* public class CAAdminServlet extends AdminServlet {
* ...
* }
*
*
* @version $Revision$, $Date$
*/
public class AdminServlet extends HttpServlet {
/**
*
*/
private static final long serialVersionUID = 7740464244137421542L;
private final static String HDR_AUTHORIZATION = "Authorization";
private final static String HDR_LANG = "accept-language";
protected ILogger mLogger = CMS.getLogger();
protected IAuditor auditor = CMS.getAuditor();
private IUGSubsystem mUG = null;
protected IConfigStore mConfig = null;
protected IAuthzSubsystem mAuthz = null;
// we don't allow to switch authz db mid-way, for now
protected String mAclMethod = null;
protected String mOp = "";
protected static String AUTHZ_RES_NAME = "certServer";
protected AuthzToken mToken;
private String mServletID = null;
public final static String PROP_AUTHZ_MGR = "AuthzMgr";
public final static String PROP_ACL = "ACLinfo";
public final static String AUTHZ_MGR_BASIC = "BasicAclAuthz";
public final static String AUTHZ_MGR_LDAP = "DirAclAuthz";
public final static String PROP_ID = "ID";
public final static String AUTHZ_CONFIG_STORE = "authz";
public final static String AUTHZ_SRC_TYPE = "sourceType";
public final static String AUTHZ_SRC_LDAP = "ldap";
public final static String AUTHZ_SRC_XML = "web.xml";
public static final String CERT_ATTR =
"javax.servlet.request.X509Certificate";
private final static String LOGGING_SIGNED_AUDIT_AUTH_FAIL =
"LOGGING_SIGNED_AUDIT_AUTH_FAIL_4";
private final static String LOGGING_SIGNED_AUDIT_AUTH_SUCCESS =
"LOGGING_SIGNED_AUDIT_AUTH_SUCCESS_3";
private final static String LOGGING_SIGNED_AUDIT_AUTHZ_FAIL =
"LOGGING_SIGNED_AUDIT_AUTHZ_FAIL_4";
private final static String LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS =
"LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS_4";
private final static String LOGGING_SIGNED_AUDIT_ROLE_ASSUME =
"LOGGING_SIGNED_AUDIT_ROLE_ASSUME_3";
private final static String CERTUSERDB =
IAuthSubsystem.CERTUSERDB_AUTHMGR_ID;
private final static String PASSWDUSERDB =
IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID;
/**
* Constructs generic administration servlet.
*/
public AdminServlet() {
}
/**
* Initializes the servlet.
*/
public void init(ServletConfig sc) throws ServletException {
super.init(sc);
mUG = (IUGSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_UG);
mConfig = CMS.getConfigStore();
String srcType = AUTHZ_SRC_LDAP;
try {
IConfigStore authzConfig = mConfig.getSubStore(AUTHZ_CONFIG_STORE);
srcType = authzConfig.getString(AUTHZ_SRC_TYPE, AUTHZ_SRC_LDAP);
} catch (EBaseException e) {
CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_FAIL_SRC_TYPE"));
}
mAuthz =
(IAuthzSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_AUTHZ);
mServletID = getSCparam(sc, PROP_ID, "servlet id unknown");
CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_AUTHZ_INITED", mServletID));
if (srcType.equalsIgnoreCase(AUTHZ_SRC_XML)) {
CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_AUTHZ_INITED", ""));
// get authz mgr from xml file; if not specified, use
// ldap by default
mAclMethod = getSCparam(sc, PROP_AUTHZ_MGR, AUTHZ_MGR_LDAP);
if (mAclMethod.equalsIgnoreCase(AUTHZ_MGR_BASIC)) {
String aclInfo = sc.getInitParameter(PROP_ACL);
if (aclInfo != null) {
try {
addACLInfo(aclInfo);
//mAuthz.authzMgrAccessInit(mAclMethod, aclInfo);
} catch (EBaseException e) {
log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTHZ_MGR_INIT_FAIL"));
throw new ServletException("failed to init authz info from xml config file");
}
CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_AUTHZ_MGR_INIT_DONE", mServletID));
} else { // PROP_AUTHZ_MGR not specified, use default authzmgr
CMS.debug("AdminServlet: "
+ CMS.getLogMessage("ADMIN_SRVLT_PROP_ACL_NOT_SPEC", PROP_ACL, mServletID, AUTHZ_MGR_LDAP));
}
} else { // PROP_AUTHZ_MGR not specified, use default authzmgr
CMS.debug("AdminServlet: "
+ CMS.getLogMessage("ADMIN_SRVLT_PROP_ACL_NOT_SPEC", PROP_AUTHZ_MGR, mServletID, AUTHZ_MGR_LDAP));
}
} else {
mAclMethod = AUTHZ_MGR_LDAP;
CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_AUTH_LDAP_NOT_XML", mServletID));
}
}
public void outputHttpParameters(HttpServletRequest httpReq) {
CMS.debug("AdminServlet:service() uri = " + httpReq.getRequestURI());
@SuppressWarnings("unchecked")
Enumeration* *
* *
* * @param createBackup true if a backup file should be created */ protected void commit(boolean createBackup) throws EBaseException { mConfig.commit(createBackup); } private void log(int level, String msg) { if (mLogger == null) return; mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_ADMIN, level, "AdminServlet: " + msg); } /** * Signed Audit Log * * This method is inherited by all extended admin servlets * and is called to store messages to the signed audit log. *
* * @param msg signed audit log message */ protected void audit(String msg) { // in this case, do NOT strip preceding/trailing whitespace // from passed-in String parameters if (auditor == null) { return; } auditor.log(msg); } /** * Signed Audit Log Subject ID * * This method is inherited by all extended "CMSServlet"s, * and is called to obtain the "SubjectID" for * a signed audit log message. *
* * @return id string containing the signed audit log message SubjectID */ protected String auditSubjectID() { if (auditor == null) return null; return auditor.getSubjectID(); } /** * Signed Audit Parameters * * This method is inherited by all extended admin servlets and * is called to extract parameters from the HttpServletRequest * and return a string of name;;value pairs separated by a '+' * if more than one name;;value pair exists. *
*
* @param req HTTP servlet request
* @return a delimited string of one or more delimited name/value pairs
*/
protected String auditParams(HttpServletRequest req) {
if (auditor == null) return null;
// always identify the scope of the request
String scope = req.getParameter(Constants.OP_SCOPE);
// identify the operation type of the request
String type = req.getParameter(Constants.OP_TYPE);
// identify the resource type of the request
String id = req.getParameter(Constants.RS_ID);
// identify any remaining request parameters
Map
*
* @param subjectID string containing the signed audit log message SubjectID
* @return a delimited string of groups associated
* with the "auditSubjectID()"
*/
private String auditGroups(String subjectID) {
if (auditor == null) return null;
return auditor.getGroups(subjectID);
}
protected NameValuePairs convertStringArrayToNVPairs(String[] s) {
if (s == null)
return null;
NameValuePairs nvps = new NameValuePairs();
int i;
for (i = 0; i < s.length; i++) {
int j = s[i].indexOf(";");
String paramName = s[i].substring(0, j);
String args = s[i].substring(j + 1);
nvps.put(paramName, args);
}
return nvps;
}
protected static IExtendedPluginInfo getClassByNameAsExtendedPluginInfo(String className) {
IExtendedPluginInfo epi = null;
try {
// here is the new dummy obj created
Object o = Class.forName(className).newInstance();
epi = (IExtendedPluginInfo) o;
} catch (Exception e) {
}
return epi;
}
}