From 8b5c3cf9b37e5b3be44b777545fb1887c2fb75d2 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Fri, 11 Sep 2015 22:54:56 +0200 Subject: Refactored LDAPSecurityDomainSessionTable. The LDAPSecurityDomainSessionTable has been modified to throw an exception if there is a failure. https://fedorahosted.org/pki/ticket/1633 --- .../session/LDAPSecurityDomainSessionTable.java | 192 +++++++++++---------- .../session/SecurityDomainSessionTable.java | 4 +- .../com/netscape/cmscore/session/SessionTimer.java | 12 +- 3 files changed, 111 insertions(+), 97 deletions(-) (limited to 'base/server/cmscore/src') diff --git a/base/server/cmscore/src/com/netscape/cmscore/session/LDAPSecurityDomainSessionTable.java b/base/server/cmscore/src/com/netscape/cmscore/session/LDAPSecurityDomainSessionTable.java index bbc9f1a79..5fd58d908 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/session/LDAPSecurityDomainSessionTable.java +++ b/base/server/cmscore/src/com/netscape/cmscore/session/LDAPSecurityDomainSessionTable.java @@ -21,6 +21,14 @@ import java.util.Date; import java.util.Enumeration; import java.util.Vector; +import com.netscape.certsrv.apps.CMS; +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.base.ISecurityDomainSessionTable; +import com.netscape.certsrv.base.PKIException; +import com.netscape.certsrv.ldap.ELdapException; +import com.netscape.certsrv.ldap.ILdapConnFactory; + import netscape.ldap.LDAPAttribute; import netscape.ldap.LDAPAttributeSet; import netscape.ldap.LDAPConnection; @@ -29,13 +37,6 @@ import netscape.ldap.LDAPException; import netscape.ldap.LDAPSearchResults; import netscape.ldap.LDAPv2; -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.base.ISecurityDomainSessionTable; -import com.netscape.certsrv.ldap.ELdapException; -import com.netscape.certsrv.ldap.ILdapConnFactory; - /** * This object stores the values for IP, uid and group based on the cookie id in LDAP. * Entries are stored under ou=Security Domain, ou=sessions, $basedn @@ -55,48 +56,38 @@ public class LDAPSecurityDomainSessionTable } public int addEntry(String sessionId, String ip, - String uid, String group) { + String uid, String group) throws Exception { IConfigStore cs = CMS.getConfigStore(); LDAPConnection conn = null; - boolean sessions_exists = true; int status = FAILURE; - String basedn = null; - String sessionsdn = null; - try { - basedn = cs.getString("internaldb.basedn"); - sessionsdn = "ou=sessions,ou=Security Domain," + basedn; - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable: addEntry: failed to read basedn" + e); - return status; - } + String basedn = cs.getString("internaldb.basedn"); + String sessionsdn = "ou=sessions,ou=Security Domain," + basedn; try { // create session entry (if it does not exist) conn = mLdapConnFactory.getConn(); - LDAPEntry entry = null; - LDAPAttributeSet attrs = null; - attrs = new LDAPAttributeSet(); + LDAPAttributeSet attrs = new LDAPAttributeSet(); attrs.add(new LDAPAttribute("objectclass", "top")); attrs.add(new LDAPAttribute("objectclass", "organizationalUnit")); attrs.add(new LDAPAttribute("ou", "sessions")); - entry = new LDAPEntry(sessionsdn, attrs); - conn.add(entry); - } catch (Exception e) { - if ((e instanceof LDAPException) - && (((LDAPException) e).getLDAPResultCode() == LDAPException.ENTRY_ALREADY_EXISTS)) { - // continue - } else { - CMS.debug("SecurityDomainSessionTable: unable to create ou=sessions:" + e); - sessions_exists = false; + + LDAPEntry entry = new LDAPEntry(sessionsdn, attrs); + + try { + conn.add(entry); + + } catch (LDAPException e) { + if (e.getLDAPResultCode() == LDAPException.ENTRY_ALREADY_EXISTS) { + // continue + } else { + CMS.debug("SecurityDomainSessionTable: Unable to create ou=sessions: " + e); + throw new PKIException("Unable to create ou=sessions", e); + } } - } - // add new entry - try { - LDAPEntry entry = null; - LDAPAttributeSet attrs = null; + // add new entry String entrydn = "cn=" + sessionId + "," + sessionsdn; attrs = new LDAPAttributeSet(); attrs.add(new LDAPAttribute("objectclass", "top")); @@ -108,24 +99,24 @@ public class LDAPSecurityDomainSessionTable attrs.add(new LDAPAttribute("dateOfCreate", Long.toString((new Date()).getTime()))); entry = new LDAPEntry(entrydn, attrs); - if (sessions_exists) { - conn.add(entry); - CMS.debug("SecurityDomainSessionTable: added session entry" + sessionId); - status = SUCCESS; + + conn.add(entry); + + CMS.debug("SecurityDomainSessionTable: added session entry " + sessionId); + status = SUCCESS; + + } finally { + try { + mLdapConnFactory.returnConn(conn); + } catch (Exception e) { + CMS.debug(e); } - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable: unable to create session entry" + sessionId + ": " + e); } - try { - mLdapConnFactory.returnConn(conn); - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable:addEntry: Error in disconnecting from database: " + e); - } return status; } - public int removeEntry(String sessionId) { + public int removeEntry(String sessionId) throws Exception { IConfigStore cs = CMS.getConfigStore(); LDAPConnection conn = null; int status = FAILURE; @@ -135,26 +126,31 @@ public class LDAPSecurityDomainSessionTable conn = mLdapConnFactory.getConn(); conn.delete(dn); status = SUCCESS; - } catch (Exception e) { - if ((e instanceof LDAPException) - && (((LDAPException) e).getLDAPResultCode() == LDAPException.NO_SUCH_OBJECT)) { + + } catch (LDAPException e) { + if (e.getLDAPResultCode() == LDAPException.NO_SUCH_OBJECT) { // continue } else { CMS.debug("SecurityDomainSessionTable: unable to delete session " + sessionId + ": " + e); + throw new PKIException("Unable to delete session " + sessionId, e); + } + + } finally { + try { + mLdapConnFactory.returnConn(conn); + } catch (Exception e) { + CMS.debug(e); } } - try { - mLdapConnFactory.returnConn(conn); - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable: removeEntry: Error in disconnecting from database: " + e); - } + return status; } - public boolean isSessionIdExist(String sessionId) { + public boolean sessionExists(String sessionId) throws Exception { IConfigStore cs = CMS.getConfigStore(); LDAPConnection conn = null; boolean ret = false; + try { String basedn = cs.getString("internaldb.basedn"); String sessionsdn = "ou=sessions,ou=Security Domain," + basedn; @@ -165,19 +161,22 @@ public class LDAPSecurityDomainSessionTable LDAPSearchResults res = conn.search(sessionsdn, LDAPv2.SCOPE_SUB, filter, attrs, false); if (res.getCount() > 0) ret = true; - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable: unable to query session " + sessionId + ": " + e); - } - try { - mLdapConnFactory.returnConn(conn); - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable: isSessionIdExist: Error in disconnecting from database: " + e); + } finally { + try { + mLdapConnFactory.returnConn(conn); + } catch (Exception e) { + CMS.debug(e); + } } + return ret; } - public Enumeration getSessionIds() { + public Enumeration getSessionIDs() throws Exception { + + CMS.debug("LDAPSecurityDomainSessionTable: getSessionIds() "); + IConfigStore cs = CMS.getConfigStore(); LDAPConnection conn = null; Vector ret = new Vector(); @@ -188,38 +187,42 @@ public class LDAPSecurityDomainSessionTable String filter = "(objectclass=securityDomainSessionEntry)"; String[] attrs = { "cn" }; + CMS.debug("LDAPSecurityDomainSessionTable: searching " + sessionsdn); + conn = mLdapConnFactory.getConn(); LDAPSearchResults res = conn.search(sessionsdn, LDAPv2.SCOPE_SUB, filter, attrs, false); while (res.hasMoreElements()) { LDAPEntry entry = res.next(); LDAPAttribute sid = entry.getAttribute("cn"); if (sid == null) { - throw new Exception("Invalid LDAP Entry." + entry.getDN() + " No session id(cn)."); + CMS.debug("LDAPSecurityDomainSessionTable: Missing session ID: " + entry.getDN()); + throw new Exception("Missing session ID: " + entry.getDN()); } ret.add(sid.getStringValueArray()[0]); } + } catch (LDAPException e) { switch (e.getLDAPResultCode()) { case LDAPException.NO_SUCH_OBJECT: - CMS.debug("SecurityDomainSessionTable: getSessionIds(): no sessions have been created"); + CMS.debug("SecurityDomainSessionTable: No active sessions."); break; default: - CMS.debug("SecurityDomainSessionTable: unable to query sessionIds due to ldap exception: " + e); + CMS.debug("SecurityDomainSessionTable: RC: " + e.getLDAPResultCode()); + throw e; } - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable: unable to query sessionIds: " + e); - } - try { - mLdapConnFactory.returnConn(conn); - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable: getSessionIds: Error in disconnecting from database: " + e); + } finally { + try { + mLdapConnFactory.returnConn(conn); + } catch (Exception e) { + CMS.debug(e); + } } return ret.elements(); } - private String getStringValue(String sessionId, String attr) { + private String getStringValue(String sessionId, String attr) throws Exception { IConfigStore cs = CMS.getConfigStore(); LDAPConnection conn = null; String ret = null; @@ -228,6 +231,7 @@ public class LDAPSecurityDomainSessionTable String sessionsdn = "ou=sessions,ou=Security Domain," + basedn; String filter = "(cn=" + sessionId + ")"; String[] attrs = { attr }; + conn = mLdapConnFactory.getConn(); LDAPSearchResults res = conn.search(sessionsdn, LDAPv2.SCOPE_SUB, filter, attrs, false); if (res.getCount() > 0) { @@ -238,31 +242,31 @@ public class LDAPSecurityDomainSessionTable } ret = searchAttribute.getStringValueArray()[0]; } - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable: unable to query session " + sessionId + ": " + e.getMessage()); - } - try { - mLdapConnFactory.returnConn(conn); - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable: isSessionIdExist: Error in disconnecting from database: " + e); + } finally { + try { + mLdapConnFactory.returnConn(conn); + } catch (Exception e) { + CMS.debug(e); + } } + return ret; } - public String getIP(String sessionId) { + public String getIP(String sessionId) throws Exception { return getStringValue(sessionId, "host"); } - public String getUID(String sessionId) { + public String getUID(String sessionId) throws Exception { return getStringValue(sessionId, "uid"); } - public String getGroup(String sessionId) { + public String getGroup(String sessionId) throws Exception { return getStringValue(sessionId, "cmsUserGroup"); } - public long getBeginTime(String sessionId) { + public long getBeginTime(String sessionId) throws Exception { String beginStr = getStringValue(sessionId, "dateOfCreate"); if (beginStr != null) { return Long.parseLong(beginStr); @@ -274,7 +278,7 @@ public class LDAPSecurityDomainSessionTable return m_timeToLive; } - public int getSize() { + public int getSize() throws Exception { IConfigStore cs = CMS.getConfigStore(); LDAPConnection conn = null; int ret = 0; @@ -288,16 +292,16 @@ public class LDAPSecurityDomainSessionTable conn = mLdapConnFactory.getConn(); LDAPSearchResults res = conn.search(sessionsdn, LDAPv2.SCOPE_SUB, filter, attrs, false); ret = res.getCount(); - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable: unable to query sessionIds: " + e); - } - try { - mLdapConnFactory.returnConn(conn); - } catch (Exception e) { - CMS.debug("SecurityDomainSessionTable: getSessionIds: Error in disconnecting from database: " + e); + } finally { + try { + mLdapConnFactory.returnConn(conn); + } catch (Exception e) { + CMS.debug(e); + } } + return ret; } diff --git a/base/server/cmscore/src/com/netscape/cmscore/session/SecurityDomainSessionTable.java b/base/server/cmscore/src/com/netscape/cmscore/session/SecurityDomainSessionTable.java index c7fe25599..e408a87c9 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/session/SecurityDomainSessionTable.java +++ b/base/server/cmscore/src/com/netscape/cmscore/session/SecurityDomainSessionTable.java @@ -56,11 +56,11 @@ public class SecurityDomainSessionTable return SUCCESS; } - public boolean isSessionIdExist(String sessionId) { + public boolean sessionExists(String sessionId) { return m_sessions.containsKey(sessionId); } - public Enumeration getSessionIds() { + public Enumeration getSessionIDs() { return m_sessions.keys(); } diff --git a/base/server/cmscore/src/com/netscape/cmscore/session/SessionTimer.java b/base/server/cmscore/src/com/netscape/cmscore/session/SessionTimer.java index 28c06de32..0f79fc485 100644 --- a/base/server/cmscore/src/com/netscape/cmscore/session/SessionTimer.java +++ b/base/server/cmscore/src/com/netscape/cmscore/session/SessionTimer.java @@ -37,7 +37,17 @@ public class SessionTimer extends TimerTask { } public void run() { - Enumeration keys = m_sessiontable.getSessionIds(); + CMS.debug("SessionTimer: run()"); + try { + runImpl(); + } catch (Exception e) { + CMS.debug(e); + } + } + + public void runImpl() throws Exception { + + Enumeration keys = m_sessiontable.getSessionIDs(); while (keys.hasMoreElements()) { String sessionId = keys.nextElement(); long beginTime = m_sessiontable.getBeginTime(sessionId); -- cgit