diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java | 140 |
1 files changed, 78 insertions, 62 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java index 78bb9485..c865741c 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.File; @@ -70,13 +69,14 @@ public class AdminPanel extends WizardPanelBase { private static final String ADMIN_UID = "admin"; private final static String CERT_TAG = "admin"; - public AdminPanel() {} + public AdminPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Administrator"); } @@ -101,27 +101,37 @@ public class AdminPanel extends WizardPanelBase { } else { return true; } - } catch (Exception e) {} + } catch (Exception e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - - Descriptor emailDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ + + Descriptor emailDesc = new Descriptor(IDescriptor.STRING, null, /* + * no + * constraint + */ null, /* no default parameter */ "Email address for an administrator"); set.add("admin_email", emailDesc); - Descriptor pwdDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ + Descriptor pwdDesc = new Descriptor(IDescriptor.STRING, null, /* + * no + * constraint + */ null, /* no default parameter */ "Administrator's password"); set.add("pwd", pwdDesc); - Descriptor pwdAgainDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ + Descriptor pwdAgainDesc = new Descriptor(IDescriptor.STRING, null, /* + * no + * constraint + */ null, /* no default parameter */ "Administrator's password again"); @@ -152,7 +162,8 @@ public class AdminPanel extends WizardPanelBase { try { type = cs.getString("preop.ca.type", ""); subsystemtype = cs.getString("cs.type", ""); - } catch (Exception e) {} + } catch (Exception e) { + } if (isPanelDone()) { try { @@ -161,11 +172,12 @@ public class AdminPanel extends WizardPanelBase { context.put("admin_pwd", ""); context.put("admin_pwd_again", ""); context.put("admin_uid", cs.getString("preop.admin.uid")); - } catch (Exception e) {} + } catch (Exception e) { + } } else { String def_admin_name = ""; try { - def_admin_name = cs.getString("cs.type") + " Administrator of Instance " + cs.getString("instanceId"); + def_admin_name = cs.getString("cs.type") + " Administrator of Instance " + cs.getString("instanceId"); } catch (EBaseException e) { } context.put("admin_name", def_admin_name); @@ -176,7 +188,7 @@ public class AdminPanel extends WizardPanelBase { } ISubsystem ca = (ISubsystem) CMS.getSubsystem("ca"); - if (ca == null) { + if (ca == null) { context.put("ca", "false"); } else { context.put("ca", "true"); @@ -186,13 +198,14 @@ public class AdminPanel extends WizardPanelBase { String domainname = ""; try { domainname = cs.getString("securitydomain.name", ""); - } catch (EBaseException e1) {} + } catch (EBaseException e1) { + } context.put("securityDomain", domainname); context.put("title", "Administrator"); context.put("panel", "admin/console/config/adminpanel.vm"); context.put("errorString", ""); context.put("info", info); - + } /** @@ -200,8 +213,7 @@ public class AdminPanel extends WizardPanelBase { */ public void validate(HttpServletRequest request, HttpServletResponse response, - Context context) throws IOException - { + Context context) throws IOException { String pwd = HttpInput.getPassword(request, "__pwd"); String pwd_again = HttpInput.getPassword(request, "__admin_password_again"); String email = HttpInput.getEmail(request, "email"); @@ -256,13 +268,14 @@ public class AdminPanel extends WizardPanelBase { try { type = config.getString(PRE_CA_TYPE, ""); subsystemtype = config.getString("cs.type", ""); - security_domain_type = config.getString("securitydomain.select",""); + security_domain_type = config.getString("securitydomain.select", ""); selected_hierarchy = config.getString("preop.hierarchy.select", ""); - } catch (Exception e) {} + } catch (Exception e) { + } ISubsystem ca = (ISubsystem) CMS.getSubsystem("ca"); - if (ca == null) { + if (ca == null) { context.put("ca", "false"); } else { context.put("ca", "true"); @@ -286,13 +299,13 @@ public class AdminPanel extends WizardPanelBase { throw e; } - // REMINDER: This panel is NOT used by "clones" - if( ca != null ) { - if( selected_hierarchy.equals( "root" ) ) { - CMS.debug( "AdminPanel update: " + // REMINDER: This panel is NOT used by "clones" + if (ca != null) { + if (selected_hierarchy.equals("root")) { + CMS.debug("AdminPanel update: " + "Root CA subsystem"); } else { - CMS.debug( "AdminPanel update: " + CMS.debug("AdminPanel update: " + "Subordinate CA subsystem"); } @@ -309,10 +322,10 @@ public class AdminPanel extends WizardPanelBase { String ca_hostname = null; int ca_port = -1; - // REMINDER: This panel is NOT used by "clones" - CMS.debug( "AdminPanel update: " + // REMINDER: This panel is NOT used by "clones" + CMS.debug("AdminPanel update: " + subsystemtype - + " subsystem" ); + + " subsystem"); if (type.equals("sdca")) { try { @@ -339,10 +352,11 @@ public class AdminPanel extends WizardPanelBase { try { config.commit(false); - } catch (Exception e) {} + } catch (Exception e) { + } context.put("updateStatus", "success"); - + } private void createAdmin(HttpServletRequest request) throws IOException { @@ -459,13 +473,15 @@ public class AdminPanel extends WizardPanelBase { try { sd_hostname = config.getString("securitydomain.host", ""); sd_port = config.getInteger("securitydomain.httpseeport"); - } catch (Exception e) {} + } catch (Exception e) { + } String profileId = HttpInput.getID(request, "profileId"); if (profileId == null) { try { profileId = config.getString("preop.admincert.profile", "caAdminCert"); - } catch (Exception e) {} + } catch (Exception e) { + } } String cert_request_type = HttpInput.getID(request, "cert_request_type"); @@ -474,7 +490,7 @@ public class AdminPanel extends WizardPanelBase { String session_id = CMS.getConfigSDSessionId(); String subjectDN = HttpInput.getString(request, "subject"); - String content = "profileId="+profileId+"&cert_request_type="+cert_request_type+"&cert_request="+cert_request+"&xmlOutput=true&sessionID="+session_id+"&subject="+subjectDN; + String content = "profileId=" + profileId + "&cert_request_type=" + cert_request_type + "&cert_request=" + cert_request + "&xmlOutput=true&sessionID=" + session_id + "&subject=" + subjectDN; HttpClient httpclient = new HttpClient(); String c = null; @@ -497,7 +513,7 @@ public class AdminPanel extends WizardPanelBase { c = httpresponse.getContent(); CMS.debug("AdminPanel submitRequest: content=" + c); - + // retrieve the request Id ad admin certificate if (c != null) { try { @@ -508,15 +524,15 @@ public class AdminPanel extends WizardPanelBase { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "AdminPanel::submitRequest() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("AdminPanel::submitRequest() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); CMS.debug("AdminPanel update: status=" + status); if (status.equals("2")) { - //relogin to the security domain + // relogin to the security domain reloginSecurityDomain(response); return; } else if (!status.equals("0")) { @@ -525,7 +541,7 @@ public class AdminPanel extends WizardPanelBase { context.put("errorString", error); throw new IOException(error); } - + IConfigStore cs = CMS.getConfigStore(); String id = parser.getValue("Id"); @@ -539,7 +555,7 @@ public class AdminPanel extends WizardPanelBase { + File.separator + "admin.b64"; cs.putString("preop.admincert.b64", dir); - PrintStream ps = new PrintStream(new FileOutputStream(dir)); + PrintStream ps = new PrintStream(new FileOutputStream(dir)); ps.println(b64); ps.flush(); @@ -564,9 +580,9 @@ public class AdminPanel extends WizardPanelBase { String cert_request_type = HttpInput.getID(request, "cert_request_type"); IConfigStore cs = CMS.getConfigStore(); - if( cs == null ) { - CMS.debug( "AdminPanel::createAdminCertificate() - cs is null!" ); - throw new IOException( "cs is null" ); + if (cs == null) { + CMS.debug("AdminPanel::createAdminCertificate() - cs is null!"); + throw new IOException("cs is null"); } String subject = ""; @@ -582,10 +598,10 @@ public class AdminPanel extends WizardPanelBase { "AdminPanel createAdminCertificate: Exception=" + e.toString()); } - // this request is from IE. The VBScript has problem of generating - // certificate request if the subject name has E and UID components. - // For now, we always hardcoded the subject DN to be cn=NAME in - // the IE browser. + // this request is from IE. The VBScript has problem of generating + // certificate request if the subject name has E and UID components. + // For now, we always hardcoded the subject DN to be cn=NAME in + // the IE browser. } else if (cert_request_type.equals("pkcs10")) { try { byte[] b = CMS.AtoB(cert_request); @@ -594,33 +610,33 @@ public class AdminPanel extends WizardPanelBase { x509key = pkcs10.getSubjectPublicKeyInfo(); } catch (Exception e) { CMS.debug("AdminPanel createAdminCertificate: Exception=" - + e.toString()); + + e.toString()); } } - if( x509key == null ) { - CMS.debug( "AdminPanel::createAdminCertificate() - x509key is null!" ); - throw new IOException( "x509key is null" ); + if (x509key == null) { + CMS.debug("AdminPanel::createAdminCertificate() - x509key is null!"); + throw new IOException("x509key is null"); } try { cs.putString(PCERT_PREFIX + CERT_TAG + ".dn", subject); String caType = cs.getString(PCERT_PREFIX + CERT_TAG + ".type", "local"); X509CertImpl impl = CertUtil.createLocalCert(cs, x509key, - PCERT_PREFIX, CERT_TAG, caType, context); + PCERT_PREFIX, CERT_TAG, caType, context); // update the locally created request for renewal - CertUtil.updateLocalRequest(cs, CERT_TAG, cert_request,cert_request_type, subject); + CertUtil.updateLocalRequest(cs, CERT_TAG, cert_request, cert_request_type, subject); ISubsystem ca = (ISubsystem) CMS.getSubsystem("ca"); if (ca != null) { createPKCS7(impl); } cs.putString("preop.admincert.serialno.0", - impl.getSerialNumber().toString(16)); + impl.getSerialNumber().toString(16)); } catch (Exception e) { CMS.debug("AdminPanel createAdminCertificate: Exception=" - + e.toString()); + + e.toString()); } } @@ -640,8 +656,9 @@ public class AdminPanel extends WizardPanelBase { try { type = cs.getString("preop.ca.type", ""); - } catch (Exception e) {} - if (ca == null && type.equals("otherca")) { + } catch (Exception e) { + } + if (ca == null && type.equals("otherca")) { info = "Since you do not join the Redhat CA network, the administrator's certificate will not be generated automatically."; } context.put("info", info); @@ -655,7 +672,7 @@ public class AdminPanel extends WizardPanelBase { public boolean shouldSkip() { try { IConfigStore c = CMS.getConfigStore(); - String s = c.getString("preop.subsystem.select",null); + String s = c.getString("preop.subsystem.select", null); if (s != null && s.equals("clone")) { return true; } @@ -665,11 +682,10 @@ public class AdminPanel extends WizardPanelBase { return false; } - private void createPKCS7(X509CertImpl cert) { try { IConfigStore cs = CMS.getConfigStore(); - ICertificateAuthority ca = (ICertificateAuthority)CMS.getSubsystem("ca"); + ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem("ca"); CertificateChain cachain = ca.getCACertChain(); X509Certificate[] cacerts = cachain.getChain(); X509CertImpl[] userChain = new X509CertImpl[cacerts.length + 1]; @@ -681,7 +697,7 @@ public class AdminPanel extends WizardPanelBase { userChain[0] = cert; PKCS7 p7 = new PKCS7(new AlgorithmId[0], - new ContentInfo(new byte[0]), userChain, new SignerInfo[0]); + new ContentInfo(new byte[0]), userChain, new SignerInfo[0]); ByteArrayOutputStream bos = new ByteArrayOutputStream(); p7.encodeSignedData(bos); @@ -689,7 +705,7 @@ public class AdminPanel extends WizardPanelBase { String p7Str = CMS.BtoA(p7Bytes); cs.putString("preop.admincert.pkcs7", CryptoUtil.normalizeCertStr(p7Str)); } catch (Exception e) { - CMS.debug("AdminPanel createPKCS7: Failed to create pkcs7 file. Exception: "+e.toString()); + CMS.debug("AdminPanel createPKCS7: Failed to create pkcs7 file. Exception: " + e.toString()); } } } |