diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/admin')
17 files changed, 7248 insertions, 6281 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/ACLAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/ACLAdminServlet.java index 0087375c..c4fa440d 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/ACLAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/ACLAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.util.Enumeration; import java.util.Hashtable; @@ -44,9 +45,10 @@ import com.netscape.certsrv.logging.ILogger; import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; + /** * Manage Access Control List configuration - * + * * @version $Revision$, $Date$ */ public class ACLAdminServlet extends AdminServlet { @@ -61,7 +63,8 @@ public class ACLAdminServlet extends AdminServlet { private final static String INFO = "ACLAdminServlet"; private IAuthzManager mAuthzMgr = null; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_ACL = "LOGGING_SIGNED_AUDIT_CONFIG_ACL_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_ACL = + "LOGGING_SIGNED_AUDIT_CONFIG_ACL_3"; /** * Constructs servlet. @@ -71,18 +74,17 @@ public class ACLAdminServlet extends AdminServlet { mUG = (IUGSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_UG); } - /** - * initialize the servlet. + /** + * initialize the servlet. * <ul> * <li>http.param OP_TYPE = OP_SEARCH, * <li>http.param OP_SCOPE - the scope of the request operation: - * <ul> - * <LI>"impl" ACL implementations - * <LI>"acls" ACL rules - * <LI>"evaluatorTypes" ACL evaluators. + * <ul><LI>"impl" ACL implementations + * <LI>"acls" ACL rules + * <LI>"evaluatorTypes" ACL evaluators. + * </ul> * </ul> - * </ul> - * + * * @param config servlet configuration, read from the web.xml file */ public void init(ServletConfig config) throws ServletException { @@ -97,24 +99,24 @@ public class ACLAdminServlet extends AdminServlet { return INFO; } - /** + /** * Process the HTTP request. - * + * * @param req the object holding the request information * @param resp the object holding the response information */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { String scope = super.getParameter(req, Constants.OP_SCOPE); String op = super.getParameter(req, Constants.OP_TYPE); if (op == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_INVALID_PROTOCOL")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_INVALID_PROTOCOL")); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), + null, resp); return; } @@ -123,10 +125,9 @@ public class ACLAdminServlet extends AdminServlet { try { super.authenticate(req); } catch (IOException e) { - log(ILogger.LL_SECURITY, - CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); + log(ILogger.LL_SECURITY, CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS")); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req),"CMS_ADMIN_SRVLT_AUTHS_FAILED"), + null, resp); return; } @@ -135,11 +136,13 @@ public class ACLAdminServlet extends AdminServlet { try { SessionContext mSC = SessionContext.getContext(); - user = (IUser) mSC.get(SessionContext.USER); + user = (IUser) + mSC.get(SessionContext.USER); } catch (Exception e) { log(ILogger.LL_FAILURE, e.toString()); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_PERFORM_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_PERFORM_FAILED"), + null, resp); return; } @@ -149,8 +152,9 @@ public class ACLAdminServlet extends AdminServlet { if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_ACL)) { @@ -166,8 +170,9 @@ public class ACLAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_ACL)) { @@ -177,8 +182,9 @@ public class ACLAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_ACL)) { @@ -188,8 +194,9 @@ public class ACLAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_ADD)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_ACL_IMPLS)) { @@ -199,8 +206,9 @@ public class ACLAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_DELETE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_ACL_IMPLS)) { @@ -208,37 +216,41 @@ public class ACLAdminServlet extends AdminServlet { return; } } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_INVALID_OP_SCOPE")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_INVALID_OP_SCOPE")); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } catch (EBaseException e) { log(ILogger.LL_FAILURE, e.toString()); - sendResponse(ERROR, e.toString(getLocale(req)), null, resp); + sendResponse(ERROR, e.toString(getLocale(req)), + null, resp); return; } catch (Exception e) { log(ILogger.LL_FAILURE, e.toString()); log(ILogger.LL_DEBUG, "SRVLT_FAIL_PERFORM 2"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_PERFORM_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_PERFORM_FAILED"), + null, resp); return; } log(ILogger.LL_DEBUG, "SRVLT_FAIL_PERFORM 3"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_PERFORM_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_PERFORM_FAILED"), + null, resp); return; } /** * list acls resources by name */ - private void listResources(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void listResources(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { NameValuePairs params = new NameValuePairs(); @@ -248,7 +260,7 @@ public class ACLAdminServlet extends AdminServlet { ACL acl = (ACL) res.nextElement(); String desc = acl.getDescription(); - if (desc == null) + if (desc == null) params.add(acl.getName(), ""); else params.add(acl.getName(), desc); @@ -260,17 +272,19 @@ public class ACLAdminServlet extends AdminServlet { /** * get acls information for a resource */ - private void getResourceACL(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void getResourceACL(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { NameValuePairs params = new NameValuePairs(); - // get resource id first + //get resource id first String resourceId = super.getParameter(req, Constants.RS_ID); if (resourceId == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -315,10 +329,10 @@ public class ACLAdminServlet extends AdminServlet { return; } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ACLS_SRVLT_RESOURCE_NOT_FOUND")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ACL_RESOURCE_NOT_FOUND"), null, resp); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ACLS_SRVLT_RESOURCE_NOT_FOUND")); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_ACL_RESOURCE_NOT_FOUND"), + null, resp); return; } } @@ -326,20 +340,19 @@ public class ACLAdminServlet extends AdminServlet { /** * modify acls information for a resource * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ACL used when configuring * Access Control List (ACL) information * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private void updateResources(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, + private void updateResources(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, EBaseException { String auditMessage = null; @@ -352,25 +365,27 @@ public class ACLAdminServlet extends AdminServlet { String resourceId = super.getParameter(req, Constants.RS_ID); if (resourceId == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // get resource acls String resourceACLs = super.getParameter(req, Constants.PR_ACI); String rights = super.getParameter(req, Constants.PR_ACL_RIGHTS); - String desc = super.getParameter(req, Constants.PR_ACL_DESC); + String desc = super.getParameter(req, Constants.PR_ACL_DESC); try { mAuthzMgr.updateACLs(resourceId, rights, resourceACLs, desc); @@ -379,8 +394,10 @@ public class ACLAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -391,56 +408,62 @@ public class ACLAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ACL_UPDATE_FAIL"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_ACL_UPDATE_FAIL"), + null, resp); return; } // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ACL, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ACL, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ACL, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ACL, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ACL, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } - + /** * list access evaluators by types and class paths */ - private void listACLsEvaluators(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, + private void listACLsEvaluators(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration res = mAuthzMgr.aclEvaluatorElements(); @@ -456,7 +479,7 @@ public class ACLAdminServlet extends AdminServlet { } private void listACLsEvaluatorTypes(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, + HttpServletResponse resp) throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration res = mAuthzMgr.aclEvaluatorElements(); @@ -467,7 +490,7 @@ public class ACLAdminServlet extends AdminServlet { StringBuffer str = new StringBuffer(); for (int i = 0; i < operators.length; i++) { - if (str.length() > 0) + if (str.length() > 0) str.append(","); str.append(operators[i]); } @@ -481,23 +504,22 @@ public class ACLAdminServlet extends AdminServlet { /** * add access evaluators * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ACL used when configuring * Access Control List (ACL) information * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this ACL evaluator's - * substore + * substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addACLsEvaluator(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addACLsEvaluator(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -511,30 +533,35 @@ public class ACLAdminServlet extends AdminServlet { if (type == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // is the evaluator type unique? /* - * if (!mACLs.isTypeUnique(type)) { String infoMsg = - * "replacing existing type: "+ type; log(ILogger.LL_WARN, infoMsg); - * } + if (!mACLs.isTypeUnique(type)) { + String infoMsg = "replacing existing type: "+ type; + log(ILogger.LL_WARN, infoMsg); + } */ // get class String classPath = super.getParameter(req, Constants.PR_ACL_CLASS); - IConfigStore destStore = mConfig.getSubStore(PROP_EVAL); - IConfigStore mStore = destStore.getSubStore(ScopeDef.SC_ACL_IMPLS); + IConfigStore destStore = + mConfig.getSubStore(PROP_EVAL); + IConfigStore mStore = + destStore.getSubStore(ScopeDef.SC_ACL_IMPLS); // Does the class exist? Class newImpl = null; @@ -548,54 +575,60 @@ public class ACLAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ACL_CLASS_LOAD_FAIL"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_ACL_CLASS_LOAD_FAIL"), + null, resp); return; } // is the class an IAccessEvaluator? try { - if (Class.forName( - "com.netscape.certsrv.evaluators.IAccessEvaluator") - .isAssignableFrom(newImpl) == false) { - String errMsg = "class not com.netscape.certsrv.evaluators.IAccessEvaluator" - + classPath; + if + (Class.forName("com.netscape.certsrv.evaluators.IAccessEvaluator").isAssignableFrom(newImpl) == false) { + String errMsg = "class not com.netscape.certsrv.evaluators.IAccessEvaluator" + + classPath; log(ILogger.LL_FAILURE, errMsg); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ACL_ILL_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_ACL_ILL_CLASS"), + null, resp); return; } } catch (Exception e) { - String errMsg = "class not com.netscape.certsrv.evaluators.IAccessEvaluator" - + classPath; + String errMsg = "class not com.netscape.certsrv.evaluators.IAccessEvaluator" + + classPath; log(ILogger.LL_FAILURE, errMsg); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - CMS.getUserMessage(getLocale(req), "CMS_ACL_ILL_CLASS"), - null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_ACL_ILL_CLASS"), + null, resp); return; } @@ -607,18 +640,20 @@ public class ACLAdminServlet extends AdminServlet { try { mConfig.commit(true); } catch (Exception e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ACLS_SRVLT_FAIL_COMMIT")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ACLS_SRVLT_FAIL_COMMIT")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ACL_COMMIT_FAIL"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_ACL_COMMIT_FAIL"), + null, resp); return; } @@ -626,20 +661,22 @@ public class ACLAdminServlet extends AdminServlet { IAccessEvaluator evaluator = null; try { - evaluator = (IAccessEvaluator) Class.forName(classPath) - .newInstance(); + evaluator = (IAccessEvaluator) Class.forName(classPath).newInstance(); } catch (Exception e) { log(ILogger.LL_FAILURE, e.toString()); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ACL_INST_CLASS_FAIL"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_ACL_INST_CLASS_FAIL"), + null, resp); return; } @@ -650,71 +687,76 @@ public class ACLAdminServlet extends AdminServlet { mAuthzMgr.registerEvaluator(type, evaluator); } - // ... + //... NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ACL, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ACL, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ACL, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ACL, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ACL, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ACL, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * remove access evaluators * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ACL used when configuring * Access Control List (ACL) information * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this ACL evaluator's - * substore + * substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void deleteACLsEvaluator(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, + private synchronized void deleteACLsEvaluator(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, IOException, EBaseException { String auditMessage = null; @@ -727,18 +769,20 @@ public class ACLAdminServlet extends AdminServlet { String id = req.getParameter(Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -746,18 +790,20 @@ public class ACLAdminServlet extends AdminServlet { Hashtable mEvaluators = mAuthzMgr.getAccessEvaluators(); if (mEvaluators.containsKey(id) == false) { - log(ILogger.LL_FAILURE, - "evaluator attempted to be removed not found"); + log(ILogger.LL_FAILURE, "evaluator attempted to be removed not found"); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ACL_EVAL_NOT_FOUND"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_ACL_EVAL_NOT_FOUND"), + null, resp); return; } @@ -766,100 +812,116 @@ public class ACLAdminServlet extends AdminServlet { mEvaluators.remove((Object) id); try { - IConfigStore destStore = mConfig.getSubStore(PROP_EVAL); - IConfigStore mStore = destStore - .getSubStore(ScopeDef.SC_ACL_IMPLS); + IConfigStore destStore = + mConfig.getSubStore(PROP_EVAL); + IConfigStore mStore = + destStore.getSubStore(ScopeDef.SC_ACL_IMPLS); mStore.removeSubStore(id); } catch (Exception eeee) { - // CMS.debugStackTrace(eeee); + //CMS.debugStackTrace(eeee); } // commiting try { mConfig.commit(true); } catch (Exception e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ACLS_SRVLT_FAIL_COMMIT")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ACLS_SRVLT_FAIL_COMMIT")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ACL, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ACL_COMMIT_FAIL"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_ACL_COMMIT_FAIL"), + null, resp); return; } // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ACL, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ACL, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ACL, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ACL, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ACL, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ACL, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ACL, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } - + /** * Searchs for certificate requests. */ - + /* - * private void getACLs(HttpServletRequest req, HttpServletResponse resp) - * throws ServletException, IOException, EBaseException { NameValuePairs - * params = new NameValuePairs(); ByteArrayOutputStream bos = new - * ByteArrayOutputStream(); ObjectOutputStream oos = new - * ObjectOutputStream(bos); String names = getParameter(req, - * Constants.PT_NAMES); StringTokenizer st = new StringTokenizer(names, - * ","); while (st.hasMoreTokens()) { String target = st.nextToken(); ACL - * acl = AccessManager.getInstance().getACL(target); oos.writeObject(acl); } - * // BASE64Encoder encoder = new BASE64Encoder(); // - * params.add(Constants.PT_ACLS, encoder.encodeBuffer(bos.toByteArray())); - * params.add(Constants.PT_ACLS, CMS.BtoA(bos.toByteArray())); - * sendResponse(SUCCESS, null, params, resp); } + private void getACLs(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException, + EBaseException { + NameValuePairs params = new NameValuePairs(); + ByteArrayOutputStream bos = new ByteArrayOutputStream(); + ObjectOutputStream oos = new ObjectOutputStream(bos); + String names = getParameter(req, Constants.PT_NAMES); + StringTokenizer st = new StringTokenizer(names, ","); + while (st.hasMoreTokens()) { + String target = st.nextToken(); + ACL acl = AccessManager.getInstance().getACL(target); + oos.writeObject(acl); + } + // BASE64Encoder encoder = new BASE64Encoder(); + // params.add(Constants.PT_ACLS, encoder.encodeBuffer(bos.toByteArray())); + params.add(Constants.PT_ACLS, CMS.BtoA(bos.toByteArray())); + sendResponse(SUCCESS, null, params, resp); + } */ private void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_ACLS, level, - "ACLAdminServlet: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_ACLS, + level, "ACLAdminServlet: " + msg); } -} +} + diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/AdminResources.java b/pki/base/common/src/com/netscape/cms/servlet/admin/AdminResources.java index 038355f0..2024e496 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/AdminResources.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/AdminResources.java @@ -17,11 +17,13 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.util.ListResourceBundle; + /** * A class represents a resource bundle for the remote admin. - * + * * @version $Revision$, $Date$ * @see java.util.ListResourceBundle */ @@ -35,7 +37,8 @@ public class AdminResources extends ListResourceBundle { } /** - * Constants. The suffix represents the number of possible parameters. + * Constants. The suffix represents the number of + * possible parameters. */ static final Object[][] contents = {}; } diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java index a6fb0bfd..08996734 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.ByteArrayOutputStream; import java.io.DataOutputStream; import java.io.IOException; @@ -55,27 +56,32 @@ import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; import com.netscape.cms.servlet.base.UserInfo; + /** - * A class represents an administration servlet that is responsible to serve - * administrative operation such as configuration parameter updates. - * - * Since each administration servlet needs to perform authentication information - * parsing and response formulation, it makes sense to encapsulate the + * A class represents an administration servlet that + * is responsible to serve administrative + * operation such as configuration parameter updates. + * + * Since each administration servlet needs to perform + * authentication information parsing and response + * formulation, it makes sense to encapsulate the * commonalities into this class. - * - * By extending this serlvet, the subclass does not need to re-implement the - * request parsing code (i.e. authentication information parsing). - * - * If a subsystem needs to expose configuration parameters management, it should - * create an administration servlet (i.e. CAAdminServlet) and register it to - * RemoteAdmin subsystem. - * + * + * By extending this serlvet, the subclass does not + * need to re-implement the request parsing code + * (i.e. authentication information parsing). + * + * If a subsystem needs to expose configuration + * parameters management, it should create an + * administration servlet (i.e. CAAdminServlet) + * and register it to RemoteAdmin subsystem. + * * <code> * public class CAAdminServlet extends AdminServlet { * ... * } * </code> - * + * * @version $Revision$, $Date$ */ public class AdminServlet extends HttpServlet { @@ -111,7 +117,8 @@ public class AdminServlet extends HttpServlet { public final static String AUTHZ_SRC_TYPE = "sourceType"; public final static String AUTHZ_SRC_LDAP = "ldap"; public final static String AUTHZ_SRC_XML = "web.xml"; - public static final String CERT_ATTR = "javax.servlet.request.X509Certificate"; + public static final String CERT_ATTR = + "javax.servlet.request.X509Certificate"; public final static String SIGNED_AUDIT_SCOPE = "Scope"; public final static String SIGNED_AUDIT_OPERATION = "Operation"; @@ -122,13 +129,20 @@ public class AdminServlet extends HttpServlet { public final static String SIGNED_AUDIT_NAME_VALUE_DELIMITER = ";;"; public final static String SIGNED_AUDIT_NAME_VALUE_PAIRS_DELIMITER = "+"; - private final static String LOGGING_SIGNED_AUDIT_AUTH_FAIL = "LOGGING_SIGNED_AUDIT_AUTH_FAIL_4"; - private final static String LOGGING_SIGNED_AUDIT_AUTH_SUCCESS = "LOGGING_SIGNED_AUDIT_AUTH_SUCCESS_3"; - private final static String LOGGING_SIGNED_AUDIT_AUTHZ_FAIL = "LOGGING_SIGNED_AUDIT_AUTHZ_FAIL_4"; - private final static String LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS = "LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS_4"; - private final static String LOGGING_SIGNED_AUDIT_ROLE_ASSUME = "LOGGING_SIGNED_AUDIT_ROLE_ASSUME_3"; - private final static String CERTUSERDB = IAuthSubsystem.CERTUSERDB_AUTHMGR_ID; - private final static String PASSWDUSERDB = IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID; + private final static String LOGGING_SIGNED_AUDIT_AUTH_FAIL = + "LOGGING_SIGNED_AUDIT_AUTH_FAIL_4"; + private final static String LOGGING_SIGNED_AUDIT_AUTH_SUCCESS = + "LOGGING_SIGNED_AUDIT_AUTH_SUCCESS_3"; + private final static String LOGGING_SIGNED_AUDIT_AUTHZ_FAIL = + "LOGGING_SIGNED_AUDIT_AUTHZ_FAIL_4"; + private final static String LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS = + "LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS_4"; + private final static String LOGGING_SIGNED_AUDIT_ROLE_ASSUME = + "LOGGING_SIGNED_AUDIT_ROLE_ASSUME_3"; + private final static String CERTUSERDB = + IAuthSubsystem.CERTUSERDB_AUTHMGR_ID; + private final static String PASSWDUSERDB = + IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID; /** * Constructs generic administration servlet. @@ -151,20 +165,18 @@ public class AdminServlet extends HttpServlet { srcType = authzConfig.getString(AUTHZ_SRC_TYPE, AUTHZ_SRC_LDAP); } catch (EBaseException e) { - CMS.debug("AdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_FAIL_SRC_TYPE")); + CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_FAIL_SRC_TYPE")); } - mAuthz = (IAuthzSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_AUTHZ); + mAuthz = + (IAuthzSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_AUTHZ); mServletID = getSCparam(sc, PROP_ID, "servlet id unknown"); - CMS.debug("AdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_AUTHZ_INITED", mServletID)); + CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_AUTHZ_INITED", mServletID)); if (srcType.equalsIgnoreCase(AUTHZ_SRC_XML)) { - CMS.debug("AdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_AUTHZ_INITED", "")); - // get authz mgr from xml file; if not specified, use - // ldap by default + CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_AUTHZ_INITED", "")); + // get authz mgr from xml file; if not specified, use + // ldap by default mAclMethod = getSCparam(sc, PROP_AUTHZ_MGR, AUTHZ_MGR_LDAP); if (mAclMethod.equalsIgnoreCase(AUTHZ_MGR_BASIC)) { @@ -173,79 +185,72 @@ public class AdminServlet extends HttpServlet { if (aclInfo != null) { try { addACLInfo(aclInfo); - // mAuthz.authzMgrAccessInit(mAclMethod, aclInfo); + //mAuthz.authzMgrAccessInit(mAclMethod, aclInfo); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTHZ_MGR_INIT_FAIL")); - throw new ServletException( - "failed to init authz info from xml config file"); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTHZ_MGR_INIT_FAIL")); + throw new ServletException("failed to init authz info from xml config file"); } - CMS.debug("AdminServlet: " - + CMS.getLogMessage( - "ADMIN_SRVLT_AUTHZ_MGR_INIT_DONE", - mServletID)); + CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_AUTHZ_MGR_INIT_DONE", mServletID)); } else { // PROP_AUTHZ_MGR not specified, use default authzmgr - CMS.debug("AdminServlet: " - + CMS.getLogMessage( - "ADMIN_SRVLT_PROP_ACL_NOT_SPEC", PROP_ACL, - mServletID, AUTHZ_MGR_LDAP)); + CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_PROP_ACL_NOT_SPEC", PROP_ACL, mServletID, AUTHZ_MGR_LDAP)); } } else { // PROP_AUTHZ_MGR not specified, use default authzmgr - CMS.debug("AdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_PROP_ACL_NOT_SPEC", - PROP_AUTHZ_MGR, mServletID, AUTHZ_MGR_LDAP)); + CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_PROP_ACL_NOT_SPEC", PROP_AUTHZ_MGR, mServletID, AUTHZ_MGR_LDAP)); } } else { mAclMethod = AUTHZ_MGR_LDAP; - CMS.debug("AdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_AUTH_LDAP_NOT_XML", - mServletID)); + CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_AUTH_LDAP_NOT_XML", mServletID)); } } - public void outputHttpParameters(HttpServletRequest httpReq) { + public void outputHttpParameters(HttpServletRequest httpReq) + { CMS.debug("AdminServlet:service() uri = " + httpReq.getRequestURI()); Enumeration paramNames = httpReq.getParameterNames(); while (paramNames.hasMoreElements()) { - String pn = (String) paramNames.nextElement(); + String pn = (String)paramNames.nextElement(); // added this facility so that password can be hidden, - // all sensitive parameters should be prefixed with + // all sensitive parameters should be prefixed with // __ (double underscores); however, in the event that // a security parameter slips through, we perform multiple // additional checks to insure that it is NOT displayed - if (pn.startsWith("__") || pn.endsWith("password") - || pn.endsWith("passwd") || pn.endsWith("pwd") - || pn.equalsIgnoreCase("admin_password_again") - || pn.equalsIgnoreCase("directoryManagerPwd") - || pn.equalsIgnoreCase("bindpassword") - || pn.equalsIgnoreCase("bindpwd") - || pn.equalsIgnoreCase("passwd") - || pn.equalsIgnoreCase("password") - || pn.equalsIgnoreCase("pin") || pn.equalsIgnoreCase("pwd") - || pn.equalsIgnoreCase("pwdagain") - || pn.equalsIgnoreCase("uPasswd")) { - CMS.debug("AdminServlet::service() param name='" + pn - + "' value='(sensitive)'"); + if( pn.startsWith("__") || + pn.endsWith("password") || + pn.endsWith("passwd") || + pn.endsWith("pwd") || + pn.equalsIgnoreCase("admin_password_again") || + pn.equalsIgnoreCase("directoryManagerPwd") || + pn.equalsIgnoreCase("bindpassword") || + pn.equalsIgnoreCase("bindpwd") || + pn.equalsIgnoreCase("passwd") || + pn.equalsIgnoreCase("password") || + pn.equalsIgnoreCase("pin") || + pn.equalsIgnoreCase("pwd") || + pn.equalsIgnoreCase("pwdagain") || + pn.equalsIgnoreCase("uPasswd") ) { + CMS.debug("AdminServlet::service() param name='" + pn + + "' value='(sensitive)'" ); } else { - CMS.debug("AdminServlet::service() param name='" + pn - + "' value='" + httpReq.getParameter(pn) + "'"); + CMS.debug("AdminServlet::service() param name='" + pn + + "' value='" + httpReq.getParameter(pn) + "'" ); } } } - + /** * Serves HTTP admin request. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { boolean running_state = CMS.isInRunningState(); if (!running_state) - throw new IOException("CMS server is not ready to serve."); + throw new IOException( + "CMS server is not ready to serve."); if (CMS.debugOn()) { - outputHttpParameters(req); + outputHttpParameters(req); } } @@ -269,21 +274,22 @@ public class AdminServlet extends HttpServlet { } /** - * Authenticates to the identity scope with the given userid and password - * via identity manager. + * Authenticates to the identity scope with the given + * userid and password via identity manager. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication - * fails (in case of SSL-client auth, only webserver env can pick up the SSL - * violation; CMS authMgr can pick up cert mis-match, so this event is used) - * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when - * authentication succeeded + * fails (in case of SSL-client auth, only webserver env can pick up the + * SSL violation; CMS authMgr can pick up cert mis-match, so this event + * is used) + * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication + * succeeded * </ul> - * * @exception IOException an input/output error has occurred */ - protected void authenticate(HttpServletRequest req) throws IOException { + protected void authenticate(HttpServletRequest req) throws + IOException { String auditMessage = null; String auditSubjectID = ILogger.UNIDENTIFIED; @@ -300,20 +306,22 @@ public class AdminServlet extends HttpServlet { } catch (EBaseException e) { // do nothing for now. } - IAuthSubsystem auth = (IAuthSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_AUTH); + IAuthSubsystem auth = (IAuthSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_AUTH); X509Certificate cert = null; if (authType.equals("sslclientauth")) { - X509Certificate[] allCerts = (X509Certificate[]) req - .getAttribute(CERT_ATTR); + X509Certificate[] allCerts = + (X509Certificate[]) req.getAttribute(CERT_ATTR); if (allCerts == null || allCerts.length == 0) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, - ILogger.UNIDENTIFIED, ILogger.FAILURE, CERTUSERDB, - auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + CERTUSERDB, + auditUID); audit(auditMessage); @@ -350,25 +358,25 @@ public class AdminServlet extends HttpServlet { String scope = req.getParameter(Constants.OP_SCOPE); String op = req.getParameter(Constants.OP_TYPE); - log(ILogger.LL_DEBUG, - CMS.getLogMessage("ADMIN_SRVLT_ABOUT_AUTH", mServletID)); + log(ILogger.LL_DEBUG, CMS.getLogMessage("ADMIN_SRVLT_ABOUT_AUTH", + mServletID)); try { if (authType.equals("sslclientauth")) { - IAuthManager authMgr = auth - .get(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID); - IAuthCredentials authCreds = getAuthCreds(authMgr, cert); + IAuthManager + authMgr = auth.get(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID); + IAuthCredentials authCreds = + getAuthCreds(authMgr, cert); token = (AuthToken) authMgr.authenticate(authCreds); } else { String authToken = req.getHeader(HDR_AUTHORIZATION); - String b64s = authToken.substring(authToken - .lastIndexOf(' ') + 1); - String authCode = new String( - com.netscape.osutil.OSUtil.AtoB(b64s)); + String b64s = authToken.substring( + authToken.lastIndexOf(' ') + 1); + String authCode = new String(com.netscape.osutil.OSUtil.AtoB(b64s)); String userid = authCode.substring(0, authCode.lastIndexOf(':')); - String password = authCode.substring(authCode - .lastIndexOf(':') + 1); + String password = authCode.substring( + authCode.lastIndexOf(':') + 1); AuthCredentials cred = new AuthCredentials(); // save the "userid" of this certificate in case it @@ -387,36 +395,40 @@ public class AdminServlet extends HttpServlet { cred.set("pwd", password); token = auth.authenticate(cred, - IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID); - CMS.debug("AdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FOR_SRVLT", - mServletID)); + IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID); + CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FOR_SRVLT", + mServletID)); } } catch (EBaseException e) { - // will fix it later for authorization + //will fix it later for authorization /* - * String errMsg = "authenticate(): " + - * AdminResources.SRVLT_FAIL_AUTHS +": "+userid +":"+ - * e.getMessage(); log(ILogger.LL_FAILURE, - * CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAIL", - * CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS"), - * userid,e.getMessage())); + String errMsg = "authenticate(): " + + AdminResources.SRVLT_FAIL_AUTHS +": "+userid +":"+ + e.getMessage(); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAIL", + CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS"), + userid,e.getMessage())); */ if (authType.equals("sslclientauth")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, - ILogger.UNIDENTIFIED, ILogger.FAILURE, CERTUSERDB, - auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + CERTUSERDB, + auditUID); audit(auditMessage); } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, - ILogger.UNIDENTIFIED, ILogger.FAILURE, - PASSWDUSERDB, auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + PASSWDUSERDB, + auditUID); audit(auditMessage); } @@ -428,24 +440,29 @@ public class AdminServlet extends HttpServlet { String tuserid = token.getInString("userid"); if (tuserid == null) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - ILogger.LL_FAILURE, CMS.getLogMessage( - "ADMIN_SRVLT_NO_AUTH_TOKEN", tuserid)); + mLogger.log( + ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_NO_AUTH_TOKEN", + tuserid)); if (authType.equals("sslclientauth")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, - ILogger.UNIDENTIFIED, ILogger.FAILURE, - CERTUSERDB, auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + CERTUSERDB, + auditUID); audit(auditMessage); } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, - ILogger.UNIDENTIFIED, ILogger.FAILURE, - PASSWDUSERDB, auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + PASSWDUSERDB, + auditUID); audit(auditMessage); } @@ -459,24 +476,29 @@ public class AdminServlet extends HttpServlet { IUser user = mUG.getUser(tuserid); if (user == null) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - ILogger.LL_FAILURE, CMS.getLogMessage( - "ADMIN_SRVLT_USER_NOT_FOUND", tuserid)); + mLogger.log( + ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_USER_NOT_FOUND", + tuserid)); if (authType.equals("sslclientauth")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, - ILogger.UNIDENTIFIED, ILogger.FAILURE, - CERTUSERDB, auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + CERTUSERDB, + auditUID); audit(auditMessage); } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, - ILogger.UNIDENTIFIED, ILogger.FAILURE, - PASSWDUSERDB, auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + PASSWDUSERDB, + auditUID); audit(auditMessage); } @@ -492,27 +514,27 @@ public class AdminServlet extends HttpServlet { sessionContext.put(SessionContext.USER_ID, tuserid); sessionContext.put(SessionContext.USER, user); } catch (EUsrGrpException e) { - mLogger.log( - ILogger.EV_SYSTEM, - ILogger.S_OTHER, - ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_USR_GRP_ERR", - e.toString())); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_USR_GRP_ERR", e.toString())); if (authType.equals("sslclientauth")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, - ILogger.UNIDENTIFIED, ILogger.FAILURE, CERTUSERDB, - auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + CERTUSERDB, + auditUID); audit(auditMessage); } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, - ILogger.UNIDENTIFIED, ILogger.FAILURE, - PASSWDUSERDB, auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + PASSWDUSERDB, + auditUID); audit(auditMessage); } @@ -520,23 +542,28 @@ public class AdminServlet extends HttpServlet { throw new IOException("authentication failed"); } catch (EBaseException e) { mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_ERROR", e.toString())); + ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_ERROR", + e.toString())); if (authType.equals("sslclientauth")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, - ILogger.UNIDENTIFIED, ILogger.FAILURE, CERTUSERDB, - auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + CERTUSERDB, + auditUID); audit(auditMessage); } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, - ILogger.UNIDENTIFIED, ILogger.FAILURE, - PASSWDUSERDB, auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + PASSWDUSERDB, + auditUID); audit(auditMessage); } @@ -552,15 +579,19 @@ public class AdminServlet extends HttpServlet { if (authType.equals("sslclientauth")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_SUCCESS, auditSubjectID(), - ILogger.SUCCESS, CERTUSERDB); + LOGGING_SIGNED_AUDIT_AUTH_SUCCESS, + auditSubjectID(), + ILogger.SUCCESS, + CERTUSERDB); audit(auditMessage); } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_SUCCESS, auditSubjectID(), - ILogger.SUCCESS, PASSWDUSERDB); + LOGGING_SIGNED_AUDIT_AUTH_SUCCESS, + auditSubjectID(), + ILogger.SUCCESS, + PASSWDUSERDB); audit(auditMessage); } @@ -568,15 +599,21 @@ public class AdminServlet extends HttpServlet { if (authType.equals("sslclientauth")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, ILogger.UNIDENTIFIED, - ILogger.FAILURE, CERTUSERDB, auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + CERTUSERDB, + auditUID); audit(auditMessage); } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTH_FAIL, ILogger.UNIDENTIFIED, - ILogger.FAILURE, PASSWDUSERDB, auditUID); + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + ILogger.UNIDENTIFIED, + ILogger.FAILURE, + PASSWDUSERDB, + auditUID); audit(auditMessage); } @@ -586,8 +623,9 @@ public class AdminServlet extends HttpServlet { } } - public static AuthCredentials getAuthCreds(IAuthManager authMgr, - X509Certificate clientCert) throws EBaseException { + public static AuthCredentials getAuthCreds( + IAuthManager authMgr, X509Certificate clientCert) + throws EBaseException { // get credentials from http parameters. String[] reqCreds = authMgr.getRequiredCreds(); AuthCredentials creds = new AuthCredentials(); @@ -597,7 +635,8 @@ public class AdminServlet extends HttpServlet { if (reqCred.equals(IAuthManager.CRED_SSL_CLIENT_CERT)) { // cert could be null; - creds.set(reqCred, new X509Certificate[] { clientCert }); + creds.set(reqCred, new X509Certificate[] { clientCert} + ); } } return creds; @@ -606,16 +645,15 @@ public class AdminServlet extends HttpServlet { /** * Authorize must occur after Authenticate * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization * has failed - * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when - * authorization is successful - * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes - * a role (in current CMS that's when one accesses a role port) + * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization + * is successful + * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a + * role (in current CMS that's when one accesses a role port) * </ul> - * * @param req HTTP servlet request * @return the authorization token */ @@ -633,79 +671,92 @@ public class AdminServlet extends HttpServlet { AuthzToken authzTok = null; - CMS.debug("AdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_CHECK_AUTHZ_AUTH", mServletID)); + CMS.debug("AdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CHECK_AUTHZ_AUTH", mServletID)); // hardcoded for now .. just testing try { // we check both "read" and "write" for now. later within - // each servlet, they can break it down - authzTok = mAuthz.authorize(mAclMethod, authToken, AUTHZ_RES_NAME, - mOp); + // each servlet, they can break it down + authzTok = mAuthz.authorize(mAclMethod, authToken, AUTHZ_RES_NAME, mOp); // initialize the ACL resource, overwriting "auditACLResource" // if it is not null - resource = (String) authzTok.get(AuthzToken.TOKEN_AUTHZ_RESOURCE); + resource = (String) + authzTok.get(AuthzToken.TOKEN_AUTHZ_RESOURCE); if (resource != null) { auditACLResource = resource.trim(); } // initialize the operation, overwriting "auditOperation" // if it is not null - operation = (String) authzTok.get(AuthzToken.TOKEN_AUTHZ_OPERATION); + operation = (String) + authzTok.get(AuthzToken.TOKEN_AUTHZ_OPERATION); if (operation != null) { auditOperation = operation.trim(); } CMS.debug(CMS.getLogMessage("ADMIN_SRVLT_AUTH_SUCCEED", mServletID)); } catch (EAuthzAccessDenied e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, - auditSubjectID, ILogger.FAILURE, auditACLResource, - auditOperation); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, + auditSubjectID, + ILogger.FAILURE, + auditACLResource, + auditOperation); audit(auditMessage); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_ROLE_ASSUME, - auditSubjectID, ILogger.FAILURE, - auditGroups(auditSubjectID)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_ROLE_ASSUME, + auditSubjectID, + ILogger.FAILURE, + auditGroups(auditSubjectID)); audit(auditMessage); return null; } catch (EBaseException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, - auditSubjectID, ILogger.FAILURE, auditACLResource, - auditOperation); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, + auditSubjectID, + ILogger.FAILURE, + auditACLResource, + auditOperation); audit(auditMessage); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_ROLE_ASSUME, - auditSubjectID, ILogger.FAILURE, - auditGroups(auditSubjectID)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_ROLE_ASSUME, + auditSubjectID, + ILogger.FAILURE, + auditGroups(auditSubjectID)); audit(auditMessage); return null; } catch (Exception e) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, - auditSubjectID, ILogger.FAILURE, auditACLResource, - auditOperation); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, + auditSubjectID, + ILogger.FAILURE, + auditACLResource, + auditOperation); audit(auditMessage); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_ROLE_ASSUME, - auditSubjectID, ILogger.FAILURE, - auditGroups(auditSubjectID)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_ROLE_ASSUME, + auditSubjectID, + ILogger.FAILURE, + auditGroups(auditSubjectID)); audit(auditMessage); @@ -713,15 +764,21 @@ public class AdminServlet extends HttpServlet { } // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS, - auditSubjectID, ILogger.SUCCESS, auditACLResource, - auditOperation); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS, + auditSubjectID, + ILogger.SUCCESS, + auditACLResource, + auditOperation); audit(auditMessage); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_ROLE_ASSUME, - auditSubjectID, ILogger.SUCCESS, auditGroups(auditSubjectID)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_ROLE_ASSUME, + auditSubjectID, + ILogger.SUCCESS, + auditGroups(auditSubjectID)); audit(auditMessage); @@ -740,7 +797,7 @@ public class AdminServlet extends HttpServlet { locale = Locale.getDefault(); } else { locale = new Locale(UserInfo.getUserLanguage(lang), - UserInfo.getUserCountry(lang)); + UserInfo.getUserCountry(lang)); } return locale; } @@ -751,14 +808,15 @@ public class AdminServlet extends HttpServlet { /** * Sends response. - * + * * @param returnCode return code * @param errorMsg localized error message * @param params result parameters * @param resp HTTP servlet response */ protected void sendResponse(int returnCode, String errorMsg, - NameValuePairs params, HttpServletResponse resp) throws IOException { + NameValuePairs params, HttpServletResponse resp) + throws IOException { ByteArrayOutputStream bos = new ByteArrayOutputStream(); DataOutputStream dos = new DataOutputStream(bos); @@ -774,10 +832,11 @@ public class AdminServlet extends HttpServlet { if (e.hasMoreElements()) { while (e.hasMoreElements()) { String name = (String) e.nextElement(); - String value = java.net.URLEncoder.encode((String) params - .getValue(name)); + String value = java.net.URLEncoder.encode((String) + params.getValue(name)); - buf.append(java.net.URLEncoder.encode(name) + "=" + value); + buf.append(java.net.URLEncoder.encode(name) + + "=" + value); if (e.hasMoreElements()) buf.append("&"); } @@ -820,24 +879,25 @@ public class AdminServlet extends HttpServlet { protected String getParameter(HttpServletRequest req, String name) { // Servlet framework already apply URLdecode - // return URLdecode(req.getParameter(name)); + // return URLdecode(req.getParameter(name)); return req.getParameter(name); } /** * Generic configuration store get operation. */ - protected synchronized void getConfig(IConfigStore config, - HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + protected synchronized void getConfig( + IConfigStore config, HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = req.getParameterNames(); while (e.hasMoreElements()) { String name = (String) e.nextElement(); - // if (name.equals(Constants.PT_OP)) - // continue; + //if (name.equals(Constants.PT_OP)) + // continue; if (name.equals(Constants.OP_TYPE)) continue; if (name.equals(Constants.RS_ID)) @@ -845,36 +905,38 @@ public class AdminServlet extends HttpServlet { if (name.equals(Constants.OP_SCOPE)) continue; - // System.out.println(name); - // System.out.println(name+","+config.getString(name)); + //System.out.println(name); + //System.out.println(name+","+config.getString(name)); params.add(name, config.getString(name)); } sendResponse(SUCCESS, null, params, resp); } /** - * Generic configuration store set operation. The caller is responsible to - * do validiation before calling this, and commit changes after this call. + * Generic configuration store set operation. + * The caller is responsible to do validiation before + * calling this, and commit changes after this call. */ - protected synchronized void setConfig(IConfigStore config, - HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + protected synchronized void setConfig( + IConfigStore config, HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = req.getParameterNames(); while (e.hasMoreElements()) { String name = (String) e.nextElement(); - // if (name.equals(Constants.PT_OP)) - // continue; + //if (name.equals(Constants.PT_OP)) + // continue; if (name.equals(Constants.OP_TYPE)) continue; if (name.equals(Constants.RS_ID)) continue; if (name.equals(Constants.OP_SCOPE)) continue; - // XXX Need validation... - // XXX what if update failed + // XXX Need validation... + // XXX what if update failed config.putString(name, req.getParameter(name)); } commit(true); @@ -884,9 +946,10 @@ public class AdminServlet extends HttpServlet { /** * Lists configuration store. */ - protected synchronized void listConfig(IConfigStore config, - HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + protected synchronized void listConfig( + IConfigStore config, HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration e = config.getPropertyNames(); NameValuePairs params = new NameValuePairs(); @@ -904,14 +967,14 @@ public class AdminServlet extends HttpServlet { public boolean authorize(IAuthToken token) throws EBaseException { String mGroupNames[] = { "Administrators" }; boolean mAnd = true; - + try { String userid = token.getInString("userid"); if (userid == null) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_GRP_AUTHZ_FAIL", userid)); + mLogger.log( + ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_GRP_AUTHZ_FAIL", userid)); return false; } @@ -920,9 +983,9 @@ public class AdminServlet extends HttpServlet { IUser user = mUG.getUser(userid); if (user == null) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_USER_NOT_IN_DB", userid)); + mLogger.log( + ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_USER_NOT_IN_DB", userid)); return false; } @@ -938,10 +1001,10 @@ public class AdminServlet extends HttpServlet { if (mAnd) { for (int i = 0; i < mGroupNames.length; i++) { if (!mUG.isMemberOf(user, mGroupNames[i])) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - ILogger.LL_FAILURE, CMS.getLogMessage( - "ADMIN_SRVLT_USER_NOT_IN_GRP", userid, - mGroupNames[i])); + mLogger.log( + ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_USER_NOT_IN_GRP", userid, + mGroupNames[i])); return false; } } @@ -949,10 +1012,10 @@ public class AdminServlet extends HttpServlet { } else { for (int i = 0; i < mGroupNames.length; i++) { if (mUG.isMemberOf(user, mGroupNames[i])) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - ILogger.LL_INFO, CMS.getLogMessage( - "ADMIN_SRVLT_GRP_AUTH_SUCC_USER", - userid, mGroupNames[i])); + mLogger.log(ILogger.EV_SYSTEM, + ILogger.S_OTHER, ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_GRP_AUTH_SUCC_USER", userid, + mGroupNames[i])); return true; } } @@ -964,25 +1027,24 @@ public class AdminServlet extends HttpServlet { groups.append(mGroupNames[j]); } mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - ILogger.LL_FAILURE, CMS.getLogMessage( - "ADMIN_SRVLT_USER_NOT_ANY_GRP", userid, - groups.toString())); + ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_USER_NOT_ANY_GRP", userid, groups.toString())); return false; } } catch (EUsrGrpException e) { mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_USR_GRP_ERR", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_USR_GRP_ERR", e.toString())); return false; } } /** * FileConfigStore functionality - * - * The original config file is moved to <filename>.<date>. Commits the - * current properties to the configuration file. + * + * The original config file is moved to <filename>.<date>. + * Commits the current properties to the configuration file. * <P> - * + * * @param createBackup true if a backup file should be created */ protected void commit(boolean createBackup) throws EBaseException { @@ -992,17 +1054,17 @@ public class AdminServlet extends HttpServlet { private void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_ADMIN, level, - "AdminServlet: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_ADMIN, + level, "AdminServlet: " + msg); } /** * Signed Audit Log - * - * This method is inherited by all extended admin servlets and is called to - * store messages to the signed audit log. + * + * This method is inherited by all extended admin servlets + * and is called to store messages to the signed audit log. * <P> - * + * * @param msg signed audit log message */ protected void audit(String msg) { @@ -1013,17 +1075,21 @@ public class AdminServlet extends HttpServlet { return; } - mSignedAuditLogger.log(ILogger.EV_SIGNED_AUDIT, null, - ILogger.S_SIGNED_AUDIT, ILogger.LL_SECURITY, msg); + mSignedAuditLogger.log(ILogger.EV_SIGNED_AUDIT, + null, + ILogger.S_SIGNED_AUDIT, + ILogger.LL_SECURITY, + msg); } /** * Signed Audit Log Subject ID - * - * This method is inherited by all extended "CMSServlet"s, and is called to - * obtain the "SubjectID" for a signed audit log message. + * + * This method is inherited by all extended "CMSServlet"s, + * and is called to obtain the "SubjectID" for + * a signed audit log message. * <P> - * + * * @return id string containing the signed audit log message SubjectID */ protected String auditSubjectID() { @@ -1038,7 +1104,8 @@ public class AdminServlet extends HttpServlet { SessionContext auditContext = SessionContext.getExistingContext(); if (auditContext != null) { - subjectID = (String) auditContext.get(SessionContext.USER_ID); + subjectID = (String) + auditContext.get(SessionContext.USER_ID); if (subjectID != null) { subjectID = subjectID.trim(); @@ -1054,13 +1121,13 @@ public class AdminServlet extends HttpServlet { /** * Signed Audit Parameters - * - * This method is inherited by all extended admin servlets and is called to - * extract parameters from the HttpServletRequest and return a string of - * name;;value pairs separated by a '+' if more than one name;;value pair - * exists. + * + * This method is inherited by all extended admin servlets and + * is called to extract parameters from the HttpServletRequest + * and return a string of name;;value pairs separated by a '+' + * if more than one name;;value pair exists. * <P> - * + * * @param req HTTP servlet request * @return a delimited string of one or more delimited name/value pairs */ @@ -1075,7 +1142,8 @@ public class AdminServlet extends HttpServlet { // always identify the scope of the request if (req.getParameter(Constants.OP_SCOPE) != null) { - parameters = SIGNED_AUDIT_SCOPE + SIGNED_AUDIT_NAME_VALUE_DELIMITER + parameters = SIGNED_AUDIT_SCOPE + + SIGNED_AUDIT_NAME_VALUE_DELIMITER + req.getParameter(Constants.OP_SCOPE); } @@ -1126,47 +1194,48 @@ public class AdminServlet extends HttpServlet { value = value.trim(); if (value.equals("")) { - parameters += name + SIGNED_AUDIT_NAME_VALUE_DELIMITER + parameters += name + + SIGNED_AUDIT_NAME_VALUE_DELIMITER + ILogger.SIGNED_AUDIT_EMPTY_VALUE; } else { // // To fix Blackflag Bug # 613800: // - // Check "com.netscape.certsrv.common.Constants" for - // case-insensitive "password", "pwd", and "passwd" - // name fields, and hide any password values: + // Check "com.netscape.certsrv.common.Constants" for + // case-insensitive "password", "pwd", and "passwd" + // name fields, and hide any password values: // - /* "password" */if (name.equals(Constants.PASSWORDTYPE) - || name.equals(Constants.TYPE_PASSWORD) - || name.equals(Constants.PR_USER_PASSWORD) - || name.equals(Constants.PT_OLD_PASSWORD) - || name.equals(Constants.PT_NEW_PASSWORD) - || name.equals(Constants.PT_DIST_STORE) - || name.equals(Constants.PT_DIST_EMAIL) - || - /* "pwd" */name.equals(Constants.PR_AUTH_ADMIN_PWD) - || - // ignore this one name.equals( - // Constants.PR_BINDPWD_PROMPT ) || - name.equals(Constants.PR_DIRECTORY_MANAGER_PWD) - || name.equals(Constants.PR_OLD_AGENT_PWD) - || name.equals(Constants.PR_AGENT_PWD) - || name.equals(Constants.PT_PUBLISH_PWD) || - /* "passwd" */name.equals(Constants.PR_BIND_PASSWD) - || name.equals(Constants.PR_BIND_PASSWD_AGAIN) - || name.equals(Constants.PR_TOKEN_PASSWD)) { + /* "password" */ if( name.equals( Constants.PASSWORDTYPE ) || + name.equals( Constants.TYPE_PASSWORD ) || + name.equals( Constants.PR_USER_PASSWORD ) || + name.equals( Constants.PT_OLD_PASSWORD ) || + name.equals( Constants.PT_NEW_PASSWORD ) || + name.equals( Constants.PT_DIST_STORE ) || + name.equals( Constants.PT_DIST_EMAIL ) || + /* "pwd" */ name.equals( Constants.PR_AUTH_ADMIN_PWD ) || + // ignore this one name.equals( Constants.PR_BINDPWD_PROMPT ) || + name.equals( Constants.PR_DIRECTORY_MANAGER_PWD ) || + name.equals( Constants.PR_OLD_AGENT_PWD ) || + name.equals( Constants.PR_AGENT_PWD ) || + name.equals( Constants.PT_PUBLISH_PWD ) || + /* "passwd" */ name.equals( Constants.PR_BIND_PASSWD ) || + name.equals( Constants.PR_BIND_PASSWD_AGAIN ) || + name.equals( Constants.PR_TOKEN_PASSWD ) ) { // hide password value - parameters += name + SIGNED_AUDIT_NAME_VALUE_DELIMITER - + SIGNED_AUDIT_PASSWORD_VALUE; + parameters += name + + SIGNED_AUDIT_NAME_VALUE_DELIMITER + + SIGNED_AUDIT_PASSWORD_VALUE; } else { // process normally - parameters += name + SIGNED_AUDIT_NAME_VALUE_DELIMITER - + value; + parameters += name + + SIGNED_AUDIT_NAME_VALUE_DELIMITER + + value; } } } else { - parameters += name + SIGNED_AUDIT_NAME_VALUE_DELIMITER + parameters += name + + SIGNED_AUDIT_NAME_VALUE_DELIMITER + ILogger.SIGNED_AUDIT_EMPTY_VALUE; } } @@ -1176,14 +1245,14 @@ public class AdminServlet extends HttpServlet { /** * Signed Audit Groups - * - * This method is called to extract all "groups" associated with the - * "auditSubjectID()". + * + * This method is called to extract all "groups" associated + * with the "auditSubjectID()". * <P> - * + * * @param SubjectID string containing the signed audit log message SubjectID - * @return a delimited string of groups associated with the - * "auditSubjectID()" + * @return a delimited string of groups associated + * with the "auditSubjectID()" */ private String auditGroups(String SubjectID) { // if no signed audit object exists, bail @@ -1191,7 +1260,8 @@ public class AdminServlet extends HttpServlet { return null; } - if ((SubjectID == null) || (SubjectID.equals(ILogger.UNIDENTIFIED))) { + if ((SubjectID == null) || + (SubjectID.equals(ILogger.UNIDENTIFIED))) { return ILogger.SIGNED_AUDIT_EMPTY_VALUE; } @@ -1209,7 +1279,7 @@ public class AdminServlet extends HttpServlet { IGroup group = (IGroup) groups.nextElement(); if (group.isMember(SubjectID) == true) { - if (membersString.length() != 0) { + if (membersString.length()!=0) { membersString.append(", "); } @@ -1217,7 +1287,7 @@ public class AdminServlet extends HttpServlet { } } - if (membersString.length() != 0) { + if (membersString.length()!= 0) { return membersString.toString(); } else { return ILogger.SIGNED_AUDIT_EMPTY_VALUE; @@ -1225,8 +1295,7 @@ public class AdminServlet extends HttpServlet { } protected NameValuePairs convertStringArrayToNVPairs(String[] s) { - if (s == null) - return null; + if (s == null) return null; NameValuePairs nvps = new NameValuePairs(); int i; @@ -1241,8 +1310,7 @@ public class AdminServlet extends HttpServlet { } - protected static IExtendedPluginInfo getClassByNameAsExtendedPluginInfo( - String className) { + protected static IExtendedPluginInfo getClassByNameAsExtendedPluginInfo(String className) { IExtendedPluginInfo epi = null; diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java index 9945171f..ff9b9911 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/AuthAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.util.Enumeration; import java.util.Locale; @@ -45,12 +46,13 @@ import com.netscape.certsrv.common.ScopeDef; import com.netscape.certsrv.ldap.ILdapAuthInfo; import com.netscape.certsrv.logging.ILogger; + /** - * A class representing an administration servlet for the Authentication - * Management subsystem. This servlet is responsible to serve configuration - * requests for the Auths Management subsystem. - * + * A class representing an administration servlet for the + * Authentication Management subsystem. This servlet is responsible + * to serve configuration requests for the Auths Management subsystem. * + * * @version $Revision$, $Date$ */ public class AuthAdminServlet extends AdminServlet { @@ -62,11 +64,13 @@ public class AuthAdminServlet extends AdminServlet { private final static String INFO = "AuthAdminServlet"; private IAuthSubsystem mAuths = null; - private final static String PW_PASSWORD_CACHE_ADD = "PASSWORD_CACHE_ADD"; + private final static String PW_PASSWORD_CACHE_ADD = + "PASSWORD_CACHE_ADD"; private final static String VIEW = ";" + Constants.VIEW; private final static String EDIT = ";" + Constants.EDIT; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_AUTH = "LOGGING_SIGNED_AUDIT_CONFIG_AUTH_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_AUTH = + "LOGGING_SIGNED_AUDIT_CONFIG_AUTH_3"; public AuthAdminServlet() { super(); @@ -84,19 +88,19 @@ public class AuthAdminServlet extends AdminServlet { /** * Returns serlvet information. */ - public String getServletInfo() { - return INFO; + public String getServletInfo() { + return INFO; } /** - * retrieve extended plugin info such as brief description, type info from - * policy, authentication, need to add: listener, mapper and publishing - * plugins --- same as policy, should we move this into - * extendedpluginhelper? + * retrieve extended plugin info such as brief description, type info + * from policy, authentication, + * need to add: listener, mapper and publishing plugins + * --- same as policy, should we move this into extendedpluginhelper? */ private void getExtendedPluginInfo(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); @@ -105,14 +109,13 @@ public class AuthAdminServlet extends AdminServlet { String implType = id.substring(0, colon); String implName = id.substring(colon + 1); - NameValuePairs params = getExtendedPluginInfo(getLocale(req), implType, - implName); + NameValuePairs params = + getExtendedPluginInfo(getLocale(req), implType, implName); sendResponse(SUCCESS, null, params, resp); } - private NameValuePairs getExtendedPluginInfo(Locale locale, - String implType, String implName) { + private NameValuePairs getExtendedPluginInfo(Locale locale, String implType, String implName) { IExtendedPluginInfo ext_info = null; Object impl = null; @@ -128,8 +131,7 @@ public class AuthAdminServlet extends AdminServlet { if (ext_info == null) { nvps = new NameValuePairs(); } else { - nvps = convertStringArrayToNVPairs(ext_info - .getExtendedPluginInfo(locale)); + nvps = convertStringArrayToNVPairs(ext_info.getExtendedPluginInfo(locale)); } return nvps; @@ -140,41 +142,42 @@ public class AuthAdminServlet extends AdminServlet { * Serves HTTP admin request. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); String scope = req.getParameter(Constants.OP_SCOPE); String op = req.getParameter(Constants.OP_TYPE); if (op == null) { - // System.out.println("SRVLT_INVALID_PROTOCOL"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); + //System.out.println("SRVLT_INVALID_PROTOCOL"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), + null, resp); return; } // if it is not authentication, that means it is for CSC admin ping. // the best way to do is to define another protocol for ping and move // it to the generic servlet which is admin servlet. - if (!op.equals(OpDef.OP_AUTH)) { + if (!op.equals(OpDef.OP_AUTH)) { if (scope.equals(ScopeDef.SC_AUTH)) { String id = req.getParameter(Constants.RS_ID); // for CSC admin ping only - if (op.equals(OpDef.OP_READ) - && id.equals(Constants.RS_ID_CONFIG)) { + if (op.equals(OpDef.OP_READ) && + id.equals(Constants.RS_ID_CONFIG)) { - // no need to authenticate this. if we're alive, return - // true. + // no need to authenticate this. if we're alive, return true. NameValuePairs params = new NameValuePairs(); params.add(Constants.PR_PING, Constants.TRUE); sendResponse(SUCCESS, null, params, resp); return; } else { - // System.out.println("SRVLT_INVALID_OP_TYPE"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), null, resp); + //System.out.println("SRVLT_INVALID_OP_TYPE"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), + null, resp); return; } } @@ -183,7 +186,7 @@ public class AuthAdminServlet extends AdminServlet { try { if (op.equals(OpDef.OP_AUTH)) { if (scope.equals(ScopeDef.SC_AUTHTYPE)) { - IConfigStore configStore = CMS.getConfigStore(); + IConfigStore configStore = CMS.getConfigStore(); String val = configStore.getString("authType", "pwd"); NameValuePairs params = new NameValuePairs(); @@ -193,11 +196,11 @@ public class AuthAdminServlet extends AdminServlet { } } } catch (Exception e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); + sendResponse(ERROR,CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHS_FAILED"), + null, resp); return; } - // for the rest + // for the rest try { super.authenticate(req); if (op.equals(OpDef.OP_AUTH)) { // for admin authentication only @@ -205,9 +208,9 @@ public class AuthAdminServlet extends AdminServlet { return; } } catch (IOException e) { - // System.out.println("SRVLT_FAIL_AUTHS"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_AUTHS"); + sendResponse(ERROR,CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHS_FAILED"), + null, resp); return; } @@ -219,24 +222,24 @@ public class AuthAdminServlet extends AdminServlet { try { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage( - getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } getExtendedPluginInfo(req, resp); return; } catch (EBaseException e) { - sendResponse(ERROR, e.toString(getLocale(req)), null, - resp); + sendResponse(ERROR, e.toString(getLocale(req)), null, resp); return; } } if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -246,15 +249,17 @@ public class AuthAdminServlet extends AdminServlet { listAuthMgrInsts(req, resp); return; } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -264,15 +269,17 @@ public class AuthAdminServlet extends AdminServlet { getInstConfig(req, resp); return; } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_ADD)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -282,15 +289,17 @@ public class AuthAdminServlet extends AdminServlet { addAuthMgrInst(req, resp, scope); return; } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_DELETE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_IMPLS)) { @@ -300,15 +309,17 @@ public class AuthAdminServlet extends AdminServlet { delAuthMgrInst(req, resp, scope); return; } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_AUTH_MGR_INSTANCE)) { @@ -316,17 +327,19 @@ public class AuthAdminServlet extends AdminServlet { return; } } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } - } + } } catch (EBaseException e) { sendResponse(ERROR, e.toString(getLocale(req)), null, resp); return; - } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_PERFORM_FAILED"), null, resp); + } + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_PERFORM_FAILED"), + null, resp); return; } @@ -343,23 +356,22 @@ public class AuthAdminServlet extends AdminServlet { /** * Add authentication manager plug-in * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addAuthMgrPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addAuthMgrPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -372,30 +384,33 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // is the manager id unique? if (mAuths.getPlugins().containsKey((Object) id)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - new EAuthException(CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)) - .toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)).toString(), + null, resp); return; } @@ -404,36 +419,39 @@ public class AuthAdminServlet extends AdminServlet { if (classPath == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_NULL_AUTHMGR_CLASSNAME"), null, - resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_NULL_AUTHMGR_CLASSNAME"), + null, resp); return; } - if (classPath - .equals("com.netscape.cmscore.authentication.PasswdUserDBAuthentication") - || classPath - .equals("com.netscape.cmscore.authentication.CertUserDBAuthentication")) { + if (classPath.equals("com.netscape.cmscore.authentication.PasswdUserDBAuthentication") || + classPath.equals("com.netscape.cmscore.authentication.CertUserDBAuthentication")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_BASE_PERMISSION_DENIED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); return; } - IConfigStore destStore = mConfig - .getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); // Does the class exist? Class newImpl = null; @@ -443,26 +461,30 @@ public class AuthAdminServlet extends AdminServlet { } catch (ClassNotFoundException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), null, - resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), + null, resp); return; } catch (IllegalArgumentException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), null, - resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_PLUGIN_NOT_FOUND"), + null, resp); return; } @@ -471,26 +493,31 @@ public class AuthAdminServlet extends AdminServlet { if (IAuthManager.class.isAssignableFrom(newImpl) == false) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_ILL_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_ILL_CLASS"), + null, resp); return; } - } catch (NullPointerException e) { // unlikely, only if newImpl - // null. + } catch (NullPointerException e) { // unlikely, only if newImpl null. // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_ILL_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_ILL_CLASS"), + null, resp); return; } @@ -504,14 +531,17 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -519,75 +549,80 @@ public class AuthAdminServlet extends AdminServlet { AuthMgrPlugin plugin = new AuthMgrPlugin(id, classPath); mAuths.getPlugins().put(id, plugin); - mAuths.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_PLUGIN_ADD", id)); + mAuths.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_PLUGIN_ADD", id)); NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Add authentication manager instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addAuthMgrInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addAuthMgrInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -600,13 +635,16 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -614,13 +652,16 @@ public class AuthAdminServlet extends AdminServlet { if (mAuths.getInstances().containsKey((Object) id)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_ILL_MGR_INST_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_ILL_MGR_INST_ID"), + null, resp); return; } @@ -632,41 +673,43 @@ public class AuthAdminServlet extends AdminServlet { if (implname == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_MISSING_PARAMS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_MISSING_PARAMS"), + null, resp); return; } // prevent agent & admin creation. - if (implname.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) - || implname.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (implname.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) || + implname.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); } // check if implementation exists. - AuthMgrPlugin plugin = (AuthMgrPlugin) mAuths.getPlugins().get( - implname); + AuthMgrPlugin plugin = + (AuthMgrPlugin) mAuths.getPlugins().get(implname); if (plugin == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - new EAuthMgrPluginNotFound(CMS.getUserMessage( - getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", - implname)).toString(), null, resp); + sendResponse(ERROR, + new EAuthMgrPluginNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", implname)).toString(), + null, resp); return; } @@ -675,9 +718,10 @@ public class AuthAdminServlet extends AdminServlet { // are there, but not checking the values are valid String[] configParams = mAuths.getConfigParams(implname); - IConfigStore destStore = mConfig - .getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); IConfigStore substore = instancesConfig.makeSubStore(id); if (configParams != null) { @@ -703,56 +747,52 @@ public class AuthAdminServlet extends AdminServlet { IAuthManager authMgrInst = null; try { - authMgrInst = (IAuthManager) Class.forName(className) - .newInstance(); + authMgrInst = (IAuthManager) Class.forName(className).newInstance(); } catch (ClassNotFoundException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // cleanup instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (InstantiationException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } @@ -762,8 +802,10 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -779,31 +821,37 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // clean up. instancesConfig.removeSubStore(id); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // inited and commited ok. now add manager instance to list. mAuths.add(id, authMgrInst); - mAuths.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_ADD", id)); + mAuths.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_ADD", id)); NameValuePairs params = new NameValuePairs(); params.add(Constants.PR_AUTH_IMPL_NAME, implname); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -811,8 +859,11 @@ public class AuthAdminServlet extends AdminServlet { return; } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -820,38 +871,42 @@ public class AuthAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } - private synchronized void listAuthMgrPlugins(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listAuthMgrPlugins(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = mAuths.getPlugins().keys(); while (e.hasMoreElements()) { String name = (String) e.nextElement(); - AuthMgrPlugin value = (AuthMgrPlugin) mAuths.getPlugins().get(name); + AuthMgrPlugin value = (AuthMgrPlugin) + mAuths.getPlugins().get(name); if (value.isVisible()) { params.add(name, value.getClassPath() + EDIT); @@ -861,16 +916,16 @@ public class AuthAdminServlet extends AdminServlet { return; } - private synchronized void listAuthMgrInsts(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listAuthMgrInsts(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); - for (Enumeration e = mAuths.getInstances().keys(); e.hasMoreElements();) { + for (Enumeration e = mAuths.getInstances().keys(); + e.hasMoreElements();) { String name = (String) e.nextElement(); - AuthManagerProxy proxy = (AuthManagerProxy) mAuths.getInstances() - .get(name); + AuthManagerProxy proxy = (AuthManagerProxy) mAuths.getInstances().get(name); IAuthManager value = proxy.getAuthManager(); String enableStr = "enabled"; @@ -878,12 +933,11 @@ public class AuthAdminServlet extends AdminServlet { enableStr = "disabled"; } - AuthMgrPlugin amgrplugin = (AuthMgrPlugin) mAuths.getPlugins().get( - value.getImplName()); + AuthMgrPlugin amgrplugin = (AuthMgrPlugin) + mAuths.getPlugins().get(value.getImplName()); if (!amgrplugin.isVisible()) { - params.add(name, value.getImplName() + ";invisible;" - + enableStr); + params.add(name, value.getImplName() + ";invisible;" + enableStr); } else { params.add(name, value.getImplName() + ";visible;" + enableStr); } @@ -895,22 +949,21 @@ public class AuthAdminServlet extends AdminServlet { /** * Delete authentication manager plug-in * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void delAuthMgrPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, + private synchronized void delAuthMgrPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, IOException, EBaseException { String auditMessage = null; @@ -925,69 +978,74 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // prevent deletion of admin and agent. - if (id.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) - || id.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (id.equals(IAuthSubsystem.PASSWDUSERDB_PLUGIN_ID) || + id.equals(IAuthSubsystem.CERTUSERDB_PLUGIN_ID)) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); } // does auth manager exist? if (mAuths.getPlugins().containsKey(id) == false) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - new EAuthMgrPluginNotFound(CMS.getUserMessage( - getLocale(req), - "CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)) - .toString(), null, resp); + sendResponse(ERROR, + new EAuthMgrPluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_AUTHENTICATION_DUP_MGR_PLUGIN_ID", id)).toString(), + null, resp); return; } // first check if any instances from this auth manager // DON'T remove auth manager if any instance - for (Enumeration e = mAuths.getInstances().keys(); e - .hasMoreElements();) { - IAuthManager authMgr = (IAuthManager) mAuths.get((String) e - .nextElement()); + for (Enumeration e = mAuths.getInstances().keys(); + e.hasMoreElements();) { + IAuthManager authMgr = (IAuthManager) mAuths.get((String) e.nextElement()); if (authMgr.getImplName() == id) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_MGR_IN_USE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_MGR_IN_USE"), + null, resp); return; } } - + // then delete this auth manager mAuths.getPlugins().remove((Object) id); - IConfigStore destStore = mConfig - .getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); instancesConfig.removeSubStore(id); // commiting @@ -996,79 +1054,87 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } } /** * Delete authentication manager instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void delAuthMgrInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, + private synchronized void delAuthMgrInst(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, IOException, EBaseException { String auditMessage = null; @@ -1083,52 +1149,56 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // prevent deletion of admin and agent. - if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) - || id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) || + id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); } // does auth manager instance exist? if (mAuths.getInstances().containsKey(id) == false) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)) - .toString(), null, resp); + sendResponse(ERROR, + new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)).toString(), + null, resp); return; } // only remove from memory // cannot shutdown because we don't keep track of whether it's - // being used. + // being used. IAuthManager mgrInst = (IAuthManager) mAuths.get(id); mAuths.getInstances().remove((Object) id); // remove the configuration. - IConfigStore destStore = mConfig - .getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); instancesConfig.removeSubStore(id); // commiting @@ -1137,85 +1207,96 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } - // This only works in the fact that we only support one instance per - // auth plugin. + //This only works in the fact that we only support one instance per + //auth plugin. ILdapAuthInfo authInfo = CMS.getLdapAuthInfo(); authInfo.removePassword("Rule " + id); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** - * used for getting the required configuration parameters (with possible - * default values) for a particular auth manager plugin implementation name - * specified in the RS_ID. Actually, there is no logic in here to set any - * default value here...there's no default value for any parameter in this - * authentication subsystem at this point. Later, if we do have one (or - * some), it can be added. The interface remains the same. + * used for getting the required configuration parameters (with + * possible default values) for a particular auth manager plugin + * implementation name specified in the RS_ID. Actually, there is + * no logic in here to set any default value here...there's no + * default value for any parameter in this authentication subsystem + * at this point. Later, if we do have one (or some), it can be + * added. The interface remains the same. */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String implname = req.getParameter(Constants.RS_ID); if (implname == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1233,26 +1314,25 @@ public class AuthAdminServlet extends AdminServlet { return; } - private synchronized void getInstConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getInstConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does auth manager instance exist? if (mAuths.getInstances().containsKey(id) == false) { - sendResponse( - ERROR, - new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)) - .toString(), null, resp); + sendResponse(ERROR, + new EAuthMgrNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", id)).toString(), + null, resp); return; } @@ -1281,29 +1361,29 @@ public class AuthAdminServlet extends AdminServlet { } /** - * Modify authentication manager instance This will actually create a new - * instance with new configuration parameters and replace the old instance - * if the new instance is created and initialized successfully. The old - * instance is left running, so this is very expensive. Restart of server - * recommended. + * Modify authentication manager instance + * This will actually create a new instance with new configuration + * parameters and replace the old instance if the new instance is + * created and initialized successfully. + * The old instance is left running, so this is very expensive. + * Restart of server recommended. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_AUTH used when configuring * authentication * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of this authentication - * manager's substore + * manager's substore * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modAuthMgrInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void modAuthMgrInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { // expensive operation. @@ -1318,37 +1398,41 @@ public class AuthAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // prevent modification of admin and agent. - if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) - || id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_BASE_PERMISSION_DENIED"), null, resp); + if (id.equals(IAuthSubsystem.PASSWDUSERDB_AUTHMGR_ID) || + id.equals(IAuthSubsystem.CERTUSERDB_AUTHMGR_ID)) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_BASE_PERMISSION_DENIED"), null, resp); } // Does the manager instance exist? if (!mAuths.getInstances().containsKey((Object) id)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - CMS.getUserMessage("CMS_AUTHENTICATION_MGR_IMPL_NOT_FOUND"), - null, resp); + sendResponse(ERROR, + CMS.getUserMessage("CMS_AUTHENTICATION_MGR_IMPL_NOT_FOUND"), + null, resp); return; } @@ -1358,42 +1442,43 @@ public class AuthAdminServlet extends AdminServlet { if (implname == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - CMS.getUserMessage("CMS_AUTHENTICATION_MISSING_PARAMS"), - null, resp); + sendResponse(ERROR, + CMS.getUserMessage("CMS_AUTHENTICATION_MISSING_PARAMS"), + null, resp); return; } - // get plugin for implementation - AuthMgrPlugin plugin = (AuthMgrPlugin) mAuths.getPlugins().get( - implname); + // get plugin for implementation + AuthMgrPlugin plugin = + (AuthMgrPlugin) mAuths.getPlugins().get(implname); if (plugin == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse( - ERROR, - new EAuthMgrPluginNotFound(CMS.getUserMessage( - getLocale(req), - "CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", - implname)).toString(), null, resp); + sendResponse(ERROR, + new EAuthMgrPluginNotFound(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_AUTHMGR_NOT_FOUND", implname)).toString(), + null, resp); return; } - // save old instance substore params in case new one fails. + // save old instance substore params in case new one fails. - IAuthManager oldinst = (IAuthManager) mAuths.get(id); + IAuthManager oldinst = + (IAuthManager) mAuths.get(id); IConfigStore oldConfig = oldinst.getConfigStore(); String[] oldConfigParms = oldinst.getConfigParams(); @@ -1401,7 +1486,7 @@ public class AuthAdminServlet extends AdminServlet { // implName is always required so always include it it. saveParams.add(IAuthSubsystem.PROP_PLUGIN, - (String) oldConfig.get(IAuthSubsystem.PROP_PLUGIN)); + (String) oldConfig.get(IAuthSubsystem.PROP_PLUGIN)); if (oldConfigParms != null) { for (int i = 0; i < oldConfigParms.length; i++) { String key = oldConfigParms[i]; @@ -1417,9 +1502,10 @@ public class AuthAdminServlet extends AdminServlet { // remove old substore. - IConfigStore destStore = mConfig - .getSubStore(DestDef.DEST_AUTH_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_AUTH_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); instancesConfig.removeSubStore(id); @@ -1447,56 +1533,52 @@ public class AuthAdminServlet extends AdminServlet { IAuthManager newMgrInst = null; try { - newMgrInst = (IAuthManager) Class.forName(className) - .newInstance(); + newMgrInst = (IAuthManager) Class.forName(className).newInstance(); } catch (ClassNotFoundException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // cleanup restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (InstantiationException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new EAuthException(CMS - .getUserMessage(getLocale(req), - "CMS_AUTHENTICATION_LOAD_CLASS_FAIL", - className)).toString(), null, resp); + sendResponse(ERROR, + new EAuthException(CMS.getUserMessage(getLocale(req),"CMS_AUTHENTICATION_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } @@ -1507,8 +1589,10 @@ public class AuthAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1518,22 +1602,25 @@ public class AuthAdminServlet extends AdminServlet { return; } - // initialized ok. commiting + // initialized ok. commiting try { mConfig.commit(true); } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_AUTH, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // clean up. restore(instancesConfig, id, saveParams); - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -1541,14 +1628,17 @@ public class AuthAdminServlet extends AdminServlet { mAuths.add(id, newMgrInst); - mAuths.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_REPL", id)); + mAuths.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_AUTH_MGR_REPL", id)); NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1556,8 +1646,11 @@ public class AuthAdminServlet extends AdminServlet { return; } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1565,31 +1658,34 @@ public class AuthAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_AUTH, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } // convenience routine. - private static void restore(IConfigStore store, String id, - NameValuePairs saveParams) { + private static void restore(IConfigStore store, + String id, NameValuePairs saveParams) { store.removeSubStore(id); IConfigStore rstore = store.makeSubStore(id); @@ -1599,7 +1695,7 @@ public class AuthAdminServlet extends AdminServlet { String key = (String) keys.nextElement(); String value = saveParams.getValue(key); - if (value != null) + if (value != null) rstore.put(key, value); } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/AuthCredentials.java b/pki/base/common/src/com/netscape/cms/servlet/admin/AuthCredentials.java index cca86dce..bfa9cccd 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/AuthCredentials.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/AuthCredentials.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.util.Enumeration; import java.util.Hashtable; @@ -24,10 +25,11 @@ import com.netscape.certsrv.authentication.IAuthCredentials; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.IArgBlock; + /** * Authentication Credentials as input to the authMgr * <P> - * + * * @version $Revision$, $Date$ */ public class AuthCredentials implements IAuthCredentials { @@ -36,23 +38,21 @@ public class AuthCredentials implements IAuthCredentials { */ private static final long serialVersionUID = -6938644716486895814L; private Hashtable authCreds = null; - // Inserted by bskim + // Inserted by bskim private IArgBlock argblk = null; - // Insert end - + public AuthCredentials() { authCreds = new Hashtable(); } /** * sets a credential with credential name and the credential - * * @param name credential name * @param cred credential * @exception com.netscape.certsrv.base.EBaseException NullPointerException */ - public void set(String name, Object cred) throws EBaseException { + public void set(String name, Object cred)throws EBaseException { if (cred == null) { throw new EBaseException("AuthCredentials.set()"); } @@ -62,8 +62,7 @@ public class AuthCredentials implements IAuthCredentials { /** * returns the credential to which the specified name is mapped in this - * credential set - * + * credential set * @param name credential name * @return the named authentication credential */ @@ -72,10 +71,9 @@ public class AuthCredentials implements IAuthCredentials { } /** - * removes the name and its corresponding credential from this credential - * set. This method does nothing if the named credential is not in the - * credential set. - * + * removes the name and its corresponding credential from this + * credential set. This method does nothing if the named + * credential is not in the credential set. * @param name credential name */ public void delete(String name) { @@ -83,27 +81,27 @@ public class AuthCredentials implements IAuthCredentials { } /** - * returns an enumeration of the credentials in this credential set. Use the - * Enumeration methods on the returned object to fetch the elements - * sequentially. - * + * returns an enumeration of the credentials in this credential + * set. Use the Enumeration methods on the returned object to + * fetch the elements sequentially. * @return an enumeration of the values in this credential set * @see java.util.Enumeration */ public Enumeration getElements() { return (authCreds.elements()); } - + // Inserted by bskim public void setArgBlock(IArgBlock blk) { argblk = blk; return; - } + } // Insert end - + public IArgBlock getArgBlock() { return argblk; - } + } // Insert end } + diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java index 483ebdac..1cd3240f 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.File; import java.io.IOException; import java.net.UnknownHostException; @@ -44,11 +45,13 @@ import com.netscape.certsrv.logging.ILogger; import com.netscape.certsrv.request.IRequestListener; import com.netscape.cmsutil.util.Utils; + /** - * A class representings an administration servlet for Certificate Authority. - * This servlet is responsible to serve CA administrative operations such as - * configuration parameter updates. - * + * A class representings an administration servlet for Certificate + * Authority. This servlet is responsible to serve CA + * administrative operations such as configuration parameter + * updates. + * * @version $Revision$, $Date$ */ public class CAAdminServlet extends AdminServlet { @@ -62,7 +65,8 @@ public class CAAdminServlet extends AdminServlet { private final static String INFO = "CAAdminServlet"; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE = "LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE = + "LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE_3"; private ICertificateAuthority mCA = null; protected static final String PROP_ENABLED = "enabled"; @@ -90,22 +94,22 @@ public class CAAdminServlet extends AdminServlet { } /** - * Serves HTTP request. Each request is authenticated to the authenticate - * manager. + * Serves HTTP request. Each request is authenticated to + * the authenticate manager. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); - - // get all operational flags + + //get all operational flags String op = req.getParameter(Constants.OP_TYPE); String scope = req.getParameter(Constants.OP_SCOPE); - // check operational flags + //check operational flags if ((op == null) || (scope == null)) { sendResponse(1, "Invalid Protocol", null, resp); return; - } + } super.authenticate(req); @@ -115,8 +119,9 @@ public class CAAdminServlet extends AdminServlet { try { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } getExtendedPluginInfo(req, resp); @@ -129,8 +134,9 @@ public class CAAdminServlet extends AdminServlet { if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GENERAL)) @@ -152,8 +158,9 @@ public class CAAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GENERAL)) @@ -164,9 +171,9 @@ public class CAAdminServlet extends AdminServlet { setCRLIPsConfig(req, resp); else if (scope.equals(ScopeDef.SC_CRL)) setCRLConfig(req, resp); - else if (scope.equals(ScopeDef.SC_NOTIFICATION_REQ_COMP)) + else if (scope.equals(ScopeDef.SC_NOTIFICATION_REQ_COMP)) setNotificationReqCompConfig(req, resp); - else if (scope.equals(ScopeDef.SC_NOTIFICATION_REV_COMP)) + else if (scope.equals(ScopeDef.SC_NOTIFICATION_REV_COMP)) setNotificationRevCompConfig(req, resp); else if (scope.equals(ScopeDef.SC_NOTIFICATION_RIQ)) setNotificationRIQConfig(req, resp); @@ -175,8 +182,9 @@ public class CAAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_CRLEXTS_RULES)) @@ -186,8 +194,9 @@ public class CAAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_ADD)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_CRLIPS)) @@ -195,8 +204,9 @@ public class CAAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_DELETE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_CRLIPS)) @@ -210,24 +220,23 @@ public class CAAdminServlet extends AdminServlet { } } - /* - * ========================================================== private - * methods========================================================== - */ - + /*========================================================== + * private methods + *==========================================================*/ + /* * handle request completion (cert issued) notification config requests */ private void getNotificationCompConfig(HttpServletRequest req, - HttpServletResponse resp, IConfigStore rc) throws ServletException, + HttpServletResponse resp, IConfigStore rc) throws ServletException, IOException, EBaseException { - + NameValuePairs params = new NameValuePairs(); Enumeration e = req.getParameterNames(); - + while (e.hasMoreElements()) { String name = (String) e.nextElement(); - + if (name.equals(Constants.OP_TYPE)) continue; if (name.equals(Constants.RS_ID)) @@ -238,35 +247,33 @@ public class CAAdminServlet extends AdminServlet { continue; params.add(name, rc.getString(name, "")); } - + params.add(Constants.PR_ENABLE, - rc.getString(PROP_ENABLED, Constants.FALSE)); + rc.getString(PROP_ENABLED, Constants.FALSE)); sendResponse(SUCCESS, null, params, resp); } - + private void getNotificationRevCompConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { - + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { + IConfigStore config = mCA.getConfigStore(); - IConfigStore nc = config - .getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore rc = nc - .getSubStore(ICertificateAuthority.PROP_CERT_REVOKED_SUBSTORE); - + IConfigStore nc = + config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore rc = nc.getSubStore(ICertificateAuthority.PROP_CERT_REVOKED_SUBSTORE); + getNotificationCompConfig(req, resp, rc); } - + private void getNotificationReqCompConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { - + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { + IConfigStore config = mCA.getConfigStore(); - IConfigStore nc = config - .getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore rc = nc - .getSubStore(ICertificateAuthority.PROP_CERT_ISSUED_SUBSTORE); - + IConfigStore nc = + config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore rc = nc.getSubStore(ICertificateAuthority.PROP_CERT_ISSUED_SUBSTORE); + getNotificationCompConfig(req, resp, rc); } @@ -274,17 +281,16 @@ public class CAAdminServlet extends AdminServlet { * handle getting request in queue notification config info */ private void getNotificationRIQConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); IConfigStore config = mCA.getConfigStore(); - IConfigStore nc = config - .getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore riq = nc - .getSubStore(ICertificateAuthority.PROP_REQ_IN_Q_SUBSTORE); + IConfigStore riq = nc.getSubStore(ICertificateAuthority.PROP_REQ_IN_Q_SUBSTORE); Enumeration e = req.getParameterNames(); @@ -302,8 +308,8 @@ public class CAAdminServlet extends AdminServlet { params.add(name, riq.getString(name, "")); } - params.add(Constants.PR_ENABLE, - riq.getString(PROP_ENABLED, Constants.FALSE)); + params.add(Constants.PR_ENABLE, + riq.getString(PROP_ENABLED, Constants.FALSE)); sendResponse(SUCCESS, null, params, resp); } @@ -311,16 +317,15 @@ public class CAAdminServlet extends AdminServlet { * handle setting request in queue notification config info */ private void setNotificationRIQConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore config = mCA.getConfigStore(); - IConfigStore nc = config - .getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore riq = nc - .getSubStore(ICertificateAuthority.PROP_REQ_IN_Q_SUBSTORE); + IConfigStore riq = nc.getSubStore(ICertificateAuthority.PROP_REQ_IN_Q_SUBSTORE); - // set rest of the parameters + //set rest of the parameters Enumeration e = req.getParameterNames(); while (e.hasMoreElements()) { @@ -341,15 +346,15 @@ public class CAAdminServlet extends AdminServlet { File template = new File(val); if ((!template.exists()) || (!template.canRead()) - || (template.isDirectory())) { - String error = "Template: " + val - + " does not exist or invalid"; + || (template.isDirectory())) { + String error = + "Template: " + val + " does not exist or invalid"; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_INVALID_PATH")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_INVALID_PATH")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PATH"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PATH"), + null, resp); return; } } @@ -372,11 +377,10 @@ public class CAAdminServlet extends AdminServlet { * handle setting request complete notification config info */ private void setNotificationCompConfig(HttpServletRequest req, - HttpServletResponse resp, IConfigStore rc, - IRequestListener thisListener) throws ServletException, + HttpServletResponse resp, IConfigStore rc, IRequestListener thisListener) throws ServletException, IOException, EBaseException { - - // set rest of the parameters + + //set rest of the parameters Enumeration e = req.getParameterNames(); while (e.hasMoreElements()) { @@ -397,15 +401,15 @@ public class CAAdminServlet extends AdminServlet { File template = new File(val); if ((!template.exists()) || (!template.canRead()) - || (template.isDirectory())) { - String error = "Template: " + val - + " does not exist or invalid"; + || (template.isDirectory())) { + String error = + "Template: " + val + " does not exist or invalid"; - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_INVALID_PATH")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_INVALID_PATH")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PATH"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PATH"), + null, resp); return; } } @@ -425,35 +429,33 @@ public class CAAdminServlet extends AdminServlet { } private void setNotificationRevCompConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore config = mCA.getConfigStore(); - IConfigStore nc = config - .getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore rc = nc - .getSubStore(ICertificateAuthority.PROP_CERT_REVOKED_SUBSTORE); + IConfigStore rc = nc.getSubStore(ICertificateAuthority.PROP_CERT_REVOKED_SUBSTORE); setNotificationCompConfig(req, resp, rc, mCA.getCertRevokedListener()); - } + } private void setNotificationReqCompConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore config = mCA.getConfigStore(); - IConfigStore nc = config - .getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore rc = nc - .getSubStore(ICertificateAuthority.PROP_CERT_ISSUED_SUBSTORE); + IConfigStore rc = nc.getSubStore(ICertificateAuthority.PROP_CERT_ISSUED_SUBSTORE); setNotificationCompConfig(req, resp, rc, mCA.getCertIssuedListener()); } private void listCRLIPsConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration ips = mCA.getCRLIssuingPoints(); @@ -466,17 +468,17 @@ public class CAAdminServlet extends AdminServlet { if (ipId != null && ipId.length() > 0) params.add(ipId, ip.getDescription()); - params.add(ipId + "." + Constants.PR_ENABLED, (Boolean - .valueOf(ip.isCRLIssuingPointEnabled())).toString()); + params.add(ipId + "." + Constants.PR_ENABLED, + (Boolean.valueOf(ip.isCRLIssuingPointEnabled())).toString()); } } - + sendResponse(SUCCESS, null, params, resp); } private void getCRLIPsConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String id = req.getParameter(Constants.RS_ID); @@ -516,12 +518,11 @@ public class CAAdminServlet extends AdminServlet { /** * Add CRL issuing points configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when * configuring CRL profile (extensions, frequency, CRL format) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred @@ -529,8 +530,8 @@ public class CAAdminServlet extends AdminServlet { * @exception EBaseException an error has occurred */ private void addCRLIPsConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -544,8 +545,10 @@ public class CAAdminServlet extends AdminServlet { if (ipId == null || ipId.length() == 0) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -559,8 +562,10 @@ public class CAAdminServlet extends AdminServlet { if (desc == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -572,16 +577,16 @@ public class CAAdminServlet extends AdminServlet { String sEnable = req.getParameter(Constants.PR_ENABLED); boolean enable = true; - if (sEnable != null && sEnable.length() > 0 - && sEnable.equalsIgnoreCase(Constants.FALSE)) { + if (sEnable != null && sEnable.length() > 0 && + sEnable.equalsIgnoreCase(Constants.FALSE)) { enable = false; params.add(Constants.PR_ENABLED, Constants.FALSE); } else { params.add(Constants.PR_ENABLED, Constants.TRUE); } - IConfigStore crlSubStore = mCA.getConfigStore().getSubStore( - ICertificateAuthority.PROP_CRL_SUBSTORE); + IConfigStore crlSubStore = + mCA.getConfigStore().getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); Enumeration crlNames = crlSubStore.getSubStoreNames(); while (crlNames.hasMoreElements()) { @@ -590,21 +595,24 @@ public class CAAdminServlet extends AdminServlet { if (ipId.equals(name)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, ipId + " CRL IP already exists", null, - resp); + sendResponse(ERROR, ipId + " CRL IP already exists", null, resp); return; } } if (!mCA.addCRLIssuingPoint(crlSubStore, ipId, enable, desc)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -615,8 +623,10 @@ public class CAAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -624,8 +634,10 @@ public class CAAdminServlet extends AdminServlet { } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -634,37 +646,38 @@ public class CAAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Set CRL issuing points configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when * configuring CRL profile (extensions, frequency, CRL format) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred @@ -672,8 +685,8 @@ public class CAAdminServlet extends AdminServlet { * @exception EBaseException an error has occurred */ private void setCRLIPsConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -687,8 +700,10 @@ public class CAAdminServlet extends AdminServlet { if (ipId == null || ipId.length() == 0) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -702,8 +717,10 @@ public class CAAdminServlet extends AdminServlet { if (desc == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -715,16 +732,16 @@ public class CAAdminServlet extends AdminServlet { String sEnable = req.getParameter(Constants.PR_ENABLED); boolean enable = true; - if (sEnable != null && sEnable.length() > 0 - && sEnable.equalsIgnoreCase(Constants.FALSE)) { + if (sEnable != null && sEnable.length() > 0 && + sEnable.equalsIgnoreCase(Constants.FALSE)) { enable = false; params.add(Constants.PR_ENABLED, Constants.FALSE); } else { params.add(Constants.PR_ENABLED, Constants.TRUE); } - IConfigStore crlSubStore = mCA.getConfigStore().getSubStore( - ICertificateAuthority.PROP_CRL_SUBSTORE); + IConfigStore crlSubStore = + mCA.getConfigStore().getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); boolean done = false; Enumeration crlNames = crlSubStore.getSubStoreNames(); @@ -742,8 +759,8 @@ public class CAAdminServlet extends AdminServlet { if (c != null) { c.putString(Constants.PR_DESCRIPTION, desc); - c.putString(Constants.PR_ENABLED, - (enable) ? Constants.TRUE : Constants.FALSE); + c.putString(Constants.PR_ENABLED, + (enable) ? Constants.TRUE : Constants.FALSE); } done = true; break; @@ -752,8 +769,10 @@ public class CAAdminServlet extends AdminServlet { if (!done) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -764,8 +783,10 @@ public class CAAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -773,8 +794,10 @@ public class CAAdminServlet extends AdminServlet { } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -783,37 +806,38 @@ public class CAAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Delete CRL issuing points configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when * configuring CRL profile (extensions, frequency, CRL format) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred @@ -821,8 +845,8 @@ public class CAAdminServlet extends AdminServlet { * @exception EBaseException an error has occurred */ private void deleteCRLIPsConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -834,8 +858,8 @@ public class CAAdminServlet extends AdminServlet { String id = req.getParameter(Constants.RS_ID); if (id != null && id.length() > 0) { - IConfigStore crlSubStore = mCA.getConfigStore().getSubStore( - ICertificateAuthority.PROP_CRL_SUBSTORE); + IConfigStore crlSubStore = + mCA.getConfigStore().getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); boolean done = false; Enumeration crlNames = crlSubStore.getSubStoreNames(); @@ -851,8 +875,10 @@ public class CAAdminServlet extends AdminServlet { if (!done) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -864,8 +890,10 @@ public class CAAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -873,8 +901,10 @@ public class CAAdminServlet extends AdminServlet { } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -883,31 +913,33 @@ public class CAAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } private void getCRLExtsConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String ipId = null; @@ -942,12 +974,11 @@ public class CAAdminServlet extends AdminServlet { /** * Delete CRL extensions configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when * configuring CRL profile (extensions, frequency, CRL format) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred @@ -955,8 +986,8 @@ public class CAAdminServlet extends AdminServlet { * @exception EBaseException an error has occurred */ private void setCRLExtsConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -975,11 +1006,11 @@ public class CAAdminServlet extends AdminServlet { ICMSCRLExtensions crlExts = ip.getCRLExtensions(); IConfigStore config = mCA.getConfigStore(); - IConfigStore crlsSubStore = config - .getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); + IConfigStore crlsSubStore = + config.getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); IConfigStore crlSubStore = crlsSubStore.getSubStore(ipId); - IConfigStore crlExtsSubStore = crlSubStore - .getSubStore(ICertificateAuthority.PROP_CRLEXT_SUBSTORE); + IConfigStore crlExtsSubStore = + crlSubStore.getSubStore(ICertificateAuthority.PROP_CRLEXT_SUBSTORE); String id = req.getParameter(Constants.RS_ID); @@ -1013,8 +1044,10 @@ public class CAAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1022,8 +1055,10 @@ public class CAAdminServlet extends AdminServlet { } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1032,31 +1067,33 @@ public class CAAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } private void listCRLExtsConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String id = req.getParameter(Constants.PR_ID); @@ -1066,11 +1103,9 @@ public class CAAdminServlet extends AdminServlet { } IConfigStore config = mCA.getConfigStore(); - IConfigStore crlsSubStore = config - .getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); + IConfigStore crlsSubStore = config.getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); IConfigStore crlSubStore = crlsSubStore.getSubStore(id); - IConfigStore crlExtsSubStore = crlSubStore - .getSubStore(ICertificateAuthority.PROP_CRLEXT_SUBSTORE); + IConfigStore crlExtsSubStore = crlSubStore.getSubStore(ICertificateAuthority.PROP_CRLEXT_SUBSTORE); if (crlExtsSubStore != null) { Enumeration enumExts = crlExtsSubStore.getSubStoreNames(); @@ -1078,8 +1113,7 @@ public class CAAdminServlet extends AdminServlet { while (enumExts.hasMoreElements()) { String extName = (String) enumExts.nextElement(); boolean crlExtEnabled = false; - IConfigStore crlExtSubStore = crlExtsSubStore - .getSubStore(extName); + IConfigStore crlExtSubStore = crlExtsSubStore.getSubStore(extName); Enumeration properties = crlExtSubStore.getPropertyNames(); while (properties.hasMoreElements()) { @@ -1089,35 +1123,33 @@ public class CAAdminServlet extends AdminServlet { crlExtEnabled = crlExtSubStore.getBoolean(name, false); } } - params.add(extName, extName + ";visible;" - + ((crlExtEnabled) ? "enabled" : "disabled")); + params.add(extName, extName + ";visible;" + ((crlExtEnabled) ? "enabled" : "disabled")); } } sendResponse(SUCCESS, null, params, resp); } - /** - * retrieve extended plugin info such as brief description, type info from - * CRL extensions + /** + * retrieve extended plugin info such as brief description, + * type info from CRL extensions */ private void getExtendedPluginInfo(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); int colon = id.indexOf(':'); String implType = id.substring(0, colon); String implName = id.substring(colon + 1); - NameValuePairs params = getExtendedPluginInfo(getLocale(req), implType, - implName); + NameValuePairs params = + getExtendedPluginInfo(getLocale(req), implType, implName); sendResponse(SUCCESS, null, params, resp); } - private NameValuePairs getExtendedPluginInfo(Locale locale, - String implType, String implName) { + private NameValuePairs getExtendedPluginInfo(Locale locale, String implType, String implName) { IExtendedPluginInfo ext_info = null; Object impl = null; @@ -1150,8 +1182,7 @@ public class CAAdminServlet extends AdminServlet { if (ext_info == null) { nvps = new NameValuePairs(); } else { - nvps = convertStringArrayToNVPairs(ext_info - .getExtendedPluginInfo(locale)); + nvps = convertStringArrayToNVPairs(ext_info.getExtendedPluginInfo(locale)); } return nvps; @@ -1160,12 +1191,11 @@ public class CAAdminServlet extends AdminServlet { /** * Set CRL configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when * configuring CRL profile (extensions, frequency, CRL format) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred @@ -1173,7 +1203,7 @@ public class CAAdminServlet extends AdminServlet { * @exception EBaseException an error has occurred */ private void setCRLConfig(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1184,19 +1214,18 @@ public class CAAdminServlet extends AdminServlet { String id = req.getParameter(Constants.RS_ID); - if (id == null || id.length() <= 0 - || id.equals(Constants.RS_ID_CONFIG)) { + if (id == null || id.length() <= 0 || + id.equals(Constants.RS_ID_CONFIG)) { id = ICertificateAuthority.PROP_MASTER_CRL; } ICRLIssuingPoint ip = mCA.getCRLIssuingPoint(id); - // Save New Settings to the config file + //Save New Settings to the config file IConfigStore config = mCA.getConfigStore(); - IConfigStore crlsSubStore = config - .getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); + IConfigStore crlsSubStore = config.getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); IConfigStore crlSubStore = crlsSubStore.getSubStore(id); - // set reset of the parameters + //set reset of the parameters Enumeration e = req.getParameterNames(); while (e.hasMoreElements()) { @@ -1221,8 +1250,10 @@ public class CAAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1233,8 +1264,10 @@ public class CAAdminServlet extends AdminServlet { } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1243,40 +1276,44 @@ public class CAAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } - private void getCRLConfig(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void getCRLConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String id = req.getParameter(Constants.RS_ID); - if (id == null || id.length() <= 0 || id.equals(Constants.RS_ID_CONFIG)) { + if (id == null || id.length() <= 0 || + id.equals(Constants.RS_ID_CONFIG)) { id = ICertificateAuthority.PROP_MASTER_CRL; } - IConfigStore crlsSubStore = mCA.getConfigStore().getSubStore( - ICertificateAuthority.PROP_CRL_SUBSTORE); + IConfigStore crlsSubStore = + mCA.getConfigStore().getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE); IConfigStore crlSubStore = crlsSubStore.getSubStore(id); Enumeration e = req.getParameterNames(); @@ -1298,10 +1335,10 @@ public class CAAdminServlet extends AdminServlet { getSigningAlgConfig(params); sendResponse(SUCCESS, null, params, resp); } - + private void getConnectorConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore caConfig = mCA.getConfigStore(); IConfigStore connectorConfig = caConfig.getSubStore("connector"); IConfigStore caConnectorConfig = null; @@ -1333,14 +1370,14 @@ public class CAAdminServlet extends AdminServlet { } private void setConnectorConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore caConfig = mCA.getConfigStore(); IConfigStore connectorConfig = caConfig.getSubStore("connector"); IConfigStore caConnectorConfig = null; - // String nickname = CMS.getServerCertNickname(); +// String nickname = CMS.getServerCertNickname(); if (isKRAConnector(req)) { caConnectorConfig = connectorConfig.getSubStore("KRA"); @@ -1360,17 +1397,17 @@ public class CAAdminServlet extends AdminServlet { continue; if (name.equals(Constants.OP_SCOPE)) continue; - /* - * if (name.equals("nickName")) { - * caConnectorConfig.putString(name, nickname); continue; } - */ +/* + if (name.equals("nickName")) { + caConnectorConfig.putString(name, nickname); + continue; + } +*/ if (name.equals("host")) { try { Utils.checkHost(req.getParameter("host")); } catch (UnknownHostException e) { - sendResponse(ERROR, - "Unknown Host " + req.getParameter("host"), - null, resp); + sendResponse(ERROR, "Unknown Host " + req.getParameter("host"), null, resp); return; } } @@ -1419,43 +1456,47 @@ public class CAAdminServlet extends AdminServlet { } private void getGeneralConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String value = "false"; /* - * ISubsystem eeGateway = - * SubsystemRegistry.getInstance().get("eeGateway"); if (eeGateway != - * null) { IConfigStore eeConfig = eeGateway.getConfigStore(); if - * (eeConfig != null) value = eeConfig.getString("enabled", "true"); - * String ocspValue = "true"; ocspValue = - * eeConfig.getString("enableOCSP", "true"); - * params.add(Constants.PR_OCSP_ENABLED, ocspValue); } - * params.add(Constants.PR_EE_ENABLED, value); + ISubsystem eeGateway = + SubsystemRegistry.getInstance().get("eeGateway"); + if (eeGateway != null) { + IConfigStore eeConfig = eeGateway.getConfigStore(); + if (eeConfig != null) + value = eeConfig.getString("enabled", "true"); + String ocspValue = "true"; + ocspValue = eeConfig.getString("enableOCSP", "true"); + params.add(Constants.PR_OCSP_ENABLED, ocspValue); + } + params.add(Constants.PR_EE_ENABLED, value); */ + IConfigStore caConfig = mCA.getConfigStore(); - value = caConfig.getString( - ICertificateAuthority.PROP_ENABLE_PAST_CATIME, "false"); + value = caConfig.getString(ICertificateAuthority.PROP_ENABLE_PAST_CATIME, "false"); params.add(Constants.PR_VALIDITY, value); getSigningAlgConfig(params); getSerialConfig(params); getMaxSerialConfig(params); - + sendResponse(SUCCESS, null, params, resp); } private void getSigningAlgConfig(NameValuePairs params) { - params.add(Constants.PR_DEFAULT_ALGORITHM, mCA.getDefaultAlgorithm()); + params.add(Constants.PR_DEFAULT_ALGORITHM, + mCA.getDefaultAlgorithm()); String[] algorithms = mCA.getCASigningAlgorithms(); StringBuffer algorStr = new StringBuffer(); for (int i = 0; i < algorithms.length; i++) { - if (i == 0) + if (i == 0) algorStr.append(algorithms[i]); else { algorStr.append(":"); @@ -1466,22 +1507,24 @@ public class CAAdminServlet extends AdminServlet { } private void getSerialConfig(NameValuePairs params) { - params.add(Constants.PR_SERIAL, mCA.getStartSerial()); + params.add(Constants.PR_SERIAL, + mCA.getStartSerial()); } private void getMaxSerialConfig(NameValuePairs params) { - params.add(Constants.PR_MAXSERIAL, mCA.getMaxSerial()); + params.add(Constants.PR_MAXSERIAL, + mCA.getMaxSerial()); } private void setGeneralConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { ISubsystem eeGateway = null; /* - * ISubsystem eeGateway = - * SubsystemRegistry.getInstance().get("eeGateway"); + ISubsystem eeGateway = + SubsystemRegistry.getInstance().get("eeGateway"); */ IConfigStore eeConfig = null; @@ -1490,7 +1533,7 @@ public class CAAdminServlet extends AdminServlet { Enumeration enum1 = req.getParameterNames(); boolean restart = false; - // mCA.setMaxSerial(""); + //mCA.setMaxSerial(""); while (enum1.hasMoreElements()) { String key = (String) enum1.nextElement(); String value = req.getParameter(key); @@ -1498,11 +1541,15 @@ public class CAAdminServlet extends AdminServlet { if (key.equals(Constants.PR_EE_ENABLED)) { /* - * if (eeConfig != null) { if - * (((EEGateway)eeGateway).isEnabled() && value.equals("false") - * || !((EEGateway)eeGateway).isEnabled() && - * value.equals("true")) { restart=true;; } - * eeConfig.putString("enabled", value); } + if (eeConfig != null) { + if (((EEGateway)eeGateway).isEnabled() && + value.equals("false") || + !((EEGateway)eeGateway).isEnabled() && + value.equals("true")) { + restart=true;; + } + eeConfig.putString("enabled", value); + } */ } else if (key.equals(Constants.PR_VALIDITY)) { mCA.setValidity(value); @@ -1523,21 +1570,23 @@ public class CAAdminServlet extends AdminServlet { } /** - * Retrieves configuration parameters of certificate authority. + * Retrieves configuration parameters of certificate + * authority. */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { // validate super.getConfig(mCA.getConfigStore(), req, resp); } /** - * Sets configuration parameters of certificate authority. + * Sets configuration parameters of certificate + * authority. */ - private synchronized void setConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void setConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { super.setConfig(mCA.getConfigStore(), req, resp); // XXX - commit changes } @@ -1545,18 +1594,19 @@ public class CAAdminServlet extends AdminServlet { /** * Lists configuration store parameters. */ - private synchronized void listConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { super.listConfig(mCA.getConfigStore(), req, resp); } /** - * Locks a request so that no one can modify it except owner. + * Locks a request so that no one can modify it except + * owner. */ - private synchronized void lockRequest(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void lockRequest(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); // XXX @@ -1564,11 +1614,12 @@ public class CAAdminServlet extends AdminServlet { } /** - * Locks certificate record so that no one can modify it except owner. + * Locks certificate record so that no one can + * modify it except owner. */ - private synchronized void lockCertRecord(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void lockCertRecord(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); sendResponse(SUCCESS, null, params, resp); @@ -1577,9 +1628,9 @@ public class CAAdminServlet extends AdminServlet { /** * Modifies a cert record. */ - private synchronized void modifyCertRecord(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void modifyCertRecord(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); // XXX @@ -1589,7 +1640,7 @@ public class CAAdminServlet extends AdminServlet { private void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER, level, - "CAAdminServlet: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER, + level, "CAAdminServlet: " + msg); } -} +} diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java index ba8aa448..f57d12e2 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.BufferedReader; import java.io.File; import java.io.FileInputStream; @@ -82,10 +83,11 @@ import com.netscape.cmsutil.util.Cert; import com.netscape.symkey.SessionKey; /** - * A class representings an administration servlet. This servlet is responsible - * to serve Certificate Server level administrative operations such as - * configuration parameter updates. - * + * A class representings an administration servlet. This + * servlet is responsible to serve Certificate Server + * level administrative operations such as configuration + * parameter updates. + * * @version $Revision$, $Date$ */ public final class CMSAdminServlet extends AdminServlet { @@ -106,11 +108,16 @@ public final class CMSAdminServlet extends AdminServlet { private ILogger mSignedAuditLogger = CMS.getSignedAuditLogger(); private final static byte EOL[] = { Character.LINE_SEPARATOR }; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION = "LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION_3"; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY = "LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY_3"; - private final static String LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC = "LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC_3"; - private final static String LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION = "LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION_2"; - private final static String LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION = "LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION = + "LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY = + "LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY_3"; + private final static String LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC = + "LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC_3"; + private final static String LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION = + "LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION_2"; + private final static String LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION = + "LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION_3"; // CMS must be instantiated before this admin servlet. @@ -139,13 +146,13 @@ public final class CMSAdminServlet extends AdminServlet { * Serves HTTP request. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); try { super.authenticate(req); } catch (IOException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHS_FAILED"), + null, resp); return; } @@ -157,8 +164,9 @@ public final class CMSAdminServlet extends AdminServlet { if (scope.equals(ScopeDef.SC_PLATFORM)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } getEnv(req, resp); @@ -167,8 +175,9 @@ public final class CMSAdminServlet extends AdminServlet { if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_LDAP)) @@ -190,13 +199,14 @@ public final class CMSAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_LDAP)) setDBConfig(req, resp); - else if (scope.equals(ScopeDef.SC_SMTP)) + else if (scope.equals(ScopeDef.SC_SMTP)) modifySMTPConfig(req, resp); else if (scope.equals(ScopeDef.SC_TASKS)) performTasks(req, resp); @@ -204,9 +214,9 @@ public final class CMSAdminServlet extends AdminServlet { modifyEncryption(req, resp); else if (scope.equals(ScopeDef.SC_ISSUE_IMPORT_CERT)) issueImportCert(req, resp); - else if (scope.equals(ScopeDef.SC_INSTALL_CERT)) + else if (scope.equals(ScopeDef.SC_INSTALL_CERT)) installCert(req, resp); - else if (scope.equals(ScopeDef.SC_IMPORT_CROSS_CERT)) + else if (scope.equals(ScopeDef.SC_IMPORT_CROSS_CERT)) importXCert(req, resp); else if (scope.equals(ScopeDef.SC_DELETE_CERTS)) deleteCerts(req, resp); @@ -219,8 +229,9 @@ public final class CMSAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_SUBSYSTEM)) @@ -229,31 +240,33 @@ public final class CMSAdminServlet extends AdminServlet { getCACerts(req, resp); else if (scope.equals(ScopeDef.SC_ALL_CERTLIST)) getAllCertsManage(req, resp); - else if (scope.equals(ScopeDef.SC_USERCERTSLIST)) + else if (scope.equals(ScopeDef.SC_USERCERTSLIST)) getUserCerts(req, resp); - else if (scope.equals(ScopeDef.SC_TKSKEYSLIST)) + else if (scope.equals(ScopeDef.SC_TKSKEYSLIST)) getTKSKeys(req, resp); - else if (scope.equals(ScopeDef.SC_TOKEN)) + else if (scope.equals(ScopeDef.SC_TOKEN)) getAllTokenNames(req, resp); else if (scope.equals(ScopeDef.SC_ROOTCERTSLIST)) getRootCerts(req, resp); } else if (op.equals(OpDef.OP_DELETE)) { mOp = "delete"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_ROOTCERTSLIST)) { deleteRootCert(req, resp); } else if (scope.equals(ScopeDef.SC_USERCERTSLIST)) { - deleteUserCert(req, resp); + deleteUserCert(req,resp); } } else if (op.equals(OpDef.OP_PROCESS)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_CERT_REQUEST)) @@ -270,13 +283,14 @@ public final class CMSAdminServlet extends AdminServlet { checkTokenStatus(req, resp); else if (scope.equals(ScopeDef.SC_SELFTESTS)) runSelfTestsOnDemand(req, resp); - else if (scope.equals(ScopeDef.SC_TKSKEYSLIST)) + else if (scope.equals(ScopeDef.SC_TKSKEYSLIST)) createMasterKey(req, resp); } else if (op.equals(OpDef.OP_VALIDATE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_SUBJECT_NAME)) @@ -289,7 +303,8 @@ public final class CMSAdminServlet extends AdminServlet { validateCurveName(req, resp); } } catch (EBaseException e) { - sendResponse(ERROR, e.toString(getLocale(req)), null, resp); + sendResponse(ERROR, e.toString(getLocale(req)), + null, resp); return; } catch (Exception e) { StringWriter sw = new StringWriter(); @@ -301,24 +316,25 @@ public final class CMSAdminServlet extends AdminServlet { } } - private void getEnv(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void getEnv(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); if (File.separator.equals("\\")) params.add(Constants.PR_NT, Constants.TRUE); else params.add(Constants.PR_NT, Constants.FALSE); - + sendResponse(SUCCESS, null, params, resp); } private void getAllTokenNames(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); NameValuePairs params = new NameValuePairs(); params.add(Constants.PR_TOKEN_LIST, jssSubSystem.getTokenList()); @@ -327,15 +343,15 @@ public final class CMSAdminServlet extends AdminServlet { } private void getAllNicknames(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); params.add(Constants.PR_ALL_NICKNAMES, jssSubSystem.getAllCerts()); - + sendResponse(SUCCESS, null, params, resp); } @@ -346,26 +362,27 @@ public final class CMSAdminServlet extends AdminServlet { String type = ""; ISubsystem sys = (ISubsystem) e.nextElement(); - // get subsystem type - if ((sys instanceof IKeyRecoveryAuthority) - && subsystem.equals("kra")) + //get subsystem type + if ((sys instanceof IKeyRecoveryAuthority) && + subsystem.equals("kra")) return true; - else if ((sys instanceof IRegistrationAuthority) - && subsystem.equals("ra")) + else if ((sys instanceof IRegistrationAuthority) && + subsystem.equals("ra")) return true; - else if ((sys instanceof ICertificateAuthority) - && subsystem.equals("ca")) + else if ((sys instanceof ICertificateAuthority) && + subsystem.equals("ca")) return true; - else if ((sys instanceof IOCSPAuthority) - && subsystem.equals("ocsp")) + else if ((sys instanceof IOCSPAuthority) && + subsystem.equals("ocsp")) return true; } return false; } - private void readEncryption(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void readEncryption(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration e = CMS.getSubsystems(); boolean isCAInstalled = false; @@ -378,7 +395,7 @@ public final class CMSAdminServlet extends AdminServlet { String type = ""; ISubsystem sys = (ISubsystem) e.nextElement(); - // get subsystem type + //get subsystem type if (sys instanceof IKeyRecoveryAuthority) isKRAInstalled = true; else if (sys instanceof IRegistrationAuthority) @@ -389,20 +406,19 @@ public final class CMSAdminServlet extends AdminServlet { isOCSPInstalled = true; else if (sys instanceof ITKSAuthority) isTKSInstalled = true; + + } - } - - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); String caTokenName = ""; NameValuePairs params = new NameValuePairs(); - params.add(Constants.PR_CIPHER_VERSION, jssSubSystem.getCipherVersion()); - params.add(Constants.PR_CIPHER_FORTEZZA, - jssSubSystem.isCipherFortezza()); - params.add(Constants.PR_CIPHER_PREF, - jssSubSystem.getCipherPreferences()); + params.add(Constants.PR_CIPHER_VERSION, + jssSubSystem.getCipherVersion()); + params.add(Constants.PR_CIPHER_FORTEZZA, jssSubSystem.isCipherFortezza()); + params.add(Constants.PR_CIPHER_PREF, jssSubSystem.getCipherPreferences()); String tokenList = jssSubSystem.getTokenList(); @@ -412,7 +428,7 @@ public final class CMSAdminServlet extends AdminServlet { while (tokenizer.hasMoreElements()) { String tokenName = (String) tokenizer.nextElement(); String certs = jssSubSystem.getCertListWithoutTokenName(tokenName); - + if (certs.equals("")) continue; if (tokenNewList.equals("")) @@ -426,8 +442,7 @@ public final class CMSAdminServlet extends AdminServlet { params.add(Constants.PR_TOKEN_LIST, tokenNewList); if (isCAInstalled) { - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); + ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_CA); ISigningUnit signingUnit = ca.getSigningUnit(); caTokenName = signingUnit.getTokenName(); @@ -437,31 +452,31 @@ public final class CMSAdminServlet extends AdminServlet { String caNickName = signingUnit.getNickname(); - // params.add(Constants.PR_CERT_CA, caTokenName+","+caNickName); + //params.add(Constants.PR_CERT_CA, caTokenName+","+caNickName); params.add(Constants.PR_CERT_CA, getCertNickname(caNickName)); } if (isRAInstalled) { - IRegistrationAuthority ra = (IRegistrationAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_RA); + IRegistrationAuthority ra = (IRegistrationAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_RA); String raNickname = ra.getNickname(); params.add(Constants.PR_CERT_RA, getCertNickname(raNickname)); } if (isKRAInstalled) { - IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_KRA); + IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_KRA); String kraNickname = kra.getNickname(); params.add(Constants.PR_CERT_TRANS, getCertNickname(kraNickname)); } if (isTKSInstalled) { - ITKSAuthority tks = (ITKSAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_TKS); + ITKSAuthority tks = (ITKSAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_TKS); } String nickName = CMS.getServerCertNickname(); - + params.add(Constants.PR_CERT_SERVER, getCertNickname(nickName)); sendResponse(SUCCESS, null, params, resp); @@ -503,19 +518,18 @@ public final class CMSAdminServlet extends AdminServlet { /** * Modify encryption configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION used when * configuring encryption (cert settings and SSL cipher preferences) * </ul> - * * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException failed to modify encryption configuration */ private void modifyEncryption(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -525,8 +539,8 @@ public final class CMSAdminServlet extends AdminServlet { try { Enumeration enum1 = req.getParameterNames(); NameValuePairs params = new NameValuePairs(); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); jssSubSystem.getInternalTokenName(); Enumeration e = CMS.getSubsystems(); @@ -540,7 +554,7 @@ public final class CMSAdminServlet extends AdminServlet { String type = ""; ISubsystem sys = (ISubsystem) e.nextElement(); - // get subsystem type + //get subsystem type if (sys instanceof IKeyRecoveryAuthority) isKRAInstalled = true; else if (sys instanceof IRegistrationAuthority) @@ -549,23 +563,21 @@ public final class CMSAdminServlet extends AdminServlet { isCAInstalled = true; else if (sys instanceof IOCSPAuthority) isOCSPInstalled = true; - else if (sys instanceof ITKSAuthority) + else if (sys instanceof ITKSAuthority) isTKSInstalled = true; } - ICertificateAuthority ca = null; + ICertificateAuthority ca = null; IRegistrationAuthority ra = null; IKeyRecoveryAuthority kra = null; - ITKSAuthority tks = null; + ITKSAuthority tks = null; if (isCAInstalled) ca = (ICertificateAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_CA); if (isRAInstalled) - ra = (IRegistrationAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_RA); + ra = (IRegistrationAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_RA); if (isKRAInstalled) - kra = (IKeyRecoveryAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_KRA); + kra = (IKeyRecoveryAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_KRA); if (isTKSInstalled) tks = (ITKSAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_TKS); @@ -581,20 +593,19 @@ public final class CMSAdminServlet extends AdminServlet { ISigningUnit signingUnit = ca.getSigningUnit(); if ((val != null) && (!val.equals(""))) { - StringTokenizer tokenizer = new StringTokenizer(val, - ","); + StringTokenizer tokenizer = new StringTokenizer(val, ","); if (tokenizer.countTokens() != 2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException( - CMS.getLogMessage("BASE_INVALID_UI_INFO")); + throw new EBaseException(CMS.getLogMessage("BASE_INVALID_UI_INFO")); } String tokenName = (String) tokenizer.nextElement(); @@ -612,14 +623,14 @@ public final class CMSAdminServlet extends AdminServlet { } else // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException( - CMS.getLogMessage("BASE_NOT_CA_CERT")); + throw new EBaseException(CMS.getLogMessage("BASE_NOT_CA_CERT")); } } else if (name.equals(Constants.PR_CERT_RA)) { if ((val != null) && (!val.equals(""))) { @@ -649,8 +660,10 @@ public final class CMSAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -659,8 +672,10 @@ public final class CMSAdminServlet extends AdminServlet { } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -669,26 +684,28 @@ public final class CMSAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; - // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); - // - // audit( auditMessage ); - // - // // rethrow the specific exception to be handled later - // throw eAudit3; - } + // } catch( ServletException eAudit3 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit3; + } } private String getCertConfigNickname(String val) throws EBaseException { @@ -710,9 +727,9 @@ public final class CMSAdminServlet extends AdminServlet { CMS.setServerCertNickname(nickName); /* - * RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance(); - * HTTPService httpsService = raAdmin.getHttpsService(); - * httpsService.setNickName(nickName); + RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance(); + HTTPService httpsService = raAdmin.getHttpsService(); + httpsService.setNickName(nickName); */ } @@ -720,9 +737,9 @@ public final class CMSAdminServlet extends AdminServlet { CMS.setServerCertNickname(nickName); /* - * AgentGateway gateway = (AgentGateway)mReg.get(AgentGateway.ID); - * HTTPService httpsService = gateway.getHttpsService(); - * httpsService.setNickName(nickName); + AgentGateway gateway = (AgentGateway)mReg.get(AgentGateway.ID); + HTTPService httpsService = gateway.getHttpsService(); + httpsService.setNickName(nickName); */ } @@ -730,9 +747,9 @@ public final class CMSAdminServlet extends AdminServlet { CMS.setServerCertNickname(nickName); /* - * HTTPSubsystem eeGateway = ra.getHTTPSubsystem(); HTTPService - * httpsService = eeGateway.getHttpsService(); - * httpsService.setNickName(nickName); + HTTPSubsystem eeGateway = ra.getHTTPSubsystem(); + HTTPService httpsService = eeGateway.getHttpsService(); + httpsService.setNickName(nickName); */ } @@ -740,30 +757,31 @@ public final class CMSAdminServlet extends AdminServlet { CMS.setServerCertNickname(nickName); /* - * HTTPSubsystem caGateway = ca.getHTTPSubsystem(); HTTPService - * httpsService = caGateway.getHttpsService(); - * httpsService.setNickName(nickName); + HTTPSubsystem caGateway = ca.getHTTPSubsystem(); + HTTPService httpsService = caGateway.getHttpsService(); + httpsService.setNickName(nickName); */ } /** * Performs Server Tasks: RESTART/STOP operation */ - private void performTasks(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void performTasks(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String restart = req.getParameter(Constants.PR_SERVER_RESTART); String stop = req.getParameter(Constants.PR_SERVER_STOP); NameValuePairs params = new NameValuePairs(); if (restart != null) { - // XXX Uncommented afetr watchdog is implemented + //XXX Uncommented afetr watchdog is implemented sendResponse(SUCCESS, null, params, resp); - // mServer.restart(); + //mServer.restart(); return; } if (stop != null) { - // XXX Send response first then shutdown + //XXX Send response first then shutdown sendResponse(SUCCESS, null, params, resp); CMS.shutdown(); return; @@ -776,8 +794,9 @@ public final class CMSAdminServlet extends AdminServlet { /** * Reads subsystems that server has loaded with. */ - private void readSubsystem(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void readSubsystem(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = CMS.getSubsystems(); StringBuffer buff = new StringBuffer(); @@ -786,7 +805,7 @@ public final class CMSAdminServlet extends AdminServlet { String type = ""; ISubsystem sys = (ISubsystem) e.nextElement(); - // get subsystem type + //get subsystem type if (sys instanceof IKeyRecoveryAuthority) type = Constants.PR_KRA_INSTANCE; if (sys instanceof IRegistrationAuthority) @@ -795,7 +814,7 @@ public final class CMSAdminServlet extends AdminServlet { type = Constants.PR_CA_INSTANCE; if (sys instanceof IOCSPAuthority) type = Constants.PR_OCSP_INSTANCE; - if (sys instanceof ITKSAuthority) + if (sys instanceof ITKSAuthority) type = Constants.PR_TKS_INSTANCE; if (!type.trim().equals("")) params.add(sys.getId(), type); @@ -807,13 +826,13 @@ public final class CMSAdminServlet extends AdminServlet { /** * Reads server statistics. */ - private void readStat(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void readStat(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); IConfigStore cs = CMS.getConfigStore(); try { - String installdate = cs - .getString(Constants.PR_STAT_INSTALLDATE, ""); + String installdate = cs.getString(Constants.PR_STAT_INSTALLDATE, ""); params.add(Constants.PR_STAT_INSTALLDATE, installdate); } catch (Exception e) { } @@ -831,9 +850,9 @@ public final class CMSAdminServlet extends AdminServlet { } params.add(Constants.PR_STAT_STARTUP, - (new Date(CMS.getStartupTime())).toString()); + (new Date(CMS.getStartupTime())).toString()); params.add(Constants.PR_STAT_TIME, - (new Date(System.currentTimeMillis())).toString()); + (new Date(System.currentTimeMillis())).toString()); sendResponse(SUCCESS, null, params, resp); } @@ -841,105 +860,127 @@ public final class CMSAdminServlet extends AdminServlet { * Modifies network information. */ private void modifyNetworkConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { /* - * HTTPSubsystem eeGateway = (HTTPSubsystem) - * SubsystemRegistry.getInstance().get("eeGateway"); RemoteAdmin raAdmin - * = (RemoteAdmin)RemoteAdmin.getInstance(); AgentGateway agent = - * (AgentGateway)mReg.get(AgentGateway.ID); - * - * Enumeration enum1 = req.getParameterNames(); - * - * String eeHTTPportString = null; String eeHTTPSportString = null; - * String agentHTTPSportString = null; String radminHTTPSportString = - * null; - * - * String gatewayBacklog = "15"; - * - * // eeHTTPEnabled corresponds to the checkbox which enables the // - * HTTP EE port String eeHTTPEnabled = Constants.FALSE; - * - * while (enum1.hasMoreElements()) { String key = - * (String)enum1.nextElement(); String value = - * (String)req.getParameter(key); - * - * if (key.equals(Constants.PR_AGENT_S_BACKLOG)) { - * agent.setHTTPSBacklog(value); } else if - * (key.equals(Constants.PR_GATEWAY_S_BACKLOG)) { - * eeGateway.setHTTPSBacklog(value); } else if - * (key.equals(Constants.PR_ADMIN_S_BACKLOG)) { - * raAdmin.setHTTPSBacklog(value); } else if - * (key.equals(Constants.PR_GATEWAY_BACKLOG)) { gatewayBacklog = value; - * } else if (key.equals(Constants.PR_GATEWAY_PORT_ENABLED)) { - * eeHTTPEnabled = value; } } - * - * - * eeHTTPportString = req.getParameter(Constants.PR_GATEWAY_PORT); - * eeHTTPSportString = req.getParameter(Constants.PR_GATEWAY_S_PORT); - * agentHTTPSportString= req.getParameter(Constants.PR_AGENT_S_PORT); - * radminHTTPSportString= req.getParameter(Constants.PR_ADMIN_S_PORT); - * - * - * int eeHTTPport=0; int eeHTTPSport=0; int agentHTTPSport=0; int - * radminHTTPSport=0; if (eeHTTPportString != null) eeHTTPport = - * Integer.parseInt(eeHTTPportString); if (eeHTTPSportString != null) - * eeHTTPSport = Integer.parseInt(eeHTTPSportString); if - * (agentHTTPSportString != null) agentHTTPSport = - * Integer.parseInt(agentHTTPSportString); if (radminHTTPSportString != - * null) radminHTTPSport = Integer.parseInt(radminHTTPSportString); - * - * - * String portName=""; int portnum; try { - * - * // EE HTTP is special, since it has it's own checkbox for - * enabling/disabling if (eeHTTPEnabled.equals(Constants.TRUE) && - * eeHTTPport != 0 && eeHTTPport != eeGateway.getHTTPPort()) { portName - * = "End-entity"; checkPortAvailable(eeHTTPport); } - * - * if (eeHTTPSport != 0 && eeHTTPSport != eeGateway.getHTTPSPort()) { - * portName = "SSL End-entity"; checkPortAvailable(eeHTTPSport); } if - * (agentHTTPSport != 0 && agentHTTPSport != agent.getHTTPSPort()) { - * portName = "Agent"; checkPortAvailable(agentHTTPSport); } if - * (radminHTTPSport != 0 && radminHTTPSport != raAdmin.getHTTPSPort()) { - * portName = "Remote Admin"; checkPortAvailable(radminHTTPSport); } - * - * // If any of the above ports are not available, an exception // will - * be thrown and these methods below will not be called - * - * if (eeHTTPEnabled.equals(Constants.TRUE)) { - * eeGateway.setHTTPPort(eeHTTPport); } - * eeGateway.setHTTPSPort(eeHTTPSport); - * agent.setHTTPSPort(agentHTTPSport); - * raAdmin.setHTTPSPort(radminHTTPSport); - * - * } catch (IOException e) { // send 'port in use' error - * sendResponse(ERROR, portName+" "+e.getMessage(), null, resp); // we - * do not want to save the config in this case return; } - * - * eeGateway.setHTTPBacklog(gatewayBacklog); - * eeGateway.setHTTPPortEnable(eeHTTPEnabled); - * - * mConfig.commit(true); sendResponse(RESTART, null, null, resp); - */ + HTTPSubsystem eeGateway = (HTTPSubsystem) + SubsystemRegistry.getInstance().get("eeGateway"); + RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance(); + AgentGateway agent = (AgentGateway)mReg.get(AgentGateway.ID); + + Enumeration enum1 = req.getParameterNames(); + + String eeHTTPportString = null; + String eeHTTPSportString = null; + String agentHTTPSportString = null; + String radminHTTPSportString = null; + + String gatewayBacklog = "15"; + + // eeHTTPEnabled corresponds to the checkbox which enables the + // HTTP EE port + String eeHTTPEnabled = Constants.FALSE; + + while (enum1.hasMoreElements()) { + String key = (String)enum1.nextElement(); + String value = (String)req.getParameter(key); + + if (key.equals(Constants.PR_AGENT_S_BACKLOG)) { + agent.setHTTPSBacklog(value); + } else if (key.equals(Constants.PR_GATEWAY_S_BACKLOG)) { + eeGateway.setHTTPSBacklog(value); + } else if (key.equals(Constants.PR_ADMIN_S_BACKLOG)) { + raAdmin.setHTTPSBacklog(value); + } else if (key.equals(Constants.PR_GATEWAY_BACKLOG)) { + gatewayBacklog = value; + } else if (key.equals(Constants.PR_GATEWAY_PORT_ENABLED)) { + eeHTTPEnabled = value; + } + } + + + eeHTTPportString = req.getParameter(Constants.PR_GATEWAY_PORT); + eeHTTPSportString = req.getParameter(Constants.PR_GATEWAY_S_PORT); + agentHTTPSportString= req.getParameter(Constants.PR_AGENT_S_PORT); + radminHTTPSportString= req.getParameter(Constants.PR_ADMIN_S_PORT); + + + int eeHTTPport=0; + int eeHTTPSport=0; + int agentHTTPSport=0; + int radminHTTPSport=0; + if (eeHTTPportString != null) eeHTTPport = Integer.parseInt(eeHTTPportString); + if (eeHTTPSportString != null) eeHTTPSport = Integer.parseInt(eeHTTPSportString); + if (agentHTTPSportString != null) agentHTTPSport = Integer.parseInt(agentHTTPSportString); + if (radminHTTPSportString != null) radminHTTPSport = Integer.parseInt(radminHTTPSportString); + + + String portName=""; + int portnum; + try { + + // EE HTTP is special, since it has it's own checkbox for enabling/disabling + if (eeHTTPEnabled.equals(Constants.TRUE) && + eeHTTPport != 0 && + eeHTTPport != eeGateway.getHTTPPort()) + { + portName = "End-entity"; + checkPortAvailable(eeHTTPport); + } + + if (eeHTTPSport != 0 && eeHTTPSport != eeGateway.getHTTPSPort()) { + portName = "SSL End-entity"; + checkPortAvailable(eeHTTPSport); + } + if (agentHTTPSport != 0 && agentHTTPSport != agent.getHTTPSPort()) { + portName = "Agent"; + checkPortAvailable(agentHTTPSport); + } + if (radminHTTPSport != 0 && radminHTTPSport != raAdmin.getHTTPSPort()) { + portName = "Remote Admin"; + checkPortAvailable(radminHTTPSport); + } + + // If any of the above ports are not available, an exception + // will be thrown and these methods below will not be called + + if (eeHTTPEnabled.equals(Constants.TRUE)) { + eeGateway.setHTTPPort(eeHTTPport); + } + eeGateway.setHTTPSPort(eeHTTPSport); + agent.setHTTPSPort(agentHTTPSport); + raAdmin.setHTTPSPort(radminHTTPSport); + + } catch (IOException e) { + // send 'port in use' error + sendResponse(ERROR, portName+" "+e.getMessage(), null, resp); + // we do not want to save the config in this case + return; + } + + eeGateway.setHTTPBacklog(gatewayBacklog); + eeGateway.setHTTPPortEnable(eeHTTPEnabled); + + mConfig.commit(true); + sendResponse(RESTART, null, null, resp); + */ } /** * Check if the port is available for binding. - * * @throws IOException if not available */ - private void checkPortAvailable(int port) throws IOException { + private void checkPortAvailable(int port) + throws IOException { try { // see if the port is being used by somebody else ServerSocket ss = new ServerSocket(port); ss.close(); } catch (Exception e) { - throw new IOException("port " + port - + " is in use. Please select another port"); + throw new IOException("port " + port + " is in use. Please select another port"); } } @@ -947,8 +988,8 @@ public final class CMSAdminServlet extends AdminServlet { * Reads network information. */ private void readNetworkConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); @@ -959,52 +1000,58 @@ public final class CMSAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, params, resp); } - private void getEENetworkConfig(NameValuePairs params) - throws EBaseException { + private void getEENetworkConfig(NameValuePairs params) + throws EBaseException { /* - * HTTPSubsystem eeGateway = (HTTPSubsystem)mReg.get("eeGateway"); if - * (eeGateway == null) { // i.e. standalone DRM - * params.add(Constants.PR_GATEWAY_S_PORT, "-1"); - * params.add(Constants.PR_GATEWAY_PORT, "-1"); - * params.add(Constants.PR_GATEWAY_S_BACKLOG, "-1"); - * params.add(Constants.PR_GATEWAY_BACKLOG,"-1"); - * params.add(Constants.PR_GATEWAY_PORT_ENABLED,"false"); } else { - * params.add(Constants.PR_GATEWAY_S_PORT, ""+eeGateway.getHTTPSPort()); - * params.add(Constants.PR_GATEWAY_PORT, ""+eeGateway.getHTTPPort()); - * params.add(Constants.PR_GATEWAY_S_BACKLOG, - * ""+eeGateway.getHTTPBacklog()); - * params.add(Constants.PR_GATEWAY_BACKLOG, - * ""+eeGateway.getHTTPSBacklog()); - * params.add(Constants.PR_GATEWAY_PORT_ENABLED, - * eeGateway.getHTTPPortEnable()); } - */ + HTTPSubsystem eeGateway = + (HTTPSubsystem)mReg.get("eeGateway"); + if (eeGateway == null) { + // i.e. standalone DRM + params.add(Constants.PR_GATEWAY_S_PORT, "-1"); + params.add(Constants.PR_GATEWAY_PORT, "-1"); + params.add(Constants.PR_GATEWAY_S_BACKLOG, "-1"); + params.add(Constants.PR_GATEWAY_BACKLOG,"-1"); + params.add(Constants.PR_GATEWAY_PORT_ENABLED,"false"); + } else { + params.add(Constants.PR_GATEWAY_S_PORT, + ""+eeGateway.getHTTPSPort()); + params.add(Constants.PR_GATEWAY_PORT, + ""+eeGateway.getHTTPPort()); + params.add(Constants.PR_GATEWAY_S_BACKLOG, + ""+eeGateway.getHTTPBacklog()); + params.add(Constants.PR_GATEWAY_BACKLOG, + ""+eeGateway.getHTTPSBacklog()); + params.add(Constants.PR_GATEWAY_PORT_ENABLED, + eeGateway.getHTTPPortEnable()); + } + */ } private void getAdminConfig(NameValuePairs params) throws EBaseException { /* - * RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance(); - * params.add(Constants.PR_ADMIN_S_PORT, ""+raAdmin.getHTTPSPort()); - * params - * .add(Constants.PR_ADMIN_S_BACKLOG,""+raAdmin.getHTTPSBacklog()); + RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance(); + params.add(Constants.PR_ADMIN_S_PORT, ""+raAdmin.getHTTPSPort()); + params.add(Constants.PR_ADMIN_S_BACKLOG,""+raAdmin.getHTTPSBacklog()); */ } private void getAgentConfig(NameValuePairs params) throws EBaseException { /* - * AgentGateway agent = (AgentGateway)mReg.get(AgentGateway.ID); - * params.add(Constants.PR_AGENT_S_PORT, ""+agent.getHTTPSPort()); - * params.add(Constants.PR_AGENT_S_BACKLOG,""+agent.getHTTPSBacklog()); + AgentGateway agent = (AgentGateway)mReg.get(AgentGateway.ID); + params.add(Constants.PR_AGENT_S_PORT, ""+agent.getHTTPSPort()); + params.add(Constants.PR_AGENT_S_BACKLOG,""+agent.getHTTPSBacklog()); */ } /** * Modifies database information. */ - private void setDBConfig(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void setDBConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore dbConfig = mConfig.getSubStore(PROP_INTERNAL_DB); Enumeration enum1 = req.getParameterNames(); @@ -1018,53 +1065,56 @@ public final class CMSAdminServlet extends AdminServlet { continue; if (key.equals(Constants.OP_SCOPE)) continue; - - dbConfig.putString(key, req.getParameter(key)); + + dbConfig.putString(key, req.getParameter(key)); } sendResponse(RESTART, null, null, resp); mConfig.commit(true); } - - /** + /** * Create Master Key */ - private void createMasterKey(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { +private void createMasterKey(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = req.getParameterNames(); - String newKeyName = null, selectedToken = null; + String newKeyName = null, selectedToken = null; while (e.hasMoreElements()) { String name = (String) e.nextElement(); - if (name.equals(Constants.PR_KEY_LIST)) { - newKeyName = req.getParameter(name); - } - if (name.equals(Constants.PR_TOKEN_LIST)) { - selectedToken = req.getParameter(name); - } + if (name.equals(Constants.PR_KEY_LIST)) + { + newKeyName = req.getParameter(name); + } + if (name.equals(Constants.PR_TOKEN_LIST)) + { + selectedToken = req.getParameter(name); + } + } - if (selectedToken != null && newKeyName != null) { - String symKeys = SessionKey.GenMasterKey(selectedToken, newKeyName); - CMS.getConfigStore().putString("tks.defaultSlot", selectedToken); - String masterKeyPrefix = CMS.getConfigStore().getString( - "tks.master_key_prefix", null); - - SessionKey.SetDefaultPrefix(masterKeyPrefix); - params.add(Constants.PR_KEY_LIST, newKeyName); - params.add(Constants.PR_TOKEN_LIST, selectedToken); - } - sendResponse(SUCCESS, null, params, resp); - } + if(selectedToken!=null && newKeyName!=null) + { + String symKeys = SessionKey.GenMasterKey(selectedToken,newKeyName); + CMS.getConfigStore().putString("tks.defaultSlot", selectedToken); + String masterKeyPrefix = CMS.getConfigStore().getString("tks.master_key_prefix", null); + + SessionKey.SetDefaultPrefix(masterKeyPrefix); + params.add(Constants.PR_KEY_LIST, newKeyName); + params.add(Constants.PR_TOKEN_LIST, selectedToken); + } + sendResponse(SUCCESS, null, params, resp); +} - /** + /** * Reads secmod.db */ - private void getTKSKeys(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void getTKSKeys(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = req.getParameterNames(); @@ -1072,56 +1122,57 @@ public final class CMSAdminServlet extends AdminServlet { while (e.hasMoreElements()) { String name = (String) e.nextElement(); - if (name.equals(Constants.PR_TOKEN_LIST)) { - String selectedToken = req.getParameter(name); - - int count = 0; - int keys_found = 0; - - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); - - CryptoToken token = null; - CryptoManager mCryptoManager = null; - try { - mCryptoManager = CryptoManager.getInstance(); - } catch (Exception e2) { - } - - if (!jssSubSystem.isTokenLoggedIn(selectedToken)) { - PasswordCallback cpcb = new ConsolePasswordCallback(); - while (true) { + if (name.equals(Constants.PR_TOKEN_LIST)) + { + String selectedToken = req.getParameter(name); + + int count = 0; + int keys_found = 0; + + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem)CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); + + CryptoToken token = null; + CryptoManager mCryptoManager = null; + try { + mCryptoManager = CryptoManager.getInstance(); + } catch (Exception e2) { + } + + if(!jssSubSystem.isTokenLoggedIn(selectedToken)) + { + PasswordCallback cpcb = new ConsolePasswordCallback(); + while (true) { try { - token = mCryptoManager - .getTokenByName(selectedToken); - token.login(cpcb); + token = mCryptoManager.getTokenByName(selectedToken); + token.login(cpcb); break; } catch (Exception e3) { - // log(ILogger.LL_FAILURE, - // CMS.getLogMessage("CMSCORE_SECURITY_INCORRECT_PWD")); + //log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_SECURITY_INCORRECT_PWD")); continue; } - } - } - // String symKeys = new String("key1,key2"); - String symKeys = SessionKey.ListSymmetricKeys(selectedToken); - params.add(Constants.PR_TOKEN_LIST, symKeys); + } + } + // String symKeys = new String("key1,key2"); + String symKeys = SessionKey.ListSymmetricKeys(selectedToken); + params.add(Constants.PR_TOKEN_LIST, symKeys); - } + } } sendResponse(SUCCESS, null, params, resp); } - + + /** * Reads database information. */ - private void getDBConfig(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void getDBConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore dbConfig = mConfig.getSubStore(PROP_DB); IConfigStore ldapConfig = dbConfig.getSubStore("ldap"); NameValuePairs params = new NameValuePairs(); Enumeration e = req.getParameterNames(); - + while (e.hasMoreElements()) { String name = (String) e.nextElement(); @@ -1133,7 +1184,7 @@ public final class CMSAdminServlet extends AdminServlet { continue; if (name.equals(Constants.PR_SECURE_PORT_ENABLED)) params.add(name, ldapConfig.getString(name, "Constants.FALSE")); - else + else params.add(name, ldapConfig.getString(name, "")); } sendResponse(SUCCESS, null, params, resp); @@ -1143,8 +1194,8 @@ public final class CMSAdminServlet extends AdminServlet { * Modifies SMTP configuration. */ private void modifySMTPConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { // XXX IConfigStore sConfig = mConfig.getSubStore(PROP_SMTP); @@ -1157,7 +1208,7 @@ public final class CMSAdminServlet extends AdminServlet { if (port != null) sConfig.putString("port", port); - + commit(true); sendResponse(SUCCESS, null, null, resp); @@ -1166,18 +1217,22 @@ public final class CMSAdminServlet extends AdminServlet { /** * Reads SMTP configuration. */ - private void readSMTPConfig(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void readSMTPConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore dbConfig = mConfig.getSubStore(PROP_SMTP); NameValuePairs params = new NameValuePairs(); - params.add(Constants.PR_SERVER_NAME, dbConfig.getString("host")); - params.add(Constants.PR_PORT, dbConfig.getString("port")); + params.add(Constants.PR_SERVER_NAME, + dbConfig.getString("host")); + params.add(Constants.PR_PORT, + dbConfig.getString("port")); sendResponse(SUCCESS, null, params, resp); } - private void loggedInToken(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void loggedInToken(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); String tokenName = ""; String pwd = ""; @@ -1193,8 +1248,8 @@ public final class CMSAdminServlet extends AdminServlet { } } - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); jssSubSystem.loggedInToken(tokenName, pwd); @@ -1204,8 +1259,8 @@ public final class CMSAdminServlet extends AdminServlet { } private void checkTokenStatus(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); String key = ""; String value = ""; @@ -1218,8 +1273,8 @@ public final class CMSAdminServlet extends AdminServlet { } } - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); boolean status = jssSubSystem.isTokenLoggedIn(value); NameValuePairs params = new NameValuePairs(); @@ -1232,18 +1287,18 @@ public final class CMSAdminServlet extends AdminServlet { /** * Retrieve a certificate request * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC used when * asymmetric keys are generated * </ul> - * * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException failed to retrieve certificate request */ - private void getCertRequest(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void getCertRequest(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); String auditPublicKey = ILogger.SIGNED_AUDIT_EMPTY_VALUE; @@ -1291,11 +1346,11 @@ public final class CMSAdminServlet extends AdminServlet { } } - pathname = mConfig.getString("instanceRoot", "") + File.separator - + "conf" + File.separator; + pathname = mConfig.getString("instanceRoot", "") + + File.separator + "conf" + File.separator; dir = pathname; - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); KeyPair keypair = null; PQGParams pqgParams = null; @@ -1321,8 +1376,10 @@ public final class CMSAdminServlet extends AdminServlet { if (nickname.equals("")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC, - auditSubjectID, ILogger.FAILURE, auditPublicKey); + LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC, + auditSubjectID, + ILogger.FAILURE, + auditPublicKey); audit(auditMessage); @@ -1333,13 +1390,11 @@ public final class CMSAdminServlet extends AdminServlet { } else { if (keyType.equals("ECC")) { // get ECC keypair - keypair = jssSubSystem.getECCKeyPair(tokenName, - keyCurveName, certType); - } else { // DSA or RSA + keypair = jssSubSystem.getECCKeyPair(tokenName, keyCurveName, certType); + } else { //DSA or RSA if (keyType.equals("DSA")) - pqgParams = jssSubSystem.getPQG(keyLength); - keypair = jssSubSystem.getKeyPair(tokenName, keyType, - keyLength, pqgParams); + pqgParams = jssSubSystem.getPQG(keyLength); + keypair = jssSubSystem.getKeyPair(tokenName, keyType, keyLength, pqgParams); } } @@ -1384,8 +1439,10 @@ public final class CMSAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC, auditSubjectID, - ILogger.SUCCESS, auditPublicKey); + LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC, + auditSubjectID, + ILogger.SUCCESS, + auditPublicKey); audit(auditMessage); @@ -1394,8 +1451,10 @@ public final class CMSAdminServlet extends AdminServlet { } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC, auditSubjectID, - ILogger.FAILURE, auditPublicKey); + LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC, + auditSubjectID, + ILogger.FAILURE, + auditPublicKey); audit(auditMessage); @@ -1404,32 +1463,34 @@ public final class CMSAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC, auditSubjectID, - ILogger.FAILURE, auditPublicKey); + LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC, + auditSubjectID, + ILogger.FAILURE, + auditPublicKey); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; - // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC, - // auditSubjectID, - // ILogger.FAILURE, - // auditPublicKey ); - // - // audit( auditMessage ); - // - // // rethrow the specific exception to be handled later - // throw eAudit3; - } - } - - private void setCANewnickname(String tokenName, String nickname) - throws EBaseException { - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); + // } catch( ServletException eAudit3 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_KEY_GEN_ASYMMETRIC, + // auditSubjectID, + // ILogger.FAILURE, + // auditPublicKey ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit3; + } + } + + private void setCANewnickname(String tokenName, String nickname) + throws EBaseException { + ICertificateAuthority ca = (ICertificateAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_CA); ISigningUnit signingUnit = ca.getSigningUnit(); if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) @@ -1443,17 +1504,17 @@ public final class CMSAdminServlet extends AdminServlet { } private String getCANewnickname() throws EBaseException { - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); + ICertificateAuthority ca = (ICertificateAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_CA); ISigningUnit signingUnit = ca.getSigningUnit(); - return signingUnit.getNewNickName(); + return signingUnit.getNewNickName(); } private void setRANewnickname(String tokenName, String nickname) - throws EBaseException { - IRegistrationAuthority ra = (IRegistrationAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_RA); + throws EBaseException { + IRegistrationAuthority ra = (IRegistrationAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_RA); if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) ra.setNewNickName(nickname); @@ -1466,16 +1527,15 @@ public final class CMSAdminServlet extends AdminServlet { } private String getRANewnickname() throws EBaseException { - IRegistrationAuthority ra = (IRegistrationAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_RA); + IRegistrationAuthority ra = (IRegistrationAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_RA); return ra.getNewNickName(); } private void setOCSPNewnickname(String tokenName, String nickname) - throws EBaseException { - IOCSPAuthority ocsp = (IOCSPAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_OCSP); + throws EBaseException { + IOCSPAuthority ocsp = (IOCSPAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_OCSP); if (ocsp != null) { ISigningUnit signingUnit = ocsp.getSigningUnit(); @@ -1489,8 +1549,8 @@ public final class CMSAdminServlet extends AdminServlet { signingUnit.setNewNickName(tokenName + ":" + nickname); } } else { - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); + ICertificateAuthority ca = (ICertificateAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_CA); ISigningUnit signingUnit = ca.getOCSPSigningUnit(); if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) @@ -1505,26 +1565,25 @@ public final class CMSAdminServlet extends AdminServlet { } private String getOCSPNewnickname() throws EBaseException { - IOCSPAuthority ocsp = (IOCSPAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_OCSP); + IOCSPAuthority ocsp = (IOCSPAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_OCSP); if (ocsp != null) { ISigningUnit signingUnit = ocsp.getSigningUnit(); - return signingUnit.getNewNickName(); + return signingUnit.getNewNickName(); } else { - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); + ICertificateAuthority ca = (ICertificateAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_CA); ISigningUnit signingUnit = ca.getOCSPSigningUnit(); - return signingUnit.getNewNickName(); + return signingUnit.getNewNickName(); } } - private void setKRANewnickname(String tokenName, String nickname) - throws EBaseException { - IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_KRA); + private void setKRANewnickname(String tokenName, String nickname) + throws EBaseException { + IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_KRA); if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) kra.setNewNickName(nickname); @@ -1537,81 +1596,87 @@ public final class CMSAdminServlet extends AdminServlet { } private String getKRANewnickname() throws EBaseException { - IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_KRA); + IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_KRA); return kra.getNewNickName(); } - private void setRADMNewnickname(String tokenName, String nickName) - throws EBaseException { + private void setRADMNewnickname(String tokenName, String nickName) + throws EBaseException { CMS.setServerCertNickname(tokenName, nickName); /* - * RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance(); - * HTTPService httpsService = raAdmin.getHttpsService(); if - * (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) - * httpsService.setNewNickName(nickName); else { if - * (tokenName.equals("") && nickName.equals("")) - * httpsService.setNewNickName(""); else - * httpsService.setNewNickName(tokenName+":"+nickName); } + RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance(); + HTTPService httpsService = raAdmin.getHttpsService(); + if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) + httpsService.setNewNickName(nickName); + else { + if (tokenName.equals("") && nickName.equals("")) + httpsService.setNewNickName(""); + else + httpsService.setNewNickName(tokenName+":"+nickName); + } */ } - private String getRADMNewnickname() throws EBaseException { + private String getRADMNewnickname() + throws EBaseException { // assuming the nickname does not change. return CMS.getServerCertNickname(); /* - * RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance(); - * HTTPService httpsService = raAdmin.getHttpsService(); return - * httpsService.getNewNickName(); + RemoteAdmin raAdmin = (RemoteAdmin)RemoteAdmin.getInstance(); + HTTPService httpsService = raAdmin.getHttpsService(); + return httpsService.getNewNickName(); */ } private void setAgentNewnickname(String tokenName, String nickName) - throws EBaseException { + throws EBaseException { CMS.setServerCertNickname(tokenName, nickName); /* - * AgentGateway gateway = (AgentGateway)mReg.get(AgentGateway.ID); - * HTTPService httpsService = gateway.getHttpsService(); if - * (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) - * httpsService.setNewNickName(nickName); else { if - * (tokenName.equals("") && nickName.equals("")) - * httpsService.setNewNickName(""); else - * httpsService.setNewNickName(tokenName+":"+nickName); } + AgentGateway gateway = (AgentGateway)mReg.get(AgentGateway.ID); + HTTPService httpsService = gateway.getHttpsService(); + if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) + httpsService.setNewNickName(nickName); + else { + if (tokenName.equals("") && nickName.equals("")) + httpsService.setNewNickName(""); + else + httpsService.setNewNickName(tokenName+":"+nickName); + } */ } - private String getAgentNewnickname() throws EBaseException { + private String getAgentNewnickname() + throws EBaseException { // assuming the nickname does not change. return CMS.getServerCertNickname(); /* - * AgentGateway gateway = (AgentGateway)mReg.get(AgentGateway.ID); - * HTTPService httpsService = gateway.getHttpsService(); return - * httpsService.getNewNickName(); + AgentGateway gateway = (AgentGateway)mReg.get(AgentGateway.ID); + HTTPService httpsService = gateway.getHttpsService(); + return httpsService.getNewNickName(); */ } /** * Issue import certificate * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when - * "Certificate Setup Wizard" is used to import CA certs into the + * "Certificate Setup Wizard" is used to import CA certs into the * certificate database * </ul> - * * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException failed to issue an import certificate */ private void issueImportCert(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1635,9 +1700,9 @@ public final class CMSAdminServlet extends AdminServlet { String key = (String) enum1.nextElement(); String value = req.getParameter(key); - if (key.equals("pathname")) { + if (key.equals("pathname")) { configPath = mConfig.getString("instanceRoot", "") - + File.separator + "conf" + File.separator; + + File.separator + "conf" + File.separator; pathname = configPath + value; } else { if (key.equals(Constants.PR_TOKEN_NAME)) @@ -1648,17 +1713,17 @@ public final class CMSAdminServlet extends AdminServlet { String certType = (String) properties.get(Constants.RS_ID); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); - IDBSubsystem dbs = (IDBSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_DBS); - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); - ICertificateRepository repository = (ICertificateRepository) ca - .getCertificateRepository(); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); + IDBSubsystem dbs = (IDBSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_DBS); + ICertificateAuthority ca = (ICertificateAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_CA); + ICertificateRepository repository = + (ICertificateRepository) ca.getCertificateRepository(); ISigningUnit signingUnit = ca.getSigningUnit(); String oldtokenname = null; - // this is the old nick name + //this is the old nick name String nickname = getNickname(certType); String nicknameWithoutTokenName = ""; String oldcatokenname = signingUnit.getTokenName(); @@ -1676,13 +1741,15 @@ public final class CMSAdminServlet extends AdminServlet { } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException( - CMS.getLogMessage("BASE_CERT_NOT_FOUND")); + throw new + EBaseException(CMS.getLogMessage("BASE_CERT_NOT_FOUND")); } if (newtokenname == null) @@ -1695,34 +1762,39 @@ public final class CMSAdminServlet extends AdminServlet { } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException( - CMS.getLogMessage("BASE_CERT_NOT_FOUND")); + throw new + EBaseException(CMS.getLogMessage("BASE_CERT_NOT_FOUND")); } - // xxx renew ca ,use old issuer? - properties.setIssuerName(jssSubSystem.getCertSubjectName( - oldcatokenname, canicknameWithoutTokenName)); + //xxx renew ca ,use old issuer? + properties.setIssuerName( + jssSubSystem.getCertSubjectName(oldcatokenname, + canicknameWithoutTokenName)); KeyPair pair = null; if (nickname.equals("")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException( - CMS.getLogMessage("BASE_CERT_NOT_FOUND")); + throw new + EBaseException(CMS.getLogMessage("BASE_CERT_NOT_FOUND")); } - // xxx set to old nickname? + //xxx set to old nickname? properties.setCertNickname(nickname); if (!certType.equals(Constants.PR_CA_SIGNING_CERT)) { CertificateExtensions exts = jssSubSystem.getExtensions( @@ -1743,25 +1815,25 @@ public final class CMSAdminServlet extends AdminServlet { defaultOCSPSigningAlg = properties.getHashType(); } } - + // create a new CA certificate or ssl server cert - if (properties.getKeyCurveName() != null) { // new ECC + if (properties.getKeyCurveName() != null) { //new ECC CMS.debug("CMSAdminServlet: issueImportCert: generating ECC keys"); pair = jssSubSystem.getECCKeyPair(properties); - if (certType.equals(Constants.PR_CA_SIGNING_CERT)) + if (certType.equals(Constants.PR_CA_SIGNING_CERT)) caKeyPair = pair; - } else if (properties.getKeyLength() != null) { // new RSA or DSA + } else if (properties.getKeyLength() != null) { //new RSA or DSA keyType = properties.getKeyType(); String keyLen = properties.getKeyLength(); PQGParams pqgParams = null; if (keyType.equals("DSA")) { pqgParams = jssSubSystem.getCAPQG(Integer.parseInt(keyLen), - mConfig); - // properties.put(Constants.PR_PQGPARAMS, pqgParams); + mConfig); + //properties.put(Constants.PR_PQGPARAMS, pqgParams); } pair = jssSubSystem.getKeyPair(properties); - if (certType.equals(Constants.PR_CA_SIGNING_CERT)) + if (certType.equals(Constants.PR_CA_SIGNING_CERT)) caKeyPair = pair; // renew the CA certificate or ssl server cert } else { @@ -1774,12 +1846,11 @@ public final class CMSAdminServlet extends AdminServlet { } /* - * String alg = jssSubSystem.getSignatureAlgorithm(nickname); - * SignatureAlgorithm sigAlg = - * SigningUnit.mapAlgorithmToJss(alg); - * properties.setSignatureAlgorithm(sigAlg); - * properties.setAlgorithmId( jssSubSystem.getAlgorithmId(alg, - * mConfig)); + String alg = jssSubSystem.getSignatureAlgorithm(nickname); + SignatureAlgorithm sigAlg = SigningUnit.mapAlgorithmToJss(alg); + properties.setSignatureAlgorithm(sigAlg); + properties.setAlgorithmId( + jssSubSystem.getAlgorithmId(alg, mConfig)); */ } @@ -1792,11 +1863,10 @@ public final class CMSAdminServlet extends AdminServlet { // value provided for signedBy SignatureAlgorithm sigAlg = Cert.mapAlgorithmToJss(alg); properties.setSignatureAlgorithm(sigAlg); - properties.setAlgorithmId(jssSubSystem.getAlgorithmId(alg, - mConfig)); + properties.setAlgorithmId(jssSubSystem.getAlgorithmId(alg, mConfig)); } - if (pair == null) + if (pair == null) CMS.debug("CMSAdminServlet: issueImportCert: key pair is null"); BigInteger nextSerialNo = repository.getNextSerialNumber(); @@ -1804,40 +1874,42 @@ public final class CMSAdminServlet extends AdminServlet { properties.setSerialNumber(nextSerialNo); properties.setKeyPair(pair); properties.setConfigFile(mConfig); - // properties.put(Constants.PR_CA_KEYPAIR, pair); + // properties.put(Constants.PR_CA_KEYPAIR, pair); properties.put(Constants.PR_CA_KEYPAIR, caKeyPair); - X509CertImpl signedCert = jssSubSystem.getSignedCert(properties, - certType, caKeyPair.getPrivate()); + X509CertImpl signedCert = + jssSubSystem.getSignedCert(properties, certType, + caKeyPair.getPrivate()); - if (signedCert == null) - CMS.debug("CMSAdminServlet: issueImportCert: signedCert is null"); + if (signedCert == null) + CMS.debug("CMSAdminServlet: issueImportCert: signedCert is null"); - /* - * bug 600124 try { jssSubSystem.deleteTokenCertificate(nickname, - * pathname); } catch (Throwable e) { //skip it } + /* bug 600124 + try { + jssSubSystem.deleteTokenCertificate(nickname, pathname); + } catch (Throwable e) { + //skip it + } */ boolean nicknameChanged = false; - // xxx import cert with nickname without token name? - // jss adds the token prefix!!! - // log(ILogger.LL_DEBUG,"import as alias"+ - // nicknameWithoutTokenName); + //xxx import cert with nickname without token name? + //jss adds the token prefix!!! + //log(ILogger.LL_DEBUG,"import as alias"+ nicknameWithoutTokenName); try { - CMS.debug("CMSAdminServlet: issueImportCert: Importing cert: " - + nicknameWithoutTokenName); + CMS.debug("CMSAdminServlet: issueImportCert: Importing cert: " + nicknameWithoutTokenName); jssSubSystem.importCert(signedCert, nicknameWithoutTokenName, - certType); + certType); } catch (EBaseException e) { // if it fails, let use a different nickname to try - Date now = new Date(); - String newNickname = nicknameWithoutTokenName + "-" - + now.getTime(); + Date now = new Date(); + String newNickname = nicknameWithoutTokenName + + "-" + now.getTime(); - CMS.debug("CMSAdminServlet: issueImportCert: Importing cert with nickname: " - + newNickname); - jssSubSystem.importCert(signedCert, newNickname, certType); + CMS.debug("CMSAdminServlet: issueImportCert: Importing cert with nickname: " + newNickname); + jssSubSystem.importCert(signedCert, newNickname, + certType); nicknameWithoutTokenName = newNickname; nicknameChanged = true; if (tokenName.equals(Constants.PR_INTERNAL_TOKEN_NAME)) { @@ -1848,26 +1920,28 @@ public final class CMSAdminServlet extends AdminServlet { } ICertRecord certRecord = repository.createCertRecord( - signedCert.getSerialNumber(), signedCert, null); + signedCert.getSerialNumber(), + signedCert, null); repository.addCertificateRecord(certRecord); if (certType.equals(Constants.PR_CA_SIGNING_CERT)) { try { - X509CertInfo certInfo = (X509CertInfo) signedCert - .get(X509CertImpl.NAME + "." + X509CertImpl.INFO); - CertificateExtensions extensions = (CertificateExtensions) certInfo - .get(X509CertInfo.EXTENSIONS); + X509CertInfo certInfo = (X509CertInfo) signedCert.get( + X509CertImpl.NAME + "." + X509CertImpl.INFO); + CertificateExtensions extensions = (CertificateExtensions) + certInfo.get(X509CertInfo.EXTENSIONS); if (extensions != null) { - BasicConstraintsExtension basic = (BasicConstraintsExtension) extensions - .get(BasicConstraintsExtension.NAME); + BasicConstraintsExtension basic = + (BasicConstraintsExtension) + extensions.get(BasicConstraintsExtension.NAME); if (basic == null) log(CMS.getLogMessage("ADMIN_SRVLT_BASIC_CONSTRAIN_NULL")); else { - Integer pathlen = (Integer) basic - .get(BasicConstraintsExtension.PATH_LEN); + Integer pathlen = (Integer) + basic.get(BasicConstraintsExtension.PATH_LEN); int num = pathlen.intValue(); if (num == 0) @@ -1884,32 +1958,34 @@ public final class CMSAdminServlet extends AdminServlet { } } - CMS.debug("CMSAdminServlet: oldtoken:" + oldtokenname + CMS.debug("CMSAdminServlet: oldtoken:" + oldtokenname + " newtoken:" + newtokenname + " nickname:" + nickname); - if ((newtokenname != null && !newtokenname.equals(oldtokenname)) - || nicknameChanged) { + if ((newtokenname != null && + !newtokenname.equals(oldtokenname)) || nicknameChanged) { if (certType.equals(Constants.PR_CA_SIGNING_CERT)) { if (newtokenname.equals(Constants.PR_INTERNAL_TOKEN_NAME)) { signingUnit.updateConfig(nicknameWithoutTokenName, - newtokenname); + newtokenname); } else { - signingUnit.updateConfig(newtokenname + ":" - + nicknameWithoutTokenName, newtokenname); + signingUnit.updateConfig(newtokenname + ":" + + nicknameWithoutTokenName, + newtokenname); } - } else if (certType.equals(Constants.PR_SERVER_CERT)) { + } else if (certType.equals(Constants.PR_SERVER_CERT)) { if (newtokenname.equals(Constants.PR_INTERNAL_TOKEN_NAME)) { nickname = nicknameWithoutTokenName; } else { nickname = newtokenname + ":" - + nicknameWithoutTokenName; + + nicknameWithoutTokenName; } - // setRADMNewnickname("",""); - // modifyRADMCert(nickname); + //setRADMNewnickname("",""); + //modifyRADMCert(nickname); modifyAgentGatewayCert(nickname); if (isSubsystemInstalled("ra")) { - IRegistrationAuthority ra = (IRegistrationAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_RA); + IRegistrationAuthority ra = + (IRegistrationAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_RA); modifyEEGatewayCert(ra, nickname); } @@ -1921,28 +1997,28 @@ public final class CMSAdminServlet extends AdminServlet { nickname = nicknameWithoutTokenName; } else { nickname = newtokenname + ":" - + nicknameWithoutTokenName; + + nicknameWithoutTokenName; } modifyRADMCert(nickname); } else if (certType.equals(Constants.PR_OCSP_SIGNING_CERT)) { - if (ca != null) { + if (ca != null) { ISigningUnit ocspSigningUnit = ca.getOCSPSigningUnit(); - if (newtokenname - .equals(Constants.PR_INTERNAL_TOKEN_NAME)) { + if (newtokenname.equals(Constants.PR_INTERNAL_TOKEN_NAME)) { ocspSigningUnit.updateConfig( - nicknameWithoutTokenName, newtokenname); + nicknameWithoutTokenName, newtokenname); } else { - ocspSigningUnit.updateConfig(newtokenname + ":" - + nicknameWithoutTokenName, newtokenname); + ocspSigningUnit.updateConfig(newtokenname + ":" + + nicknameWithoutTokenName, + newtokenname); } } } } - + // set signing algorithms if needed - if (certType.equals(Constants.PR_CA_SIGNING_CERT)) + if (certType.equals(Constants.PR_CA_SIGNING_CERT)) signingUnit.setDefaultAlgorithm(defaultSigningAlg); if (defaultOCSPSigningAlg != null) { @@ -1955,50 +2031,54 @@ public final class CMSAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); mConfig.commit(true); sendResponse(SUCCESS, null, null, resp); } catch (EBaseException eAudit1) { - CMS.debug("CMSAdminServlet: issueImportCert: EBaseException thrown: " - + eAudit1.toString()); + CMS.debug("CMSAdminServlet: issueImportCert: EBaseException thrown: " + eAudit1.toString()); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; } catch (IOException eAudit2) { - CMS.debug("CMSAdminServlet: issueImportCert: IOException thrown: " - + eAudit2.toString()); + CMS.debug("CMSAdminServlet: issueImportCert: IOException thrown: " + eAudit2.toString()); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; - // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); - // - // audit( auditMessage ); - // - // // rethrow the specific exception to be handled later - // throw eAudit3; - } + // } catch( ServletException eAudit3 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit3; + } } private String getDefaultSigningAlg(String keyType, String messageDigest) { @@ -2007,7 +2087,7 @@ public final class CMSAdminServlet extends AdminServlet { return "MD2withRSA"; } else if (messageDigest.equals("MD5")) { return "MD5withRSA"; - } else if (messageDigest.equals("SHA1")) { + } else if (messageDigest.equals("SHA1")) { return "SHA1withRSA"; } else if (messageDigest.equals("SHA256")) { return "SHA256withRSA"; @@ -2018,7 +2098,7 @@ public final class CMSAdminServlet extends AdminServlet { if (messageDigest.equals("SHA1")) { return "SHA1withDSA"; } - } else /* EC */{ + } else /* EC */ { if (messageDigest.equals("SHA1")) { return "SHA1withEC"; } else if (messageDigest.equals("SHA256")) { @@ -2032,31 +2112,32 @@ public final class CMSAdminServlet extends AdminServlet { return null; } - private void updateCASignature(String nickname, KeyCertData properties, - ICryptoSubsystem jssSubSystem) throws EBaseException { + private void updateCASignature(String nickname, KeyCertData properties, + ICryptoSubsystem jssSubSystem) throws EBaseException { String alg = jssSubSystem.getSignatureAlgorithm(nickname); SignatureAlgorithm sigAlg = Cert.mapAlgorithmToJss(alg); properties.setSignatureAlgorithm(sigAlg); - properties.setAlgorithmId(jssSubSystem.getAlgorithmId(alg, mConfig)); + properties.setAlgorithmId( + jssSubSystem.getAlgorithmId(alg, mConfig)); } /** * Install certificates * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when - * "Certificate Setup Wizard" is used to import CA certs into the + * "Certificate Setup Wizard" is used to import CA certs into the * certificate database * </ul> - * * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException failed to install a certificate */ - private void installCert(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void installCert(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -2077,30 +2158,31 @@ public final class CMSAdminServlet extends AdminServlet { String key = (String) enum1.nextElement(); String value = req.getParameter(key); - if (key.equals(Constants.PR_PKCS10)) + if (key.equals(Constants.PR_PKCS10)) pkcs = value; else if (key.equals(Constants.RS_ID)) certType = value; else if (key.equals(Constants.PR_NICKNAME)) nickname = value; - else if (key.equals("pathname")) + else if (key.equals("pathname")) pathname = value; else if (key.equals(Constants.PR_SERVER_ROOT)) serverRoot = value; - else if (key.equals(Constants.PR_SERVER_ID)) + else if (key.equals(Constants.PR_SERVER_ID)) serverID = value; - else if (key.equals(Constants.PR_CERT_FILEPATH)) + else if (key.equals(Constants.PR_CERT_FILEPATH)) certpath = value; } - + try { if (pkcs == null || pkcs.equals("")) { if (certpath == null || certpath.equals("")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2110,8 +2192,8 @@ public final class CMSAdminServlet extends AdminServlet { throw ex; } else { FileInputStream in = new FileInputStream(certpath); - BufferedReader d = new BufferedReader( - new InputStreamReader(in)); + BufferedReader d = + new BufferedReader(new InputStreamReader(in)); String content = ""; pkcs = ""; @@ -2131,22 +2213,24 @@ public final class CMSAdminServlet extends AdminServlet { } catch (IOException ee) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); throw new EBaseException( - CMS.getLogMessage("BASE_OPEN_FILE_FAILED")); + CMS.getLogMessage("BASE_OPEN_FILE_FAILED")); } pkcs = pkcs.trim(); - pathname = serverRoot + File.separator + serverID + File.separator - + "config" + File.separator + pathname; + pathname = serverRoot + File.separator + serverID + + File.separator + "config" + File.separator + pathname; - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); - // String nickname = getNickname(certType); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); + //String nickname = getNickname(certType); String nicknameWithoutTokenName = ""; int index = nickname.indexOf(":"); @@ -2159,93 +2243,98 @@ public final class CMSAdminServlet extends AdminServlet { } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); throw new EBaseException( - CMS.getLogMessage("BASE_CERT_NOT_FOUND")); + CMS.getLogMessage("BASE_CERT_NOT_FOUND")); } /* - * if (certType.equals(Constants.PR_CA_SIGNING_CERT) || - * certType.equals(Constants.PR_RA_SIGNING_CERT) || - * certType.equals(Constants.PR_OCSP_SIGNING_CERT) || - * certType.equals(Constants.PR_KRA_TRANSPORT_CERT) || - * certType.equals(Constants.PR_SERVER_CERT) || - * certType.equals(Constants.PR_SERVER_CERT_RADM)) { String - * oldnickname = getNickname(certType); try { - * jssSubsystem.deleteTokenCertificate(oldnickname, pathname); - * //jssSubsystem.deleteTokenCertificate(nickname, pathname); } - * catch (EBaseException e) { // skip it } } else { try { - * jssSubsystem.deleteTokenCertificate(nickname, pathname); } catch - * (EBaseException e) { // skip it } } - */ + if (certType.equals(Constants.PR_CA_SIGNING_CERT) || + certType.equals(Constants.PR_RA_SIGNING_CERT) || + certType.equals(Constants.PR_OCSP_SIGNING_CERT) || + certType.equals(Constants.PR_KRA_TRANSPORT_CERT) || + certType.equals(Constants.PR_SERVER_CERT) || + certType.equals(Constants.PR_SERVER_CERT_RADM)) { + String oldnickname = getNickname(certType); + try { + jssSubsystem.deleteTokenCertificate(oldnickname, + pathname); + //jssSubsystem.deleteTokenCertificate(nickname, + pathname); + } catch (EBaseException e) { + // skip it + } + } else { + try { + jssSubsystem.deleteTokenCertificate(nickname, pathname); + } catch (EBaseException e) { + // skip it + } + } + */ // 600124 - renewal of SSL crash the server // we now do not delete previously installed certificates. - // Same Subject | Same Nickname | Same Key | Legal - // ----------------------------------------------------------- - // 1. Yes Yes No Yes - // 2. Yes Yes Yes Yes - // 3. No No Yes Yes - // 4. No No No Yes - // 5. No Yes Yes No - // 6. No Yes No No - // 7. Yes No Yes No - // 8. Yes No No No + // Same Subject | Same Nickname | Same Key | Legal + // ----------------------------------------------------------- + // 1. Yes Yes No Yes + // 2. Yes Yes Yes Yes + // 3. No No Yes Yes + // 4. No No No Yes + // 5. No Yes Yes No + // 6. No Yes No No + // 7. Yes No Yes No + // 8. Yes No No No // Based on above table, the following cases are permitted: // Existing Key: - // (a) Same Subject & Same Nickname --- (2) - // (b) Different Subject & Different Nickname --- (3) - // (In order to support Case b., we need to use a different - // nickname). + // (a) Same Subject & Same Nickname --- (2) + // (b) Different Subject & Different Nickname --- (3) + // (In order to support Case b., we need to use a different + // nickname). // New Key: - // (c) Same Subject & Same Nickname --- (1) - // (d) Different Subject & Different Nickname --- (4) - // (In order to support Case b., we need to use a different - // nickname). + // (c) Same Subject & Same Nickname --- (1) + // (d) Different Subject & Different Nickname --- (4) + // (In order to support Case b., we need to use a different + // nickname). // - CMS.debug("CMSAdminServlet.installCert(): About to try jssSubSystem.importCert: " - + nicknameWithoutTokenName); + CMS.debug("CMSAdminServlet.installCert(): About to try jssSubSystem.importCert: "+ nicknameWithoutTokenName); try { - jssSubSystem.importCert(pkcs, nicknameWithoutTokenName, - certType); + jssSubSystem.importCert(pkcs, nicknameWithoutTokenName, + certType); } catch (EBaseException e) { boolean certFound = false; String eString = e.toString(); - if (eString - .contains("Failed to find certificate that was just imported")) { - CMS.debug("CMSAdminServlet.installCert(): nickname=" - + nicknameWithoutTokenName + " TokenException: " - + eString); + if(eString.contains("Failed to find certificate that was just imported")) { + CMS.debug("CMSAdminServlet.installCert(): nickname="+nicknameWithoutTokenName + " TokenException: " + eString); X509Certificate cert = null; try { - cert = CryptoManager.getInstance().findCertByNickname( - nickname); + cert = CryptoManager.getInstance().findCertByNickname(nickname); if (cert != null) { certFound = true; } - CMS.debug("CMSAdminServlet.installCert() Found cert just imported: " - + nickname); + CMS.debug("CMSAdminServlet.installCert() Found cert just imported: " + nickname); } catch (Exception ex) { - CMS.debug("CMSAdminServlet.installCert() Can't find cert just imported: " - + ex.toString()); + CMS.debug("CMSAdminServlet.installCert() Can't find cert just imported: " + ex.toString()); } - } + } if (!certFound) { // if it fails, let use a different nickname to try - Date now = new Date(); - String newNickname = nicknameWithoutTokenName + "-" - + now.getTime(); + Date now = new Date(); + String newNickname = nicknameWithoutTokenName + "-" + + now.getTime(); jssSubSystem.importCert(pkcs, newNickname, certType); nicknameWithoutTokenName = newNickname; @@ -2254,17 +2343,16 @@ public final class CMSAdminServlet extends AdminServlet { } else { nickname = tokenName + ":" + newNickname; } - CMS.debug("CMSAdminServlet: installCert(): After second install attempt following initial error: nickname=" - + nickname); - } + CMS.debug("CMSAdminServlet: installCert(): After second install attempt following initial error: nickname="+nickname); + } } if (certType.equals(Constants.PR_CA_SIGNING_CERT)) { - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); + ICertificateAuthority ca = + (ICertificateAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_CA); ISigningUnit signingUnit = ca.getSigningUnit(); - String signatureAlg = jssSubSystem - .getSignatureAlgorithm(nickname); + String signatureAlg = + jssSubSystem.getSignatureAlgorithm(nickname); signingUnit.setDefaultAlgorithm(signatureAlg); setCANewnickname("", ""); @@ -2273,25 +2361,26 @@ public final class CMSAdminServlet extends AdminServlet { if (nickname.equals(nicknameWithoutTokenName)) { signingUnit.updateConfig(nickname, - Constants.PR_INTERNAL_TOKEN_NAME); + Constants.PR_INTERNAL_TOKEN_NAME); extensions = jssSubSystem.getExtensions( - Constants.PR_INTERNAL_TOKEN_NAME, nickname); + Constants.PR_INTERNAL_TOKEN_NAME, nickname); } else { String tokenname1 = nickname.substring(0, index); signingUnit.updateConfig(nickname, tokenname1); extensions = jssSubSystem.getExtensions(tokenname1, - nicknameWithoutTokenName); + nicknameWithoutTokenName); } if (extensions != null) { - BasicConstraintsExtension basic = (BasicConstraintsExtension) extensions - .get(BasicConstraintsExtension.NAME); + BasicConstraintsExtension basic = + (BasicConstraintsExtension) + extensions.get(BasicConstraintsExtension.NAME); if (basic == null) log(CMS.getLogMessage("ADMIN_SRVLT_BASIC_CONSTRAIN_NULL")); else { - Integer pathlen = (Integer) basic - .get(BasicConstraintsExtension.PATH_LEN); + Integer pathlen = (Integer) + basic.get(BasicConstraintsExtension.PATH_LEN); int num = pathlen.intValue(); if (num == 0) @@ -2309,34 +2398,35 @@ public final class CMSAdminServlet extends AdminServlet { } } else if (certType.equals(Constants.PR_RA_SIGNING_CERT)) { setRANewnickname("", ""); - IRegistrationAuthority ra = (IRegistrationAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_RA); + IRegistrationAuthority ra = + (IRegistrationAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_RA); ra.setNickname(nickname); } else if (certType.equals(Constants.PR_OCSP_SIGNING_CERT)) { setOCSPNewnickname("", ""); - IOCSPAuthority ocsp = (IOCSPAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_OCSP); + IOCSPAuthority ocsp = + (IOCSPAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_OCSP); if (ocsp != null) { ISigningUnit signingUnit = ocsp.getSigningUnit(); if (nickname.equals(nicknameWithoutTokenName)) { signingUnit.updateConfig(nickname, - Constants.PR_INTERNAL_TOKEN_NAME); + Constants.PR_INTERNAL_TOKEN_NAME); } else { String tokenname1 = nickname.substring(0, index); signingUnit.updateConfig(nickname, tokenname1); } - } else { - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); + } else { + ICertificateAuthority ca = + (ICertificateAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_CA); ISigningUnit signingUnit = ca.getOCSPSigningUnit(); if (nickname.equals(nicknameWithoutTokenName)) { signingUnit.updateConfig(nickname, - Constants.PR_INTERNAL_TOKEN_NAME); + Constants.PR_INTERNAL_TOKEN_NAME); } else { String tokenname1 = nickname.substring(0, index); @@ -2345,23 +2435,25 @@ public final class CMSAdminServlet extends AdminServlet { } } else if (certType.equals(Constants.PR_KRA_TRANSPORT_CERT)) { setKRANewnickname("", ""); - IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_KRA); + IKeyRecoveryAuthority kra = + (IKeyRecoveryAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_KRA); kra.setNickname(nickname); } else if (certType.equals(Constants.PR_SERVER_CERT)) { setAgentNewnickname("", ""); - // modifyRADMCert(nickname); + //modifyRADMCert(nickname); modifyAgentGatewayCert(nickname); if (isSubsystemInstalled("ra")) { - IRegistrationAuthority ra = (IRegistrationAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_RA); + IRegistrationAuthority ra = + (IRegistrationAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_RA); modifyEEGatewayCert(ra, nickname); } if (isSubsystemInstalled("ca")) { - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); + ICertificateAuthority ca = + (ICertificateAuthority) + CMS.getSubsystem(CMS.SUBSYSTEM_CA); modifyCAGatewayCert(ca, nickname); } @@ -2372,41 +2464,47 @@ public final class CMSAdminServlet extends AdminServlet { boolean verified = CMS.verifySystemCertByNickname(nickname, null); if (verified == true) { - CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() succeeded:" - + nickname); + CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() succeeded:"+ nickname); auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION, - auditSubjectID, ILogger.SUCCESS, nickname); + auditSubjectID, + ILogger.SUCCESS, + nickname); audit(auditMessage); } else { - CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() failed:" - + nickname); + CMS.debug("CMSAdminServlet: installCert(): verifySystemCertByNickname() failed:"+ nickname); auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION, - auditSubjectID, ILogger.FAILURE, nickname); + LOGGING_SIGNED_AUDIT_CIMC_CERT_VERIFICATION, + auditSubjectID, + ILogger.FAILURE, + nickname); audit(auditMessage); } // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); mConfig.commit(true); - if (verified == true) { + if(verified == true) { sendResponse(SUCCESS, null, null, resp); } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_CERT_VALIDATE_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_CERT_VALIDATE_FAILED"), + null, resp); } } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2415,45 +2513,47 @@ public final class CMSAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; - // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); - // - // audit( auditMessage ); - // - // // rethrow the specific exception to be handled later - // throw eAudit3; - } + // } catch( ServletException eAudit3 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit3; + } } /** - * For "importing" cross-signed cert into internal db for further cross pair - * matching and publishing + * For "importing" cross-signed cert into internal db for further + * cross pair matching and publishing * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when * "Certificate Setup Wizard" is used to import a CA cross-signed * certificate into the database * </ul> - * * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException failed to import a cross-certificate pair */ - private void importXCert(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void importXCert(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -2474,28 +2574,29 @@ public final class CMSAdminServlet extends AdminServlet { String value = req.getParameter(key); // really should be PR_CERT_CONTENT - if (key.equals(Constants.PR_PKCS10)) + if (key.equals(Constants.PR_PKCS10)) b64Cert = value; else if (key.equals(Constants.RS_ID)) certType = value; - else if (key.equals("pathname")) + else if (key.equals("pathname")) pathname = value; else if (key.equals(Constants.PR_SERVER_ROOT)) serverRoot = value; - else if (key.equals(Constants.PR_SERVER_ID)) + else if (key.equals(Constants.PR_SERVER_ID)) serverID = value; - else if (key.equals(Constants.PR_CERT_FILEPATH)) + else if (key.equals(Constants.PR_CERT_FILEPATH)) certpath = value; } - + try { if (b64Cert == null || b64Cert.equals("")) { if (certpath == null || certpath.equals("")) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2505,8 +2606,8 @@ public final class CMSAdminServlet extends AdminServlet { throw ex; } else { FileInputStream in = new FileInputStream(certpath); - BufferedReader d = new BufferedReader( - new InputStreamReader(in)); + BufferedReader d = + new BufferedReader(new InputStreamReader(in)); String content = ""; b64Cert = ""; @@ -2525,13 +2626,15 @@ public final class CMSAdminServlet extends AdminServlet { } catch (IOException ee) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); throw new EBaseException( - CMS.getLogMessage("BASE_OPEN_FILE_FAILED")); + CMS.getLogMessage("BASE_OPEN_FILE_FAILED")); } CMS.debug("CMSAdminServlet: got b64Cert"); b64Cert = Cert.stripBrackets(b64Cert.trim()); @@ -2545,25 +2648,27 @@ public final class CMSAdminServlet extends AdminServlet { CMS.debug("CMSAdminServlet: exception: " + e.toString()); } - pathname = serverRoot + File.separator + serverID + File.separator - + "config" + File.separator + pathname; + pathname = serverRoot + File.separator + serverID + + File.separator + "config" + File.separator + pathname; - ICrossCertPairSubsystem ccps = (ICrossCertPairSubsystem) CMS - .getSubsystem("CrossCertPair"); + ICrossCertPairSubsystem ccps = + (ICrossCertPairSubsystem) CMS.getSubsystem("CrossCertPair"); try { - // this will import into internal ldap crossCerts entry + //this will import into internal ldap crossCerts entry ccps.importCert(bCert); } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); sendResponse(1, "xcert importing failure:" + e.toString(), - null, resp); + null, resp); return; } @@ -2574,19 +2679,20 @@ public final class CMSAdminServlet extends AdminServlet { } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(1, "xcerts publishing failure:" + e.toString(), - null, resp); + sendResponse(1, "xcerts publishing failure:" + e.toString(), null, resp); return; } - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); - String content = jssSubSystem.getCertPrettyPrint(b64Cert, + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); + String content = jssSubSystem.getCertPrettyPrint(b64Cert, super.getLocale(req)); results.add(Constants.PR_NICKNAME, "FBCA cross-signed cert"); @@ -2594,8 +2700,10 @@ public final class CMSAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -2603,8 +2711,10 @@ public final class CMSAdminServlet extends AdminServlet { } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2613,45 +2723,46 @@ public final class CMSAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; - // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); - // - // audit( auditMessage ); - // - // // rethrow the specific exception to be handled later - // throw eAudit3; - } + // } catch( ServletException eAudit3 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit3; + } } private String getNickname(String certType) throws EBaseException { String nickname = ""; if (certType.equals(Constants.PR_CA_SIGNING_CERT)) { - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); + ICertificateAuthority ca = + (ICertificateAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_CA); ISigningUnit signingUnit = ca.getSigningUnit(); nickname = signingUnit.getNickname(); } else if (certType.equals(Constants.PR_OCSP_SIGNING_CERT)) { - IOCSPAuthority ocsp = (IOCSPAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_OCSP); + IOCSPAuthority ocsp = + (IOCSPAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_OCSP); if (ocsp == null) { // this is a local CA service - ICertificateAuthority ca = (ICertificateAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_CA); + ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_CA); ISigningUnit signingUnit = ca.getOCSPSigningUnit(); nickname = signingUnit.getNickname(); @@ -2661,26 +2772,27 @@ public final class CMSAdminServlet extends AdminServlet { nickname = signingUnit.getNickname(); } } else if (certType.equals(Constants.PR_RA_SIGNING_CERT)) { - IRegistrationAuthority ra = (IRegistrationAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_RA); + IRegistrationAuthority ra = + (IRegistrationAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_RA); nickname = ra.getNickname(); } else if (certType.equals(Constants.PR_KRA_TRANSPORT_CERT)) { - IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) CMS - .getSubsystem(CMS.SUBSYSTEM_KRA); + IKeyRecoveryAuthority kra = + (IKeyRecoveryAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_KRA); nickname = kra.getNickname(); } else if (certType.equals(Constants.PR_SERVER_CERT)) { nickname = CMS.getServerCertNickname(); } else if (certType.equals(Constants.PR_SERVER_CERT_RADM)) { nickname = CMS.getServerCertNickname(); - } + } return nickname; } - private void getCertInfo(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void getCertInfo(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); NameValuePairs results = new NameValuePairs(); String pkcs = ""; @@ -2713,8 +2825,8 @@ public final class CMSAdminServlet extends AdminServlet { throw ex; } else { FileInputStream in = new FileInputStream(path); - BufferedReader d = new BufferedReader( - new InputStreamReader(in)); + BufferedReader d = + new BufferedReader(new InputStreamReader(in)); String content = ""; pkcs = ""; @@ -2737,10 +2849,9 @@ public final class CMSAdminServlet extends AdminServlet { pkcs = pkcs.trim(); int totalLen = pkcs.length(); - if (pkcs.indexOf(BEGIN_HEADER) != 0 - || pkcs.indexOf(END_HEADER) != (totalLen - 25)) { - throw (new EBaseException( - CMS.getLogMessage("BASE_INVALID_CERT_FORMAT"))); + if (pkcs.indexOf(BEGIN_HEADER) != 0 || + pkcs.indexOf(END_HEADER) != (totalLen - 25)) { + throw (new EBaseException(CMS.getLogMessage("BASE_INVALID_CERT_FORMAT"))); } String nickname = ""; @@ -2763,25 +2874,25 @@ public final class CMSAdminServlet extends AdminServlet { if (nickname.equals("")) nickname = getNickname(certType); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); String content = jssSubSystem.getCertPrettyPrint(pkcs, super.getLocale(req)); if (nickname != null && !nickname.equals("")) results.add(Constants.PR_NICKNAME, nickname); results.add(Constants.PR_CERT_CONTENT, content); - // results = jssSubSystem.getCertInfo(value); + //results = jssSubSystem.getCertInfo(value); sendResponse(SUCCESS, null, results, resp); } private void getCertPrettyPrint(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); String nickname = ""; String serialno = ""; String issuername = ""; @@ -2801,7 +2912,7 @@ public final class CMSAdminServlet extends AdminServlet { if (key.equals(Constants.PR_NICK_NAME)) { nickname = value; continue; - } + } if (key.equals(Constants.PR_SERIAL_NUMBER)) { serialno = value; continue; @@ -2812,19 +2923,19 @@ public final class CMSAdminServlet extends AdminServlet { } } - String print = jssSubSystem.getCertPrettyPrintAndFingerPrint(nickname, - serialno, issuername, locale); + String print = jssSubSystem.getCertPrettyPrintAndFingerPrint(nickname, + serialno, issuername, locale); pairs.add(nickname, print); sendResponse(SUCCESS, null, pairs, resp); } private void getRootCertTrustBit(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); String nickname = ""; String serialno = ""; String issuername = ""; @@ -2855,86 +2966,92 @@ public final class CMSAdminServlet extends AdminServlet { } } - String trustbit = jssSubSystem.getRootCertTrustBit(nickname, serialno, - issuername); + String trustbit = jssSubSystem.getRootCertTrustBit(nickname, + serialno, issuername); pairs.add(nickname, trustbit); sendResponse(SUCCESS, null, pairs, resp); } - private void getCACerts(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + private void getCACerts(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); NameValuePairs pairs = jssSubSystem.getCACerts(); sendResponse(SUCCESS, null, pairs, resp); } - private void deleteRootCert(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void deleteRootCert(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); int mindex = id.indexOf(":SERIAL#<"); String nickname = id.substring(0, mindex); String sstr1 = id.substring(mindex); int lindex = sstr1.indexOf(">"); String serialno = sstr1.substring(9, lindex); - String issuername = sstr1.substring(lindex + 1); + String issuername = sstr1.substring(lindex+1); jssSubSystem.deleteRootCert(nickname, serialno, issuername); sendResponse(SUCCESS, null, null, resp); } - private void deleteUserCert(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void deleteUserCert(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); int mindex = id.indexOf(":SERIAL#<"); String nickname = id.substring(0, mindex); String sstr1 = id.substring(mindex); int lindex = sstr1.indexOf(">"); String serialno = sstr1.substring(9, lindex); - String issuername = sstr1.substring(lindex + 1); + String issuername = sstr1.substring(lindex+1); jssSubSystem.deleteUserCert(nickname, serialno, issuername); sendResponse(SUCCESS, null, null, resp); } - private void getRootCerts(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + private void getRootCerts(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); NameValuePairs pairs = jssSubSystem.getRootCerts(); sendResponse(SUCCESS, null, pairs, resp); } private void getAllCertsManage(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); NameValuePairs pairs = jssSubSystem.getAllCertsManage(); sendResponse(SUCCESS, null, pairs, resp); } - private void getUserCerts(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + private void getUserCerts(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); NameValuePairs pairs = jssSubSystem.getUserCerts(); sendResponse(SUCCESS, null, pairs, resp); } - private void deleteCerts(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void deleteCerts(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); String nickname = ""; String date = ""; @@ -2952,18 +3069,18 @@ public final class CMSAdminServlet extends AdminServlet { nickname = value.substring(0, index); date = value.substring(index + 1); - // cant use this one now since jss doesnt have the interface to + // cant use this one now since jss doesnt have the interface to // do it. jssSubSystem.deleteCert(nickname, date); - // jssSubsystem.deleteCACert(nickname, date); + // jssSubsystem.deleteCACert(nickname, date); } sendResponse(SUCCESS, null, null, resp); } private void validateSubjectName(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); @@ -2972,19 +3089,19 @@ public final class CMSAdminServlet extends AdminServlet { String value = req.getParameter(key); if (key.equals(Constants.PR_SUBJECT_NAME)) { - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); jssSubSystem.isX500DN(value); } } sendResponse(SUCCESS, null, null, resp); - } + } private void validateKeyLength(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); String keyType = "RSA"; String keyLen = "512"; @@ -3003,18 +3120,18 @@ public final class CMSAdminServlet extends AdminServlet { } } int keyLength = Integer.parseInt(keyLen); - int minKey = mConfig.getInteger(ConfigConstants.PR_RSA_MIN_KEYLENGTH, - 512); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + int minKey = mConfig.getInteger( + ConfigConstants.PR_RSA_MIN_KEYLENGTH, 512); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); // jssSubSystem.checkKeyLength(keyType, keyLength, certType, minKey); sendResponse(SUCCESS, null, null, resp); } private void validateCurveName(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); String curveName = null; @@ -3030,22 +3147,21 @@ public final class CMSAdminServlet extends AdminServlet { String curveList = mConfig.getString("keys.ecc.curve.list", "nistp521"); String[] curves = curveList.split(","); boolean match = false; - for (int i = 0; i < curves.length; i++) { + for (int i=0; i<curves.length; i++) { if (curves[i].equals(curveName)) { match = true; } } if (!match) { - throw new EBaseException( - CMS.getUserMessage("CMS_BASE_INVALID_ECC_CURVE_NAME")); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ECC_CURVE_NAME")); } sendResponse(SUCCESS, null, null, resp); } private void validateCertExtension(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); String certExt = ""; @@ -3059,18 +3175,19 @@ public final class CMSAdminServlet extends AdminServlet { } } - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); jssSubSystem.checkCertificateExt(certExt); sendResponse(SUCCESS, null, null, resp); } - private void getSubjectName(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void getSubjectName(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration enum1 = req.getParameterNames(); - + String nickname = ""; String keyType = "RSA"; String keyLen = "512"; @@ -3088,8 +3205,8 @@ public final class CMSAdminServlet extends AdminServlet { } } - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); String subjectName = jssSubSystem.getSubjectDN(nickname); params.add(Constants.PR_SUBJECT_NAME, subjectName); @@ -3097,8 +3214,8 @@ public final class CMSAdminServlet extends AdminServlet { } private void processSubjectName(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration enum1 = req.getParameterNames(); @@ -3117,8 +3234,8 @@ public final class CMSAdminServlet extends AdminServlet { } } - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); String subjectName = jssSubSystem.getSubjectDN(nickname); params.add(Constants.PR_SUBJECT_NAME, subjectName); @@ -3126,8 +3243,8 @@ public final class CMSAdminServlet extends AdminServlet { } public void setRootCertTrust(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); String nickname = req.getParameter(Constants.PR_NICK_NAME); @@ -3137,15 +3254,16 @@ public final class CMSAdminServlet extends AdminServlet { CMS.debug("CMSAdminServlet: setRootCertTrust()"); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); try { - jssSubSystem - .setRootCertTrust(nickname, serialno, issuername, trust); - } catch (EBaseException e) { + jssSubSystem.setRootCertTrust(nickname, serialno, issuername, trust); + } catch (EBaseException e) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later @@ -3154,8 +3272,10 @@ public final class CMSAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -3165,19 +3285,19 @@ public final class CMSAdminServlet extends AdminServlet { /** * Establish trust of a CA certificate * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when - * "Manage Certificate" is used to edit the trustness of certs and deletion - * of certs + * "Manage Certificate" is used to edit the trustness of certs and + * deletion of certs * </ul> - * * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException failed to establish CA certificate trust */ - private void trustCACert(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void trustCACert(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -3187,8 +3307,8 @@ public final class CMSAdminServlet extends AdminServlet { // to the signed audit log and stored as failures try { Enumeration enum1 = req.getParameterNames(); - ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jssSubSystem = (ICryptoSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); String trust = ""; while (enum1.hasMoreElements()) { @@ -3208,18 +3328,22 @@ public final class CMSAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); - // sendResponse(SUCCESS, null, null, resp); + //sendResponse(SUCCESS, null, null, resp); sendResponse(RESTART, null, null, resp); } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -3228,46 +3352,50 @@ public final class CMSAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; - // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); - // - // audit( auditMessage ); - // - // // rethrow the specific exception to be handled later - // throw eAudit3; - } + // } catch( ServletException eAudit3 ) { + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); + // + // audit( auditMessage ); + // + // // rethrow the specific exception to be handled later + // throw eAudit3; + } } /** * Execute all self tests specified to be run on demand. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION used when self * tests are run on demand * </ul> - * - * @exception EMissingSelfTestException a self test plugin instance property - * name was missing + * @exception EMissingSelfTestException a self test plugin instance + * property name was missing * @exception ESelfTestException a self test is missing a required - * configuration parameter + * configuration parameter * @exception IOException an input/output error has occurred */ - private synchronized void runSelfTestsOnDemand(HttpServletRequest req, - HttpServletResponse resp) throws EMissingSelfTestException, - ESelfTestException, IOException { + private synchronized void + runSelfTestsOnDemand(HttpServletRequest req, + HttpServletResponse resp) + throws EMissingSelfTestException, + ESelfTestException, + IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -3276,7 +3404,7 @@ public final class CMSAdminServlet extends AdminServlet { try { if (CMS.debugOn()) { CMS.debug("CMSAdminServlet::runSelfTestsOnDemand():" - + " ENTERING . . ."); + + " ENTERING . . ."); } Enumeration enum1 = req.getParameterNames(); @@ -3296,28 +3424,32 @@ public final class CMSAdminServlet extends AdminServlet { } } - ISelfTestSubsystem mSelfTestSubsystem = (ISelfTestSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_SELFTESTS); + ISelfTestSubsystem mSelfTestSubsystem = (ISelfTestSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_SELFTESTS); - if ((request == null) || (request.equals(""))) { + if ((request == null) || + (request.equals(""))) { // self test plugin run on demand request parameter was missing // log the error - logMessage = CMS.getLogMessage( - "SELFTESTS_RUN_ON_DEMAND_REQUEST", getServletInfo(), - Constants.PR_RUN_SELFTESTS_ON_DEMAND); + logMessage = CMS.getLogMessage("SELFTESTS_RUN_ON_DEMAND_REQUEST", + getServletInfo(), + Constants.PR_RUN_SELFTESTS_ON_DEMAND + ); mSelfTestSubsystem.log(mSelfTestSubsystem.getSelfTestLogger(), - logMessage); + logMessage); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, - auditSubjectID, ILogger.FAILURE); + LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, + auditSubjectID, + ILogger.FAILURE); audit(auditMessage); // notify console of FAILURE - content += logMessage + "\n"; + content += logMessage + + "\n"; sendResponse(ERROR, content, null, resp); // raise an exception @@ -3325,77 +3457,83 @@ public final class CMSAdminServlet extends AdminServlet { } // run all self test plugin instances (designated on-demand) - String[] selftests = mSelfTestSubsystem - .listSelfTestsEnabledOnDemand(); + String[] selftests = mSelfTestSubsystem.listSelfTestsEnabledOnDemand(); if (selftests != null && selftests.length > 0) { // log that execution of on-demand self tests has begun logMessage = CMS.getLogMessage("SELFTESTS_RUN_ON_DEMAND", - getServletInfo()); + getServletInfo()); mSelfTestSubsystem.log(mSelfTestSubsystem.getSelfTestLogger(), - logMessage); + logMessage); // store this information for console notification - content += logMessage + "\n"; + content += logMessage + + "\n"; for (int i = 0; i < selftests.length; i++) { if (selftests[i] != null) { instanceName = selftests[i].trim(); - instanceFullName = ISelfTestSubsystem.ID + "." - + ISelfTestSubsystem.PROP_CONTAINER + "." - + ISelfTestSubsystem.PROP_INSTANCE + "." + instanceFullName = ISelfTestSubsystem.ID + + "." + + ISelfTestSubsystem.PROP_CONTAINER + + "." + + ISelfTestSubsystem.PROP_INSTANCE + + "." + instanceName; } else { // self test plugin instance property name was missing // log the error logMessage = CMS.getLogMessage( - "SELFTESTS_PARAMETER_WAS_NULL", - getServletInfo()); + "SELFTESTS_PARAMETER_WAS_NULL", + getServletInfo()); mSelfTestSubsystem.log( - mSelfTestSubsystem.getSelfTestLogger(), - logMessage); + mSelfTestSubsystem.getSelfTestLogger(), + logMessage); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, - auditSubjectID, ILogger.FAILURE); + LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, + auditSubjectID, + ILogger.FAILURE); audit(auditMessage); // notify console of FAILURE - content += logMessage + "\n"; + content += logMessage + + "\n"; sendResponse(ERROR, content, null, resp); // raise an exception throw new EMissingSelfTestException(); } - ISelfTest test = (ISelfTest) mSelfTestSubsystem - .getSelfTest(instanceName); + ISelfTest test = (ISelfTest) + mSelfTestSubsystem.getSelfTest(instanceName); if (test == null) { - // self test plugin instance property name is not - // present + // self test plugin instance property name is not present // log the error - logMessage = CMS.getLogMessage( - "SELFTESTS_MISSING_NAME", getServletInfo(), - instanceFullName); + logMessage = CMS.getLogMessage("SELFTESTS_MISSING_NAME", + getServletInfo(), + instanceFullName); mSelfTestSubsystem.log( - mSelfTestSubsystem.getSelfTestLogger(), - logMessage); + mSelfTestSubsystem.getSelfTestLogger(), + logMessage); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, - auditSubjectID, ILogger.FAILURE); + LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, + auditSubjectID, + ILogger.FAILURE); audit(auditMessage); // notify console of FAILURE - content += logMessage + "\n"; + content += logMessage + + "\n"; sendResponse(ERROR, content, null, resp); // raise an exception @@ -3405,14 +3543,15 @@ public final class CMSAdminServlet extends AdminServlet { try { if (CMS.debugOn()) { CMS.debug("CMSAdminServlet::runSelfTestsOnDemand():" - + " running \"" - + test.getSelfTestName() - + "\""); + + " running \"" + + test.getSelfTestName() + + "\""); } // store this information for console notification content += "CMSAdminServlet::runSelfTestsOnDemand():" - + " running \"" + test.getSelfTestName() + + " running \"" + + test.getSelfTestName() + "\" . . .\n"; test.runSelfTest(mSelfTestSubsystem.getSelfTestLogger()); @@ -3421,27 +3560,30 @@ public final class CMSAdminServlet extends AdminServlet { content += "COMPLETED SUCCESSFULLY\n"; } catch (ESelfTestException e) { // Check to see if the self test was critical: - if (mSelfTestSubsystem - .isSelfTestCriticalOnDemand(instanceName)) { + if (mSelfTestSubsystem.isSelfTestCriticalOnDemand( + instanceName)) { // log the error logMessage = CMS.getLogMessage( - "SELFTESTS_RUN_ON_DEMAND_FAILED", - getServletInfo(), instanceFullName); + "SELFTESTS_RUN_ON_DEMAND_FAILED", + getServletInfo(), + instanceFullName); mSelfTestSubsystem.log( - mSelfTestSubsystem.getSelfTestLogger(), - logMessage); + mSelfTestSubsystem.getSelfTestLogger(), + logMessage); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, - auditSubjectID, ILogger.FAILURE); + LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, + auditSubjectID, + ILogger.FAILURE); audit(auditMessage); // notify console of FAILURE content += "FAILED WITH CRITICAL ERROR\n"; - content += logMessage + "\n"; + content += logMessage + + "\n"; sendResponse(ERROR, content, null, resp); // shutdown the system gracefully @@ -3457,47 +3599,52 @@ public final class CMSAdminServlet extends AdminServlet { // log that execution of all "critical" on-demand self tests // has completed "successfully" - logMessage = CMS.getLogMessage( - "SELFTESTS_RUN_ON_DEMAND_SUCCEEDED", getServletInfo()); + logMessage = CMS.getLogMessage("SELFTESTS_RUN_ON_DEMAND_SUCCEEDED", + getServletInfo()); mSelfTestSubsystem.log(mSelfTestSubsystem.getSelfTestLogger(), - logMessage); + logMessage); // store this information for console notification - content += logMessage + "\n"; + content += logMessage + + "\n"; } else { // log this fact logMessage = CMS.getLogMessage("SELFTESTS_NOT_RUN_ON_DEMAND", - getServletInfo()); + getServletInfo()); mSelfTestSubsystem.log(mSelfTestSubsystem.getSelfTestLogger(), - logMessage); + logMessage); // store this information for console notification - content += logMessage + "\n"; + content += logMessage + + "\n"; } // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, auditSubjectID, - ILogger.SUCCESS); + LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, + auditSubjectID, + ILogger.SUCCESS); audit(auditMessage); // notify console of SUCCESS results.add(Constants.PR_RUN_SELFTESTS_ON_DEMAND_CLASS, - CMSAdminServlet.class.getName()); - results.add(Constants.PR_RUN_SELFTESTS_ON_DEMAND_CONTENT, content); + CMSAdminServlet.class.getName()); + results.add(Constants.PR_RUN_SELFTESTS_ON_DEMAND_CONTENT, + content); sendResponse(SUCCESS, null, results, resp); if (CMS.debugOn()) { CMS.debug("CMSAdminServlet::runSelfTestsOnDemand():" - + " EXITING."); + + " EXITING."); } } catch (EMissingSelfTestException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, auditSubjectID, - ILogger.FAILURE); + LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, + auditSubjectID, + ILogger.FAILURE); audit(auditMessage); @@ -3506,8 +3653,9 @@ public final class CMSAdminServlet extends AdminServlet { } catch (ESelfTestException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, auditSubjectID, - ILogger.FAILURE); + LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, + auditSubjectID, + ILogger.FAILURE); audit(auditMessage); @@ -3516,8 +3664,9 @@ public final class CMSAdminServlet extends AdminServlet { } catch (IOException eAudit3) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, auditSubjectID, - ILogger.FAILURE); + LOGGING_SIGNED_AUDIT_SELFTESTS_EXECUTION, + auditSubjectID, + ILogger.FAILURE); audit(auditMessage); @@ -3527,17 +3676,16 @@ public final class CMSAdminServlet extends AdminServlet { } public void log(int level, String msg) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, level, - "CMSAdminServlet: " + msg); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, level, "CMSAdminServlet: " + msg); } /** * Signed Audit Log Public Key - * + * * This method is called to obtain the public key from the passed in * "KeyPair" object for a signed audit log message. * <P> - * + * * @param object a Key Pair Object * @return key string containing the public key */ @@ -3586,3 +3734,4 @@ public final class CMSAdminServlet extends AdminServlet { } } } + diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/JobsAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/JobsAdminServlet.java index a4b82b13..7f18d94e 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/JobsAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/JobsAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.util.Enumeration; import java.util.Locale; @@ -41,9 +42,10 @@ import com.netscape.certsrv.jobs.IJobsScheduler; import com.netscape.certsrv.jobs.JobPlugin; import com.netscape.certsrv.logging.ILogger; + /** - * A class representing an administration servlet for the Jobs Scheduler and - * it's scheduled jobs. + * A class representing an administration servlet for the + * Jobs Scheduler and it's scheduled jobs. * * @version $Revision$, $Date$ */ @@ -73,23 +75,24 @@ public class JobsAdminServlet extends AdminServlet { */ public void init(ServletConfig config) throws ServletException { super.init(config); - mJobsSched = (IJobsScheduler) CMS.getSubsystem(CMS.SUBSYSTEM_JOBS); + mJobsSched = (IJobsScheduler) + CMS.getSubsystem(CMS.SUBSYSTEM_JOBS); } /** * Returns serlvet information. */ - public String getServletInfo() { - return INFO; + public String getServletInfo() { + return INFO; } - /** - * retrieve extended plugin info such as brief description, type info from - * jobs + /** + * retrieve extended plugin info such as brief description, type info + * from jobs */ private void getExtendedPluginInfo(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); int colon = id.indexOf(':'); @@ -97,18 +100,18 @@ public class JobsAdminServlet extends AdminServlet { String implType = id.substring(0, colon); String implName = id.substring(colon + 1); - NameValuePairs params = getExtendedPluginInfo(getLocale(req), implType, - implName); + NameValuePairs params = + getExtendedPluginInfo(getLocale(req), implType, implName); sendResponse(SUCCESS, null, params, resp); } - private NameValuePairs getExtendedPluginInfo(Locale locale, - String implType, String implName) { + private NameValuePairs getExtendedPluginInfo(Locale locale, String implType, String implName) { IExtendedPluginInfo ext_info = null; Object impl = null; - JobPlugin jp = (JobPlugin) mJobsSched.getPlugins().get(implName); + JobPlugin jp = + (JobPlugin) mJobsSched.getPlugins().get(implName); if (jp != null) impl = getClassByNameAsExtendedPluginInfo(jp.getClassPath()); @@ -123,8 +126,7 @@ public class JobsAdminServlet extends AdminServlet { if (ext_info == null) { nvps = new NameValuePairs(); } else { - nvps = convertStringArrayToNVPairs(ext_info - .getExtendedPluginInfo(locale)); + nvps = convertStringArrayToNVPairs(ext_info.getExtendedPluginInfo(locale)); } return nvps; @@ -135,24 +137,25 @@ public class JobsAdminServlet extends AdminServlet { * Serves HTTP admin request. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); String scope = req.getParameter(Constants.OP_SCOPE); String op = req.getParameter(Constants.OP_TYPE); if (op == null) { - // System.out.println("SRVLT_INVALID_PROTOCOL"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); + //System.out.println("SRVLT_INVALID_PROTOCOL"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), + null, resp); return; } try { super.authenticate(req); } catch (IOException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); + sendResponse(ERROR,CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHS_FAILED"), + null, resp); return; } @@ -161,8 +164,9 @@ public class JobsAdminServlet extends AdminServlet { if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_JOBS)) @@ -170,26 +174,27 @@ public class JobsAdminServlet extends AdminServlet { else if (scope.equals(ScopeDef.SC_JOBS_IMPLS)) getConfig(req, resp); else if (scope.equals(ScopeDef.SC_JOBS_INSTANCE)) - getInstConfig(req, resp); + getInstConfig(req, resp); else if (scope.equals(ScopeDef.SC_EXTENDED_PLUGIN_INFO)) { - try { - getExtendedPluginInfo(req, resp); - } catch (EBaseException e) { - sendResponse(ERROR, e.toString(getLocale(req)), null, - resp); - return; + try { + getExtendedPluginInfo(req, resp); + } catch (EBaseException e) { + sendResponse(ERROR, e.toString(getLocale(req)), null, resp); + return; } } else { - // System.out.println("SRVLT_INVALID_OP_SCOPE"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + //System.out.println("SRVLT_INVALID_OP_SCOPE"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_JOBS)) { @@ -197,15 +202,17 @@ public class JobsAdminServlet extends AdminServlet { } else if (scope.equals(ScopeDef.SC_JOBS_INSTANCE)) { modJobsInst(req, resp, scope); } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_JOBS_IMPLS)) @@ -213,16 +220,18 @@ public class JobsAdminServlet extends AdminServlet { else if (scope.equals(ScopeDef.SC_JOBS_INSTANCE)) listJobsInsts(req, resp); else { - // System.out.println("SRVLT_INVALID_OP_SCOPE"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + //System.out.println("SRVLT_INVALID_OP_SCOPE"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_ADD)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_JOBS_IMPLS)) @@ -230,16 +239,18 @@ public class JobsAdminServlet extends AdminServlet { else if (scope.equals(ScopeDef.SC_JOBS_INSTANCE)) addJobsInst(req, resp, scope); else { - // System.out.println("SRVLT_INVALID_OP_SCOPE"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + //System.out.println("SRVLT_INVALID_OP_SCOPE"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_DELETE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_JOBS_IMPLS)) @@ -247,54 +258,58 @@ public class JobsAdminServlet extends AdminServlet { else if (scope.equals(ScopeDef.SC_JOBS_INSTANCE)) delJobsInst(req, resp, scope); else { - // System.out.println("SRVLT_INVALID_OP_SCOPE"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + //System.out.println("SRVLT_INVALID_OP_SCOPE"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), + null, resp); return; } } catch (EBaseException e) { sendResponse(ERROR, e.toString(getLocale(req)), null, resp); return; - } + } } - private synchronized void addJobPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addJobPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // is the job plugin id unique? if (mJobsSched.getPlugins().containsKey((Object) id)) { - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_ILL_JOB_PLUGIN_ID", id)).toString(), - null, resp); + sendResponse(ERROR, + new EJobsException(CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_ILL_JOB_PLUGIN_ID", id)).toString(), + null, resp); return; } String classPath = req.getParameter(Constants.PR_JOBS_CLASS); if (classPath == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_NULL_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_NULL_CLASS"), + null, resp); return; } - IConfigStore destStore = mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); // Does the class exist? Class newImpl = null; @@ -302,25 +317,29 @@ public class JobsAdminServlet extends AdminServlet { try { newImpl = Class.forName(classPath); } catch (ClassNotFoundException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_NO_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_NO_CLASS"), + null, resp); return; } catch (IllegalArgumentException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_NO_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_NO_CLASS"), + null, resp); return; } // is the class an IJob? try { if (IJob.class.isAssignableFrom(newImpl) == false) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_ILL_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_ILL_CLASS"), + null, resp); return; } } catch (NullPointerException e) { // unlikely, only if newImpl null. - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_ILL_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_ILL_CLASS"), + null, resp); return; } @@ -332,9 +351,10 @@ public class JobsAdminServlet extends AdminServlet { try { mConfig.commit(true); } catch (EBaseException e) { - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -342,8 +362,8 @@ public class JobsAdminServlet extends AdminServlet { JobPlugin plugin = new JobPlugin(id, classPath); mJobsSched.getPlugins().put(id, plugin); - mJobsSched.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_JS_PLUGIN_ADD", id)); + mJobsSched.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_JS_PLUGIN_ADD", id)); NameValuePairs params = new NameValuePairs(); @@ -351,22 +371,24 @@ public class JobsAdminServlet extends AdminServlet { return; } - private synchronized void addJobsInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addJobsInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // is the job instance id unique? if (mJobsSched.getInstances().containsKey((Object) id)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_ILL_JOB_INST_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_ILL_JOB_INST_ID"), + null, resp); return; } @@ -376,20 +398,22 @@ public class JobsAdminServlet extends AdminServlet { String implname = req.getParameter(Constants.PR_JOBS_IMPL_NAME); if (implname == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_ADD_MISSING_PARAMS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_ADD_MISSING_PARAMS"), + null, resp); return; } // check if implementation exists. - JobPlugin plugin = (JobPlugin) mJobsSched.getPlugins().get(implname); + JobPlugin plugin = + (JobPlugin) mJobsSched.getPlugins().get(implname); if (plugin == null) { - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_JOB_PLUGIN_NOT_FOUND", id)) - .toString(), null, resp); + sendResponse(ERROR, + new + EJobsException(CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_JOB_PLUGIN_NOT_FOUND", + id)).toString(), + null, resp); return; } @@ -398,8 +422,10 @@ public class JobsAdminServlet extends AdminServlet { // are there, but not checking the values are valid String[] configParams = mJobsSched.getConfigParams(implname); - IConfigStore destStore = mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); IConfigStore substore = instancesConfig.makeSubStore(id); if (configParams != null) { @@ -410,13 +436,11 @@ public class JobsAdminServlet extends AdminServlet { if (val != null && !val.equals("")) { substore.put(key, val); } else if (!key.equals("profileId")) { - sendResponse( - ERROR, - new EJobsException( - CMS.getUserMessage( - getLocale(req), - "CMS_JOB_SRVLT_MISSING_INST_PARAM_VAL", - key)).toString(), null, resp); + sendResponse(ERROR, + new + EJobsException(CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_MISSING_INST_PARAM_VAL", + key)).toString(), + null, resp); return; } } @@ -433,32 +457,29 @@ public class JobsAdminServlet extends AdminServlet { } catch (ClassNotFoundException e) { // cleanup instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), - null, resp); + sendResponse(ERROR, + new EJobsException( + CMS.getUserMessage(getLocale(req),"CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), + null, resp); return; } catch (InstantiationException e) { instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), - null, resp); + sendResponse(ERROR, + new EJobsException( + CMS.getUserMessage(getLocale(req),"CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), - null, resp); + sendResponse(ERROR, + new EJobsException( + CMS.getUserMessage(getLocale(req),"CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), + null, resp); return; } - - IJobsScheduler scheduler = (IJobsScheduler) CMS - .getSubsystem(CMS.SUBSYSTEM_JOBS); + + IJobsScheduler scheduler = (IJobsScheduler) + CMS.getSubsystem(CMS.SUBSYSTEM_JOBS); // initialize the job plugin try { @@ -476,16 +497,17 @@ public class JobsAdminServlet extends AdminServlet { } catch (EBaseException e) { // clean up. instancesConfig.removeSubStore(id); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // inited and commited ok. now add manager instance to list. mJobsSched.getInstances().put(id, jobsInst); - mJobsSched.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_JOB_INST_ADD", id)); + mJobsSched.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_JOB_INST_ADD", id)); NameValuePairs params = new NameValuePairs(); @@ -494,93 +516,101 @@ public class JobsAdminServlet extends AdminServlet { return; } - private synchronized void listJobPlugins(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listJobPlugins(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = mJobsSched.getPlugins().keys(); while (e.hasMoreElements()) { String name = (String) e.nextElement(); - JobPlugin value = (JobPlugin) mJobsSched.getPlugins().get(name); + JobPlugin value = (JobPlugin) + mJobsSched.getPlugins().get(name); params.add(name, value.getClassPath()); - // params.add(name, value.getClassPath()+EDIT); + // params.add(name, value.getClassPath()+EDIT); } sendResponse(SUCCESS, null, params, resp); return; } - private synchronized void listJobsInsts(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listJobsInsts(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); - for (Enumeration e = mJobsSched.getInstances().keys(); e - .hasMoreElements();) { + for (Enumeration e = mJobsSched.getInstances().keys(); + e.hasMoreElements();) { String name = (String) e.nextElement(); - IJob value = (IJob) mJobsSched.getInstances().get((Object) name); + IJob value = (IJob) + mJobsSched.getInstances().get((Object) name); - // params.add(name, value.getImplName()); - params.add(name, value.getImplName() + VISIBLE - + (value.isEnabled() ? ENABLED : DISABLED)); + // params.add(name, value.getImplName()); + params.add(name, value.getImplName() + VISIBLE + + (value.isEnabled() ? ENABLED : DISABLED) + ); } sendResponse(SUCCESS, null, params, resp); return; } - private synchronized void delJobPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, + private synchronized void delJobPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does this job plugin exist? if (mJobsSched.getPlugins().containsKey(id) == false) { - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_JOB_PLUGIN_NOT_FOUND", id)) - .toString(), null, resp); + sendResponse(ERROR, + new + EJobsException(CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_JOB_PLUGIN_NOT_FOUND", + id)).toString(), + null, resp); return; } // first check if any instances from this job plugin // DON'T remove job plugin if any instance - for (Enumeration e = mJobsSched.getInstances().elements(); e - .hasMoreElements();) { + for (Enumeration e = mJobsSched.getInstances().elements(); + e.hasMoreElements();) { IJob jobs = (IJob) e.nextElement(); if ((jobs.getImplName()).equals(id)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_JOB_IN_USE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_JOB_IN_USE"), + null, resp); return; } } - + // then delete this job plugin mJobsSched.getPlugins().remove((Object) id); - IConfigStore destStore = mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); instancesConfig.removeSubStore(id); // commiting try { mConfig.commit(true); } catch (EBaseException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -588,49 +618,52 @@ public class JobsAdminServlet extends AdminServlet { return; } - private synchronized void delJobsInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, + private synchronized void delJobsInst(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does job plugin instance exist? if (mJobsSched.getInstances().containsKey(id) == false) { - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_JOB_NOT_FOUND", id)).toString(), - null, resp); + sendResponse(ERROR, + new EJobsException(CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_JOB_NOT_FOUND", + id)).toString(), + null, resp); return; } // only remove from memory // cannot shutdown because we don't keep track of whether it's - // being used. + // being used. IJob jobInst = (IJob) mJobsSched.getInstances().get(id); mJobsSched.getInstances().remove((Object) id); // remove the configuration. - IConfigStore destStore = mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); instancesConfig.removeSubStore(id); // commiting try { mConfig.commit(true); } catch (EBaseException e) { - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -639,23 +672,25 @@ public class JobsAdminServlet extends AdminServlet { } /** - * used for getting the required configuration parameters (with possible - * default values) for a particular job plugin implementation name specified - * in the RS_ID. Actually, there is no logic in here to set any default - * value here...there's no default value for any parameter in this job - * scheduler subsystem at this point. Later, if we do have one (or some), it - * can be added. The interface remains the same. + * used for getting the required configuration parameters (with + * possible default values) for a particular job plugin + * implementation name specified in the RS_ID. Actually, there is + * no logic in here to set any default value here...there's no + * default value for any parameter in this job scheduler subsystem + * at this point. Later, if we do have one (or some), it can be + * added. The interface remains the same. */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String implname = req.getParameter(Constants.RS_ID); if (implname == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -673,25 +708,25 @@ public class JobsAdminServlet extends AdminServlet { return; } - private synchronized void getInstConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getInstConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does job plugin instance exist? if (mJobsSched.getInstances().containsKey(id) == false) { - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_JOB_NOT_FOUND", id)).toString(), - null, resp); + sendResponse(ERROR, + new EJobsException(CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_JOB_NOT_FOUND", + id)).toString(), + null, resp); return; } @@ -722,30 +757,34 @@ public class JobsAdminServlet extends AdminServlet { } /** - * Modify job plugin instance. This will actually create a new instance with - * new configuration parameters and replace the old instance, if the new - * instance created and initialized successfully. The old instance is left - * running. so this is very expensive. Restart of server recommended. + * Modify job plugin instance. + * This will actually create a new instance with new configuration + * parameters and replace the old instance, if the new instance + * created and initialized successfully. + * The old instance is left running. so this is very expensive. + * Restart of server recommended. */ - private synchronized void modJobsInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void modJobsInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { // expensive operation. String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // Does the job instance exist? if (!mJobsSched.getInstances().containsKey((Object) id)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_ILL_JOB_INST_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_ILL_JOB_INST_ID"), + null, resp); return; } @@ -753,26 +792,28 @@ public class JobsAdminServlet extends AdminServlet { String implname = req.getParameter(Constants.PR_JOBS_IMPL_NAME); if (implname == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_ADD_MISSING_PARAMS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_ADD_MISSING_PARAMS"), + null, resp); return; } - // get plugin for implementation - JobPlugin plugin = (JobPlugin) mJobsSched.getPlugins().get(implname); + // get plugin for implementation + JobPlugin plugin = + (JobPlugin) mJobsSched.getPlugins().get(implname); if (plugin == null) { - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_SRVLT_JOB_PLUGIN_NOT_FOUND", id)) - .toString(), null, resp); + sendResponse(ERROR, + new EJobsException(CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_JOB_PLUGIN_NOT_FOUND", + id)).toString(), + null, resp); return; } - // save old instance substore params in case new one fails. + // save old instance substore params in case new one fails. - IJob oldinst = (IJob) mJobsSched.getInstances().get((Object) id); + IJob oldinst = + (IJob) mJobsSched.getInstances().get((Object) id); IConfigStore oldConfig = oldinst.getConfigStore(); String[] oldConfigParms = oldinst.getConfigParams(); @@ -780,7 +821,7 @@ public class JobsAdminServlet extends AdminServlet { // implName is always required so always include it it. saveParams.add(IJobsScheduler.PROP_PLUGIN, - (String) oldConfig.get(IJobsScheduler.PROP_PLUGIN)); + (String) oldConfig.get(IJobsScheduler.PROP_PLUGIN)); if (oldConfigParms != null) { for (int i = 0; i < oldConfigParms.length; i++) { String key = oldConfigParms[i]; @@ -796,8 +837,10 @@ public class JobsAdminServlet extends AdminServlet { // remove old substore. - IConfigStore destStore = mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); - IConfigStore instancesConfig = destStore.getSubStore(scope); + IConfigStore destStore = + mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); + IConfigStore instancesConfig = + destStore.getSubStore(scope); instancesConfig.removeSubStore(id); @@ -817,13 +860,11 @@ public class JobsAdminServlet extends AdminServlet { substore.put(key, val); } else if (!key.equals("profileId")) { restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new EJobsException( - CMS.getUserMessage( - getLocale(req), - "CMS_JOB_SRVLT_MISSING_INST_PARAM_VAL", - key)).toString(), null, resp); + sendResponse(ERROR, + new + EJobsException(CMS.getUserMessage(getLocale(req),"CMS_JOB_SRVLT_MISSING_INST_PARAM_VAL", + key)).toString(), + null, resp); return; } } @@ -838,34 +879,31 @@ public class JobsAdminServlet extends AdminServlet { } catch (ClassNotFoundException e) { // cleanup restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), - null, resp); + sendResponse(ERROR, + new EJobsException( + CMS.getUserMessage(getLocale(req),"CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), + null, resp); return; } catch (InstantiationException e) { restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), - null, resp); + sendResponse(ERROR, + new EJobsException( + CMS.getUserMessage(getLocale(req),"CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new EJobsException(CMS.getUserMessage(getLocale(req), - "CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), - null, resp); + sendResponse(ERROR, + new EJobsException( + CMS.getUserMessage(getLocale(req),"CMS_JOB_LOAD_CLASS_FAILED", className)).toString(), + null, resp); return; } // initialize the job plugin - IJobsScheduler scheduler = (IJobsScheduler) CMS - .getSubsystem(CMS.SUBSYSTEM_JOBS); + IJobsScheduler scheduler = (IJobsScheduler) + CMS.getSubsystem(CMS.SUBSYSTEM_JOBS); try { newJobInst.init(scheduler, id, implname, substore); @@ -881,16 +919,17 @@ public class JobsAdminServlet extends AdminServlet { return; } - // initialized ok. commiting + // initialized ok. commiting try { mConfig.commit(true); } catch (EBaseException e) { // clean up. restore(instancesConfig, id, saveParams); - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -898,8 +937,8 @@ public class JobsAdminServlet extends AdminServlet { mJobsSched.getInstances().put(id, newJobInst); - mJobsSched.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_JOB_INST_REP", id)); + mJobsSched.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_JOB_INST_REP", id)); NameValuePairs params = new NameValuePairs(); @@ -907,24 +946,26 @@ public class JobsAdminServlet extends AdminServlet { return; } - private void getSettings(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void getSettings(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); IConfigStore config = mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); - params.add(Constants.PR_ENABLE, - config.getString(IJobsScheduler.PROP_ENABLED, Constants.FALSE)); + params.add(Constants.PR_ENABLE, + config.getString(IJobsScheduler.PROP_ENABLED, + Constants.FALSE)); // default 1 minute - params.add(Constants.PR_JOBS_FREQUENCY, - config.getString(IJobsScheduler.PROP_INTERVAL, "1")); + params.add(Constants.PR_JOBS_FREQUENCY, + config.getString(IJobsScheduler.PROP_INTERVAL, "1")); - // System.out.println("Send: "+params.toString()); + //System.out.println("Send: "+params.toString()); sendResponse(SUCCESS, null, params, resp); } private void setSettings(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { - // Save New Settings to the config file + throws ServletException, IOException, EBaseException { + //Save New Settings to the config file IConfigStore config = mConfig.getSubStore(DestDef.DEST_JOBS_ADMIN); String enabled = config.getString(IJobsScheduler.PROP_ENABLED); @@ -937,13 +978,14 @@ public class JobsAdminServlet extends AdminServlet { config.putString(IJobsScheduler.PROP_ENABLED, enabledSetTo); } - // set frequency - String interval = req.getParameter(Constants.PR_JOBS_FREQUENCY); + //set frequency + String interval = + req.getParameter(Constants.PR_JOBS_FREQUENCY); if (interval != null) { config.putString(IJobsScheduler.PROP_INTERVAL, interval); - mJobsSched.setInterval(config - .getInteger(IJobsScheduler.PROP_INTERVAL)); + mJobsSched.setInterval( + config.getInteger(IJobsScheduler.PROP_INTERVAL)); } if (enabledChanged == true) { @@ -957,8 +999,8 @@ public class JobsAdminServlet extends AdminServlet { } // convenience routine. - private static void restore(IConfigStore store, String id, - NameValuePairs saveParams) { + private static void restore(IConfigStore store, + String id, NameValuePairs saveParams) { store.removeSubStore(id); IConfigStore rstore = store.makeSubStore(id); @@ -968,7 +1010,7 @@ public class JobsAdminServlet extends AdminServlet { String key = (String) keys.nextElement(); String value = saveParams.getValue(key); - if (!value.equals("")) + if (!value.equals("")) rstore.put(key, value); } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java index 9efe2b73..2c780bb2 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/KRAAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.util.Enumeration; import java.util.Hashtable; @@ -42,11 +43,13 @@ import com.netscape.certsrv.password.IPasswordCheck; import com.netscape.certsrv.security.Credential; import com.netscape.certsrv.security.IStorageKeyUnit; + /** - * A class representings an administration servlet for Key Recovery Authority. - * This servlet is responsible to serve KRA administrative operation such as - * configuration parameter updates. - * + * A class representings an administration servlet for Key + * Recovery Authority. This servlet is responsible to serve + * KRA administrative operation such as configuration + * parameter updates. + * * @version $Revision$, $Date$ */ public class KRAAdminServlet extends AdminServlet { @@ -61,7 +64,8 @@ public class KRAAdminServlet extends AdminServlet { private IKeyRecoveryAuthority mKRA = null; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_DRM = "LOGGING_SIGNED_AUDIT_CONFIG_DRM_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_DRM = + "LOGGING_SIGNED_AUDIT_CONFIG_DRM_3"; /** * Constructs KRA servlet. @@ -77,57 +81,63 @@ public class KRAAdminServlet extends AdminServlet { /** * Returns serlvet information. - * + * * @return name of this servlet */ - public String getServletInfo() { - return INFO; + public String getServletInfo() { + return INFO; } /** * Serves HTTP admin request. - * + * * @param req HTTP request * @param resp HTTP response */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); super.authenticate(req); String scope = req.getParameter(Constants.OP_SCOPE); if (scope == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } String op = req.getParameter(Constants.OP_TYPE); if (op == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), + null, resp); return; } - + try { AUTHZ_RES_NAME = "certServer.kra.configuration"; if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } - /* - * Functions not implemented in console if - * (scope.equals(ScopeDef.SC_AUTO_RECOVERY)) { - * readAutoRecoveryConfig(req, resp); return; } else if - * (scope.equals(ScopeDef.SC_RECOVERY)) { - * readRecoveryConfig(req, resp); return; } else if - * (scope.equals(ScopeDef.SC_NOTIFICATION_RIQ)) { - * getNotificationRIQConfig(req, resp); return; } else - */ + /* Functions not implemented in console + if (scope.equals(ScopeDef.SC_AUTO_RECOVERY)) { + readAutoRecoveryConfig(req, resp); + return; + } else if (scope.equals(ScopeDef.SC_RECOVERY)) { + readRecoveryConfig(req, resp); + return; + } else if (scope.equals(ScopeDef.SC_NOTIFICATION_RIQ)) { + getNotificationRIQConfig(req, resp); + return; + } else + */ if (scope.equals(ScopeDef.SC_GENERAL)) { getGeneralConfig(req, resp); return; @@ -135,52 +145,59 @@ public class KRAAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } - /* - * Functions not implemented in console if - * (scope.equals(ScopeDef.SC_AUTO_RECOVERY)) { - * modifyAutoRecoveryConfig(req, resp); return; } else if - * (scope.equals(ScopeDef.SC_AGENT_PWD)) { changeAgentPwd(req, - * resp); return; } else if (scope.equals(ScopeDef.SC_MNSCHEME)) - * { changeMNScheme(req, resp); return; } else if - * (scope.equals(ScopeDef.SC_NOTIFICATION_RIQ)) { - * setNotificationRIQConfig(req, resp); return; } else - */ + /* Functions not implemented in console + if (scope.equals(ScopeDef.SC_AUTO_RECOVERY)) { + modifyAutoRecoveryConfig(req, resp); + return; + } else if (scope.equals(ScopeDef.SC_AGENT_PWD)) { + changeAgentPwd(req, resp); + return; + } else if (scope.equals(ScopeDef.SC_MNSCHEME)) { + changeMNScheme(req, resp); + return; + } else if (scope.equals(ScopeDef.SC_NOTIFICATION_RIQ)) { + setNotificationRIQConfig(req, resp); + return; + } else + */ if (scope.equals(ScopeDef.SC_GENERAL)) { - setGeneralConfig(req, resp); + setGeneralConfig(req,resp); } - } + } } catch (EBaseException e) { // convert exception into locale-specific message - sendResponse(ERROR, e.toString(getLocale(req)), null, resp); + sendResponse(ERROR, e.toString(getLocale(req)), + null, resp); return; } catch (Exception e) { e.printStackTrace(); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), + null, resp); } private void getGeneralConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); int value = 1; value = mKRA.getNoOfRequiredAgents(); - params.add(Constants.PR_NO_OF_REQUIRED_RECOVERY_AGENTS, - Integer.toString(value)); + params.add(Constants.PR_NO_OF_REQUIRED_RECOVERY_AGENTS, Integer.toString(value)); sendResponse(SUCCESS, null, params, resp); } private void setGeneralConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); boolean restart = false; @@ -193,24 +210,28 @@ public class KRAAdminServlet extends AdminServlet { if (key.equals(Constants.PR_NO_OF_REQUIRED_RECOVERY_AGENTS)) { try { - int number = Integer.parseInt(value); + int number = Integer.parseInt(value); mKRA.setNoOfRequiredAgents(number); } catch (NumberFormatException e) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException( - "Number of agents must be an integer"); + throw new EBaseException("Number of agents must be an integer"); } } } commit(true); - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -223,18 +244,17 @@ public class KRAAdminServlet extends AdminServlet { /** * Changes M-N scheme. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring * DRM (Key recovery scheme, change of any secret component) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception EBaseException an error has occurred */ - private synchronized void changeMNScheme(HttpServletRequest req, - HttpServletResponse resp) throws EBaseException { + private synchronized void changeMNScheme(HttpServletRequest req, + HttpServletResponse resp) throws EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -243,67 +263,80 @@ public class KRAAdminServlet extends AdminServlet { try { try { NameValuePairs params = new NameValuePairs(); - String recN = getParameter(req, Constants.PR_RECOVERY_N); - String recM = getParameter(req, Constants.PR_RECOVERY_M); - String oldAgents = getParameter(req, + String recN = getParameter(req, + Constants.PR_RECOVERY_N); + String recM = getParameter(req, + Constants.PR_RECOVERY_M); + String oldAgents = getParameter(req, Constants.PR_OLD_RECOVERY_AGENT); - String agents = getParameter(req, Constants.PR_RECOVERY_AGENT); + String agents = getParameter(req, + Constants.PR_RECOVERY_AGENT); if (recN == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EKRAException(CMS.getLogMessage("KRA_INVALID_N")); + throw new EKRAException( + CMS.getLogMessage("KRA_INVALID_N")); } if (recM == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EKRAException(CMS.getLogMessage("KRA_INVALID_M")); + throw new EKRAException( + CMS.getLogMessage("KRA_INVALID_M")); } - if (recN != null && recM != null && oldAgents != null - && agents != null) { + if (recN != null && recM != null && oldAgents != null + && agents != null) { int nVal = Integer.parseInt(recN); int mVal = Integer.parseInt(recM); - Credential oldcreds[] = parseCredentialStr(oldAgents); + Credential oldcreds[] = + parseCredentialStr(oldAgents); if (oldcreds == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EKRAException( + throw new EKRAException( CMS.getLogMessage("KRA_INVALID_PASSWORD")); } - Credential creds[] = parseCredentialStr(agents); + Credential creds[] = + parseCredentialStr(agents); if (creds == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EKRAException( + throw new EKRAException( CMS.getLogMessage("KRA_INVALID_PASSWORD")); } else { for (int i = 0; i < creds.length; i++) { @@ -314,29 +347,31 @@ public class KRAAdminServlet extends AdminServlet { if (!checker.isGoodPassword(pass)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException( - checker.getReason(pass)); + throw new EBaseException(checker.getReason(pass)); } } } - if (mKRA.getStorageKeyUnit().changeAgentMN(nVal, mVal, - oldcreds, creds)) { + if (mKRA.getStorageKeyUnit().changeAgentMN( + nVal, mVal, oldcreds, creds)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); // successful operation - sendResponse(SUCCESS, null, params, resp); + sendResponse(SUCCESS, null, params, + resp); return; } } @@ -344,17 +379,22 @@ public class KRAAdminServlet extends AdminServlet { } // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException( - CMS.getLogMessage("BASE_INVALID_OPERATION")); + throw new EBaseException(CMS.getLogMessage("BASE_INVALID_OPERATION")); } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -366,18 +406,17 @@ public class KRAAdminServlet extends AdminServlet { /** * Changes recovery agent password. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring * DRM (Key recovery scheme, change of any secret component) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception EBaseException an error has occurred */ - private synchronized void changeAgentPwd(HttpServletRequest req, - HttpServletResponse resp) throws EBaseException { + private synchronized void changeAgentPwd(HttpServletRequest req, + HttpServletResponse resp) throws EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -386,29 +425,35 @@ public class KRAAdminServlet extends AdminServlet { try { try { String id = getParameter(req, Constants.RS_ID); - String oldpwd = getParameter(req, Constants.PR_OLD_AGENT_PWD); - String newpwd = getParameter(req, Constants.PR_AGENT_PWD); + String oldpwd = getParameter(req, + Constants.PR_OLD_AGENT_PWD); + String newpwd = getParameter(req, + Constants.PR_AGENT_PWD); IPasswordCheck checker = CMS.getPasswordChecker(); if (!checker.isGoodPassword(newpwd)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); throw new EBaseException(checker.getReason(newpwd)); } - - if (mKRA.getStorageKeyUnit().changeAgentPassword(id, oldpwd, - newpwd)) { + + if (mKRA.getStorageKeyUnit().changeAgentPassword(id, + oldpwd, newpwd)) { NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -417,29 +462,36 @@ public class KRAAdminServlet extends AdminServlet { } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EKRAException( + throw new EKRAException( CMS.getLogMessage("KRA_INVALID_PASSWORD")); } } catch (IOException e) { } // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException( - CMS.getLogMessage("BASE_INVALID_OPERATION")); + throw new EBaseException(CMS.getLogMessage("BASE_INVALID_OPERATION")); } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -451,18 +503,18 @@ public class KRAAdminServlet extends AdminServlet { /** * Modifies auto recovery configuration. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring * DRM (Key recovery scheme, change of any secret component) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception EBaseException an error has occurred */ - private synchronized void modifyAutoRecoveryConfig(HttpServletRequest req, - HttpServletResponse resp) throws EBaseException { + private synchronized void modifyAutoRecoveryConfig( + HttpServletRequest req, HttpServletResponse resp) + throws EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -471,35 +523,42 @@ public class KRAAdminServlet extends AdminServlet { try { try { NameValuePairs params = new NameValuePairs(); - String autoOn = getParameter(req, Constants.PR_AUTO_RECOVERY_ON); - String agents = getParameter(req, Constants.PR_RECOVERY_AGENT); + String autoOn = getParameter(req, + Constants.PR_AUTO_RECOVERY_ON); + String agents = getParameter(req, + Constants.PR_RECOVERY_AGENT); if (autoOn.equals(Constants.TRUE)) { - Credential creds[] = parseCredentialStr(agents); + Credential creds[] = parseCredentialStr( + agents); if (mKRA.setAutoRecoveryState(creds, true)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); - sendResponse(SUCCESS, null, params, resp); + sendResponse(SUCCESS, null, params, + resp); return; } } else if (autoOn.equals(Constants.FALSE)) { if (mKRA.setAutoRecoveryState(null, false)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.SUCCESS, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); - sendResponse(SUCCESS, null, params, resp); + sendResponse(SUCCESS, null, params, + resp); return; } } @@ -507,17 +566,22 @@ public class KRAAdminServlet extends AdminServlet { } // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException( - CMS.getLogMessage("BASE_INVALID_OPERATION")); + throw new EBaseException(CMS.getLogMessage("BASE_INVALID_OPERATION")); } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -528,17 +592,19 @@ public class KRAAdminServlet extends AdminServlet { /** * Reads auto recovery status. - * + * * @param req HTTP request * @param resp HTTP response */ - private synchronized void readAutoRecoveryConfig(HttpServletRequest req, - HttpServletResponse resp) throws EBaseException { + private synchronized void readAutoRecoveryConfig( + HttpServletRequest req, HttpServletResponse resp) + throws EBaseException { try { NameValuePairs params = new NameValuePairs(); - params.add(Constants.PR_AUTO_RECOVERY_ON, mKRA - .getAutoRecoveryState() ? Constants.TRUE : Constants.FALSE); + params.add(Constants.PR_AUTO_RECOVERY_ON, + mKRA.getAutoRecoveryState() ? + Constants.TRUE : Constants.FALSE); sendResponse(SUCCESS, null, params, resp); } catch (IOException e) { throw new EBaseException( @@ -548,25 +614,26 @@ public class KRAAdminServlet extends AdminServlet { /** * Reads recovery configuration. - * + * * @param req HTTP request * @param resp HTTP response */ - private synchronized void readRecoveryConfig(HttpServletRequest req, - HttpServletResponse resp) throws EBaseException { + private synchronized void readRecoveryConfig( + HttpServletRequest req, HttpServletResponse resp) + throws EBaseException { try { IStorageKeyUnit sku = mKRA.getStorageKeyUnit(); NameValuePairs params = new NameValuePairs(); - params.add(Constants.PR_RECOVERY_N, - Integer.toString(sku.getNoOfAgents())); - params.add(Constants.PR_RECOVERY_M, - Integer.toString(sku.getNoOfRequiredAgents())); + params.add(Constants.PR_RECOVERY_N, + Integer.toString(sku.getNoOfAgents())); + params.add(Constants.PR_RECOVERY_M, + Integer.toString(sku.getNoOfRequiredAgents())); Enumeration e = sku.getAgentIdentifiers(); StringBuffer as = new StringBuffer(); while (e.hasMoreElements()) { - as.append((String) e.nextElement()); + as.append((String)e.nextElement()); if (e.hasMoreElements()) { as.append(","); } @@ -581,12 +648,13 @@ public class KRAAdminServlet extends AdminServlet { /** * Reads information about auto recovery agents. - * + * * @param req HTTP request * @param resp HTTP response */ - private synchronized void readAutoRecoveryAgents(HttpServletRequest req, - HttpServletResponse resp) throws EBaseException { + private synchronized void readAutoRecoveryAgents( + HttpServletRequest req, HttpServletResponse resp) + throws EBaseException { try { // send the entire list anyway NameValuePairs params = new NameValuePairs(); @@ -600,9 +668,8 @@ public class KRAAdminServlet extends AdminServlet { } } params.add(Constants.PR_GROUP_USER, users.toString()); - params.add(Constants.PR_GROUP_DESC, "Auto Recovery Agents"); // XXX - // - - // localized + params.add(Constants.PR_GROUP_DESC, + "Auto Recovery Agents"); // XXX - localized sendResponse(SUCCESS, null, params, resp); } catch (IOException e) { throw new EBaseException( @@ -612,26 +679,31 @@ public class KRAAdminServlet extends AdminServlet { /** * Modifies information about auto recovery agents. - * + * * @param req HTTP request * @param resp HTTP response */ - private synchronized void modifyAutoRecoveryAgents(HttpServletRequest req, - HttpServletResponse resp) throws EBaseException { + private synchronized void modifyAutoRecoveryAgents( + HttpServletRequest req, HttpServletResponse resp) + throws EBaseException { Vector v = new Vector(); - String users = getParameter(req, Constants.PR_GROUP_USER); + String users = getParameter(req, + Constants.PR_GROUP_USER); StringTokenizer st = new StringTokenizer(users, ","); while (st.hasMoreTokens()) { v.addElement(st.nextToken()); } - String desc = getParameter(req, Constants.PR_GROUP_DESC); - String agents = getParameter(req, Constants.PR_RECOVERY_AGENT); - Credential creds[] = parseCredentialStr(agents); + String desc = getParameter(req, + Constants.PR_GROUP_DESC); + String agents = getParameter(req, + Constants.PR_RECOVERY_AGENT); + Credential creds[] = parseCredentialStr( + agents); // XXX - check if the given password matched // put ids into hashtable so that we can // figure out what should be saved and deleted - Enumeration e = mKRA.getAutoRecoveryIDs(); + Enumeration e = mKRA.getAutoRecoveryIDs(); Hashtable h = new Hashtable(); while (e.hasMoreElements()) { @@ -653,13 +725,14 @@ public class KRAAdminServlet extends AdminServlet { Enumeration dels = h.keys(); while (dels.hasMoreElements()) { - mKRA.removeAutoRecovery((String) dels.nextElement()); + mKRA.removeAutoRecovery((String) + dels.nextElement()); } } /** * Parses uid0=pwd0,uid1=pwd1,... into AgentCredential. - * + * * @param s credential string * @return a list of credentials */ @@ -671,7 +744,8 @@ public class KRAAdminServlet extends AdminServlet { String a = st.nextToken(); StringTokenizer st0 = new StringTokenizer(a, "="); - v.addElement(new Credential(st0.nextToken(), st0.nextToken())); + v.addElement(new Credential(st0.nextToken(), + st0.nextToken())); } Credential ac[] = new Credential[v.size()]; @@ -683,13 +757,14 @@ public class KRAAdminServlet extends AdminServlet { * handle getting request in queue notification config info */ private void getNotificationRIQConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); IConfigStore config = mKRA.getConfigStore(); - IConfigStore nc = config.getSubStore(mKRA.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(mKRA.PROP_NOTIFY_SUBSTORE); IConfigStore riq = nc.getSubStore(mKRA.PROP_REQ_IN_Q_SUBSTORE); @@ -709,21 +784,20 @@ public class KRAAdminServlet extends AdminServlet { params.add(name, riq.getString(name, "")); } - params.add(Constants.PR_ENABLE, - riq.getString(PROP_ENABLED, Constants.FALSE)); - // System.out.println("Send: "+params.toString()); + params.add(Constants.PR_ENABLE, + riq.getString(PROP_ENABLED, Constants.FALSE)); + //System.out.println("Send: "+params.toString()); sendResponse(SUCCESS, null, params, resp); } /** * Handle setting request in queue notification config info * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_DRM used when configuring * DRM (Key recovery scheme, change of any secret component) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred @@ -731,8 +805,8 @@ public class KRAAdminServlet extends AdminServlet { * @exception EBaseException an error has occurred */ private void setNotificationRIQConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -740,11 +814,12 @@ public class KRAAdminServlet extends AdminServlet { // to the signed audit log and stored as failures try { IConfigStore config = mKRA.getConfigStore(); - IConfigStore nc = config.getSubStore(mKRA.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(mKRA.PROP_NOTIFY_SUBSTORE); IConfigStore riq = nc.getSubStore(mKRA.PROP_REQ_IN_Q_SUBSTORE); - // set rest of the parameters + //set rest of the parameters Enumeration e = req.getParameterNames(); while (e.hasMoreElements()) { @@ -773,16 +848,22 @@ public class KRAAdminServlet extends AdminServlet { commit(true); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, null, resp); } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -790,25 +871,28 @@ public class KRAAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_DRM, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_DRM, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_DRM, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_DRM, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java index 45e63061..58e4dbdf 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.util.Enumeration; import java.util.Hashtable; @@ -44,11 +45,13 @@ import com.netscape.certsrv.logging.ILogSubsystem; import com.netscape.certsrv.logging.ILogger; import com.netscape.certsrv.logging.LogPlugin; + /** - * A class representings an administration servlet for logging subsystem. This - * servlet is responsible to serve logging administrative operation such as - * configuration parameter updates and log retriever. - * + * A class representings an administration servlet for logging + * subsystem. This servlet is responsible to serve + * logging administrative operation such as configuration + * parameter updates and log retriever. + * * @version $Revision$, $Date$ */ public class LogAdminServlet extends AdminServlet { @@ -66,9 +69,12 @@ public class LogAdminServlet extends AdminServlet { private final static String EDIT = ";" + Constants.EDIT; private final static String SIGNED_AUDIT_LOG_TYPE = "SignedAudit"; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT = "LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT_3"; - private final static String LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE = "LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE_4"; - private final static String LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE = "LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE_4"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT = + "LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT_3"; + private final static String LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE = + "LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE_4"; + private final static String LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE = + "LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE_4"; /** * Constructs Log servlet. @@ -108,14 +114,15 @@ public class LogAdminServlet extends AdminServlet { * Serves HTTP admin request. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); String op = req.getParameter(Constants.OP_TYPE); if (op == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), + null, resp); return; } @@ -130,16 +137,16 @@ public class LogAdminServlet extends AdminServlet { if (scope.equals(ScopeDef.SC_EXTENDED_PLUGIN_INFO)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } try { getExtendedPluginInfo(req, resp); return; } catch (EBaseException e) { - sendResponse(ERROR, e.toString(getLocale(req)), null, - resp); + sendResponse(ERROR, e.toString(getLocale(req)), null, resp); return; } } @@ -147,8 +154,9 @@ public class LogAdminServlet extends AdminServlet { if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } @@ -161,15 +169,17 @@ public class LogAdminServlet extends AdminServlet { } else if (scope.equals(ScopeDef.SC_GENERAL)) { getGeneralConfig(req, resp); } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_DELETE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } @@ -180,15 +190,17 @@ public class LogAdminServlet extends AdminServlet { delLogInst(req, resp, scope); return; } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_ADD)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } @@ -199,16 +211,18 @@ public class LogAdminServlet extends AdminServlet { addLogInst(req, resp, scope); return; } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_MODIFY)) { AUTHZ_RES_NAME = "certServer.log.configuration"; mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } @@ -218,15 +232,17 @@ public class LogAdminServlet extends AdminServlet { } else if (scope.equals(ScopeDef.SC_GENERAL)) { setGeneralConfig(req, resp); } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_LOG_IMPLS)) { @@ -239,74 +255,70 @@ public class LogAdminServlet extends AdminServlet { listLogInsts(req, resp, false); return; } else if (scope.equals(ScopeDef.SC_LOG_CONTENT)) { - String instName = req - .getParameter(Constants.PR_LOG_INSTANCE); + String instName = req.getParameter(Constants.PR_LOG_INSTANCE); if (instName.equals("System")) { AUTHZ_RES_NAME = "certServer.log.content.system"; } else if (instName.equals("Transactions")) { AUTHZ_RES_NAME = "certServer.log.content.transactions"; - } else if (instName - .equals(Constants.PR_LOG_SIGNED_AUDIT)) { + } else if (instName.equals(Constants.PR_LOG_SIGNED_AUDIT)) { AUTHZ_RES_NAME = "certServer.log.content.signedAudit"; } mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage( - getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } - ILogEventListener loginst = mSys - .getLogInstance(instName); + ILogEventListener loginst = + mSys.getLogInstance(instName); if (loginst != null) { - NameValuePairs nvps = loginst - .retrieveLogContent(toHashtable(req)); + NameValuePairs nvps = loginst.retrieveLogContent(toHashtable(req)); sendResponse(SUCCESS, null, nvps, resp); } return; } else if (scope.equals(ScopeDef.SC_LOG_ARCH)) { - String instName = req - .getParameter(Constants.PR_LOG_INSTANCE); + String instName = req.getParameter(Constants.PR_LOG_INSTANCE); if (instName.equals("System")) { AUTHZ_RES_NAME = "certServer.log.content.system"; } else if (instName.equals("Transactions")) { AUTHZ_RES_NAME = "certServer.log.content.transactions"; - } else if (instName - .equals(Constants.PR_LOG_SIGNED_AUDIT)) { + } else if (instName.equals(Constants.PR_LOG_SIGNED_AUDIT)) { AUTHZ_RES_NAME = "certServer.log.content.signedAudit"; } mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage( - getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } - ILogEventListener loginst = mSys - .getLogInstance(instName); + ILogEventListener loginst = + mSys.getLogInstance(instName); if (loginst != null) { - NameValuePairs nvps = loginst - .retrieveLogList(toHashtable(req)); + NameValuePairs nvps = loginst.retrieveLogList(toHashtable(req)); sendResponse(SUCCESS, null, nvps, resp); } return; } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), + null, resp); return; } } @@ -316,15 +328,16 @@ public class LogAdminServlet extends AdminServlet { } catch (Exception e) { System.out.println("XXX >>>" + e.toString() + "<<<"); e.printStackTrace(); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), + null, resp); } return; } - private synchronized void listLogInsts(HttpServletRequest req, - HttpServletResponse resp, boolean all) throws ServletException, + private synchronized void listLogInsts(HttpServletRequest req, + HttpServletResponse resp, boolean all) throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); @@ -333,14 +346,14 @@ public class LogAdminServlet extends AdminServlet { for (; e.hasMoreElements();) { String name = (String) e.nextElement(); - ILogEventListener value = ((ILogSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_LOG)).getLogInstance(name); + ILogEventListener value = ((ILogSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_LOG)).getLogInstance(name); if (value == null) continue; String pName = mSys.getLogPluginName(value); - LogPlugin pClass = (LogPlugin) mSys.getLogPlugins().get(pName); - String c = pClass.getClassPath(); + LogPlugin pClass = (LogPlugin) + mSys.getLogPlugins().get(pName); + String c = pClass.getClassPath(); // not show ntEventlog here if (all || (!all && !c.endsWith("NTEventLog"))) @@ -350,30 +363,28 @@ public class LogAdminServlet extends AdminServlet { return; } - /** - * retrieve extended plugin info such as brief description, type info from - * logging + /** + * retrieve extended plugin info such as brief description, type info + * from logging */ private void getExtendedPluginInfo(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); int colon = id.indexOf(':'); String implType = id.substring(0, colon); String implName = id.substring(colon + 1); - NameValuePairs params = getExtendedPluginInfo(getLocale(req), implType, - implName); + NameValuePairs params = getExtendedPluginInfo(getLocale(req), implType, implName); sendResponse(SUCCESS, null, params, resp); } - private NameValuePairs getExtendedPluginInfo(Locale locale, - String implType, String implName) { - IExtendedPluginInfo ext_info = null; + private NameValuePairs getExtendedPluginInfo(Locale locale, String implType, String implName) { + IExtendedPluginInfo ext_info = null; Object impl = null; - LogPlugin lp = (LogPlugin) mSys.getLogPlugins().get(implName); + LogPlugin lp = (LogPlugin) mSys.getLogPlugins().get(implName); if (lp != null) { impl = getClassByNameAsExtendedPluginInfo(lp.getClassPath()); @@ -389,8 +400,7 @@ public class LogAdminServlet extends AdminServlet { if (ext_info == null) { nvps = new NameValuePairs(); } else { - nvps = convertStringArrayToNVPairs(ext_info - .getExtendedPluginInfo(locale)); + nvps = convertStringArrayToNVPairs(ext_info.getExtendedPluginInfo(locale)); } return nvps; @@ -400,12 +410,11 @@ public class LogAdminServlet extends AdminServlet { /** * Add log plug-in * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when * configuring signedAudit * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of the log's substore @@ -413,9 +422,9 @@ public class LogAdminServlet extends AdminServlet { * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addLogPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addLogPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -433,19 +442,22 @@ public class LogAdminServlet extends AdminServlet { } if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); + //System.out.println("SRVLT_NULL_RS_ID"); // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -454,17 +466,17 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse( - ERROR, - new ELogException(CMS.getUserMessage(getLocale(req), - "CMS_LOG_SRVLT_ILL_PLUGIN_ID", id)).toString(), - null, resp); + sendResponse(ERROR, + new ELogException(CMS.getUserMessage(getLocale(req),"CMS_LOG_SRVLT_ILL_PLUGIN_ID", id)).toString(), + null, resp); return; } @@ -474,21 +486,25 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LOG_SRVLT_NULL_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_LOG_SRVLT_NULL_CLASS"), + null, resp); return; } IConfigStore destStore = null; destStore = mConfig.getSubStore("log"); - IConfigStore instancesConfig = destStore.getSubStore("impl"); + IConfigStore instancesConfig = + destStore.getSubStore("impl"); // Does the class exist? Class newImpl = null; @@ -499,27 +515,33 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LOG_SRVLT_NO_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_LOG_SRVLT_NO_CLASS"), + null, resp); return; } catch (IllegalArgumentException e) { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LOG_SRVLT_NO_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_LOG_SRVLT_NO_CLASS"), + null, resp); return; } @@ -529,30 +551,34 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LOG_SRVLT_ILL_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_LOG_SRVLT_ILL_CLASS"), + null, resp); return; } - } catch (NullPointerException e) { // unlikely, only if newImpl - // null. + } catch (NullPointerException e) { // unlikely, only if newImpl null. // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LOG_SRVLT_ILL_CLASS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_LOG_SRVLT_ILL_CLASS"), + null, resp); return; } @@ -564,19 +590,22 @@ public class LogAdminServlet extends AdminServlet { try { mConfig.commit(true); } catch (EBaseException e) { - // System.out.println("SRVLT_FAIL_COMMIT"); + //System.out.println("SRVLT_FAIL_COMMIT"); // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -590,8 +619,10 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); } @@ -599,39 +630,41 @@ public class LogAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } @@ -648,12 +681,11 @@ public class LogAdminServlet extends AdminServlet { /** * Add log instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when * configuring signedAudit * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of the log's substore @@ -661,9 +693,9 @@ public class LogAdminServlet extends AdminServlet { * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addLogInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addLogInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -684,14 +716,17 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -699,13 +734,16 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, "Invalid ID '" + id + "'", null, resp); + sendResponse(ERROR, "Invalid ID '" + id + "'", + null, resp); return; } @@ -713,60 +751,71 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LOG_SRVLT_ILL_INST_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_LOG_SRVLT_ILL_INST_ID"), + null, resp); return; } // get required parameters - String implname = req.getParameter(Constants.PR_LOG_IMPL_NAME); + String implname = req.getParameter( + Constants.PR_LOG_IMPL_NAME); if (implname == null) { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LOG_SRVLT_ADD_MISSING_PARAMS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_LOG_SRVLT_ADD_MISSING_PARAMS"), + null, resp); return; } // check if implementation exists. - LogPlugin plugin = (LogPlugin) mSys.getLogPlugins().get(implname); + LogPlugin plugin = + (LogPlugin) mSys.getLogPlugins().get( + implname); if (plugin == null) { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse( - ERROR, - new ELogPluginNotFound(CMS.getUserMessage( - getLocale(req), "CMS_LOG_PLUGIN_NOT_FOUND", - implname)).toString(), null, resp); + sendResponse(ERROR, + new ELogPluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_LOG_PLUGIN_NOT_FOUND",implname)).toString(), + null, resp); return; } Vector configParams = mSys.getLogDefaultParams(implname); - IConfigStore destStore = mConfig.getSubStore("log"); - IConfigStore instancesConfig = destStore.getSubStore("instance"); + IConfigStore destStore = + mConfig.getSubStore("log"); + IConfigStore instancesConfig = + destStore.getSubStore("instance"); IConfigStore substore = instancesConfig.makeSubStore(id); if (configParams != null) { @@ -776,16 +825,17 @@ public class LogAdminServlet extends AdminServlet { String val = req.getParameter(kv.substring(0, index)); if (val == null) { - substore.put(kv.substring(0, index), - kv.substring(index + 1)); + substore.put(kv.substring(0, index), + kv.substring(index + 1)); } else { - substore.put(kv.substring(0, index), val); + substore.put(kv.substring(0, index), + val); } } } substore.put("pluginName", implname); - // Fix Blackflag Bug #615603: Currently, although expiring log + // Fix Blackflag Bug #615603: Currently, although expiring log // files is no longer supported, it is still a required parameter // that must be present during the creation and modification of // custom log plugins. @@ -796,8 +846,7 @@ public class LogAdminServlet extends AdminServlet { ILogEventListener logInst = null; try { - logInst = (ILogEventListener) Class.forName(className) - .newInstance(); + logInst = (ILogEventListener) Class.forName(className).newInstance(); } catch (ClassNotFoundException e) { // cleanup instancesConfig.removeSubStore(id); @@ -805,17 +854,17 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse( - ERROR, - new ELogException(CMS.getUserMessage(getLocale(req), - "CMS_LOG_LOAD_CLASS_FAIL", className)) - .toString(), null, resp); + sendResponse(ERROR, + new ELogException(CMS.getUserMessage(getLocale(req),"CMS_LOG_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (InstantiationException e) { instancesConfig.removeSubStore(id); @@ -823,17 +872,17 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse( - ERROR, - new ELogException(CMS.getUserMessage(getLocale(req), - "CMS_LOG_LOAD_CLASS_FAIL", className)) - .toString(), null, resp); + sendResponse(ERROR, + new ELogException(CMS.getUserMessage(getLocale(req),"CMS_LOG_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { instancesConfig.removeSubStore(id); @@ -841,17 +890,17 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse( - ERROR, - new ELogException(CMS.getUserMessage(getLocale(req), - "CMS_LOG_LOAD_CLASS_FAIL", className)) - .toString(), null, resp); + sendResponse(ERROR, + new ELogException(CMS.getUserMessage(getLocale(req),"CMS_LOG_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } @@ -865,8 +914,10 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } @@ -879,8 +930,10 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } @@ -899,14 +952,17 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -920,8 +976,10 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); } @@ -929,62 +987,66 @@ public class LogAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } - private synchronized void listLogPlugins(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listLogPlugins(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = mSys.getLogPlugins().keys(); while (e.hasMoreElements()) { String name = (String) e.nextElement(); - LogPlugin value = (LogPlugin) mSys.getLogPlugins().get(name); + LogPlugin value = (LogPlugin) + mSys.getLogPlugins().get(name); // get Description - String c = value.getClassPath(); + String c = value.getClassPath(); String desc = "unknown"; try { - ILogEventListener lp = (ILogEventListener) Class.forName(c) - .newInstance(); + ILogEventListener lp = (ILogEventListener) + Class.forName(c).newInstance(); desc = lp.getDescription(); } catch (Exception exp) { - sendResponse(ERROR, exp.toString(), null, resp); + sendResponse(ERROR, exp.toString(), null, + resp); return; } params.add(name, value.getClassPath() + "," + desc); @@ -1006,12 +1068,11 @@ public class LogAdminServlet extends AdminServlet { /** * Delete log instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when * configuring signedAudit * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of the log's substore @@ -1019,9 +1080,9 @@ public class LogAdminServlet extends AdminServlet { * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void delLogInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void delLogInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1040,19 +1101,22 @@ public class LogAdminServlet extends AdminServlet { } if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); + //System.out.println("SRVLT_NULL_RS_ID"); // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1061,58 +1125,65 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse( - ERROR, - new ELogNotFound(CMS.getUserMessage(getLocale(req), - "CMS_LOG_INSTANCE_NOT_FOUND", id)).toString(), - null, resp); + sendResponse(ERROR, + new ELogNotFound(CMS.getUserMessage(getLocale(req), "CMS_LOG_INSTANCE_NOT_FOUND",id)).toString(), + null, resp); return; } // only remove from memory // cannot shutdown because we don't keep track of whether it's - // being used. - ILogEventListener logInst = (ILogEventListener) mSys - .getLogInstance(id); + // being used. + ILogEventListener logInst = (ILogEventListener) + mSys.getLogInstance(id); mSys.getLogInsts().remove((Object) id); // remove the configuration. - IConfigStore destStore = mConfig.getSubStore("log"); - IConfigStore instancesConfig = destStore.getSubStore("instance"); + IConfigStore destStore = + mConfig.getSubStore("log"); + IConfigStore instancesConfig = + destStore.getSubStore("instance"); instancesConfig.removeSubStore(id); // commiting try { mConfig.commit(true); } catch (EBaseException e) { - // System.out.println("SRVLT_FAIL_COMMIT"); + //System.out.println("SRVLT_FAIL_COMMIT"); // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); } @@ -1120,51 +1191,52 @@ public class LogAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Delete log plug-in * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when * configuring signedAudit * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of the log's substore @@ -1172,9 +1244,9 @@ public class LogAdminServlet extends AdminServlet { * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void delLogPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void delLogPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1193,19 +1265,22 @@ public class LogAdminServlet extends AdminServlet { } if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); + //System.out.println("SRVLT_NULL_RS_ID"); // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1213,23 +1288,24 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse( - ERROR, - new ELogPluginNotFound(CMS.getUserMessage( - getLocale(req), "CMS_LOG_PLUGIN_NOT_FOUND", id)) - .toString(), null, resp); + sendResponse(ERROR, + new ELogPluginNotFound(CMS.getUserMessage(getLocale(req),"CMS_LOG_PLUGIN_NOT_FOUND",id)).toString(), + null, resp); return; } // first check if any instances from this log // DON'T remove log if any instance - for (Enumeration e = mSys.getLogInsts().keys(); e.hasMoreElements();) { + for (Enumeration e = mSys.getLogInsts().keys(); + e.hasMoreElements();) { String name = (String) e.nextElement(); ILogEventListener log = mSys.getLogInstance(name); @@ -1237,24 +1313,28 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LOG_SRVLT_IN_USE"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_LOG_SRVLT_IN_USE"), + null, resp); return; } } - + // then delete this log mSys.getLogPlugins().remove((Object) id); - IConfigStore destStore = mConfig.getSubStore("log"); - IConfigStore instancesConfig = destStore.getSubStore("impl"); + IConfigStore destStore = + mConfig.getSubStore("log"); + IConfigStore instancesConfig = + destStore.getSubStore("impl"); instancesConfig.removeSubStore(id); // commiting @@ -1264,22 +1344,27 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); } @@ -1287,52 +1372,55 @@ public class LogAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, params, resp); return; // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } - private synchronized void getLogConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getLogConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String implname = req.getParameter(Constants.RS_ID); if (implname == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1346,47 +1434,50 @@ public class LogAdminServlet extends AdminServlet { String kv = (String) configParams.elementAt(i); int index = kv.indexOf('='); - params.add(kv.substring(0, index), kv.substring(index + 1)); + params.add(kv.substring(0, index), + kv.substring(index + 1)); } } sendResponse(0, null, params, resp); return; } - private synchronized void getLogInstConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getLogInstConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does log instance exist? if (mSys.getLogInsts().containsKey(id) == false) { - sendResponse( - ERROR, - new ELogNotFound(CMS.getUserMessage(getLocale(req), - "CMS_LOG_INSTANCE_NOT_FOUND", id)).toString(), - null, resp); + sendResponse(ERROR, + new ELogNotFound(CMS.getUserMessage(getLocale(req),"CMS_LOG_INSTANCE_NOT_FOUND",id)).toString(), + null, resp); return; } - ILogEventListener logInst = (ILogEventListener) mSys.getLogInstance(id); + ILogEventListener logInst = (ILogEventListener) + mSys.getLogInstance(id); Vector configParams = logInst.getInstanceParams(); NameValuePairs params = new NameValuePairs(); - params.add(Constants.PR_LOG_IMPL_NAME, getLogPluginName(logInst)); + params.add(Constants.PR_LOG_IMPL_NAME, + getLogPluginName(logInst)); // implName is always required so always send it. if (configParams != null) { for (int i = 0; i < configParams.size(); i++) { String kv = (String) configParams.elementAt(i); int index = kv.indexOf('='); - params.add(kv.substring(0, index), kv.substring(index + 1)); + params.add(kv.substring(0, index), + kv.substring(index + 1)); } } @@ -1397,19 +1488,18 @@ public class LogAdminServlet extends AdminServlet { /** * Modify log instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when * configuring signedAudit * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE used when log file - * name (including any path changes) for any of audit, system, transaction, + * name (including any path changes) for any of audit, system, transaction, * or other customized log file change is attempted (authorization should * not allow, but make sure it's written after the attempt) * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE used when log * expiration time change is attempted (authorization should not allow, but * make sure it's written after the attempt) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @param scope string used to obtain the contents of the log's substore @@ -1417,17 +1507,17 @@ public class LogAdminServlet extends AdminServlet { * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modLogInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void modLogInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); String logType = null; String origLogPath = req.getParameter(Constants.PR_LOG_FILENAME); String newLogPath = origLogPath; - String origExpirationTime = req - .getParameter(Constants.PR_LOG_EXPIRED_TIME); + String origExpirationTime = req.getParameter( + Constants.PR_LOG_EXPIRED_TIME); String newExpirationTime = origExpirationTime; // ensure that any low-level exceptions are reported @@ -1460,19 +1550,22 @@ public class LogAdminServlet extends AdminServlet { } if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); + //System.out.println("SRVLT_NULL_RS_ID"); // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1481,14 +1574,17 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LOG_SRVLT_ILL_INST_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_LOG_SRVLT_ILL_INST_ID"), + null, resp); return; } @@ -1499,43 +1595,45 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LOG_SRVLT_ADD_MISSING_PARAMS"), + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req),"CMS_LOG_SRVLT_ADD_MISSING_PARAMS"), - null, resp); + null, resp); return; } // get plugin for implementation - LogPlugin plugin = (LogPlugin) mSys.getLogPlugins().get(implname); + LogPlugin plugin = + (LogPlugin) mSys.getLogPlugins().get(implname); if (plugin == null) { // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse( - ERROR, - new ELogPluginNotFound(CMS.getUserMessage( - getLocale(req), "CMS_LOG_PLUGIN_NOT_FOUND", - implname)).toString(), null, resp); + sendResponse(ERROR, + new ELogPluginNotFound(CMS.getUserMessage(getLocale(req),"CMS_LOG_PLUGIN_NOT_FOUND",implname)).toString(), null, resp); return; } // save old instance substore params in case new one fails. - ILogEventListener oldinst = (ILogEventListener) mSys - .getLogInstance(id); + ILogEventListener oldinst = + (ILogEventListener) mSys.getLogInstance(id); Vector oldConfigParms = oldinst.getInstanceParams(); NameValuePairs saveParams = new NameValuePairs(); @@ -1547,7 +1645,7 @@ public class LogAdminServlet extends AdminServlet { int index = kv.indexOf('='); saveParams.add(kv.substring(0, index), - kv.substring(index + 1)); + kv.substring(index + 1)); } } @@ -1555,26 +1653,28 @@ public class LogAdminServlet extends AdminServlet { // remove old substore. - IConfigStore destStore = mConfig.getSubStore("log"); - IConfigStore instancesConfig = destStore.getSubStore("instance"); + IConfigStore destStore = + mConfig.getSubStore("log"); + IConfigStore instancesConfig = + destStore.getSubStore("instance"); // create new substore. Vector configParams = mSys.getLogInstanceParams(id); - // instancesConfig.removeSubStore(id); + //instancesConfig.removeSubStore(id); IConfigStore substore = instancesConfig.makeSubStore(id); substore.put("pluginName", implname); - // Fix Blackflag Bug #615603: Currently, although expiring log + // Fix Blackflag Bug #615603: Currently, although expiring log // files is no longer supported, it is still a required parameter // that must be present during the creation and modification of // custom log plugins. substore.put("expirationTime", "0"); - // IMPORTANT: save a copy of the original log file path + // IMPORTANT: save a copy of the original log file path origLogPath = substore.getString(Constants.PR_LOG_FILENAME); newLogPath = origLogPath; @@ -1586,9 +1686,9 @@ public class LogAdminServlet extends AdminServlet { newLogPath = ""; } - // IMPORTANT: save a copy of the original log expiration time - origExpirationTime = substore - .getString(Constants.PR_LOG_EXPIRED_TIME); + // IMPORTANT: save a copy of the original log expiration time + origExpirationTime = substore.getString( + Constants.PR_LOG_EXPIRED_TIME); newExpirationTime = origExpirationTime; if (origExpirationTime != null) { @@ -1601,14 +1701,16 @@ public class LogAdminServlet extends AdminServlet { if (configParams != null) { for (int i = 0; i < configParams.size(); i++) { - AUTHZ_RES_NAME = "certServer.log.configuration"; + AUTHZ_RES_NAME = + "certServer.log.configuration"; String kv = (String) configParams.elementAt(i); int index = kv.indexOf('='); String key = kv.substring(0, index); String val = req.getParameter(key); - if (key.equals("level")) { - if (val.equals(ILogger.LL_DEBUG_STRING)) + if + (key.equals("level")) { + if (val.equals(ILogger.LL_DEBUG_STRING)) val = "0"; else if (val.equals(ILogger.LL_INFO_STRING)) val = "1"; @@ -1625,8 +1727,9 @@ public class LogAdminServlet extends AdminServlet { } - if (key.equals("rolloverInterval")) { - if (val.equals("Hourly")) + if + (key.equals("rolloverInterval")) { + if (val.equals("Hourly")) val = Integer.toString(60 * 60); else if (val.equals("Daily")) val = Integer.toString(60 * 60 * 24); @@ -1638,7 +1741,8 @@ public class LogAdminServlet extends AdminServlet { val = Integer.toString(60 * 60 * 24 * 365); } - if (key.equals(Constants.PR_LOG_TYPE)) { + if + (key.equals(Constants.PR_LOG_TYPE)) { type = val; } @@ -1649,18 +1753,19 @@ public class LogAdminServlet extends AdminServlet { val = val.trim(); newLogPath = val; if (!val.equals(origVal.trim())) { - AUTHZ_RES_NAME = "certServer.log.configuration.fileName"; + AUTHZ_RES_NAME = + "certServer.log.configuration.fileName"; mOp = "modify"; if ((mToken = super.authorize(req)) == null) { // store a message in the signed audit log // file (regardless of logType) if (!(newLogPath.equals(origLogPath))) { - auditMessage = CMS - .getLogMessage( - LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, - auditSubjectID, - ILogger.FAILURE, - logType, newLogPath); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newLogPath); audit(auditMessage); } @@ -1668,57 +1773,68 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log // file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { - auditMessage = CMS - .getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, - ILogger.FAILURE, - auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage( - getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), - null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } } } - /* - * if (key.equals("expirationTime")) { String origVal = - * substore.getString(key); - * - * val = val.trim(); newExpirationTime = val; if - * (!val.equals(origVal.trim())) { if - * (id.equals(SIGNED_AUDIT_LOG_TYPE)) { AUTHZ_RES_NAME = - * "certServer.log.configuration.signedAudit.expirationTime" - * ; } mOp = "modify"; if ((mToken = - * super.authorize(req)) == null) { // store a message - * in the signed audit log // file (regardless of - * logType) if - * (!(newExpirationTime.equals(origExpirationTime))) { - * auditMessage = CMS.getLogMessage( - * LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, - * auditSubjectID, ILogger.FAILURE, logType, - * newExpirationTime); - * - * audit(auditMessage); } - * - * // store a message in the signed audit log // file if - * (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { - * auditMessage = CMS.getLogMessage( - * LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - * auditSubjectID, ILogger.FAILURE, auditParams(req)); - * - * audit(auditMessage); } - * - * sendResponse(ERROR, - * CMS.getUserMessage(getLocale(req), - * "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); return; - * } } } - */ +/* + if (key.equals("expirationTime")) { + String origVal = substore.getString(key); + + val = val.trim(); + newExpirationTime = val; + if (!val.equals(origVal.trim())) { + if (id.equals(SIGNED_AUDIT_LOG_TYPE)) { + AUTHZ_RES_NAME = + "certServer.log.configuration.signedAudit.expirationTime"; + } + mOp = "modify"; + if ((mToken = super.authorize(req)) == null) { + // store a message in the signed audit log + // file (regardless of logType) + if (!(newExpirationTime.equals(origExpirationTime))) { + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newExpirationTime); + + audit(auditMessage); + } + + // store a message in the signed audit log + // file + if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); + + audit(auditMessage); + } + + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); + return; + } + } + } +*/ substore.put(key, val); } } @@ -1730,8 +1846,8 @@ public class LogAdminServlet extends AdminServlet { ILogEventListener newMgrInst = null; try { - newMgrInst = (ILogEventListener) Class.forName(className) - .newInstance(); + newMgrInst = (ILogEventListener) + Class.forName(className).newInstance(); } catch (ClassNotFoundException e) { // check to see if the log file path parameter was changed newLogPath = auditCheckLogPath(req); @@ -1746,9 +1862,11 @@ public class LogAdminServlet extends AdminServlet { // (regardless of logType) if (!(newLogPath.equals(origLogPath))) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, - auditSubjectID, ILogger.FAILURE, logType, - newLogPath); + LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newLogPath); audit(auditMessage); } @@ -1756,35 +1874,38 @@ public class LogAdminServlet extends AdminServlet { // store a message in the signed audit log file // (regardless of logType) /* - * if (!(newExpirationTime.equals(origExpirationTime))) { - * auditMessage = CMS.getLogMessage( - * LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, auditSubjectID, - * ILogger.FAILURE, logType, newExpirationTime); - * - * audit(auditMessage); } - */ + if (!(newExpirationTime.equals(origExpirationTime))) { + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newExpirationTime); + + audit(auditMessage); + }*/ // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse( - ERROR, - new ELogException(CMS.getUserMessage(getLocale(req), - "CMS_LOG_LOAD_CLASS_FAIL", className)) - .toString(), null, resp); + sendResponse(ERROR, + new ELogException(CMS.getUserMessage(getLocale(req),"CMS_LOG_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (InstantiationException e) { // check to see if the log file path parameter was changed newLogPath = auditCheckLogPath(req); // check to see if the log expiration time parameter was changed - // newExpirationTime = auditCheckLogExpirationTime(req); + //newExpirationTime = auditCheckLogExpirationTime(req); restore(instancesConfig, id, saveParams); @@ -1792,45 +1913,49 @@ public class LogAdminServlet extends AdminServlet { // (regardless of logType) if (!(newLogPath.equals(origLogPath))) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, - auditSubjectID, ILogger.FAILURE, logType, - newLogPath); + LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newLogPath); audit(auditMessage); } // store a message in the signed audit log file // (regardless of logType) - /* - * if (!(newExpirationTime.equals(origExpirationTime))) { - * auditMessage = CMS.getLogMessage( - * LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, auditSubjectID, - * ILogger.FAILURE, logType, newExpirationTime); - * - * audit(auditMessage); } - */ + /*if (!(newExpirationTime.equals(origExpirationTime))) { + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newExpirationTime); + + audit(auditMessage); + }*/ // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse( - ERROR, - new ELogException(CMS.getUserMessage(getLocale(req), - "CMS_LOG_LOAD_CLASS_FAIL", className)) - .toString(), null, resp); + sendResponse(ERROR, + new ELogException(CMS.getUserMessage(getLocale(req),"CMS_LOG_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { // check to see if the log file path parameter was changed newLogPath = auditCheckLogPath(req); // check to see if the log expiration time parameter was changed - // newExpirationTime = auditCheckLogExpirationTime(req); + //newExpirationTime = auditCheckLogExpirationTime(req); restore(instancesConfig, id, saveParams); @@ -1838,43 +1963,47 @@ public class LogAdminServlet extends AdminServlet { // (regardless of logType) if (!(newLogPath.equals(origLogPath))) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, - auditSubjectID, ILogger.FAILURE, logType, - newLogPath); + LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newLogPath); audit(auditMessage); } // store a message in the signed audit log file // (regardless of logType) - /* - * if (!(newExpirationTime.equals(origExpirationTime))) { - * auditMessage = CMS.getLogMessage( - * LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, auditSubjectID, - * ILogger.FAILURE, logType, newExpirationTime); - * - * audit(auditMessage); } - */ + /* if (!(newExpirationTime.equals(origExpirationTime))) { + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newExpirationTime); + + audit(auditMessage); + } */ // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse( - ERROR, - new ELogException(CMS.getUserMessage(getLocale(req), - "CMS_LOG_LOAD_CLASS_FAIL", className)) - .toString(), null, resp); + sendResponse(ERROR, + new ELogException(CMS.getUserMessage(getLocale(req),"CMS_LOG_LOAD_CLASS_FAIL", className)).toString(), + null, resp); return; } // initialize the log - // initialized ok. commiting + // initialized ok. commiting try { mConfig.commit(true); } catch (EBaseException e) { @@ -1886,52 +2015,58 @@ public class LogAdminServlet extends AdminServlet { // clean up. restore(instancesConfig, id, saveParams); - // System.out.println("SRVLT_FAIL_COMMIT"); + //System.out.println("SRVLT_FAIL_COMMIT"); // store a message in the signed audit log file // (regardless of logType) if (!(newLogPath.equals(origLogPath))) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, - auditSubjectID, ILogger.FAILURE, logType, - newLogPath); + LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newLogPath); audit(auditMessage); } // store a message in the signed audit log file // (regardless of logType) - /* - * if (!(newExpirationTime.equals(origExpirationTime))) { - * auditMessage = CMS.getLogMessage( - * LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, auditSubjectID, - * ILogger.FAILURE, logType, newExpirationTime); - * - * audit(auditMessage); } - */ + /* if (!(newExpirationTime.equals(origExpirationTime))) { + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newExpirationTime); + + audit(auditMessage); + }*/ // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // commited ok. replace instance. - // REMOVED - we didn't do anything to shut off the old instance - // so, it will still be running at this point. You'd have two - // log isntances writing to the same file - this would be a big - // PROBLEM!!! + // REMOVED - we didn't do anything to shut off the old instance + // so, it will still be running at this point. You'd have two + // log isntances writing to the same file - this would be a big PROBLEM!!! - // mSys.getLogInsts().put(id, newMgrInst); + //mSys.getLogInsts().put(id, newMgrInst); NameValuePairs params = new NameValuePairs(); @@ -1939,34 +2074,41 @@ public class LogAdminServlet extends AdminServlet { newLogPath = auditCheckLogPath(req); // check to see if the log expiration time parameter was changed - // newExpirationTime = auditCheckLogExpirationTime(req); + //newExpirationTime = auditCheckLogExpirationTime(req); // store a message in the signed audit log file // (regardless of logType) if (!(newLogPath.equals(origLogPath))) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, auditSubjectID, - ILogger.SUCCESS, logType, newLogPath); + LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, + auditSubjectID, + ILogger.SUCCESS, + logType, + newLogPath); audit(auditMessage); } // store a message in the signed audit log file // (regardless of logType) - /* - * if (!(newExpirationTime.equals(origExpirationTime))) { - * auditMessage = CMS.getLogMessage( - * LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, auditSubjectID, - * ILogger.SUCCESS, logType, newExpirationTime); - * - * audit(auditMessage); } - */ + /*if (!(newExpirationTime.equals(origExpirationTime))) { + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, + auditSubjectID, + ILogger.SUCCESS, + logType, + newExpirationTime); + + audit(auditMessage); + }*/ // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); } @@ -1984,28 +2126,35 @@ public class LogAdminServlet extends AdminServlet { // (regardless of logType) if (!(newLogPath.equals(origLogPath))) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, auditSubjectID, - ILogger.FAILURE, logType, newLogPath); + LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newLogPath); audit(auditMessage); } // store a message in the signed audit log file // (regardless of logType) - /* - * if (!(newExpirationTime.equals(origExpirationTime))) { - * auditMessage = CMS.getLogMessage( - * LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, auditSubjectID, - * ILogger.FAILURE, logType, newExpirationTime); - * - * audit(auditMessage); } - */ + /* if (!(newExpirationTime.equals(origExpirationTime))) { + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newExpirationTime); + + audit(auditMessage); + } */ // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } @@ -2023,28 +2172,35 @@ public class LogAdminServlet extends AdminServlet { // (regardless of logType) if (!(newLogPath.equals(origLogPath))) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, auditSubjectID, - ILogger.FAILURE, logType, newLogPath); + LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newLogPath); audit(auditMessage); } // store a message in the signed audit log file // (regardless of logType) - /* - * if (!(newExpirationTime.equals(origExpirationTime))) { - * auditMessage = CMS.getLogMessage( - * LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, auditSubjectID, - * ILogger.FAILURE, logType, newExpirationTime); - * - * audit(auditMessage); } - */ + /*if (!(newExpirationTime.equals(origExpirationTime))) { + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, + auditSubjectID, + ILogger.FAILURE, + logType, + newExpirationTime); + + audit(auditMessage); + }*/ // store a message in the signed audit log file if (logType.equals(SIGNED_AUDIT_LOG_TYPE)) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); } @@ -2052,72 +2208,74 @@ public class LogAdminServlet extends AdminServlet { // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // check to see if the log file path parameter was changed - // newLogPath = auditCheckLogPath( req ); + // // check to see if the log file path parameter was changed + // newLogPath = auditCheckLogPath( req ); // - // // check to see if the log expiration time parameter was changed - // newExpirationTime = auditCheckLogExpirationTime( req ); + // // check to see if the log expiration time parameter was changed + // newExpirationTime = auditCheckLogExpirationTime( req ); // - // // store a message in the signed audit log file - // // (regardless of logType) - // if( !( newLogPath.equals( origLogPath ) ) ) { - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, - // auditSubjectID, - // ILogger.FAILURE, - // logType, - // newLogPath ); + // // store a message in the signed audit log file + // // (regardless of logType) + // if( !( newLogPath.equals( origLogPath ) ) ) { + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE, + // auditSubjectID, + // ILogger.FAILURE, + // logType, + // newLogPath ); // - // audit( auditMessage ); - // } + // audit( auditMessage ); + // } // - // // store a message in the signed audit log file - // // (regardless of logType) - // if( !( newExpirationTime.equals( origExpirationTime ) ) ) { - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, - // auditSubjectID, - // ILogger.FAILURE, - // logType, - // newExpirationTime ); + // // store a message in the signed audit log file + // // (regardless of logType) + // if( !( newExpirationTime.equals( origExpirationTime ) ) ) { + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE, + // auditSubjectID, + // ILogger.FAILURE, + // logType, + // newExpirationTime ); // - // audit( auditMessage ); - // } + // audit( auditMessage ); + // } // - // // store a message in the signed audit log file - // if( logType.equals( SIGNED_AUDIT_LOG_TYPE ) ) { - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // if( logType.equals( SIGNED_AUDIT_LOG_TYPE ) ) { + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); - // } + // audit( auditMessage ); + // } // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** - * used for getting the required configuration parameters (with possible - * default values) for a particular plugin implementation name specified in - * the RS_ID. Actually, there is no logic in here to set any default value - * here...there's no default value for any parameter in this log subsystem - * at this point. Later, if we do have one (or some), it can be added. The - * interface remains the same. + * used for getting the required configuration parameters (with + * possible default values) for a particular plugin + * implementation name specified in the RS_ID. Actually, there is + * no logic in here to set any default value here...there's no + * default value for any parameter in this log subsystem + * at this point. Later, if we do have one (or some), it can be + * added. The interface remains the same. */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String implname = req.getParameter(Constants.RS_ID); if (implname == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -2134,7 +2292,8 @@ public class LogAdminServlet extends AdminServlet { if (index == -1) { params.add(kv, ""); } else { - params.add(kv.substring(0, index), kv.substring(index + 1)); + params.add(kv.substring(0, index), + kv.substring(index + 1)); } } } @@ -2142,41 +2301,43 @@ public class LogAdminServlet extends AdminServlet { return; } - private synchronized void getInstConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getInstConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does log instance exist? if (mSys.getLogInsts().containsKey(id) == false) { - sendResponse( - ERROR, - new ELogNotFound(CMS.getUserMessage(getLocale(req), - "CMS_LOG_INSTANCE_NOT_FOUND", id)).toString(), - null, resp); + sendResponse(ERROR, + new ELogNotFound(CMS.getUserMessage(getLocale(req),"CMS_LOG_INSTANCE_NOT_FOUND",id)).toString(), + null, resp); return; } - ILogEventListener logInst = (ILogEventListener) mSys.getLogInstance(id); + ILogEventListener logInst = (ILogEventListener) + mSys.getLogInstance(id); Vector configParams = logInst.getInstanceParams(); NameValuePairs params = new NameValuePairs(); - params.add(Constants.PR_LOG_IMPL_NAME, getLogPluginName(logInst)); + params.add(Constants.PR_LOG_IMPL_NAME, + getLogPluginName(logInst)); // implName is always required so always send it. if (configParams != null) { for (int i = 0; i < configParams.size(); i++) { String kv = (String) configParams.elementAt(i); int index = kv.indexOf('='); - params.add(kv.substring(0, index), kv.substring(index + 1)); + params.add(kv.substring(0, index), + kv.substring(index + 1)); } } @@ -2185,8 +2346,8 @@ public class LogAdminServlet extends AdminServlet { } // convenience routine. - private static void restore(IConfigStore store, String id, - NameValuePairs saveParams) { + private static void restore(IConfigStore store, + String id, NameValuePairs saveParams) { store.removeSubStore(id); IConfigStore rstore = store.makeSubStore(id); @@ -2196,17 +2357,17 @@ public class LogAdminServlet extends AdminServlet { String key = (String) keys.nextElement(); String value = saveParams.getValue(key); - if (value != null) + if (value != null) rstore.put(key, value); } } /** * Signed Audit Check Log Path - * + * * This method is called to extract the log file path. * <P> - * + * * @param req http servlet request * @return a string containing the log file path */ @@ -2225,16 +2386,17 @@ public class LogAdminServlet extends AdminServlet { /** * Signed Audit Check Log Expiration Time - * + * * This method is called to extract the log expiration time. * <P> - * + * * @param req http servlet request * @return a string containing the log expiration time */ private String auditCheckLogExpirationTime(HttpServletRequest req) { // check to see if the log expiration time parameter was changed - String expirationTime = req.getParameter(Constants.PR_LOG_EXPIRED_TIME); + String expirationTime = req.getParameter( + Constants.PR_LOG_EXPIRED_TIME); if (expirationTime == null) { expirationTime = ""; @@ -2246,8 +2408,8 @@ public class LogAdminServlet extends AdminServlet { } private void getGeneralConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String value = "false"; @@ -2262,8 +2424,8 @@ public class LogAdminServlet extends AdminServlet { } private void setGeneralConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { Enumeration enum1 = req.getParameterNames(); boolean restart = false; @@ -2276,22 +2438,18 @@ public class LogAdminServlet extends AdminServlet { if (value.equals("true") || value.equals("false")) { mConfig.putString(Constants.PR_DEBUG_LOG_ENABLE, value); } else { - CMS.debug("setGeneralConfig: Invalid value for " - + Constants.PR_DEBUG_LOG_ENABLE + ": " + value); - throw new EBaseException("Invalid value for " - + Constants.PR_DEBUG_LOG_ENABLE); + CMS.debug("setGeneralConfig: Invalid value for " + Constants.PR_DEBUG_LOG_ENABLE + ": " + value); + throw new EBaseException("Invalid value for " + Constants.PR_DEBUG_LOG_ENABLE); } } else if (key.equals(Constants.PR_DEBUG_LOG_LEVEL)) { try { int number = Integer.parseInt(value); mConfig.putString(Constants.PR_DEBUG_LOG_LEVEL, value); } catch (NumberFormatException e) { - CMS.debug("setGeneralConfig: Invalid value for " - + Constants.PR_DEBUG_LOG_LEVEL + ": " + value); - throw new EBaseException("Invalid value for " - + Constants.PR_DEBUG_LOG_LEVEL); + CMS.debug("setGeneralConfig: Invalid value for " + Constants.PR_DEBUG_LOG_LEVEL + ": " + value); + throw new EBaseException("Invalid value for " + Constants.PR_DEBUG_LOG_LEVEL); } - } + } } mConfig.commit(true); @@ -2303,3 +2461,4 @@ public class LogAdminServlet extends AdminServlet { } } + diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java index 01b1edd0..9464f48f 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.util.Enumeration; import java.util.Locale; @@ -38,11 +39,13 @@ import com.netscape.certsrv.logging.ILogger; import com.netscape.certsrv.ocsp.IOCSPAuthority; import com.netscape.certsrv.ocsp.IOCSPStore; + /** - * A class representings an administration servlet for Certificate Authority. - * This servlet is responsible to serve OCSP administrative operations such as - * configuration parameter updates. - * + * A class representings an administration servlet for Certificate + * Authority. This servlet is responsible to serve OCSP + * administrative operations such as configuration parameter + * updates. + * * @version $Revision$, $Date$ */ public class OCSPAdminServlet extends AdminServlet { @@ -56,7 +59,8 @@ public class OCSPAdminServlet extends AdminServlet { private final static String INFO = "OCSPAdminServlet"; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE = "LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE = + "LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE_3"; private IOCSPAuthority mOCSP = null; @@ -80,32 +84,33 @@ public class OCSPAdminServlet extends AdminServlet { } /** - * Serves HTTP request. Each request is authenticated to the authenticate - * manager. + * Serves HTTP request. Each request is authenticated to + * the authenticate manager. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); - - // get all operational flags + + //get all operational flags String op = req.getParameter(Constants.OP_TYPE); String scope = req.getParameter(Constants.OP_SCOPE); - // check operational flags + //check operational flags if ((op == null) || (scope == null)) { sendResponse(1, "Invalid Protocol", null, resp); return; - } + } super.authenticate(req); - + try { AUTHZ_RES_NAME = "certServer.ocsp.configuration"; if (scope.equals(ScopeDef.SC_EXTENDED_PLUGIN_INFO)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } try { @@ -120,8 +125,9 @@ public class OCSPAdminServlet extends AdminServlet { if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } setDefaultStore(req, resp); @@ -132,8 +138,9 @@ public class OCSPAdminServlet extends AdminServlet { if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GENERAL)) { @@ -146,8 +153,9 @@ public class OCSPAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GENERAL)) { @@ -160,8 +168,9 @@ public class OCSPAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_OCSPSTORES_RULES)) { @@ -176,26 +185,25 @@ public class OCSPAdminServlet extends AdminServlet { } /** - * retrieve extended plugin info such as brief description, type info from - * CRL extensions + * retrieve extended plugin info such as brief description, + * type info from CRL extensions */ private void getExtendedPluginInfo(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); int colon = id.indexOf(':'); String implType = id.substring(0, colon); String implName = id.substring(colon + 1); - NameValuePairs params = getExtendedPluginInfo(getLocale(req), implType, - implName); + NameValuePairs params = + getExtendedPluginInfo(getLocale(req), implType, implName); sendResponse(SUCCESS, null, params, resp); } - private NameValuePairs getExtendedPluginInfo(Locale locale, - String implType, String implName) { + private NameValuePairs getExtendedPluginInfo(Locale locale, String implType, String implName) { IExtendedPluginInfo ext_info = null; Object impl = null; @@ -211,8 +219,7 @@ public class OCSPAdminServlet extends AdminServlet { if (ext_info == null) { nvps = new NameValuePairs(); } else { - nvps = convertStringArrayToNVPairs(ext_info - .getExtendedPluginInfo(locale)); + nvps = convertStringArrayToNVPairs(ext_info.getExtendedPluginInfo(locale)); } return nvps; @@ -222,13 +229,12 @@ public class OCSPAdminServlet extends AdminServlet { /** * Set default OCSP store * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when * configuring OCSP profile (everything under Online Certificate Status * Manager) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred @@ -236,8 +242,8 @@ public class OCSPAdminServlet extends AdminServlet { * @exception EBaseException an error has occurred */ private void setDefaultStore(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -247,13 +253,15 @@ public class OCSPAdminServlet extends AdminServlet { String id = req.getParameter(Constants.RS_ID); mOCSP.getConfigStore().putString(IOCSPAuthority.PROP_DEF_STORE_ID, - id); + id); commit(true); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -261,8 +269,10 @@ public class OCSPAdminServlet extends AdminServlet { } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -271,31 +281,33 @@ public class OCSPAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } private void getOCSPStoresConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); IOCSPStore store = mOCSP.getOCSPStore(id); @@ -307,13 +319,12 @@ public class OCSPAdminServlet extends AdminServlet { /** * Set OCSP store configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when * configuring OCSP profile (everything under Online Certificate Status * Manager) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred @@ -321,8 +332,8 @@ public class OCSPAdminServlet extends AdminServlet { * @exception EBaseException an error has occurred */ private void setOCSPStoresConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -359,8 +370,10 @@ public class OCSPAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -368,8 +381,10 @@ public class OCSPAdminServlet extends AdminServlet { } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -378,31 +393,33 @@ public class OCSPAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } private void listOCSPStoresConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); IConfigStore config = mOCSP.getConfigStore(); String defStore = config.getString(IOCSPAuthority.PROP_DEF_STORE_ID); @@ -416,15 +433,14 @@ public class OCSPAdminServlet extends AdminServlet { if (storeName.equals(defStore)) { storeEnabled = true; } - params.add(storeName, storeName + ";visible;" - + ((storeEnabled) ? "enabled" : "disabled")); + params.add(storeName, storeName + ";visible;" + ((storeEnabled) ? "enabled" : "disabled")); } sendResponse(SUCCESS, null, params, resp); } private void getGeneralConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); @@ -434,7 +450,8 @@ public class OCSPAdminServlet extends AdminServlet { } private void getSigningAlgConfig(NameValuePairs params) { - params.add(Constants.PR_DEFAULT_ALGORITHM, mOCSP.getDefaultAlgorithm()); + params.add(Constants.PR_DEFAULT_ALGORITHM, + mOCSP.getDefaultAlgorithm()); String[] algorithms = mOCSP.getOCSPSigningAlgorithms(); StringBuffer algorStr = new StringBuffer(); @@ -443,7 +460,7 @@ public class OCSPAdminServlet extends AdminServlet { algorStr.append(algorithms[i]); else algorStr.append(":"); - algorStr.append(algorithms[i]); + algorStr.append(algorithms[i]); } params.add(Constants.PR_ALL_ALGORITHMS, algorStr.toString()); } @@ -451,13 +468,12 @@ public class OCSPAdminServlet extends AdminServlet { /** * Set general OCSP configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when * configuring OCSP profile (everything under Online Certificate Status * Manager) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred @@ -465,8 +481,8 @@ public class OCSPAdminServlet extends AdminServlet { * @exception EBaseException an error has occurred */ private void setGeneralConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -490,8 +506,10 @@ public class OCSPAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -499,8 +517,10 @@ public class OCSPAdminServlet extends AdminServlet { } catch (EBaseException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -509,32 +529,34 @@ public class OCSPAdminServlet extends AdminServlet { } catch (IOException eAudit2) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } private void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER, level, - "CAAdminServlet: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER, + level, "CAAdminServlet: " + msg); } -} +} diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java index 961d706c..10a768a2 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.util.Enumeration; import java.util.Hashtable; @@ -43,12 +44,14 @@ import com.netscape.certsrv.policy.IPolicyProcessor; import com.netscape.certsrv.policy.IPolicyRule; import com.netscape.certsrv.ra.IRegistrationAuthority; + /** * This class is an administration servlet for policy management. - * - * Each service (CA, KRA, RA) should be responsible for registering an instance - * of this with the remote administration subsystem. - * + * + * Each service (CA, KRA, RA) should be responsible + * for registering an instance of this with the remote + * administration subsystem. + * * @version $Revision$, $Date$ */ public class PolicyAdminServlet extends AdminServlet { @@ -60,7 +63,8 @@ public class PolicyAdminServlet extends AdminServlet { public final static String PROP_AUTHORITY = "authority"; private final static String INFO = "PolicyAdminServlet"; - private final static String PW_PASSWORD_CACHE_ADD = "PASSWORD_CACHE_ADD"; + private final static String PW_PASSWORD_CACHE_ADD = + "PASSWORD_CACHE_ADD"; public final static String PROP_PREDICATE = "predicate"; private IPolicyProcessor mProcessor = null; @@ -80,7 +84,8 @@ public class PolicyAdminServlet extends AdminServlet { public static String COMMA = ","; public static String MISSING_POLICY_ORDERING = "Missing policy ordering"; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY = "LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY = + "LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY_3"; /** * Constructs administration servlet. @@ -97,7 +102,7 @@ public class PolicyAdminServlet extends AdminServlet { String authority = config.getInitParameter(PROP_AUTHORITY); String policyStatus = null; - CMS.debug("PolicyAdminServlet: In Policy Admin Servlet init!"); + CMS.debug( "PolicyAdminServlet: In Policy Admin Servlet init!" ); // CMS 6.1 began utilizing the "Certificate Profiles" framework // instead of the legacy "Certificate Policies" framework. @@ -107,89 +112,89 @@ public class PolicyAdminServlet extends AdminServlet { // that this legacy "Certificate Policies" framework would be // deprecated and disabled by default (see Bugzilla Bug #472597). // - // NOTE: The "Certificate Policies" framework ONLY applied to - // to CA, KRA, and legacy RA (pre-CMS 7.0) subsystems. + // NOTE: The "Certificate Policies" framework ONLY applied to + // to CA, KRA, and legacy RA (pre-CMS 7.0) subsystems. // - // Further, the "PolicyAdminServlet.java" servlet is ONLY used - // by the CA Console for the following: + // Further, the "PolicyAdminServlet.java" servlet is ONLY used + // by the CA Console for the following: // - // SERVLET-NAME URL-PATTERN - // ==================================================== - // capolicy ca/capolicy + // SERVLET-NAME URL-PATTERN + // ==================================================== + // capolicy ca/capolicy // - // Finally, the "PolicyAdminServlet.java" servlet is ONLY used - // by the KRA Console for the following: + // Finally, the "PolicyAdminServlet.java" servlet is ONLY used + // by the KRA Console for the following: // - // SERVLET-NAME URL-PATTERN - // ==================================================== - // krapolicy kra/krapolicy + // SERVLET-NAME URL-PATTERN + // ==================================================== + // krapolicy kra/krapolicy // if (authority != null) mAuthority = (IAuthority) CMS.getSubsystem(authority); if (mAuthority != null) if (mAuthority instanceof ICertificateAuthority) { - mProcessor = ((ICertificateAuthority) mAuthority) - .getPolicyProcessor(); + mProcessor = ((ICertificateAuthority) mAuthority).getPolicyProcessor(); try { - policyStatus = ICertificateAuthority.ID + "." + "Policy" - + "." + IPolicyProcessor.PROP_ENABLE; - if (mConfig.getBoolean(policyStatus, true) == true) { - // NOTE: If "ca.Policy.enable=<boolean>" is missing, - // then the referenced instance existed prior - // to this name=value pair existing in its - // 'CS.cfg' file, and thus we err on the - // side that the user may still need to - // use the policy framework. - CMS.debug("PolicyAdminServlet::init " - + "Certificate Policy Framework (deprecated) " - + "is ENABLED"); + policyStatus = ICertificateAuthority.ID + + "." + "Policy" + + "." + IPolicyProcessor.PROP_ENABLE; + if( mConfig.getBoolean( policyStatus, true ) == true ) { + // NOTE: If "ca.Policy.enable=<boolean>" is missing, + // then the referenced instance existed prior + // to this name=value pair existing in its + // 'CS.cfg' file, and thus we err on the + // side that the user may still need to + // use the policy framework. + CMS.debug( "PolicyAdminServlet::init " + + "Certificate Policy Framework (deprecated) " + + "is ENABLED" ); } else { - // CS 8.1 Default: ca.Policy.enable=false - CMS.debug("PolicyAdminServlet::init " - + "Certificate Policy Framework (deprecated) " - + "is DISABLED"); - return; + // CS 8.1 Default: ca.Policy.enable=false + CMS.debug( "PolicyAdminServlet::init " + + "Certificate Policy Framework (deprecated) " + + "is DISABLED" ); + return; } - } catch (EBaseException e) { - throw new ServletException(authority + " does not have a " - + "master policy switch called '" + policyStatus - + "'"); + } catch( EBaseException e ) { + throw new ServletException( authority + + " does not have a " + + "master policy switch called '" + + policyStatus + "'" ); } } else if (mAuthority instanceof IRegistrationAuthority) { // this refers to the legacy RA (pre-CMS 7.0) - mProcessor = ((IRegistrationAuthority) mAuthority) - .getPolicyProcessor(); + mProcessor = ((IRegistrationAuthority) mAuthority).getPolicyProcessor(); } else if (mAuthority instanceof IKeyRecoveryAuthority) { - mProcessor = ((IKeyRecoveryAuthority) mAuthority) - .getPolicyProcessor(); + mProcessor = ((IKeyRecoveryAuthority) mAuthority).getPolicyProcessor(); try { - policyStatus = IKeyRecoveryAuthority.ID + "." + "Policy" - + "." + IPolicyProcessor.PROP_ENABLE; - if (mConfig.getBoolean(policyStatus, true) == true) { - // NOTE: If "kra.Policy.enable=<boolean>" is missing, - // then the referenced instance existed prior - // to this name=value pair existing in its - // 'CS.cfg' file, and thus we err on the - // side that the user may still need to - // use the policy framework. - CMS.debug("PolicyAdminServlet::init " - + "Certificate Policy Framework (deprecated) " - + "is ENABLED"); + policyStatus = IKeyRecoveryAuthority.ID + + "." + "Policy" + + "." + IPolicyProcessor.PROP_ENABLE; + if( mConfig.getBoolean( policyStatus, true ) == true ) { + // NOTE: If "kra.Policy.enable=<boolean>" is missing, + // then the referenced instance existed prior + // to this name=value pair existing in its + // 'CS.cfg' file, and thus we err on the + // side that the user may still need to + // use the policy framework. + CMS.debug( "PolicyAdminServlet::init " + + "Certificate Policy Framework (deprecated) " + + "is ENABLED" ); } else { - // CS 8.1 Default: kra.Policy.enable=false - CMS.debug("PolicyAdminServlet::init " - + "Certificate Policy Framework (deprecated) " - + "is DISABLED"); - return; + // CS 8.1 Default: kra.Policy.enable=false + CMS.debug( "PolicyAdminServlet::init " + + "Certificate Policy Framework (deprecated) " + + "is DISABLED" ); + return; } - } catch (EBaseException e) { - throw new ServletException(authority + " does not have a " - + "master policy switch called '" + policyStatus - + "'"); + } catch( EBaseException e ) { + throw new ServletException( authority + + " does not have a " + + "master policy switch called '" + + policyStatus + "'" ); } - } else - throw new ServletException(authority - + " does not have policy processor!"); + } else + throw new ServletException(authority + " does not have policy processor!"); } /** @@ -199,15 +204,15 @@ public class PolicyAdminServlet extends AdminServlet { return INFO; } - /** - * retrieve extended plugin info such as brief description, type info from - * policy, authentication, need to add: listener, mapper and publishing - * plugins + /** + * retrieve extended plugin info such as brief description, type info + * from policy, authentication, + * need to add: listener, mapper and publishing plugins */ private void getExtendedPluginInfo(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { - + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { + if (!readAuthorize(req, resp)) return; String id = req.getParameter(Constants.RS_ID); @@ -224,16 +229,14 @@ public class PolicyAdminServlet extends AdminServlet { if (colon > -1) { implName = implName1.substring(0, colon); instName = implName1.substring(colon + 1); - params = getExtendedPluginInfo(getLocale(req), implType, implName, - instName); + params = getExtendedPluginInfo(getLocale(req), implType, implName, instName); } else { params = getExtendedPluginInfo(getLocale(req), implType, implName); } sendResponse(SUCCESS, null, params, resp); } - private NameValuePairs getExtendedPluginInfo(Locale locale, - String implType, String implName) { + private NameValuePairs getExtendedPluginInfo(Locale locale, String implType, String implName) { IExtendedPluginInfo ext_info = null; Object impl = null; IPolicyRule policy = mProcessor.getPolicyImpl(implName); @@ -245,27 +248,27 @@ public class PolicyAdminServlet extends AdminServlet { ext_info = (IExtendedPluginInfo) impl; } } - + NameValuePairs nvps = null; - + if (ext_info == null) { nvps = new NameValuePairs(); } else { - nvps = convertStringArrayToNVPairs(ext_info - .getExtendedPluginInfo(locale)); + nvps = convertStringArrayToNVPairs(ext_info.getExtendedPluginInfo(locale)); } - + return nvps; } - public NameValuePairs getExtendedPluginInfo(Locale locale, - String pluginType, String implName, String instName) { + public NameValuePairs getExtendedPluginInfo(Locale locale, String pluginType, + String implName, + String instName) { IExtendedPluginInfo ext_info = null; Object impl = null; IPolicyRule policy = mProcessor.getPolicyInstance(instName); - + impl = policy; if (impl == null) { impl = mProcessor.getPolicyImpl(implName); @@ -281,8 +284,7 @@ public class PolicyAdminServlet extends AdminServlet { if (ext_info == null) { nvps = new NameValuePairs(); } else { - nvps = convertStringArrayToNVPairs(ext_info - .getExtendedPluginInfo(locale)); + nvps = convertStringArrayToNVPairs(ext_info.getExtendedPluginInfo(locale)); } @@ -299,12 +301,10 @@ public class PolicyAdminServlet extends AdminServlet { if (ext_info instanceof IPolicyRule) { if (nvps.getPair(IPolicyRule.PROP_ENABLE) == null) { - nvps.add(IPolicyRule.PROP_ENABLE, - "boolean;Enable this policy rule"); + nvps.add(IPolicyRule.PROP_ENABLE, "boolean;Enable this policy rule"); } if (nvps.getPair(PROP_PREDICATE) == null) { - nvps.add(PROP_PREDICATE, - "string;Rules describing when this policy should run."); + nvps.add(PROP_PREDICATE, "string;Rules describing when this policy should run."); } } } @@ -312,8 +312,9 @@ public class PolicyAdminServlet extends AdminServlet { /** * Serves HTTP admin request. */ - public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void service(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { super.service(req, resp); super.authenticate(req); @@ -331,28 +332,30 @@ public class PolicyAdminServlet extends AdminServlet { } catch (EBaseException e) { sendResponse(ERROR, e.toString(getLocale(req)), null, resp); return; - } + } } else sendResponse(ERROR, INVALID_POLICY_SCOPE, null, resp); } - private boolean readAuthorize(HttpServletRequest req, - HttpServletResponse resp) throws IOException { + private boolean readAuthorize(HttpServletRequest req, + HttpServletResponse resp) throws IOException { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return false; } return true; } - private boolean modifyAuthorize(HttpServletRequest req, - HttpServletResponse resp) throws IOException { + private boolean modifyAuthorize(HttpServletRequest req, + HttpServletResponse resp) throws IOException { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return false; } return true; @@ -362,7 +365,8 @@ public class PolicyAdminServlet extends AdminServlet { * Process Policy Implementation Management. */ public void processPolicyImplMgmt(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); @@ -383,11 +387,13 @@ public class PolicyAdminServlet extends AdminServlet { return; addPolicyImpl(req, resp); } else - sendResponse(ERROR, INVALID_POLICY_IMPL_OP, null, resp); + sendResponse(ERROR, INVALID_POLICY_IMPL_OP, + null, resp); } public void processPolicyRuleMgmt(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); @@ -417,15 +423,18 @@ public class PolicyAdminServlet extends AdminServlet { else modifyPolicyInstance(req, resp); } else - sendResponse(ERROR, INVALID_POLICY_IMPL_OP, null, resp); + sendResponse(ERROR, INVALID_POLICY_IMPL_OP, + null, resp); } - public void listPolicyImpls(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void listPolicyImpls(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { Enumeration policyImplNames = mProcessor.getPolicyImplsInfo(); Enumeration policyImpls = mProcessor.getPolicyImpls(); - if (policyImplNames == null || policyImpls == null) { + if (policyImplNames == null || + policyImpls == null) { sendResponse(ERROR, INVALID_POLICY_IMPL_CONFIG, null, resp); return; } @@ -433,11 +442,13 @@ public class PolicyAdminServlet extends AdminServlet { // Assemble a name value pair; NameValuePairs nvp = new NameValuePairs(); - while (policyImplNames.hasMoreElements() - && policyImpls.hasMoreElements()) { + while (policyImplNames.hasMoreElements() && + policyImpls.hasMoreElements()) { String id = (String) policyImplNames.nextElement(); - IPolicyRule impl = (IPolicyRule) policyImpls.nextElement(); - String className = impl.getClass().getName(); + IPolicyRule impl = (IPolicyRule) + policyImpls.nextElement(); + String className = + impl.getClass().getName(); String desc = impl.getDescription(); nvp.add(id, className + "," + desc); @@ -446,7 +457,8 @@ public class PolicyAdminServlet extends AdminServlet { } public void listPolicyInstances(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { Enumeration instancesInfo = mProcessor.getPolicyInstancesInfo(); if (instancesInfo == null) { @@ -463,7 +475,7 @@ public class PolicyAdminServlet extends AdminServlet { int i = info.indexOf(";"); nvp.add(info.substring(0, i), info.substring(i + 1)); - + } sendResponse(SUCCESS, null, nvp, resp); } @@ -471,19 +483,19 @@ public class PolicyAdminServlet extends AdminServlet { /** * Delete policy implementation * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when * configuring cert policy constraints and extensions * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void deletePolicyImpl(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -496,8 +508,10 @@ public class PolicyAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -510,19 +524,23 @@ public class PolicyAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, null, resp); } catch (Exception e) { - // e.printStackTrace(); + //e.printStackTrace(); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -531,30 +549,33 @@ public class PolicyAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } public void getPolicyImplConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get the policy impl id. String id = req.getParameter(Constants.RS_ID); @@ -583,19 +604,19 @@ public class PolicyAdminServlet extends AdminServlet { /** * Add policy implementation * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when * configuring cert policy constraints and extensions * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ - public void addPolicyImpl(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void addPolicyImpl(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -608,8 +629,10 @@ public class PolicyAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -622,8 +645,10 @@ public class PolicyAdminServlet extends AdminServlet { if (classPath == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -635,8 +660,10 @@ public class PolicyAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -644,8 +671,10 @@ public class PolicyAdminServlet extends AdminServlet { } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -654,44 +683,46 @@ public class PolicyAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Delete policy instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when * configuring cert policy constraints and extensions * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void deletePolicyInstance(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -704,8 +735,10 @@ public class PolicyAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -718,19 +751,23 @@ public class PolicyAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, null, resp); } catch (Exception e) { - // e.printStackTrace(); + //e.printStackTrace(); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -739,30 +776,33 @@ public class PolicyAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } public void getPolicyInstanceConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get the policy rule id. String id = req.getParameter(Constants.RS_ID).trim(); @@ -795,7 +835,8 @@ public class PolicyAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, nvp, resp); } - public void putUserPWPair(String combo) { + public void + putUserPWPair(String combo) { int semicolon; semicolon = combo.indexOf(";"); @@ -808,19 +849,19 @@ public class PolicyAdminServlet extends AdminServlet { /** * Add policy instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when * configuring cert policy constraints and extensions * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void addPolicyInstance(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -833,8 +874,10 @@ public class PolicyAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -848,8 +891,10 @@ public class PolicyAdminServlet extends AdminServlet { if (implName == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -879,8 +924,10 @@ public class PolicyAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -908,8 +955,10 @@ public class PolicyAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -917,8 +966,10 @@ public class PolicyAdminServlet extends AdminServlet { } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -927,57 +978,62 @@ public class PolicyAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Change ordering of policy instances * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when * configuring cert policy constraints and extensions * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void changePolicyInstanceOrdering(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - String policyOrder = req.getParameter(Constants.PR_POLICY_ORDER); + String policyOrder = + req.getParameter(Constants.PR_POLICY_ORDER); if (policyOrder == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -989,8 +1045,10 @@ public class PolicyAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -998,8 +1056,10 @@ public class PolicyAdminServlet extends AdminServlet { } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1008,44 +1068,46 @@ public class PolicyAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Modify policy instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when * configuring cert policy constraints and extensions * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void modifyPolicyInstance(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1058,8 +1120,10 @@ public class PolicyAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1068,14 +1132,15 @@ public class PolicyAdminServlet extends AdminServlet { } // Get the default config params for the implementation. - String implName = req.getParameter(IPolicyRule.PROP_IMPLNAME) - .trim(); + String implName = req.getParameter(IPolicyRule.PROP_IMPLNAME).trim(); if (implName == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1104,15 +1169,17 @@ public class PolicyAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); sendResponse(ERROR, INVALID_POLICY_IMPL_ID, null, resp); return; } - // XXX + // XXX for (Enumeration n = req.getParameterNames(); n.hasMoreElements();) { String p = (String) n.nextElement(); String l = (String) req.getParameter(p); @@ -1122,10 +1189,15 @@ public class PolicyAdminServlet extends AdminServlet { } /* - * for(Enumeration e = v.elements(); e.hasMoreElements(); ) { String - * nv = (String)e.nextElement(); int index = nv.indexOf("="); String - * key = nv.substring(0, index); val = req.getParameter(key); if - * (val != null) ht.put(key, val); } + for(Enumeration e = v.elements(); e.hasMoreElements(); ) + { + String nv = (String)e.nextElement(); + int index = nv.indexOf("="); + String key = nv.substring(0, index); + val = req.getParameter(key); + if (val != null) + ht.put(key, val); + } */ try { @@ -1133,8 +1205,10 @@ public class PolicyAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1142,8 +1216,10 @@ public class PolicyAdminServlet extends AdminServlet { } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1152,25 +1228,28 @@ public class PolicyAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } } + diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java index 1ae8def1..1cfab0b6 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.File; import java.io.IOException; import java.util.Enumeration; @@ -52,12 +53,14 @@ import com.netscape.certsrv.property.IDescriptor; import com.netscape.certsrv.registry.IPluginInfo; import com.netscape.certsrv.registry.IPluginRegistry; + /** * This class is an administration servlet for policy management. - * - * Each service (CA, KRA, RA) should be responsible for registering an instance - * of this with the remote administration subsystem. - * + * + * Each service (CA, KRA, RA) should be responsible + * for registering an instance of this with the remote + * administration subsystem. + * * @version $Revision$, $Date$ */ public class ProfileAdminServlet extends AdminServlet { @@ -69,7 +72,8 @@ public class ProfileAdminServlet extends AdminServlet { public final static String PROP_AUTHORITY = "authority"; private final static String INFO = "ProfileAdminServlet"; - private final static String PW_PASSWORD_CACHE_ADD = "PASSWORD_CACHE_ADD"; + private final static String PW_PASSWORD_CACHE_ADD = + "PASSWORD_CACHE_ADD"; public final static String PROP_PREDICATE = "predicate"; private IAuthority mAuthority = null; @@ -92,7 +96,8 @@ public class ProfileAdminServlet extends AdminServlet { public static String MISSING_POLICY_ORDERING = "Missing policy ordering"; public static String BAD_CONFIGURATION_VAL = "Invalid configuration value."; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE = "LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE = + "LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE_3"; /** * Constructs administration servlet. @@ -111,8 +116,7 @@ public class ProfileAdminServlet extends AdminServlet { if (authority != null) mAuthority = (IAuthority) CMS.getSubsystem(authority); mRegistry = (IPluginRegistry) CMS.getSubsystem(CMS.SUBSYSTEM_REGISTRY); - mProfileSub = (IProfileSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_PROFILE); + mProfileSub = (IProfileSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_PROFILE); } /** @@ -128,12 +132,10 @@ public class ProfileAdminServlet extends AdminServlet { if (ext_info instanceof IPolicyRule) { if (nvps.getPair(IPolicyRule.PROP_ENABLE) == null) { - nvps.add(IPolicyRule.PROP_ENABLE, - "boolean;Enable this policy rule"); + nvps.add(IPolicyRule.PROP_ENABLE, "boolean;Enable this policy rule"); } if (nvps.getPair(PROP_PREDICATE) == null) { - nvps.add(PROP_PREDICATE, - "string;Rules describing when this policy should run."); + nvps.add(PROP_PREDICATE, "string;Rules describing when this policy should run."); } } } @@ -141,8 +143,9 @@ public class ProfileAdminServlet extends AdminServlet { /** * Serves HTTP admin request. */ - public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void service(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { super.service(req, resp); super.authenticate(req); @@ -150,7 +153,7 @@ public class ProfileAdminServlet extends AdminServlet { AUTHZ_RES_NAME = "certServer.profile.configuration"; String scope = req.getParameter(Constants.OP_SCOPE); - CMS.debug("ProfileAdminServlet: service scope: " + scope); + CMS.debug("ProfileAdminServlet: service scope: " + scope); if (scope.equals(ScopeDef.SC_PROFILE_RULES)) { processProfileRuleMgmt(req, resp); } else if (scope.equals(ScopeDef.SC_PROFILE_POLICIES)) { @@ -173,30 +176,33 @@ public class ProfileAdminServlet extends AdminServlet { sendResponse(ERROR, INVALID_POLICY_SCOPE, null, resp); } - private boolean readAuthorize(HttpServletRequest req, - HttpServletResponse resp) throws IOException { + private boolean readAuthorize(HttpServletRequest req, + HttpServletResponse resp) throws IOException { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return false; } return true; } - private boolean modifyAuthorize(HttpServletRequest req, - HttpServletResponse resp) throws IOException { + private boolean modifyAuthorize(HttpServletRequest req, + HttpServletResponse resp) throws IOException { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return false; } return true; } public void processProfilePolicy(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); @@ -216,7 +222,8 @@ public class ProfileAdminServlet extends AdminServlet { } public void processProfileInput(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); String scope = super.getParameter(req, Constants.OP_SCOPE); @@ -237,7 +244,8 @@ public class ProfileAdminServlet extends AdminServlet { } public void processProfileOutput(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); String scope = super.getParameter(req, Constants.OP_SCOPE); @@ -258,7 +266,8 @@ public class ProfileAdminServlet extends AdminServlet { } public void processProfileInputConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); @@ -274,7 +283,8 @@ public class ProfileAdminServlet extends AdminServlet { } public void processProfileOutputConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); @@ -290,7 +300,8 @@ public class ProfileAdminServlet extends AdminServlet { } public void processPolicyDefaultConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); @@ -310,7 +321,8 @@ public class ProfileAdminServlet extends AdminServlet { } public void processPolicyConstraintConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); @@ -334,7 +346,8 @@ public class ProfileAdminServlet extends AdminServlet { * Process Policy Implementation Management. */ public void processPolicyImplMgmt(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); @@ -343,11 +356,13 @@ public class ProfileAdminServlet extends AdminServlet { return; listProfileImpls(req, resp); } else - sendResponse(ERROR, INVALID_POLICY_IMPL_OP, null, resp); + sendResponse(ERROR, INVALID_POLICY_IMPL_OP, + null, resp); } public void processProfileRuleMgmt(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); @@ -372,14 +387,16 @@ public class ProfileAdminServlet extends AdminServlet { return; modifyProfileInstance(req, resp); } else - sendResponse(ERROR, INVALID_POLICY_IMPL_OP, null, resp); + sendResponse(ERROR, INVALID_POLICY_IMPL_OP, + null, resp); } /** * Lists all registered profile impementations */ public void listProfileImpls(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { Enumeration impls = mRegistry.getIds("profile"); NameValuePairs nvp = new NameValuePairs(); @@ -388,30 +405,29 @@ public class ProfileAdminServlet extends AdminServlet { String id = (String) impls.nextElement(); IPluginInfo info = mRegistry.getPluginInfo("profile", id); - nvp.add(id, - info.getClassName() + "," - + info.getDescription(getLocale(req))); - } + nvp.add(id, info.getClassName() + "," + + info.getDescription(getLocale(req))); + } sendResponse(SUCCESS, null, nvp, resp); } /** * Add policy profile * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void addProfilePolicy(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -436,8 +452,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -446,9 +464,11 @@ public class ProfileAdminServlet extends AdminServlet { } if (mProfileSub.isProfileEnable(profileId)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_PROFILE_CREATE_POLICY_FAILED", - "Profile is currently enabled"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), + "CMS_PROFILE_CREATE_POLICY_FAILED", + "Profile is currently enabled"), + null, resp); return; } @@ -460,42 +480,51 @@ public class ProfileAdminServlet extends AdminServlet { try { if (!isValidId(setId)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_PROFILE_CREATE_POLICY_FAILED", - "Invalid set id " + setId), null, resp); - return; + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), + "CMS_PROFILE_CREATE_POLICY_FAILED", + "Invalid set id " + setId), + null, resp); + return; } if (!isValidId(pId)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_PROFILE_CREATE_POLICY_FAILED", - "Invalid policy id " + pId), null, resp); - return; + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), + "CMS_PROFILE_CREATE_POLICY_FAILED", + "Invalid policy id " + pId), + null, resp); + return; } - policy = profile.createProfilePolicy(setId, pId, defImpl, - conImpl); + policy = profile.createProfilePolicy(setId, pId, + defImpl, conImpl); } catch (EBaseException e1) { // error - CMS.debug("ProfileAdminServlet: addProfilePolicy " - + e1.toString()); + CMS.debug("ProfileAdminServlet: addProfilePolicy " + + e1.toString()); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_PROFILE_CREATE_POLICY_FAILED", e1.toString()), - null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_PROFILE_CREATE_POLICY_FAILED", + e1.toString()), + null, resp); return; } NameValuePairs nvp = new NameValuePairs(); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -503,45 +532,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Add profile input * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ - public void addProfileInput(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void addProfileInput(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -564,8 +595,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -596,13 +629,16 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_PROFILE_CREATE_INPUT_FAILED", e1.toString()), - null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_PROFILE_CREATE_INPUT_FAILED", + e1.toString()), + null, resp); return; } @@ -611,8 +647,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -620,45 +658,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Add profile output * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void addProfileOutput(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -681,8 +721,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -707,20 +749,23 @@ public class ProfileAdminServlet extends AdminServlet { } try { - output = profile - .createProfileOutput(outputId, outputImpl, nvps); + output = profile.createProfileOutput(outputId, outputImpl, + nvps); } catch (EBaseException e1) { // error // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_PROFILE_CREATE_OUTPUT_FAILED", e1.toString()), - null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_PROFILE_CREATE_OUTPUT_FAILED", + e1.toString()), + null, resp); return; } @@ -729,8 +774,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -738,45 +785,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Delete policy profile * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void deleteProfilePolicy(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -808,8 +857,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -828,8 +879,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -841,8 +894,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -850,45 +905,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Delete profile input * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void deleteProfileInput(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -911,10 +968,8 @@ public class ProfileAdminServlet extends AdminServlet { if (name.equals("INPUTID")) inputId = req.getParameter(name); } - CMS.debug("ProfileAdminServlet: deleteProfileInput profileId -> " - + profileId); - CMS.debug("ProfileAdminServlet: deleteProfileInput inputId -> " - + inputId); + CMS.debug("ProfileAdminServlet: deleteProfileInput profileId -> " + profileId); + CMS.debug("ProfileAdminServlet: deleteProfileInput inputId -> " + inputId); IProfile profile = null; try { @@ -924,8 +979,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -939,8 +996,10 @@ public class ProfileAdminServlet extends AdminServlet { } catch (EBaseException e1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -952,8 +1011,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -961,45 +1022,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Delete profile output * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void deleteProfileOutput(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1022,10 +1085,8 @@ public class ProfileAdminServlet extends AdminServlet { if (name.equals("OUTPUTID")) outputId = req.getParameter(name); } - CMS.debug("ProfileAdminServlet: deleteProfileOutput profileId -> " - + profileId); - CMS.debug("ProfileAdminServlet: deleteProfileOutput outputId -> " - + outputId); + CMS.debug("ProfileAdminServlet: deleteProfileOutput profileId -> " + profileId); + CMS.debug("ProfileAdminServlet: deleteProfileOutput outputId -> " + outputId); IProfile profile = null; try { @@ -1035,8 +1096,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1044,15 +1107,16 @@ public class ProfileAdminServlet extends AdminServlet { return; } - CMS.debug("ProfileAdminServlet: deleteProfileOutput profile -> " - + profile); + CMS.debug("ProfileAdminServlet: deleteProfileOutput profile -> " + profile); try { profile.deleteProfileOutput(outputId); } catch (EBaseException e1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1064,8 +1128,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1073,45 +1139,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Add default policy profile configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void addPolicyDefaultConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1133,14 +1201,16 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); sendResponse(ERROR, null, null, resp); return; - } + } StringTokenizer ss = new StringTokenizer(policyId, ":"); String setId = ss.nextToken(); @@ -1149,7 +1219,7 @@ public class ProfileAdminServlet extends AdminServlet { IProfilePolicy policy = profile.getProfilePolicy(setId, pId); IPolicyDefault def = policy.getDefault(); IConfigStore defConfig = def.getConfigStore(); - + Enumeration names = req.getParameterNames(); while (names.hasMoreElements()) { @@ -1162,28 +1232,28 @@ public class ProfileAdminServlet extends AdminServlet { if (name.equals("RS_ID")) continue; try { - def.setConfig(name, req.getParameter(name)); + def.setConfig(name,req.getParameter(name)); } catch (EPropertyException e) { - CMS.debug("ProfileAdminServlet: modifyPolicyDefConfig setConfig exception."); - try { - profile.deleteProfilePolicy(setId, pId); - } catch (Exception e11) { - } - sendResponse(ERROR, BAD_CONFIGURATION_VAL, null, resp); - return; + CMS.debug("ProfileAdminServlet: modifyPolicyDefConfig setConfig exception."); + try { + profile.deleteProfilePolicy(setId, pId); + } catch (Exception e11) {} + sendResponse(ERROR,BAD_CONFIGURATION_VAL,null,resp); + return; } - // defConfig.putString("params." + name, - // req.getParameter(name)); + // defConfig.putString("params." + name, req.getParameter(name)); } try { profile.getConfigStore().commit(false); } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1194,8 +1264,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1203,45 +1275,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Add policy constraints profile configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void addPolicyConstraintConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1263,14 +1337,16 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); sendResponse(ERROR, null, null, resp); return; - } + } StringTokenizer ss = new StringTokenizer(policyId, ":"); String setId = ss.nextToken(); @@ -1293,28 +1369,28 @@ public class ProfileAdminServlet extends AdminServlet { continue; try { - con.setConfig(name, req.getParameter(name)); + con.setConfig(name,req.getParameter(name)); } catch (EPropertyException e) { - CMS.debug("ProfileAdminServlet: addPolicyConstraintsConfig setConfig exception."); - try { - profile.deleteProfilePolicy(setId, pId); - } catch (Exception e11) { - } - sendResponse(ERROR, BAD_CONFIGURATION_VAL, null, resp); - return; + CMS.debug("ProfileAdminServlet: addPolicyConstraintsConfig setConfig exception."); + try { + profile.deleteProfilePolicy(setId, pId); + } catch (Exception e11) {} + sendResponse(ERROR,BAD_CONFIGURATION_VAL,null,resp); + return; } - // conConfig.putString("params." + name, - // req.getParameter(name)); + // conConfig.putString("params." + name, req.getParameter(name)); } try { profile.getConfigStore().commit(false); } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1326,8 +1402,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1335,45 +1413,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Modify default policy profile configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void modifyPolicyDefaultConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1395,14 +1475,16 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); sendResponse(ERROR, null, null, resp); return; - } + } StringTokenizer ss = new StringTokenizer(policyId, ":"); String setId = ss.nextToken(); @@ -1410,7 +1492,7 @@ public class ProfileAdminServlet extends AdminServlet { IProfilePolicy policy = profile.getProfilePolicy(setId, pId); IPolicyDefault def = policy.getDefault(); IConfigStore defConfig = def.getConfigStore(); - + Enumeration names = req.getParameterNames(); while (names.hasMoreElements()) { @@ -1423,24 +1505,25 @@ public class ProfileAdminServlet extends AdminServlet { if (name.equals("RS_ID")) continue; try { - def.setConfig(name, req.getParameter(name)); + def.setConfig(name,req.getParameter(name)); } catch (EPropertyException e) { - CMS.debug("ProfileAdminServlet: modifyPolicyDefConfig setConfig exception."); - sendResponse(ERROR, BAD_CONFIGURATION_VAL, null, resp); - return; + CMS.debug("ProfileAdminServlet: modifyPolicyDefConfig setConfig exception."); + sendResponse(ERROR,BAD_CONFIGURATION_VAL,null,resp); + return; } - // defConfig.putString("params." + name, - // req.getParameter(name)); + // defConfig.putString("params." + name, req.getParameter(name)); } try { profile.getConfigStore().commit(false); } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1451,8 +1534,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1460,45 +1545,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Modify profile input configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void modifyInputConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1520,8 +1607,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1550,8 +1639,10 @@ public class ProfileAdminServlet extends AdminServlet { } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1562,8 +1653,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1571,45 +1664,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Modify profile output configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void modifyOutputConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1631,8 +1726,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1654,16 +1751,18 @@ public class ProfileAdminServlet extends AdminServlet { continue; if (name.equals("RS_ID")) continue; - outputConfig - .putString("params." + name, req.getParameter(name)); + outputConfig.putString("params." + name, + req.getParameter(name)); } try { profile.getConfigStore().commit(false); } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1674,8 +1773,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1683,45 +1784,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Modify policy constraints profile configuration * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void modifyPolicyConstraintConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1743,14 +1846,16 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); sendResponse(ERROR, null, null, resp); return; - } + } StringTokenizer ss = new StringTokenizer(policyId, ":"); String setId = ss.nextToken(); @@ -1761,8 +1866,7 @@ public class ProfileAdminServlet extends AdminServlet { Enumeration names = req.getParameterNames(); - CMS.debug("ProfileAdminServlet: modifyPolicyConstraintConfig policy " - + policy + " con " + con); + CMS.debug("ProfileAdminServlet: modifyPolicyConstraintConfig policy " + policy + " con " + con); while (names.hasMoreElements()) { String name = (String) names.nextElement(); @@ -1773,27 +1877,27 @@ public class ProfileAdminServlet extends AdminServlet { if (name.equals("RS_ID")) continue; - // CMS.debug("ProfileAdminServlet: modifyPolicyConstraintConfig name" - // + name + " val " + req.getParameter(name)); + // CMS.debug("ProfileAdminServlet: modifyPolicyConstraintConfig name" + name + " val " + req.getParameter(name)); try { - con.setConfig(name, req.getParameter(name)); + con.setConfig(name,req.getParameter(name)); } catch (EPropertyException e) { - CMS.debug("ProfileAdminServlet: modifyPolicyConstraintsConfig setConfig exception."); - sendResponse(ERROR, BAD_CONFIGURATION_VAL, null, resp); - return; + CMS.debug("ProfileAdminServlet: modifyPolicyConstraintsConfig setConfig exception."); + sendResponse(ERROR,BAD_CONFIGURATION_VAL,null,resp); + return; } - // conConfig.putString("params." + name, - // req.getParameter(name)); + //conConfig.putString("params." + name, req.getParameter(name)); } try { profile.getConfigStore().commit(false); } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1805,8 +1909,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1814,30 +1920,33 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } public void getPolicyDefaultConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String id = req.getParameter(Constants.RS_ID); StringTokenizer st = new StringTokenizer(id, ";"); @@ -1849,9 +1958,9 @@ public class ProfileAdminServlet extends AdminServlet { try { profile = mProfileSub.getProfile(profileId); } catch (EBaseException e1) { - CMS.debug("ProfileAdminServlet::getPolicyDefaultConfig() - " - + "profile is null!"); - throw new ServletException(e1.toString()); + CMS.debug( "ProfileAdminServlet::getPolicyDefaultConfig() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); } IProfilePolicy policy = null; @@ -1874,26 +1983,22 @@ public class ProfileAdminServlet extends AdminServlet { if (desc == null) { nvp.add(name, ";" + ";" + rule.getConfig(name)); } else { - nvp.add(name, - desc.getSyntax() + ";" + ";" - + getNonNull(desc.getConstraint()) + ";" - + desc.getDescription(getLocale(req)) + ";" - + rule.getConfig(name)); + nvp.add(name, desc.getSyntax() + ";" + ";" + getNonNull(desc.getConstraint()) + ";" + desc.getDescription(getLocale(req)) + ";" + rule.getConfig(name)); } } sendResponse(SUCCESS, null, nvp, resp); } public void getPolicyConstraintConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String id = req.getParameter(Constants.RS_ID); - String constraintsList = req - .getParameter(Constants.PR_CONSTRAINTS_LIST); + String constraintsList = req.getParameter(Constants.PR_CONSTRAINTS_LIST); // this one gets called when one of the elements in the default list get // selected, then it returns the list of supported constraintsPolicy if (constraintsList != null) { - + } StringTokenizer st = new StringTokenizer(id, ";"); @@ -1905,9 +2010,9 @@ public class ProfileAdminServlet extends AdminServlet { try { profile = mProfileSub.getProfile(profileId); } catch (EBaseException e1) { - CMS.debug("ProfileAdminServlet::getPolicyConstraintConfig() - " - + "profile is null!"); - throw new ServletException(e1.toString()); + CMS.debug( "ProfileAdminServlet::getPolicyConstraintConfig() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); } StringTokenizer ss = new StringTokenizer(policyId, ":"); @@ -1926,18 +2031,15 @@ public class ProfileAdminServlet extends AdminServlet { if (desc == null) { nvp.add(name, ";" + rule.getConfig(name)); } else { - nvp.add(name, - desc.getSyntax() + ";" - + getNonNull(desc.getConstraint()) + ";" - + desc.getDescription(getLocale(req)) + ";" - + rule.getConfig(name)); + nvp.add(name, desc.getSyntax() + ";" + getNonNull(desc.getConstraint()) + ";" + desc.getDescription(getLocale(req)) + ";" + rule.getConfig(name)); } } sendResponse(SUCCESS, null, nvp, resp); } public void getProfilePolicy(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String id = req.getParameter(Constants.RS_ID); // only allow profile retrival if it is disabled @@ -1947,9 +2049,9 @@ public class ProfileAdminServlet extends AdminServlet { try { profile = mProfileSub.getProfile(id); } catch (EBaseException e1) { - CMS.debug("ProfileAdminServlet::getProfilePolicy() - " - + "profile is null!"); - throw new ServletException(e1.toString()); + CMS.debug( "ProfileAdminServlet::getProfilePolicy() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); } NameValuePairs nvp = new NameValuePairs(); @@ -1971,9 +2073,9 @@ public class ProfileAdminServlet extends AdminServlet { IPolicyConstraint con = policy.getConstraint(); IConfigStore conConfig = con.getConfigStore(); - nvp.add(setId + ":" + policy.getId(), - def.getName(getLocale(req)) + ";" - + con.getName(getLocale(req))); + nvp.add(setId + ":" + policy.getId(), + def.getName(getLocale(req)) + ";" + + con.getName(getLocale(req))); } } @@ -1981,16 +2083,17 @@ public class ProfileAdminServlet extends AdminServlet { } public void getProfileOutput(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String id = req.getParameter(Constants.RS_ID); IProfile profile = null; try { profile = mProfileSub.getProfile(id); } catch (EBaseException e1) { - CMS.debug("ProfileAdminServlet::getProfileOutput() - " - + "profile is null!"); - throw new ServletException(e1.toString()); + CMS.debug( "ProfileAdminServlet::getProfileOutput() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); } NameValuePairs nvp = new NameValuePairs(); @@ -2006,17 +2109,18 @@ public class ProfileAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, nvp, resp); } - public void getProfileInput(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void getProfileInput(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { String id = req.getParameter(Constants.RS_ID); IProfile profile = null; try { profile = mProfileSub.getProfile(id); } catch (EBaseException e1) { - CMS.debug("ProfileAdminServlet::getProfileInput() - " - + "profile is null!"); - throw new ServletException(e1.toString()); + CMS.debug( "ProfileAdminServlet::getProfileInput() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); } NameValuePairs nvp = new NameValuePairs(); @@ -2032,9 +2136,10 @@ public class ProfileAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, nvp, resp); } - public void getInputConfig(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { - + public void getInputConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { + String id = req.getParameter(Constants.RS_ID); StringTokenizer st = new StringTokenizer(id, ";"); String profileId = st.nextToken(); @@ -2044,9 +2149,9 @@ public class ProfileAdminServlet extends AdminServlet { try { profile = mProfileSub.getProfile(profileId); } catch (EBaseException e1) { - CMS.debug("ProfileAdminServlet::getInputConfig() - " - + "profile is null!"); - throw new ServletException(e1.toString()); + CMS.debug( "ProfileAdminServlet::getInputConfig() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); } IProfileInput profileInput = null; @@ -2057,24 +2162,24 @@ public class ProfileAdminServlet extends AdminServlet { while (names.hasMoreElements()) { String name = (String) names.nextElement(); - IDescriptor desc = profileInput.getConfigDescriptor(getLocale(req), - name); + IDescriptor desc = profileInput.getConfigDescriptor( + getLocale(req), name); if (desc == null) { nvp.add(name, ";" + ";" + profileInput.getConfig(name)); } else { - nvp.add(name, - desc.getSyntax() + ";" - + getNonNull(desc.getConstraint()) + ";" - + desc.getDescription(getLocale(req)) + ";" - + profileInput.getConfig(name)); + nvp.add(name, desc.getSyntax() + ";" + + getNonNull(desc.getConstraint()) + ";" + + desc.getDescription(getLocale(req)) + ";" + + profileInput.getConfig(name)); } } sendResponse(SUCCESS, null, nvp, resp); } - public void getOutputConfig(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void getOutputConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { String id = req.getParameter(Constants.RS_ID); StringTokenizer st = new StringTokenizer(id, ";"); @@ -2085,9 +2190,9 @@ public class ProfileAdminServlet extends AdminServlet { try { profile = mProfileSub.getProfile(profileId); } catch (EBaseException e1) { - CMS.debug("ProfileAdminServlet::getOutputConfig() - " - + "profile is null!"); - throw new ServletException(e1.toString()); + CMS.debug( "ProfileAdminServlet::getOutputConfig() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); } IProfileOutput profileOutput = null; @@ -2099,15 +2204,14 @@ public class ProfileAdminServlet extends AdminServlet { while (names.hasMoreElements()) { String name = (String) names.nextElement(); IDescriptor desc = profileOutput.getConfigDescriptor( - getLocale(req), name); + getLocale(req), name); if (desc == null) { nvp.add(name, ";" + ";" + profileOutput.getConfig(name)); } else { - nvp.add(name, - desc.getSyntax() + ";" - + getNonNull(desc.getConstraint()) + ";" - + desc.getDescription(getLocale(req)) + ";" - + profileOutput.getConfig(name)); + nvp.add(name, desc.getSyntax() + ";" + + getNonNull(desc.getConstraint()) + ";" + + desc.getDescription(getLocale(req)) + ";" + + profileOutput.getConfig(name)); } } @@ -2115,7 +2219,8 @@ public class ProfileAdminServlet extends AdminServlet { } public void listProfileInstances(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { NameValuePairs nvp = new NameValuePairs(); Enumeration e = mProfileSub.getProfileIds(); @@ -2129,7 +2234,7 @@ public class ProfileAdminServlet extends AdminServlet { } catch (EBaseException e1) { // error } - + String status = null; if (mProfileSub.isProfileEnable(profileId)) { @@ -2145,7 +2250,8 @@ public class ProfileAdminServlet extends AdminServlet { } public void getProfileInstanceConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String id = req.getParameter(Constants.RS_ID); IProfile profile = null; @@ -2153,9 +2259,9 @@ public class ProfileAdminServlet extends AdminServlet { try { profile = mProfileSub.getProfile(id); } catch (EBaseException e1) { - CMS.debug("ProfileAdminServlet::getProfileInstanceConfig() - " - + "profile is null!"); - throw new ServletException(e1.toString()); + CMS.debug( "ProfileAdminServlet::getProfileInstanceConfig() - " + + "profile is null!" ); + throw new ServletException( e1.toString() ); } NameValuePairs nvp = new NameValuePairs(); @@ -2163,7 +2269,8 @@ public class ProfileAdminServlet extends AdminServlet { nvp.add("name", profile.getName(getLocale(req))); nvp.add("desc", profile.getDescription(getLocale(req))); nvp.add("visible", Boolean.toString(profile.isVisible())); - nvp.add("enable", Boolean.toString(mProfileSub.isProfileEnable(id))); + nvp.add("enable", Boolean.toString( + mProfileSub.isProfileEnable(id))); String authid = profile.getAuthenticatorId(); @@ -2181,20 +2288,20 @@ public class ProfileAdminServlet extends AdminServlet { /** * Delete profile instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void deleteProfileInstance(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -2207,8 +2314,10 @@ public class ProfileAdminServlet extends AdminServlet { if (id == null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2218,47 +2327,51 @@ public class ProfileAdminServlet extends AdminServlet { String config = null; - ISubsystem subsystem = CMS.getSubsystem("ca"); + ISubsystem subsystem = CMS.getSubsystem("ca"); String subname = "ca"; - if (subsystem == null) - subname = "ra"; + if (subsystem == null) + subname = "ra"; try { - config = CMS.getConfigStore().getString("instanceRoot") - + "/profiles/" + subname + "/" + id + ".cfg"; + config = CMS.getConfigStore().getString("instanceRoot") + + "/profiles/" + subname + "/" + id + ".cfg"; } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); sendResponse(ERROR, null, null, resp); return; } - + try { mProfileSub.deleteProfile(id, config); } catch (EProfileException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), e.toString(), id), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), e.toString(), id), null, resp); return; } // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -2266,29 +2379,32 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } - public void putUserPWPair(String combo) { + public void + putUserPWPair(String combo) { int semicolon; semicolon = combo.indexOf(";"); @@ -2298,11 +2414,12 @@ public class ProfileAdminServlet extends AdminServlet { CMS.putPasswordCache(user, pw); } - public boolean isValidId(String id) { + public boolean isValidId(String id) + { for (int i = 0; i < id.length(); i++) { - char c = id.charAt(i); - if (!Character.isLetterOrDigit(c)) - return false; + char c = id.charAt(i); + if (!Character.isLetterOrDigit(c)) + return false; } return true; } @@ -2310,20 +2427,20 @@ public class ProfileAdminServlet extends AdminServlet { /** * Add profile instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void addProfileInstance(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -2336,8 +2453,10 @@ public class ProfileAdminServlet extends AdminServlet { if (id == null || id.trim().equals("") || !isValidId(id)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2349,14 +2468,14 @@ public class ProfileAdminServlet extends AdminServlet { IProfile p = null; try { - p = mProfileSub.getProfile(id); + p = mProfileSub.getProfile(id); } catch (EProfileException e1) { } if (p != null) { sendResponse(ERROR, POLICY_INST_ID_ALREADY_USED, null, resp); return; } - + String impl = req.getParameter("impl"); String name = req.getParameter("name"); String desc = req.getParameter("desc"); @@ -2371,13 +2490,14 @@ public class ProfileAdminServlet extends AdminServlet { subname = "ra"; try { - config = CMS.getConfigStore().getString("instanceRoot") - + "/profiles/" + subname + "/" + id + ".cfg"; + config = CMS.getConfigStore().getString("instanceRoot") + "/profiles/" + subname + "/" + id + ".cfg"; } catch (EBaseException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2397,9 +2517,10 @@ public class ProfileAdminServlet extends AdminServlet { // create profile try { profile = mProfileSub.createProfile(id, impl, - info.getClassName(), config); - profile.setName(getLocale(req), name); - profile.setDescription(getLocale(req), name); + info.getClassName(), + config); + profile.setName(getLocale(req), name); + profile.setDescription(getLocale(req), name); if (visible != null && visible.equals("true")) { profile.setVisible(true); } else { @@ -2410,17 +2531,19 @@ public class ProfileAdminServlet extends AdminServlet { mProfileSub.createProfileConfig(id, impl, config); if (profile instanceof IProfileEx) { - // populates profile specific plugins such as - // policies, inputs and outputs - ((IProfileEx) profile).populate(); - } + // populates profile specific plugins such as + // policies, inputs and outputs + ((IProfileEx)profile).populate(); + } } catch (Exception e) { CMS.debug("ProfileAdminServlet: " + e.toString()); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2430,8 +2553,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -2439,45 +2564,47 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } /** * Modify profile instance * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when * configuring cert profile (general settings and cert profile; obsoletes * extensions and constraints policies) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred */ public void modifyProfileInstance(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -2496,8 +2623,10 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2522,13 +2651,15 @@ public class ProfileAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); try { - profile.getConfigStore().commit(false); + profile.getConfigStore().commit(false); } catch (Exception e) { } @@ -2536,32 +2667,35 @@ public class ProfileAdminServlet extends AdminServlet { } catch (IOException eAudit1) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit1; // } catch( ServletException eAudit2 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit2; + // // rethrow the specific exception to be handled later + // throw eAudit2; } } - protected String getNonNull(String s) { - if (s == null) - return ""; - return s; - } + protected String getNonNull(String s) { + if (s == null) + return ""; + return s; + } } + diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java index 32e610fa..2842542e 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/PublisherAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.util.Enumeration; import java.util.Locale; @@ -67,11 +68,12 @@ import com.netscape.certsrv.publish.RulePlugin; import com.netscape.certsrv.security.ICryptoSubsystem; import com.netscape.cmsutil.password.IPasswordStore; + /** - * A class representing an publishing servlet for the Publishing subsystem. This - * servlet is responsible to serve configuration requests for the Publishing - * subsystem. - * + * A class representing an publishing servlet for the + * Publishing subsystem. This servlet is responsible + * to serve configuration requests for the Publishing subsystem. + * * @version $Revision$, $Date$ */ public class PublisherAdminServlet extends AdminServlet { @@ -83,7 +85,8 @@ public class PublisherAdminServlet extends AdminServlet { public final static String PROP_AUTHORITY = "authority"; private final static String INFO = "PublisherAdminServlet"; - private final static String PW_TAG_CA_LDAP_PUBLISHING = "CA LDAP Publishing"; + private final static String PW_TAG_CA_LDAP_PUBLISHING = + "CA LDAP Publishing"; public final static String NOMAPPER = "<NONE>"; private IPublisherProcessor mProcessor = null; private IAuthority mAuth = null; @@ -106,25 +109,23 @@ public class PublisherAdminServlet extends AdminServlet { mAuth = (IAuthority) CMS.getSubsystem(authority); if (mAuth != null) if (mAuth instanceof ICertificateAuthority) { - mProcessor = ((ICertificateAuthority) mAuth) - .getPublisherProcessor(); - } else - throw new ServletException(authority - + " does not have publishing processor!"); + mProcessor = ((ICertificateAuthority) mAuth).getPublisherProcessor(); + } else + throw new ServletException(authority + " does not have publishing processor!"); } /** * Returns serlvet information. */ - public String getServletInfo() { - return INFO; + public String getServletInfo() { + return INFO; } /** * Serves HTTP admin request. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); CMS.debug("PublisherAdminServlet: in service"); @@ -132,13 +133,14 @@ public class PublisherAdminServlet extends AdminServlet { String op = req.getParameter(Constants.OP_TYPE); if (op == null) { - // System.out.println("SRVLT_INVALID_PROTOCOL"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); + //System.out.println("SRVLT_INVALID_PROTOCOL"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), + null, resp); return; } - // for the rest + // for the rest try { super.authenticate(req); @@ -147,8 +149,8 @@ public class PublisherAdminServlet extends AdminServlet { return; } } catch (IOException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req),"CMS_ADMIN_SRVLT_AUTHS_FAILED"), + null, resp); return; } try { @@ -157,8 +159,9 @@ public class PublisherAdminServlet extends AdminServlet { if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_LDAP)) { @@ -185,12 +188,13 @@ public class PublisherAdminServlet extends AdminServlet { } else if (scope.equals(ScopeDef.SC_RULE_RULES)) { getRuleInstConfig(req, resp); return; - } + } } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_LDAP)) { @@ -209,19 +213,21 @@ public class PublisherAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_PROCESS)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_LDAP)) { testSetLDAPDest(req, resp); return; - } + } } else if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_PUBLISHER_IMPLS)) { @@ -236,7 +242,7 @@ public class PublisherAdminServlet extends AdminServlet { } else if (scope.equals(ScopeDef.SC_MAPPER_RULES)) { listMapperInsts(req, resp); return; - } else if (scope.equals(ScopeDef.SC_RULE_IMPLS)) { + } else if (scope.equals(ScopeDef.SC_RULE_IMPLS)) { listRulePlugins(req, resp); return; } else if (scope.equals(ScopeDef.SC_RULE_RULES)) { @@ -246,8 +252,9 @@ public class PublisherAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_ADD)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_PUBLISHER_IMPLS)) { @@ -268,12 +275,13 @@ public class PublisherAdminServlet extends AdminServlet { } else if (scope.equals(ScopeDef.SC_RULE_RULES)) { addRuleInst(req, resp, scope); return; - } + } } else if (op.equals(OpDef.OP_DELETE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_PUBLISHER_IMPLS)) { @@ -296,27 +304,31 @@ public class PublisherAdminServlet extends AdminServlet { return; } } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_TYPE", op), + null, resp); return; } } else { - // System.out.println("SRVLT_INVALID_OP_SCOPE"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + //System.out.println("SRVLT_INVALID_OP_SCOPE"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } catch (EBaseException e) { sendResponse(ERROR, e.toString(getLocale(req)), null, resp); return; - } - // System.out.println("SRVLT_FAIL_PERFORM 2"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_PERFORM_FAILED"), null, resp); + } + //System.out.println("SRVLT_FAIL_PERFORM 2"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_PERFORM_FAILED"), + null, resp); return; } - private IExtendedPluginInfo getExtendedPluginInfo(IPublisherProcessor p) { + private IExtendedPluginInfo getExtendedPluginInfo(IPublisherProcessor + p) { Enumeration mappers = p.getMapperInsts().keys(); Enumeration publishers = p.getPublisherInsts().keys(); @@ -325,11 +337,11 @@ public class PublisherAdminServlet extends AdminServlet { for (; mappers.hasMoreElements();) { String name = (String) mappers.nextElement(); - if (map.length() == 0) { - map.append(name); + if (map.length()== 0) { + map.append(name); } else { - map.append(","); - map.append(name); + map.append(","); + map.append(name); } } StringBuffer publish = new StringBuffer(); @@ -343,19 +355,16 @@ public class PublisherAdminServlet extends AdminServlet { String epi[] = new String[] { "type;choice(cacert,crl,certs,xcert);The certType of the request", - "mapper;choice(" - + map.toString() - + ");Use the mapper to find the ldap dn to publish the certificate or crl", - "publisher;choice(" - + publish.toString() - + ");Use the publisher to publish the certificate or crl a directory etc", - "enable;boolean;", "predicate;string;" }; + "mapper;choice(" + map.toString() + ");Use the mapper to find the ldap dn to publish the certificate or crl", + "publisher;choice(" + publish.toString() + ");Use the publisher to publish the certificate or crl a directory etc", + "enable;boolean;", + "predicate;string;" + }; return new ExtendedPluginInfo(epi); } - private NameValuePairs getExtendedPluginInfo(Locale locale, - String implType, String implName) { + private NameValuePairs getExtendedPluginInfo(Locale locale, String implType, String implName) { IExtendedPluginInfo ext_info = null; Object impl = null; @@ -365,20 +374,19 @@ public class PublisherAdminServlet extends AdminServlet { // Should get the registered rules from processor // instead of plugin - // OLD: impl = - // getClassByNameAsExtendedPluginInfo(plugin.getClassPath()); + // OLD: impl = getClassByNameAsExtendedPluginInfo(plugin.getClassPath()); impl = getExtendedPluginInfo(p_processor); } else if (implType.equals(Constants.PR_EXT_PLUGIN_IMPLTYPE_MAPPER)) { IPublisherProcessor p_processor = mProcessor; - Plugin plugin = (Plugin) p_processor.getMapperPlugins().get( - implName); + Plugin plugin = (Plugin) p_processor.getMapperPlugins().get(implName + ); impl = getClassByNameAsExtendedPluginInfo(plugin.getClassPath()); - } else if (implType.equals(Constants.PR_EXT_PLUGIN_IMPLTYPE_PUBLISHER)) { + } else if (implType.equals(Constants.PR_EXT_PLUGIN_IMPLTYPE_PUBLISHER) + ) { IPublisherProcessor p_processor = mProcessor; - Plugin plugin = (Plugin) p_processor.getPublisherPlugins().get( - implName); + Plugin plugin = (Plugin) p_processor.getPublisherPlugins().get(implName); impl = getClassByNameAsExtendedPluginInfo(plugin.getClassPath()); } @@ -393,22 +401,21 @@ public class PublisherAdminServlet extends AdminServlet { if (ext_info == null) { nvps = new NameValuePairs(); } else { - nvps = convertStringArrayToNVPairs(ext_info - .getExtendedPluginInfo(locale)); + nvps = convertStringArrayToNVPairs(ext_info.getExtendedPluginInfo(locale)); } return nvps; } - /** - * retrieve extended plugin info such as brief description, type info from - * policy, authentication, need to add: listener, mapper and publishing - * plugins + /** + * retrieve extended plugin info such as brief description, type info + * from policy, authentication, + * need to add: listener, mapper and publishing plugins */ private void getExtendedPluginInfo(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); int colon = id.indexOf(':'); @@ -416,20 +423,19 @@ public class PublisherAdminServlet extends AdminServlet { String implType = id.substring(0, colon); String implName = id.substring(colon + 1); - NameValuePairs params = getExtendedPluginInfo(getLocale(req), implType, - implName); + NameValuePairs params = + getExtendedPluginInfo(getLocale(req), implType, implName); sendResponse(SUCCESS, null, params, resp); } - - private void getLDAPDest(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + + private void getLDAPDest(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); IConfigStore config = mAuth.getConfigStore(); - IConfigStore publishcfg = config - .getSubStore(IPublisherProcessor.PROP_PUBLISH_SUBSTORE); - IConfigStore ldapcfg = publishcfg - .getSubStore(IPublisherProcessor.PROP_LDAP_PUBLISH_SUBSTORE); + IConfigStore publishcfg = config.getSubStore(IPublisherProcessor.PROP_PUBLISH_SUBSTORE); + IConfigStore ldapcfg = publishcfg.getSubStore(IPublisherProcessor.PROP_LDAP_PUBLISH_SUBSTORE); IConfigStore ldap = ldapcfg.getSubStore(IPublisherProcessor.PROP_LDAP); Enumeration e = req.getParameterNames(); @@ -458,63 +464,53 @@ public class PublisherAdminServlet extends AdminServlet { if (name.equals(Constants.PR_PUBLISHING_QUEUE_STATUS)) continue; if (name.equals(Constants.PR_CERT_NAMES)) { - ICryptoSubsystem jss = (ICryptoSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_CRYPTO); + ICryptoSubsystem jss = (ICryptoSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_CRYPTO); params.add(name, jss.getAllCerts()); } else { String value = ldap.getString(name, ""); if (value == null || value.equals("")) { - if (name.equals(ILdapBoundConnFactory.PROP_LDAPCONNINFO - + "." + ILdapConnInfo.PROP_HOST)) { - value = mConfig.getString( - ConfigConstants.PR_MACHINE_NAME, null); - } else if (name - .equals(ILdapBoundConnFactory.PROP_LDAPCONNINFO - + "." + ILdapConnInfo.PROP_PORT)) { + if (name.equals(ILdapBoundConnFactory.PROP_LDAPCONNINFO + "." + ILdapConnInfo.PROP_HOST)) { + value = mConfig.getString(ConfigConstants.PR_MACHINE_NAME, null); + } else if (name.equals(ILdapBoundConnFactory.PROP_LDAPCONNINFO + "." + ILdapConnInfo.PROP_PORT)) { value = ILdapConnInfo.PROP_PORT_DEFAULT; - } else if (name - .equals(ILdapBoundConnFactory.PROP_LDAPAUTHINFO - + "." + ILdapAuthInfo.PROP_BINDDN)) { + } else if (name.equals(ILdapBoundConnFactory.PROP_LDAPAUTHINFO + "." + ILdapAuthInfo.PROP_BINDDN)) { value = ILdapAuthInfo.PROP_BINDDN_DEFAULT; } } params.add(name, value); } } - params.add(Constants.PR_PUBLISHING_ENABLE, publishcfg.getString( - IPublisherProcessor.PROP_ENABLE, Constants.FALSE)); - params.add(Constants.PR_PUBLISHING_QUEUE_ENABLE, publishcfg.getString( - Constants.PR_PUBLISHING_QUEUE_ENABLE, Constants.TRUE)); - params.add(Constants.PR_PUBLISHING_QUEUE_THREADS, publishcfg.getString( - Constants.PR_PUBLISHING_QUEUE_THREADS, "3")); - params.add(Constants.PR_PUBLISHING_QUEUE_PAGE_SIZE, publishcfg - .getString(Constants.PR_PUBLISHING_QUEUE_PAGE_SIZE, "40")); - params.add(Constants.PR_PUBLISHING_QUEUE_PRIORITY, publishcfg - .getString(Constants.PR_PUBLISHING_QUEUE_PRIORITY, "0")); - params.add(Constants.PR_PUBLISHING_QUEUE_STATUS, publishcfg.getString( - Constants.PR_PUBLISHING_QUEUE_STATUS, "200")); - params.add(Constants.PR_ENABLE, ldapcfg.getString( - IPublisherProcessor.PROP_ENABLE, Constants.FALSE)); + params.add(Constants.PR_PUBLISHING_ENABLE, + publishcfg.getString(IPublisherProcessor.PROP_ENABLE, Constants.FALSE)); + params.add(Constants.PR_PUBLISHING_QUEUE_ENABLE, + publishcfg.getString(Constants.PR_PUBLISHING_QUEUE_ENABLE, Constants.TRUE)); + params.add(Constants.PR_PUBLISHING_QUEUE_THREADS, + publishcfg.getString(Constants.PR_PUBLISHING_QUEUE_THREADS, "3")); + params.add(Constants.PR_PUBLISHING_QUEUE_PAGE_SIZE, + publishcfg.getString(Constants.PR_PUBLISHING_QUEUE_PAGE_SIZE, "40")); + params.add(Constants.PR_PUBLISHING_QUEUE_PRIORITY, + publishcfg.getString(Constants.PR_PUBLISHING_QUEUE_PRIORITY, "0")); + params.add(Constants.PR_PUBLISHING_QUEUE_STATUS, + publishcfg.getString(Constants.PR_PUBLISHING_QUEUE_STATUS, "200")); + params.add(Constants.PR_ENABLE, + ldapcfg.getString(IPublisherProcessor.PROP_ENABLE, Constants.FALSE)); sendResponse(SUCCESS, null, params, resp); } private void setLDAPDest(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); - // Save New Settings to the config file + //Save New Settings to the config file IConfigStore config = mAuth.getConfigStore(); - IConfigStore publishcfg = config - .getSubStore(IPublisherProcessor.PROP_PUBLISH_SUBSTORE); - IConfigStore ldapcfg = publishcfg - .getSubStore(IPublisherProcessor.PROP_LDAP_PUBLISH_SUBSTORE); + IConfigStore publishcfg = config.getSubStore(IPublisherProcessor.PROP_PUBLISH_SUBSTORE); + IConfigStore ldapcfg = publishcfg.getSubStore(IPublisherProcessor.PROP_LDAP_PUBLISH_SUBSTORE); IConfigStore ldap = ldapcfg.getSubStore(IPublisherProcessor.PROP_LDAP); - // set enable flag - publishcfg.putString(IPublisherProcessor.PROP_ENABLE, - req.getParameter(Constants.PR_PUBLISHING_ENABLE)); + //set enable flag + publishcfg.putString(IPublisherProcessor.PROP_ENABLE, req.getParameter(Constants.PR_PUBLISHING_ENABLE)); String enable = req.getParameter(Constants.PR_ENABLE); ldapcfg.putString(IPublisherProcessor.PROP_ENABLE, enable); @@ -522,8 +518,8 @@ public class PublisherAdminServlet extends AdminServlet { // need to disable the ldap module here mProcessor.setLdapConnModule(null); } - - // set reset of the parameters + + //set reset of the parameters Enumeration e = req.getParameterNames(); String pwd = null; @@ -540,9 +536,9 @@ public class PublisherAdminServlet extends AdminServlet { continue; if (name.equals(Constants.PR_PUBLISHING_ENABLE)) continue; - // don't store password in the config file. - if (name.equals(Constants.PR_BIND_PASSWD)) - continue; // old style password read from config. + // don't store password in the config file. + if (name.equals(Constants.PR_BIND_PASSWD)) + continue; // old style password read from config. if (name.equals(Constants.PR_DIRECTORY_MANAGER_PWD)) { pwd = req.getParameter(name); continue; @@ -571,37 +567,40 @@ public class PublisherAdminServlet extends AdminServlet { /* Don't enter the publishing pw into the config store */ ldap.putString(name, req.getParameter(name)); } - + commit(true); - /* - * Do a "PUT" of the new pw to the watchdog"* do not remove - cfu if - * (pwd != null) CMS.putPasswordCache(PW_TAG_CA_LDAP_PUBLISHING, pwd); + /* Do a "PUT" of the new pw to the watchdog" + ** do not remove - cfu + if (pwd != null) + CMS.putPasswordCache(PW_TAG_CA_LDAP_PUBLISHING, pwd); */ // support publishing dirsrv with different pwd than internaldb // update passwordFile String prompt = ldap.getString(Constants.PR_BINDPWD_PROMPT); IPasswordStore pwdStore = CMS.getPasswordStore(); - CMS.debug("PublisherAdminServlet: setLDAPDest(): saving password for " - + prompt + " to password file"); + CMS.debug("PublisherAdminServlet: setLDAPDest(): saving password for "+ prompt + " to password file"); pwdStore.putPassword(prompt, pwd); pwdStore.commit(); CMS.debug("PublisherAdminServlet: setLDAPDest(): password saved"); - /* - * we'll shut down and restart the PublisherProcessor instead // what a - * hack to do this without require restart server // ILdapAuthInfo - * authInfo = CMS.getLdapAuthInfo(); ILdapConnModule connModule = - * mProcessor.getLdapConnModule(); ILdapAuthInfo authInfo = null; if - * (connModule != null) { authInfo = connModule.getLdapAuthInfo(); } - * - * // authInfo.addPassword(PW_TAG_CA_LDAP_PUBLISHING, pwd); if (authInfo - * != null) { CMS.debug( - * "PublisherAdminServlet: setLDAPDest(): adding password to memory cache" - * ); authInfo.addPassword(prompt, pwd); } else - * CMS.debug("PublisherAdminServlet: setLDAPDest(): authInfo null"); - */ +/* we'll shut down and restart the PublisherProcessor instead + // what a hack to do this without require restart server +// ILdapAuthInfo authInfo = CMS.getLdapAuthInfo(); + ILdapConnModule connModule = mProcessor.getLdapConnModule(); + ILdapAuthInfo authInfo = null; + if (connModule != null) { + authInfo = connModule.getLdapAuthInfo(); + } + +// authInfo.addPassword(PW_TAG_CA_LDAP_PUBLISHING, pwd); + if (authInfo != null) { + CMS.debug("PublisherAdminServlet: setLDAPDest(): adding password to memory cache"); + authInfo.addPassword(prompt, pwd); + } else + CMS.debug("PublisherAdminServlet: setLDAPDest(): authInfo null"); +*/ try { CMS.debug("PublisherAdminServlet: setLDAPDest(): restarting publishing processor"); @@ -611,32 +610,27 @@ public class PublisherAdminServlet extends AdminServlet { } catch (Exception ex) { // force to save the config even there is error // ignore any exception - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_FAIL_RES_LDAP", - ex.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_RES_LDAP", ex.toString())); } - // XXX See if we can dynamically in B2 + //XXX See if we can dynamically in B2 sendResponse(SUCCESS, null, null, resp); } - private void testSetLDAPDest(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private void testSetLDAPDest(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); CMS.debug("PublisherAdmineServlet: in testSetLDAPDest"); - // Save New Settings to the config file + //Save New Settings to the config file IConfigStore config = mAuth.getConfigStore(); - IConfigStore publishcfg = config - .getSubStore(IPublisherProcessor.PROP_PUBLISH_SUBSTORE); - IConfigStore ldapcfg = publishcfg - .getSubStore(IPublisherProcessor.PROP_LDAP_PUBLISH_SUBSTORE); + IConfigStore publishcfg = config.getSubStore(IPublisherProcessor.PROP_PUBLISH_SUBSTORE); + IConfigStore ldapcfg = publishcfg.getSubStore(IPublisherProcessor.PROP_LDAP_PUBLISH_SUBSTORE); IConfigStore ldap = ldapcfg.getSubStore(IPublisherProcessor.PROP_LDAP); - // set enable flag - publishcfg.putString(IPublisherProcessor.PROP_ENABLE, - req.getParameter(Constants.PR_PUBLISHING_ENABLE)); + //set enable flag + publishcfg.putString(IPublisherProcessor.PROP_ENABLE, + req.getParameter(Constants.PR_PUBLISHING_ENABLE)); String ldapPublish = req.getParameter(Constants.PR_ENABLE); ldapcfg.putString(IPublisherProcessor.PROP_ENABLE, ldapPublish); @@ -645,7 +639,7 @@ public class PublisherAdminServlet extends AdminServlet { mProcessor.setLdapConnModule(null); } - // set reset of the parameters + //set reset of the parameters Enumeration e = req.getParameterNames(); String pwd = null; @@ -662,9 +656,9 @@ public class PublisherAdminServlet extends AdminServlet { continue; if (name.equals(Constants.PR_PUBLISHING_ENABLE)) continue; - // don't store password in the config file. - if (name.equals(Constants.PR_BIND_PASSWD)) - continue; // old style password read from config. + // don't store password in the config file. + if (name.equals(Constants.PR_BIND_PASSWD)) + continue; // old style password read from config. if (name.equals(Constants.PR_DIRECTORY_MANAGER_PWD)) { pwd = req.getParameter(name); continue; @@ -693,112 +687,84 @@ public class PublisherAdminServlet extends AdminServlet { /* Don't enter the publishing pw into the config store */ ldap.putString(name, req.getParameter(name)); } - + // test before commit - if (publishcfg.getBoolean(IPublisherProcessor.PROP_ENABLE) - && ldapcfg.getBoolean(IPublisherProcessor.PROP_ENABLE)) { - params.add("title", "You've attempted to configure CMS to connect" - + " to a LDAP directory. The connection status is" - + " as follows:\n \n"); + if (publishcfg.getBoolean(IPublisherProcessor.PROP_ENABLE) && + ldapcfg.getBoolean(IPublisherProcessor.PROP_ENABLE)) { + params.add("title", + "You've attempted to configure CMS to connect" + + " to a LDAP directory. The connection status is" + + " as follows:\n \n"); LDAPConnection conn = null; - ILdapConnInfo connInfo = CMS.getLdapConnInfo(ldap - .getSubStore(ILdapBoundConnFactory.PROP_LDAPCONNINFO)); - // LdapAuthInfo authInfo = - // new LdapAuthInfo(ldap.getSubStore( - // ILdapBoundConnFactory.PROP_LDAPAUTHINFO)); - String host = connInfo.getHost(); + ILdapConnInfo connInfo = + CMS.getLdapConnInfo(ldap.getSubStore( + ILdapBoundConnFactory.PROP_LDAPCONNINFO)); + //LdapAuthInfo authInfo = + //new LdapAuthInfo(ldap.getSubStore( + // ILdapBoundConnFactory.PROP_LDAPAUTHINFO)); + String host = connInfo.getHost(); int port = connInfo.getPort(); boolean secure = connInfo.getSecure(); - // int authType = authInfo.getAuthType(); + //int authType = authInfo.getAuthType(); String authType = ldap.getSubStore( - ILdapBoundConnFactory.PROP_LDAPAUTHINFO).getString( - ILdapAuthInfo.PROP_LDAPAUTHTYPE); + ILdapBoundConnFactory.PROP_LDAPAUTHINFO).getString(ILdapAuthInfo.PROP_LDAPAUTHTYPE); int version = connInfo.getVersion(); String bindAs = null; String certNickName = null; if (authType.equals(ILdapAuthInfo.LDAP_SSLCLIENTAUTH_STR)) { try { - // certNickName = authInfo.getParms()[0]; + //certNickName = authInfo.getParms()[0]; certNickName = ldap.getSubStore( - ILdapBoundConnFactory.PROP_LDAPAUTHINFO).getString( - ILdapAuthInfo.PROP_CLIENTCERTNICKNAME); - conn = new LDAPConnection( - CMS.getLdapJssSSLSocketFactory(certNickName)); + ILdapBoundConnFactory.PROP_LDAPAUTHINFO).getString(ILdapAuthInfo.PROP_CLIENTCERTNICKNAME); + conn = new LDAPConnection(CMS.getLdapJssSSLSocketFactory( + certNickName)); CMS.debug("Publishing Test certNickName=" + certNickName); - params.add(Constants.PR_CONN_INITED, - "Create ssl LDAPConnection with certificate: " - + certNickName - + dashes(70 - 44 - certNickName.length()) - + " Success"); + params.add(Constants.PR_CONN_INITED, + "Create ssl LDAPConnection with certificate: " + + certNickName + dashes(70 - 44 - certNickName.length()) + " Success"); } catch (Exception ex) { - params.add(Constants.PR_CONN_INIT_FAIL, - "Create ssl LDAPConnection with certificate: " - + certNickName - + dashes(70 - 44 - certNickName.length()) - + " failure\n" + " exception: " + ex); - params.add( - Constants.PR_SAVE_NOT, - "\n \nIf the problem is not fixed then LDAP publishing will fail.\n" - + "Do you want to save the configuration anyway?"); + params.add(Constants.PR_CONN_INIT_FAIL, + "Create ssl LDAPConnection with certificate: " + + certNickName + dashes(70 - 44 - certNickName.length()) + " failure\n" + " exception: " + ex); + params.add(Constants.PR_SAVE_NOT, + "\n \nIf the problem is not fixed then LDAP publishing will fail.\n" + + "Do you want to save the configuration anyway?"); sendResponse(SUCCESS, null, params, resp); return; } try { conn.connect(host, port); - params.add( - Constants.PR_CONN_OK, - "Connect to directory server " - + host - + " at port " - + port - + dashes(70 - - 37 - - host.length() - - (Integer.valueOf(port)) - .toString().length()) - + " Success"); - params.add(Constants.PR_AUTH_OK, - "Authentication: SSL client authentication" - + dashes(70 - 41) + " Success" - + "\nBind to the directory as: " - + certNickName - + dashes(70 - 26 - certNickName.length()) - + " Success"); + params.add(Constants.PR_CONN_OK, + "Connect to directory server " + + host + " at port " + port + + dashes(70 - 37 - host.length() - (Integer.valueOf(port)).toString().length()) + " Success"); + params.add(Constants.PR_AUTH_OK, + "Authentication: SSL client authentication" + + dashes(70 - 41) + " Success" + + "\nBind to the directory as: " + certNickName + + dashes(70 - 26 - certNickName.length()) + " Success"); } catch (LDAPException ex) { if (ex.getLDAPResultCode() == LDAPException.UNAVAILABLE) { // need to intercept this because message from LDAP is // "DSA is unavailable" which confuses with DSA PKI. - params.add(Constants.PR_CONN_FAIL, - "Connect to directory server " - + host - + " at port " - + port - + dashes(70 - - 37 - - host.length() - - (Integer.valueOf(port)) - .toString().length()) - + " Failure\n" - + " error: server unavailable"); + params.add(Constants.PR_CONN_FAIL, + "Connect to directory server " + + host + " at port " + port + + dashes(70 - 37 - host.length() - (Integer.valueOf(port)).toString().length()) + + " Failure\n" + + " error: server unavailable"); } else { - params.add(Constants.PR_CONN_FAIL, - "Connect to directory server " - + host - + " at port " - + port - + dashes(70 - - 37 - - host.length() - - (Integer.valueOf(port)) - .toString().length()) - + " Failure"); + params.add(Constants.PR_CONN_FAIL, + "Connect to directory server " + + host + " at port " + port + + dashes(70 - 37 - host.length() - (Integer.valueOf(port)).toString().length()) + + " Failure"); } - params.add( - Constants.PR_SAVE_NOT, - "\n \nIf the problem is not fixed then " - + "LDAP publishing will fail.\n" - + "Do you want to save the configuration anyway?"); + params.add(Constants.PR_SAVE_NOT, + "\n \nIf the problem is not fixed then " + + "LDAP publishing will fail.\n" + + "Do you want to save the configuration anyway?"); sendResponse(SUCCESS, null, params, resp); return; } @@ -806,133 +772,100 @@ public class PublisherAdminServlet extends AdminServlet { try { if (secure) { conn = new LDAPConnection( - CMS.getLdapJssSSLSocketFactory()); - params.add(Constants.PR_CONN_INITED, - "Create ssl LDAPConnection" + dashes(70 - 25) - + " Success"); + CMS.getLdapJssSSLSocketFactory()); + params.add(Constants.PR_CONN_INITED, + "Create ssl LDAPConnection" + + dashes(70 - 25) + " Success"); } else { conn = new LDAPConnection(); - params.add(Constants.PR_CONN_INITED, - "Create LDAPConnection" + dashes(70 - 21) - + " Success"); + params.add(Constants.PR_CONN_INITED, + "Create LDAPConnection" + + dashes(70 - 21) + " Success"); } } catch (Exception ex) { - params.add(Constants.PR_CONN_INIT_FAIL, - "Create LDAPConnection" + dashes(70 - 21) - + " Failure\n" + "exception: " + ex); - params.add( - Constants.PR_SAVE_NOT, - "\n \nIf the problem is not fixed then " - + "LDAP publishing will fail.\n" - + "Do you want to save the configuration anyway?"); + params.add(Constants.PR_CONN_INIT_FAIL, + "Create LDAPConnection" + + dashes(70 - 21) + " Failure\n" + + "exception: " + ex); + params.add(Constants.PR_SAVE_NOT, + "\n \nIf the problem is not fixed then " + + "LDAP publishing will fail.\n" + + "Do you want to save the configuration anyway?"); sendResponse(SUCCESS, null, params, resp); return; } try { conn.connect(host, port); - params.add( - Constants.PR_CONN_OK, - "Connect to directory server " - + host - + " at port " - + port - + dashes(70 - - 37 - - host.length() - - (Integer.valueOf(port)) - .toString().length()) - + " Success"); + params.add(Constants.PR_CONN_OK, + "Connect to directory server " + + host + " at port " + port + + dashes(70 - 37 - host.length() - (Integer.valueOf(port)).toString().length()) + " Success"); } catch (LDAPException ex) { if (ex.getLDAPResultCode() == LDAPException.UNAVAILABLE) { // need to intercept this because message from LDAP is // "DSA is unavailable" which confuses with DSA PKI. - params.add(Constants.PR_CONN_FAIL, - "Connect to directory server " - + host - + " at port " - + port - + dashes(70 - - 37 - - host.length() - - (Integer.valueOf(port)) - .toString().length()) - + " Failure" - + "\nerror: server unavailable"); + params.add(Constants.PR_CONN_FAIL, + "Connect to directory server " + + host + " at port " + port + + dashes(70 - 37 - host.length() - (Integer.valueOf(port)).toString().length()) + " Failure" + + "\nerror: server unavailable"); } else { - params.add(Constants.PR_CONN_FAIL, - "Connect to directory server " - + host - + " at port " - + port - + dashes(70 - - 37 - - host.length() - - (Integer.valueOf(port)) - .toString().length()) - + " Failure" + "\nexception: " + ex); + params.add(Constants.PR_CONN_FAIL, + "Connect to directory server " + + host + " at port " + port + + dashes(70 - 37 - host.length() - (Integer.valueOf(port)).toString().length()) + " Failure" + + "\nexception: " + ex); } - params.add( - Constants.PR_SAVE_NOT, - "\n \nIf the problem is not fixed then " - + "LDAP publishing will fail.\n" - + "Do you want to save the configuration anyway?"); + params.add(Constants.PR_SAVE_NOT, + "\n \nIf the problem is not fixed then " + + "LDAP publishing will fail.\n" + + "Do you want to save the configuration anyway?"); sendResponse(SUCCESS, null, params, resp); return; } try { - // bindAs = authInfo.getParms()[0]; + //bindAs = authInfo.getParms()[0]; bindAs = ldap.getSubStore( - ILdapBoundConnFactory.PROP_LDAPAUTHINFO).getString( - ILdapAuthInfo.PROP_BINDDN); + ILdapBoundConnFactory.PROP_LDAPAUTHINFO).getString(ILdapAuthInfo.PROP_BINDDN); conn.authenticate(version, bindAs, pwd); - params.add(Constants.PR_AUTH_OK, - "Authentication: Basic authentication" - + dashes(70 - 36) + " Success" - + "\nBind to the directory as: " + bindAs - + dashes(70 - 26 - bindAs.length()) - + " Success"); + params.add(Constants.PR_AUTH_OK, + "Authentication: Basic authentication" + + dashes(70 - 36) + " Success" + + "\nBind to the directory as: " + bindAs + + dashes(70 - 26 - bindAs.length()) + " Success"); } catch (LDAPException ex) { - if (ex.getLDAPResultCode() == LDAPException.NO_SUCH_OBJECT) { - params.add( - Constants.PR_AUTH_FAIL, - "Authentication: Basic authentication" - + dashes(70 - 36) - + "Failure" - + "\nBind to the directory as: " - + bindAs - + dashes(70 - 26 - bindAs.length()) - + "Failure" - + "\nThe object doesn't exist. " - + "Please correct the value assigned in the" - + " \"Directory manager DN\" field."); - } else if (ex.getLDAPResultCode() == LDAPException.INVALID_CREDENTIALS) { - params.add( - Constants.PR_AUTH_FAIL, - "Authentication: Basic authentication" - + dashes(70 - 36) - + " Failure" - + "\nBind to the directory as: " - + bindAs - + dashes(70 - 26 - bindAs.length()) - + " Failure" - + "\nInvalid password. " - + "Please correct the value assigned in the" - + " \"Password\" field."); + if (ex.getLDAPResultCode() == + LDAPException.NO_SUCH_OBJECT) { + params.add(Constants.PR_AUTH_FAIL, + "Authentication: Basic authentication" + + dashes(70 - 36) + "Failure" + + "\nBind to the directory as: " + bindAs + + dashes(70 - 26 - bindAs.length()) + + "Failure" + "\nThe object doesn't exist. " + + "Please correct the value assigned in the" + + " \"Directory manager DN\" field."); + } else if (ex.getLDAPResultCode() == + LDAPException.INVALID_CREDENTIALS) { + params.add(Constants.PR_AUTH_FAIL, + "Authentication: Basic authentication" + + dashes(70 - 36) + " Failure" + + "\nBind to the directory as: " + bindAs + + dashes(70 - 26 - bindAs.length()) + + " Failure" + "\nInvalid password. " + + "Please correct the value assigned in the" + + " \"Password\" field."); } else { - params.add( - Constants.PR_AUTH_FAIL, - "Authentication: Basic authentication" - + dashes(70 - 36) + " Failure" - + "\nBind to the directory as: " - + bindAs - + dashes(70 - 26 - bindAs.length()) - + " Failure"); + params.add(Constants.PR_AUTH_FAIL, + "Authentication: Basic authentication" + + dashes(70 - 36) + " Failure" + + "\nBind to the directory as: " + bindAs + + dashes(70 - 26 - bindAs.length()) + + " Failure"); } - params.add( - Constants.PR_SAVE_NOT, - "\n \nIf the problem is not fixed then " - + "LDAP publishing will fail.\n" - + "Do you want to save the configuration anyway?"); + params.add(Constants.PR_SAVE_NOT, + "\n \nIf the problem is not fixed then " + + "LDAP publishing will fail.\n" + + "Do you want to save the configuration anyway?"); sendResponse(SUCCESS, null, params, resp); return; } @@ -940,83 +873,82 @@ public class PublisherAdminServlet extends AdminServlet { } - // commit(true); - if (ldapcfg.getBoolean(IPublisherProcessor.PROP_ENABLE) && pwd != null) { + //commit(true); + if (ldapcfg.getBoolean(IPublisherProcessor.PROP_ENABLE) && + pwd != null) { - /* - * Do a "PUT" of the new pw to the watchdog"* do not remove - cfu - * CMS.putPasswordCache(PW_TAG_CA_LDAP_PUBLISHING, pwd); + /* Do a "PUT" of the new pw to the watchdog" + ** do not remove - cfu + CMS.putPasswordCache(PW_TAG_CA_LDAP_PUBLISHING, pwd); */ // support publishing dirsrv with different pwd than internaldb // update passwordFile String prompt = ldap.getString(Constants.PR_BINDPWD_PROMPT); IPasswordStore pwdStore = CMS.getPasswordStore(); - CMS.debug("PublisherAdminServlet: testSetLDAPDest(): saving password for " - + prompt + " to password file"); + CMS.debug("PublisherAdminServlet: testSetLDAPDest(): saving password for "+ + prompt + " to password file"); pwdStore.putPassword(prompt, pwd); pwdStore.commit(); CMS.debug("PublisherAdminServlet: testSetLDAPDest(): password saved"); - /* - * we'll shut down and restart the PublisherProcessor instead // - * what a hack to do this without require restart server // - * ILdapAuthInfo authInfo = CMS.getLdapAuthInfo(); ILdapConnModule - * connModule = mProcessor.getLdapConnModule(); ILdapAuthInfo - * authInfo = null; if (connModule != null) { authInfo = - * connModule.getLdapAuthInfo(); } else - * CMS.debug("PublisherAdminServlet: testSetLDAPDest(): connModule null" - * ); - * - * // authInfo.addPassword(PW_TAG_CA_LDAP_PUBLISHING, pwd); if - * (authInfo != null) { CMS.debug( - * "PublisherAdminServlet: testSetLDAPDest(): adding password to memory cache" - * ); authInfo.addPassword(prompt, pwd); } else - * CMS.debug("PublisherAdminServlet: testSetLDAPDest(): authInfo null" - * ); - */ +/* we'll shut down and restart the PublisherProcessor instead + // what a hack to do this without require restart server +// ILdapAuthInfo authInfo = CMS.getLdapAuthInfo(); + ILdapConnModule connModule = mProcessor.getLdapConnModule(); + ILdapAuthInfo authInfo = null; + if (connModule != null) { + authInfo = connModule.getLdapAuthInfo(); + } else + CMS.debug("PublisherAdminServlet: testSetLDAPDest(): connModule null"); + +// authInfo.addPassword(PW_TAG_CA_LDAP_PUBLISHING, pwd); + if (authInfo != null) { + CMS.debug("PublisherAdminServlet: testSetLDAPDest(): adding password to memory cache"); + authInfo.addPassword(prompt, pwd); + } else + CMS.debug("PublisherAdminServlet: testSetLDAPDest(): authInfo null"); +*/ } - // params.add(Constants.PR_SAVE_OK, - // "\n \nConfiguration changes are now committed."); + //params.add(Constants.PR_SAVE_OK, + // "\n \nConfiguration changes are now committed."); mProcessor.shutdown(); if (publishcfg.getBoolean(IPublisherProcessor.PROP_ENABLE)) { mProcessor.startup(); - // params.add("restarted", "Publishing is restarted."); + //params.add("restarted", "Publishing is restarted."); if (ldapcfg.getBoolean(IPublisherProcessor.PROP_ENABLE)) { - ICertAuthority authority = (ICertAuthority) mProcessor - .getAuthority(); + ICertAuthority authority = (ICertAuthority) mProcessor.getAuthority(); - if (!(authority instanceof ICertificateAuthority)) + if (!(authority instanceof ICertificateAuthority)) return; ICertificateAuthority ca = (ICertificateAuthority) authority; // publish ca cert try { mProcessor.publishCACert(ca.getCACert()); - CMS.debug("PublisherAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_PUB_CA_CERT")); - params.add("publishCA", "CA certificate is published."); + CMS.debug("PublisherAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_PUB_CA_CERT")); + params.add("publishCA", + "CA certificate is published."); } catch (Exception ex) { // exception not thrown - not seen as a fatal error. - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NO_PUB_CA_CERT", - ex.toString())); - params.add("publishCA", "Failed to publish CA certificate."); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_NO_PUB_CA_CERT", ex.toString())); + params.add("publishCA", + "Failed to publish CA certificate."); int index = ex.toString().indexOf("Failed to create CA"); if (index > -1) { - params.add("createError", ex.toString() - .substring(index)); + params.add("createError", + ex.toString().substring(index)); } mProcessor.shutdown(); // Do you want to enable LDAP publishing anyway - params.add( - Constants.PR_SAVE_NOT, - "\n \nIf the problem is not fixed then " - + "the CA certificate won't be published.\n" - + "Do you want to enable LDAP publishing anyway?"); + params.add(Constants.PR_SAVE_NOT, + "\n \nIf the problem is not fixed then " + + "the CA certificate won't be published.\n" + + "Do you want to enable LDAP publishing anyway?"); sendResponse(SUCCESS, null, params, resp); return; @@ -1026,65 +958,65 @@ public class PublisherAdminServlet extends AdminServlet { CMS.debug("PublisherAdminServlet: about to update CRL"); ca.publishCRLNow(); CMS.debug(CMS.getLogMessage("ADMIN_SRVLT_PUB_CRL")); - params.add("publishCRL", "CRL is published."); + params.add("publishCRL", + "CRL is published."); } catch (Exception ex) { // exception not thrown - not seen as a fatal error. - log(ILogger.LL_FAILURE, - "Could not publish crl " + ex.toString()); - params.add("publishCRL", "Failed to publish CRL."); + log(ILogger.LL_FAILURE, + "Could not publish crl " + ex.toString()); + params.add("publishCRL", + "Failed to publish CRL."); mProcessor.shutdown(); // Do you want to enable LDAP publishing anyway - params.add( - Constants.PR_SAVE_NOT, - "\n \nIf the problem is not fixed then " - + "the CRL won't be published.\n" - + "Do you want to enable LDAP publishing anyway?"); + params.add(Constants.PR_SAVE_NOT, + "\n \nIf the problem is not fixed then " + + "the CRL won't be published.\n" + + "Do you want to enable LDAP publishing anyway?"); sendResponse(SUCCESS, null, params, resp); return; } } commit(true); - params.add(Constants.PR_SAVE_OK, - "\n \nConfiguration changes are now committed."); + params.add(Constants.PR_SAVE_OK, + "\n \nConfiguration changes are now committed."); params.add("restarted", "Publishing is restarted."); } else { commit(true); - params.add(Constants.PR_SAVE_OK, - "\n \nConfiguration changes are now committed."); - params.add("stopped", "Publishing is stopped."); + params.add(Constants.PR_SAVE_OK, + "\n \nConfiguration changes are now committed."); + params.add("stopped", + "Publishing is stopped."); } - // XXX See if we can dynamically in B2 + //XXX See if we can dynamically in B2 sendResponse(SUCCESS, null, params, resp); } - private synchronized void addMapperPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addMapperPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // is the manager id unique? if (mProcessor.getMapperPlugins().containsKey((Object) id)) { - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_PLUGIN_ID", id)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req),"CMS_LDAP_SRVLT_ILL_PLUGIN_ID", id)).toString(), + null, resp); return; } String classPath = req.getParameter(Constants.PR_MAPPER_CLASS); if (classPath == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_NULL_CLASS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req),"CMS_LDAP_SRVLT_NULL_CLASS"), null, resp); return; } @@ -1099,25 +1031,21 @@ public class PublisherAdminServlet extends AdminServlet { try { newImpl = Class.forName(classPath); } catch (ClassNotFoundException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); return; } catch (IllegalArgumentException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); return; } // is the class an ILdapMapper? try { if (ILdapMapper.class.isAssignableFrom(newImpl) == false) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); return; } } catch (NullPointerException e) { // unlikely, only if newImpl null. - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); return; } @@ -1129,9 +1057,10 @@ public class PublisherAdminServlet extends AdminServlet { try { mConfig.commit(true); } catch (EBaseException e) { - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -1139,8 +1068,8 @@ public class PublisherAdminServlet extends AdminServlet { MapperPlugin plugin = new MapperPlugin(id, classPath); mProcessor.getMapperPlugins().put(id, plugin); - mProcessor.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_MAPPER_ADDED", "")); + mProcessor.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_MAPPER_ADDED", "")); NameValuePairs params = new NameValuePairs(); @@ -1158,54 +1087,54 @@ public class PublisherAdminServlet extends AdminServlet { return true; } - private synchronized void addMapperInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addMapperInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } if (!isValidID(id)) { - sendResponse(ERROR, "Invalid ID '" + id + "'", null, resp); + sendResponse(ERROR, "Invalid ID '" + id + "'", + null, resp); return; } if (mProcessor.getMapperInsts().containsKey((Object) id)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_INST_ID", id), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_INST_ID", id), + null, resp); return; } // get required parameters - String implname = req.getParameter(Constants.PR_MAPPER_IMPL_NAME); + String implname = req.getParameter( + Constants.PR_MAPPER_IMPL_NAME); if (implname == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); return; } // check if implementation exists. - MapperPlugin plugin = (MapperPlugin) mProcessor.getMapperPlugins().get( + MapperPlugin plugin = + (MapperPlugin) mProcessor.getMapperPlugins().get( implname); if (plugin == null) { - sendResponse( - ERROR, - new EMapperPluginNotFound(CMS.getUserMessage( - getLocale(req), "CMS_LDAP_MAPPER_PLUGIN_NOT_FOUND", - implname)).toString(), null, resp); + sendResponse(ERROR, + new EMapperPluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_MAPPER_PLUGIN_NOT_FOUND", implname)).toString(), + null, resp); return; } Vector configParams = mProcessor.getMapperDefaultParams(implname); - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() - + ".publish.mapper"); + IConfigStore destStore = mConfig.getSubStore(mAuth.getId() + ".publish.mapper"); IConfigStore instancesConfig = destStore.getSubStore("instance"); IConfigStore substore = instancesConfig.makeSubStore(id); @@ -1216,10 +1145,11 @@ public class PublisherAdminServlet extends AdminServlet { String val = req.getParameter(kv.substring(0, index)); if (val == null) { - substore.put(kv.substring(0, index), - kv.substring(index + 1)); + substore.put(kv.substring(0, index), + kv.substring(index + 1)); } else { - substore.put(kv.substring(0, index), val); + substore.put(kv.substring(0, index), + val); } } } @@ -1234,27 +1164,21 @@ public class PublisherAdminServlet extends AdminServlet { } catch (ClassNotFoundException e) { // cleanup instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (InstantiationException e) { instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } @@ -1278,44 +1202,47 @@ public class PublisherAdminServlet extends AdminServlet { } catch (EBaseException e) { // clean up. instancesConfig.removeSubStore(id); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // inited and commited ok. now add mapper instance to list. mProcessor.getMapperInsts().put(id, new MapperProxy(true, mapperInst)); - mProcessor.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_MAPPER_INST_ADDED", id)); + mProcessor.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_MAPPER_INST_ADDED", id)); NameValuePairs params = new NameValuePairs(); params.add(Constants.PR_MAPPER_IMPL_NAME, implname); sendResponse(SUCCESS, null, params, resp); return; - } + } - private synchronized void listMapperPlugins(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listMapperPlugins(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = mProcessor.getMapperPlugins().keys(); while (e.hasMoreElements()) { String name = (String) e.nextElement(); - MapperPlugin value = (MapperPlugin) mProcessor.getMapperPlugins() - .get(name); + MapperPlugin value = (MapperPlugin) + mProcessor.getMapperPlugins().get(name); // get Description - String c = value.getClassPath(); + String c = value.getClassPath(); String desc = "unknown"; try { - ILdapMapper lp = (ILdapMapper) Class.forName(c).newInstance(); + ILdapMapper lp = (ILdapMapper) + Class.forName(c).newInstance(); desc = lp.getDescription(); } catch (Exception exp) { - sendResponse(ERROR, exp.toString(), null, resp); + sendResponse(ERROR, exp.toString(), null, + resp); return; } params.add(name, value.getClassPath() + "," + desc); @@ -1334,9 +1261,9 @@ public class PublisherAdminServlet extends AdminServlet { } } - private synchronized void listMapperInsts(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listMapperInsts(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = mProcessor.getMapperInsts().keys(); @@ -1351,39 +1278,40 @@ public class PublisherAdminServlet extends AdminServlet { return; } - private synchronized void delMapperInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void delMapperInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does a`mapper instance exist? if (mProcessor.getMapperInsts().containsKey(id) == false) { - sendResponse( - ERROR, - new EMapperNotFound(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_MAPPER_NOT_FOUND", id)).toString(), null, - resp); + sendResponse(ERROR, + new EMapperNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_MAPPER_NOT_FOUND", id)).toString(), + null, resp); return; } // only remove from memory // cannot shutdown because we don't keep track of whether it's - // being used. - ILdapMapper mapperInst = (ILdapMapper) mProcessor.getMapperInstance(id); + // being used. + ILdapMapper mapperInst = (ILdapMapper) + mProcessor.getMapperInstance(id); mProcessor.getMapperInsts().remove((Object) id); // remove the configuration. - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() - + ".publish.mapper"); + IConfigStore destStore = + mConfig.getSubStore( + mAuth.getId() + ".publish.mapper"); IConfigStore instancesConfig = destStore.getSubStore("instance"); instancesConfig.removeSubStore(id); @@ -1391,82 +1319,85 @@ public class PublisherAdminServlet extends AdminServlet { try { mConfig.commit(true); } catch (EBaseException e) { - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } sendResponse(SUCCESS, null, params, resp); return; - } + } - private synchronized void delMapperPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void delMapperPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } if (mProcessor.getMapperPlugins().containsKey(id) == false) { - sendResponse( - ERROR, - new EMapperPluginNotFound(CMS.getUserMessage( - getLocale(req), "CMS_LDAP_MAPPER_PLUGIN_NOT_FOUND", - id)).toString(), null, resp); + sendResponse(ERROR, + new EMapperPluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_MAPPER_PLUGIN_NOT_FOUND", id)).toString(), + null, resp); return; } // first check if any instances from this mapper // DON'T remove mapper if any instance - for (Enumeration e = mProcessor.getMapperInsts().keys(); e - .hasMoreElements();) { + for (Enumeration e = mProcessor.getMapperInsts().keys(); + e.hasMoreElements();) { String name = (String) e.nextElement(); ILdapMapper mapper = mProcessor.getMapperInstance(name); if (id.equals(getMapperPluginName(mapper))) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_IN_USE"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_IN_USE"), null, resp); return; } } - + // then delete this mapper mProcessor.getMapperPlugins().remove((Object) id); - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() - + ".publish.mapper"); - IConfigStore instancesConfig = destStore.getSubStore("impl"); + IConfigStore destStore = + mConfig.getSubStore( + mAuth.getId() + ".publish.mapper"); + IConfigStore instancesConfig = + destStore.getSubStore("impl"); instancesConfig.removeSubStore(id); // commiting try { mConfig.commit(true); } catch (EBaseException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } sendResponse(SUCCESS, null, params, resp); return; - } + } - private synchronized void getMapperConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getMapperConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String implname = req.getParameter(Constants.RS_ID); if (implname == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1480,48 +1411,50 @@ public class PublisherAdminServlet extends AdminServlet { String kv = (String) configParams.elementAt(i); int index = kv.indexOf('='); - params.add(kv.substring(0, index), kv.substring(index + 1)); + params.add(kv.substring(0, index), + kv.substring(index + 1)); } } sendResponse(0, null, params, resp); return; } - private synchronized void getMapperInstConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getMapperInstConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does mapper instance exist? if (mProcessor.getMapperInsts().containsKey(id) == false) { - sendResponse( - ERROR, - new EMapperNotFound(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_MAPPER_NOT_FOUND", id)).toString(), null, - resp); + sendResponse(ERROR, + new EMapperNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_MAPPER_NOT_FOUND", id)).toString(), + null, resp); return; } - ILdapMapper mapperInst = (ILdapMapper) mProcessor.getMapperInstance(id); + ILdapMapper mapperInst = (ILdapMapper) + mProcessor.getMapperInstance(id); Vector configParams = mapperInst.getInstanceParams(); NameValuePairs params = new NameValuePairs(); - params.add(Constants.PR_MAPPER_IMPL_NAME, - getMapperPluginName(mapperInst)); + params.add(Constants.PR_MAPPER_IMPL_NAME, + getMapperPluginName(mapperInst)); // implName is always required so always send it. if (configParams != null) { for (int i = 0; i < configParams.size(); i++) { String kv = (String) configParams.elementAt(i); int index = kv.indexOf('='); - params.add(kv.substring(0, index), kv.substring(index + 1)); + params.add(kv.substring(0, index), + kv.substring(index + 1)); } } @@ -1529,23 +1462,24 @@ public class PublisherAdminServlet extends AdminServlet { return; } - private synchronized void modMapperInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void modMapperInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // Does the manager instance exist? if (!mProcessor.getMapperInsts().containsKey((Object) id)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_INST_ID", id), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_INST_ID", id), + null, resp); return; } @@ -1553,26 +1487,24 @@ public class PublisherAdminServlet extends AdminServlet { String implname = req.getParameter(Constants.PR_MAPPER_IMPL_NAME); if (implname == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); return; } // get plugin for implementation - MapperPlugin plugin = (MapperPlugin) mProcessor.getMapperPlugins().get( - implname); + MapperPlugin plugin = + (MapperPlugin) mProcessor.getMapperPlugins().get(implname); if (plugin == null) { - sendResponse( - ERROR, - new EMapperPluginNotFound(CMS.getUserMessage( - getLocale(req), "CMS_LDAP_MAPPER_PLUGIN_NOT_FOUND", - implname)).toString(), null, resp); + sendResponse(ERROR, + new EMapperPluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_MAPPER_PLUGIN_NOT_FOUND", implname)).toString(), + null, resp); return; } // save old instance substore params in case new one fails. - ILdapMapper oldinst = (ILdapMapper) mProcessor.getMapperInstance(id); + ILdapMapper oldinst = + (ILdapMapper) mProcessor.getMapperInstance(id); Vector oldConfigParms = oldinst.getInstanceParams(); NameValuePairs saveParams = new NameValuePairs(); @@ -1583,7 +1515,8 @@ public class PublisherAdminServlet extends AdminServlet { String kv = (String) oldConfigParms.elementAt(i); int index = kv.indexOf('='); - saveParams.add(kv.substring(0, index), kv.substring(index + 1)); + saveParams.add(kv.substring(0, index), + kv.substring(index + 1)); } } @@ -1591,8 +1524,9 @@ public class PublisherAdminServlet extends AdminServlet { // remove old substore. - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() - + ".publish.mapper"); + IConfigStore destStore = + mConfig.getSubStore(mAuth.getId() + + ".publish.mapper"); IConfigStore instancesConfig = destStore.getSubStore("instance"); // create new substore. @@ -1623,31 +1557,26 @@ public class PublisherAdminServlet extends AdminServlet { ILdapMapper newMgrInst = null; try { - newMgrInst = (ILdapMapper) Class.forName(className).newInstance(); + newMgrInst = (ILdapMapper) + Class.forName(className).newInstance(); } catch (ClassNotFoundException e) { // cleanup restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (InstantiationException e) { restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } // initialize the mapper @@ -1657,23 +1586,26 @@ public class PublisherAdminServlet extends AdminServlet { } catch (EBaseException e) { // don't commit in this case and cleanup the new substore. restore(instancesConfig, id, saveParams); - sendResponse(ERROR, e.toString(getLocale(req)), null, resp); + sendResponse(ERROR, e.toString(getLocale(req)), null, + resp); return; } catch (Throwable e) { restore(instancesConfig, id, saveParams); - sendResponse(ERROR, e.toString(), null, resp); + sendResponse(ERROR, e.toString(), null, + resp); return; } - // initialized ok. commiting + // initialized ok. commiting try { mConfig.commit(true); } catch (EBaseException e) { // clean up. restore(instancesConfig, id, saveParams); - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -1682,46 +1614,45 @@ public class PublisherAdminServlet extends AdminServlet { mProcessor.getMapperInsts().put(id, new MapperProxy(true, newMgrInst)); mProcessor.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_MAPPER_REPLACED", id)); + CMS.getLogMessage("ADMIN_SRVLT_MAPPER_REPLACED", id)); NameValuePairs params = new NameValuePairs(); sendResponse(SUCCESS, null, params, resp); return; } - private synchronized void addRulePlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addRulePlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // is the rule id unique? if (mProcessor.getRulePlugins().containsKey((Object) id)) { - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage( - "CMS_LDAP_SRVLT_ILL_PLUGIN_ID", id)) - .toString(getLocale(req)), null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage("CMS_LDAP_SRVLT_ILL_PLUGIN_ID", id)).toString(getLocale(req)), + null, resp); return; } String classPath = req.getParameter(Constants.PR_RULE_CLASS); if (classPath == null) { - sendResponse(ERROR, - CMS.getUserMessage("CMS_LDAP_SRVLT_NULL_CLASS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage("CMS_LDAP_SRVLT_NULL_CLASS"), null, resp); return; } IConfigStore destStore = null; - destStore = mConfig.getSubStore(mAuth.getId() + ".publish.rule"); + destStore = mConfig.getSubStore( + mAuth.getId() + ".publish.rule"); IConfigStore instancesConfig = destStore.getSubStore("impl"); // Does the class exist? @@ -1730,25 +1661,21 @@ public class PublisherAdminServlet extends AdminServlet { try { newImpl = Class.forName(classPath); } catch (ClassNotFoundException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); return; } catch (IllegalArgumentException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); return; } // is the class an ILdapRule? try { if (ILdapRule.class.isAssignableFrom(newImpl) == false) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); return; } } catch (NullPointerException e) { // unlikely, only if newImpl null. - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); return; } @@ -1760,9 +1687,10 @@ public class PublisherAdminServlet extends AdminServlet { try { mConfig.commit(true); } catch (EBaseException e) { - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -1770,8 +1698,8 @@ public class PublisherAdminServlet extends AdminServlet { RulePlugin plugin = new RulePlugin(id, classPath); mProcessor.getRulePlugins().put(id, plugin); - mProcessor.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_RULE_PLUG_ADDED", id)); + mProcessor.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_RULE_PLUG_ADDED", id)); NameValuePairs params = new NameValuePairs(); @@ -1779,55 +1707,57 @@ public class PublisherAdminServlet extends AdminServlet { return; } - private synchronized void addRuleInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addRuleInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } if (!isValidID(id)) { - sendResponse(ERROR, "Invalid ID '" + id + "'", null, resp); + sendResponse(ERROR, "Invalid ID '" + id + "'", + null, resp); return; } if (mProcessor.getRuleInsts().containsKey((Object) id)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_INST_ID", id), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_INST_ID", id), + null, resp); return; } // get required parameters - String implname = req.getParameter(Constants.PR_RULE_IMPL_NAME); + String implname = req.getParameter( + Constants.PR_RULE_IMPL_NAME); if (implname == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); return; } // check if implementation exists. - RulePlugin plugin = (RulePlugin) mProcessor.getRulePlugins().get( + RulePlugin plugin = + (RulePlugin) mProcessor.getRulePlugins().get( implname); if (plugin == null) { - sendResponse( - ERROR, - new EPublisherPluginNotFound(CMS.getUserMessage( - getLocale(req), - "CMS_LDAP_PUBLISHER_PLUGIN_NOT_FOUND", implname)) - .toString(), null, resp); + sendResponse(ERROR, + new EPublisherPluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_PUBLISHER_PLUGIN_NOT_FOUND", implname)).toString(), + null, resp); return; } Vector configParams = mProcessor.getRuleDefaultParams(implname); - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() + IConfigStore destStore = + mConfig.getSubStore(mAuth.getId() + ".publish.rule"); - IConfigStore instancesConfig = destStore.getSubStore("instance"); + IConfigStore instancesConfig = + destStore.getSubStore("instance"); IConfigStore substore = instancesConfig.makeSubStore(id); if (configParams != null) { @@ -1837,12 +1767,13 @@ public class PublisherAdminServlet extends AdminServlet { String val = req.getParameter(kv.substring(0, index)); if (val == null) { - substore.put(kv.substring(0, index), - kv.substring(index + 1)); + substore.put(kv.substring(0, index), + kv.substring(index + 1)); } else { if (val.equals(NOMAPPER)) val = ""; - substore.put(kv.substring(0, index), val); + substore.put(kv.substring(0, index), + val); } } } @@ -1857,27 +1788,21 @@ public class PublisherAdminServlet extends AdminServlet { } catch (ClassNotFoundException e) { // cleanup instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (InstantiationException e) { instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } @@ -1902,39 +1827,41 @@ public class PublisherAdminServlet extends AdminServlet { } catch (EBaseException e) { // clean up. instancesConfig.removeSubStore(id); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // inited and commited ok. now add manager instance to list. mProcessor.getRuleInsts().put(id, ruleInst); - mProcessor.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_RULE_INST_ADDED", id)); + mProcessor.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_RULE_INST_ADDED", id)); NameValuePairs params = new NameValuePairs(); params.add(Constants.PR_RULE_IMPL_NAME, implname); sendResponse(SUCCESS, null, params, resp); return; - } + } - private synchronized void listRulePlugins(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listRulePlugins(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = mProcessor.getRulePlugins().keys(); while (e.hasMoreElements()) { String name = (String) e.nextElement(); - RulePlugin value = (RulePlugin) mProcessor.getRulePlugins().get( - name); + RulePlugin value = (RulePlugin) + mProcessor.getRulePlugins().get(name); // get Description - String c = value.getClassPath(); + String c = value.getClassPath(); String desc = "unknown"; try { - ILdapRule lp = (ILdapRule) Class.forName(c).newInstance(); + ILdapRule lp = (ILdapRule) + Class.forName(c).newInstance(); desc = lp.getDescription(); } catch (Exception exp) { @@ -1945,17 +1872,17 @@ public class PublisherAdminServlet extends AdminServlet { return; } - private synchronized void listRuleInsts(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listRuleInsts(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String insts = null; Enumeration e = mProcessor.getRuleInsts().keys(); for (; e.hasMoreElements();) { String name = (String) e.nextElement(); - ILdapRule value = (ILdapRule) mProcessor.getRuleInsts().get( - (Object) name); + ILdapRule value = (ILdapRule) + mProcessor.getRuleInsts().get((Object) name); String enabled = value.enabled() ? "enabled" : "disabled"; params.add(name, value.getInstanceName() + ";visible;" + enabled); @@ -1974,46 +1901,47 @@ public class PublisherAdminServlet extends AdminServlet { } } - private synchronized void delRulePlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void delRulePlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does rule exist? if (mProcessor.getRulePlugins().containsKey(id) == false) { - sendResponse( - ERROR, - new ERulePluginNotFound(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_RULE_PLUGIN_NOT_FOUND", id)).toString(), - null, resp); + sendResponse(ERROR, + new ERulePluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_RULE_PLUGIN_NOT_FOUND", id)).toString(), + null, resp); return; } // first check if any instances from this rule // DON'T remove rule if any instance - for (Enumeration e = mProcessor.getRuleInsts().elements(); e - .hasMoreElements();) { - ILdapRule rule = (ILdapRule) e.nextElement(); + for (Enumeration e = mProcessor.getRuleInsts().elements(); + e.hasMoreElements();) { + ILdapRule rule = (ILdapRule) + e.nextElement(); if (id.equals(getRulePluginName(rule))) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_IN_USE"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_IN_USE"), null, resp); return; } } - + // then delete this rule mProcessor.getRulePlugins().remove((Object) id); - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() + ".rule"); + IConfigStore destStore = + mConfig.getSubStore( + mAuth.getId() + ".rule"); IConfigStore instancesConfig = destStore.getSubStore("impl"); instancesConfig.removeSubStore(id); @@ -2021,25 +1949,27 @@ public class PublisherAdminServlet extends AdminServlet { try { mConfig.commit(true); } catch (EBaseException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } sendResponse(SUCCESS, null, params, resp); return; - } + } - private synchronized void delRuleInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void delRuleInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -2047,24 +1977,24 @@ public class PublisherAdminServlet extends AdminServlet { // does rule instance exist? if (mProcessor.getRuleInsts().containsKey(id) == false) { - sendResponse( - ERROR, - new ERuleNotFound(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_RULE_NOT_FOUND", id)).toString(), null, - resp); + sendResponse(ERROR, + new ERuleNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_RULE_NOT_FOUND", id)).toString(), + null, resp); return; } // only remove from memory // cannot shutdown because we don't keep track of whether it's - // being used. - ILdapRule ruleInst = (ILdapRule) mProcessor.getRuleInsts().get(id); + // being used. + ILdapRule ruleInst = (ILdapRule) + mProcessor.getRuleInsts().get(id); mProcessor.getRuleInsts().remove((Object) id); // remove the configuration. - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() - + ".publish.rule"); + IConfigStore destStore = + mConfig.getSubStore( + mAuth.getId() + ".publish.rule"); IConfigStore instancesConfig = destStore.getSubStore("instance"); instancesConfig.removeSubStore(id); @@ -2072,24 +2002,26 @@ public class PublisherAdminServlet extends AdminServlet { try { mConfig.commit(true); } catch (EBaseException e) { - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } sendResponse(SUCCESS, null, params, resp); return; - } + } - private synchronized void getRuleConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getRuleConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String implname = req.getParameter(Constants.RS_ID); if (implname == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -2103,47 +2035,50 @@ public class PublisherAdminServlet extends AdminServlet { String kv = (String) configParams.elementAt(i); int index = kv.indexOf('='); - params.add(kv.substring(0, index), kv.substring(index + 1)); + params.add(kv.substring(0, index), + kv.substring(index + 1)); } } sendResponse(0, null, params, resp); return; } - private synchronized void getRuleInstConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getRuleInstConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does rule instance exist? if (mProcessor.getRuleInsts().containsKey(id) == false) { - sendResponse( - ERROR, - new ERuleNotFound(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_RULE_NOT_FOUND", id)).toString(), null, - resp); + sendResponse(ERROR, + new ERuleNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_RULE_NOT_FOUND", id)).toString(), + null, resp); return; } - ILdapRule ruleInst = (ILdapRule) mProcessor.getRuleInsts().get(id); + ILdapRule ruleInst = (ILdapRule) + mProcessor.getRuleInsts().get(id); Vector configParams = ruleInst.getInstanceParams(); NameValuePairs params = new NameValuePairs(); - params.add(Constants.PR_RULE_IMPL_NAME, getRulePluginName(ruleInst)); + params.add(Constants.PR_RULE_IMPL_NAME, + getRulePluginName(ruleInst)); // implName is always required so always send it. if (configParams != null) { for (int i = 0; i < configParams.size(); i++) { String kv = (String) configParams.elementAt(i); int index = kv.indexOf('='); - params.add(kv.substring(0, index), kv.substring(index + 1)); + params.add(kv.substring(0, index), + kv.substring(index + 1)); } } @@ -2151,22 +2086,23 @@ public class PublisherAdminServlet extends AdminServlet { return; } - private synchronized void modRuleInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void modRuleInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // Does the manager instance exist? if (!mProcessor.getRuleInsts().containsKey((Object) id)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_INST_ID", id), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_INST_ID", id), + null, resp); return; } @@ -2174,26 +2110,26 @@ public class PublisherAdminServlet extends AdminServlet { String implname = req.getParameter(Constants.PR_RULE_IMPL_NAME); if (implname == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); return; } - // get plugin for implementation - RulePlugin plugin = (RulePlugin) mProcessor.getRulePlugins().get( - implname); + // get plugin for implementation + RulePlugin plugin = + (RulePlugin) mProcessor.getRulePlugins().get(implname); if (plugin == null) { sendResponse(ERROR, - // new ERulePluginNotFound(implname).toString(getLocale(req)), - "", null, resp); + //new ERulePluginNotFound(implname).toString(getLocale(req)), + "", + null, resp); return; } - // save old instance substore params in case new one fails. + // save old instance substore params in case new one fails. - ILdapRule oldinst = (ILdapRule) mProcessor.getRuleInsts().get( - (Object) id); + ILdapRule oldinst = + (ILdapRule) mProcessor.getRuleInsts().get((Object) id); Vector oldConfigParms = oldinst.getInstanceParams(); NameValuePairs saveParams = new NameValuePairs(); @@ -2204,7 +2140,8 @@ public class PublisherAdminServlet extends AdminServlet { String kv = (String) oldConfigParms.elementAt(i); int index = kv.indexOf('='); - saveParams.add(kv.substring(0, index), kv.substring(index + 1)); + saveParams.add(kv.substring(0, index), + kv.substring(index + 1)); } } @@ -2212,8 +2149,9 @@ public class PublisherAdminServlet extends AdminServlet { // remove old substore. - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() - + ".publish.rule"); + IConfigStore destStore = + mConfig.getSubStore( + mAuth.getId() + ".publish.rule"); IConfigStore instancesConfig = destStore.getSubStore("instance"); // create new substore. @@ -2233,7 +2171,8 @@ public class PublisherAdminServlet extends AdminServlet { String val = req.getParameter(key); if (val == null) { - substore.put(key, kv.substring(index + 1)); + substore.put(key, + kv.substring(index + 1)); } else { if (val.equals(NOMAPPER)) val = ""; @@ -2252,27 +2191,21 @@ public class PublisherAdminServlet extends AdminServlet { } catch (ClassNotFoundException e) { // cleanup restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (InstantiationException e) { restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } @@ -2291,15 +2224,16 @@ public class PublisherAdminServlet extends AdminServlet { return; } - // initialized ok. commiting + // initialized ok. commiting try { mConfig.commit(true); } catch (EBaseException e) { // clean up. restore(instancesConfig, id, saveParams); - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -2307,48 +2241,47 @@ public class PublisherAdminServlet extends AdminServlet { mProcessor.getRuleInsts().put(id, newRuleInst); - mProcessor.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_RULE_INST_REP", id)); + mProcessor.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_RULE_INST_REP", id)); NameValuePairs params = new NameValuePairs(); sendResponse(SUCCESS, null, params, resp); return; } - private synchronized void addPublisherPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addPublisherPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // is the manager id unique? if (mProcessor.getPublisherPlugins().containsKey((Object) id)) { - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_PLUGIN_ID", id)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_PLUGIN_ID", id)).toString(), + null, resp); return; } String classPath = req.getParameter(Constants.PR_PUBLISHER_CLASS); if (classPath == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_NULL_CLASS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req),"CMS_LDAP_SRVLT_NULL_CLASS"), null, resp); return; } IConfigStore destStore = null; - destStore = mConfig.getSubStore(mAuth.getId() + ".publish.publisher"); + destStore = mConfig.getSubStore( + mAuth.getId() + ".publish.publisher"); IConfigStore instancesConfig = destStore.getSubStore("impl"); // Does the class exist? @@ -2357,25 +2290,21 @@ public class PublisherAdminServlet extends AdminServlet { try { newImpl = Class.forName(classPath); } catch (ClassNotFoundException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); return; } catch (IllegalArgumentException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_NO_CLASS"), null, resp); return; } // is the class an ILdapPublisher? try { if (ILdapPublisher.class.isAssignableFrom(newImpl) == false) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); return; } } catch (NullPointerException e) { // unlikely, only if newImpl null. - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_CLASS", classPath), null, resp); return; } @@ -2387,9 +2316,10 @@ public class PublisherAdminServlet extends AdminServlet { try { mConfig.commit(true); } catch (EBaseException e) { - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -2397,8 +2327,8 @@ public class PublisherAdminServlet extends AdminServlet { PublisherPlugin plugin = new PublisherPlugin(id, classPath); mProcessor.getPublisherPlugins().put(id, plugin); - mProcessor.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_PUB_PLUG_ADDED", id)); + mProcessor.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_PUB_PLUG_ADDED", id)); NameValuePairs params = new NameValuePairs(); @@ -2406,56 +2336,56 @@ public class PublisherAdminServlet extends AdminServlet { return; } - private synchronized void addPublisherInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void addPublisherInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } if (!isValidID(id)) { - sendResponse(ERROR, "Invalid ID '" + id + "'", null, resp); + sendResponse(ERROR, "Invalid ID '" + id + "'", + null, resp); return; } if (mProcessor.getPublisherInsts().containsKey((Object) id)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_INST_ID", id), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_INST_ID", id), + null, resp); return; } // get required parameters - String implname = req.getParameter(Constants.PR_PUBLISHER_IMPL_NAME); + String implname = req.getParameter( + Constants.PR_PUBLISHER_IMPL_NAME); if (implname == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); return; } // check if implementation exists. - PublisherPlugin plugin = (PublisherPlugin) mProcessor - .getPublisherPlugins().get(implname); + PublisherPlugin plugin = + (PublisherPlugin) mProcessor.getPublisherPlugins().get( + implname); if (plugin == null) { - sendResponse( - ERROR, - new EPublisherPluginNotFound(CMS.getUserMessage( - getLocale(req), - "CMS_LDAP_PUBLISHER_PLUGIN_NOT_FOUND", implname)) - .toString(), null, resp); + sendResponse(ERROR, + new EPublisherPluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_PUBLISHER_PLUGIN_NOT_FOUND", implname)).toString(), + null, resp); return; } Vector configParams = mProcessor.getPublisherDefaultParams(implname); - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() - + ".publish.publisher"); + IConfigStore destStore = + mConfig.getSubStore(mAuth.getId() + ".publish.publisher"); IConfigStore instancesConfig = destStore.getSubStore("instance"); IConfigStore substore = instancesConfig.makeSubStore(id); @@ -2474,14 +2404,15 @@ public class PublisherAdminServlet extends AdminServlet { if (index == -1) { substore.put(kv, ""); } else { - substore.put(kv.substring(0, index), - kv.substring(index + 1)); + substore.put(kv.substring(0, index), + kv.substring(index + 1)); } } else { if (index == -1) { substore.put(kv, val); } else { - substore.put(kv.substring(0, index), val); + substore.put(kv.substring(0, index), + val); } } } @@ -2493,32 +2424,25 @@ public class PublisherAdminServlet extends AdminServlet { ILdapPublisher publisherInst = null; try { - publisherInst = (ILdapPublisher) Class.forName(className) - .newInstance(); + publisherInst = (ILdapPublisher) Class.forName(className).newInstance(); } catch (ClassNotFoundException e) { // cleanup instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (InstantiationException e) { instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { instancesConfig.removeSubStore(id); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } @@ -2542,17 +2466,17 @@ public class PublisherAdminServlet extends AdminServlet { } catch (EBaseException e) { // clean up. instancesConfig.removeSubStore(id); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // inited and commited ok. now add manager instance to list. - mProcessor.getPublisherInsts().put(id, - new PublisherProxy(true, publisherInst)); + mProcessor.getPublisherInsts().put(id, new PublisherProxy(true, publisherInst)); - mProcessor.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_PUB_INST_ADDED", id)); + mProcessor.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_PUB_INST_ADDED", id)); NameValuePairs params = new NameValuePairs(); @@ -2561,24 +2485,24 @@ public class PublisherAdminServlet extends AdminServlet { return; } - private synchronized void listPublisherPlugins(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listPublisherPlugins(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = mProcessor.getPublisherPlugins().keys(); while (e.hasMoreElements()) { String name = (String) e.nextElement(); - PublisherPlugin value = (PublisherPlugin) mProcessor - .getPublisherPlugins().get(name); + PublisherPlugin value = (PublisherPlugin) + mProcessor.getPublisherPlugins().get(name); // get Description - String c = value.getClassPath(); + String c = value.getClassPath(); String desc = "unknown"; try { - ILdapPublisher lp = (ILdapPublisher) Class.forName(c) - .newInstance(); + ILdapPublisher lp = (ILdapPublisher) + Class.forName(c).newInstance(); desc = lp.getDescription(); } catch (Exception exp) { @@ -2599,9 +2523,9 @@ public class PublisherAdminServlet extends AdminServlet { } } - private synchronized void listPublisherInsts(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listPublisherInsts(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String insts = null; @@ -2619,50 +2543,48 @@ public class PublisherAdminServlet extends AdminServlet { return; } - private synchronized void delPublisherPlugin(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, + private synchronized void delPublisherPlugin(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does publisher exist? if (mProcessor.getPublisherPlugins().containsKey(id) == false) { - sendResponse( - ERROR, - new EPublisherPluginNotFound(CMS.getUserMessage( - getLocale(req), - "CMS_LDAP_PUBLISHER_PLUGIN_NOT_FOUND", id)) - .toString(), null, resp); + sendResponse(ERROR, + new EPublisherPluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_PUBLISHER_PLUGIN_NOT_FOUND", id)).toString(), + null, resp); return; } // first check if any instances from this publisher // DON'T remove publisher if any instance - for (Enumeration e = mProcessor.getPublisherInsts().keys(); e - .hasMoreElements();) { + for (Enumeration e = mProcessor.getPublisherInsts().keys(); + e.hasMoreElements();) { String name = (String) e.nextElement(); - ILdapPublisher publisher = mProcessor.getPublisherInstance(name); + ILdapPublisher publisher = + mProcessor.getPublisherInstance(name); if (id.equals(getPublisherPluginName(publisher))) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_IN_USE"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_IN_USE"), null, resp); return; } } - + // then delete this publisher mProcessor.getPublisherPlugins().remove((Object) id); - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() - + ".publish.publisher"); + IConfigStore destStore = + mConfig.getSubStore(mAuth.getId() + ".publish.publisher"); IConfigStore instancesConfig = destStore.getSubStore("impl"); instancesConfig.removeSubStore(id); @@ -2670,8 +2592,9 @@ public class PublisherAdminServlet extends AdminServlet { try { mConfig.commit(true); } catch (EBaseException e) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } @@ -2679,17 +2602,18 @@ public class PublisherAdminServlet extends AdminServlet { return; } - private synchronized void delPublisherInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, + private synchronized void delPublisherInst(HttpServletRequest req, + HttpServletResponse resp, String scope) throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -2697,24 +2621,22 @@ public class PublisherAdminServlet extends AdminServlet { // does publisher instance exist? if (mProcessor.getPublisherInsts().containsKey(id) == false) { - sendResponse( - ERROR, - new EPublisherNotFound(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_PUBLISHER_NOT_FOUND", id)).toString(), - null, resp); + sendResponse(ERROR, + new EPublisherNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_PUBLISHER_NOT_FOUND", id)).toString(), + null, resp); return; } // only remove from memory // cannot shutdown because we don't keep track of whether it's - // being used. + // being used. ILdapPublisher publisherInst = mProcessor.getPublisherInstance(id); mProcessor.getPublisherInsts().remove((Object) id); // remove the configuration. - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() - + ".publish.publisher"); + IConfigStore destStore = + mConfig.getSubStore(mAuth.getId() + ".publish.publisher"); IConfigStore instancesConfig = destStore.getSubStore("instance"); instancesConfig.removeSubStore(id); @@ -2722,9 +2644,10 @@ public class PublisherAdminServlet extends AdminServlet { try { mConfig.commit(true); } catch (EBaseException e) { - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } sendResponse(SUCCESS, null, params, resp); @@ -2732,23 +2655,25 @@ public class PublisherAdminServlet extends AdminServlet { } /** - * used for getting the required configuration parameters (with possible - * default values) for a particular plugin implementation name specified in - * the RS_ID. Actually, there is no logic in here to set any default value - * here...there's no default value for any parameter in this publishing - * subsystem at this point. Later, if we do have one (or some), it can be - * added. The interface remains the same. + * used for getting the required configuration parameters (with + * possible default values) for a particular plugin + * implementation name specified in the RS_ID. Actually, there is + * no logic in here to set any default value here...there's no + * default value for any parameter in this publishing subsystem + * at this point. Later, if we do have one (or some), it can be + * added. The interface remains the same. */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getConfig(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException, EBaseException { String implname = req.getParameter(Constants.RS_ID); if (implname == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -2765,7 +2690,8 @@ public class PublisherAdminServlet extends AdminServlet { if (index == -1) { params.add(kv, ""); } else { - params.add(kv.substring(0, index), kv.substring(index + 1)); + params.add(kv.substring(0, index), + kv.substring(index + 1)); } } } @@ -2773,43 +2699,43 @@ public class PublisherAdminServlet extends AdminServlet { return; } - private synchronized void getInstConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getInstConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // does publisher instance exist? if (mProcessor.getPublisherInsts().containsKey(id) == false) { - sendResponse( - ERROR, - new EPublisherNotFound(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_PUBLISHER_NOT_FOUND", id)).toString(), - null, resp); + sendResponse(ERROR, + new EPublisherNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_PUBLISHER_NOT_FOUND", id)).toString(), + null, resp); return; } - ILdapPublisher publisherInst = (ILdapPublisher) mProcessor - .getPublisherInstance(id); + ILdapPublisher publisherInst = (ILdapPublisher) + mProcessor.getPublisherInstance(id); Vector configParams = publisherInst.getInstanceParams(); NameValuePairs params = new NameValuePairs(); - params.add(Constants.PR_PUBLISHER_IMPL_NAME, - getPublisherPluginName(publisherInst)); + params.add(Constants.PR_PUBLISHER_IMPL_NAME, + getPublisherPluginName(publisherInst)); // implName is always required so always send it. if (configParams != null) { for (int i = 0; i < configParams.size(); i++) { String kv = (String) configParams.elementAt(i); int index = kv.indexOf('='); - params.add(kv.substring(0, index), kv.substring(index + 1)); + params.add(kv.substring(0, index), + kv.substring(index + 1)); } } @@ -2818,30 +2744,33 @@ public class PublisherAdminServlet extends AdminServlet { } /** - * Modify publisher instance. This will actually create a new instance with - * new configuration parameters and replace the old instance, if the new - * instance created and initialized successfully. The old instance is left - * running. so this is very expensive. Restart of server recommended. + * Modify publisher instance. + * This will actually create a new instance with new configuration + * parameters and replace the old instance, if the new instance + * created and initialized successfully. + * The old instance is left running. so this is very expensive. + * Restart of server recommended. */ - private synchronized void modPublisherInst(HttpServletRequest req, - HttpServletResponse resp, String scope) throws ServletException, - IOException, EBaseException { + private synchronized void modPublisherInst(HttpServletRequest req, + HttpServletResponse resp, String scope) + throws ServletException, IOException, EBaseException { // expensive operation. String id = req.getParameter(Constants.RS_ID); if (id == null) { - // System.out.println("SRVLT_NULL_RS_ID"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + //System.out.println("SRVLT_NULL_RS_ID"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // Does the manager instance exist? if (!mProcessor.getPublisherInsts().containsKey((Object) id)) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ILL_INST_ID", id), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ILL_INST_ID", id), + null, resp); return; } @@ -2849,26 +2778,22 @@ public class PublisherAdminServlet extends AdminServlet { String implname = req.getParameter(Constants.PR_PUBLISHER_IMPL_NAME); if (implname == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_LDAP_SRVLT_ADD_MISSING_PARAMS"), null, resp); return; } - // get plugin for implementation - PublisherPlugin plugin = (PublisherPlugin) mProcessor - .getPublisherPlugins().get(implname); + // get plugin for implementation + PublisherPlugin plugin = + (PublisherPlugin) mProcessor.getPublisherPlugins().get(implname); if (plugin == null) { - sendResponse( - ERROR, - new EPublisherPluginNotFound(CMS.getUserMessage( - getLocale(req), - "CMS_LDAP_PUBLISHER_PLUGIN_NOT_FOUND", implname)) - .toString(), null, resp); + sendResponse(ERROR, + new EPublisherPluginNotFound(CMS.getUserMessage(getLocale(req), "CMS_LDAP_PUBLISHER_PLUGIN_NOT_FOUND", implname)).toString(), + null, resp); return; } - // save old instance substore params in case new one fails. + // save old instance substore params in case new one fails. ILdapPublisher oldinst = mProcessor.getPublisherInstance(id); Vector oldConfigParms = oldinst.getInstanceParams(); @@ -2882,16 +2807,14 @@ public class PublisherAdminServlet extends AdminServlet { String kv = (String) oldConfigParms.elementAt(i); int index = kv.indexOf('='); if (index > -1) { - if (kv.substring(0, index) - .equalsIgnoreCase("caObjectClass")) { + if (kv.substring(0, index).equalsIgnoreCase("caObjectClass")) { pubType = "cacert"; - } else if (kv.substring(0, index).equalsIgnoreCase( - "crlObjectClass")) { + } else if (kv.substring(0, index).equalsIgnoreCase("crlObjectClass")) { pubType = "crl"; } - saveParams.add(kv.substring(0, index), - kv.substring(index + 1)); + saveParams.add(kv.substring(0, index), + kv.substring(index + 1)); } } } @@ -2900,23 +2823,17 @@ public class PublisherAdminServlet extends AdminServlet { // remove old substore. - IConfigStore destStore = mConfig.getSubStore(mAuth.getId() - + ".publish.publisher"); + IConfigStore destStore = + mConfig.getSubStore(mAuth.getId() + ".publish.publisher"); IConfigStore instancesConfig = destStore.getSubStore("instance"); // get objects added and deleted if (pubType.equals("cacert")) { - saveParams.add("caObjectClassAdded", - instancesConfig.getString(id + ".caObjectClassAdded", "")); - saveParams - .add("caObjectClassDeleted", - instancesConfig.getString(id - + ".caObjectClassDeleted", "")); + saveParams.add("caObjectClassAdded", instancesConfig.getString(id + ".caObjectClassAdded", "")); + saveParams.add("caObjectClassDeleted", instancesConfig.getString(id + ".caObjectClassDeleted", "")); } else if (pubType.equals("crl")) { - saveParams.add("crlObjectClassAdded", - instancesConfig.getString(id + ".crlObjectClassAdded", "")); - saveParams.add("crlObjectClassDeleted", instancesConfig.getString( - id + ".crlObjectClassDeleted", "")); + saveParams.add("crlObjectClassAdded", instancesConfig.getString(id + ".crlObjectClassAdded", "")); + saveParams.add("crlObjectClassDeleted", instancesConfig.getString(id + ".crlObjectClassDeleted", "")); } // create new substore. @@ -2942,9 +2859,9 @@ public class PublisherAdminServlet extends AdminServlet { } // process any changes to the ldap object class definitions - if (pubType.equals("cacert")) { + if (pubType.equals("cacert")) { processChangedOC(saveParams, substore, "caObjectClass"); - substore.put("pubtype", "cacert"); + substore.put("pubtype", "cacert"); } if (pubType.equals("crl")) { @@ -2958,32 +2875,25 @@ public class PublisherAdminServlet extends AdminServlet { ILdapPublisher newMgrInst = null; try { - newMgrInst = (ILdapPublisher) Class.forName(className) - .newInstance(); + newMgrInst = (ILdapPublisher) Class.forName(className).newInstance(); } catch (ClassNotFoundException e) { // cleanup restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (InstantiationException e) { restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } catch (IllegalAccessException e) { restore(instancesConfig, id, saveParams); - sendResponse( - ERROR, - new ELdapException(CMS.getUserMessage(getLocale(req), - "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), - null, resp); + sendResponse(ERROR, + new ELdapException(CMS.getUserMessage(getLocale(req), "CMS_LDAP_FAIL_LOAD_CLASS", className)).toString(), + null, resp); return; } @@ -3002,25 +2912,25 @@ public class PublisherAdminServlet extends AdminServlet { return; } - // initialized ok. commiting + // initialized ok. commiting try { mConfig.commit(true); } catch (EBaseException e) { // clean up. restore(instancesConfig, id, saveParams); - // System.out.println("SRVLT_FAIL_COMMIT"); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_COMMIT_FAILED"), null, resp); + //System.out.println("SRVLT_FAIL_COMMIT"); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_COMMIT_FAILED"), + null, resp); return; } // commited ok. replace instance. - mProcessor.getPublisherInsts().put(id, - new PublisherProxy(true, newMgrInst)); + mProcessor.getPublisherInsts().put(id, new PublisherProxy(true, newMgrInst)); - mProcessor.log(ILogger.LL_INFO, - CMS.getLogMessage("ADMIN_SRVLT_PUB_INST_REP", id)); + mProcessor.log(ILogger.LL_INFO, + CMS.getLogMessage("ADMIN_SRVLT_PUB_INST_REP", id)); NameValuePairs params = new NameValuePairs(); @@ -3028,65 +2938,61 @@ public class PublisherAdminServlet extends AdminServlet { return; } - // convenience function - takes list1, list2. Returns what is in list1 + // convenience function - takes list1, list2. Returns what is in list1 // but not in list2 private String[] getExtras(String[] list1, String[] list2) { - Vector<String> extras = new Vector<String>(); - for (int i = 0; i < list1.length; i++) { - boolean match = false; - for (int j = 0; j < list2.length; j++) { - if ((list1[i].trim()).equalsIgnoreCase(list2[j].trim())) { - match = true; - break; - } - } - if (!match) - extras.add(list1[i].trim()); - } - - return (String[]) extras.toArray(new String[extras.size()]); + Vector <String> extras = new Vector<String>(); + for (int i=0; i< list1.length; i++) { + boolean match=false; + for (int j=0; j < list2.length; j++) { + if ((list1[i].trim()).equalsIgnoreCase(list2[j].trim())) { + match = true; + break; + } + } + if (!match) extras.add(list1[i].trim()); + } + + return (String[])extras.toArray(new String[extras.size()]); } - // convenience function - takes list1, list2. Concatenates the two + // convenience function - takes list1, list2. Concatenates the two // lists removing duplicates private String[] joinLists(String[] list1, String[] list2) { - Vector<String> sum = new Vector<String>(); - for (int i = 0; i < list1.length; i++) { - sum.add(list1[i]); - } - - for (int i = 0; i < list2.length; i++) { - boolean match = false; - for (int j = 0; j < list1.length; j++) { - if ((list2[i].trim()).equalsIgnoreCase(list1[j].trim())) { - match = true; - break; - } - } - if (!match) - sum.add(list2[i].trim()); - } - - return (String[]) sum.toArray(new String[sum.size()]); + Vector <String> sum = new Vector<String>(); + for (int i=0; i< list1.length; i++) { + sum.add(list1[i]); + } + + for (int i=0; i < list2.length; i++) { + boolean match=false; + for (int j=0; j < list1.length; j++) { + if ((list2[i].trim()).equalsIgnoreCase(list1[j].trim())) { + match = true; + break; + } + } + if (!match) sum.add(list2[i].trim()); + } + + return (String[])sum.toArray(new String[sum.size()]); } // convenience funtion. Takes a string array and delimiter // and returns a String with the concatenation private static String join(String[] s, String delimiter) { - if (s.length == 0) - return ""; + if (s.length == 0) return ""; StringBuffer buffer = new StringBuffer(s[0]); if (s.length > 1) { - for (int i = 1; i < s.length; i++) { + for (int i=1; i< s.length; i++) { buffer.append(delimiter).append(s[i].trim()); } } return buffer.toString(); } - private void processChangedOC(NameValuePairs saveParams, - IConfigStore newstore, String objName) { + private void processChangedOC(NameValuePairs saveParams, IConfigStore newstore, String objName) { String newOC = null, oldOC = null; String oldAdded = null, oldDeleted = null; @@ -3099,38 +3005,36 @@ public class PublisherAdminServlet extends AdminServlet { oldAdded = saveParams.getValue(objName + "Added"); oldDeleted = saveParams.getValue(objName + "Deleted"); - if ((oldOC == null) || (newOC == null)) - return; - if (oldOC.equalsIgnoreCase(newOC)) - return; + if ((oldOC == null) || (newOC == null)) return; + if (oldOC.equalsIgnoreCase(newOC)) return; - String[] oldList = oldOC.split(","); - String[] newList = newOC.split(","); - String[] deletedList = getExtras(oldList, newList); - String[] addedList = getExtras(newList, oldList); + String [] oldList = oldOC.split(","); + String [] newList = newOC.split(","); + String [] deletedList = getExtras(oldList, newList); + String [] addedList = getExtras(newList, oldList); // CMS.debug("addedList = " + join(addedList, ",")); // CMS.debug("deletedList = " + join(deletedList, ",")); - if ((addedList.length == 0) && (deletedList.length == 0)) - return; // no changes + if ((addedList.length ==0) && (deletedList.length == 0)) + return; // no changes if (oldAdded != null) { // CMS.debug("oldAdded is " + oldAdded); - String[] oldAddedList = oldAdded.split(","); + String [] oldAddedList = oldAdded.split(","); addedList = joinLists(addedList, oldAddedList); } if (oldDeleted != null) { // CMS.debug("oldDeleted is " + oldDeleted); - String[] oldDeletedList = oldDeleted.split(","); + String [] oldDeletedList = oldDeleted.split(","); deletedList = joinLists(deletedList, oldDeletedList); } String[] addedList1 = getExtras(addedList, deletedList); String[] deletedList1 = getExtras(deletedList, addedList); - // create the final strings and write to config + //create the final strings and write to config String addedListStr = join(addedList1, ","); String deletedListStr = join(deletedList1, ","); @@ -3142,8 +3046,8 @@ public class PublisherAdminServlet extends AdminServlet { } // convenience routine. - private static void restore(IConfigStore store, String id, - NameValuePairs saveParams) { + private static void restore(IConfigStore store, + String id, NameValuePairs saveParams) { store.removeSubStore(id); IConfigStore rstore = store.makeSubStore(id); @@ -3153,7 +3057,7 @@ public class PublisherAdminServlet extends AdminServlet { String key = (String) keys.nextElement(); String value = saveParams.getValue(key); - if (value != null) + if (value != null) rstore.put(key, value); } } @@ -3174,7 +3078,7 @@ public class PublisherAdminServlet extends AdminServlet { public void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_LDAP, level, - "PublishingAdminServlet: " + msg); + mLogger.log(ILogger.EV_SYSTEM, + ILogger.S_LDAP, level, "PublishingAdminServlet: " + msg); } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/RAAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/RAAdminServlet.java index 97590e0b..35bbb91a 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/RAAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/RAAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.util.Enumeration; @@ -35,11 +36,13 @@ import com.netscape.certsrv.common.ScopeDef; import com.netscape.certsrv.ra.IRegistrationAuthority; import com.netscape.certsrv.request.IRequestListener; + /** - * A class representings an administration servlet for Registration Authority. - * This servlet is responsible to serve RA administrative operations such as - * configuration parameter updates. - * + * A class representings an administration servlet for Registration + * Authority. This servlet is responsible to serve RA + * administrative operations such as configuration parameter + * updates. + * * @version $Revision$, $Date$ */ public class RAAdminServlet extends AdminServlet { @@ -50,17 +53,15 @@ public class RAAdminServlet extends AdminServlet { protected static final String PROP_ENABLED = "enabled"; - /* - * ========================================================== variables - * ========================================================== - */ + /*========================================================== + * variables + *==========================================================*/ private final static String INFO = "RAAdminServlet"; private IRegistrationAuthority mRA = null; - /* - * ========================================================== constructors - * ========================================================== - */ + /*========================================================== + * constructors + *==========================================================*/ /** * Constructs RA servlet. @@ -69,10 +70,9 @@ public class RAAdminServlet extends AdminServlet { super(); } - /* - * ========================================================== public methods - * ========================================================== - */ + /*========================================================== + * public methods + *==========================================================*/ /** * Initializes this servlet. @@ -90,34 +90,35 @@ public class RAAdminServlet extends AdminServlet { } /** - * Serves HTTP request. Each request is authenticated to the authenticate - * manager. + * Serves HTTP request. Each request is authenticated to + * the authenticate manager. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); - // get all operational flags + //get all operational flags String op = req.getParameter(Constants.OP_TYPE); String scope = req.getParameter(Constants.OP_SCOPE); - // check operational flags + //check operational flags if ((op == null) || (scope == null)) { sendResponse(1, "Invalid Protocol", null, resp); return; } - // authenticate the user + //authenticate the user super.authenticate(req); - // perform services + //perform services try { AUTHZ_RES_NAME = "certServer.ra.configuration"; if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GENERAL)) { @@ -142,8 +143,9 @@ public class RAAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GENERAL)) { @@ -155,7 +157,7 @@ public class RAAdminServlet extends AdminServlet { } else if (scope.equals(ScopeDef.SC_NOTIFICATION_REQ_COMP)) { setNotificationReqCompConfig(req, resp); return; - } else if (scope.equals(ScopeDef.SC_NOTIFICATION_REV_COMP)) { + }else if (scope.equals(ScopeDef.SC_NOTIFICATION_REV_COMP)) { setNotificationRevCompConfig(req, resp); return; } else if (scope.equals(ScopeDef.SC_NOTIFICATION_RIQ)) { @@ -167,23 +169,22 @@ public class RAAdminServlet extends AdminServlet { } } } catch (Exception e) { - // System.out.println("XXX >>>" + e.toString() + "<<<"); + //System.out.println("XXX >>>" + e.toString() + "<<<"); sendResponse(1, "Unknown operation", null, resp); } return; } - /* - * ========================================================== private - * methods========================================================== - */ - + /*========================================================== + * private methods + *==========================================================*/ + /* * handle getting completion (cert issued) notification config info */ private void getNotificationCompConfig(HttpServletRequest req, - HttpServletResponse resp, IConfigStore rc) throws ServletException, + HttpServletResponse resp, IConfigStore rc) throws ServletException, IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = req.getParameterNames(); @@ -202,37 +203,35 @@ public class RAAdminServlet extends AdminServlet { params.add(name, rc.getString(name, "")); } - params.add(Constants.PR_ENABLE, - rc.getString(PROP_ENABLED, Constants.FALSE)); - // System.out.println("Send: "+params.toString()); + params.add(Constants.PR_ENABLE, + rc.getString(PROP_ENABLED, Constants.FALSE)); + //System.out.println("Send: "+params.toString()); sendResponse(SUCCESS, null, params, resp); } private void getNotificationReqCompConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore config = mRA.getConfigStore(); - IConfigStore nc = config - .getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore rc = nc - .getSubStore(IRegistrationAuthority.PROP_CERT_ISSUED_SUBSTORE); + IConfigStore rc = nc.getSubStore(IRegistrationAuthority.PROP_CERT_ISSUED_SUBSTORE); getNotificationCompConfig(req, resp, rc); } private void getNotificationRevCompConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore config = mRA.getConfigStore(); - IConfigStore nc = config - .getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore rc = nc - .getSubStore(IRegistrationAuthority.PROP_CERT_REVOKED_SUBSTORE); + IConfigStore rc = nc.getSubStore(IRegistrationAuthority.PROP_CERT_REVOKED_SUBSTORE); getNotificationCompConfig(req, resp, rc); @@ -242,17 +241,16 @@ public class RAAdminServlet extends AdminServlet { * handle getting request in queue notification config info */ private void getNotificationRIQConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); IConfigStore config = mRA.getConfigStore(); - IConfigStore nc = config - .getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore riq = nc - .getSubStore(IRegistrationAuthority.PROP_REQ_IN_Q_SUBSTORE); + IConfigStore riq = nc.getSubStore(IRegistrationAuthority.PROP_REQ_IN_Q_SUBSTORE); Enumeration e = req.getParameterNames(); @@ -270,9 +268,9 @@ public class RAAdminServlet extends AdminServlet { params.add(name, riq.getString(name, "")); } - params.add(Constants.PR_ENABLE, - riq.getString(PROP_ENABLED, Constants.FALSE)); - // System.out.println("Send: "+params.toString()); + params.add(Constants.PR_ENABLE, + riq.getString(PROP_ENABLED, Constants.FALSE)); + //System.out.println("Send: "+params.toString()); sendResponse(SUCCESS, null, params, resp); } @@ -280,16 +278,15 @@ public class RAAdminServlet extends AdminServlet { * handle setting request in queue notification config info */ private void setNotificationRIQConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore config = mRA.getConfigStore(); - IConfigStore nc = config - .getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore riq = nc - .getSubStore(IRegistrationAuthority.PROP_REQ_IN_Q_SUBSTORE); + IConfigStore riq = nc.getSubStore(IRegistrationAuthority.PROP_REQ_IN_Q_SUBSTORE); - // set rest of the parameters + //set rest of the parameters Enumeration e = req.getParameterNames(); while (e.hasMoreElements()) { @@ -324,10 +321,9 @@ public class RAAdminServlet extends AdminServlet { * handle setting request complete notification config info */ private void setNotificationCompConfig(HttpServletRequest req, - HttpServletResponse resp, IConfigStore rc, - IRequestListener thisListener) throws ServletException, + HttpServletResponse resp, IConfigStore rc, IRequestListener thisListener) throws ServletException, IOException, EBaseException { - // set rest of the parameters + //set rest of the parameters Enumeration e = req.getParameterNames(); while (e.hasMoreElements()) { @@ -359,35 +355,33 @@ public class RAAdminServlet extends AdminServlet { } private void setNotificationReqCompConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore config = mRA.getConfigStore(); - IConfigStore nc = config - .getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore rc = nc - .getSubStore(IRegistrationAuthority.PROP_CERT_ISSUED_SUBSTORE); + IConfigStore rc = nc.getSubStore(IRegistrationAuthority.PROP_CERT_ISSUED_SUBSTORE); setNotificationCompConfig(req, resp, rc, mRA.getCertIssuedListener()); - + } private void setNotificationRevCompConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore config = mRA.getConfigStore(); - IConfigStore nc = config - .getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); + IConfigStore nc = + config.getSubStore(IRegistrationAuthority.PROP_NOTIFY_SUBSTORE); - IConfigStore rc = nc - .getSubStore(IRegistrationAuthority.PROP_CERT_REVOKED_SUBSTORE); + IConfigStore rc = nc.getSubStore(IRegistrationAuthority.PROP_CERT_REVOKED_SUBSTORE); setNotificationCompConfig(req, resp, rc, mRA.getCertRevokedListener()); } private void getConnectorConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore raConfig = mRA.getConfigStore(); IConfigStore connectorConfig = raConfig.getSubStore("connector"); IConfigStore caConnectorConfig = null; @@ -401,10 +395,15 @@ public class RAAdminServlet extends AdminServlet { } /* - * Enumeration enum = req.getParameterNames(); NameValuePairs params = - * new NameValuePairs(); while (enum.hasMoreElements()) { String key = - * (String)enum.nextElement(); if (key.equals("RS_ID")) { String val = - * req.getParameter(key); if (val.equals("CA Connector")) } } + Enumeration enum = req.getParameterNames(); + NameValuePairs params = new NameValuePairs(); + while (enum.hasMoreElements()) { + String key = (String)enum.nextElement(); + if (key.equals("RS_ID")) { + String val = req.getParameter(key); + if (val.equals("CA Connector")) + } + } */ Enumeration enum1 = req.getParameterNames(); @@ -428,13 +427,13 @@ public class RAAdminServlet extends AdminServlet { } private void setConnectorConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { IConfigStore raConfig = mRA.getConfigStore(); IConfigStore connectorConfig = raConfig.getSubStore("connector"); IConfigStore caConnectorConfig = null; - // String nickname = raConfig.getString("certNickname", ""); + // String nickname = raConfig.getString("certNickname", ""); if (isCAConnector(req)) { caConnectorConfig = connectorConfig.getSubStore("CA"); @@ -456,10 +455,12 @@ public class RAAdminServlet extends AdminServlet { continue; if (name.equals(Constants.OP_SCOPE)) continue; - /* - * if (name.equals("nickName")) { - * caConnectorConfig.putString(name, nickname); continue; } - */ +/* + if (name.equals("nickName")) { + caConnectorConfig.putString(name, nickname); + continue; + } +*/ caConnectorConfig.putString(name, req.getParameter(name)); } } @@ -525,41 +526,50 @@ public class RAAdminServlet extends AdminServlet { return false; } - // reading the RA general information + //reading the RA general information private void readGeneralConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); /* - * ISubsystem eeGateway = - * SubsystemRegistry.getInstance().get("eeGateway"); String value = - * "false"; if (eeGateway != null) { IConfigStore eeConfig = - * eeGateway.getConfigStore(); if (eeConfig != null) value = - * eeConfig.getString("enabled", "true"); } - * params.add(Constants.PR_EE_ENABLED, value); + ISubsystem eeGateway = + SubsystemRegistry.getInstance().get("eeGateway"); + String value = "false"; + if (eeGateway != null) { + IConfigStore eeConfig = eeGateway.getConfigStore(); + if (eeConfig != null) + value = eeConfig.getString("enabled", "true"); + } + params.add(Constants.PR_EE_ENABLED, value); */ - + sendResponse(SUCCESS, null, params, resp); } - // mdify RA General Information + //mdify RA General Information private void modifyGeneralConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { /* - * ISubsystem eeGateway = - * SubsystemRegistry.getInstance().get("eeGateway"); IConfigStore - * eeConfig = null; if (eeGateway != null) eeConfig = - * eeGateway.getConfigStore(); - * - * Enumeration enum = req.getParameterNames(); while - * (enum.hasMoreElements()) { String key = (String)enum.nextElement(); - * if (key.equals(Constants.PR_EE_ENABLED)) { if (eeConfig != null) - * eeConfig.putString("enabled", - * req.getParameter(Constants.PR_EE_ENABLED)); } } + ISubsystem eeGateway = + SubsystemRegistry.getInstance().get("eeGateway"); + IConfigStore eeConfig = null; + if (eeGateway != null) + eeConfig = eeGateway.getConfigStore(); + + Enumeration enum = req.getParameterNames(); + while (enum.hasMoreElements()) { + String key = (String)enum.nextElement(); + if (key.equals(Constants.PR_EE_ENABLED)) { + if (eeConfig != null) + eeConfig.putString("enabled", + req.getParameter(Constants.PR_EE_ENABLED)); + } + } + */ sendResponse(RESTART, null, null, resp); commit(true); diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/RegistryAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/RegistryAdminServlet.java index 39f6b6f9..be9eb456 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/RegistryAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/RegistryAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.util.Enumeration; @@ -40,7 +41,7 @@ import com.netscape.certsrv.registry.IPluginRegistry; /** * This implements the administration servlet for registry subsystem. - * + * * @version $Revision$, $Date$ */ public class RegistryAdminServlet extends AdminServlet { @@ -52,7 +53,8 @@ public class RegistryAdminServlet extends AdminServlet { public final static String PROP_AUTHORITY = "authority"; private final static String INFO = "RegistryAdminServlet"; - private final static String PW_PASSWORD_CACHE_ADD = "PASSWORD_CACHE_ADD"; + private final static String PW_PASSWORD_CACHE_ADD = + "PASSWORD_CACHE_ADD"; public final static String PROP_PREDICATE = "predicate"; private IAuthority mAuthority = null; @@ -101,8 +103,9 @@ public class RegistryAdminServlet extends AdminServlet { /** * Serves HTTP admin request. */ - public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void service(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { super.service(req, resp); super.authenticate(req); @@ -110,7 +113,7 @@ public class RegistryAdminServlet extends AdminServlet { AUTHZ_RES_NAME = "certServer.registry.configuration"; String scope = req.getParameter(Constants.OP_SCOPE); String op = req.getParameter(Constants.OP_TYPE); - + if (scope.equals(ScopeDef.SC_SUPPORTED_CONSTRAINTPOLICIES)) { if (op.equals(OpDef.OP_READ)) if (!readAuthorize(req, resp)) @@ -121,23 +124,25 @@ public class RegistryAdminServlet extends AdminServlet { } } - private boolean readAuthorize(HttpServletRequest req, - HttpServletResponse resp) throws IOException { + private boolean readAuthorize(HttpServletRequest req, + HttpServletResponse resp) throws IOException { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return false; } return true; } - private boolean modifyAuthorize(HttpServletRequest req, - HttpServletResponse resp) throws IOException { + private boolean modifyAuthorize(HttpServletRequest req, + HttpServletResponse resp) throws IOException { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return false; } return true; @@ -146,8 +151,9 @@ public class RegistryAdminServlet extends AdminServlet { /** * Process Policy Implementation Management. */ - public void processImplMgmt(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void processImplMgmt(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { // Get operation type String op = req.getParameter(Constants.OP_TYPE); String scope = req.getParameter(Constants.OP_SCOPE); @@ -169,15 +175,17 @@ public class RegistryAdminServlet extends AdminServlet { return; addImpl(req, resp); } else - sendResponse(ERROR, INVALID_POLICY_IMPL_OP, null, resp); + sendResponse(ERROR, INVALID_POLICY_IMPL_OP, + null, resp); } - public void addImpl(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void addImpl(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { // Get the policy impl id. String id = req.getParameter(Constants.RS_ID); - String scope = req.getParameter(Constants.OP_SCOPE); + String scope = req.getParameter(Constants.OP_SCOPE); String classPath = req.getParameter(Constants.PR_POLICY_CLASS); String desc = req.getParameter(Constants.PR_POLICY_DESC); @@ -190,16 +198,17 @@ public class RegistryAdminServlet extends AdminServlet { IPluginInfo info = mRegistry.createPluginInfo(id, desc, classPath); try { - mRegistry.addPluginInfo(scope, id, info); + mRegistry.addPluginInfo(scope, id, info); } catch (Exception e) { - CMS.debug(e.toString()); + CMS.debug(e.toString()); } sendResponse(SUCCESS, null, nvp, resp); } - public void deleteImpl(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void deleteImpl(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { // Get the policy impl id. String id = req.getParameter(Constants.RS_ID); @@ -216,13 +225,13 @@ public class RegistryAdminServlet extends AdminServlet { sendResponse(ERROR, MISSING_POLICY_IMPL_ID, null, resp); return; } - + NameValuePairs nvp = new NameValuePairs(); try { - mRegistry.removePluginInfo(scope, id); + mRegistry.removePluginInfo(scope, id); } catch (Exception e) { - CMS.debug(e.toString()); + CMS.debug(e.toString()); } sendResponse(SUCCESS, null, nvp, resp); @@ -231,8 +240,9 @@ public class RegistryAdminServlet extends AdminServlet { /** * Lists all registered profile impementations */ - public void listImpls(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + public void listImpls(HttpServletRequest req, + HttpServletResponse resp) + throws ServletException, IOException { String scope = req.getParameter(Constants.OP_SCOPE); Enumeration impls = mRegistry.getIds(scope); @@ -242,17 +252,15 @@ public class RegistryAdminServlet extends AdminServlet { String id = (String) impls.nextElement(); IPluginInfo info = mRegistry.getPluginInfo(scope, id); - nvp.add(id, - info.getClassName() + "," - + info.getDescription(getLocale(req)) + "," - + info.getName(getLocale(req))); - } + nvp.add(id, info.getClassName() + "," + + info.getDescription(getLocale(req)) + "," + info.getName(getLocale(req))); + } sendResponse(SUCCESS, null, nvp, resp); } - public void getSupportedConstraintPolicies(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + public void getSupportedConstraintPolicies(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, IOException { String id = req.getParameter(Constants.RS_ID); if (id == null) { @@ -264,8 +272,8 @@ public class RegistryAdminServlet extends AdminServlet { try { IPluginInfo info = mRegistry.getPluginInfo("defaultPolicy", id); String className = info.getClassName(); - IPolicyDefault policyDefaultClass = (IPolicyDefault) Class.forName( - className).newInstance(); + IPolicyDefault policyDefaultClass = (IPolicyDefault) + Class.forName(className).newInstance(); if (policyDefaultClass != null) { Enumeration impls = mRegistry.getIds("constraintPolicy"); @@ -274,37 +282,28 @@ public class RegistryAdminServlet extends AdminServlet { String constraintID = (String) impls.nextElement(); IPluginInfo constraintInfo = mRegistry.getPluginInfo( "constraintPolicy", constraintID); - IPolicyConstraint policyConstraintClass = (IPolicyConstraint) Class - .forName(constraintInfo.getClassName()) - .newInstance(); + IPolicyConstraint policyConstraintClass = (IPolicyConstraint) + Class.forName(constraintInfo.getClassName()).newInstance(); - CMS.debug("RegistryAdminServlet: getSUpportedConstraint " - + constraintInfo.getClassName()); + CMS.debug("RegistryAdminServlet: getSUpportedConstraint " + constraintInfo.getClassName()); if (policyConstraintClass.isApplicable(policyDefaultClass)) { - CMS.debug("RegistryAdminServlet: getSUpportedConstraint isApplicable " - + constraintInfo.getClassName()); - nvp.add(constraintID, - constraintInfo.getClassName() - + "," - + constraintInfo - .getDescription(getLocale(req)) - + "," - + constraintInfo - .getName(getLocale(req))); + CMS.debug("RegistryAdminServlet: getSUpportedConstraint isApplicable " + constraintInfo.getClassName()); + nvp.add(constraintID, constraintInfo.getClassName() + "," + + constraintInfo.getDescription(getLocale(req)) + "," + constraintInfo.getName(getLocale(req))); } } } } catch (Exception ex) { - CMS.debug("RegistyAdminServlet: getSupportConstraintPolicies: " - + ex.toString()); + CMS.debug("RegistyAdminServlet: getSupportConstraintPolicies: " + ex.toString()); CMS.debug(ex); } sendResponse(SUCCESS, null, nvp, resp); } public void getProfileImplConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException { + HttpServletResponse resp) + throws ServletException, IOException { // Get the policy impl id. String id = req.getParameter(Constants.RS_ID); @@ -321,14 +320,15 @@ public class RegistryAdminServlet extends AdminServlet { sendResponse(ERROR, MISSING_POLICY_IMPL_ID, null, resp); return; } - + NameValuePairs nvp = new NameValuePairs(); String className = info.getClassName(); IConfigTemplate template = null; try { - template = (IConfigTemplate) Class.forName(className).newInstance(); + template = (IConfigTemplate) + Class.forName(className).newInstance(); } catch (Exception e) { } if (template != null) { @@ -336,30 +336,22 @@ public class RegistryAdminServlet extends AdminServlet { if (names != null) { while (names.hasMoreElements()) { - String name = (String) names.nextElement(); - CMS.debug("RegistryAdminServlet: getProfileImpl descriptor " - + name); - IDescriptor desc = template.getConfigDescriptor( - getLocale(req), name); + String name = (String) names.nextElement(); + CMS.debug("RegistryAdminServlet: getProfileImpl descriptor " + name); + IDescriptor desc = template.getConfigDescriptor(getLocale(req), name); if (desc != null) { - try { - String value = getNonNull(desc.getSyntax()) + ";" - + getNonNull(desc.getConstraint()) + ";" - + desc.getDescription(getLocale(req)) + ";" - + getNonNull(desc.getDefaultValue()); - - CMS.debug("RegistryAdminServlet: getProfileImpl " - + value); - nvp.add(name, value); - } catch (Exception e) { - - CMS.debug("RegistryAdminServlet: getProfileImpl skipped descriptor for " - + name); - } + try { + String value = getNonNull(desc.getSyntax()) + ";" + getNonNull(desc.getConstraint()) + ";" + desc.getDescription(getLocale(req)) + ";" + getNonNull(desc.getDefaultValue()); + + CMS.debug("RegistryAdminServlet: getProfileImpl " + value); + nvp.add(name, value); + } catch (Exception e) { + + CMS.debug("RegistryAdminServlet: getProfileImpl skipped descriptor for " + name); + } } else { - CMS.debug("RegistryAdminServlet: getProfileImpl cannot find descriptor for " - + name); + CMS.debug("RegistryAdminServlet: getProfileImpl cannot find descriptor for " + name); } } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java index 2ef01b24..bd96bbec 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.admin; + import java.io.IOException; import java.security.cert.CertificateException; import java.security.cert.CertificateExpiredException; @@ -57,14 +58,16 @@ import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; import com.netscape.cmsutil.util.Cert; + /** - * A class representing an administration servlet for User/Group Manager. It - * communicates with client SDK to allow remote administration of User/Group + * A class representing an administration servlet for + * User/Group Manager. It communicates with client + * SDK to allow remote administration of User/Group * manager. - * - * This servlet will be registered to remote administration subsystem by usrgrp - * manager. - * + * + * This servlet will be registered to remote + * administration subsystem by usrgrp manager. + * * @version $Revision$, $Date$ */ public class UsrGrpAdminServlet extends AdminServlet { @@ -80,20 +83,22 @@ public class UsrGrpAdminServlet extends AdminServlet { private final static String RES_OCSP_GROUP = "certServer.ocsp.group"; private final static String RES_TKS_GROUP = "certServer.tks.group"; private final static String SYSTEM_USER = "$System$"; - // private final static String RES_GROUP = "root.common.goldfish"; + // private final static String RES_GROUP = "root.common.goldfish"; private final static String BACK_SLASH = "\\"; - private final static String LOGGING_SIGNED_AUDIT_CONFIG_ROLE = "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3"; + private final static String LOGGING_SIGNED_AUDIT_CONFIG_ROLE = + "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3"; private IUGSubsystem mMgr = null; private IAuthzSubsystem mAuthz = null; - private static String[] mMultiRoleGroupEnforceList = null; - private final static String MULTI_ROLE_ENABLE = "multiroles.enable"; + private static String [] mMultiRoleGroupEnforceList = null; + private final static String MULTI_ROLE_ENABLE= "multiroles.enable"; private final static String MULTI_ROLE_ENFORCE_GROUP_LIST = "multiroles.false.groupEnforceList"; + /** * Constructs User/Group manager servlet. */ @@ -121,17 +126,17 @@ public class UsrGrpAdminServlet extends AdminServlet { * Serves incoming User/Group management request. */ public void service(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException { + throws ServletException, IOException { super.service(req, resp); String scope = super.getParameter(req, Constants.OP_SCOPE); String op = super.getParameter(req, Constants.OP_TYPE); if (op == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_INVALID_PROTOCOL")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), null, resp); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_INVALID_PROTOCOL")); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PROTOCOL"), + null, resp); return; } @@ -142,57 +147,64 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (IOException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHS_FAILED"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHS_FAILED"), + null, resp); return; } // authorization // temporary test before servlets are exposed with authtoken /* - * SessionContext sc = SessionContext.getContext(); AuthToken authToken - * = (AuthToken) sc.get(SessionContext.AUTH_TOKEN); - * - * AuthzToken authzTok = null; CMS.debug("UserGrpAdminServlet: " + - * CMS.getLogMessage("ADMIN_SRVLT_CHECK_AUTHZ_SUB")); // hardcoded for - * now .. just testing try { authzTok = mAuthz.authorize("DirAclAuthz", - * authToken, RES_GROUP, "read"); } catch (EBaseException e) { - * log(ILogger.LL_FAILURE, - * CMS.getLogMessage("ADMIN_SRVLT_AUTH_CALL_FAIL",e.toString())); } if - * (AuthzToken - * .AUTHZ_STATUS_FAIL.equals(authzTok.get(AuthzToken.TOKEN_AUTHZ_STATUS - * ))) { // audit would have been needed here if this weren't just a - * test... - * - * log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS")); - * - * sendResponse(ERROR, MessageFormatter.getLocalizedString( - * getLocale(req), AdminResources.class.getName(), - * AdminResources.SRVLT_FAIL_AUTHS), null, resp); return; } + SessionContext sc = SessionContext.getContext(); + AuthToken authToken = (AuthToken) sc.get(SessionContext.AUTH_TOKEN); + + AuthzToken authzTok = null; + CMS.debug("UserGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CHECK_AUTHZ_SUB")); + // hardcoded for now .. just testing + try { + authzTok = mAuthz.authorize("DirAclAuthz", authToken, RES_GROUP, "read"); + } catch (EBaseException e) { + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_CALL_FAIL",e.toString())); + } + if (AuthzToken.AUTHZ_STATUS_FAIL.equals(authzTok.get(AuthzToken.TOKEN_AUTHZ_STATUS))) { + // audit would have been needed here if this weren't just a test... + + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_FAIL_AUTHS")); + + sendResponse(ERROR, + MessageFormatter.getLocalizedString( + getLocale(req), + AdminResources.class.getName(), + AdminResources.SRVLT_FAIL_AUTHS), + null, resp); + return; + } */ + try { ISubsystem subsystem = CMS.getSubsystem("ca"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_CA_GROUP; subsystem = CMS.getSubsystem("ra"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_RA_GROUP; subsystem = CMS.getSubsystem("kra"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_KRA_GROUP; subsystem = CMS.getSubsystem("ocsp"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_OCSP_GROUP; subsystem = CMS.getSubsystem("tks"); - if (subsystem != null) + if (subsystem != null) AUTHZ_RES_NAME = RES_TKS_GROUP; if (scope != null) { if (scope.equals(ScopeDef.SC_USER_TYPE)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } @@ -203,8 +215,9 @@ public class UsrGrpAdminServlet extends AdminServlet { if (op.equals(OpDef.OP_READ)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -220,8 +233,9 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_MODIFY)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -237,8 +251,9 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_ADD)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -254,8 +269,9 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_DELETE)) { mOp = "modify"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -268,8 +284,9 @@ public class UsrGrpAdminServlet extends AdminServlet { } else if (op.equals(OpDef.OP_SEARCH)) { mOp = "read"; if ((mToken = super.authorize(req)) == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"), + null, resp); return; } if (scope.equals(ScopeDef.SC_GROUPS)) { @@ -279,30 +296,33 @@ public class UsrGrpAdminServlet extends AdminServlet { findUsers(req, resp); return; } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_INVALID_OP_SCOPE")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), null, resp); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("ADMIN_SRVLT_INVALID_OP_SCOPE")); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_OP_SCOPE"), + null, resp); return; } } } // if } catch (EBaseException e) { log(ILogger.LL_FAILURE, e.toString()); - sendResponse(ERROR, e.toString(getLocale(req)), null, resp); + sendResponse(ERROR, e.toString(getLocale(req)), + null, resp); return; } catch (Exception e) { log(ILogger.LL_FAILURE, e.toString()); - log(ILogger.LL_FAILURE, - CMS.getLogMessage(" ADMIN_SRVLT_FAIL_PERFORM")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_PERFORM_FAILED"), null, resp); + log(ILogger.LL_FAILURE, CMS.getLogMessage(" ADMIN_SRVLT_FAIL_PERFORM")); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_PERFORM_FAILED"), + null, resp); return; } } - private void getUserType(HttpServletRequest req, HttpServletResponse resp) - throws ServletException, IOException, EBaseException { + private void getUserType(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String id = super.getParameter(req, Constants.RS_ID); IUser user = mMgr.getUser(id); @@ -317,42 +337,44 @@ public class UsrGrpAdminServlet extends AdminServlet { } /** - * Retrieves configuration parameters of authentication manager. + * Retrieves configuration parameters of + * authentication manager. */ - private synchronized void getConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void getConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { super.getConfig(mMgr.getConfigStore(), req, resp); } /** - * Sets configuration parameters of User/Group manager. + * Sets configuration parameters of + * User/Group manager. */ - private synchronized void setConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void setConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { super.setConfig(mMgr.getConfigStore(), req, resp); } /** * Lists configuration parameters. */ - private synchronized void listConfig(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void listConfig(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { super.listConfig(mMgr.getConfigStore(), req, resp); } /** - * Searches for users in LDAP directory. List uids only - * + * Searches for users in LDAP directory. List uids only + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findUsers(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void findUsers(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); @@ -362,8 +384,7 @@ public class UsrGrpAdminServlet extends AdminServlet { e = mMgr.listUsers("*"); } catch (Exception ex) { sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), - null, resp); + CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -391,25 +412,27 @@ public class UsrGrpAdminServlet extends AdminServlet { } /** - * List user information. Certificates covered in a separate protocol for - * findUserCerts(). List of group memberships are also provided. - * + * List user information. Certificates covered in a separate + * protocol for findUserCerts(). List of group memberships are + * also provided. + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void findUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -422,8 +445,7 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (Exception e) { e.printStackTrace(); sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), - null, resp); + CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -434,15 +456,15 @@ public class UsrGrpAdminServlet extends AdminServlet { params.add(Constants.PR_USER_STATE, user.getState()); // get list of groups, and get a list of those that this - // uid belongs to + // uid belongs to Enumeration e = null; try { e = mMgr.findGroups("*"); } catch (Exception ex) { ex.printStackTrace(); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_INTERNAL_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -452,7 +474,7 @@ public class UsrGrpAdminServlet extends AdminServlet { IGroup group = (IGroup) e.nextElement(); if (group.isMember(id) == true) { - if (grpString.length() != 0) { + if (grpString.length()!=0) { grpString.append(","); } grpString.append(group.getGroupID()); @@ -465,33 +487,34 @@ public class UsrGrpAdminServlet extends AdminServlet { return; } - log(ILogger.LL_FAILURE, - CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); return; } /** * List user certificate(s) - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findUserCerts(HttpServletRequest req, - HttpServletResponse resp, Locale clientLocale) - throws ServletException, IOException, EBaseException { + private synchronized void findUserCerts(HttpServletRequest req, + HttpServletResponse resp, Locale clientLocale) + throws ServletException, + IOException, EBaseException { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -503,33 +526,32 @@ public class UsrGrpAdminServlet extends AdminServlet { user = mMgr.getUser(id); } catch (Exception e) { e.printStackTrace(); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); return; } if (user == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_USER_NOT_EXIST")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_NOT_EXIST"), null, resp); return; } - X509Certificate[] certs = (X509Certificate[]) user - .getX509Certificates(); + X509Certificate[] certs = + (X509Certificate[]) user.getX509Certificates(); if (certs != null) { for (int i = 0; i < certs.length; i++) { ICertPrettyPrint print = CMS.getCertPrettyPrint(certs[i]); - // add base64 encoding - String base64 = CMS.getEncodedCert(certs[i]); - + // add base64 encoding + String base64 = CMS.getEncodedCert(certs[i]); + // pretty print certs params.add(getCertificateString(certs[i]), - print.toString(clientLocale) + "\n" + base64); + print.toString(clientLocale) + "\n" + base64); } sendResponse(SUCCESS, null, params, resp); return; @@ -548,20 +570,20 @@ public class UsrGrpAdminServlet extends AdminServlet { } // note that it did not represent a certificate fully - return cert.getVersion() + ";" + cert.getSerialNumber().toString() - + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); + return cert.getVersion() + ";" + cert.getSerialNumber().toString() + + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); } /** * Searchess for groups in LDAP server - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group */ - private synchronized void findGroups(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void findGroups(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); Enumeration e = null; @@ -570,9 +592,7 @@ public class UsrGrpAdminServlet extends AdminServlet { e = mMgr.listGroups("*"); } catch (Exception ex) { ex.printStackTrace(); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -591,23 +611,25 @@ public class UsrGrpAdminServlet extends AdminServlet { } /** - * finds a group Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * finds a group + * Request/Response Syntax: + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin */ - private synchronized void findGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void findGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { NameValuePairs params = new NameValuePairs(); - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -617,9 +639,7 @@ public class UsrGrpAdminServlet extends AdminServlet { e = mMgr.findGroups(id); } catch (Exception ex) { ex.printStackTrace(); - sendResponse(ERROR, - CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), - null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -627,14 +647,15 @@ public class UsrGrpAdminServlet extends AdminServlet { IGroup group = (IGroup) e.nextElement(); params.add(Constants.PR_GROUP_GROUP, group.getGroupID()); - params.add(Constants.PR_GROUP_DESC, group.getDescription()); + params.add(Constants.PR_GROUP_DESC, + group.getDescription()); Enumeration members = group.getMemberNames(); StringBuffer membersString = new StringBuffer(); if (members != null) { while (members.hasMoreElements()) { - if (membersString.length() != 0) { + if (membersString.length()!=0) { membersString.append(", "); } @@ -649,11 +670,10 @@ public class UsrGrpAdminServlet extends AdminServlet { sendResponse(SUCCESS, null, params, resp); return; } else { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("USRGRP_SRVLT_GROUP_NOT_EXIST")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_GROUP_NOT_EXIST")); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_GROUP_NOT_EXIST"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_GROUP_NOT_EXIST"), null, resp); return; } @@ -662,26 +682,25 @@ public class UsrGrpAdminServlet extends AdminServlet { /** * Adds a new user to LDAP server * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void addUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -692,52 +711,58 @@ public class UsrGrpAdminServlet extends AdminServlet { String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } if (id.indexOf(BACK_SLASH) != -1) { // backslashes (BS) are not allowed - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_RS_ID_BS")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_RS_ID_BS")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_RS_ID_BS"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_RS_ID_BS"), + null, resp); return; } if (id.equals(SYSTEM_USER)) { // backslashes (BS) are not allowed - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_SPECIAL_ID", id)); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_SPECIAL_ID", id)); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_SPECIAL_ID", id), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_SPECIAL_ID", id), + null, resp); return; } @@ -745,21 +770,22 @@ public class UsrGrpAdminServlet extends AdminServlet { String fname = super.getParameter(req, Constants.PR_USER_FULLNAME); if ((fname == null) || (fname.length() == 0)) { - String msg = CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED_1", "full name"); + String msg = CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED_1", "full name"); log(ILogger.LL_FAILURE, msg); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); sendResponse(ERROR, msg, null, resp); return; - } else + } else user.setFullName(fname); String email = super.getParameter(req, Constants.PR_USER_EMAIL); @@ -777,14 +803,16 @@ public class UsrGrpAdminServlet extends AdminServlet { if (!passwdCheck.isGoodPassword(pword)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); throw new EUsrGrpException(passwdCheck.getReason(pword)); - // UsrGrpResources.BAD_PASSWD); + //UsrGrpResources.BAD_PASSWD); } user.setPassword(pword); @@ -828,17 +856,18 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } - + if (e.hasMoreElements()) { IGroup group = (IGroup) e.nextElement(); @@ -850,34 +879,36 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage( - getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } } // for audit log SessionContext sContext = SessionContext.getContext(); - String adminId = (String) sContext - .get(SessionContext.USER_ID); - + String adminId = (String) sContext.get(SessionContext.USER_ID); + mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.ADDUSERGROUPFORMAT, - new Object[] { adminId, id, groupName }); + AuditFormat.LEVEL, AuditFormat.ADDUSERGROUPFORMAT, + new Object[] {adminId, id, groupName} + ); } NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -888,54 +919,61 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); if (user.getUserID() == null) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED_1", "uid"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED_1", "uid"), null, resp); } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); } return; } catch (LDAPException e) { String errMsg = "addUser()" + e.toString(); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_ADD_USER_FAIL", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_ADD_USER_FAIL", e.toString())); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } catch (Exception e) { log(ILogger.LL_FAILURE, e.toString()); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_ADD_FAILED"), null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -943,51 +981,53 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Adds a certificate to a user * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addUserCert(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void addUserCert(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -998,18 +1038,20 @@ public class UsrGrpAdminServlet extends AdminServlet { String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1023,8 +1065,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1038,8 +1082,7 @@ public class UsrGrpAdminServlet extends AdminServlet { // Base64 decode cert try { - byte bCert[] = (byte[]) (com.netscape.osutil.OSUtil - .AtoB(certsString)); + byte bCert[] = (byte[]) (com.netscape.osutil.OSUtil.AtoB(certsString)); X509Certificate cert = new X509CertImpl(bCert); certs = new X509Certificate[1]; @@ -1049,14 +1092,12 @@ public class UsrGrpAdminServlet extends AdminServlet { boolean assending = true; // could it be a pkcs7 blob? - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_IS_PK_BLOB")); - byte p7Cert[] = (byte[]) (com.netscape.osutil.OSUtil - .AtoB(certsString)); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_IS_PK_BLOB")); + byte p7Cert[] = (byte[]) (com.netscape.osutil.OSUtil.AtoB(certsString)); try { CryptoManager manager = CryptoManager.getInstance(); - + PKCS7 pkcs7 = new PKCS7(p7Cert); X509Certificate p7certs[] = pkcs7.getCertificates(); @@ -1064,14 +1105,15 @@ public class UsrGrpAdminServlet extends AdminServlet { if (p7certs.length == 0) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); return; } // fix for 370099 - cert ordering can not be assumed @@ -1080,44 +1122,37 @@ public class UsrGrpAdminServlet extends AdminServlet { // self-signed and alone? take it. otherwise test // the ordering - if (p7certs[0].getSubjectDN().toString() - .equals(p7certs[0].getIssuerDN().toString()) - && (p7certs.length == 1)) { + if (p7certs[0].getSubjectDN().toString().equals( + p7certs[0].getIssuerDN().toString()) && + (p7certs.length == 1)) { certs[0] = p7certs[0]; - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_SINGLE_CERT_IMPORT")); - } else if (p7certs[0].getIssuerDN().toString() - .equals(p7certs[1].getSubjectDN().toString())) { + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_SINGLE_CERT_IMPORT")); + } else if (p7certs[0].getIssuerDN().toString().equals(p7certs[1].getSubjectDN().toString())) { certs[0] = p7certs[0]; - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_ACEND_ORD")); - } else if (p7certs[1].getIssuerDN().toString() - .equals(p7certs[0].getSubjectDN().toString())) { + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_ACEND_ORD")); + } else if (p7certs[1].getIssuerDN().toString().equals(p7certs[0].getSubjectDN().toString())) { assending = false; - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_DESC_ORD")); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_CHAIN_DESC_ORD")); certs[0] = p7certs[p7certs.length - 1]; } else { // not a chain, or in random order - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_CERT_BAD_CHAIN")); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_BAD_CHAIN")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); return; } - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_CHAIN_STORED_DB", - String.valueOf(p7certs.length))); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CHAIN_STORED_DB", String.valueOf(p7certs.length))); int j = 0; int jBegin = 0; @@ -1132,82 +1167,72 @@ public class UsrGrpAdminServlet extends AdminServlet { } // store the chain into cert db, except for the user cert for (j = jBegin; j < jEnd; j++) { - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage( - "ADMIN_SRVLT_CERT_IN_CHAIN", String - .valueOf(j), String - .valueOf(p7certs[j] - .getSubjectDN()))); - org.mozilla.jss.crypto.X509Certificate leafCert = null; - - leafCert = manager.importCACertPackage(p7certs[j] - .getEncoded()); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_CERT_IN_CHAIN", String.valueOf(j), String.valueOf(p7certs[j].getSubjectDN()))); + org.mozilla.jss.crypto.X509Certificate leafCert = + null; + + leafCert = + manager.importCACertPackage(p7certs[j].getEncoded()); if (leafCert == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NULL")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NULL")); } else { - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NON_NULL")); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_LEAF_CERT_NON_NULL")); } if (leafCert instanceof InternalCertificate) { - ((InternalCertificate) leafCert) - .setSSLTrust(InternalCertificate.VALID_CA - | InternalCertificate.TRUSTED_CA - | InternalCertificate.TRUSTED_CLIENT_CA); + ((InternalCertificate) leafCert).setSSLTrust( + InternalCertificate.VALID_CA | + InternalCertificate.TRUSTED_CA | + InternalCertificate.TRUSTED_CLIENT_CA); } else { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "ADMIN_SRVLT_NOT_INTERNAL_CERT", + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NOT_INTERNAL_CERT", String.valueOf(p7certs[j].getSubjectDN()))); } } /* - * } catch (CryptoManager.UserCertConflictException ex) { // - * got a "user cert" in the chain, most likely the CA // - * cert of this instance, which has a private key. Ignore - * log(ILogger.LL_FAILURE, - * CMS.getLogMessage("ADMIN_SRVLT_PKS7_IGNORED", - * ex.toString())); - */ + } catch (CryptoManager.UserCertConflictException ex) { + // got a "user cert" in the chain, most likely the CA + // cert of this instance, which has a private key. Ignore + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_PKS7_IGNORED", ex.toString())); + */ } catch (Exception ex) { - // ----- - log(ILogger.LL_FAILURE, - CMS.getLogMessage("USRGRP_SRVLT_CERT_ERROR", - ex.toString())); + //----- + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_CERT_ERROR", ex.toString())); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_ERROR"), null, resp); return; } } catch (Exception e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("USRGRP_SRVLT_CERT_O_ERROR", - e.toString())); + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_CERT_O_ERROR", e.toString())); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_O_ERROR"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_O_ERROR"), null, resp); return; } try { - CMS.debug("UsrGrpAdminServlet: " - + CMS.getLogMessage("ADMIN_SRVLT_BEFORE_VALIDITY")); + CMS.debug("UsrGrpAdminServlet: " + CMS.getLogMessage("ADMIN_SRVLT_BEFORE_VALIDITY")); certs[0].checkValidity(); // throw exception if fails user.setX509Certificates(certs); @@ -1216,8 +1241,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1225,50 +1252,55 @@ public class UsrGrpAdminServlet extends AdminServlet { return; } catch (CertificateExpiredException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "ADMIN_SRVLT_ADD_CERT_EXPIRED", + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_ADD_CERT_EXPIRED", String.valueOf(certs[0].getSubjectDN()))); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_EXPIRED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_EXPIRED"), null, resp); return; } catch (CertificateNotYetValidException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "USRGRP_SRVLT_CERT_NOT_YET_VALID", + log(ILogger.LL_FAILURE, CMS.getLogMessage("USRGRP_SRVLT_CERT_NOT_YET_VALID", String.valueOf(certs[0].getSubjectDN()))); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_CERT_NOT_YET_VALID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_CERT_NOT_YET_VALID"), null, resp); return; } catch (LDAPException e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - if (e.getLDAPResultCode() == LDAPException.ATTRIBUTE_OR_VALUE_EXISTS) { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_USER_CERT_EXISTS"), null, resp); + if (e.getLDAPResultCode() == + LDAPException.ATTRIBUTE_OR_VALUE_EXISTS) { + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_USER_CERT_EXISTS"), null, resp); } else { - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); } return; } catch (Exception e) { @@ -1276,78 +1308,82 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); return; } // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Removes a certificate for a user * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * In this method, "certDN" is actually a combination of version, - * serialNumber, issuerDN, and SubjectDN. + * serialNumber, issuerDN, and SubjectDN. * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modifyUserCert(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void modifyUserCert(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1358,18 +1394,20 @@ public class UsrGrpAdminServlet extends AdminServlet { String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1382,8 +1420,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1398,8 +1438,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1410,76 +1452,81 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); return; } // } catch( EBaseException eAudit1 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit1; + // // rethrow the specific exception to be handled later + // throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** - * removes a user. user not removed if belongs to any group (Administrators - * should remove the user from "uniquemember" of any group he/she belongs to - * before trying to remove the user itself. + * removes a user. user not removed if belongs to any group + * (Administrators should remove the user from "uniquemember" of + * any group he/she belongs to before trying to remove the user + * itself. * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void removeUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void removeUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1487,7 +1534,7 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); boolean mustDelete = false; int index = 0; @@ -1498,18 +1545,20 @@ public class UsrGrpAdminServlet extends AdminServlet { } if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } // get list of groups, and see if uid belongs to any @@ -1522,13 +1571,14 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_INTERNAL_ERROR"), null, resp); + sendResponse(ERROR, CMS.getUserMessage(getLocale(req), "CMS_INTERNAL_ERROR"), null, resp); return; } @@ -1541,14 +1591,16 @@ public class UsrGrpAdminServlet extends AdminServlet { } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_FAIL_USER_RMV_G"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_FAIL_USER_RMV_G"), + null, resp); return; } } @@ -1561,8 +1613,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1571,19 +1625,24 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (Exception ex) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_SRVLT_FAIL_USER_RMV"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_SRVLT_FAIL_USER_RMV"), null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1591,51 +1650,53 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * Adds a new group in local scope. * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void addGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void addGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1643,28 +1704,32 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } IGroup group = mMgr.createGroup(id); - String members = super.getParameter(req, Constants.PR_GROUP_USER); - String desc = super.getParameter(req, Constants.PR_GROUP_DESC); + String members = super.getParameter(req, + Constants.PR_GROUP_USER); + String desc = super.getParameter(req, + Constants.PR_GROUP_DESC); if (desc != null) { group.set("description", (Object) desc); @@ -1687,8 +1752,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1697,19 +1764,25 @@ public class UsrGrpAdminServlet extends AdminServlet { } catch (Exception e) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_GROUP_ADD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_GROUP_ADD_FAILED"), + null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1717,51 +1790,53 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * removes a group * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void removeGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void removeGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1769,22 +1844,24 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -1793,16 +1870,22 @@ public class UsrGrpAdminServlet extends AdminServlet { NameValuePairs params = new NameValuePairs(); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.SUCCESS, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); sendResponse(SUCCESS, null, params, resp); } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1810,54 +1893,56 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } /** * modifies a group * <P> - * - * last person of the super power group "Certificate Server Administrators" - * can never be removed. + * + * last person of the super power group "Certificate + * Server Administrators" can never be removed. * <P> - * - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#group + * + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modifyGroup(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void modifyGroup(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1865,28 +1950,31 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } IGroup group = mMgr.createGroup(id); - String desc = super.getParameter(req, Constants.PR_GROUP_DESC); + String desc = super.getParameter(req, + Constants.PR_GROUP_DESC); if (desc != null) { group.set("description", (Object) desc); @@ -1909,20 +1997,20 @@ public class UsrGrpAdminServlet extends AdminServlet { if (multiRole) { group.addMemberName(memberName); } else { - if (isGroupInMultiRoleEnforceList(groupName)) { + if( isGroupInMultiRoleEnforceList(groupName)) { if (!isDuplicate(groupName, memberName)) { group.addMemberName(memberName); } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, - auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - throw new EBaseException(CMS.getUserMessage( - "CMS_BASE_DUPLICATE_ROLES", memberName)); + throw new EBaseException(CMS.getUserMessage("CMS_BASE_DUPLICATE_ROLES", memberName)); } } else { group.addMemberName(memberName); @@ -1939,8 +2027,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -1950,19 +2040,25 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_GROUP_MODIFY_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_GROUP_MODIFY_FAILED"), + null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -1970,58 +2066,61 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } - private boolean isGroupInMultiRoleEnforceList(String groupName) { + private boolean isGroupInMultiRoleEnforceList(String groupName) + { String groupList = null; if (groupName == null || groupName.equals("")) { return true; } if (mMultiRoleGroupEnforceList == null) { - try { - groupList = mConfig.getString(MULTI_ROLE_ENFORCE_GROUP_LIST); - } catch (Exception e) { - } - - if (groupList != null && !groupList.equals("")) { - mMultiRoleGroupEnforceList = groupList.split(","); - for (int j = 0; j < mMultiRoleGroupEnforceList.length; j++) { - mMultiRoleGroupEnforceList[j] = mMultiRoleGroupEnforceList[j] - .trim(); - } - } - } - - if (mMultiRoleGroupEnforceList == null) - return true; - - for (int i = 0; i < mMultiRoleGroupEnforceList.length; i++) { - if (groupName.equals(mMultiRoleGroupEnforceList[i])) { - return true; - } - } - return false; + try { + groupList = mConfig.getString(MULTI_ROLE_ENFORCE_GROUP_LIST); + } catch (Exception e) { + } + + if (groupList != null && !groupList.equals("")) { + mMultiRoleGroupEnforceList = groupList.split(","); + for (int j = 0 ; j < mMultiRoleGroupEnforceList.length; j++) { + mMultiRoleGroupEnforceList[j] = mMultiRoleGroupEnforceList[j].trim(); + } + } + } + + if (mMultiRoleGroupEnforceList == null) + return true; + + for (int i = 0; i < mMultiRoleGroupEnforceList.length; i++) { + if (groupName.equals(mMultiRoleGroupEnforceList[i])) { + return true; + } + } + return false; } private boolean isDuplicate(String groupName, String memberName) { @@ -2030,7 +2129,7 @@ public class UsrGrpAdminServlet extends AdminServlet { // Let's not mess with users that are already a member of this group boolean isMember = false; try { - isMember = mMgr.isMemberOf(memberName, groupName); + isMember = mMgr.isMemberOf(memberName,groupName); } catch (Exception e) { } @@ -2064,26 +2163,25 @@ public class UsrGrpAdminServlet extends AdminServlet { /** * Modifies an existing user in local scope. * <P> - * + * * Request/Response Syntax: - * http://warp.mcom.com/server/certificate/columbo/design/ - * ui/admin-protocol-definition.html#user-admin + * http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring * role information (anything under users/groups) * </ul> - * * @param req HTTP servlet request * @param resp HTTP servlet response * @exception ServletException a servlet error has occurred * @exception IOException an input/output error has occurred * @exception EBaseException an error has occurred */ - private synchronized void modifyUser(HttpServletRequest req, - HttpServletResponse resp) throws ServletException, IOException, - EBaseException { + private synchronized void modifyUser(HttpServletRequest req, + HttpServletResponse resp) throws ServletException, + IOException, EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -2091,22 +2189,24 @@ public class UsrGrpAdminServlet extends AdminServlet { // ensure that any low-level exceptions are reported // to the signed audit log and stored as failures try { - // get id first + //get id first String id = super.getParameter(req, Constants.RS_ID); if (id == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_NULL_RS_ID")); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_ADMIN_SRVLT_NULL_RS_ID"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_NULL_RS_ID"), + null, resp); return; } @@ -2114,15 +2214,17 @@ public class UsrGrpAdminServlet extends AdminServlet { String fname = super.getParameter(req, Constants.PR_USER_FULLNAME); if ((fname == null) || (fname.length() == 0)) { - String msg = CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_MOD_FAILED", "full name"); + String msg = + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED", "full name"); log(ILogger.LL_FAILURE, msg); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2144,14 +2246,16 @@ public class UsrGrpAdminServlet extends AdminServlet { if (!passwdCheck.isGoodPassword(pword)) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); throw new EUsrGrpException(passwdCheck.getReason(pword)); - // UsrGrpResources.BAD_PASSWD); + //UsrGrpResources.BAD_PASSWD); } user.setPassword(pword); @@ -2173,8 +2277,10 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.SUCCESS, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.SUCCESS, + auditParams(req)); audit(auditMessage); @@ -2185,19 +2291,24 @@ public class UsrGrpAdminServlet extends AdminServlet { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, - ILogger.FAILURE, auditParams(req)); + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); - sendResponse(ERROR, CMS.getUserMessage(getLocale(req), - "CMS_USRGRP_USER_MOD_FAILED"), null, resp); + sendResponse(ERROR, + CMS.getUserMessage(getLocale(req), "CMS_USRGRP_USER_MOD_FAILED"), null, resp); return; } } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); @@ -2205,32 +2316,35 @@ public class UsrGrpAdminServlet extends AdminServlet { throw eAudit1; } catch (IOException eAudit2) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - auditSubjectID, ILogger.FAILURE, auditParams(req)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + auditSubjectID, + ILogger.FAILURE, + auditParams(req)); audit(auditMessage); // rethrow the specific exception to be handled later throw eAudit2; // } catch( ServletException eAudit3 ) { - // // store a message in the signed audit log file - // auditMessage = CMS.getLogMessage( - // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, - // auditSubjectID, - // ILogger.FAILURE, - // auditParams( req ) ); + // // store a message in the signed audit log file + // auditMessage = CMS.getLogMessage( + // LOGGING_SIGNED_AUDIT_CONFIG_ROLE, + // auditSubjectID, + // ILogger.FAILURE, + // auditParams( req ) ); // - // audit( auditMessage ); + // audit( auditMessage ); // - // // rethrow the specific exception to be handled later - // throw eAudit3; + // // rethrow the specific exception to be handled later + // throw eAudit3; } } private void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_USRGRP, level, - "UsrGrpAdminServlet: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_USRGRP, + level, "UsrGrpAdminServlet: " + msg); } } |