diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/usrgrp')
5 files changed, 471 insertions, 505 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java b/pki/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java index 21cb9ad44..4bf348ff7 100644 --- a/pki/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java +++ b/pki/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.usrgrp; + import java.security.cert.X509Certificate; import netscape.ldap.LDAPException; @@ -29,11 +30,13 @@ import com.netscape.certsrv.usrgrp.ICertUserLocator; import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; + /** - * This interface defines a strategy on how to match the incoming certificate(s) - * with the certificate(s) in the scope. It matches the "certdn" field which - * contains the subject dn of the certificate - * + * This interface defines a strategy on how to match + * the incoming certificate(s) with the certificate(s) + * in the scope. It matches the "certdn" field which contains + * the subject dn of the certificate + * * @author cfu * @version $Revision$, $Date$ */ @@ -51,16 +54,16 @@ public class CertDNCertUserLocator implements ICertUserLocator { * Retrieves description. */ public String getDescription() { - return "A subject is authenticated if its first" - + " certificate can be matched with one of the" - + " certificate in the scope"; + return "A subject is authenticated if its first" + + " certificate can be matched with one of the" + + " certificate in the scope"; } /** * Do the cert-user mapping */ - public IUser locateUser(Certificates certs) throws EUsrGrpException, - LDAPException, ELdapException { + public IUser locateUser(Certificates certs) throws + EUsrGrpException, LDAPException, ELdapException { mUG = (IUGSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_UG); X509Certificate certificates[] = certs.getCertificates(); @@ -68,7 +71,8 @@ public class CertDNCertUserLocator implements ICertUserLocator { if (certificates == null) return null; - String filter = LDAP_ATTR_CERTDN + "=" + certificates[0].getSubjectDN(); + String filter = LDAP_ATTR_CERTDN + "=" + + certificates[0].getSubjectDN(); return mUG.findUsersByCert(filter); } diff --git a/pki/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java b/pki/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java index 65656b41d..a7aeeb1ed 100644 --- a/pki/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java +++ b/pki/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.usrgrp; + import java.security.cert.X509Certificate; import netscape.ldap.LDAPException; @@ -29,11 +30,13 @@ import com.netscape.certsrv.usrgrp.ICertUserLocator; import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; + /** - * This interface defines a strategy on how to match the incoming certificate(s) - * with the certificate(s) in the scope. It matches the "description" field - * which contains a stringied certificate. - * + * This interface defines a strategy on how to match + * the incoming certificate(s) with the certificate(s) + * in the scope. It matches the "description" field which contains a + * stringied certificate. + * * @author thomask * @author cfu * @version $Revision$, $Date$ @@ -51,16 +54,16 @@ public class ExactMatchCertUserLocator implements ICertUserLocator { * Retrieves description. */ public String getDescription() { - return "A subject is authenticated if its first" - + " certificate can be matched with one of the" - + " certificate in the scope"; + return "A subject is authenticated if its first" + + " certificate can be matched with one of the" + + " certificate in the scope"; } /** * Do the cert-user mapping */ - public IUser locateUser(Certificates certs) throws EUsrGrpException, - LDAPException, ELdapException { + public IUser locateUser(Certificates certs) throws + EUsrGrpException, LDAPException, ELdapException { mUG = (IUGSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_UG); X509Certificate certificates[] = certs.getCertificates(); @@ -69,13 +72,13 @@ public class ExactMatchCertUserLocator implements ICertUserLocator { return null; int pos = 0; - if (certificates[0].getSubjectDN().toString() - .equals(certificates[0].getIssuerDN().toString())) { + if (certificates[0].getSubjectDN().toString().equals( + certificates[0].getIssuerDN().toString())) { pos = certificates.length - 1; } - String filter = "description=" - + mUG.getCertificateString(certificates[pos]); + String filter = "description=" + + mUG.getCertificateString(certificates[pos]); return mUG.findUsersByCert(filter); } diff --git a/pki/base/common/src/com/netscape/cmscore/usrgrp/Group.java b/pki/base/common/src/com/netscape/cmscore/usrgrp/Group.java index c7d6da8e1..40f3281ee 100644 --- a/pki/base/common/src/com/netscape/cmscore/usrgrp/Group.java +++ b/pki/base/common/src/com/netscape/cmscore/usrgrp/Group.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.usrgrp; + import java.util.Enumeration; import java.util.Vector; @@ -25,9 +26,10 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.usrgrp.IGroup; import com.netscape.certsrv.usrgrp.IUsrGrp; + /** * A class represents a group. - * + * * @author cfu * @version $Revision$, $Date$ */ @@ -90,18 +92,15 @@ public class Group implements IGroup { public void set(String name, Object object) throws EBaseException { if (name.equals(ATTR_NAME)) { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } else if (name.equals(ATTR_ID)) { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } else if (name.equals(ATTR_MEMBERS)) { mMembers = (Vector) object; } else if (name.equals(ATTR_DESCRIPTION)) { mDescription = (String) object; } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } @@ -113,14 +112,12 @@ public class Group implements IGroup { } else if (name.equals(ATTR_MEMBERS)) { return mMembers; } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } public void delete(String name) throws EBaseException { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } public Enumeration getElements() { diff --git a/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java index 22e3af9e4..0c1180362 100644 --- a/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.usrgrp; + import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; import java.util.Enumeration; @@ -52,10 +53,12 @@ import com.netscape.certsrv.usrgrp.IUsrGrp; import com.netscape.cmscore.ldapconn.LdapBoundConnFactory; import com.netscape.cmscore.util.Debug; + /** - * This class defines low-level LDAP usr/grp management usr/grp information is - * located remotely on another LDAP server. - * + * This class defines low-level LDAP usr/grp management + * usr/grp information is located remotely on another + * LDAP server. + * * @author thomask * @author cfu * @version $Revision$, $Date$ @@ -71,7 +74,7 @@ public final class UGSubsystem implements IUGSubsystem { protected static final String GROUP_ATTR_VALUE = "groupofuniquenames"; protected static final String LDAP_ATTR_USER_CERT_STRING = "description"; - // protected static final String LDAP_ATTR_CERTDN = "seeAlso"; + // protected static final String LDAP_ATTR_CERTDN = "seeAlso"; protected static final String LDAP_ATTR_USER_CERT = "userCertificate"; protected static final String PROP_BASEDN = "basedn"; @@ -113,15 +116,14 @@ public final class UGSubsystem implements IUGSubsystem { * Sets identifier of this manager */ public void setId(String id) throws EBaseException { - throw new EBaseException( - CMS.getUserMessage("CMS_BASE_INVALID_OPERATION")); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_OPERATION")); } /** * Connects to LDAP server. */ - public void init(ISubsystem owner, IConfigStore config) - throws EBaseException { + public void init(ISubsystem owner, IConfigStore config) + throws EBaseException { mLogger = CMS.getLogger(); mConfig = config; @@ -148,7 +150,7 @@ public final class UGSubsystem implements IUGSubsystem { // register admin servlet } - + /** * Disconnects usr/grp manager from the LDAP */ @@ -159,11 +161,10 @@ public final class UGSubsystem implements IUGSubsystem { mLdapConnFactory = null; } } catch (ELdapException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_LDAP_SHUT", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LDAP_SHUT", e.toString())); } } - + public IUser createUser(String id) { return new User(this, id); } @@ -203,8 +204,7 @@ public final class UGSubsystem implements IUGSubsystem { return u; } else { - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_USER_NOT_FOUND")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_USER_NOT_FOUND")); } } else { LDAPConnection ldapconn = null; @@ -212,7 +212,8 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); // read DN - LDAPSearchResults res = ldapconn.search(userid, + LDAPSearchResults res = + ldapconn.search(userid, LDAPv2.SCOPE_SUB, "(objectclass=*)", null, false); Enumeration e = buildUsers(res); @@ -220,13 +221,12 @@ public final class UGSubsystem implements IUGSubsystem { return (IUser) e.nextElement(); } } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } } catch (Exception e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_GET_USER", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_GET_USER", e.toString())); // throws... } return null; @@ -244,9 +244,9 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); - String filter = LDAP_ATTR_USER_CERT_STRING + "=" - + getCertificateString(cert); - LDAPSearchResults res = ldapconn.search(getUserBaseDN(), + String filter = LDAP_ATTR_USER_CERT_STRING + "=" + getCertificateString(cert); + LDAPSearchResults res = + ldapconn.search(getUserBaseDN(), LDAPConnection.SCOPE_SUB, filter, null, false); Enumeration e = buildUsers(res); @@ -257,28 +257,25 @@ public final class UGSubsystem implements IUGSubsystem { if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "findUser: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER", e.toString())); } catch (ELdapException e) { - String errMsg = "find User: Could not get connection to internaldb. Error " - + e; + String errMsg = + "find User: Could not get connection to internaldb. Error " + e; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_INTERNAL_DB", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_INTERNAL_DB", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } return null; } /** - * Searchs for identities that matches the certificate locater generated - * filter. + * Searchs for identities that matches the certificate locater + * generated filter. */ - public IUser findUsersByCert(String filter) throws EUsrGrpException, - LDAPException { + public IUser findUsersByCert(String filter) throws + EUsrGrpException, LDAPException { if (filter == null) { return null; } @@ -293,8 +290,8 @@ public final class UGSubsystem implements IUGSubsystem { hasSlash = up.indexOf('\\'); while (hasSlash != -1) { - stripped += up.substring(0, hasSlash) + "\\5c"; - ; + stripped += up.substring(0, hasSlash) + + "\\5c";; up = up.substring(hasSlash + 1); hasSlash = up.indexOf('\\'); } @@ -306,7 +303,8 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); LDAPSearchResults res = ldapconn.search(getUserBaseDN(), - LDAPv2.SCOPE_SUB, "(" + filter + ")", null, false); + LDAPv2.SCOPE_SUB, "(" + filter + ")", + null, false); Enumeration e = buildUsers(res); @@ -317,18 +315,15 @@ public final class UGSubsystem implements IUGSubsystem { if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "findUsersByCert: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER_BY_CERT", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER_BY_CERT", e.toString())); } catch (ELdapException e) { - String errMsg = "find Users By Cert: " - + "Could not get connection to internaldb. Error " + e; + String errMsg = + "find Users By Cert: " + + "Could not get connection to internaldb. Error " + e; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER_BY_CERT", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER_BY_CERT", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } @@ -348,7 +343,8 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); LDAPSearchResults res = ldapconn.search(getUserBaseDN(), - LDAPv2.SCOPE_SUB, "(uid=" + filter + ")", null, false); + LDAPv2.SCOPE_SUB, "(uid=" + filter + ")", + null, false); Enumeration e = buildUsers(res); @@ -359,16 +355,14 @@ public final class UGSubsystem implements IUGSubsystem { if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "findUsersByCert: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSCORE_USRGRP_FIND_USERS", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USERS", e.toString())); } catch (ELdapException e) { - String errMsg = "find Users: Could not get connection to internaldb. Error " - + e; + String errMsg = + "find Users: Could not get connection to internaldb. Error " + e; - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSCORE_USRGRP_FIND_USERS", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USERS", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } @@ -376,8 +370,8 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Searchs for identities that matches the filter. retrieves uid only, for - * efficiency of user listing + * Searchs for identities that matches the filter. + * retrieves uid only, for efficiency of user listing */ public Enumeration listUsers(String filter) throws EUsrGrpException { if (filter == null) { @@ -397,8 +391,7 @@ public final class UGSubsystem implements IUGSubsystem { cons.setMaxResults(0); LDAPSearchResults res = ldapconn.search(getUserBaseDN(), - LDAPv2.SCOPE_SUB, "(uid=" + filter + ")", attrs, false, - cons); + LDAPv2.SCOPE_SUB, "(uid=" + filter + ")", attrs, false, cons); Enumeration e = lbuildUsers(res); return e; @@ -408,8 +401,7 @@ public final class UGSubsystem implements IUGSubsystem { if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "findUsersByCert: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSCORE_USRGRP_LIST_USERS", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_USERS", e.toString())); } catch (Exception e) { throw new EUsrGrpException(CMS.getUserMessage("CMS_INTERNAL_ERROR")); } finally { @@ -420,8 +412,8 @@ public final class UGSubsystem implements IUGSubsystem { return null; } - protected Enumeration lbuildUsers(LDAPSearchResults res) - throws EUsrGrpException { + protected Enumeration lbuildUsers(LDAPSearchResults res) throws + EUsrGrpException { Vector v = new Vector(); while (res.hasMoreElements()) { @@ -433,8 +425,8 @@ public final class UGSubsystem implements IUGSubsystem { return v.elements(); } - protected Enumeration buildUsers(LDAPSearchResults res) - throws EUsrGrpException { + protected Enumeration buildUsers(LDAPSearchResults res) throws + EUsrGrpException { Vector v = new Vector(); if (res != null) { @@ -448,22 +440,20 @@ public final class UGSubsystem implements IUGSubsystem { // if v contains nothing, just throw exception if (v.size() == 0) { - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_USER_NOT_FOUND")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_USER_NOT_FOUND")); } return v.elements(); } /** - * builds a User instance. Sets only uid for user entry retrieved from LDAP - * server. for listing efficiency only. - * + * builds a User instance. Sets only uid for user entry retrieved + * from LDAP server. for listing efficiency only. * @return the User entity. */ - protected IUser lbuildUser(LDAPEntry entry) throws EUsrGrpException { - IUser id = createUser(this, (String) entry.getAttribute("uid") - .getStringValues().nextElement()); + protected IUser lbuildUser(LDAPEntry entry) throws EUsrGrpException { + IUser id = createUser(this, (String) + entry.getAttribute("uid").getStringValues().nextElement()); LDAPAttribute cnAttr = entry.getAttribute("cn"); if (cnAttr != null) { @@ -472,10 +462,11 @@ public final class UGSubsystem implements IUGSubsystem { if (cn != null) { id.setFullName(cn); } - + } - LDAPAttribute certAttr = entry.getAttribute(LDAP_ATTR_USER_CERT); + LDAPAttribute certAttr = + entry.getAttribute(LDAP_ATTR_USER_CERT); if (certAttr != null) { Vector certVector = new Vector(); @@ -489,19 +480,18 @@ public final class UGSubsystem implements IUGSubsystem { certVector.addElement(cert); } } catch (Exception ex) { - throw new EUsrGrpException( - CMS.getUserMessage("CMS_INTERNAL_ERROR")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_INTERNAL_ERROR")); } if (certVector != null && certVector.size() != 0) { // Make an array of certs - X509Certificate[] certArray = new X509Certificate[certVector - .size()]; + X509Certificate[] certArray = new X509Certificate[certVector.size()]; Enumeration en = certVector.elements(); int i = 0; while (en.hasMoreElements()) { - certArray[i++] = (X509Certificate) en.nextElement(); + certArray[i++] = (X509Certificate) + en.nextElement(); } id.setX509Certificates(certArray); @@ -512,14 +502,13 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * builds a User instance. Set all attributes retrieved from LDAP server and - * set them on User. - * + * builds a User instance. Set all attributes retrieved from + * LDAP server and set them on User. * @return the User entity. */ protected IUser buildUser(LDAPEntry entry) throws EUsrGrpException { - IUser id = createUser(this, (String) entry.getAttribute("uid") - .getStringValues().nextElement()); + IUser id = createUser(this, (String) + entry.getAttribute("uid").getStringValues().nextElement()); LDAPAttribute cnAttr = entry.getAttribute("cn"); if (cnAttr != null) { @@ -534,20 +523,23 @@ public final class UGSubsystem implements IUGSubsystem { if (userdn != null) { id.setUserDN(userdn); - } else { // the impossible - String errMsg = "buildUser(): user DN not found: " + userdn; + } else { // the impossible + String errMsg = "buildUser(): user DN not found: " + + userdn; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_BUILD_USER")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_BUILD_USER")); throw new EUsrGrpException(CMS.getUserMessage("CMS_INTERNAL_ERROR")); } /* - * LDAPAttribute certdnAttr = entry.getAttribute(LDAP_ATTR_CERTDN); if - * (certdnAttr != null) { String cdn = - * (String)certdnAttr.getStringValues().nextElement(); if (cdn != null) - * { id.setCertDN(cdn); } } + LDAPAttribute certdnAttr = entry.getAttribute(LDAP_ATTR_CERTDN); + if (certdnAttr != null) { + String cdn = (String)certdnAttr.getStringValues().nextElement(); + if (cdn != null) { + id.setCertDN(cdn); + } + } */ LDAPAttribute mailAttr = entry.getAttribute("mail"); @@ -594,7 +586,7 @@ public final class UGSubsystem implements IUGSubsystem { LDAPAttribute userTypeAttr = entry.getAttribute("usertype"); - if (userTypeAttr == null) + if (userTypeAttr == null) id.setUserType(""); else { Enumeration en = userTypeAttr.getStringValues(); @@ -602,11 +594,11 @@ public final class UGSubsystem implements IUGSubsystem { if (en != null && en.hasMoreElements()) { String userType = (String) en.nextElement(); - if ((userType != null) && (!userType.equals("undefined"))) + if ((userType != null) && (! userType.equals("undefined"))) id.setUserType(userType); else id.setUserType(""); - + } } @@ -624,11 +616,12 @@ public final class UGSubsystem implements IUGSubsystem { id.setState(userState); else id.setState(""); - + } } - LDAPAttribute certAttr = entry.getAttribute(LDAP_ATTR_USER_CERT); + LDAPAttribute certAttr = + entry.getAttribute(LDAP_ATTR_USER_CERT); if (certAttr != null) { Vector certVector = new Vector(); @@ -642,19 +635,18 @@ public final class UGSubsystem implements IUGSubsystem { certVector.addElement(cert); } } catch (Exception ex) { - throw new EUsrGrpException( - CMS.getUserMessage("CMS_INTERNAL_ERROR")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_INTERNAL_ERROR")); } if (certVector != null && certVector.size() != 0) { // Make an array of certs - X509Certificate[] certArray = new X509Certificate[certVector - .size()]; + X509Certificate[] certArray = new X509Certificate[certVector.size()]; Enumeration en = certVector.elements(); int i = 0; while (en.hasMoreElements()) { - certArray[i++] = (X509Certificate) en.nextElement(); + certArray[i++] = (X509Certificate) + en.nextElement(); } id.setX509Certificates(certArray); @@ -669,23 +661,24 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Adds identity. Certificates handled by a separate call to addUserCert() + * Adds identity. Certificates handled by a separate call to + * addUserCert() */ public void addUser(IUser identity) throws EUsrGrpException, LDAPException { User id = (User) identity; if (id == null) { - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL")); + throw new + EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL")); } if (id.getUserID() == null) { - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL_NO_UID")); + throw new + EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL_NO_UID")); } LDAPAttributeSet attrs = new LDAPAttributeSet(); - String oc[] = { "top", "person", "organizationalPerson", + String oc[] = {"top", "person", "organizationalPerson", "inetOrgPerson", "cmsuser" }; attrs.add(new LDAPAttribute("objectclass", oc)); @@ -696,42 +689,43 @@ public final class UGSubsystem implements IUGSubsystem { if (id.getPhone() != null) { // DS syntax checking requires a value for PrintableString syntax - if (!id.getPhone().equals("")) { + if (! id.getPhone().equals("")) { attrs.add(new LDAPAttribute("telephonenumber", id.getPhone())); } } - attrs.add(new LDAPAttribute("userpassword", id.getPassword())); + attrs.add(new LDAPAttribute("userpassword", + id.getPassword())); if (id.getUserType() != null) { // DS syntax checking requires a value for Directory String syntax - // but usertype is a MUST attribute, so we need to add something - // here + // but usertype is a MUST attribute, so we need to add something here // if it is undefined. - - if (!id.getUserType().equals("")) { - attrs.add(new LDAPAttribute("usertype", id.getUserType())); + + if (! id.getUserType().equals("")) { + attrs.add(new LDAPAttribute("usertype", id.getUserType())); } else { - attrs.add(new LDAPAttribute("usertype", "undefined")); + attrs.add(new LDAPAttribute("usertype", "undefined")); } } if (id.getState() != null) { // DS syntax checking requires a value for Directory String syntax - if (!id.getState().equals("")) { + if (! id.getState().equals("")) { attrs.add(new LDAPAttribute("userstate", id.getState())); } } - LDAPEntry entry = new LDAPEntry("uid=" + id.getUserID() + "," - + getUserBaseDN(), attrs); + LDAPEntry entry = new LDAPEntry("uid=" + id.getUserID() + + "," + getUserBaseDN(), attrs); // for audit log SessionContext sessionContext = SessionContext.getContext(); String adminId = (String) sessionContext.get(SessionContext.USER_ID); - mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, AuditFormat.LEVEL, - AuditFormat.ADDUSERFORMAT, - new Object[] { adminId, id.getUserID() }); + mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, + AuditFormat.LEVEL, AuditFormat.ADDUSERFORMAT, + new Object[] {adminId, id.getUserID()} + ); LDAPConnection ldapconn = null; @@ -739,13 +733,12 @@ public final class UGSubsystem implements IUGSubsystem { ldapconn = getConn(); ldapconn.add(entry); } catch (ELdapException e) { - String errMsg = "add User: Could not get connection to internaldb. Error " - + e; + String errMsg = + "add User: Could not get connection to internaldb. Error " + e; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -765,47 +758,45 @@ public final class UGSubsystem implements IUGSubsystem { LDAPModificationSet addCert = new LDAPModificationSet(); if ((cert = user.getX509Certificates()) != null) { - LDAPAttribute attrCertStr = new LDAPAttribute( - LDAP_ATTR_USER_CERT_STRING); + LDAPAttribute attrCertStr = new + LDAPAttribute(LDAP_ATTR_USER_CERT_STRING); /* - * LDAPAttribute attrCertDNStr = new - * LDAPAttribute(LDAP_ATTR_CERTDN); + LDAPAttribute attrCertDNStr = new + LDAPAttribute(LDAP_ATTR_CERTDN); */ - LDAPAttribute attrCertBin = new LDAPAttribute(LDAP_ATTR_USER_CERT); + LDAPAttribute attrCertBin = new + LDAPAttribute(LDAP_ATTR_USER_CERT); try { attrCertBin.addValue(cert[0].getEncoded()); attrCertStr.addValue(getCertificateString(cert[0])); - // attrCertDNStr.addValue(cert[0].getSubjectDN().toString()); + // attrCertDNStr.addValue(cert[0].getSubjectDN().toString()); } catch (CertificateEncodingException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER_CERT", - e.toString())); - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_USR_CERT_ERROR")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER_CERT", e.toString())); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_USR_CERT_ERROR")); } addCert.add(LDAPModification.ADD, attrCertStr); - // addCert.add(LDAPModification.ADD, attrCertDNStr); + //addCert.add(LDAPModification.ADD, attrCertDNStr); addCert.add(LDAPModification.ADD, attrCertBin); LDAPConnection ldapconn = null; try { ldapconn = getConn(); - ldapconn.modify("uid=" + user.getUserID() + "," - + getUserBaseDN(), addCert); + ldapconn.modify("uid=" + user.getUserID() + + "," + getUserBaseDN(), addCert); // for audit log SessionContext sessionContext = SessionContext.getContext(); - String adminId = (String) sessionContext - .get(SessionContext.USER_ID); + String adminId = (String) sessionContext.get(SessionContext.USER_ID); mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.ADDUSERCERTFORMAT, - new Object[] { adminId, user.getUserID(), - cert[0].getSubjectDN().toString(), - cert[0].getSerialNumber().toString(16) }); + AuditFormat.LEVEL, AuditFormat.ADDUSERCERTFORMAT, + new Object[] {adminId, user.getUserID(), + cert[0].getSubjectDN().toString(), + cert[0].getSerialNumber().toString(16)} + ); } catch (LDAPException e) { if (Debug.ON) { @@ -816,19 +807,16 @@ public final class UGSubsystem implements IUGSubsystem { if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "findUsersByCert: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", e.toString())); throw e; } catch (ELdapException e) { - String errMsg = "add User Cert: " - + "Could not get connection to internaldb. Error " + e; + String errMsg = + "add User Cert: " + + "Could not get connection to internaldb. Error " + e; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -837,9 +825,9 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Removes a user certificate for a user entry given a user certificate DN - * (actually, a combination of version, serialNumber, issuerDN, and - * SubjectDN), and it gets removed + * Removes a user certificate for a user entry + * given a user certificate DN (actually, a combination of version, + * serialNumber, issuerDN, and SubjectDN), and it gets removed */ public void removeUserCert(IUser identity) throws EUsrGrpException { User user = (User) identity; @@ -854,28 +842,29 @@ public final class UGSubsystem implements IUGSubsystem { ldapUser = (User) getUser(user.getUserID()); if (ldapUser == null) { - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_USER_NOT_FOUND")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_USER_NOT_FOUND")); } X509Certificate[] certs = ldapUser.getX509Certificates(); if (certs == null) { - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); + throw new + EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); } String delCertdn = user.getCertDN(); if (delCertdn == null) { - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); + throw new + EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); } - LDAPAttribute certAttr = new LDAPAttribute(LDAP_ATTR_USER_CERT); - LDAPAttribute certAttrS = new LDAPAttribute(LDAP_ATTR_USER_CERT_STRING); + LDAPAttribute certAttr = new + LDAPAttribute(LDAP_ATTR_USER_CERT); + LDAPAttribute certAttrS = new + LDAPAttribute(LDAP_ATTR_USER_CERT_STRING); - // LDAPAttribute certDNAttrS = new LDAPAttribute(LDAP_ATTR_CERTDN); + //LDAPAttribute certDNAttrS = new LDAPAttribute(LDAP_ATTR_CERTDN); int certCount = 0; @@ -893,80 +882,76 @@ public final class UGSubsystem implements IUGSubsystem { try { certAttr.addValue(certs[i].getEncoded()); certAttrS.addValue(getCertificateString(certs[i])); - // certDNAttrS.addValue(certs[i].getSubjectDN().toString()); + // certDNAttrS.addValue(certs[i].getSubjectDN().toString()); } catch (CertificateEncodingException e) { - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_USR_CERT_ERROR")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_USR_CERT_ERROR")); } attrs.add(LDAPModification.DELETE, certAttr); attrs.add(LDAPModification.DELETE, certAttrS); - // attrs.add(LDAPModification.DELETE, certDNAttrS); + //attrs.add(LDAPModification.DELETE, certDNAttrS); LDAPConnection ldapconn = null; try { ldapconn = getConn(); - ldapconn.modify("uid=" + user.getUserID() + "," - + getUserBaseDN(), attrs); + ldapconn.modify("uid=" + user.getUserID() + + "," + getUserBaseDN(), attrs); certCount++; // for audit log SessionContext sessionContext = SessionContext.getContext(); - String adminId = (String) sessionContext - .get(SessionContext.USER_ID); + String adminId = (String) sessionContext.get(SessionContext.USER_ID); - mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, - AuditFormat.REMOVEUSERCERTFORMAT, new Object[] { - adminId, user.getUserID(), - certs[0].getSubjectDN().toString(), - certs[i].getSerialNumber().toString(16) }); + mLogger.log(ILogger.EV_AUDIT, + ILogger.S_USRGRP, + AuditFormat.LEVEL, + AuditFormat.REMOVEUSERCERTFORMAT, + new Object[] {adminId, user.getUserID(), + certs[0].getSubjectDN().toString(), + certs[i].getSerialNumber().toString(16)} + ); } catch (LDAPException e) { String errMsg = "removeUserCert():" + e; if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { - errMsg = "removeUserCert: " - + "Internal DB is unavailable"; + errMsg = + "removeUserCert: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", - e.toString())); - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_MOD_USER_FAIL")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", e.toString())); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_MOD_USER_FAIL")); } catch (ELdapException e) { - String errMsg = "remove User Cert: " - + "Could not get connection to internaldb. Error " - + e; + String errMsg = + "remove User Cert: " + + "Could not get connection to internaldb. Error " + e; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } } if (certCount == 0) { - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); + throw new + EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); } return; } - public void removeUserFromGroup(IGroup grp, String userid) - throws EUsrGrpException { - + public void removeUserFromGroup(IGroup grp, String userid) + throws EUsrGrpException { + LDAPConnection ldapconn = null; try { ldapconn = getConn(); - String groupDN = "cn=" + grp.getGroupID() + "," + getGroupBaseDN(); - LDAPAttribute memberAttr = new LDAPAttribute("uniquemember", "uid=" - + userid + "," + getUserBaseDN()); + String groupDN = "cn=" + grp.getGroupID() + + "," + getGroupBaseDN(); + LDAPAttribute memberAttr = new LDAPAttribute( + "uniquemember", "uid=" + userid + "," + getUserBaseDN()); LDAPModification singleChange = new LDAPModification( LDAPModification.DELETE, memberAttr); @@ -977,19 +962,16 @@ public final class UGSubsystem implements IUGSubsystem { if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "removeUser: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSCORE_USRGRP_REMOVE_USER_FROM_GROUP", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER_FROM_GROUP", e.toString())); - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_REMOVE_USER_FAIL")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_REMOVE_USER_FAIL")); } catch (ELdapException e) { - String errMsg = "removeUserFromGroup: Could not get connection to internaldb. Error " - + e; + String errMsg = + "removeUserFromGroup: Could not get connection to internaldb. Error " + e; - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSCORE_USRGRP_REMOVE_USER_FROM_GROUP", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER_FROM_GROUP", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -1009,12 +991,12 @@ public final class UGSubsystem implements IUGSubsystem { ldapconn.delete("uid=" + userid + "," + getUserBaseDN()); // for audit log SessionContext sessionContext = SessionContext.getContext(); - String adminId = (String) sessionContext - .get(SessionContext.USER_ID); + String adminId = (String) sessionContext.get(SessionContext.USER_ID); - mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, AuditFormat.LEVEL, - AuditFormat.REMOVEUSERFORMAT, new Object[] { adminId, - userid }); + mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, + AuditFormat.LEVEL, AuditFormat.REMOVEUSERFORMAT, + new Object[] {adminId, userid} + ); } catch (LDAPException e) { String errMsg = "removeUser()" + e.toString(); @@ -1022,34 +1004,29 @@ public final class UGSubsystem implements IUGSubsystem { if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "removeUser: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", e.toString())); - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_REMOVE_USER_FAIL")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_REMOVE_USER_FAIL")); } catch (ELdapException e) { - String errMsg = "remove User: Could not get connection to internaldb. Error " - + e; + String errMsg = + "remove User: Could not get connection to internaldb. Error " + e; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } /** - * modifies user attributes. Certs are handled separately + * modifies user attributes. Certs are handled separately */ public void modifyUser(IUser identity) throws EUsrGrpException { User user = (User) identity; String st = null; /** - * X509Certificate certs[] = null; + X509Certificate certs[] = null; **/ LDAPModificationSet attrs = new LDAPModificationSet(); @@ -1062,8 +1039,10 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); if ((st = user.getFullName()) != null) { - attrs.add(LDAPModification.REPLACE, new LDAPAttribute("sn", st)); - attrs.add(LDAPModification.REPLACE, new LDAPAttribute("cn", st)); + attrs.add(LDAPModification.REPLACE, + new LDAPAttribute("sn", st)); + attrs.add(LDAPModification.REPLACE, + new LDAPAttribute("cn", st)); } if ((st = user.getEmail()) != null) { LDAPAttribute ld = new LDAPAttribute("mail", st); @@ -1071,40 +1050,38 @@ public final class UGSubsystem implements IUGSubsystem { attrs.add(LDAPModification.REPLACE, ld); } if ((st = user.getPassword()) != null && (!st.equals(""))) { - attrs.add(LDAPModification.REPLACE, new LDAPAttribute( - "userpassword", st)); + attrs.add(LDAPModification.REPLACE, + new LDAPAttribute("userpassword", st)); } if ((st = user.getPhone()) != null) { - if (!st.equals("")) { - attrs.add(LDAPModification.REPLACE, new LDAPAttribute( - "telephonenumber", st)); + if (! st.equals("")) { + attrs.add(LDAPModification.REPLACE, + new LDAPAttribute("telephonenumber", st)); } else { try { LDAPModification singleChange = new LDAPModification( - LDAPModification.DELETE, new LDAPAttribute( - "telephonenumber")); - ldapconn.modify("uid=" + user.getUserID() + "," - + getUserBaseDN(), singleChange); + LDAPModification.DELETE, new LDAPAttribute("telephonenumber")); + ldapconn.modify("uid=" + user.getUserID() + + "," + getUserBaseDN(), singleChange); } catch (LDAPException e) { if (e.getLDAPResultCode() != LDAPException.NO_SUCH_ATTRIBUTE) { CMS.debug("modifyUser: Error in deleting telephonenumber"); throw e; } } - } + } } if ((st = user.getState()) != null) { - if (!st.equals("")) { - attrs.add(LDAPModification.REPLACE, new LDAPAttribute( - "userstate", st)); + if (! st.equals("")) { + attrs.add(LDAPModification.REPLACE, + new LDAPAttribute("userstate", st)); } else { try { LDAPModification singleChange = new LDAPModification( - LDAPModification.DELETE, new LDAPAttribute( - "userstate")); - ldapconn.modify("uid=" + user.getUserID() + "," - + getUserBaseDN(), singleChange); + LDAPModification.DELETE, new LDAPAttribute("userstate")); + ldapconn.modify("uid=" + user.getUserID() + + "," + getUserBaseDN(), singleChange); } catch (LDAPException e) { if (e.getLDAPResultCode() != LDAPException.NO_SUCH_ATTRIBUTE) { CMS.debug("modifyUser: Error in deleting userstate"); @@ -1112,40 +1089,45 @@ public final class UGSubsystem implements IUGSubsystem { } } } - } + } /** - * if ((certs = user.getCertificates()) != null) { LDAPAttribute - * attrCertStr = new LDAPAttribute("description"); LDAPAttribute - * attrCertBin = new LDAPAttribute(LDAP_ATTR_USER_CERT); for (int i - * = 0 ; i < certs.length; i++) { - * attrCertBin.addValue(certs[i].getEncoded()); - * attrCertStr.addValue(getCertificateString(certs[i])); } - * attrs.add(attrCertStr); - * - * if (user.getCertOp() == OpDef.ADD) { - * attrs.add(LDAPModification.ADD, attrCertBin); } else if - * (user.getCertOp() == OpDef.DELETE) { - * attrs.add(LDAPModification.DELETE, attrCertBin); } else { throw - * new EUsrGrpException(UsrGrpResources.USR_MOD_ILL_CERT_OP); } } + if ((certs = user.getCertificates()) != null) { + LDAPAttribute attrCertStr = new + LDAPAttribute("description"); + LDAPAttribute attrCertBin = new + LDAPAttribute(LDAP_ATTR_USER_CERT); + for (int i = 0 ; i < certs.length; i++) { + attrCertBin.addValue(certs[i].getEncoded()); + attrCertStr.addValue(getCertificateString(certs[i])); + } + attrs.add(attrCertStr); + + if (user.getCertOp() == OpDef.ADD) { + attrs.add(LDAPModification.ADD, attrCertBin); + } else if (user.getCertOp() == OpDef.DELETE) { + attrs.add(LDAPModification.DELETE, attrCertBin); + } else { + throw new EUsrGrpException(UsrGrpResources.USR_MOD_ILL_CERT_OP); + } + } **/ - ldapconn.modify("uid=" + user.getUserID() + "," + getUserBaseDN(), - attrs); + ldapconn.modify("uid=" + user.getUserID() + + "," + getUserBaseDN(), attrs); // for audit log SessionContext sessionContext = SessionContext.getContext(); - String adminId = (String) sessionContext - .get(SessionContext.USER_ID); + String adminId = (String) sessionContext.get(SessionContext.USER_ID); - mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, AuditFormat.LEVEL, - AuditFormat.MODIFYUSERFORMAT, - new Object[] { adminId, user.getUserID() }); + mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, + AuditFormat.LEVEL, AuditFormat.MODIFYUSERFORMAT, + new Object[] {adminId, user.getUserID()} + ); } catch (Exception e) { - // e.printStackTrace(); - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_MOD_USER_FAIL")); + //e.printStackTrace(); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_MOD_USER_FAIL")); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -1173,32 +1155,29 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); - LDAPSearchResults res = ldapconn.search(getGroupBaseDN(), - LDAPv2.SCOPE_SUB, "(&(objectclass=groupofuniquenames)(cn=" - + filter + "))", null, false); + LDAPSearchResults res = + ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB, + "(&(objectclass=groupofuniquenames)(cn=" + filter + "))", + null, false); return buildGroups(res); } catch (LDAPException e) { - String errMsg = "findGroups: could not find group " + filter - + ". Error " + e; + String errMsg = + "findGroups: could not find group " + filter + ". Error " + e; if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "findGroups: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_FIND_GROUPS", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_GROUPS", e.toString())); return null; } catch (ELdapException e) { - String errMsg = "find Groups: Could not get connection to internaldb. Error " - + e; + String errMsg = + "find Groups: Could not get connection to internaldb. Error " + e; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_FIND_GROUPS", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_GROUPS", e.toString())); return null; } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -1212,8 +1191,8 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * List groups. more efficient than find Groups. only retrieves group names - * and description. + * List groups. more efficient than find Groups. only retrieves + * group names and description. */ public Enumeration listGroups(String filter) throws EUsrGrpException { if (filter == null) { @@ -1229,9 +1208,10 @@ public final class UGSubsystem implements IUGSubsystem { attrs[1] = "description"; ldapconn = getConn(); - LDAPSearchResults res = ldapconn.search(getGroupBaseDN(), - LDAPv2.SCOPE_SUB, "(&(objectclass=groupofuniquenames)(cn=" - + filter + "))", attrs, false); + LDAPSearchResults res = + ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB, + "(&(objectclass=groupofuniquenames)(cn=" + filter + "))", + attrs, false); return buildGroups(res); } catch (LDAPException e) { @@ -1240,18 +1220,14 @@ public final class UGSubsystem implements IUGSubsystem { if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "listGroups: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString())); } catch (ELdapException e) { - String errMsg = "list Groups: Could not get connection to internaldb. Error " - + e; + String errMsg = + "list Groups: Could not get connection to internaldb. Error " + e; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } return null; @@ -1261,10 +1237,9 @@ public final class UGSubsystem implements IUGSubsystem { * builds an instance of a Group entry */ protected IGroup buildGroup(LDAPEntry entry) { - String groupName = (String) entry.getAttribute("cn").getStringValues() - .nextElement(); + String groupName = (String)entry.getAttribute("cn").getStringValues().nextElement(); IGroup grp = createGroup(this, groupName); - + LDAPAttribute grpDesc = entry.getAttribute("description"); if (grpDesc != null) { @@ -1278,8 +1253,7 @@ public final class UGSubsystem implements IUGSubsystem { grp.set("description", desc); } catch (EBaseException ex) { // later... - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSCORE_USRGRP_BUILD_GROUP", ex.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_BUILD_GROUP", ex.toString())); } } } @@ -1289,9 +1263,7 @@ public final class UGSubsystem implements IUGSubsystem { grp.set("description", ""); // safety net } catch (EBaseException ex) { // later... - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_BUILD_GROUP", - ex.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_BUILD_GROUP", ex.toString())); } } @@ -1307,28 +1279,24 @@ public final class UGSubsystem implements IUGSubsystem { while (e.hasMoreElements()) { String v = (String) e.nextElement(); - // grp.addMemberName(v); + // grp.addMemberName(v); // DOES NOT SUPPORT NESTED GROUPS... - /* - * BAD_GROUP_MEMBER message goes to system log We are testing unique - * member attribute for 1. presence of uid string 2. presence and - * sequence of equal sign and comma 3. absence of equal sign between - * previously found equal sign and comma 4. absence of non white - * space characters between uid string and equal sign - */ + /* BAD_GROUP_MEMBER message goes to system log + * We are testing unique member attribute for + * 1. presence of uid string + * 2. presence and sequence of equal sign and comma + * 3. absence of equal sign between previously found equal sign and comma + * 4. absence of non white space characters between uid string and equal sign + */ int i = -1; int j = -1; - if (v == null || v.length() < 3 - || (!(v.substring(0, 3)).equalsIgnoreCase("uid")) - || ((i = v.indexOf('=')) < 0) || ((j = v.indexOf(',')) < 0) - || i > j || (v.substring(i + 1, j)).indexOf('=') > -1 - || ((v.substring(3, i)).trim()).length() > 0) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSCORE_USRGRP_BAD_GROUP_MEMBER", groupName, v)); + if (v == null || v.length() < 3 || (!(v.substring(0,3)).equalsIgnoreCase("uid")) || + ((i = v.indexOf('=')) < 0) || ((j = v.indexOf(',')) < 0) || i > j || + (v.substring(i+1, j)).indexOf('=') > -1 || ((v.substring(3, i)).trim()).length() > 0) { + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_BAD_GROUP_MEMBER", groupName, v)); } else { - grp.addMemberName(v.substring(v.indexOf('=') + 1, - v.indexOf(','))); + grp.addMemberName(v.substring(v.indexOf('=') + 1, v.indexOf(','))); } } @@ -1340,20 +1308,22 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Retrieves a group from LDAP NOTE - this takes just the group name. + * Retrieves a group from LDAP + * NOTE - this takes just the group name. */ public IGroup getGroupFromName(String name) { return getGroup("cn=" + name + "," + getGroupBaseDN()); } /** - * Retrieves a group from LDAP NOTE - LH This takes a full LDAP DN. + * Retrieves a group from LDAP + * NOTE - LH This takes a full LDAP DN. */ public IGroup getGroup(String name) { if (name == null) { return null; } - + LDAPConnection ldapconn = null; try { @@ -1367,8 +1337,7 @@ public final class UGSubsystem implements IUGSubsystem { return null; return (IGroup) e.nextElement(); } catch (Exception e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_GET_GROUP", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_GET_GROUP", e.toString())); } finally { if (ldapconn != null) returnConn(ldapconn); @@ -1404,9 +1373,7 @@ public final class UGSubsystem implements IUGSubsystem { } } } catch (Exception e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_IS_GROUP_PRESENT", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_IS_GROUP_PRESENT", e.toString())); } finally { if (ldapconn != null) returnConn(ldapconn); @@ -1414,82 +1381,91 @@ public final class UGSubsystem implements IUGSubsystem { return false; } - public boolean isMemberOf(String userid, String groupname) { + public boolean isMemberOf(String userid, String groupname) + { try { - IUser user = getUser(userid); - return isMemberOfLdapGroup(user.getUserDN(), groupname); + IUser user = getUser(userid); + return isMemberOfLdapGroup(user.getUserDN(), groupname); } catch (Exception e) { - /* do nothing */ + /* do nothing */ } return false; } /** - * Checks if the given user is a member of the given group (now runs an ldap - * search to find the user, instead of fetching the entire group entry) + * Checks if the given user is a member of the given group + * (now runs an ldap search to find the user, instead of + * fetching the entire group entry) */ - public boolean isMemberOf(IUser id, String name) { - if (id == null) { - log(ILogger.LL_WARN, "isMemberOf(): id is null"); - return false; + public boolean isMemberOf(IUser id, String name) { + if (id == null) { + log(ILogger.LL_WARN, "isMemberOf(): id is null"); + return false; } - if (name == null) { - log(ILogger.LL_WARN, "isMemberOf(): name is null"); - return false; + if (name == null) { + log(ILogger.LL_WARN, "isMemberOf(): name is null"); + return false; } - Debug.trace("UGSubsystem.isMemberOf() using new lookup code"); - return isMemberOfLdapGroup(id.getUserDN(), name); + Debug.trace("UGSubsystem.isMemberOf() using new lookup code"); + return isMemberOfLdapGroup(id.getUserDN(),name); } + /** - * checks if the given user DN is in the specified group by running an ldap - * search for the user in the group + * checks if the given user DN is in the specified group + * by running an ldap search for the user in the group */ - protected boolean isMemberOfLdapGroup(String userid, String groupname) { - String basedn = "cn=" + groupname + ",ou=groups," + mBaseDN; + protected boolean isMemberOfLdapGroup(String userid,String groupname) + { + String basedn = "cn="+groupname+",ou=groups,"+mBaseDN; LDAPConnection ldapconn = null; - boolean founduser = false; + boolean founduser=false; try { - // the group could potentially have many thousands - // of members, (many values of the uniquemember - // attribute). So, we don't want to fetch this - // list each time. We'll just fetch the CN. - String attrs[] = new String[1]; - attrs[0] = "cn"; + // the group could potentially have many thousands + // of members, (many values of the uniquemember + // attribute). So, we don't want to fetch this + // list each time. We'll just fetch the CN. + String attrs[]= new String[1]; + attrs[0] = "cn"; ldapconn = getConn(); - String filter = "(uniquemember=" + userid + ")"; - Debug.trace("authorization search base: " + basedn); - Debug.trace("authorization search filter: " + filter); - LDAPSearchResults res = ldapconn.search(basedn, LDAPv2.SCOPE_BASE, - filter, attrs, false); - // If the result had at least one entry, we know - // that the filter matched, and so the user correctly - // authenticated. - if (res.hasMoreElements()) { - // actually read the entry - LDAPEntry entry = (LDAPEntry) res.nextElement(); - founduser = true; - } - Debug.trace("authorization result: " + founduser); - } catch (LDAPException e) { - String errMsg = "isMemberOfLdapGroup: could not find group " - + groupname + ". Error " + e; - if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { - errMsg = "isMemberOfLdapGroup: " + "Internal DB is unavailable"; - } - Debug.trace("authorization exception: " + errMsg); - // too chatty in system log - // log(ILogger.LL_FAILURE, errMsg); - } catch (ELdapException e) { - String errMsg = "isMemberOfLdapGroup: Could not get connection to internaldb. Error " - + e; - Debug.trace("authorization exception: " + errMsg); + + String filter = "(uniquemember="+userid+")"; + Debug.trace("authorization search base: "+basedn); + Debug.trace("authorization search filter: "+filter); + LDAPSearchResults res = + ldapconn.search(basedn, LDAPv2.SCOPE_BASE, + filter, + attrs, false); + // If the result had at least one entry, we know + // that the filter matched, and so the user correctly + // authenticated. + if (res.hasMoreElements()) { + // actually read the entry + LDAPEntry entry = (LDAPEntry)res.nextElement(); + founduser=true; + } + Debug.trace("authorization result: "+founduser); + } catch (LDAPException e) { + String errMsg = + "isMemberOfLdapGroup: could not find group "+groupname+". Error "+e; + if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { + errMsg = "isMemberOfLdapGroup: "+"Internal DB is unavailable"; + } + Debug.trace("authorization exception: "+errMsg); + // too chatty in system log + // log(ILogger.LL_FAILURE, errMsg); + } + catch (ELdapException e) { + String errMsg = + "isMemberOfLdapGroup: Could not get connection to internaldb. Error "+e; + Debug.trace("authorization exception: "+errMsg); log(ILogger.LL_FAILURE, errMsg); - } finally { + } + finally { if (ldapconn != null) returnConn(ldapconn); } @@ -1510,7 +1486,7 @@ public final class UGSubsystem implements IUGSubsystem { try { LDAPAttributeSet attrs = new LDAPAttributeSet(); - String oc[] = { "top", "groupOfUniqueNames" }; + String oc[] = {"top", "groupOfUniqueNames"}; attrs.add(new LDAPAttribute("objectclass", oc)); attrs.add(new LDAPAttribute("cn", group.getGroupID())); @@ -1524,12 +1500,13 @@ public final class UGSubsystem implements IUGSubsystem { String name = (String) e.nextElement(); // DOES NOT SUPPORT NESTED GROUPS... - attrMembers.addValue("uid=" + name + "," + getUserBaseDN()); + attrMembers.addValue("uid=" + name + "," + + getUserBaseDN()); } attrs.add(attrMembers); } - LDAPEntry entry = new LDAPEntry("cn=" + grp.getGroupID() + "," - + getGroupBaseDN(), attrs); + LDAPEntry entry = new LDAPEntry("cn=" + grp.getGroupID() + + "," + getGroupBaseDN(), attrs); ldapconn = getConn(); ldapconn.add(entry); @@ -1539,36 +1516,30 @@ public final class UGSubsystem implements IUGSubsystem { if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "addGroup: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_ADD_GROUP", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_GROUP", e.toString())); - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_ADD_GROUP_FAIL")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_GROUP_FAIL")); } catch (ELdapException e) { - String errMsg = "add Group: Could not get connection to internaldb. Error " - + e; + String errMsg = + "add Group: Could not get connection to internaldb. Error " + e; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_ADD_GROUP", e.toString())); - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_ADD_GROUP_FAIL")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_GROUP", e.toString())); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_GROUP_FAIL")); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } /** - * Removes a group. Can't remove SUPER_CERT_ADMINS + * Removes a group. Can't remove SUPER_CERT_ADMINS */ public void removeGroup(String name) throws EUsrGrpException { if (name == null) { return; } else if (name.equalsIgnoreCase(SUPER_CERT_ADMINS)) { - log(ILogger.LL_WARN, - "removing Certificate Server Administrators group is not allowed"); - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_REMOVE_GROUP_FAIL")); + log(ILogger.LL_WARN, "removing Certificate Server Administrators group is not allowed"); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_REMOVE_GROUP_FAIL")); } LDAPConnection ldapconn = null; @@ -1582,19 +1553,15 @@ public final class UGSubsystem implements IUGSubsystem { if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "removeGroup: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_GROUP", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_GROUP", e.toString())); - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_REMOVE_GROUP_FAIL")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_REMOVE_GROUP_FAIL")); } catch (ELdapException e) { - String errMsg = "remove Group: Could not get connection to internaldb. " - + "Error " + e; + String errMsg = + "remove Group: Could not get connection to internaldb. " + + "Error " + e; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_GROUP", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_GROUP", e.toString())); } finally { if (ldapconn != null) returnConn(ldapconn); @@ -1618,8 +1585,8 @@ public final class UGSubsystem implements IUGSubsystem { String desc = grp.getDescription(); if (desc != null) { - mod.add(LDAPModification.REPLACE, new LDAPAttribute( - "description", desc)); + mod.add(LDAPModification.REPLACE, + new LDAPAttribute("description", desc)); } Enumeration e = grp.getMemberNames(); @@ -1629,7 +1596,8 @@ public final class UGSubsystem implements IUGSubsystem { String name = (String) e.nextElement(); // DOES NOT SUPPORT NESTED GROUPS... - attrMembers.addValue("uid=" + name + "," + getUserBaseDN()); + attrMembers.addValue("uid=" + name + "," + + getUserBaseDN()); } mod.add(LDAPModification.REPLACE, attrMembers); } else { @@ -1637,32 +1605,26 @@ public final class UGSubsystem implements IUGSubsystem { mod.add(LDAPModification.DELETE, attrMembers); } else { // not allowed - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_ILL_GRP_MOD")); + throw new + EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ILL_GRP_MOD")); } } ldapconn = getConn(); - ldapconn.modify("cn=" + grp.getGroupID() + "," + getGroupBaseDN(), - mod); + ldapconn.modify("cn=" + grp.getGroupID() + + "," + getGroupBaseDN(), mod); } catch (LDAPException e) { String errMsg = " modifyGroup()" + e.toString(); if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "modifyGroup: " + "Internal DB is unavailable"; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_MODIFY_GROUP", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_MODIFY_GROUP", e.toString())); - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_MOD_GROUP_FAIL")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_MOD_GROUP_FAIL")); } catch (Exception e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_MODIFY_GROUP", - e.toString())); - throw new EUsrGrpException( - CMS.getUserMessage("CMS_USRGRP_MOD_GROUP_FAIL")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_MODIFY_GROUP", e.toString())); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_MOD_GROUP_FAIL")); } finally { if (ldapconn != null) returnConn(ldapconn); @@ -1670,16 +1632,18 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Evalutes the given context with the attribute critieria. + * Evalutes the given context with the attribute + * critieria. */ - public boolean evaluate(String type, IUser id, String op, String value) { + public boolean evaluate(String type, IUser id, + String op, String value) { if (op.equals("=")) { if (type.equalsIgnoreCase("user")) { if (isMatched(value, id.getName())) return true; } if (type.equalsIgnoreCase("group")) { - return isMemberOf(id, value); + return isMemberOf(id, value); } } return false; @@ -1688,7 +1652,8 @@ public final class UGSubsystem implements IUGSubsystem { /** * Converts an uid attribute to a DN. */ - protected String convertUIDtoDN(String uid) throws LDAPException { + protected String convertUIDtoDN(String uid) throws + LDAPException { String u = uid; if (u == null) { @@ -1708,21 +1673,21 @@ public final class UGSubsystem implements IUGSubsystem { return entry.getDN(); } } catch (ELdapException e) { - String errMsg = "convertUIDtoDN: Could not get connection to internaldb. " - + "Error " + e; + String errMsg = + "convertUIDtoDN: Could not get connection to internaldb. " + + "Error " + e; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_USRGRP_CONVERT_UID", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_CONVERT_UID", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } return null; } /** - * Checks if the given DNs are the same after normalization. + * Checks if the given DNs are the same after + * normalization. */ protected boolean isMatched(String dn1, String dn2) { String rdn1[] = LDAPDN.explodeDN(dn1, false); @@ -1740,16 +1705,16 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Converts certificate into string format. should eventually go into the - * locator itself + * Converts certificate into string format. + * should eventually go into the locator itself */ protected String getCertificateStringWithoutVersion(X509Certificate cert) { if (cert == null) { return null; } // note that it did not represent a certificate fully - return "-1;" + cert.getSerialNumber().toString() + ";" - + cert.getIssuerDN() + ";" + cert.getSubjectDN(); + return "-1;" + cert.getSerialNumber().toString() + + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); } public String getCertificateString(X509Certificate cert) { @@ -1758,8 +1723,8 @@ public final class UGSubsystem implements IUGSubsystem { } // note that it did not represent a certificate fully - return cert.getVersion() + ";" + cert.getSerialNumber().toString() - + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); + return cert.getVersion() + ";" + cert.getSerialNumber().toString() + + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); } /** @@ -1777,21 +1742,21 @@ public final class UGSubsystem implements IUGSubsystem { } protected LDAPConnection getConn() throws ELdapException { - if (mLdapConnFactory == null) + if (mLdapConnFactory == null) return null; return mLdapConnFactory.getConn(); } protected void returnConn(LDAPConnection conn) { - if (mLdapConnFactory != null) + if (mLdapConnFactory != null) mLdapConnFactory.returnConn(conn); } private void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_USRGRP, level, - "UGSubsystem: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_USRGRP, + level, "UGSubsystem: " + msg); } public ICertUserLocator getCertUserLocator() { diff --git a/pki/base/common/src/com/netscape/cmscore/usrgrp/User.java b/pki/base/common/src/com/netscape/cmscore/usrgrp/User.java index ce3337bd3..5133eb23e 100644 --- a/pki/base/common/src/com/netscape/cmscore/usrgrp/User.java +++ b/pki/base/common/src/com/netscape/cmscore/usrgrp/User.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.usrgrp; + import java.security.cert.X509Certificate; import java.util.Enumeration; import java.util.Vector; @@ -26,9 +27,10 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.usrgrp.IUser; import com.netscape.certsrv.usrgrp.IUsrGrp; + /** * A class represents a user. - * + * * @author cfu * @version $Revision$, $Date$ */ @@ -59,7 +61,7 @@ public class User implements IUser { mNames.addElement(ATTR_PASSWORD); mNames.addElement(ATTR_STATE); mNames.addElement(ATTR_EMAIL); - // mNames.addElement(ATTR_PHONENUMBER); + // mNames.addElement(ATTR_PHONENUMBER); mNames.addElement(ATTR_X509_CERTIFICATES); mNames.addElement(ATTR_USERTYPE); } @@ -76,7 +78,7 @@ public class User implements IUser { * Retrieves the name of this identity. */ public String getName() { - // return mScope.getId() + "://" + mUserid; + // return mScope.getId() + "://" + mUserid; return mUserid; } @@ -170,11 +172,9 @@ public class User implements IUser { public void set(String name, Object object) throws EBaseException { if (name.equals(ATTR_NAME)) { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } else if (name.equals(ATTR_ID)) { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } else if (name.equals(ATTR_FULLNAME)) { setFullName((String) object); } else if (name.equals(ATTR_STATE)) { @@ -186,11 +186,10 @@ public class User implements IUser { } else if (name.equals(ATTR_USERTYPE)) { setUserType((String) object); } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } - + public Object get(String name) throws EBaseException { if (name.equals(ATTR_NAME)) { return getName(); @@ -207,14 +206,12 @@ public class User implements IUser { } else if (name.equals(ATTR_USERTYPE)) { return getUserType(); } else { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } public void delete(String name) throws EBaseException { - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_INVALID_ATTRIBUTE", name)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } public Enumeration getElements() { |