From 5bb7933dd00f11ec87237d3bad7756989abb59ee Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Thu, 6 Sep 2012 16:33:48 -0500 Subject: Added REST interface to get domain info. The REST interface for security domain has been updated to provide a method to get the domain info. A CLI has been provided to access this method. Ticket #309 --- .../com/netscape/certsrv/system/DomainInfo.java | 203 ++++++++------- .../certsrv/system/SecurityDomainClient.java | 4 + .../certsrv/system/SecurityDomainHost.java | 210 +++++++++++++++- .../certsrv/system/SecurityDomainHostList.java | 53 ---- .../certsrv/system/SecurityDomainResource.java | 5 + .../certsrv/system/SecurityDomainSubsystem.java | 136 ++++++++++ .../certsrv/system/SystemConfigResource.java | 7 - .../servlet/csadmin/SecurityDomainProcessor.java | 280 ++++++++++++++++++++- .../cms/servlet/csadmin/SecurityDomainService.java | 12 + .../cms/servlet/csadmin/SystemConfigService.java | 8 - .../src/com/netscape/cmscore/policy/PolicySet.java | 6 +- .../cmstools/system/SecurityDomainCLI.java | 27 ++ .../cmstools/system/SecurityDomainShowCLI.java | 66 +++++ 13 files changed, 843 insertions(+), 174 deletions(-) delete mode 100644 base/common/src/com/netscape/certsrv/system/SecurityDomainHostList.java create mode 100644 base/common/src/com/netscape/certsrv/system/SecurityDomainSubsystem.java create mode 100644 base/java-tools/src/com/netscape/cmstools/system/SecurityDomainShowCLI.java diff --git a/base/common/src/com/netscape/certsrv/system/DomainInfo.java b/base/common/src/com/netscape/certsrv/system/DomainInfo.java index 50b606af3..3f38c64ab 100644 --- a/base/common/src/com/netscape/certsrv/system/DomainInfo.java +++ b/base/common/src/com/netscape/certsrv/system/DomainInfo.java @@ -14,142 +14,151 @@ // // (C) 2012 Red Hat, Inc. // All rights reserved. -// --- END COPYRIGHT BLOCK --- +// --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.system; +import java.io.StringReader; +import java.io.StringWriter; +import java.util.LinkedHashMap; +import java.util.Map; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; /** * @author alee - * */ @XmlRootElement(name="DomainInfo") +@XmlAccessorType(XmlAccessType.NONE) public class DomainInfo { - - @XmlElement(name="CAList") - protected SecurityDomainHostList caList; - - @XmlElement(name="KRAList") - protected SecurityDomainHostList kraList; - - @XmlElement(name="OCSPList") - protected SecurityDomainHostList ocspList; - - @XmlElement(name="TKSList") - protected SecurityDomainHostList tksList; - - @XmlElement(name="TPSList") - protected SecurityDomainHostList tpsList; - - @XmlElement(name="RAList") - protected SecurityDomainHostList raList; - - @XmlElement - protected String name; - - /** - * @return the name - */ + + String name; + Map subsystems = new LinkedHashMap(); + + @XmlAttribute(name="id") public String getName() { return name; } - /** - * @param name the name to set - */ public void setName(String name) { this.name = name; } - /** - * @return the caList - */ - public SecurityDomainHostList getCaList() { - return caList; + @XmlElement(name="Subsystem") + public SecurityDomainSubsystem[] getSubsystems() { + return subsystems.values().toArray(new SecurityDomainSubsystem[subsystems.size()]); } - /** - * @param caList the caList to set - */ - public void setCaList(SecurityDomainHostList caList) { - this.caList = caList; + public void setSubsystems(SecurityDomainSubsystem[] subsystems) { + this.subsystems.clear(); + for (SecurityDomainSubsystem subsystem : subsystems) { + this.subsystems.put(subsystem.name, subsystem); + } } - /** - * @return the kraList - */ - public SecurityDomainHostList getKraList() { - return kraList; + public SecurityDomainSubsystem getSubsystem(String type) { + return subsystems.get(type); } - /** - * @param kraList the kraList to set - */ - public void setKraList(SecurityDomainHostList kraList) { - this.kraList = kraList; + public void addSubsystem(SecurityDomainSubsystem subsystem) { + subsystems.put(subsystem.getName(), subsystem); } - /** - * @return the ocspList - */ - public SecurityDomainHostList getOcspList() { - return ocspList; + public void removeSubsystem(String type) { + subsystems.remove(type); } - /** - * @param ocspList the ocspList to set - */ - public void setOcspList(SecurityDomainHostList ocspList) { - this.ocspList = ocspList; + public void addHost(String type, SecurityDomainHost host) { + SecurityDomainSubsystem subsystem = getSubsystem(type); + if (subsystem == null) { + subsystem = new SecurityDomainSubsystem(); + subsystem.setName(type); + addSubsystem(subsystem); + } + subsystem.addHost(host); } - /** - * @return the tksList - */ - public SecurityDomainHostList getTksList() { - return tksList; + public void removeHost(String type, String hostId) { + SecurityDomainSubsystem subsystem = getSubsystem(type); + if (subsystem == null) return; + subsystem.removeHost(hostId); } - - /** - * @param tksList the tksList to set - */ - public void setTksList(SecurityDomainHostList tksList) { - this.tksList = tksList; + public String toString() { + try { + StringWriter sw = new StringWriter(); + Marshaller marshaller = JAXBContext.newInstance(DomainInfo.class).createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + marshaller.marshal(this, sw); + return sw.toString(); + + } catch (Exception e) { + throw new RuntimeException(e); + } } - /** - * @return the tpsList - */ - public SecurityDomainHostList getTpsList() { - return tpsList; + public static DomainInfo valueOf(String string) throws Exception { + try { + Unmarshaller unmarshaller = JAXBContext.newInstance(DomainInfo.class).createUnmarshaller(); + return (DomainInfo)unmarshaller.unmarshal(new StringReader(string)); + } catch (Exception e) { + return null; + } } - /** - * @param tpsList the tpsList to set - */ - public void setTpsList(SecurityDomainHostList tpsList) { - this.tpsList = tpsList; + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((name == null) ? 0 : name.hashCode()); + result = prime * result + ((subsystems == null) ? 0 : subsystems.hashCode()); + return result; } - /** - * @return the raList - */ - public SecurityDomainHostList getRaList() { - return raList; + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + DomainInfo other = (DomainInfo) obj; + if (name == null) { + if (other.name != null) + return false; + } else if (!name.equals(other.name)) + return false; + if (subsystems == null) { + if (other.subsystems != null) + return false; + } else if (!subsystems.equals(other.subsystems)) + return false; + return true; } - /** - * @param raList the raList to set - */ - public void setRaList(SecurityDomainHostList raList) { - this.raList = raList; - } + public static void main(String args[]) throws Exception { - - - - - + DomainInfo before = new DomainInfo(); + before.setName("EXAMPLE"); + SecurityDomainHost host = new SecurityDomainHost(); + host.setId("CA localhost:8443"); + host.setHostname("localhost"); + host.setPort("8080"); + host.setSecurePort("8443"); + + before.addHost("CA", host); + + String string = before.toString(); + System.out.println(string); + + DomainInfo after = DomainInfo.valueOf(string); + System.out.println(before.equals(after)); + } } diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java index fd7eb342b..553e849fa 100644 --- a/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java +++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java @@ -39,4 +39,8 @@ public class SecurityDomainClient extends PKIClient { public InstallToken getInstallToken(String hostname, String subsystem) { return client.getInstallToken(hostname, subsystem); } + + public DomainInfo getDomainInfo() { + return client.getDomainInfo(); + } } diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainHost.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainHost.java index 9dbf4e8a9..e4357ffe8 100644 --- a/base/common/src/com/netscape/certsrv/system/SecurityDomainHost.java +++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainHost.java @@ -17,24 +17,224 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.certsrv.system; +import java.io.StringReader; +import java.io.StringWriter; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; import javax.xml.bind.annotation.XmlAccessType; import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlElement; import javax.xml.bind.annotation.XmlRootElement; /** * @author alee * */ -@XmlRootElement(name="DomainInfo") -@XmlAccessorType(XmlAccessType.FIELD) +@XmlRootElement(name="SecurityDomainHost") +@XmlAccessorType(XmlAccessType.NONE) public class SecurityDomainHost { - protected String host; + + protected String id; + protected String hostname; + protected String port; protected String securePort; protected String secureAgentPort; protected String secureAdminPort; protected String secureEEClientAuthPort; - protected String unSecurePort; protected String clone; - protected String subsystemName; protected String domainManager; + + @XmlAttribute(name="id") + public String getId() { + return id; + } + + public void setId(String id) { + this.id = id; + } + + @XmlElement(name="Hostname") + public String getHostname() { + return hostname; + } + + public void setHostname(String hostname) { + this.hostname = hostname; + } + + @XmlElement(name="Port") + public String getPort() { + return port; + } + + public void setPort(String port) { + this.port = port; + } + + @XmlElement(name="SecurePort") + public String getSecurePort() { + return securePort; + } + + public void setSecurePort(String securePort) { + this.securePort = securePort; + } + + @XmlElement(name="SecureAgentPort") + public String getSecureAgentPort() { + return secureAgentPort; + } + + public void setSecureAgentPort(String secureAgentPort) { + this.secureAgentPort = secureAgentPort; + } + + @XmlElement(name="SecureAdminPort") + public String getSecureAdminPort() { + return secureAdminPort; + } + + public void setSecureAdminPort(String secureAdminPort) { + this.secureAdminPort = secureAdminPort; + } + + @XmlElement(name="SecureEEClientAuthPort") + public String getSecureEEClientAuthPort() { + return secureEEClientAuthPort; + } + + public void setSecureEEClientAuthPort(String secureEEClientAuthPort) { + this.secureEEClientAuthPort = secureEEClientAuthPort; + } + + @XmlElement(name="Clone") + public String getClone() { + return clone; + } + + public void setClone(String clone) { + this.clone = clone; + } + + @XmlElement(name="DomainManager") + public String getDomainManager() { + return domainManager; + } + + public void setDomainManager(String domainManager) { + this.domainManager = domainManager; + } + + public String toString() { + try { + StringWriter sw = new StringWriter(); + Marshaller marshaller = JAXBContext.newInstance(SecurityDomainHost.class).createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + marshaller.marshal(this, sw); + return sw.toString(); + + } catch (Exception e) { + throw new RuntimeException(e); + } + } + + public static SecurityDomainHost valueOf(String string) throws Exception { + try { + Unmarshaller unmarshaller = JAXBContext.newInstance(SecurityDomainHost.class).createUnmarshaller(); + return (SecurityDomainHost)unmarshaller.unmarshal(new StringReader(string)); + } catch (Exception e) { + return null; + } + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((clone == null) ? 0 : clone.hashCode()); + result = prime * result + ((domainManager == null) ? 0 : domainManager.hashCode()); + result = prime * result + ((hostname == null) ? 0 : hostname.hashCode()); + result = prime * result + ((id == null) ? 0 : id.hashCode()); + result = prime * result + ((port == null) ? 0 : port.hashCode()); + result = prime * result + ((secureAgentPort == null) ? 0 : secureAgentPort.hashCode()); + result = prime * result + ((secureAdminPort == null) ? 0 : secureAdminPort.hashCode()); + result = prime * result + ((secureEEClientAuthPort == null) ? 0 : secureEEClientAuthPort.hashCode()); + result = prime * result + ((securePort == null) ? 0 : securePort.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + SecurityDomainHost other = (SecurityDomainHost) obj; + if (clone == null) { + if (other.clone != null) + return false; + } else if (!clone.equals(other.clone)) + return false; + if (domainManager == null) { + if (other.domainManager != null) + return false; + } else if (!domainManager.equals(other.domainManager)) + return false; + if (hostname == null) { + if (other.hostname != null) + return false; + } else if (!hostname.equals(other.hostname)) + return false; + if (id == null) { + if (other.id != null) + return false; + } else if (!id.equals(other.id)) + return false; + if (port == null) { + if (other.port != null) + return false; + } else if (!port.equals(other.port)) + return false; + if (secureAgentPort == null) { + if (other.secureAgentPort != null) + return false; + } else if (!secureAgentPort.equals(other.secureAgentPort)) + return false; + if (secureAdminPort == null) { + if (other.secureAdminPort != null) + return false; + } else if (!secureAdminPort.equals(other.secureAdminPort)) + return false; + if (secureEEClientAuthPort == null) { + if (other.secureEEClientAuthPort != null) + return false; + } else if (!secureEEClientAuthPort.equals(other.secureEEClientAuthPort)) + return false; + if (securePort == null) { + if (other.securePort != null) + return false; + } else if (!securePort.equals(other.securePort)) + return false; + return true; + } + + public static void main(String args[]) throws Exception { + + SecurityDomainHost before = new SecurityDomainHost(); + before.setId("CA localhost:8443"); + before.setHostname("localhost"); + before.setPort("8080"); + before.setSecurePort("8443"); + + String string = before.toString(); + System.out.println(string); + + SecurityDomainHost after = SecurityDomainHost.valueOf(string); + System.out.println(before.equals(after)); + } } diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainHostList.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainHostList.java deleted file mode 100644 index 375dee754..000000000 --- a/base/common/src/com/netscape/certsrv/system/SecurityDomainHostList.java +++ /dev/null @@ -1,53 +0,0 @@ -/** - * - */ -package com.netscape.certsrv.system; - -import java.util.Collection; - -import javax.xml.bind.annotation.XmlElement; -import javax.xml.bind.annotation.XmlElementRef; -import javax.xml.bind.annotation.XmlRootElement; - -/** - * @author alee - * - */ -@XmlRootElement -public class SecurityDomainHostList { - protected Collection systems; - - @XmlElement(name="SubsystemCount") - protected int count; - - /** - * @return the systems - */ - @XmlElementRef - public Collection getSystems() { - return systems; - } - - /** - * @param systems the systems to set - */ - public void setSystems(Collection systems) { - this.systems = systems; - } - - /** - * @return the count - */ - public int getCount() { - return count; - } - - /** - * @param count the count to set - */ - public void setCount(int count) { - this.count = count; - } - - -} diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java index 41bbf779e..1805d15c4 100644 --- a/base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java +++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java @@ -35,4 +35,9 @@ public interface SecurityDomainResource { public InstallToken getInstallToken( @QueryParam("hostname") String hostname, @QueryParam("subsystem") String subsystem); + + @GET + @Path("domainInfo") + @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) + public DomainInfo getDomainInfo(); } diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainSubsystem.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainSubsystem.java new file mode 100644 index 000000000..74273c244 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainSubsystem.java @@ -0,0 +1,136 @@ +/** + * + */ +package com.netscape.certsrv.system; + +import java.io.StringReader; +import java.io.StringWriter; +import java.util.LinkedHashMap; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.bind.annotation.XmlAccessType; +import javax.xml.bind.annotation.XmlAccessorType; +import javax.xml.bind.annotation.XmlAttribute; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; + +/** + * @author alee + */ +@XmlRootElement(name="SecurityDomainSubsystem") +@XmlAccessorType(XmlAccessType.NONE) + public class SecurityDomainSubsystem { + + String name; + LinkedHashMap hosts = new LinkedHashMap(); + + @XmlAttribute(name="id") + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + /** + * @return the systems + */ + @XmlElement(name="Host") + public SecurityDomainHost[] getHosts() { + return hosts.values().toArray(new SecurityDomainHost[hosts.size()]); + } + + /** + * @param hosts the systems to set + */ + public void setHosts(SecurityDomainHost[] hosts) { + this.hosts.clear(); + for (SecurityDomainHost host : hosts) { + addHost(host); + } + } + + public void addHost(SecurityDomainHost host) { + hosts.put(host.getId(), host); + } + + public void removeHost(String hostId) { + hosts.remove(hostId); + } + + public String toString() { + try { + StringWriter sw = new StringWriter(); + Marshaller marshaller = JAXBContext.newInstance(SecurityDomainSubsystem.class).createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + marshaller.marshal(this, sw); + return sw.toString(); + + } catch (Exception e) { + throw new RuntimeException(e); + } + } + + public static SecurityDomainSubsystem valueOf(String string) throws Exception { + try { + Unmarshaller unmarshaller = JAXBContext.newInstance(SecurityDomainSubsystem.class).createUnmarshaller(); + return (SecurityDomainSubsystem)unmarshaller.unmarshal(new StringReader(string)); + } catch (Exception e) { + return null; + } + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((hosts == null) ? 0 : hosts.hashCode()); + result = prime * result + ((name == null) ? 0 : name.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + SecurityDomainSubsystem other = (SecurityDomainSubsystem) obj; + if (hosts == null) { + if (other.hosts != null) + return false; + } else if (!hosts.equals(other.hosts)) + return false; + if (name == null) { + if (other.name != null) + return false; + } else if (!name.equals(other.name)) + return false; + return true; + } + + public static void main(String args[]) throws Exception { + + SecurityDomainSubsystem before = new SecurityDomainSubsystem(); + before.setName("CA"); + + SecurityDomainHost host = new SecurityDomainHost(); + host.setId("CA localhost:8443"); + host.setHostname("localhost"); + host.setPort("8080"); + host.setSecurePort("8443"); + + before.addHost(host); + + String string = before.toString(); + System.out.println(string); + + SecurityDomainSubsystem after = SecurityDomainSubsystem.valueOf(string); + System.out.println(before.equals(after)); + } +} diff --git a/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java b/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java index ca06ededb..2809baaa6 100644 --- a/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java +++ b/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java @@ -18,7 +18,6 @@ package com.netscape.certsrv.system; import javax.ws.rs.Consumes; -import javax.ws.rs.GET; import javax.ws.rs.POST; import javax.ws.rs.Path; import javax.ws.rs.Produces; @@ -43,10 +42,4 @@ public interface SystemConfigResource { @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) public ConfigurationResponse configure(ConfigurationRequest data); - - @GET - @Path("domainInfo") - @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) - @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON }) - public DomainInfo getDomainInfo(); } diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainProcessor.java b/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainProcessor.java index f6cb4c638..97e9d41b7 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainProcessor.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainProcessor.java @@ -17,28 +17,57 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; +import java.io.StringWriter; import java.net.InetAddress; +import java.util.Enumeration; import java.util.Locale; import java.util.Random; +import java.util.Vector; + +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.OutputKeys; +import javax.xml.transform.Transformer; +import javax.xml.transform.TransformerFactory; +import javax.xml.transform.dom.DOMSource; +import javax.xml.transform.stream.StreamResult; + +import netscape.ldap.LDAPAttribute; +import netscape.ldap.LDAPAttributeSet; +import netscape.ldap.LDAPConnection; +import netscape.ldap.LDAPEntry; +import netscape.ldap.LDAPSearchConstraints; +import netscape.ldap.LDAPSearchResults; + +import org.w3c.dom.Document; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.EPropertyNotFound; +import com.netscape.certsrv.base.IConfigStore; import com.netscape.certsrv.base.ISecurityDomainSessionTable; import com.netscape.certsrv.base.PKIException; import com.netscape.certsrv.base.UnauthorizedException; +import com.netscape.certsrv.ldap.ILdapConnFactory; import com.netscape.certsrv.logging.ILogger; +import com.netscape.certsrv.system.DomainInfo; import com.netscape.certsrv.system.InstallToken; +import com.netscape.certsrv.system.SecurityDomainHost; +import com.netscape.certsrv.system.SecurityDomainSubsystem; import com.netscape.cms.servlet.processors.Processor; +import com.netscape.cmsutil.xml.XMLObject; /** * @author Endi S. Dewata */ public class SecurityDomainProcessor extends Processor { - private final static String LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE = + public final static String LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE = "LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE_1"; + public final static String[] TYPES = { "CA", "KRA", "OCSP", "TKS", "RA", "TPS" }; + Random random = new Random(); public SecurityDomainProcessor(Locale locale) throws EPropertyNotFound, EBaseException { @@ -109,4 +138,253 @@ public class SecurityDomainProcessor extends Processor { return new InstallToken(cookie); } + + public DomainInfo getDomainInfo() throws EBaseException { + + ILdapConnFactory connFactory = null; + LDAPConnection conn = null; + + try { + LDAPSearchConstraints cons = null; + String[] attrs = null; + + IConfigStore cs = CMS.getConfigStore(); + String basedn = cs.getString("internaldb.basedn"); + String dn = "ou=Security Domain," + basedn; + String filter = "objectclass=pkiSecurityGroup"; + + IConfigStore ldapConfig = cs.getSubStore("internaldb"); + connFactory = CMS.getLdapBoundConnFactory(); + connFactory.init(ldapConfig); + conn = connFactory.getConn(); + + // get the security domain name + String name = (String) conn.read(dn).getAttribute("name").getStringValues().nextElement(); + CMS.debug("SecurityDomainProcessor: name: "+name); + + DomainInfo domain = new DomainInfo(); + domain.setName(name); + + // this should return CAList, KRAList etc. + LDAPSearchResults res = conn.search(dn, LDAPConnection.SCOPE_ONE, filter, + attrs, true, cons); + + while (res.hasMoreElements()) { + dn = res.next().getDN(); + String listName = dn.substring(3, dn.indexOf(",")); + String subType = listName.substring(0, listName.indexOf("List")); + CMS.debug("SecurityDomainProcessor: subtype: "+subType); + + filter = "objectclass=pkiSubsystem"; + LDAPSearchResults res2 = conn.search(dn, LDAPConnection.SCOPE_ONE, filter, + attrs, false, cons); + + while (res2.hasMoreElements()) { + LDAPEntry entry = res2.next(); + CMS.debug("SecurityDomainProcessor: - "+entry.getDN()); + + SecurityDomainHost host = new SecurityDomainHost(); + + LDAPAttributeSet entryAttrs = entry.getAttributeSet(); + + @SuppressWarnings("unchecked") + Enumeration attrsInSet = entryAttrs.getAttributes(); + while (attrsInSet.hasMoreElements()) { + LDAPAttribute nextAttr = attrsInSet.nextElement(); + String attrName = nextAttr.getName(); + String attrValue = (String) nextAttr.getStringValues().nextElement(); + CMS.debug("SecurityDomainProcessor: - "+attrName+": "+attrValue); + + if ("SubsystemName".equalsIgnoreCase(attrName)) { + host.setId(attrValue); + + } else if ("Host".equalsIgnoreCase(attrName)) { + host.setHostname(attrValue); + + } else if ("SecurePort".equalsIgnoreCase(attrName)) { + host.setSecurePort(attrValue); + + } else if ("Clone".equalsIgnoreCase(attrName)) { + host.setClone(attrValue); + + } else if ("DomainManager".equalsIgnoreCase(attrName)) { + host.setDomainManager(attrValue); + + } else if ("UnSecurePort".equalsIgnoreCase(attrName)) { + host.setPort(attrValue); + + } else if ("SecureAgentPort".equalsIgnoreCase(attrName)) { + host.setSecureAgentPort(attrValue); + + } else if ("SecureAdminPort".equalsIgnoreCase(attrName)) { + host.setSecureAdminPort(attrValue); + + } else if ("SecureEEClientAuthPort".equalsIgnoreCase(attrName)) { + host.setSecureEEClientAuthPort(attrValue); + } + } + + domain.addHost(subType, host); + } + } + + return domain; + + } catch (Exception e) { + CMS.debug("SecurityDomainProcessor: Failed to read domain info from ldap " + e); + throw new EBaseException(e.getMessage(), e); + + } finally { + if (conn != null && connFactory != null) { + CMS.debug("Releasing ldap connection"); + connFactory.returnConn(conn); + } + } + } + + public XMLObject getDomainXML() throws EBaseException, ParserConfigurationException { + return convertDomainInfoToXMLObject(getDomainInfo()); + } + + public static XMLObject convertDomainInfoToXMLObject(DomainInfo domain) throws ParserConfigurationException { + + XMLObject xmlObject = new XMLObject(); + + Node domainInfo = xmlObject.createRoot("DomainInfo"); + xmlObject.addItemToContainer(domainInfo, "Name", domain.getName()); + + for (String subType : TYPES) { + SecurityDomainSubsystem subsystem = domain.getSubsystem(subType); + Node listNode = xmlObject.createContainer(domainInfo, subType+"List"); + + int counter; + if (subsystem == null) { + counter = 0; + + } else { + counter = subsystem.getHosts().length; + + for (SecurityDomainHost host : subsystem.getHosts()) { + Node node = xmlObject.createContainer(listNode, subType); + + String value = host.getHostname(); + if (value != null) xmlObject.addItemToContainer(node, "Host", value); + + value = host.getSecurePort(); + if (value != null) xmlObject.addItemToContainer(node, "SecurePort", value); + + value = host.getSecureAgentPort(); + if (value != null) xmlObject.addItemToContainer(node, "SecureAgentPort", value); + + value = host.getSecureAdminPort(); + if (value != null) xmlObject.addItemToContainer(node, "SecureAdminPort", value); + + value = host.getSecureEEClientAuthPort(); + if (value != null) xmlObject.addItemToContainer(node, "SecureEEClientAuthPort", value); + + value = host.getPort(); + if (value != null) xmlObject.addItemToContainer(node, "UnSecurePort", value); + + value = host.getClone(); + if (value != null) xmlObject.addItemToContainer(node, "Clone", value); + + value = host.getId(); + if (value != null) xmlObject.addItemToContainer(node, "SubsystemName", value); + + value = host.getDomainManager(); + if (value != null) xmlObject.addItemToContainer(node, "DomainManager", value); + } + } + + xmlObject.addItemToContainer( + listNode, "SubsystemCount", Integer.toString(counter)); + } + + return xmlObject; + } + + public static DomainInfo convertXMLObjectToDomainInfo(XMLObject xmlObject) { + + DomainInfo domain = new DomainInfo(); + Document doc = xmlObject.getDocument(); + Node rootNode = doc.getFirstChild(); + + Vector values = xmlObject.getValuesFromContainer(rootNode, "Name"); + if (!values.isEmpty()) domain.setName(values.firstElement()); + + for (String type : TYPES) { + NodeList hosts = doc.getElementsByTagName(type); + for (int j=0; j * - * @param name The name of the rule to be return. + * @param id The name of the rule to be return. * @return The rule identified by the given name or null if none exists. */ public IPolicyRule getRule(String ruleName) { diff --git a/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java b/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java index a6441e2fc..ed107f831 100644 --- a/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainCLI.java @@ -22,7 +22,10 @@ import java.util.Arrays; import org.apache.commons.lang.StringUtils; +import com.netscape.certsrv.system.DomainInfo; import com.netscape.certsrv.system.SecurityDomainClient; +import com.netscape.certsrv.system.SecurityDomainHost; +import com.netscape.certsrv.system.SecurityDomainSubsystem; import com.netscape.cmstools.cli.CLI; import com.netscape.cmstools.cli.MainCLI; @@ -39,6 +42,7 @@ public class SecurityDomainCLI extends CLI { this.parent = parent; addModule(new SecurityDomainGetInstallTokenCLI(this)); + addModule(new SecurityDomainShowCLI(this)); } public void printHelp() { @@ -89,4 +93,27 @@ public class SecurityDomainCLI extends CLI { System.exit(1); } } + + public static void printSecurityDomain(DomainInfo domain) { + System.out.println(" Domain: " + domain.getName()); + System.out.println(); + + for (SecurityDomainSubsystem subsystem : domain.getSubsystems()) { + + SecurityDomainHost[] hosts = subsystem.getHosts(); + if (hosts.length == 0) continue; + + System.out.println(" " + subsystem.getName() + " Subsystem:"); + System.out.println(); + + for (SecurityDomainHost host : hosts) { + System.out.println(" Host ID: " + host.getId()); + System.out.println(" Hostname: " + host.getHostname()); + System.out.println(" Port: " + host.getPort()); + System.out.println(" Secure Port: " + host.getSecurePort()); + if (host.getDomainManager() != null) System.out.println(" Domain Manager: " + host.getDomainManager()); + System.out.println(); + } + } + } } diff --git a/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainShowCLI.java b/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainShowCLI.java new file mode 100644 index 000000000..14664dbcf --- /dev/null +++ b/base/java-tools/src/com/netscape/cmstools/system/SecurityDomainShowCLI.java @@ -0,0 +1,66 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2012 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package com.netscape.cmstools.system; + +import org.apache.commons.cli.CommandLine; + +import com.netscape.certsrv.system.DomainInfo; +import com.netscape.cmstools.cli.CLI; + +/** + * @author Endi S. Dewata + */ +public class SecurityDomainShowCLI extends CLI { + + public SecurityDomainCLI parent; + + public SecurityDomainShowCLI(SecurityDomainCLI parent) { + super("show", "Show domain info"); + this.parent = parent; + } + + public void printHelp() { + formatter.printHelp(parent.name + "-" + name, options); + } + + public void execute(String[] args) throws Exception { + + CommandLine cmd = null; + + try { + cmd = parser.parse(options, args); + + } catch (Exception e) { + System.err.println("Error: " + e.getMessage()); + printHelp(); + System.exit(1); + } + + String[] cmdArgs = cmd.getArgs(); + + if (cmdArgs.length != 0) { + printHelp(); + System.exit(1); + } + + DomainInfo domain = parent.client.getDomainInfo(); + + SecurityDomainCLI.printSecurityDomain(domain); + } +} -- cgit