summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java50
1 files changed, 24 insertions, 26 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java
index f2587300..b538dbb5 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.csadmin;
-
import java.util.Enumeration;
import javax.servlet.http.HttpServletRequest;
@@ -28,7 +27,6 @@ import org.apache.velocity.context.Context;
import com.netscape.certsrv.apps.CMS;
-
public abstract class ConfigBaseServlet extends BaseServlet {
/**
*
@@ -50,7 +48,7 @@ public abstract class ConfigBaseServlet extends BaseServlet {
public abstract void display(HttpServletRequest request,
HttpServletResponse response, Context context);
- public abstract void update(HttpServletRequest request,
+ public abstract void update(HttpServletRequest request,
HttpServletResponse response, Context context);
public abstract Template getTemplate(HttpServletRequest request,
@@ -64,29 +62,29 @@ public abstract class ConfigBaseServlet extends BaseServlet {
while (paramNames.hasMoreElements()) {
String pn = (String) paramNames.nextElement();
// added this facility so that password can be hidden,
- // all sensitive parameters should be prefixed with
+ // all sensitive parameters should be prefixed with
// __ (double underscores); however, in the event that
// a security parameter slips through, we perform multiple
// additional checks to insure that it is NOT displayed
- if( pn.startsWith("__") ||
- pn.endsWith("password") ||
- pn.endsWith("passwd") ||
- pn.endsWith("pwd") ||
- pn.equalsIgnoreCase("admin_password_again") ||
- pn.equalsIgnoreCase("directoryManagerPwd") ||
- pn.equalsIgnoreCase("bindpassword") ||
- pn.equalsIgnoreCase("bindpwd") ||
- pn.equalsIgnoreCase("passwd") ||
- pn.equalsIgnoreCase("password") ||
- pn.equalsIgnoreCase("pin") ||
- pn.equalsIgnoreCase("pwd") ||
- pn.equalsIgnoreCase("pwdagain") ||
- pn.equalsIgnoreCase("uPasswd") ) {
- CMS.debug("ConfigBaseServlet::service() param name='" + pn +
- "' value='(sensitive)'" );
+ if (pn.startsWith("__") ||
+ pn.endsWith("password") ||
+ pn.endsWith("passwd") ||
+ pn.endsWith("pwd") ||
+ pn.equalsIgnoreCase("admin_password_again") ||
+ pn.equalsIgnoreCase("directoryManagerPwd") ||
+ pn.equalsIgnoreCase("bindpassword") ||
+ pn.equalsIgnoreCase("bindpwd") ||
+ pn.equalsIgnoreCase("passwd") ||
+ pn.equalsIgnoreCase("password") ||
+ pn.equalsIgnoreCase("pin") ||
+ pn.equalsIgnoreCase("pwd") ||
+ pn.equalsIgnoreCase("pwdagain") ||
+ pn.equalsIgnoreCase("uPasswd")) {
+ CMS.debug("ConfigBaseServlet::service() param name='" + pn +
+ "' value='(sensitive)'");
} else {
- CMS.debug("ConfigBaseServlet::service() param name='" + pn +
- "' value='" + httpReq.getParameter(pn) + "'" );
+ CMS.debug("ConfigBaseServlet::service() param name='" + pn +
+ "' value='" + httpReq.getParameter(pn) + "'");
}
}
}
@@ -97,7 +95,7 @@ public abstract class ConfigBaseServlet extends BaseServlet {
public Template process(HttpServletRequest request,
HttpServletResponse response,
Context context) {
-
+
if (CMS.debugOn()) {
outputHttpParameters(request);
}
@@ -107,16 +105,16 @@ public abstract class ConfigBaseServlet extends BaseServlet {
} else {
update(request, response, context);
}
-
+
Template template = null;
-
+
try {
context.put("name", "Velocity Test");
template = getTemplate(request, response, context);
} catch (Exception e) {
System.err.println("Exception caught: " + e.getMessage());
}
-
+
return template;
}
}
generated by cgit (git 2.34.1) at 2024-06-21 20:17:58 +0000