From 7a89bc5ac029066e4ec6d35d1cc953f046a9d36f Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Tue, 23 Apr 2013 11:37:03 -0400 Subject: Refactored code to import CA certificate. The code to import CA certificate has been moved from PKIConnection into PKIClient to allow reuse. The Client classes have been modified such that it uses a shared PKIClient object instead of PKIConnection. The return codes in CertFindCLI has been fixed to be more consistent with other commands. Ticket #491 --- .../netscape/certsrv/account/AccountClient.java | 15 ++- .../src/com/netscape/certsrv/ca/CAClient.java | 19 ++-- .../src/com/netscape/certsrv/cert/CertClient.java | 17 ++- .../src/com/netscape/certsrv/client/PKIClient.java | 120 ++++++++++++++++++++- .../com/netscape/certsrv/client/PKIConnection.java | 71 ++++-------- .../com/netscape/certsrv/group/GroupClient.java | 23 ++-- .../src/com/netscape/certsrv/key/KeyClient.java | 17 ++- .../src/com/netscape/certsrv/kra/DRMClient.java | 21 ++-- .../certsrv/system/KRAConnectorClient.java | 16 +-- .../certsrv/system/SecurityDomainClient.java | 21 ++-- .../certsrv/system/SystemConfigClient.java | 15 ++- .../src/com/netscape/certsrv/user/UserClient.java | 27 +++-- .../cms/servlet/csadmin/ConfigurationUtils.java | 10 +- 13 files changed, 231 insertions(+), 161 deletions(-) (limited to 'base/common/src/com') diff --git a/base/common/src/com/netscape/certsrv/account/AccountClient.java b/base/common/src/com/netscape/certsrv/account/AccountClient.java index e60112229..36adcf57a 100644 --- a/base/common/src/com/netscape/certsrv/account/AccountClient.java +++ b/base/common/src/com/netscape/certsrv/account/AccountClient.java @@ -21,27 +21,26 @@ import java.net.URISyntaxException; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; -import com.netscape.certsrv.client.PKIConnection; /** * @author Endi S. Dewata */ -public class AccountClient extends PKIClient { +public class AccountClient { + public PKIClient client; public AccountResource resource; - public AccountClient(PKIConnection connection) throws URISyntaxException { - super(connection); - init(); + public AccountClient(ClientConfig config) throws URISyntaxException { + this(new PKIClient(config)); } - public AccountClient(ClientConfig config) throws URISyntaxException { - super(config); + public AccountClient(PKIClient client) throws URISyntaxException { + this.client = client; init(); } public void init() throws URISyntaxException { - resource = createProxy(AccountResource.class); + resource = client.createProxy(AccountResource.class); } public void login() { diff --git a/base/common/src/com/netscape/certsrv/ca/CAClient.java b/base/common/src/com/netscape/certsrv/ca/CAClient.java index 93d50b670..906caada7 100644 --- a/base/common/src/com/netscape/certsrv/ca/CAClient.java +++ b/base/common/src/com/netscape/certsrv/ca/CAClient.java @@ -31,33 +31,32 @@ import com.netscape.certsrv.cert.CertReviewResponse; import com.netscape.certsrv.cert.CertSearchRequest; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; -import com.netscape.certsrv.client.PKIConnection; import com.netscape.certsrv.dbs.certdb.CertId; import com.netscape.certsrv.profile.ProfileData; import com.netscape.certsrv.profile.ProfileDataInfos; import com.netscape.certsrv.profile.ProfileResource; import com.netscape.certsrv.request.RequestId; -public class CAClient extends PKIClient { +public class CAClient { + private PKIClient client; private CertResource certClient; private CertRequestResource certRequestClient; private ProfileResource profileClient; - public CAClient(PKIConnection connection) throws URISyntaxException { - super(connection); - init(); + public CAClient(ClientConfig config) throws URISyntaxException { + this(new PKIClient(config)); } - public CAClient(ClientConfig config) throws URISyntaxException { - super(config); + public CAClient(PKIClient client) throws URISyntaxException { + this.client = client; init(); } public void init() throws URISyntaxException { - certRequestClient = createProxy(CertRequestResource.class); - certClient = createProxy(CertResource.class); - profileClient = createProxy(ProfileResource.class); + certRequestClient = client.createProxy(CertRequestResource.class); + certClient = client.createProxy(CertResource.class); + profileClient = client.createProxy(ProfileResource.class); } public Collection listRequests(String requestState, String requestType) { diff --git a/base/common/src/com/netscape/certsrv/cert/CertClient.java b/base/common/src/com/netscape/certsrv/cert/CertClient.java index 215153fd1..42c78eb2c 100644 --- a/base/common/src/com/netscape/certsrv/cert/CertClient.java +++ b/base/common/src/com/netscape/certsrv/cert/CertClient.java @@ -21,31 +21,30 @@ import java.net.URISyntaxException; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; -import com.netscape.certsrv.client.PKIConnection; import com.netscape.certsrv.dbs.certdb.CertId; import com.netscape.certsrv.request.RequestId; /** * @author Endi S. Dewata */ -public class CertClient extends PKIClient { +public class CertClient { + public PKIClient client; public CertResource certClient; public CertRequestResource certRequestResource; - public CertClient(PKIConnection connection) throws URISyntaxException { - super(connection); - init(); + public CertClient(ClientConfig config) throws URISyntaxException { + this(new PKIClient(config)); } - public CertClient(ClientConfig config) throws URISyntaxException { - super(config); + public CertClient(PKIClient client) throws URISyntaxException { + this.client = client; init(); } public void init() throws URISyntaxException { - certClient = createProxy(CertResource.class); - certRequestResource = createProxy(CertRequestResource.class); + certClient = client.createProxy(CertResource.class); + certRequestResource = client.createProxy(CertRequestResource.class); } public CertData getCert(CertId id) { diff --git a/base/common/src/com/netscape/certsrv/client/PKIClient.java b/base/common/src/com/netscape/certsrv/client/PKIClient.java index 482ed9fde..00b71694b 100644 --- a/base/common/src/com/netscape/certsrv/client/PKIClient.java +++ b/base/common/src/com/netscape/certsrv/client/PKIClient.java @@ -1,20 +1,46 @@ package com.netscape.certsrv.client; +import java.io.IOException; +import java.net.URI; import java.net.URISyntaxException; +import java.net.URL; +import java.security.cert.CertificateEncodingException; + +import javax.xml.parsers.DocumentBuilder; +import javax.xml.parsers.DocumentBuilderFactory; +import javax.xml.parsers.ParserConfigurationException; import org.jboss.resteasy.client.ClientResponse; +import org.mozilla.jss.CryptoManager; +import org.mozilla.jss.CryptoManager.NicknameConflictException; +import org.mozilla.jss.CryptoManager.NotInitializedException; +import org.mozilla.jss.CryptoManager.UserCertConflictException; +import org.mozilla.jss.crypto.CryptoToken; +import org.mozilla.jss.crypto.InternalCertificate; +import org.mozilla.jss.crypto.NoSuchItemOnTokenException; +import org.mozilla.jss.crypto.ObjectNotFoundException; +import org.mozilla.jss.crypto.TokenCertificate; +import org.mozilla.jss.crypto.TokenException; +import org.mozilla.jss.crypto.X509Certificate; +import org.w3c.dom.Document; +import org.w3c.dom.Element; +import org.w3c.dom.NodeList; +import org.xml.sax.SAXException; + +import com.netscape.cmsutil.util.Utils; public class PKIClient { - PKIConnection connection; + public ClientConfig config; + public PKIConnection connection; - public PKIClient(PKIConnection connection) { - this.connection = connection; - } + public boolean verbose; public PKIClient(ClientConfig config) { - this(new PKIConnection(config)); + this.config = config; + + connection = new PKIConnection(this); } public T createProxy(Class clazz) throws URISyntaxException { @@ -24,4 +50,88 @@ public class PKIClient { public T getEntity(ClientResponse response) { return connection.getEntity(response); } + + public ClientConfig getConfig() { + return config; + } + + public PKIConnection getConnection() { + return connection; + } + + public boolean isVerbose() { + return verbose; + } + + public void setVerbose(boolean verbose) { + this.verbose = verbose; + } + + public X509Certificate[] getCerts() throws NotInitializedException { + CryptoManager manager = CryptoManager.getInstance(); + return manager.getPermCerts(); + } + + public X509Certificate[] getCACerts() throws NotInitializedException { + CryptoManager manager = CryptoManager.getInstance(); + return manager.getCACerts(); + } + + public byte[] downloadCACertChain(URI caServerURI) + throws ParserConfigurationException, SAXException, IOException { + + URL url = new URL(caServerURI+"/ee/ca/getCertChain"); + + DocumentBuilderFactory documentFactory = DocumentBuilderFactory.newInstance(); + DocumentBuilder documentBuilder = documentFactory.newDocumentBuilder(); + + Document document = documentBuilder.parse(url.openStream()); + NodeList list = document.getElementsByTagName("ChainBase64"); + Element element = (Element)list.item(0); + + String encodedChain = element.getTextContent(); + return Utils.base64decode(encodedChain); + } + + public X509Certificate importCertPackage(byte[] bytes, String nickname) + throws NotInitializedException, CertificateEncodingException, + NicknameConflictException, UserCertConflictException, + NoSuchItemOnTokenException, TokenException { + + CryptoManager manager = CryptoManager.getInstance(); + return manager.importCertPackage(bytes, nickname); + } + + public X509Certificate importCACertPackage(byte[] bytes) + throws NotInitializedException, CertificateEncodingException, TokenException { + + CryptoManager manager = CryptoManager.getInstance(); + InternalCertificate cert = (InternalCertificate)manager.importCACertPackage(bytes); + + cert.setSSLTrust( + InternalCertificate.VALID_CA | + InternalCertificate.TRUSTED_CA | + InternalCertificate.TRUSTED_CLIENT_CA); + + return cert; + } + + public void removeCert(String nickname) + throws TokenException, ObjectNotFoundException, + NoSuchItemOnTokenException, NotInitializedException { + + CryptoManager manager = CryptoManager.getInstance(); + X509Certificate cert = manager.findCertByNickname(nickname); + + CryptoToken cryptoToken; + if (cert instanceof TokenCertificate) { + TokenCertificate tokenCert = (TokenCertificate) cert; + cryptoToken = tokenCert.getOwningToken(); + + } else { + cryptoToken = manager.getInternalKeyStorageToken(); + } + + cryptoToken.getCryptoStore().deleteCert(cert); + } } diff --git a/base/common/src/com/netscape/certsrv/client/PKIConnection.java b/base/common/src/com/netscape/certsrv/client/PKIConnection.java index 556779ec8..62d549532 100644 --- a/base/common/src/com/netscape/certsrv/client/PKIConnection.java +++ b/base/common/src/com/netscape/certsrv/client/PKIConnection.java @@ -14,7 +14,6 @@ import java.net.InetSocketAddress; import java.net.Socket; import java.net.URI; import java.net.URISyntaxException; -import java.net.URL; import java.net.UnknownHostException; import java.util.ArrayList; import java.util.Collection; @@ -23,8 +22,6 @@ import java.util.HashSet; import java.util.List; import javax.ws.rs.core.MediaType; -import javax.xml.parsers.DocumentBuilder; -import javax.xml.parsers.DocumentBuilderFactory; import org.apache.commons.httpclient.ConnectTimeoutException; import org.apache.http.Header; @@ -66,19 +63,14 @@ import org.jboss.resteasy.client.core.extractors.ClientErrorHandler; import org.jboss.resteasy.spi.ResteasyProviderFactory; import org.mozilla.jss.CryptoManager; import org.mozilla.jss.crypto.AlreadyInitializedException; -import org.mozilla.jss.crypto.InternalCertificate; import org.mozilla.jss.crypto.X509Certificate; import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; import org.mozilla.jss.ssl.SSLSocket; -import org.w3c.dom.Document; -import org.w3c.dom.Element; -import org.w3c.dom.NodeList; - -import com.netscape.cmsutil.util.Utils; public class PKIConnection { + PKIClient client; ClientConfig config; Collection rejectedCertStatuses; @@ -97,10 +89,12 @@ public class PKIConnection { int responseCounter; File output; - boolean verbose; - public PKIConnection(ClientConfig config) { - this.config = config; + public PKIConnection(final PKIClient client) { + + this.client = client; + + config = client.getConfig(); // Register https scheme. Scheme scheme = new Scheme("https", 443, new JSSProtocolSocketFactory()); @@ -125,7 +119,7 @@ public class PKIConnection { requestCounter++; - if (verbose) { + if (client.verbose) { System.out.println("HTTP request: "+request.getRequestLine()); for (Header header : request.getAllHeaders()) { System.out.println(" "+header.getName()+": "+header.getValue()); @@ -153,7 +147,7 @@ public class PKIConnection { responseCounter++; - if (verbose) { + if (client.verbose) { System.out.println("HTTP response: "+response.getStatusLine()); for (Header header : response.getAllHeaders()) { System.out.println(" "+header.getName()+": "+header.getValue()); @@ -175,7 +169,7 @@ public class PKIConnection { HttpUriRequest uriRequest = super.getRedirect(request, response, context); URI uri = uriRequest.getURI(); - if (verbose) System.out.println("HTTP redirect: "+uri); + if (client.verbose) System.out.println("HTTP redirect: "+uri); // Redirect the original request to the new URI. RequestWrapper wrapper; @@ -344,42 +338,23 @@ public class PKIConnection { if (!line.equals("") && !line.equalsIgnoreCase("Y")) return false; - URI serverURI = config.getServerURI(); - URI caURI = new URI("http://" + serverURI.getHost() + ":8080/ca"); + String caServerURI = "http://" + config.getServerURI().getHost() + ":8080/ca"; - System.out.print("CA server URI [" + caURI + "]: "); + System.out.print("CA server URI [" + caServerURI + "]: "); System.out.flush(); line = reader.readLine().trim(); if (!line.equals("")) { - caURI = new URI(line); + caServerURI = line; } - URL url = new URL(caURI+"/ee/ca/getCertChain"); - if (verbose) System.out.println("Downloading CA cert chain from " + url + ":"); - - DocumentBuilderFactory documentFactory = DocumentBuilderFactory.newInstance(); - DocumentBuilder documentBuilder = documentFactory.newDocumentBuilder(); - - Document document = documentBuilder.parse(url.openStream()); - NodeList list = document.getElementsByTagName("ChainBase64"); - Element element = (Element)list.item(0); - - String encodedChain = element.getTextContent(); - if (verbose) System.out.println(encodedChain); + if (client.verbose) System.out.println("Downloading CA certificate chain from " + caServerURI + "."); + byte[] bytes = client.downloadCACertChain(new URI(caServerURI)); - byte[] chain = Utils.base64decode(encodedChain); + if (client.verbose) System.out.println("Importing CA certificate chain."); + client.importCACertPackage(bytes); - if (verbose) System.out.println("Importing CA certificate."); - CryptoManager manager = CryptoManager.getInstance(); - InternalCertificate internalCert = (InternalCertificate)manager.importCACertPackage(chain); - - internalCert.setSSLTrust( - InternalCertificate.VALID_CA | - InternalCertificate.TRUSTED_CA | - InternalCertificate.TRUSTED_CLIENT_CA); - - if (verbose) System.out.println("Imported CA certificate."); + if (client.verbose) System.out.println("Imported CA certificate."); return true; } catch (Exception e) { @@ -395,7 +370,7 @@ public class PKIConnection { boolean approval = true; - if (verbose) System.out.println("Server certificate: "+serverCert.getSubjectDN()); + if (client.verbose) System.out.println("Server certificate: "+serverCert.getSubjectDN()); SSLCertificateApprovalCallback.ValidityItem item; @@ -536,7 +511,7 @@ public class PKIConnection { String certNickname = config.getCertNickname(); if (certNickname != null) { - if (verbose) System.out.println("Client certificate: "+certNickname); + if (client.verbose) System.out.println("Client certificate: "+certNickname); socket.setClientCertNickname(certNickname); } @@ -608,12 +583,4 @@ public class PKIConnection { public void setOutput(File output) { this.output = output; } - - public boolean isVerbose() { - return verbose; - } - - public void setVerbose(boolean verbose) { - this.verbose = verbose; - } } diff --git a/base/common/src/com/netscape/certsrv/group/GroupClient.java b/base/common/src/com/netscape/certsrv/group/GroupClient.java index 2f7041b31..ac666fae6 100644 --- a/base/common/src/com/netscape/certsrv/group/GroupClient.java +++ b/base/common/src/com/netscape/certsrv/group/GroupClient.java @@ -23,29 +23,28 @@ import org.jboss.resteasy.client.ClientResponse; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; -import com.netscape.certsrv.client.PKIConnection; /** * @author Endi S. Dewata */ -public class GroupClient extends PKIClient { +public class GroupClient { + public PKIClient client; public GroupResource groupClient; public GroupMemberResource groupMemberClient; - public GroupClient(PKIConnection connection) throws URISyntaxException { - super(connection); - init(); + public GroupClient(ClientConfig config) throws URISyntaxException { + this(new PKIClient(config)); } - public GroupClient(ClientConfig config) throws URISyntaxException { - super(config); + public GroupClient(PKIClient client) throws URISyntaxException { + this.client = client; init(); } public void init() throws URISyntaxException { - groupClient = createProxy(GroupResource.class); - groupMemberClient = createProxy(GroupMemberResource.class); + groupClient = client.createProxy(GroupResource.class); + groupMemberClient = client.createProxy(GroupMemberResource.class); } public GroupCollection findGroups(String groupIDFilter, Integer start, Integer size) { @@ -59,13 +58,13 @@ public class GroupClient extends PKIClient { public GroupData addGroup(GroupData groupData) { @SuppressWarnings("unchecked") ClientResponse response = (ClientResponse)groupClient.addGroup(groupData); - return getEntity(response); + return client.getEntity(response); } public GroupData modifyGroup(String groupID, GroupData groupData) { @SuppressWarnings("unchecked") ClientResponse response = (ClientResponse)groupClient.modifyGroup(groupID, groupData); - return getEntity(response); + return client.getEntity(response); } public void removeGroup(String groupID) { @@ -83,7 +82,7 @@ public class GroupClient extends PKIClient { public GroupMemberData addGroupMember(String groupID, String memberID) { @SuppressWarnings("unchecked") ClientResponse response = (ClientResponse)groupMemberClient.addGroupMember(groupID, memberID); - return getEntity(response); + return client.getEntity(response); } public void removeGroupMember(String groupID, String memberID) { diff --git a/base/common/src/com/netscape/certsrv/key/KeyClient.java b/base/common/src/com/netscape/certsrv/key/KeyClient.java index ce2946c1e..7deef0472 100644 --- a/base/common/src/com/netscape/certsrv/key/KeyClient.java +++ b/base/common/src/com/netscape/certsrv/key/KeyClient.java @@ -21,30 +21,29 @@ import java.net.URISyntaxException; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; -import com.netscape.certsrv.client.PKIConnection; import com.netscape.certsrv.request.RequestId; /** * @author Endi S. Dewata */ -public class KeyClient extends PKIClient { +public class KeyClient { + public PKIClient client; public KeyResource keyClient; public KeyRequestResource keyRequestClient; - public KeyClient(PKIConnection connection) throws URISyntaxException { - super(connection); - init(); + public KeyClient(ClientConfig config) throws URISyntaxException { + this(new PKIClient(config)); } - public KeyClient(ClientConfig config) throws URISyntaxException { - super(config); + public KeyClient(PKIClient client) throws URISyntaxException { + this.client = client; init(); } public void init() throws URISyntaxException { - keyClient = createProxy(KeyResource.class); - keyRequestClient = createProxy(KeyRequestResource.class); + keyClient = client.createProxy(KeyResource.class); + keyRequestClient = client.createProxy(KeyRequestResource.class); } public KeyDataInfos findKeys(String clientID, String status, Integer maxSize, Integer maxTime) { diff --git a/base/common/src/com/netscape/certsrv/kra/DRMClient.java b/base/common/src/com/netscape/certsrv/kra/DRMClient.java index de2642eb1..75e85a2ae 100644 --- a/base/common/src/com/netscape/certsrv/kra/DRMClient.java +++ b/base/common/src/com/netscape/certsrv/kra/DRMClient.java @@ -9,7 +9,6 @@ import org.jboss.resteasy.client.ClientResponse; import com.netscape.certsrv.cert.CertData; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; -import com.netscape.certsrv.client.PKIConnection; import com.netscape.certsrv.dbs.keydb.KeyId; import com.netscape.certsrv.key.KeyArchivalRequest; import com.netscape.certsrv.key.KeyData; @@ -24,33 +23,33 @@ import com.netscape.certsrv.request.RequestId; import com.netscape.certsrv.system.SystemCertResource; import com.netscape.cmsutil.util.Utils; -public class DRMClient extends PKIClient { +public class DRMClient { + private PKIClient client; private KeyResource keyClient; private KeyRequestResource keyRequestClient; private SystemCertResource systemCertClient; - public DRMClient(PKIConnection connection) throws URISyntaxException { - super(connection); - init(); + public DRMClient(ClientConfig config) throws URISyntaxException { + this(new PKIClient(config)); } - public DRMClient(ClientConfig config) throws URISyntaxException { - super(config); + public DRMClient(PKIClient client) throws URISyntaxException { + this.client = client; init(); } public void init() throws URISyntaxException { - systemCertClient = createProxy(SystemCertResource.class); - keyRequestClient = createProxy(KeyRequestResource.class); - keyClient = createProxy(KeyResource.class); + systemCertClient = client.createProxy(SystemCertResource.class); + keyRequestClient = client.createProxy(KeyRequestResource.class); + keyClient = client.createProxy(KeyResource.class); } public String getTransportCert() { @SuppressWarnings("unchecked") ClientResponse response = (ClientResponse) systemCertClient .getTransportCert(); - CertData certData = getEntity(response); + CertData certData = client.getEntity(response); String transportCert = certData.getEncoded(); return transportCert; } diff --git a/base/common/src/com/netscape/certsrv/system/KRAConnectorClient.java b/base/common/src/com/netscape/certsrv/system/KRAConnectorClient.java index f7b2c7246..ea71cf645 100644 --- a/base/common/src/com/netscape/certsrv/system/KRAConnectorClient.java +++ b/base/common/src/com/netscape/certsrv/system/KRAConnectorClient.java @@ -21,26 +21,26 @@ import java.net.URISyntaxException; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; -import com.netscape.certsrv.client.PKIConnection; /** * @author Ade Lee */ -public class KRAConnectorClient extends PKIClient { +public class KRAConnectorClient { + + public PKIClient client; public KRAConnectorResource kraConnectorClient; - public KRAConnectorClient(PKIConnection connection) throws URISyntaxException { - super(connection); - init(); + public KRAConnectorClient(ClientConfig config) throws URISyntaxException { + this(new PKIClient(config)); } - public KRAConnectorClient(ClientConfig config) throws URISyntaxException { - super(config); + public KRAConnectorClient(PKIClient client) throws URISyntaxException { + this.client = client; init(); } public void init() throws URISyntaxException { - kraConnectorClient = createProxy(KRAConnectorResource.class); + kraConnectorClient = client.createProxy(KRAConnectorResource.class); } public void addConnector(KRAConnectorInfo info) { diff --git a/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java b/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java index 5ecd56092..490f837da 100644 --- a/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java +++ b/base/common/src/com/netscape/certsrv/system/SecurityDomainClient.java @@ -21,35 +21,34 @@ import java.net.URISyntaxException; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; -import com.netscape.certsrv.client.PKIConnection; /** * @author alee */ -public class SecurityDomainClient extends PKIClient { +public class SecurityDomainClient { - private SecurityDomainResource client; + private PKIClient client; + private SecurityDomainResource securityDomainClient; - public SecurityDomainClient(PKIConnection connection) throws URISyntaxException { - super(connection); - init(); + public SecurityDomainClient(ClientConfig config) throws URISyntaxException { + this(new PKIClient(config)); } - public SecurityDomainClient(ClientConfig config) throws URISyntaxException { - super(config); + public SecurityDomainClient(PKIClient client) throws URISyntaxException { + this.client = client; init(); } public void init() throws URISyntaxException { - client = createProxy(SecurityDomainResource.class); + securityDomainClient = client.createProxy(SecurityDomainResource.class); } public InstallToken getInstallToken(String hostname, String subsystem) { - return client.getInstallToken(hostname, subsystem); + return securityDomainClient.getInstallToken(hostname, subsystem); } public DomainInfo getDomainInfo() { - return client.getDomainInfo(); + return securityDomainClient.getDomainInfo(); } } diff --git a/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java b/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java index 4ccf152b3..aa4e6842e 100644 --- a/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java +++ b/base/common/src/com/netscape/certsrv/system/SystemConfigClient.java @@ -21,29 +21,28 @@ import java.net.URISyntaxException; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; -import com.netscape.certsrv.client.PKIConnection; /** * @author alee * */ -public class SystemConfigClient extends PKIClient { +public class SystemConfigClient { + private PKIClient client; private SystemConfigResource configClient; - public SystemConfigClient(PKIConnection connection) throws URISyntaxException { - super(connection); - init(); + public SystemConfigClient(ClientConfig config) throws URISyntaxException { + this(new PKIClient(config)); } - public SystemConfigClient(ClientConfig config) throws URISyntaxException { - super(config); + public SystemConfigClient(PKIClient client) throws URISyntaxException { + this.client = client; init(); } public void init() throws URISyntaxException { - configClient = createProxy(SystemConfigResource.class); + configClient = client.createProxy(SystemConfigResource.class); } public ConfigurationResponse configure(ConfigurationRequest data) { diff --git a/base/common/src/com/netscape/certsrv/user/UserClient.java b/base/common/src/com/netscape/certsrv/user/UserClient.java index 2dd350354..5f1ebd5b8 100644 --- a/base/common/src/com/netscape/certsrv/user/UserClient.java +++ b/base/common/src/com/netscape/certsrv/user/UserClient.java @@ -23,31 +23,30 @@ import org.jboss.resteasy.client.ClientResponse; import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIClient; -import com.netscape.certsrv.client.PKIConnection; /** * @author Endi S. Dewata */ -public class UserClient extends PKIClient { +public class UserClient { + public PKIClient client; public UserResource userClient; public UserCertResource userCertClient; public UserMembershipResource userMembershipClient; - public UserClient(PKIConnection connection) throws URISyntaxException { - super(connection); - init(); + public UserClient(ClientConfig config) throws URISyntaxException { + this(new PKIClient(config)); } - public UserClient(ClientConfig config) throws URISyntaxException { - super(config); + public UserClient(PKIClient client) throws URISyntaxException { + this.client = client; init(); } public void init() throws URISyntaxException { - userClient = createProxy(UserResource.class); - userCertClient = createProxy(UserCertResource.class); - userMembershipClient = createProxy(UserMembershipResource.class); + userClient = client.createProxy(UserResource.class); + userCertClient = client.createProxy(UserCertResource.class); + userMembershipClient = client.createProxy(UserMembershipResource.class); } public UserCollection findUsers(String filter, Integer start, Integer size) { @@ -61,13 +60,13 @@ public class UserClient extends PKIClient { public UserData addUser(UserData userData) { @SuppressWarnings("unchecked") ClientResponse response = (ClientResponse)userClient.addUser(userData); - return getEntity(response); + return client.getEntity(response); } public UserData modifyUser(String userID, UserData userData) { @SuppressWarnings("unchecked") ClientResponse response = (ClientResponse)userClient.modifyUser(userID, userData); - return getEntity(response); + return client.getEntity(response); } public void removeUser(String userID) { @@ -85,7 +84,7 @@ public class UserClient extends PKIClient { public UserCertData addUserCert(String userID, UserCertData userCertData) { @SuppressWarnings("unchecked") ClientResponse response = (ClientResponse)userCertClient.addUserCert(userID, userCertData); - return getEntity(response); + return client.getEntity(response); } public void removeUserCert(String userID, String certID) { @@ -99,7 +98,7 @@ public class UserClient extends PKIClient { public UserMembershipData addUserMembership(String userID, String groupID) { @SuppressWarnings("unchecked") ClientResponse response = (ClientResponse)userMembershipClient.addUserMembership(userID, groupID); - return getEntity(response); + return client.getEntity(response); } public void removeUserMembership(String userD, String groupID) { diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index 82c994652..014eb448b 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -140,6 +140,7 @@ import com.netscape.certsrv.base.IConfigStore; import com.netscape.certsrv.base.ISubsystem; import com.netscape.certsrv.ca.ICertificateAuthority; import com.netscape.certsrv.client.ClientConfig; +import com.netscape.certsrv.client.PKIClient; import com.netscape.certsrv.client.PKIConnection; import com.netscape.certsrv.dbs.IDBSubsystem; import com.netscape.certsrv.dbs.crldb.ICRLIssuingPointRecord; @@ -213,7 +214,8 @@ public class ConfigurationUtils { config.setServerURI(protocol + "://" + hostname + ":" + port + path); config.setCertNickname(clientnickname); - PKIConnection connection = new PKIConnection(config); + PKIClient client = new PKIClient(config); + PKIConnection connection = client.getConnection(); ClientResponse response = connection.post(content); return response; @@ -328,9 +330,9 @@ public class ConfigurationUtils { config.setPassword(passwd); config.setInstanceCreationMode(true); - PKIConnection connection = new PKIConnection(config); - AccountClient accountClient = new AccountClient(connection); - SecurityDomainClient sdClient = new SecurityDomainClient(connection); + PKIClient client = new PKIClient(config); + AccountClient accountClient = new AccountClient(client); + SecurityDomainClient sdClient = new SecurityDomainClient(client); try { accountClient.login(); -- cgit