diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java | 59 |
1 files changed, 33 insertions, 26 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java index e1d181407..f2587300b 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; + import java.util.Enumeration; import javax.servlet.http.HttpServletRequest; @@ -27,6 +28,7 @@ import org.apache.velocity.context.Context; import com.netscape.certsrv.apps.CMS; + public abstract class ConfigBaseServlet extends BaseServlet { /** * @@ -34,7 +36,8 @@ public abstract class ConfigBaseServlet extends BaseServlet { private static final long serialVersionUID = 7692352201878710530L; public boolean isDisplayMode(HttpServletRequest request, - HttpServletResponse response, Context context) { + HttpServletResponse response, + Context context) { String display = request.getParameter("display"); if (display == null) { @@ -47,40 +50,43 @@ public abstract class ConfigBaseServlet extends BaseServlet { public abstract void display(HttpServletRequest request, HttpServletResponse response, Context context); - public abstract void update(HttpServletRequest request, + public abstract void update(HttpServletRequest request, HttpServletResponse response, Context context); public abstract Template getTemplate(HttpServletRequest request, - HttpServletResponse response, Context context); + HttpServletResponse response, + Context context); public void outputHttpParameters(HttpServletRequest httpReq) { - CMS.debug("ConfigBaseServlet:service() uri = " - + httpReq.getRequestURI()); + CMS.debug("ConfigBaseServlet:service() uri = " + httpReq.getRequestURI()); Enumeration paramNames = httpReq.getParameterNames(); while (paramNames.hasMoreElements()) { String pn = (String) paramNames.nextElement(); // added this facility so that password can be hidden, - // all sensitive parameters should be prefixed with + // all sensitive parameters should be prefixed with // __ (double underscores); however, in the event that // a security parameter slips through, we perform multiple // additional checks to insure that it is NOT displayed - if (pn.startsWith("__") || pn.endsWith("password") - || pn.endsWith("passwd") || pn.endsWith("pwd") - || pn.equalsIgnoreCase("admin_password_again") - || pn.equalsIgnoreCase("directoryManagerPwd") - || pn.equalsIgnoreCase("bindpassword") - || pn.equalsIgnoreCase("bindpwd") - || pn.equalsIgnoreCase("passwd") - || pn.equalsIgnoreCase("password") - || pn.equalsIgnoreCase("pin") || pn.equalsIgnoreCase("pwd") - || pn.equalsIgnoreCase("pwdagain") - || pn.equalsIgnoreCase("uPasswd")) { - CMS.debug("ConfigBaseServlet::service() param name='" + pn - + "' value='(sensitive)'"); + if( pn.startsWith("__") || + pn.endsWith("password") || + pn.endsWith("passwd") || + pn.endsWith("pwd") || + pn.equalsIgnoreCase("admin_password_again") || + pn.equalsIgnoreCase("directoryManagerPwd") || + pn.equalsIgnoreCase("bindpassword") || + pn.equalsIgnoreCase("bindpwd") || + pn.equalsIgnoreCase("passwd") || + pn.equalsIgnoreCase("password") || + pn.equalsIgnoreCase("pin") || + pn.equalsIgnoreCase("pwd") || + pn.equalsIgnoreCase("pwdagain") || + pn.equalsIgnoreCase("uPasswd") ) { + CMS.debug("ConfigBaseServlet::service() param name='" + pn + + "' value='(sensitive)'" ); } else { - CMS.debug("ConfigBaseServlet::service() param name='" + pn - + "' value='" + httpReq.getParameter(pn) + "'"); + CMS.debug("ConfigBaseServlet::service() param name='" + pn + + "' value='" + httpReq.getParameter(pn) + "'" ); } } } @@ -89,8 +95,9 @@ public abstract class ConfigBaseServlet extends BaseServlet { * Processes request. */ public Template process(HttpServletRequest request, - HttpServletResponse response, Context context) { - + HttpServletResponse response, + Context context) { + if (CMS.debugOn()) { outputHttpParameters(request); } @@ -100,16 +107,16 @@ public abstract class ConfigBaseServlet extends BaseServlet { } else { update(request, response, context); } - + Template template = null; - + try { context.put("name", "Velocity Test"); template = getTemplate(request, response, context); } catch (Exception e) { System.err.println("Exception caught: " + e.getMessage()); } - + return template; } } |