diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/cert/RemoteAuthConfig.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/cert/RemoteAuthConfig.java | 146 |
1 files changed, 67 insertions, 79 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/RemoteAuthConfig.java b/pki/base/common/src/com/netscape/cms/servlet/cert/RemoteAuthConfig.java index fc81c70c7..9c414b9cb 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/RemoteAuthConfig.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/RemoteAuthConfig.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.cert; + import java.io.IOException; import java.util.Calendar; import java.util.Date; @@ -53,6 +54,7 @@ import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.common.CMSTemplateParams; import com.netscape.cms.servlet.common.ECMSGWException; + /** * Allow agent to turn on/off authentication managers * @@ -87,11 +89,11 @@ public class RemoteAuthConfig extends CMSServlet { /** * Initializes the servlet. - * - * Presence of "auths.enableRemoteConfiguration=true" in CMS.cfg enables - * remote configuration for authentication plugins. List of remotely set - * instances can be found in CMS.cfg at - * "auths.remotelySetInstances=<name1>,<name2>,...,<nameN>" + * + * Presence of "auths.enableRemoteConfiguration=true" in CMS.cfg + * enables remote configuration for authentication plugins. + * List of remotely set instances can be found in CMS.cfg + * at "auths.remotelySetInstances=<name1>,<name2>,...,<nameN>" */ public void init(ServletConfig sc) throws ServletException { super.init(sc); @@ -100,11 +102,9 @@ public class RemoteAuthConfig extends CMSServlet { mFileConfig = CMS.getConfigStore(); mAuthConfig = mFileConfig.getSubStore("auths"); try { - mEnableRemoteConfiguration = mAuthConfig.getBoolean( - ENABLE_REMOTE_CONFIG, false); + mEnableRemoteConfiguration = mAuthConfig.getBoolean(ENABLE_REMOTE_CONFIG, false); } catch (EBaseException eb) { - // Thanks to design of getBoolean we have to catch but we will never - // get anything. + // Thanks to design of getBoolean we have to catch but we will never get anything. } String remoteList = null; @@ -112,8 +112,7 @@ public class RemoteAuthConfig extends CMSServlet { try { remoteList = mAuthConfig.getString(REMOTELY_SET_INSTANCES, null); } catch (EBaseException eb) { - // Thanks to design of getString we have to catch but we will never - // get anything. + // Thanks to design of getString we have to catch but we will never get anything. } if (remoteList != null) { StringTokenizer s = new StringTokenizer(remoteList, ","); @@ -134,10 +133,16 @@ public class RemoteAuthConfig extends CMSServlet { /** * Serves HTTPS request. The format of this request is as follows: - * https://host:ee-port/remoteAuthConfig? op="add"|"delete"& - * instance=<instanceName>& of=<authPluginName>& host=<hostName>& - * port=<portNumber>& password=<password>& [adminDN=<adminDN>]& [uid=<uid>]& - * [baseDN=<baseDN>] + * https://host:ee-port/remoteAuthConfig? + * op="add"|"delete"& + * instance=<instanceName>& + * of=<authPluginName>& + * host=<hostName>& + * port=<portNumber>& + * password=<password>& + * [adminDN=<adminDN>]& + * [uid=<uid>]& + * [baseDN=<baseDN>] */ public void process(CMSRequest cmsReq) throws EBaseException { HttpServletRequest req = cmsReq.getHttpReq(); @@ -169,8 +174,7 @@ public class RemoteAuthConfig extends CMSServlet { if (adminDN != null && adminDN.length() > 0) { errMsg = authenticateRemoteAdmin(host, port, adminDN, password); } else { - errMsg = authenticateRemoteAdmin(host, port, uid, baseDN, - password); + errMsg = authenticateRemoteAdmin(host, port, uid, baseDN, password); } if (errMsg == null || errMsg.length() == 0) { if (mAuthSubsystem != null && mAuthConfig != null) { @@ -193,17 +197,14 @@ public class RemoteAuthConfig extends CMSServlet { header.addStringValue("error", errMsg); } else { header.addStringValue("plugin", plugin); - header.addStringValue("instance", - instance); + header.addStringValue("instance", instance); } } else { - header.addStringValue("error", - "Unknown instance " + instance - + "."); + header.addStringValue("error", "Unknown instance " + + instance + "."); } } else { - header.addStringValue("error", - "Unknown plugin name: " + plugin); + header.addStringValue("error", "Unknown plugin name: " + plugin); } } else if (op.equals("add")) { String plugin = req.getParameter("of"); @@ -215,33 +216,28 @@ public class RemoteAuthConfig extends CMSServlet { instance = makeInstanceName(); } if (isInstanceListed(instance)) { - header.addStringValue("error", - "Instance name " + instance - + " is already in use."); + header.addStringValue("error", "Instance name " + + instance + " is already in use."); } else { errMsg = addInstance(instance, plugin, - host, port, baseDN, - req.getParameter("dnPattern")); + host, port, baseDN, + req.getParameter("dnPattern")); if (errMsg != null && errMsg.length() > 0) { header.addStringValue("error", errMsg); } else { header.addStringValue("plugin", plugin); - header.addStringValue("instance", - instance); + header.addStringValue("instance", instance); } } } else { - header.addStringValue("error", - "Unknown plugin name: " + plugin); + header.addStringValue("error", "Unknown plugin name: " + plugin); } } else { - header.addStringValue("error", - "Unsupported operation: " + op); + header.addStringValue("error", "Unsupported operation: " + op); } } } else { - header.addStringValue("error", - "Invalid configuration data."); + header.addStringValue("error", "Invalid configuration data."); } } else { header.addStringValue("error", errMsg); @@ -255,10 +251,9 @@ public class RemoteAuthConfig extends CMSServlet { try { form = getTemplate(mFormPath, req, locale); } catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); } try { @@ -268,15 +263,15 @@ public class RemoteAuthConfig extends CMSServlet { form.renderOutput(out, argSet); cmsReq.setStatus(CMSRequest.SUCCESS); } catch (IOException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSGW_ERR_STREAM_TEMPLATE", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_STREAM_TEMPLATE", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); } } private String authenticateRemoteAdmin(String host, String port, - String adminDN, String password) { + String adminDN, String password) { if (host == null || host.length() == 0) { return "Missing host name."; } @@ -318,16 +313,13 @@ public class RemoteAuthConfig extends CMSServlet { LDAPEntry groupEntry = c.read(nextValue); if (groupEntry != null) { - LDAPAttribute gAttr = groupEntry - .getAttribute(UNIQUE_MEMBER); + LDAPAttribute gAttr = groupEntry.getAttribute(UNIQUE_MEMBER); if (gAttr != null) { - Enumeration eValues = gAttr - .getStringValues(); + Enumeration eValues = gAttr.getStringValues(); while (eValues.hasMoreElements()) { - String value = (String) eValues - .nextElement(); + String value = (String) eValues.nextElement(); if (value.equals(entry.getDN())) { c.disconnect(); @@ -347,11 +339,13 @@ public class RemoteAuthConfig extends CMSServlet { } catch (LDAPException e) { /* - * switch (e.getLDAPResultCode()) { case - * LDAPException.NO_SUCH_OBJECT: case - * LDAPException.INVALID_CREDENTIALS: case - * LDAPException.INSUFFICIENT_ACCESS_RIGHTS: case - * LDAPException.LDAP_PARTIAL_RESULTS: default: } + switch (e.getLDAPResultCode()) { + case LDAPException.NO_SUCH_OBJECT: + case LDAPException.INVALID_CREDENTIALS: + case LDAPException.INSUFFICIENT_ACCESS_RIGHTS: + case LDAPException.LDAP_PARTIAL_RESULTS: + default: + } */ c.disconnect(); return "LDAP error: " + e.toString(); @@ -368,7 +362,8 @@ public class RemoteAuthConfig extends CMSServlet { } private String authenticateRemoteAdmin(String host, String port, - String uid, String baseDN, String password) { + String uid, String baseDN, + String password) { if (host == null || host.length() == 0) { return "Missing host name."; } @@ -403,7 +398,8 @@ public class RemoteAuthConfig extends CMSServlet { connected = true; boolean memberOf = false; LDAPSearchResults results = c.search(baseDN, LDAPv2.SCOPE_SUB, - "(uid=" + uid + ")", null, false); + "(uid=" + uid + ")", + null, false); while (results.hasMoreElements()) { LDAPEntry entry = null; @@ -424,16 +420,13 @@ public class RemoteAuthConfig extends CMSServlet { LDAPEntry groupEntry = c.read(nextValue); if (groupEntry != null) { - LDAPAttribute gAttr = groupEntry - .getAttribute(UNIQUE_MEMBER); + LDAPAttribute gAttr = groupEntry.getAttribute(UNIQUE_MEMBER); if (gAttr != null) { - Enumeration eValues = gAttr - .getStringValues(); + Enumeration eValues = gAttr.getStringValues(); while (eValues.hasMoreElements()) { - String value = (String) eValues - .nextElement(); + String value = (String) eValues.nextElement(); if (value.equals(entry.getDN())) { c.disconnect(); @@ -479,8 +472,9 @@ public class RemoteAuthConfig extends CMSServlet { return "Access unauthorized"; } - private String addInstance(String instance, String plugin, String host, - String port, String baseDN, String dnPattern) { + private String addInstance(String instance, String plugin, + String host, String port, + String baseDN, String dnPattern) { if (host == null || host.length() == 0) { return "Missing host name."; } @@ -522,8 +516,7 @@ public class RemoteAuthConfig extends CMSServlet { StringBuffer list = new StringBuffer(); for (int i = 0; i < mRemotelySetInstances.size(); i++) { - if (i > 0) - list.append(","); + if (i > 0) list.append(","); list.append((String) mRemotelySetInstances.elementAt(i)); } @@ -549,8 +542,7 @@ public class RemoteAuthConfig extends CMSServlet { StringBuffer list = new StringBuffer(); for (int i = 0; i < mRemotelySetInstances.size(); i++) { - if (i > 0) - list.append(","); + if (i > 0) list.append(","); list.append((String) mRemotelySetInstances.elementAt(i)); } @@ -610,21 +602,17 @@ public class RemoteAuthConfig extends CMSServlet { int y = now.get(Calendar.YEAR); String name = "R" + y; - if (now.get(Calendar.MONTH) < 10) - name += "0"; + if (now.get(Calendar.MONTH) < 10) name += "0"; name += now.get(Calendar.MONTH); - if (now.get(Calendar.DAY_OF_MONTH) < 10) - name += "0"; + if (now.get(Calendar.DAY_OF_MONTH) < 10) name += "0"; name += now.get(Calendar.DAY_OF_MONTH); - if (now.get(Calendar.HOUR_OF_DAY) < 10) - name += "0"; + if (now.get(Calendar.HOUR_OF_DAY) < 10) name += "0"; name += now.get(Calendar.HOUR_OF_DAY); - if (now.get(Calendar.MINUTE) < 10) - name += "0"; + if (now.get(Calendar.MINUTE) < 10) name += "0"; name += now.get(Calendar.MINUTE); - if (now.get(Calendar.SECOND) < 10) - name += "0"; + if (now.get(Calendar.SECOND) < 10) name += "0"; name += now.get(Calendar.SECOND); return name; } } + |