From 7bd2ef6e598edb17aa11aef34bbd8024323445a6 Mon Sep 17 00:00:00 2001 From: mharmsen Date: Tue, 19 May 2009 23:30:04 +0000 Subject: Bugzilla Bug #491517 - pkisilent Configure RA and TPS fail (port separation changes only) Bugzilla Bug #495676 - pkisilent ConfigureCA failure on AdminCertImportPanel Bugzilla Bug #500748 - pki-silent : issues due to port separation changes (only addressed CA, KRA, OCSP, and TKS) git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@460 c9f7a03b-bd48-0410-a16d-cbbf54688b0b --- pki/base/silent/src/tps/ConfigureTPS.java | 113 ++++++++++++++++++++---------- 1 file changed, 77 insertions(+), 36 deletions(-) (limited to 'pki/base/silent/src/tps/ConfigureTPS.java') diff --git a/pki/base/silent/src/tps/ConfigureTPS.java b/pki/base/silent/src/tps/ConfigureTPS.java index 753caa5f3..3d2c0ad4c 100644 --- a/pki/base/silent/src/tps/ConfigureTPS.java +++ b/pki/base/silent/src/tps/ConfigureTPS.java @@ -55,24 +55,28 @@ public class ConfigureTPS public static String login_uri = "/tps/admin/console/config/login"; public static String wizard_uri = "/tps/admin/console/config/wizard"; - public static String domain_uri = "/tps/ee/ca/domain"; - public static String ee_uri = "/ca/ee/ca/getBySerial"; + public static String admin_uri = "/ca/admin/ca/getBySerial"; public static String sd_login_uri = "/ca/admin/ca/securityDomainLogin"; public static String sd_get_cookie_uri = "/ca/admin/ca/getCookie"; + public static String sd_update_domain_uri = "/ca/agent/ca/updateDomainXML"; public static String pkcs12_uri = "/tps/admin/console/config/savepkcs12"; public static String cs_hostname = null; public static String cs_port = null; + public static String cs_clientauth_port = null; public static String sd_hostname = null; public static String sd_ssl_port = null; + public static String sd_agent_port = null; + public static String sd_admin_port = null; public static String sd_admin_name = null; public static String sd_admin_password = null; public static String ca_hostname = null; public static String ca_port = null; public static String ca_ssl_port = null; + public static String ca_admin_port = null; public static String drm_hostname = null; public static String drm_ssl_port = null; @@ -147,6 +151,11 @@ public class ConfigureTPS public static String subsystem_name = null; public static String tps_audit_signing_cert_subject_name = null; + // Security Domain Login Panel + public static String tps_session_id = null; + + // Admin Certificate Request Panel + public static String requestor_name = null; public ConfigureTPS () { @@ -176,7 +185,7 @@ public class ConfigureTPS String query_string = "pin=" + pin + "&xml=true"; - hr = hc.nonsslConnect(cs_hostname,cs_port,login_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,login_uri,query_string); System.out.println("xml returned: " + hr.getHTML()); // parse xml here - nothing to parse @@ -193,7 +202,7 @@ public class ConfigureTPS } hr = null; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri, + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri, "p=0&op=next&xml=true"); // parse xml here @@ -215,7 +224,7 @@ public class ConfigureTPS ParseXML px = new ParseXML(); - String domain_url = "https://" + sd_hostname + ":" + sd_ssl_port ; + String domain_url = "https://" + sd_hostname + ":" + sd_admin_port ; String query_string = "sdomainURL=" + URLEncoder.encode(domain_url) + @@ -224,7 +233,7 @@ public class ConfigureTPS "&op=next" + "&xml=true"; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); @@ -244,7 +253,7 @@ public class ConfigureTPS String query_string = null; query_string = "p=2" + "&op=next" + "&xml=true"; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); return true; @@ -264,19 +273,19 @@ public class ConfigureTPS String query_string = "url=" + URLEncoder.encode(tps_url); - hr = hc.sslConnect(sd_hostname,sd_ssl_port,sd_login_uri,query_string); + hr = hc.sslConnect(sd_hostname,sd_admin_port,sd_login_uri,query_string); String query_string_1 = "uid=" + sd_admin_name + "&pwd=" + sd_admin_password + "&url=" + URLEncoder.encode(tps_url) ; - hr = hc.sslConnect(sd_hostname,sd_ssl_port,sd_get_cookie_uri, + hr = hc.sslConnect(sd_hostname,sd_admin_port,sd_get_cookie_uri, query_string_1); // get session id from security domain sleep_time(); - String tps_session_id = hr.getContentValue("header.session_id"); + tps_session_id = hr.getContentValue("header.session_id"); String tps_url_1 = hr.getContentValue("header.url"); System.out.println("TPS_SESSION_ID=" + tps_session_id ); @@ -289,7 +298,7 @@ public class ConfigureTPS "&subsystem=TPS" + "&xml=true" ; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri, + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri, query_string_2); // parse xml - no parsing @@ -311,7 +320,7 @@ public class ConfigureTPS URLEncoder.encode(subsystem_name) + "&choice=newsubsystem" ; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); px.parse(bais); @@ -325,7 +334,7 @@ public class ConfigureTPS "&urls=" + URLEncoder.encode(ca_url) ; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); px.parse(bais); @@ -339,7 +348,7 @@ public class ConfigureTPS URLEncoder.encode(tks_url) ; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); px.parse(bais); @@ -360,7 +369,7 @@ public class ConfigureTPS URLEncoder.encode(drm_url) + "&choice=" + ss_keygen ; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); px.parse(bais); @@ -384,7 +393,7 @@ public class ConfigureTPS "&basedn=" + URLEncoder.encode(ldap_auth_base_dn) + ""; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); @@ -412,7 +421,7 @@ public class ConfigureTPS "&display=" + URLEncoder.encode("") + ""; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); @@ -439,7 +448,7 @@ public class ConfigureTPS "&choice=" + URLEncoder.encode("NSS Certificate DB") + ""; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); px.parse(bais); @@ -455,7 +464,7 @@ public class ConfigureTPS "&__uPasswd=" + URLEncoder.encode(token_pwd) + ""; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); px.parse(bais); @@ -466,7 +475,7 @@ public class ConfigureTPS "&choice=" + URLEncoder.encode(token_name) + ""; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); px.parse(bais); @@ -503,7 +512,7 @@ public class ConfigureTPS "&choice=custom"+ ""; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); @@ -537,7 +546,7 @@ public class ConfigureTPS URLEncoder.encode(ca_url) + ""; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); @@ -570,7 +579,7 @@ public class ConfigureTPS "&audit_signing_cc=" + ""; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); @@ -588,7 +597,7 @@ public class ConfigureTPS ParseXML px = new ParseXML(); String admin_cert_request = null; - String cert_subject = "CN=" + "tps-" + admin_user; + requestor_name = "TPS-" + cs_hostname + "-" + cs_clientauth_port; ComCrypto cCrypt = new ComCrypto(client_certdb_dir, client_certdb_pwd, @@ -618,17 +627,23 @@ public class ConfigureTPS "&__pwd=" + admin_password + "&__admin_password_again=" + admin_password + "&profileId=" + "caAdminCert" + + "&requestor_name=" + requestor_name + "&email=" + URLEncoder.encode(admin_email) + "&cert_request=" + URLEncoder.encode(admin_cert_request) + - "&subject=" + agent_cert_subject + - "&clone=0" + + "&subject=" + + URLEncoder.encode(agent_cert_subject) + + "&clone=new" + "&import=true" + - "&securitydomain=" + domain_name + + "&securitydomain=" + + URLEncoder.encode(domain_name) + + "&sessionID=" + tps_session_id + + "&auth_hostname=" + ca_hostname + + "&auth_port=" + ca_ssl_port + ""; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect(cs_hostname,cs_port,wizard_uri,query_string); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); @@ -646,13 +661,18 @@ public class ConfigureTPS HTTPResponse hr = null; ByteArrayInputStream bais = null; ParseXML px = new ParseXML(); + String cert_to_import = null; String query_string = "serialNumber=" + admin_serial_number + "&importCert=" + "true" + ""; - hr = hc.sslConnect(ca_hostname,ca_ssl_port,ee_uri,query_string); - String cert_to_import = null; + // NOTE: CA, DRM, OCSP, and TKS use the Security Domain Admin Port; + // whereas RA and TPS use the CA Admin Port associated with + // the 'CA choice panel' as invoked from the SubsystemPanel() + // which MAY or MAY NOT be the same CA as the CA specified + // by the Security Domain. + hr = hc.sslConnect(ca_hostname,ca_admin_port,admin_uri,query_string); try { @@ -698,11 +718,16 @@ public class ConfigureTPS ParseXML px = new ParseXML(); String query_string = "p=15" + "&op=next" + "&xml=true" + - "&caHost=" + URLEncoder.encode(ca_hostname) + - "&caPort=" + URLEncoder.encode(ca_ssl_port) + - ""; + "&list=" + "TPSList" + + "&type=" + "TPS" + + "&host=" + URLEncoder.encode(cs_hostname) + + "&name=" + URLEncoder.encode(subsystem_name) + + "&sport=" + URLEncoder.encode(cs_clientauth_port) + + "&dm=false" + + ""; - hr = hc.nonsslConnect(cs_hostname,cs_port,wizard_uri,query_string); + hr = hc.sslConnect( sd_hostname, sd_agent_port, + sd_update_domain_uri, query_string ); // parse xml bais = new ByteArrayInputStream(hr.getHTML().getBytes()); @@ -864,15 +889,19 @@ public class ConfigureTPS // set variables StringHolder x_cs_hostname = new StringHolder(); StringHolder x_cs_port = new StringHolder(); + StringHolder x_cs_clientauth_port = new StringHolder(); StringHolder x_sd_hostname = new StringHolder(); StringHolder x_sd_ssl_port = new StringHolder(); + StringHolder x_sd_agent_port = new StringHolder(); + StringHolder x_sd_admin_port = new StringHolder(); StringHolder x_sd_admin_name = new StringHolder(); StringHolder x_sd_admin_password = new StringHolder(); StringHolder x_ca_hostname = new StringHolder(); StringHolder x_ca_port = new StringHolder(); StringHolder x_ca_ssl_port = new StringHolder(); + StringHolder x_ca_admin_port = new StringHolder(); StringHolder x_drm_hostname = new StringHolder(); StringHolder x_drm_ssl_port = new StringHolder(); @@ -934,11 +963,17 @@ public class ConfigureTPS x_cs_hostname); parser.addOption ("-cs_port %s #CS SSL port", x_cs_port); + parser.addOption ("-cs_clientauth_port %s #CS SSL port", + x_cs_clientauth_port); parser.addOption ("-sd_hostname %s #Security Domain Hostname", x_sd_hostname); - parser.addOption ("-sd_ssl_port %s #Security Domain SSL port", + parser.addOption ("-sd_ssl_port %s #Security Domain SSL EE port", x_sd_ssl_port); + parser.addOption ("-sd_agent_port %s #Security Domain SSL Agent port", + x_sd_agent_port); + parser.addOption ("-sd_admin_port %s #Security Domain SSL Admin port", + x_sd_admin_port); parser.addOption ("-sd_admin_name %s #Security Domain username", x_sd_admin_name); parser.addOption ("-sd_admin_password %s #Security Domain password", @@ -946,10 +981,12 @@ public class ConfigureTPS parser.addOption ("-ca_hostname %s #CA Hostname", x_ca_hostname); - parser.addOption ("-ca_port %s #CA non SSL port", + parser.addOption ("-ca_port %s #CA non-SSL port", x_ca_port); parser.addOption ("-ca_ssl_port %s #CA SSL port", x_ca_ssl_port); + parser.addOption ("-ca_admin_port %s #CA SSL Admin port", + x_ca_admin_port); parser.addOption ("-drm_hostname %s #DRM Hostname", x_drm_hostname); @@ -1045,15 +1082,19 @@ public class ConfigureTPS // set variables cs_hostname = x_cs_hostname.value; cs_port = x_cs_port.value; + cs_clientauth_port = x_cs_clientauth_port.value; sd_hostname = x_sd_hostname.value; sd_ssl_port = x_sd_ssl_port.value; + sd_agent_port = x_sd_agent_port.value; + sd_admin_port = x_sd_admin_port.value; sd_admin_name = x_sd_admin_name.value; sd_admin_password = x_sd_admin_password.value; ca_hostname = x_ca_hostname.value; ca_port = x_ca_port.value; ca_ssl_port = x_ca_ssl_port.value; + ca_admin_port = x_ca_admin_port.value; tks_hostname = x_tks_hostname.value; tks_ssl_port = x_tks_ssl_port.value; -- cgit