summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java')
-rw-r--r--pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java232
1 files changed, 112 insertions, 120 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java
index cf37fdff..8d484f4e 100644
--- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.csadmin;
-
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
@@ -50,11 +49,9 @@ import com.netscape.cms.servlet.common.ICMSTemplateFiller;
import com.netscape.cmsutil.xml.XMLObject;
/**
- * This servlet creates a TPS user in the CA,
- * and it associates TPS's server certificate to
- * the user. Finally, it addes the user to the
- * administrator group. This procedure will
- * allows TPS to connect to the CA for certificate
+ * This servlet creates a TPS user in the CA, and it associates TPS's server
+ * certificate to the user. Finally, it addes the user to the administrator
+ * group. This procedure will allows TPS to connect to the CA for certificate
* issuance.
*/
public class RegisterUser extends CMSServlet {
@@ -67,9 +64,7 @@ public class RegisterUser extends CMSServlet {
private final static String FAILED = "1";
private final static String AUTH_FAILURE = "2";
private String mGroupName = null;
- private final static String LOGGING_SIGNED_AUDIT_CONFIG_ROLE =
- "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3";
-
+ private final static String LOGGING_SIGNED_AUDIT_CONFIG_ROLE = "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3";
public RegisterUser() {
super();
@@ -77,6 +72,7 @@ public class RegisterUser extends CMSServlet {
/**
* initialize the servlet.
+ *
* @param sc servlet configuration, read from the web.xml file
*/
public void init(ServletConfig sc) throws ServletException {
@@ -88,7 +84,7 @@ public class RegisterUser extends CMSServlet {
}
/**
- * Process the HTTP request.
+ * Process the HTTP request.
*/
protected void process(CMSRequest cmsReq) throws EBaseException {
CMS.debug("UpdateUpdater: processing...");
@@ -102,9 +98,9 @@ public class RegisterUser extends CMSServlet {
CMS.debug("RegisterUser authentication successful.");
} catch (Exception e) {
CMS.debug("RegisterUser: authentication failed.");
- log(ILogger.LL_FAILURE,
+ log(ILogger.LL_FAILURE,
CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "",
- e.toString()));
+ e.toString()));
outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated");
return;
}
@@ -117,19 +113,19 @@ public class RegisterUser extends CMSServlet {
AuthzToken authzToken = null;
try {
- authzToken = authorize(mAclMethod, authToken, mAuthzResourceName,
- "modify");
+ authzToken = authorize(mAclMethod, authToken, mAuthzResourceName,
+ "modify");
CMS.debug("RegisterUser authorization successful.");
} catch (EAuthzAccessDenied e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
+ CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
outputError(httpResp, "Error: Not authorized");
return;
} catch (Exception e) {
log(ILogger.LL_FAILURE,
- CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
+ CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString()));
outputError(httpResp,
- "Error: Encountered problem during authorization.");
+ "Error: Encountered problem during authorization.");
return;
}
@@ -150,119 +146,112 @@ public class RegisterUser extends CMSServlet {
String auditMessage = null;
String auditSubjectID = auditSubjectID();
- String auditParams = "Scope;;users+Operation;;OP_ADD+source;;RegisterUser" +
- "+Resource;;"+ uid +
- "+fullname;;"+ name +
- "+state;;1" +
- "+userType;;<null>+email;;<null>+password;;<null>+phone;;<null>";
+ String auditParams = "Scope;;users+Operation;;OP_ADD+source;;RegisterUser"
+ + "+Resource;;"
+ + uid
+ + "+fullname;;"
+ + name
+ + "+state;;1"
+ + "+userType;;<null>+email;;<null>+password;;<null>+phone;;<null>";
- IUGSubsystem ugsys = (IUGSubsystem)CMS.getSubsystem(CMS.SUBSYSTEM_UG);
+ IUGSubsystem ugsys = (IUGSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_UG);
IUser user = null;
boolean foundByCert = false;
X509Certificate certs[] = new X509Certificate[1];
try {
- byte bCert[] = null;
- X509CertImpl cert = null;
- bCert = (byte[]) (com.netscape.osutil.OSUtil.AtoB(certsString));
- cert = new X509CertImpl(bCert);
- certs[0] = (X509Certificate)cert;
-
- // test to see if the cert already belongs to a user
- ICertUserLocator cul = ugsys.getCertUserLocator();
- com.netscape.certsrv.usrgrp.Certificates c =
- new com.netscape.certsrv.usrgrp.Certificates(certs);
- user = (IUser) cul.locateUser(c);
+ byte bCert[] = null;
+ X509CertImpl cert = null;
+ bCert = (byte[]) (com.netscape.osutil.OSUtil.AtoB(certsString));
+ cert = new X509CertImpl(bCert);
+ certs[0] = (X509Certificate) cert;
+
+ // test to see if the cert already belongs to a user
+ ICertUserLocator cul = ugsys.getCertUserLocator();
+ com.netscape.certsrv.usrgrp.Certificates c = new com.netscape.certsrv.usrgrp.Certificates(
+ certs);
+ user = (IUser) cul.locateUser(c);
} catch (Exception ec) {
- CMS.debug("RegisterUser: exception thrown: "+ec.toString());
+ CMS.debug("RegisterUser: exception thrown: " + ec.toString());
}
if (user == null) {
- CMS.debug("RegisterUser NOT found user by cert");
- try {
- user = ugsys.getUser(uid);
- CMS.debug("RegisterUser found user by uid "+uid);
- } catch (Exception eee) {
- }
+ CMS.debug("RegisterUser NOT found user by cert");
+ try {
+ user = ugsys.getUser(uid);
+ CMS.debug("RegisterUser found user by uid " + uid);
+ } catch (Exception eee) {
+ }
} else {
- foundByCert = true;
- CMS.debug("RegisterUser found user by cert");
+ foundByCert = true;
+ CMS.debug("RegisterUser found user by cert");
}
-
- try {
-
- if (user == null) {
- // create user only if such user does not exist
- user = ugsys.createUser(uid);
- user.setFullName(name);
- user.setState("1");
- user.setUserType("");
- user.setEmail("");
- user.setPhone("");
- user.setPassword("");
-
- ugsys.addUser(user);
- CMS.debug("RegisterUser created user " + uid);
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_ROLE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams);
- audit(auditMessage);
- }
-
- // extract all line separators
- StringBuffer sb = new StringBuffer();
- for (int i = 0; i < certsString.length(); i++) {
- if (!Character.isWhitespace(certsString.charAt(i))) {
- sb.append(certsString.charAt(i));
- }
- }
- certsString = sb.toString();
-
- auditParams = "Scope;;certs+Operation;;OP_ADD+source;;RegisterUser" +
- "+Resource;;"+ uid +
- "+cert;;"+certsString;
-
- user.setX509Certificates(certs);
- if (!foundByCert) {
- ugsys.addUserCert(user);
- CMS.debug("RegisterUser added user certificate");
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_ROLE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams);
- audit(auditMessage);
- } else
- CMS.debug("RegisterUser no need to add user certificate");
- } catch (Exception eee) {
+
+ try {
+
+ if (user == null) {
+ // create user only if such user does not exist
+ user = ugsys.createUser(uid);
+ user.setFullName(name);
+ user.setState("1");
+ user.setUserType("");
+ user.setEmail("");
+ user.setPhone("");
+ user.setPassword("");
+
+ ugsys.addUser(user);
+ CMS.debug("RegisterUser created user " + uid);
+ auditMessage = CMS.getLogMessage(
+ LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID,
+ ILogger.SUCCESS, auditParams);
+ audit(auditMessage);
+ }
+
+ // extract all line separators
+ StringBuffer sb = new StringBuffer();
+ for (int i = 0; i < certsString.length(); i++) {
+ if (!Character.isWhitespace(certsString.charAt(i))) {
+ sb.append(certsString.charAt(i));
+ }
+ }
+ certsString = sb.toString();
+
+ auditParams = "Scope;;certs+Operation;;OP_ADD+source;;RegisterUser"
+ + "+Resource;;" + uid + "+cert;;" + certsString;
+
+ user.setX509Certificates(certs);
+ if (!foundByCert) {
+ ugsys.addUserCert(user);
+ CMS.debug("RegisterUser added user certificate");
+ auditMessage = CMS.getLogMessage(
+ LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID,
+ ILogger.SUCCESS, auditParams);
+ audit(auditMessage);
+ } else
+ CMS.debug("RegisterUser no need to add user certificate");
+ } catch (Exception eee) {
CMS.debug("RegisterUser error " + eee.toString());
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_ROLE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams);
+ auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE,
+ auditSubjectID, ILogger.FAILURE, auditParams);
audit(auditMessage);
outputError(httpResp, "Error: Certificate malformed");
return;
}
-
// add user to the group
- auditParams = "Scope;;groups+Operation;;OP_MODIFY+source;;RegisterUser" +
- "+Resource;;"+ mGroupName;
+ auditParams = "Scope;;groups+Operation;;OP_MODIFY+source;;RegisterUser"
+ + "+Resource;;" + mGroupName;
try {
Enumeration groups = ugsys.findGroups(mGroupName);
- IGroup group = (IGroup)groups.nextElement();
+ IGroup group = (IGroup) groups.nextElement();
auditParams += "+user;;";
Enumeration members = group.getMemberNames();
while (members.hasMoreElements()) {
auditParams += (String) members.nextElement();
if (members.hasMoreElements()) {
- auditParams +=",";
+ auditParams += ",";
}
}
@@ -273,22 +262,17 @@ public class RegisterUser extends CMSServlet {
CMS.debug("RegisterUser modified group");
auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_ROLE,
- auditSubjectID,
- ILogger.SUCCESS,
- auditParams);
+ LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID,
+ ILogger.SUCCESS, auditParams);
audit(auditMessage);
}
- } catch (Exception e) {
- auditMessage = CMS.getLogMessage(
- LOGGING_SIGNED_AUDIT_CONFIG_ROLE,
- auditSubjectID,
- ILogger.FAILURE,
- auditParams);
+ } catch (Exception e) {
+ auditMessage = CMS.getLogMessage(LOGGING_SIGNED_AUDIT_CONFIG_ROLE,
+ auditSubjectID, ILogger.FAILURE, auditParams);
- audit(auditMessage);
- }
+ audit(auditMessage);
+ }
// send success status back to the requestor
try {
@@ -305,14 +289,22 @@ public class RegisterUser extends CMSServlet {
}
}
- protected void setDefaultTemplates(ServletConfig sc) {}
+ protected void setDefaultTemplates(ServletConfig sc) {
+ }
- protected void renderTemplate(
- CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler)
- throws IOException {// do nothing
- }
+ protected void renderTemplate(CMSRequest cmsReq, String templateName,
+ ICMSTemplateFiller filler) throws IOException {// do nothing
+ }
- protected void renderResult(CMSRequest cmsReq) throws IOException {// do nothing, ie, it will not return the default javascript.
+ protected void renderResult(CMSRequest cmsReq) throws IOException {// do
+ // nothing,
+ // ie, it
+ // will
+ // not
+ // return
+ // the
+ // default
+ // javascript.
}
/**
generated by cgit (git 2.34.1) at 2024-05-05 14:09:43 +0000