From c1aa8b2d05cb1873990d1a3e9cf007cca240f135 Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Thu, 25 Oct 2012 11:52:15 -0500 Subject: Enabled authentication for key services. The web.xml in KRA has been modified to enable the authentication for key and key request services. Some tools have been added to access the services via command-line. Ticket #376 --- .../src/com/netscape/cmstools/cli/MainCLI.java | 2 + .../src/com/netscape/cmstools/key/KeyCLI.java | 111 +++++++++++++++++++ .../src/com/netscape/cmstools/key/KeyFindCLI.java | 107 ++++++++++++++++++ .../netscape/cmstools/key/KeyRequestFindCLI.java | 120 +++++++++++++++++++++ .../com/netscape/cmstools/user/UserFindCLI.java | 2 +- 5 files changed, 341 insertions(+), 1 deletion(-) create mode 100644 base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java create mode 100644 base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java create mode 100644 base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java (limited to 'base/java-tools') diff --git a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java index d7cb293a7..2e661fcc6 100644 --- a/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/cli/MainCLI.java @@ -35,6 +35,7 @@ import com.netscape.certsrv.client.ClientConfig; import com.netscape.certsrv.client.PKIConnection; import com.netscape.cmstools.cert.CertCLI; import com.netscape.cmstools.group.GroupCLI; +import com.netscape.cmstools.key.KeyCLI; import com.netscape.cmstools.system.SecurityDomainCLI; import com.netscape.cmstools.user.UserCLI; @@ -53,6 +54,7 @@ public class MainCLI extends CLI { addModule(new CertCLI(this)); addModule(new GroupCLI(this)); + addModule(new KeyCLI(this)); addModule(new SecurityDomainCLI(this)); addModule(new UserCLI(this)); } diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java new file mode 100644 index 000000000..f3922d5da --- /dev/null +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java @@ -0,0 +1,111 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2012 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package com.netscape.cmstools.key; + +import java.util.Arrays; + +import org.apache.commons.lang.StringUtils; + +import com.netscape.certsrv.key.KeyClient; +import com.netscape.certsrv.key.KeyDataInfo; +import com.netscape.certsrv.key.KeyRequestInfo; +import com.netscape.cmstools.cli.CLI; +import com.netscape.cmstools.cli.MainCLI; + +/** + * @author Endi S. Dewata + */ +public class KeyCLI extends CLI { + + public MainCLI parent; + public KeyClient keyClient; + + public KeyCLI(MainCLI parent) { + super("key", "Key management commands"); + this.parent = parent; + + addModule(new KeyFindCLI(this)); + addModule(new KeyRequestFindCLI(this)); + } + + public void printHelp() { + + System.out.println("Commands:"); + + int leftPadding = 1; + int rightPadding = 25; + + for (CLI module : modules.values()) { + String label = name + "-" + module.getName(); + + int padding = rightPadding - leftPadding - label.length(); + if (padding < 1) + padding = 1; + + System.out.print(StringUtils.repeat(" ", leftPadding)); + System.out.print(label); + System.out.print(StringUtils.repeat(" ", padding)); + System.out.println(module.getDescription()); + } + } + + public void execute(String[] args) throws Exception { + + keyClient = new KeyClient(parent.connection); + + if (args.length == 0) { + printHelp(); + System.exit(1); + } + + String command = args[0]; + String[] commandArgs = Arrays.copyOfRange(args, 1, args.length); + + if (command == null) { + printHelp(); + System.exit(1); + } + + CLI module = getModule(command); + if (module != null) { + module.execute(commandArgs); + + } else { + System.err.println("Error: Invalid command \"" + command + "\""); + printHelp(); + System.exit(1); + } + } + + public static void printKeyInfo(KeyDataInfo info) { + System.out.println(" Key ID: "+info.getKeyId().toHexString()); + if (info.getClientID() != null) System.out.println(" Client ID: "+info.getClientID()); + if (info.getStatus() != null) System.out.println(" Status: "+info.getStatus()); + if (info.getAlgorithm() != null) System.out.println(" Algorithm: "+info.getAlgorithm()); + if (info.getSize() != null) System.out.println(" Size: "+info.getSize()); + if (info.getOwnerName() != null) System.out.println(" Owner: "+info.getOwnerName()); + } + + public static void printKeyRequestInfo(KeyRequestInfo info) { + System.out.println(" Request ID: "+info.getRequestId().toHexString()); + if (info.getKeyId() != null) System.out.println(" Key ID: "+info.getKeyId().toHexString()); + if (info.getRequestType() != null) System.out.println(" Type: "+info.getRequestType()); + if (info.getRequestStatus() != null) System.out.println(" Status: "+info.getRequestStatus()); + } +} diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java new file mode 100644 index 000000000..014a9b60e --- /dev/null +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyFindCLI.java @@ -0,0 +1,107 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2012 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package com.netscape.cmstools.key; + +import java.util.Collection; + +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.Option; +import org.apache.commons.cli.ParseException; + +import com.netscape.certsrv.key.KeyDataInfo; +import com.netscape.certsrv.key.KeyDataInfos; +import com.netscape.cmstools.cli.CLI; +import com.netscape.cmstools.cli.MainCLI; + +/** + * @author Endi S. Dewata + */ +public class KeyFindCLI extends CLI { + + public KeyCLI parent; + + public KeyFindCLI(KeyCLI parent) { + super("find", "Find keys"); + this.parent = parent; + } + + public void printHelp() { + formatter.printHelp(parent.name + "-" + name + " [OPTIONS...]", options); + } + + public void execute(String[] args) { + + Option option = new Option(null, "client", true, "Client ID"); + option.setArgName("client ID"); + options.addOption(option); + + option = new Option(null, "status", true, "Status"); + option.setArgName("status"); + options.addOption(option); + + option = new Option(null, "maxResults", true, "Maximum results"); + option.setArgName("max results"); + options.addOption(option); + + option = new Option(null, "maxTime", true, "Maximum time"); + option.setArgName("max time"); + options.addOption(option); + + CommandLine cmd = null; + + try { + cmd = parser.parse(options, args); + + } catch (ParseException e) { + System.err.println("Error: " + e.getMessage()); + printHelp(); + System.exit(1); + } + + String clientID = cmd.getOptionValue("client"); + String status = cmd.getOptionValue("status"); + + String s = cmd.getOptionValue("maxResults"); + Integer maxResults = s == null ? null : Integer.valueOf(s); + + s = cmd.getOptionValue("maxTime"); + Integer maxTime = s == null ? null : Integer.valueOf(s); + + KeyDataInfos keys = parent.keyClient.findKeys(clientID, status, maxResults, maxTime); + + Collection entries = keys.getKeyInfos(); + + MainCLI.printMessage(entries.size() + " key(s) matched"); + + boolean first = true; + + for (KeyDataInfo info : entries) { + + if (first) { + first = false; + } else { + System.out.println(); + } + + KeyCLI.printKeyInfo(info); + } + + MainCLI.printMessage("Number of entries returned " + entries.size()); + } +} diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java new file mode 100644 index 000000000..83ce42318 --- /dev/null +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyRequestFindCLI.java @@ -0,0 +1,120 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2012 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +package com.netscape.cmstools.key; + +import java.util.Collection; + +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.Option; +import org.apache.commons.cli.ParseException; + +import com.netscape.certsrv.key.KeyRequestInfo; +import com.netscape.certsrv.key.KeyRequestInfos; +import com.netscape.certsrv.request.RequestId; +import com.netscape.cmstools.cli.CLI; +import com.netscape.cmstools.cli.MainCLI; + +/** + * @author Endi S. Dewata + */ +public class KeyRequestFindCLI extends CLI { + + public KeyCLI parent; + + public KeyRequestFindCLI(KeyCLI parent) { + super("request-find", "Find key requests"); + this.parent = parent; + } + + public void printHelp() { + formatter.printHelp(parent.name + "-" + name + " [OPTIONS...]", options); + } + + public void execute(String[] args) { + + Option option = new Option(null, "status", true, "Request status"); + option.setArgName("status"); + options.addOption(option); + + option = new Option(null, "type", true, "Request type"); + option.setArgName("type"); + options.addOption(option); + + option = new Option(null, "client", true, "Client ID"); + option.setArgName("client ID"); + options.addOption(option); + + option = new Option(null, "maxResults", true, "Maximum results"); + option.setArgName("max results"); + options.addOption(option); + + option = new Option(null, "maxTime", true, "Maximum time"); + option.setArgName("max time"); + options.addOption(option); + + CommandLine cmd = null; + + try { + cmd = parser.parse(options, args); + + } catch (ParseException e) { + System.err.println("Error: " + e.getMessage()); + printHelp(); + System.exit(1); + } + + String status = cmd.getOptionValue("status"); + String type = cmd.getOptionValue("type"); + String clientID = cmd.getOptionValue("client"); + + String s = cmd.getOptionValue("start"); + RequestId start = s == null ? null : new RequestId(s); + + s = cmd.getOptionValue("pageSize"); + Integer pageSize = s == null ? null : Integer.valueOf(s); + + s = cmd.getOptionValue("maxResults"); + Integer maxResults = s == null ? null : Integer.valueOf(s); + + s = cmd.getOptionValue("maxTime"); + Integer maxTime = s == null ? null : Integer.valueOf(s); + + KeyRequestInfos keys = parent.keyClient.findKeyRequests( + status, type, clientID, start, pageSize, maxResults, maxTime); + + Collection entries = keys.getRequests(); + + MainCLI.printMessage(entries.size() + " key request(s) matched"); + + boolean first = true; + + for (KeyRequestInfo info : entries) { + + if (first) { + first = false; + } else { + System.out.println(); + } + + KeyCLI.printKeyRequestInfo(info); + } + + MainCLI.printMessage("Number of entries returned " + entries.size()); + } +} diff --git a/base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java b/base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java index a5b96d1c3..187d4596d 100644 --- a/base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/user/UserFindCLI.java @@ -65,7 +65,7 @@ public class UserFindCLI extends CLI { System.exit(1); } - String[] cmdArgs = cmd.getArgs();; + String[] cmdArgs = cmd.getArgs(); String filter = cmdArgs.length > 0 ? cmdArgs[0] : null; String s = cmd.getOptionValue("start"); -- cgit