summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java276
1 files changed, 276 insertions, 0 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java
new file mode 100644
index 000000000..b78b98b82
--- /dev/null
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java
@@ -0,0 +1,276 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.cms.servlet.csadmin;
+
+import com.netscape.cms.servlet.common.*;
+import com.netscape.cms.servlet.base.*;
+import java.io.*;
+import java.util.*;
+import java.math.*;
+import java.net.*;
+import javax.servlet.*;
+import javax.servlet.http.*;
+import netscape.ldap.*;
+import com.netscape.certsrv.base.*;
+import com.netscape.certsrv.usrgrp.*;
+import com.netscape.certsrv.authority.*;
+import com.netscape.certsrv.logging.*;
+import com.netscape.certsrv.apps.CMS;
+import com.netscape.certsrv.authentication.*;
+import com.netscape.certsrv.authorization.*;
+import com.netscape.cms.servlet.*;
+import com.netscape.cmsutil.xml.*;
+import org.w3c.dom.*;
+
+
+public class GetCookie extends CMSServlet {
+
+ private final static String SUCCESS = "0";
+ private final static String FAILED = "1";
+ private static Random mRandom = null;
+ private final static int SESSION_MAX_AGE = 3600;
+ private String mErrorFormPath = null;
+ private String mFormPath = null;
+
+ public GetCookie() {
+ super();
+ }
+
+ /**
+ * initialize the servlet.
+ * @param sc servlet configuration, read from the web.xml file
+ */
+ public void init(ServletConfig sc) throws ServletException {
+ super.init(sc);
+
+ CMS.debug("GetCookie init");
+ mTemplates.remove(CMSRequest.SUCCESS);
+ mRandom = new Random();
+ mErrorFormPath = sc.getInitParameter("errorTemplatePath");
+ if (mOutputTemplatePath != null) {
+ mFormPath = mOutputTemplatePath;
+ }
+ }
+
+ /**
+ * Process the HTTP request.
+ * @param cmsReq the object holding the request and response information
+ */
+ protected void process(CMSRequest cmsReq) throws EBaseException {
+ HttpServletRequest httpReq = cmsReq.getHttpReq();
+ HttpServletResponse httpResp = cmsReq.getHttpResp();
+
+ CMS.debug("GetCookie start");
+ IAuthToken authToken = null;
+ int sessionMaxAge = SESSION_MAX_AGE;
+ IConfigStore cs = CMS.getConfigStore();
+ try {
+ sessionMaxAge = cs.getInteger("sessionMaxAge", SESSION_MAX_AGE);
+ } catch (Exception e) {
+ }
+
+ IArgBlock header = CMS.createArgBlock();
+ IArgBlock ctx = CMS.createArgBlock();
+ CMSTemplateParams argSet = new CMSTemplateParams(header, ctx);
+
+ CMSTemplate form = null;
+ Locale[] locale = new Locale[1];
+
+ String url = httpReq.getParameter("url");
+ CMS.debug("GetCookie before auth, url ="+url);
+ String url_e = "";
+ URL u = null;
+ try {
+ url_e = URLDecoder.decode(url, "UTF-8");
+ u = new URL(url_e);
+ } catch (Exception eee) {
+ throw new ECMSGWException(
+ "GetCookie missing parameter: url");
+ }
+
+ int index2 = url_e.indexOf("subsystem=");
+ String subsystem = "";
+ if (index2 > 0) {
+ subsystem = url.substring(index2+10);
+ int index1 = subsystem.indexOf("&");
+ if (index1 > 0)
+ subsystem = subsystem.substring(0, index1);
+ }
+
+ try {
+ authToken = authenticate(cmsReq);
+ } catch (Exception e) {
+ CMS.debug("GetCookie authentication failed");
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "",
+ e.toString()));
+ header.addStringValue("sd_uid", "");
+ header.addStringValue("sd_pwd", "");
+ header.addStringValue("host", u.getHost());
+ header.addStringValue("sdhost", CMS.getEESSLHost());
+ header.addStringValue("subsystem", subsystem);
+ header.addStringValue("url", url_e);
+ header.addStringValue("errorString", "Failed Authentication");
+ String sdname = cs.getString("securitydomain.name", "");
+ header.addStringValue("sdname", sdname);
+
+ CMS.debug("mErrorFormPath=" + mErrorFormPath);
+ try {
+ form = getTemplate(mErrorFormPath, httpReq, locale);
+ } catch (IOException eee) {
+ CMS.debug("GetCookie process: cant locate the form");
+/*
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString()));
+ throw new ECMSGWException(
+ CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
+*/
+ }
+
+ if( form == null ) {
+ CMS.debug("GetCookie::process() - form is null!");
+ throw new EBaseException( "form is null" );
+ }
+
+ try {
+ ServletOutputStream out = httpResp.getOutputStream();
+
+ cmsReq.setStatus(CMSRequest.SUCCESS);
+ httpResp.setContentType("text/html");
+ form.renderOutput(out, argSet);
+ } catch (IOException ee) {
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_OUT_STREAM_TEMPLATE", ee.toString()));
+ throw new ECMSGWException(
+ CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
+ }
+ return;
+ }
+
+ String cookie = "";
+ if (authToken != null) {
+ String uid = authToken.getInString("uid");
+ String groupname = getGroupName(uid, subsystem);
+
+ if (groupname != null) {
+ // assign cookie
+ long num = mRandom.nextLong();
+ cookie = num+"";
+ ISecurityDomainSessionTable ctable = CMS.getSecurityDomainSessionTable();
+ String addr = "";
+ try {
+ addr = u.getHost();
+ } catch (Exception e) {
+ }
+ String ip = "";
+ try {
+ ip = InetAddress.getByName(addr).toString();
+ int index = ip.indexOf("/");
+ if (index > 0)
+ ip = ip.substring(index+1);
+ } catch (Exception e) {
+ }
+
+ ctable.addEntry(cookie, ip, uid, groupname);
+ try {
+ String sd_url = "https://"+CMS.getEESSLHost()+":"+CMS.getEESSLPort();
+ if (!url.startsWith("$")) {
+ try {
+ form = getTemplate(mFormPath, httpReq, locale);
+ } catch (IOException e) {
+ CMS.debug("GetCookie process: cant locate the form");
+/*
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString()));
+ throw new ECMSGWException(
+ CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
+*/
+ }
+
+ header.addStringValue("url", url);
+ header.addStringValue("session_id", cookie);
+
+ EBaseException error = null;
+ try {
+ ServletOutputStream out = httpResp.getOutputStream();
+
+ if (error == null) {
+ cmsReq.setStatus(CMSRequest.SUCCESS);
+ httpResp.setContentType("text/html");
+ form.renderOutput(out, argSet);
+ } else {
+ cmsReq.setStatus(CMSRequest.ERROR);
+ cmsReq.setError(error);
+ }
+ } catch (IOException e) {
+ log(ILogger.LL_FAILURE,
+ CMS.getLogMessage("CMSGW_ERR_OUT_STREAM_TEMPLATE", e.toString()));
+ throw new ECMSGWException(
+ CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"));
+ }
+ }
+ } catch (Exception e) {
+ }
+ }
+ }
+ }
+
+ private String getGroupName(String uid, String subsystemname) {
+ String groupname = "";
+ IUGSubsystem subsystem =
+ (IUGSubsystem)(CMS.getSubsystem(IUGSubsystem.ID));
+ if (subsystem.isMemberOf(uid, "Enterprise CA Administrators") &&
+ subsystemname.equals("CA")) {
+ return "Enterprise CA Administrators";
+ } else if (subsystem.isMemberOf(uid, "Enterprise KRA Administrators") &&
+ subsystemname.equals("KRA")) {
+ return "Enterprise KRA Administrators";
+ } else if (subsystem.isMemberOf(uid, "Enterprise OCSP Administrators") &&
+ subsystemname.equals("OCSP")) {
+ return "Enterprise OCSP Administrators";
+ } else if (subsystem.isMemberOf(uid, "Enterprise TKS Administrators") &&
+ subsystemname.equals("TKS")) {
+ return "Enterprise TKS Administrators";
+ } else if (subsystem.isMemberOf(uid, "Enterprise RA Administrators") &&
+ subsystemname.equals("RA")) {
+ return "Enterprise RA Administrators";
+ } else if (subsystem.isMemberOf(uid, "Enterprise TPS Administrators") &&
+ subsystemname.equals("TPS")) {
+ return "Enterprise TPS Administrators";
+ }
+
+ return null;
+ }
+
+ /**
+ * Retrieves locale based on the request.
+ */
+ protected Locale getLocale(HttpServletRequest req) {
+ Locale locale = null;
+ String lang = req.getHeader("accept-language");
+
+ if (lang == null) {
+ // use server locale
+ locale = Locale.getDefault();
+ } else {
+ locale = new Locale(UserInfo.getUserLanguage(lang),
+ UserInfo.getUserCountry(lang));
+ }
+ return locale;
+ }
+}
generated by cgit (git 2.34.1) at 2024-04-25 04:10:26 +0000