diff options
| author | Ade Lee <alee@redhat.com> | 2011-12-08 21:15:59 -0500 |
|---|---|---|
| committer | Ade Lee <alee@redhat.com> | 2011-12-08 21:15:59 -0500 |
| commit | 171aaece4f23709d33d180cf36eb3af5e454b0c9 (patch) | |
| tree | 1485f9f0a7bd10de4ff25030db575dbb8dafae74 /pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java | |
| parent | adad2fcee8a29fdb82376fbce07dedb11fccc182 (diff) | |
| download | pki-171aaece4f23709d33d180cf36eb3af5e454b0c9.tar.gz pki-171aaece4f23709d33d180cf36eb3af5e454b0c9.tar.xz pki-171aaece4f23709d33d180cf36eb3af5e454b0c9.zip | |
Revert "Formatting"
This reverts commit 32150d3ee32f8ac27118af7c792794b538c78a2f.
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java')
| -rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java | 226 |
1 files changed, 106 insertions, 120 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java b/pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java index 7dcec5cd..5909bc4b 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/GetCertFromRequest.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.cert; + import java.io.IOException; import java.util.Locale; @@ -51,9 +52,10 @@ import com.netscape.cms.servlet.common.CMSTemplateParams; import com.netscape.cms.servlet.common.ECMSGWException; import com.netscape.cms.servlet.common.ICMSTemplateFiller; + /** - * Gets a issued certificate from a request id. - * + * Gets a issued certificate from a request id. + * * @version $Revision$, $Date$ */ public class GetCertFromRequest extends CMSServlet { @@ -62,26 +64,27 @@ public class GetCertFromRequest extends CMSServlet { */ private static final long serialVersionUID = 5310646832256611066L; private final static String PROP_IMPORT = "importCert"; - protected static final String GET_CERT_FROM_REQUEST_TEMPLATE = "ImportCert.template"; - protected static final String DISPLAY_CERT_FROM_REQUEST_TEMPLATE = "displayCertFromRequest.template"; + protected static final String + GET_CERT_FROM_REQUEST_TEMPLATE = "ImportCert.template"; + protected static final String + DISPLAY_CERT_FROM_REQUEST_TEMPLATE = "displayCertFromRequest.template"; protected static final String REQUEST_ID = "requestId"; protected static final String CERT_TYPE = "certtype"; - protected String mCertFrReqSuccessTemplate = null; + protected String mCertFrReqSuccessTemplate = null; protected ICMSTemplateFiller mCertFrReqFiller = null; protected IRequestQueue mQueue = null; protected boolean mImportCert = true; - public GetCertFromRequest() { + public GetCertFromRequest() { super(); } /** * initialize the servlet. This servlet uses the template files - * "displayCertFromRequest.template" and "ImportCert.template" - * + * "displayCertFromRequest.template" and "ImportCert.template" * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -89,7 +92,8 @@ public class GetCertFromRequest extends CMSServlet { mTemplates.remove(CMSRequest.SUCCESS); mQueue = mAuthority.getRequestQueue(); try { - String tmp = sc.getInitParameter(PROP_IMPORT); + String tmp = sc.getInitParameter( + PROP_IMPORT); if (tmp != null && tmp.trim().equalsIgnoreCase("false")) mImportCert = false; @@ -98,43 +102,46 @@ public class GetCertFromRequest extends CMSServlet { if (mImportCert) defTemplate = GET_CERT_FROM_REQUEST_TEMPLATE; - else + else defTemplate = DISPLAY_CERT_FROM_REQUEST_TEMPLATE; if (mAuthority instanceof IRegistrationAuthority) defTemplate = "/ra/" + defTemplate; - else + else defTemplate = "/ca/" + defTemplate; - mCertFrReqSuccessTemplate = sc - .getInitParameter(PROP_SUCCESS_TEMPLATE); + mCertFrReqSuccessTemplate = sc.getInitParameter( + PROP_SUCCESS_TEMPLATE); if (mCertFrReqSuccessTemplate == null) mCertFrReqSuccessTemplate = defTemplate; - String fillername = sc - .getInitParameter(PROP_SUCCESS_TEMPLATE_FILLER); + String fillername = + sc.getInitParameter(PROP_SUCCESS_TEMPLATE_FILLER); if (fillername != null) { ICMSTemplateFiller filler = newFillerObject(fillername); - if (filler != null) + if (filler != null) mCertFrReqFiller = filler; } else { mCertFrReqFiller = new CertFrRequestFiller(); } } catch (Exception e) { // should never happen. - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSGW_IMP_INIT_SERV_ERR", e.toString(), mId)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_IMP_INIT_SERV_ERR", e.toString(), + mId)); } } + /** - * Process the HTTP request. + * Process the HTTP request. * <ul> - * <li>http.param requestId The request ID to search on + * <li>http.param requestId The request ID to search on * </ul> - * + * * @param cmsReq the object holding the request and response information */ - protected void process(CMSRequest cmsReq) throws EBaseException { + protected void process(CMSRequest cmsReq) + throws EBaseException { IArgBlock httpParams = cmsReq.getHttpParams(); HttpServletRequest httpReq = cmsReq.getHttpReq(); @@ -143,14 +150,14 @@ public class GetCertFromRequest extends CMSServlet { AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, - "read"); + authzToken = authorize(mAclMethod, authToken, + mAuthzResourceName, "read"); } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); } if (authzToken == null) { @@ -158,104 +165,96 @@ public class GetCertFromRequest extends CMSServlet { return; } - String requestId = httpParams.getValueAsString(REQUEST_ID, null); + String requestId = httpParams.getValueAsString(REQUEST_ID, null); if (requestId == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_NO_REQUEST_ID_PROVIDED")); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_NO_REQUEST_ID_PROVIDED")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_NO_REQUEST_ID_PROVIDED")); + throw new ECMSGWException(CMS.getUserMessage("CMS_GW_NO_REQUEST_ID_PROVIDED")); } // check if request Id is valid. try { Integer.parseInt(requestId); } catch (NumberFormatException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_INVALID_REQ_ID_FORMAT", requestId)); - throw new EBaseException(CMS.getUserMessage(getLocale(httpReq), - "CMS_BASE_INVALID_NUMBER_FORMAT_1", requestId)); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_INVALID_REQ_ID_FORMAT", requestId)); + throw new EBaseException( + CMS.getUserMessage(getLocale(httpReq), "CMS_BASE_INVALID_NUMBER_FORMAT_1", requestId)); } IRequest r = mQueue.findRequest(new RequestId(requestId)); if (r == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_REQUEST_ID_NOT_FOUND", requestId)); - throw new ECMSGWException(CMS.getUserMessage( - "CMS_GW_REQUEST_ID_NOT_FOUND", requestId)); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_REQUEST_ID_NOT_FOUND", requestId)); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_REQUEST_ID_NOT_FOUND", requestId)); } if (authToken != null) { - // if RA, group and requestOwner must match - String group = authToken.getInString("group"); - if ((group != null) && (group != "") - && group.equals("Registration Manager Agents")) { - boolean groupMatched = false; - String reqOwner = r.getRequestOwner(); - if (reqOwner != null) { - CMS.debug("GetCertFromRequest process: req owner=" - + reqOwner); - if (reqOwner.equals(group)) - groupMatched = true; - } - if (groupMatched == false) { - CMS.debug("RA group unmatched"); - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSGW_REQUEST_ID_NOT_FOUND", requestId)); - throw new ECMSGWException(CMS.getUserMessage( - "CMS_GW_REQUEST_ID_NOT_FOUND", requestId)); - } + //if RA, group and requestOwner must match + String group = authToken.getInString("group"); + if ((group != null) && (group != "") && + group.equals("Registration Manager Agents")) { + boolean groupMatched = false; + String reqOwner = r.getRequestOwner(); + if (reqOwner != null) { + CMS.debug("GetCertFromRequest process: req owner="+reqOwner); + if (reqOwner.equals(group)) + groupMatched = true; + } + if (groupMatched == false) { + CMS.debug("RA group unmatched"); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_REQUEST_ID_NOT_FOUND", requestId)); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_REQUEST_ID_NOT_FOUND", requestId)); } + } } - if (!((r.getRequestType().equals(IRequest.ENROLLMENT_REQUEST)) || (r - .getRequestType().equals(IRequest.RENEWAL_REQUEST)))) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSGW_REQUEST_NOT_ENROLLMENT_1", requestId)); - throw new ECMSGWException(CMS.getUserMessage( - "CMS_GW_REQUEST_NOT_ENROLLMENT", requestId)); + if (!((r.getRequestType().equals(IRequest.ENROLLMENT_REQUEST)) || (r.getRequestType().equals(IRequest.RENEWAL_REQUEST)))) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_REQUEST_NOT_ENROLLMENT_1", requestId)); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_REQUEST_NOT_ENROLLMENT", requestId)); } RequestStatus status = r.getRequestStatus(); if (!status.equals(RequestStatus.COMPLETE)) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSGW_REQUEST_NOT_COMPLETED_1", requestId)); - throw new ECMSGWException(CMS.getUserMessage( - "CMS_GW_REQUEST_NOT_COMPLETED", requestId)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_REQUEST_NOT_COMPLETED_1", requestId)); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_REQUEST_NOT_COMPLETED", requestId)); } Integer result = r.getExtDataInInteger(IRequest.RESULT); if (result != null && !result.equals(IRequest.RES_SUCCESS)) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_REQUEST_HAD_ERROR_1", requestId)); - throw new ECMSGWException(CMS.getUserMessage( - "CMS_GW_REQUEST_HAD_ERROR", requestId)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_REQUEST_HAD_ERROR_1", requestId)); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_REQUEST_HAD_ERROR", requestId)); } Object o = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); if (r.getExtDataInString("profile") != null) { // handle profile-based request - X509CertImpl cert = r - .getExtDataInCert(IEnrollProfile.REQUEST_ISSUED_CERT); + X509CertImpl cert = r.getExtDataInCert(IEnrollProfile.REQUEST_ISSUED_CERT); X509CertImpl certs[] = new X509CertImpl[1]; certs[0] = cert; o = certs; } if (o == null || !(o instanceof X509CertImpl[])) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSGW_REQUEST_HAD_NO_CERTS_1", requestId)); - throw new ECMSGWException(CMS.getUserMessage( - "CMS_GW_REQUEST_HAD_NO_CERTS", requestId)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_REQUEST_HAD_NO_CERTS_1", requestId)); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_REQUEST_HAD_NO_CERTS", requestId)); } if (o instanceof X509CertImpl[]) { X509CertImpl[] certs = (X509CertImpl[]) o; if (certs == null || certs.length == 0 || certs[0] == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSGW_REQUEST_HAD_NO_CERTS_1", requestId)); - throw new ECMSGWException(CMS.getUserMessage( - "CMS_GW_REQUEST_HAD_NO_CERTS", requestId)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_REQUEST_HAD_NO_CERTS_1", requestId)); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_REQUEST_HAD_NO_CERTS", requestId)); } // for importsCert to get the crmf_reqid. @@ -263,66 +262,58 @@ public class GetCertFromRequest extends CMSServlet { cmsReq.setStatus(CMSRequest.SUCCESS); - if (mImportCert - && checkImportCertToNav(cmsReq.getHttpResp(), httpParams, - certs[0])) { + if (mImportCert && + checkImportCertToNav(cmsReq.getHttpResp(), httpParams, certs[0])) { return; } try { cmsReq.setResult(certs); - renderTemplate(cmsReq, mCertFrReqSuccessTemplate, - mCertFrReqFiller); + renderTemplate(cmsReq, mCertFrReqSuccessTemplate, mCertFrReqFiller); } catch (IOException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSGE_ERROR_DISPLAY_TEMPLATE_1", + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGE_ERROR_DISPLAY_TEMPLATE_1", mCertFrReqSuccessTemplate, e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); } } return; } } + class CertFrRequestFiller extends ImportCertsTemplateFiller { public CertFrRequestFiller() { } - public CMSTemplateParams getTemplateParams(CMSRequest cmsReq, - IAuthority authority, Locale locale, Exception e) throws Exception { - CMSTemplateParams tparams = super.getTemplateParams(cmsReq, authority, - locale, e); + public CMSTemplateParams getTemplateParams( + CMSRequest cmsReq, IAuthority authority, Locale locale, Exception e) + throws Exception { + CMSTemplateParams tparams = + super.getTemplateParams(cmsReq, authority, locale, e); String reqId = cmsReq.getHttpParams().getValueAsString( GetCertFromRequest.REQUEST_ID); - tparams.getHeader() - .addStringValue(GetCertFromRequest.REQUEST_ID, reqId); + tparams.getHeader().addStringValue(GetCertFromRequest.REQUEST_ID, reqId); if (reqId != null) { - IRequest r = authority.getRequestQueue().findRequest( - new RequestId(reqId)); + IRequest r = authority.getRequestQueue().findRequest(new RequestId(reqId)); if (r != null) { boolean noCertImport = true; - String certType = r.getExtDataInString(IRequest.HTTP_PARAMS, - IRequest.CERT_TYPE); + String certType = r.getExtDataInString(IRequest.HTTP_PARAMS, IRequest.CERT_TYPE); if (certType != null && certType.equals(IRequest.CLIENT_CERT)) { noCertImport = false; } - tparams.getHeader().addBooleanValue("noCertImport", - noCertImport); + tparams.getHeader().addBooleanValue("noCertImport", noCertImport); - X509CertImpl[] certs = r - .getExtDataInCertArray(IRequest.ISSUED_CERTS); + X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs != null) { - X509CertInfo info = (X509CertInfo) certs[0] - .get(X509CertImpl.NAME + "." + X509CertImpl.INFO); - CertificateExtensions extensions = (CertificateExtensions) info - .get(X509CertInfo.EXTENSIONS); + X509CertInfo info = (X509CertInfo) certs[0].get(X509CertImpl.NAME + "." + X509CertImpl.INFO); + CertificateExtensions extensions = (CertificateExtensions) info.get(X509CertInfo.EXTENSIONS); - tparams.getHeader().addStringValue( - GetCertFromRequest.CERT_TYPE, "x509"); + tparams.getHeader().addStringValue(GetCertFromRequest.CERT_TYPE, "x509"); boolean emailCert = false; @@ -333,21 +324,16 @@ class CertFrRequestFiller extends ImportCertsTemplateFiller { if (ext instanceof NSCertTypeExtension) { NSCertTypeExtension type = (NSCertTypeExtension) ext; - if (((Boolean) type - .get(NSCertTypeExtension.EMAIL)) - .booleanValue()) + if (((Boolean) type.get(NSCertTypeExtension.EMAIL)).booleanValue()) emailCert = true; } if (ext instanceof KeyUsageExtension) { - KeyUsageExtension usage = (KeyUsageExtension) ext; + KeyUsageExtension usage = + (KeyUsageExtension) ext; try { - if (((Boolean) usage - .get(KeyUsageExtension.DIGITAL_SIGNATURE)) - .booleanValue() - || ((Boolean) usage - .get(KeyUsageExtension.DATA_ENCIPHERMENT)) - .booleanValue()) + if (((Boolean) usage.get(KeyUsageExtension.DIGITAL_SIGNATURE)).booleanValue() || + ((Boolean) usage.get(KeyUsageExtension.DATA_ENCIPHERMENT)).booleanValue()) emailCert = true; } catch (ArrayIndexOutOfBoundsException e0) { // bug356108: |