diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java | 1406 |
1 files changed, 646 insertions, 760 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java index bd96bbec..2ef01b24 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; - import java.io.IOException; import java.security.cert.CertificateException; import java.security.cert.CertificateExpiredException; @@ -58,16 +57,14 @@ import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; import com.netscape.cmsutil.util.Cert; - /** - * A class representing an administration servlet for - * User/Group Manager. It communicates with client - * SDK to allow remote administration of User/Group + * A class representing an administration servlet for User/Group Manager. It + * communicates with client SDK to allow remote administration of User/Group * manager. - * - * This servlet will be registered to remote - * administration subsystem by usrgrp manager. - * + * + * This servlet will be registered to remote administration subsystem by usrgrp + * manager. + * * @version $Revision$, $Date$ */ public class UsrGrpAdminServlet extends AdminServlet { @@ -83,22 +80,20 @@ public class UsrGrpAdminServlet extends AdminServlet { private final static String RES_OCSP_GROUP = "certServer.ocsp.group"; private final static String RES_TKS_GROUP = "certServer.tks.group"; private final static String SYSTEM_USER = "$System$"; - // private final static String RES_GROUP = "root.common.goldfish"; + // private final static String RES_GROUP = "root.common.goldfish"; private final static String BACK_SLASH = "\\"; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_ROLE = - "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_ROLE = "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3"; private IUGSubsystem mMgr = null; private IAuthzSubsystem mAuthz = null; - private static String [] mMultiRoleGroupEnforceList = null; - private final static String MULTI_ROLE_ENABLE= "multiroles.enable"; + private static String[] mMultiRoleGroupEnforceList = null; + private final static String MULTI_ROLE_ENABLE = "multiroles.enable"; private final static String MULTI_ROLE_ENFORCE_GROUP_LIST = "multiroles.false.groupEnforceList"; - /** * Constructs User/Group manager servlet. */ @@ -126,17 +121,17 @@ public class UsrGrpAdminServlet extends AdminServlet { * Serves incoming User/Group management request. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); String scope = super.getParameter(req, Constants.OP_SCOPE); String op = super.getParameter(req, Constants.OP_TYPE); if (op == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_INVALID_PROTOCOL")); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), - null, resp); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_INVALID_PROTOCOL")); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); return; } @@ -147,64 +142,57 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (IOException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHS_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); return; } // authorization // temporary test before servlets are exposed with authtoken /* - SessionContext sc = SessionContext.getContext(); - AuthToken authToken = (AuthToken) sc.get(SessionContext.AUTH_TOKEN); - - AuthzToken authzTok = null; - CMS.debug("UserGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CHECK_AUTHZ_SUB")); - // hardcoded for now .. just testing - try { - authzTok = mAuthz.authorize("DirAclAuthz", authToken, RES_GROUP, "read"); - } catch (EBaseException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_CALL_FAIL",e.toString())); - } - if (AuthzToken.AUTHZ_STATUS_FAIL.equals(authzTok.get(AuthzToken.TOKEN_AUTHZ_STATUS))) { - // audit would have been needed here if this weren't just a test... - - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS")); - - sendResponse(ERROR, - MessageFormatter.getLocalizedString( - getLocale(req), - AdminResources.class.getName(), - AdminResources.SRVLT_FAIL_AUTHS), - null, resp); - return; - } + * SessionContext sc = SessionContext.getContext(); AuthToken authToken + * = (AuthToken) sc.get(SessionContext.AUTH_TOKEN); + * + * AuthzToken authzTok = null; CMS.debug("UserGrpAdminServlet: " + + * CMS.getLogMessage("ADMIN_SRVLT_CHECK_AUTHZ_SUB")); // hardcoded for + * now .. just testing try { authzTok = mAuthz.authorize("DirAclAuthz", + * authToken, RES_GROUP, "read"); } catch (EBaseException e) { + * log(ILogger.LL_FAILURE, + * CMS.getLogMessage("ADMIN_SRVLT_AUTH_CALL_FAIL",e.toString())); } if + * (AuthzToken + * .AUTHZ_STATUS_FAIL.equals(authzTok.get(AuthzToken.TOKEN_AUTHZ_STATUS + * ))) { // audit would have been needed here if this weren't just a + * test... + * + * log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS")); + * + * sendResponse(ERROR, MessageFormatter.getLocalizedString( + * getLocale(req), AdminResources.class.getName(), + * AdminResources.SRVLT_FAIL_AUTHS), null, resp); return; } */ - try { ISubsystem subsystem = CMS.getSubsystem("ca"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_CA_GROUP; subsystem = CMS.getSubsystem("ra"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_RA_GROUP; subsystem = CMS.getSubsystem("kra"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_KRA_GROUP; subsystem = CMS.getSubsystem("ocsp"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_OCSP_GROUP; subsystem = CMS.getSubsystem("tks"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_TKS_GROUP; if (scope != null) { if (scope.equals(ScopeDef.SC_USER_TYPE)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } @@ -215,9 +203,8 @@ public class UsrGrpAdminServlet extends AdminServlet { if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -233,9 +220,8 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -251,9 +237,8 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_ADD)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -269,9 +254,8 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_DELETE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -284,9 +268,8 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -296,33 +279,30 @@ public class UsrGrpAdminServlet extends AdminServlet { findUsers(req, resp); return; } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_INVALID_OP_SCOPE")); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), - null, resp); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_INVALID_OP_SCOPE")); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); return; } } } // if } catch (EBaseException e) { log(ILogger.LL_FAILURE, e.toString()); - sendResponse(ERROR, e.toString(getLocale(req)), - null, resp); + sendResponse(ERROR, e.toString(getLocale(req)), null, resp); return; } catch (Exception e) { log(ILogger.LL_FAILURE, e.toString()); - log(ILogger.LL_FAILURE, CMS.getLogMessage(" ADMIN_SRVLT_FAIL_PERFORM")); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_PERFORM_FAILED"), - null, resp); + log(ILogger.LL_FAILURE, + CMS.getLogMessage(" ADMIN_SRVLT_FAIL_PERFORM")); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_PERFORM_FAILED"), null, resp); return; } } - private void getUserType(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private void getUserType(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String id = super.getParameter(req, Constants.RS_ID); IUser user = mMgr.getUser(id); @@ -337,44 +317,42 @@ public class UsrGrpAdminServlet extends AdminServlet { } /** - * Retrieves configuration parameters of - * authentication manager. + * Retrieves configuration parameters of authentication manager. */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void getConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { super.getConfig(mMgr.getConfigStore(), req, resp); } /** - * Sets configuration parameters of - * User/Group manager. + * Sets configuration parameters of User/Group manager. */ - private synchronized void setConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void setConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { super.setConfig(mMgr.getConfigStore(), req, resp); } /** * Lists configuration parameters. */ - private synchronized void listConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void listConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { super.listConfig(mMgr.getConfigStore(), req, resp); } /** - * Searches for users in LDAP directory. List uids only - * + * Searches for users in LDAP directory. List uids only + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findUsers(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void findUsers(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { NameValuePairs params = new NameValuePairs(); @@ -384,7 +362,8 @@ public class UsrGrpAdminServlet extends AdminServlet { e = mMgr.listUsers("*"); } catch (Exception ex) { sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); + CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), + null, resp); return; } @@ -412,27 +391,25 @@ public class UsrGrpAdminServlet extends AdminServlet { } /** - * List user information. Certificates covered in a separate - * protocol for findUserCerts(). List of group memberships are - * also provided. - * + * List user information. Certificates covered in a separate protocol for + * findUserCerts(). List of group memberships are also provided. + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void findUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { - //get id first + // get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } @@ -445,7 +422,8 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (Exception e) { e.printStackTrace(); sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); + CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), + null, resp); return; } @@ -456,15 +434,15 @@ public class UsrGrpAdminServlet extends AdminServlet { params.add(Constants.PR_USER_STATE, user.getState()); // get list of groups, and get a list of those that this - // uid belongs to + // uid belongs to Enumeration e = null; try { e = mMgr.findGroups("*"); } catch (Exception ex) { ex.printStackTrace(); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -474,7 +452,7 @@ public class UsrGrpAdminServlet extends AdminServlet { IGroup group = (IGroup) e.nextElement(); if (group.isMember(id) == true) { - if (grpString.length()!=0) { + if (grpString.length() != 0) { grpString.append(","); } grpString.append(group.getGroupID()); @@ -487,34 +465,33 @@ public class UsrGrpAdminServlet extends AdminServlet { return; } - log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); return; } /** * List user certificate(s) - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findUserCerts(HttpServletRequest req, - HttpServletResponse resp, Locale clientLocale) - throws ServletException, - IOException, EBaseException { + private synchronized void findUserCerts(HttpServletRequest req, + HttpServletResponse resp, Locale clientLocale) + throws ServletException, IOException, EBaseException { - //get id first + // get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } @@ -526,32 +503,33 @@ public class UsrGrpAdminServlet extends AdminServlet { user = mMgr.getUser(id); } catch (Exception e) { e.printStackTrace(); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); return; } if (user == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); return; } - X509Certificate[] certs = - (X509Certificate[]) user.getX509Certificates(); + X509Certificate[] certs = (X509Certificate[]) user + .getX509Certificates(); if (certs != null) { for (int i = 0; i < certs.length; i++) { ICertPrettyPrint print = CMS.getCertPrettyPrint(certs[i]); - // add base64 encoding - String base64 = CMS.getEncodedCert(certs[i]); - + // add base64 encoding + String base64 = CMS.getEncodedCert(certs[i]); + // pretty print certs params.add(getCertificateString(certs[i]), - print.toString(clientLocale) + "\n" + base64); + print.toString(clientLocale) + "\n" + base64); } sendResponse(SUCCESS, null, params, resp); return; @@ -570,20 +548,20 @@ public class UsrGrpAdminServlet extends AdminServlet { } // note that it did not represent a certificate fully - return cert.getVersion() + ";" + cert.getSerialNumber().toString() + - ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); + return cert.getVersion() + ";" + cert.getSerialNumber().toString() + + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); } /** * Searchess for groups in LDAP server - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group */ - private synchronized void findGroups(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void findGroups(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = null; @@ -592,7 +570,9 @@ public class UsrGrpAdminServlet extends AdminServlet { e = mMgr.listGroups("*"); } catch (Exception ex) { ex.printStackTrace(); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), + null, resp); return; } @@ -611,25 +591,23 @@ public class UsrGrpAdminServlet extends AdminServlet { } /** - * finds a group - * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * finds a group Request/Response Syntax: + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void findGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { NameValuePairs params = new NameValuePairs(); - //get id first + // get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } @@ -639,7 +617,9 @@ public class UsrGrpAdminServlet extends AdminServlet { e = mMgr.findGroups(id); } catch (Exception ex) { ex.printStackTrace(); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), + null, resp); return; } @@ -647,15 +627,14 @@ public class UsrGrpAdminServlet extends AdminServlet { IGroup group = (IGroup) e.nextElement(); params.add(Constants.PR_GROUP_GROUP, group.getGroupID()); - params.add(Constants.PR_GROUP_DESC, - group.getDescription()); + params.add(Constants.PR_GROUP_DESC, group.getDescription()); Enumeration members = group.getMemberNames(); StringBuffer membersString = new StringBuffer(); if (members != null) { while (members.hasMoreElements()) { - if (membersString.length()!=0) { + if (membersString.length() != 0) { membersString.append(", "); } @@ -670,10 +649,11 @@ public class UsrGrpAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, params, resp); return; } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_GROUP_NOT_EXIST")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("USRGRP_SRVLT_GROUP_NOT_EXIST")); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_GROUP_NOT_EXIST"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_GROUP_NOT_EXIST"), null, resp); return; } @@ -682,25 +662,26 @@ public class UsrGrpAdminServlet extends AdminServlet { /** * Adds a new user to LDAP server * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void addUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -711,58 +692,52 @@ public class UsrGrpAdminServlet extends AdminServlet { String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } if (id.indexOf(BACK_SLASH) != -1) { // backslashes (BS) are not allowed - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_RS_ID_BS")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_RS_ID_BS")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_RS_ID_BS"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_RS_ID_BS"), null, resp); return; } if (id.equals(SYSTEM_USER)) { // backslashes (BS) are not allowed - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_SPECIAL_ID", id)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_SPECIAL_ID", id)); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_SPECIAL_ID", id), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_SPECIAL_ID", id), null, resp); return; } @@ -770,22 +745,21 @@ public class UsrGrpAdminServlet extends AdminServlet { String fname = super.getParameter(req, Constants.PR_USER_FULLNAME); if ((fname == null) || (fname.length() == 0)) { - String msg = CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED_1", "full name"); + String msg = CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_USER_ADD_FAILED_1", "full name"); log(ILogger.LL_FAILURE, msg); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); sendResponse(ERROR, msg, null, resp); return; - } else + } else user.setFullName(fname); String email = super.getParameter(req, Constants.PR_USER_EMAIL); @@ -803,16 +777,14 @@ public class UsrGrpAdminServlet extends AdminServlet { if (!passwdCheck.isGoodPassword(pword)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); throw new EUsrGrpException(passwdCheck.getReason(pword)); - //UsrGrpResources.BAD_PASSWD); + // UsrGrpResources.BAD_PASSWD); } user.setPassword(pword); @@ -856,18 +828,17 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } - + if (e.hasMoreElements()) { IGroup group = (IGroup) e.nextElement(); @@ -879,36 +850,34 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage( + getLocale(req), + "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } } // for audit log SessionContext sContext = SessionContext.getContext(); - String adminId = (String) sContext.get(SessionContext.USER_ID); - + String adminId = (String) sContext + .get(SessionContext.USER_ID); + mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.ADDUSERGROUPFORMAT, - new Object[] {adminId, id, groupName} - ); + AuditFormat.LEVEL, AuditFormat.ADDUSERGROUPFORMAT, + new Object[] { adminId, id, groupName }); } NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.SUCCESS, auditParams(req)); audit(auditMessage); @@ -919,61 +888,54 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); if (user.getUserID() == null) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED_1", "uid"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_USER_ADD_FAILED_1", "uid"), null, resp); } else { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_USER_ADD_FAILED"), null, resp); } return; } catch (LDAPException e) { String errMsg = "addUser()" + e.toString(); - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_ADD_USER_FAIL", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_ADD_USER_FAIL", + e.toString())); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } catch (Exception e) { log(ILogger.LL_FAILURE, e.toString()); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); @@ -981,53 +943,51 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Adds a certificate to a user * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addUserCert(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void addUserCert(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1038,20 +998,18 @@ public class UsrGrpAdminServlet extends AdminServlet { String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } @@ -1065,10 +1023,8 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.SUCCESS, auditParams(req)); audit(auditMessage); @@ -1082,7 +1038,8 @@ public class UsrGrpAdminServlet extends AdminServlet { // Base64 decode cert try { - byte bCert[] = (byte[]) (com.netscape.osutil.OSUtil.AtoB(certsString)); + byte bCert[] = (byte[]) (com.netscape.osutil.OSUtil + .AtoB(certsString)); X509Certificate cert = new X509CertImpl(bCert); certs = new X509Certificate[1]; @@ -1092,12 +1049,14 @@ public class UsrGrpAdminServlet extends AdminServlet { boolean assending = true; // could it be a pkcs7 blob? - CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_IS_PK_BLOB")); - byte p7Cert[] = (byte[]) (com.netscape.osutil.OSUtil.AtoB(certsString)); + CMS.debug("UsrGrpAdminServlet: " + + CMS.getLogMessage("ADMIN_SRVLT_IS_PK_BLOB")); + byte p7Cert[] = (byte[]) (com.netscape.osutil.OSUtil + .AtoB(certsString)); try { CryptoManager manager = CryptoManager.getInstance(); - + PKCS7 pkcs7 = new PKCS7(p7Cert); X509Certificate p7certs[] = pkcs7.getCertificates(); @@ -1105,15 +1064,14 @@ public class UsrGrpAdminServlet extends AdminServlet { if (p7certs.length == 0) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); return; } // fix for 370099 - cert ordering can not be assumed @@ -1122,37 +1080,44 @@ public class UsrGrpAdminServlet extends AdminServlet { // self-signed and alone? take it. otherwise test // the ordering - if (p7certs[0].getSubjectDN().toString().equals( - p7certs[0].getIssuerDN().toString()) && - (p7certs.length == 1)) { + if (p7certs[0].getSubjectDN().toString() + .equals(p7certs[0].getIssuerDN().toString()) + && (p7certs.length == 1)) { certs[0] = p7certs[0]; - CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_SINGLE_CERT_IMPORT")); - } else if (p7certs[0].getIssuerDN().toString().equals(p7certs[1].getSubjectDN().toString())) { + CMS.debug("UsrGrpAdminServlet: " + + CMS.getLogMessage("ADMIN_SRVLT_SINGLE_CERT_IMPORT")); + } else if (p7certs[0].getIssuerDN().toString() + .equals(p7certs[1].getSubjectDN().toString())) { certs[0] = p7certs[0]; - CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_ACEND_ORD")); - } else if (p7certs[1].getIssuerDN().toString().equals(p7certs[0].getSubjectDN().toString())) { + CMS.debug("UsrGrpAdminServlet: " + + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_ACEND_ORD")); + } else if (p7certs[1].getIssuerDN().toString() + .equals(p7certs[0].getSubjectDN().toString())) { assending = false; - CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_DESC_ORD")); + CMS.debug("UsrGrpAdminServlet: " + + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_DESC_ORD")); certs[0] = p7certs[p7certs.length - 1]; } else { // not a chain, or in random order - CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_BAD_CHAIN")); + CMS.debug("UsrGrpAdminServlet: " + + CMS.getLogMessage("ADMIN_SRVLT_CERT_BAD_CHAIN")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); return; } - CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CHAIN_STORED_DB", String.valueOf(p7certs.length))); + CMS.debug("UsrGrpAdminServlet: " + + CMS.getLogMessage("ADMIN_SRVLT_CHAIN_STORED_DB", + String.valueOf(p7certs.length))); int j = 0; int jBegin = 0; @@ -1167,72 +1132,82 @@ public class UsrGrpAdminServlet extends AdminServlet { } // store the chain into cert db, except for the user cert for (j = jBegin; j < jEnd; j++) { - CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_IN_CHAIN", String.valueOf(j), String.valueOf(p7certs[j].getSubjectDN()))); - org.mozilla.jss.crypto.X509Certificate leafCert = - null; - - leafCert = - manager.importCACertPackage(p7certs[j].getEncoded()); + CMS.debug("UsrGrpAdminServlet: " + + CMS.getLogMessage( + "ADMIN_SRVLT_CERT_IN_CHAIN", String + .valueOf(j), String + .valueOf(p7certs[j] + .getSubjectDN()))); + org.mozilla.jss.crypto.X509Certificate leafCert = null; + + leafCert = manager.importCACertPackage(p7certs[j] + .getEncoded()); if (leafCert == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NULL")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NULL")); } else { - CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NON_NULL")); + CMS.debug("UsrGrpAdminServlet: " + + CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NON_NULL")); } if (leafCert instanceof InternalCertificate) { - ((InternalCertificate) leafCert).setSSLTrust( - InternalCertificate.VALID_CA | - InternalCertificate.TRUSTED_CA | - InternalCertificate.TRUSTED_CLIENT_CA); + ((InternalCertificate) leafCert) + .setSSLTrust(InternalCertificate.VALID_CA + | InternalCertificate.TRUSTED_CA + | InternalCertificate.TRUSTED_CLIENT_CA); } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NOT_INTERNAL_CERT", + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "ADMIN_SRVLT_NOT_INTERNAL_CERT", String.valueOf(p7certs[j].getSubjectDN()))); } } /* - } catch (CryptoManager.UserCertConflictException ex) { - // got a "user cert" in the chain, most likely the CA - // cert of this instance, which has a private key. Ignore - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_PKS7_IGNORED", ex.toString())); - */ + * } catch (CryptoManager.UserCertConflictException ex) { // + * got a "user cert" in the chain, most likely the CA // + * cert of this instance, which has a private key. Ignore + * log(ILogger.LL_FAILURE, + * CMS.getLogMessage("ADMIN_SRVLT_PKS7_IGNORED", + * ex.toString())); + */ } catch (Exception ex) { - //----- - log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_CERT_ERROR", ex.toString())); + // ----- + log(ILogger.LL_FAILURE, + CMS.getLogMessage("USRGRP_SRVLT_CERT_ERROR", + ex.toString())); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); return; } } catch (Exception e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_CERT_O_ERROR", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("USRGRP_SRVLT_CERT_O_ERROR", + e.toString())); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_O_ERROR"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_CERT_O_ERROR"), null, resp); return; } try { - CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_BEFORE_VALIDITY")); + CMS.debug("UsrGrpAdminServlet: " + + CMS.getLogMessage("ADMIN_SRVLT_BEFORE_VALIDITY")); certs[0].checkValidity(); // throw exception if fails user.setX509Certificates(certs); @@ -1241,10 +1216,8 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.SUCCESS, auditParams(req)); audit(auditMessage); @@ -1252,55 +1225,50 @@ public class UsrGrpAdminServlet extends AdminServlet { return; } catch (CertificateExpiredException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_ADD_CERT_EXPIRED", + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "ADMIN_SRVLT_ADD_CERT_EXPIRED", String.valueOf(certs[0].getSubjectDN()))); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_EXPIRED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_CERT_EXPIRED"), null, resp); return; } catch (CertificateNotYetValidException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_CERT_NOT_YET_VALID", + log(ILogger.LL_FAILURE, CMS.getLogMessage( + "USRGRP_SRVLT_CERT_NOT_YET_VALID", String.valueOf(certs[0].getSubjectDN()))); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_NOT_YET_VALID"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_CERT_NOT_YET_VALID"), null, resp); return; } catch (LDAPException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - if (e.getLDAPResultCode() == - LDAPException.ATTRIBUTE_OR_VALUE_EXISTS) { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_CERT_EXISTS"), null, resp); + if (e.getLDAPResultCode() == LDAPException.ATTRIBUTE_OR_VALUE_EXISTS) { + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_USER_CERT_EXISTS"), null, resp); } else { - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_USER_MOD_FAILED"), null, resp); } return; } catch (Exception e) { @@ -1308,82 +1276,78 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_USER_MOD_FAILED"), null, resp); return; } // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Removes a certificate for a user * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * In this method, "certDN" is actually a combination of version, - * serialNumber, issuerDN, and SubjectDN. + * serialNumber, issuerDN, and SubjectDN. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modifyUserCert(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void modifyUserCert(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1394,20 +1358,18 @@ public class UsrGrpAdminServlet extends AdminServlet { String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } @@ -1420,10 +1382,8 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.SUCCESS, auditParams(req)); audit(auditMessage); @@ -1438,10 +1398,8 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.SUCCESS, auditParams(req)); audit(auditMessage); @@ -1452,81 +1410,76 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_USER_MOD_FAILED"), null, resp); return; } // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** - * removes a user. user not removed if belongs to any group - * (Administrators should remove the user from "uniquemember" of - * any group he/she belongs to before trying to remove the user - * itself. + * removes a user. user not removed if belongs to any group (Administrators + * should remove the user from "uniquemember" of any group he/she belongs to + * before trying to remove the user itself. * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void removeUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void removeUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1534,7 +1487,7 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - //get id first + // get id first String id = super.getParameter(req, Constants.RS_ID); boolean mustDelete = false; int index = 0; @@ -1545,20 +1498,18 @@ public class UsrGrpAdminServlet extends AdminServlet { } if (id == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } // get list of groups, and see if uid belongs to any @@ -1571,14 +1522,13 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -1591,16 +1541,14 @@ public class UsrGrpAdminServlet extends AdminServlet { } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_FAIL_USER_RMV_G"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_FAIL_USER_RMV_G"), null, resp); return; } } @@ -1613,10 +1561,8 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.SUCCESS, auditParams(req)); audit(auditMessage); @@ -1625,24 +1571,19 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (Exception ex) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_FAIL_USER_RMV"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_SRVLT_FAIL_USER_RMV"), null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); @@ -1650,53 +1591,51 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Adds a new group in local scope. * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void addGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1704,32 +1643,28 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - //get id first + // get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } IGroup group = mMgr.createGroup(id); - String members = super.getParameter(req, - Constants.PR_GROUP_USER); - String desc = super.getParameter(req, - Constants.PR_GROUP_DESC); + String members = super.getParameter(req, Constants.PR_GROUP_USER); + String desc = super.getParameter(req, Constants.PR_GROUP_DESC); if (desc != null) { group.set("description", (Object) desc); @@ -1752,10 +1687,8 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.SUCCESS, auditParams(req)); audit(auditMessage); @@ -1764,25 +1697,19 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_GROUP_ADD_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_GROUP_ADD_FAILED"), null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); @@ -1790,53 +1717,51 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * removes a group * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void removeGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void removeGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1844,24 +1769,22 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - //get id first + // get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } @@ -1870,22 +1793,16 @@ public class UsrGrpAdminServlet extends AdminServlet { NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.SUCCESS, auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); @@ -1893,56 +1810,54 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * modifies a group * <P> - * - * last person of the super power group "Certificate - * Server Administrators" can never be removed. + * + * last person of the super power group "Certificate Server Administrators" + * can never be removed. * <P> - * - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modifyGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void modifyGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1950,31 +1865,28 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - //get id first + // get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } IGroup group = mMgr.createGroup(id); - String desc = super.getParameter(req, - Constants.PR_GROUP_DESC); + String desc = super.getParameter(req, Constants.PR_GROUP_DESC); if (desc != null) { group.set("description", (Object) desc); @@ -1997,20 +1909,20 @@ public class UsrGrpAdminServlet extends AdminServlet { if (multiRole) { group.addMemberName(memberName); } else { - if( isGroupInMultiRoleEnforceList(groupName)) { + if (isGroupInMultiRoleEnforceList(groupName)) { if (!isDuplicate(groupName, memberName)) { group.addMemberName(memberName); } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException(CMS.getUserMessage("CMS_BASE_DUPLICATE_ROLES", memberName)); + throw new EBaseException(CMS.getUserMessage( + "CMS_BASE_DUPLICATE_ROLES", memberName)); } } else { group.addMemberName(memberName); @@ -2027,10 +1939,8 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.SUCCESS, auditParams(req)); audit(auditMessage); @@ -2040,25 +1950,19 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_GROUP_MODIFY_FAILED"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_GROUP_MODIFY_FAILED"), null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); @@ -2066,61 +1970,58 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } - private boolean isGroupInMultiRoleEnforceList(String groupName) - { + private boolean isGroupInMultiRoleEnforceList(String groupName) { String groupList = null; if (groupName == null || groupName.equals("")) { return true; } if (mMultiRoleGroupEnforceList == null) { - try { - groupList = mConfig.getString(MULTI_ROLE_ENFORCE_GROUP_LIST); - } catch (Exception e) { - } - - if (groupList != null && !groupList.equals("")) { - mMultiRoleGroupEnforceList = groupList.split(","); - for (int j = 0 ; j < mMultiRoleGroupEnforceList.length; j++) { - mMultiRoleGroupEnforceList[j] = mMultiRoleGroupEnforceList[j].trim(); - } - } - } - - if (mMultiRoleGroupEnforceList == null) - return true; - - for (int i = 0; i < mMultiRoleGroupEnforceList.length; i++) { - if (groupName.equals(mMultiRoleGroupEnforceList[i])) { - return true; - } - } - return false; + try { + groupList = mConfig.getString(MULTI_ROLE_ENFORCE_GROUP_LIST); + } catch (Exception e) { + } + + if (groupList != null && !groupList.equals("")) { + mMultiRoleGroupEnforceList = groupList.split(","); + for (int j = 0; j < mMultiRoleGroupEnforceList.length; j++) { + mMultiRoleGroupEnforceList[j] = mMultiRoleGroupEnforceList[j] + .trim(); + } + } + } + + if (mMultiRoleGroupEnforceList == null) + return true; + + for (int i = 0; i < mMultiRoleGroupEnforceList.length; i++) { + if (groupName.equals(mMultiRoleGroupEnforceList[i])) { + return true; + } + } + return false; } private boolean isDuplicate(String groupName, String memberName) { @@ -2129,7 +2030,7 @@ public class UsrGrpAdminServlet extends AdminServlet { // Let's not mess with users that are already a member of this group boolean isMember = false; try { - isMember = mMgr.isMemberOf(memberName,groupName); + isMember = mMgr.isMemberOf(memberName, groupName); } catch (Exception e) { } @@ -2163,25 +2064,26 @@ public class UsrGrpAdminServlet extends AdminServlet { /** * Modifies an existing user in local scope. * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> + * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modifyUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, - IOException, EBaseException { + private synchronized void modifyUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -2189,24 +2091,22 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - //get id first + // get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); return; } @@ -2214,17 +2114,15 @@ public class UsrGrpAdminServlet extends AdminServlet { String fname = super.getParameter(req, Constants.PR_USER_FULLNAME); if ((fname == null) || (fname.length() == 0)) { - String msg = - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED", "full name"); + String msg = CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_USER_MOD_FAILED", "full name"); log(ILogger.LL_FAILURE, msg); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); @@ -2246,16 +2144,14 @@ public class UsrGrpAdminServlet extends AdminServlet { if (!passwdCheck.isGoodPassword(pword)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); throw new EUsrGrpException(passwdCheck.getReason(pword)); - //UsrGrpResources.BAD_PASSWD); + // UsrGrpResources.BAD_PASSWD); } user.setPassword(pword); @@ -2277,10 +2173,8 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.SUCCESS, auditParams(req)); audit(auditMessage); @@ -2291,24 +2185,19 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, + ILogger.FAILURE, auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), + "CMS_USRGRP_USER_MOD_FAILED"), null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); @@ -2316,35 +2205,32 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, ILogger.FAILURE, auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } private void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_USRGRP, - level, "UsrGrpAdminServlet: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_USRGRP, level, + "UsrGrpAdminServlet: " + msg); } } |