From aaebc76f590a31f6dc44efa98dba950985dc6dd2 Mon Sep 17 00:00:00 2001 From: Matthew Harmsen Date: Thu, 16 Aug 2012 20:09:20 -0700 Subject: PKI Deployment Scriptlets * TRAC Ticket #266 - for non-master CA subsystems, pkidestroy needs to contact the security domain to update the domain * Made Fedora 17 rely upon tomcatjss 7.0.0 or later * Changed Dogtag 10 build-time and runtime requirements for 'pki-deploy' * Altered PKI Package Dependency Chain (top-to-bottom): pki-ca, pki-kra, pki-ocsp, pki-tks --> pki-deploy --> pki-common * Changed TPS to require a build-time dependency of 'httpd-devel >= 2.4.2' * Clarified RPM build script's usage message --- .../com/netscape/cms/servlet/csadmin/DownloadPKCS12.java | 6 ++++-- .../com/netscape/cms/servlet/csadmin/GetConfigEntries.java | 3 ++- .../com/netscape/cms/servlet/csadmin/GetTransportCert.java | 6 ++++-- .../netscape/cms/servlet/csadmin/ImportTransportCert.java | 6 ++++-- .../src/com/netscape/cms/servlet/csadmin/RegisterUser.java | 6 ++++-- .../com/netscape/cms/servlet/csadmin/UpdateConnector.java | 6 ++++-- .../com/netscape/cms/servlet/csadmin/UpdateDomainXML.java | 14 ++++++++------ .../netscape/cms/servlet/csadmin/UpdateNumberRange.java | 3 ++- .../com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java | 3 ++- 9 files changed, 34 insertions(+), 19 deletions(-) (limited to 'base/common/src/com') diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java b/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java index 57a1e6202..7f7929930 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java @@ -72,7 +72,8 @@ public class DownloadPKCS12 extends CMSServlet { String pin = (String) httpReq.getSession().getAttribute("pin"); if (pin == null) { CMS.debug("DownloadPKCS12 process: Failed to get the pin from the cookie."); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } @@ -84,7 +85,8 @@ public class DownloadPKCS12 extends CMSServlet { if (!pin.equals(cspin)) { CMS.debug("DownloadPKCS12 process: Wrong pin"); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java b/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java index a9de5a54e..ee013ef48 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java @@ -88,7 +88,8 @@ public class GetConfigEntries extends CMSServlet { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", e.toString())); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java b/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java index ae5edf617..649b1214a 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java @@ -86,13 +86,15 @@ public class GetTransportCert extends CMSServlet { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", e.toString())); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } if (authToken == null) { CMS.debug("GetTransportCert: authentication failed."); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java b/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java index 859ba845e..b0dc966f3 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java @@ -86,13 +86,15 @@ public class ImportTransportCert extends CMSServlet { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", e.toString())); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } if (authToken == null) { CMS.debug("ImportTransportCert: authentication failed."); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java b/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java index d2cf540c3..74197a4a8 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java @@ -103,13 +103,15 @@ public class RegisterUser extends CMSServlet { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", e.toString())); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } if (authToken == null) { CMS.debug("RegisterUser: authentication failed."); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java index 240468d03..b6f64767a 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java @@ -86,13 +86,15 @@ public class UpdateConnector extends CMSServlet { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", e.toString())); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } if (authToken == null) { CMS.debug("UpdateConnector: authentication failed."); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java index fe6507f37..b783c359b 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java @@ -213,13 +213,16 @@ public class UpdateDomainXML extends CMSServlet { authToken = authenticate(cmsReq); } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); - outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); + CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", + e.toString())); + outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated", + null); return; } if (authToken == null) { CMS.debug("UpdateDomainXML process: authToken is null"); - outputError(httpResp, AUTH_FAILURE, "Error: not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: not authenticated", + null); return; } CMS.debug("UpdateDomainXML process: authentication done"); @@ -232,19 +235,18 @@ public class UpdateDomainXML extends CMSServlet { } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); - outputError(httpResp, AUTH_FAILURE, "Error: Not authorized"); + outputError(httpResp, "Error: Not authorized"); return; } catch (Exception e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, - AUTH_FAILURE, "Error: Encountered problem during authorization."); return; } if (authzToken == null) { CMS.debug("UpdateDomainXML process: authorization error"); - outputError(httpResp, AUTH_FAILURE, "Error: Not authorized"); + outputError(httpResp, "Error: Not authorized"); return; } diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java index eb88a1c31..b99a298a9 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java @@ -89,7 +89,8 @@ public class UpdateNumberRange extends CMSServlet { IAuthToken authToken = authenticate(cmsReq); if (authToken == null) { CMS.debug("UpdateNumberRange process: authToken is null"); - outputError(httpResp, AUTH_FAILURE, "Error: not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: not authenticated", + null); } AuthzToken authzToken = null; diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java index e1b33ea6a..3d564e955 100644 --- a/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java +++ b/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java @@ -74,7 +74,8 @@ public class UpdateOCSPConfig extends CMSServlet { IAuthToken authToken = authenticate(cmsReq); if (authToken == null) { CMS.debug("UpdateOCSPConfig process: authToken is null"); - outputError(httpResp, AUTH_FAILURE, "Error: not authenticated"); + outputError(httpResp, AUTH_FAILURE, "Error: not authenticated", + null); } AuthzToken authzToken = null; -- cgit