diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/ldap')
10 files changed, 1112 insertions, 1125 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java index c41f361ef..cce851561 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java @@ -17,32 +17,30 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import com.netscape.certsrv.base.SessionContext; import com.netscape.certsrv.ldap.ELdapException; import com.netscape.certsrv.publish.ILdapExpression; import com.netscape.certsrv.request.IRequest; - /** - * This class represents an expression of the form - * <var1 op val1 AND var2 op va2>. - * + * This class represents an expression of the form <var1 op val1 AND var2 op + * va2>. + * * Expressions are used as predicates for publishing rule selection. - * + * * @author mzhao * @version $Revision$, $Date$ */ public class LdapAndExpression implements ILdapExpression { private ILdapExpression mExp1; private ILdapExpression mExp2; + public LdapAndExpression(ILdapExpression exp1, ILdapExpression exp2) { mExp1 = exp1; mExp2 = exp2; } - public boolean evaluate(SessionContext sc) - throws ELdapException { + public boolean evaluate(SessionContext sc) throws ELdapException { // If an expression is missing we assume applicability. if (mExp1 == null && mExp2 == null) return true; @@ -50,12 +48,12 @@ public class LdapAndExpression implements ILdapExpression { return mExp1.evaluate(sc) && mExp2.evaluate(sc); else if (mExp1 == null) return mExp2.evaluate(sc); - else // (if mExp2 == null) + else + // (if mExp2 == null) return mExp1.evaluate(sc); } - public boolean evaluate(IRequest req) - throws ELdapException { + public boolean evaluate(IRequest req) throws ELdapException { // If an expression is missing we assume applicability. if (mExp1 == null && mExp2 == null) return true; @@ -63,7 +61,8 @@ public class LdapAndExpression implements ILdapExpression { return mExp1.evaluate(req) && mExp2.evaluate(req); else if (mExp1 == null) return mExp2.evaluate(req); - else // (if mExp2 == null) + else + // (if mExp2 == null) return mExp1.evaluate(req); } @@ -71,4 +70,3 @@ public class LdapAndExpression implements ILdapExpression { return mExp1.toString() + " AND " + mExp2.toString(); } } - diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java index 7574bf1b3..0fa2f0192 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import netscape.ldap.LDAPConnection; import com.netscape.certsrv.apps.CMS; @@ -34,7 +33,6 @@ import com.netscape.cmscore.ldapconn.LdapAuthInfo; import com.netscape.cmscore.ldapconn.LdapBoundConnFactory; import com.netscape.cmscore.ldapconn.LdapConnInfo; - public class LdapConnModule implements ILdapConnModule { protected IConfigStore mConfig = null; protected LdapBoundConnFactory mLdapConnFactory = null; @@ -42,7 +40,7 @@ public class LdapConnModule implements ILdapConnModule { private boolean mInited = false; /** - * instantiate connection factory. + * instantiate connection factory. */ public static final String PROP_LDAP = "ldap"; @@ -57,44 +55,43 @@ public class LdapConnModule implements ILdapConnModule { protected ISubsystem mPubProcessor; - public void init(ISubsystem p, - IConfigStore config) - throws EBaseException { + public void init(ISubsystem p, IConfigStore config) throws EBaseException { CMS.debug("LdapConnModule: init called"); if (mInited) { CMS.debug("LdapConnModule: already initialized. return."); - return; + return; } CMS.debug("LdapConnModule: init begins"); mPubProcessor = p; mConfig = config; /* - mLdapConnFactory = new LdapBoundConnFactory(); - mLdapConnFactory.init(mConfig.getSubStore("ldap")); - */ + * mLdapConnFactory = new LdapBoundConnFactory(); + * mLdapConnFactory.init(mConfig.getSubStore("ldap")); + */ // support publishing dirsrv with different pwd than internaldb IConfigStore ldap = mConfig.getSubStore("ldap"); - IConfigStore ldapconn = ldap.getSubStore( - ILdapBoundConnFactory.PROP_LDAPCONNINFO); - IConfigStore authinfo = ldap.getSubStore( - ILdapBoundConnFactory.PROP_LDAPAUTHINFO); - ILdapConnInfo connInfo = - CMS.getLdapConnInfo(ldapconn); - LdapAuthInfo authInfo = - new LdapAuthInfo(authinfo, ldapconn.getString("host"), - ldapconn.getInteger("port"), connInfo.getSecure()); - - int minConns = mConfig.getInteger(ILdapBoundConnFactory.PROP_MINCONNS, 3); - int maxConns = mConfig.getInteger(ILdapBoundConnFactory.PROP_MAXCONNS, 15); + IConfigStore ldapconn = ldap + .getSubStore(ILdapBoundConnFactory.PROP_LDAPCONNINFO); + IConfigStore authinfo = ldap + .getSubStore(ILdapBoundConnFactory.PROP_LDAPAUTHINFO); + ILdapConnInfo connInfo = CMS.getLdapConnInfo(ldapconn); + LdapAuthInfo authInfo = new LdapAuthInfo(authinfo, + ldapconn.getString("host"), ldapconn.getInteger("port"), + connInfo.getSecure()); + + int minConns = mConfig.getInteger(ILdapBoundConnFactory.PROP_MINCONNS, + 3); + int maxConns = mConfig.getInteger(ILdapBoundConnFactory.PROP_MAXCONNS, + 15); // must get authInfo from the config, don't default to internaldb!!! - CMS.debug("Creating LdapBoundConnFactory for LdapConnModule."); - mLdapConnFactory = - new LdapBoundConnFactory(minConns, maxConns, (LdapConnInfo)connInfo, authInfo); + CMS.debug("Creating LdapBoundConnFactory for LdapConnModule."); + mLdapConnFactory = new LdapBoundConnFactory(minConns, maxConns, + (LdapConnInfo) connInfo, authInfo); mInited = true; @@ -102,15 +99,14 @@ public class LdapConnModule implements ILdapConnModule { } /** - * Returns the internal ldap connection factory. - * This can be useful to get a ldap connection to the - * ldap publishing directory without having to get it again from the - * config file. Note that this means sharing a ldap connection pool - * with the ldap publishing module so be sure to return connections to pool. - * Use ILdapConnFactory.getConn() to get a Ldap connection to the ldap - * publishing directory. - * Use ILdapConnFactory.returnConn() to return the connection. - * + * Returns the internal ldap connection factory. This can be useful to get a + * ldap connection to the ldap publishing directory without having to get it + * again from the config file. Note that this means sharing a ldap + * connection pool with the ldap publishing module so be sure to return + * connections to pool. Use ILdapConnFactory.getConn() to get a Ldap + * connection to the ldap publishing directory. Use + * ILdapConnFactory.returnConn() to return the connection. + * * @see com.netscape.certsrv.ldap.ILdapBoundConnFactory * @see com.netscape.certsrv.ldap.ILdapConnFactory */ @@ -127,9 +123,8 @@ public class LdapConnModule implements ILdapConnModule { } public void log(int level, String msg) { - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_LDAP, level, - "LdapPublishModule: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_LDAP, level, + "LdapPublishModule: " + msg); } - -} +} diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java index aaf9f35de..0a34304df 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java @@ -17,51 +17,50 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import com.netscape.certsrv.base.SessionContext; import com.netscape.certsrv.ldap.ELdapException; import com.netscape.certsrv.publish.ILdapExpression; import com.netscape.certsrv.request.IRequest; - /** - * This class represents an Or expression of the form - * (var1 op val1 OR var2 op val2). - * + * This class represents an Or expression of the form (var1 op val1 OR var2 op + * val2). + * * Expressions are used as predicates for publishing rule selection. - * + * * @author mzhao * @version $Revision$, $Date$ */ public class LdapOrExpression implements ILdapExpression { private ILdapExpression mExp1; private ILdapExpression mExp2; + public LdapOrExpression(ILdapExpression exp1, ILdapExpression exp2) { mExp1 = exp1; mExp2 = exp2; } - public boolean evaluate(SessionContext sc) - throws ELdapException { + public boolean evaluate(SessionContext sc) throws ELdapException { if (mExp1 == null && mExp2 == null) return true; else if (mExp1 != null && mExp2 != null) return mExp1.evaluate(sc) || mExp2.evaluate(sc); else if (mExp1 != null && mExp2 == null) return mExp1.evaluate(sc); - else // (mExp1 == null && mExp2 != null) + else + // (mExp1 == null && mExp2 != null) return mExp2.evaluate(sc); } - public boolean evaluate(IRequest req) - throws ELdapException { + public boolean evaluate(IRequest req) throws ELdapException { if (mExp1 == null && mExp2 == null) return true; else if (mExp1 != null && mExp2 != null) return mExp1.evaluate(req) || mExp2.evaluate(req); else if (mExp1 != null && mExp2 == null) return mExp1.evaluate(req); - else // (mExp1 == null && mExp2 != null) + else + // (mExp1 == null && mExp2 != null) return mExp2.evaluate(req); } @@ -72,8 +71,8 @@ public class LdapOrExpression implements ILdapExpression { return mExp1.toString() + " OR " + mExp2.toString(); else if (mExp1 != null && mExp2 == null) return mExp1.toString(); - else // (mExp1 == null && mExp2 != null) + else + // (mExp1 == null && mExp2 != null) return mExp2.toString(); } } - diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java index 3ac8f7502..ac91af825 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.util.Enumeration; import java.util.Hashtable; import java.util.Vector; @@ -29,19 +28,16 @@ import com.netscape.certsrv.ldap.ELdapException; import com.netscape.certsrv.publish.ILdapExpression; import com.netscape.cmscore.util.Debug; - /** * Default implementation of predicate parser. - * + * * Limitations: - * - * 1. Currently parentheses are not suported. - * 2. Only ==, != <, >, <= and >= operators are supported. - * 3. The only boolean operators supported are AND and OR. AND takes precedence - * over OR. Example: a AND b OR e OR c AND d - * is treated as (a AND b) OR e OR (c AND d) - * 4. If this is n't adequate, roll your own. - * + * + * 1. Currently parentheses are not suported. 2. Only ==, != <, >, <= and >= + * operators are supported. 3. The only boolean operators supported are AND and + * OR. AND takes precedence over OR. Example: a AND b OR e OR c AND d is treated + * as (a AND b) OR e OR (c AND d) 4. If this is n't adequate, roll your own. + * * @author mzhao * @version $Revision$, $Date$ */ @@ -57,22 +53,22 @@ public class LdapPredicateParser { /** * Parse the predicate expression and return a vector of expressions. - * - * @param predicateExp The predicate expression as read from the config file. - * @return expVector The vector of expressions. + * + * @param predicateExp The predicate expression as read from the config + * file. + * @return expVector The vector of expressions. */ public static ILdapExpression parse(String predicateExpression) - throws ELdapException { - if (predicateExpression == null || - predicateExpression.length() == 0) + throws ELdapException { + if (predicateExpression == null || predicateExpression.length() == 0) return null; PredicateTokenizer pt = new PredicateTokenizer(predicateExpression); if (pt == null || !pt.hasMoreTokens()) return null; - // The first token cannot be an operator. We are not dealing with - // reverse-polish notation. + // The first token cannot be an operator. We are not dealing with + // reverse-polish notation. String token = pt.nextToken(); boolean opANDSeen; boolean opORSeen; @@ -80,7 +76,8 @@ public class LdapPredicateParser { if (getOP(token) != EXPRESSION) { if (Debug.ON) Debug.trace("Malformed expression: " + predicateExpression); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_BAD_LDAP_EXPRESSION", predicateExpression)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_BAD_LDAP_EXPRESSION", predicateExpression)); } ILdapExpression current = parseExpression(token); boolean malformed = false; @@ -91,8 +88,8 @@ public class LdapPredicateParser { token = pt.nextToken(); int curType = getOP(token); - if ((prevType != EXPRESSION && curType != EXPRESSION) || - (prevType == EXPRESSION && curType == EXPRESSION)) { + if ((prevType != EXPRESSION && curType != EXPRESSION) + || (prevType == EXPRESSION && curType == EXPRESSION)) { malformed = true; break; } @@ -103,7 +100,8 @@ public class LdapPredicateParser { continue; } - // If the previous type was an OR token, add the current expression to + // If the previous type was an OR token, add the current expression + // to // the expression set; if (prevType == OP_OR) { expSet.addElement(current); @@ -121,9 +119,8 @@ public class LdapPredicateParser { if (malformed) { if (Debug.ON) Debug.trace("Malformed expression: " + predicateExpression); - throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_BAD_LDAP_EXPRESSION", - predicateExpression)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_BAD_LDAP_EXPRESSION", predicateExpression)); } // Form an LdapOrExpression @@ -134,12 +131,12 @@ public class LdapPredicateParser { if (size == 0) return null; - LdapOrExpression orExp = new - LdapOrExpression((ILdapExpression) expSet.elementAt(0), null); + LdapOrExpression orExp = new LdapOrExpression( + (ILdapExpression) expSet.elementAt(0), null); for (int i = 1; i < size; i++) orExp = new LdapOrExpression(orExp, - (ILdapExpression) expSet.elementAt(i)); + (ILdapExpression) expSet.elementAt(i)); return orExp; } @@ -153,7 +150,7 @@ public class LdapPredicateParser { } private static ILdapExpression parseExpression(String input) - throws ELdapException { + throws ELdapException { // If the expression has multiple parts separated by commas // we need to construct an AND expression. Else we will return a // simple expression. @@ -165,28 +162,30 @@ public class LdapPredicateParser { Vector expVector = new Vector(); while (commaIndex > 0) { - LdapSimpleExpression exp = (LdapSimpleExpression) - LdapSimpleExpression.parse(input.substring(currentIndex, - commaIndex)); + LdapSimpleExpression exp = (LdapSimpleExpression) LdapSimpleExpression + .parse(input.substring(currentIndex, commaIndex)); expVector.addElement(exp); currentIndex = commaIndex + 1; commaIndex = input.indexOf(COMMA, currentIndex); } if (currentIndex < (input.length() - 1)) { - LdapSimpleExpression exp = (LdapSimpleExpression) - LdapSimpleExpression.parse(input.substring(currentIndex)); + LdapSimpleExpression exp = (LdapSimpleExpression) LdapSimpleExpression + .parse(input.substring(currentIndex)); expVector.addElement(exp); } int size = expVector.size(); - LdapSimpleExpression exp1 = (LdapSimpleExpression) expVector.elementAt(0); - LdapSimpleExpression exp2 = (LdapSimpleExpression) expVector.elementAt(1); + LdapSimpleExpression exp1 = (LdapSimpleExpression) expVector + .elementAt(0); + LdapSimpleExpression exp2 = (LdapSimpleExpression) expVector + .elementAt(1); LdapAndExpression andExp = new LdapAndExpression(exp1, exp2); for (int i = 2; i < size; i++) { - andExp = new LdapAndExpression(andExp, (LdapSimpleExpression) expVector.elementAt(i)); + andExp = new LdapAndExpression(andExp, + (LdapSimpleExpression) expVector.elementAt(i)); } return andExp; } @@ -194,79 +193,40 @@ public class LdapPredicateParser { public static void main(String[] args) { /** - AttributeSet req = new AttributeSet(); - try - { - req.set("ou", "people"); - req.set("cn", "John Doe"); - req.set("uid", "jdoes"); - req.set("o", "airius.com"); - req.set("certtype", "client"); - req.set("request", "issuance"); - req.set("id", new Integer(10)); - req.set("dualcerts", new Boolean(true)); - - Vector v = new Vector(); - v.addElement("one"); - v.addElement("two"); - v.addElement("three"); - req.set("count", v); - } - catch (Exception e){e.printStackTrace();} - String[] array = { "ou == people AND certtype == client", - "ou == servergroup AND certtype == server", - "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com", - }; - for (int i = 0; i < array.length; i++) - { - System.out.println(); - System.out.println("String: " + array[i]); - ILdapExpression exp = null; - try - { - exp = parse(array[i]); - if (exp != null) - { - System.out.println("Parsed Expression: " + exp); - boolean result = exp.evaluate(req); - System.out.println("Result: " + result); - } - } - catch (Exception e) {e.printStackTrace(); } - } - - - try - { - BufferedReader rdr = new BufferedReader( - new FileReader(args[0])); - String line; - while((line=rdr.readLine()) != null) - { - System.out.println(); - System.out.println("Line Read: " + line); - ILdapExpression exp = null; - try - { - exp = parse(line); - if (exp != null) - { - System.out.println(exp); - boolean result = exp.evaluate(req); - System.out.println("Result: " + result); - } - - }catch (Exception e){e.printStackTrace();} - } - } - catch (Exception e){e.printStackTrace(); } - + * AttributeSet req = new AttributeSet(); try { req.set("ou", "people"); + * req.set("cn", "John Doe"); req.set("uid", "jdoes"); req.set("o", + * "airius.com"); req.set("certtype", "client"); req.set("request", + * "issuance"); req.set("id", new Integer(10)); req.set("dualcerts", new + * Boolean(true)); + * + * Vector v = new Vector(); v.addElement("one"); v.addElement("two"); + * v.addElement("three"); req.set("count", v); } catch (Exception + * e){e.printStackTrace();} String[] array = { + * "ou == people AND certtype == client", + * "ou == servergroup AND certtype == server", + * "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com" + * , }; for (int i = 0; i < array.length; i++) { System.out.println(); + * System.out.println("String: " + array[i]); ILdapExpression exp = + * null; try { exp = parse(array[i]); if (exp != null) { + * System.out.println("Parsed Expression: " + exp); boolean result = + * exp.evaluate(req); System.out.println("Result: " + result); } } catch + * (Exception e) {e.printStackTrace(); } } + * + * + * try { BufferedReader rdr = new BufferedReader( new + * FileReader(args[0])); String line; while((line=rdr.readLine()) != + * null) { System.out.println(); System.out.println("Line Read: " + + * line); ILdapExpression exp = null; try { exp = parse(line); if (exp + * != null) { System.out.println(exp); boolean result = + * exp.evaluate(req); System.out.println("Result: " + result); } + * + * }catch (Exception e){e.printStackTrace();} } } catch (Exception + * e){e.printStackTrace(); } **/ } } - class PredicateTokenizer { String input; int currentIndex; @@ -348,30 +308,27 @@ class PredicateTokenizer { } } - class AttributeSet implements IAttrSet { /** * */ private static final long serialVersionUID = -3155846653754028803L; Hashtable ht = new Hashtable(); + public AttributeSet() { } - public void delete(String name) - throws EBaseException { + public void delete(String name) throws EBaseException { Object ob = ht.get(name); ht.remove(ob); } - public Object get(String name) - throws EBaseException { + public Object get(String name) throws EBaseException { return ht.get(name); } - public void set(String name, Object ob) - throws EBaseException { + public void set(String name, Object ob) throws EBaseException { ht.put(name, ob); } diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java index 8e890f06b..e064f7f2b 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.io.IOException; import java.math.BigInteger; import java.security.cert.X509CRL; @@ -56,7 +55,6 @@ import com.netscape.cmscore.dbs.CertRecord; import com.netscape.cmscore.ldapconn.LdapBoundConnFactory; import com.netscape.cmscore.util.Debug; - public class LdapPublishModule implements ILdapPublishModule { protected IConfigStore mConfig = null; protected LdapBoundConnFactory mLdapConnFactory = null; @@ -64,28 +62,24 @@ public class LdapPublishModule implements ILdapPublishModule { private boolean mInited = false; protected ICertAuthority mAuthority = null; - /** - * hashtable of cert types to cert mappers and publishers. - * cert types are client, server, ca, subca, ra, crl, etc. - * XXX the cert types need to be consistently used. - * for each, the mapper may be null, in which case the full subject - * name is used to map the cert. - * for crl, if the mapper is null the ca mapper is used. if that - * is null, the full issuer name is used. - * XXX if we support crl issuing points the issuing point should be used - * to publish the crl. - * When publishers are null, the certs are not published. + /** + * hashtable of cert types to cert mappers and publishers. cert types are + * client, server, ca, subca, ra, crl, etc. XXX the cert types need to be + * consistently used. for each, the mapper may be null, in which case the + * full subject name is used to map the cert. for crl, if the mapper is null + * the ca mapper is used. if that is null, the full issuer name is used. XXX + * if we support crl issuing points the issuing point should be used to + * publish the crl. When publishers are null, the certs are not published. */ - protected Hashtable mMappers = new Hashtable(); + protected Hashtable mMappers = new Hashtable(); /** - * handlers for request types (events) - * values implement IRequestListener + * handlers for request types (events) values implement IRequestListener */ protected Hashtable mEventHandlers = new Hashtable(); /** - * instantiate connection factory. + * instantiate connection factory. */ public static final String ATTR_LDAPPUBLISH_STATUS = "LdapPublishStatus"; public static final String PROP_LDAP = "ldap"; @@ -100,12 +94,10 @@ public class LdapPublishModule implements ILdapPublishModule { public LdapPublishModule() { } - public void init(ISubsystem sub, IConfigStore config) throws EBaseException - { - } + public void init(ISubsystem sub, IConfigStore config) throws EBaseException { + } - public void set(String name, String val) - { + public void set(String name, String val) { } public LdapPublishModule(LdapBoundConnFactory factory) { @@ -116,8 +108,7 @@ public class LdapPublishModule implements ILdapPublishModule { protected IPublisherProcessor mPubProcessor; public void init(ICertAuthority authority, IPublisherProcessor p, - IConfigStore config) - throws EBaseException { + IConfigStore config) throws EBaseException { if (mInited) return; @@ -133,9 +124,9 @@ public class LdapPublishModule implements ILdapPublishModule { mAuthority.registerRequestListener(this); } - public void init(ICertAuthority authority, IConfigStore config) - throws EBaseException { - if (mInited) + public void init(ICertAuthority authority, IConfigStore config) + throws EBaseException { + if (mInited) return; mAuthority = authority; @@ -150,15 +141,14 @@ public class LdapPublishModule implements ILdapPublishModule { } /** - * Returns the internal ldap connection factory. - * This can be useful to get a ldap connection to the - * ldap publishing directory without having to get it again from the - * config file. Note that this means sharing a ldap connection pool - * with the ldap publishing module so be sure to return connections to pool. - * Use ILdapConnFactory.getConn() to get a Ldap connection to the ldap - * publishing directory. - * Use ILdapConnFactory.returnConn() to return the connection. - * + * Returns the internal ldap connection factory. This can be useful to get a + * ldap connection to the ldap publishing directory without having to get it + * again from the config file. Note that this means sharing a ldap + * connection pool with the ldap publishing module so be sure to return + * connections to pool. Use ILdapConnFactory.getConn() to get a Ldap + * connection to the ldap publishing directory. Use + * ILdapConnFactory.returnConn() to return the connection. + * * @see com.netscape.certsrv.ldap.ILdapBoundConnFactory * @see com.netscape.certsrv.ldap.ILdapConnFactory */ @@ -167,8 +157,8 @@ public class LdapPublishModule implements ILdapPublishModule { } /** - * Returns the connection factory to the publishing directory. - * Must return the connection once you return + * Returns the connection factory to the publishing directory. Must return + * the connection once you return */ protected LdapMappers getMappers(String certType) { @@ -179,16 +169,15 @@ public class LdapPublishModule implements ILdapPublishModule { } else { mappers = (LdapMappers) mMappers.get(certType); } - return mappers; + return mappers; } - protected void initMappers(IConfigStore config) - throws EBaseException { + protected void initMappers(IConfigStore config) throws EBaseException { IConfigStore types = mConfig.getSubStore(PROP_TYPE); if (types == null || types.size() <= 0) { // nothing configured. - if (Debug.ON) + if (Debug.ON) System.out.println("No ldap publishing configurations."); return; } @@ -198,9 +187,9 @@ public class LdapPublishModule implements ILdapPublishModule { String certType = (String) substores.nextElement(); IConfigStore current = types.getSubStore(certType); - if (current == null || current.size() <= 0) { - CMS.debug( - "No ldap publish configuration for " + certType + " found."); + if (current == null || current.size() <= 0) { + CMS.debug("No ldap publish configuration for " + certType + + " found."); continue; } ILdapPlugin mapper = null, publisher = null; @@ -211,54 +200,53 @@ public class LdapPublishModule implements ILdapPublishModule { mapperConf = current.getSubStore(PROP_MAPPER); mapperClassName = mapperConf.getString(PROP_CLASS, null); if (mapperClassName != null && mapperClassName.length() > 0) { - CMS.debug( - "mapper " + mapperClassName + " for " + certType); - mapper = (ILdapPlugin) - Class.forName(mapperClassName).newInstance(); + CMS.debug("mapper " + mapperClassName + " for " + certType); + mapper = (ILdapPlugin) Class.forName(mapperClassName) + .newInstance(); mapper.init(mapperConf); } publisherConf = current.getSubStore(PROP_PUBLISHER); publisherClassName = publisherConf.getString(PROP_CLASS, null); - if (publisherClassName != null && - publisherClassName.length() > 0) { - CMS.debug( - "publisher " + publisherClassName + " for " + certType); - publisher = (ILdapPlugin) - Class.forName(publisherClassName).newInstance(); + if (publisherClassName != null + && publisherClassName.length() > 0) { + CMS.debug("publisher " + publisherClassName + " for " + + certType); + publisher = (ILdapPlugin) Class.forName(publisherClassName) + .newInstance(); publisher.init(publisherConf); } mMappers.put(certType, new LdapMappers(mapper, publisher)); } catch (ClassNotFoundException e) { - String missingClass = mapperClassName + - ((publisherClassName == null) ? "" : - (" or " + publisherClassName)); - - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_FIND_CLASS", missingClass)); - throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_CLASS_NOT_FOUND", missingClass)); + String missingClass = mapperClassName + + ((publisherClassName == null) ? "" + : (" or " + publisherClassName)); + + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_FIND_CLASS", missingClass)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_CLASS_NOT_FOUND", missingClass)); } catch (InstantiationException e) { - String badInstance = mapperClassName + - ((publisherClassName == null) ? "" : - (" or " + publisherClassName)); - - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_INST_CLASS", - badInstance ,certType)); - throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_INSTANTIATING_CLASS_FAILED", badInstance)); + String badInstance = mapperClassName + + ((publisherClassName == null) ? "" + : (" or " + publisherClassName)); + + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_INST_CLASS", badInstance, certType)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_INSTANTIATING_CLASS_FAILED", badInstance)); } catch (IllegalAccessException e) { - String badInstance = mapperClassName + - ((publisherClassName == null) ? "" : - (" or " + publisherClassName)); - - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_INSUFFICIENT_CREDENTIALS", badInstance, certType)); - throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_INSUFFICIENT_CREDENTIALS", certType)); + String badInstance = mapperClassName + + ((publisherClassName == null) ? "" + : (" or " + publisherClassName)); + + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_INSUFFICIENT_CREDENTIALS", badInstance, + certType)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_INSUFFICIENT_CREDENTIALS", certType)); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_INIT_ERROR", certType, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_INIT_ERROR", certType, e.toString())); throw e; } } @@ -266,14 +254,13 @@ public class LdapPublishModule implements ILdapPublishModule { } protected void initHandlers() { - mEventHandlers.put(IRequest.ENROLLMENT_REQUEST, - new HandleEnrollment(this)); - mEventHandlers.put(IRequest.RENEWAL_REQUEST, - new HandleRenewal(this)); - mEventHandlers.put(IRequest.REVOCATION_REQUEST, - new HandleRevocation(this)); - mEventHandlers.put(IRequest.UNREVOCATION_REQUEST, - new HandleUnrevocation(this)); + mEventHandlers.put(IRequest.ENROLLMENT_REQUEST, new HandleEnrollment( + this)); + mEventHandlers.put(IRequest.RENEWAL_REQUEST, new HandleRenewal(this)); + mEventHandlers.put(IRequest.REVOCATION_REQUEST, new HandleRevocation( + this)); + mEventHandlers.put(IRequest.UNREVOCATION_REQUEST, + new HandleUnrevocation(this)); } public void accept(IRequest r) { @@ -283,15 +270,14 @@ public class LdapPublishModule implements ILdapPublishModule { IRequestListener handler = (IRequestListener) mEventHandlers.get(type); if (handler == null) { - CMS.debug( - "Nothing to publish for request type " + type); + CMS.debug("Nothing to publish for request type " + type); return; } handler.accept(r); } public void publish(String certType, X509Certificate cert) - throws ELdapException { + throws ELdapException { // get mapper and publisher for cert type. LdapMappers mappers = getMappers(certType); @@ -299,15 +285,15 @@ public class LdapPublishModule implements ILdapPublishModule { CMS.debug("publisher for " + certType + " is null"); return; } - publish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, cert); + publish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, cert); // set the ldap published flag. setPublishedFlag(cert.getSerialNumber(), true); } public void unpublish(String certType, X509Certificate cert) - throws ELdapException { + throws ELdapException { // get mapper and publisher for cert type. LdapMappers mappers = getMappers(certType); @@ -315,43 +301,44 @@ public class LdapPublishModule implements ILdapPublishModule { CMS.debug("publisher for " + certType + " is null"); return; } - unpublish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, cert); + unpublish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, cert); // set the ldap published flag. setPublishedFlag(cert.getSerialNumber(), false); } /** - * set published flag - true when published, false when unpublished. - * not exist means not published. + * set published flag - true when published, false when unpublished. not + * exist means not published. */ public void setPublishedFlag(BigInteger serialNo, boolean published) { - if (!(mAuthority instanceof ICertificateAuthority)) + if (!(mAuthority instanceof ICertificateAuthority)) return; ICertificateAuthority ca = (ICertificateAuthority) mAuthority; try { - ICertificateRepository certdb = (ICertificateRepository) ca.getCertificateRepository(); - ICertRecord certRec = (ICertRecord) certdb.readCertificateRecord(serialNo); + ICertificateRepository certdb = (ICertificateRepository) ca + .getCertificateRepository(); + ICertRecord certRec = (ICertRecord) certdb + .readCertificateRecord(serialNo); MetaInfo metaInfo = certRec.getMetaInfo(); if (metaInfo == null) { metaInfo = new MetaInfo(); } - metaInfo.set( - CertRecord.META_LDAPPUBLISH, String.valueOf(published)); + metaInfo.set(CertRecord.META_LDAPPUBLISH, String.valueOf(published)); ModificationSet modSet = new ModificationSet(); - modSet.add(ICertRecord.ATTR_META_INFO, - Modification.MOD_REPLACE, metaInfo); + modSet.add(ICertRecord.ATTR_META_INFO, Modification.MOD_REPLACE, + metaInfo); certdb.modifyCertificateRecord(serialNo, modSet); } catch (EBaseException e) { // not fatal. just log warning. - log(ILogger.LL_WARN, - "Cannot mark cert 0x" + serialNo.toString(16) + " published as " + published + - " in the ldap directory. Cert Record not found. Error: " + - e.getMessage()); + log(ILogger.LL_WARN, "Cannot mark cert 0x" + serialNo.toString(16) + + " published as " + published + + " in the ldap directory. Cert Record not found. Error: " + + e.getMessage()); } } @@ -364,8 +351,7 @@ public class LdapPublishModule implements ILdapPublishModule { } public void publish(ILdapMapper mapper, ILdapPublisher publisher, - X509Certificate cert) - throws ELdapException { + X509Certificate cert) throws ELdapException { LDAPConnection conn = null; try { @@ -375,19 +361,19 @@ public class LdapPublishModule implements ILdapPublishModule { conn = mLdapConnFactory.getConn(); if (mapper == null) { // use the cert's subject name exactly dirdn = cert.getSubjectDN().toString(); - CMS.debug( - "no mapper found. Using subject name exactly." + - cert.getSubjectDN()); + CMS.debug("no mapper found. Using subject name exactly." + + cert.getSubjectDN()); } else { result = mapper.map(conn, cert); dirdn = result; - if (dirdn == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_PUBLISH_NOT_MATCH", - cert.getSerialNumber().toString(16), - cert.getSubjectDN().toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", - cert.getSubjectDN().toString())); + if (dirdn == null) { + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PUBLISH_NOT_MATCH", cert + .getSerialNumber().toString(16), cert + .getSubjectDN().toString())); + throw new ELdapException( + CMS.getUserMessage("CMS_LDAP_NO_MATCH", cert + .getSubjectDN().toString())); } } publisher.publish(conn, dirdn, cert); @@ -399,8 +385,7 @@ public class LdapPublishModule implements ILdapPublishModule { } public void unpublish(ILdapMapper mapper, ILdapPublisher publisher, - X509Certificate cert) - throws ELdapException { + X509Certificate cert) throws ELdapException { LDAPConnection conn = null; try { @@ -413,13 +398,14 @@ public class LdapPublishModule implements ILdapPublishModule { } else { result = mapper.map(conn, cert); dirdn = result; - if (dirdn == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_PUBLISH_NOT_MATCH", - cert.getSerialNumber().toString(16), - cert.getSubjectDN().toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", - cert.getSubjectDN().toString())); + if (dirdn == null) { + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PUBLISH_NOT_MATCH", cert + .getSerialNumber().toString(16), cert + .getSubjectDN().toString())); + throw new ELdapException( + CMS.getUserMessage("CMS_LDAP_NO_MATCH", cert + .getSubjectDN().toString())); } } publisher.unpublish(conn, dirdn, cert); @@ -431,11 +417,10 @@ public class LdapPublishModule implements ILdapPublishModule { } /** - * publishes a crl by mapping the issuer name in the crl to an entry - * and publishing it there. entry must be a certificate authority. + * publishes a crl by mapping the issuer name in the crl to an entry and + * publishing it there. entry must be a certificate authority. */ - public void publish(X509CRLImpl crl) - throws ELdapException { + public void publish(X509CRLImpl crl) throws ELdapException { ILdapCrlMapper mapper = null; ILdapPublisher publisher = null; @@ -458,21 +443,22 @@ public class LdapPublishModule implements ILdapPublishModule { } else { result = ((ILdapMapper) mappers.mapper).map(conn, crl); dn = result; - if (dn == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_CRL_NOT_MATCH")); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", - crl.getIssuerDN().toString())); + if (dn == null) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CRL_NOT_MATCH")); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_NO_MATCH", crl.getIssuerDN().toString())); } } ((ILdapPublisher) mappers.publisher).publish(conn, dn, crl); } catch (ELdapException e) { - //e.printStackTrace(); - CMS.debug( - "Error publishing CRL to " + dn + ": " + e); + // e.printStackTrace(); + CMS.debug("Error publishing CRL to " + dn + ": " + e); throw e; } catch (IOException e) { CMS.debug("Error publishing CRL to " + dn + ": " + e); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_GET_ISSUER_FROM_CRL_FAILED", (String) "")); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_GET_ISSUER_FROM_CRL_FAILED", (String) "")); } finally { if (conn != null) { mLdapConnFactory.returnConn(conn); @@ -481,11 +467,10 @@ public class LdapPublishModule implements ILdapPublishModule { } /** - * publishes a crl by mapping the issuer name in the crl to an entry - * and publishing it there. entry must be a certificate authority. + * publishes a crl by mapping the issuer name in the crl to an entry and + * publishing it there. entry must be a certificate authority. */ - public void publish(String dn, X509CRL crl) - throws ELdapException { + public void publish(String dn, X509CRL crl) throws ELdapException { LdapMappers mappers = getMappers(PROP_TYPE_CRL); if (mappers == null || mappers.publisher == null) { @@ -499,8 +484,7 @@ public class LdapPublishModule implements ILdapPublishModule { conn = mLdapConnFactory.getConn(); ((ILdapPublisher) mappers.publisher).publish(conn, dn, crl); } catch (ELdapException e) { - CMS.debug( - "Error publishing CRL to " + dn + ": " + e.toString()); + CMS.debug("Error publishing CRL to " + dn + ": " + e.toString()); throw e; } finally { if (conn != null) { @@ -510,23 +494,22 @@ public class LdapPublishModule implements ILdapPublishModule { } public void log(int level, String msg) { - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_LDAP, level, - "LdapPublishModule: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_LDAP, level, + "LdapPublishModule: " + msg); } - -} +} class LdapMappers { public LdapMappers(ILdapPlugin aMapper, ILdapPlugin aPublisher) { mapper = aMapper; publisher = aPublisher; } + public ILdapPlugin mapper = null; public ILdapPlugin publisher = null; } - class HandleEnrollment implements IRequestListener { LdapPublishModule mModule = null; @@ -534,49 +517,43 @@ class HandleEnrollment implements IRequestListener { mModule = module; } - public void set(String name, String val) - { + public void set(String name, String val) { } - public void init(ISubsystem sub, IConfigStore config) throws EBaseException - { + public void init(ISubsystem sub, IConfigStore config) throws EBaseException { } public void accept(IRequest r) { - CMS.debug( - "handling publishing for enrollment request id " + - r.getRequestId()); + CMS.debug("handling publishing for enrollment request id " + + r.getRequestId()); // in case it's not meant for us if (r.getExtDataInInteger(IRequest.RESULT) == null) return; - // check if request failed. + // check if request failed. if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) { - CMS.debug("Request errored. " + - "Nothing to publish for enrollment request id " + - r.getRequestId()); + CMS.debug("Request errored. " + + "Nothing to publish for enrollment request id " + + r.getRequestId()); return; } - CMS.debug("Checking publishing for request " + - r.getRequestId()); + CMS.debug("Checking publishing for request " + r.getRequestId()); // check if issued certs is set. X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs == null || certs.length == 0 || certs[0] == null) { - CMS.debug( - "No certs to publish for request id " + r.getRequestId()); + CMS.debug("No certs to publish for request id " + r.getRequestId()); return; } // get mapper and publisher for client certs. - LdapMappers mappers = - mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); + LdapMappers mappers = mModule + .getMappers(LdapPublishModule.PROP_TYPE_CLIENT); if (mappers == null || mappers.publisher == null) { - CMS.debug( - "In publishing: No publisher for type " + - LdapPublishModule.PROP_TYPE_CLIENT); + CMS.debug("In publishing: No publisher for type " + + LdapPublishModule.PROP_TYPE_CLIENT); return; } @@ -586,18 +563,18 @@ class HandleEnrollment implements IRequestListener { for (int i = 0; i < certs.length; i++) { try { - if (certs[i] == null) + if (certs[i] == null) continue; - mModule.publish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, certs[i]); + mModule.publish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, certs[i]); results[i] = IRequest.RES_SUCCESS; - CMS.debug( - "Published cert serial no 0x" + certs[i].getSerialNumber().toString(16)); + CMS.debug("Published cert serial no 0x" + + certs[i].getSerialNumber().toString(16)); mModule.setPublishedFlag(certs[i].getSerialNumber(), true); } catch (ELdapException e) { - mModule.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - certs[i].getSerialNumber().toString(16),e.toString())); + mModule.log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_CERT_NOT_PUBLISH", certs[i] + .getSerialNumber().toString(16), e.toString())); results[i] = IRequest.RES_ERROR; } r.setExtData("ldapPublishStatus", results); @@ -605,40 +582,38 @@ class HandleEnrollment implements IRequestListener { } } - class HandleRenewal implements IRequestListener { private LdapPublishModule mModule = null; + public HandleRenewal(LdapPublishModule module) { mModule = module; } - public void init(ISubsystem sub, IConfigStore config) throws EBaseException - { - } + public void init(ISubsystem sub, IConfigStore config) throws EBaseException { + } - public void set(String name, String val) - { + public void set(String name, String val) { } public void accept(IRequest r) { - // Note we do not remove old certs from directory during renewal + // Note we do not remove old certs from directory during renewal X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs == null || certs.length == 0) { - CMS.debug("no certs to publish for renewal " + - "request " + r.getRequestId()); + CMS.debug("no certs to publish for renewal " + "request " + + r.getRequestId()); return; } Integer results[] = new Integer[certs.length]; X509CertImpl cert = null; // get mapper and publisher for cert type. - LdapMappers mappers = - mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); + LdapMappers mappers = mModule + .getMappers(LdapPublishModule.PROP_TYPE_CLIENT); if (mappers == null || mappers.publisher == null) { - CMS.debug( - "publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + " is null"); + CMS.debug("publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + + " is null"); return; } @@ -646,65 +621,61 @@ class HandleRenewal implements IRequestListener { for (int i = 0; i < certs.length; i++) { cert = (X509CertImpl) certs[i]; - if (cert == null) + if (cert == null) continue; // there was an error issuing this cert. try { - mModule.publish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, cert); + mModule.publish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, cert); results[i] = IRequest.RES_SUCCESS; - mModule.log(ILogger.LL_INFO, - "Published cert serial no 0x" + cert.getSerialNumber().toString(16)); + mModule.log(ILogger.LL_INFO, "Published cert serial no 0x" + + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mModule.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - cert.getSerialNumber().toString(16), e.getMessage())); + mModule.log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_CERT_NOT_PUBLISH", cert.getSerialNumber() + .toString(16), e.getMessage())); results[i] = IRequest.RES_ERROR; } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - class HandleRevocation implements IRequestListener { private LdapPublishModule mModule = null; + public HandleRevocation(LdapPublishModule module) { mModule = module; } - public void init(ISubsystem sub, IConfigStore config) throws EBaseException - { - } + public void init(ISubsystem sub, IConfigStore config) throws EBaseException { + } - public void set(String name, String val) - { + public void set(String name, String val) { } public void accept(IRequest r) { - CMS.debug( - "Handle publishing for revoke request id " + r.getRequestId()); + CMS.debug("Handle publishing for revoke request id " + r.getRequestId()); // get fields in request. X509CertImpl[] revcerts = r.getExtDataInCertArray(IRequest.OLD_CERTS); if (revcerts == null || revcerts.length == 0 || revcerts[0] == null) { // no certs in revoke. - CMS.debug( - "Nothing to unpublish for revocation " + - "request " + r.getRequestId()); + CMS.debug("Nothing to unpublish for revocation " + "request " + + r.getRequestId()); return; } // get mapper and publisher for cert type. - LdapMappers mappers = - mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); + LdapMappers mappers = mModule + .getMappers(LdapPublishModule.PROP_TYPE_CLIENT); if (mappers == null || mappers.publisher == null) { - CMS.debug( - "publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + " is null"); + CMS.debug("publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + + " is null"); return; } @@ -716,65 +687,64 @@ class HandleRevocation implements IRequestListener { results[i] = IRequest.RES_ERROR; try { - mModule.unpublish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, cert); + mModule.unpublish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, cert); results[i] = IRequest.RES_SUCCESS; - CMS.debug( - "Unpublished cert serial no 0x" + cert.getSerialNumber().toString(16)); + CMS.debug("Unpublished cert serial no 0x" + + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mModule.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", - cert.getSerialNumber().toString(16), e.getMessage())); + mModule.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", + cert.getSerialNumber().toString(16), + e.getMessage())); } catch (EBaseException e) { error = true; - mModule.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND", - cert.getSerialNumber().toString(16), e.getMessage())); + mModule.log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_CERT_NOT_FIND", cert.getSerialNumber() + .toString(16), e.getMessage())); } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - class HandleUnrevocation implements IRequestListener { private LdapPublishModule mModule = null; + public HandleUnrevocation(LdapPublishModule module) { mModule = module; } - public void set(String name, String val) - { + public void set(String name, String val) { + } + + public void init(ISubsystem sub, IConfigStore config) throws EBaseException { } - public void init(ISubsystem sub, IConfigStore config) throws EBaseException - { - } public void accept(IRequest r) { - CMS.debug( - "Handle publishing for unrevoke request id " + r.getRequestId()); + CMS.debug("Handle publishing for unrevoke request id " + + r.getRequestId()); // get fields in request. X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.OLD_CERTS); if (certs == null || certs.length == 0 || certs[0] == null) { // no certs in unrevoke. - CMS.debug( - "Nothing to publish for unrevocation " + - "request " + r.getRequestId()); + CMS.debug("Nothing to publish for unrevocation " + "request " + + r.getRequestId()); return; } // get mapper and publisher for cert type. - LdapMappers mappers = - mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); + LdapMappers mappers = mModule + .getMappers(LdapPublishModule.PROP_TYPE_CLIENT); if (mappers == null || mappers.publisher == null) { - CMS.debug( - "publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + " is null"); + CMS.debug("publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + + " is null"); return; } @@ -784,27 +754,28 @@ class HandleUnrevocation implements IRequestListener { for (int i = 0; i < certs.length; i++) { results[i] = IRequest.RES_ERROR; try { - mModule.publish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, certs[i]); + mModule.publish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, certs[i]); results[i] = IRequest.RES_SUCCESS; - CMS.debug( - "Unpublished cert serial no 0x" + certs[i].getSerialNumber().toString(16)); + CMS.debug("Unpublished cert serial no 0x" + + certs[i].getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mModule.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", - certs[i].getSerialNumber().toString(16), e.getMessage())); + mModule.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", + certs[i].getSerialNumber().toString(16), + e.getMessage())); } catch (EBaseException e) { error = true; - mModule.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND", - certs[i].getSerialNumber().toString(16), e.getMessage())); + mModule.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND", + certs[i].getSerialNumber().toString(16), + e.getMessage())); } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java index 6c1e1e8ad..ad30be009 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.math.BigInteger; import java.security.cert.Certificate; import java.util.Hashtable; @@ -42,13 +41,12 @@ import com.netscape.certsrv.request.IRequestListener; import com.netscape.certsrv.request.RequestId; import com.netscape.cmscore.dbs.CertRecord; - public class LdapRequestListener implements IRequestListener { private boolean mInited = false; /** - * handlers for request types (events) - * each handler implement IRequestListener + * handlers for request types (events) each handler implement + * IRequestListener */ private Hashtable mRequestListeners = new Hashtable(); @@ -57,23 +55,23 @@ public class LdapRequestListener implements IRequestListener { public LdapRequestListener() { } - public void set(String name, String val) - { - } + public void set(String name, String val) { + } public void init(ISubsystem sys, IConfigStore config) throws EBaseException { - if (mInited) return; + if (mInited) + return; - mPublisherProcessor = (IPublisherProcessor)sys; + mPublisherProcessor = (IPublisherProcessor) sys; mRequestListeners.put(IRequest.ENROLLMENT_REQUEST, - new LdapEnrollmentListener(mPublisherProcessor)); + new LdapEnrollmentListener(mPublisherProcessor)); mRequestListeners.put(IRequest.RENEWAL_REQUEST, - new LdapRenewalListener(mPublisherProcessor)); + new LdapRenewalListener(mPublisherProcessor)); mRequestListeners.put(IRequest.REVOCATION_REQUEST, - new LdapRevocationListener(mPublisherProcessor)); + new LdapRevocationListener(mPublisherProcessor)); mRequestListeners.put(IRequest.UNREVOCATION_REQUEST, - new LdapUnrevocationListener(mPublisherProcessor)); + new LdapUnrevocationListener(mPublisherProcessor)); mInited = true; } @@ -86,45 +84,46 @@ public class LdapRequestListener implements IRequestListener { if (r.getExtDataInInteger(IRequest.RESULT) == null) return null; - // check if request failed. - if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) { - CMS.debug("Request errored. " + - "Nothing to publish for enrollment request id " + - r.getRequestId()); + // check if request failed. + if ((r.getExtDataInInteger(IRequest.RESULT)) + .equals(IRequest.RES_ERROR)) { + CMS.debug("Request errored. " + + "Nothing to publish for enrollment request id " + + r.getRequestId()); return null; } - CMS.debug("Checking publishing for request " + - r.getRequestId()); + CMS.debug("Checking publishing for request " + r.getRequestId()); // check if issued certs is set. - X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); + X509CertImpl[] certs = r + .getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs == null || certs.length == 0 || certs[0] == null) { - CMS.debug( - "No certs to publish for request id " + - r.getRequestId()); + CMS.debug("No certs to publish for request id " + + r.getRequestId()); return null; } obj.setCerts(certs); return obj; } else if (type.equals(IRequest.RENEWAL_REQUEST)) { - // Note we do not remove old certs from directory during renewal - X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); + // Note we do not remove old certs from directory during renewal + X509CertImpl[] certs = r + .getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs == null || certs.length == 0) { - CMS.debug("no certs to publish for renewal " + - "request " + r.getRequestId()); + CMS.debug("no certs to publish for renewal " + "request " + + r.getRequestId()); return null; } obj.setCerts(certs); return obj; } else if (type.equals(IRequest.REVOCATION_REQUEST)) { - X509CertImpl[] revcerts = r.getExtDataInCertArray(IRequest.OLD_CERTS); + X509CertImpl[] revcerts = r + .getExtDataInCertArray(IRequest.OLD_CERTS); if (revcerts == null || revcerts.length == 0 || revcerts[0] == null) { // no certs in revoke. - CMS.debug( - "Nothing to unpublish for revocation " + - "request " + r.getRequestId()); + CMS.debug("Nothing to unpublish for revocation " + "request " + + r.getRequestId()); return null; } obj.setCerts(revcerts); @@ -134,17 +133,15 @@ public class LdapRequestListener implements IRequestListener { if (certs == null || certs.length == 0 || certs[0] == null) { // no certs in unrevoke. - CMS.debug( - "Nothing to publish for unrevocation " + - "request " + r.getRequestId()); + CMS.debug("Nothing to publish for unrevocation " + "request " + + r.getRequestId()); return null; } obj.setCerts(certs); return obj; } else { - CMS.debug("Request errored. " + - "Nothing to publish for request id " + - r.getRequestId()); + CMS.debug("Request errored. " + + "Nothing to publish for request id " + r.getRequestId()); return null; } @@ -153,11 +150,11 @@ public class LdapRequestListener implements IRequestListener { public void accept(IRequest r) { String type = r.getRequestType(); - IRequestListener handler = (IRequestListener) mRequestListeners.get(type); + IRequestListener handler = (IRequestListener) mRequestListeners + .get(type); if (handler == null) { - CMS.debug( - "Nothing to publish for request type " + type); + CMS.debug("Nothing to publish for request type " + type); return; } handler.accept(r); @@ -165,7 +162,6 @@ public class LdapRequestListener implements IRequestListener { } - class LdapEnrollmentListener implements IRequestListener { IPublisherProcessor mProcessor = null; @@ -176,51 +172,48 @@ class LdapEnrollmentListener implements IRequestListener { public void init(ISubsystem sys, IConfigStore config) throws EBaseException { } - public void set(String name, String val) - { + public void set(String name, String val) { } public void accept(IRequest r) { - CMS.debug( - "LdapRequestListener handling publishing for enrollment request id " + - r.getRequestId()); + CMS.debug("LdapRequestListener handling publishing for enrollment request id " + + r.getRequestId()); String profileId = r.getExtDataInString("profileId"); if (profileId == null) { - // in case it's not meant for us - if (r.getExtDataInInteger(IRequest.RESULT) == null) - return; + // in case it's not meant for us + if (r.getExtDataInInteger(IRequest.RESULT) == null) + return; // check if request failed. - if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) { - CMS.debug("Request errored. " + - "Nothing to publish for enrollment request id " + - r.getRequestId()); - return; - } - } - CMS.debug("Checking publishing for request " + - r.getRequestId()); + if ((r.getExtDataInInteger(IRequest.RESULT)) + .equals(IRequest.RES_ERROR)) { + CMS.debug("Request errored. " + + "Nothing to publish for enrollment request id " + + r.getRequestId()); + return; + } + } + CMS.debug("Checking publishing for request " + r.getRequestId()); // check if issued certs is set. Certificate[] certs = null; if (profileId == null) { - certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); - } else { - certs = new Certificate[1]; - certs[0] = r.getExtDataInCert(IEnrollProfile.REQUEST_ISSUED_CERT); - } + certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); + } else { + certs = new Certificate[1]; + certs[0] = r.getExtDataInCert(IEnrollProfile.REQUEST_ISSUED_CERT); + } if (certs == null || certs.length == 0 || certs[0] == null) { - CMS.debug( - "No certs to publish for request id " + r.getRequestId()); + CMS.debug("No certs to publish for request id " + r.getRequestId()); return; } - + if (certs[0] instanceof X509CertImpl) acceptX509(r, certs); } - + public void acceptX509(IRequest r, Certificate[] certs) { Integer results[] = new Integer[certs.length]; boolean error = false; @@ -228,58 +221,56 @@ class LdapEnrollmentListener implements IRequestListener { for (int i = 0; i < certs.length; i++) { X509CertImpl xcert = (X509CertImpl) certs[i]; - if (xcert == null) + if (xcert == null) continue; try { mProcessor.publishCert(xcert, r); - + results[i] = IRequest.RES_SUCCESS; - CMS.debug( - "acceptX509: Published cert serial no 0x" + - xcert.getSerialNumber().toString(16)); - //mProcessor.setPublishedFlag(xcert.getSerialNumber(), true); + CMS.debug("acceptX509: Published cert serial no 0x" + + xcert.getSerialNumber().toString(16)); + // mProcessor.setPublishedFlag(xcert.getSerialNumber(), true); } catch (ELdapException e) { - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - xcert.getSerialNumber().toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_CERT_NOT_PUBLISH", xcert + .getSerialNumber().toString(16), e.toString())); results[i] = IRequest.RES_ERROR; error = true; } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - class LdapRenewalListener implements IRequestListener { private IPublisherProcessor mProcessor = null; public LdapRenewalListener(IPublisherProcessor processor) { mProcessor = processor; } + public void init(ISubsystem sys, IConfigStore config) throws EBaseException { } - public void set(String name, String val) - { + public void set(String name, String val) { } public void accept(IRequest r) { - // Note we do not remove old certs from directory during renewal + // Note we do not remove old certs from directory during renewal Certificate[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs == null || certs.length == 0) { - CMS.debug("no certs to publish for renewal " + - "request " + r.getRequestId()); + CMS.debug("no certs to publish for renewal " + "request " + + r.getRequestId()); return; } - + if (certs[0] instanceof X509CertImpl) acceptX509(r, certs); } - + public void acceptX509(IRequest r, Certificate[] certs) { X509CertImpl cert = null; @@ -288,61 +279,57 @@ class LdapRenewalListener implements IRequestListener { for (int i = 0; i < certs.length; i++) { cert = (X509CertImpl) certs[i]; - if (cert == null) + if (cert == null) continue; // there was an error issuing this cert. try { mProcessor.publishCert(cert, r); results[i] = IRequest.RES_SUCCESS; - mProcessor.log(ILogger.LL_INFO, - "Published cert serial no 0x" + - cert.getSerialNumber().toString(16)); + mProcessor.log(ILogger.LL_INFO, "Published cert serial no 0x" + + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - cert.getSerialNumber().toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_CERT_NOT_PUBLISH", cert.getSerialNumber() + .toString(16), e.toString())); results[i] = IRequest.RES_ERROR; } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - class LdapRevocationListener implements IRequestListener { private IPublisherProcessor mProcessor = null; public LdapRevocationListener(IPublisherProcessor processor) { mProcessor = processor; } + public void init(ISubsystem sys, IConfigStore config) throws EBaseException { } - public void set(String name, String val) - { + public void set(String name, String val) { } public void accept(IRequest r) { - CMS.debug( - "Handle publishing for revoke request id " + r.getRequestId()); + CMS.debug("Handle publishing for revoke request id " + r.getRequestId()); // get fields in request. Certificate[] certs = r.getExtDataInCertArray(IRequest.OLD_CERTS); if (certs == null || certs.length == 0 || certs[0] == null) { // no certs in revoke. - CMS.debug( - "Nothing to unpublish for revocation " + - "request " + r.getRequestId()); + CMS.debug("Nothing to unpublish for revocation " + "request " + + r.getRequestId()); return; } - + if (certs[0] instanceof X509CertImpl) acceptX509(r, certs); } - + public void acceptX509(IRequest r, Certificate[] revcerts) { boolean error = false; Integer results[] = new Integer[revcerts.length]; @@ -356,105 +343,107 @@ class LdapRevocationListener implements IRequestListener { // We need the enrollment request to sort out predicate BigInteger serial = cert.getSerialNumber(); ICertRecord certRecord = null; - IAuthority auth = (IAuthority)mProcessor.getAuthority(); + IAuthority auth = (IAuthority) mProcessor.getAuthority(); - if (auth == null || - !(auth instanceof ICertificateAuthority)) { - mProcessor.log(ILogger.LL_WARN, - "Trying to get a certificate from non certificate authority."); + if (auth == null || !(auth instanceof ICertificateAuthority)) { + mProcessor + .log(ILogger.LL_WARN, + "Trying to get a certificate from non certificate authority."); } else { - ICertificateRepository certdb = - (ICertificateRepository) ((ICertificateAuthority) auth).getCertificateRepository(); + ICertificateRepository certdb = (ICertificateRepository) ((ICertificateAuthority) auth) + .getCertificateRepository(); if (certdb == null) { - mProcessor.log(ILogger.LL_WARN, "Cert DB is null for " + auth); + mProcessor.log(ILogger.LL_WARN, "Cert DB is null for " + + auth); } else { try { - certRecord = (ICertRecord) certdb.readCertificateRecord(serial); + certRecord = (ICertRecord) certdb + .readCertificateRecord(serial); } catch (EBaseException e) { - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_GET_CERT_RECORD", - serial.toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, CMS + .getLogMessage( + "CMSCORE_LDAP_GET_CERT_RECORD", + serial.toString(16), e.toString())); } } } MetaInfo metaInfo = null; String ridString = null; - + if (certRecord != null) - metaInfo = - (MetaInfo) certRecord.get(ICertRecord.ATTR_META_INFO); + metaInfo = (MetaInfo) certRecord + .get(ICertRecord.ATTR_META_INFO); if (metaInfo == null) { - mProcessor.log(ILogger.LL_FAILURE, - "failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" + - serial.toString(16)); + mProcessor.log(ILogger.LL_FAILURE, + "failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" + + serial.toString(16)); } else { - ridString = (String) metaInfo.get(ICertRecord.META_REQUEST_ID); + ridString = (String) metaInfo + .get(ICertRecord.META_REQUEST_ID); } - + IRequest req = null; if (ridString != null) { RequestId rid = new RequestId(ridString); - + req = auth.getRequestQueue().findRequest(rid); - } + } mProcessor.unpublishCert(cert, req); results[i] = IRequest.RES_SUCCESS; - CMS.debug( - "Unpublished cert serial no 0x" + - cert.getSerialNumber().toString(16)); + CMS.debug("Unpublished cert serial no 0x" + + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", - cert.getSerialNumber().toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_CERT_NOT_UNPUBLISH", cert + .getSerialNumber().toString(16), e.toString())); } catch (EBaseException e) { error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND", - cert.getSerialNumber().toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_CERT_NOT_FIND", cert.getSerialNumber() + .toString(16), e.toString())); } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - class LdapUnrevocationListener implements IRequestListener { private IPublisherProcessor mProcessor = null; public LdapUnrevocationListener(IPublisherProcessor processor) { mProcessor = processor; } + public void init(ISubsystem sys, IConfigStore config) throws EBaseException { } - public void set(String name, String val) - { + + public void set(String name, String val) { } public void accept(IRequest r) { - CMS.debug( - "Handle publishing for unrevoke request id " + r.getRequestId()); + CMS.debug("Handle publishing for unrevoke request id " + + r.getRequestId()); // get fields in request. Certificate[] certs = r.getExtDataInCertArray(IRequest.OLD_CERTS); if (certs == null || certs.length == 0 || certs[0] == null) { // no certs in unrevoke. - CMS.debug( - "Nothing to publish for unrevocation " + - "request " + r.getRequestId()); + CMS.debug("Nothing to publish for unrevocation " + "request " + + r.getRequestId()); return; } - + if (certs[0] instanceof X509CertImpl) acceptX509(r, certs); } - + public void acceptX509(IRequest r, Certificate[] certs) { boolean error = false; Integer results[] = new Integer[certs.length]; @@ -467,69 +456,72 @@ class LdapUnrevocationListener implements IRequestListener { // We need the enrollment request to sort out predicate BigInteger serial = xcert.getSerialNumber(); ICertRecord certRecord = null; - IAuthority auth = (IAuthority)mProcessor.getAuthority(); + IAuthority auth = (IAuthority) mProcessor.getAuthority(); - if (auth == null || - !(auth instanceof ICertificateAuthority)) { - mProcessor.log(ILogger.LL_WARN, - "Trying to get a certificate from non certificate authority."); + if (auth == null || !(auth instanceof ICertificateAuthority)) { + mProcessor + .log(ILogger.LL_WARN, + "Trying to get a certificate from non certificate authority."); } else { - ICertificateRepository certdb = (ICertificateRepository) - ((ICertificateAuthority) auth).getCertificateRepository(); + ICertificateRepository certdb = (ICertificateRepository) ((ICertificateAuthority) auth) + .getCertificateRepository(); if (certdb == null) { - mProcessor.log(ILogger.LL_WARN, "Cert DB is null for " + auth); + mProcessor.log(ILogger.LL_WARN, "Cert DB is null for " + + auth); } else { try { - certRecord = (ICertRecord) certdb.readCertificateRecord(serial); + certRecord = (ICertRecord) certdb + .readCertificateRecord(serial); } catch (EBaseException e) { - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_GET_CERT_RECORD", serial.toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, CMS + .getLogMessage( + "CMSCORE_LDAP_GET_CERT_RECORD", + serial.toString(16), e.toString())); } } } MetaInfo metaInfo = null; String ridString = null; - + if (certRecord != null) - metaInfo = - (MetaInfo) certRecord.get(CertRecord.ATTR_META_INFO); + metaInfo = (MetaInfo) certRecord + .get(CertRecord.ATTR_META_INFO); if (metaInfo == null) { - mProcessor.log(ILogger.LL_FAILURE, - "Failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" + - serial.toString(16)); + mProcessor.log(ILogger.LL_FAILURE, + "Failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" + + serial.toString(16)); } else { - ridString = (String) metaInfo.get(CertRecord.META_REQUEST_ID); + ridString = (String) metaInfo + .get(CertRecord.META_REQUEST_ID); } - + IRequest req = null; if (ridString != null) { RequestId rid = new RequestId(ridString); - + req = auth.getRequestQueue().findRequest(rid); - } + } mProcessor.publishCert(xcert, req); results[i] = IRequest.RES_SUCCESS; - CMS.debug( - "Published cert serial no 0x" + - xcert.getSerialNumber().toString(16)); + CMS.debug("Published cert serial no 0x" + + xcert.getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - xcert.getSerialNumber().toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_CERT_NOT_PUBLISH", xcert + .getSerialNumber().toString(16), e.toString())); } catch (EBaseException e) { error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND", - xcert.getSerialNumber().toString(16), e.toString())); - } + mProcessor.log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_CERT_NOT_FIND", xcert.getSerialNumber() + .toString(16), e.toString())); + } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRule.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapRule.java index 233cbf871..4d1838940 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRule.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapRule.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.util.Enumeration; import java.util.Locale; import java.util.Vector; @@ -30,8 +29,7 @@ import com.netscape.certsrv.publish.ILdapRule; import com.netscape.certsrv.publish.IPublisherProcessor; import com.netscape.cmscore.util.Debug; - -/** +/** * The publishing rule that links mapper and publisher together. */ public class LdapRule implements ILdapRule, IExtendedPluginInfo { @@ -43,15 +41,15 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { private IPublisherProcessor mProcessor = null; - private static String[] epi_params = null; // extendedpluginInfo + private static String[] epi_params = null; // extendedpluginInfo public IConfigStore getConfigStore() { return mConfig; } public String[] getExtendedPluginInfo(Locale locale) { - //dont know why it's null here. - //if (mProcessor == null) System.out.println("p null"); + // dont know why it's null here. + // if (mProcessor == null) System.out.println("p null"); if (Debug.ON) { Debug.trace("LdapRule: getExtendedPluginInfo() - returning epi_params:"); @@ -61,8 +59,9 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { } return epi_params; } - - public void init(IPublisherProcessor processor, IConfigStore config) throws EBaseException { + + public void init(IPublisherProcessor processor, IConfigStore config) + throws EBaseException { mConfig = config; mProcessor = processor; @@ -72,29 +71,32 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { String map = NOMAPPER; for (; mappers.hasMoreElements();) { - String name = mappers.nextElement(); + String name = mappers.nextElement(); map = map + "," + name; } String publish = ""; for (; publishers.hasMoreElements();) { - String name = publishers.nextElement(); + String name = publishers.nextElement(); publish = publish + "," + name; } epi_params = new String[] { - "type;choice(cacert,crl, certs);The publishing object type", - "mapper;choice(" + map + ");Use the mapper to find the ldap dn \nto publish the certificate or crl", - "publisher;choice(" + publish + ");Use the publisher to publish the certificate or crl a directory etc", - "enable;boolean;Enable this publishing rule", - "predicate;string;Filter describing when this publishing rule shoule be used" - }; + "type;choice(cacert,crl, certs);The publishing object type", + "mapper;choice(" + + map + + ");Use the mapper to find the ldap dn \nto publish the certificate or crl", + "publisher;choice(" + + publish + + ");Use the publisher to publish the certificate or crl a directory etc", + "enable;boolean;Enable this publishing rule", + "predicate;string;Filter describing when this publishing rule shoule be used" }; // Read the predicate expression if any associated // with the rule - String exp = config.getString(IPublisherProcessor.PROP_PREDICATE, null); + String exp = config.getString(IPublisherProcessor.PROP_PREDICATE, null); if (exp != null) exp = exp.trim(); @@ -103,29 +105,26 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { setPredicate(filterExp); } - //if (mProcessor == null) System.out.println("null"); + // if (mProcessor == null) System.out.println("null"); } /** - * The init method in ILdapPlugin - * It can not set set mapper,publisher choice for console dynamicly - * Should not use this method to init. + * The init method in ILdapPlugin It can not set set mapper,publisher choice + * for console dynamicly Should not use this method to init. */ public void init(IConfigStore config) throws EBaseException { mConfig = config; epi_params = new String[] { - "type;choice(cacert, crl, certs);The publishing object type", - "mapper;choice(null,LdapUserCertMap,LdapServerCertMap,LdapCrlMap,LdapCaCertMap);Use the mapper to find the ldap dn to publish the certificate or crl", - "publisher;choice(LdapUserCertPublisher,LdapServerCertPublisher,LdapCrlPublisher,LdapCaCertPublisher);Use the publisher to publish the certificate or crl a directory etc", - "enable;boolean;", - "predicate;string;" - }; + "type;choice(cacert, crl, certs);The publishing object type", + "mapper;choice(null,LdapUserCertMap,LdapServerCertMap,LdapCrlMap,LdapCaCertMap);Use the mapper to find the ldap dn to publish the certificate or crl", + "publisher;choice(LdapUserCertPublisher,LdapServerCertPublisher,LdapCrlPublisher,LdapCaCertPublisher);Use the publisher to publish the certificate or crl a directory etc", + "enable;boolean;", "predicate;string;" }; // Read the predicate expression if any associated // with the rule - String exp = config.getString(IPublisherProcessor.PROP_PREDICATE, null); + String exp = config.getString(IPublisherProcessor.PROP_PREDICATE, null); if (exp != null) exp = exp.trim(); @@ -169,8 +168,8 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { * Returns the current instance parameters. */ public Vector<String> getInstanceParams() { - //if (mProcessor == null) System.out.println("xxxxnull"); - //dont know why the processor was null in getExtendedPluginInfo() + // if (mProcessor == null) System.out.println("xxxxnull"); + // dont know why the processor was null in getExtendedPluginInfo() Enumeration<String> mappers = mProcessor.getMapperInsts().keys(); Enumeration<String> publishers = mProcessor.getPublisherInsts().keys(); String map = NOMAPPER; @@ -189,31 +188,30 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { } /* - mExtendedPluginInfo = new NameValuePairs(); - mExtendedPluginInfo.add("type","choice(client,server,objSignClient,smime,ca,crl);The publishing object type"); - mExtendedPluginInfo.add("mapper","choice("+map+");Use the mapper to find the ldap dn \nto publish the certificate or crl"); - mExtendedPluginInfo.add("publisher","choice("+publish+");Use the publisher to publish the certificate or crl a directory etc"); - mExtendedPluginInfo.add("enable","boolean;"); - mExtendedPluginInfo.add("predicate","string;"); + * mExtendedPluginInfo = new NameValuePairs(); + * mExtendedPluginInfo.add("type", + * "choice(client,server,objSignClient,smime,ca,crl);The publishing object type" + * ); mExtendedPluginInfo.add("mapper","choice("+map+ + * ");Use the mapper to find the ldap dn \nto publish the certificate or crl" + * ); mExtendedPluginInfo.add("publisher","choice("+publish+ + * ");Use the publisher to publish the certificate or crl a directory etc" + * ); mExtendedPluginInfo.add("enable","boolean;"); + * mExtendedPluginInfo.add("predicate","string;"); */ Vector<String> v = new Vector<String>(); try { - v.addElement(IPublisherProcessor.PROP_TYPE + "=" + - mConfig.getString(IPublisherProcessor.PROP_TYPE, "")); - v.addElement(IPublisherProcessor.PROP_PREDICATE + "=" + - mConfig.getString(IPublisherProcessor.PROP_PREDICATE, - "")); - v.addElement(IPublisherProcessor.PROP_ENABLE + "=" + - mConfig.getString(IPublisherProcessor.PROP_ENABLE, - "")); - v.addElement(IPublisherProcessor.PROP_MAPPER + "=" + - mConfig.getString(IPublisherProcessor.PROP_MAPPER, - "")); - v.addElement(IPublisherProcessor.PROP_PUBLISHER + "=" + - mConfig.getString(IPublisherProcessor.PROP_PUBLISHER, - "")); + v.addElement(IPublisherProcessor.PROP_TYPE + "=" + + mConfig.getString(IPublisherProcessor.PROP_TYPE, "")); + v.addElement(IPublisherProcessor.PROP_PREDICATE + "=" + + mConfig.getString(IPublisherProcessor.PROP_PREDICATE, "")); + v.addElement(IPublisherProcessor.PROP_ENABLE + "=" + + mConfig.getString(IPublisherProcessor.PROP_ENABLE, "")); + v.addElement(IPublisherProcessor.PROP_MAPPER + "=" + + mConfig.getString(IPublisherProcessor.PROP_MAPPER, "")); + v.addElement(IPublisherProcessor.PROP_PUBLISHER + "=" + + mConfig.getString(IPublisherProcessor.PROP_PUBLISHER, "")); } catch (EBaseException e) { } return v; @@ -222,8 +220,8 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { /** * Sets a predicate expression for rule matching. * <P> - * - * @param exp The predicate expression for the rule. + * + * @param exp The predicate expression for the rule. */ public void setPredicate(ILdapExpression exp) { mFilterExp = exp; @@ -232,7 +230,7 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { /** * Returns the predicate expression for the rule. * <P> - * + * * @return The predicate expression for the rule. */ public ILdapExpression getPredicate() { @@ -241,8 +239,7 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { public String getMapper() { try { - String map = - mConfig.getString(IPublisherProcessor.PROP_MAPPER, ""); + String map = mConfig.getString(IPublisherProcessor.PROP_MAPPER, ""); if (map != null) map = map.trim(); @@ -275,10 +272,10 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { public boolean enabled() { try { - boolean enable = - mConfig.getBoolean(IPublisherProcessor.PROP_ENABLE, false); + boolean enable = mConfig.getBoolean( + IPublisherProcessor.PROP_ENABLE, false); - //System.out.println(enable); + // System.out.println(enable); return enable; } catch (EBaseException e) { } diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java index a2a7e5583..4b5bd6e9b 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.util.Enumeration; import java.util.Vector; @@ -28,13 +27,12 @@ import com.netscape.certsrv.publish.ILdapExpression; import com.netscape.certsrv.request.IRequest; import com.netscape.cmscore.util.AssertionException; - /** - * This class represents an expression of the form var = val, - * var != val, var < val, var > val, var <= val, var >= val. - * + * This class represents an expression of the form var = val, var != val, var < + * val, var > val, var <= val, var >= val. + * * Expressions are used as predicates for publishing rule selection. - * + * * @author mzhao * @version $Revision$, $Date$ */ @@ -47,11 +45,11 @@ public class LdapSimpleExpression implements ILdapExpression { private boolean hasWildCard; public static final char WILDCARD_CHAR = '*'; - // This is just for indicating a null expression. - public static LdapSimpleExpression NULL_EXPRESSION = new LdapSimpleExpression("null", OP_EQUAL, "null"); + // This is just for indicating a null expression. + public static LdapSimpleExpression NULL_EXPRESSION = new LdapSimpleExpression( + "null", OP_EQUAL, "null"); - public static ILdapExpression parse(String input) - throws ELdapException { + public static ILdapExpression parse(String input) throws ELdapException { // Get the index of operator // Debug.trace("LdapSimpleExpression::input: " + input); String var = null; @@ -72,8 +70,9 @@ public class LdapSimpleExpression implements ILdapExpression { if (comps == null) comps = parseForLT(input); if (comps == null) - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_BAD_LDAP_EXPRESSION", input)); - + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_BAD_LDAP_EXPRESSION", input)); + String pfx = null; String rawVar = comps.getAttr(); int dotIdx = rawVar.indexOf('.'); @@ -118,24 +117,23 @@ public class LdapSimpleExpression implements ILdapExpression { hasWildCard = false; } - public boolean evaluate(SessionContext sc) - throws ELdapException { + public boolean evaluate(SessionContext sc) throws ELdapException { Object givenVal; try { // Try exact case first. givenVal = (String) sc.get(mVar); - }catch (Exception e) { + } catch (Exception e) { givenVal = (String) null; } // It is kind of a problem here if all letters are in - // lowercase or in upperCase - for example in the case + // lowercase or in upperCase - for example in the case // of directory attributes. if (givenVal == null) { try { givenVal = (String) sc.get(mVar.toLowerCase()); - }catch (Exception e) { + } catch (Exception e) { givenVal = (String) null; } } @@ -143,12 +141,13 @@ public class LdapSimpleExpression implements ILdapExpression { if (givenVal == null) { try { givenVal = (String) sc.get(mVar.toUpperCase()); - }catch (Exception e) { + } catch (Exception e) { givenVal = (String) null; } } - // Debug.trace("mVar: " + mVar + ",Given Value: " + givenVal + ", Value to compare with: " + mVal); + // Debug.trace("mVar: " + mVar + ",Given Value: " + givenVal + + // ", Value to compare with: " + mVal); boolean result = false; result = matchValue(givenVal); @@ -157,8 +156,7 @@ public class LdapSimpleExpression implements ILdapExpression { } - public boolean evaluate(IRequest req) - throws ELdapException { + public boolean evaluate(IRequest req) throws ELdapException { boolean result = false; // mPfx and mVar are looked up case-indendently if (mPfx != null) { @@ -169,8 +167,7 @@ public class LdapSimpleExpression implements ILdapExpression { return result; } - private boolean matchVector(Vector value) - throws ELdapException { + private boolean matchVector(Vector value) throws ELdapException { boolean result = false; Enumeration e = (Enumeration) value.elements(); @@ -182,8 +179,7 @@ public class LdapSimpleExpression implements ILdapExpression { return result; } - private boolean matchStringArray(String[] value) - throws ELdapException { + private boolean matchStringArray(String[] value) throws ELdapException { boolean result = false; for (int i = 0; i < value.length; i++) { @@ -194,8 +190,7 @@ public class LdapSimpleExpression implements ILdapExpression { return result; } - private boolean matchValue(Object value) - throws ELdapException { + private boolean matchValue(Object value) throws ELdapException { boolean result; // There is nothing to compare with! @@ -213,13 +208,12 @@ public class LdapSimpleExpression implements ILdapExpression { else if (value instanceof String[]) result = matchStringArray((String[]) value); else - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_INVALID_ATTR_VALUE", - value.getClass().getName())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_INVALID_ATTR_VALUE", value.getClass().getName())); return result; } - private boolean matchStringValue(String givenVal) - throws ELdapException { + private boolean matchStringValue(String givenVal) throws ELdapException { boolean result; switch (mOp) { @@ -259,8 +253,7 @@ public class LdapSimpleExpression implements ILdapExpression { return result; } - private boolean matchIntegerValue(Integer intVal) - throws ELdapException { + private boolean matchIntegerValue(Integer intVal) throws ELdapException { boolean result; int storedVal; int givenVal = intVal.intValue(); @@ -268,7 +261,8 @@ public class LdapSimpleExpression implements ILdapExpression { try { storedVal = new Integer(mVal).intValue(); } catch (Exception e) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_INVALID_ATTR_VALUE", mVal)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_INVALID_ATTR_VALUE", mVal)); } switch (mOp) { @@ -302,15 +296,13 @@ public class LdapSimpleExpression implements ILdapExpression { return result; } - private boolean matchBooleanValue(Boolean givenVal) - throws ELdapException { + private boolean matchBooleanValue(Boolean givenVal) throws ELdapException { boolean result; Boolean storedVal; - if (!(mVal.equalsIgnoreCase("true") || - mVal.equalsIgnoreCase("false"))) - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_INVALID_ATTR_VALUE", - mVal)); + if (!(mVal.equalsIgnoreCase("true") || mVal.equalsIgnoreCase("false"))) + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_INVALID_ATTR_VALUE", mVal)); storedVal = new Boolean(mVal); switch (mOp) { case OP_EQUAL: @@ -359,7 +351,7 @@ public class LdapSimpleExpression implements ILdapExpression { op = ILdapExpression.LE_STR; break; } - if (mPfx != null && mPfx.length() > 0) + if (mPfx != null && mPfx.length() > 0) return mPfx + "." + mVar + " " + op + " " + mVal; else return mVar + " " + op + " " + mVal; @@ -450,7 +442,6 @@ public class LdapSimpleExpression implements ILdapExpression { } } - class ExpressionComps { String attr; int op; @@ -474,4 +465,3 @@ class ExpressionComps { return val; } } - diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/PublishObject.java b/pki/base/common/src/com/netscape/cmscore/ldap/PublishObject.java index fc2ace23c..940330d6d 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/PublishObject.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/PublishObject.java @@ -17,11 +17,9 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import netscape.security.x509.X509CRLImpl; import netscape.security.x509.X509CertImpl; - /** * The object to publish or unpublish: a certificate or a CRL */ @@ -32,7 +30,7 @@ public class PublishObject { private String mObjectType = null; private X509CertImpl mCert = null; private X509CertImpl[] mCerts = null; - private X509CRLImpl mCRL = null; + private X509CRLImpl mCRL = null; private int mIndex = 0; public PublishObject() { diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java b/pki/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java index 1477e57b0..3953c377b 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.math.BigInteger; import java.security.cert.X509CRL; import java.security.cert.X509Certificate; @@ -61,9 +60,8 @@ import com.netscape.certsrv.request.IRequestNotifier; import com.netscape.cmscore.dbs.CertRecord; import com.netscape.cmscore.util.Debug; - -public class PublisherProcessor implements - IPublisherProcessor, IXcertPublisherProcessor { +public class PublisherProcessor implements IPublisherProcessor, + IXcertPublisherProcessor { public Hashtable<String, PublisherPlugin> mPublisherPlugins = new Hashtable<String, PublisherPlugin>(); public Hashtable<String, PublisherProxy> mPublisherInsts = new Hashtable<String, PublisherProxy>(); @@ -73,7 +71,7 @@ public class PublisherProcessor implements public Hashtable<String, ILdapRule> mRuleInsts = new Hashtable<String, ILdapRule>(); /** - protected PublishRuleSet mRuleSet = null; + * protected PublishRuleSet mRuleSet = null; **/ protected LdapConnModule mLdapConnModule = null; @@ -94,7 +92,7 @@ public class PublisherProcessor implements public String getId() { return mId; } - + public void setId(String id) { mId = id; } @@ -104,7 +102,7 @@ public class PublisherProcessor implements } public void init(ISubsystem authority, IConfigStore config) - throws EBaseException { + throws EBaseException { mConfig = config; mAuthority = (ICertAuthority) authority; @@ -124,20 +122,19 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("loaded publisher plugins"); - // load publisher instances + // load publisher instances c = publisherConfig.getSubStore(PROP_INSTANCE); Enumeration<String> instances = c.getSubStoreNames(); while (instances.hasMoreElements()) { String insName = (String) instances.nextElement(); - String implName = c.getString(insName + "." + - PROP_PLUGIN); - PublisherPlugin plugin = - (PublisherPlugin) mPublisherPlugins.get(implName); - - if (plugin == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_PLUGIN_NOT_FIND", implName)); + String implName = c.getString(insName + "." + PROP_PLUGIN); + PublisherPlugin plugin = (PublisherPlugin) mPublisherPlugins + .get(implName); + + if (plugin == null) { + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PLUGIN_NOT_FIND", implName)); throw new ELdapException(implName); } String className = plugin.getClassPath(); @@ -147,10 +144,9 @@ public class PublisherProcessor implements ILdapPublisher publisherInst = null; try { - publisherInst = (ILdapPublisher) - Class.forName(className).newInstance(); - IConfigStore pConfig = - c.getSubStore(insName); + publisherInst = (ILdapPublisher) Class.forName(className) + .newInstance(); + IConfigStore pConfig = c.getSubStore(insName); publisherInst.init(pConfig); isEnable = true; @@ -158,20 +154,27 @@ public class PublisherProcessor implements } catch (ClassNotFoundException e) { String errMsg = "PublisherProcessor:: init()-" + e.toString(); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (IllegalAccessException e) { String errMsg = "PublisherProcessor:: init()-" + e.toString(); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (InstantiationException e) { String errMsg = "PublisherProcessor: init()-" + e.toString(); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (Throwable e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_SKIP_PUBLISHER", insName, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_SKIP_PUBLISHER", insName, e.toString())); // Let the server continue if it is a // mis-configuration. But the instance // will be skipped. This give another @@ -180,19 +183,22 @@ public class PublisherProcessor implements } if (publisherInst == null) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } if (insName == null) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", insName)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", insName)); } // add publisher instance to list. - mPublisherInsts.put(insName, new - PublisherProxy(isEnable, publisherInst)); + mPublisherInsts.put(insName, new PublisherProxy(isEnable, + publisherInst)); log(ILogger.LL_INFO, "publisher instance " + insName + " added"); if (Debug.ON) - Debug.trace("loaded publisher instance " + insName + " impl " + implName); + Debug.trace("loaded publisher instance " + insName + " impl " + + implName); } // load mapper implementation @@ -210,19 +216,17 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("loaded mapper plugins"); - // load mapper instances + // load mapper instances c = mapperConfig.getSubStore(PROP_INSTANCE); instances = c.getSubStoreNames(); while (instances.hasMoreElements()) { String insName = (String) instances.nextElement(); - String implName = c.getString(insName + "." + - PROP_PLUGIN); - MapperPlugin plugin = - (MapperPlugin) mMapperPlugins.get(implName); - - if (plugin == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_MAPPER_NOT_FIND", implName)); + String implName = c.getString(insName + "." + PROP_PLUGIN); + MapperPlugin plugin = (MapperPlugin) mMapperPlugins.get(implName); + + if (plugin == null) { + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_MAPPER_NOT_FIND", implName)); throw new ELdapException(implName); } String className = plugin.getClassPath(); @@ -230,35 +234,41 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("loaded mapper className=" + className); - // Instantiate and init the mapper + // Instantiate and init the mapper boolean isEnable = false; ILdapMapper mapperInst = null; try { - mapperInst = (ILdapMapper) - Class.forName(className).newInstance(); - IConfigStore mConfig = - c.getSubStore(insName); + mapperInst = (ILdapMapper) Class.forName(className) + .newInstance(); + IConfigStore mConfig = c.getSubStore(insName); mapperInst.init(mConfig); isEnable = true; } catch (ClassNotFoundException e) { String errMsg = "PublisherProcessor:: init()-" + e.toString(); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (IllegalAccessException e) { String errMsg = "PublisherProcessor:: init()-" + e.toString(); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (InstantiationException e) { String errMsg = "PublisherProcessor: init()-" + e.toString(); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (Throwable e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_SKIP_MAPPER", insName, e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_SKIP_MAPPER", insName, e.toString())); // Let the server continue if it is a // mis-configuration. But the instance // will be skipped. This give another @@ -267,16 +277,17 @@ public class PublisherProcessor implements } if (mapperInst == null) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } // add manager instance to list. - mMapperInsts.put(insName, new MapperProxy( - isEnable, mapperInst)); + mMapperInsts.put(insName, new MapperProxy(isEnable, mapperInst)); log(ILogger.LL_INFO, "mapper instance " + insName + " added"); if (Debug.ON) - Debug.trace("loaded mapper instance " + insName + " impl " + implName); + Debug.trace("loaded mapper instance " + insName + " impl " + + implName); } // load rule implementation @@ -294,19 +305,17 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("loaded rule plugins"); - // load rule instances + // load rule instances c = ruleConfig.getSubStore(PROP_INSTANCE); instances = c.getSubStoreNames(); while (instances.hasMoreElements()) { String insName = (String) instances.nextElement(); - String implName = c.getString(insName + "." + - PROP_PLUGIN); - RulePlugin plugin = - (RulePlugin) mRulePlugins.get(implName); - - if (plugin == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); + String implName = c.getString(insName + "." + PROP_PLUGIN); + RulePlugin plugin = (RulePlugin) mRulePlugins.get(implName); + + if (plugin == null) { + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_RULE_NOT_FIND", implName)); throw new ELdapException(implName); } String className = plugin.getClassPath(); @@ -314,14 +323,13 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("loaded rule className=" + className); - // Instantiate and init the rule + // Instantiate and init the rule IConfigStore mConfig = null; try { ILdapRule ruleInst = null; - ruleInst = (ILdapRule) - Class.forName(className).newInstance(); + ruleInst = (ILdapRule) Class.forName(className).newInstance(); mConfig = c.getSubStore(insName); ruleInst.init(this, mConfig); ruleInst.setInstanceName(insName); @@ -330,30 +338,37 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("ADDING RULE " + insName + " " + ruleInst); mRuleInsts.put(insName, ruleInst); - log(ILogger.LL_INFO, "rule instance " + - insName + " added"); + log(ILogger.LL_INFO, "rule instance " + insName + " added"); } catch (ClassNotFoundException e) { String errMsg = "PublisherProcessor:: init()-" + e.toString(); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (IllegalAccessException e) { String errMsg = "PublisherProcessor:: init()-" + e.toString(); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (InstantiationException e) { String errMsg = "PublisherProcessor: init()-" + e.toString(); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (Throwable e) { if (mConfig == null) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } - mConfig.putString(ILdapRule.PROP_ENABLE, - "false"); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_SKIP_RULE", insName, e.toString())); + mConfig.putString(ILdapRule.PROP_ENABLE, "false"); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_SKIP_RULE", insName, + e.toString())); // Let the server continue if it is a // mis-configuration. But the instance // will be skipped. This give another @@ -361,7 +376,8 @@ public class PublisherProcessor implements // the server via console. } if (Debug.ON) - Debug.trace("loaded rule instance " + insName + " impl " + implName); + Debug.trace("loaded rule instance " + insName + " impl " + + implName); } startup(); @@ -372,41 +388,39 @@ public class PublisherProcessor implements /** * Retrieves LDAP connection module. * <P> - * + * * @return LDAP connection instance */ public ILdapConnModule getLdapConnModule() { return mLdapConnModule; } - + public void setLdapConnModule(ILdapConnModule m) { - mLdapConnModule = (LdapConnModule)m; + mLdapConnModule = (LdapConnModule) m; } - + /** * init ldap connection */ - private void initLdapConn(IConfigStore ldapConfig) - throws EBaseException { + private void initLdapConn(IConfigStore ldapConfig) throws EBaseException { IConfigStore c = ldapConfig; try { - //c = authConfig.getSubStore(PROP_LDAP_PUBLISH_SUBSTORE); + // c = authConfig.getSubStore(PROP_LDAP_PUBLISH_SUBSTORE); if (c != null && c.size() > 0) { mLdapConnModule = new LdapConnModule(); mLdapConnModule.init(this, c); CMS.debug("LdapPublishing connection inited"); } else { - log(ILogger.LL_FAILURE, - "No Ldap Module configuration found"); + log(ILogger.LL_FAILURE, "No Ldap Module configuration found"); throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_NO_LDAP_PUBLISH_CONFIG_FOUND")); + CMS.getUserMessage("CMS_LDAP_NO_LDAP_PUBLISH_CONFIG_FOUND")); } } catch (ELdapException e) { - log(ILogger.LL_FAILURE, - "Ldap Publishing Module failed with " + e); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_INIT_LDAP_PUBLISH_MODULE_FAILED", e.toString())); + log(ILogger.LL_FAILURE, "Ldap Publishing Module failed with " + e); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_INIT_LDAP_PUBLISH_MODULE_FAILED", e.toString())); } } @@ -424,23 +438,33 @@ public class PublisherProcessor implements mLdapRequestListener = new LdapRequestListener(); mLdapRequestListener.init(this, mLdapConfig); mAuthority.registerRequestListener(mLdapRequestListener); - IConfigStore queueConfig = mConfig.getSubStore(PROP_QUEUE_PUBLISH_SUBSTORE); + IConfigStore queueConfig = mConfig + .getSubStore(PROP_QUEUE_PUBLISH_SUBSTORE); if (queueConfig != null) { - boolean isPublishingQueueEnabled = queueConfig.getBoolean("enable", false); - int publishingQueuePriorityLevel = queueConfig.getInteger("priorityLevel", 0); - int maxNumberOfPublishingThreads = queueConfig.getInteger("maxNumberOfThreads", 1); - int publishingQueuePageSize = queueConfig.getInteger("pageSize", 100); - int savePublishingStatus = queueConfig.getInteger("saveStatus", 0); - CMS.debug("PublisherProcessor: startup: Publishing Queue Enabled: " + isPublishingQueueEnabled + - " Priority Level: " + publishingQueuePriorityLevel + - " Maximum Number of Threads: " + maxNumberOfPublishingThreads + - " Page Size: "+ publishingQueuePageSize); - IRequestNotifier reqNotifier = ((ICertificateAuthority)mAuthority).getRequestNotifier(); - reqNotifier.setPublishingQueue (isPublishingQueueEnabled, - publishingQueuePriorityLevel, - maxNumberOfPublishingThreads, - publishingQueuePageSize, - savePublishingStatus); + boolean isPublishingQueueEnabled = queueConfig.getBoolean( + "enable", false); + int publishingQueuePriorityLevel = queueConfig.getInteger( + "priorityLevel", 0); + int maxNumberOfPublishingThreads = queueConfig.getInteger( + "maxNumberOfThreads", 1); + int publishingQueuePageSize = queueConfig.getInteger( + "pageSize", 100); + int savePublishingStatus = queueConfig.getInteger("saveStatus", + 0); + CMS.debug("PublisherProcessor: startup: Publishing Queue Enabled: " + + isPublishingQueueEnabled + + " Priority Level: " + + publishingQueuePriorityLevel + + " Maximum Number of Threads: " + + maxNumberOfPublishingThreads + + " Page Size: " + + publishingQueuePageSize); + IRequestNotifier reqNotifier = ((ICertificateAuthority) mAuthority) + .getRequestNotifier(); + reqNotifier.setPublishingQueue(isPublishingQueueEnabled, + publishingQueuePriorityLevel, + maxNumberOfPublishingThreads, publishingQueuePageSize, + savePublishingStatus); } } } @@ -452,11 +476,11 @@ public class PublisherProcessor implements mLdapConnModule.getLdapConnFactory().reset(); } if (mLdapRequestListener != null) { - //mLdapRequestListener.shutdown(); + // mLdapRequestListener.shutdown(); mAuthority.removeRequestListener(mLdapRequestListener); } - } catch (Exception e) { - // ignore + } catch (Exception e) { + // ignore } } @@ -484,12 +508,12 @@ public class PublisherProcessor implements return mPublisherInsts; } - //certType can be client,server,ca,crl,smime - //XXXshould make it static to make it faster + // certType can be client,server,ca,crl,smime + // XXXshould make it static to make it faster public Enumeration<ILdapRule> getRules(String publishingType) { Vector<ILdapRule> rules = new Vector<ILdapRule>(); Enumeration<String> e = mRuleInsts.keys(); - + while (e.hasMoreElements()) { String name = (String) e.nextElement(); @@ -502,7 +526,7 @@ public class PublisherProcessor implements Debug.trace("rule name is " + name); } - //this is the only rule we support now + // this is the only rule we support now LdapRule rule = (LdapRule) (mRuleInsts.get(name)); if (rule.enabled() && rule.getType().equals(publishingType)) { @@ -532,7 +556,7 @@ public class PublisherProcessor implements Vector<ILdapRule> rules = new Vector<ILdapRule>(); Enumeration<String> e = mRuleInsts.keys(); - + while (e.hasMoreElements()) { String name = (String) e.nextElement(); @@ -545,7 +569,7 @@ public class PublisherProcessor implements Debug.trace("rule name is " + name); } - //this is the only rule we support now + // this is the only rule we support now LdapRule rule = (LdapRule) (mRuleInsts.get(name)); if (rule.enabled() && rule.getType().equals(publishingType)) { @@ -561,58 +585,63 @@ public class PublisherProcessor implements rules.addElement(rule); if (Debug.ON) - Debug.trace("added rule " + name + " for " + publishingType + - " request: " + req.getRequestId()); + Debug.trace("added rule " + name + " for " + publishingType + + " request: " + req.getRequestId()); } } return rules.elements(); } /** - public PublishRuleSet getPublishRuleSet() - { - return mRuleSet; - } + * public PublishRuleSet getPublishRuleSet() { return mRuleSet; } **/ - public Vector<String> getMapperDefaultParams(String implName) throws - ELdapException { + public Vector<String> getMapperDefaultParams(String implName) + throws ELdapException { // is this a registered implname? MapperPlugin plugin = mMapperPlugins.get(implName); if (plugin == null) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_MAPPER_NOT_FIND", implName)); + CMS.getLogMessage("CMSCORE_LDAP_MAPPER_NOT_FIND", implName)); throw new ELdapException(implName); } - + // XXX can find an instance of this plugin in existing // mapper instances to avoid instantiation just for this. - + // a temporary instance ILdapMapper mapperInst = null; String className = plugin.getClassPath(); try { - mapperInst = (ILdapMapper) - Class.forName(className).newInstance(); + mapperInst = (ILdapMapper) Class.forName(className).newInstance(); Vector<String> v = mapperInst.getDefaultParams(); return v; } catch (InstantiationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_MAPPER", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_MAPPER", + e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (ClassNotFoundException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_MAPPER", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_MAPPER", + e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (IllegalAccessException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_MAPPER", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_MAPPER", + e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } } - public Vector<String> getMapperInstanceParams(String insName) throws - ELdapException { + public Vector<String> getMapperInstanceParams(String insName) + throws ELdapException { ILdapMapper mapperInst = null; MapperProxy proxy = (MapperProxy) mMapperInsts.get(insName); @@ -628,46 +657,54 @@ public class PublisherProcessor implements return v; } - public Vector<String> getPublisherDefaultParams(String implName) throws - ELdapException { + public Vector<String> getPublisherDefaultParams(String implName) + throws ELdapException { // is this a registered implname? - PublisherPlugin plugin = (PublisherPlugin) - mPublisherPlugins.get(implName); + PublisherPlugin plugin = (PublisherPlugin) mPublisherPlugins + .get(implName); if (plugin == null) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_PLUGIN_NOT_FIND", implName)); + CMS.getLogMessage("CMSCORE_LDAP_PLUGIN_NOT_FIND", implName)); throw new ELdapException(implName); } - + // XXX can find an instance of this plugin in existing // publisher instantces to avoid instantiation just for this. - + // a temporary instance ILdapPublisher publisherInst = null; String className = plugin.getClassPath(); try { - publisherInst = (ILdapPublisher) - Class.forName(className).newInstance(); + publisherInst = (ILdapPublisher) Class.forName(className) + .newInstance(); Vector<String> v = publisherInst.getDefaultParams(); return v; } catch (InstantiationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_PUBLISHER", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_PUBLISHER", + e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (ClassNotFoundException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_PUBLISHER", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_PUBLISHER", + e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (IllegalAccessException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_PUBLISHER", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_PUBLISHER", + e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } } public boolean isMapperInstanceEnable(String insName) { - MapperProxy proxy = (MapperProxy) - mMapperInsts.get(insName); + MapperProxy proxy = (MapperProxy) mMapperInsts.get(insName); if (proxy == null) { return false; @@ -695,8 +732,7 @@ public class PublisherProcessor implements } public boolean isPublisherInstanceEnable(String insName) { - PublisherProxy proxy = (PublisherProxy) - mPublisherInsts.get(insName); + PublisherProxy proxy = (PublisherProxy) mPublisherInsts.get(insName); if (proxy == null) { return false; @@ -705,21 +741,19 @@ public class PublisherProcessor implements } public ILdapPublisher getActivePublisherInstance(String insName) { - PublisherProxy proxy = (PublisherProxy) - mPublisherInsts.get(insName); + PublisherProxy proxy = (PublisherProxy) mPublisherInsts.get(insName); if (proxy == null) { return null; } if (proxy.isEnable()) return proxy.getPublisher(); - else + else return null; } public ILdapPublisher getPublisherInstance(String insName) { - PublisherProxy proxy = (PublisherProxy) - mPublisherInsts.get(insName); + PublisherProxy proxy = (PublisherProxy) mPublisherInsts.get(insName); if (proxy == null) { return null; @@ -727,8 +761,8 @@ public class PublisherProcessor implements return proxy.getPublisher(); } - public Vector<String> getPublisherInstanceParams(String insName) throws - ELdapException { + public Vector<String> getPublisherInstanceParams(String insName) + throws ELdapException { ILdapPublisher publisherInst = getPublisherInstance(insName); if (publisherInst == null) { @@ -739,119 +773,132 @@ public class PublisherProcessor implements return v; } - public Vector<String> getRuleDefaultParams(String implName) throws - ELdapException { + public Vector<String> getRuleDefaultParams(String implName) + throws ELdapException { // is this a registered implname? RulePlugin plugin = mRulePlugins.get(implName); if (plugin == null) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); + CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); throw new ELdapException(implName); } - + // XXX can find an instance of this plugin in existing // rule instantces to avoid instantiation just for this. - + // a temporary instance ILdapRule ruleInst = null; String className = plugin.getClassPath(); try { - ruleInst = (ILdapRule) - Class.forName(className).newInstance(); - + ruleInst = (ILdapRule) Class.forName(className).newInstance(); + Vector<String> v = ruleInst.getDefaultParams(); return v; } catch (InstantiationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (ClassNotFoundException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (IllegalAccessException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } } - public Vector<String> getRuleInstanceParams(String implName) throws - ELdapException { + public Vector<String> getRuleInstanceParams(String implName) + throws ELdapException { // is this a registered implname? RulePlugin plugin = mRulePlugins.get(implName); if (plugin == null) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); + CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); throw new ELdapException(implName); } - + // XXX can find an instance of this plugin in existing // rule instantces to avoid instantiation just for this. - + // a temporary instance ILdapRule ruleInst = null; String className = plugin.getClassPath(); try { - ruleInst = (ILdapRule) - Class.forName(className).newInstance(); + ruleInst = (ILdapRule) Class.forName(className).newInstance(); Vector<String> v = ruleInst.getInstanceParams(); IConfigStore rc = ruleInst.getConfigStore(); return v; } catch (InstantiationException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (ClassNotFoundException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } catch (IllegalAccessException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_NEW_RULE", e.toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_FAIL_LOAD_CLASS", className)); } } /** - * set published flag - true when published, false when unpublished. - * not exist means not published. + * set published flag - true when published, false when unpublished. not + * exist means not published. */ public void setPublishedFlag(BigInteger serialNo, boolean published) { - if (!(mAuthority instanceof ICertificateAuthority)) + if (!(mAuthority instanceof ICertificateAuthority)) return; ICertificateAuthority ca = (ICertificateAuthority) mAuthority; try { - ICertificateRepository certdb = (ICertificateRepository) ca.getCertificateRepository(); - ICertRecord certRec = (ICertRecord) certdb.readCertificateRecord(serialNo); + ICertificateRepository certdb = (ICertificateRepository) ca + .getCertificateRepository(); + ICertRecord certRec = (ICertRecord) certdb + .readCertificateRecord(serialNo); MetaInfo metaInfo = certRec.getMetaInfo(); if (metaInfo == null) { metaInfo = new MetaInfo(); } - metaInfo.set( - CertRecord.META_LDAPPUBLISH, String.valueOf(published)); + metaInfo.set(CertRecord.META_LDAPPUBLISH, String.valueOf(published)); ModificationSet modSet = new ModificationSet(); - modSet.add(ICertRecord.ATTR_META_INFO, - Modification.MOD_REPLACE, metaInfo); + modSet.add(ICertRecord.ATTR_META_INFO, Modification.MOD_REPLACE, + metaInfo); certdb.modifyCertificateRecord(serialNo, modSet); } catch (EBaseException e) { // not fatal. just log warning. - log(ILogger.LL_WARN, - "Cannot mark cert 0x" + serialNo.toString(16) + " published as " + published + - " in the ldap directory. Cert Record not found. Error: " + - e.toString() + - " Don't be alarmed if it's a subordinate ca or clone's ca siging cert. Otherwise your internal db may be corrupted."); + log(ILogger.LL_WARN, + "Cannot mark cert 0x" + + serialNo.toString(16) + + " published as " + + published + + " in the ldap directory. Cert Record not found. Error: " + + e.toString() + + " Don't be alarmed if it's a subordinate ca or clone's ca siging cert. Otherwise your internal db may be corrupted."); } } /** * Publish ca cert, UpdateDir.java, jobs, request listeners */ - public void publishCACert(X509Certificate cert) - throws ELdapException { + public void publishCACert(X509Certificate cert) throws ELdapException { boolean error = false; String errorRule = ""; @@ -860,118 +907,131 @@ public class PublisherProcessor implements CMS.debug("PublishProcessor::publishCACert"); - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules(PROP_LOCAL_CA); if (rules == null || !rules.hasMoreElements()) { if (isClone()) { - log(ILogger.LL_WARN, "No rule is found for publishing: " + PROP_LOCAL_CA + " in this clone."); + log(ILogger.LL_WARN, "No rule is found for publishing: " + + PROP_LOCAL_CA + " in this clone."); return; } else { - Debug.trace(CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOUND", PROP_LOCAL_CA)); - //log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOUND", PROP_LOCAL_CA)); - //throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_RULE_MATCHED", PROP_LOCAL_CA)); + Debug.trace(CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOUND", + PROP_LOCAL_CA)); + // log(ILogger.LL_FAILURE, + // CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOUND", + // PROP_LOCAL_CA)); + // throw new + // ELdapException(CMS.getUserMessage("CMS_LDAP_NO_RULE_MATCHED", + // PROP_LOCAL_CA)); return; } } while (rules.hasMoreElements()) { LdapRule rule = (LdapRule) rules.nextElement(); - if( rule == null ) { - CMS.debug( "PublisherProcessor::publishCACert() - " - + "rule is null!" ); - throw new ELdapException( "rule is null" ); + if (rule == null) { + CMS.debug("PublisherProcessor::publishCACert() - " + + "rule is null!"); + throw new ELdapException("rule is null"); } - log(ILogger.LL_INFO, "publish certificate type=" + PROP_LOCAL_CA + - " rule=" + rule.getInstanceName() + " publisher=" + - rule.getPublisher()); + log(ILogger.LL_INFO, + "publish certificate type=" + PROP_LOCAL_CA + " rule=" + + rule.getInstanceName() + " publisher=" + + rule.getPublisher()); try { ILdapMapper mapper = null; String mapperName = rule.getMapper(); - if (mapperName != null && - !mapperName.trim().equals("")) { + if (mapperName != null && !mapperName.trim().equals("")) { mapper = getActiveMapperInstance(mapperName); } - publishNow(mapper, getActivePublisherInstance(rule.getPublisher()), null/* NO REQUEsT */, cert); - log(ILogger.LL_INFO, "published certificate using rule=" + - rule.getInstanceName()); + publishNow(mapper, + getActivePublisherInstance(rule.getPublisher()), + null/* NO REQUEsT */, cert); + log(ILogger.LL_INFO, + "published certificate using rule=" + + rule.getInstanceName()); } catch (Exception e) { // continue publishing even publisher has errors - //log(ILogger.LL_WARN, e.toString()); - CMS.debug("PublisherProcessor::publishCACert returned error: " + e.toString()); + // log(ILogger.LL_WARN, e.toString()); + CMS.debug("PublisherProcessor::publishCACert returned error: " + + e.toString()); error = true; - errorRule = errorRule + " " + rule.getInstanceName() + - " error:" + e.toString(); + errorRule = errorRule + " " + rule.getInstanceName() + + " error:" + e.toString(); } } // set the ldap published flag. if (!error) { setPublishedFlag(cert.getSerialNumber(), true); } else { - throw new - ELdapException(CMS.getUserMessage("CMS_LDAP_PUBLISH_FAILED", errorRule)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_PUBLISH_FAILED", errorRule)); } } /** - * This function is never called. CMS does not unpublish - * CA certificate. + * This function is never called. CMS does not unpublish CA certificate. */ - public void unpublishCACert(X509Certificate cert) - throws ELdapException { + public void unpublishCACert(X509Certificate cert) throws ELdapException { boolean error = false; String errorRule = ""; if (!enabled()) return; - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules(PROP_LOCAL_CA); if (rules == null || !rules.hasMoreElements()) { if (isClone()) { - log(ILogger.LL_WARN, "No rule is found for unpublishing: " + PROP_LOCAL_CA + " in this clone."); + log(ILogger.LL_WARN, "No rule is found for unpublishing: " + + PROP_LOCAL_CA + " in this clone."); return; } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_UNPUBLISHING_RULE_FOUND", PROP_LOCAL_CA)); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_RULE_MATCHED", PROP_LOCAL_CA)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_NO_UNPUBLISHING_RULE_FOUND", + PROP_LOCAL_CA)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_NO_RULE_MATCHED", PROP_LOCAL_CA)); } } while (rules.hasMoreElements()) { LdapRule rule = (LdapRule) rules.nextElement(); - if( rule == null ) { - CMS.debug( "PublisherProcessor::unpublishCACert() - " - + "rule is null!" ); - throw new ELdapException( "rule is null" ); + if (rule == null) { + CMS.debug("PublisherProcessor::unpublishCACert() - " + + "rule is null!"); + throw new ELdapException("rule is null"); } try { - log(ILogger.LL_INFO, "unpublish certificate type=" + - PROP_LOCAL_CA + " rule=" + rule.getInstanceName() + - " publisher=" + rule.getPublisher()); + log(ILogger.LL_INFO, "unpublish certificate type=" + + PROP_LOCAL_CA + " rule=" + rule.getInstanceName() + + " publisher=" + rule.getPublisher()); ILdapMapper mapper = null; String mapperName = rule.getMapper(); - if (mapperName != null && - !mapperName.trim().equals("")) { + if (mapperName != null && !mapperName.trim().equals("")) { mapper = getActiveMapperInstance(mapperName); } - unpublishNow(mapper, getActivePublisherInstance(rule.getPublisher()), null/* NO REQUEST */, cert); - log(ILogger.LL_INFO, "unpublished certificate using rule=" + - rule.getInstanceName()); + unpublishNow(mapper, + getActivePublisherInstance(rule.getPublisher()), + null/* NO REQUEST */, cert); + log(ILogger.LL_INFO, "unpublished certificate using rule=" + + rule.getInstanceName()); } catch (Exception e) { // continue publishing even publisher has errors - //log(ILogger.LL_WARN, e.toString()); + // log(ILogger.LL_WARN, e.toString()); error = true; errorRule = errorRule + " " + rule.getInstanceName(); } @@ -981,77 +1041,83 @@ public class PublisherProcessor implements if (!error) { setPublishedFlag(cert.getSerialNumber(), false); } else { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_UNPUBLISH_FAILED", errorRule)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_UNPUBLISH_FAILED", errorRule)); } } /** * Publish crossCertificatePair */ - public void publishXCertPair(byte[] pair) - throws ELdapException { + public void publishXCertPair(byte[] pair) throws ELdapException { boolean error = false; String errorRule = ""; if (!enabled()) return; - CMS.debug("PublisherProcessor: in publishXCertPair()"); + CMS.debug("PublisherProcessor: in publishXCertPair()"); - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules(PROP_XCERT); if (rules == null || !rules.hasMoreElements()) { if (isClone()) { - log(ILogger.LL_WARN, "No rule is found for publishing: " + PROP_LOCAL_CA + " in this clone."); + log(ILogger.LL_WARN, "No rule is found for publishing: " + + PROP_LOCAL_CA + " in this clone."); return; } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOUND", PROP_XCERT)); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_RULE_MATCHED", PROP_XCERT)); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_NO_RULE_FOUND", PROP_XCERT)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_NO_RULE_MATCHED", PROP_XCERT)); } } while (rules.hasMoreElements()) { LdapRule rule = (LdapRule) rules.nextElement(); - if( rule == null ) { - CMS.debug( "PublisherProcessor::publishXCertPair() - " - + "rule is null!" ); - throw new ELdapException( "rule is null" ); + if (rule == null) { + CMS.debug("PublisherProcessor::publishXCertPair() - " + + "rule is null!"); + throw new ELdapException("rule is null"); } - log(ILogger.LL_INFO, "publish certificate type=" + PROP_XCERT + - " rule=" + rule.getInstanceName() + " publisher=" + - rule.getPublisher()); + log(ILogger.LL_INFO, + "publish certificate type=" + PROP_XCERT + " rule=" + + rule.getInstanceName() + " publisher=" + + rule.getPublisher()); try { ILdapMapper mapper = null; String mapperName = rule.getMapper(); - if (mapperName != null && - !mapperName.trim().equals("")) { + if (mapperName != null && !mapperName.trim().equals("")) { mapper = getActiveMapperInstance(mapperName); } - publishNow(mapper, getActivePublisherInstance(rule.getPublisher()), null/* NO REQUEsT */, pair); - log(ILogger.LL_INFO, "published Xcertificates using rule=" + - rule.getInstanceName()); + publishNow(mapper, + getActivePublisherInstance(rule.getPublisher()), + null/* NO REQUEsT */, pair); + log(ILogger.LL_INFO, "published Xcertificates using rule=" + + rule.getInstanceName()); } catch (Exception e) { // continue publishing even publisher has errors - //log(ILogger.LL_WARN, e.toString()); + // log(ILogger.LL_WARN, e.toString()); error = true; - errorRule = errorRule + " " + rule.getInstanceName() + - " error:" + e.toString(); + errorRule = errorRule + " " + rule.getInstanceName() + + " error:" + e.toString(); - CMS.debug("PublisherProcessor::publishXCertPair: error: " + e.toString()); + CMS.debug("PublisherProcessor::publishXCertPair: error: " + + e.toString()); } } } /** - * Publishs regular user certificate based on the criteria - * set in the request. + * Publishs regular user certificate based on the criteria set in the + * request. */ public void publishCert(X509Certificate cert, IRequest req) - throws ELdapException { + throws ELdapException { boolean error = false; String errorRule = ""; @@ -1059,10 +1125,10 @@ public class PublisherProcessor implements if (!enabled()) return; - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules("certs", req); - // Bugscape #52306 - Remove superfluous log messages on failure + // Bugscape #52306 - Remove superfluous log messages on failure if (rules == null || !rules.hasMoreElements()) { CMS.debug("Publishing: can't find publishing rule,exiting routine."); @@ -1074,11 +1140,11 @@ public class PublisherProcessor implements LdapRule rule = (LdapRule) rules.nextElement(); try { - log(ILogger.LL_INFO, - "publish certificate (with request) type=" + - "certs" + " rule=" + rule.getInstanceName() + - " publisher=" + rule.getPublisher()); - ILdapPublisher p = getActivePublisherInstance(rule.getPublisher()); + log(ILogger.LL_INFO, "publish certificate (with request) type=" + + "certs" + " rule=" + rule.getInstanceName() + + " publisher=" + rule.getPublisher()); + ILdapPublisher p = getActivePublisherInstance(rule + .getPublisher()); ILdapMapper m = null; String mapperName = rule.getMapper(); @@ -1086,11 +1152,12 @@ public class PublisherProcessor implements m = getActiveMapperInstance(mapperName); } publishNow(m, p, req, cert); - log(ILogger.LL_INFO, "published certificate using rule=" + - rule.getInstanceName()); + log(ILogger.LL_INFO, + "published certificate using rule=" + + rule.getInstanceName()); } catch (Exception e) { // continue publishing even publisher has errors - //log(ILogger.LL_WARN, e.toString()); + // log(ILogger.LL_WARN, e.toString()); error = true; errorRule = errorRule + " " + rule.getInstanceName(); } @@ -1099,63 +1166,66 @@ public class PublisherProcessor implements if (!error) { setPublishedFlag(cert.getSerialNumber(), true); } else { - CMS.debug("PublishProcessor::publishCert : " + CMS.getUserMessage("CMS_LDAP_PUBLISH_FAILED",errorRule)); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_PUBLISH_FAILED", errorRule)); + CMS.debug("PublishProcessor::publishCert : " + + CMS.getUserMessage("CMS_LDAP_PUBLISH_FAILED", errorRule)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_PUBLISH_FAILED", errorRule)); } } /** - * Unpublish user certificate. This is used by - * UnpublishExpiredJob. + * Unpublish user certificate. This is used by UnpublishExpiredJob. */ public void unpublishCert(X509Certificate cert, IRequest req) - throws ELdapException { + throws ELdapException { boolean error = false; String errorRule = ""; if (!enabled()) return; - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules("certs", req); if (rules == null || !rules.hasMoreElements()) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_UNPUBLISHING_RULE_FOUND_FOR_REQUEST", "certs", req.getRequestId().toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_RULE_MATCHED", - req.getRequestId().toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_NO_UNPUBLISHING_RULE_FOUND_FOR_REQUEST", + "certs", req.getRequestId().toString())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_NO_RULE_MATCHED", req.getRequestId().toString())); } while (rules.hasMoreElements()) { LdapRule rule = (LdapRule) rules.nextElement(); - if( rule == null ) { - CMS.debug( "PublisherProcessor::unpublishCert() - " - + "rule is null!" ); - throw new ELdapException( "rule is null" ); + if (rule == null) { + CMS.debug("PublisherProcessor::unpublishCert() - " + + "rule is null!"); + throw new ELdapException("rule is null"); } try { - log(ILogger.LL_INFO, - "unpublish certificate (with request) type=" + - "certs" + " rule=" + rule.getInstanceName() + - " publisher=" + rule.getPublisher()); + log(ILogger.LL_INFO, + "unpublish certificate (with request) type=" + "certs" + + " rule=" + rule.getInstanceName() + + " publisher=" + rule.getPublisher()); ILdapMapper mapper = null; String mapperName = rule.getMapper(); - if (mapperName != null && - !mapperName.trim().equals("")) { + if (mapperName != null && !mapperName.trim().equals("")) { mapper = getActiveMapperInstance(mapperName); } - unpublishNow(mapper, getActivePublisherInstance(rule.getPublisher()), - req, cert); - log(ILogger.LL_INFO, "unpublished certificate using rule=" + - rule.getInstanceName()); + unpublishNow(mapper, + getActivePublisherInstance(rule.getPublisher()), req, + cert); + log(ILogger.LL_INFO, "unpublished certificate using rule=" + + rule.getInstanceName()); } catch (Exception e) { // continue publishing even publisher has errors - //log(ILogger.LL_WARN, e.toString()); + // log(ILogger.LL_WARN, e.toString()); error = true; errorRule = errorRule + " " + rule.getInstanceName(); } @@ -1165,21 +1235,21 @@ public class PublisherProcessor implements if (!error) { setPublishedFlag(cert.getSerialNumber(), false); } else { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_UNPUBLISH_FAILED", errorRule)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_UNPUBLISH_FAILED", errorRule)); } } /** - * publishes a crl by mapping the issuer name in the crl to an entry - * and publishing it there. entry must be a certificate authority. - * Note that this is used by cmsgateway/cert/UpdateDir.java + * publishes a crl by mapping the issuer name in the crl to an entry and + * publishing it there. entry must be a certificate authority. Note that + * this is used by cmsgateway/cert/UpdateDir.java */ - public void publishCRL(X509CRLImpl crl, String crlIssuingPointId) - throws ELdapException { + public void publishCRL(X509CRLImpl crl, String crlIssuingPointId) + throws ELdapException { boolean error = false; String errorRule = ""; - if (!enabled()) return; ILdapMapper mapper = null; @@ -1189,9 +1259,10 @@ public class PublisherProcessor implements Enumeration<ILdapRule> rules = getRules(PROP_LOCAL_CRL); if (rules == null || !rules.hasMoreElements()) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOR_CRL")); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_RULE_MATCHED", - PROP_LOCAL_CRL)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOR_CRL")); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_NO_RULE_MATCHED", PROP_LOCAL_CRL)); } LDAPConnection conn = null; @@ -1207,53 +1278,57 @@ public class PublisherProcessor implements String result = null; LdapRule rule = (LdapRule) rules.nextElement(); - log(ILogger.LL_INFO, "publish crl rule=" + - rule.getInstanceName() + " publisher=" + - rule.getPublisher()); + log(ILogger.LL_INFO, + "publish crl rule=" + rule.getInstanceName() + + " publisher=" + rule.getPublisher()); try { String mapperName = rule.getMapper(); - if (mapperName != null && - !mapperName.trim().equals("")) { + if (mapperName != null && !mapperName.trim().equals("")) { mapper = getActiveMapperInstance(mapperName); } if (mapper == null || mapper.getImplName().equals("NoMap")) { dn = ((X500Name) crl.getIssuerDN()).toLdapDNString(); - }else { - + } else { + result = ((ILdapMapper) mapper).map(conn, crl); dn = result; if (!mCreateOwnDNEntry) { - if (dn == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_MAPPER_NOT_MAP", rule.getMapper())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", - crl.getIssuerDN().toString())); - + if (dn == null) { + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "CMSCORE_LDAP_MAPPER_NOT_MAP", + rule.getMapper())); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_NO_MATCH", crl.getIssuerDN() + .toString())); + } } } publisher = getActivePublisherInstance(rule.getPublisher()); if (publisher != null) { - if(publisher instanceof com.netscape.cms.publish.publishers.FileBasedPublisher) - ((com.netscape.cms.publish.publishers.FileBasedPublisher)publisher).setIssuingPointId(crlIssuingPointId); + if (publisher instanceof com.netscape.cms.publish.publishers.FileBasedPublisher) + ((com.netscape.cms.publish.publishers.FileBasedPublisher) publisher) + .setIssuingPointId(crlIssuingPointId); publisher.publish(conn, dn, crl); - log(ILogger.LL_INFO, "published crl using rule=" + rule.getInstanceName()); + log(ILogger.LL_INFO, + "published crl using rule=" + + rule.getInstanceName()); } // continue publishing even publisher has errors - }catch (Exception e) { - //e.printStackTrace(); - CMS.debug( - "Error publishing CRL to " + dn + ": " + e); + } catch (Exception e) { + // e.printStackTrace(); + CMS.debug("Error publishing CRL to " + dn + ": " + e); error = true; errorRule = errorRule + " " + rule.getInstanceName(); - CMS.debug("PublisherProcessor::publishCRL: error: " + e.toString()); + CMS.debug("PublisherProcessor::publishCRL: error: " + + e.toString()); } } - }catch (ELdapException e) { - //e.printStackTrace(); - CMS.debug( - "Error publishing CRL to " + dn + ": " + e); + } catch (ELdapException e) { + // e.printStackTrace(); + CMS.debug("Error publishing CRL to " + dn + ": " + e); throw e; } finally { if (conn != null) { @@ -1261,27 +1336,28 @@ public class PublisherProcessor implements } } if (error) - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_PUBLISH_FAILED", errorRule)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_PUBLISH_FAILED", errorRule)); } /** - * publishes a crl by mapping the issuer name in the crl to an entry - * and publishing it there. entry must be a certificate authority. + * publishes a crl by mapping the issuer name in the crl to an entry and + * publishing it there. entry must be a certificate authority. */ - public void publishCRL(String dn, X509CRL crl) - throws ELdapException { + public void publishCRL(String dn, X509CRL crl) throws ELdapException { boolean error = false; String errorRule = ""; if (!enabled()) return; - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules(PROP_LOCAL_CRL); if (rules == null || !rules.hasMoreElements()) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOR_CRL")); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_RULE_MATCHED", - PROP_LOCAL_CRL)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOR_CRL")); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_NO_RULE_MATCHED", PROP_LOCAL_CRL)); } LDAPConnection conn = null; @@ -1294,26 +1370,29 @@ public class PublisherProcessor implements while (rules.hasMoreElements()) { LdapRule rule = (LdapRule) rules.nextElement(); - log(ILogger.LL_INFO, "publish crl dn=" + dn + " rule=" + - rule.getInstanceName() + " publisher=" + - rule.getPublisher()); + log(ILogger.LL_INFO, + "publish crl dn=" + dn + " rule=" + + rule.getInstanceName() + " publisher=" + + rule.getPublisher()); try { publisher = getActivePublisherInstance(rule.getPublisher()); if (publisher != null) { publisher.publish(conn, dn, crl); - log(ILogger.LL_INFO, "published crl using rule=" + rule.getInstanceName()); + log(ILogger.LL_INFO, + "published crl using rule=" + + rule.getInstanceName()); } - }catch (Exception e) { - CMS.debug( - "Error publishing CRL to " + dn + ": " + e.toString()); + } catch (Exception e) { + CMS.debug("Error publishing CRL to " + dn + ": " + + e.toString()); error = true; errorRule = errorRule + " " + rule.getInstanceName(); - CMS.debug("PublisherProcessor::publishCRL: error: " + e.toString()); - } + CMS.debug("PublisherProcessor::publishCRL: error: " + + e.toString()); + } } } catch (ELdapException e) { - CMS.debug( - "Error publishing CRL to " + dn + ": " + e.toString()); + CMS.debug("Error publishing CRL to " + dn + ": " + e.toString()); throw e; } finally { if (conn != null) { @@ -1321,11 +1400,12 @@ public class PublisherProcessor implements } } if (error) - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_PUBLISH_FAILED", errorRule)); + throw new ELdapException(CMS.getUserMessage( + "CMS_LDAP_PUBLISH_FAILED", errorRule)); } private void publishNow(ILdapMapper mapper, ILdapPublisher publisher, - IRequest r, Object obj) throws ELdapException { + IRequest r, Object obj) throws ELdapException { if (!enabled()) return; CMS.debug("PublisherProcessor: in publishNow()"); @@ -1340,19 +1420,22 @@ public class PublisherProcessor implements if (mLdapConnModule != null) { try { conn = mLdapConnModule.getConn(); - } catch(ELdapException e) { + } catch (ELdapException e) { throw e; - } + } } try { - if ((mapper instanceof com.netscape.cms.publish.mappers.LdapCertSubjMap) && - ((com.netscape.cms.publish.mappers.LdapCertSubjMap)mapper).useAllEntries()) { - dirdn = ((com.netscape.cms.publish.mappers.LdapCertSubjMap)mapper).mapAll(conn, r, obj); + if ((mapper instanceof com.netscape.cms.publish.mappers.LdapCertSubjMap) + && ((com.netscape.cms.publish.mappers.LdapCertSubjMap) mapper) + .useAllEntries()) { + dirdn = ((com.netscape.cms.publish.mappers.LdapCertSubjMap) mapper) + .mapAll(conn, r, obj); } else { - dirdn = mapper.map(conn, r, obj); + dirdn = mapper.map(conn, r, obj); } } catch (Throwable e1) { - CMS.debug("Error mapping: mapper=" + mapper + " error=" + e1.toString()); + CMS.debug("Error mapping: mapper=" + mapper + " error=" + + e1.toString()); throw e1; } } @@ -1361,25 +1444,28 @@ public class PublisherProcessor implements try { if (dirdn instanceof Vector) { - Vector<?> dirdnVector = (Vector<?>)dirdn; + Vector<?> dirdnVector = (Vector<?>) dirdn; int n = dirdnVector.size(); for (int i = 0; i < n; i++) { - publisher.publish(conn, (String)dirdnVector.elementAt(i), cert); + publisher.publish(conn, + (String) dirdnVector.elementAt(i), cert); } - } else if (dirdn instanceof String || - publisher instanceof com.netscape.cms.publish.publishers.FileBasedPublisher) { - publisher.publish(conn, (String)dirdn, cert); + } else if (dirdn instanceof String + || publisher instanceof com.netscape.cms.publish.publishers.FileBasedPublisher) { + publisher.publish(conn, (String) dirdn, cert); } } catch (Throwable e1) { - CMS.debug("PublisherProcessor::publishNow : publisher=" + publisher + " error=" + e1.toString()); + CMS.debug("PublisherProcessor::publishNow : publisher=" + + publisher + " error=" + e1.toString()); throw e1; } - log(ILogger.LL_INFO, "published certificate serial number: 0x" + - cert.getSerialNumber().toString(16)); + log(ILogger.LL_INFO, "published certificate serial number: 0x" + + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { throw e; } catch (Throwable e) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", e.toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", + e.toString())); } finally { if (conn != null) { mLdapConnModule.returnConn(conn); @@ -1387,16 +1473,16 @@ public class PublisherProcessor implements } } - // for crosscerts + // for crosscerts private void publishNow(ILdapMapper mapper, ILdapPublisher publisher, - IRequest r, byte[] bytes) throws ELdapException { + IRequest r, byte[] bytes) throws ELdapException { if (!enabled()) return; - CMS.debug("PublisherProcessor: in publishNow() for xcerts"); + CMS.debug("PublisherProcessor: in publishNow() for xcerts"); - // use ca cert publishing map and rule + // use ca cert publishing map and rule ICertificateAuthority ca = (ICertificateAuthority) mAuthority; - X509Certificate caCert = (X509Certificate) ca.getCACert(); + X509Certificate caCert = (X509Certificate) ca.getCACert(); LDAPConnection conn = null; @@ -1410,28 +1496,32 @@ public class PublisherProcessor implements conn = mLdapConnModule.getConn(); } try { - dirdn = mapper.map(conn, r, (Object) caCert); - CMS.debug("PublisherProcessor: dirdn="+dirdn); + dirdn = mapper.map(conn, r, (Object) caCert); + CMS.debug("PublisherProcessor: dirdn=" + dirdn); } catch (Throwable e1) { - CMS.debug("Error mapping: mapper=" + mapper + " error=" + e1.toString()); + CMS.debug("Error mapping: mapper=" + mapper + " error=" + + e1.toString()); throw e1; } } try { - CMS.debug("PublisherProcessor: publisher impl name="+publisher.getImplName()); + CMS.debug("PublisherProcessor: publisher impl name=" + + publisher.getImplName()); publisher.publish(conn, dirdn, bytes); } catch (Throwable e1) { - CMS.debug("Error publishing: publisher=" + publisher + " error=" + e1.toString()); + CMS.debug("Error publishing: publisher=" + publisher + + " error=" + e1.toString()); throw e1; } log(ILogger.LL_INFO, "published crossCertPair"); } catch (ELdapException e) { throw e; } catch (Throwable e) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", e.toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", + e.toString())); } finally { if (conn != null) { mLdapConnModule.returnConn(conn); @@ -1440,7 +1530,7 @@ public class PublisherProcessor implements } private void unpublishNow(ILdapMapper mapper, ILdapPublisher publisher, - IRequest r, Object obj) throws ELdapException { + IRequest r, Object obj) throws ELdapException { if (!enabled()) return; LDAPConnection conn = null; @@ -1454,13 +1544,13 @@ public class PublisherProcessor implements if (mLdapConnModule != null) { conn = mLdapConnModule.getConn(); } - dirdn = mapper.map(conn, r, obj); + dirdn = mapper.map(conn, r, obj); } X509Certificate cert = (X509Certificate) obj; publisher.unpublish(conn, dirdn, cert); - log(ILogger.LL_INFO, "unpublished certificate serial number: 0x" + - cert.getSerialNumber().toString(16)); + log(ILogger.LL_INFO, "unpublished certificate serial number: 0x" + + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { throw e; } finally { @@ -1497,8 +1587,8 @@ public class PublisherProcessor implements } public boolean isClone() { - if ((mAuthority instanceof ICertificateAuthority) && - ((ICertificateAuthority) mAuthority).isClone()) + if ((mAuthority instanceof ICertificateAuthority) + && ((ICertificateAuthority) mAuthority).isClone()) return true; else return false; @@ -1510,7 +1600,7 @@ public class PublisherProcessor implements public void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, - ILogger.S_LDAP, level, "Publishing: " + msg); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_LDAP, level, "Publishing: " + + msg); } } |