From db615a895b644af038308ae71b680f1d93f78f70 Mon Sep 17 00:00:00 2001 From: mharmsen Date: Sat, 29 Oct 2011 04:43:21 +0000 Subject: Bugzilla Bug #737761 - Update Dogtag Packages for Fedora 16 git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/tags/DOGTAG_9_0_FEDORA_15_16_17_20111028@2279 c9f7a03b-bd48-0410-a16d-cbbf54688b0b --- .../cms/servlet/admin/ProfileAdminServlet.java | 2683 ++++++++++++++++++++ 1 file changed, 2683 insertions(+) create mode 100644 pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java (limited to 'pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java') diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java new file mode 100644 index 000000000..8306bc77e --- /dev/null +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java @@ -0,0 +1,2683 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.cms.servlet.admin; + + +import java.io.*; +import java.util.*; +import java.net.*; +import java.util.*; +import java.text.*; +import java.math.*; +import java.security.*; +import javax.servlet.*; +import javax.servlet.http.*; +import com.netscape.certsrv.common.*; +import com.netscape.certsrv.apps.*; +import com.netscape.certsrv.base.*; +import com.netscape.certsrv.logging.*; +import com.netscape.certsrv.policy.*; +import com.netscape.certsrv.profile.*; +import com.netscape.certsrv.registry.*; +import com.netscape.certsrv.property.*; +import com.netscape.certsrv.authority.IAuthority; +import com.netscape.certsrv.ca.ICertificateAuthority; +import com.netscape.certsrv.ra.IRegistrationAuthority; +import com.netscape.certsrv.kra.IKeyRecoveryAuthority; + + +/** + * This class is an administration servlet for policy management. + * + * Each service (CA, KRA, RA) should be responsible + * for registering an instance of this with the remote + * administration subsystem. + * + * @version $Revision$, $Date$ + */ +public class ProfileAdminServlet extends AdminServlet { + public final static String PROP_AUTHORITY = "authority"; + + private final static String INFO = "ProfileAdminServlet"; + private final static String PW_PASSWORD_CACHE_ADD = + "PASSWORD_CACHE_ADD"; + + public final static String PROP_PREDICATE = "predicate"; + private IAuthority mAuthority = null; + private IPluginRegistry mRegistry = null; + private IProfileSubsystem mProfileSub = null; + + // These will be moved to PolicyResources + public static String INVALID_POLICY_SCOPE = "Invalid policy administration scope"; + public static String INVALID_POLICY_IMPL_OP = "Invalid operation for policy implementation management"; + public static String NYI = "Not Yet Implemented"; + public static String INVALID_POLICY_IMPL_CONFIG = "Invalid policy implementation configuration"; + public static String INVALID_POLICY_INSTANCE_CONFIG = "Invalid policy instance configuration"; + public static String MISSING_POLICY_IMPL_ID = "Missing policy impl id in request"; + public static String MISSING_POLICY_IMPL_CLASS = "Missing policy impl class in request"; + public static String INVALID_POLICY_IMPL_ID = "Invalid policy impl id in request"; + public static String MISSING_POLICY_INST_ID = "Missing policy id in request"; + public static String POLICY_INST_ID_ALREADY_USED = "policy id already used"; + public static String INVALID_POLICY_INST_ID = "Invalid policy id in request"; + public static String COMMA = ","; + public static String MISSING_POLICY_ORDERING = "Missing policy ordering"; + public static String BAD_CONFIGURATION_VAL = "Invalid configuration value."; + + private final static String LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE = + "LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE_3"; + + /** + * Constructs administration servlet. + */ + public ProfileAdminServlet() { + super(); + } + + /** + * Initializes this servlet. + */ + public void init(ServletConfig config) throws ServletException { + super.init(config); + String authority = config.getInitParameter(PROP_AUTHORITY); + + if (authority != null) + mAuthority = (IAuthority) CMS.getSubsystem(authority); + mRegistry = (IPluginRegistry) CMS.getSubsystem(CMS.SUBSYSTEM_REGISTRY); + mProfileSub = (IProfileSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_PROFILE); + } + + /** + * Returns serlvet information. + */ + public String getServletInfo() { + return INFO; + } + + private void addDefaultParams(Object ext_info, NameValuePairs nvps) { + + /* make sure policy rules have 'enable' and 'predicate' */ + + if (ext_info instanceof IPolicyRule) { + if (nvps.getPair(IPolicyRule.PROP_ENABLE) == null) { + nvps.add(IPolicyRule.PROP_ENABLE, "boolean;Enable this policy rule"); + } + if (nvps.getPair(PROP_PREDICATE) == null) { + nvps.add(PROP_PREDICATE, "string;Rules describing when this policy should run."); + } + } + } + + /** + * Serves HTTP admin request. + */ + public void service(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + super.service(req, resp); + + super.authenticate(req); + + AUTHZ_RES_NAME = "certServer.profile.configuration"; + String scope = req.getParameter(Constants.OP_SCOPE); + + CMS.debug("ProfileAdminServlet: service scope: " + scope); + if (scope.equals(ScopeDef.SC_PROFILE_RULES)) { + processProfileRuleMgmt(req, resp); + } else if (scope.equals(ScopeDef.SC_PROFILE_POLICIES)) { + processProfilePolicy(req, resp); + } else if (scope.equals(ScopeDef.SC_PROFILE_DEFAULT_POLICY)) { + processPolicyDefaultConfig(req, resp); + } else if (scope.equals(ScopeDef.SC_PROFILE_CONSTRAINT_POLICY)) { + processPolicyConstraintConfig(req, resp); + } else if (scope.equals(ScopeDef.SC_POLICY_IMPLS)) { + processPolicyImplMgmt(req, resp); + } else if (scope.equals(ScopeDef.SC_PROFILE_INPUT)) { + processProfileInput(req, resp); + } else if (scope.equals(ScopeDef.SC_PROFILE_OUTPUT)) { + processProfileOutput(req, resp); + } else if (scope.equals(ScopeDef.SC_PROFILE_INPUT_CONFIG)) { + processProfileInputConfig(req, resp); + } else if (scope.equals(ScopeDef.SC_PROFILE_OUTPUT_CONFIG)) { + processProfileOutputConfig(req, resp); + } else + sendResponse(ERROR, INVALID_POLICY_SCOPE, null, resp); + } + + private boolean readAuthorize(HttpServletRequest req, + HttpServletResponse resp) throws IOException { + mOp = "read"; + if ((mToken = super.authorize(req)) == null) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); + return false; + } + return true; + } + + private boolean modifyAuthorize(HttpServletRequest req, + HttpServletResponse resp) throws IOException { + mOp = "modify"; + if ((mToken = super.authorize(req)) == null) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); + return false; + } + return true; + } + + public void processProfilePolicy(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + // Get operation type + String op = req.getParameter(Constants.OP_TYPE); + + if (op.equals(OpDef.OP_READ)) { + if (!readAuthorize(req, resp)) + return; + getProfilePolicy(req, resp); + } else if (op.equals(OpDef.OP_ADD)) { + if (!modifyAuthorize(req, resp)) + return; + addProfilePolicy(req, resp); + } else if (op.equals(OpDef.OP_DELETE)) { + if (!modifyAuthorize(req, resp)) + return; + deleteProfilePolicy(req, resp); + } + } + + public void processProfileInput(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + // Get operation type + String op = req.getParameter(Constants.OP_TYPE); + String scope = super.getParameter(req, Constants.OP_SCOPE); + + if (op.equals(OpDef.OP_READ)) { + if (!readAuthorize(req, resp)) + return; + getProfileInput(req, resp); + } else if (op.equals(OpDef.OP_ADD)) { + if (!modifyAuthorize(req, resp)) + return; + addProfileInput(req, resp); + } else if (op.equals(OpDef.OP_DELETE)) { + if (!modifyAuthorize(req, resp)) + return; + deleteProfileInput(req, resp); + } + } + + public void processProfileOutput(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + // Get operation type + String op = req.getParameter(Constants.OP_TYPE); + String scope = super.getParameter(req, Constants.OP_SCOPE); + + if (op.equals(OpDef.OP_READ)) { + if (!readAuthorize(req, resp)) + return; + getProfileOutput(req, resp); + } else if (op.equals(OpDef.OP_ADD)) { + if (!modifyAuthorize(req, resp)) + return; + addProfileOutput(req, resp); + } else if (op.equals(OpDef.OP_DELETE)) { + if (!modifyAuthorize(req, resp)) + return; + deleteProfileOutput(req, resp); + } + } + + public void processProfileInputConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + // Get operation type + String op = req.getParameter(Constants.OP_TYPE); + + if (op.equals(OpDef.OP_READ)) { + if (!readAuthorize(req, resp)) + return; + getInputConfig(req, resp); + } else if (op.equals(OpDef.OP_MODIFY)) { + if (!modifyAuthorize(req, resp)) + return; + modifyInputConfig(req, resp); + } + } + + public void processProfileOutputConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + // Get operation type + String op = req.getParameter(Constants.OP_TYPE); + + if (op.equals(OpDef.OP_READ)) { + if (!readAuthorize(req, resp)) + return; + getOutputConfig(req, resp); + } else if (op.equals(OpDef.OP_MODIFY)) { + if (!modifyAuthorize(req, resp)) + return; + modifyOutputConfig(req, resp); + } + } + + public void processPolicyDefaultConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + // Get operation type + String op = req.getParameter(Constants.OP_TYPE); + + if (op.equals(OpDef.OP_READ)) { + if (!readAuthorize(req, resp)) + return; + getPolicyDefaultConfig(req, resp); + } else if (op.equals(OpDef.OP_ADD)) { + if (!modifyAuthorize(req, resp)) + return; + addPolicyDefaultConfig(req, resp); + } else if (op.equals(OpDef.OP_MODIFY)) { + if (!modifyAuthorize(req, resp)) + return; + modifyPolicyDefaultConfig(req, resp); + } + } + + public void processPolicyConstraintConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + // Get operation type + String op = req.getParameter(Constants.OP_TYPE); + + CMS.debug("ProfileAdminServlet: processPolicyConstraintConfig op " + op); + if (op.equals(OpDef.OP_READ)) { + if (!readAuthorize(req, resp)) + return; + getPolicyConstraintConfig(req, resp); + } else if (op.equals(OpDef.OP_ADD)) { + if (!modifyAuthorize(req, resp)) + return; + addPolicyConstraintConfig(req, resp); + } else if (op.equals(OpDef.OP_MODIFY)) { + if (!modifyAuthorize(req, resp)) + return; + modifyPolicyConstraintConfig(req, resp); + } + } + + /** + * Process Policy Implementation Management. + */ + public void processPolicyImplMgmt(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + // Get operation type + String op = req.getParameter(Constants.OP_TYPE); + + if (op.equals(OpDef.OP_SEARCH)) { + if (!readAuthorize(req, resp)) + return; + listProfileImpls(req, resp); + } else + sendResponse(ERROR, INVALID_POLICY_IMPL_OP, + null, resp); + } + + public void processProfileRuleMgmt(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + // Get operation type + String op = req.getParameter(Constants.OP_TYPE); + + if (op.equals(OpDef.OP_SEARCH)) { + if (!readAuthorize(req, resp)) + return; + listProfileInstances(req, resp); + } else if (op.equals(OpDef.OP_DELETE)) { + if (!modifyAuthorize(req, resp)) + return; + deleteProfileInstance(req, resp); + } else if (op.equals(OpDef.OP_READ)) { + if (!readAuthorize(req, resp)) + return; + getProfileInstanceConfig(req, resp); + } else if (op.equals(OpDef.OP_ADD)) { + if (!modifyAuthorize(req, resp)) + return; + addProfileInstance(req, resp); + } else if (op.equals(OpDef.OP_MODIFY)) { + if (!modifyAuthorize(req, resp)) + return; + modifyProfileInstance(req, resp); + } else + sendResponse(ERROR, INVALID_POLICY_IMPL_OP, + null, resp); + } + + /** + * Lists all registered profile impementations + */ + public void listProfileImpls(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + + Enumeration impls = mRegistry.getIds("profile"); + NameValuePairs nvp = new NameValuePairs(); + + while (impls.hasMoreElements()) { + String id = (String) impls.nextElement(); + IPluginInfo info = mRegistry.getPluginInfo("profile", id); + + nvp.add(id, info.getClassName() + "," + + info.getDescription(getLocale(req))); + } + sendResponse(SUCCESS, null, nvp, resp); + } + + /** + * Add policy profile + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void addProfilePolicy(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + CMS.debug("ProfileAdminServlet: in addProfilePolicy"); + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String id = req.getParameter(Constants.RS_ID); + + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String policyId = st.nextToken(); + String defImpl = st.nextToken(); + String conImpl = st.nextToken(); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + if (mProfileSub.isProfileEnable(profileId)) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), + "CMS_PROFILE_CREATE_POLICY_FAILED", + "Profile is currently enabled"), + null, resp); + return; + } + + StringTokenizer ss = new StringTokenizer(policyId, ":"); + String setId = ss.nextToken(); + String pId = ss.nextToken(); + + IProfilePolicy policy = null; + + try { + if (!isValidId(setId)) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), + "CMS_PROFILE_CREATE_POLICY_FAILED", + "Invalid set id " + setId), + null, resp); + return; + } + if (!isValidId(pId)) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), + "CMS_PROFILE_CREATE_POLICY_FAILED", + "Invalid policy id " + pId), + null, resp); + return; + } + policy = profile.createProfilePolicy(setId, pId, + defImpl, conImpl); + } catch (EBaseException e1) { + // error + CMS.debug("ProfileAdminServlet: addProfilePolicy " + + e1.toString()); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_PROFILE_CREATE_POLICY_FAILED", + e1.toString()), + null, resp); + return; + } + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Add profile input + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void addProfileInput(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String id = req.getParameter(Constants.RS_ID); + + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String inputId = st.nextToken(); + String inputImpl = st.nextToken(); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + IProfileInput input = null; + Enumeration names = req.getParameterNames(); + NameValuePairs nvps = new NameValuePairs(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + + if (name.equals("OP_SCOPE")) + continue; + if (name.equals("OP_TYPE")) + continue; + if (name.equals("RS_ID")) + continue; + nvps.add(name, req.getParameter(name)); + } + + try { + input = profile.createProfileInput(inputId, inputImpl, nvps); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_PROFILE_CREATE_INPUT_FAILED", + e1.toString()), + null, resp); + + return; + } + + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Add profile output + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void addProfileOutput(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String id = req.getParameter(Constants.RS_ID); + + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String outputId = st.nextToken(); + String outputImpl = st.nextToken(); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + IProfileOutput output = null; + Enumeration names = req.getParameterNames(); + NameValuePairs nvps = new NameValuePairs(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + + if (name.equals("OP_SCOPE")) + continue; + if (name.equals("OP_TYPE")) + continue; + if (name.equals("RS_ID")) + continue; + nvps.add(name, req.getParameter(name)); + } + + try { + output = profile.createProfileOutput(outputId, outputImpl, + nvps); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_PROFILE_CREATE_OUTPUT_FAILED", + e1.toString()), + null, resp); + + return; + } + + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Delete policy profile + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void deleteProfilePolicy(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String profileId = ""; + String policyId = ""; + Enumeration names = req.getParameterNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + + if (name.equals("OP_SCOPE")) + continue; + if (name.equals("OP_TYPE")) + continue; + if (name.equals("RS_ID")) + profileId = req.getParameter(name); + if (name.equals("POLICYID")) + policyId = req.getParameter(name); + } + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + StringTokenizer ss = new StringTokenizer(policyId, ":"); + String setId = ss.nextToken(); + String pId = ss.nextToken(); + + try { + profile.deleteProfilePolicy(setId, pId); + } catch (EBaseException e1) { + CMS.debug("ProfileAdminServlet: " + e1.toString()); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Delete profile input + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void deleteProfileInput(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String profileId = ""; + String inputId = ""; + Enumeration names = req.getParameterNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + + if (name.equals("OP_SCOPE")) + continue; + if (name.equals("OP_TYPE")) + continue; + if (name.equals("RS_ID")) + profileId = req.getParameter(name); + if (name.equals("INPUTID")) + inputId = req.getParameter(name); + } + CMS.debug("ProfileAdminServlet: deleteProfileInput profileId -> " + profileId); + CMS.debug("ProfileAdminServlet: deleteProfileInput inputId -> " + inputId); + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + CMS.debug("deleteProfileInput profile -> " + profile); + try { + profile.deleteProfileInput(inputId); + } catch (EBaseException e1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Delete profile output + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void deleteProfileOutput(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String profileId = ""; + String outputId = ""; + Enumeration names = req.getParameterNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + + if (name.equals("OP_SCOPE")) + continue; + if (name.equals("OP_TYPE")) + continue; + if (name.equals("RS_ID")) + profileId = req.getParameter(name); + if (name.equals("OUTPUTID")) + outputId = req.getParameter(name); + } + CMS.debug("ProfileAdminServlet: deleteProfileOutput profileId -> " + profileId); + CMS.debug("ProfileAdminServlet: deleteProfileOutput outputId -> " + outputId); + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + CMS.debug("ProfileAdminServlet: deleteProfileOutput profile -> " + profile); + try { + profile.deleteProfileOutput(outputId); + } catch (EBaseException e1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Add default policy profile configuration + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void addPolicyDefaultConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String id = req.getParameter(Constants.RS_ID); + + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String policyId = st.nextToken(); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + StringTokenizer ss = new StringTokenizer(policyId, ":"); + String setId = ss.nextToken(); + String pId = ss.nextToken(); + + IProfilePolicy policy = profile.getProfilePolicy(setId, pId); + IPolicyDefault def = policy.getDefault(); + IConfigStore defConfig = def.getConfigStore(); + + Enumeration names = req.getParameterNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + + if (name.equals("OP_SCOPE")) + continue; + if (name.equals("OP_TYPE")) + continue; + if (name.equals("RS_ID")) + continue; + try { + def.setConfig(name,req.getParameter(name)); + + } catch (EPropertyException e) { + + CMS.debug("ProfileAdminServlet: modifyPolicyDefConfig setConfig exception."); + try { + profile.deleteProfilePolicy(setId, pId); + } catch (Exception e11) {} + sendResponse(ERROR,BAD_CONFIGURATION_VAL,null,resp); + return; + } + // defConfig.putString("params." + name, req.getParameter(name)); + } + try { + profile.getConfigStore().commit(false); + } catch (Exception e) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Add policy constraints profile configuration + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void addPolicyConstraintConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String id = req.getParameter(Constants.RS_ID); + + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String policyId = st.nextToken(); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + StringTokenizer ss = new StringTokenizer(policyId, ":"); + String setId = ss.nextToken(); + String pId = ss.nextToken(); + + IProfilePolicy policy = profile.getProfilePolicy(setId, pId); + IPolicyConstraint con = policy.getConstraint(); + IConfigStore conConfig = con.getConfigStore(); + + Enumeration names = req.getParameterNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + + if (name.equals("OP_SCOPE")) + continue; + if (name.equals("OP_TYPE")) + continue; + if (name.equals("RS_ID")) + continue; + + try { + con.setConfig(name,req.getParameter(name)); + + } catch (EPropertyException e) { + + CMS.debug("ProfileAdminServlet: addPolicyConstraintsConfig setConfig exception."); + try { + profile.deleteProfilePolicy(setId, pId); + } catch (Exception e11) {} + sendResponse(ERROR,BAD_CONFIGURATION_VAL,null,resp); + return; + } + // conConfig.putString("params." + name, req.getParameter(name)); + } + try { + profile.getConfigStore().commit(false); + } catch (Exception e) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Modify default policy profile configuration + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void modifyPolicyDefaultConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String id = req.getParameter(Constants.RS_ID); + + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String policyId = st.nextToken(); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + StringTokenizer ss = new StringTokenizer(policyId, ":"); + String setId = ss.nextToken(); + String pId = ss.nextToken(); + IProfilePolicy policy = profile.getProfilePolicy(setId, pId); + IPolicyDefault def = policy.getDefault(); + IConfigStore defConfig = def.getConfigStore(); + + Enumeration names = req.getParameterNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + + if (name.equals("OP_SCOPE")) + continue; + if (name.equals("OP_TYPE")) + continue; + if (name.equals("RS_ID")) + continue; + try { + def.setConfig(name,req.getParameter(name)); + + } catch (EPropertyException e) { + + CMS.debug("ProfileAdminServlet: modifyPolicyDefConfig setConfig exception."); + sendResponse(ERROR,BAD_CONFIGURATION_VAL,null,resp); + return; + } + // defConfig.putString("params." + name, req.getParameter(name)); + } + try { + profile.getConfigStore().commit(false); + } catch (Exception e) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Modify profile input configuration + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void modifyInputConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String id = req.getParameter(Constants.RS_ID); + + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String inputId = st.nextToken(); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + IProfileInput input = profile.getProfileInput(inputId); + IConfigStore inputConfig = input.getConfigStore(); + + Enumeration names = req.getParameterNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + + if (name.equals("OP_SCOPE")) + continue; + if (name.equals("OP_TYPE")) + continue; + if (name.equals("RS_ID")) + continue; + inputConfig.putString("params." + name, req.getParameter(name)); + } + try { + profile.getConfigStore().commit(false); + } catch (Exception e) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Modify profile output configuration + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void modifyOutputConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String id = req.getParameter(Constants.RS_ID); + + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String outputId = st.nextToken(); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + IProfileOutput output = profile.getProfileOutput(outputId); + IConfigStore outputConfig = output.getConfigStore(); + + Enumeration names = req.getParameterNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + + if (name.equals("OP_SCOPE")) + continue; + if (name.equals("OP_TYPE")) + continue; + if (name.equals("RS_ID")) + continue; + outputConfig.putString("params." + name, + req.getParameter(name)); + } + try { + profile.getConfigStore().commit(false); + } catch (Exception e) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Modify policy constraints profile configuration + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void modifyPolicyConstraintConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + String id = req.getParameter(Constants.RS_ID); + + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String policyId = st.nextToken(); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + StringTokenizer ss = new StringTokenizer(policyId, ":"); + String setId = ss.nextToken(); + String pId = ss.nextToken(); + IProfilePolicy policy = profile.getProfilePolicy(setId, pId); + IPolicyConstraint con = policy.getConstraint(); + IConfigStore conConfig = con.getConfigStore(); + + Enumeration names = req.getParameterNames(); + + CMS.debug("ProfileAdminServlet: modifyPolicyConstraintConfig policy " + policy + " con " + con); + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + + if (name.equals("OP_SCOPE")) + continue; + if (name.equals("OP_TYPE")) + continue; + if (name.equals("RS_ID")) + continue; + + // CMS.debug("ProfileAdminServlet: modifyPolicyConstraintConfig name" + name + " val " + req.getParameter(name)); + try { + con.setConfig(name,req.getParameter(name)); + + } catch (EPropertyException e) { + + CMS.debug("ProfileAdminServlet: modifyPolicyConstraintsConfig setConfig exception."); + sendResponse(ERROR,BAD_CONFIGURATION_VAL,null,resp); + return; + } + //conConfig.putString("params." + name, req.getParameter(name)); + } + try { + profile.getConfigStore().commit(false); + } catch (Exception e) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + NameValuePairs nvp = new NameValuePairs(); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, nvp, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + public void getPolicyDefaultConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String id = req.getParameter(Constants.RS_ID); + + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String policyId = st.nextToken(); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + CMS.debug( "ProfileAdminServlet::getPolicyDefaultConfig() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); + } + + IProfilePolicy policy = null; + IPolicyDefault rule = null; + + StringTokenizer ss = new StringTokenizer(policyId, ":"); + String setId = ss.nextToken(); + String pId = ss.nextToken(); + + policy = profile.getProfilePolicy(setId, pId); + rule = policy.getDefault(); + + NameValuePairs nvp = new NameValuePairs(); + Enumeration names = rule.getConfigNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + IDescriptor desc = rule.getConfigDescriptor(getLocale(req), name); + + if (desc == null) { + nvp.add(name, ";" + ";" + rule.getConfig(name)); + } else { + nvp.add(name, desc.getSyntax() + ";" + ";" + getNonNull(desc.getConstraint()) + ";" + desc.getDescription(getLocale(req)) + ";" + rule.getConfig(name)); + } + } + sendResponse(SUCCESS, null, nvp, resp); + } + + public void getPolicyConstraintConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String id = req.getParameter(Constants.RS_ID); + String constraintsList = req.getParameter(Constants.PR_CONSTRAINTS_LIST); + + // this one gets called when one of the elements in the default list get + // selected, then it returns the list of supported constraintsPolicy + if (constraintsList != null) { + + } + + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String policyId = st.nextToken(); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + CMS.debug( "ProfileAdminServlet::getPolicyConstraintConfig() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); + } + + StringTokenizer ss = new StringTokenizer(policyId, ":"); + String setId = ss.nextToken(); + String pId = ss.nextToken(); + IProfilePolicy policy = profile.getProfilePolicy(setId, pId); + IPolicyConstraint rule = policy.getConstraint(); + + NameValuePairs nvp = new NameValuePairs(); + Enumeration names = rule.getConfigNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + IDescriptor desc = rule.getConfigDescriptor(getLocale(req), name); + + if (desc == null) { + nvp.add(name, ";" + rule.getConfig(name)); + } else { + nvp.add(name, desc.getSyntax() + ";" + getNonNull(desc.getConstraint()) + ";" + desc.getDescription(getLocale(req)) + ";" + rule.getConfig(name)); + } + } + sendResponse(SUCCESS, null, nvp, resp); + } + + public void getProfilePolicy(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String id = req.getParameter(Constants.RS_ID); + + // only allow profile retrival if it is disabled + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(id); + } catch (EBaseException e1) { + CMS.debug( "ProfileAdminServlet::getProfilePolicy() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); + } + + NameValuePairs nvp = new NameValuePairs(); + Enumeration setIds = profile.getProfilePolicySetIds(); + + if (!setIds.hasMoreElements()) { + // no set id; this is a brand new profile + sendResponse(SUCCESS, null, nvp, resp); + return; + } + while (setIds.hasMoreElements()) { + String setId = (String) setIds.nextElement(); + Enumeration policies = profile.getProfilePolicies(setId); + + while (policies.hasMoreElements()) { + IProfilePolicy policy = (IProfilePolicy) policies.nextElement(); + IPolicyDefault def = policy.getDefault(); + IConfigStore defConfig = def.getConfigStore(); + IPolicyConstraint con = policy.getConstraint(); + IConfigStore conConfig = con.getConfigStore(); + + nvp.add(setId + ":" + policy.getId(), + def.getName(getLocale(req)) + ";" + + con.getName(getLocale(req))); + } + } + + sendResponse(SUCCESS, null, nvp, resp); + } + + public void getProfileOutput(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String id = req.getParameter(Constants.RS_ID); + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(id); + } catch (EBaseException e1) { + CMS.debug( "ProfileAdminServlet::getProfileOutput() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); + } + + NameValuePairs nvp = new NameValuePairs(); + Enumeration outputs = profile.getProfileOutputIds(); + + while (outputs.hasMoreElements()) { + String outputId = (String) outputs.nextElement(); + IProfileOutput output = profile.getProfileOutput(outputId); + + nvp.add(outputId, output.getName(getLocale(req))); + } + + sendResponse(SUCCESS, null, nvp, resp); + } + + public void getProfileInput(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String id = req.getParameter(Constants.RS_ID); + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(id); + } catch (EBaseException e1) { + CMS.debug( "ProfileAdminServlet::getProfileInput() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); + } + + NameValuePairs nvp = new NameValuePairs(); + Enumeration inputs = profile.getProfileInputIds(); + + while (inputs.hasMoreElements()) { + String inputId = (String) inputs.nextElement(); + IProfileInput input = profile.getProfileInput(inputId); + + nvp.add(inputId, input.getName(getLocale(req))); + } + + sendResponse(SUCCESS, null, nvp, resp); + } + + public void getInputConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + + String id = req.getParameter(Constants.RS_ID); + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String inputId = st.nextToken(); + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + CMS.debug( "ProfileAdminServlet::getInputConfig() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); + } + + IProfileInput profileInput = null; + NameValuePairs nvp = new NameValuePairs(); + + profileInput = profile.getProfileInput(inputId); + Enumeration names = profileInput.getConfigNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + IDescriptor desc = profileInput.getConfigDescriptor( + getLocale(req), name); + if (desc == null) { + nvp.add(name, ";" + ";" + profileInput.getConfig(name)); + } else { + nvp.add(name, desc.getSyntax() + ";" + + getNonNull(desc.getConstraint()) + ";" + + desc.getDescription(getLocale(req)) + ";" + + profileInput.getConfig(name)); + } + } + + sendResponse(SUCCESS, null, nvp, resp); + } + + public void getOutputConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + + String id = req.getParameter(Constants.RS_ID); + StringTokenizer st = new StringTokenizer(id, ";"); + String profileId = st.nextToken(); + String outputId = st.nextToken(); + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + CMS.debug( "ProfileAdminServlet::getOutputConfig() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); + } + + IProfileOutput profileOutput = null; + NameValuePairs nvp = new NameValuePairs(); + + profileOutput = profile.getProfileOutput(outputId); + Enumeration names = profileOutput.getConfigNames(); + + while (names.hasMoreElements()) { + String name = (String) names.nextElement(); + IDescriptor desc = profileOutput.getConfigDescriptor( + getLocale(req), name); + if (desc == null) { + nvp.add(name, ";" + ";" + profileOutput.getConfig(name)); + } else { + nvp.add(name, desc.getSyntax() + ";" + + getNonNull(desc.getConstraint()) + ";" + + desc.getDescription(getLocale(req)) + ";" + + profileOutput.getConfig(name)); + } + } + + sendResponse(SUCCESS, null, nvp, resp); + } + + public void listProfileInstances(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + + NameValuePairs nvp = new NameValuePairs(); + Enumeration e = mProfileSub.getProfileIds(); + + while (e.hasMoreElements()) { + String profileId = (String) e.nextElement(); + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(profileId); + } catch (EBaseException e1) { + // error + } + + String status = null; + + if (mProfileSub.isProfileEnable(profileId)) { + status = "enabled"; + } else { + status = "disabled"; + } + + // mInstanceId + ";visible;" + enabled + nvp.add(profileId, profileId + ";visible;" + status); + } + sendResponse(SUCCESS, null, nvp, resp); + } + + public void getProfileInstanceConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + + String id = req.getParameter(Constants.RS_ID); + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(id); + } catch (EBaseException e1) { + CMS.debug( "ProfileAdminServlet::getProfileInstanceConfig() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); + } + + NameValuePairs nvp = new NameValuePairs(); + + nvp.add("name", profile.getName(getLocale(req))); + nvp.add("desc", profile.getDescription(getLocale(req))); + nvp.add("visible", Boolean.toString(profile.isVisible())); + nvp.add("enable", Boolean.toString( + mProfileSub.isProfileEnable(id))); + + String authid = profile.getAuthenticatorId(); + + if (authid == null) { + nvp.add("auth", ""); + } else { + nvp.add("auth", authid); + } + CMS.debug("ProfileAdminServlet: authid=" + authid); + nvp.add("plugin", mProfileSub.getProfileClassId(id)); + + sendResponse(SUCCESS, null, nvp, resp); + } + + /** + * Delete profile instance + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void deleteProfileInstance(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + // Get the policy impl id and class path. + String id = req.getParameter(Constants.RS_ID); + + if (id == null) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, MISSING_POLICY_INST_ID, null, resp); + return; + } + + String config = null; + + ISubsystem subsystem = CMS.getSubsystem("ca"); + String subname = "ca"; + + if (subsystem == null) + subname = "ra"; + + try { + config = CMS.getConfigStore().getString("instanceRoot") + + "/profiles/" + subname + "/" + id + ".cfg"; + } catch (EBaseException e) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + try { + mProfileSub.deleteProfile(id, config); + } catch (EProfileException e) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), e.toString(), id), null, resp); + return; + } + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, null, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + public void + putUserPWPair(String combo) { + int semicolon; + + semicolon = combo.indexOf(";"); + String user = combo.substring(0, semicolon); + String pw = combo.substring(semicolon + 1); + + CMS.putPasswordCache(user, pw); + } + + public boolean isValidId(String id) + { + for (int i = 0; i < id.length(); i++) { + char c = id.charAt(i); + if (!Character.isLetterOrDigit(c)) + return false; + } + return true; + } + + /** + * Add profile instance + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void addProfileInstance(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + // Get the policy impl id and class path. + String id = req.getParameter(Constants.RS_ID); + + if (id == null || id.trim().equals("") || !isValidId(id)) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, MISSING_POLICY_INST_ID, null, resp); + return; + } + + // see if profile id already used + IProfile p = null; + + try { + p = mProfileSub.getProfile(id); + } catch (EProfileException e1) { + } + if (p != null) { + sendResponse(ERROR, POLICY_INST_ID_ALREADY_USED, null, resp); + return; + } + + String impl = req.getParameter("impl"); + String name = req.getParameter("name"); + String desc = req.getParameter("desc"); + String visible = req.getParameter("visible"); + String auth = req.getParameter("auth"); + String config = null; + + ISubsystem subsystem = CMS.getSubsystem("ca"); + String subname = "ca"; + + if (subsystem == null) + subname = "ra"; + + try { + config = CMS.getConfigStore().getString("instanceRoot") + "/profiles/" + subname + "/" + id + ".cfg"; + } catch (EBaseException e) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + IPluginInfo info = mRegistry.getPluginInfo("profile", impl); + + IProfile profile = null; + + // create configuration file + File configFile = new File(config); + + configFile.createNewFile(); + + // create profile + try { + profile = mProfileSub.createProfile(id, impl, + info.getClassName(), + config); + profile.setName(getLocale(req), name); + profile.setDescription(getLocale(req), name); + if (visible != null && visible.equals("true")) { + profile.setVisible(true); + } else { + profile.setVisible(false); + } + profile.setAuthenticatorId(auth); + profile.getConfigStore().commit(false); + + mProfileSub.createProfileConfig(id, impl, config); + if (profile instanceof IProfileEx) { + // populates profile specific plugins such as + // policies, inputs and outputs + ((IProfileEx)profile).populate(); + } + } catch (Exception e) { + CMS.debug("ProfileAdminServlet: " + e.toString()); + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + sendResponse(SUCCESS, null, null, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + /** + * Modify profile instance + *

+ * + *

+ * @param req HTTP servlet request + * @param resp HTTP servlet response + * @exception ServletException a servlet error has occurred + * @exception IOException an input/output error has occurred + */ + public void modifyProfileInstance(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String auditMessage = null; + String auditSubjectID = auditSubjectID(); + + // ensure that any low-level exceptions are reported + // to the signed audit log and stored as failures + try { + // Get the policy impl id and class path. + String id = req.getParameter(Constants.RS_ID); + + IProfile profile = null; + + try { + profile = mProfileSub.getProfile(id); + } catch (EBaseException e1) { + // error + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + sendResponse(ERROR, null, null, resp); + return; + } + String name = req.getParameter("name"); + String desc = req.getParameter("desc"); + String auth = req.getParameter("auth"); + String visible = req.getParameter("visible"); + + // String config = req.getParameter("config"); + + profile.setAuthenticatorId(auth); + profile.setName(getLocale(req), name); + profile.setDescription(getLocale(req), desc); + if (visible != null && visible.equals("true")) { + profile.setVisible(true); + } else { + profile.setVisible(false); + } + + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); + + audit(auditMessage); + + try { + profile.getConfigStore().commit(false); + } catch (Exception e) { + } + + sendResponse(SUCCESS, null, null, resp); + } catch (IOException eAudit1) { + // store a message in the signed audit log file + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + + // rethrow the specific exception to be handled later + throw eAudit1; + // } catch( ServletException eAudit2 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit2; + } + } + + protected String getNonNull(String s) { + if (s == null) + return ""; + return s; + } + +} + -- cgit