summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java225
1 files changed, 98 insertions, 127 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java
index 1265fb87..78bb9485 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java
@@ -17,6 +17,7 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.csadmin;
+
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
@@ -69,19 +70,18 @@ public class AdminPanel extends WizardPanelBase {
private static final String ADMIN_UID = "admin";
private final static String CERT_TAG = "admin";
- public AdminPanel() {
- }
+ public AdminPanel() {}
/**
* Initializes this panel.
*/
- public void init(ServletConfig config, int panelno) throws ServletException {
+ public void init(ServletConfig config, int panelno)
+ throws ServletException {
setPanelNo(panelno);
setName("Administrator");
}
- public void init(WizardServlet servlet, ServletConfig config, int panelno,
- String id) {
+ public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) {
setPanelNo(panelno);
setName("Administrator");
setId(id);
@@ -101,39 +101,29 @@ public class AdminPanel extends WizardPanelBase {
} else {
return true;
}
- } catch (Exception e) {
- }
+ } catch (Exception e) {}
return false;
}
public PropertySet getUsage() {
PropertySet set = new PropertySet();
-
- Descriptor emailDesc = new Descriptor(IDescriptor.STRING, null, /*
- * no
- * constraint
- */
- null, /* no default parameter */
- "Email address for an administrator");
+
+ Descriptor emailDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */
+ null, /* no default parameter */
+ "Email address for an administrator");
set.add("admin_email", emailDesc);
- Descriptor pwdDesc = new Descriptor(IDescriptor.STRING, null, /*
- * no
- * constraint
- */
- null, /* no default parameter */
- "Administrator's password");
+ Descriptor pwdDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */
+ null, /* no default parameter */
+ "Administrator's password");
set.add("pwd", pwdDesc);
- Descriptor pwdAgainDesc = new Descriptor(IDescriptor.STRING, null, /*
- * no
- * constraint
- */
- null, /* no default parameter */
- "Administrator's password again");
+ Descriptor pwdAgainDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */
+ null, /* no default parameter */
+ "Administrator's password again");
set.add("admin_password_again", pwdAgainDesc);
return set;
@@ -143,7 +133,8 @@ public class AdminPanel extends WizardPanelBase {
* Display the panel.
*/
public void display(HttpServletRequest request,
- HttpServletResponse response, Context context) {
+ HttpServletResponse response,
+ Context context) {
CMS.debug("AdminPanel: display");
IConfigStore cs = CMS.getConfigStore();
@@ -161,8 +152,7 @@ public class AdminPanel extends WizardPanelBase {
try {
type = cs.getString("preop.ca.type", "");
subsystemtype = cs.getString("cs.type", "");
- } catch (Exception e) {
- }
+ } catch (Exception e) {}
if (isPanelDone()) {
try {
@@ -171,14 +161,11 @@ public class AdminPanel extends WizardPanelBase {
context.put("admin_pwd", "");
context.put("admin_pwd_again", "");
context.put("admin_uid", cs.getString("preop.admin.uid"));
- } catch (Exception e) {
- }
+ } catch (Exception e) {}
} else {
String def_admin_name = "";
try {
- def_admin_name = cs.getString("cs.type")
- + " Administrator of Instance "
- + cs.getString("instanceId");
+ def_admin_name = cs.getString("cs.type") + " Administrator of Instance " + cs.getString("instanceId");
} catch (EBaseException e) {
}
context.put("admin_name", def_admin_name);
@@ -189,7 +176,7 @@ public class AdminPanel extends WizardPanelBase {
}
ISubsystem ca = (ISubsystem) CMS.getSubsystem("ca");
- if (ca == null) {
+ if (ca == null) {
context.put("ca", "false");
} else {
context.put("ca", "true");
@@ -199,24 +186,24 @@ public class AdminPanel extends WizardPanelBase {
String domainname = "";
try {
domainname = cs.getString("securitydomain.name", "");
- } catch (EBaseException e1) {
- }
+ } catch (EBaseException e1) {}
context.put("securityDomain", domainname);
context.put("title", "Administrator");
context.put("panel", "admin/console/config/adminpanel.vm");
context.put("errorString", "");
context.put("info", info);
-
+
}
/**
* Checks if the given parameters are valid.
*/
public void validate(HttpServletRequest request,
- HttpServletResponse response, Context context) throws IOException {
+ HttpServletResponse response,
+ Context context) throws IOException
+ {
String pwd = HttpInput.getPassword(request, "__pwd");
- String pwd_again = HttpInput.getPassword(request,
- "__admin_password_again");
+ String pwd_again = HttpInput.getPassword(request, "__admin_password_again");
String email = HttpInput.getEmail(request, "email");
String name = HttpInput.getName(request, "name");
String uid = HttpInput.getUID(request, "uid");
@@ -243,8 +230,7 @@ public class AdminPanel extends WizardPanelBase {
if (!pwd.equals(pwd_again)) {
context.put("updateStatus", "validate-failure");
- throw new IOException(
- "Password and password again are not the same.");
+ throw new IOException("Password and password again are not the same.");
}
if (email == null || email.length() == 0) {
@@ -257,7 +243,8 @@ public class AdminPanel extends WizardPanelBase {
* Commit parameter changes
*/
public void update(HttpServletRequest request,
- HttpServletResponse response, Context context) throws IOException {
+ HttpServletResponse response,
+ Context context) throws IOException {
IConfigStore config = CMS.getConfigStore();
context.put("info", "");
context.put("import", "true");
@@ -269,15 +256,13 @@ public class AdminPanel extends WizardPanelBase {
try {
type = config.getString(PRE_CA_TYPE, "");
subsystemtype = config.getString("cs.type", "");
- security_domain_type = config
- .getString("securitydomain.select", "");
+ security_domain_type = config.getString("securitydomain.select","");
selected_hierarchy = config.getString("preop.hierarchy.select", "");
- } catch (Exception e) {
- }
+ } catch (Exception e) {}
ISubsystem ca = (ISubsystem) CMS.getSubsystem("ca");
- if (ca == null) {
+ if (ca == null) {
context.put("ca", "false");
} else {
context.put("ca", "true");
@@ -301,12 +286,14 @@ public class AdminPanel extends WizardPanelBase {
throw e;
}
- // REMINDER: This panel is NOT used by "clones"
- if (ca != null) {
- if (selected_hierarchy.equals("root")) {
- CMS.debug("AdminPanel update: " + "Root CA subsystem");
+ // REMINDER: This panel is NOT used by "clones"
+ if( ca != null ) {
+ if( selected_hierarchy.equals( "root" ) ) {
+ CMS.debug( "AdminPanel update: "
+ + "Root CA subsystem");
} else {
- CMS.debug("AdminPanel update: " + "Subordinate CA subsystem");
+ CMS.debug( "AdminPanel update: "
+ + "Subordinate CA subsystem");
}
try {
@@ -322,8 +309,10 @@ public class AdminPanel extends WizardPanelBase {
String ca_hostname = null;
int ca_port = -1;
- // REMINDER: This panel is NOT used by "clones"
- CMS.debug("AdminPanel update: " + subsystemtype + " subsystem");
+ // REMINDER: This panel is NOT used by "clones"
+ CMS.debug( "AdminPanel update: "
+ + subsystemtype
+ + " subsystem" );
if (type.equals("sdca")) {
try {
@@ -350,11 +339,10 @@ public class AdminPanel extends WizardPanelBase {
try {
config.commit(false);
- } catch (Exception e) {
- }
+ } catch (Exception e) {}
context.put("updateStatus", "success");
-
+
}
private void createAdmin(HttpServletRequest request) throws IOException {
@@ -414,8 +402,7 @@ public class AdminPanel extends WizardPanelBase {
String select = config.getString("securitydomain.select", "");
if (select.equals("new")) {
- group = system
- .getGroupFromName("Security Domain Administrators");
+ group = system.getGroupFromName("Security Domain Administrators");
if (!group.isMember(uid)) {
group.addMemberName(uid);
system.modifyGroup(group);
@@ -427,8 +414,7 @@ public class AdminPanel extends WizardPanelBase {
system.modifyGroup(group);
}
- group = system
- .getGroupFromName("Enterprise KRA Administrators");
+ group = system.getGroupFromName("Enterprise KRA Administrators");
if (!group.isMember(uid)) {
group.addMemberName(uid);
system.modifyGroup(group);
@@ -440,22 +426,19 @@ public class AdminPanel extends WizardPanelBase {
system.modifyGroup(group);
}
- group = system
- .getGroupFromName("Enterprise TKS Administrators");
+ group = system.getGroupFromName("Enterprise TKS Administrators");
if (!group.isMember(uid)) {
group.addMemberName(uid);
system.modifyGroup(group);
}
- group = system
- .getGroupFromName("Enterprise OCSP Administrators");
+ group = system.getGroupFromName("Enterprise OCSP Administrators");
if (!group.isMember(uid)) {
group.addMemberName(uid);
system.modifyGroup(group);
}
- group = system
- .getGroupFromName("Enterprise TPS Administrators");
+ group = system.getGroupFromName("Enterprise TPS Administrators");
if (!group.isMember(uid)) {
group.addMemberName(uid);
system.modifyGroup(group);
@@ -467,9 +450,8 @@ public class AdminPanel extends WizardPanelBase {
}
}
- private void submitRequest(String ca_hostname, int ca_port,
- HttpServletRequest request, HttpServletResponse response,
- Context context) throws IOException {
+ private void submitRequest(String ca_hostname, int ca_port, HttpServletRequest request,
+ HttpServletResponse response, Context context) throws IOException {
IConfigStore config = CMS.getConfigStore();
String sd_hostname = null;
int sd_port = -1;
@@ -477,29 +459,22 @@ public class AdminPanel extends WizardPanelBase {
try {
sd_hostname = config.getString("securitydomain.host", "");
sd_port = config.getInteger("securitydomain.httpseeport");
- } catch (Exception e) {
- }
+ } catch (Exception e) {}
String profileId = HttpInput.getID(request, "profileId");
if (profileId == null) {
try {
- profileId = config.getString("preop.admincert.profile",
- "caAdminCert");
- } catch (Exception e) {
- }
+ profileId = config.getString("preop.admincert.profile", "caAdminCert");
+ } catch (Exception e) {}
}
- String cert_request_type = HttpInput
- .getID(request, "cert_request_type");
+ String cert_request_type = HttpInput.getID(request, "cert_request_type");
String cert_request = HttpInput.getCertRequest(request, "cert_request");
cert_request = URLEncoder.encode(cert_request, "UTF-8");
String session_id = CMS.getConfigSDSessionId();
String subjectDN = HttpInput.getString(request, "subject");
- String content = "profileId=" + profileId + "&cert_request_type="
- + cert_request_type + "&cert_request=" + cert_request
- + "&xmlOutput=true&sessionID=" + session_id + "&subject="
- + subjectDN;
+ String content = "profileId="+profileId+"&cert_request_type="+cert_request_type+"&cert_request="+cert_request+"&xmlOutput=true&sessionID="+session_id+"&subject="+subjectDN;
HttpClient httpclient = new HttpClient();
String c = null;
@@ -522,7 +497,7 @@ public class AdminPanel extends WizardPanelBase {
c = httpresponse.getContent();
CMS.debug("AdminPanel submitRequest: content=" + c);
-
+
// retrieve the request Id ad admin certificate
if (c != null) {
try {
@@ -533,15 +508,15 @@ public class AdminPanel extends WizardPanelBase {
try {
parser = new XMLObject(bis);
} catch (Exception e) {
- CMS.debug("AdminPanel::submitRequest() - "
- + "Exception=" + e.toString());
- throw new IOException(e.toString());
+ CMS.debug( "AdminPanel::submitRequest() - "
+ + "Exception="+e.toString() );
+ throw new IOException( e.toString() );
}
String status = parser.getValue("Status");
CMS.debug("AdminPanel update: status=" + status);
if (status.equals("2")) {
- // relogin to the security domain
+ //relogin to the security domain
reloginSecurityDomain(response);
return;
} else if (!status.equals("0")) {
@@ -550,7 +525,7 @@ public class AdminPanel extends WizardPanelBase {
context.put("errorString", error);
throw new IOException(error);
}
-
+
IConfigStore cs = CMS.getConfigStore();
String id = parser.getValue("Id");
@@ -564,7 +539,7 @@ public class AdminPanel extends WizardPanelBase {
+ File.separator + "admin.b64";
cs.putString("preop.admincert.b64", dir);
- PrintStream ps = new PrintStream(new FileOutputStream(dir));
+ PrintStream ps = new PrintStream(new FileOutputStream(dir));
ps.println(b64);
ps.flush();
@@ -586,13 +561,12 @@ public class AdminPanel extends WizardPanelBase {
HttpServletResponse response, Context context) throws IOException {
String cert_request = HttpInput.getCertRequest(request, "cert_request");
- String cert_request_type = HttpInput
- .getID(request, "cert_request_type");
+ String cert_request_type = HttpInput.getID(request, "cert_request_type");
IConfigStore cs = CMS.getConfigStore();
- if (cs == null) {
- CMS.debug("AdminPanel::createAdminCertificate() - cs is null!");
- throw new IOException("cs is null");
+ if( cs == null ) {
+ CMS.debug( "AdminPanel::createAdminCertificate() - cs is null!" );
+ throw new IOException( "cs is null" );
}
String subject = "";
@@ -604,13 +578,14 @@ public class AdminPanel extends WizardPanelBase {
subject = CryptoUtil.getSubjectName(crmfMsgs);
x509key = CryptoUtil.getX509KeyFromCRMFMsgs(crmfMsgs);
} catch (Exception e) {
- CMS.debug("AdminPanel createAdminCertificate: Exception="
- + e.toString());
+ CMS.debug(
+ "AdminPanel createAdminCertificate: Exception="
+ + e.toString());
}
- // this request is from IE. The VBScript has problem of generating
- // certificate request if the subject name has E and UID components.
- // For now, we always hardcoded the subject DN to be cn=NAME in
- // the IE browser.
+ // this request is from IE. The VBScript has problem of generating
+ // certificate request if the subject name has E and UID components.
+ // For now, we always hardcoded the subject DN to be cn=NAME in
+ // the IE browser.
} else if (cert_request_type.equals("pkcs10")) {
try {
byte[] b = CMS.AtoB(cert_request);
@@ -619,35 +594,33 @@ public class AdminPanel extends WizardPanelBase {
x509key = pkcs10.getSubjectPublicKeyInfo();
} catch (Exception e) {
CMS.debug("AdminPanel createAdminCertificate: Exception="
- + e.toString());
+ + e.toString());
}
}
- if (x509key == null) {
- CMS.debug("AdminPanel::createAdminCertificate() - x509key is null!");
- throw new IOException("x509key is null");
+ if( x509key == null ) {
+ CMS.debug( "AdminPanel::createAdminCertificate() - x509key is null!" );
+ throw new IOException( "x509key is null" );
}
try {
cs.putString(PCERT_PREFIX + CERT_TAG + ".dn", subject);
- String caType = cs.getString(PCERT_PREFIX + CERT_TAG + ".type",
- "local");
+ String caType = cs.getString(PCERT_PREFIX + CERT_TAG + ".type", "local");
X509CertImpl impl = CertUtil.createLocalCert(cs, x509key,
- PCERT_PREFIX, CERT_TAG, caType, context);
+ PCERT_PREFIX, CERT_TAG, caType, context);
// update the locally created request for renewal
- CertUtil.updateLocalRequest(cs, CERT_TAG, cert_request,
- cert_request_type, subject);
+ CertUtil.updateLocalRequest(cs, CERT_TAG, cert_request,cert_request_type, subject);
ISubsystem ca = (ISubsystem) CMS.getSubsystem("ca");
if (ca != null) {
createPKCS7(impl);
}
- cs.putString("preop.admincert.serialno.0", impl.getSerialNumber()
- .toString(16));
+ cs.putString("preop.admincert.serialno.0",
+ impl.getSerialNumber().toString(16));
} catch (Exception e) {
CMS.debug("AdminPanel createAdminCertificate: Exception="
- + e.toString());
+ + e.toString());
}
}
@@ -655,7 +628,8 @@ public class AdminPanel extends WizardPanelBase {
* If validiate() returns false, this method will be called.
*/
public void displayError(HttpServletRequest request,
- HttpServletResponse response, Context context) {
+ HttpServletResponse response,
+ Context context) {
context.put("title", "Administrator");
context.put("panel", "admin/console/config/adminpanel.vm");
@@ -666,9 +640,8 @@ public class AdminPanel extends WizardPanelBase {
try {
type = cs.getString("preop.ca.type", "");
- } catch (Exception e) {
- }
- if (ca == null && type.equals("otherca")) {
+ } catch (Exception e) {}
+ if (ca == null && type.equals("otherca")) {
info = "Since you do not join the Redhat CA network, the administrator's certificate will not be generated automatically.";
}
context.put("info", info);
@@ -682,7 +655,7 @@ public class AdminPanel extends WizardPanelBase {
public boolean shouldSkip() {
try {
IConfigStore c = CMS.getConfigStore();
- String s = c.getString("preop.subsystem.select", null);
+ String s = c.getString("preop.subsystem.select",null);
if (s != null && s.equals("clone")) {
return true;
}
@@ -692,11 +665,11 @@ public class AdminPanel extends WizardPanelBase {
return false;
}
+
private void createPKCS7(X509CertImpl cert) {
try {
IConfigStore cs = CMS.getConfigStore();
- ICertificateAuthority ca = (ICertificateAuthority) CMS
- .getSubsystem("ca");
+ ICertificateAuthority ca = (ICertificateAuthority)CMS.getSubsystem("ca");
CertificateChain cachain = ca.getCACertChain();
X509Certificate[] cacerts = cachain.getChain();
X509CertImpl[] userChain = new X509CertImpl[cacerts.length + 1];
@@ -707,18 +680,16 @@ public class AdminPanel extends WizardPanelBase {
}
userChain[0] = cert;
- PKCS7 p7 = new PKCS7(new AlgorithmId[0], new ContentInfo(
- new byte[0]), userChain, new SignerInfo[0]);
+ PKCS7 p7 = new PKCS7(new AlgorithmId[0],
+ new ContentInfo(new byte[0]), userChain, new SignerInfo[0]);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
p7.encodeSignedData(bos);
byte[] p7Bytes = bos.toByteArray();
String p7Str = CMS.BtoA(p7Bytes);
- cs.putString("preop.admincert.pkcs7",
- CryptoUtil.normalizeCertStr(p7Str));
+ cs.putString("preop.admincert.pkcs7", CryptoUtil.normalizeCertStr(p7Str));
} catch (Exception e) {
- CMS.debug("AdminPanel createPKCS7: Failed to create pkcs7 file. Exception: "
- + e.toString());
+ CMS.debug("AdminPanel createPKCS7: Failed to create pkcs7 file. Exception: "+e.toString());
}
}
}
generated by cgit (git 2.34.1) at 2024-05-19 12:41:15 +0000