From c4636a5b56bd3e0f18fb3afd0b930729d58ce1f6 Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Thu, 19 Jul 2012 01:51:50 -0500 Subject: Added ClientConfig. A new ClientConfig class has been added to encapsulate client configuration parameters. These parameters include server URI, certificate database, certificate nickname, and password. Ticket #107 --- .../netscape/cms/servlet/test/CARestClient.java | 14 +- .../src/com/netscape/cms/servlet/test/CATest.java | 8 +- .../cms/servlet/test/ConfigurationTest.java | 7 +- .../src/com/netscape/cms/client/cert/CertCLI.java | 7 +- .../com/netscape/cms/client/cert/CertFindCLI.java | 23 +- .../netscape/cms/client/cert/CertRestClient.java | 16 +- .../com/netscape/cms/client/cert/CertShowCLI.java | 3 + .../com/netscape/cms/client/cli/ClientConfig.java | 173 +++++++++++++ .../src/com/netscape/cms/client/cli/MainCLI.java | 273 +++++++++------------ .../com/netscape/cms/client/group/GroupCLI.java | 7 +- .../netscape/cms/client/group/GroupRestClient.java | 9 +- .../netscape/cms/client/group/GroupShowCLI.java | 3 + .../cms/client/group/GroupShowMemberCLI.java | 3 + .../src/com/netscape/cms/client/user/UserCLI.java | 7 +- .../netscape/cms/client/user/UserRestClient.java | 9 +- .../com/netscape/cms/client/user/UserShowCLI.java | 3 + .../netscape/cms/client/user/UserShowCertCLI.java | 3 + .../cms/servlet/csadmin/CMSRestClient.java | 28 +-- .../servlet/csadmin/ConfigurationRESTClient.java | 9 +- .../cms/servlet/csadmin/ConfigurationUtils.java | 10 +- base/deploy/src/scriptlets/configuration.jy | 10 +- base/deploy/src/scriptlets/pkijython.py | 6 +- base/deploy/src/scriptlets/pkiparser.py | 2 +- .../netscape/cms/servlet/test/DRMRestClient.java | 13 +- .../src/com/netscape/cms/servlet/test/DRMTest.java | 9 +- 25 files changed, 427 insertions(+), 228 deletions(-) create mode 100644 base/common/src/com/netscape/cms/client/cli/ClientConfig.java diff --git a/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java b/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java index ffd3330cf..24ce21277 100644 --- a/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java +++ b/base/ca/functional/src/com/netscape/cms/servlet/test/CARestClient.java @@ -20,10 +20,9 @@ package com.netscape.cms.servlet.test; import java.net.URISyntaxException; import java.util.Collection; -import org.jboss.resteasy.client.ProxyFactory; - import com.netscape.certsrv.dbs.certdb.CertId; import com.netscape.certsrv.request.RequestId; +import com.netscape.cms.client.cli.ClientConfig; import com.netscape.cms.servlet.cert.CertResource; import com.netscape.cms.servlet.cert.model.CertDataInfos; import com.netscape.cms.servlet.cert.model.CertSearchData; @@ -44,11 +43,12 @@ public class CARestClient extends CMSRestClient { private CertRequestResource certRequestClient; private ProfileResource profileClient; - public CARestClient(String baseUri, String clientCertNick) throws URISyntaxException { - super(baseUri, clientCertNick); - certRequestClient = ProxyFactory.create(CertRequestResource.class, uri, executor, providerFactory); - certClient = ProxyFactory.create(CertResource.class, uri, executor, providerFactory); - profileClient = ProxyFactory.create(ProfileResource.class, uri, executor, providerFactory); + public CARestClient(ClientConfig config) throws URISyntaxException { + super(config); + + certRequestClient = createProxy(CertRequestResource.class); + certClient = createProxy(CertResource.class); + profileClient = createProxy(ProfileResource.class); } public Collection listRequests(String requestState, String requestType) { diff --git a/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java b/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java index 807d014c4..8fa4b9bb4 100644 --- a/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java +++ b/base/ca/functional/src/com/netscape/cms/servlet/test/CATest.java @@ -35,6 +35,7 @@ import org.mozilla.jss.util.Password; import com.netscape.certsrv.dbs.certdb.CertId; import com.netscape.certsrv.request.RequestId; +import com.netscape.cms.client.cli.ClientConfig; import com.netscape.cms.servlet.cert.CertNotFoundException; import com.netscape.cms.servlet.cert.model.CertDataInfo; import com.netscape.cms.servlet.cert.model.CertDataInfos; @@ -147,10 +148,13 @@ public class CATest { log("Exception in logging into token:" + e.toString()); } - String baseUri = protocol + "://" + host + ":" + port + "/ca/pki"; CARestClient client; try { - client = new CARestClient(baseUri, clientCertNickname); + ClientConfig config = new ClientConfig(); + config.setServerURI(protocol + "://" + host + ":" + port + "/ca"); + config.setCertNickname(clientCertNickname); + + client = new CARestClient(config); } catch (Exception e) { e.printStackTrace(); return; diff --git a/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java b/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java index 4ac322d63..67b67fca0 100644 --- a/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java +++ b/base/common/functional/src/com/netscape/cms/servlet/test/ConfigurationTest.java @@ -56,6 +56,7 @@ import org.mozilla.jss.pkix.primitive.Name; import org.mozilla.jss.pkix.primitive.SubjectPublicKeyInfo; import org.mozilla.jss.util.Password; +import com.netscape.cms.client.cli.ClientConfig; import com.netscape.cms.servlet.csadmin.ConfigurationRESTClient; import com.netscape.cms.servlet.csadmin.model.CertData; import com.netscape.cms.servlet.csadmin.model.ConfigurationData; @@ -183,10 +184,12 @@ public class ConfigurationTest { System.out.println("Exception in logging into token:" + e.toString()); } - String baseUri = protocol + "://" + host + ":" + port + "/" + cstype + "/pki"; ConfigurationRESTClient client = null; try { - client = new ConfigurationRESTClient(baseUri, null); + ClientConfig config = new ClientConfig(); + config.setServerURI(protocol + "://" + host + ":" + port + "/" + cstype); + + client = new ConfigurationRESTClient(config); } catch (URISyntaxException e1) { e1.printStackTrace(); System.exit(1); diff --git a/base/common/src/com/netscape/cms/client/cert/CertCLI.java b/base/common/src/com/netscape/cms/client/cert/CertCLI.java index 9340752b9..70ad9021e 100644 --- a/base/common/src/com/netscape/cms/client/cert/CertCLI.java +++ b/base/common/src/com/netscape/cms/client/cert/CertCLI.java @@ -75,9 +75,14 @@ public class CertCLI extends CLI { public void execute(String[] args) throws Exception { - client = new CertRestClient(parent.url + "/pki", parent.certNickname); + client = new CertRestClient(parent.config); client.setVerbose(verbose); + if (args.length == 0) { + printHelp(); + System.exit(1); + } + String command = args[0]; String[] commandArgs = Arrays.copyOfRange(args, 1, args.length); diff --git a/base/common/src/com/netscape/cms/client/cert/CertFindCLI.java b/base/common/src/com/netscape/cms/client/cert/CertFindCLI.java index 32457d6df..921419733 100644 --- a/base/common/src/com/netscape/cms/client/cert/CertFindCLI.java +++ b/base/common/src/com/netscape/cms/client/cert/CertFindCLI.java @@ -18,11 +18,13 @@ package com.netscape.cms.client.cert; +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.Option; + import com.netscape.cms.client.cli.CLI; import com.netscape.cms.client.cli.MainCLI; import com.netscape.cms.servlet.cert.model.CertDataInfo; import com.netscape.cms.servlet.cert.model.CertDataInfos; -import com.netscape.cms.servlet.cert.model.CertSearchData; /** * @author Endi S. Dewata @@ -42,10 +44,23 @@ public class CertFindCLI extends CLI { public void execute(String[] args) throws Exception { - CertSearchData searchData = new CertSearchData(); - searchData.setSerialNumberRangeInUse(true); + Option option = new Option(null, "status", true, "Certificate status"); + option.setArgName("status"); + options.addOption(option); + + CommandLine cmd = null; + + try { + cmd = parser.parse(options, args); + + } catch (Exception e) { + System.err.println("Error: " + e.getMessage()); + printHelp(); + System.exit(1); + } - CertDataInfos certs = parent.client.findCerts(searchData); + String status = cmd.getOptionValue("status"); + CertDataInfos certs = parent.client.findCerts(status); MainCLI.printMessage(certs.getCertInfos().size() + " certificate(s) matched"); diff --git a/base/common/src/com/netscape/cms/client/cert/CertRestClient.java b/base/common/src/com/netscape/cms/client/cert/CertRestClient.java index b83912fae..44249523f 100644 --- a/base/common/src/com/netscape/cms/client/cert/CertRestClient.java +++ b/base/common/src/com/netscape/cms/client/cert/CertRestClient.java @@ -21,10 +21,10 @@ import java.net.URISyntaxException; import com.netscape.certsrv.dbs.certdb.CertId; import com.netscape.certsrv.request.RequestId; +import com.netscape.cms.client.cli.ClientConfig; import com.netscape.cms.servlet.cert.CertResource; import com.netscape.cms.servlet.cert.model.CertDataInfos; import com.netscape.cms.servlet.cert.model.CertRevokeRequest; -import com.netscape.cms.servlet.cert.model.CertSearchData; import com.netscape.cms.servlet.cert.model.CertUnrevokeRequest; import com.netscape.cms.servlet.cert.model.CertificateData; import com.netscape.cms.servlet.csadmin.CMSRestClient; @@ -42,12 +42,8 @@ public class CertRestClient extends CMSRestClient { public CertResource certClient; public CertRequestResource certRequestResource; - public CertRestClient(String baseUri) throws URISyntaxException { - this(baseUri, null); - } - - public CertRestClient(String baseUri, String nickname) throws URISyntaxException { - super(baseUri, nickname); + public CertRestClient(ClientConfig config) throws URISyntaxException { + super(config); certClient = createProxy(CertResource.class); certRequestResource = createProxy(CertRequestResource.class); @@ -57,9 +53,9 @@ public class CertRestClient extends CMSRestClient { return certClient.getCert(id); } - public CertDataInfos findCerts(CertSearchData searchData) { - return certClient.searchCerts( - searchData, + public CertDataInfos findCerts(String status) { + return certClient.listCerts( + status, CertResource.DEFAULT_MAXRESULTS, CertResource.DEFAULT_MAXTIME); } diff --git a/base/common/src/com/netscape/cms/client/cert/CertShowCLI.java b/base/common/src/com/netscape/cms/client/cert/CertShowCLI.java index b050459c4..1389a0a42 100644 --- a/base/common/src/com/netscape/cms/client/cert/CertShowCLI.java +++ b/base/common/src/com/netscape/cms/client/cert/CertShowCLI.java @@ -26,6 +26,7 @@ import org.apache.commons.cli.Option; import com.netscape.certsrv.dbs.certdb.CertId; import com.netscape.cms.client.cli.CLI; +import com.netscape.cms.client.cli.MainCLI; import com.netscape.cms.servlet.cert.model.CertificateData; /** @@ -87,6 +88,8 @@ public class CertShowCLI extends CLI { out.close(); } + MainCLI.printMessage("Certificate \"" + certID.toHexString() + "\""); + CertCLI.printCertData(certData, showPrettyPrint, showEncoded); } } diff --git a/base/common/src/com/netscape/cms/client/cli/ClientConfig.java b/base/common/src/com/netscape/cms/client/cli/ClientConfig.java new file mode 100644 index 000000000..bad8ba626 --- /dev/null +++ b/base/common/src/com/netscape/cms/client/cli/ClientConfig.java @@ -0,0 +1,173 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2012 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package com.netscape.cms.client.cli; + +import java.io.StringReader; +import java.io.StringWriter; +import java.net.URI; +import java.net.URISyntaxException; + +import javax.xml.bind.JAXBContext; +import javax.xml.bind.Marshaller; +import javax.xml.bind.Unmarshaller; +import javax.xml.bind.annotation.XmlElement; +import javax.xml.bind.annotation.XmlRootElement; + +/** + * @author Endi S. Dewata + */ +@XmlRootElement(name="Client") +public class ClientConfig { + + public static Marshaller marshaller; + public static Unmarshaller unmarshaller; + + static { + try { + marshaller = JAXBContext.newInstance(ClientConfig.class).createMarshaller(); + marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true); + unmarshaller = JAXBContext.newInstance(ClientConfig.class).createUnmarshaller(); + } catch (Exception e) { + e.printStackTrace(); + } + } + + URI serverURI; + + String certDatabase; + String certNickname; + String password; + + @XmlElement(name="ServerURI") + public URI getServerURI() { + return serverURI; + } + + public void setServerURI(String serverUri) throws URISyntaxException { + this.serverURI = new URI(serverUri); + } + + public void setServerURI(URI serverUri) { + this.serverURI = serverUri; + } + + @XmlElement(name="CertDatabase") + public String getCertDatabase() { + return certDatabase; + } + + public void setCertDatabase(String certDatabase) { + this.certDatabase = certDatabase; + } + + @XmlElement(name="CertNickname") + public String getCertNickname() { + return certNickname; + } + + public void setCertNickname(String certNickname) { + this.certNickname = certNickname; + } + + @XmlElement(name="Password") + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((certDatabase == null) ? 0 : certDatabase.hashCode()); + result = prime * result + ((certNickname == null) ? 0 : certNickname.hashCode()); + result = prime * result + ((password == null) ? 0 : password.hashCode()); + result = prime * result + ((serverURI == null) ? 0 : serverURI.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + ClientConfig other = (ClientConfig) obj; + if (certDatabase == null) { + if (other.certDatabase != null) + return false; + } else if (!certDatabase.equals(other.certDatabase)) + return false; + if (certNickname == null) { + if (other.certNickname != null) + return false; + } else if (!certNickname.equals(other.certNickname)) + return false; + if (password == null) { + if (other.password != null) + return false; + } else if (!password.equals(other.password)) + return false; + if (serverURI == null) { + if (other.serverURI != null) + return false; + } else if (!serverURI.equals(other.serverURI)) + return false; + return true; + } + + public String toString() { + try { + StringWriter sw = new StringWriter(); + marshaller.marshal(this, sw); + return sw.toString(); + + } catch (Exception e) { + return super.toString(); + } + } + + public static ClientConfig valueOf(String string) throws Exception { + try { + return (ClientConfig)unmarshaller.unmarshal(new StringReader(string)); + } catch (Exception e) { + return null; + } + } + + public static void main(String args[]) throws Exception { + + ClientConfig before = new ClientConfig(); + before.setServerURI("http://localhost:9180/ca"); + before.setCertDatabase("certs"); + before.setCertNickname("caadmin"); + before.setPassword("12345"); + + String string = before.toString(); + System.out.println(string); + + ClientConfig after = ClientConfig.valueOf(string); + System.out.println(before.equals(after)); + } +} diff --git a/base/common/src/com/netscape/cms/client/cli/MainCLI.java b/base/common/src/com/netscape/cms/client/cli/MainCLI.java index 55cac0b64..0367cbbfd 100644 --- a/base/common/src/com/netscape/cms/client/cli/MainCLI.java +++ b/base/common/src/com/netscape/cms/client/cli/MainCLI.java @@ -18,12 +18,16 @@ package com.netscape.cms.client.cli; +import java.io.File; +import java.net.URISyntaxException; + import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; +import org.apache.commons.cli.Options; import org.apache.commons.lang.StringUtils; import org.mozilla.jss.CryptoManager; -import org.mozilla.jss.crypto.AlreadyInitializedException; import org.mozilla.jss.crypto.CryptoToken; +import org.mozilla.jss.util.IncorrectPasswordException; import org.mozilla.jss.util.Password; import com.netscape.cms.client.cert.CertCLI; @@ -35,16 +39,7 @@ import com.netscape.cms.client.user.UserCLI; */ public class MainCLI extends CLI { - public String protocol; - public String hostname; - public String port; - public String type; - - public String certDBDirectory; - public String certDBPassword; - public String certNickname; - - public String url; + public ClientConfig config = new ClientConfig(); public MainCLI() throws Exception { super("pki", "PKI command-line interface"); @@ -54,65 +49,9 @@ public class MainCLI extends CLI { addModule(new UserCLI(this)); } - public String getProtocol() { - return protocol; - } - - public void setProtocol(String protocol) { - this.protocol = protocol; - } - - public String getHostname() { - return hostname; - } - - public void setHostname(String hostname) { - this.hostname = hostname; - } - - public String getPort() { - return port; - } - - public void setPort(String port) { - this.port = port; - } - - public String getType() { - return type; - } - - public void setType(String type) { - this.type = type; - } - - public String getCertDBDirectory() { - return certDBDirectory; - } - - public void setCertDBDirectory(String certDBDirectory) { - this.certDBDirectory = certDBDirectory; - } - - public String getCertDBPassword() { - return certDBPassword; - } - - public void setCertDBPassword(String certDBPassword) { - this.certDBPassword = certDBPassword; - } - - public String getCertNickname() { - return certNickname; - } - - public void setCertNickname(String certNickname) { - this.certNickname = certNickname; - } - public void printHelp() { - formatter.printHelp(getName()+" [OPTIONS..] [ARGS..]", options); + formatter.printHelp(name+" [OPTIONS..] [ARGS..]", options); System.out.println(); System.out.println("Commands:"); @@ -138,10 +77,10 @@ public class MainCLI extends CLI { plugin.printHelp(); } - public void execute(String[] args) throws Exception { + public void createOptions(Options options) { - Option option = new Option("U", true, "URL"); - option.setArgName("url"); + Option option = new Option("U", true, "Server URI"); + option.setArgName("uri"); options.addOption(option); option = new Option("P", true, "Protocol (default: http)"); @@ -160,133 +99,163 @@ public class MainCLI extends CLI { option.setArgName("type"); options.addOption(option); - option = new Option("d", true, "Certificate database directory"); - option.setArgName("directory"); + option = new Option("d", true, "Certificate database"); + option.setArgName("database"); options.addOption(option); - option = new Option("w", true, "Certificate database password"); - option.setArgName("password"); + option = new Option("n", true, "Certificate nickname"); + option.setArgName("nickname"); options.addOption(option); - option = new Option("n", true, "Certificate nickname"); - option.setArgName("cert"); + option = new Option("w", true, "Password"); + option.setArgName("password"); options.addOption(option); options.addOption("v", false, "Verbose"); options.addOption(null, "help", false, "Help"); + } - CommandLine cmd = null; + public void parseOptions(CommandLine cmd) throws URISyntaxException { - try { - cmd = parser.parse(options, args, true); + String uri = cmd.getOptionValue("U"); - } catch (Exception e) { - System.err.println("Error: " + e.getMessage()); - printHelp(); - System.exit(1); - } + String protocol = cmd.getOptionValue("P", "http"); + String hostname = cmd.getOptionValue("h", "localhost"); + String port = cmd.getOptionValue("p", "8080"); + String type = cmd.getOptionValue("t", "ca"); - String[] cmdArgs = cmd.getArgs(); + if (uri == null) + uri = protocol + "://" + hostname + ":" + port + "/" + type; - if (cmd.hasOption("help") || cmdArgs.length == 0) { - printHelp(); - System.exit(1); - } + config.setServerURI(uri); - verbose = cmd.hasOption("v"); + String certDatabase = cmd.getOptionValue("d"); + String certNickname = cmd.getOptionValue("n"); + String password = cmd.getOptionValue("w"); - url = cmd.getOptionValue("U"); - protocol = cmd.getOptionValue("P", "http"); - hostname = cmd.getOptionValue("h", "localhost"); - port = cmd.getOptionValue("p", "9180"); - type = cmd.getOptionValue("t", "ca"); + // convert into absolute path + if (certDatabase != null) + config.setCertDatabase(new File(certDatabase).getAbsolutePath()); - if (url == null) { - url = protocol + "://" + hostname + ":" + port + "/" + type; - } + if (certNickname != null) + config.setCertNickname(certNickname); - if (verbose) System.out.println("Server URL: "+url); + if (password != null) + config.setPassword(password); + } - certDBDirectory = cmd.getOptionValue("d"); - certDBPassword = cmd.getOptionValue("w"); - certNickname = cmd.getOptionValue("n"); + public void execute(String[] args) throws Exception { - if (certDBDirectory != null && certDBPassword != null) { + CLI module; + String[] moduleArgs; - if (verbose) System.out.println("Certificate DB: "+certDBDirectory); + try { + createOptions(options); + CommandLine cmd; try { - CryptoManager.initialize(certDBDirectory); - } catch (AlreadyInitializedException e) { - // ignore + cmd = parser.parse(options, args, true); + } catch (Exception e) { + throw new Error(e.getMessage(), e); } - CryptoManager manager = CryptoManager.getInstance(); - CryptoToken token = manager.getInternalKeyStorageToken(); - Password password = new Password(certDBPassword.toCharArray()); + String[] cmdArgs = cmd.getArgs(); - try { - token.login(password); - } catch (Exception e) { - System.err.println("Error: " + e.getMessage()); - if (!token.isLoggedIn()) { - token.initPassword(password, password); - } + if (cmdArgs.length == 0 || cmd.hasOption("help")) { + printHelp(); + System.exit(1); } - } - if (verbose) { - System.out.print("Command:"); - for (String arg : cmdArgs) { - System.out.print(" "+arg); + verbose = cmd.hasOption("v"); + + if (verbose) { + System.out.print("Command:"); + for (String arg : cmdArgs) { + if (arg.contains(" ")) arg = "\""+arg+"\""; + System.out.print(" "+arg); + } + System.out.println(); } - System.out.println(); - } - // command-line args: [command args...] - if (cmdArgs.length == 0) { - printHelp(); - System.exit(1); - } + parseOptions(cmd); - String command = cmdArgs[0]; + String command = cmdArgs[0]; + String moduleName; + String moduleCommand; - String moduleName; - String moduleCommand; + // If a command contains a '-' sign it will be + // split into module name and module command. + // Otherwise it's a single command. + int i = command.indexOf('-'); + if (i >= 0) { // - + moduleName = command.substring(0, i); + moduleCommand = command.substring(i+1); - // parse command: - - int i = command.indexOf('-'); - if (i >= 0) { - moduleName = command.substring(0, i); - moduleCommand = command.substring(i+1); - } else { - moduleName = command; - moduleCommand = null; - } + } else { // + moduleName = command; + moduleCommand = null; + } + + // get command module + module = getModule(moduleName); + if (module == null) + throw new Error("Invalid command \"" + command + "\"."); + + // prepare module arguments + if (moduleCommand != null) { + moduleArgs = new String[cmdArgs.length]; + moduleArgs[0] = moduleCommand; + System.arraycopy(cmdArgs, 1, moduleArgs, 1, cmdArgs.length-1); + + } else { + moduleArgs = new String[cmdArgs.length-1]; + System.arraycopy(cmdArgs, 1, moduleArgs, 0, cmdArgs.length-1); + } - // get command module - CLI module = getModule(moduleName); - if (module == null) { - System.err.println("Error: Invalid command \"" + command + "\""); + } catch (Throwable t) { + if (verbose) { + t.printStackTrace(System.err); + } else { + System.err.println(t.getClass().getSimpleName()+": "+t.getMessage()); + } printHelp(); System.exit(1); + return; } - // prepare module arguments - String[] moduleArgs = new String[cmdArgs.length]; - moduleArgs[0] = moduleCommand; - System.arraycopy(cmdArgs, 1, moduleArgs, 1, cmdArgs.length-1); - // execute module command try { + if (verbose) System.out.println("Server URI: "+config.getServerURI()); + + // initialize certificate database if specified + if (config.getCertDatabase() != null) { + + if (verbose) System.out.println("Certificate database: "+config.getCertDatabase()); + CryptoManager.initialize(config.getCertDatabase()); + + if (config.getPassword() != null) { + try { + CryptoManager manager = CryptoManager.getInstance(); + CryptoToken token = manager.getInternalKeyStorageToken(); + Password password = new Password(config.getPassword().toCharArray()); + token.login(password); + + } catch (IncorrectPasswordException e) { + throw new Error("Incorrect certificate database password.", e); + } + } + } + + // execute module command module.execute(moduleArgs); } catch (Throwable t) { if (verbose) { - t.printStackTrace(); + t.printStackTrace(System.err); } else { System.err.println(t.getClass().getSimpleName()+": "+t.getMessage()); } + System.exit(1); } } diff --git a/base/common/src/com/netscape/cms/client/group/GroupCLI.java b/base/common/src/com/netscape/cms/client/group/GroupCLI.java index 7ea449426..fefc1b0c9 100644 --- a/base/common/src/com/netscape/cms/client/group/GroupCLI.java +++ b/base/common/src/com/netscape/cms/client/group/GroupCLI.java @@ -74,9 +74,14 @@ public class GroupCLI extends CLI { public void execute(String[] args) throws Exception { - client = new GroupRestClient(parent.url + "/pki", parent.certNickname); + client = new GroupRestClient(parent.config); client.setVerbose(verbose); + if (args.length == 0) { + printHelp(); + System.exit(1); + } + String command = args[0]; String[] commandArgs = Arrays.copyOfRange(args, 1, args.length); diff --git a/base/common/src/com/netscape/cms/client/group/GroupRestClient.java b/base/common/src/com/netscape/cms/client/group/GroupRestClient.java index 54b31fef6..1b98035ea 100644 --- a/base/common/src/com/netscape/cms/client/group/GroupRestClient.java +++ b/base/common/src/com/netscape/cms/client/group/GroupRestClient.java @@ -27,6 +27,7 @@ import com.netscape.certsrv.group.GroupMemberCollection; import com.netscape.certsrv.group.GroupMemberData; import com.netscape.certsrv.group.GroupMemberResource; import com.netscape.certsrv.group.GroupResource; +import com.netscape.cms.client.cli.ClientConfig; import com.netscape.cms.servlet.csadmin.CMSRestClient; /** @@ -37,12 +38,8 @@ public class GroupRestClient extends CMSRestClient { public GroupResource groupClient; public GroupMemberResource groupMemberClient; - public GroupRestClient(String baseUri) throws URISyntaxException { - this(baseUri, null); - } - - public GroupRestClient(String baseUri, String nickname) throws URISyntaxException { - super(baseUri, nickname); + public GroupRestClient(ClientConfig config) throws URISyntaxException { + super(config); groupClient = createProxy(GroupResource.class); groupMemberClient = createProxy(GroupMemberResource.class); diff --git a/base/common/src/com/netscape/cms/client/group/GroupShowCLI.java b/base/common/src/com/netscape/cms/client/group/GroupShowCLI.java index 59a4a07de..3e24f3e5d 100644 --- a/base/common/src/com/netscape/cms/client/group/GroupShowCLI.java +++ b/base/common/src/com/netscape/cms/client/group/GroupShowCLI.java @@ -20,6 +20,7 @@ package com.netscape.cms.client.group; import com.netscape.certsrv.group.GroupData; import com.netscape.cms.client.cli.CLI; +import com.netscape.cms.client.cli.MainCLI; /** * @author Endi S. Dewata @@ -48,6 +49,8 @@ public class GroupShowCLI extends CLI { GroupData groupData = parent.client.getGroup(groupID); + MainCLI.printMessage("Group \""+groupID+"\""); + GroupCLI.printGroup(groupData); } } diff --git a/base/common/src/com/netscape/cms/client/group/GroupShowMemberCLI.java b/base/common/src/com/netscape/cms/client/group/GroupShowMemberCLI.java index 7490799bd..9d828416f 100644 --- a/base/common/src/com/netscape/cms/client/group/GroupShowMemberCLI.java +++ b/base/common/src/com/netscape/cms/client/group/GroupShowMemberCLI.java @@ -20,6 +20,7 @@ package com.netscape.cms.client.group; import com.netscape.certsrv.group.GroupMemberData; import com.netscape.cms.client.cli.CLI; +import com.netscape.cms.client.cli.MainCLI; /** * @author Endi S. Dewata @@ -49,6 +50,8 @@ public class GroupShowMemberCLI extends CLI { GroupMemberData groupMemberData = parent.client.getGroupMember(groupID, memberID); + MainCLI.printMessage("Group member \""+memberID+"\""); + GroupCLI.printGroupMember(groupMemberData); } } diff --git a/base/common/src/com/netscape/cms/client/user/UserCLI.java b/base/common/src/com/netscape/cms/client/user/UserCLI.java index 0e18d0692..a5104135b 100644 --- a/base/common/src/com/netscape/cms/client/user/UserCLI.java +++ b/base/common/src/com/netscape/cms/client/user/UserCLI.java @@ -75,9 +75,14 @@ public class UserCLI extends CLI { public void execute(String[] args) throws Exception { - client = new UserRestClient(parent.url + "/pki", parent.certNickname); + client = new UserRestClient(parent.config); client.setVerbose(verbose); + if (args.length == 0) { + printHelp(); + System.exit(1); + } + String command = args[0]; String[] commandArgs = Arrays.copyOfRange(args, 1, args.length); diff --git a/base/common/src/com/netscape/cms/client/user/UserRestClient.java b/base/common/src/com/netscape/cms/client/user/UserRestClient.java index 8bbdefe26..54c1e3fa1 100644 --- a/base/common/src/com/netscape/cms/client/user/UserRestClient.java +++ b/base/common/src/com/netscape/cms/client/user/UserRestClient.java @@ -27,6 +27,7 @@ import com.netscape.certsrv.user.UserCertResource; import com.netscape.certsrv.user.UserCollection; import com.netscape.certsrv.user.UserData; import com.netscape.certsrv.user.UserResource; +import com.netscape.cms.client.cli.ClientConfig; import com.netscape.cms.servlet.csadmin.CMSRestClient; /** @@ -37,12 +38,8 @@ public class UserRestClient extends CMSRestClient { public UserResource userClient; public UserCertResource userCertClient; - public UserRestClient(String baseUri) throws URISyntaxException { - this(baseUri, null); - } - - public UserRestClient(String baseUri, String nickname) throws URISyntaxException { - super(baseUri, nickname); + public UserRestClient(ClientConfig config) throws URISyntaxException { + super(config); userClient = createProxy(UserResource.class); userCertClient = createProxy(UserCertResource.class); diff --git a/base/common/src/com/netscape/cms/client/user/UserShowCLI.java b/base/common/src/com/netscape/cms/client/user/UserShowCLI.java index 9549c0505..d46c5578c 100644 --- a/base/common/src/com/netscape/cms/client/user/UserShowCLI.java +++ b/base/common/src/com/netscape/cms/client/user/UserShowCLI.java @@ -20,6 +20,7 @@ package com.netscape.cms.client.user; import com.netscape.certsrv.user.UserData; import com.netscape.cms.client.cli.CLI; +import com.netscape.cms.client.cli.MainCLI; /** * @author Endi S. Dewata @@ -48,6 +49,8 @@ public class UserShowCLI extends CLI { UserData userData = parent.client.getUser(userId); + MainCLI.printMessage("User \"" + userId + "\""); + UserCLI.printUser(userData); } } diff --git a/base/common/src/com/netscape/cms/client/user/UserShowCertCLI.java b/base/common/src/com/netscape/cms/client/user/UserShowCertCLI.java index 71e14b4fc..99bc55af0 100644 --- a/base/common/src/com/netscape/cms/client/user/UserShowCertCLI.java +++ b/base/common/src/com/netscape/cms/client/user/UserShowCertCLI.java @@ -27,6 +27,7 @@ import org.apache.commons.cli.Option; import com.netscape.certsrv.user.UserCertData; import com.netscape.cms.client.cli.CLI; +import com.netscape.cms.client.cli.MainCLI; /** * @author Endi S. Dewata @@ -88,6 +89,8 @@ public class UserShowCertCLI extends CLI { out.close(); } + MainCLI.printMessage("Certificate \"" + userCertData.getID() + "\""); + UserCLI.printCert(userCertData, showPrettyPrint, showEncoded); } } diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/CMSRestClient.java b/base/common/src/com/netscape/cms/servlet/csadmin/CMSRestClient.java index 7667dc70d..6a38464dc 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/CMSRestClient.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/CMSRestClient.java @@ -32,29 +32,25 @@ import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; import org.mozilla.jss.ssl.SSLSocket; +import com.netscape.cms.client.cli.ClientConfig; + public abstract class CMSRestClient { protected boolean verbose; - protected String clientCertNickname; + protected ClientConfig config; + protected ResteasyProviderFactory providerFactory; protected ClientErrorHandler errorHandler; protected ClientExecutor executor; - protected URI uri; - - public CMSRestClient(String baseUri) throws URISyntaxException { - this(baseUri, null); - } - - public CMSRestClient(String baseUri, String clientCertNick) throws URISyntaxException { - - clientCertNickname = clientCertNick; - uri = new URI(baseUri); + public CMSRestClient(ClientConfig config) { + this.config = config; DefaultHttpClient httpclient = new DefaultHttpClient(); httpclient.addRequestInterceptor(new HttpRequestInterceptor() { + @Override public void process(HttpRequest request, HttpContext context) throws HttpException, IOException { if (verbose) System.out.println("HTTP Request: "+request.getRequestLine()); } @@ -153,9 +149,10 @@ public abstract class CMSRestClient { socket = new SSLSocket(sock, hostName, new ServerCertApprovalCB(), null); } - if (clientCertNickname != null) { - if (verbose) System.out.println("Client certificate: "+clientCertNickname); - socket.setClientCertNickname(clientCertNickname); + String certNickname = config.getCertNickname(); + if (certNickname != null) { + if (verbose) System.out.println("Client certificate: "+certNickname); + socket.setClientCertNickname(certNickname); } return socket; @@ -176,7 +173,8 @@ public abstract class CMSRestClient { } - public T createProxy(Class clazz) { + public T createProxy(Class clazz) throws URISyntaxException { + URI uri = new URI(config.getServerURI()+"/pki"); return ProxyFactory.create(clazz, uri, executor, providerFactory); } diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationRESTClient.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationRESTClient.java index 92563d7d6..7fe8af2f3 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationRESTClient.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationRESTClient.java @@ -19,8 +19,7 @@ package com.netscape.cms.servlet.csadmin; import java.net.URISyntaxException; -import org.jboss.resteasy.client.ProxyFactory; - +import com.netscape.cms.client.cli.ClientConfig; import com.netscape.cms.servlet.csadmin.model.ConfigurationData; import com.netscape.cms.servlet.csadmin.model.ConfigurationResponseData; import com.netscape.cms.servlet.csadmin.model.InstallToken; @@ -35,10 +34,10 @@ public class ConfigurationRESTClient extends CMSRestClient { private SystemConfigurationResource configClient; - public ConfigurationRESTClient(String baseUri, String clientCertNick) throws URISyntaxException { - super(baseUri, clientCertNick); + public ConfigurationRESTClient(ClientConfig config) throws URISyntaxException { + super(config); - configClient = ProxyFactory.create(SystemConfigurationResource.class, uri, executor, providerFactory); + configClient = createProxy(SystemConfigurationResource.class); } public ConfigurationResponseData configure(ConfigurationData data) { diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index 93de638eb..cc8808498 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -143,6 +143,7 @@ import com.netscape.certsrv.ocsp.IOCSPAuthority; import com.netscape.certsrv.usrgrp.IGroup; import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; +import com.netscape.cms.client.cli.ClientConfig; import com.netscape.cms.servlet.csadmin.model.InstallToken; import com.netscape.cms.servlet.csadmin.model.InstallTokenRequest; import com.netscape.cmsutil.crypto.CryptoUtil; @@ -294,9 +295,12 @@ public class ConfigurationUtils { String csType = cs.getString("cs.type"); InstallTokenRequest data = new InstallTokenRequest(user, passwd, csType, CMS.getEEHost(), CMS.getAdminPort()); - String baseUri = "https://" + sdhost + ":" + sdport + "/ca/pki"; - ConfigurationRESTClient client = null; - client = new ConfigurationRESTClient(baseUri, null); + + ClientConfig config = new ClientConfig(); + config.setServerURI("https://" + sdhost + ":" + sdport + "/ca"); + + ConfigurationRESTClient client = new ConfigurationRESTClient(config); + InstallToken token = client.getInstallToken(data); return token.getToken(); diff --git a/base/deploy/src/scriptlets/configuration.jy b/base/deploy/src/scriptlets/configuration.jy index 2e72f4060..0746d40fc 100644 --- a/base/deploy/src/scriptlets/configuration.jy +++ b/base/deploy/src/scriptlets/configuration.jy @@ -16,6 +16,10 @@ import pkimessages as log from java.lang import System as javasystem +# PKI Java Imports +from com.netscape.cms.client.cli import ClientConfig + + def main(argv): rv = 0 @@ -71,9 +75,13 @@ def main(argv): master['pki_dry_run_flag'], master['pki_jython_log_level']) + # Setup connection parameters + client_config = ClientConfig() + client_config.setServerURI(master['pki_jython_base_uri']) + # Establish REST Client client = jyutil.rest_client.initialize( - master['pki_jython_base_uri'], + client_config, master['pki_dry_run_flag'], master['pki_jython_log_level']) diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py index cb1c1d918..ffd8884cd 100644 --- a/base/deploy/src/scriptlets/pkijython.py +++ b/base/deploy/src/scriptlets/pkijython.py @@ -271,15 +271,15 @@ class security_databases: class rest_client: client = None - def initialize(self, base_uri, pki_dry_run_flag, log_level): + def initialize(self, client_config, pki_dry_run_flag, log_level): try: if log_level >= config.PKI_JYTHON_INFO_LOG_LEVEL: print "%s %s '%s'" %\ (log.PKI_JYTHON_INDENTATION_2, log.PKI_JYTHON_INITIALIZING_REST_CLIENT, - base_uri) + client_config.serverURI) if not pki_dry_run_flag: - self.client = ConfigurationRESTClient(base_uri, None) + self.client = ConfigurationRESTClient(client_config) return self.client except URISyntaxException, e: e.printStackTrace() diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py index 7f27d8940..6e1404180 100644 --- a/base/deploy/src/scriptlets/pkiparser.py +++ b/base/deploy/src/scriptlets/pkiparser.py @@ -1506,7 +1506,7 @@ def compose_pki_master_dictionary(): config.pki_master_dict['pki_jython_base_uri'] =\ "https" + "://" + config.pki_master_dict['pki_hostname'] + ":" +\ config.pki_master_dict['pki_https_port'] + "/" +\ - config.pki_master_dict['pki_subsystem'].lower() + "/" + "pki" + config.pki_master_dict['pki_subsystem'].lower() # Jython scriptlet # 'Security Domain' Configuration name/value pairs # 'Subsystem Name' Configuration name/value pairs diff --git a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java index 243e0d91c..372b8aea6 100644 --- a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java +++ b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMRestClient.java @@ -5,10 +5,10 @@ import java.util.Collection; import java.util.Iterator; import org.jboss.resteasy.client.ClientResponse; -import org.jboss.resteasy.client.ProxyFactory; import com.netscape.certsrv.dbs.keydb.KeyId; import com.netscape.certsrv.request.RequestId; +import com.netscape.cms.client.cli.ClientConfig; import com.netscape.cms.servlet.admin.SystemCertificateResource; import com.netscape.cms.servlet.cert.model.CertificateData; import com.netscape.cms.servlet.csadmin.CMSRestClient; @@ -29,11 +29,12 @@ public class DRMRestClient extends CMSRestClient { private KeyRequestResource keyRequestClient; private SystemCertificateResource systemCertClient; - public DRMRestClient(String baseUri, String clientCertNick) throws URISyntaxException { - super(baseUri,clientCertNick); - systemCertClient = ProxyFactory.create(SystemCertificateResource.class, uri, executor, providerFactory); - keyRequestClient = ProxyFactory.create(KeyRequestResource.class, uri, executor, providerFactory); - keyClient = ProxyFactory.create(KeyResource.class, uri, executor, providerFactory); + public DRMRestClient(ClientConfig config) throws URISyntaxException { + super(config); + + systemCertClient = createProxy(SystemCertificateResource.class); + keyRequestClient = createProxy(KeyRequestResource.class); + keyClient = createProxy(KeyResource.class); } public String getTransportCert() { diff --git a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java index 5323777bd..62cdfe992 100644 --- a/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java +++ b/base/kra/functional/src/com/netscape/cms/servlet/test/DRMTest.java @@ -39,6 +39,7 @@ import org.mozilla.jss.util.Password; import com.netscape.certsrv.dbs.keydb.KeyId; import com.netscape.certsrv.request.RequestId; +import com.netscape.cms.client.cli.ClientConfig; import com.netscape.cms.servlet.base.CMSResourceService; import com.netscape.cms.servlet.key.model.KeyData; import com.netscape.cms.servlet.key.model.KeyDataInfo; @@ -193,10 +194,14 @@ public class DRMTest { // Set base URI and get client - String baseUri = protocol + "://" + host + ":" + port + "/kra/pki"; DRMRestClient client; try { - client = new DRMRestClient(baseUri, clientCertNickname); + ClientConfig config = new ClientConfig(); + config.setServerURI(protocol + "://" + host + ":" + port + "/kra"); + config.setCertNickname(clientCertNickname); + + client = new DRMRestClient(config); + } catch (Exception e) { e.printStackTrace(); return; -- cgit