summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java2682
1 files changed, 0 insertions, 2682 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
deleted file mode 100644
index 94235f532..000000000
--- a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java
+++ /dev/null
@@ -1,2682 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.admin;
-
-import java.io.File;
-import java.io.IOException;
-import java.util.Enumeration;
-import java.util.StringTokenizer;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.authority.IAuthority;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.base.ISubsystem;
-import com.netscape.certsrv.common.Constants;
-import com.netscape.certsrv.common.NameValuePairs;
-import com.netscape.certsrv.common.OpDef;
-import com.netscape.certsrv.common.ScopeDef;
-import com.netscape.certsrv.logging.ILogger;
-import com.netscape.certsrv.profile.EProfileException;
-import com.netscape.certsrv.profile.IPolicyConstraint;
-import com.netscape.certsrv.profile.IPolicyDefault;
-import com.netscape.certsrv.profile.IProfile;
-import com.netscape.certsrv.profile.IProfileEx;
-import com.netscape.certsrv.profile.IProfileInput;
-import com.netscape.certsrv.profile.IProfileOutput;
-import com.netscape.certsrv.profile.IProfilePolicy;
-import com.netscape.certsrv.profile.IProfileSubsystem;
-import com.netscape.certsrv.property.EPropertyException;
-import com.netscape.certsrv.property.IDescriptor;
-import com.netscape.certsrv.registry.IPluginInfo;
-import com.netscape.certsrv.registry.IPluginRegistry;
-import com.netscape.cms.profile.common.ProfilePolicy;
-
-/**
- * This class is an administration servlet for policy management.
- *
- * Each service (CA, KRA, RA) should be responsible
- * for registering an instance of this with the remote
- * administration subsystem.
- *
- * @version $Revision$, $Date$
- */
-public class ProfileAdminServlet extends AdminServlet {
- /**
- *
- */
- private static final long serialVersionUID = 4828203666899891742L;
-
- public final static String PROP_AUTHORITY = "authority";
-
- private final static String INFO = "ProfileAdminServlet";
- private final static String PW_PASSWORD_CACHE_ADD =
- "PASSWORD_CACHE_ADD";
-
- public final static String PROP_PREDICATE = "predicate";
- private IAuthority mAuthority = null;
- private IPluginRegistry mRegistry = null;
- private IProfileSubsystem mProfileSub = null;
-
- // These will be moved to PolicyResources
- public static String INVALID_POLICY_SCOPE = "Invalid policy administration scope";
- public static String INVALID_POLICY_IMPL_OP = "Invalid operation for policy implementation management";
- public static String NYI = "Not Yet Implemented";
- public static String INVALID_POLICY_IMPL_CONFIG = "Invalid policy implementation configuration";
- public static String INVALID_POLICY_INSTANCE_CONFIG = "Invalid policy instance configuration";
- public static String MISSING_POLICY_IMPL_ID = "Missing policy impl id in request";
- public static String MISSING_POLICY_IMPL_CLASS = "Missing policy impl class in request";
- public static String INVALID_POLICY_IMPL_ID = "Invalid policy impl id in request";
- public static String MISSING_POLICY_INST_ID = "Missing policy id in request";
- public static String POLICY_INST_ID_ALREADY_USED = "policy id already used";
- public static String INVALID_POLICY_INST_ID = "Invalid policy id in request";
- public static String COMMA = ",";
- public static String MISSING_POLICY_ORDERING = "Missing policy ordering";
- public static String BAD_CONFIGURATION_VAL = "Invalid configuration value.";
-
- private final static String LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE =
- "LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE_3";
-
- /**
- * Constructs administration servlet.
- */
- public ProfileAdminServlet() {
- super();
- }
-
- /**
- * Initializes this servlet.
- */
- public void init(ServletConfig config) throws ServletException {
- super.init(config);
- String authority = config.getInitParameter(PROP_AUTHORITY);
-
- if (authority != null)
- mAuthority = (IAuthority) CMS.getSubsystem(authority);
- mRegistry = (IPluginRegistry) CMS.getSubsystem(CMS.SUBSYSTEM_REGISTRY);
- mProfileSub = (IProfileSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_PROFILE);
- }
-
- /**
- * Returns serlvet information.
- */
- public String getServletInfo() {
- return INFO;
- }
-
- /**
- * Serves HTTP admin request.
- */
- public void service(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- super.service(req, resp);
-
- super.authenticate(req);
-
- AUTHZ_RES_NAME = "certServer.profile.configuration";
- String scope = req.getParameter(Constants.OP_SCOPE);
-
- CMS.debug("ProfileAdminServlet: service scope: " + scope);
- if (scope.equals(ScopeDef.SC_PROFILE_RULES)) {
- processProfileRuleMgmt(req, resp);
- } else if (scope.equals(ScopeDef.SC_PROFILE_POLICIES)) {
- processProfilePolicy(req, resp);
- } else if (scope.equals(ScopeDef.SC_PROFILE_DEFAULT_POLICY)) {
- processPolicyDefaultConfig(req, resp);
- } else if (scope.equals(ScopeDef.SC_PROFILE_CONSTRAINT_POLICY)) {
- processPolicyConstraintConfig(req, resp);
- } else if (scope.equals(ScopeDef.SC_POLICY_IMPLS)) {
- processPolicyImplMgmt(req, resp);
- } else if (scope.equals(ScopeDef.SC_PROFILE_INPUT)) {
- processProfileInput(req, resp);
- } else if (scope.equals(ScopeDef.SC_PROFILE_OUTPUT)) {
- processProfileOutput(req, resp);
- } else if (scope.equals(ScopeDef.SC_PROFILE_INPUT_CONFIG)) {
- processProfileInputConfig(req, resp);
- } else if (scope.equals(ScopeDef.SC_PROFILE_OUTPUT_CONFIG)) {
- processProfileOutputConfig(req, resp);
- } else
- sendResponse(ERROR, INVALID_POLICY_SCOPE, null, resp);
- }
-
- private boolean readAuthorize(HttpServletRequest req,
- HttpServletResponse resp) throws IOException {
- mOp = "read";
- if ((mToken = super.authorize(req)) == null) {
- sendResponse(ERROR,
- CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"),
- null, resp);
- return false;
- }
- return true;
- }
-
- private boolean modifyAuthorize(HttpServletRequest req,
- HttpServletResponse resp) throws IOException {
- mOp = "modify";
- if ((mToken = super.authorize(req)) == null) {
- sendResponse(ERROR,
- CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"),
- null, resp);
- return false;
- }
- return true;
- }
-
- public void processProfilePolicy(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- // Get operation type
- String op = req.getParameter(Constants.OP_TYPE);
-
- if (op.equals(OpDef.OP_READ)) {
- if (!readAuthorize(req, resp))
- return;
- getProfilePolicy(req, resp);
- } else if (op.equals(OpDef.OP_ADD)) {
- if (!modifyAuthorize(req, resp))
- return;
- addProfilePolicy(req, resp);
- } else if (op.equals(OpDef.OP_DELETE)) {
- if (!modifyAuthorize(req, resp))
- return;
- deleteProfilePolicy(req, resp);
- }
- }
-
- public void processProfileInput(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- // Get operation type
- String op = req.getParameter(Constants.OP_TYPE);
-
- if (op.equals(OpDef.OP_READ)) {
- if (!readAuthorize(req, resp))
- return;
- getProfileInput(req, resp);
- } else if (op.equals(OpDef.OP_ADD)) {
- if (!modifyAuthorize(req, resp))
- return;
- addProfileInput(req, resp);
- } else if (op.equals(OpDef.OP_DELETE)) {
- if (!modifyAuthorize(req, resp))
- return;
- deleteProfileInput(req, resp);
- }
- }
-
- public void processProfileOutput(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- // Get operation type
- String op = req.getParameter(Constants.OP_TYPE);
-
- if (op.equals(OpDef.OP_READ)) {
- if (!readAuthorize(req, resp))
- return;
- getProfileOutput(req, resp);
- } else if (op.equals(OpDef.OP_ADD)) {
- if (!modifyAuthorize(req, resp))
- return;
- addProfileOutput(req, resp);
- } else if (op.equals(OpDef.OP_DELETE)) {
- if (!modifyAuthorize(req, resp))
- return;
- deleteProfileOutput(req, resp);
- }
- }
-
- public void processProfileInputConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- // Get operation type
- String op = req.getParameter(Constants.OP_TYPE);
-
- if (op.equals(OpDef.OP_READ)) {
- if (!readAuthorize(req, resp))
- return;
- getInputConfig(req, resp);
- } else if (op.equals(OpDef.OP_MODIFY)) {
- if (!modifyAuthorize(req, resp))
- return;
- modifyInputConfig(req, resp);
- }
- }
-
- public void processProfileOutputConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- // Get operation type
- String op = req.getParameter(Constants.OP_TYPE);
-
- if (op.equals(OpDef.OP_READ)) {
- if (!readAuthorize(req, resp))
- return;
- getOutputConfig(req, resp);
- } else if (op.equals(OpDef.OP_MODIFY)) {
- if (!modifyAuthorize(req, resp))
- return;
- modifyOutputConfig(req, resp);
- }
- }
-
- public void processPolicyDefaultConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- // Get operation type
- String op = req.getParameter(Constants.OP_TYPE);
-
- if (op.equals(OpDef.OP_READ)) {
- if (!readAuthorize(req, resp))
- return;
- getPolicyDefaultConfig(req, resp);
- } else if (op.equals(OpDef.OP_ADD)) {
- if (!modifyAuthorize(req, resp))
- return;
- addPolicyDefaultConfig(req, resp);
- } else if (op.equals(OpDef.OP_MODIFY)) {
- if (!modifyAuthorize(req, resp))
- return;
- modifyPolicyDefaultConfig(req, resp);
- }
- }
-
- public void processPolicyConstraintConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- // Get operation type
- String op = req.getParameter(Constants.OP_TYPE);
-
- CMS.debug("ProfileAdminServlet: processPolicyConstraintConfig op " + op);
- if (op.equals(OpDef.OP_READ)) {
- if (!readAuthorize(req, resp))
- return;
- getPolicyConstraintConfig(req, resp);
- } else if (op.equals(OpDef.OP_ADD)) {
- if (!modifyAuthorize(req, resp))
- return;
- addPolicyConstraintConfig(req, resp);
- } else if (op.equals(OpDef.OP_MODIFY)) {
- if (!modifyAuthorize(req, resp))
- return;
- modifyPolicyConstraintConfig(req, resp);
- }
- }
-
- /**
- * Process Policy Implementation Management.
- */
- public void processPolicyImplMgmt(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- // Get operation type
- String op = req.getParameter(Constants.OP_TYPE);
-
- if (op.equals(OpDef.OP_SEARCH)) {
- if (!readAuthorize(req, resp))
- return;
- listProfileImpls(req, resp);
- } else
- sendResponse(ERROR, INVALID_POLICY_IMPL_OP,
- null, resp);
- }
-
- public void processProfileRuleMgmt(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- // Get operation type
- String op = req.getParameter(Constants.OP_TYPE);
-
- if (op.equals(OpDef.OP_SEARCH)) {
- if (!readAuthorize(req, resp))
- return;
- listProfileInstances(req, resp);
- } else if (op.equals(OpDef.OP_DELETE)) {
- if (!modifyAuthorize(req, resp))
- return;
- deleteProfileInstance(req, resp);
- } else if (op.equals(OpDef.OP_READ)) {
- if (!readAuthorize(req, resp))
- return;
- getProfileInstanceConfig(req, resp);
- } else if (op.equals(OpDef.OP_ADD)) {
- if (!modifyAuthorize(req, resp))
- return;
- addProfileInstance(req, resp);
- } else if (op.equals(OpDef.OP_MODIFY)) {
- if (!modifyAuthorize(req, resp))
- return;
- modifyProfileInstance(req, resp);
- } else
- sendResponse(ERROR, INVALID_POLICY_IMPL_OP,
- null, resp);
- }
-
- /**
- * Lists all registered profile impementations
- */
- public void listProfileImpls(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
-
- Enumeration<String> impls = mRegistry.getIds("profile");
- NameValuePairs nvp = new NameValuePairs();
-
- while (impls.hasMoreElements()) {
- String id = (String) impls.nextElement();
- IPluginInfo info = mRegistry.getPluginInfo("profile", id);
-
- nvp.put(id, info.getClassName() + "," +
- info.getDescription(getLocale(req)));
- }
- sendResponse(SUCCESS, null, nvp, resp);
- }
-
- /**
- * Add policy profile
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void addProfilePolicy(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- CMS.debug("ProfileAdminServlet: in addProfilePolicy");
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String id = req.getParameter(Constants.RS_ID);
-
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String policyId = st.nextToken();
- String defImpl = st.nextToken();
- String conImpl = st.nextToken();
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- if (mProfileSub.isProfileEnable(profileId)) {
- sendResponse(ERROR,
- CMS.getUserMessage(getLocale(req),
- "CMS_PROFILE_CREATE_POLICY_FAILED",
- "Profile is currently enabled"),
- null, resp);
- return;
- }
-
- StringTokenizer ss = new StringTokenizer(policyId, ":");
- String setId = ss.nextToken();
- String pId = ss.nextToken();
-
- try {
- if (!isValidId(setId)) {
- sendResponse(ERROR,
- CMS.getUserMessage(getLocale(req),
- "CMS_PROFILE_CREATE_POLICY_FAILED",
- "Invalid set id " + setId),
- null, resp);
- return;
- }
- if (!isValidId(pId)) {
- sendResponse(ERROR,
- CMS.getUserMessage(getLocale(req),
- "CMS_PROFILE_CREATE_POLICY_FAILED",
- "Invalid policy id " + pId),
- null, resp);
- return;
- }
- profile.createProfilePolicy(setId, pId,
- defImpl, conImpl);
- } catch (EBaseException e1) {
- // error
- CMS.debug("ProfileAdminServlet: addProfilePolicy " +
- e1.toString());
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR,
- CMS.getUserMessage(getLocale(req), "CMS_PROFILE_CREATE_POLICY_FAILED",
- e1.toString()),
- null, resp);
- return;
- }
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Add profile input
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void addProfileInput(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String id = req.getParameter(Constants.RS_ID);
-
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String inputId = st.nextToken();
- String inputImpl = st.nextToken();
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- @SuppressWarnings("unchecked")
- Enumeration<String> names = req.getParameterNames();
- NameValuePairs nvps = new NameValuePairs();
-
- while (names.hasMoreElements()) {
- String name = names.nextElement();
-
- if (name.equals("OP_SCOPE"))
- continue;
- if (name.equals("OP_TYPE"))
- continue;
- if (name.equals("RS_ID"))
- continue;
- nvps.put(name, req.getParameter(name));
- }
-
- try {
- profile.createProfileInput(inputId, inputImpl, nvps);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
- sendResponse(ERROR,
- CMS.getUserMessage(getLocale(req), "CMS_PROFILE_CREATE_INPUT_FAILED",
- e1.toString()),
- null, resp);
-
- return;
- }
-
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Add profile output
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void addProfileOutput(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String id = req.getParameter(Constants.RS_ID);
-
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String outputId = st.nextToken();
- String outputImpl = st.nextToken();
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- @SuppressWarnings("unchecked")
- Enumeration<String> names = req.getParameterNames();
- NameValuePairs nvps = new NameValuePairs();
-
- while (names.hasMoreElements()) {
- String name = names.nextElement();
-
- if (name.equals("OP_SCOPE"))
- continue;
- if (name.equals("OP_TYPE"))
- continue;
- if (name.equals("RS_ID"))
- continue;
- nvps.put(name, req.getParameter(name));
- }
-
- try {
- profile.createProfileOutput(outputId, outputImpl,
- nvps);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
- sendResponse(ERROR,
- CMS.getUserMessage(getLocale(req), "CMS_PROFILE_CREATE_OUTPUT_FAILED",
- e1.toString()),
- null, resp);
-
- return;
- }
-
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Delete policy profile
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void deleteProfilePolicy(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String profileId = "";
- String policyId = "";
- @SuppressWarnings("unchecked")
- Enumeration<String> names = req.getParameterNames();
-
- while (names.hasMoreElements()) {
- String name = names.nextElement();
-
- if (name.equals("OP_SCOPE"))
- continue;
- if (name.equals("OP_TYPE"))
- continue;
- if (name.equals("RS_ID"))
- profileId = req.getParameter(name);
- if (name.equals("POLICYID"))
- policyId = req.getParameter(name);
- }
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- StringTokenizer ss = new StringTokenizer(policyId, ":");
- String setId = ss.nextToken();
- String pId = ss.nextToken();
-
- try {
- profile.deleteProfilePolicy(setId, pId);
- } catch (EBaseException e1) {
- CMS.debug("ProfileAdminServlet: " + e1.toString());
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Delete profile input
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void deleteProfileInput(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String profileId = "";
- String inputId = "";
- @SuppressWarnings("unchecked")
- Enumeration<String> names = req.getParameterNames();
-
- while (names.hasMoreElements()) {
- String name = names.nextElement();
-
- if (name.equals("OP_SCOPE"))
- continue;
- if (name.equals("OP_TYPE"))
- continue;
- if (name.equals("RS_ID"))
- profileId = req.getParameter(name);
- if (name.equals("INPUTID"))
- inputId = req.getParameter(name);
- }
- CMS.debug("ProfileAdminServlet: deleteProfileInput profileId -> " + profileId);
- CMS.debug("ProfileAdminServlet: deleteProfileInput inputId -> " + inputId);
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- CMS.debug("deleteProfileInput profile -> " + profile);
- try {
- profile.deleteProfileInput(inputId);
- } catch (EBaseException e1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Delete profile output
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void deleteProfileOutput(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String profileId = "";
- String outputId = "";
- @SuppressWarnings("unchecked")
- Enumeration<String> names = req.getParameterNames();
-
- while (names.hasMoreElements()) {
- String name = (String) names.nextElement();
-
- if (name.equals("OP_SCOPE"))
- continue;
- if (name.equals("OP_TYPE"))
- continue;
- if (name.equals("RS_ID"))
- profileId = req.getParameter(name);
- if (name.equals("OUTPUTID"))
- outputId = req.getParameter(name);
- }
- CMS.debug("ProfileAdminServlet: deleteProfileOutput profileId -> " + profileId);
- CMS.debug("ProfileAdminServlet: deleteProfileOutput outputId -> " + outputId);
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- CMS.debug("ProfileAdminServlet: deleteProfileOutput profile -> " + profile);
- try {
- profile.deleteProfileOutput(outputId);
- } catch (EBaseException e1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Add default policy profile configuration
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void addPolicyDefaultConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String id = req.getParameter(Constants.RS_ID);
-
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String policyId = st.nextToken();
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- StringTokenizer ss = new StringTokenizer(policyId, ":");
- String setId = ss.nextToken();
- String pId = ss.nextToken();
-
- IProfilePolicy policy = profile.getProfilePolicy(setId, pId);
- IPolicyDefault def = policy.getDefault();
-
- @SuppressWarnings("unchecked")
- Enumeration<String> names = req.getParameterNames();
-
- while (names.hasMoreElements()) {
- String name = (String) names.nextElement();
-
- if (name.equals("OP_SCOPE"))
- continue;
- if (name.equals("OP_TYPE"))
- continue;
- if (name.equals("RS_ID"))
- continue;
- try {
- def.setConfig(name, req.getParameter(name));
-
- } catch (EPropertyException e) {
-
- CMS.debug("ProfileAdminServlet: modifyPolicyDefConfig setConfig exception.");
- try {
- profile.deleteProfilePolicy(setId, pId);
- } catch (Exception e11) {
- }
- sendResponse(ERROR, BAD_CONFIGURATION_VAL, null, resp);
- return;
- }
- // defConfig.putString("params." + name, req.getParameter(name));
- }
- try {
- profile.getConfigStore().commit(false);
- } catch (Exception e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Add policy constraints profile configuration
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void addPolicyConstraintConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String id = req.getParameter(Constants.RS_ID);
-
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String policyId = st.nextToken();
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- StringTokenizer ss = new StringTokenizer(policyId, ":");
- String setId = ss.nextToken();
- String pId = ss.nextToken();
-
- IProfilePolicy policy = profile.getProfilePolicy(setId, pId);
- IPolicyConstraint con = policy.getConstraint();
-
- @SuppressWarnings("unchecked")
- Enumeration<String> names = req.getParameterNames();
-
- while (names.hasMoreElements()) {
- String name = names.nextElement();
-
- if (name.equals("OP_SCOPE"))
- continue;
- if (name.equals("OP_TYPE"))
- continue;
- if (name.equals("RS_ID"))
- continue;
-
- try {
- con.setConfig(name, req.getParameter(name));
-
- } catch (EPropertyException e) {
-
- CMS.debug("ProfileAdminServlet: addPolicyConstraintsConfig setConfig exception.");
- try {
- profile.deleteProfilePolicy(setId, pId);
- } catch (Exception e11) {
- }
- sendResponse(ERROR, BAD_CONFIGURATION_VAL, null, resp);
- return;
- }
- // conConfig.putString("params." + name, req.getParameter(name));
- }
- try {
- profile.getConfigStore().commit(false);
- } catch (Exception e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Modify default policy profile configuration
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void modifyPolicyDefaultConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String id = req.getParameter(Constants.RS_ID);
-
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String policyId = st.nextToken();
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- StringTokenizer ss = new StringTokenizer(policyId, ":");
- String setId = ss.nextToken();
- String pId = ss.nextToken();
- IProfilePolicy policy = profile.getProfilePolicy(setId, pId);
- IPolicyDefault def = policy.getDefault();
-
- @SuppressWarnings("unchecked")
- Enumeration<String> names = req.getParameterNames();
-
- while (names.hasMoreElements()) {
- String name = (String) names.nextElement();
-
- if (name.equals("OP_SCOPE"))
- continue;
- if (name.equals("OP_TYPE"))
- continue;
- if (name.equals("RS_ID"))
- continue;
- try {
- def.setConfig(name, req.getParameter(name));
-
- } catch (EPropertyException e) {
-
- CMS.debug("ProfileAdminServlet: modifyPolicyDefConfig setConfig exception.");
- sendResponse(ERROR, BAD_CONFIGURATION_VAL, null, resp);
- return;
- }
- // defConfig.putString("params." + name, req.getParameter(name));
- }
- try {
- profile.getConfigStore().commit(false);
- } catch (Exception e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Modify profile input configuration
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void modifyInputConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String id = req.getParameter(Constants.RS_ID);
-
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String inputId = st.nextToken();
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- IProfileInput input = profile.getProfileInput(inputId);
- IConfigStore inputConfig = input.getConfigStore();
-
- @SuppressWarnings("unchecked")
- Enumeration<String> names = req.getParameterNames();
-
- while (names.hasMoreElements()) {
- String name = (String) names.nextElement();
-
- if (name.equals("OP_SCOPE"))
- continue;
- if (name.equals("OP_TYPE"))
- continue;
- if (name.equals("RS_ID"))
- continue;
- inputConfig.putString("params." + name, req.getParameter(name));
- }
- try {
- profile.getConfigStore().commit(false);
- } catch (Exception e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Modify profile output configuration
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void modifyOutputConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String id = req.getParameter(Constants.RS_ID);
-
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String outputId = st.nextToken();
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- IProfileOutput output = profile.getProfileOutput(outputId);
- IConfigStore outputConfig = output.getConfigStore();
-
- @SuppressWarnings("unchecked")
- Enumeration<String> names = req.getParameterNames();
-
- while (names.hasMoreElements()) {
- String name = (String) names.nextElement();
-
- if (name.equals("OP_SCOPE"))
- continue;
- if (name.equals("OP_TYPE"))
- continue;
- if (name.equals("RS_ID"))
- continue;
- outputConfig.putString("params." + name,
- req.getParameter(name));
- }
- try {
- profile.getConfigStore().commit(false);
- } catch (Exception e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Modify policy constraints profile configuration
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void modifyPolicyConstraintConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- String id = req.getParameter(Constants.RS_ID);
-
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String policyId = st.nextToken();
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- StringTokenizer ss = new StringTokenizer(policyId, ":");
- String setId = ss.nextToken();
- String pId = ss.nextToken();
- IProfilePolicy policy = profile.getProfilePolicy(setId, pId);
- IPolicyConstraint con = policy.getConstraint();
-
- @SuppressWarnings("unchecked")
- Enumeration<String> names = req.getParameterNames();
-
- CMS.debug("ProfileAdminServlet: modifyPolicyConstraintConfig policy " + policy + " con " + con);
- while (names.hasMoreElements()) {
- String name = (String) names.nextElement();
-
- if (name.equals("OP_SCOPE"))
- continue;
- if (name.equals("OP_TYPE"))
- continue;
- if (name.equals("RS_ID"))
- continue;
-
- // CMS.debug("ProfileAdminServlet: modifyPolicyConstraintConfig name" + name + " val " + req.getParameter(name));
- try {
- con.setConfig(name, req.getParameter(name));
-
- } catch (EPropertyException e) {
-
- CMS.debug("ProfileAdminServlet: modifyPolicyConstraintsConfig setConfig exception.");
- sendResponse(ERROR, BAD_CONFIGURATION_VAL, null, resp);
- return;
- }
- //conConfig.putString("params." + name, req.getParameter(name));
- }
- try {
- profile.getConfigStore().commit(false);
- } catch (Exception e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- NameValuePairs nvp = new NameValuePairs();
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, nvp, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- public void getPolicyDefaultConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String id = req.getParameter(Constants.RS_ID);
-
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String policyId = st.nextToken();
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- CMS.debug("ProfileAdminServlet::getPolicyDefaultConfig() - " +
- "profile is null!");
- throw new ServletException(e1.toString());
- }
-
- IProfilePolicy policy = null;
- IPolicyDefault rule = null;
-
- StringTokenizer ss = new StringTokenizer(policyId, ":");
- String setId = ss.nextToken();
- String pId = ss.nextToken();
-
- policy = profile.getProfilePolicy(setId, pId);
- rule = policy.getDefault();
-
- NameValuePairs nvp = new NameValuePairs();
- Enumeration<String> names = rule.getConfigNames();
-
- while (names.hasMoreElements()) {
- String name = names.nextElement();
- IDescriptor desc = rule.getConfigDescriptor(getLocale(req), name);
-
- if (desc == null) {
- nvp.put(name, ";" + ";" + rule.getConfig(name));
- } else {
- nvp.put(name,
- desc.getSyntax()
- + ";" + ";" + getNonNull(desc.getConstraint()) + ";"
- + desc.getDescription(getLocale(req)) + ";" + rule.getConfig(name));
- }
- }
- sendResponse(SUCCESS, null, nvp, resp);
- }
-
- public void getPolicyConstraintConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String id = req.getParameter(Constants.RS_ID);
- String constraintsList = req.getParameter(Constants.PR_CONSTRAINTS_LIST);
-
- // this one gets called when one of the elements in the default list get
- // selected, then it returns the list of supported constraintsPolicy
- if (constraintsList != null) {
-
- }
-
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String policyId = st.nextToken();
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- CMS.debug("ProfileAdminServlet::getPolicyConstraintConfig() - " +
- "profile is null!");
- throw new ServletException(e1.toString());
- }
-
- StringTokenizer ss = new StringTokenizer(policyId, ":");
- String setId = ss.nextToken();
- String pId = ss.nextToken();
- IProfilePolicy policy = profile.getProfilePolicy(setId, pId);
- IPolicyConstraint rule = policy.getConstraint();
-
- NameValuePairs nvp = new NameValuePairs();
- Enumeration<String> names = rule.getConfigNames();
-
- while (names.hasMoreElements()) {
- String name = names.nextElement();
- IDescriptor desc = rule.getConfigDescriptor(getLocale(req), name);
-
- if (desc == null) {
- nvp.put(name, ";" + rule.getConfig(name));
- } else {
- nvp.put(name,
- desc.getSyntax()
- + ";" + getNonNull(desc.getConstraint()) + ";" + desc.getDescription(getLocale(req))
- + ";" + rule.getConfig(name));
- }
- }
- sendResponse(SUCCESS, null, nvp, resp);
- }
-
- public void getProfilePolicy(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String id = req.getParameter(Constants.RS_ID);
-
- // only allow profile retrival if it is disabled
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(id);
- } catch (EBaseException e1) {
- CMS.debug("ProfileAdminServlet::getProfilePolicy() - " +
- "profile is null!");
- throw new ServletException(e1.toString());
- }
-
- NameValuePairs nvp = new NameValuePairs();
- Enumeration<String> setIds = profile.getProfilePolicySetIds();
-
- if (!setIds.hasMoreElements()) {
- // no set id; this is a brand new profile
- sendResponse(SUCCESS, null, nvp, resp);
- return;
- }
- while (setIds.hasMoreElements()) {
- String setId = (String) setIds.nextElement();
- Enumeration<ProfilePolicy> policies = profile.getProfilePolicies(setId);
-
- while (policies.hasMoreElements()) {
- IProfilePolicy policy = (IProfilePolicy) policies.nextElement();
- IPolicyDefault def = policy.getDefault();
- IPolicyConstraint con = policy.getConstraint();
-
- nvp.put(setId + ":" + policy.getId(),
- def.getName(getLocale(req)) + ";" +
- con.getName(getLocale(req)));
- }
- }
-
- sendResponse(SUCCESS, null, nvp, resp);
- }
-
- public void getProfileOutput(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String id = req.getParameter(Constants.RS_ID);
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(id);
- } catch (EBaseException e1) {
- CMS.debug("ProfileAdminServlet::getProfileOutput() - " +
- "profile is null!");
- throw new ServletException(e1.toString());
- }
-
- NameValuePairs nvp = new NameValuePairs();
- Enumeration<String> outputs = profile.getProfileOutputIds();
-
- while (outputs.hasMoreElements()) {
- String outputId = (String) outputs.nextElement();
- IProfileOutput output = profile.getProfileOutput(outputId);
-
- nvp.put(outputId, output.getName(getLocale(req)));
- }
-
- sendResponse(SUCCESS, null, nvp, resp);
- }
-
- public void getProfileInput(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String id = req.getParameter(Constants.RS_ID);
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(id);
- } catch (EBaseException e1) {
- CMS.debug("ProfileAdminServlet::getProfileInput() - " +
- "profile is null!");
- throw new ServletException(e1.toString());
- }
-
- NameValuePairs nvp = new NameValuePairs();
- Enumeration<String> inputs = profile.getProfileInputIds();
-
- while (inputs.hasMoreElements()) {
- String inputId = (String) inputs.nextElement();
- IProfileInput input = profile.getProfileInput(inputId);
-
- nvp.put(inputId, input.getName(getLocale(req)));
- }
-
- sendResponse(SUCCESS, null, nvp, resp);
- }
-
- public void getInputConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
-
- String id = req.getParameter(Constants.RS_ID);
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String inputId = st.nextToken();
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- CMS.debug("ProfileAdminServlet::getInputConfig() - " +
- "profile is null!");
- throw new ServletException(e1.toString());
- }
-
- IProfileInput profileInput = null;
- NameValuePairs nvp = new NameValuePairs();
-
- profileInput = profile.getProfileInput(inputId);
- Enumeration<String> names = profileInput.getConfigNames();
-
- while (names.hasMoreElements()) {
- String name = names.nextElement();
- IDescriptor desc = profileInput.getConfigDescriptor(
- getLocale(req), name);
- if (desc == null) {
- nvp.put(name, ";" + ";" + profileInput.getConfig(name));
- } else {
- nvp.put(name, desc.getSyntax() + ";" +
- getNonNull(desc.getConstraint()) + ";" +
- desc.getDescription(getLocale(req)) + ";" +
- profileInput.getConfig(name));
- }
- }
-
- sendResponse(SUCCESS, null, nvp, resp);
- }
-
- public void getOutputConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
-
- String id = req.getParameter(Constants.RS_ID);
- StringTokenizer st = new StringTokenizer(id, ";");
- String profileId = st.nextToken();
- String outputId = st.nextToken();
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(profileId);
- } catch (EBaseException e1) {
- CMS.debug("ProfileAdminServlet::getOutputConfig() - " +
- "profile is null!");
- throw new ServletException(e1.toString());
- }
-
- IProfileOutput profileOutput = null;
- NameValuePairs nvp = new NameValuePairs();
-
- profileOutput = profile.getProfileOutput(outputId);
- Enumeration<String> names = profileOutput.getConfigNames();
-
- while (names.hasMoreElements()) {
- String name = names.nextElement();
- IDescriptor desc = profileOutput.getConfigDescriptor(
- getLocale(req), name);
- if (desc == null) {
- nvp.put(name, ";" + ";" + profileOutput.getConfig(name));
- } else {
- nvp.put(name, desc.getSyntax() + ";" +
- getNonNull(desc.getConstraint()) + ";" +
- desc.getDescription(getLocale(req)) + ";" +
- profileOutput.getConfig(name));
- }
- }
-
- sendResponse(SUCCESS, null, nvp, resp);
- }
-
- public void listProfileInstances(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
-
- NameValuePairs nvp = new NameValuePairs();
- Enumeration<String> e = mProfileSub.getProfileIds();
-
- while (e.hasMoreElements()) {
- String profileId = e.nextElement();
-
- String status = null;
-
- if (mProfileSub.isProfileEnable(profileId)) {
- status = "enabled";
- } else {
- status = "disabled";
- }
-
- // mInstanceId + ";visible;" + enabled
- nvp.put(profileId, profileId + ";visible;" + status);
- }
- sendResponse(SUCCESS, null, nvp, resp);
- }
-
- public void getProfileInstanceConfig(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
-
- String id = req.getParameter(Constants.RS_ID);
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(id);
- } catch (EBaseException e1) {
- CMS.debug("ProfileAdminServlet::getProfileInstanceConfig() - " +
- "profile is null!");
- throw new ServletException(e1.toString());
- }
-
- NameValuePairs nvp = new NameValuePairs();
-
- nvp.put("name", profile.getName(getLocale(req)));
- nvp.put("desc", profile.getDescription(getLocale(req)));
- nvp.put("visible", Boolean.toString(profile.isVisible()));
- nvp.put("enable", Boolean.toString(
- mProfileSub.isProfileEnable(id)));
-
- String authid = profile.getAuthenticatorId();
-
- if (authid == null) {
- nvp.put("auth", "");
- } else {
- nvp.put("auth", authid);
- }
- CMS.debug("ProfileAdminServlet: authid=" + authid);
- nvp.put("plugin", mProfileSub.getProfileClassId(id));
-
- sendResponse(SUCCESS, null, nvp, resp);
- }
-
- /**
- * Delete profile instance
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void deleteProfileInstance(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- // Get the policy impl id and class path.
- String id = req.getParameter(Constants.RS_ID);
-
- if (id == null) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, MISSING_POLICY_INST_ID, null, resp);
- return;
- }
-
- String config = null;
-
- ISubsystem subsystem = CMS.getSubsystem("ca");
- String subname = "ca";
-
- if (subsystem == null)
- subname = "ra";
-
- try {
- config = CMS.getConfigStore().getString("instanceRoot") +
- "/profiles/" + subname + "/" + id + ".cfg";
- } catch (EBaseException e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- try {
- mProfileSub.deleteProfile(id, config);
- } catch (EProfileException e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, CMS.getUserMessage(getLocale(req), e.toString(), id), null, resp);
- return;
- }
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, null, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- public void
- putUserPWPair(String combo) {
- int semicolon;
-
- semicolon = combo.indexOf(";");
- String user = combo.substring(0, semicolon);
- String pw = combo.substring(semicolon + 1);
-
- CMS.putPasswordCache(user, pw);
- }
-
- public boolean isValidId(String id) {
- for (int i = 0; i < id.length(); i++) {
- char c = id.charAt(i);
- if (!Character.isLetterOrDigit(c))
- return false;
- }
- return true;
- }
-
- /**
- * Add profile instance
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void addProfileInstance(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- // Get the policy impl id and class path.
- String id = req.getParameter(Constants.RS_ID);
-
- if (id == null || id.trim().equals("") || !isValidId(id)) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, MISSING_POLICY_INST_ID, null, resp);
- return;
- }
-
- // see if profile id already used
- IProfile p = null;
-
- try {
- p = mProfileSub.getProfile(id);
- } catch (EProfileException e1) {
- }
- if (p != null) {
- sendResponse(ERROR, POLICY_INST_ID_ALREADY_USED, null, resp);
- return;
- }
-
- String impl = req.getParameter("impl");
- String name = req.getParameter("name");
- String visible = req.getParameter("visible");
- String auth = req.getParameter("auth");
- String config = null;
-
- ISubsystem subsystem = CMS.getSubsystem("ca");
- String subname = "ca";
-
- if (subsystem == null)
- subname = "ra";
-
- try {
- config = CMS.getConfigStore().getString("instanceRoot") + "/profiles/" + subname + "/" + id + ".cfg";
- } catch (EBaseException e) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- IPluginInfo info = mRegistry.getPluginInfo("profile", impl);
-
- IProfile profile = null;
-
- // create configuration file
- File configFile = new File(config);
-
- configFile.createNewFile();
-
- // create profile
- try {
- profile = mProfileSub.createProfile(id, impl,
- info.getClassName(),
- config);
- profile.setName(getLocale(req), name);
- profile.setDescription(getLocale(req), name);
- if (visible != null && visible.equals("true")) {
- profile.setVisible(true);
- } else {
- profile.setVisible(false);
- }
- profile.setAuthenticatorId(auth);
- profile.getConfigStore().commit(false);
-
- mProfileSub.createProfileConfig(id, impl, config);
- if (profile instanceof IProfileEx) {
- // populates profile specific plugins such as
- // policies, inputs and outputs
- ((IProfileEx) profile).populate();
- }
- } catch (Exception e) {
- CMS.debug("ProfileAdminServlet: " + e.toString());
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(SUCCESS, null, null, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- /**
- * Modify profile instance
- * <P>
- *
- * <ul>
- * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings
- * and cert profile; obsoletes extensions and constraints policies)
- * </ul>
- *
- * @param req HTTP servlet request
- * @param resp HTTP servlet response
- * @exception ServletException a servlet error has occurred
- * @exception IOException an input/output error has occurred
- */
- public void modifyProfileInstance(HttpServletRequest req,
- HttpServletResponse resp)
- throws ServletException, IOException {
- String auditMessage = null;
- String auditSubjectID = auditSubjectID();
-
- // ensure that any low-level exceptions are reported
- // to the signed audit log and stored as failures
- try {
- // Get the policy impl id and class path.
- String id = req.getParameter(Constants.RS_ID);
-
- IProfile profile = null;
-
- try {
- profile = mProfileSub.getProfile(id);
- } catch (EBaseException e1) {
- // error
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- sendResponse(ERROR, null, null, resp);
- return;
- }
- String name = req.getParameter("name");
- String desc = req.getParameter("desc");
- String auth = req.getParameter("auth");
- String visible = req.getParameter("visible");
-
- // String config = req.getParameter("config");
-
- profile.setAuthenticatorId(auth);
- profile.setName(getLocale(req), name);
- profile.setDescription(getLocale(req), desc);
- if (visible != null && visible.equals("true")) {
- profile.setVisible(true);
- } else {
- profile.setVisible(false);
- }
-
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams(req));
-
- audit(auditMessage);
-
- try {
- profile.getConfigStore().commit(false);
- } catch (Exception e) {
- }
-
- sendResponse(SUCCESS, null, null, resp);
- } catch (IOException eAudit1) {
- // store a message in the signed audit log file
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams(req));
-
- audit(auditMessage);
-
- // rethrow the specific exception to be handled later
- throw eAudit1;
- // } catch( ServletException eAudit2 ) {
- // // store a message in the signed audit log file
- // auditMessage = CMS.getLogMessage(
- // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE,
- // auditSubjectID,
- // ILogger.FAILURE,
- // auditParams( req ) );
- //
- // audit( auditMessage );
- //
- // // rethrow the specific exception to be handled later
- // throw eAudit2;
- }
- }
-
- protected String getNonNull(String s) {
- if (s == null)
- return "";
- return s;
- }
-
-}
generated by cgit (git 2.34.1) at 2024-07-03 09:43:59 +0000