From 4c17e821a99318a1cf62ca0862ce9ee404ea5f6a Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Thu, 19 Sep 2013 14:04:06 -0400 Subject: Added interactive install for tomcat TPS Up to now, only pkispawn with a config file worked for tomcat-tps installation. This patch adds the functionality for the interactive installation. --- .../cms/servlet/csadmin/ConfigurationUtils.java | 3 +- .../netscape/cms/servlet/csadmin/DonePanel.java | 2 +- .../cms/servlet/csadmin/SystemConfigService.java | 2 +- .../python/pki/server/deployment/pkiparser.py | 42 ++++++++++++++ base/server/sbin/pkispawn | 65 ++++++++++++++++++++++ 5 files changed, 111 insertions(+), 3 deletions(-) diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index c8d44228a..78d14b3f5 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -3729,7 +3729,8 @@ public class ConfigurationUtils { CMS.debug("registerUser: status=" + status); if (status.equals(SUCCESS)) { - CMS.debug("registerUser: Successfully added user " + uid + "to " + targetURI); + CMS.debug("registerUser: Successfully added user " + uid + " to " + targetURI + + " using " + targetURL); } else if (status.equals(AUTH_FAILURE)) { throw new EAuthException(AUTH_FAILURE); } else { diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java b/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java index 650ccc292..57583fdcf 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java @@ -261,7 +261,7 @@ public class DonePanel extends WizardPanelBase { CMS.debug("Invalid URI for CA, TKS or KRA: " + e); } catch (Exception e) { e.printStackTrace(); - CMS.debug("Errors in registering TPS to CA, TKS or KRA" + e); + CMS.debug("Errors in registering TPS to CA, TKS or KRA: " + e); } } diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java b/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java index 96c56f725..1884ca3d2 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/SystemConfigService.java @@ -508,7 +508,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou throw new BadRequestException("Invalid URI for CA, TKS or KRA"); } catch (Exception e) { e.printStackTrace(); - throw new PKIException("Errors in registering TPS to CA, TKS or KRA" + e); + throw new PKIException("Errors in registering TPS to CA, TKS or KRA: " + e); } } diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py index e7b23a6d3..523d79e78 100644 --- a/base/server/python/pki/server/deployment/pkiparser.py +++ b/base/server/python/pki/server/deployment/pkiparser.py @@ -30,6 +30,8 @@ import random import requests import string import subprocess +import xml.etree.ElementTree as ET +from urlparse import urlparse # PKI Imports import pki @@ -85,6 +87,7 @@ class PKIConfigParser: self.indent = 0 self.ds_connection = None self.sd_connection = None + self.authdb_connection = None # Master and Slot dictionaries self.pki_master_dict = dict() @@ -431,6 +434,45 @@ class PKIConfigParser: else: raise + def authdb_connect(self): + + hostname = self.pki_master_dict['pki_authdb_hostname'] + port = self.pki_master_dict['pki_authdb_port'] + + if config.str2bool(self.pki_master_dict['pki_authdb_secure_conn']): + protocol = 'ldaps' + else: + protocol = 'ldap' + + self.authdb_connection = ldap.initialize(protocol + '://' + hostname + ':' + port) + self.authdb_connection.search_s('', ldap.SCOPE_BASE) + + def authdb_base_dn_exists(self): + try: + results = self.authdb_connection.search_s( + self.pki_master_dict['pki_authdb_basedn'], + ldap.SCOPE_BASE) + + if results is None or len(results) == 0: + return False + + return True + + except ldap.NO_SUCH_OBJECT: + return False + + def get_server_status(self, system_type, system_uri): + parse = urlparse(self.pki_master_dict[system_uri]) + conn = pki.client.PKIConnection( + protocol=parse.scheme, + hostname=parse.hostname, + port=str(parse.port), + subsystem=system_type) + client = pki.system.SystemStatusClient(conn) + response = client.getStatus() + root = ET.fromstring(response) + return root.findtext("Status") + def compose_pki_master_dictionary(self): "Create a single master PKI dictionary from the sectional dictionaries" try: diff --git a/base/server/sbin/pkispawn b/base/server/sbin/pkispawn index 72841c938..d0ac96716 100755 --- a/base/server/sbin/pkispawn +++ b/base/server/sbin/pkispawn @@ -257,6 +257,71 @@ def main(argv): print + if config.pki_subsystem == "TPS": + print "External Servers:" + + while True: + parser.read_text('CA URL', config.pki_subsystem, 'pki_ca_uri') + try: + status = parser.get_server_status('ca', 'pki_ca_uri') + if status == 'running': + break + parser.print_text('ERROR: CA is not running') + except requests.exceptions.ConnectionError as e: + parser.print_text('ERROR: ' + str(e)) + + while True: + parser.read_text('TKS URL', config.pki_subsystem, 'pki_tks_uri') + try: + status = parser.get_server_status('tks', 'pki_tks_uri') + if status == 'running': + break + parser.print_text('ERROR: TKS is not running') + except requests.exceptions.ConnectionError as e: + parser.print_text('ERROR: ' + str(e)) + + while True: + keygen = parser.read_text('Enable server side key generation (Yes/No)', + options=['Yes', 'Y', 'No', 'N'], default='N', + sign='?', caseSensitive=False).lower() + + if keygen == 'y' or keygen == 'yes': + parser.set_property(config.pki_subsystem, 'pki_enable_server_side_keygen', 'True') + + parser.read_text('KRA URL', config.pki_subsystem, 'pki_kra_uri') + try: + status = parser.get_server_status('kra', 'pki_kra_uri') + if status == 'running': + break + parser.print_text('ERROR: KRA is not running') + except requests.exceptions.ConnectionError as e: + parser.print_text('ERROR: ' + str(e)) + else: + parser.set_property(config.pki_subsystem, 'pki_enable_server_side_keygen', 'False') + break + + print + + print "Authentication Database:" + + while True: + parser.read_text('Hostname', config.pki_subsystem, 'pki_authdb_hostname') + parser.read_text('Port', config.pki_subsystem, 'pki_authdb_port') + basedn = parser.read_text('Base DN', allowEmpty=False) + parser.set_property(config.pki_subsystem, 'pki_authdb_basedn', basedn) + + try: + parser.authdb_connect() + if parser.authdb_base_dn_exists(): + break + else: + parser.print_text('ERROR: base DN does not exist') + + except ldap.LDAPError as e: + parser.print_text('ERROR: ' + e.message['desc']) + + print + if interactive: parser.indent = 0 -- cgit