From 168d95446c3a7ae8643128a51fa86dd326e3a6a8 Mon Sep 17 00:00:00 2001
From: Endi Sukma Dewata <edewata@redhat.com>
Date: Thu, 6 Sep 2012 16:33:48 -0500
Subject: Enabled authentication for security domain REST interface.

The REST interface for security domain has been refactored and
configured such that it requires authentication. A CLI has been
added to get an installation token.

Ticket #309
---
 .../com/netscape/certsrv/system/InstallToken.java  |  7 +-
 .../certsrv/system/InstallTokenRequest.java        | 99 ----------------------
 .../certsrv/system/SecurityDomainClient.java       | 42 +++++++++
 .../certsrv/system/SecurityDomainResource.java     | 38 +++++++++
 .../certsrv/system/SystemConfigClient.java         |  4 -
 .../certsrv/system/SystemConfigResource.java       |  6 --
 6 files changed, 84 insertions(+), 112 deletions(-)
 delete mode 100644 base/common/src/com/netscape/certsrv/system/InstallTokenRequest.java
 create mode 100644 base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java
 create mode 100644 base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java

(limited to 'base/common/src/com/netscape/certsrv')

diff --git a/base/common/src/com/netscape/certsrv/system/InstallToken.java b/base/common/src/com/netscape/certsrv/system/InstallToken.java
index aa34893a1..06accc3f2 100644
--- a/base/common/src/com/netscape/certsrv/system/InstallToken.java
+++ b/base/common/src/com/netscape/certsrv/system/InstallToken.java
@@ -14,7 +14,7 @@
 //
 // (C) 2012 Red Hat, Inc.
 // All rights reserved.
-// --- END COPYRIGHT BLOCK --- 
+// --- END COPYRIGHT BLOCK ---
 package com.netscape.certsrv.system;
 
 import javax.xml.bind.annotation.XmlAccessType;
@@ -26,16 +26,17 @@ import javax.xml.bind.annotation.XmlRootElement;
  * @author alee
  *
  */
-@XmlRootElement(name="CertData")
+@XmlRootElement(name="InstallToken")
 @XmlAccessorType(XmlAccessType.FIELD)
 public class InstallToken {
+
     @XmlElement
     private String token;
 
     public InstallToken(String token) {
         this.token = token;
     }
-    
+
     public InstallToken() {
         // required by jaxb
     }
diff --git a/base/common/src/com/netscape/certsrv/system/InstallTokenRequest.java b/base/common/src/com/netscape/certsrv/system/InstallTokenRequest.java
deleted file mode 100644
index bc000a96a..000000000
--- a/base/common/src/com/netscape/certsrv/system/InstallTokenRequest.java
+++ /dev/null
@@ -1,99 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2012 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK --- 
-package com.netscape.certsrv.system;
-
-import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
-import javax.xml.bind.annotation.XmlRootElement;
-import javax.xml.bind.annotation.XmlAccessType;
-
-/**
- * @author alee
- *
- */
-@XmlRootElement(name="InstallTokenRequest")
-@XmlAccessorType(XmlAccessType.FIELD)
-public class InstallTokenRequest {
-    @XmlElement
-    private String user;
-    
-    @XmlElement
-    private String password;
-    
-    @XmlElement
-    private String subsystem;
-    
-    @XmlElement
-    private String host;
-    
-    @XmlElement
-    private String port;
-
-    public InstallTokenRequest(String user, String password, String subsystem, String host, String port) {
-        this.user = user;
-        this.password = password;
-        this.subsystem = subsystem;
-        this.host = host;
-        this.port = port;
-    }
-
-    public InstallTokenRequest() {
-        // required for jaxb
-    }
-
-    public String getUser() {
-        return user;
-    }
-
-    public void setUser(String user) {
-        this.user = user;
-    }
-
-    public String getPassword() {
-        return password;
-    }
-
-    public void setPassword(String password) {
-        this.password = password;
-    }
-
-    public String getSubsystem() {
-        return subsystem;
-    }
-
-    public void setSubsystem(String subsystem) {
-        this.subsystem = subsystem;
-    }
-
-    public String getHost() {
-        return host;
-    }
-
-    public void setHost(String host) {
-        this.host = host;
-    }
-
-    public String getPort() {
-        return port;
-    }
-
-    public void setPort(String port) {
-        this.port = port;
-    }
-    
-}
diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java
new file mode 100644
index 000000000..fd7eb342b
--- /dev/null
+++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java
@@ -0,0 +1,42 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.system;
+
+import java.net.URISyntaxException;
+
+import com.netscape.certsrv.client.ClientConfig;
+import com.netscape.certsrv.client.PKIClient;
+
+
+/**
+ * @author alee
+ */
+public class SecurityDomainClient extends PKIClient {
+
+    private SecurityDomainResource client;
+
+    public SecurityDomainClient(ClientConfig config) throws URISyntaxException {
+        super(config);
+
+        client = createProxy(SecurityDomainResource.class);
+    }
+
+    public InstallToken getInstallToken(String hostname, String subsystem) {
+        return client.getInstallToken(hostname, subsystem);
+    }
+}
diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java
new file mode 100644
index 000000000..41bbf779e
--- /dev/null
+++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainResource.java
@@ -0,0 +1,38 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2012 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.system;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.MediaType;
+
+/**
+ * @author alee
+ */
+@Path("securityDomain")
+public interface SecurityDomainResource {
+
+    @GET
+    @Path("installToken")
+    @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
+    public InstallToken getInstallToken(
+            @QueryParam("hostname") String hostname,
+            @QueryParam("subsystem") String subsystem);
+}
diff --git a/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java b/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java
index 876ed9bac..fd14bbe19 100644
--- a/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java
+++ b/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java
@@ -40,8 +40,4 @@ public class SystemConfigClient extends PKIClient {
     public ConfigurationResponse configure(ConfigurationRequest data) {
         return configClient.configure(data);
     }
-
-    public InstallToken getInstallToken(InstallTokenRequest data) {
-        return configClient.getInstallToken(data);
-    }
 }
diff --git a/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java b/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java
index 4ecafc6f7..ca06ededb 100644
--- a/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java
+++ b/base/common/src/com/netscape/certsrv/system/SystemConfigResource.java
@@ -44,12 +44,6 @@ public interface SystemConfigResource {
     @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
     public ConfigurationResponse configure(ConfigurationRequest data);
 
-    @POST
-    @Path("installToken")
-    @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
-    @Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
-    public InstallToken getInstallToken(InstallTokenRequest data);
-
     @GET
     @Path("domainInfo")
     @Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
-- 
cgit