diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/base')
10 files changed, 1053 insertions, 914 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java index 55b1449a..f5f06bec 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java @@ -99,9 +99,10 @@ import com.netscape.cms.servlet.common.ICMSTemplateFiller; import com.netscape.cms.servlet.common.Utils; import com.netscape.cmsutil.xml.XMLObject; + /** * This is the base class of all CS servlet. - * + * * @version $Revision$, $Date$ */ public abstract class CMSServlet extends HttpServlet { @@ -126,49 +127,76 @@ public abstract class CMSServlet extends HttpServlet { public final static String AUTHZ_CONFIG_STORE = "authz"; public final static String AUTHZ_SRC_XML = "web.xml"; public final static String PROP_AUTHZ_MGR = "AuthzMgr"; - public final static String PROP_ACL = "ACLinfo"; + public final static String PROP_ACL = "ACLinfo"; public final static String AUTHZ_MGR_BASIC = "BasicAclAuthz"; public final static String AUTHZ_MGR_LDAP = "DirAclAuthz"; private final static String FAILED = "1"; private final static String HDR_LANG = "accept-language"; - - // final error message - if error and exception templates don't work + + // final error message - if error and exception templates don't work // send out this text string directly to output. public final static String PROP_FINAL_ERROR_MSG = "finalErrorMsg"; public final static String ERROR_MSG_TOKEN = "$ERROR_MSG"; - public final static String FINAL_ERROR_MSG = "<HTML>\n" - + "<BODY BGCOLOR=white>\n" + "<P>\n" - + "The Certificate System has encountered " - + "an unrecoverable error.\n" + "<P>\n" + "Error Message:<BR>\n" - + "<I>$ERROR_MSG</I>\n" + "<P>\n" - + "Please contact your local administrator for assistance.\n" - + "</BODY>\n" + "</HTML>\n"; + public final static String FINAL_ERROR_MSG = + "<HTML>\n" + + "<BODY BGCOLOR=white>\n" + + "<P>\n" + + "The Certificate System has encountered " + + "an unrecoverable error.\n" + + "<P>\n" + + "Error Message:<BR>\n" + + "<I>$ERROR_MSG</I>\n" + + "<P>\n" + + "Please contact your local administrator for assistance.\n" + + "</BODY>\n" + + "</HTML>\n"; // properties from configuration. - protected final static String PROP_UNAUTHORIZED_TEMPLATE = "unauthorizedTemplate"; - protected final static String UNAUTHORIZED_TEMPLATE = "/GenUnauthorized.template"; - protected final static String PROP_SUCCESS_TEMPLATE = "successTemplate"; - protected final static String SUCCESS_TEMPLATE = "/GenSuccess.template"; - protected final static String PROP_PENDING_TEMPLATE = "pendingTemplate"; - protected final static String PENDING_TEMPLATE = "/GenPending.template"; - protected final static String PROP_SVC_PENDING_TEMPLATE = "svcpendingTemplate"; - protected final static String SVC_PENDING_TEMPLATE = "/GenSvcPending.template"; - protected final static String PROP_REJECTED_TEMPLATE = "rejectedTemplate"; - protected final static String REJECTED_TEMPLATE = "/GenRejected.template"; - protected final static String PROP_ERROR_TEMPLATE = "errorTemplate"; - protected final static String ERROR_TEMPLATE = "/GenError.template"; - protected final static String PROP_EXCEPTION_TEMPLATE = "unexpectedErrorTemplate"; - protected final static String EXCEPTION_TEMPLATE = "/GenUnexpectedError.template"; - - private final static String PROP_UNAUTHOR_TEMPLATE_FILLER = "unauthorizedTemplateFiller"; - protected final static String PROP_SUCCESS_TEMPLATE_FILLER = "successTemplateFiller"; - private final static String PROP_ERROR_TEMPLATE_FILLER = "errorTemplateFiller"; - private final static String PROP_PENDING_TEMPLATE_FILLER = "pendingTemplateFiller"; - private final static String PROP_SVC_PENDING_TEMPLATE_FILLER = "svcpendingTemplateFiller"; - private final static String PROP_REJECTED_TEMPLATE_FILLER = "rejectedTemplateFiller"; - private final static String PROP_EXCEPTION_TEMPLATE_FILLER = "exceptionTemplateFiller"; + protected final static String + PROP_UNAUTHORIZED_TEMPLATE = "unauthorizedTemplate"; + protected final static String + UNAUTHORIZED_TEMPLATE = "/GenUnauthorized.template"; + protected final static String + PROP_SUCCESS_TEMPLATE = "successTemplate"; + protected final static String + SUCCESS_TEMPLATE = "/GenSuccess.template"; + protected final static String + PROP_PENDING_TEMPLATE = "pendingTemplate"; + protected final static String + PENDING_TEMPLATE = "/GenPending.template"; + protected final static String + PROP_SVC_PENDING_TEMPLATE = "svcpendingTemplate"; + protected final static String + SVC_PENDING_TEMPLATE = "/GenSvcPending.template"; + protected final static String + PROP_REJECTED_TEMPLATE = "rejectedTemplate"; + protected final static String + REJECTED_TEMPLATE = "/GenRejected.template"; + protected final static String + PROP_ERROR_TEMPLATE = "errorTemplate"; + protected final static String + ERROR_TEMPLATE = "/GenError.template"; + protected final static String + PROP_EXCEPTION_TEMPLATE = "unexpectedErrorTemplate"; + protected final static String + EXCEPTION_TEMPLATE = "/GenUnexpectedError.template"; + + private final static String + PROP_UNAUTHOR_TEMPLATE_FILLER = "unauthorizedTemplateFiller"; + protected final static String + PROP_SUCCESS_TEMPLATE_FILLER = "successTemplateFiller"; + private final static String + PROP_ERROR_TEMPLATE_FILLER = "errorTemplateFiller"; + private final static String + PROP_PENDING_TEMPLATE_FILLER = "pendingTemplateFiller"; + private final static String + PROP_SVC_PENDING_TEMPLATE_FILLER = "svcpendingTemplateFiller"; + private final static String + PROP_REJECTED_TEMPLATE_FILLER = "rejectedTemplateFiller"; + private final static String + PROP_EXCEPTION_TEMPLATE_FILLER = "exceptionTemplateFiller"; protected final static String RA_AGENT_GROUP = "Registration Manager Agents"; protected final static String CA_AGENT_GROUP = "Certificate Manager Agents"; @@ -178,19 +206,25 @@ public abstract class CMSServlet extends HttpServlet { protected final static String ADMIN_GROUP = "Administrators"; // default http params NOT to save in request.(config values added to list ) - private static final String PROP_DONT_SAVE_HTTP_PARAMS = "dontSaveHttpParams"; - private static final String[] DONT_SAVE_HTTP_PARAMS = { "pwd", "password", - "passwd", "challengePassword", "confirmChallengePassword" }; + private static final String + PROP_DONT_SAVE_HTTP_PARAMS = "dontSaveHttpParams"; + private static final String[] + DONT_SAVE_HTTP_PARAMS = { "pwd", "password", "passwd", + "challengePassword", "confirmChallengePassword" }; // default http headers to save in request. (config values added to list) - private static final String PROP_SAVE_HTTP_HEADERS = "saveHttpHeaders"; - private static final String[] SAVE_HTTP_HEADERS = { "accept-language", - "user-agent", }; + private static final String + PROP_SAVE_HTTP_HEADERS = "saveHttpHeaders"; + private static final String[] + SAVE_HTTP_HEADERS = { "accept-language", "user-agent", }; // request prefixes to distinguish from other request attributes. - public static final String PFX_HTTP_HEADER = "HTTP_HEADER"; - public static final String PFX_HTTP_PARAM = "HTTP_PARAM"; - public static final String PFX_AUTH_TOKEN = "AUTH_TOKEN"; + public static final String + PFX_HTTP_HEADER = "HTTP_HEADER"; + public static final String + PFX_HTTP_PARAM = "HTTP_PARAM"; + public static final String + PFX_AUTH_TOKEN = "AUTH_TOKEN"; /* input http params */ protected final static String AUTHMGR_PARAM = "authenticator"; @@ -198,9 +232,10 @@ public abstract class CMSServlet extends HttpServlet { /* fixed credential passed to auth managers */ protected final static String CERT_AUTH_CRED = "sslClientCert"; - public static final String CERT_ATTR = "javax.servlet.request.X509Certificate"; + public static final String CERT_ATTR = + "javax.servlet.request.X509Certificate"; - // members. + // members. protected boolean mRenderResult = true; protected String mFinalErrorMsg = FINAL_ERROR_MSG; @@ -208,7 +243,7 @@ public abstract class CMSServlet extends HttpServlet { protected ServletConfig mServletConfig = null; protected ServletContext mServletContext = null; - private CMSFileLoader mFileLoader = null; + private CMSFileLoader mFileLoader = null; protected Vector mDontSaveHttpParams = new Vector(); protected Vector mSaveHttpHeaders = new Vector(); @@ -216,14 +251,14 @@ public abstract class CMSServlet extends HttpServlet { protected String mId = null; protected IConfigStore mConfig = null; - // the authority, RA, CA, KRA this servlet is serving. + // the authority, RA, CA, KRA this servlet is serving. protected IAuthority mAuthority = null; protected IRequestQueue mRequestQueue = null; // system logger. protected ILogger mLogger = CMS.getLogger(); protected int mLogCategory = ILogger.S_OTHER; - private MessageDigest mSHADigest = null; + private MessageDigest mSHADigest = null; protected String mGetClientCert = "false"; protected String mAuthMgr = null; @@ -234,14 +269,19 @@ public abstract class CMSServlet extends HttpServlet { protected ILogger mSignedAuditLogger = CMS.getSignedAuditLogger(); protected String mOutputTemplatePath = null; - private IUGSubsystem mUG = (IUGSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_UG); - - private final static String LOGGING_SIGNED_AUDIT_AUTH_FAIL = "LOGGING_SIGNED_AUDIT_AUTH_FAIL_4"; - private final static String LOGGING_SIGNED_AUDIT_AUTH_SUCCESS = "LOGGING_SIGNED_AUDIT_AUTH_SUCCESS_3"; - private final static String LOGGING_SIGNED_AUDIT_AUTHZ_FAIL = "LOGGING_SIGNED_AUDIT_AUTHZ_FAIL_4"; - private final static String LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS = "LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS_4"; - private final static String LOGGING_SIGNED_AUDIT_ROLE_ASSUME = "LOGGING_SIGNED_AUDIT_ROLE_ASSUME_3"; + private IUGSubsystem mUG = (IUGSubsystem) + CMS.getSubsystem(CMS.SUBSYSTEM_UG); + + private final static String LOGGING_SIGNED_AUDIT_AUTH_FAIL = + "LOGGING_SIGNED_AUDIT_AUTH_FAIL_4"; + private final static String LOGGING_SIGNED_AUDIT_AUTH_SUCCESS = + "LOGGING_SIGNED_AUDIT_AUTH_SUCCESS_3"; + private final static String LOGGING_SIGNED_AUDIT_AUTHZ_FAIL = + "LOGGING_SIGNED_AUDIT_AUTHZ_FAIL_4"; + private final static String LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS = + "LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS_4"; + private final static String LOGGING_SIGNED_AUDIT_ROLE_ASSUME = + "LOGGING_SIGNED_AUDIT_ROLE_ASSUME_3"; public CMSServlet() { } @@ -283,36 +323,38 @@ public abstract class CMSServlet extends HttpServlet { String authority = sc.getInitParameter(PROP_AUTHORITY); if (authority != null) - mAuthority = (IAuthority) CMS.getSubsystem(authority); + mAuthority = (IAuthority) + CMS.getSubsystem(authority); if (mAuthority != null) mRequestQueue = mAuthority.getRequestQueue(); - // set default templates. + // set default templates. setDefaultTemplates(sc); // for logging to the right authority category. if (mAuthority == null) { mLogCategory = ILogger.S_OTHER; } else { - if (mAuthority instanceof ICertificateAuthority) + if (mAuthority instanceof ICertificateAuthority) mLogCategory = ILogger.S_CA; - else if (mAuthority instanceof IRegistrationAuthority) + else if (mAuthority instanceof IRegistrationAuthority) mLogCategory = ILogger.S_RA; - else if (mAuthority instanceof IKeyRecoveryAuthority) + else if (mAuthority instanceof IKeyRecoveryAuthority) mLogCategory = ILogger.S_KRA; - else + else mLogCategory = ILogger.S_OTHER; } try { - // get final error message. + // get final error message. // used when templates can't even be loaded. - String eMsg = sc.getInitParameter(PROP_FINAL_ERROR_MSG); + String eMsg = + sc.getInitParameter(PROP_FINAL_ERROR_MSG); if (eMsg != null) mFinalErrorMsg = eMsg; - // get any configured templates. + // get any configured templates. Enumeration templs = mTemplates.elements(); while (templs.hasMoreElements()) { @@ -321,11 +363,13 @@ public abstract class CMSServlet extends HttpServlet { if (templ == null || templ.mPropName == null) { continue; } - String tName = sc.getInitParameter(templ.mPropName); + String tName = + sc.getInitParameter(templ.mPropName); if (tName != null) templ.mTemplateName = tName; - String fillerName = sc.getInitParameter(templ.mFillerPropName); + String fillerName = + sc.getInitParameter(templ.mFillerPropName); if (fillerName != null) { ICMSTemplateFiller filler = newFillerObject(fillerName); @@ -335,32 +379,32 @@ public abstract class CMSServlet extends HttpServlet { } } - // get http params NOT to store in a IRequest and - // get http headers TO store in a IRequest. + // get http params NOT to store in a IRequest and + // get http headers TO store in a IRequest. getDontSaveHttpParams(sc); getSaveHttpHeaders(sc); } catch (Exception e) { - // should never occur since we provide defaults above. - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_CONF_TEMP_PARAMS", - e.toString())); + // should never occur since we provide defaults above. + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_CONF_TEMP_PARAMS", + e.toString())); throw new ServletException(e.toString()); } try { mSHADigest = MessageDigest.getInstance("SHA1"); } catch (NoSuchAlgorithmException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_CONF_TEMP_PARAMS", - e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_CONF_TEMP_PARAMS", + e.toString())); throw new ServletException(e.toString()); } } - + public String getId() { return mId; } - + public String getAuthMgr() { return mAuthMgr; } @@ -372,51 +416,56 @@ public abstract class CMSServlet extends HttpServlet { return false; } - public void outputHttpParameters(HttpServletRequest httpReq) { - CMS.debug("CMSServlet:service() uri = " + httpReq.getRequestURI()); + public void outputHttpParameters(HttpServletRequest httpReq) + { + CMS.debug("CMSServlet:service() uri = " + httpReq.getRequestURI()); Enumeration paramNames = httpReq.getParameterNames(); while (paramNames.hasMoreElements()) { - String pn = (String) paramNames.nextElement(); + String pn = (String)paramNames.nextElement(); // added this facility so that password can be hidden, - // all sensitive parameters should be prefixed with + // all sensitive parameters should be prefixed with // __ (double underscores); however, in the event that // a security parameter slips through, we perform multiple // additional checks to insure that it is NOT displayed - if (pn.startsWith("__") || pn.endsWith("password") - || pn.endsWith("passwd") || pn.endsWith("pwd") - || pn.equalsIgnoreCase("admin_password_again") - || pn.equalsIgnoreCase("directoryManagerPwd") - || pn.equalsIgnoreCase("bindpassword") - || pn.equalsIgnoreCase("bindpwd") - || pn.equalsIgnoreCase("passwd") - || pn.equalsIgnoreCase("password") - || pn.equalsIgnoreCase("pin") || pn.equalsIgnoreCase("pwd") - || pn.equalsIgnoreCase("pwdagain") - || pn.startsWith("p12Password") - || pn.equalsIgnoreCase("uPasswd")) { - CMS.debug("CMSServlet::service() param name='" + pn - + "' value='(sensitive)'"); + if( pn.startsWith("__") || + pn.endsWith("password") || + pn.endsWith("passwd") || + pn.endsWith("pwd") || + pn.equalsIgnoreCase("admin_password_again") || + pn.equalsIgnoreCase("directoryManagerPwd") || + pn.equalsIgnoreCase("bindpassword") || + pn.equalsIgnoreCase("bindpwd") || + pn.equalsIgnoreCase("passwd") || + pn.equalsIgnoreCase("password") || + pn.equalsIgnoreCase("pin") || + pn.equalsIgnoreCase("pwd") || + pn.equalsIgnoreCase("pwdagain") || + pn.startsWith("p12Password") || + pn.equalsIgnoreCase("uPasswd") ) { + CMS.debug("CMSServlet::service() param name='" + pn + + "' value='(sensitive)'" ); } else { - CMS.debug("CMSServlet::service() param name='" + pn - + "' value='" + httpReq.getParameter(pn) + "'"); + CMS.debug("CMSServlet::service() param name='" + pn + + "' value='" + httpReq.getParameter(pn) + "'" ); } } } - public void service(HttpServletRequest httpReq, HttpServletResponse httpResp) - throws ServletException, IOException { + public void service(HttpServletRequest httpReq, + HttpServletResponse httpResp) + throws ServletException, IOException { boolean running_state = CMS.isInRunningState(); if (!running_state) - throw new IOException("CS server is not ready to serve."); + throw new IOException( + "CS server is not ready to serve."); try { if (CMS.getConfigStore().getBoolean("useThreadNaming", false)) { String currentName = Thread.currentThread().getName(); - Thread.currentThread().setName( - currentName + "-" + httpReq.getServletPath()); + Thread.currentThread().setName(currentName + "-" + httpReq.getServletPath()); } } catch (Exception e) { } @@ -424,17 +473,16 @@ public abstract class CMSServlet extends HttpServlet { httpReq.setCharacterEncoding("UTF-8"); if (CMS.debugOn()) { - outputHttpParameters(httpReq); + outputHttpParameters(httpReq); } CMS.debug("CMSServlet: " + mId + " start to service."); String className = this.getClass().getName(); - // get a cms request + // get a cms request CMSRequest cmsRequest = newCMSRequest(); - // set argblock - cmsRequest.setHttpParams(CMS.createArgBlock("http-request-params", - toHashtable(httpReq))); + // set argblock + cmsRequest.setHttpParams(CMS.createArgBlock("http-request-params",toHashtable(httpReq))); // set http request cmsRequest.setHttpReq(httpReq); @@ -463,36 +511,30 @@ public abstract class CMSServlet extends HttpServlet { ICommandQueue iCommandQueue = CMS.getCommandQueue(); try { - if (iCommandQueue.registerProcess((Object) cmsRequest, - (Object) this) == false) { + if (iCommandQueue.registerProcess((Object) cmsRequest, (Object) this) == false) { cmsRequest.setStatus(CMSRequest.ERROR); renderResult(cmsRequest); SessionContext.releaseContext(); return; - } + } long startTime = CMS.getCurrentDate().getTime(); process(cmsRequest); renderResult(cmsRequest); Date endDate = CMS.getCurrentDate(); long endTime = endDate.getTime(); if (CMS.debugOn()) { - CMS.debug(CMS.DEBUG_INFORM, "CMSServlet: curDate=" + endDate - + " id=" + mId + " time=" + (endTime - startTime)); + CMS.debug(CMS.DEBUG_INFORM, "CMSServlet: curDate=" + endDate + " id=" + mId + " time=" + (endTime - startTime)); } - iCommandQueue - .unRegisterProccess((Object) cmsRequest, (Object) this); + iCommandQueue.unRegisterProccess((Object) cmsRequest, (Object) this); } catch (EBaseException e) { - iCommandQueue - .unRegisterProccess((Object) cmsRequest, (Object) this); - // ByteArrayOutputStream os = new ByteArrayOutputStream(); for - // debugging only + iCommandQueue.unRegisterProccess((Object) cmsRequest, (Object) this); + // ByteArrayOutputStream os = new ByteArrayOutputStream(); for debugging only // PrintStream ps = new PrintStream(os); - // e.printStackTrace(ps); + //e.printStackTrace(ps); log(e.toString()); renderException(cmsRequest, e); } catch (Exception ex) { - iCommandQueue - .unRegisterProccess((Object) cmsRequest, (Object) this); + iCommandQueue.unRegisterProccess((Object) cmsRequest, (Object) this); ByteArrayOutputStream os = new ByteArrayOutputStream(); PrintStream ps = new PrintStream(os); @@ -509,36 +551,39 @@ public abstract class CMSServlet extends HttpServlet { /** * Create a new CMSRequest object. This should be overriden by servlets - * implementing different types of request - * - * @return a new CMSRequest object + * implementing different types of request + * @return a new CMSRequest object */ protected CMSRequest newCMSRequest() { return new CMSRequest(); } /** - * process an HTTP request. Servlets must override this with their own - * implementation - * - * @throws EBaseException if the servlet was unable to satisfactorily - * process the request + * process an HTTP request. Servlets must override this with their + * own implementation + * @throws EBaseException if the servlet was unable to satisfactorily + * process the request */ - protected void process(CMSRequest cmsRequest) throws EBaseException { + protected void process(CMSRequest cmsRequest) + throws EBaseException + { } + /** - * Output a template. If an error occurs while outputing the template the - * exception template is used to display the error. + * Output a template. + * If an error occurs while outputing the template the exception template + * is used to display the error. * * @param cmsReq the CS request */ - protected void renderResult(CMSRequest cmsReq) throws IOException { + protected void renderResult(CMSRequest cmsReq) + throws IOException { if (!mRenderResult) return; Integer status = cmsReq.getStatus(); - + CMSLoadTemplate ltempl = (CMSLoadTemplate) mTemplates.get(status); if (ltempl == null || ltempl.mTemplateName == null) { @@ -549,12 +594,13 @@ public abstract class CMSServlet extends HttpServlet { renderTemplate(cmsReq, ltempl.mTemplateName, filler); } - + private static final String PRESERVED = "preserved"; public static final String TEMPLATE_NAME = "templateName"; - + protected void outputArgBlockAsXML(XMLObject xmlObj, Node parent, - String argBlockName, IArgBlock argBlock) { + String argBlockName, IArgBlock argBlock) + { Node argBlockContainer = xmlObj.createContainer(parent, argBlockName); if (argBlock != null) { @@ -568,15 +614,15 @@ public abstract class CMSServlet extends HttpServlet { } } - protected void outputXML(HttpServletResponse httpResp, - CMSTemplateParams params) { + protected void outputXML(HttpServletResponse httpResp, CMSTemplateParams params) + { XMLObject xmlObj = null; try { xmlObj = new XMLObject(); Node root = xmlObj.createRoot("xml"); outputArgBlockAsXML(xmlObj, root, "header", params.getHeader()); - outputArgBlockAsXML(xmlObj, root, "fixed", params.getFixed()); + outputArgBlockAsXML(xmlObj, root, "fixed", params.getFixed()); Enumeration records = params.queryRecords(); Node recordsNode = xmlObj.createContainer(root, "records"); @@ -598,19 +644,20 @@ public abstract class CMSServlet extends HttpServlet { } } - protected void renderTemplate(CMSRequest cmsReq, String templateName, - ICMSTemplateFiller filler) throws IOException { + protected void renderTemplate( + CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler) + throws IOException { try { IArgBlock httpParams = cmsReq.getHttpParams(); Locale[] locale = new Locale[1]; - CMSTemplate template = getTemplate(templateName, - cmsReq.getHttpReq(), locale); + CMSTemplate template = + getTemplate(templateName, cmsReq.getHttpReq(), locale); CMSTemplateParams templateParams = null; if (filler != null) { - templateParams = filler.getTemplateParams(cmsReq, mAuthority, - locale[0], null); + templateParams = filler.getTemplateParams( + cmsReq, mAuthority, locale[0], null); } // just output arg blocks as XML @@ -623,7 +670,8 @@ public abstract class CMSServlet extends HttpServlet { } if (httpParams != null) { - String httpTemplateName = httpParams.getValueAsString( + String httpTemplateName = + httpParams.getValueAsString( TEMPLATE_NAME, null); if (httpTemplateName != null) { @@ -631,13 +679,14 @@ public abstract class CMSServlet extends HttpServlet { } } - if (templateParams == null) + if (templateParams == null) templateParams = new CMSTemplateParams(null, null); - // #359630 - // inject preserved http parameter into the template + // #359630 + // inject preserved http parameter into the template if (httpParams != null) { - String preserved = httpParams.getValueAsString(PRESERVED, null); + String preserved = httpParams.getValueAsString( + PRESERVED, null); if (preserved != null) { IArgBlock fixed = templateParams.getFixed(); @@ -655,56 +704,52 @@ public abstract class CMSServlet extends HttpServlet { cmsReq.getHttpResp().setContentLength(bos.size()); bos.writeTo(cmsReq.getHttpResp().getOutputStream()); } catch (Exception e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_OUT_TEMPLATE", templateName, - e.toString())); - renderException( - cmsReq, - new ECMSGWException(CMS - .getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"))); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_OUT_TEMPLATE", templateName, e.toString())); + renderException(cmsReq, + new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE"))); return; } } /** - * Output exception (unexpected error) template This is different from other - * templates in that if an exception occurs while rendering the exception a - * message is printed out directly. If the message gets an error an - * IOException is thrown. In others if an exception occurs while rendering - * the template the exception template (this) is called. + * Output exception (unexpected error) template + * This is different from other templates in that if an exception occurs + * while rendering the exception a message is printed out directly. + * If the message gets an error an IOException is thrown. + * In others if an exception occurs while rendering the template the + * exception template (this) is called. * <p> - * * @param cmsReq the CS request to pass to template filler if any. * @param e the unexpected exception */ - protected void renderException(CMSRequest cmsReq, EBaseException e) - throws IOException { + protected void renderException(CMSRequest cmsReq, EBaseException e) + throws IOException { try { Locale[] locale = new Locale[1]; - CMSLoadTemplate loadTempl = (CMSLoadTemplate) mTemplates - .get(CMSRequest.EXCEPTION); - CMSTemplate template = getTemplate(loadTempl.mTemplateName, + CMSLoadTemplate loadTempl = + (CMSLoadTemplate) mTemplates.get(CMSRequest.EXCEPTION); + CMSTemplate template = getTemplate(loadTempl.mTemplateName, cmsReq.getHttpReq(), locale); ICMSTemplateFiller filler = loadTempl.mFiller; CMSTemplateParams templateParams = null; // When an exception occurs the exit is non-local which probably // will leave the requestStatus value set to something other - // than CMSRequest.EXCEPTION, so force the requestStatus to - // EXCEPTION since it must be that if we're here. + // than CMSRequest.EXCEPTION, so force the requestStatus to + // EXCEPTION since it must be that if we're here. cmsReq.setStatus(CMSRequest.EXCEPTION); if (filler != null) { - templateParams = filler.getTemplateParams(cmsReq, mAuthority, - locale[0], e); + templateParams = filler.getTemplateParams( + cmsReq, mAuthority, locale[0], e); } if (templateParams == null) { - templateParams = new CMSTemplateParams(null, - CMS.createArgBlock()); + templateParams = new CMSTemplateParams(null, CMS.createArgBlock()); } if (e != null) { - templateParams.getFixed().set(ICMSTemplateFiller.EXCEPTION, - e.toString(locale[0])); + templateParams.getFixed().set( + ICMSTemplateFiller.EXCEPTION, e.toString(locale[0])); } // just output arg blocks as XML @@ -727,24 +772,25 @@ public abstract class CMSServlet extends HttpServlet { } } - public void renderFinalError(CMSRequest cmsReq, Exception ex) - throws IOException { - // this template is the last resort for all other unexpected - // errors in other templates so we can only output text. + public void renderFinalError(CMSRequest cmsReq, Exception ex) + throws IOException { + // this template is the last resort for all other unexpected + // errors in other templates so we can only output text. HttpServletResponse httpResp = cmsReq.getHttpResp(); httpResp.setContentType("text/html"); ServletOutputStream out = httpResp.getOutputStream(); - - // replace $ERRORMSG with exception message if included. + + // replace $ERRORMSG with exception message if included. String finalErrMsg = mFinalErrorMsg; int tokenIdx = mFinalErrorMsg.indexOf(ERROR_MSG_TOKEN); if (tokenIdx != -1) { - finalErrMsg = mFinalErrorMsg.substring(0, tokenIdx) - + ex.toString() - + mFinalErrorMsg.substring(tokenIdx - + ERROR_MSG_TOKEN.length()); + finalErrMsg = + mFinalErrorMsg.substring(0, tokenIdx) + + ex.toString() + + mFinalErrorMsg.substring( + tokenIdx + ERROR_MSG_TOKEN.length()); } out.println(finalErrMsg); return; @@ -757,23 +803,31 @@ public abstract class CMSServlet extends HttpServlet { SSLSocket s = null; /* - * try { s = (SSLSocket) ((HTTPRequest) - * httpReq).getConnection().getSocket(); } catch (ClassCastException e) - * { CMS.getLogger().log( ILogger.EV_SYSTEM, ILogger.S_OTHER, - * ILogger.LL_WARN, CMS.getLogMessage("CMSGW_SSL_NO_INVALIDATE")); // - * ignore. return; } try { s.invalidateSession(); s.resetHandshake(); - * }catch (SocketException se) { } + try { + s = (SSLSocket) ((HTTPRequest) httpReq).getConnection().getSocket(); + } catch (ClassCastException e) { + CMS.getLogger().log( + ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_WARN, + CMS.getLogMessage("CMSGW_SSL_NO_INVALIDATE")); + // ignore. + return; + } + try { + s.invalidateSession(); + s.resetHandshake(); + }catch (SocketException se) { + } */ return; } /** - * construct a authentication credentials to pass into authentication + * construct a authentication credentials to pass into authentication * manager. */ - public static AuthCredentials getAuthCreds(IAuthManager authMgr, - IArgBlock argBlock, X509Certificate clientCert) - throws EBaseException { + public static AuthCredentials getAuthCreds( + IAuthManager authMgr, IArgBlock argBlock, X509Certificate clientCert) + throws EBaseException { // get credentials from http parameters. String[] reqCreds = authMgr.getRequiredCreds(); AuthCredentials creds = new AuthCredentials(); @@ -783,7 +837,8 @@ public abstract class CMSServlet extends HttpServlet { if (reqCred.equals(IAuthManager.CRED_SSL_CLIENT_CERT)) { // cert could be null; - creds.set(reqCred, new X509Certificate[] { clientCert }); + creds.set(reqCred, new X509Certificate[] { clientCert} + ); } else { String value = argBlock.getValueAsString(reqCred); @@ -799,33 +854,32 @@ public abstract class CMSServlet extends HttpServlet { /** * get ssl client authenticated certificate */ - protected X509Certificate getSSLClientCertificate(HttpServletRequest httpReq) - throws EBaseException { + protected X509Certificate + getSSLClientCertificate(HttpServletRequest httpReq) + throws EBaseException { X509Certificate cert = null; - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_INFO, - CMS.getLogMessage("CMSGW_GETTING_SSL_CLIENT_CERT")); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_INFO, + CMS.getLogMessage("CMSGW_GETTING_SSL_CLIENT_CERT")); - // iws60 support Java Servlet Spec V2.2, attribute + // iws60 support Java Servlet Spec V2.2, attribute // javax.servlet.request.X509Certificate now contains array // of X509Certificates instead of one X509Certificate object - X509Certificate[] allCerts = (X509Certificate[]) httpReq - .getAttribute(CERT_ATTR); + X509Certificate[] allCerts = (X509Certificate[]) httpReq.getAttribute(CERT_ATTR); if (allCerts == null || allCerts.length == 0) { - throw new EBaseException( - "You did not provide a valid certificate for this operation"); + throw new EBaseException("You did not provide a valid certificate for this operation"); } cert = allCerts[0]; if (cert == null) { // just don't have a cert. - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_SSL_CL_CERT_FAIL")); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_SSL_CL_CERT_FAIL")); return null; - } + } // convert to sun's x509 cert interface. try { @@ -834,58 +888,53 @@ public abstract class CMSServlet extends HttpServlet { cert = new X509CertImpl(certEncoded); } catch (CertificateEncodingException e) { mLogger.log( - ILogger.EV_SYSTEM, - ILogger.S_OTHER, - ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_SSL_CL_CERT_FAIL_ENCODE", - e.getMessage())); + ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_SSL_CL_CERT_FAIL_ENCODE", e.getMessage())); return null; } catch (CertificateException e) { mLogger.log( - ILogger.EV_SYSTEM, - ILogger.S_OTHER, - ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_SSL_CL_CERT_FAIL_DECODE", - e.getMessage())); + ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_SSL_CL_CERT_FAIL_DECODE", e.getMessage())); return null; } - return cert; + return cert; } /** * get a template based on result status. */ - protected CMSTemplate getTemplate(String templateName, - HttpServletRequest httpReq, Locale[] locale) throws EBaseException, - IOException { + protected CMSTemplate getTemplate( + String templateName, HttpServletRequest httpReq, Locale[] locale) + throws EBaseException, IOException { // this converts to system dependent file seperator char. if (mServletConfig == null) { - CMS.debug("CMSServlet:getTemplate() - mServletConfig is null!"); + CMS.debug( "CMSServlet:getTemplate() - mServletConfig is null!" ); return null; } if (mServletConfig.getServletContext() == null) { } if (templateName == null) { } - String realpath = mServletConfig.getServletContext().getRealPath( - "/" + templateName); + String realpath = + mServletConfig.getServletContext().getRealPath("/" + templateName); if (realpath == null) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_NO_FIND_TEMPLATE", templateName)); - throw new ECMSGWException( - CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE")); + mLogger.log( + ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_NO_FIND_TEMPLATE", templateName)); + throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE")); } File realpathFile = new File(realpath); - File templateFile = getLangFile(httpReq, realpathFile, locale); + File templateFile = + getLangFile(httpReq, realpathFile, locale); String charSet = httpReq.getCharacterEncoding(); if (charSet == null) { charSet = "UTF8"; } - CMSTemplate template = (CMSTemplate) mFileLoader.getCMSFile( - templateFile, charSet); + CMSTemplate template = + (CMSTemplate) mFileLoader.getCMSFile(templateFile, charSet); return template; } @@ -894,12 +943,13 @@ public abstract class CMSServlet extends HttpServlet { * log according to authority category. */ protected void log(int event, int level, String msg) { - mLogger.log(event, mLogCategory, level, "Servlet " + mId + ": " + msg); + mLogger.log(event, mLogCategory, level, + "Servlet " + mId + ": " + msg); } protected void log(int level, String msg) { - mLogger.log(ILogger.EV_SYSTEM, mLogCategory, level, "Servlet " + mId - + ": " + msg); + mLogger.log(ILogger.EV_SYSTEM, mLogCategory, level, + "Servlet " + mId + ": " + msg); } /** @@ -912,10 +962,11 @@ public abstract class CMSServlet extends HttpServlet { for (int i = 0; i < DONT_SAVE_HTTP_PARAMS.length; i++) { mDontSaveHttpParams.addElement(DONT_SAVE_HTTP_PARAMS[i]); } - dontSaveParams = sc.getInitParameter(PROP_DONT_SAVE_HTTP_PARAMS); + dontSaveParams = sc.getInitParameter( + PROP_DONT_SAVE_HTTP_PARAMS); if (dontSaveParams != null) { - StringTokenizer params = new StringTokenizer(dontSaveParams, - ","); + StringTokenizer params = + new StringTokenizer(dontSaveParams, ","); while (params.hasMoreTokens()) { String param = params.nextToken(); @@ -925,8 +976,8 @@ public abstract class CMSServlet extends HttpServlet { } } catch (Exception e) { // should never happen - log(ILogger.LL_WARN, CMS.getLogMessage("CMSGW_NO_CONFIG_VALUE", - PROP_DONT_SAVE_HTTP_PARAMS, e.toString())); + log(ILogger.LL_WARN, + CMS.getLogMessage("CMSGW_NO_CONFIG_VALUE", PROP_DONT_SAVE_HTTP_PARAMS, e.toString())); // default just in case. for (int i = 0; i < DONT_SAVE_HTTP_PARAMS.length; i++) { mDontSaveHttpParams.addElement(DONT_SAVE_HTTP_PARAMS[i]); @@ -946,10 +997,12 @@ public abstract class CMSServlet extends HttpServlet { } // now get from config file if there's more. - String saveHeaders = sc.getInitParameter(PROP_SAVE_HTTP_HEADERS); + String saveHeaders = + sc.getInitParameter(PROP_SAVE_HTTP_HEADERS); - if (saveHeaders != null) { - StringTokenizer headers = new StringTokenizer(saveHeaders, ","); + if (saveHeaders != null) { + StringTokenizer headers = + new StringTokenizer(saveHeaders, ","); while (headers.hasMoreTokens()) { String hdr = headers.nextToken(); @@ -959,8 +1012,7 @@ public abstract class CMSServlet extends HttpServlet { } } catch (Exception e) { // should never happen - log(ILogger.LL_WARN, CMS.getLogMessage("CMSGW_NO_CONFIG_VALUE", - PROP_SAVE_HTTP_HEADERS, e.toString())); + log(ILogger.LL_WARN, CMS.getLogMessage("CMSGW_NO_CONFIG_VALUE", PROP_SAVE_HTTP_HEADERS, e.toString())); return; } } @@ -968,8 +1020,9 @@ public abstract class CMSServlet extends HttpServlet { /** * save http headers in a IRequest. */ - protected void saveHttpHeaders(HttpServletRequest httpReq, IRequest req) - throws EBaseException { + protected void saveHttpHeaders( + HttpServletRequest httpReq, IRequest req) + throws EBaseException { Hashtable headers = new Hashtable(); Enumeration hdrs = mSaveHttpHeaders.elements(); @@ -987,7 +1040,8 @@ public abstract class CMSServlet extends HttpServlet { /** * save http headers in a IRequest. */ - protected void saveHttpParams(IArgBlock httpParams, IRequest req) { + protected void saveHttpParams( + IArgBlock httpParams, IRequest req) { Hashtable saveParams = new Hashtable(); Enumeration names = httpParams.elements(); @@ -1021,18 +1075,17 @@ public abstract class CMSServlet extends HttpServlet { * handy routine for getting a cert record given a serial number. */ protected ICertRecord getCertRecord(BigInteger serialNo) { - if (mAuthority == null - || !(mAuthority instanceof ICertificateAuthority)) { - log(ILogger.LL_WARN, CMS.getLogMessage("CMSGW_NON_CERT_AUTH")); + if (mAuthority == null || + !(mAuthority instanceof ICertificateAuthority)) { + log(ILogger.LL_WARN, + CMS.getLogMessage("CMSGW_NON_CERT_AUTH")); return null; } - ICertificateRepository certdb = (ICertificateRepository) ((ICertificateAuthority) mAuthority) - .getCertificateRepository(); + ICertificateRepository certdb = + (ICertificateRepository) ((ICertificateAuthority) mAuthority).getCertificateRepository(); if (certdb == null) { - log(ILogger.LL_WARN, - CMS.getLogMessage("CMSGW_CERT_DB_NULL", - mAuthority.toString())); + log(ILogger.LL_WARN, CMS.getLogMessage("CMSGW_CERT_DB_NULL", mAuthority.toString())); return null; } ICertRecord certRecord = null; @@ -1040,17 +1093,16 @@ public abstract class CMSServlet extends HttpServlet { try { certRecord = certdb.readCertificateRecord(serialNo); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_NO_CERT_REC", - serialNo.toString(16), e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_NO_CERT_REC", serialNo.toString(16), e.toString())); return null; } return certRecord; } /** - * handy routine for validating if a cert is from this CA. mAuthority must - * be a CA. + * handy routine for validating if a cert is from this CA. + * mAuthority must be a CA. */ protected boolean isCertFromCA(X509Certificate cert) { BigInteger serialno = cert.getSerialNumber(); @@ -1062,8 +1114,8 @@ public abstract class CMSServlet extends HttpServlet { } /** - * handy routine for checking if a list of certs is from this CA. mAuthortiy - * must be a CA. + * handy routine for checking if a list of certs is from this CA. + * mAuthortiy must be a CA. */ protected boolean areCertsFromCA(X509Certificate[] certs) { for (int i = certs.length - 1; i >= 0; i--) { @@ -1074,22 +1126,21 @@ public abstract class CMSServlet extends HttpServlet { } /** - * handy routine for getting a certificate from the certificate repository. - * mAuthority must be a CA. + * handy routine for getting a certificate from the certificate + * repository. mAuthority must be a CA. */ protected X509Certificate getX509Certificate(BigInteger serialNo) { - if (mAuthority == null - || !(mAuthority instanceof ICertificateAuthority)) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_NOT_CERT_AUTH")); + if (mAuthority == null || + !(mAuthority instanceof ICertificateAuthority)) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_NOT_CERT_AUTH")); return null; } - ICertificateRepository certdb = (ICertificateRepository) ((ICertificateAuthority) mAuthority) - .getCertificateRepository(); + ICertificateRepository certdb = + (ICertificateRepository) ((ICertificateAuthority) mAuthority).getCertificateRepository(); if (certdb == null) { - log(ILogger.LL_WARN, - CMS.getLogMessage("CMSGW_CERT_DB_NULL", - mAuthority.toString())); + log(ILogger.LL_WARN, CMS.getLogMessage("CMSGW_CERT_DB_NULL", mAuthority.toString())); return null; } X509Certificate cert = null; @@ -1097,31 +1148,29 @@ public abstract class CMSServlet extends HttpServlet { try { cert = certdb.getX509Certificate(serialNo); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_NO_CERT_REC", - serialNo.toString(16), e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_NO_CERT_REC", serialNo.toString(16), e.toString())); return null; } return cert; } /** - * instantiate a new filler from a class name, - * + * instantiate a new filler from a class name, * @return null if can't be instantiated, new instance otherwise. */ protected ICMSTemplateFiller newFillerObject(String fillerClass) { ICMSTemplateFiller filler = null; try { - filler = (ICMSTemplateFiller) Class.forName(fillerClass) - .newInstance(); + filler = (ICMSTemplateFiller) + Class.forName(fillerClass).newInstance(); } catch (Exception e) { if ((e instanceof RuntimeException)) { throw (RuntimeException) e; } else { - log(ILogger.LL_WARN, CMS.getLogMessage( - "CMSGW_CANT_LOAD_FILLER", fillerClass, e.toString())); + log(ILogger.LL_WARN, + CMS.getLogMessage("CMSGW_CANT_LOAD_FILLER", fillerClass, e.toString())); return null; } } @@ -1129,17 +1178,18 @@ public abstract class CMSServlet extends HttpServlet { } /** - * set default templates. subclasses can override, and should override at - * least the success template + * set default templates. + * subclasses can override, and should override at least the success + * template */ protected void setDefaultTemplates(ServletConfig sc) { // Subclasses should override these for diff templates and params in - // their constructors. - // Set a template name to null to not use these standard ones. - // When template name is set to null nothing will be displayed. + // their constructors. + // Set a template name to null to not use these standard ones. + // When template name is set to null nothing will be displayed. // Servlet is assumed to have rendered its own output. - // The only exception is the unexpected error template where the - // default one will always be used if template name is null. + // The only exception is the unexpected error template where the + // default one will always be used if template name is null. String successTemplate = null; String errorTemplate = null; String unauthorizedTemplate = null; @@ -1155,94 +1205,110 @@ public abstract class CMSServlet extends HttpServlet { } try { - successTemplate = sc.getInitParameter(PROP_SUCCESS_TEMPLATE); + successTemplate = sc.getInitParameter( + PROP_SUCCESS_TEMPLATE); if (successTemplate == null) { successTemplate = SUCCESS_TEMPLATE; if (gateway != null) - // successTemplate = "/"+gateway+successTemplate; - successTemplate = "/" + gateway + successTemplate; + //successTemplate = "/"+gateway+successTemplate; + successTemplate = "/"+gateway+successTemplate; } - errorTemplate = sc.getInitParameter(PROP_ERROR_TEMPLATE); + errorTemplate = sc.getInitParameter( + PROP_ERROR_TEMPLATE); if (errorTemplate == null) { errorTemplate = ERROR_TEMPLATE; - if (gateway != null) - // errorTemplate = "/"+gateway+errorTemplate; - errorTemplate = "/" + gateway + errorTemplate; + if (gateway != null) + //errorTemplate = "/"+gateway+errorTemplate; + errorTemplate = "/"+gateway+errorTemplate; } - unauthorizedTemplate = sc - .getInitParameter(PROP_UNAUTHORIZED_TEMPLATE); + unauthorizedTemplate = sc.getInitParameter( + PROP_UNAUTHORIZED_TEMPLATE); if (unauthorizedTemplate == null) { unauthorizedTemplate = UNAUTHORIZED_TEMPLATE; if (gateway != null) - // unauthorizedTemplate = "/"+gateway+unauthorizedTemplate; - unauthorizedTemplate = "/" + gateway + unauthorizedTemplate; + //unauthorizedTemplate = "/"+gateway+unauthorizedTemplate; + unauthorizedTemplate = "/"+gateway+unauthorizedTemplate; } - pendingTemplate = sc.getInitParameter(PROP_PENDING_TEMPLATE); + pendingTemplate = sc.getInitParameter( + PROP_PENDING_TEMPLATE); if (pendingTemplate == null) { pendingTemplate = PENDING_TEMPLATE; if (gateway != null) - // pendingTemplate = "/"+gateway+pendingTemplate; - pendingTemplate = "/" + gateway + pendingTemplate; + //pendingTemplate = "/"+gateway+pendingTemplate; + pendingTemplate = "/"+gateway+pendingTemplate; } - svcpendingTemplate = sc.getInitParameter(PROP_SVC_PENDING_TEMPLATE); + svcpendingTemplate = sc.getInitParameter( + PROP_SVC_PENDING_TEMPLATE); if (svcpendingTemplate == null) { svcpendingTemplate = SVC_PENDING_TEMPLATE; if (gateway != null) - // svcpendingTemplate = "/"+gateway+svcpendingTemplate; - svcpendingTemplate = "/" + gateway + svcpendingTemplate; + //svcpendingTemplate = "/"+gateway+svcpendingTemplate; + svcpendingTemplate = "/"+gateway+svcpendingTemplate; } - rejectedTemplate = sc.getInitParameter(PROP_REJECTED_TEMPLATE); + rejectedTemplate = sc.getInitParameter( + PROP_REJECTED_TEMPLATE); if (rejectedTemplate == null) { rejectedTemplate = REJECTED_TEMPLATE; if (gateway != null) - // rejectedTemplate = "/"+gateway+rejectedTemplate; - rejectedTemplate = "/" + gateway + rejectedTemplate; + //rejectedTemplate = "/"+gateway+rejectedTemplate; + rejectedTemplate = "/"+gateway+rejectedTemplate; } - unexpectedErrorTemplate = sc - .getInitParameter(PROP_EXCEPTION_TEMPLATE); + unexpectedErrorTemplate = sc.getInitParameter( + PROP_EXCEPTION_TEMPLATE); if (unexpectedErrorTemplate == null) { unexpectedErrorTemplate = EXCEPTION_TEMPLATE; if (gateway != null) - // unexpectedErrorTemplate = - // "/"+gateway+unexpectedErrorTemplate; - unexpectedErrorTemplate = "/" + gateway - + unexpectedErrorTemplate; + //unexpectedErrorTemplate = "/"+gateway+unexpectedErrorTemplate; + unexpectedErrorTemplate = "/"+gateway+unexpectedErrorTemplate; } } catch (Exception e) { - // this should never happen. - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSGW_IMP_INIT_SERV_ERR", e.toString(), mId)); + // this should never happen. + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_IMP_INIT_SERV_ERR", e.toString(), + mId)); } - mTemplates.put(CMSRequest.UNAUTHORIZED, new CMSLoadTemplate( + mTemplates.put( + CMSRequest.UNAUTHORIZED, + new CMSLoadTemplate( PROP_UNAUTHORIZED_TEMPLATE, PROP_UNAUTHOR_TEMPLATE_FILLER, - unauthorizedTemplate, null)); - mTemplates.put(CMSRequest.SUCCESS, new CMSLoadTemplate( + unauthorizedTemplate, null)); + mTemplates.put( + CMSRequest.SUCCESS, + new CMSLoadTemplate( PROP_SUCCESS_TEMPLATE, PROP_SUCCESS_TEMPLATE_FILLER, - successTemplate, new GenSuccessTemplateFiller())); - mTemplates.put(CMSRequest.PENDING, new CMSLoadTemplate( + successTemplate, new GenSuccessTemplateFiller())); + mTemplates.put( + CMSRequest.PENDING, + new CMSLoadTemplate( PROP_PENDING_TEMPLATE, PROP_PENDING_TEMPLATE_FILLER, pendingTemplate, new GenPendingTemplateFiller())); - mTemplates.put(CMSRequest.SVC_PENDING, new CMSLoadTemplate( + mTemplates.put( + CMSRequest.SVC_PENDING, + new CMSLoadTemplate( PROP_SVC_PENDING_TEMPLATE, PROP_SVC_PENDING_TEMPLATE_FILLER, svcpendingTemplate, new GenSvcPendingTemplateFiller())); - mTemplates.put(CMSRequest.REJECTED, new CMSLoadTemplate( + mTemplates.put( + CMSRequest.REJECTED, + new CMSLoadTemplate( PROP_REJECTED_TEMPLATE, PROP_REJECTED_TEMPLATE_FILLER, rejectedTemplate, new GenRejectedTemplateFiller())); - mTemplates.put(CMSRequest.ERROR, new CMSLoadTemplate( - PROP_ERROR_TEMPLATE, PROP_ERROR_TEMPLATE_FILLER, errorTemplate, - new GenErrorTemplateFiller())); - mTemplates.put(CMSRequest.EXCEPTION, - new CMSLoadTemplate(PROP_EXCEPTION_TEMPLATE, - PROP_EXCEPTION_TEMPLATE_FILLER, - unexpectedErrorTemplate, - new GenUnexpectedErrorTemplateFiller())); + mTemplates.put( + CMSRequest.ERROR, + new CMSLoadTemplate( + PROP_ERROR_TEMPLATE, PROP_ERROR_TEMPLATE_FILLER, + errorTemplate, new GenErrorTemplateFiller())); + mTemplates.put( + CMSRequest.EXCEPTION, + new CMSLoadTemplate( + PROP_EXCEPTION_TEMPLATE, PROP_EXCEPTION_TEMPLATE_FILLER, + unexpectedErrorTemplate, new GenUnexpectedErrorTemplateFiller())); } /** @@ -1251,7 +1317,8 @@ public abstract class CMSServlet extends HttpServlet { public static boolean clientIsNav(HttpServletRequest httpReq) { String useragent = httpReq.getHeader("user-agent"); - if (useragent.startsWith("Mozilla") && useragent.indexOf("MSIE") == -1) + if (useragent.startsWith("Mozilla") && + useragent.indexOf("MSIE") == -1) return true; return false; } @@ -1272,36 +1339,40 @@ public abstract class CMSServlet extends HttpServlet { * set using cartman JS. (no other way to tell) */ private static String CMMF_RESPONSE = "cmmfResponse"; - public static boolean doCMMFResponse(IArgBlock httpParams) { if (httpParams.getValueAsBoolean(CMMF_RESPONSE, false)) return true; - else + else return false; } private static final String IMPORT_CERT = "importCert"; private static final String IMPORT_CHAIN = "importCAChain"; private static final String IMPORT_CERT_MIME_TYPE = "importCertMimeType"; - // default mime type - private static final String NS_X509_USER_CERT = "application/x-x509-user-cert"; - private static final String NS_X509_EMAIL_CERT = "application/x-x509-email-cert"; + // default mime type + private static final String + NS_X509_USER_CERT = "application/x-x509-user-cert"; + private static final String + NS_X509_EMAIL_CERT = "application/x-x509-email-cert"; // CMC mime types - public static final String SIMPLE_ENROLLMENT_REQUEST = "application/pkcs10"; - public static final String SIMPLE_ENROLLMENT_RESPONSE = "application/pkcs7-mime"; - public static final String FULL_ENROLLMENT_REQUEST = "application/pkcs7-mime"; - public static final String FULL_ENROLLMENT_RESPONSE = "application/pkcs7-mime"; + public static final String + SIMPLE_ENROLLMENT_REQUEST = "application/pkcs10"; + public static final String + SIMPLE_ENROLLMENT_RESPONSE = "application/pkcs7-mime"; + public static final String + FULL_ENROLLMENT_REQUEST = "application/pkcs7-mime"; + public static final String + FULL_ENROLLMENT_RESPONSE = "application/pkcs7-mime"; /** * handy routine to check if client want full enrollment response */ public static String FULL_RESPONSE = "fullResponse"; - public static boolean doFullResponse(IArgBlock httpParams) { if (httpParams.getValueAsBoolean(FULL_RESPONSE, false)) return true; - else + else return false; } @@ -1309,22 +1380,24 @@ public abstract class CMSServlet extends HttpServlet { * @return false if import cert directly set to false. * @return true if import cert directly is true and import cert. */ - protected boolean checkImportCertToNav(HttpServletResponse httpResp, - IArgBlock httpParams, X509CertImpl cert) throws EBaseException { + protected boolean checkImportCertToNav( + HttpServletResponse httpResp, IArgBlock httpParams, X509CertImpl cert) + throws EBaseException { if (!httpParams.getValueAsBoolean(IMPORT_CERT, false)) { return false; } - boolean importCAChain = httpParams - .getValueAsBoolean(IMPORT_CHAIN, true); + boolean importCAChain = + httpParams.getValueAsBoolean(IMPORT_CHAIN, true); // XXX Temporary workaround because of problem with passing Mime type - boolean emailCert = httpParams.getValueAsBoolean("emailCert", false); - String importMimeType = (emailCert) ? httpParams.getValueAsString( - IMPORT_CERT_MIME_TYPE, NS_X509_EMAIL_CERT) : httpParams - .getValueAsString(IMPORT_CERT_MIME_TYPE, NS_X509_USER_CERT); - - // String importMimeType = - // httpParams.getValueAsString( - // IMPORT_CERT_MIME_TYPE, NS_X509_USER_CERT); + boolean emailCert = + httpParams.getValueAsBoolean("emailCert", false); + String importMimeType = (emailCert) ? + httpParams.getValueAsString(IMPORT_CERT_MIME_TYPE, NS_X509_EMAIL_CERT) : + httpParams.getValueAsString(IMPORT_CERT_MIME_TYPE, NS_X509_USER_CERT); + + // String importMimeType = + // httpParams.getValueAsString( + // IMPORT_CERT_MIME_TYPE, NS_X509_USER_CERT); importCertToNav(httpResp, cert, importMimeType, importCAChain); return true; } @@ -1332,16 +1405,18 @@ public abstract class CMSServlet extends HttpServlet { /** * handy routine to import cert to old navigator in nav mime type. */ - public void importCertToNav(HttpServletResponse httpResp, - X509CertImpl cert, String contentType, boolean importCAChain) - throws EBaseException { + public void importCertToNav( + HttpServletResponse httpResp, X509CertImpl cert, + String contentType, boolean importCAChain) + throws EBaseException { ServletOutputStream out = null; byte[] encoding = null; - CMS.debug("CMSServlet: importCertToNav " + "contentType=" + contentType - + " " + "importCAChain=" + importCAChain); - try { - out = httpResp.getOutputStream(); + CMS.debug("CMSServlet: importCertToNav " + + "contentType=" + contentType + " " + + "importCAChain=" + importCAChain); + try { + out = httpResp.getOutputStream(); // CA chain. if (importCAChain) { CertificateChain caChain = null; @@ -1351,8 +1426,9 @@ public abstract class CMSServlet extends HttpServlet { caChain = ((ICertAuthority) mAuthority).getCACertChain(); caCerts = caChain.getChain(); - // set user + CA cert chain in pkcs7 - X509CertImpl[] userChain = new X509CertImpl[caCerts.length + 1]; + // set user + CA cert chain in pkcs7 + X509CertImpl[] userChain = + new X509CertImpl[caCerts.length + 1]; userChain[0] = cert; int m = 1, n = 0; @@ -1361,13 +1437,14 @@ public abstract class CMSServlet extends HttpServlet { userChain[m] = (X509CertImpl) caCerts[n]; /* - * System.out.println( - * m+"th Cert "+userChain[m].toString()); + System.out.println( + m+"th Cert "+userChain[m].toString()); */ } p7 = new PKCS7(new AlgorithmId[0], - new ContentInfo(new byte[0]), userChain, - new SignerInfo[0]); + new ContentInfo(new byte[0]), + userChain, + new SignerInfo[0]); ByteArrayOutputStream bos = new ByteArrayOutputStream(); p7.encodeSignedData(bos, false); @@ -1379,20 +1456,16 @@ public abstract class CMSServlet extends HttpServlet { } httpResp.setContentType(contentType); out.write(encoding); - } catch (IOException e) { - mLogger.log( - ILogger.EV_SYSTEM, - ILogger.S_OTHER, - ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_RET_CERT_IMPORT_ERR", e.toString())); + } catch (IOException e) { + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, + ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_RET_CERT_IMPORT_ERR", e.toString())); throw new ECMSGWException( CMS.getLogMessage("CMSGW_ERROR_RETURNING_CERT")); } catch (CertificateEncodingException e) { - mLogger.log( - ILogger.EV_SYSTEM, - ILogger.S_OTHER, - ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_NO_ENCODED_IMP_CERT", e.toString())); + mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, + ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_NO_ENCODED_IMP_CERT", e.toString())); throw new ECMSGWException( CMS.getLogMessage("CMSGW_ERROR_ENCODING_ISSUED_CERT")); } @@ -1410,16 +1483,15 @@ public abstract class CMSServlet extends HttpServlet { String[] x1 = token.getInStringArray(n); if (x1 != null) { for (int i = 0; i < x1.length; i++) { - CMS.debug("Setting " + IRequest.AUTH_TOKEN + "-" + n - + "(" + i + ")=" + x1[i]); - req.setExtData(IRequest.AUTH_TOKEN + "-" + n + "(" + i - + ")", x1[i]); + CMS.debug("Setting " + IRequest.AUTH_TOKEN + "-" + n + + "(" + i + ")=" + x1[i]); + req.setExtData(IRequest.AUTH_TOKEN + "-" + n + "(" + i + ")", + x1[i]); } } else { String x = token.getInString(n); if (x != null) { - CMS.debug("Setting " + IRequest.AUTH_TOKEN + "-" + n - + "=" + x); + CMS.debug("Setting " + IRequest.AUTH_TOKEN + "-" + n + "=" + x); req.setExtData(IRequest.AUTH_TOKEN + "-" + n, x); } } @@ -1439,76 +1511,77 @@ public abstract class CMSServlet extends HttpServlet { * handy routine for getting agent's relative path */ protected String getRelPath(IAuthority authority) { - if (authority instanceof ICertificateAuthority) + if (authority instanceof ICertificateAuthority) return "ca/"; - else if (authority instanceof IRegistrationAuthority) + else if (authority instanceof IRegistrationAuthority) return "ra/"; - else if (authority instanceof IKeyRecoveryAuthority) + else if (authority instanceof IKeyRecoveryAuthority) return "kra/"; - else + else return "/"; } /** - * A system certificate such as the CA signing certificate should not be - * allowed to delete. The main purpose is to avoid revoking the self signed + * A system certificate such as the CA signing certificate + * should not be allowed to delete. + * The main purpose is to avoid revoking the self signed * CA certificate accidentially. */ protected boolean isSystemCertificate(BigInteger serialNo) { if (!(mAuthority instanceof ICertificateAuthority)) { return false; } - X509Certificate caCert = ((ICertificateAuthority) mAuthority) - .getCACert(); + X509Certificate caCert = + ((ICertificateAuthority)mAuthority).getCACert(); if (caCert != null) { - /* only check this if we are self-signed */ - if (caCert.getSubjectDN().equals(caCert.getIssuerDN())) { - if (caCert.getSerialNumber().equals(serialNo)) { - return true; - } + /* only check this if we are self-signed */ + if (caCert.getSubjectDN().equals(caCert.getIssuerDN())) { + if (caCert.getSerialNumber().equals(serialNo)) { + return true; } + } } return false; } /** * make a CRL entry from a serial number and revocation reason. - * * @return a RevokedCertImpl that can be entered in a CRL. */ - protected RevokedCertImpl formCRLEntry(BigInteger serialNo, - RevocationReason reason) throws EBaseException { + protected RevokedCertImpl formCRLEntry( + BigInteger serialNo, RevocationReason reason) + throws EBaseException { CRLReasonExtension reasonExt = new CRLReasonExtension(reason); CRLExtensions crlentryexts = new CRLExtensions(); try { crlentryexts.set(CRLReasonExtension.NAME, reasonExt); } catch (IOException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_CRL_REASON", - reason.toString(), e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_CRL_REASON", reason.toString(), e.toString())); throw new ECMSGWException( CMS.getLogMessage("CMSGW_ERROR_SETTING_CRLREASON")); } - RevokedCertImpl crlentry = new RevokedCertImpl(serialNo, - CMS.getCurrentDate(), crlentryexts); + RevokedCertImpl crlentry = + new RevokedCertImpl(serialNo, CMS.getCurrentDate(), crlentryexts); return crlentry; } /** * check if a certificate (serial number) is revoked on a CA. - * * @return true if cert is marked revoked in the CA's database. - * @return false if cert is not marked revoked. + * @return false if cert is not marked revoked. */ - protected boolean certIsRevoked(BigInteger serialNum) throws EBaseException { + protected boolean certIsRevoked(BigInteger serialNum) + throws EBaseException { ICertRecord certRecord = getCertRecord(serialNum); if (certRecord == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_BAD_CERT_SER_NUM", - String.valueOf(serialNum))); - throw new ECMSGWException(CMS.getLogMessage("CMSGW_INVALID_CERT")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_BAD_CERT_SER_NUM", String.valueOf(serialNum))); + throw new ECMSGWException( + CMS.getLogMessage("CMSGW_INVALID_CERT")); } if (certRecord.getStatus().equals(ICertRecord.STATUS_REVOKED)) return true; @@ -1517,7 +1590,7 @@ public abstract class CMSServlet extends HttpServlet { public static String generateSalt() { Random rnd = new Random(); - String salt = new Integer(rnd.nextInt()).toString(); + String salt = new Integer( rnd.nextInt() ).toString(); return salt; } @@ -1534,8 +1607,9 @@ public abstract class CMSServlet extends HttpServlet { * @param realpathFile the file to get. * @param locale array of at least one to be filled with locale found. */ - public static File getLangFile(HttpServletRequest req, File realpathFile, - Locale[] locale) throws IOException { + public static File getLangFile( + HttpServletRequest req, File realpathFile, Locale[] locale) + throws IOException { File file = null; String acceptLang = req.getHeader("accept-language"); @@ -1552,7 +1626,7 @@ public abstract class CMSServlet extends HttpServlet { } String name = realpathFile.getName(); - if (name == null) { // filename should never be null. + if (name == null) { // filename should never be null. throw new IOException("file has no name"); } int i; @@ -1580,8 +1654,9 @@ public abstract class CMSServlet extends HttpServlet { break; } - String langfilepath = parent + File.separatorChar + lang - + File.separatorChar + name; + String langfilepath = + parent + File.separatorChar + + lang + File.separatorChar + name; file = new File(langfilepath); if (file.exists()) { @@ -1612,18 +1687,20 @@ public abstract class CMSServlet extends HttpServlet { return new Locale(lang.substring(0, dash), lang.substring(dash + 1)); } - public IAuthToken authenticate(CMSRequest req) throws EBaseException { + public IAuthToken authenticate(CMSRequest req) + throws EBaseException { return authenticate(req, mAuthMgr); } public IAuthToken authenticate(HttpServletRequest httpReq) - throws EBaseException { + throws EBaseException { return authenticate(httpReq, mAuthMgr); } - public IAuthToken authenticate(CMSRequest req, String authMgrName) - throws EBaseException { - IAuthToken authToken = authenticate(req.getHttpReq(), authMgrName); + public IAuthToken authenticate(CMSRequest req, String authMgrName) + throws EBaseException { + IAuthToken authToken = authenticate(req.getHttpReq(), + authMgrName); saveAuthToken(authToken, req.getIRequest()); return authToken; @@ -1632,19 +1709,19 @@ public abstract class CMSServlet extends HttpServlet { /** * Authentication * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication - * fails (in case of SSL-client auth, only webserver env can pick up the SSL - * violation; CS authMgr can pick up cert mis-match, so this event is used) - * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when - * authentication succeeded + * fails (in case of SSL-client auth, only webserver env can pick up the + * SSL violation; CS authMgr can pick up cert mis-match, so this event + * is used) + * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication + * succeeded * </ul> - * * @exception EBaseException an error has occurred */ - public IAuthToken authenticate(HttpServletRequest httpReq, - String authMgrName) throws EBaseException { + public IAuthToken authenticate(HttpServletRequest httpReq, String authMgrName) + throws EBaseException { String auditMessage = null; String auditSubjectID = ILogger.UNIDENTIFIED; String auditAuthMgrID = ILogger.UNIDENTIFIED; @@ -1673,19 +1750,19 @@ public abstract class CMSServlet extends HttpServlet { // // check ssl client authentication if specified. // - X509Certificate clientCert = null; + X509Certificate clientCert = null; - if (getClientCert != null && getClientCert.equals("true")) { + if (getClientCert != null && getClientCert.equals("true")) { CMS.debug("CMSServlet: retrieving SSL certificate"); clientCert = getSSLClientCertificate(httpReq); } // // check authentication by auth manager if any. - // + // if (authMgrName == null) { - // Fixed Blackflag Bug #613900: Since this code block does + // Fixed Blackflag Bug #613900: Since this code block does // NOT actually constitute an authentication failure, but // rather the case in which a given servlet has been correctly // configured to NOT require an authentication manager, the @@ -1717,9 +1794,11 @@ public abstract class CMSServlet extends HttpServlet { auditAuthMgrID = authMgrName; } AuthToken authToken = CMSGateway.checkAuthManager(httpReq, - httpArgs, clientCert, authMgrName); + httpArgs, + clientCert, + authMgrName); if (authToken == null) { - return null; + return null; } String userid = authToken.getInString(IAuthToken.USER_ID); @@ -1728,21 +1807,28 @@ public abstract class CMSServlet extends HttpServlet { if (userid != null) { ctx.put(SessionContext.USER_ID, userid); } - + // reset the "auditSubjectID" auditSubjectID = auditSubjectID(); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_AUTH_SUCCESS, - auditSubjectID, ILogger.SUCCESS, auditAuthMgrID); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_AUTH_SUCCESS, + auditSubjectID, + ILogger.SUCCESS, + auditAuthMgrID); audit(auditMessage); return authToken; } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_AUTH_FAIL, - auditSubjectID, ILogger.FAILURE, auditAuthMgrID, auditUID); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_AUTH_FAIL, + auditSubjectID, + ILogger.FAILURE, + auditAuthMgrID, + auditUID); audit(auditMessage); // rethrow the specific exception to be handled later @@ -1750,8 +1836,8 @@ public abstract class CMSServlet extends HttpServlet { } } - public AuthzToken authorize(String authzMgrName, String resource, - IAuthToken authToken, String exp) throws EBaseException { + public AuthzToken authorize(String authzMgrName, String resource, IAuthToken authToken, + String exp) throws EBaseException { AuthzToken authzToken = null; String auditMessage = null; String auditSubjectID = auditSubjectID(); @@ -1766,40 +1852,56 @@ public abstract class CMSServlet extends HttpServlet { authzToken = mAuthz.authorize(authzMgrName, authToken, exp); if (authzToken != null) { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS, auditSubjectID, - ILogger.SUCCESS, auditACLResource, auditOperation); + LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS, + auditSubjectID, + ILogger.SUCCESS, + auditACLResource, + auditOperation); audit(auditMessage); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_ROLE_ASSUME, auditSubjectID, - ILogger.SUCCESS, auditGroupID); + LOGGING_SIGNED_AUDIT_ROLE_ASSUME, + auditSubjectID, + ILogger.SUCCESS, + auditGroupID); audit(auditMessage); } else { auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, auditSubjectID, - ILogger.FAILURE, auditACLResource, auditOperation); + LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, + auditSubjectID, + ILogger.FAILURE, + auditACLResource, + auditOperation); audit(auditMessage); auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_ROLE_ASSUME, auditSubjectID, - ILogger.FAILURE, auditGroupID); + LOGGING_SIGNED_AUDIT_ROLE_ASSUME, + auditSubjectID, + ILogger.FAILURE, + auditGroupID); audit(auditMessage); } return authzToken; } catch (Exception e) { - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, - auditSubjectID, ILogger.FAILURE, auditACLResource, - auditOperation); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, + auditSubjectID, + ILogger.FAILURE, + auditACLResource, + auditOperation); audit(auditMessage); - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_ROLE_ASSUME, - auditSubjectID, ILogger.FAILURE, auditGroupID); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_ROLE_ASSUME, + auditSubjectID, + ILogger.FAILURE, + auditGroupID); audit(auditMessage); throw new EBaseException(e.toString()); @@ -1809,29 +1911,29 @@ public abstract class CMSServlet extends HttpServlet { /** * Authorize must occur after Authenticate * <P> - * + * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization * has failed - * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when - * authorization is successful - * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes - * a role (in current CS that's when one accesses a role port) + * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization + * is successful + * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a + * role (in current CS that's when one accesses a role port) * </ul> - * * @param authzMgrName string representing the name of the authorization - * manager + * manager * @param authToken the authentication token * @param resource a string representing the ACL resource id as defined in - * the ACL resource list + * the ACL resource list * @param operation a string representing one of the operations as defined - * within the ACL statement (e. g. - "read" for an ACL statement - * containing "(read,write)") + * within the ACL statement (e. g. - "read" for an ACL statement containing + * "(read,write)") * @exception EBaseException an error has occurred * @return the authorization token */ public AuthzToken authorize(String authzMgrName, IAuthToken authToken, - String resource, String operation) throws EBaseException { + String resource, String operation) + throws EBaseException { String auditMessage = null; String auditSubjectID = auditSubjectID(); String auditGroupID = auditGroupID(); @@ -1839,19 +1941,19 @@ public abstract class CMSServlet extends HttpServlet { String auditACLResource = resource; String auditOperation = operation; + SessionContext auditContext = SessionContext.getExistingContext(); String authManagerId = null; - if (auditContext != null) { - authManagerId = (String) auditContext - .get(SessionContext.AUTH_MANAGER_ID); - - if (authManagerId != null && authManagerId.equals("TokenAuth")) { - if (auditSubjectID.equals(ILogger.NONROLEUSER) - || auditSubjectID.equals(ILogger.UNIDENTIFIED)) { - CMS.debug("CMSServlet: in authorize... TokenAuth auditSubjectID unavailable, changing to auditGroupID"); - auditID = auditGroupID; - } + if(auditContext != null) { + authManagerId = (String) auditContext.get(SessionContext.AUTH_MANAGER_ID); + + if(authManagerId != null && authManagerId.equals("TokenAuth")) { + if (auditSubjectID.equals(ILogger.NONROLEUSER) || + auditSubjectID.equals(ILogger.UNIDENTIFIED)) { + CMS.debug("CMSServlet: in authorize... TokenAuth auditSubjectID unavailable, changing to auditGroupID"); + auditID = auditGroupID; + } } } @@ -1866,7 +1968,7 @@ public abstract class CMSServlet extends HttpServlet { } if (authzMgrName == null) { - // Fixed Blackflag Bug #613900: Since this code block does + // Fixed Blackflag Bug #613900: Since this code block does // NOT actually constitute an authorization failure, but // rather the case in which a given servlet has been correctly // configured to NOT require an authorization manager, the @@ -1878,35 +1980,47 @@ public abstract class CMSServlet extends HttpServlet { } try { - AuthzToken authzTok = mAuthz.authorize(authzMgrName, authToken, - resource, operation); + AuthzToken authzTok = mAuthz.authorize(authzMgrName, + authToken, + resource, + operation); if (authzTok != null) { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS, auditSubjectID, - ILogger.SUCCESS, auditACLResource, auditOperation); + LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS, + auditSubjectID, + ILogger.SUCCESS, + auditACLResource, + auditOperation); audit(auditMessage); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_ROLE_ASSUME, auditID, - ILogger.SUCCESS, auditGroups(auditSubjectID)); + LOGGING_SIGNED_AUDIT_ROLE_ASSUME, + auditID, + ILogger.SUCCESS, + auditGroups(auditSubjectID)); audit(auditMessage); } else { // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, auditSubjectID, - ILogger.FAILURE, auditACLResource, auditOperation); + LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, + auditSubjectID, + ILogger.FAILURE, + auditACLResource, + auditOperation); audit(auditMessage); // store a message in the signed audit log file auditMessage = CMS.getLogMessage( - LOGGING_SIGNED_AUDIT_ROLE_ASSUME, auditID, - ILogger.FAILURE, auditGroups(auditSubjectID)); + LOGGING_SIGNED_AUDIT_ROLE_ASSUME, + auditID, + ILogger.FAILURE, + auditGroups(auditSubjectID)); audit(auditMessage); } @@ -1914,31 +2028,42 @@ public abstract class CMSServlet extends HttpServlet { return authzTok; } catch (EBaseException eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, - auditSubjectID, ILogger.FAILURE, auditACLResource, - auditOperation); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, + auditSubjectID, + ILogger.FAILURE, + auditACLResource, + auditOperation); audit(auditMessage); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_ROLE_ASSUME, - auditID, ILogger.FAILURE, auditGroups(auditSubjectID)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_ROLE_ASSUME, + auditID, + ILogger.FAILURE, + auditGroups(auditSubjectID)); audit(auditMessage); return null; } catch (Exception eAudit1) { // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, - auditSubjectID, ILogger.FAILURE, auditACLResource, - auditOperation); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_AUTHZ_FAIL, + auditSubjectID, + ILogger.FAILURE, + auditACLResource, + auditOperation); audit(auditMessage); // store a message in the signed audit log file - auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_ROLE_ASSUME, - auditSubjectID, ILogger.FAILURE, - auditGroups(auditSubjectID)); + auditMessage = CMS.getLogMessage( + LOGGING_SIGNED_AUDIT_ROLE_ASSUME, + auditSubjectID, + ILogger.FAILURE, + auditGroups(auditSubjectID)); audit(auditMessage); @@ -1948,11 +2073,11 @@ public abstract class CMSServlet extends HttpServlet { /** * Signed Audit Log - * - * This method is inherited by all extended "CMSServlet"s, and is called to - * store messages to the signed audit log. + * + * This method is inherited by all extended "CMSServlet"s, + * and is called to store messages to the signed audit log. * <P> - * + * * @param msg signed audit log message */ protected void audit(String msg) { @@ -1963,17 +2088,21 @@ public abstract class CMSServlet extends HttpServlet { return; } - mSignedAuditLogger.log(ILogger.EV_SIGNED_AUDIT, null, - ILogger.S_SIGNED_AUDIT, ILogger.LL_SECURITY, msg); + mSignedAuditLogger.log(ILogger.EV_SIGNED_AUDIT, + null, + ILogger.S_SIGNED_AUDIT, + ILogger.LL_SECURITY, + msg); } /** * Signed Audit Log Subject ID - * - * This method is inherited by all extended "CMSServlet"s, and is called to - * obtain the "SubjectID" for a signed audit log message. + * + * This method is inherited by all extended "CMSServlet"s, + * and is called to obtain the "SubjectID" for + * a signed audit log message. * <P> - * + * * @return id string containing the signed audit log message SubjectID */ protected String auditSubjectID() { @@ -1990,7 +2119,8 @@ public abstract class CMSServlet extends HttpServlet { CMS.debug("CMSServlet: auditSubjectID auditContext " + auditContext); if (auditContext != null) { - subjectID = (String) auditContext.get(SessionContext.USER_ID); + subjectID = (String) + auditContext.get(SessionContext.USER_ID); CMS.debug("CMSServlet auditSubjectID: subjectID: " + subjectID); if (subjectID != null) { @@ -2007,11 +2137,12 @@ public abstract class CMSServlet extends HttpServlet { /** * Signed Audit Log Group ID - * - * This method is inherited by all extended "CMSServlet"s, and is called to - * obtain the "gid" for a signed audit log message. + * + * This method is inherited by all extended "CMSServlet"s, + * and is called to obtain the "gid" for + * a signed audit log message. * <P> - * + * * @return id string containing the signed audit log message SubjectID */ protected String auditGroupID() { @@ -2028,7 +2159,8 @@ public abstract class CMSServlet extends HttpServlet { CMS.debug("CMSServlet: auditGroupID auditContext " + auditContext); if (auditContext != null) { - groupID = (String) auditContext.get(SessionContext.GROUP_ID); + groupID = (String) + auditContext.get(SessionContext.GROUP_ID); CMS.debug("CMSServlet auditGroupID: groupID: " + groupID); if (groupID != null) { @@ -2045,14 +2177,14 @@ public abstract class CMSServlet extends HttpServlet { /** * Signed Audit Groups - * - * This method is called to extract all "groups" associated with the - * "auditSubjectID()". + * + * This method is called to extract all "groups" associated + * with the "auditSubjectID()". * <P> - * + * * @param id string containing the signed audit log message SubjectID - * @return a delimited string of groups associated with the - * "auditSubjectID()" + * @return a delimited string of groups associated + * with the "auditSubjectID()" */ private String auditGroups(String SubjectID) { // if no signed audit object exists, bail @@ -2060,7 +2192,8 @@ public abstract class CMSServlet extends HttpServlet { return null; } - if ((SubjectID == null) || (SubjectID.equals(ILogger.UNIDENTIFIED))) { + if ((SubjectID == null) || + (SubjectID.equals(ILogger.UNIDENTIFIED))) { return ILogger.SIGNED_AUDIT_EMPTY_VALUE; } @@ -2078,7 +2211,7 @@ public abstract class CMSServlet extends HttpServlet { IGroup group = (IGroup) groups.nextElement(); if (group.isMember(SubjectID) == true) { - if (membersString.length() != 0) { + if (membersString.length()!= 0) { membersString.append(", "); } @@ -2086,7 +2219,7 @@ public abstract class CMSServlet extends HttpServlet { } } - if (membersString.length() != 0) { + if (membersString.length()!=0) { return membersString.toString(); } else { return ILogger.SIGNED_AUDIT_EMPTY_VALUE; @@ -2105,24 +2238,23 @@ public abstract class CMSServlet extends HttpServlet { locale = Locale.getDefault(); } else { locale = new Locale(UserInfo.getUserLanguage(lang), - UserInfo.getUserCountry(lang)); + UserInfo.getUserCountry(lang)); } return locale; } - protected void outputResult(HttpServletResponse httpResp, - String contentType, byte[] content) { + protected void outputResult(HttpServletResponse httpResp, + String contentType, byte[] content) { try { OutputStream os = httpResp.getOutputStream(); - + httpResp.setContentType(contentType); httpResp.setContentLength(content.length); os.write(content); os.flush(); } catch (IOException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", - e.toString())); + CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", e.toString())); return; } } @@ -2131,13 +2263,11 @@ public abstract class CMSServlet extends HttpServlet { outputError(httpResp, FAILURE, errorString, null); } - protected void outputError(HttpServletResponse httpResp, - String errorString, String requestId) { + protected void outputError(HttpServletResponse httpResp, String errorString, String requestId) { outputError(httpResp, FAILURE, errorString, null); } - protected void outputError(HttpServletResponse httpResp, String status, - String errorString, String requestId) { + protected void outputError(HttpServletResponse httpResp, String status, String errorString, String requestId) { XMLObject xmlObj = null; try { xmlObj = new XMLObject(); @@ -2158,39 +2288,34 @@ public abstract class CMSServlet extends HttpServlet { } catch (Exception ee) { CMS.debug("Failed to send XML output to the server."); log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", - ee.toString())); + CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", ee.toString())); } } - protected StringBuffer escapeValueRfc1779(String v, boolean doubleEscape) { + protected StringBuffer escapeValueRfc1779(String v, boolean doubleEscape) + { StringBuffer result = new StringBuffer(); // Do we need to escape any characters for (int i = 0; i < v.length(); i++) { int c = v.charAt(i); - if (c == ',' || c == '=' || c == '+' || c == '<' || c == '>' - || c == '#' || c == ';' || c == '\r' || c == '\n' - || c == '\\' || c == '"') { - if ((c == 0x5c) && ((i + 1) < v.length())) { - int nextC = v.charAt(i + 1); - if ((c == 0x5c) - && (nextC == ',' || nextC == '=' || nextC == '+' - || nextC == '<' || nextC == '>' - || nextC == '#' || nextC == ';' - || nextC == '\r' || nextC == '\n' - || nextC == '\\' || nextC == '"')) { - if (doubleEscape) - result.append('\\'); + if (c == ',' || c == '=' || c == '+' || c == '<' || + c == '>' || c == '#' || c == ';' || c == '\r' || + c == '\n' || c == '\\' || c == '"') { + if ((c == 0x5c) && ((i+1) < v.length())) { + int nextC = v.charAt(i+1); + if ((c == 0x5c) && (nextC == ',' || nextC == '=' || nextC == '+' || + nextC == '<' || nextC == '>' || nextC == '#' || + nextC == ';' || nextC == '\r' || nextC == '\n' || + nextC == '\\' || nextC == '"')) { + if (doubleEscape) result.append('\\'); } else { result.append('\\'); - if (doubleEscape) - result.append('\\'); + if (doubleEscape) result.append('\\'); } } else { result.append('\\'); - if (doubleEscape) - result.append('\\'); + if (doubleEscape) result.append('\\'); } } if (c == '\r') { @@ -2198,10 +2323,11 @@ public abstract class CMSServlet extends HttpServlet { } else if (c == '\n') { result.append("0A"); } else { - result.append((char) c); + result.append((char)c); } } return result; } } + diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java index c68a1755..64c59c5a 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/CMSStartServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.base; + import java.io.File; import java.io.IOException; import java.io.PrintWriter; @@ -31,10 +32,11 @@ import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; import com.netscape.cmsutil.util.Utils; + /** - * This servlet is started by the web server at startup, and it starts the CMS - * framework. - * + * This servlet is started by the web server at startup, and + * it starts the CMS framework. + * * @version $Revision$, $Date$ */ public class CMSStartServlet extends HttpServlet { @@ -53,33 +55,34 @@ public class CMSStartServlet extends HttpServlet { if (!f.exists()) { int index = path.lastIndexOf("CS.cfg"); if (index != -1) { - old_path = path.substring(0, index) + "CMS.cfg"; + old_path = path.substring(0, index)+"CMS.cfg"; } File f1 = new File(old_path); if (f1.exists()) { // The following block of code moves "CMS.cfg" to "CS.cfg". try { - if (Utils.isNT()) { + if( Utils.isNT() ) { // NT is very picky on the path - Utils.exec("copy " - + f1.getAbsolutePath().replace('/', '\\') + " " - + f.getAbsolutePath().replace('/', '\\')); + Utils.exec( "copy " + + f1.getAbsolutePath().replace( '/', '\\' ) + + " " + + f.getAbsolutePath().replace( '/', '\\' ) ); } else { // Create a copy of the original file which // preserves the original file permissions. - Utils.exec("cp -p " + f1.getAbsolutePath() + " " - + f.getAbsolutePath()); + Utils.exec( "cp -p " + f1.getAbsolutePath() + " " + + f.getAbsolutePath() ); } // Remove the original file if and only if // the backup copy was successful. - if (f.exists()) { + if( f.exists() ) { f1.delete(); // Make certain that the new file has // the correct permissions. - if (!Utils.isNT()) { - Utils.exec("chmod 00660 " + f.getAbsolutePath()); + if( !Utils.isNT() ) { + Utils.exec( "chmod 00660 " + f.getAbsolutePath() ); } } } catch (Exception e) { @@ -93,7 +96,7 @@ public class CMSStartServlet extends HttpServlet { } public void doGet(HttpServletRequest req, HttpServletResponse res) - throws ServletException, IOException { + throws ServletException, IOException { res.setContentType("text/html"); PrintWriter out = res.getWriter(); diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/DisplayHtmlServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/DisplayHtmlServlet.java index c53d6c52..8d853f0b 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/DisplayHtmlServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/DisplayHtmlServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.base; + import java.io.ByteArrayOutputStream; import java.io.File; import java.io.FileInputStream; @@ -32,10 +33,10 @@ import com.netscape.certsrv.logging.ILogger; import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ECMSGWException; + /** - * This is the servlet that displays the html page for the corresponding input - * id. - * + * This is the servlet that displays the html page for the corresponding input id. + * * @version $Revision$, $Date$ */ public class DisplayHtmlServlet extends CMSServlet { @@ -54,7 +55,7 @@ public class DisplayHtmlServlet extends CMSServlet { public void init(ServletConfig sc) throws ServletException { super.init(sc); - mHTMLPath = sc.getInitParameter(PROP_HTML_PATH); + mHTMLPath = sc.getInitParameter(PROP_HTML_PATH); mTemplates.remove(CMSRequest.SUCCESS); } @@ -67,19 +68,18 @@ public class DisplayHtmlServlet extends CMSServlet { IAuthToken authToken = authenticate(cmsReq); try { - String realpath = mServletConfig.getServletContext().getRealPath( - "/" + mHTMLPath); + String realpath = + mServletConfig.getServletContext().getRealPath("/" + mHTMLPath); if (realpath == null) { - mLogger.log(ILogger.EV_SYSTEM, ILogger.S_OTHER, - ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_NO_FIND_TEMPLATE", mHTMLPath)); - throw new ECMSGWException( - CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE")); + mLogger.log( + ILogger.EV_SYSTEM, ILogger.S_OTHER, ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_NO_FIND_TEMPLATE", mHTMLPath)); + throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE")) ; } File file = new File(realpath); long flen = file.length(); - byte[] bin = new byte[(int) flen]; + byte[] bin = new byte[(int)flen]; FileInputStream ins = new FileInputStream(file); int len = 0; @@ -92,11 +92,9 @@ public class DisplayHtmlServlet extends CMSServlet { ins.close(); bos.close(); } catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_OUT_TEMPLATE", mHTMLPath, - e.toString())); - throw new ECMSGWException( - CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE")); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_OUT_TEMPLATE", mHTMLPath, e.toString())); + throw new ECMSGWException(CMS.getLogMessage("CMSGW_ERROR_DISPLAY_TEMPLATE")); } } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java index 45a404c5..9607fbe2 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.base; + import java.io.IOException; import java.util.Date; import java.util.Enumeration; @@ -38,13 +39,14 @@ import com.netscape.certsrv.authentication.IAuthToken; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.IConfigStore; + /** - * Return some javascript to the request which contains the list of dynamic data - * in the CMS system. + * Return some javascript to the request which contains the list of + * dynamic data in the CMS system. * <p> - * This allows the requestor (browser) to make decisions about what to present - * in the UI, depending on how CMS is configured - * + * This allows the requestor (browser) to make decisions about what + * to present in the UI, depending on how CMS is configured + * * @version $Revision$, $Date$ */ public class DynamicVariablesServlet extends CMSServlet { @@ -81,10 +83,10 @@ public class DynamicVariablesServlet extends CMSServlet { private static final String VAR_CLA_CRL_URL_STRING = "clacrlurl()"; private static final Integer VAR_CLA_CRL_URL = Integer.valueOf(6); private String VAR_CLA_CRL_URL_VALUE = null; - + private String mAuthMgrCacheString = ""; - private long mAuthMgrCacheTime = 0; - private final int AUTHMGRCACHE = 10; // number of seconds to cache list of + private long mAuthMgrCacheTime = 0; + private final int AUTHMGRCACHE = 10; //number of seconds to cache list of // authmanagers for private Hashtable dynvars = null; private String mGetClientCert = "false"; @@ -97,7 +99,8 @@ public class DynamicVariablesServlet extends CMSServlet { IConfigStore config = CMS.getConfigStore().getSubStore(PROP_CLONING); try { - mCrlurl = config.getString(PROP_CRLURL, ""); + mCrlurl = + config.getString(PROP_CRLURL, ""); } catch (EBaseException e) { } } @@ -116,38 +119,33 @@ public class DynamicVariablesServlet extends CMSServlet { /** * Reads the following variables from the servlet config: * <ul> - * <li><strong>AuthMgr</strong> - the authentication manager to use to - * authenticate the request - * <li><strong>GetClientCert</strong> - whether to request client auth for - * this request - * <li><strong>authority</strong> - the authority (ca, ra, drm) to return to - * the client - * <li><strong>dynamicVariables</strong> - a string of the form: - * serverdate=serverdate(),subsystemname=subsystemname(), - * http=http(),authmgrs=authmgrs(),clacrlurl=clacrlurl() + * <li><strong>AuthMgr</strong> - the authentication manager to use to authenticate the request + * <li><strong>GetClientCert</strong> - whether to request client auth for this request + * <li><strong>authority</strong> - the authority (ca, ra, drm) to return to the client + * <li><strong>dynamicVariables</strong> - a string of the form: + * serverdate=serverdate(),subsystemname=subsystemname(), + * http=http(),authmgrs=authmgrs(),clacrlurl=clacrlurl() * </ul> - * The dynamicVariables string is parsed by splitting on commas. When - * services, the HTTP request provides a piece of javascript code as - * follows. + * The dynamicVariables string is parsed by splitting on commas. + * When services, the HTTP request provides a piece of javascript + * code as follows. * <p> * Each sub expression "lhs=rhs()" forms a javascript statement of the form - * <i>lhs=xxx;</i> Where lhs is xxx is the result of 'evaluating' the rhs. - * The possible values for the rhs() function are: + * <i>lhs=xxx;</i> Where lhs is xxx is the result of 'evaluating' the + * rhs. The possible values for the rhs() function are: * <ul> - * <li><strong>serverdate()</strong> - the timestamp of the server (used to - * ensure that the client clock is set correctly) + * <li><strong>serverdate()</strong> - the timestamp of the server (used to ensure that the client + * clock is set correctly) * <li><strong>subsystemname()</strong> - * <li><strong>http()</strong> - "true" or "false" - is this an http - * connection (as opposed to https) + * <li><strong>http()</strong> - "true" or "false" - is this an http connection (as opposed to https) * <li>authmgrs() - a comma separated list of authentication managers - * <li>clacrlurl() - the URL to get the CRL from, in the case of a Clone CA. - * This is defined in the CMS configuration parameter - * 'cloning.cloneMasterCrlUrl' + * <li>clacrlurl() - the URL to get the CRL from, in the case of a Clone CA. This is + * defined in the CMS configuration parameter 'cloning.cloneMasterCrlUrl' * </ul> - * * @see javax.servlet.Servlet#init(ServletConfig) */ + public void init(ServletConfig sc) throws ServletException { super.init(sc); mAuthMgr = sc.getInitParameter(PROP_AUTHMGR); @@ -184,8 +182,7 @@ public class DynamicVariablesServlet extends CMSServlet { } else if (varvalue.equalsIgnoreCase(VAR_CLA_CRL_URL_STRING)) { varcode = VAR_CLA_CRL_URL; } else { - throw new ServletException( - "bad configuration parameter in " + PROP_DYNVAR); + throw new ServletException("bad configuration parameter in " + PROP_DYNVAR); } if (varcode != null) { dynvars.put(varcode, (Object) varname); @@ -196,19 +193,20 @@ public class DynamicVariablesServlet extends CMSServlet { } } - public void service(HttpServletRequest httpReq, HttpServletResponse httpResp) - throws ServletException, IOException { + public void service(HttpServletRequest httpReq, + HttpServletResponse httpResp) + throws ServletException, IOException { boolean running_state = CMS.isInRunningState(); if (!running_state) - throw new IOException("CMS server is not ready to serve."); + throw new IOException( + "CMS server is not ready to serve."); if (mAuthMgr != null) { try { IAuthToken token = authenticate(httpReq); } catch (EBaseException e) { - mServletCtx.log(CMS.getLogMessage("CMSGW_FILE_NO_ACCESS", - e.toString())); + mServletCtx.log(CMS.getLogMessage("CMSGW_FILE_NO_ACCESS", e.toString())); httpResp.sendError(HttpServletResponse.SC_FORBIDDEN); return; } @@ -216,7 +214,7 @@ public class DynamicVariablesServlet extends CMSServlet { httpResp.setContentType("application/x-javascript"); httpResp.setHeader("Pragma", "no-cache"); - + try { ServletOutputStream os = httpResp.getOutputStream(); @@ -229,40 +227,47 @@ public class DynamicVariablesServlet extends CMSServlet { Integer varcode = (Integer) k.nextElement(); if (varcode.equals(VAR_SERVERDATE)) { - toBeWritten = dynvars.get(varcode) + "=" - + getServerDate() + ";\n"; + toBeWritten = dynvars.get(varcode) + + "=" + + getServerDate() + + ";\n"; os.print(toBeWritten); } if (varcode.equals(VAR_SUBSYSTEMNAME)) { if (getSubsystemName() != null) { - toBeWritten = dynvars.get(varcode) + "=" + "\"" - + getSubsystemName() + "\"" + ";\n"; + toBeWritten = dynvars.get(varcode) + + "=" + "\"" + + getSubsystemName() + "\"" + + ";\n"; os.print(toBeWritten); } } if (varcode.equals(VAR_HTTP)) { if (getHttp(httpReq) != null) { - toBeWritten = dynvars.get(varcode) + "=" + "\"" - + getHttp(httpReq) + "\"" + ";\n"; + toBeWritten = dynvars.get(varcode) + + "=" + "\"" + + getHttp(httpReq) + "\"" + + ";\n"; os.print(toBeWritten); } } if (varcode.equals(VAR_CLA_CRL_URL)) { if (getImportCrlUrl() != null) { - toBeWritten = dynvars.get(varcode) + "=" + "\"" - + getImportCrlUrl() + "\"" + ";\n"; + toBeWritten = dynvars.get(varcode) + + "=" + "\"" + + getImportCrlUrl() + "\"" + + ";\n"; os.print(toBeWritten); } } if (varcode.equals(VAR_AUTHMGRS)) { toBeWritten = ""; - IAuthSubsystem as = (IAuthSubsystem) CMS - .getSubsystem(CMS.SUBSYSTEM_AUTH); + IAuthSubsystem as = (IAuthSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_AUTH); Enumeration ame = as.getAuthManagers(); Date d = CMS.getCurrentDate(); @@ -273,12 +278,10 @@ public class DynamicVariablesServlet extends CMSServlet { StringBuffer sb = new StringBuffer(); while (ame.hasMoreElements()) { - IAuthManager am = (IAuthManager) ame - .nextElement(); + IAuthManager am = (IAuthManager) ame.nextElement(); String amName = am.getImplName(); - AuthMgrPlugin ap = as - .getAuthManagerPluginImpl(amName); + AuthMgrPlugin ap = as.getAuthManagerPluginImpl(amName); if (ap.isVisible()) { sb.append("authmanager["); diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/GetStats.java b/pki/base/common/src/com/netscape/cms/servlet/base/GetStats.java index 784ba40f..3b8f8bd4 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/GetStats.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/GetStats.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.base; + import java.io.IOException; import java.util.Date; import java.util.Enumeration; @@ -42,9 +43,10 @@ import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.common.CMSTemplateParams; import com.netscape.cms.servlet.common.ECMSGWException; + /** * Retrieve information. - * + * * @version $Revision$, $Date$ */ public class GetStats extends CMSServlet { @@ -60,9 +62,9 @@ public class GetStats extends CMSServlet { } /** - * initialize the servlet. This servlet uses the template file - * "getOCSPInfo.template" to render the result page. - * + * initialize the servlet. This servlet uses the template + * file "getOCSPInfo.template" to render the result page. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -77,12 +79,14 @@ public class GetStats extends CMSServlet { mTemplates.remove(CMSRequest.SUCCESS); } + /** - * Process the HTTP request. - * + * Process the HTTP request. + * * @param cmsReq the object holding the request and response information */ - protected void process(CMSRequest cmsReq) throws EBaseException { + protected void process(CMSRequest cmsReq) + throws EBaseException { HttpServletRequest httpReq = cmsReq.getHttpReq(); HttpServletResponse httpResp = cmsReq.getHttpResp(); @@ -90,14 +94,14 @@ public class GetStats extends CMSServlet { AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, - "read"); + authzToken = authorize(mAclMethod, authToken, + mAuthzResourceName, "read"); } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); } if (authzToken == null) { @@ -114,11 +118,10 @@ public class GetStats extends CMSServlet { try { form = getTemplate(mFormPath, httpReq, locale); } catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", mFormPath, - e.toString())); - cmsReq.setError(new ECMSGWException(CMS - .getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"))); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", mFormPath, e.toString())); + cmsReq.setError(new ECMSGWException( + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"))); cmsReq.setStatus(CMSRequest.ERROR); return; } @@ -127,12 +130,12 @@ public class GetStats extends CMSServlet { IArgBlock fixed = CMS.createArgBlock(); CMSTemplateParams argSet = new CMSTemplateParams(header, fixed); - IStatsSubsystem statsSub = (IStatsSubsystem) CMS.getSubsystem("stats"); + IStatsSubsystem statsSub = (IStatsSubsystem)CMS.getSubsystem("stats"); StatsEvent st = statsSub.getMainStatsEvent(); String op = httpReq.getParameter("op"); if (op != null && op.equals("clear")) { - statsSub.resetCounters(); + statsSub.resetCounters(); } header.addStringValue("startTime", statsSub.getStartTime().toString()); @@ -146,42 +149,43 @@ public class GetStats extends CMSServlet { form.renderOutput(out, argSet); cmsReq.setStatus(CMSRequest.SUCCESS); } catch (IOException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSGW_ERR_STREAM_TEMPLATE", e.toString())); - cmsReq.setError(new ECMSGWException(CMS - .getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"))); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_STREAM_TEMPLATE", e.toString())); + cmsReq.setError(new ECMSGWException( + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR"))); cmsReq.setStatus(CMSRequest.ERROR); } cmsReq.setStatus(CMSRequest.SUCCESS); return; } - public String getSep(int level) { - StringBuffer s = new StringBuffer(); - for (int i = 0; i < level; i++) { - s.append("-"); - } - return s.toString(); + public String getSep(int level) + { + StringBuffer s = new StringBuffer(); + for (int i = 0; i < level; i++) { + s.append("-"); + } + return s.toString(); } public void parse(CMSTemplateParams argSet, StatsEvent st, int level) { Enumeration names = st.getSubEventNames(); while (names.hasMoreElements()) { - String name = (String) names.nextElement(); - StatsEvent subSt = st.getSubEvent(name); - - IArgBlock rarg = CMS.createArgBlock(); - rarg.addStringValue("name", getSep(level) + " " + subSt.getName()); - rarg.addLongValue("noOfOp", subSt.getNoOfOperations()); - rarg.addLongValue("timeTaken", subSt.getTimeTaken()); - rarg.addLongValue("max", subSt.getMax()); - rarg.addLongValue("min", subSt.getMin()); - rarg.addLongValue("percentage", subSt.getPercentage()); - rarg.addLongValue("avg", subSt.getAvg()); - rarg.addLongValue("stddev", subSt.getStdDev()); - argSet.addRepeatRecord(rarg); - - parse(argSet, subSt, level + 1); + String name = (String)names.nextElement(); + StatsEvent subSt = st.getSubEvent(name); + + IArgBlock rarg = CMS.createArgBlock(); + rarg.addStringValue("name", getSep(level) + " " + subSt.getName()); + rarg.addLongValue("noOfOp", subSt.getNoOfOperations()); + rarg.addLongValue("timeTaken", subSt.getTimeTaken()); + rarg.addLongValue("max", subSt.getMax()); + rarg.addLongValue("min", subSt.getMin()); + rarg.addLongValue("percentage", subSt.getPercentage()); + rarg.addLongValue("avg", subSt.getAvg()); + rarg.addLongValue("stddev", subSt.getStdDev()); + argSet.addRepeatRecord(rarg); + + parse(argSet, subSt, level+1); } } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/IndexServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/IndexServlet.java index 60e80f1e..89179b57 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/IndexServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/IndexServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.base; + import java.io.IOException; import javax.servlet.ServletConfig; @@ -31,9 +32,11 @@ import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ECMSGWException; import com.netscape.cms.servlet.common.IndexTemplateFiller; + /** - * This is the servlet that builds the index page in various ports. - * + * This is the servlet that builds the index page in + * various ports. + * * @version $Revision$, $Date$ */ public class IndexServlet extends CMSServlet { @@ -65,9 +68,10 @@ public class IndexServlet extends CMSServlet { mTemplateName = sc.getInitParameter(PROP_TEMPLATE); /* - * mTemplates.put(CMSRequest.SUCCESS, new CMSLoadTemplate( - * PROP_SUCCESS_TEMPLATE, PROP_SUCCESS_TEMPLATE_FILLER, mTemplateName, - * new IndexTemplateFiller())); + mTemplates.put(CMSRequest.SUCCESS, + new CMSLoadTemplate( + PROP_SUCCESS_TEMPLATE, PROP_SUCCESS_TEMPLATE_FILLER, + mTemplateName, new IndexTemplateFiller())); */ mTemplates.remove(CMSRequest.SUCCESS); } @@ -87,25 +91,26 @@ public class IndexServlet extends CMSServlet { * Serves HTTP request. */ public void process(CMSRequest cmsReq) throws EBaseException { - if (CMSGateway.getEnableAdminEnroll() && mAuthority != null - && mAuthority instanceof ICertificateAuthority) { + if (CMSGateway.getEnableAdminEnroll() && + mAuthority != null && + mAuthority instanceof ICertificateAuthority) { try { cmsReq.getHttpResp().sendRedirect("/ca/adminEnroll.html"); } catch (IOException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_FAIL_REDIRECT_ADMIN_ENROLL", - e.toString())); - throw new ECMSGWException(CMS.getLogMessage( - "CMSGW_ERROR_REDIRECTING_ADMINENROLL1", e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_FAIL_REDIRECT_ADMIN_ENROLL", e.toString())); + throw new ECMSGWException( + CMS.getLogMessage("CMSGW_ERROR_REDIRECTING_ADMINENROLL1", + e.toString())); } return; } else { try { - renderTemplate(cmsReq, mTemplateName, new IndexTemplateFiller()); + renderTemplate( + cmsReq, mTemplateName, new IndexTemplateFiller()); } catch (IOException e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage( - "CMSGW_FAIL_RENDER_TEMPLATE", mTemplateName, - e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_FAIL_RENDER_TEMPLATE", mTemplateName, e.toString())); throw new ECMSGWException( CMS.getLogMessage("CMSG_ERROR_DISPLAY_TEMPLATE")); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/PortsServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/PortsServlet.java index 6c84b88d..4c3dec80 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/PortsServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/PortsServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.base; + import java.io.IOException; import javax.servlet.ServletConfig; @@ -33,7 +34,7 @@ import com.netscape.cmsutil.xml.XMLObject; /** * This servlet returns port information. - * + * * @version $Revision$, $Date$ */ public class PortsServlet extends CMSServlet { @@ -49,7 +50,7 @@ public class PortsServlet extends CMSServlet { public void init(ServletConfig sc) throws ServletException { super.init(sc); - // override these to output directly ourselves. + // override these to output directly ourselves. mTemplates.remove(CMSRequest.SUCCESS); mTemplates.remove(CMSRequest.ERROR); } @@ -66,10 +67,10 @@ public class PortsServlet extends CMSServlet { String port = null; if (secure.equals("true")) - port = CMS.getEESSLPort(); + port = CMS.getEESSLPort(); else port = CMS.getEENonSSLPort(); - + try { XMLObject xmlObj = null; xmlObj = new XMLObject(); diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/ProxyServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/ProxyServlet.java index b8e19534..15bfb306 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/ProxyServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/ProxyServlet.java @@ -2,6 +2,7 @@ package com.netscape.cms.servlet.base; + import java.io.IOException; import java.util.HashMap; import java.util.Iterator; @@ -20,29 +21,34 @@ import javax.servlet.http.HttpServletResponse; import com.netscape.certsrv.apps.CMS; + /** * This is a servlet that proxies request to another servlet. + * + * SERVLET REDIRECTION + * Specify the URL of a servlet to forward the request to + * destServlet: /ee/ca/newservlet + * + * PARAMETER MAPPING + * In the servlet configuration (as an init-param in web.xml) you + * can optionally specify a value for the parameter 'parameterMap' + * which contains a list of HTTP parameters which should be + * translated to new names. * - * SERVLET REDIRECTION Specify the URL of a servlet to forward the request to - * destServlet: /ee/ca/newservlet - * - * PARAMETER MAPPING In the servlet configuration (as an init-param in web.xml) - * you can optionally specify a value for the parameter 'parameterMap' which - * contains a list of HTTP parameters which should be translated to new names. - * - * parameterMap: name1->newname1,name2->newname2 - * + * parameterMap: name1->newname1,name2->newname2 + * * Optionally, names can be set to static values: + * + * parameterMap: name1->name2=value + * + * Examples: + * Consider the following HTTP input parameters: + * vehicle:car make:ford model:explorer * - * parameterMap: name1->name2=value - * - * Examples: Consider the following HTTP input parameters: vehicle:car make:ford - * model:explorer - * - * The following config strings will have this effect: parameterMap: - * make->manufacturer,model->name=expedition,->suv=true output: vehicle:car - * manufactuer:ford model:expedition suv:true - * + * The following config strings will have this effect: + * parameterMap: make->manufacturer,model->name=expedition,->suv=true + * output: vehicle:car manufactuer:ford model:expedition suv:true + * * @version $Revision$, $Date$ */ public class ProxyServlet extends HttpServlet { @@ -58,41 +64,40 @@ public class ProxyServlet extends HttpServlet { private Vector mMatchStrings = new Vector(); private String mDestServletOnNoMatch = null; private String mAppendPathInfoOnNoMatch = null; - private Map mParamMap = new HashMap(); - private Map mParamValue = new HashMap(); + private Map mParamMap = new HashMap(); + private Map mParamValue = new HashMap(); public ProxyServlet() { } - private void parseParamTable(String s) { - if (s == null) - return; - - String[] params = s.split(","); - for (int i = 0; i < params.length; i++) { - String p = params[i]; - if (p != null) { - String[] paramNames = p.split("->"); - if (paramNames.length != 2) { - } - String from = paramNames[0]; - String to = paramNames[1]; - if (from != null && to != null) { - String[] splitTo = to.split("="); - String toName = splitTo[0]; - if (from.length() > 0) { - mParamMap.put(from, toName); - } - if (splitTo.length == 2) { - String toValue = splitTo[1]; - String toValues[] = new String[1]; - toValues[0] = toValue; - mParamValue.put(toName, toValues); - } - } - } - } - } + private void parseParamTable(String s) { + if (s == null) return; + + String[] params = s.split(","); + for (int i=0;i<params.length;i++) { + String p = params[i]; + if (p != null) { + String[] paramNames = p.split("->"); + if (paramNames.length != 2) { + } + String from = paramNames[0]; + String to = paramNames[1]; + if (from != null && to != null) { + String[] splitTo = to.split("="); + String toName = splitTo[0]; + if (from.length() >0) { + mParamMap.put(from,toName); + } + if (splitTo.length == 2) { + String toValue = splitTo[1]; + String toValues[] = new String[1]; + toValues[0] = toValue; + mParamValue.put(toName,toValues); + } + } + } + } + } public void init(ServletConfig sc) throws ServletException { super.init(sc); @@ -108,16 +113,16 @@ public class ProxyServlet extends HttpServlet { mDest = sc.getInitParameter("destServlet"); mSrcContext = sc.getInitParameter("srcContext"); mAppendPathInfo = sc.getInitParameter("appendPathInfo"); - mAppendPathInfoOnNoMatch = sc - .getInitParameter("appendPathInfoOnNoMatch"); + mAppendPathInfoOnNoMatch = sc.getInitParameter("appendPathInfoOnNoMatch"); String map = sc.getInitParameter("parameterMap"); - if (map != null) { - parseParamTable(map); - } + if (map != null) { + parseParamTable(map); + } } - public void service(HttpServletRequest req, HttpServletResponse res) - throws IOException, ServletException { + public void service(HttpServletRequest req, HttpServletResponse res) throws + IOException, ServletException + { RequestDispatcher dispatcher = null; String dest = mDest; String uri = req.getRequestURI(); @@ -127,120 +132,120 @@ public class ProxyServlet extends HttpServlet { if (mMatchStrings.size() != 0) { boolean matched = false; for (int i = 0; i < mMatchStrings.size(); i++) { - String t = (String) mMatchStrings.elementAt(i); - if (uri.indexOf(t) != -1) { + String t = (String)mMatchStrings.elementAt(i); + if (uri.indexOf(t) != -1) { matched = true; } } if (!matched) { dest = mDestServletOnNoMatch; // append Path info for OCSP request in Get method - if (mAppendPathInfoOnNoMatch != null - && !mAppendPathInfoOnNoMatch.equals("")) { + if (mAppendPathInfoOnNoMatch != null && + !mAppendPathInfoOnNoMatch.equals("")) { dest = dest + uri.replace(mAppendPathInfoOnNoMatch, ""); } } } if (dest == null || dest.equals("")) { - // mapping everything - dest = uri; - dest = dest.replaceFirst(mSrcContext, ""); + // mapping everything + dest = uri; + dest = dest.replaceFirst(mSrcContext, ""); } if (mAppendPathInfo != null && !mAppendPathInfo.equals("")) { - dest = dest + uri.replace(mAppendPathInfo, ""); + dest = dest + uri.replace(mAppendPathInfo, ""); } if (mDestContext != null && !mDestContext.equals("")) { - dispatcher = getServletContext().getContext(mDestContext) - .getRequestDispatcher(dest); + dispatcher = getServletContext().getContext(mDestContext).getRequestDispatcher(dest); } else { - dispatcher = req.getRequestDispatcher(dest); + dispatcher = req.getRequestDispatcher(dest); } - // If a parameter map was specified - if (mParamMap != null && !mParamMap.isEmpty()) { - // Make a new wrapper with the new parameters - ProxyWrapper r = new ProxyWrapper(req); - r.setParameterMapAndValue(mParamMap, mParamValue); - req = r; - } - - dispatcher.forward(req, res); + // If a parameter map was specified + if (mParamMap != null && !mParamMap.isEmpty()) { + // Make a new wrapper with the new parameters + ProxyWrapper r = new ProxyWrapper(req); + r.setParameterMapAndValue(mParamMap,mParamValue); + req = r; + } + + dispatcher.forward(req, res); } } -class ProxyWrapper extends HttpServletRequestWrapper { - private Map mMap = null; - private Map mValueMap = null; - - public ProxyWrapper(HttpServletRequest req) { - super(req); - } - - public void setParameterMapAndValue(Map m, Map v) { - if (m != null) - mMap = m; - if (v != null) - mValueMap = v; - } - - public Map getParameterMap() { - try { - // If we haven't specified any parameter mapping, just - // use the regular implementation - if (mMap == null) - return super.getParameterMap(); - else { - // Make a new Map for us to put stuff in - Map n = new HashMap(); - // get the HTTP parameters the user supplied. - Map m = super.getParameterMap(); - Set s = m.entrySet(); - Iterator i = s.iterator(); - while (i.hasNext()) { - Map.Entry me = (Map.Entry) i.next(); - String name = (String) me.getKey(); - String[] values = (String[]) (me.getValue()); - String newname = null; - if (name != null) { - newname = (String) mMap.get(name); - } - - // No mapping specified, just use existing name/value - if (newname == null || mValueMap == null) { - n.put(name, values); - } else { // new name specified - Object o = mValueMap.get(newname); - // check if new (static) value specified - if (o == null) { - n.put(newname, values); - } else { - String newvalues[] = (String[]) mValueMap - .get(newname); - n.put(newname, newvalues); - } - } - } - // Now, deal with static values set in the config - // which weren't set in the HTTP request - Set s2 = mValueMap.entrySet(); - Iterator i2 = s2.iterator(); - // Cycle through all the static values - while (i2.hasNext()) { - Map.Entry me2 = (Map.Entry) i2.next(); - String name2 = (String) me2.getKey(); - if (n.get(name2) == null) { - String[] values2 = (String[]) me2.getValue(); - // If the parameter is not set in the map - // Set it now - n.put(name2, values2); - } - } - - return n; - } - } catch (NullPointerException npe) { - CMS.debug(npe); - return null; - } - } +class ProxyWrapper extends HttpServletRequestWrapper +{ + private Map mMap = null; + private Map mValueMap = null; + + public ProxyWrapper(HttpServletRequest req) + { + super(req); + } + + public void setParameterMapAndValue(Map m,Map v) + { + if (m != null) mMap = m; + if (v != null) mValueMap = v; + } + + public Map getParameterMap() + { + try { + // If we haven't specified any parameter mapping, just + // use the regular implementation + if (mMap == null) return super.getParameterMap(); + else { + // Make a new Map for us to put stuff in + Map n = new HashMap(); + // get the HTTP parameters the user supplied. + Map m = super.getParameterMap(); + Set s = m.entrySet(); + Iterator i = s.iterator(); + while (i.hasNext()) { + Map.Entry me = (Map.Entry) i.next(); + String name = (String) me.getKey(); + String[] values = (String[])(me.getValue()); + String newname = null; + if (name != null) { + newname = (String) mMap.get(name); + } + + // No mapping specified, just use existing name/value + if (newname == null || mValueMap == null) { + n.put(name,values); + } else { // new name specified + Object o = mValueMap.get(newname); + // check if new (static) value specified + if (o==null) { + n.put(newname,values); + } else { + String newvalues[] = (String[])mValueMap.get(newname); + n.put(newname,newvalues); + } + } + } + // Now, deal with static values set in the config + // which weren't set in the HTTP request + Set s2 = mValueMap.entrySet(); + Iterator i2 = s2.iterator(); + // Cycle through all the static values + while (i2.hasNext()) { + Map.Entry me2 = (Map.Entry) i2.next(); + String name2 = (String) me2.getKey(); + if (n.get(name2) == null) { + String[] values2 = (String[])me2.getValue(); + // If the parameter is not set in the map + // Set it now + n.put(name2,values2); + } + } + + return n; + } + } catch (NullPointerException npe) { + CMS.debug(npe); + return null; + } + } } + diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java index 625a69ed..5daac065 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java @@ -17,6 +17,7 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.base; + import java.io.IOException; import java.util.Date; @@ -29,14 +30,15 @@ import javax.servlet.http.HttpServletResponse; import com.netscape.certsrv.apps.CMS; /** - * Displays detailed information about java VM internals, including current JVM - * memory usage, and detailed information about each thread. + * Displays detailed information about java VM internals, including + * current JVM memory usage, and detailed information about each + * thread. * <p> * Also allows user to trigger a new garbage collection - * + * * @version $Revision$, $Date$ */ -public class SystemInfoServlet extends HttpServlet { +public class SystemInfoServlet extends HttpServlet { /** * @@ -51,23 +53,21 @@ public class SystemInfoServlet extends HttpServlet { } /** - * service the request, returning HTML to the client. This method has - * different behaviour depending on the value of the 'op' HTTP parameter. + * service the request, returning HTML to the client. + * This method has different behaviour depending on the + * value of the 'op' HTTP parameter. * <UL> - * <LI>op = <i>undefined</i> - display a menu with links to the other - * functionality of this servlet - * <li>op = gc - tell the JVM that we want to do a garbage collection and to - * run finalizers (@see java.lang.Runtime.getRuntime#gc() ) - * <li>op = general - display information about memory, and other JVM - * informatino - * <li>op = thread - display details about each thread. + * <LI>op = <i>undefined</i> - display a menu with links to the other functionality of this servlet + * <li>op = gc - tell the JVM that we want to do a garbage collection and to run finalizers + * (@see java.lang.Runtime.getRuntime#gc() ) + * <li>op = general - display information about memory, and other JVM informatino + * <li>op = thread - display details about each thread. * </UL> - * - * @see javax.servlet.http.HttpServlet#service(HttpServletRequest, - * HttpServletResponse) + * @see javax.servlet.http.HttpServlet#service(HttpServletRequest, HttpServletResponse) */ - public void service(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { + public void service(HttpServletRequest request, + HttpServletResponse response) + throws ServletException, IOException { boolean collect = false; String op = request.getParameter("op"); @@ -83,12 +83,12 @@ public class SystemInfoServlet extends HttpServlet { } } - private void mainMenu(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException { + private void mainMenu(HttpServletRequest request, + HttpServletResponse response) + throws ServletException, IOException { response.getWriter().println("<HTML>"); response.getWriter().println("<H1>"); - response.getWriter().println( - "<a href=" + request.getServletPath() + ">"); + response.getWriter().println("<a href=" + request.getServletPath() + ">"); response.getWriter().println("Main"); response.getWriter().println("</a>"); response.getWriter().println("</H1>"); @@ -97,8 +97,7 @@ public class SystemInfoServlet extends HttpServlet { response.getWriter().println("<tr>"); response.getWriter().println("<td>"); response.getWriter().println("<li>"); - response.getWriter().println( - "<a href=" + request.getServletPath() + "?op=general>"); + response.getWriter().println("<a href=" + request.getServletPath() + "?op=general>"); response.getWriter().println("General"); response.getWriter().println("</a>"); response.getWriter().println("</td>"); @@ -106,8 +105,7 @@ public class SystemInfoServlet extends HttpServlet { response.getWriter().println("<tr>"); response.getWriter().println("<td>"); response.getWriter().println("<li>"); - response.getWriter().println( - "<a href=" + request.getServletPath() + "?op=gc>"); + response.getWriter().println("<a href=" + request.getServletPath() + "?op=gc>"); response.getWriter().println("Garbage Collection"); response.getWriter().println("</a>"); response.getWriter().println("</td>"); @@ -115,8 +113,7 @@ public class SystemInfoServlet extends HttpServlet { response.getWriter().println("<tr>"); response.getWriter().println("<td>"); response.getWriter().println("<li>"); - response.getWriter().println( - "<a href=" + request.getServletPath() + "?op=thread>"); + response.getWriter().println("<a href=" + request.getServletPath() + "?op=thread>"); response.getWriter().println("Thread Listing"); response.getWriter().println("</a>"); response.getWriter().println("</td>"); @@ -125,31 +122,30 @@ public class SystemInfoServlet extends HttpServlet { response.getWriter().println("</HTML>"); } - private void gc(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { + private void gc(HttpServletRequest request, + HttpServletResponse response) + throws ServletException, IOException { java.lang.Runtime.getRuntime().gc(); java.lang.Runtime.getRuntime().runFinalization(); response.getWriter().println("<HTML>"); response.getWriter().println("<H1>"); - response.getWriter().println( - "<a href=" + request.getServletPath() + ">"); + response.getWriter().println("<a href=" + request.getServletPath() + ">"); response.getWriter().println("Main"); response.getWriter().println("</a>"); response.getWriter().println(" : "); response.getWriter().println("Garbage Collection"); response.getWriter().println("</H1>"); response.getWriter().println("<p>"); - response.getWriter() - .println("The garbage collector has been executed."); + response.getWriter().println("The garbage collector has been executed."); response.getWriter().println("</HTML>"); } - private void general(HttpServletRequest request, - HttpServletResponse response) throws ServletException, IOException { + private void general(HttpServletRequest request, + HttpServletResponse response) + throws ServletException, IOException { response.getWriter().println("<HTML>"); response.getWriter().println("<H1>"); - response.getWriter().println( - "<a href=" + request.getServletPath() + ">"); + response.getWriter().println("<a href=" + request.getServletPath() + ">"); response.getWriter().println("Main"); response.getWriter().println("</a>"); response.getWriter().println(" : "); @@ -178,8 +174,7 @@ public class SystemInfoServlet extends HttpServlet { response.getWriter().println("Available Processors:"); response.getWriter().println("</td>"); response.getWriter().println("<td>"); - response.getWriter() - .println(Runtime.getRuntime().availableProcessors()); + response.getWriter().println(Runtime.getRuntime().availableProcessors()); response.getWriter().println("</td>"); response.getWriter().println("</tr>"); response.getWriter().println("<tr>"); @@ -219,22 +214,20 @@ public class SystemInfoServlet extends HttpServlet { response.getWriter().println("Free Memory / Total Memory:"); response.getWriter().println("</td>"); response.getWriter().println("<td>"); - response.getWriter().println( - (Runtime.getRuntime().freeMemory() * 100) - / Runtime.getRuntime().totalMemory() + "%"); + response.getWriter().println((Runtime.getRuntime().freeMemory() * 100) / Runtime.getRuntime().totalMemory() + "%"); response.getWriter().println("</td>"); response.getWriter().println("</tr>"); response.getWriter().println("</table>"); response.getWriter().println("</HTML>"); } - private void thread(HttpServletRequest request, HttpServletResponse response) - throws ServletException, IOException { + private void thread(HttpServletRequest request, + HttpServletResponse response) + throws ServletException, IOException { response.getWriter().println("</table>"); response.getWriter().println("<HTML>"); response.getWriter().println("<H1>"); - response.getWriter().println( - "<a href=" + request.getServletPath() + ">"); + response.getWriter().println("<a href=" + request.getServletPath() + ">"); response.getWriter().println("Main"); response.getWriter().println("</a>"); response.getWriter().println(" : "); diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/UserInfo.java b/pki/base/common/src/com/netscape/cms/servlet/base/UserInfo.java index ca829561..02ab5b52 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/UserInfo.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/UserInfo.java @@ -17,10 +17,11 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.base; + /** - * This class represents information about the client e.g. version, langauge, - * vendor. - * + * This class represents information about the client e.g. version, + * langauge, vendor. + * * @version $Revision$, $Date$ */ public class UserInfo { @@ -35,7 +36,7 @@ public class UserInfo { /** * Returns the user language. - * + * * @param s user language info from the browser * @return user language */ @@ -52,7 +53,7 @@ public class UserInfo { /** * Returns the user country. - * + * * @param s user language info from the browser * @return user country */ @@ -66,10 +67,10 @@ public class UserInfo { } return ""; } - + /** * Returns the users agent. - * + * * @param s user language info from the browser * @return user agent */ @@ -78,7 +79,7 @@ public class UserInfo { if (s.indexOf(MSIE) != -1) { return MSIE; } - + // Check for Netscape i.e. Mozilla if (s.indexOf(MOZILLA) != -1) { return MOZILLA; @@ -86,5 +87,5 @@ public class UserInfo { // Don't know agent. Return empty string. return ""; - } + } } |