasMoreElements();) { + IAuthManager authMgr = (IAuthManager) mAuths.get((String) e + .nextElement()); if (authMgr.getImplName() == id) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_MGR_IN_USE"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_MGR_IN_USE"), null, resp); return; } } - + // then delete this auth manager mAuths.getPlugins().remove((Object) id); - IConfigStore destStore = - mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = - destStore.getSubStore(scope); + IConfigStore destStore = mConfig + .getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = destStore.getSubStore(scope); instancesConfig.removeSubStore(id); // commiting @@ -1054,87 +996,79 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); return; } // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.SUCCESS, auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } } /** * Delete authentication manager instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void delAuthMgrInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, + private synchronized void delAuthMgrInst(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, IOException, EBaseException { String auditMessage = null; @@ -1149,56 +1083,52 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - //System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + // System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } // prevent deletion of admin and agent. - if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) || - id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) + || id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_BASE_PERMISSION_DENIED"), null, resp); } // does auth manager instance exist? if (mAuths.getInstances().containsKey(id) == false) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)) + .toString(), null, resp); return; } // only remove from memory // cannot shutdown because we don't keep track of whether it's - // being used. + // being used. IAuthManager mgrInst = (IAuthManager) mAuths.get(id); mAuths.getInstances().remove((Object) id); // remove the configuration. - IConfigStore destStore = - mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = - destStore.getSubStore(scope); + IConfigStore destStore = mConfig + .getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = destStore.getSubStore(scope); instancesConfig.removeSubStore(id); // commiting @@ -1207,96 +1137,85 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - //System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), - null, resp); + // System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); return; } - //This only works in the fact that we only support one instance per - //auth plugin. + // This only works in the fact that we only support one instance per + // auth plugin. ILdapAuthInfo authInfo = CMS.getLdapAuthInfo(); authInfo.removePassword("Rule " + id); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.SUCCESS, auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** - * used for getting the required configuration parameters (with - * possible default values) for a particular auth manager plugin - * implementation name specified in the RS_ID. Actually, there is - * no logic in here to set any default value here...there's no - * default value for any parameter in this authentication subsystem - * at this point. Later, if we do have one (or some), it can be - * added. The interface remains the same. + * used for getting the required configuration parameters (with possible + * default values) for a particular auth manager plugin implementation name + * specified in the RS_ID. Actually, there is no logic in here to set any + * default value here...there's no default value for any parameter in this + * authentication subsystem at this point. Later, if we do have one (or + * some), it can be added. The interface remains the same. */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private synchronized void getConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { String implname = req.getParameter(Constants.RS_ID); if (implname == null) { - //System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + // System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } @@ -1314,25 +1233,26 @@ public class AuthAdminServlet extends AdminServlet { return; } - private synchronized void getInstConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void getInstConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - //System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + // System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } // does auth manager instance exist? if (mAuths.getInstances().containsKey(id) == false) { - sendResponse(ERROR, - new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)) + .toString(), null, resp); return; } @@ -1361,29 +1281,29 @@ public class AuthAdminServlet extends AdminServlet { } /** - * Modify authentication manager instance - * This will actually create a new instance with new configuration - * parameters and replace the old instance if the new instance is - * created and initialized successfully. - * The old instance is left running, so this is very expensive. - * Restart of server recommended. + * Modify authentication manager instance This will actually create a new + * instance with new configuration parameters and replace the old instance + * if the new instance is created and initialized successfully. The old + * instance is left running, so this is very expensive. Restart of server + * recommended. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modAuthMgrInst(HttpServletRequest req, - HttpServletResponse resp, String scope) - throws ServletException, IOException, EBaseException { + private synchronized void modAuthMgrInst(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, + IOException, EBaseException { // expensive operation. @@ -1398,41 +1318,37 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - //System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + // System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } // prevent modification of admin and agent. - if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) || - id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) + || id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_BASE_PERMISSION_DENIED"), null, resp); } // Does the manager instance exist? if (!mAuths.getInstances().containsKey((Object) id)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage("CMS_AUTHENTICATION_MGR_IMPL_NOT_FOUND"), - null, resp); + sendResponse( + ERROR, + CMS.getUserMessage("CMS_AUTHENTICATION_MGR_IMPL_NOT_FOUND"), + null, resp); return; } @@ -1442,43 +1358,42 @@ public class AuthAdminServlet extends AdminServlet { if (implname == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage("CMS_AUTHENTICATION_MISSING_PARAMS"), - null, resp); + sendResponse( + ERROR, + CMS.getUserMessage("CMS_AUTHENTICATION_MISSING_PARAMS"), + null, resp); return; } - // get plugin for implementation - AuthMgrPlugin plugin = - (AuthMgrPlugin) mAuths.getPlugins().get(implname); + // get plugin for implementation + AuthMgrPlugin plugin = (AuthMgrPlugin) mAuths.getPlugins().get( + implname); if (plugin == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - new EAuthMgrPluginNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", implname)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthMgrPluginNotFound(CMS.getUserMessage( + getLocale(req), + "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", + implname)).toString(), null, resp); return; } - // save old instance substore params in case new one fails. + // save old instance substore params in case new one fails. - IAuthManager oldinst = - (IAuthManager) mAuths.get(id); + IAuthManager oldinst = (IAuthManager) mAuths.get(id); IConfigStore oldConfig = oldinst.getConfigStore(); String[] oldConfigParms = oldinst.getConfigParams(); @@ -1486,7 +1401,7 @@ public class AuthAdminServlet extends AdminServlet { // implName is always required so always include it it. saveParams.add(IAuthSubsystem.PROP_PLUGIN, - (String) oldConfig.get(IAuthSubsystem.PROP_PLUGIN)); + (String) oldConfig.get(IAuthSubsystem.PROP_PLUGIN)); if (oldConfigParms != null) { for (int i = 0; i < oldConfigParms.length; i++) { String key = oldConfigParms[i]; @@ -1502,10 +1417,9 @@ public class AuthAdminServlet extends AdminServlet { // remove old substore. - IConfigStore destStore = - mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = - destStore.getSubStore(scope); + IConfigStore destStore = mConfig + .getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = destStore.getSubStore(scope); instancesConfig.removeSubStore(id); @@ -1533,52 +1447,56 @@ public class AuthAdminServlet extends AdminServlet { IAuthManager newMgrInst = null; try { - newMgrInst = (IAuthManager) Class.forName(className).newInstance(); + newMgrInst = (IAuthManager) Class.forName(className) + .newInstance(); } catch (ClassNotFoundException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); // cleanup restore(instancesConfig, id, saveParams); - sendResponse(ERROR, - new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthException(CMS + .getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", + className)).toString(), null, resp); return; } catch (InstantiationException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); restore(instancesConfig, id, saveParams); - sendResponse(ERROR, - new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthException(CMS + .getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", + className)).toString(), null, resp); return; } catch (IllegalAccessException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); restore(instancesConfig, id, saveParams); - sendResponse(ERROR, - new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), - null, resp); + sendResponse( + ERROR, + new EAuthException(CMS + .getUserMessage(getLocale(req), + "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", + className)).toString(), null, resp); return; } @@ -1589,10 +1507,8 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); @@ -1602,25 +1518,22 @@ public class AuthAdminServlet extends AdminServlet { return; } - // initialized ok. commiting + // initialized ok. commiting try { mConfig.commit(true); } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); // clean up. restore(instancesConfig, id, saveParams); - //System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), - null, resp); + // System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); return; } @@ -1628,17 +1541,14 @@ public class AuthAdminServlet extends AdminServlet { mAuths.add(id, newMgrInst); - mAuths.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_REPL", id)); + mAuths.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_REPL", id)); NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.SUCCESS, auditParams(req)); audit(auditMessage); @@ -1646,11 +1556,8 @@ public class AuthAdminServlet extends AdminServlet { return; } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); @@ -1658,34 +1565,31 @@ public class AuthAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } // convenience routine. - private static void restore(IConfigStore store, - String id, NameValuePairs saveParams) { + private static void restore(IConfigStore store, String id, + NameValuePairs saveParams) { store.removeSubStore(id); IConfigStore rstore = store.makeSubStore(id); @@ -1695,7 +1599,7 @@ public class AuthAdminServlet extends AdminServlet { String key = (String) keys.nextElement(); String value = saveParams.getValue(key); - if (value != null) + if (value != null) rstore.put(key, value); } } |