diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cms/servlet/csadmin')
63 files changed, 2664 insertions, 2649 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminAuthenticatePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminAuthenticatePanel.java index a2509287..8482e71b 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminAuthenticatePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminAuthenticatePanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.util.StringTokenizer; @@ -41,19 +40,20 @@ import com.netscape.cms.servlet.wizard.WizardServlet; public class AdminAuthenticatePanel extends WizardPanelBase { - public AdminAuthenticatePanel() {} + public AdminAuthenticatePanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Admin Authentication"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Admin Authentication"); setId(id); @@ -62,24 +62,24 @@ public class AdminAuthenticatePanel extends WizardPanelBase { public boolean isSubPanel() { return true; } - + /** * Should we skip this panel for the configuration. */ public boolean shouldSkip() { CMS.debug("AdminAuthenticatePanel: should skip"); - + IConfigStore cs = CMS.getConfigStore(); // if we are root, no need to get the certificate chain. - + try { - String select = cs.getString("preop.subsystem.select",""); + String select = cs.getString("preop.subsystem.select", ""); if (select.equals("new")) { return true; } } catch (EBaseException e) { } - + return false; } @@ -103,15 +103,16 @@ public class AdminAuthenticatePanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + /* XXX */ - + return set; } @@ -125,12 +126,12 @@ public class AdminAuthenticatePanel extends WizardPanelBase { IConfigStore config = CMS.getConfigStore(); if (isPanelDone()) { - + try { String s = config.getString("preop.master.admin.uid", ""); String type = config.getString("preop.subsystem.select", ""); if (type.equals("clone")) - context.put("uid", s); + context.put("uid", s); else context.put("uid", ""); } catch (Exception e) { @@ -170,7 +171,7 @@ public class AdminAuthenticatePanel extends WizardPanelBase { cstype = toLowerCaseSubsystemType(cstype); if (subsystemtype.equals("clone")) { - CMS.debug("AdminAuthenticatePanel: this is the clone subsystem"); + CMS.debug("AdminAuthenticatePanel: this is the clone subsystem"); String uid = HttpInput.getUID(request, "uid"); if (uid == null) { context.put("errorString", "Uid is empty"); @@ -185,7 +186,7 @@ public class AdminAuthenticatePanel extends WizardPanelBase { try { host = config.getString("preop.master.hostname"); } catch (Exception e) { - CMS.debug("AdminAuthenticatePanel update: "+e.toString()); + CMS.debug("AdminAuthenticatePanel update: " + e.toString()); context.put("errorString", "Missing hostname for master"); throw new IOException("Missing hostname"); } @@ -193,7 +194,7 @@ public class AdminAuthenticatePanel extends WizardPanelBase { try { httpsport = config.getInteger("preop.master.httpsadminport"); } catch (Exception e) { - CMS.debug("AdminAuthenticatePanel update: "+e.toString()); + CMS.debug("AdminAuthenticatePanel update: " + e.toString()); context.put("errorString", "Missing port for master"); throw new IOException("Missing port"); } @@ -235,10 +236,10 @@ public class AdminAuthenticatePanel extends WizardPanelBase { c1.append("cloning."); c1.append(t1); c1.append(".pubkey.encoded"); - - if (s1.length()!=0) + + if (s1.length() != 0) s1.append(","); - + s1.append(cstype); s1.append("."); s1.append(t1); @@ -248,11 +249,11 @@ public class AdminAuthenticatePanel extends WizardPanelBase { c1.append(",preop.ca.hostname,preop.ca.httpport,preop.ca.httpsport,preop.ca.list,preop.ca.pkcs7,preop.ca.type"); } - String content = "uid="+uid+"&pwd="+pwd+"&op=get&names=cloning.module.token,instanceId,internaldb.basedn,internaldb.ldapauth.password,internaldb.replication.password,internaldb.ldapconn.host,internaldb.ldapconn.port,internaldb.ldapauth.bindDN"+c1.toString()+"&substores="+s1.toString(); + String content = "uid=" + uid + "&pwd=" + pwd + "&op=get&names=cloning.module.token,instanceId,internaldb.basedn,internaldb.ldapauth.password,internaldb.replication.password,internaldb.ldapconn.host,internaldb.ldapconn.port,internaldb.ldapauth.bindDN" + c1.toString() + "&substores=" + s1.toString(); boolean success = updateConfigEntries(host, httpsport, true, - "/"+cstype+"/admin/"+cstype+"/getConfigEntries", content, config, - response); + "/" + cstype + "/admin/" + cstype + "/getConfigEntries", content, config, + response); try { config.commit(false); @@ -285,16 +286,15 @@ public class AdminAuthenticatePanel extends WizardPanelBase { * If validiate() returns false, this method will be called. */ public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) - { + HttpServletResponse response, + Context context) { context.put("title", "Admin Authentication"); context.put("password", ""); context.put("panel", "admin/console/config/adminauthenticatepanel.vm"); } private boolean isCertdbCloned(HttpServletRequest request, - Context context) { + Context context) { IConfigStore config = CMS.getConfigStore(); String certList = ""; try { @@ -306,13 +306,13 @@ public class AdminAuthenticatePanel extends WizardPanelBase { String tokenname = config.getString("preop.module.token", ""); CryptoToken tok = cm.getTokenByName(tokenname); CryptoStore store = tok.getCryptoStore(); - String name1 = "preop.master."+token+".nickname"; + String name1 = "preop.master." + token + ".nickname"; String nickname = config.getString(name1, ""); if (!tokenname.equals("Internal Key Storage Token") && - !tokenname.equals("internal")) - nickname = tokenname+":"+nickname; + !tokenname.equals("internal")) + nickname = tokenname + ":" + nickname; - CMS.debug("AdminAuthenticatePanel isCertdbCloned: "+nickname); + CMS.debug("AdminAuthenticatePanel isCertdbCloned: " + nickname); X509Certificate cert = cm.findCertByNickname(nickname); if (cert == null) return false; diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java index 78bb9485..871177a1 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AdminPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.File; @@ -70,13 +69,14 @@ public class AdminPanel extends WizardPanelBase { private static final String ADMIN_UID = "admin"; private final static String CERT_TAG = "admin"; - public AdminPanel() {} + public AdminPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Administrator"); } @@ -101,14 +101,15 @@ public class AdminPanel extends WizardPanelBase { } else { return true; } - } catch (Exception e) {} + } catch (Exception e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + Descriptor emailDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ null, /* no default parameter */ "Email address for an administrator"); @@ -152,7 +153,8 @@ public class AdminPanel extends WizardPanelBase { try { type = cs.getString("preop.ca.type", ""); subsystemtype = cs.getString("cs.type", ""); - } catch (Exception e) {} + } catch (Exception e) { + } if (isPanelDone()) { try { @@ -161,11 +163,12 @@ public class AdminPanel extends WizardPanelBase { context.put("admin_pwd", ""); context.put("admin_pwd_again", ""); context.put("admin_uid", cs.getString("preop.admin.uid")); - } catch (Exception e) {} + } catch (Exception e) { + } } else { String def_admin_name = ""; try { - def_admin_name = cs.getString("cs.type") + " Administrator of Instance " + cs.getString("instanceId"); + def_admin_name = cs.getString("cs.type") + " Administrator of Instance " + cs.getString("instanceId"); } catch (EBaseException e) { } context.put("admin_name", def_admin_name); @@ -176,7 +179,7 @@ public class AdminPanel extends WizardPanelBase { } ISubsystem ca = (ISubsystem) CMS.getSubsystem("ca"); - if (ca == null) { + if (ca == null) { context.put("ca", "false"); } else { context.put("ca", "true"); @@ -186,13 +189,14 @@ public class AdminPanel extends WizardPanelBase { String domainname = ""; try { domainname = cs.getString("securitydomain.name", ""); - } catch (EBaseException e1) {} + } catch (EBaseException e1) { + } context.put("securityDomain", domainname); context.put("title", "Administrator"); context.put("panel", "admin/console/config/adminpanel.vm"); context.put("errorString", ""); context.put("info", info); - + } /** @@ -200,8 +204,7 @@ public class AdminPanel extends WizardPanelBase { */ public void validate(HttpServletRequest request, HttpServletResponse response, - Context context) throws IOException - { + Context context) throws IOException { String pwd = HttpInput.getPassword(request, "__pwd"); String pwd_again = HttpInput.getPassword(request, "__admin_password_again"); String email = HttpInput.getEmail(request, "email"); @@ -256,13 +259,14 @@ public class AdminPanel extends WizardPanelBase { try { type = config.getString(PRE_CA_TYPE, ""); subsystemtype = config.getString("cs.type", ""); - security_domain_type = config.getString("securitydomain.select",""); + security_domain_type = config.getString("securitydomain.select", ""); selected_hierarchy = config.getString("preop.hierarchy.select", ""); - } catch (Exception e) {} + } catch (Exception e) { + } ISubsystem ca = (ISubsystem) CMS.getSubsystem("ca"); - if (ca == null) { + if (ca == null) { context.put("ca", "false"); } else { context.put("ca", "true"); @@ -287,12 +291,12 @@ public class AdminPanel extends WizardPanelBase { } // REMINDER: This panel is NOT used by "clones" - if( ca != null ) { - if( selected_hierarchy.equals( "root" ) ) { - CMS.debug( "AdminPanel update: " + if (ca != null) { + if (selected_hierarchy.equals("root")) { + CMS.debug("AdminPanel update: " + "Root CA subsystem"); } else { - CMS.debug( "AdminPanel update: " + CMS.debug("AdminPanel update: " + "Subordinate CA subsystem"); } @@ -310,9 +314,9 @@ public class AdminPanel extends WizardPanelBase { int ca_port = -1; // REMINDER: This panel is NOT used by "clones" - CMS.debug( "AdminPanel update: " + CMS.debug("AdminPanel update: " + subsystemtype - + " subsystem" ); + + " subsystem"); if (type.equals("sdca")) { try { @@ -339,10 +343,11 @@ public class AdminPanel extends WizardPanelBase { try { config.commit(false); - } catch (Exception e) {} + } catch (Exception e) { + } context.put("updateStatus", "success"); - + } private void createAdmin(HttpServletRequest request) throws IOException { @@ -459,13 +464,15 @@ public class AdminPanel extends WizardPanelBase { try { sd_hostname = config.getString("securitydomain.host", ""); sd_port = config.getInteger("securitydomain.httpseeport"); - } catch (Exception e) {} + } catch (Exception e) { + } String profileId = HttpInput.getID(request, "profileId"); if (profileId == null) { try { profileId = config.getString("preop.admincert.profile", "caAdminCert"); - } catch (Exception e) {} + } catch (Exception e) { + } } String cert_request_type = HttpInput.getID(request, "cert_request_type"); @@ -474,7 +481,7 @@ public class AdminPanel extends WizardPanelBase { String session_id = CMS.getConfigSDSessionId(); String subjectDN = HttpInput.getString(request, "subject"); - String content = "profileId="+profileId+"&cert_request_type="+cert_request_type+"&cert_request="+cert_request+"&xmlOutput=true&sessionID="+session_id+"&subject="+subjectDN; + String content = "profileId=" + profileId + "&cert_request_type=" + cert_request_type + "&cert_request=" + cert_request + "&xmlOutput=true&sessionID=" + session_id + "&subject=" + subjectDN; HttpClient httpclient = new HttpClient(); String c = null; @@ -497,7 +504,7 @@ public class AdminPanel extends WizardPanelBase { c = httpresponse.getContent(); CMS.debug("AdminPanel submitRequest: content=" + c); - + // retrieve the request Id ad admin certificate if (c != null) { try { @@ -508,9 +515,9 @@ public class AdminPanel extends WizardPanelBase { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "AdminPanel::submitRequest() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("AdminPanel::submitRequest() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -525,7 +532,7 @@ public class AdminPanel extends WizardPanelBase { context.put("errorString", error); throw new IOException(error); } - + IConfigStore cs = CMS.getConfigStore(); String id = parser.getValue("Id"); @@ -539,7 +546,7 @@ public class AdminPanel extends WizardPanelBase { + File.separator + "admin.b64"; cs.putString("preop.admincert.b64", dir); - PrintStream ps = new PrintStream(new FileOutputStream(dir)); + PrintStream ps = new PrintStream(new FileOutputStream(dir)); ps.println(b64); ps.flush(); @@ -564,9 +571,9 @@ public class AdminPanel extends WizardPanelBase { String cert_request_type = HttpInput.getID(request, "cert_request_type"); IConfigStore cs = CMS.getConfigStore(); - if( cs == null ) { - CMS.debug( "AdminPanel::createAdminCertificate() - cs is null!" ); - throw new IOException( "cs is null" ); + if (cs == null) { + CMS.debug("AdminPanel::createAdminCertificate() - cs is null!"); + throw new IOException("cs is null"); } String subject = ""; @@ -582,10 +589,10 @@ public class AdminPanel extends WizardPanelBase { "AdminPanel createAdminCertificate: Exception=" + e.toString()); } - // this request is from IE. The VBScript has problem of generating - // certificate request if the subject name has E and UID components. - // For now, we always hardcoded the subject DN to be cn=NAME in - // the IE browser. + // this request is from IE. The VBScript has problem of generating + // certificate request if the subject name has E and UID components. + // For now, we always hardcoded the subject DN to be cn=NAME in + // the IE browser. } else if (cert_request_type.equals("pkcs10")) { try { byte[] b = CMS.AtoB(cert_request); @@ -594,33 +601,33 @@ public class AdminPanel extends WizardPanelBase { x509key = pkcs10.getSubjectPublicKeyInfo(); } catch (Exception e) { CMS.debug("AdminPanel createAdminCertificate: Exception=" - + e.toString()); + + e.toString()); } } - if( x509key == null ) { - CMS.debug( "AdminPanel::createAdminCertificate() - x509key is null!" ); - throw new IOException( "x509key is null" ); + if (x509key == null) { + CMS.debug("AdminPanel::createAdminCertificate() - x509key is null!"); + throw new IOException("x509key is null"); } try { cs.putString(PCERT_PREFIX + CERT_TAG + ".dn", subject); String caType = cs.getString(PCERT_PREFIX + CERT_TAG + ".type", "local"); X509CertImpl impl = CertUtil.createLocalCert(cs, x509key, - PCERT_PREFIX, CERT_TAG, caType, context); + PCERT_PREFIX, CERT_TAG, caType, context); // update the locally created request for renewal - CertUtil.updateLocalRequest(cs, CERT_TAG, cert_request,cert_request_type, subject); + CertUtil.updateLocalRequest(cs, CERT_TAG, cert_request, cert_request_type, subject); ISubsystem ca = (ISubsystem) CMS.getSubsystem("ca"); if (ca != null) { createPKCS7(impl); } cs.putString("preop.admincert.serialno.0", - impl.getSerialNumber().toString(16)); + impl.getSerialNumber().toString(16)); } catch (Exception e) { CMS.debug("AdminPanel createAdminCertificate: Exception=" - + e.toString()); + + e.toString()); } } @@ -640,8 +647,9 @@ public class AdminPanel extends WizardPanelBase { try { type = cs.getString("preop.ca.type", ""); - } catch (Exception e) {} - if (ca == null && type.equals("otherca")) { + } catch (Exception e) { + } + if (ca == null && type.equals("otherca")) { info = "Since you do not join the Redhat CA network, the administrator's certificate will not be generated automatically."; } context.put("info", info); @@ -655,7 +663,7 @@ public class AdminPanel extends WizardPanelBase { public boolean shouldSkip() { try { IConfigStore c = CMS.getConfigStore(); - String s = c.getString("preop.subsystem.select",null); + String s = c.getString("preop.subsystem.select", null); if (s != null && s.equals("clone")) { return true; } @@ -665,11 +673,10 @@ public class AdminPanel extends WizardPanelBase { return false; } - private void createPKCS7(X509CertImpl cert) { try { IConfigStore cs = CMS.getConfigStore(); - ICertificateAuthority ca = (ICertificateAuthority)CMS.getSubsystem("ca"); + ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem("ca"); CertificateChain cachain = ca.getCACertChain(); X509Certificate[] cacerts = cachain.getChain(); X509CertImpl[] userChain = new X509CertImpl[cacerts.length + 1]; @@ -681,7 +688,7 @@ public class AdminPanel extends WizardPanelBase { userChain[0] = cert; PKCS7 p7 = new PKCS7(new AlgorithmId[0], - new ContentInfo(new byte[0]), userChain, new SignerInfo[0]); + new ContentInfo(new byte[0]), userChain, new SignerInfo[0]); ByteArrayOutputStream bos = new ByteArrayOutputStream(); p7.encodeSignedData(bos); @@ -689,7 +696,7 @@ public class AdminPanel extends WizardPanelBase { String p7Str = CMS.BtoA(p7Bytes); cs.putString("preop.admincert.pkcs7", CryptoUtil.normalizeCertStr(p7Str)); } catch (Exception e) { - CMS.debug("AdminPanel createPKCS7: Failed to create pkcs7 file. Exception: "+e.toString()); + CMS.debug("AdminPanel createPKCS7: Failed to create pkcs7 file. Exception: " + e.toString()); } } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AgentAuthenticatePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AgentAuthenticatePanel.java index a62b22b7..6bda8749 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AgentAuthenticatePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AgentAuthenticatePanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import javax.servlet.ServletConfig; @@ -36,19 +35,20 @@ import com.netscape.cms.servlet.wizard.WizardServlet; public class AgentAuthenticatePanel extends WizardPanelBase { - public AgentAuthenticatePanel() {} + public AgentAuthenticatePanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Agent Authentication"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Agent Authentication"); setId(id); @@ -57,18 +57,18 @@ public class AgentAuthenticatePanel extends WizardPanelBase { public boolean isSubPanel() { return true; } - + /** * Should we skip this panel for the configuration. */ public boolean shouldSkip() { CMS.debug("DisplayCertChainPanel: should skip"); - + IConfigStore cs = CMS.getConfigStore(); // if we are root, no need to get the certificate chain. - + try { - String select = cs.getString("securitydomain.select",""); + String select = cs.getString("securitydomain.select", ""); if (select.equals("new")) { return true; } @@ -78,7 +78,7 @@ public class AgentAuthenticatePanel extends WizardPanelBase { return true; } catch (EBaseException e) { } - + return false; } @@ -96,15 +96,16 @@ public class AgentAuthenticatePanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + /* XXX */ - + return set; } @@ -118,14 +119,14 @@ public class AgentAuthenticatePanel extends WizardPanelBase { IConfigStore config = CMS.getConfigStore(); if (isPanelDone()) { - + try { String s = config.getString("preop.ca.agent.uid", ""); String type = config.getString("preop.hierarchy.select", ""); if (type.equals("root")) context.put("uid", ""); else - context.put("uid", s); + context.put("uid", s); } catch (Exception e) { CMS.debug(e.toString()); } @@ -143,8 +144,7 @@ public class AgentAuthenticatePanel extends WizardPanelBase { */ public void validate(HttpServletRequest request, HttpServletResponse response, - Context context) throws IOException - { + Context context) throws IOException { } /** @@ -182,34 +182,35 @@ public class AgentAuthenticatePanel extends WizardPanelBase { try { host = config.getString("preop.ca.hostname"); } catch (Exception e) { - CMS.debug("AgentAuthenticatePanel update: "+e.toString()); + CMS.debug("AgentAuthenticatePanel update: " + e.toString()); context.put("errorString", "Missing hostname"); throw new IOException("Missing hostname"); } - + try { httpsport = config.getInteger("preop.ca.httpsport"); } catch (Exception e) { - CMS.debug("AgentAuthenticatePanel update: "+e.toString()); + CMS.debug("AgentAuthenticatePanel update: " + e.toString()); context.put("errorString", "Missing port"); throw new IOException("Missing port"); } -/* - // Bugzilla Bug #583825 - CC: Obsolete servlets to be removed from - // web.xml as part of CC interface review - boolean authenticated = authenticate(host, httpsport, true, - "/ca/ee/ca/checkIdentity", "uid="+uid+"&pwd="+pwd); + /* + // Bugzilla Bug #583825 - CC: Obsolete servlets to be removed from + // web.xml as part of CC interface review + boolean authenticated = authenticate(host, httpsport, true, + "/ca/ee/ca/checkIdentity", "uid="+uid+"&pwd="+pwd); - if (!authenticated) { - context.put("errorString", "Wrong user id or password"); - throw new IOException("Wrong user id or password"); - } -*/ + if (!authenticated) { + context.put("errorString", "Wrong user id or password"); + throw new IOException("Wrong user id or password"); + } + */ try { config.commit(false); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } } } @@ -217,9 +218,8 @@ public class AgentAuthenticatePanel extends WizardPanelBase { * If validiate() returns false, this method will be called. */ public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) - { + HttpServletResponse response, + Context context) { context.put("password", ""); context.put("title", "Agent Authentication"); context.put("panel", "admin/console/config/agentauthenticatepanel.vm"); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java index ceab1d8d..6700b931 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import javax.servlet.ServletConfig; @@ -36,19 +35,20 @@ import com.netscape.cms.servlet.wizard.WizardServlet; public class AuthenticatePanel extends WizardPanelBase { - public AuthenticatePanel() {} + public AuthenticatePanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Authentication"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Authentication"); setId(id); @@ -62,21 +62,22 @@ public class AuthenticatePanel extends WizardPanelBase { public boolean isPanelDone() { IConfigStore cs = CMS.getConfigStore(); try { - String s = cs.getString("preop.ca.agent.uid",""); + String s = cs.getString("preop.ca.agent.uid", ""); if (s == null || s.equals("")) { return false; } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + /* XXX */ - + return set; } @@ -90,14 +91,14 @@ public class AuthenticatePanel extends WizardPanelBase { IConfigStore config = CMS.getConfigStore(); if (isPanelDone()) { - + try { String s = config.getString("preop.ca.agent.uid", ""); String type = config.getString("preop.hierarchy.select", ""); if (type.equals("root")) context.put("uid", ""); else - context.put("uid", s); + context.put("uid", s); } catch (Exception e) { CMS.debug(e.toString()); } @@ -151,30 +152,31 @@ public class AuthenticatePanel extends WizardPanelBase { try { host = config.getString("preop.ca.hostname"); } catch (Exception e) { - CMS.debug("AuthenticatePanel update: "+e.toString()); + CMS.debug("AuthenticatePanel update: " + e.toString()); context.put("errorString", "Missing hostname"); throw new IOException("Missing hostname"); } - + try { httpsport = config.getInteger("preop.ca.httpsport"); } catch (Exception e) { - CMS.debug("AuthenticatePanel update: "+e.toString()); + CMS.debug("AuthenticatePanel update: " + e.toString()); context.put("errorString", "Missing port"); throw new IOException("Missing port"); } - boolean authenticated = authenticate(host, httpsport, true, - "/ca/ee/ca/configSubsystem", "uid="+uid+"&pwd="+pwd); + boolean authenticated = authenticate(host, httpsport, true, + "/ca/ee/ca/configSubsystem", "uid=" + uid + "&pwd=" + pwd); - if (!authenticated) { - context.put("errorString", "Wrong user id or password"); - throw new IOException("Wrong user id or password"); - } + if (!authenticated) { + context.put("errorString", "Wrong user id or password"); + throw new IOException("Wrong user id or password"); + } try { config.commit(false); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } } } @@ -182,9 +184,8 @@ public class AuthenticatePanel extends WizardPanelBase { * If validiate() returns false, this method will be called. */ public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) - { + HttpServletResponse response, + Context context) { context.put("password", ""); context.put("panel", "admin/console/config/authenticatepanel.vm"); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java index 77977808..c1529f25 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.ByteArrayOutputStream; import java.io.CharConversionException; import java.io.IOException; @@ -71,19 +70,20 @@ import com.netscape.cmsutil.crypto.CryptoUtil; public class BackupKeyCertPanel extends WizardPanelBase { - public BackupKeyCertPanel() {} + public BackupKeyCertPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Export Keys and Certificates"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Export Keys and Certificates"); setId(id); @@ -105,11 +105,11 @@ public class BackupKeyCertPanel extends WizardPanelBase { try { String s = cs.getString("preop.module.token", ""); - if (s.equals("Internal Key Storage Token")) + if (s.equals("Internal Key Storage Token")) return false; } catch (Exception e) { } - + return true; } @@ -122,15 +122,16 @@ public class BackupKeyCertPanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + /* XXX */ - + return set; } @@ -170,7 +171,7 @@ public class BackupKeyCertPanel extends WizardPanelBase { * Checks if the given parameters are valid. */ public void validate(HttpServletRequest request, - HttpServletResponse response, Context context) throws IOException { + HttpServletResponse response, Context context) throws IOException { String select = HttpInput.getID(request, "choice"); if (select.equals("backupkey")) { String pwd = request.getParameter("__pwd"); @@ -219,9 +220,8 @@ public class BackupKeyCertPanel extends WizardPanelBase { * If validiate() returns false, this method will be called. */ public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) - { + HttpServletResponse response, + Context context) { String select = ""; try { select = HttpInput.getID(request, "choice"); @@ -242,8 +242,8 @@ public class BackupKeyCertPanel extends WizardPanelBase { context.put("panel", "admin/console/config/backupkeycertpanel.vm"); } - public void backupKeysCerts(HttpServletRequest request) - throws IOException { + public void backupKeysCerts(HttpServletRequest request) + throws IOException { CMS.debug("BackupKeyCertPanel backupKeysCerts: start"); IConfigStore cs = CMS.getConfigStore(); String certlist = ""; @@ -257,9 +257,9 @@ public class BackupKeyCertPanel extends WizardPanelBase { try { cm = CryptoManager.getInstance(); } catch (Exception e) { - CMS.debug( "BackupKeyCertPanel::backupKeysCerts() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("BackupKeyCertPanel::backupKeysCerts() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String pwd = request.getParameter("__pwd"); @@ -273,12 +273,12 @@ public class BackupKeyCertPanel extends WizardPanelBase { String nickname = ""; String modname = ""; try { - nickname = cs.getString("preop.cert."+t+".nickname"); + nickname = cs.getString("preop.cert." + t + ".nickname"); modname = cs.getString("preop.module.token"); } catch (Exception e) { } if (!modname.equals("Internal Key Storage Token")) - nickname = modname+":"+nickname; + nickname = modname + ":" + nickname; X509Certificate x509cert = null; byte localKeyId[] = null; @@ -288,7 +288,7 @@ public class BackupKeyCertPanel extends WizardPanelBase { } catch (IOException e) { throw e; } catch (Exception e) { - CMS.debug("BackupKeyCertPanel: Exception="+e.toString()); + CMS.debug("BackupKeyCertPanel: Exception=" + e.toString()); throw new IOException("Failed to create pkcs12 file."); } @@ -296,14 +296,14 @@ public class BackupKeyCertPanel extends WizardPanelBase { PrivateKey pkey = cm.findPrivKeyByCert(x509cert); addKeyBag(pkey, x509cert, pass, localKeyId, encSafeContents); } catch (Exception e) { - CMS.debug("BackupKeyCertPanel: Exception="+e.toString()); + CMS.debug("BackupKeyCertPanel: Exception=" + e.toString()); throw new IOException("Failed to create pkcs12 file."); } } //while loop - + X509Certificate[] cacerts = cm.getCACerts(); - for (int i=0; i<cacerts.length; i++) { + for (int i = 0; i < cacerts.length; i++) { //String nickname = cacerts[i].getSubjectDN().toString(); String nickname = null; try { @@ -311,7 +311,7 @@ public class BackupKeyCertPanel extends WizardPanelBase { } catch (IOException e) { throw e; } catch (Exception e) { - CMS.debug("BackupKeyCertPanel backKeysCerts: Exception="+e.toString()); + CMS.debug("BackupKeyCertPanel backKeysCerts: Exception=" + e.toString()); throw new IOException("Failed to create pkcs12 file."); } } @@ -319,9 +319,9 @@ public class BackupKeyCertPanel extends WizardPanelBase { try { AuthenticatedSafes authSafes = new AuthenticatedSafes(); authSafes.addSafeContents(safeContents); - authSafes.addSafeContents(encSafeContents); + authSafes.addSafeContents(encSafeContents); PFX pfx = new PFX(authSafes); - pfx.computeMacData(pass, null, 5); + pfx.computeMacData(pass, null, 5); ByteArrayOutputStream bos = new ByteArrayOutputStream(); pfx.encode(bos); byte[] output = bos.toByteArray(); @@ -329,13 +329,13 @@ public class BackupKeyCertPanel extends WizardPanelBase { pass.clear(); cs.commit(false); } catch (Exception e) { - CMS.debug("BackupKeyCertPanel backupKeysCerts: Exception="+e.toString()); + CMS.debug("BackupKeyCertPanel backupKeysCerts: Exception=" + e.toString()); } } private void addKeyBag(PrivateKey pkey, X509Certificate x509cert, - Password pass, byte[] localKeyId, SEQUENCE safeContents) - throws IOException { + Password pass, byte[] localKeyId, SEQUENCE safeContents) + throws IOException { try { PasswordConverter passConverter = new PasswordConverter(); @@ -344,23 +344,23 @@ public class BackupKeyCertPanel extends WizardPanelBase { byte[] priData = getEncodedKey(pkey); PrivateKeyInfo pki = (PrivateKeyInfo) - ASN1Util.decode(PrivateKeyInfo.getTemplate(), priData); + ASN1Util.decode(PrivateKeyInfo.getTemplate(), priData); ASN1Value key = EncryptedPrivateKeyInfo.createPBE( - PBEAlgorithm.PBE_SHA1_DES3_CBC, - pass, salt, 1, passConverter, pki); + PBEAlgorithm.PBE_SHA1_DES3_CBC, + pass, salt, 1, passConverter, pki); SET keyAttrs = createBagAttrs( - x509cert.getSubjectDN().toString(), localKeyId); - SafeBag keyBag = new SafeBag(SafeBag.PKCS8_SHROUDED_KEY_BAG, - key, keyAttrs); + x509cert.getSubjectDN().toString(), localKeyId); + SafeBag keyBag = new SafeBag(SafeBag.PKCS8_SHROUDED_KEY_BAG, + key, keyAttrs); safeContents.addElement(keyBag); } catch (Exception e) { - CMS.debug("BackupKeyCertPanel getKeyBag: Exception="+e.toString()); + CMS.debug("BackupKeyCertPanel getKeyBag: Exception=" + e.toString()); throw new IOException("Failed to create pk12 file."); } } - private byte[] addCertBag(X509Certificate x509cert, String nickname, - SEQUENCE safeContents) throws IOException { + private byte[] addCertBag(X509Certificate x509cert, String nickname, + SEQUENCE safeContents) throws IOException { byte[] localKeyId = null; try { ASN1Value cert = new OCTET_STRING(x509cert.getEncoded()); @@ -369,10 +369,10 @@ public class BackupKeyCertPanel extends WizardPanelBase { if (nickname != null) certAttrs = createBagAttrs(nickname, localKeyId); SafeBag certBag = new SafeBag(SafeBag.CERT_BAG, - new CertBag(CertBag.X509_CERT_TYPE, cert), certAttrs); + new CertBag(CertBag.X509_CERT_TYPE, cert), certAttrs); safeContents.addElement(certBag); } catch (Exception e) { - CMS.debug("BackupKeyCertPanel addCertBag: "+e.toString()); + CMS.debug("BackupKeyCertPanel addCertBag: " + e.toString()); throw new IOException("Failed to create pk12 file."); } @@ -386,7 +386,7 @@ public class BackupKeyCertPanel extends WizardPanelBase { KeyGenerator kg = token.getKeyGenerator(KeyGenAlgorithm.DES3); SymmetricKey sk = kg.generate(); KeyWrapper wrapper = token.getKeyWrapper(KeyWrapAlgorithm.DES3_CBC_PAD); - byte iv[] = {0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1}; + byte iv[] = { 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1 }; IVParameterSpec param = new IVParameterSpec(iv); wrapper.initWrap(sk, param); byte[] enckey = wrapper.wrap(pkey); @@ -395,14 +395,14 @@ public class BackupKeyCertPanel extends WizardPanelBase { byte[] recovered = c.doFinal(enckey); return recovered; } catch (Exception e) { - CMS.debug("BackupKeyCertPanel getEncodedKey: Exception="+e.toString()); + CMS.debug("BackupKeyCertPanel getEncodedKey: Exception=" + e.toString()); } return null; } - private byte[] createLocalKeyId(X509Certificate cert) - throws IOException { + private byte[] createLocalKeyId(X509Certificate cert) + throws IOException { try { // SHA1 hash of the X509Cert der encoding byte certDer[] = cert.getEncoded(); @@ -412,16 +412,16 @@ public class BackupKeyCertPanel extends WizardPanelBase { md.update(certDer); return md.digest(); } catch (CertificateEncodingException e) { - CMS.debug("BackupKeyCertPanel createLocalKeyId: Exception: "+e.toString()); + CMS.debug("BackupKeyCertPanel createLocalKeyId: Exception: " + e.toString()); throw new IOException("Failed to encode certificate."); } catch (NoSuchAlgorithmException e) { - CMS.debug("BackupKeyCertPanel createLocalKeyId: Exception: "+e.toString()); + CMS.debug("BackupKeyCertPanel createLocalKeyId: Exception: " + e.toString()); throw new IOException("No such algorithm supported."); } } private SET createBagAttrs(String nickName, byte localKeyId[]) - throws IOException { + throws IOException { try { SET attrs = new SET(); SEQUENCE nickNameAttr = new SEQUENCE(); @@ -442,7 +442,7 @@ public class BackupKeyCertPanel extends WizardPanelBase { attrs.addElement(localKeyAttr); return attrs; } catch (CharConversionException e) { - CMS.debug("BackupKeyCertPanel createBagAttrs: Exception="+e.toString()); + CMS.debug("BackupKeyCertPanel createBagAttrs: Exception=" + e.toString()); throw new IOException("Failed to create PKCS12 file."); } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java index 01d06631..9bb81902 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/BaseServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.util.Enumeration; @@ -30,7 +29,6 @@ import org.apache.velocity.servlet.VelocityServlet; import com.netscape.certsrv.apps.CMS; - public class BaseServlet extends VelocityServlet { /** @@ -53,7 +51,8 @@ public class BaseServlet extends VelocityServlet { if (pin == null) { try { response.sendRedirect("login"); - } catch (IOException e) {} + } catch (IOException e) { + } return false; } return true; @@ -70,25 +69,25 @@ public class BaseServlet extends VelocityServlet { // __ (double underscores); however, in the event that // a security parameter slips through, we perform multiple // additional checks to insure that it is NOT displayed - if( pn.startsWith("__") || - pn.endsWith("password") || - pn.endsWith("passwd") || - pn.endsWith("pwd") || - pn.equalsIgnoreCase("admin_password_again") || - pn.equalsIgnoreCase("directoryManagerPwd") || - pn.equalsIgnoreCase("bindpassword") || - pn.equalsIgnoreCase("bindpwd") || - pn.equalsIgnoreCase("passwd") || - pn.equalsIgnoreCase("password") || - pn.equalsIgnoreCase("pin") || - pn.equalsIgnoreCase("pwd") || - pn.equalsIgnoreCase("pwdagain") || - pn.equalsIgnoreCase("uPasswd") ) { - CMS.debug("BaseServlet::service() param name='" + pn + - "' value='(sensitive)'" ); + if (pn.startsWith("__") || + pn.endsWith("password") || + pn.endsWith("passwd") || + pn.endsWith("pwd") || + pn.equalsIgnoreCase("admin_password_again") || + pn.equalsIgnoreCase("directoryManagerPwd") || + pn.equalsIgnoreCase("bindpassword") || + pn.equalsIgnoreCase("bindpwd") || + pn.equalsIgnoreCase("passwd") || + pn.equalsIgnoreCase("password") || + pn.equalsIgnoreCase("pin") || + pn.equalsIgnoreCase("pwd") || + pn.equalsIgnoreCase("pwdagain") || + pn.equalsIgnoreCase("uPasswd")) { + CMS.debug("BaseServlet::service() param name='" + pn + + "' value='(sensitive)'"); } else { - CMS.debug("BaseServlet::service() param name='" + pn + - "' value='" + httpReq.getParameter(pn) + "'" ); + CMS.debug("BaseServlet::service() param name='" + pn + + "' value='" + httpReq.getParameter(pn) + "'"); } } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CAInfoPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CAInfoPanel.java index 33a0ff69..f80957d1 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CAInfoPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CAInfoPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.net.URL; import java.util.StringTokenizer; @@ -39,19 +38,20 @@ import com.netscape.cms.servlet.wizard.WizardServlet; public class CAInfoPanel extends WizardPanelBase { - public CAInfoPanel() {} + public CAInfoPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("CA Information"); } - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) + throws ServletException { setPanelNo(panelno); setName("CA Information"); setId(id); @@ -82,14 +82,15 @@ public class CAInfoPanel extends WizardPanelBase { } else { return true; } - } catch (Exception e) {} + } catch (Exception e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + return set; } @@ -118,15 +119,18 @@ public class CAInfoPanel extends WizardPanelBase { try { hostname = cs.getString("preop.ca.hostname"); - } catch (Exception e) {} + } catch (Exception e) { + } try { httpport = cs.getString("preop.ca.httpport"); - } catch (Exception e) {} + } catch (Exception e) { + } try { httpsport = cs.getString("preop.ca.httpsport"); - } catch (Exception e) {} + } catch (Exception e) { + } if (type.equals("sdca")) { context.put("check_sdca", "checked"); @@ -143,12 +147,12 @@ public class CAInfoPanel extends WizardPanelBase { String cstype = "CA"; String portType = "SecurePort"; -/* - try { - cstype = cs.getString("cs.type", ""); - } catch (EBaseException e) {} -*/ - + /* + try { + cstype = cs.getString("cs.type", ""); + } catch (EBaseException e) {} + */ + CMS.debug("CAInfoPanel: Ready to get url"); Vector v = getUrlListFromSecurityDomain(cs, cstype, portType); v.addElement("External CA"); @@ -163,12 +167,13 @@ public class CAInfoPanel extends WizardPanelBase { list.append(","); } } - + try { cs.putString("preop.ca.list", list.toString()); cs.commit(false); - } catch (Exception e) {} - + } catch (Exception e) { + } + context.put("urls", v); context.put("sdcaHostname", hostname); @@ -213,25 +218,26 @@ public class CAInfoPanel extends WizardPanelBase { String select = null; String index = request.getParameter("urls"); - String url = ""; + String url = ""; if (index.startsWith("http")) { - // user may submit url directlry - url = index; + // user may submit url directlry + url = index; } else { - try { - int x = Integer.parseInt(index); - String list = config.getString("preop.ca.list", ""); - StringTokenizer tokenizer = new StringTokenizer(list, ","); - int counter = 0; - - while (tokenizer.hasMoreTokens()) { - url = tokenizer.nextToken(); - if (counter == x) { - break; + try { + int x = Integer.parseInt(index); + String list = config.getString("preop.ca.list", ""); + StringTokenizer tokenizer = new StringTokenizer(list, ","); + int counter = 0; + + while (tokenizer.hasMoreTokens()) { + url = tokenizer.nextToken(); + if (counter == x) { + break; + } + counter++; } - counter++; + } catch (Exception e) { } - } catch (Exception e) {} } URL urlx = null; @@ -240,7 +246,7 @@ public class CAInfoPanel extends WizardPanelBase { select = "otherca"; config.putString("preop.ca.pkcs7", ""); config.putInteger("preop.ca.certchain.size", 0); - } else { + } else { select = "sdca"; // parse URL (CA1 - https://...) @@ -272,7 +278,8 @@ public class CAInfoPanel extends WizardPanelBase { try { config.commit(false); - } catch (Exception e) {} + } catch (Exception e) { + } } private void sdca(HttpServletRequest request, Context context, String hostname, String httpsPortStr) throws IOException { @@ -301,9 +308,9 @@ public class CAInfoPanel extends WizardPanelBase { config.putString("preop.ca.hostname", hostname); config.putString("preop.ca.httpsport", httpsPortStr); ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); - updateCertChainUsingSecureEEPort( config, "ca", hostname, + updateCertChainUsingSecureEEPort(config, "ca", hostname, httpsport, true, context, - certApprovalCallback ); + certApprovalCallback); } /** diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/Cert.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/Cert.java index fb8c2d9c..0aedded8 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/Cert.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/Cert.java @@ -17,9 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - - - public class Cert { private String mNickname = ""; private String mTokenname = ""; @@ -116,8 +113,8 @@ public class Cert { } public String escapeForHTML(String s) { - s = s.replaceAll("\"", """); - return s; + s = s.replaceAll("\"", """); + return s; } public String getEscapedDN() { diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertPrettyPrintPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertPrettyPrintPanel.java index 30bcc78d..119dead0 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertPrettyPrintPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertPrettyPrintPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.util.Locale; import java.util.StringTokenizer; @@ -42,19 +41,20 @@ import com.netscape.cmsutil.crypto.CryptoUtil; public class CertPrettyPrintPanel extends WizardPanelBase { private Vector mCerts = null; - public CertPrettyPrintPanel() {} + public CertPrettyPrintPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Certificates"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Certificates"); setId(id); @@ -63,7 +63,7 @@ public class CertPrettyPrintPanel extends WizardPanelBase { public PropertySet getUsage() { // expects no input from client PropertySet set = new PropertySet(); - + return set; } @@ -83,7 +83,8 @@ public class CertPrettyPrintPanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } @@ -153,7 +154,7 @@ public class CertPrettyPrintPanel extends WizardPanelBase { } catch (Exception e) { CMS.debug( "CertPrettyPrintPanel: display() certTag " + certTag - + " Exception caught: " + e.toString()); + + " Exception caught: " + e.toString()); } } } catch (Exception e) { @@ -192,7 +193,7 @@ public class CertPrettyPrintPanel extends WizardPanelBase { config.commit(false); } catch (EBaseException e) { CMS.debug( - "CertPrettyPrintPanel: update() Exception caught at config commit: " + "CertPrettyPrintPanel: update() Exception caught at config commit: " + e.toString()); } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java index 5e783b1a..72e145d6 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.math.BigInteger; import java.security.Principal; @@ -58,19 +57,20 @@ public class CertRequestPanel extends WizardPanelBase { private Vector mCerts = null; private WizardServlet mServlet = null; - public CertRequestPanel() {} + public CertRequestPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Requests & Certificates"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Requests and Certificates"); mServlet = servlet; @@ -80,13 +80,13 @@ public class CertRequestPanel extends WizardPanelBase { // XXX how do you do this? There could be multiple certs. public PropertySet getUsage() { PropertySet set = new PropertySet(); - + Descriptor certDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ null, /* no default parameters */ null); set.add("cert", certDesc); - + return set; } @@ -95,13 +95,13 @@ public class CertRequestPanel extends WizardPanelBase { */ public boolean showApplyButton() { if (isPanelDone()) - return false; + return false; else - return true; + return true; } - private boolean findCertificate(String tokenname, String nickname) - throws IOException { + private boolean findCertificate(String tokenname, String nickname) + throws IOException { IConfigStore cs = CMS.getConfigStore(); CryptoManager cm = null; try { @@ -114,7 +114,7 @@ public class CertRequestPanel extends WizardPanelBase { boolean hardware = false; if (!tokenname.equals("internal") && !tokenname.equals("Internal Key Storage Token")) { hardware = true; - fullnickname = tokenname+":"+nickname; + fullnickname = tokenname + ":" + nickname; } try { @@ -126,16 +126,16 @@ public class CertRequestPanel extends WizardPanelBase { return true; } catch (Exception ee) { if (hardware) { - CMS.debug("CertRequestPanel findCertificate: The certificate with the same nickname: "+ fullnickname +" has been found on HSM. Please remove it before proceeding."); - throw new IOException("The certificate with the same nickname: "+ fullnickname +" has been found on HSM. Please remove it before proceeding."); + CMS.debug("CertRequestPanel findCertificate: The certificate with the same nickname: " + fullnickname + " has been found on HSM. Please remove it before proceeding."); + throw new IOException("The certificate with the same nickname: " + fullnickname + " has been found on HSM. Please remove it before proceeding."); } return true; } } catch (IOException e) { - CMS.debug("CertRequestPanel findCertificate: throw exception:"+e.toString()); + CMS.debug("CertRequestPanel findCertificate: throw exception:" + e.toString()); throw e; } catch (Exception e) { - CMS.debug("CertRequestPanel findCertificate: Exception="+e.toString()); + CMS.debug("CertRequestPanel findCertificate: Exception=" + e.toString()); return false; } } @@ -148,13 +148,13 @@ public class CertRequestPanel extends WizardPanelBase { try { select = cs.getString("preop.subsystem.select", ""); list = cs.getString("preop.cert.list", ""); - tokenname = cs.getString("preop.module.token", ""); + tokenname = cs.getString("preop.module.token", ""); } catch (Exception e) { } ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem( - ICertificateAuthority.ID); - + ICertificateAuthority.ID); + if (ca != null) { CMS.debug("CertRequestPanel cleanup: get certificate repository"); BigInteger beginS = null; @@ -176,27 +176,26 @@ public class CertRequestPanel extends WizardPanelBase { try { cr.removeCertRecords(beginS, endS); } catch (Exception e) { - CMS.debug("CertRequestPanel cleanUp exception in removing all objects: "+e.toString()); + CMS.debug("CertRequestPanel cleanUp exception in removing all objects: " + e.toString()); } - + try { - cr.resetSerialNumber(new BigInteger(beginNum,16)); + cr.resetSerialNumber(new BigInteger(beginNum, 16)); } catch (Exception e) { - CMS.debug("CertRequestPanel cleanUp exception in resetting serial number: "+e.toString()); + CMS.debug("CertRequestPanel cleanUp exception in resetting serial number: " + e.toString()); } } } - StringTokenizer st = new StringTokenizer(list, ","); String nickname = ""; boolean enable = false; while (st.hasMoreTokens()) { String t = st.nextToken(); - + try { - enable = cs.getBoolean(PCERT_PREFIX+t+".enable", true); - nickname = cs.getString(PCERT_PREFIX +t+".nickname", ""); + enable = cs.getBoolean(PCERT_PREFIX + t + ".enable", true); + nickname = cs.getString(PCERT_PREFIX + t + ".nickname", ""); } catch (Exception e) { } @@ -208,10 +207,10 @@ public class CertRequestPanel extends WizardPanelBase { if (findCertificate(tokenname, nickname)) { try { - CMS.debug("CertRequestPanel cleanup: deleting certificate ("+nickname+")."); - deleteCert(tokenname, nickname); + CMS.debug("CertRequestPanel cleanup: deleting certificate (" + nickname + ")."); + deleteCert(tokenname, nickname); } catch (Exception e) { - CMS.debug("CertRequestPanel cleanup: failed to delete certificate (" +nickname+"). Exception: " +e.toString()); + CMS.debug("CertRequestPanel cleanup: failed to delete certificate (" + nickname + "). Exception: " + e.toString()); } } } @@ -235,7 +234,8 @@ public class CertRequestPanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } @@ -254,9 +254,9 @@ public class CertRequestPanel extends WizardPanelBase { CMS.debug( "CertRequestPanel getCert: certTag=" + certTag - + " cert=" + certs); + + " cert=" + certs); //get and set formated cert - if (!certs.startsWith("...")) { + if (!certs.startsWith("...")) { certf = CryptoUtil.certFormat(certs); } cert.setCert(certf); @@ -266,7 +266,7 @@ public class CertRequestPanel extends WizardPanelBase { CertPrettyPrint pp = new CertPrettyPrint(certb); cert.setCertpp(pp.toString(Locale.getDefault())); } else { - CMS.debug( "CertRequestPanel::getCert() - cert is null!" ); + CMS.debug("CertRequestPanel::getCert() - cert is null!"); return; } String userfriendlyname = config.getString( @@ -285,18 +285,16 @@ public class CertRequestPanel extends WizardPanelBase { } public X509Key getECCX509Key(IConfigStore config, String certTag) - throws Exception - { + throws Exception { X509Key pubk = null; String pubKeyEncoded = config.getString( PCERT_PREFIX + certTag + ".pubkey.encoded"); - pubk = CryptoUtil.getPublicX509ECCKey(CryptoUtil.string2byte(pubKeyEncoded)); + pubk = CryptoUtil.getPublicX509ECCKey(CryptoUtil.string2byte(pubKeyEncoded)); return pubk; } public X509Key getRSAX509Key(IConfigStore config, String certTag) - throws Exception - { + throws Exception { X509Key pubk = null; String pubKeyModulus = config.getString( @@ -305,7 +303,7 @@ public class CertRequestPanel extends WizardPanelBase { PCERT_PREFIX + certTag + ".pubkey.exponent"); pubk = CryptoUtil.getPublicX509Key( CryptoUtil.string2byte(pubKeyModulus), - CryptoUtil.string2byte(pubKeyPublicExponent)); + CryptoUtil.string2byte(pubKeyPublicExponent)); return pubk; } @@ -323,8 +321,8 @@ public class CertRequestPanel extends WizardPanelBase { } else if (pubKeyType.equals("ecc")) { pubk = getECCX509Key(config, certTag); } else { - CMS.debug( "CertRequestPanel::handleCertRequest() - " - + "pubKeyType " + pubKeyType + " is unsupported!" ); + CMS.debug("CertRequestPanel::handleCertRequest() - " + + "pubKeyType " + pubKeyType + " is unsupported!"); return; } @@ -341,7 +339,7 @@ public class CertRequestPanel extends WizardPanelBase { PCERT_PREFIX + certTag + ".privkey.id"); CMS.debug("CertRequestPanel: privKeyID=" + privKeyID); byte[] keyIDb = CryptoUtil.string2byte(privKeyID); - + PrivateKey privk = CryptoUtil.findPrivateKeyFromID(keyIDb); if (privk != null) { @@ -349,7 +347,7 @@ public class CertRequestPanel extends WizardPanelBase { } else { CMS.debug("CertRequestPanel: error getting private key null"); } - + // construct cert request String caDN = config.getString(PCERT_PREFIX + certTag + ".dn"); @@ -361,7 +359,7 @@ public class CertRequestPanel extends WizardPanelBase { byte[] certReqb = certReq.toByteArray(); String certReqs = CryptoUtil.base64Encode(certReqb); String certReqf = CryptoUtil.reqFormat(certReqs); - + String subsystem = config.getString( PCERT_PREFIX + certTag + ".subsystem"); config.putString(subsystem + "." + certTag + ".certreq", certReqs); @@ -410,7 +408,7 @@ public class CertRequestPanel extends WizardPanelBase { PCERT_PREFIX + certTag + ".type"); c.setType(type); - boolean enable = config.getBoolean(PCERT_PREFIX+certTag+".enable", true); + boolean enable = config.getBoolean(PCERT_PREFIX + certTag + ".enable", true); c.setEnable(enable); getCert(config, context, certTag, c); @@ -458,7 +456,7 @@ public class CertRequestPanel extends WizardPanelBase { if (issuerDN.equals(subjectDN)) return true; } catch (Exception e) { - CMS.debug("CertRequestPanel findBootstrapServerCert Exception="+e.toString()); + CMS.debug("CertRequestPanel findBootstrapServerCert Exception=" + e.toString()); } return false; @@ -472,7 +470,7 @@ public class CertRequestPanel extends WizardPanelBase { deleteCert("Internal Key Storage Token", nickname); } catch (Exception e) { - CMS.debug("CertRequestPanel deleteBootstrapServerCert Exception="+e.toString()); + CMS.debug("CertRequestPanel deleteBootstrapServerCert Exception=" + e.toString()); } } @@ -502,7 +500,7 @@ public class CertRequestPanel extends WizardPanelBase { String tokenname = ""; try { - tokenname = config.getString("preop.module.token", ""); + tokenname = config.getString("preop.module.token", ""); } catch (Exception e) { } @@ -510,11 +508,11 @@ public class CertRequestPanel extends WizardPanelBase { Cert cert = (Cert) c.nextElement(); String certTag = cert.getCertTag(); String subsystem = cert.getSubsystem(); - boolean enable = config.getBoolean(PCERT_PREFIX+certTag+".enable", true); + boolean enable = config.getBoolean(PCERT_PREFIX + certTag + ".enable", true); if (!enable) continue; - if (hasErr) + if (hasErr) continue; String nickname = cert.getNickname(); @@ -533,20 +531,20 @@ public class CertRequestPanel extends WizardPanelBase { PCERT_PREFIX + certTag + ".keytype"); X509Key x509key = null; if (pubKeyType.equals("rsa")) { - x509key = getRSAX509Key(config, certTag); + x509key = getRSAX509Key(config, certTag); } else if (pubKeyType.equals("ecc")) { - x509key = getECCX509Key(config, certTag); + x509key = getECCX509Key(config, certTag); } - + if (findCertificate(tokenname, nickname)) { if (!certTag.equals("sslserver")) - continue; + continue; } - X509CertImpl impl = CertUtil.createLocalCert(config, x509key, + X509CertImpl impl = CertUtil.createLocalCert(config, x509key, PCERT_PREFIX, certTag, cert.getType(), context); if (impl != null) { - byte[] certb = impl.getEncoded(); + byte[] certb = impl.getEncoded(); String certs = CryptoUtil.base64Encode(certb); cert.setCert(certs); @@ -574,13 +572,13 @@ public class CertRequestPanel extends WizardPanelBase { + certTag + " Exception: " + ee.toString()); CMS.debug("ok"); -// hasErr = true; + // hasErr = true; } } } else if (cert.getType().equals("remote")) { if (b64 != null && b64.length() > 0 && !b64.startsWith("...")) { - String b64chain = HttpInput.getCertChain(request, certTag+"_cc"); + String b64chain = HttpInput.getCertChain(request, certTag + "_cc"); CMS.debug( "CertRequestPanel: in update() process remote...import cert"); @@ -590,11 +588,11 @@ public class CertRequestPanel extends WizardPanelBase { try { if (certTag.equals("sslserver") && findBootstrapServerCert()) deleteBootstrapServerCert(); - if (findCertificate(tokenname, nickname)) { - deleteCert(tokenname, nickname); + if (findCertificate(tokenname, nickname)) { + deleteCert(tokenname, nickname); } } catch (Exception e) { - CMS.debug("CertRequestPanel update (remote): deleteCert Exception="+e.toString()); + CMS.debug("CertRequestPanel update (remote): deleteCert Exception=" + e.toString()); } input = CryptoUtil.stripCertBrackets(input.trim()); String certs = CryptoUtil.normalizeCertStr(input); @@ -619,21 +617,21 @@ public class CertRequestPanel extends WizardPanelBase { leaf = certchains[certchains.length - 1]; } - if( leaf == null ) { - CMS.debug( "CertRequestPanel::update() - " - + "leaf is null!" ); - throw new IOException( "leaf is null" ); + if (leaf == null) { + CMS.debug("CertRequestPanel::update() - " + + "leaf is null!"); + throw new IOException("leaf is null"); } if (/*(certchains.length <= 1) &&*/ - (b64chain != null && b64chain.length() != 0)) { - CMS.debug("CertRequestPanel: cert might not have contained chain...calling importCertificateChain: " + b64chain); - try { - CryptoUtil.importCertificateChain( - CryptoUtil.normalizeCertAndReq(b64chain)); - } catch (Exception e) { - CMS.debug("CertRequestPanel: importCertChain: Exception: "+e.toString()); - } + (b64chain != null && b64chain.length() != 0)) { + CMS.debug("CertRequestPanel: cert might not have contained chain...calling importCertificateChain: " + b64chain); + try { + CryptoUtil.importCertificateChain( + CryptoUtil.normalizeCertAndReq(b64chain)); + } catch (Exception e) { + CMS.debug("CertRequestPanel: importCertChain: Exception: " + e.toString()); + } } InternalCertificate icert = (InternalCertificate) leaf; @@ -651,17 +649,17 @@ public class CertRequestPanel extends WizardPanelBase { + certTag + " Exception: " + ee.toString()); CMS.debug("ok"); -// hasErr=true; + // hasErr=true; } } else { CMS.debug("CertRequestPanel: in update() input null"); hasErr = true; } } else { - CMS.debug("CertRequestPanel: in update() b64 not set"); - hasErr=true; + CMS.debug("CertRequestPanel: in update() b64 not set"); + hasErr = true; } - + } else { b64 = CryptoUtil.stripCertBrackets(b64.trim()); String certs = CryptoUtil.normalizeCertStr(b64); @@ -671,10 +669,10 @@ public class CertRequestPanel extends WizardPanelBase { if (certTag.equals("sslserver") && findBootstrapServerCert()) deleteBootstrapServerCert(); if (findCertificate(tokenname, nickname)) { - deleteCert(tokenname, nickname); + deleteCert(tokenname, nickname); } } catch (Exception ee) { - CMS.debug("CertRequestPanel update: deleteCert Exception="+ee.toString()); + CMS.debug("CertRequestPanel update: deleteCert Exception=" + ee.toString()); } try { @@ -683,8 +681,8 @@ public class CertRequestPanel extends WizardPanelBase { else CryptoUtil.importUserCertificate(impl, nickname, false); } catch (Exception ee) { - CMS.debug("CertRequestPanel: Failed to import user certificate."+ee.toString()); - hasErr=true; + CMS.debug("CertRequestPanel: Failed to import user certificate." + ee.toString()); + hasErr = true; } } @@ -696,16 +694,16 @@ public class CertRequestPanel extends WizardPanelBase { if (certTag.equals("signing") && subsystem.equals("ca")) { String NickName = nickname; if (!tokenname.equals("internal") && !tokenname.equals("Internal Key Storage Token")) - NickName = tokenname+ ":"+ nickname; + NickName = tokenname + ":" + nickname; - CMS.debug("CertRequestPanel update: set trust on CA signing cert "+NickName); + CMS.debug("CertRequestPanel update: set trust on CA signing cert " + NickName); CryptoUtil.trustCertByNickname(NickName); CMS.reinit(ICertificateAuthority.ID); - } + } } //while loop if (hasErr == false) { - config.putBoolean("preop.CertRequestPanel.done", true); + config.putBoolean("preop.CertRequestPanel.done", true); } config.commit(false); } catch (Exception e) { @@ -723,13 +721,13 @@ public class CertRequestPanel extends WizardPanelBase { String tag = tokenizer.nextToken(); if (tag.equals("signing")) continue; - String nickname = config.getString("preop.cert."+tag+".nickname", ""); + String nickname = config.getString("preop.cert." + tag + ".nickname", ""); String tokenname = config.getString("preop.module.token", ""); if (!tokenname.equals("Internal Key Storage Token")) - nickname = tokenname+":"+nickname; + nickname = tokenname + ":" + nickname; X509Certificate c = cm.findCertByNickname(nickname); if (c instanceof InternalCertificate) { - InternalCertificate ic = (InternalCertificate)c; + InternalCertificate ic = (InternalCertificate) c; ic.setSSLTrust(InternalCertificate.USER); ic.setEmailTrust(InternalCertificate.USER); if (tag.equals("audit_signing")) { @@ -738,10 +736,10 @@ public class CertRequestPanel extends WizardPanelBase { ic.setObjectSigningTrust(InternalCertificate.USER); } } - } + } } catch (Exception e) { } - if (!hasErr) { + if (!hasErr) { context.put("updateStatus", "success"); } else { context.put("updateStatus", "failure"); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java index 3725149d..f87af9bd 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CertUtil.java @@ -64,13 +64,12 @@ import com.netscape.cmsutil.http.HttpResponse; import com.netscape.cmsutil.http.JssSSLSocketFactory; import com.netscape.cmsutil.xml.XMLObject; - public class CertUtil { static final int LINE_COUNT = 76; - public static X509CertImpl createRemoteCert(String hostname, - int port, String content, HttpServletResponse response, WizardPanelBase panel) - throws IOException { + public static X509CertImpl createRemoteCert(String hostname, + int port, String content, HttpServletResponse response, WizardPanelBase panel) + throws IOException { HttpClient httpclient = new HttpClient(); String c = null; CMS.debug("CertUtil createRemoteCert: content " + content); @@ -104,9 +103,9 @@ public class CertUtil { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "CertUtil::createRemoteCert() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("CertUtil::createRemoteCert() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -136,7 +135,7 @@ public class CertUtil { return null; } - public static String getPKCS10(IConfigStore config, String prefix, + public static String getPKCS10(IConfigStore config, String prefix, Cert certObj, Context context) throws IOException { String certTag = certObj.getCertTag(); @@ -147,29 +146,29 @@ public class CertUtil { String algorithm = config.getString( prefix + certTag + ".keyalgorithm"); if (pubKeyType.equals("rsa")) { - String pubKeyModulus = config.getString( - prefix + certTag + ".pubkey.modulus"); - String pubKeyPublicExponent = config.getString( - prefix + certTag + ".pubkey.exponent"); - pubk = CryptoUtil.getPublicX509Key( - CryptoUtil.string2byte(pubKeyModulus), - CryptoUtil.string2byte(pubKeyPublicExponent)); + String pubKeyModulus = config.getString( + prefix + certTag + ".pubkey.modulus"); + String pubKeyPublicExponent = config.getString( + prefix + certTag + ".pubkey.exponent"); + pubk = CryptoUtil.getPublicX509Key( + CryptoUtil.string2byte(pubKeyModulus), + CryptoUtil.string2byte(pubKeyPublicExponent)); } else if (pubKeyType.equals("ecc")) { - String pubKeyEncoded = config.getString( + String pubKeyEncoded = config.getString( prefix + certTag + ".pubkey.encoded"); - pubk = CryptoUtil.getPublicX509ECCKey( - CryptoUtil.string2byte(pubKeyEncoded)); + pubk = CryptoUtil.getPublicX509ECCKey( + CryptoUtil.string2byte(pubKeyEncoded)); } else { - CMS.debug( "CertRequestPanel::getPKCS10() - " - + "public key type is unsupported!" ); - throw new IOException( "public key type is unsupported" ); + CMS.debug("CertRequestPanel::getPKCS10() - " + + "public key type is unsupported!"); + throw new IOException("public key type is unsupported"); } if (pubk != null) { CMS.debug("CertRequestPanel: got public key"); } else { CMS.debug("CertRequestPanel: error getting public key null"); - throw new IOException( "public key is null" ); + throw new IOException("public key is null"); } // get private key String privKeyID = config.getString(prefix + certTag + ".privkey.id"); @@ -201,15 +200,14 @@ public class CertUtil { } } - -/* - * create requests so renewal can work on these initial certs - */ + /* + * create requests so renewal can work on these initial certs + */ public static IRequest createLocalRequest(IRequestQueue queue, String serialNum, X509CertInfo info) throws EBaseException { -// RequestId rid = new RequestId(serialNum); + // RequestId rid = new RequestId(serialNum); // just need a request, no need to get into a queue -// IRequest r = new EnrollmentRequest(rid); - CMS.debug("CertUtil: createLocalRequest for serial: "+ serialNum); + // IRequest r = new EnrollmentRequest(rid); + CMS.debug("CertUtil: createLocalRequest for serial: " + serialNum); IRequest req = queue.newRequest("enrollment"); CMS.debug("certUtil: newRequest called"); req.setExtData("profile", "true"); @@ -224,7 +222,7 @@ public class CertUtil { req.setExtData("requestor_phone", ""); req.setExtData("profileRemoteHost", ""); req.setExtData("profileRemoteAddr", ""); - req.setExtData("requestnotes",""); + req.setExtData("requestnotes", ""); req.setExtData("isencryptioncert", "false"); req.setExtData("profileapprovedby", "system"); @@ -235,13 +233,12 @@ public class CertUtil { return req; } -/** - * update local cert request with the actual request - * called from CertRequestPanel.java - */ - public static void updateLocalRequest(IConfigStore config, String certTag, String certReq, String reqType, String subjectName) - { - try { + /** + * update local cert request with the actual request + * called from CertRequestPanel.java + */ + public static void updateLocalRequest(IConfigStore config, String certTag, String certReq, String reqType, String subjectName) { + try { CMS.debug("Updating local request... certTag=" + certTag); RequestId rid = new RequestId(config.getString("preop.cert." + certTag + ".reqId")); @@ -262,54 +259,56 @@ public class CertUtil { } queue.updateRequest(req); } else { - CMS.debug("CertUtil:updateLocalRequest - request queue = null"); + CMS.debug("CertUtil:updateLocalRequest - request queue = null"); } } catch (Exception e) { CMS.debug("CertUtil:updateLocalRequest - Exception:" + e.toString()); } } -/** - * reads from the admin cert profile caAdminCert.profile and takes the first - * entry in the list of allowed algorithms. Users that wish a different algorithm - * can specify it in the profile using default.params.signingAlg - */ + /** + * reads from the admin cert profile caAdminCert.profile and takes the first + * entry in the list of allowed algorithms. Users that wish a different algorithm + * can specify it in the profile using default.params.signingAlg + */ public static String getAdminProfileAlgorithm(IConfigStore config) { String algorithm = "SHA256withRSA"; try { - String caSigningKeyType = config.getString("preop.cert.signing.keytype","rsa"); + String caSigningKeyType = config.getString("preop.cert.signing.keytype", "rsa"); String pfile = config.getString("profile.caAdminCert.config"); FileInputStream fis = new FileInputStream(pfile); DataInputStream in = new DataInputStream(fis); BufferedReader br = new BufferedReader(new InputStreamReader(in)); - String strLine; - while ((strLine = br.readLine()) != null) { - String marker2 = "default.params.signingAlg="; - int indx = strLine.indexOf(marker2); - if (indx != -1) { - String alg = strLine.substring(indx + marker2.length()); - if ((alg.length() > 0) && (!alg.equals("-"))) { - algorithm = alg; - break; - }; - }; - - String marker = "signingAlgsAllowed="; - indx = strLine.indexOf(marker); - if (indx != -1) { - String[] algs = strLine.substring(indx + marker.length()).split(","); - for (int i=0; i<algs.length; i++) { - if ((caSigningKeyType.equals("rsa") && (algs[i].indexOf("RSA") != -1)) || - (caSigningKeyType.equals("ecc") && (algs[i].indexOf("EC" ) != -1)) ) { - algorithm = algs[i]; - break; - } - } - } - } - in.close(); + String strLine; + while ((strLine = br.readLine()) != null) { + String marker2 = "default.params.signingAlg="; + int indx = strLine.indexOf(marker2); + if (indx != -1) { + String alg = strLine.substring(indx + marker2.length()); + if ((alg.length() > 0) && (!alg.equals("-"))) { + algorithm = alg; + break; + } + ; + } + ; + + String marker = "signingAlgsAllowed="; + indx = strLine.indexOf(marker); + if (indx != -1) { + String[] algs = strLine.substring(indx + marker.length()).split(","); + for (int i = 0; i < algs.length; i++) { + if ((caSigningKeyType.equals("rsa") && (algs[i].indexOf("RSA") != -1)) || + (caSigningKeyType.equals("ecc") && (algs[i].indexOf("EC") != -1))) { + algorithm = algs[i]; + break; + } + } + } + } + in.close(); } catch (Exception e) { CMS.debug("getAdminProfleAlgorithm: exception: " + e); } @@ -324,14 +323,15 @@ public class CertUtil { try { profile = config.getString(prefix + certTag + ".profile"); - } catch (Exception e) {} + } catch (Exception e) { + } X509CertImpl cert = null; ICertificateAuthority ca = null; ICertificateRepository cr = null; RequestId reqId = null; String profileId = null; - IRequestQueue queue = null; + IRequestQueue queue = null; IRequest req = null; try { @@ -355,7 +355,7 @@ public class CertUtil { CMS.debug("Creating local certificate... dn=" + dn); info = CryptoUtil.createX509CertInfo(x509key, serialNo.intValue(), dn, dn, date, date, keyAlgorithm); - } else { + } else { String issuerdn = config.getString("preop.cert.signing.dn", ""); CMS.debug("Creating local certificate... issuerdn=" + issuerdn); CMS.debug("Creating local certificate... dn=" + dn); @@ -375,7 +375,7 @@ public class CertUtil { queue = ca.getRequestQueue(); if (queue != null) { req = createLocalRequest(queue, serialNo.toString(), info); - CMS.debug("CertUtil profile name= "+profile); + CMS.debug("CertUtil profile name= " + profile); req.setExtData("req_key", x509key.toString()); // store original profile id in cert request @@ -387,7 +387,7 @@ public class CertUtil { String name = profile.substring(0, idx); req.setExtData("origprofileid", name); } - + // store mapped profile ID for use in renewal profileId = processor.getProfileIDMapping(); req.setExtData("profileid", profileId); @@ -399,7 +399,7 @@ public class CertUtil { CMS.debug("certUtil: requestQueue null"); } } catch (Exception e) { - CMS.debug("Creating local request exception:"+e.toString()); + CMS.debug("Creating local request exception:" + e.toString()); } processor.populate(info); @@ -410,36 +410,36 @@ public class CertUtil { PrivateKey caPrik = CryptoUtil.findPrivateKeyFromID( keyIDb); - if( caPrik == null ) { - CMS.debug( "CertUtil::createSelfSignedCert() - " - + "CA private key is null!" ); - throw new IOException( "CA private key is null" ); + if (caPrik == null) { + CMS.debug("CertUtil::createSelfSignedCert() - " + + "CA private key is null!"); + throw new IOException("CA private key is null"); } else { CMS.debug("CertUtil createSelfSignedCert: got CA private key"); } String keyAlgo = x509key.getAlgorithm(); CMS.debug("key algorithm is " + keyAlgo); - String caSigningKeyType = - config.getString("preop.cert.signing.keytype","rsa"); - String caSigningKeyAlgo = ""; - if (type.equals("selfsign")) { - caSigningKeyAlgo = config.getString("preop.cert.signing.keyalgorithm","SHA256withRSA"); + String caSigningKeyType = + config.getString("preop.cert.signing.keytype", "rsa"); + String caSigningKeyAlgo = ""; + if (type.equals("selfsign")) { + caSigningKeyAlgo = config.getString("preop.cert.signing.keyalgorithm", "SHA256withRSA"); } else { - caSigningKeyAlgo = config.getString("preop.cert.signing.signingalgorithm","SHA256withRSA"); + caSigningKeyAlgo = config.getString("preop.cert.signing.signingalgorithm", "SHA256withRSA"); } CMS.debug("CA Signing Key type " + caSigningKeyType); CMS.debug("CA Signing Key algorithm " + caSigningKeyAlgo); if (caSigningKeyType.equals("ecc")) { - CMS.debug("CA signing cert is ECC"); - cert = CryptoUtil.signECCCert(caPrik, info, - caSigningKeyAlgo); + CMS.debug("CA signing cert is ECC"); + cert = CryptoUtil.signECCCert(caPrik, info, + caSigningKeyAlgo); } else { - CMS.debug("CA signing cert is not ecc"); - cert = CryptoUtil.signCert(caPrik, info, - caSigningKeyAlgo); + CMS.debug("CA signing cert is not ecc"); + cert = CryptoUtil.signCert(caPrik, info, + caSigningKeyAlgo); } if (cert != null) { @@ -462,13 +462,13 @@ public class CertUtil { if (reqId != null) { meta.set(ICertRecord.META_REQUEST_ID, reqId.toString()); } - + meta.set(ICertRecord.META_PROFILE_ID, profileId); record = (ICertRecord) cr.createCertRecord( - cert.getSerialNumber(), cert, meta); + cert.getSerialNumber(), cert, meta); } catch (Exception e) { CMS.debug( - "NamePanel configCert: failed to add metainfo. Exception: " + e.toString()); + "NamePanel configCert: failed to add metainfo. Exception: " + e.toString()); } try { @@ -507,21 +507,21 @@ public class CertUtil { public static void addUserCertificate(X509CertImpl cert) { IConfigStore cs = CMS.getConfigStore(); - int num=0; + int num = 0; try { num = cs.getInteger("preop.subsystem.count", 0); } catch (Exception e) { } IUGSubsystem system = (IUGSubsystem) (CMS.getSubsystem(IUGSubsystem.ID)); - String id = "user"+num; + String id = "user" + num; - try { - String sysType = cs.getString("cs.type", ""); - String machineName = cs.getString("machineName", ""); - String securePort = cs.getString("service.securePort", ""); - id = sysType + "-" + machineName + "-" + securePort; + try { + String sysType = cs.getString("cs.type", ""); + String machineName = cs.getString("machineName", ""); + String securePort = cs.getString("service.securePort", ""); + id = sysType + "-" + machineName + "-" + securePort; } catch (Exception e1) { - // ignore + // ignore } num++; @@ -566,7 +566,7 @@ public class CertUtil { system.addUserCert(user); CMS.debug("CertUtil addUserCertificate: successfully add the user certificate"); } catch (Exception e) { - CMS.debug("CertUtil addUserCertificate exception="+e.toString()); + CMS.debug("CertUtil addUserCertificate exception=" + e.toString()); } IGroup group = null; @@ -603,17 +603,17 @@ public class CertUtil { } if (content.length() > 0) result.append(content); - result.append("\n"); + result.append("\n"); return result.toString(); } public static boolean privateKeyExistsOnToken(String certTag, - String tokenname, String nickname) { + String tokenname, String nickname) { IConfigStore cs = CMS.getConfigStore(); String givenid = ""; try { - givenid = cs.getString("preop.cert."+certTag+".privkey.id"); + givenid = cs.getString("preop.cert." + certTag + ".privkey.id"); } catch (Exception e) { CMS.debug("CertUtil privateKeyExistsOnToken: we did not generate private key yet."); return false; @@ -624,7 +624,7 @@ public class CertUtil { boolean hardware = false; if (!tokenname.equals("internal") && !tokenname.equals("Internal Key Storage Token")) { hardware = true; - fullnickname = tokenname+":"+nickname; + fullnickname = tokenname + ":" + nickname; } X509Certificate cert = null; @@ -633,7 +633,7 @@ public class CertUtil { cm = CryptoManager.getInstance(); cert = cm.findCertByNickname(fullnickname); } catch (Exception e) { - CMS.debug("CertUtil privateKeyExistsOnToken: nickname="+fullnickname+" Exception:"+e.toString()); + CMS.debug("CertUtil privateKeyExistsOnToken: nickname=" + fullnickname + " Exception:" + e.toString()); return false; } @@ -641,19 +641,19 @@ public class CertUtil { try { privKey = cm.findPrivKeyByCert(cert); } catch (Exception e) { - CMS.debug("CertUtil privateKeyExistsOnToken: cant find private key ("+fullnickname+") exception: "+e.toString()); + CMS.debug("CertUtil privateKeyExistsOnToken: cant find private key (" + fullnickname + ") exception: " + e.toString()); return false; } if (privKey == null) { - CMS.debug("CertUtil privateKeyExistsOnToken: cant find private key ("+fullnickname+")"); + CMS.debug("CertUtil privateKeyExistsOnToken: cant find private key (" + fullnickname + ")"); return false; } else { String str = ""; try { str = CryptoUtil.byte2string(privKey.getUniqueID()); } catch (Exception e) { - CMS.debug("CertUtil privateKeyExistsOnToken: encode string Exception: "+e.toString()); + CMS.debug("CertUtil privateKeyExistsOnToken: encode string Exception: " + e.toString()); } if (str.equals(givenid)) { diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CheckIdentity.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CheckIdentity.java index b3c10b6e..a28ae76b 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CheckIdentity.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CheckIdentity.java @@ -36,7 +36,6 @@ import com.netscape.cms.servlet.base.UserInfo; import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cmsutil.xml.XMLObject; - public class CheckIdentity extends CMSServlet { /** @@ -52,6 +51,7 @@ public class CheckIdentity extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -61,7 +61,8 @@ public class CheckIdentity extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. + * * @param cmsReq the object holding the request and response information */ protected void process(CMSRequest cmsReq) throws EBaseException { @@ -74,12 +75,12 @@ public class CheckIdentity extends CMSServlet { authToken = authenticate(cmsReq); } catch (Exception e) { CMS.debug("CheckIdentity authentication failed"); - log(ILogger.LL_FAILURE, + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", - e.toString())); + e.toString())); outputError(httpResp, "Error: Not authenticated"); return; - } + } try { XMLObject xmlObj = null; diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java index f2587300..5ae9bada 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigBaseServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.util.Enumeration; import javax.servlet.http.HttpServletRequest; @@ -28,7 +27,6 @@ import org.apache.velocity.context.Context; import com.netscape.certsrv.apps.CMS; - public abstract class ConfigBaseServlet extends BaseServlet { /** * @@ -50,7 +48,7 @@ public abstract class ConfigBaseServlet extends BaseServlet { public abstract void display(HttpServletRequest request, HttpServletResponse response, Context context); - public abstract void update(HttpServletRequest request, + public abstract void update(HttpServletRequest request, HttpServletResponse response, Context context); public abstract Template getTemplate(HttpServletRequest request, @@ -68,25 +66,25 @@ public abstract class ConfigBaseServlet extends BaseServlet { // __ (double underscores); however, in the event that // a security parameter slips through, we perform multiple // additional checks to insure that it is NOT displayed - if( pn.startsWith("__") || - pn.endsWith("password") || - pn.endsWith("passwd") || - pn.endsWith("pwd") || - pn.equalsIgnoreCase("admin_password_again") || - pn.equalsIgnoreCase("directoryManagerPwd") || - pn.equalsIgnoreCase("bindpassword") || - pn.equalsIgnoreCase("bindpwd") || - pn.equalsIgnoreCase("passwd") || - pn.equalsIgnoreCase("password") || - pn.equalsIgnoreCase("pin") || - pn.equalsIgnoreCase("pwd") || - pn.equalsIgnoreCase("pwdagain") || - pn.equalsIgnoreCase("uPasswd") ) { - CMS.debug("ConfigBaseServlet::service() param name='" + pn + - "' value='(sensitive)'" ); + if (pn.startsWith("__") || + pn.endsWith("password") || + pn.endsWith("passwd") || + pn.endsWith("pwd") || + pn.equalsIgnoreCase("admin_password_again") || + pn.equalsIgnoreCase("directoryManagerPwd") || + pn.equalsIgnoreCase("bindpassword") || + pn.equalsIgnoreCase("bindpwd") || + pn.equalsIgnoreCase("passwd") || + pn.equalsIgnoreCase("password") || + pn.equalsIgnoreCase("pin") || + pn.equalsIgnoreCase("pwd") || + pn.equalsIgnoreCase("pwdagain") || + pn.equalsIgnoreCase("uPasswd")) { + CMS.debug("ConfigBaseServlet::service() param name='" + pn + + "' value='(sensitive)'"); } else { - CMS.debug("ConfigBaseServlet::service() param name='" + pn + - "' value='" + httpReq.getParameter(pn) + "'" ); + CMS.debug("ConfigBaseServlet::service() param name='" + pn + + "' value='" + httpReq.getParameter(pn) + "'"); } } } @@ -97,7 +95,7 @@ public abstract class ConfigBaseServlet extends BaseServlet { public Template process(HttpServletRequest request, HttpServletResponse response, Context context) { - + if (CMS.debugOn()) { outputHttpParameters(request); } @@ -107,16 +105,16 @@ public abstract class ConfigBaseServlet extends BaseServlet { } else { update(request, response, context); } - + Template template = null; - + try { context.put("name", "Velocity Test"); template = getTemplate(request, response, context); } catch (Exception e) { System.err.println("Exception caught: " + e.getMessage()); } - + return template; } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCertApprovalCallback.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCertApprovalCallback.java index d95c85d1..956c285b 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCertApprovalCallback.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCertApprovalCallback.java @@ -20,16 +20,14 @@ package com.netscape.cms.servlet.csadmin; import org.mozilla.jss.crypto.X509Certificate; import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; - -public class ConfigCertApprovalCallback - implements SSLCertificateApprovalCallback { +public class ConfigCertApprovalCallback + implements SSLCertificateApprovalCallback { public ConfigCertApprovalCallback() { } public boolean approve(X509Certificate cert, - SSLCertificateApprovalCallback.ValidityStatus status) { - return true; + SSLCertificateApprovalCallback.ValidityStatus status) { + return true; } } - diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCertReqServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCertReqServlet.java index 37493b6b..b04de414 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCertReqServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCertReqServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -25,7 +24,6 @@ import org.apache.velocity.Template; import org.apache.velocity.app.Velocity; import org.apache.velocity.context.Context; - public class ConfigCertReqServlet extends BaseServlet { /** diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCloneServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCloneServlet.java index e7d88a35..ed1d9cc0 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCloneServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigCloneServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -25,7 +24,6 @@ import org.apache.velocity.Template; import org.apache.velocity.app.Velocity; import org.apache.velocity.context.Context; - public class ConfigCloneServlet extends BaseServlet { /** diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigDatabaseServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigDatabaseServlet.java index 08ebf08e..2b4a82a0 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigDatabaseServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigDatabaseServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -28,7 +27,6 @@ import org.apache.velocity.context.Context; import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.IConfigStore; - public class ConfigDatabaseServlet extends ConfigBaseServlet { /** @@ -47,7 +45,8 @@ public class ConfigDatabaseServlet extends ConfigBaseServlet { try { modified = cs.getString("preop.configDatabase.modified", ""); - } catch (Exception e) {} + } catch (Exception e) { + } if (modified.equals("true")) { return true; @@ -75,7 +74,8 @@ public class ConfigDatabaseServlet extends ConfigBaseServlet { basedn = cs.getString("internaldb.basedn", ""); binddn = cs.getString("internaldb.ldapauth.bindDN", ""); database = cs.getString("internaldb.database", ""); - } catch (Exception e) {} + } catch (Exception e) { + } } else { hostname = HOST; portStr = PORT; @@ -113,7 +113,7 @@ public class ConfigDatabaseServlet extends ConfigBaseServlet { int port = -1; try { - port = Integer.parseInt(portStr); + port = Integer.parseInt(portStr); cs.putInteger("internaldb.ldapconn.port", port); } catch (Exception e) { errorString = "Port is invalid"; @@ -159,7 +159,7 @@ public class ConfigDatabaseServlet extends ConfigBaseServlet { CMS.debug("ConfigDatabaseServlet update: " + e.toString()); return; } - psStore.putString("internaldb", bindpwd); + psStore.putString("internaldb", bindpwd); } else { errorString = "Bind password is empty string"; } @@ -189,7 +189,8 @@ public class ConfigDatabaseServlet extends ConfigBaseServlet { Context context) { try { return Velocity.getTemplate("admin/console/config/config_db.vm"); - } catch (Exception e) {} + } catch (Exception e) { + } return null; } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java index d04fbf2f..92e2ee39 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.FileNotFoundException; import java.io.IOException; @@ -46,7 +45,8 @@ public class ConfigHSMLoginPanel extends WizardPanelBase { private CryptoManager mCryptoManager = null; private String mPwdFilePath = ""; - public ConfigHSMLoginPanel() {} + public ConfigHSMLoginPanel() { + } public void init(ServletConfig config, int panelno) throws ServletException { try { @@ -132,7 +132,7 @@ public class ConfigHSMLoginPanel extends WizardPanelBase { CMS.debug("ConfigHSMLoginPanel: passwrd file path: " + e.toString()); } CMS.debug("ConfigHSMLoginPanel: checking if passwd in cache"); - String tokPwd = pr.getPassword("hardware-"+tokName); + String tokPwd = pr.getPassword("hardware-" + tokName); boolean loggedIn = false; @@ -157,48 +157,48 @@ public class ConfigHSMLoginPanel extends WizardPanelBase { password = new Password(tokPwd.toCharArray()); try { - if (token.passwordIsInitialized()) { - CMS.debug( - "ConfigHSMLoginPanel: loginToken():token password is initialized"); - if (!token.isLoggedIn()) { - CMS.debug( - "ConfigHSMLoginPanel: loginToken():Token is not logged in, try it"); - token.login(password); - context.put("status", "justLoggedIn"); - } else { - CMS.debug( - "ConfigHSMLoginPanel:Token has already logged on"); - context.put("status", "alreadyLoggedIn"); - } - } else { - CMS.debug( - "ConfigHSMLoginPanel: loginToken():Token password not initialized"); - context.put("status", "tokenPasswordNotInitialized"); - rv = false; - } - - } catch (IncorrectPasswordException e) { - context.put("status", "incorrectPassword"); - context.put("errorString", e.toString()); - CMS.debug("ConfigHSMLoginPanel: loginToken():" + e.toString()); - rv = false; - } catch (Exception e) { - CMS.debug("ConfigHSMLoginPanel: loginToken():" + e.toString()); - context.put("errorString", e.toString()); - rv = false; - } + if (token.passwordIsInitialized()) { + CMS.debug( + "ConfigHSMLoginPanel: loginToken():token password is initialized"); + if (!token.isLoggedIn()) { + CMS.debug( + "ConfigHSMLoginPanel: loginToken():Token is not logged in, try it"); + token.login(password); + context.put("status", "justLoggedIn"); + } else { + CMS.debug( + "ConfigHSMLoginPanel:Token has already logged on"); + context.put("status", "alreadyLoggedIn"); + } + } else { + CMS.debug( + "ConfigHSMLoginPanel: loginToken():Token password not initialized"); + context.put("status", "tokenPasswordNotInitialized"); + rv = false; + } + + } catch (IncorrectPasswordException e) { + context.put("status", "incorrectPassword"); + context.put("errorString", e.toString()); + CMS.debug("ConfigHSMLoginPanel: loginToken():" + e.toString()); + rv = false; + } catch (Exception e) { + CMS.debug("ConfigHSMLoginPanel: loginToken():" + e.toString()); + context.put("errorString", e.toString()); + rv = false; + } return rv; } // XXX how do you do this? public PropertySet getUsage() { PropertySet set = new PropertySet(); - + Descriptor choiceDesc = new Descriptor(IDescriptor.CHOICE, "", "", null); /* no default parameters */ set.add( "choice", choiceDesc); - + return set; } @@ -220,10 +220,10 @@ public class ConfigHSMLoginPanel extends WizardPanelBase { select = cs.getString("preop.subsystem.select", ""); } catch (Exception e) { } - -// if (select.equals("clone")) - // return; - + + // if (select.equals("clone")) + // return; + CMS.debug("ConfigHSMLoginPanel: in update()"); String uTokName = null; @@ -233,7 +233,7 @@ public class ConfigHSMLoginPanel extends WizardPanelBase { uPasswd = HttpInput.getPassword(request, "__uPasswd"); } catch (Exception e) { } - + if (uPasswd == null) { CMS.debug("ConfigHSMLoginPanel: password not found"); context.put("error", "no password"); @@ -270,13 +270,13 @@ public class ConfigHSMLoginPanel extends WizardPanelBase { PlainPasswordWriter pw = new PlainPasswordWriter(); pw.init(mPwdFilePath); - pw.putPassword("hardware-"+uTokName, uPasswd); + pw.putPassword("hardware-" + uTokName, uPasswd); pw.commit(); } catch (FileNotFoundException e) { CMS.debug( "ConfigHSMLoginPanel: update(): Exception caught: " - + e.toString() + " writing to "+ mPwdFilePath); + + e.toString() + " writing to " + mPwdFilePath); CMS.debug( "ConfigHSMLoginPanel: update(): password not written to cache"); System.err.println("Exception caught: " + e.toString()); @@ -288,7 +288,7 @@ public class ConfigHSMLoginPanel extends WizardPanelBase { System.err.println("Exception caught: " + e.toString()); context.put("error", "Exception:" + e.toString()); } - + } // found password context.put("panel", "admin/console/config/config_hsmloginpanel.vm"); @@ -308,4 +308,3 @@ public class ConfigHSMLoginPanel extends WizardPanelBase { context.put("panel", "admin/console/config/config_hsmloginpanel.vm"); } } - diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigHSMServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigHSMServlet.java index bfc6e278..9428ecce 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigHSMServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigHSMServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.util.Enumeration; import java.util.Hashtable; import java.util.Vector; @@ -39,7 +38,6 @@ import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.IConfigStore; import com.netscape.cmsutil.crypto.Module; - public class ConfigHSMServlet extends ConfigBaseServlet { /** * @@ -131,9 +129,9 @@ public class ConfigHSMServlet extends ConfigBaseServlet { } else { CMS.debug( "ConfigHSMServlet: token " + token.getName() - + " not to be added"); + + " not to be added"); } - + } catch (TokenException ex) { CMS.debug("ConfigHSMServlet:" + ex.toString()); } @@ -165,11 +163,11 @@ public class ConfigHSMServlet extends ConfigBaseServlet { if ((cn == null) || (cn.equals(""))) { break; } - + CMS.debug("ConfigHSMServlet: got from config module: " + cn); // create a Module object Module module = new Module(cn, pn, img); - + if (mCurrModTable.containsKey(cn)) { CMS.debug("ConfigHSMServlet: module found: " + cn); module.setFound(true); @@ -178,7 +176,7 @@ public class ConfigHSMServlet extends ConfigBaseServlet { loadModTokens(module, m); } - + CMS.debug("ConfigHSMServlet: adding module " + cn); // add module to set if (!mSupportedModules.contains(module)) { @@ -290,8 +288,8 @@ public class ConfigHSMServlet extends ConfigBaseServlet { Context context) { try { return Velocity.getTemplate("admin/console/config/config_hsm.vm"); - } catch (Exception e) {} + } catch (Exception e) { + } return null; } } - diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigImportCertServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigImportCertServlet.java index 3b3b8a64..c65e559d 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigImportCertServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigImportCertServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -25,7 +24,6 @@ import org.apache.velocity.Template; import org.apache.velocity.app.Velocity; import org.apache.velocity.context.Context; - public class ConfigImportCertServlet extends BaseServlet { /** diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigJoinServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigJoinServlet.java index 01917303..5d50193c 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigJoinServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigJoinServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -30,7 +29,6 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.IConfigStore; import com.netscape.cmsutil.crypto.CryptoUtil; - public class ConfigJoinServlet extends ConfigBaseServlet { /** @@ -52,12 +50,13 @@ public class ConfigJoinServlet extends ConfigBaseServlet { public boolean isPanelModified() { IConfigStore config = CMS.getConfigStore(); - + String cert = null; try { cert = config.getString("preop.join.cert", null); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } if (cert == null || cert.equals("")) { return false; } else { @@ -69,7 +68,7 @@ public class ConfigJoinServlet extends ConfigBaseServlet { * Displays panel. */ public void display(HttpServletRequest request, - HttpServletResponse response, + HttpServletResponse response, Context context) { IConfigStore config = CMS.getConfigStore(); @@ -85,7 +84,8 @@ public class ConfigJoinServlet extends ConfigBaseServlet { CryptoUtil.string2byte(pubKeyPublicExponent), CryptoUtil.string2byte(priKeyID)); context.put("certreq", pkcs10); - } catch (Exception e) {} + } catch (Exception e) { + } String select = "auto"; boolean select_manual = true; @@ -94,8 +94,8 @@ public class ConfigJoinServlet extends ConfigBaseServlet { try { select = config.getString("preop.join.select", null); } catch (EBaseException e) { - CMS.debug( "ConfigJoinServlet::display() - " - + "Exception="+e.toString() ); + CMS.debug("ConfigJoinServlet::display() - " + + "Exception=" + e.toString()); return; } if (select.equals("auto")) { @@ -109,12 +109,13 @@ public class ConfigJoinServlet extends ConfigBaseServlet { String cert = config.getString("preop.join.cert", ""); context.put("cert", cert); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } } } else { context.put("cert", ""); } - if (select_manual) { + if (select_manual) { context.put("check_manual", "checked"); context.put("check_auto", ""); } else { @@ -128,7 +129,7 @@ public class ConfigJoinServlet extends ConfigBaseServlet { * Updates panel. */ public void update(HttpServletRequest request, - HttpServletResponse response, + HttpServletResponse response, Context context) { CMS.debug("JoinServlet: update"); IConfigStore config = CMS.getConfigStore(); @@ -160,9 +161,10 @@ public class ConfigJoinServlet extends ConfigBaseServlet { } config.putString("preop.join.select", select); config.commit(false); - } catch (Exception e) {} + } catch (Exception e) { + } } - + public Template getTemplate(HttpServletRequest request, HttpServletResponse response, Context context) { diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigRootCAServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigRootCAServlet.java index 895c75ac..44046fdc 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigRootCAServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ConfigRootCAServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.util.Vector; import javax.servlet.http.HttpServletRequest; @@ -32,7 +31,6 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.IConfigStore; import com.netscape.certsrv.profile.CertInfoProfile; - public class ConfigRootCAServlet extends ConfigBaseServlet { /** @@ -54,12 +52,13 @@ public class ConfigRootCAServlet extends ConfigBaseServlet { public boolean isPanelModified() { IConfigStore config = CMS.getConfigStore(); - + String profile = null; try { profile = config.getString("preop.hierarchy.profile", null); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } if (profile == null || profile.equals("")) { return false; } else { @@ -73,7 +72,8 @@ public class ConfigRootCAServlet extends ConfigBaseServlet { try { instancePath = config.getString("instanceRoot"); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } String p[] = { "caCert.profile" }; Vector profiles = new Vector(); @@ -81,13 +81,14 @@ public class ConfigRootCAServlet extends ConfigBaseServlet { try { profiles.addElement( new CertInfoProfile(instancePath + "/conf/" + p[i])); - } catch (Exception e) {} + } catch (Exception e) { + } } return profiles; } public void display(HttpServletRequest request, - HttpServletResponse response, + HttpServletResponse response, Context context) { IConfigStore config = CMS.getConfigStore(); String profile = null; @@ -95,7 +96,8 @@ public class ConfigRootCAServlet extends ConfigBaseServlet { if (isPanelModified()) { try { profile = config.getString("preop.hierarchy.profile", null); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } } if (profile == null) { profile = "caCert.profile"; @@ -108,15 +110,16 @@ public class ConfigRootCAServlet extends ConfigBaseServlet { } public void update(HttpServletRequest request, - HttpServletResponse response, + HttpServletResponse response, Context context) { String profile = request.getParameter("profile"); IConfigStore config = CMS.getConfigStore(); config.putString("preop.hierarchy.profile", profile); try { - config.commit(false); - } catch (Exception e) {} + config.commit(false); + } catch (Exception e) { + } context.put("status", "update"); context.put("error", ""); Vector profiles = getProfiles(); @@ -124,7 +127,7 @@ public class ConfigRootCAServlet extends ConfigBaseServlet { context.put("profiles", profiles); context.put("selected_profile_id", profile); } - + public Template getTemplate(HttpServletRequest request, HttpServletResponse response, Context context) { diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java index daf14c9e..377043d5 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.net.URL; import java.util.StringTokenizer; @@ -39,19 +38,20 @@ import com.netscape.cms.servlet.wizard.WizardServlet; public class CreateSubsystemPanel extends WizardPanelBase { - public CreateSubsystemPanel() {} + public CreateSubsystemPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Subsystem Selection"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Subsystem Type"); setId(id); @@ -72,15 +72,16 @@ public class CreateSubsystemPanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + /* XXX */ - + return set; } @@ -112,8 +113,8 @@ public class CreateSubsystemPanel extends WizardPanelBase { context.put("check_newsubsystem", ""); context.put("check_clonesubsystem", "checked"); } - context.put("subsystemName", - config.getString("preop.subsystem.name")); + context.put("subsystemName", + config.getString("preop.subsystem.name")); } catch (Exception e) { CMS.debug(e.toString()); } @@ -121,8 +122,8 @@ public class CreateSubsystemPanel extends WizardPanelBase { context.put("check_newsubsystem", "checked"); context.put("check_clonesubsystem", ""); try { - context.put("subsystemName", - config.getString("preop.system.fullname")); + context.put("subsystemName", + config.getString("preop.system.fullname")); } catch (Exception e) { CMS.debug(e.toString()); } @@ -144,7 +145,7 @@ public class CreateSubsystemPanel extends WizardPanelBase { } catch (EBaseException e) { } - Vector v = getUrlListFromSecurityDomain(config, cstype, "SecurePort" ); + Vector v = getUrlListFromSecurityDomain(config, cstype, "SecurePort"); StringBuffer list = new StringBuffer(); int size = v.size(); @@ -164,7 +165,7 @@ public class CreateSubsystemPanel extends WizardPanelBase { errorString = "Internal error, cs.type is missing from CS.cfg"; } - if (list.length()==0) + if (list.length() == 0) context.put("disableClone", "true"); context.put("panel", "admin/console/config/createsubsystempanel.vm"); @@ -196,8 +197,8 @@ public class CreateSubsystemPanel extends WizardPanelBase { throw new IOException("choice not found"); } - config.putString("preop.subsystem.name", - HttpInput.getName(request, "subsystemName")); + config.putString("preop.subsystem.name", + HttpInput.getName(request, "subsystemName")); if (select.equals("newsubsystem")) { config.putString("preop.subsystem.select", "new"); config.putString("subsystem.select", "New"); @@ -209,7 +210,7 @@ public class CreateSubsystemPanel extends WizardPanelBase { } cstype = toLowerCaseSubsystemType(cstype); - + config.putString("preop.subsystem.select", "clone"); config.putString("subsystem.select", "Clone"); @@ -223,9 +224,9 @@ public class CreateSubsystemPanel extends WizardPanelBase { while (t.hasMoreTokens()) { String tag = t.nextToken(); if (tag.equals("sslserver")) - config.putBoolean(PCERT_PREFIX+tag+".enable", true); - else - config.putBoolean(PCERT_PREFIX+tag+".enable", false); + config.putBoolean(PCERT_PREFIX + tag + ".enable", true); + else + config.putBoolean(PCERT_PREFIX + tag + ".enable", false); } // get the master CA @@ -254,10 +255,10 @@ public class CreateSubsystemPanel extends WizardPanelBase { String host = u.getHost(); int https_ee_port = u.getPort(); - String https_admin_port = getSecurityDomainAdminPort( config, + String https_admin_port = getSecurityDomainAdminPort(config, host, String.valueOf(https_ee_port), - cstype ); + cstype); config.putString("preop.master.hostname", host); config.putInteger("preop.master.httpsport", https_ee_port); @@ -265,12 +266,12 @@ public class CreateSubsystemPanel extends WizardPanelBase { ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); if (cstype.equals("ca")) { - updateCertChainUsingSecureEEPort( config, "clone", host, https_ee_port, - true, context, certApprovalCallback ); + updateCertChainUsingSecureEEPort(config, "clone", host, https_ee_port, + true, context, certApprovalCallback); } - getTokenInfo(config, cstype, host, https_ee_port, true, context, - certApprovalCallback); + getTokenInfo(config, cstype, host, https_ee_port, true, context, + certApprovalCallback); } else { CMS.debug("CreateSubsystemPanel: invalid choice " + select); errorString = "Invalid choice"; diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java index e18d86cf..d3867e52 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.BufferedReader; import java.io.File; import java.io.FileOutputStream; @@ -64,7 +63,7 @@ import com.netscape.cmsutil.ldap.LDAPUtil; public class DatabasePanel extends WizardPanelBase { private static final String HOST = "localhost"; - private static final String CLONE_HOST="Enter FQDN here"; + private static final String CLONE_HOST = "Enter FQDN here"; private static final String PORT = "389"; private static final String BASEDN = "o=netscapeCertificateServer"; private static final String BINDDN = "cn=Directory Manager"; @@ -74,19 +73,20 @@ public class DatabasePanel extends WizardPanelBase { private WizardServlet mServlet = null; - public DatabasePanel() {} + public DatabasePanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Internal Database"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Internal Database"); setId(id); @@ -109,7 +109,8 @@ public class DatabasePanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } @@ -120,7 +121,7 @@ public class DatabasePanel extends WizardPanelBase { "Host name"); set.add("hostname", hostDesc); - + Descriptor portDesc = new Descriptor(IDescriptor.INTEGER, null, null, "Port"); @@ -130,14 +131,14 @@ public class DatabasePanel extends WizardPanelBase { "Base DN"); set.add("basedn", basednDesc); - + Descriptor binddnDesc = new Descriptor(IDescriptor.STRING, null, null, "Bind DN"); set.add("binddn", binddnDesc); Descriptor bindpwdDesc = new Descriptor(IDescriptor.PASSWORD, null, null, - "Bind Password"); + "Bind Password"); set.add("bindpwd", bindpwdDesc); @@ -187,8 +188,8 @@ public class DatabasePanel extends WizardPanelBase { basedn = cs.getString("internaldb.basedn", ""); binddn = cs.getString("internaldb.ldapauth.bindDN", ""); database = cs.getString("internaldb.database", ""); - secure = cs.getString("internaldb.ldapconn.secureConn", ""); - cloneStartTLS = cs.getString("internaldb.ldapconn.cloneStartTLS", ""); + secure = cs.getString("internaldb.ldapconn.secureConn", ""); + cloneStartTLS = cs.getString("internaldb.ldapconn.cloneStartTLS", ""); errorString = cs.getString("preop.database.errorString", ""); } catch (Exception e) { CMS.debug("DatabasePanel display: " + e.toString()); @@ -199,12 +200,12 @@ public class DatabasePanel extends WizardPanelBase { try { basedn = cs.getString("internaldb.basedn", ""); } catch (Exception e) { - CMS.debug( "DatabasePanel::display() - " - + "Exception="+e.toString() ); + CMS.debug("DatabasePanel::display() - " + + "Exception=" + e.toString()); return; } binddn = BINDDN; - database = basedn.substring(basedn.lastIndexOf('=')+1); + database = basedn.substring(basedn.lastIndexOf('=') + 1); CMS.debug("Clone: database=" + database); } else { hostname = HOST; @@ -223,11 +224,10 @@ public class DatabasePanel extends WizardPanelBase { boolean multipleEnable = false; try { multipleEnable = cs.getBoolean( - "internaldb.multipleSuffix.enable", false); + "internaldb.multipleSuffix.enable", false); } catch (Exception e) { } - - + if (multipleEnable) basedn = "ou=" + instanceId + "," + suffix; else @@ -243,15 +243,14 @@ public class DatabasePanel extends WizardPanelBase { context.put("binddn", binddn); context.put("bindpwd", bindpwd); context.put("database", database); - context.put("secureConn", (secure.equals("true")? "on":"off")); - context.put("cloneStartTLS", (cloneStartTLS.equals("true")? "on":"off")); + context.put("secureConn", (secure.equals("true") ? "on" : "off")); + context.put("cloneStartTLS", (cloneStartTLS.equals("true") ? "on" : "off")); context.put("panel", "admin/console/config/databasepanel.vm"); context.put("errorString", errorString); } public void initParams(HttpServletRequest request, Context context) - throws IOException - { + throws IOException { IConfigStore config = CMS.getConfigStore(); String select = ""; try { @@ -395,8 +394,7 @@ public class DatabasePanel extends WizardPanelBase { } private LDAPConnection getLocalLDAPConn(Context context, String secure) - throws IOException - { + throws IOException { IConfigStore cs = CMS.getConfigStore(); String host = ""; @@ -409,7 +407,7 @@ public class DatabasePanel extends WizardPanelBase { host = cs.getString("internaldb.ldapconn.host"); port = cs.getString("internaldb.ldapconn.port"); binddn = cs.getString("internaldb.ldapauth.bindDN"); - pwd = (String) context.get("bindpwd"); + pwd = (String) context.get("bindpwd"); security = cs.getString("internaldb.ldapconn.secureConn"); } catch (Exception e) { CMS.debug("DatabasePanel populateDB: " + e.toString()); @@ -428,12 +426,12 @@ public class DatabasePanel extends WizardPanelBase { LDAPConnection conn = null; if (security.equals("true")) { - CMS.debug("DatabasePanel populateDB: creating secure (SSL) connection for internal ldap"); - conn = new LDAPConnection(CMS.getLdapJssSSLSocketFactory()); - } else { - CMS.debug("DatabasePanel populateDB: creating non-secure (non-SSL) connection for internal ldap"); - conn = new LDAPConnection(); - } + CMS.debug("DatabasePanel populateDB: creating secure (SSL) connection for internal ldap"); + conn = new LDAPConnection(CMS.getLdapJssSSLSocketFactory()); + } else { + CMS.debug("DatabasePanel populateDB: creating non-secure (non-SSL) connection for internal ldap"); + conn = new LDAPConnection(); + } CMS.debug("DatabasePanel connecting to " + host + ":" + p); try { @@ -443,81 +441,78 @@ public class DatabasePanel extends WizardPanelBase { throw new IOException("Failed to connect to the internal database."); } - return conn; + return conn; } - private boolean deleteDir(File dir) - { + private boolean deleteDir(File dir) { if (dir.isDirectory()) { String[] children = dir.list(); - for (int i=0; i<children.length; i++) { + for (int i = 0; i < children.length; i++) { boolean success = deleteDir(new File(dir, children[i])); if (!success) { return false; } } } - + // The directory is now empty so delete it return dir.delete(); - } + } - private void cleanupDB(LDAPConnection conn, String baseDN, String database) - { + private void cleanupDB(LDAPConnection conn, String baseDN, String database) { String[] entries = {}; String filter = "objectclass=*"; LDAPSearchConstraints cons = null; String[] attrs = null; - String dn=""; + String dn = ""; try { CMS.debug("Deleting baseDN: " + baseDN); LDAPSearchResults res = conn.search(baseDN, LDAPConnection.SCOPE_BASE, filter, - attrs, true, cons); - if (res != null) - deleteEntries(res, conn, baseDN, entries); + attrs, true, cons); + if (res != null) + deleteEntries(res, conn, baseDN, entries); + } catch (LDAPException e) { } - catch (LDAPException e) {} - + try { - dn="cn=mapping tree, cn=config"; - filter = "nsslapd-backend=" + database; - LDAPSearchResults res = conn.search(dn, LDAPConnection.SCOPE_ONE, filter, - attrs, true, cons); - if (res != null) { - while (res.hasMoreElements()) { - dn = res.next().getDN(); - filter = "objectclass=*"; - LDAPSearchResults res2 = conn.search(dn, LDAPConnection.SCOPE_BASE, filter, - attrs, true, cons); - if (res2 != null) - deleteEntries(res2, conn, dn, entries); - } - } - } - catch (LDAPException e) {} + dn = "cn=mapping tree, cn=config"; + filter = "nsslapd-backend=" + database; + LDAPSearchResults res = conn.search(dn, LDAPConnection.SCOPE_ONE, filter, + attrs, true, cons); + if (res != null) { + while (res.hasMoreElements()) { + dn = res.next().getDN(); + filter = "objectclass=*"; + LDAPSearchResults res2 = conn.search(dn, LDAPConnection.SCOPE_BASE, filter, + attrs, true, cons); + if (res2 != null) + deleteEntries(res2, conn, dn, entries); + } + } + } catch (LDAPException e) { + } try { dn = "cn=" + database + ",cn=ldbm database, cn=plugins, cn=config"; LDAPSearchResults res = conn.search(dn, LDAPConnection.SCOPE_BASE, filter, - attrs, true, cons); + attrs, true, cons); if (res != null) { deleteEntries(res, conn, dn, entries); - String dbdir = getInstanceDir(conn) + "/db/" + database; - if (dbdir != null) { - CMS.debug(" Deleting dbdir " + dbdir); + String dbdir = getInstanceDir(conn) + "/db/" + database; + if (dbdir != null) { + CMS.debug(" Deleting dbdir " + dbdir); boolean success = deleteDir(new File(dbdir)); if (!success) { CMS.debug("Unable to delete database directory " + dbdir); } } } + } catch (LDAPException e) { } - catch (LDAPException e) {} } - - private void populateDB(HttpServletRequest request, Context context, String secure) - throws IOException { + private void populateDB(HttpServletRequest request, Context context, String secure) + throws IOException { IConfigStore cs = CMS.getConfigStore(); String baseDN = ""; @@ -542,41 +537,44 @@ public class DatabasePanel extends WizardPanelBase { boolean foundDatabase = false; try { LDAPEntry entry = conn.read(baseDN); - if (entry != null) foundBaseDN = true; + if (entry != null) + foundBaseDN = true; } catch (LDAPException e) { - switch( e.getLDAPResultCode() ) { - case LDAPException.NO_SUCH_OBJECT: - break; - default: - CMS.debug("DatabasePanel update: LDAPException " + e.toString()); - throw new IOException("Failed to create the database"); + switch (e.getLDAPResultCode()) { + case LDAPException.NO_SUCH_OBJECT: + break; + default: + CMS.debug("DatabasePanel update: LDAPException " + e.toString()); + throw new IOException("Failed to create the database"); } } try { dn = "cn=" + database + ",cn=ldbm database, cn=plugins, cn=config"; LDAPEntry entry = conn.read(dn); - if (entry != null) foundDatabase = true; + if (entry != null) + foundDatabase = true; } catch (LDAPException e) { - switch( e.getLDAPResultCode() ) { - case LDAPException.NO_SUCH_OBJECT: - break; - default: - CMS.debug("DatabasePanel update: LDAPException " + e.toString()); - throw new IOException("Failed to create the database"); + switch (e.getLDAPResultCode()) { + case LDAPException.NO_SUCH_OBJECT: + break; + default: + CMS.debug("DatabasePanel update: LDAPException " + e.toString()); + throw new IOException("Failed to create the database"); } } try { dn = "cn=\"" + baseDN + "\",cn=mapping tree, cn=config"; LDAPEntry entry = conn.read(dn); - if (entry != null) foundDatabase = true; + if (entry != null) + foundDatabase = true; } catch (LDAPException e) { - switch( e.getLDAPResultCode() ) { - case LDAPException.NO_SUCH_OBJECT: - break; - default: - CMS.debug("DatabasePanel update: LDAPException " + e.toString()); - throw new IOException("Failed to create the database"); + switch (e.getLDAPResultCode()) { + case LDAPException.NO_SUCH_OBJECT: + break; + default: + CMS.debug("DatabasePanel update: LDAPException " + e.toString()); + throw new IOException("Failed to create the database"); } } @@ -584,8 +582,7 @@ public class DatabasePanel extends WizardPanelBase { CMS.debug("DatabasePanel update: This database has already been used."); if (remove == null) { throw new IOException("This database has already been used. Select the checkbox below to remove all data and reuse this database"); - } - else { + } else { CMS.debug("DatabasePanel update: Deleting existing DB and reusing base DN"); cleanupDB(conn, baseDN, database); foundBaseDN = false; @@ -596,9 +593,8 @@ public class DatabasePanel extends WizardPanelBase { if (foundBaseDN) { CMS.debug("DatabasePanel update: This base DN has already been used."); if (remove == null) { - throw new IOException("This base DN ("+baseDN+") has already been used. Select the checkbox below to remove all data and reuse this base DN"); - } - else { + throw new IOException("This base DN (" + baseDN + ") has already been used. Select the checkbox below to remove all data and reuse this base DN"); + } else { CMS.debug("DatabasePanel update: Deleting existing DB and reusing base DN"); cleanupDB(conn, baseDN, database); foundBaseDN = false; @@ -609,7 +605,7 @@ public class DatabasePanel extends WizardPanelBase { // create database try { LDAPAttributeSet attrs = new LDAPAttributeSet(); - String oc[] = { "top", "extensibleObject", "nsBackendInstance"}; + String oc[] = { "top", "extensibleObject", "nsBackendInstance" }; attrs.add(new LDAPAttribute("objectClass", oc)); attrs.add(new LDAPAttribute("cn", database)); attrs.add(new LDAPAttribute("nsslapd-suffix", baseDN)); @@ -623,7 +619,7 @@ public class DatabasePanel extends WizardPanelBase { try { LDAPAttributeSet attrs = new LDAPAttributeSet(); - String oc2[] = { "top", "extensibleObject", "nsMappingTree"}; + String oc2[] = { "top", "extensibleObject", "nsMappingTree" }; attrs.add(new LDAPAttribute("objectClass", oc2)); attrs.add(new LDAPAttribute("cn", baseDN)); attrs.add(new LDAPAttribute("nsslapd-backend", database)); @@ -644,19 +640,19 @@ public class DatabasePanel extends WizardPanelBase { String n = st.nextToken(); String v = st.nextToken(); LDAPAttributeSet attrs = new LDAPAttributeSet(); - String oc3[] = { "top", "domain"}; + String oc3[] = { "top", "domain" }; if (n.equals("o")) { - oc3[1] = "organization"; + oc3[1] = "organization"; } else if (n.equals("ou")) { - oc3[1] = "organizationalUnit"; - } + oc3[1] = "organizationalUnit"; + } attrs.add(new LDAPAttribute("objectClass", oc3)); attrs.add(new LDAPAttribute(n, v)); LDAPEntry entry = new LDAPEntry(baseDN, attrs); conn.add(entry); } catch (Exception e) { CMS.debug("Warning: suffix creation error - " + e.toString()); - throw new IOException("Failed to create the base DN: "+baseDN); + throw new IOException("Failed to create the base DN: " + baseDN); } // check to see if the base dn exists @@ -666,15 +662,17 @@ public class DatabasePanel extends WizardPanelBase { LDAPEntry entry = conn.read(baseDN); if (entry != null) { - foundBaseDN = true; + foundBaseDN = true; } - } catch (LDAPException e) {} + } catch (LDAPException e) { + } boolean createBaseDN = true; boolean testing = false; try { testing = cs.getBoolean("internaldb.multipleSuffix.enable", false); - } catch (Exception e) {} + } catch (Exception e) { + } if (!foundBaseDN) { if (!testing) { @@ -697,7 +695,7 @@ public class DatabasePanel extends WizardPanelBase { // support only one level creation - create new entry // right under the suffix LDAPAttributeSet attrs = new LDAPAttributeSet(); - String oc[] = { "top", "organizationalUnit"}; + String oc[] = { "top", "organizationalUnit" }; attrs.add(new LDAPAttribute("objectClass", oc)); attrs.add(new LDAPAttribute("ou", dns2[0])); @@ -705,7 +703,7 @@ public class DatabasePanel extends WizardPanelBase { try { conn.add(entry); - foundBaseDN = true; + foundBaseDN = true; CMS.debug("DatabasePanel added " + baseDN); } catch (LDAPException e) { throw new IOException("Failed to create " + baseDN); @@ -723,25 +721,26 @@ public class DatabasePanel extends WizardPanelBase { } if (select.equals("clone")) { - // if this is clone, add index before replication - // don't put in the schema or bad things will happen - - importLDIFS("preop.internaldb.ldif", conn); - importLDIFS("preop.internaldb.index_ldif", conn); + // if this is clone, add index before replication + // don't put in the schema or bad things will happen + + importLDIFS("preop.internaldb.ldif", conn); + importLDIFS("preop.internaldb.index_ldif", conn); } else { - // data will be replicated from the master to the clone - // so clone does not need the data - // + // data will be replicated from the master to the clone + // so clone does not need the data + // - importLDIFS("preop.internaldb.schema.ldif", conn); - importLDIFS("preop.internaldb.ldif", conn); - importLDIFS("preop.internaldb.data_ldif", conn); - importLDIFS("preop.internaldb.index_ldif", conn); + importLDIFS("preop.internaldb.schema.ldif", conn); + importLDIFS("preop.internaldb.ldif", conn); + importLDIFS("preop.internaldb.data_ldif", conn); + importLDIFS("preop.internaldb.index_ldif", conn); } try { conn.disconnect(); - } catch (LDAPException e) {} + } catch (LDAPException e) { + } } private void importLDIFS(String param, LDAPConnection conn) throws IOException { @@ -751,11 +750,11 @@ public class DatabasePanel extends WizardPanelBase { CMS.debug("DatabasePanel populateDB param=" + param); try { v = cs.getString(param); - } catch (EBaseException e) { + } catch (EBaseException e) { CMS.debug("DatabasePanel populateDB: " + e.toString()); throw new IOException("Cant find ldif files."); } - + StringTokenizer tokenizer = new StringTokenizer(v, ","); String baseDN = null; String database = null; @@ -787,13 +786,12 @@ public class DatabasePanel extends WizardPanelBase { String instanceId = null; try { - instanceId = cs.getString("instanceId"); + instanceId = cs.getString("instanceId"); } catch (EBaseException e) { throw new IOException("instanceId is missing"); } - - String configDir = instancePath + File.separator + "conf"; + String configDir = instancePath + File.separator + "conf"; while (tokenizer.hasMoreTokens()) { String token = tokenizer.nextToken().trim(); @@ -846,11 +844,11 @@ public class DatabasePanel extends WizardPanelBase { if (!endOfline) { ps.println(s); } - } + } } in.close(); ps.close(); - } catch (Exception e) { + } catch (Exception e) { CMS.debug("DBSubsystem popuateDB: " + e.toString()); throw new IOException( "Problem of copying ldif file: " + filename); @@ -867,7 +865,7 @@ public class DatabasePanel extends WizardPanelBase { HttpServletResponse response, Context context) throws IOException { IConfigStore cs = CMS.getConfigStore(); - boolean hasErr = false; + boolean hasErr = false; boolean firsttime = false; context.put("firsttime", "false"); @@ -903,17 +901,17 @@ public class DatabasePanel extends WizardPanelBase { cs.putString("internaldb.ldapauth.bindDN", binddn); cs.putString("internaldb.database", database2); String secure = HttpInput.getCheckbox(request, "secureConn"); - cs.putString("internaldb.ldapconn.secureConn", (secure.equals("on")?"true":"false")); + cs.putString("internaldb.ldapconn.secureConn", (secure.equals("on") ? "true" : "false")); String cloneStartTLS = HttpInput.getCheckbox(request, "cloneStartTLS"); - cs.putString("internaldb.ldapconn.cloneStartTLS", (cloneStartTLS.equals("on")?"true":"false")); + cs.putString("internaldb.ldapconn.cloneStartTLS", (cloneStartTLS.equals("on") ? "true" : "false")); String remove = HttpInput.getID(request, "removeData"); if (isPanelDone() && (remove == null || remove.equals(""))) { - /* if user submits the same data, they just want to skip - to the next panel, no database population is required. */ - if (hostname1.equals(hostname2) && - portStr1.equals(portStr2) && - database1.equals(database2)) { + /* if user submits the same data, they just want to skip + to the next panel, no database population is required. */ + if (hostname1.equals(hostname2) && + portStr1.equals(portStr2) && + database1.equals(database2)) { context.put("updateStatus", "success"); return; } @@ -921,15 +919,14 @@ public class DatabasePanel extends WizardPanelBase { mServlet.cleanUpFromPanel(mServlet.getPanelNo(request)); - try { - populateDB(request, context, (secure.equals("on")?"true":"false")); + populateDB(request, context, (secure.equals("on") ? "true" : "false")); } catch (IOException e) { - CMS.debug("DatabasePanel update: populateDB Exception: "+e.toString()); + CMS.debug("DatabasePanel update: populateDB Exception: " + e.toString()); context.put("updateStatus", "failure"); throw e; } catch (Exception e) { - CMS.debug("DatabasePanel update: populateDB Exception: "+e.toString()); + CMS.debug("DatabasePanel update: populateDB Exception: " + e.toString()); context.put("errorString", e.toString()); cs.putString("preop.database.errorString", e.toString()); context.put("updateStatus", "failure"); @@ -950,11 +947,11 @@ public class DatabasePanel extends WizardPanelBase { } catch (Exception e) { CMS.debug("ConfigDatabaseServlet update: " + e.toString()); context.put("updateStatus", "failure"); - throw new IOException( e.toString() ); + throw new IOException(e.toString()); } psStore.putString("internaldb", bindpwd); psStore.putString("replicationdb", replicationpwd); - cs.putString("preop.internaldb.replicationpwd" , replicationpwd); + cs.putString("preop.internaldb.replicationpwd", replicationpwd); cs.putString("preop.database.removeData", "false"); try { @@ -983,57 +980,57 @@ public class DatabasePanel extends WizardPanelBase { // always populate the index the last try { - CMS.debug("Populating local indexes"); - LDAPConnection conn = getLocalLDAPConn(context, - (secure.equals("on")?"true":"false")); - importLDIFS("preop.internaldb.post_ldif", conn); - - /* For vlvtask, we need to check if the task has - been completed or not. Presence of nsTaskExitCode means task is complete - */ - String wait_dn = cs.getString("preop.internaldb.wait_dn", ""); - if (!wait_dn.equals("")) { - int i = 0; - LDAPEntry task = null; - boolean taskComplete = false; - CMS.debug("Checking wait_dn " + wait_dn); - do { - Thread.sleep(1000); - try { - task = conn.read(wait_dn, (String[])null); - if (task != null) { - LDAPAttribute attr = task.getAttribute("nsTaskExitCode"); - if (attr != null) { - taskComplete = true; - String val = (String) attr.getStringValues().nextElement(); - if (val.compareTo("0") != 0) { - CMS.debug("Error in populating local indexes: nsTaskExitCode=" + val); - } - } + CMS.debug("Populating local indexes"); + LDAPConnection conn = getLocalLDAPConn(context, + (secure.equals("on") ? "true" : "false")); + importLDIFS("preop.internaldb.post_ldif", conn); + + /* For vlvtask, we need to check if the task has + been completed or not. Presence of nsTaskExitCode means task is complete + */ + String wait_dn = cs.getString("preop.internaldb.wait_dn", ""); + if (!wait_dn.equals("")) { + int i = 0; + LDAPEntry task = null; + boolean taskComplete = false; + CMS.debug("Checking wait_dn " + wait_dn); + do { + Thread.sleep(1000); + try { + task = conn.read(wait_dn, (String[]) null); + if (task != null) { + LDAPAttribute attr = task.getAttribute("nsTaskExitCode"); + if (attr != null) { + taskComplete = true; + String val = (String) attr.getStringValues().nextElement(); + if (val.compareTo("0") != 0) { + CMS.debug("Error in populating local indexes: nsTaskExitCode=" + val); + } + } + } + } catch (LDAPException le) { + CMS.debug("Still checking wait_dn '" + wait_dn + "' (" + le.toString() + ")"); + } catch (Exception e) { + CMS.debug("Still checking wait_dn '" + wait_dn + "' (" + e.toString() + ")."); + } + } while ((!taskComplete) && (i < 20)); + if (i < 20) { + CMS.debug("Done checking wait_dn " + wait_dn); + } else { + CMS.debug("Done checking wait_dn " + wait_dn + " due to timeout."); } - } catch (LDAPException le) { - CMS.debug("Still checking wait_dn '" + wait_dn + "' (" + le.toString() + ")"); - } catch (Exception e) { - CMS.debug("Still checking wait_dn '" + wait_dn + "' (" + e.toString() + ")."); - } - } while ((!taskComplete) && (i < 20)); - if (i < 20) { - CMS.debug("Done checking wait_dn " + wait_dn); - } else { - CMS.debug("Done checking wait_dn " + wait_dn + " due to timeout."); } - } - conn.disconnect(); - CMS.debug("Done populating local indexes"); + conn.disconnect(); + CMS.debug("Done populating local indexes"); } catch (Exception e) { - CMS.debug("Populating index failure - " + e); + CMS.debug("Populating index failure - " + e); } // setup replication after indexes have been created if (select.equals("clone")) { CMS.debug("Start setting up replication."); - setupReplication(request, context, (secure.equals("on")?"true":"false"), (cloneStartTLS.equals("on")?"true":"false")); + setupReplication(request, context, (secure.equals("on") ? "true" : "false"), (cloneStartTLS.equals("on") ? "true" : "false")); CMS.debug("Finish setting up replication."); try { @@ -1048,25 +1045,24 @@ public class DatabasePanel extends WizardPanelBase { } } - if (hasErr == false) { - cs.putBoolean("preop.Database.done", true); - try { - cs.commit(false); - } catch (EBaseException e) { - CMS.debug( - "DatabasePanel: update() Exception caught at config commit: " - + e.toString()); - } - } + cs.putBoolean("preop.Database.done", true); + try { + cs.commit(false); + } catch (EBaseException e) { + CMS.debug( + "DatabasePanel: update() Exception caught at config commit: " + + e.toString()); + } + } context.put("updateStatus", "success"); } private void setupReplication(HttpServletRequest request, - Context context, String secure, String cloneStartTLS) throws IOException { + Context context, String secure, String cloneStartTLS) throws IOException { String bindpwd = HttpInput.getPassword(request, "__bindpwd"); IConfigStore cs = CMS.getConfigStore(); - + String cstype = ""; String machinename = ""; String instanceId = ""; @@ -1078,13 +1074,12 @@ public class DatabasePanel extends WizardPanelBase { } catch (Exception e) { } - //setup replication agreement - String masterAgreementName = "masterAgreement1-"+machinename+"-"+instanceId; + String masterAgreementName = "masterAgreement1-" + machinename + "-" + instanceId; cs.putString("internaldb.replication.master", masterAgreementName); - String cloneAgreementName = "cloneAgreement1-"+machinename+"-"+instanceId; + String cloneAgreementName = "cloneAgreement1-" + machinename + "-" + instanceId; cs.putString("internaldb.replication.consumer", cloneAgreementName); - + try { cs.commit(false); } catch (Exception e) { @@ -1119,18 +1114,18 @@ public class DatabasePanel extends WizardPanelBase { master2_replicationpwd = cs.getString("preop.internaldb.replicationpwd", ""); } catch (Exception e) { } - + LDAPConnection conn1 = null; LDAPConnection conn2 = null; if (secure.equals("true")) { - CMS.debug("DatabasePanel setupReplication: creating secure (SSL) connections for internal ldap"); - conn1 = new LDAPConnection(CMS.getLdapJssSSLSocketFactory()); - conn2 = new LDAPConnection(CMS.getLdapJssSSLSocketFactory()); - } else { - CMS.debug("DatabasePanel setupreplication: creating non-secure (non-SSL) connections for internal ldap"); - conn1 = new LDAPConnection(); - conn2 = new LDAPConnection(); - } + CMS.debug("DatabasePanel setupReplication: creating secure (SSL) connections for internal ldap"); + conn1 = new LDAPConnection(CMS.getLdapJssSSLSocketFactory()); + conn2 = new LDAPConnection(CMS.getLdapJssSSLSocketFactory()); + } else { + CMS.debug("DatabasePanel setupreplication: creating non-secure (non-SSL) connections for internal ldap"); + conn1 = new LDAPConnection(); + conn2 = new LDAPConnection(); + } String basedn = ""; try { @@ -1140,13 +1135,13 @@ public class DatabasePanel extends WizardPanelBase { try { conn1.connect(master1_hostname, master1_port, master1_binddn, - master1_bindpwd); + master1_bindpwd); conn2.connect(master2_hostname, master2_port, master2_binddn, - master2_bindpwd); + master2_bindpwd); String suffix = cs.getString("internaldb.basedn", ""); - String replicadn = "cn=replica,cn=\""+suffix+"\",cn=mapping tree,cn=config"; - CMS.debug("DatabasePanel setupReplication: replicadn="+replicadn); + String replicadn = "cn=replica,cn=\"" + suffix + "\",cn=mapping tree,cn=config"; + CMS.debug("DatabasePanel setupReplication: replicadn=" + replicadn); String masterBindUser = "Replication Manager " + masterAgreementName; String cloneBindUser = "Replication Manager " + cloneAgreementName; @@ -1168,16 +1163,16 @@ public class DatabasePanel extends WizardPanelBase { CMS.debug("DatabasePanel setupReplication: Finished enabling replication"); - createReplicationAgreement(replicadn, conn1, masterAgreementName, - master2_hostname, master2_port, master2_replicationpwd, basedn, cloneBindUser, secure, cloneStartTLS); + createReplicationAgreement(replicadn, conn1, masterAgreementName, + master2_hostname, master2_port, master2_replicationpwd, basedn, cloneBindUser, secure, cloneStartTLS); - createReplicationAgreement(replicadn, conn2, cloneAgreementName, - master1_hostname, master1_port, master1_replicationpwd, basedn, masterBindUser, secure, cloneStartTLS); + createReplicationAgreement(replicadn, conn2, cloneAgreementName, + master1_hostname, master1_port, master1_replicationpwd, basedn, masterBindUser, secure, cloneStartTLS); // initialize consumer initializeConsumer(replicadn, conn1, masterAgreementName); - while (! replicationDone(replicadn, conn1, masterAgreementName)) { + while (!replicationDone(replicadn, conn1, masterAgreementName)) { CMS.debug("DatabasePanel setupReplication: Waiting for replication to complete"); Thread.sleep(1000); } @@ -1185,12 +1180,12 @@ public class DatabasePanel extends WizardPanelBase { String status = replicationStatus(replicadn, conn1, masterAgreementName); if (!status.startsWith("0 ")) { CMS.debug("DatabasePanel setupReplication: consumer initialization failed. " + - status); + status); throw new IOException("consumer initialization failed. " + status); - } + } } catch (Exception e) { - CMS.debug("DatabasePanel setupReplication: "+e.toString()); + CMS.debug("DatabasePanel setupReplication: " + e.toString()); throw new IOException("Failed to setup the replication for cloning."); } } @@ -1203,15 +1198,15 @@ public class DatabasePanel extends WizardPanelBase { Context context) { try { - initParams(request, context); - } catch (IOException e) { + initParams(request, context); + } catch (IOException e) { } context.put("title", "Database"); context.put("panel", "admin/console/config/databasepanel.vm"); } private void createReplicationManager(LDAPConnection conn, String bindUser, String pwd) - throws LDAPException { + throws LDAPException { LDAPAttributeSet attrs = null; LDAPEntry entry = null; String dn = "cn=" + bindUser + ",cn=config"; @@ -1231,11 +1226,11 @@ public class DatabasePanel extends WizardPanelBase { conn.delete(dn); conn.add(entry); } catch (LDAPException ee) { - CMS.debug("DatabasePanel createReplicationManager: "+ee.toString()); + CMS.debug("DatabasePanel createReplicationManager: " + ee.toString()); } return; } else { - CMS.debug("DatabasePanel createReplicationManager: Failed to create replication manager. Exception: "+e.toString()); + CMS.debug("DatabasePanel createReplicationManager: Failed to create replication manager. Exception: " + e.toString()); throw e; } } @@ -1244,7 +1239,7 @@ public class DatabasePanel extends WizardPanelBase { } private void createChangeLog(LDAPConnection conn, String dir) - throws LDAPException { + throws LDAPException { LDAPAttributeSet attrs = null; LDAPEntry entry = null; String dn = "cn=changelog5,cn=config"; @@ -1259,17 +1254,17 @@ public class DatabasePanel extends WizardPanelBase { } catch (LDAPException e) { if (e.getLDAPResultCode() == LDAPException.ENTRY_ALREADY_EXISTS) { CMS.debug("DatabasePanel createChangeLog: Changelog entry has already used"); -/* leave it, dont delete it because it will have operation error - try { - conn.delete(dn); - conn.add(entry); - } catch (LDAPException ee) { - CMS.debug("DatabasePanel createChangeLog: "+ee.toString()); - } -*/ + /* leave it, dont delete it because it will have operation error + try { + conn.delete(dn); + conn.add(entry); + } catch (LDAPException ee) { + CMS.debug("DatabasePanel createChangeLog: "+ee.toString()); + } + */ return; } else { - CMS.debug("DatabasePanel createChangeLog: Failed to create changelog entry. Exception: "+e.toString()); + CMS.debug("DatabasePanel createChangeLog: Failed to create changelog entry. Exception: " + e.toString()); throw e; } } @@ -1278,8 +1273,8 @@ public class DatabasePanel extends WizardPanelBase { } private int enableReplication(String replicadn, LDAPConnection conn, String bindUser, String basedn, int id) - throws LDAPException { - CMS.debug("DatabasePanel enableReplication: replicadn: "+replicadn); + throws LDAPException { + CMS.debug("DatabasePanel enableReplication: replicadn: " + replicadn); LDAPAttributeSet attrs = null; LDAPEntry entry = null; try { @@ -1290,7 +1285,7 @@ public class DatabasePanel extends WizardPanelBase { attrs.add(new LDAPAttribute("nsDS5ReplicaRoot", basedn)); attrs.add(new LDAPAttribute("nsDS5ReplicaType", "3")); attrs.add(new LDAPAttribute("nsDS5ReplicaBindDN", - "cn=" + bindUser + ",cn=config")); + "cn=" + bindUser + ",cn=config")); attrs.add(new LDAPAttribute("cn", "replica")); attrs.add(new LDAPAttribute("nsDS5ReplicaId", Integer.toString(id))); attrs.add(new LDAPAttribute("nsds5flags", "1")); @@ -1300,47 +1295,47 @@ public class DatabasePanel extends WizardPanelBase { if (e.getLDAPResultCode() == LDAPException.ENTRY_ALREADY_EXISTS) { /* BZ 470918 -we cant just add the new dn. We need to do a replace instead * until the DS code is fixed */ - CMS.debug("DatabasePanel enableReplication: "+replicadn+" has already been used"); - + CMS.debug("DatabasePanel enableReplication: " + replicadn + " has already been used"); + try { entry = conn.read(replicadn); LDAPAttribute attr = entry.getAttribute("nsDS5ReplicaBindDN"); - attr.addValue( "cn=" + bindUser + ",cn=config"); + attr.addValue("cn=" + bindUser + ",cn=config"); LDAPModification mod = new LDAPModification(LDAPModification.REPLACE, attr); conn.modify(replicadn, mod); } catch (LDAPException ee) { - CMS.debug("DatabasePanel enableReplication: Failed to modify " - +replicadn+" entry. Exception: "+e.toString()); + CMS.debug("DatabasePanel enableReplication: Failed to modify " + + replicadn + " entry. Exception: " + e.toString()); } return id; } else { - CMS.debug("DatabasePanel enableReplication: Failed to create "+replicadn+" entry. Exception: "+e.toString()); + CMS.debug("DatabasePanel enableReplication: Failed to create " + replicadn + " entry. Exception: " + e.toString()); return id; } } - CMS.debug("DatabasePanel enableReplication: Successfully create "+replicadn+" entry."); + CMS.debug("DatabasePanel enableReplication: Successfully create " + replicadn + " entry."); return id + 1; } - private void createReplicationAgreement(String replicadn, - LDAPConnection conn, String name, String replicahost, int replicaport, - String replicapwd, String basedn, String bindUser, String secure, String cloneStartTLS) throws LDAPException { - String dn = "cn="+name+","+replicadn; - CMS.debug("DatabasePanel createReplicationAgreement: dn: "+dn); + private void createReplicationAgreement(String replicadn, + LDAPConnection conn, String name, String replicahost, int replicaport, + String replicapwd, String basedn, String bindUser, String secure, String cloneStartTLS) throws LDAPException { + String dn = "cn=" + name + "," + replicadn; + CMS.debug("DatabasePanel createReplicationAgreement: dn: " + dn); LDAPEntry entry = null; LDAPAttributeSet attrs = null; try { attrs = new LDAPAttributeSet(); attrs.add(new LDAPAttribute("objectclass", "top")); attrs.add(new LDAPAttribute("objectclass", - "nsds5replicationagreement")); + "nsds5replicationagreement")); attrs.add(new LDAPAttribute("cn", name)); attrs.add(new LDAPAttribute("nsDS5ReplicaRoot", basedn)); attrs.add(new LDAPAttribute("nsDS5ReplicaHost", replicahost)); - attrs.add(new LDAPAttribute("nsDS5ReplicaPort", ""+replicaport)); + attrs.add(new LDAPAttribute("nsDS5ReplicaPort", "" + replicaport)); attrs.add(new LDAPAttribute("nsDS5ReplicaBindDN", - "cn=" + bindUser + ",cn=config")); + "cn=" + bindUser + ",cn=config")); attrs.add(new LDAPAttribute("nsDS5ReplicaBindMethod", "Simple")); attrs.add(new LDAPAttribute("nsds5replicacredentials", replicapwd)); @@ -1351,50 +1346,50 @@ public class DatabasePanel extends WizardPanelBase { } CMS.debug("About to set description attr to " + name); - attrs.add(new LDAPAttribute("description",name)); + attrs.add(new LDAPAttribute("description", name)); entry = new LDAPEntry(dn, attrs); conn.add(entry); } catch (LDAPException e) { if (e.getLDAPResultCode() == LDAPException.ENTRY_ALREADY_EXISTS) { - CMS.debug("DatabasePanel createReplicationAgreement: "+dn+" has already used"); + CMS.debug("DatabasePanel createReplicationAgreement: " + dn + " has already used"); try { conn.delete(dn); } catch (LDAPException ee) { - CMS.debug("DatabasePanel createReplicationAgreement: "+ee.toString()); + CMS.debug("DatabasePanel createReplicationAgreement: " + ee.toString()); throw ee; } try { conn.add(entry); } catch (LDAPException ee) { - CMS.debug("DatabasePanel createReplicationAgreement: "+ee.toString()); + CMS.debug("DatabasePanel createReplicationAgreement: " + ee.toString()); throw ee; } } else { - CMS.debug("DatabasePanel createReplicationAgreement: Failed to create "+dn+" entry. Exception: "+e.toString()); + CMS.debug("DatabasePanel createReplicationAgreement: Failed to create " + dn + " entry. Exception: " + e.toString()); throw e; } } - CMS.debug("DatabasePanel createReplicationAgreement: Successfully create replication agreement "+name); + CMS.debug("DatabasePanel createReplicationAgreement: Successfully create replication agreement " + name); } - private void initializeConsumer(String replicadn, LDAPConnection conn, - String name) { - String dn = "cn="+name+","+replicadn; - CMS.debug("DatabasePanel initializeConsumer: initializeConsumer dn: "+dn); - CMS.debug("DatabasePanel initializeConsumer: initializeConsumer host: "+conn.getHost() + " port: " + conn.getPort()); + private void initializeConsumer(String replicadn, LDAPConnection conn, + String name) { + String dn = "cn=" + name + "," + replicadn; + CMS.debug("DatabasePanel initializeConsumer: initializeConsumer dn: " + dn); + CMS.debug("DatabasePanel initializeConsumer: initializeConsumer host: " + conn.getHost() + " port: " + conn.getPort()); try { LDAPAttribute attr = new LDAPAttribute("nsds5beginreplicarefresh", - "start"); + "start"); LDAPModification mod = new LDAPModification( - LDAPModification.REPLACE, attr); + LDAPModification.REPLACE, attr); CMS.debug("DatabasePanel initializeConsumer: start modifying"); conn.modify(dn, mod); CMS.debug("DatabasePanel initializeConsumer: Finish modification."); } catch (LDAPException e) { - CMS.debug("DatabasePanel initializeConsumer: Failed to modify "+dn+" entry. Exception: "+e.toString()); + CMS.debug("DatabasePanel initializeConsumer: Failed to modify " + dn + " entry. Exception: " + e.toString()); return; } catch (Exception e) { CMS.debug("DatabasePanel initializeConsumer: exception " + e); @@ -1405,33 +1400,33 @@ public class DatabasePanel extends WizardPanelBase { Thread.sleep(5000); CMS.debug("DatabasePanel initializeConsumer: finish sleeping."); } catch (InterruptedException ee) { - CMS.debug("DatabasePanel initializeConsumer: exception: "+ee.toString()); + CMS.debug("DatabasePanel initializeConsumer: exception: " + ee.toString()); } CMS.debug("DatabasePanel initializeConsumer: Successfully initialize consumer"); } - private boolean replicationDone(String replicadn, LDAPConnection conn, String name) - throws IOException { - String dn = "cn="+name+","+replicadn; + private boolean replicationDone(String replicadn, LDAPConnection conn, String name) + throws IOException { + String dn = "cn=" + name + "," + replicadn; String filter = "(objectclass=*)"; - String[] attrs = {"nsds5beginreplicarefresh"}; + String[] attrs = { "nsds5beginreplicarefresh" }; - CMS.debug("DatabasePanel replicationDone: dn: "+dn); + CMS.debug("DatabasePanel replicationDone: dn: " + dn); try { LDAPSearchResults results = conn.search(dn, LDAPConnection.SCOPE_BASE, filter, - attrs, true); + attrs, true); int count = results.getCount(); if (count < 1) { throw new IOException("Replication entry not found"); - } - + } + LDAPEntry entry = results.next(); LDAPAttribute refresh = entry.getAttribute("nsds5beginreplicarefresh"); if (refresh == null) { return true; - } + } return false; } catch (Exception e) { CMS.debug("DatabasePanel replicationDone: exception " + e); @@ -1439,29 +1434,29 @@ public class DatabasePanel extends WizardPanelBase { } } - private String replicationStatus(String replicadn, LDAPConnection conn, String name) - throws IOException { - String dn = "cn="+name+","+replicadn; + private String replicationStatus(String replicadn, LDAPConnection conn, String name) + throws IOException { + String dn = "cn=" + name + "," + replicadn; String filter = "(objectclass=*)"; - String[] attrs = {"nsds5replicalastinitstatus"}; + String[] attrs = { "nsds5replicalastinitstatus" }; String status = null; - CMS.debug("DatabasePanel replicationStatus: dn: "+dn); + CMS.debug("DatabasePanel replicationStatus: dn: " + dn); try { LDAPSearchResults results = conn.search(dn, LDAPConnection.SCOPE_BASE, filter, - attrs, false); + attrs, false); int count = results.getCount(); if (count < 1) { throw new IOException("Replication entry not found"); - } + } LDAPEntry entry = results.next(); LDAPAttribute attr = entry.getAttribute("nsds5replicalastinitstatus"); if (attr != null) { Enumeration valsInAttr = attr.getStringValues(); if (valsInAttr.hasMoreElements()) { - return (String)valsInAttr.nextElement(); + return (String) valsInAttr.nextElement(); } else { throw new IOException("No value returned for nsds5replicalastinitstatus"); } @@ -1475,35 +1470,35 @@ public class DatabasePanel extends WizardPanelBase { } private String getInstanceDir(LDAPConnection conn) { - String instancedir=""; + String instancedir = ""; try { String filter = "(objectclass=*)"; - String[] attrs = {"nsslapd-directory"}; + String[] attrs = { "nsslapd-directory" }; LDAPSearchResults results = conn.search("cn=config,cn=ldbm database,cn=plugins,cn=config", LDAPv3.SCOPE_SUB, - filter, attrs, false); + filter, attrs, false); while (results.hasMoreElements()) { LDAPEntry entry = results.next(); String dn = entry.getDN(); - CMS.debug("DatabasePanel getInstanceDir: DN for storing nsslapd-directory: "+dn); + CMS.debug("DatabasePanel getInstanceDir: DN for storing nsslapd-directory: " + dn); LDAPAttributeSet entryAttrs = entry.getAttributeSet(); Enumeration attrsInSet = entryAttrs.getAttributes(); while (attrsInSet.hasMoreElements()) { - LDAPAttribute nextAttr = (LDAPAttribute)attrsInSet.nextElement(); + LDAPAttribute nextAttr = (LDAPAttribute) attrsInSet.nextElement(); String attrName = nextAttr.getName(); - CMS.debug("DatabasePanel getInstanceDir: attribute name: "+attrName); + CMS.debug("DatabasePanel getInstanceDir: attribute name: " + attrName); Enumeration valsInAttr = nextAttr.getStringValues(); - while ( valsInAttr.hasMoreElements() ) { - String nextValue = (String)valsInAttr.nextElement(); + while (valsInAttr.hasMoreElements()) { + String nextValue = (String) valsInAttr.nextElement(); if (attrName.equalsIgnoreCase("nsslapd-directory")) { - CMS.debug("DatabasePanel getInstanceDir: instanceDir="+nextValue); - return nextValue.substring(0,nextValue.lastIndexOf("/db")); + CMS.debug("DatabasePanel getInstanceDir: instanceDir=" + nextValue); + return nextValue.substring(0, nextValue.lastIndexOf("/db")); } } } } } catch (LDAPException e) { - CMS.debug("DatabasePanel getInstanceDir: Error in retrieving the instance directory. Exception: "+e.toString()); + CMS.debug("DatabasePanel getInstanceDir: Error in retrieving the instance directory. Exception: " + e.toString()); } return instancedir; diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabaseServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabaseServlet.java index d8fd7526..c44f6113 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabaseServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DatabaseServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -25,7 +24,6 @@ import org.apache.velocity.Template; import org.apache.velocity.app.Velocity; import org.apache.velocity.context.Context; - public class DatabaseServlet extends BaseServlet { /** diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java index 1e1b6dec..d72984d2 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.net.URLEncoder; import java.util.Locale; @@ -42,25 +41,26 @@ import com.netscape.cmsutil.crypto.CryptoUtil; public class DisplayCertChainPanel extends WizardPanelBase { - public DisplayCertChainPanel() {} + public DisplayCertChainPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Display Certificate Chain"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Display Certificate Chain"); setId(id); } - - public boolean isSubPanel() { + + public boolean isSubPanel() { return true; } @@ -70,7 +70,7 @@ public class DisplayCertChainPanel extends WizardPanelBase { public PropertySet getUsage() { PropertySet set = new PropertySet(); - + return set; } @@ -86,8 +86,8 @@ public class DisplayCertChainPanel extends WizardPanelBase { IConfigStore cs = CMS.getConfigStore(); // if we are root, no need to get the certificate chain. - try { - String select = cs.getString("securitydomain.select",""); + try { + String select = cs.getString("securitydomain.select", ""); String type = cs.getString("preop.subsystem.select", ""); String hierarchy = cs.getString("preop.hierarchy.select", ""); @@ -132,7 +132,8 @@ public class DisplayCertChainPanel extends WizardPanelBase { try { certchain_size = cs.getString(certChainConfigName, ""); - } catch (Exception e) {} + } catch (Exception e) { + } int size = 0; Vector v = new Vector(); @@ -140,20 +141,22 @@ public class DisplayCertChainPanel extends WizardPanelBase { if (!certchain_size.equals("")) { try { size = Integer.parseInt(certchain_size); - } catch (Exception e) {} + } catch (Exception e) { + } for (int i = 0; i < size; i++) { certChainConfigName = "preop." + type + ".certchain." + i; try { String c = cs.getString(certChainConfigName, ""); byte[] b_c = CryptoUtil.base64Decode(c); CertPrettyPrint pp = new CertPrettyPrint( - new X509CertImpl(b_c)); + new X509CertImpl(b_c)); v.addElement(pp.toString(Locale.getDefault())); - } catch (Exception e) {} + } catch (Exception e) { + } } } - + if (getId().equals("securitydomain")) { context.put("panelid", "securitydomain"); context.put("panelname", "Security Domain Trust Verification"); @@ -184,7 +187,7 @@ public class DisplayCertChainPanel extends WizardPanelBase { importCertChain(getId()); if (getId().equals("securitydomain")) { - int panel = getPanelNo()+1; + int panel = getPanelNo() + 1; IConfigStore cs = CMS.getConfigStore(); try { String sd_hostname = cs.getString("securitydomain.host", ""); @@ -192,23 +195,23 @@ public class DisplayCertChainPanel extends WizardPanelBase { String cs_hostname = cs.getString("machineName", ""); int cs_port = cs.getInteger("pkicreate.admin_secure_port", -1); String subsystem = cs.getString("cs.type", ""); - String urlVal = "https://"+cs_hostname+":"+cs_port+"/"+toLowerCaseSubsystemType(subsystem)+"/admin/console/config/wizard?p="+panel+"&subsystem="+subsystem; + String urlVal = "https://" + cs_hostname + ":" + cs_port + "/" + toLowerCaseSubsystemType(subsystem) + "/admin/console/config/wizard?p=" + panel + "&subsystem=" + subsystem; String encodedValue = URLEncoder.encode(urlVal, "UTF-8"); - String sdurl = "https://"+sd_hostname+":"+sd_port+"/ca/admin/ca/securityDomainLogin?url="+encodedValue; + String sdurl = "https://" + sd_hostname + ":" + sd_port + "/ca/admin/ca/securityDomainLogin?url=" + encodedValue; response.sendRedirect(sdurl); // The user previously specified the CA Security Domain's // SSL Admin port in the "Security Domain Panel"; // now retrieve this specified CA Security Domain's // non-SSL EE, SSL Agent, and SSL EE ports: - cs.putString( "securitydomain.httpport", - getSecurityDomainPort( cs, "UnSecurePort" ) ); - cs.putString("securitydomain.httpsagentport", - getSecurityDomainPort( cs, "SecureAgentPort" ) ); - cs.putString("securitydomain.httpseeport", - getSecurityDomainPort( cs, "SecurePort" ) ); + cs.putString("securitydomain.httpport", + getSecurityDomainPort(cs, "UnSecurePort")); + cs.putString("securitydomain.httpsagentport", + getSecurityDomainPort(cs, "SecureAgentPort")); + cs.putString("securitydomain.httpseeport", + getSecurityDomainPort(cs, "SecurePort")); } catch (Exception ee) { - CMS.debug("DisplayCertChainPanel Exception="+ee.toString()); + CMS.debug("DisplayCertChainPanel Exception=" + ee.toString()); } } context.put("updateStatus", "success"); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DisplayServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DisplayServlet.java index 00871921..3bb8c73c 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DisplayServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DisplayServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -25,7 +24,6 @@ import org.apache.velocity.Template; import org.apache.velocity.app.Velocity; import org.apache.velocity.context.Context; - public class DisplayServlet extends BaseServlet { /** diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java index 9669ddb1..b330b705 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.math.BigInteger; import java.net.URLEncoder; @@ -58,22 +57,23 @@ public class DonePanel extends WizardPanelBase { public static final BigInteger BIG_ZERO = new BigInteger("0"); public static final Long MINUS_ONE = Long.valueOf(-1); public static final String RESTART_SERVER_AFTER_CONFIGURATION = - "restart_server_after_configuration"; + "restart_server_after_configuration"; public static final String PKI_SECURITY_DOMAIN = "pki_security_domain"; - public DonePanel() {} + public DonePanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Done"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Done"); setId(id); @@ -88,15 +88,14 @@ public class DonePanel extends WizardPanelBase { public PropertySet getUsage() { PropertySet set = new PropertySet(); - + /* XXX */ - + return set; } private LDAPConnection getLDAPConn(Context context) - throws IOException - { + throws IOException { IConfigStore cs = CMS.getConfigStore(); String host = ""; @@ -112,8 +111,8 @@ public class DonePanel extends WizardPanelBase { pwd = pwdStore.getPassword("internaldb"); } - if ( pwd == null) { - throw new IOException("DonePanel: Failed to obtain password from password store"); + if (pwd == null) { + throw new IOException("DonePanel: Failed to obtain password from password store"); } try { @@ -138,11 +137,11 @@ public class DonePanel extends WizardPanelBase { LDAPConnection conn = null; if (security.equals("true")) { - CMS.debug("DonePanel getLDAPConn: creating secure (SSL) connection for internal ldap"); - conn = new LDAPConnection(CMS.getLdapJssSSLSocketFactory()); + CMS.debug("DonePanel getLDAPConn: creating secure (SSL) connection for internal ldap"); + conn = new LDAPConnection(CMS.getLdapJssSSLSocketFactory()); } else { - CMS.debug("DonePanel getLDAPConn: creating non-secure (non-SSL) connection for internal ldap"); - conn = new LDAPConnection(); + CMS.debug("DonePanel getLDAPConn: creating non-secure (non-SSL) connection for internal ldap"); + conn = new LDAPConnection(); } CMS.debug("DonePanel connecting to " + host + ":" + p); @@ -153,10 +152,9 @@ public class DonePanel extends WizardPanelBase { throw new IOException("Failed to connect to the internal database."); } - return conn; + return conn; } - /** * Display the panel. */ @@ -193,31 +191,32 @@ public class DonePanel extends WizardPanelBase { instanceRoot = cs.getString("instanceRoot"); select = cs.getString("preop.subsystem.select", ""); systemdService = cs.getString("pkicreate.systemd.servicename", ""); - } catch (Exception e) {} + } catch (Exception e) { + } String initDaemon = ""; if (type.equals("CA")) { - initDaemon = "pki-cad"; + initDaemon = "pki-cad"; } else if (type.equals("KRA")) { - initDaemon = "pki-krad"; + initDaemon = "pki-krad"; } else if (type.equals("OCSP")) { - initDaemon = "pki-ocspd"; + initDaemon = "pki-ocspd"; } else if (type.equals("TKS")) { - initDaemon = "pki-tksd"; + initDaemon = "pki-tksd"; } - String os = System.getProperty( "os.name" ); - if( os.equalsIgnoreCase( "Linux" ) ) { - if (! systemdService.equals("")) { - context.put( "initCommand", "/bin/systemctl"); - context.put( "instanceId", systemdService ); + String os = System.getProperty("os.name"); + if (os.equalsIgnoreCase("Linux")) { + if (!systemdService.equals("")) { + context.put("initCommand", "/bin/systemctl"); + context.put("instanceId", systemdService); } else { - context.put( "initCommand", "/sbin/service " + initDaemon ); - context.put( "instanceId", instanceId ); + context.put("initCommand", "/sbin/service " + initDaemon); + context.put("instanceId", instanceId); } } else { /* default case: e. g. - ( os.equalsIgnoreCase( "SunOS" ) */ - context.put( "initCommand", "/etc/init.d/" + initDaemon ); - context.put( "instanceId", instanceId ); + context.put("initCommand", "/etc/init.d/" + initDaemon); + context.put("instanceId", instanceId); } context.put("title", "Done"); context.put("panel", "admin/console/config/donepanel.vm"); @@ -233,7 +232,7 @@ public class DonePanel extends WizardPanelBase { return; } else context.put("csstate", "0"); - + } catch (Exception e) { } @@ -280,11 +279,11 @@ public class DonePanel extends WizardPanelBase { String basedn = cs.getString("internaldb.basedn"); String secdomain = cs.getString("securitydomain.name"); - try { + try { // Create security domain ldap entry String dn = "ou=Security Domain," + basedn; CMS.debug("DonePanel: creating ldap entry : " + dn); - + LDAPEntry entry = null; LDAPAttributeSet attrs = null; attrs = new LDAPAttributeSet(); @@ -305,10 +304,10 @@ public class DonePanel extends WizardPanelBase { throw e; } - try { + try { // create list containers - String clist[] = {"CAList", "OCSPList", "KRAList", "RAList", "TKSList", "TPSList"}; - for (int i=0; i< clist.length; i++) { + String clist[] = { "CAList", "OCSPList", "KRAList", "RAList", "TKSList", "TPSList" }; + for (int i = 0; i < clist.length; i++) { LDAPEntry entry = null; LDAPAttributeSet attrs = null; String dn = "cn=" + clist[i] + ",ou=Security Domain," + basedn; @@ -320,9 +319,9 @@ public class DonePanel extends WizardPanelBase { conn.add(entry); } } catch (Exception e) { - CMS.debug("Unable to create security domain list groups" ); + CMS.debug("Unable to create security domain list groups"); throw e; - } + } try { // Add this host (only CA can create new domain) @@ -340,8 +339,8 @@ public class DonePanel extends WizardPanelBase { attrs.add(new LDAPAttribute("SecureAdminPort", ownadminsport)); if (owneeclientauthsport != null) { - attrs.add(new LDAPAttribute("SecureEEClientAuthPort", - owneeclientauthsport)); + attrs.add(new LDAPAttribute("SecureEEClientAuthPort", + owneeclientauthsport)); } attrs.add(new LDAPAttribute("UnSecurePort", ownport)); attrs.add(new LDAPAttribute("Clone", "FALSE")); @@ -357,28 +356,29 @@ public class DonePanel extends WizardPanelBase { CMS.debug("DonePanel display: finish updating domain info"); conn.disconnect(); } catch (Exception e) { - CMS.debug("DonePanel display: "+e.toString()); + CMS.debug("DonePanel display: " + e.toString()); } int sd_admin_port_int = -1; try { - sd_admin_port_int = Integer.parseInt( sd_admin_port ); + sd_admin_port_int = Integer.parseInt(sd_admin_port); } catch (Exception e) { } try { // Fetch the "new" security domain and display it - CMS.debug( "Dump contents of new Security Domain . . ." ); - String c = getDomainXML( sd_host, sd_admin_port_int, true ); - } catch( Exception e ) {} + CMS.debug("Dump contents of new Security Domain . . ."); + String c = getDomainXML(sd_host, sd_admin_port_int, true); + } catch (Exception e) { + } // Since this instance is a new Security Domain, // create an empty file to designate this fact. String security_domain = instanceRoot + "/conf/" + PKI_SECURITY_DOMAIN; - if( !Utils.isNT() ) { - Utils.exec( "touch " + security_domain ); - Utils.exec( "chmod 00660 " + security_domain ); + if (!Utils.isNT()) { + Utils.exec("touch " + security_domain); + Utils.exec("chmod 00660 " + security_domain); } } else { //existing domain @@ -398,31 +398,31 @@ public class DonePanel extends WizardPanelBase { cloneStr = "&clone=false"; String domainMasterStr = ""; - if (cloneMaster) + if (cloneMaster) domainMasterStr = "&dm=true"; - else - domainMasterStr = "&dm=false"; + else + domainMasterStr = "&dm=false"; String eecaStr = ""; - if (owneeclientauthsport != null) - eecaStr="&eeclientauthsport=" + owneeclientauthsport; + if (owneeclientauthsport != null) + eecaStr = "&eeclientauthsport=" + owneeclientauthsport; - updateDomainXML( sd_host, sd_agent_port_int, true, - "/ca/agent/ca/updateDomainXML", + updateDomainXML(sd_host, sd_agent_port_int, true, + "/ca/agent/ca/updateDomainXML", "list=" + s - + "&type=" + type - + "&host=" + ownhost - + "&name=" + subsystemName - + "&sport=" + ownsport - + domainMasterStr - + cloneStr - + "&agentsport=" + ownagentsport - + "&adminsport=" + ownadminsport - + eecaStr - + "&httpport=" + ownport ); + + "&type=" + type + + "&host=" + ownhost + + "&name=" + subsystemName + + "&sport=" + ownsport + + domainMasterStr + + cloneStr + + "&agentsport=" + ownagentsport + + "&adminsport=" + ownadminsport + + eecaStr + + "&httpport=" + ownport); // Fetch the "updated" security domain and display it - CMS.debug( "Dump contents of updated Security Domain . . ." ); - String c = getDomainXML( sd_host, sd_admin_port_int, true ); + CMS.debug("Dump contents of updated Security Domain . . ."); + String c = getDomainXML(sd_host, sd_admin_port_int, true); } catch (Exception e) { context.put("errorString", "Failed to update the security domain on the domain master."); //return; @@ -439,7 +439,6 @@ public class DonePanel extends WizardPanelBase { CMS.debug("DonePanel: exception in adding service.securityDomainPort to CS.cfg" + e); } - // need to push connector information to the CA if (type.equals("KRA") && !ca_host.equals("")) { try { @@ -469,7 +468,7 @@ public class DonePanel extends WizardPanelBase { setupClientAuthUser(); } - + if (!select.equals("clone")) { if (type.equals("CA") || type.equals("KRA")) { String beginRequestNumStr = ""; @@ -478,7 +477,7 @@ public class DonePanel extends WizardPanelBase { String endSerialNumStr = ""; String requestIncStr = ""; String serialIncStr = ""; - + try { endRequestNumStr = cs.getString("dbs.endRequestNumber", ""); endSerialNumStr = cs.getString("dbs.endSerialNumber", ""); @@ -495,22 +494,22 @@ public class DonePanel extends WizardPanelBase { serialdn = "ou=certificateRepository,ou=" + type.toLowerCase() + "," + basedn; } else { serialdn = "ou=keyRepository,ou=" + type.toLowerCase() + "," + basedn; - } - LDAPAttribute attrSerialNextRange = new LDAPAttribute( "nextRange", endSerialNum.add(oneNum).toString()); - LDAPModification serialmod = new LDAPModification( LDAPModification.REPLACE, attrSerialNextRange ); - conn.modify( serialdn, serialmod ); + } + LDAPAttribute attrSerialNextRange = new LDAPAttribute("nextRange", endSerialNum.add(oneNum).toString()); + LDAPModification serialmod = new LDAPModification(LDAPModification.REPLACE, attrSerialNextRange); + conn.modify(serialdn, serialmod); String requestdn = "ou=" + type.toLowerCase() + ",ou=requests," + basedn; - LDAPAttribute attrRequestNextRange = new LDAPAttribute( "nextRange", endRequestNum.add(oneNum).toString()); - LDAPModification requestmod = new LDAPModification( LDAPModification.REPLACE, attrRequestNextRange ); - conn.modify( requestdn, requestmod ); + LDAPAttribute attrRequestNextRange = new LDAPAttribute("nextRange", endRequestNum.add(oneNum).toString()); + LDAPModification requestmod = new LDAPModification(LDAPModification.REPLACE, attrRequestNextRange); + conn.modify(requestdn, requestmod); - conn.disconnect(); + conn.disconnect(); } catch (Exception e) { CMS.debug("Unable to update global next range numbers: " + e); - } + } } - } + } if (cloneMaster) { // cloning a domain master CA, the clone is also master of its domain @@ -550,24 +549,30 @@ public class DonePanel extends WizardPanelBase { // more cloning variables needed for non-ca clones - if (! type.equals("CA")) { + if (!type.equals("CA")) { String val = cs.getString("preop.ca.hostname", ""); - if (val.compareTo("") != 0) cs.putString("cloning.ca.hostname", val); + if (val.compareTo("") != 0) + cs.putString("cloning.ca.hostname", val); val = cs.getString("preop.ca.httpport", ""); - if (val.compareTo("") != 0) cs.putString("cloning.ca.httpport", val); + if (val.compareTo("") != 0) + cs.putString("cloning.ca.httpport", val); - val = cs.getString("preop.ca.httpsport", ""); - if (val.compareTo("") != 0) cs.putString("cloning.ca.httpsport", val); + val = cs.getString("preop.ca.httpsport", ""); + if (val.compareTo("") != 0) + cs.putString("cloning.ca.httpsport", val); val = cs.getString("preop.ca.list", ""); - if (val.compareTo("") != 0) cs.putString("cloning.ca.list", val); + if (val.compareTo("") != 0) + cs.putString("cloning.ca.list", val); val = cs.getString("preop.ca.pkcs7", ""); - if (val.compareTo("") != 0) cs.putString("cloning.ca.pkcs7", val); + if (val.compareTo("") != 0) + cs.putString("cloning.ca.pkcs7", val); val = cs.getString("preop.ca.type", ""); - if (val.compareTo("") != 0) cs.putString("cloning.ca.type", val); + if (val.compareTo("") != 0) + cs.putString("cloning.ca.type", val); } // save EC type for sslserver cert (if present) @@ -581,9 +586,9 @@ public class DonePanel extends WizardPanelBase { // been restarted! String restart_server = instanceRoot + "/conf/" + RESTART_SERVER_AFTER_CONFIGURATION; - if( !Utils.isNT() ) { - Utils.exec( "touch " + restart_server ); - Utils.exec( "chmod 00660 " + restart_server ); + if (!Utils.isNT()) { + Utils.exec("touch " + restart_server); + Utils.exec("chmod 00660 " + restart_server); } } catch (Exception e) { @@ -593,13 +598,12 @@ public class DonePanel extends WizardPanelBase { context.put("csstate", "1"); } - private void setupClientAuthUser() - { + private void setupClientAuthUser() { IConfigStore cs = CMS.getConfigStore(); // retrieve CA subsystem certificate from the CA IUGSubsystem system = - (IUGSubsystem) (CMS.getSubsystem(IUGSubsystem.ID)); + (IUGSubsystem) (CMS.getSubsystem(IUGSubsystem.ID)); String id = ""; try { String b64 = getCASubsystemCert(); @@ -640,9 +644,8 @@ public class DonePanel extends WizardPanelBase { } } - - private void updateOCSPConfig(HttpServletResponse response) - throws IOException { + private void updateOCSPConfig(HttpServletResponse response) + throws IOException { IConfigStore config = CMS.getConfigStore(); String cahost = ""; int caport = -1; @@ -661,7 +664,7 @@ public class DonePanel extends WizardPanelBase { int ocspport = Integer.parseInt(CMS.getAgentPort()); int ocspagentport = Integer.parseInt(CMS.getAgentPort()); String session_id = CMS.getConfigSDSessionId(); - String content = "xmlOutput=true&sessionID="+session_id+"&ocsp_host="+ocsphost+"&ocsp_port="+ocspport; + String content = "xmlOutput=true&sessionID=" + session_id + "&ocsp_host=" + ocsphost + "&ocsp_port=" + ocspport; updateOCSPConfig(cahost, caport, true, content, response); } @@ -675,7 +678,7 @@ public class DonePanel extends WizardPanelBase { if (b64.equals("")) throw new IOException("Failed to get certificate chain."); - + try { // this could be a chain X509Certificate[] certs = Cert.mapCertFromPKCS7(b64); @@ -686,9 +689,9 @@ public class DonePanel extends WizardPanelBase { } else { leafCert = certs[0]; } - - IOCSPAuthority ocsp = - (IOCSPAuthority)CMS.getSubsystem(IOCSPAuthority.ID); + + IOCSPAuthority ocsp = + (IOCSPAuthority) CMS.getSubsystem(IOCSPAuthority.ID); IDefStore defStore = ocsp.getDefaultStore(); // (1) need to normalize (sort) the chain @@ -696,9 +699,9 @@ public class DonePanel extends WizardPanelBase { // (2) store certificate (and certificate chain) into // database ICRLIssuingPointRecord rec = defStore.createCRLIssuingPointRecord( - leafCert.getSubjectDN().getName(), - BIG_ZERO, - MINUS_ONE, null, null); + leafCert.getSubjectDN().getName(), + BIG_ZERO, + MINUS_ONE, null, null); try { rec.set(ICRLIssuingPointRecord.ATTR_CA_CERT, leafCert.getEncoded()); @@ -748,7 +751,7 @@ public class DonePanel extends WizardPanelBase { } private void updateConnectorInfo(String ownagenthost, String ownagentsport) - throws IOException { + throws IOException { IConfigStore cs = CMS.getConfigStore(); int port = -1; String url = ""; @@ -757,21 +760,21 @@ public class DonePanel extends WizardPanelBase { try { url = cs.getString("preop.ca.url", ""); if (!url.equals("")) { - host = cs.getString("preop.ca.hostname", ""); - port = cs.getInteger("preop.ca.httpsadminport", -1); - transportCert = cs.getString("kra.transport.cert", ""); + host = cs.getString("preop.ca.hostname", ""); + port = cs.getInteger("preop.ca.httpsadminport", -1); + transportCert = cs.getString("kra.transport.cert", ""); } } catch (Exception e) { } if (host == null) { - CMS.debug("DonePanel: preop.ca.url is not defined. External CA selected. No transport certificate setup is required"); + CMS.debug("DonePanel: preop.ca.url is not defined. External CA selected. No transport certificate setup is required"); } else { - CMS.debug("DonePanel: Transport certificate is being setup in " + url); - String session_id = CMS.getConfigSDSessionId(); - String content = "ca.connector.KRA.enable=true&ca.connector.KRA.local=false&ca.connector.KRA.timeout=30&ca.connector.KRA.uri=/kra/agent/kra/connector&ca.connector.KRA.host="+ownagenthost+"&ca.connector.KRA.port="+ownagentsport+"&ca.connector.KRA.transportCert="+URLEncoder.encode(transportCert)+"&sessionID="+session_id; + CMS.debug("DonePanel: Transport certificate is being setup in " + url); + String session_id = CMS.getConfigSDSessionId(); + String content = "ca.connector.KRA.enable=true&ca.connector.KRA.local=false&ca.connector.KRA.timeout=30&ca.connector.KRA.uri=/kra/agent/kra/connector&ca.connector.KRA.host=" + ownagenthost + "&ca.connector.KRA.port=" + ownagentsport + "&ca.connector.KRA.transportCert=" + URLEncoder.encode(transportCert) + "&sessionID=" + session_id; - updateConnectorInfo(host, port, true, content); + updateConnectorInfo(host, port, true, content); } } @@ -802,12 +805,14 @@ public class DonePanel extends WizardPanelBase { */ public void update(HttpServletRequest request, HttpServletResponse response, - Context context) throws IOException {} + Context context) throws IOException { + } /** * If validiate() returns false, this method will be called. */ public void displayError(HttpServletRequest request, HttpServletResponse response, - Context context) {/* This should never be called */} + Context context) {/* This should never be called */ + } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java index 9d7fc22a..094aa716 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DownloadPKCS12.java @@ -50,6 +50,7 @@ public class DownloadPKCS12 extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -59,7 +60,7 @@ public class DownloadPKCS12 extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. */ protected void process(CMSRequest cmsReq) throws EBaseException { CMS.debug("DownloadPKCS12: processing..."); @@ -70,7 +71,7 @@ public class DownloadPKCS12 extends CMSServlet { mRenderResult = false; // check the pin from the session - String pin = (String)httpReq.getSession().getAttribute("pin"); + String pin = (String) httpReq.getSession().getAttribute("pin"); if (pin == null) { CMS.debug("DownloadPKCS12 process: Failed to get the pin from the cookie."); outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); @@ -101,16 +102,17 @@ public class DownloadPKCS12 extends CMSServlet { httpResp.getOutputStream().write(pkcs12); return; } catch (Exception e) { - CMS.debug("DownloadPKCS12 process: Exception="+e.toString()); + CMS.debug("DownloadPKCS12 process: Exception=" + e.toString()); } } - protected void setDefaultTemplates(ServletConfig sc) {} + protected void setDefaultTemplates(ServletConfig sc) { + } protected void renderTemplate( CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler) - throws IOException {// do nothing - } + throws IOException {// do nothing + } protected void renderResult(CMSRequest cmsReq) throws IOException {// do nothing, ie, it will not return the default javascript. } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCertChain.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCertChain.java index 87cb7a7c..6c286e81 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCertChain.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCertChain.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.ByteArrayOutputStream; import java.io.IOException; import java.util.Locale; @@ -40,7 +39,6 @@ import com.netscape.cms.servlet.base.UserInfo; import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cmsutil.xml.XMLObject; - public class GetCertChain extends CMSServlet { /** @@ -56,6 +54,7 @@ public class GetCertChain extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -63,11 +62,12 @@ public class GetCertChain extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. * <ul> * <li>http.param op 'downloadBIN' - return the binary certificate chain * <li>http.param op 'displayIND' - display pretty-print of certificate chain components * </ul> + * * @param cmsReq the object holding the request and response information */ protected void process(CMSRequest cmsReq) throws EBaseException { @@ -95,7 +95,7 @@ public class GetCertChain extends CMSServlet { } catch (IOException e) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERROR_ENCODING_CA_CHAIN_1", - e.toString())); + e.toString())); outputError(httpResp, "Error: Failed to encode the certificate chain"); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java index c1010b46..1ff06416 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetConfigEntries.java @@ -59,6 +59,7 @@ public class GetConfigEntries extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -67,11 +68,12 @@ public class GetConfigEntries extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. * <ul> * <li>http.param op 'downloadBIN' - return the binary certificate chain * <li>http.param op 'displayIND' - display pretty-print of certificate chain components * </ul> + * * @param cmsReq the object holding the request and response information */ protected void process(CMSRequest cmsReq) throws EBaseException { @@ -84,12 +86,12 @@ public class GetConfigEntries extends CMSServlet { authToken = authenticate(cmsReq); } catch (Exception e) { CMS.debug("GetConfigEntries authentication failed"); - log(ILogger.LL_FAILURE, + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", - e.toString())); + e.toString())); outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); return; - } + } // Construct an ArgBlock IArgBlock args = cmsReq.getHttpParams(); @@ -104,32 +106,32 @@ public class GetConfigEntries extends CMSServlet { try { xmlObj = new XMLObject(); } catch (Exception e) { - CMS.debug("GetConfigEntries process: Exception: "+e.toString()); - throw new EBaseException( e.toString() ); + CMS.debug("GetConfigEntries process: Exception: " + e.toString()); + throw new EBaseException(e.toString()); } Node root = xmlObj.createRoot("XMLResponse"); AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, + authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, "read"); } catch (EAuthzAccessDenied e) { - log(ILogger.LL_FAILURE, + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); - outputError(httpResp, "Error: Not authorized"); - return; + outputError(httpResp, "Error: Not authorized"); + return; } catch (Exception e) { - log(ILogger.LL_FAILURE, + log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); - outputError(httpResp, + outputError(httpResp, "Error: Encountered problem during authorization."); - return; + return; } if (authzToken == null) { - outputError(httpResp, "Error: Not authorized"); - return; + outputError(httpResp, "Error: Not authorized"); + return; } if (op != null) { @@ -140,9 +142,9 @@ public class GetConfigEntries extends CMSServlet { String name1 = t.nextToken(); IConfigStore cs = config.getSubStore(name1); Enumeration enum1 = cs.getPropertyNames(); - + while (enum1.hasMoreElements()) { - String name = name1+"."+enum1.nextElement(); + String name = name1 + "." + enum1.nextElement(); try { String value = config.getString(name); Node container = xmlObj.createContainer(root, "Config"); @@ -171,10 +173,10 @@ public class GetConfigEntries extends CMSServlet { value = getLDAPPassword(); } else if (name.equals("internaldb.replication.password")) { value = getReplicationPassword(); - } else + } else continue; } - + Node container = xmlObj.createContainer(root, "Config"); xmlObj.addItemToContainer(container, "name", name); xmlObj.addItemToContainer(container, "value", value); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java index 74edda79..2c9cc41f 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetCookie.java @@ -45,7 +45,6 @@ import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.common.CMSTemplateParams; import com.netscape.cms.servlet.common.ECMSGWException; - public class GetCookie extends CMSServlet { /** @@ -58,9 +57,9 @@ public class GetCookie extends CMSServlet { private String mFormPath = null; private final static String LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE = - "LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE_1"; + "LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE_1"; private final static String LOGGING_SIGNED_AUDIT_ROLE_ASSUME = - "LOGGING_SIGNED_AUDIT_ROLE_ASSUME_3"; + "LOGGING_SIGNED_AUDIT_ROLE_ASSUME_3"; public GetCookie() { super(); @@ -68,6 +67,7 @@ public class GetCookie extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -78,12 +78,13 @@ public class GetCookie extends CMSServlet { mRandom = new Random(); mErrorFormPath = sc.getInitParameter("errorTemplatePath"); if (mOutputTemplatePath != null) { - mFormPath = mOutputTemplatePath; + mFormPath = mOutputTemplatePath; } } /** - * Process the HTTP request. + * Process the HTTP request. + * * @param cmsReq the object holding the request and response information */ protected void process(CMSRequest cmsReq) throws EBaseException { @@ -100,14 +101,14 @@ public class GetCookie extends CMSServlet { } IArgBlock header = CMS.createArgBlock(); - IArgBlock ctx = CMS.createArgBlock(); + IArgBlock ctx = CMS.createArgBlock(); CMSTemplateParams argSet = new CMSTemplateParams(header, ctx); CMSTemplate form = null; Locale[] locale = new Locale[1]; String url = httpReq.getParameter("url"); - CMS.debug("GetCookie before auth, url ="+url); + CMS.debug("GetCookie before auth, url =" + url); String url_e = ""; URL u = null; try { @@ -115,13 +116,13 @@ public class GetCookie extends CMSServlet { u = new URL(url_e); } catch (Exception eee) { throw new ECMSGWException( - "GetCookie missing parameter: url"); + "GetCookie missing parameter: url"); } int index2 = url_e.indexOf("subsystem="); String subsystem = ""; if (index2 > 0) { - subsystem = url.substring(index2+10); + subsystem = url.substring(index2 + 10); int index1 = subsystem.indexOf("&"); if (index1 > 0) subsystem = subsystem.substring(0, index1); @@ -131,9 +132,9 @@ public class GetCookie extends CMSServlet { authToken = authenticate(cmsReq); } catch (Exception e) { CMS.debug("GetCookie authentication failed"); - log(ILogger.LL_FAILURE, + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", - e.toString())); + e.toString())); header.addStringValue("sd_uid", ""); header.addStringValue("sd_pwd", ""); header.addStringValue("host", u.getHost()); @@ -149,17 +150,17 @@ public class GetCookie extends CMSServlet { form = getTemplate(mErrorFormPath, httpReq, locale); } catch (IOException eee) { CMS.debug("GetCookie process: cant locate the form"); -/* - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString())); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); -*/ - } + /* + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString())); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + */ + } - if( form == null ) { + if (form == null) { CMS.debug("GetCookie::process() - form is null!"); - throw new EBaseException( "form is null" ); + throw new EBaseException("form is null"); } try { @@ -170,16 +171,16 @@ public class GetCookie extends CMSServlet { form.renderOutput(out, argSet); } catch (IOException ee) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_OUT_STREAM_TEMPLATE", ee.toString())); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + CMS.getLogMessage("CMSGW_ERR_OUT_STREAM_TEMPLATE", ee.toString())); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); } return; - } + } String cookie = ""; String auditMessage = ""; - + if (authToken != null) { String uid = authToken.getInString("uid"); String groupname = getGroupName(uid, subsystem); @@ -195,7 +196,7 @@ public class GetCookie extends CMSServlet { // assign cookie long num = mRandom.nextLong(); - cookie = num+""; + cookie = num + ""; ISecurityDomainSessionTable ctable = CMS.getSecurityDomainSessionTable(); String addr = ""; try { @@ -207,11 +208,11 @@ public class GetCookie extends CMSServlet { ip = InetAddress.getByName(addr).toString(); int index = ip.indexOf("/"); if (index > 0) - ip = ip.substring(index+1); + ip = ip.substring(index + 1); } catch (Exception e) { } - String auditParams = "operation;;issue_token+token;;"+ cookie + "+ip;;" + ip + + String auditParams = "operation;;issue_token+token;;" + cookie + "+ip;;" + ip + "+uid;;" + uid + "+groupname;;" + groupname; int status = ctable.addEntry(cookie, ip, uid, groupname); @@ -232,18 +233,18 @@ public class GetCookie extends CMSServlet { } try { - String sd_url = "https://"+CMS.getEESSLHost()+":"+CMS.getEESSLPort(); + String sd_url = "https://" + CMS.getEESSLHost() + ":" + CMS.getEESSLPort(); if (!url.startsWith("$")) { try { form = getTemplate(mFormPath, httpReq, locale); } catch (IOException e) { CMS.debug("GetCookie process: cant locate the form"); -/* - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString())); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); -*/ + /* + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString())); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + */ } header.addStringValue("url", url); @@ -254,13 +255,13 @@ public class GetCookie extends CMSServlet { ServletOutputStream out = httpResp.getOutputStream(); cmsReq.setStatus(CMSRequest.SUCCESS); - httpResp.setContentType("text/html"); - form.renderOutput(out, argSet); + httpResp.setContentType("text/html"); + form.renderOutput(out, argSet); } catch (IOException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_OUT_STREAM_TEMPLATE", e.toString())); + CMS.getLogMessage("CMSGW_ERR_OUT_STREAM_TEMPLATE", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); } } } catch (Exception e) { @@ -278,25 +279,25 @@ public class GetCookie extends CMSServlet { private String getGroupName(String uid, String subsystemname) { String groupname = ""; - IUGSubsystem subsystem = - (IUGSubsystem)(CMS.getSubsystem(IUGSubsystem.ID)); - if (subsystem.isMemberOf(uid, "Enterprise CA Administrators") && - subsystemname.equals("CA")) { + IUGSubsystem subsystem = + (IUGSubsystem) (CMS.getSubsystem(IUGSubsystem.ID)); + if (subsystem.isMemberOf(uid, "Enterprise CA Administrators") && + subsystemname.equals("CA")) { return "Enterprise CA Administrators"; } else if (subsystem.isMemberOf(uid, "Enterprise KRA Administrators") && - subsystemname.equals("KRA")) { + subsystemname.equals("KRA")) { return "Enterprise KRA Administrators"; } else if (subsystem.isMemberOf(uid, "Enterprise OCSP Administrators") && - subsystemname.equals("OCSP")) { + subsystemname.equals("OCSP")) { return "Enterprise OCSP Administrators"; } else if (subsystem.isMemberOf(uid, "Enterprise TKS Administrators") && - subsystemname.equals("TKS")) { + subsystemname.equals("TKS")) { return "Enterprise TKS Administrators"; } else if (subsystem.isMemberOf(uid, "Enterprise RA Administrators") && - subsystemname.equals("RA")) { + subsystemname.equals("RA")) { return "Enterprise RA Administrators"; } else if (subsystem.isMemberOf(uid, "Enterprise TPS Administrators") && - subsystemname.equals("TPS")) { + subsystemname.equals("TPS")) { return "Enterprise TPS Administrators"; } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetDomainXML.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetDomainXML.java index f9e6c70e..04d88dba 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetDomainXML.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetDomainXML.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.FileInputStream; import java.io.IOException; import java.util.Enumeration; @@ -48,7 +47,6 @@ import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ICMSTemplateFiller; import com.netscape.cmsutil.xml.XMLObject; - public class GetDomainXML extends CMSServlet { /** @@ -64,6 +62,7 @@ public class GetDomainXML extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -73,11 +72,12 @@ public class GetDomainXML extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. * <ul> * <li>http.param op 'downloadBIN' - return the binary certificate chain * <li>http.param op 'displayIND' - display pretty-print of certificate chain components * </ul> + * * @param cmsReq the object holding the request and response information */ protected void process(CMSRequest cmsReq) throws EBaseException { @@ -95,8 +95,7 @@ public class GetDomainXML extends CMSServlet { try { secstore = cs.getString("securitydomain.store"); basedn = cs.getString("internaldb.basedn"); - } - catch (Exception e) { + } catch (Exception e) { CMS.debug("Unable to determine the security domain name or internal basedn. Please run the domaininfo migration script"); } @@ -129,7 +128,7 @@ public class GetDomainXML extends CMSServlet { // this should return CAList, KRAList etc. LDAPSearchResults res = conn.search(dn, LDAPConnection.SCOPE_ONE, filter, - attrs, true, cons); + attrs, true, cons); while (res.hasMoreElements()) { int count = 0; @@ -137,10 +136,10 @@ public class GetDomainXML extends CMSServlet { String listName = dn.substring(3, dn.indexOf(",")); String subType = listName.substring(0, listName.indexOf("List")); Node listNode = xmlObj.createContainer(domainInfo, listName); - + filter = "objectclass=pkiSubsystem"; - LDAPSearchResults res2 = conn.search(dn, LDAPConnection.SCOPE_ONE, filter, - attrs, false, cons); + LDAPSearchResults res2 = conn.search(dn, LDAPConnection.SCOPE_ONE, filter, + attrs, false, cons); while (res2.hasMoreElements()) { Node node = xmlObj.createContainer(listNode, subType); LDAPEntry entry = res2.next(); @@ -149,32 +148,29 @@ public class GetDomainXML extends CMSServlet { while (attrsInSet.hasMoreElements()) { LDAPAttribute nextAttr = (LDAPAttribute) attrsInSet.nextElement(); String attrName = nextAttr.getName(); - if ((! attrName.equals("cn")) && (! attrName.equals("objectClass"))) { + if ((!attrName.equals("cn")) && (!attrName.equals("objectClass"))) { String attrValue = (String) nextAttr.getStringValues().nextElement(); xmlObj.addItemToContainer(node, securityDomainLDAPtoXML(attrName), attrValue); } } - count ++; - } + count++; + } xmlObj.addItemToContainer(listNode, "SubsystemCount", Integer.toString(count)); } // Add new xml object as string to response. response.addItemToContainer(root, "DomainInfo", xmlObj.toXMLString()); - } - catch (Exception e) { + } catch (Exception e) { CMS.debug("GetDomainXML: Failed to read domain.xml from ldap " + e.toString()); status = FAILED; - } - finally { - if ((conn != null) && (connFactory!= null)) { + } finally { + if ((conn != null) && (connFactory != null)) { CMS.debug("Releasing ldap connection"); connFactory.returnConn(conn); } } - } - else { - // get data from file store + } else { + // get data from file store String path = CMS.getConfigStore().getString("instanceRoot", "") + "/conf/domain.xml"; @@ -194,10 +190,9 @@ public class GetDomainXML extends CMSServlet { CMS.debug("GetDomainXML: Done Reading domain.xml..."); response.addItemToContainer(root, "DomainInfo", new String(buf)); - } - catch (Exception e) { - CMS.debug("Failed to read domain.xml from file" + e.toString()); - status = FAILED; + } catch (Exception e) { + CMS.debug("Failed to read domain.xml from file" + e.toString()); + status = FAILED; } } @@ -211,16 +206,19 @@ public class GetDomainXML extends CMSServlet { } protected String securityDomainLDAPtoXML(String attribute) { - if (attribute.equals("host")) return "Host"; - else return attribute; + if (attribute.equals("host")) + return "Host"; + else + return attribute; } - protected void setDefaultTemplates(ServletConfig sc) {} + protected void setDefaultTemplates(ServletConfig sc) { + } protected void renderTemplate( CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler) - throws IOException {// do nothing - } + throws IOException {// do nothing + } protected void renderResult(CMSRequest cmsReq) throws IOException {// do nothing, ie, it will not return the default javascript. } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetStatus.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetStatus.java index 02fe36c1..28279f04 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetStatus.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetStatus.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.util.Locale; @@ -36,7 +35,6 @@ import com.netscape.cms.servlet.base.UserInfo; import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cmsutil.xml.XMLObject; - public class GetStatus extends CMSServlet { /** @@ -52,6 +50,7 @@ public class GetStatus extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -59,18 +58,19 @@ public class GetStatus extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. + * * @param cmsReq the object holding the request and response information */ protected void process(CMSRequest cmsReq) throws EBaseException { HttpServletRequest httpReq = cmsReq.getHttpReq(); HttpServletResponse httpResp = cmsReq.getHttpResp(); - IConfigStore config = CMS.getConfigStore(); + IConfigStore config = CMS.getConfigStore(); String outputString = null; - String state = config.getString("cs.state", ""); - String type = config.getString("cs.type", ""); + String state = config.getString("cs.state", ""); + String type = config.getString("cs.type", ""); try { XMLObject xmlObj = null; diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java index c1bf138e..7beda662 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.util.Locale; @@ -39,7 +38,6 @@ import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cmsutil.crypto.CryptoUtil; import com.netscape.cmsutil.xml.XMLObject; - public class GetSubsystemCert extends CMSServlet { /** @@ -55,6 +53,7 @@ public class GetSubsystemCert extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -62,7 +61,7 @@ public class GetSubsystemCert extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. */ protected void process(CMSRequest cmsReq) throws EBaseException { HttpServletRequest httpReq = cmsReq.getHttpReq(); @@ -76,16 +75,16 @@ public class GetSubsystemCert extends CMSServlet { nickname = cs.getString("ca.subsystem.nickname", ""); String tokenname = cs.getString("ca.subsystem.tokenname", ""); if (!tokenname.equals("internal") && !tokenname.equals("Internal Key Storage Token")) - nickname = tokenname+":"+nickname; + nickname = tokenname + ":" + nickname; } catch (Exception e) { } - CMS.debug("GetSubsystemCert process: nickname="+nickname); + CMS.debug("GetSubsystemCert process: nickname=" + nickname); String s = ""; try { CryptoManager cm = CryptoManager.getInstance(); X509Certificate cert = cm.findCertByNickname(nickname); - + if (cert == null) { CMS.debug("GetSubsystemCert process: subsystem cert is null"); outputError(httpResp, "Error: Failed to get subsystem certificate."); @@ -95,7 +94,7 @@ public class GetSubsystemCert extends CMSServlet { byte[] bytes = cert.getEncoded(); s = CryptoUtil.normalizeCertStr(CryptoUtil.base64Encode(bytes)); } catch (Exception e) { - CMS.debug("GetSubsystemCert process: exception: "+e.toString()); + CMS.debug("GetSubsystemCert process: exception: " + e.toString()); } try { diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetTokenInfo.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetTokenInfo.java index d7af0740..4d11af8a 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetTokenInfo.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetTokenInfo.java @@ -52,6 +52,7 @@ public class GetTokenInfo extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -60,11 +61,12 @@ public class GetTokenInfo extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. * <ul> * <li>http.param op 'downloadBIN' - return the binary certificate chain * <li>http.param op 'displayIND' - display pretty-print of certificate chain components * </ul> + * * @param cmsReq the object holding the request and response information */ protected void process(CMSRequest cmsReq) throws EBaseException { @@ -78,8 +80,8 @@ public class GetTokenInfo extends CMSServlet { try { xmlObj = new XMLObject(); } catch (Exception e) { - CMS.debug("GetTokenInfo process: Exception: "+e.toString()); - throw new EBaseException( e.toString() ); + CMS.debug("GetTokenInfo process: Exception: " + e.toString()); + throw new EBaseException(e.toString()); } Node root = xmlObj.createRoot("XMLResponse"); @@ -97,7 +99,7 @@ public class GetTokenInfo extends CMSServlet { String name = t1.nextToken(); if (name.equals("sslserver")) continue; - name = "cloning."+name+".nickname"; + name = "cloning." + name + ".nickname"; String value = ""; try { @@ -105,7 +107,7 @@ public class GetTokenInfo extends CMSServlet { } catch (Exception ee) { continue; } - + Node container = xmlObj.createContainer(root, "Config"); xmlObj.addItemToContainer(container, "name", name); xmlObj.addItemToContainer(container, "value", value); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java index bc29b34a..ae55d2fb 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetTransportCert.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.security.cert.CertificateEncodingException; import java.util.Locale; @@ -63,6 +62,7 @@ public class GetTransportCert extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -72,7 +72,7 @@ public class GetTransportCert extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. */ protected void process(CMSRequest cmsReq) throws EBaseException { CMS.debug("UpdateUpdater: processing..."); @@ -86,9 +86,9 @@ public class GetTransportCert extends CMSServlet { CMS.debug("GetTransportCert authentication successful."); } catch (Exception e) { CMS.debug("GetTransportCert: authentication failed."); - log(ILogger.LL_FAILURE, + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", - e.toString())); + e.toString())); outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); return; } @@ -101,19 +101,19 @@ public class GetTransportCert extends CMSServlet { AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, - "read"); + authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, + "read"); CMS.debug("GetTransportCert authorization successful."); } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, "Error: Not authorized"); return; } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, - "Error: Encountered problem during authorization."); + "Error: Encountered problem during authorization."); return; } @@ -126,17 +126,17 @@ public class GetTransportCert extends CMSServlet { IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) mAuthority; - ITransportKeyUnit tu = kra.getTransportKeyUnit(); - org.mozilla.jss.crypto.X509Certificate transportCert = + ITransportKeyUnit tu = kra.getTransportKeyUnit(); + org.mozilla.jss.crypto.X509Certificate transportCert = tu.getCertificate(); - String mime64 = ""; + String mime64 = ""; try { mime64 = CMS.BtoA(transportCert.getEncoded()); mime64 = com.netscape.cmsutil.util.Cert.normalizeCertStrAndReq(mime64); - } catch (CertificateEncodingException eee) { + } catch (CertificateEncodingException eee) { CMS.debug("GetTransportCert: Failed to encode certificate"); - } + } // send success status back to the requestor try { @@ -154,12 +154,13 @@ public class GetTransportCert extends CMSServlet { } } - protected void setDefaultTemplates(ServletConfig sc) {} + protected void setDefaultTemplates(ServletConfig sc) { + } protected void renderTemplate( CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler) - throws IOException {// do nothing - } + throws IOException {// do nothing + } protected void renderResult(CMSRequest cmsReq) throws IOException {// do nothing, ie, it will not return the default javascript. } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java index a00b0fb7..9044dec0 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import javax.servlet.ServletConfig; @@ -36,19 +35,20 @@ import com.netscape.cms.servlet.wizard.WizardServlet; public class HierarchyPanel extends WizardPanelBase { - public HierarchyPanel() {} + public HierarchyPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("PKI Hierarchy"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("PKI Hierarchy"); setId(id); @@ -64,8 +64,8 @@ public class HierarchyPanel extends WizardPanelBase { null); if (s != null && s.equals("clone")) { // mark this panel as done - c.putString("preop.hierarchy.select","root"); - c.putString("hierarchy.select","Clone"); + c.putString("preop.hierarchy.select", "root"); + c.putString("hierarchy.select", "Clone"); return true; } } catch (EBaseException e) { @@ -89,15 +89,16 @@ public class HierarchyPanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + /* XXX */ - + return set; } @@ -117,7 +118,7 @@ public class HierarchyPanel extends WizardPanelBase { if (s.equals("root")) { context.put("check_root", "checked"); } else if (s.equals("join")) { - context.put("check_join", "checked"); + context.put("check_join", "checked"); } } catch (Exception e) { CMS.debug(e.toString()); @@ -163,16 +164,17 @@ public class HierarchyPanel extends WizardPanelBase { } if (select.equals("root")) { - config.putString("preop.hierarchy.select", "root"); - config.putString("hierarchy.select", "Root"); + config.putString("preop.hierarchy.select", "root"); + config.putString("hierarchy.select", "Root"); config.putString("preop.ca.type", "sdca"); try { config.commit(false); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } } else if (select.equals("join")) { config.putString(PCERT_PREFIX + "signing.type", "remote"); config.putString("preop.hierarchy.select", "join"); - config.putString("hierarchy.select", "Subordinate"); + config.putString("hierarchy.select", "Subordinate"); } else { config.putString(PCERT_PREFIX + "signing.type", "remote"); CMS.debug("HierarchyPanel: invalid choice " + select); @@ -187,5 +189,6 @@ public class HierarchyPanel extends WizardPanelBase { */ public void displayError(HttpServletRequest request, HttpServletResponse response, - Context context) {} + Context context) { + } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java index d4f93a9b..9a220032 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.BufferedReader; import java.io.FileReader; import java.io.IOException; @@ -47,19 +46,20 @@ import com.netscape.cmsutil.crypto.CryptoUtil; public class ImportAdminCertPanel extends WizardPanelBase { - public ImportAdminCertPanel() {} + public ImportAdminCertPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Import Administrator's Certificate"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Import Administrator's Certificate"); setId(id); @@ -102,11 +102,12 @@ public class ImportAdminCertPanel extends WizardPanelBase { try { type = cs.getString("preop.ca.type", ""); subsystemtype = cs.getString("cs.type", ""); - } catch (Exception e) {} + } catch (Exception e) { + } try { String serialno = cs.getString("preop.admincert.serialno.0"); - + context.put("serialNumber", serialno); } catch (Exception e) { context.put("errorString", "Failed to get serial number."); @@ -135,7 +136,8 @@ public class ImportAdminCertPanel extends WizardPanelBase { // to security domain host. caHost = cs.getString("securitydomain.host", ""); caPort = cs.getString("securitydomain.httpsadminport", ""); - } catch (Exception e) {} + } catch (Exception e) { + } } else if (type.equals("sdca")) { try { // this is a non-CA system that submitted its certs to a CA @@ -143,7 +145,8 @@ public class ImportAdminCertPanel extends WizardPanelBase { // request for the admin cert to this CA caHost = cs.getString("preop.ca.hostname", ""); caPort = cs.getString("preop.ca.httpsadminport", ""); - } catch (Exception e) {} + } catch (Exception e) { + } } } else { // for CAs, we always generate our own admin certs @@ -151,7 +154,8 @@ public class ImportAdminCertPanel extends WizardPanelBase { try { caHost = cs.getString("service.machineName", ""); caPort = cs.getString("pkicreate.admin_secure_port", ""); - } catch (Exception e) {} + } catch (Exception e) { + } } String pkcs7 = ""; @@ -192,12 +196,13 @@ public class ImportAdminCertPanel extends WizardPanelBase { subsystemtype = cs.getString("cs.type", ""); security_domain_type = cs.getString("securitydomain.select", ""); selected_hierarchy = cs.getString("preop.hierarchy.select", ""); - } catch (Exception e) {} + } catch (Exception e) { + } ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem( ICertificateAuthority.ID); - if (ca == null) { + if (ca == null) { context.put("ca", "false"); } else { context.put("ca", "true"); @@ -207,17 +212,17 @@ public class ImportAdminCertPanel extends WizardPanelBase { X509CertImpl certs[] = new X509CertImpl[1]; // REMINDER: This panel is NOT used by "clones" - if( ca != null ) { + if (ca != null) { String serialno = null; - if( selected_hierarchy.equals( "root" ) ) { - CMS.debug( "ImportAdminCertPanel update: " + if (selected_hierarchy.equals("root")) { + CMS.debug("ImportAdminCertPanel update: " + "Root CA subsystem - " - + "(new Security Domain)" ); + + "(new Security Domain)"); } else { - CMS.debug( "ImportAdminCertPanel update: " + CMS.debug("ImportAdminCertPanel update: " + "Subordinate CA subsystem - " - + "(new Security Domain)" ); + + "(new Security Domain)"); } try { @@ -234,35 +239,37 @@ public class ImportAdminCertPanel extends WizardPanelBase { try { certs[0] = repost.getX509Certificate( new BigInteger(serialno, 16)); - } catch (Exception ee) {} + } catch (Exception ee) { + } } else { String dir = null; // REMINDER: This panel is NOT used by "clones" - if( subsystemtype.equals( "CA" ) ) { - if( selected_hierarchy.equals( "root" ) ) { - CMS.debug( "ImportAdminCertPanel update: " + if (subsystemtype.equals("CA")) { + if (selected_hierarchy.equals("root")) { + CMS.debug("ImportAdminCertPanel update: " + "Root CA subsystem - " - + "(existing Security Domain)" ); + + "(existing Security Domain)"); } else { - CMS.debug( "ImportAdminCertPanel update: " + CMS.debug("ImportAdminCertPanel update: " + "Subordinate CA subsystem - " - + "(existing Security Domain)" ); + + "(existing Security Domain)"); } } else { - CMS.debug( "ImportAdminCertPanel update: " + CMS.debug("ImportAdminCertPanel update: " + subsystemtype - + " subsystem" ); + + " subsystem"); } try { - dir = cs.getString("preop.admincert.b64", ""); + dir = cs.getString("preop.admincert.b64", ""); CMS.debug("ImportAdminCertPanel update: dir=" + dir); - } catch (Exception ee) {} + } catch (Exception ee) { + } try { BufferedReader reader = new BufferedReader( - new FileReader(dir)); + new FileReader(dir)); String b64 = ""; StringBuffer sb = new StringBuffer(); @@ -289,7 +296,7 @@ public class ImportAdminCertPanel extends WizardPanelBase { user.setX509Certificates(certs); ug.addUserCert(user); } catch (LDAPException e) { - CMS.debug("ImportAdminCertPanel update: failed to add certificate to the internal database. Exception: "+e.toString()); + CMS.debug("ImportAdminCertPanel update: failed to add certificate to the internal database. Exception: " + e.toString()); if (e.getLDAPResultCode() != LDAPException.ATTRIBUTE_OR_VALUE_EXISTS) { context.put("updateStatus", "failure"); throw new IOException(e.toString()); @@ -312,7 +319,7 @@ public class ImportAdminCertPanel extends WizardPanelBase { public boolean shouldSkip() { try { IConfigStore c = CMS.getConfigStore(); - String s = c.getString("preop.subsystem.select",null); + String s = c.getString("preop.subsystem.select", null); if (s != null && s.equals("clone")) { return true; } @@ -322,7 +329,6 @@ public class ImportAdminCertPanel extends WizardPanelBase { return false; } - /** * If validiate() returns false, this method will be called. */ diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java index 0c2e7fa0..a26b2dc2 100755 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import javax.servlet.ServletConfig; @@ -36,19 +35,20 @@ import com.netscape.cms.servlet.wizard.WizardServlet; public class ImportCAChainPanel extends WizardPanelBase { - public ImportCAChainPanel() {} + public ImportCAChainPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Import CA's Certificate Chain"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Import CA's Certificate Chain"); setId(id); @@ -89,7 +89,7 @@ public class ImportCAChainPanel extends WizardPanelBase { context.put("https_port", cs.getString("pkicreate.ee_secure_port")); context.put("http_port", cs.getString("pkicreate.unsecure_port")); } catch (EBaseException e) { - CMS.debug("ImportCACertChain:display: Exception: " + e.toString()); + CMS.debug("ImportCACertChain:display: Exception: " + e.toString()); context.put("errorString", "Error loading values for Import CA Certificate Panel"); } @@ -119,7 +119,6 @@ public class ImportCAChainPanel extends WizardPanelBase { Context context) throws IOException { IConfigStore cs = CMS.getConfigStore(); - context.put("errorString", ""); context.put("title", "Import CA's Certificate Chain"); context.put("panel", "admin/console/config/importcachainpanel.vm"); @@ -141,6 +140,7 @@ public class ImportCAChainPanel extends WizardPanelBase { context.put("http_port", cs.getString("pkicreate.unsecure_port")); context.put("title", "Import CA's Certificate Chain"); context.put("panel", "admin/console/config/importcachainpanel.vm"); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java index 3f54ec1c..3b8f3b81 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ImportTransportCert.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.util.Locale; @@ -61,6 +60,7 @@ public class ImportTransportCert extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -70,7 +70,7 @@ public class ImportTransportCert extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. */ protected void process(CMSRequest cmsReq) throws EBaseException { CMS.debug("UpdateUpdater: processing..."); @@ -84,9 +84,9 @@ public class ImportTransportCert extends CMSServlet { CMS.debug("ImportTransportCert authentication successful."); } catch (Exception e) { CMS.debug("ImportTransportCert: authentication failed."); - log(ILogger.LL_FAILURE, + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", - e.toString())); + e.toString())); outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); return; } @@ -99,19 +99,19 @@ public class ImportTransportCert extends CMSServlet { AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, - "modify"); + authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, + "modify"); CMS.debug("ImportTransportCert authorization successful."); } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, "Error: Not authorized"); return; } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, - "Error: Encountered problem during authorization."); + "Error: Encountered problem during authorization."); return; } @@ -126,17 +126,17 @@ public class ImportTransportCert extends CMSServlet { String certsString = httpReq.getParameter("certificate"); try { - CryptoManager cm = CryptoManager.getInstance(); - CMS.debug("ImportTransportCert: Importing certificate"); - org.mozilla.jss.crypto.X509Certificate cert = - cm.importCACertPackage(CMS.AtoB(certsString)); - String nickName = cert.getNickname(); - CMS.debug("ImportTransportCert: nickname " + nickName); - cs.putString("tks.drm_transport_cert_nickname", nickName); - CMS.debug("ImportTransportCert: Commiting configuration"); - cs.commit(false); - - // send success status back to the requestor + CryptoManager cm = CryptoManager.getInstance(); + CMS.debug("ImportTransportCert: Importing certificate"); + org.mozilla.jss.crypto.X509Certificate cert = + cm.importCACertPackage(CMS.AtoB(certsString)); + String nickName = cert.getNickname(); + CMS.debug("ImportTransportCert: nickname " + nickName); + cs.putString("tks.drm_transport_cert_nickname", nickName); + CMS.debug("ImportTransportCert: Commiting configuration"); + cs.commit(false); + + // send success status back to the requestor CMS.debug("ImportTransportCert: Sending response"); XMLObject xmlObj = new XMLObject(); Node root = xmlObj.createRoot("XMLResponse"); @@ -150,12 +150,13 @@ public class ImportTransportCert extends CMSServlet { } } - protected void setDefaultTemplates(ServletConfig sc) {} + protected void setDefaultTemplates(ServletConfig sc) { + } protected void renderTemplate( CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler) - throws IOException {// do nothing - } + throws IOException {// do nothing + } protected void renderResult(CMSRequest cmsReq) throws IOException {// do nothing, ie, it will not return the default javascript. } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/LDAPSecurityDomainSessionTable.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/LDAPSecurityDomainSessionTable.java index a421302b..63b9aaf1 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/LDAPSecurityDomainSessionTable.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/LDAPSecurityDomainSessionTable.java @@ -39,8 +39,8 @@ import com.netscape.cmsutil.password.IPasswordStore; * This object stores the values for IP, uid and group based on the cookie id in LDAP. * Entries are stored under ou=Security Domain, ou=sessions, $basedn */ -public class LDAPSecurityDomainSessionTable - implements ISecurityDomainSessionTable { +public class LDAPSecurityDomainSessionTable + implements ISecurityDomainSessionTable { private long m_timeToLive; @@ -48,8 +48,8 @@ public class LDAPSecurityDomainSessionTable m_timeToLive = timeToLive; } - public int addEntry(String sessionId, String ip, - String uid, String group) { + public int addEntry(String sessionId, String ip, + String uid, String group) { IConfigStore cs = CMS.getConfigStore(); LDAPConnection conn = null; boolean sessions_exists = true; @@ -77,14 +77,14 @@ public class LDAPSecurityDomainSessionTable attrs.add(new LDAPAttribute("ou", "sessions")); entry = new LDAPEntry(sessionsdn, attrs); conn.add(entry); - } catch (Exception e) { + } catch (Exception e) { if ((e instanceof LDAPException) && (((LDAPException) e).getLDAPResultCode() == LDAPException.ENTRY_ALREADY_EXISTS)) { // continue } else { CMS.debug("SecurityDomainSessionTable: unable to create ou=sessions:" + e); sessions_exists = false; } - } + } // add new entry try { @@ -106,9 +106,9 @@ public class LDAPSecurityDomainSessionTable CMS.debug("SecurityDomainSessionTable: added session entry" + sessionId); status = SUCCESS; } - } catch(Exception e) { + } catch (Exception e) { CMS.debug("SecurityDomainSessionTable: unable to create session entry" + sessionId + ": " + e); - } + } try { conn.disconnect(); @@ -155,8 +155,9 @@ public class LDAPSecurityDomainSessionTable conn = getLDAPConn(); LDAPSearchResults res = conn.search(sessionsdn, LDAPv2.SCOPE_SUB, filter, attrs, false); - if (res.getCount() > 0) ret = true; - } catch(Exception e) { + if (res.getCount() > 0) + ret = true; + } catch (Exception e) { CMS.debug("SecurityDomainSessionTable: unable to query session " + sessionId + ": " + e); } @@ -168,7 +169,6 @@ public class LDAPSecurityDomainSessionTable return ret; } - public Enumeration<String> getSessionIds() { IConfigStore cs = CMS.getConfigStore(); LDAPConnection conn = null; @@ -188,13 +188,13 @@ public class LDAPSecurityDomainSessionTable } } catch (LDAPException e) { switch (e.getLDAPResultCode()) { - case LDAPException.NO_SUCH_OBJECT: - CMS.debug("SecurityDomainSessionTable: getSessionIds(): no sessions have been created"); - break; - default: - CMS.debug("SecurityDomainSessionTable: unable to query sessionIds due to ldap exception: " + e); + case LDAPException.NO_SUCH_OBJECT: + CMS.debug("SecurityDomainSessionTable: getSessionIds(): no sessions have been created"); + break; + default: + CMS.debug("SecurityDomainSessionTable: unable to query sessionIds due to ldap exception: " + e); } - } catch(Exception e) { + } catch (Exception e) { CMS.debug("SecurityDomainSessionTable: unable to query sessionIds: " + e); } @@ -211,18 +211,18 @@ public class LDAPSecurityDomainSessionTable IConfigStore cs = CMS.getConfigStore(); LDAPConnection conn = null; String ret = null; - try { + try { String basedn = cs.getString("internaldb.basedn"); String sessionsdn = "ou=sessions,ou=Security Domain," + basedn; String filter = "(cn=" + sessionId + ")"; String[] attrs = { attr }; conn = getLDAPConn(); LDAPSearchResults res = conn.search(sessionsdn, LDAPv2.SCOPE_SUB, filter, attrs, false); - if (res.getCount() > 0) { + if (res.getCount() > 0) { LDAPEntry entry = res.next(); ret = entry.getAttribute(attr).getStringValueArray()[0]; } - } catch(Exception e) { + } catch (Exception e) { CMS.debug("SecurityDomainSessionTable: unable to query session " + sessionId + ": " + e); } @@ -261,7 +261,7 @@ public class LDAPSecurityDomainSessionTable public int getSize() { IConfigStore cs = CMS.getConfigStore(); LDAPConnection conn = null; - int ret =0; + int ret = 0; try { String basedn = cs.getString("internaldb.basedn"); @@ -272,7 +272,7 @@ public class LDAPSecurityDomainSessionTable conn = getLDAPConn(); LDAPSearchResults res = conn.search(sessionsdn, LDAPv2.SCOPE_SUB, filter, attrs, false); ret = res.getCount(); - } catch(Exception e) { + } catch (Exception e) { CMS.debug("SecurityDomainSessionTable: unable to query sessionIds: " + e); } @@ -286,8 +286,7 @@ public class LDAPSecurityDomainSessionTable } private LDAPConnection getLDAPConn() - throws IOException - { + throws IOException { IConfigStore cs = CMS.getConfigStore(); String host = ""; @@ -303,8 +302,8 @@ public class LDAPSecurityDomainSessionTable pwd = pwdStore.getPassword("internaldb"); } - if ( pwd == null) { - throw new IOException("SecurityDomainSessionTable: Failed to obtain password from password store"); + if (pwd == null) { + throw new IOException("SecurityDomainSessionTable: Failed to obtain password from password store"); } try { @@ -329,11 +328,11 @@ public class LDAPSecurityDomainSessionTable LDAPConnection conn = null; if (security.equals("true")) { - //CMS.debug("SecurityDomainSessionTable getLDAPConn: creating secure (SSL) connection for internal ldap"); - conn = new LDAPConnection(CMS.getLdapJssSSLSocketFactory()); + //CMS.debug("SecurityDomainSessionTable getLDAPConn: creating secure (SSL) connection for internal ldap"); + conn = new LDAPConnection(CMS.getLdapJssSSLSocketFactory()); } else { - //CMS.debug("SecurityDomainSessionTable getLDAPConn: creating non-secure (non-SSL) connection for internal ldap"); - conn = new LDAPConnection(); + //CMS.debug("SecurityDomainSessionTable getLDAPConn: creating non-secure (non-SSL) connection for internal ldap"); + conn = new LDAPConnection(); } //CMS.debug("SecurityDomainSessionTable connecting to " + host + ":" + p); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/LoginServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/LoginServlet.java index e7fdbe3f..713cb170 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/LoginServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/LoginServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -27,7 +26,6 @@ import org.apache.velocity.context.Context; import com.netscape.certsrv.apps.CMS; - public class LoginServlet extends BaseServlet { /** @@ -52,7 +50,7 @@ public class LoginServlet extends BaseServlet { if (pin == null) { context.put("error", ""); } else { - String cspin = CMS.getConfigStore().getString("preop.pin"); + String cspin = CMS.getConfigStore().getString("preop.pin"); if (cspin != null && cspin.equals(pin)) { // create session @@ -62,7 +60,7 @@ public class LoginServlet extends BaseServlet { return null; } else { context.put("error", "Login Failed"); - } + } } template = Velocity.getTemplate("admin/console/config/login.vm"); } catch (Exception e) { diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/MainPageServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/MainPageServlet.java index a91ca979..760faed4 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/MainPageServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/MainPageServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.util.Locale; @@ -43,7 +42,7 @@ public class MainPageServlet extends CMSServlet { * */ private static final long serialVersionUID = 2425301522251239666L; - private static final String PROP_AUTHORITY_ID="authorityId"; + private static final String PROP_AUTHORITY_ID = "authorityId"; private String mAuthorityId = null; private String mFormPath = null; @@ -75,12 +74,12 @@ public class MainPageServlet extends CMSServlet { form = getTemplate(mFormPath, request, locale); } catch (IOException e) { CMS.debug("MainPageServlet process: cant locate the form"); -/* - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString())); - throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); -*/ + /* + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSGW_ERR_GET_TEMPLATE", e.toString())); + throw new ECMSGWException( + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + */ } process(argSet, header, ctx, request, response); @@ -90,21 +89,21 @@ public class MainPageServlet extends CMSServlet { ServletOutputStream out = response.getOutputStream(); cmsReq.setStatus(CMSRequest.SUCCESS); - response.setContentType("text/html"); - form.renderOutput(out, argSet); + response.setContentType("text/html"); + form.renderOutput(out, argSet); } catch (IOException e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSGW_ERR_OUT_STREAM_TEMPLATE", e.toString())); + CMS.getLogMessage("CMSGW_ERR_OUT_STREAM_TEMPLATE", e.toString())); throw new ECMSGWException( - CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); + CMS.getUserMessage("CMS_GW_DISPLAY_TEMPLATE_ERROR")); } } private void process(CMSTemplateParams argSet, IArgBlock header, - IArgBlock ctx, HttpServletRequest req, HttpServletResponse resp) - throws EBaseException { + IArgBlock ctx, HttpServletRequest req, HttpServletResponse resp) + throws EBaseException { - int num = 0; + int num = 0; IArgBlock rarg = null; IConfigStore cs = CMS.getConfigStore(); int state = 0; @@ -125,8 +124,8 @@ public class MainPageServlet extends CMSServlet { rarg = CMS.createArgBlock(); rarg.addStringValue("type", "admin"); rarg.addStringValue("prefix", "http"); - rarg.addIntegerValue("port", - Integer.valueOf(CMS.getEENonSSLPort()).intValue()); + rarg.addIntegerValue("port", + Integer.valueOf(CMS.getEENonSSLPort()).intValue()); rarg.addStringValue("host", host); rarg.addStringValue("uri", adminInterface); argSet.addRepeatRecord(rarg); @@ -136,8 +135,8 @@ public class MainPageServlet extends CMSServlet { rarg = CMS.createArgBlock(); rarg.addStringValue("type", "ee"); rarg.addStringValue("prefix", "https"); - rarg.addIntegerValue("port", - Integer.valueOf(CMS.getEESSLPort()).intValue()); + rarg.addIntegerValue("port", + Integer.valueOf(CMS.getEESSLPort()).intValue()); rarg.addStringValue("host", host); rarg.addStringValue("uri", eeInterface); argSet.addRepeatRecord(rarg); @@ -147,8 +146,8 @@ public class MainPageServlet extends CMSServlet { rarg = CMS.createArgBlock(); rarg.addStringValue("type", "agent"); rarg.addStringValue("prefix", "https"); - rarg.addIntegerValue("port", - Integer.valueOf(CMS.getAgentPort()).intValue()); + rarg.addIntegerValue("port", + Integer.valueOf(CMS.getAgentPort()).intValue()); rarg.addStringValue("host", host); rarg.addStringValue("uri", agentInterface); argSet.addRepeatRecord(rarg); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ModulePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ModulePanel.java index 38185a33..f33b1023 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ModulePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ModulePanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.util.Enumeration; import java.util.Hashtable; @@ -50,19 +49,21 @@ public class ModulePanel extends WizardPanelBase { private Vector mOtherModules = null; private Hashtable mCurrModTable = new Hashtable(); private WizardServlet mServlet = null; - public ModulePanel() {} + + public ModulePanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Key Store"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Key Store"); setId(id); @@ -71,7 +72,7 @@ public class ModulePanel extends WizardPanelBase { public void cleanUp() throws IOException { IConfigStore cs = CMS.getConfigStore(); - cs.putBoolean("preop.ModulePanel.done",false); + cs.putBoolean("preop.ModulePanel.done", false); } public void loadCurrModTable() { @@ -142,14 +143,14 @@ public class ModulePanel extends WizardPanelBase { CMS.debug("ModulePanel: token logged in?" + token.isLoggedIn()); CMS.debug("ModulePanel: token is present?" + token.isPresent()); if (!token.getName().equals("Internal Crypto Services Token") && - !token.getName().equals("NSS Generic Crypto Services")) { + !token.getName().equals("NSS Generic Crypto Services")) { module.addToken(token); } else { CMS.debug( "ModulePanel: token " + token.getName() - + " not to be added"); + + " not to be added"); } - + } catch (TokenException ex) { CMS.debug("ModulePanel:" + ex.toString()); } @@ -181,11 +182,11 @@ public class ModulePanel extends WizardPanelBase { if ((cn == null) || (cn.equals(""))) { break; } - + CMS.debug("ModulePanel: got from config module: " + cn); // create a Module object Module module = new Module(cn, pn, img); - + if (mCurrModTable.containsKey(cn)) { CMS.debug("ModulePanel: module found: " + cn); module.setFound(true); @@ -194,7 +195,7 @@ public class ModulePanel extends WizardPanelBase { loadModTokens(module, m); } - + CMS.debug("ModulePanel: adding module " + cn); // add module to set if (!mSupportedModules.contains(module)) { @@ -214,13 +215,13 @@ public class ModulePanel extends WizardPanelBase { // it a token choice. Available tokens are discovered dynamically so // can't be a real CHOICE PropertySet set = new PropertySet(); - + Descriptor tokenDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ null, /* default parameter */ "module token selection"); set.add("choice", tokenDesc); - + return set; } @@ -235,7 +236,8 @@ public class ModulePanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } @@ -272,8 +274,8 @@ public class ModulePanel extends WizardPanelBase { context.put("oms", mOtherModules); context.put("sms", mSupportedModules); // context.put("status_token", "None"); - String subpanelno = String.valueOf(getPanelNo()+1); - CMS.debug("ModulePanel subpanelno =" +subpanelno); + String subpanelno = String.valueOf(getPanelNo() + 1); + CMS.debug("ModulePanel subpanelno =" + subpanelno); context.put("subpanelno", subpanelno); context.put("panel", "admin/console/config/modulepanel.vm"); } @@ -292,7 +294,7 @@ public class ModulePanel extends WizardPanelBase { public void update(HttpServletRequest request, HttpServletResponse response, Context context) throws IOException { - boolean hasErr = false; + boolean hasErr = false; try { // get the value of the choice @@ -306,13 +308,13 @@ public class ModulePanel extends WizardPanelBase { IConfigStore config = CMS.getConfigStore(); String oldtokenname = config.getString("preop.module.token", ""); - if (!oldtokenname.equals(select)) + if (!oldtokenname.equals(select)) mServlet.cleanUpFromPanel(mServlet.getPanelNo(request)); - if (hasErr == false) { - config.putString("preop.module.token", select); - config.putBoolean("preop.ModulePanel.done", true); - } + if (hasErr == false) { + config.putString("preop.module.token", select); + config.putBoolean("preop.ModulePanel.done", true); + } config.commit(false); context.put("updateStatus", "success"); } catch (Exception e) { diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ModuleServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ModuleServlet.java index a0a627ee..1c67654b 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/ModuleServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/ModuleServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -27,7 +26,6 @@ import org.apache.velocity.context.Context; import com.netscape.certsrv.apps.CMS; - public class ModuleServlet extends BaseServlet { /** @@ -38,10 +36,10 @@ public class ModuleServlet extends BaseServlet { /** * Collect information on where keys are to be generated. * Once collected, write to CS.cfg: - * "preop.module=soft" - * or - * "preop.module=hard" - * + * "preop.module=soft" + * or + * "preop.module=hard" + * * <ul> * <li>http.param selection "soft" or "hard" for software token or hardware token * </ul> @@ -76,7 +74,7 @@ public class ModuleServlet extends BaseServlet { CMS.debug("ModuleServlet: illegal selection: " + selection); context.put("error", "failed selection"); } - + } else { CMS.debug("ModuleServlet: no selection"); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java index ec3686e9..1a1fccdf 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/NamePanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.File; import java.io.FileOutputStream; import java.io.IOException; @@ -54,19 +53,20 @@ public class NamePanel extends WizardPanelBase { private Vector mCerts = null; private WizardServlet mServlet = null; - public NamePanel() {} + public NamePanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Subject Names"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Subject Names"); setId(id); @@ -80,25 +80,25 @@ public class NamePanel extends WizardPanelBase { PropertySet set = new PropertySet(); Descriptor caDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ + null, /* no default parameter */ "CA Signing Certificate's DN"); set.add("caDN", caDN); Descriptor sslDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ + null, /* no default parameter */ "SSL Server Certificate's DN"); set.add("sslDN", sslDN); Descriptor subsystemDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ + null, /* no default parameter */ "CA Subsystem Certificate's DN"); set.add("subsystemDN", subsystemDN); Descriptor ocspDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ + null, /* no default parameter */ "OCSP Signing Certificate's DN"); set.add("ocspDN", ocspDN); @@ -124,7 +124,7 @@ public class NamePanel extends WizardPanelBase { StringTokenizer st = new StringTokenizer(list, ","); while (st.hasMoreTokens()) { String t = st.nextToken(); - cs.remove("preop.cert."+t+".done"); + cs.remove("preop.cert." + t + ".done"); } try { @@ -142,7 +142,8 @@ public class NamePanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } @@ -185,10 +186,10 @@ public class NamePanel extends WizardPanelBase { cstype = config.getString("cs.type", ""); context.put("select", select); if (cstype.equals("CA") && hselect.equals("root")) { - CMS.debug("NamePanel ca is root"); + CMS.debug("NamePanel ca is root"); context.put("isRoot", "true"); } else { - CMS.debug("NamePanel not ca or not root"); + CMS.debug("NamePanel not ca or not root"); context.put("isRoot", "false"); } } catch (Exception e) { @@ -227,27 +228,27 @@ public class NamePanel extends WizardPanelBase { String type = config.getString(PCERT_PREFIX + certTag + ".type"); c.setType(type); - boolean enable = config.getBoolean(PCERT_PREFIX+certTag+".enable", true); + boolean enable = config.getBoolean(PCERT_PREFIX + certTag + ".enable", true); c.setEnable(enable); - String cert = config.getString(subsystem +"."+certTag +".cert", ""); - String certreq = - config.getString(subsystem + "." +certTag +".certreq", ""); + String cert = config.getString(subsystem + "." + certTag + ".cert", ""); + String certreq = + config.getString(subsystem + "." + certTag + ".certreq", ""); String dn = config.getString(PCERT_PREFIX + certTag + ".dn"); - boolean override = config.getBoolean(PCERT_PREFIX + certTag + - ".cncomponent.override", true); - //o_sd is to add o=secritydomainname + boolean override = config.getBoolean(PCERT_PREFIX + certTag + + ".cncomponent.override", true); + //o_sd is to add o=secritydomainname boolean o_sd = config.getBoolean(PCERT_PREFIX + certTag + - "o_securitydomain", true); - domainname = config.getString("securitydomain.name", ""); - CMS.debug("NamePanel: display() override is "+override); - CMS.debug("NamePanel: display() o_securitydomain is "+o_sd); - CMS.debug("NamePanel: display() domainname is "+domainname); + "o_securitydomain", true); + domainname = config.getString("securitydomain.name", ""); + CMS.debug("NamePanel: display() override is " + override); + CMS.debug("NamePanel: display() o_securitydomain is " + o_sd); + CMS.debug("NamePanel: display() domainname is " + domainname); boolean dnUpdated = false; try { - dnUpdated = config.getBoolean(PCERT_PREFIX+certTag+".updatedDN"); + dnUpdated = config.getBoolean(PCERT_PREFIX + certTag + ".updatedDN"); } catch (Exception e) { } @@ -259,16 +260,16 @@ public class NamePanel extends WizardPanelBase { if (select.equals("clone") || dnUpdated) { c.setDN(dn); } else if (count != 0 && override && (cert.equals("") || certreq.equals(""))) { - CMS.debug("NamePanel subsystemCount = "+count); - c.setDN(dn + " "+count+ - ((!instanceId.equals(""))? (",OU=" + instanceId):"") + - ((o_sd)? (",O=" + domainname):"")); - config.putBoolean(PCERT_PREFIX+certTag+".updatedDN", true); + CMS.debug("NamePanel subsystemCount = " + count); + c.setDN(dn + " " + count + + ((!instanceId.equals("")) ? (",OU=" + instanceId) : "") + + ((o_sd) ? (",O=" + domainname) : "")); + config.putBoolean(PCERT_PREFIX + certTag + ".updatedDN", true); } else { - c.setDN(dn + - ((!instanceId.equals(""))? (",OU=" + instanceId):"") + - ((o_sd)? (",O=" + domainname):"")); - config.putBoolean(PCERT_PREFIX+certTag+".updatedDN", true); + c.setDN(dn + + ((!instanceId.equals("")) ? (",OU=" + instanceId) : "") + + ((o_sd) ? (",O=" + domainname) : "")); + config.putBoolean(PCERT_PREFIX + certTag + ".updatedDN", true); } } @@ -302,7 +303,8 @@ public class NamePanel extends WizardPanelBase { try { config.putString("preop.ca.list", list.toString()); config.commit(false); - } catch (Exception e) {} + } catch (Exception e) { + } context.put("urls", v); @@ -338,20 +340,20 @@ public class NamePanel extends WizardPanelBase { * update some parameters for clones */ public void updateCloneConfig(IConfigStore config) - throws EBaseException, IOException { + throws EBaseException, IOException { String cstype = config.getString("cs.type", null); cstype = toLowerCaseSubsystemType(cstype); if (cstype.equals("kra")) { String token = config.getString(PRE_CONF_CA_TOKEN); if (!token.equals("Internal Key Storage Token")) { - CMS.debug("NamePanel: updating configuration for KRA clone with hardware token"); + CMS.debug("NamePanel: updating configuration for KRA clone with hardware token"); String subsystem = config.getString(PCERT_PREFIX + "storage.subsystem"); String storageNickname = getNickname(config, "storage"); String transportNickname = getNickname(config, "transport"); config.putString(subsystem + ".storageUnit.hardware", token); - config.putString(subsystem + ".storageUnit.nickName", token+":"+storageNickname); - config.putString(subsystem + ".transportUnit.nickName", token+":"+transportNickname); + config.putString(subsystem + ".storageUnit.nickName", token + ":" + storageNickname); + config.putString(subsystem + ".transportUnit.nickName", token + ":" + transportNickname); config.commit(false); } else { // software token // parameters already set @@ -361,12 +363,12 @@ public class NamePanel extends WizardPanelBase { // audit signing cert String audit_nn = config.getString(cstype + ".audit_signing" + ".nickname", ""); String audit_tk = config.getString(cstype + ".audit_signing" + ".tokenname", ""); - if (!audit_tk.equals("Internal Key Storage Token") && !audit_tk.equals("")) { + if (!audit_tk.equals("Internal Key Storage Token") && !audit_tk.equals("")) { config.putString("log.instance.SignedAudit.signedAuditCertNickname", - audit_tk + ":" + audit_nn); + audit_tk + ":" + audit_nn); } else { config.putString("log.instance.SignedAudit.signedAuditCertNickname", - audit_nn); + audit_nn); } } @@ -374,7 +376,7 @@ public class NamePanel extends WizardPanelBase { * get some of the "preop" parameters to persisting parameters */ public void updateConfig(IConfigStore config, String certTag) - throws EBaseException, IOException { + throws EBaseException, IOException { String token = config.getString(PRE_CONF_CA_TOKEN); String subsystem = config.getString(PCERT_PREFIX + certTag + ".subsystem"); CMS.debug("NamePanel: subsystem " + subsystem); @@ -393,30 +395,30 @@ public class NamePanel extends WizardPanelBase { String cstype = config.getString("cs.type", null); cstype = toLowerCaseSubsystemType(cstype); if (cstype.equals("kra")) { - if (!token.equals("Internal Key Storage Token")) { - if (certTag.equals("storage")) { - config.putString(subsystem + ".storageUnit.hardware", token); - config.putString(subsystem + ".storageUnit.nickName", token+":"+nickname); - } else if (certTag.equals("transport")) { - config.putString(subsystem + ".transportUnit.nickName", token+":"+nickname); - } - } else { // software token - if (certTag.equals("storage")) { - config.putString(subsystem + ".storageUnit.nickName", nickname); - } else if (certTag.equals("transport")) { - config.putString(subsystem + ".transportUnit.nickName", nickname); - } - } + if (!token.equals("Internal Key Storage Token")) { + if (certTag.equals("storage")) { + config.putString(subsystem + ".storageUnit.hardware", token); + config.putString(subsystem + ".storageUnit.nickName", token + ":" + nickname); + } else if (certTag.equals("transport")) { + config.putString(subsystem + ".transportUnit.nickName", token + ":" + nickname); + } + } else { // software token + if (certTag.equals("storage")) { + config.putString(subsystem + ".storageUnit.nickName", nickname); + } else if (certTag.equals("transport")) { + config.putString(subsystem + ".transportUnit.nickName", nickname); + } + } } String serverCertNickname = nickname; String path = CMS.getConfigStore().getString("instanceRoot", ""); if (certTag.equals("sslserver")) { - if (!token.equals("Internal Key Storage Token")) { - serverCertNickname = token+":"+nickname; + if (!token.equals("Internal Key Storage Token")) { + serverCertNickname = token + ":" + nickname; } - File file = new File(path+"/conf/serverCertNick.conf"); - PrintStream ps = new PrintStream(new FileOutputStream(path+"/conf/serverCertNick.conf")); + File file = new File(path + "/conf/serverCertNick.conf"); + PrintStream ps = new PrintStream(new FileOutputStream(path + "/conf/serverCertNick.conf")); ps.println(serverCertNickname); ps.close(); } @@ -424,13 +426,13 @@ public class NamePanel extends WizardPanelBase { config.putString(subsystem + "." + certTag + ".nickname", nickname); config.putString(subsystem + "." + certTag + ".tokenname", token); if (certTag.equals("audit_signing")) { - if (!token.equals("Internal Key Storage Token") && !token.equals("")) { - config.putString("log.instance.SignedAudit.signedAuditCertNickname", - token + ":" + nickname); - } else { - config.putString("log.instance.SignedAudit.signedAuditCertNickname", - nickname); - } + if (!token.equals("Internal Key Storage Token") && !token.equals("")) { + config.putString("log.instance.SignedAudit.signedAuditCertNickname", + token + ":" + nickname); + } else { + config.putString("log.instance.SignedAudit.signedAuditCertNickname", + nickname); + } } /* config.putString(CERT_PREFIX + certTag + ".defaultSigningAlgorithm", @@ -438,9 +440,9 @@ public class NamePanel extends WizardPanelBase { */ // for system certs verification - if (!token.equals("Internal Key Storage Token") && !token.equals("")) { + if (!token.equals("Internal Key Storage Token") && !token.equals("")) { config.putString(subsystem + ".cert." + certTag + ".nickname", - token + ":" + nickname); + token + ":" + nickname); } else { config.putString(subsystem + ".cert." + certTag + ".nickname", nickname); } @@ -459,7 +461,7 @@ public class NamePanel extends WizardPanelBase { IConfigStore config = CMS.getConfigStore(); String caType = certObj.getType(); - CMS.debug("NamePanel: in configCert caType is "+ caType); + CMS.debug("NamePanel: in configCert caType is " + caType); X509CertImpl cert = null; String certTag = certObj.getCertTag(); @@ -469,13 +471,13 @@ public class NamePanel extends WizardPanelBase { String v = config.getString("preop.ca.type", ""); CMS.debug("NamePanel configCert: remote CA"); - String pkcs10 = CertUtil.getPKCS10(config, PCERT_PREFIX, - certObj, context); + String pkcs10 = CertUtil.getPKCS10(config, PCERT_PREFIX, + certObj, context); certObj.setRequest(pkcs10); String subsystem = config.getString( PCERT_PREFIX + certTag + ".subsystem"); config.putString(subsystem + "." + certTag + ".certreq", pkcs10); - String profileId = config.getString(PCERT_PREFIX+certTag+".profile"); + String profileId = config.getString(PCERT_PREFIX + certTag + ".profile"); String session_id = CMS.getConfigSDSessionId(); String sd_hostname = ""; int sd_ee_port = -1; @@ -483,15 +485,15 @@ public class NamePanel extends WizardPanelBase { sd_hostname = config.getString("securitydomain.host", ""); sd_ee_port = config.getInteger("securitydomain.httpseeport", -1); } catch (Exception ee) { - CMS.debug("NamePanel: configCert() exception caught:"+ee.toString()); + CMS.debug("NamePanel: configCert() exception caught:" + ee.toString()); } String sysType = config.getString("cs.type", ""); String machineName = config.getString("machineName", ""); String securePort = config.getString("service.securePort", ""); if (certTag.equals("subsystem")) { - String content = "requestor_name=" + sysType + "-" + machineName + "-" + securePort + "&profileId="+profileId+"&cert_request_type=pkcs10&cert_request="+URLEncoder.encode(pkcs10, "UTF-8")+"&xmlOutput=true&sessionID="+session_id; - cert = CertUtil.createRemoteCert(sd_hostname, sd_ee_port, - content, response, this); + String content = "requestor_name=" + sysType + "-" + machineName + "-" + securePort + "&profileId=" + profileId + "&cert_request_type=pkcs10&cert_request=" + URLEncoder.encode(pkcs10, "UTF-8") + "&xmlOutput=true&sessionID=" + session_id; + cert = CertUtil.createRemoteCert(sd_hostname, sd_ee_port, + content, response, this); if (cert == null) { throw new IOException("Error: remote certificate is null"); } @@ -504,18 +506,18 @@ public class NamePanel extends WizardPanelBase { } catch (Exception ee) { } - String content = "requestor_name=" + sysType + "-" + machineName + "-" + securePort + "&profileId="+profileId+"&cert_request_type=pkcs10&cert_request="+URLEncoder.encode(pkcs10, "UTF-8")+"&xmlOutput=true&sessionID="+session_id; - cert = CertUtil.createRemoteCert(ca_hostname, ca_port, - content, response, this); + String content = "requestor_name=" + sysType + "-" + machineName + "-" + securePort + "&profileId=" + profileId + "&cert_request_type=pkcs10&cert_request=" + URLEncoder.encode(pkcs10, "UTF-8") + "&xmlOutput=true&sessionID=" + session_id; + cert = CertUtil.createRemoteCert(ca_hostname, ca_port, + content, response, this); if (cert == null) { throw new IOException("Error: remote certificate is null"); } } else if (v.equals("otherca")) { config.putString(subsystem + "." + certTag + ".cert", "...paste certificate here..."); - } else { + } else { CMS.debug("NamePanel: no preop.ca.type is provided"); - } + } } else { // not remote CA, ie, self-signed or local ISubsystem ca = CMS.getSubsystem(ICertificateAuthority.ID); @@ -524,76 +526,76 @@ public class NamePanel extends WizardPanelBase { CMS.debug( "The value for " + s - + " should be remote, nothing else."); + + " should be remote, nothing else."); throw new IOException( "The value for " + s + " should be remote"); - } - + } + String pubKeyType = config.getString( PCERT_PREFIX + certTag + ".keytype"); if (pubKeyType.equals("rsa")) { - String pubKeyModulus = config.getString( - PCERT_PREFIX + certTag + ".pubkey.modulus"); - String pubKeyPublicExponent = config.getString( - PCERT_PREFIX + certTag + ".pubkey.exponent"); - String subsystem = config.getString( - PCERT_PREFIX + certTag + ".subsystem"); + String pubKeyModulus = config.getString( + PCERT_PREFIX + certTag + ".pubkey.modulus"); + String pubKeyPublicExponent = config.getString( + PCERT_PREFIX + certTag + ".pubkey.exponent"); + String subsystem = config.getString( + PCERT_PREFIX + certTag + ".subsystem"); - if (certTag.equals("signing")) { - X509Key x509key = CryptoUtil.getPublicX509Key( - CryptoUtil.string2byte(pubKeyModulus), - CryptoUtil.string2byte(pubKeyPublicExponent)); - - cert = CertUtil.createLocalCert(config, x509key, - PCERT_PREFIX, certTag, caType, context); - } else { - String cacert = config.getString("ca.signing.cert", ""); - - if (cacert.equals("") || cacert.startsWith("...")) { - certObj.setCert( - "...certificate be generated internally..."); - config.putString(subsystem + "." + certTag + ".cert", - "...certificate be generated internally..."); - } else { + if (certTag.equals("signing")) { X509Key x509key = CryptoUtil.getPublicX509Key( CryptoUtil.string2byte(pubKeyModulus), CryptoUtil.string2byte(pubKeyPublicExponent)); cert = CertUtil.createLocalCert(config, x509key, PCERT_PREFIX, certTag, caType, context); + } else { + String cacert = config.getString("ca.signing.cert", ""); + + if (cacert.equals("") || cacert.startsWith("...")) { + certObj.setCert( + "...certificate be generated internally..."); + config.putString(subsystem + "." + certTag + ".cert", + "...certificate be generated internally..."); + } else { + X509Key x509key = CryptoUtil.getPublicX509Key( + CryptoUtil.string2byte(pubKeyModulus), + CryptoUtil.string2byte(pubKeyPublicExponent)); + + cert = CertUtil.createLocalCert(config, x509key, + PCERT_PREFIX, certTag, caType, context); + } } - } } else if (pubKeyType.equals("ecc")) { - String pubKeyEncoded = config.getString( - PCERT_PREFIX + certTag + ".pubkey.encoded"); - String subsystem = config.getString( - PCERT_PREFIX + certTag + ".subsystem"); - - if (certTag.equals("signing")) { + String pubKeyEncoded = config.getString( + PCERT_PREFIX + certTag + ".pubkey.encoded"); + String subsystem = config.getString( + PCERT_PREFIX + certTag + ".subsystem"); - X509Key x509key = CryptoUtil.getPublicX509ECCKey(CryptoUtil.string2byte(pubKeyEncoded)); - cert = CertUtil.createLocalCert(config, x509key, - PCERT_PREFIX, certTag, caType, context); - } else { - String cacert = config.getString("ca.signing.cert", ""); - - if (cacert.equals("") || cacert.startsWith("...")) { - certObj.setCert( - "...certificate be generated internally..."); - config.putString(subsystem + "." + certTag + ".cert", - "...certificate be generated internally..."); - } else { - X509Key x509key = CryptoUtil.getPublicX509ECCKey( - CryptoUtil.string2byte(pubKeyEncoded)); + if (certTag.equals("signing")) { + X509Key x509key = CryptoUtil.getPublicX509ECCKey(CryptoUtil.string2byte(pubKeyEncoded)); cert = CertUtil.createLocalCert(config, x509key, PCERT_PREFIX, certTag, caType, context); + } else { + String cacert = config.getString("ca.signing.cert", ""); + + if (cacert.equals("") || cacert.startsWith("...")) { + certObj.setCert( + "...certificate be generated internally..."); + config.putString(subsystem + "." + certTag + ".cert", + "...certificate be generated internally..."); + } else { + X509Key x509key = CryptoUtil.getPublicX509ECCKey( + CryptoUtil.string2byte(pubKeyEncoded)); + + cert = CertUtil.createLocalCert(config, x509key, + PCERT_PREFIX, certTag, caType, context); + } } - } } else { - // invalid key type - CMS.debug("Invalid key type " + pubKeyType); + // invalid key type + CMS.debug("Invalid key type " + pubKeyType); } if (cert != null) { if (certTag.equals("subsystem")) @@ -605,7 +607,7 @@ public class NamePanel extends WizardPanelBase { byte[] certb = cert.getEncoded(); String certs = CryptoUtil.base64Encode(certb); - // certObj.setCert(certs); + // certObj.setCert(certs); String subsystem = config.getString( PCERT_PREFIX + certTag + ".subsystem"); config.putString(subsystem + "." + certTag + ".cert", certs); @@ -617,58 +619,57 @@ public class NamePanel extends WizardPanelBase { CMS.debug("NamePanel configCert() exception caught:" + e.toString()); } } - + public void configCertWithTag(HttpServletRequest request, HttpServletResponse response, - Context context, String tag) throws IOException - { - CMS.debug("NamePanel: configCertWithTag start"); - Enumeration c = mCerts.elements(); - IConfigStore config = CMS.getConfigStore(); - - while (c.hasMoreElements()) { - Cert cert = (Cert) c.nextElement(); - String ct = cert.getCertTag(); - CMS.debug("NamePanel: configCertWithTag ct=" + ct + - " tag=" +tag); - if (ct.equals(tag)) { - try { - String nickname = HttpInput.getNickname(request, ct + "_nick"); - if (nickname != null) { - CMS.debug("configCertWithTag: Setting nickname for " + ct + " to " + nickname); - config.putString(PCERT_PREFIX + ct + ".nickname", nickname); - cert.setNickname(nickname); - config.commit(false); - } - String dn = HttpInput.getDN(request, ct); - if (dn != null) { - config.putString(PCERT_PREFIX + ct + ".dn", dn); - config.commit(false); - } - } catch (Exception e) { - CMS.debug("NamePanel: configCertWithTag: Exception in setting nickname for " + ct + ": " + e.toString()); - } + Context context, String tag) throws IOException { + CMS.debug("NamePanel: configCertWithTag start"); + Enumeration c = mCerts.elements(); + IConfigStore config = CMS.getConfigStore(); - configCert(request, response, context, cert); - CMS.debug("NamePanel: configCertWithTag done with tag=" + tag); - return; + while (c.hasMoreElements()) { + Cert cert = (Cert) c.nextElement(); + String ct = cert.getCertTag(); + CMS.debug("NamePanel: configCertWithTag ct=" + ct + + " tag=" + tag); + if (ct.equals(tag)) { + try { + String nickname = HttpInput.getNickname(request, ct + "_nick"); + if (nickname != null) { + CMS.debug("configCertWithTag: Setting nickname for " + ct + " to " + nickname); + config.putString(PCERT_PREFIX + ct + ".nickname", nickname); + cert.setNickname(nickname); + config.commit(false); + } + String dn = HttpInput.getDN(request, ct); + if (dn != null) { + config.putString(PCERT_PREFIX + ct + ".dn", dn); + config.commit(false); + } + } catch (Exception e) { + CMS.debug("NamePanel: configCertWithTag: Exception in setting nickname for " + ct + ": " + e.toString()); } - } - CMS.debug("NamePanel: configCertWithTag done"); + + configCert(request, response, context, cert); + CMS.debug("NamePanel: configCertWithTag done with tag=" + tag); + return; + } + } + CMS.debug("NamePanel: configCertWithTag done"); } private boolean inputChanged(HttpServletRequest request) - throws IOException { - IConfigStore config = CMS.getConfigStore(); - + throws IOException { + IConfigStore config = CMS.getConfigStore(); + boolean hasChanged = false; try { Enumeration c = mCerts.elements(); while (c.hasMoreElements()) { Cert cert = (Cert) c.nextElement(); - String ct = cert.getCertTag(); - boolean enable = config.getBoolean(PCERT_PREFIX+ct+".enable", true); + String ct = cert.getCertTag(); + boolean enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true); if (!enable) continue; @@ -679,10 +680,10 @@ public class NamePanel extends WizardPanelBase { if (!olddn.equals(dn)) hasChanged = true; - String oldnick = config.getString(PCERT_PREFIX + ct + ".nickname"); - String nick = HttpInput.getNickname(request, ct + "_nick"); - if (!oldnick.equals(nick)) - hasChanged = true; + String oldnick = config.getString(PCERT_PREFIX + ct + ".nickname"); + String nick = HttpInput.getNickname(request, ct + "_nick"); + if (!oldnick.equals(nick)) + hasChanged = true; } } catch (Exception e) { @@ -690,34 +691,34 @@ public class NamePanel extends WizardPanelBase { return hasChanged; } - - public String getURL(HttpServletRequest request, IConfigStore config) - { + + public String getURL(HttpServletRequest request, IConfigStore config) { String index = request.getParameter("urls"); - if (index == null){ - return null; + if (index == null) { + return null; } String url = ""; if (index.startsWith("http")) { - // user may submit url directlry - url = index; + // user may submit url directlry + url = index; } else { - try { - int x = Integer.parseInt(index); - String list = config.getString("preop.ca.list", ""); - StringTokenizer tokenizer = new StringTokenizer(list, ","); - int counter = 0; - - while (tokenizer.hasMoreTokens()) { - url = tokenizer.nextToken(); - if (counter == x) { - break; + try { + int x = Integer.parseInt(index); + String list = config.getString("preop.ca.list", ""); + StringTokenizer tokenizer = new StringTokenizer(list, ","); + int counter = 0; + + while (tokenizer.hasMoreTokens()) { + url = tokenizer.nextToken(); + if (counter == x) { + break; + } + counter++; } - counter++; + } catch (Exception e) { } - } catch (Exception e) {} } - return url; + return url; } /** @@ -727,7 +728,7 @@ public class NamePanel extends WizardPanelBase { HttpServletResponse response, Context context) throws IOException { CMS.debug("NamePanel: in update()"); - boolean hasErr = false; + boolean hasErr = false; if (inputChanged(request)) { mServlet.cleanUpFromPanel(mServlet.getPanelNo(request)); @@ -736,7 +737,7 @@ public class NamePanel extends WizardPanelBase { return; } - IConfigStore config = CMS.getConfigStore(); + IConfigStore config = CMS.getConfigStore(); String hselect = ""; ISubsystem subsystem = CMS.getSubsystem(ICertificateAuthority.ID); @@ -750,13 +751,13 @@ public class NamePanel extends WizardPanelBase { configCertWithTag(request, response, context, "sslserver"); String url = getURL(request, config); if (url != null && !url.equals("External CA")) { - // preop.ca.url and admin port are required for setting KRA connector - url = url.substring(url.indexOf("https")); - config.putString("preop.ca.url", url); + // preop.ca.url and admin port are required for setting KRA connector + url = url.substring(url.indexOf("https")); + config.putString("preop.ca.url", url); - URL urlx = new URL(url); - updateCloneSDCAInfo(request, context, urlx.getHost(), - Integer.toString(urlx.getPort())); + URL urlx = new URL(url); + updateCloneSDCAInfo(request, context, urlx.getHost(), + Integer.toString(urlx.getPort())); } updateCloneConfig(config); @@ -771,49 +772,50 @@ public class NamePanel extends WizardPanelBase { } //if no hselect, then not CA - if (hselect.equals("") || hselect.equals("join")) { - String select = null; - String url = getURL(request, config); - - URL urlx = null; - - if (url.equals("External CA")) { - CMS.debug("NamePanel: external CA selected"); - select = "otherca"; - config.putString("preop.ca.type", "otherca"); - if (subsystem != null) { - config.putString(PCERT_PREFIX+"signing.type", "remote"); - } + if (hselect.equals("") || hselect.equals("join")) { + String select = null; + String url = getURL(request, config); + + URL urlx = null; + + if (url.equals("External CA")) { + CMS.debug("NamePanel: external CA selected"); + select = "otherca"; + config.putString("preop.ca.type", "otherca"); + if (subsystem != null) { + config.putString(PCERT_PREFIX + "signing.type", "remote"); + } - config.putString("preop.ca.pkcs7", ""); - config.putInteger("preop.ca.certchain.size", 0); - context.put("check_otherca", "checked"); - CMS.debug("NamePanel: update: this is the external CA."); - } else { - CMS.debug("NamePanel: local CA selected"); - select = "sdca"; - // parse URL (CA1 - https://...) - url = url.substring(url.indexOf("https")); - config.putString("preop.ca.url", url); - - urlx = new URL(url); - config.putString("preop.ca.type", "sdca"); - CMS.debug("NamePanel: update: this is a CA in the security domain."); - context.put("check_sdca", "checked"); - sdca(request, context, urlx.getHost(), - Integer.toString(urlx.getPort())); - if (subsystem != null) { - config.putString(PCERT_PREFIX + "signing.type", "remote"); - config.putString(PCERT_PREFIX + "signing.profile", - "caInstallCACert"); + config.putString("preop.ca.pkcs7", ""); + config.putInteger("preop.ca.certchain.size", 0); + context.put("check_otherca", "checked"); + CMS.debug("NamePanel: update: this is the external CA."); + } else { + CMS.debug("NamePanel: local CA selected"); + select = "sdca"; + // parse URL (CA1 - https://...) + url = url.substring(url.indexOf("https")); + config.putString("preop.ca.url", url); + + urlx = new URL(url); + config.putString("preop.ca.type", "sdca"); + CMS.debug("NamePanel: update: this is a CA in the security domain."); + context.put("check_sdca", "checked"); + sdca(request, context, urlx.getHost(), + Integer.toString(urlx.getPort())); + if (subsystem != null) { + config.putString(PCERT_PREFIX + "signing.type", "remote"); + config.putString(PCERT_PREFIX + "signing.profile", + "caInstallCACert"); + } } - } - try { - config.commit(false); - } catch (Exception e) {} + try { + config.commit(false); + } catch (Exception e) { + } - } + } try { @@ -821,13 +823,13 @@ public class NamePanel extends WizardPanelBase { while (c.hasMoreElements()) { Cert cert = (Cert) c.nextElement(); - String ct = cert.getCertTag(); + String ct = cert.getCertTag(); String tokenname = cert.getTokenname(); - boolean enable = config.getBoolean(PCERT_PREFIX+ct+".enable", true); + boolean enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true); if (!enable) continue; - boolean certDone = config.getBoolean(PCERT_PREFIX+ct+".done", false); + boolean certDone = config.getBoolean(PCERT_PREFIX + ct + ".done", false); if (certDone) continue; @@ -850,32 +852,32 @@ public class NamePanel extends WizardPanelBase { try { configCert(request, response, context, cert); - config.putBoolean("preop.cert."+cert.getCertTag()+".done", - true); + config.putBoolean("preop.cert." + cert.getCertTag() + ".done", + true); config.commit(false); } catch (Exception e) { CMS.debug( "NamePanel: update() exception caught:" + e.toString()); - hasErr = true; + hasErr = true; System.err.println("Exception caught: " + e.toString()); } } // while - if (hasErr == false) { - config.putBoolean("preop.NamePanel.done", true); - config.commit(false); - } + if (hasErr == false) { + config.putBoolean("preop.NamePanel.done", true); + config.commit(false); + } } catch (Exception e) { CMS.debug("NamePanel: Exception caught: " + e.toString()); System.err.println("Exception caught: " + e.toString()); }// try - try { config.commit(false); - } catch (Exception e) {} + } catch (Exception e) { + } if (!hasErr) { context.put("updateStatus", "success"); @@ -897,15 +899,15 @@ public class NamePanel extends WizardPanelBase { // Retrieve the associated HTTPS Admin port so that it // may be stored for use with ImportAdminCertPanel - https_admin_port = getSecurityDomainAdminPort( config, + https_admin_port = getSecurityDomainAdminPort(config, hostname, httpsPortStr, - "CA" ); + "CA"); int httpsport = -1; try { - httpsport = Integer.parseInt(httpsPortStr); + httpsport = Integer.parseInt(httpsPortStr); } catch (Exception e) { CMS.debug( "NamePanel update: Https port is not valid. Exception: " @@ -934,15 +936,15 @@ public class NamePanel extends WizardPanelBase { // Retrieve the associated HTTPS Admin port so that it // may be stored for use with ImportAdminCertPanel - https_admin_port = getSecurityDomainAdminPort( config, + https_admin_port = getSecurityDomainAdminPort(config, hostname, httpsPortStr, - "CA" ); + "CA"); int httpsport = -1; try { - httpsport = Integer.parseInt(httpsPortStr); + httpsport = Integer.parseInt(httpsPortStr); } catch (Exception e) { CMS.debug( "NamePanel update: Https port is not valid. Exception: " @@ -954,21 +956,19 @@ public class NamePanel extends WizardPanelBase { config.putString("preop.ca.httpsport", httpsPortStr); config.putString("preop.ca.httpsadminport", https_admin_port); ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); - updateCertChainUsingSecureEEPort( config, "ca", hostname, + updateCertChainUsingSecureEEPort(config, "ca", hostname, httpsport, true, context, - certApprovalCallback ); + certApprovalCallback); try { - CMS.debug("Importing CA chain"); - importCertChain("ca"); + CMS.debug("Importing CA chain"); + importCertChain("ca"); } catch (Exception e1) { - CMS.debug("Failed in importing CA chain"); + CMS.debug("Failed in importing CA chain"); } } - public void initParams(HttpServletRequest request, Context context) - throws IOException - { + throws IOException { context.put("certs", mCerts); } @@ -977,10 +977,9 @@ public class NamePanel extends WizardPanelBase { */ public void displayError(HttpServletRequest request, HttpServletResponse response, - Context context) - { + Context context) { try { - initParams(request, context); + initParams(request, context); } catch (IOException e) { } context.put("title", "Subject Names"); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java index cf37fdff..8ca70bd4 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/RegisterUser.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.security.cert.X509Certificate; import java.util.Enumeration; @@ -53,7 +52,7 @@ import com.netscape.cmsutil.xml.XMLObject; * This servlet creates a TPS user in the CA, * and it associates TPS's server certificate to * the user. Finally, it addes the user to the - * administrator group. This procedure will + * administrator group. This procedure will * allows TPS to connect to the CA for certificate * issuance. */ @@ -68,8 +67,7 @@ public class RegisterUser extends CMSServlet { private final static String AUTH_FAILURE = "2"; private String mGroupName = null; private final static String LOGGING_SIGNED_AUDIT_CONFIG_ROLE = - "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3"; - + "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3"; public RegisterUser() { super(); @@ -77,6 +75,7 @@ public class RegisterUser extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -88,7 +87,7 @@ public class RegisterUser extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. */ protected void process(CMSRequest cmsReq) throws EBaseException { CMS.debug("UpdateUpdater: processing..."); @@ -102,9 +101,9 @@ public class RegisterUser extends CMSServlet { CMS.debug("RegisterUser authentication successful."); } catch (Exception e) { CMS.debug("RegisterUser: authentication failed."); - log(ILogger.LL_FAILURE, + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", - e.toString())); + e.toString())); outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); return; } @@ -117,19 +116,19 @@ public class RegisterUser extends CMSServlet { AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, - "modify"); + authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, + "modify"); CMS.debug("RegisterUser authorization successful."); } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, "Error: Not authorized"); return; } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, - "Error: Encountered problem during authorization."); + "Error: Encountered problem during authorization."); return; } @@ -150,93 +149,93 @@ public class RegisterUser extends CMSServlet { String auditMessage = null; String auditSubjectID = auditSubjectID(); - String auditParams = "Scope;;users+Operation;;OP_ADD+source;;RegisterUser" + - "+Resource;;"+ uid + - "+fullname;;"+ name + + String auditParams = "Scope;;users+Operation;;OP_ADD+source;;RegisterUser" + + "+Resource;;" + uid + + "+fullname;;" + name + "+state;;1" + "+userType;;<null>+email;;<null>+password;;<null>+phone;;<null>"; - IUGSubsystem ugsys = (IUGSubsystem)CMS.getSubsystem(CMS.SUBSYSTEM_UG); + IUGSubsystem ugsys = (IUGSubsystem) CMS.getSubsystem(CMS.SUBSYSTEM_UG); IUser user = null; boolean foundByCert = false; X509Certificate certs[] = new X509Certificate[1]; try { - byte bCert[] = null; - X509CertImpl cert = null; - bCert = (byte[]) (com.netscape.osutil.OSUtil.AtoB(certsString)); - cert = new X509CertImpl(bCert); - certs[0] = (X509Certificate)cert; - - // test to see if the cert already belongs to a user - ICertUserLocator cul = ugsys.getCertUserLocator(); - com.netscape.certsrv.usrgrp.Certificates c = - new com.netscape.certsrv.usrgrp.Certificates(certs); - user = (IUser) cul.locateUser(c); + byte bCert[] = null; + X509CertImpl cert = null; + bCert = (byte[]) (com.netscape.osutil.OSUtil.AtoB(certsString)); + cert = new X509CertImpl(bCert); + certs[0] = (X509Certificate) cert; + + // test to see if the cert already belongs to a user + ICertUserLocator cul = ugsys.getCertUserLocator(); + com.netscape.certsrv.usrgrp.Certificates c = + new com.netscape.certsrv.usrgrp.Certificates(certs); + user = (IUser) cul.locateUser(c); } catch (Exception ec) { - CMS.debug("RegisterUser: exception thrown: "+ec.toString()); + CMS.debug("RegisterUser: exception thrown: " + ec.toString()); } if (user == null) { - CMS.debug("RegisterUser NOT found user by cert"); - try { - user = ugsys.getUser(uid); - CMS.debug("RegisterUser found user by uid "+uid); - } catch (Exception eee) { - } + CMS.debug("RegisterUser NOT found user by cert"); + try { + user = ugsys.getUser(uid); + CMS.debug("RegisterUser found user by uid " + uid); + } catch (Exception eee) { + } } else { - foundByCert = true; - CMS.debug("RegisterUser found user by cert"); + foundByCert = true; + CMS.debug("RegisterUser found user by cert"); } - - try { - - if (user == null) { - // create user only if such user does not exist - user = ugsys.createUser(uid); - user.setFullName(name); - user.setState("1"); - user.setUserType(""); - user.setEmail(""); - user.setPhone(""); - user.setPassword(""); - - ugsys.addUser(user); - CMS.debug("RegisterUser created user " + uid); - auditMessage = CMS.getLogMessage( + + try { + + if (user == null) { + // create user only if such user does not exist + user = ugsys.createUser(uid); + user.setFullName(name); + user.setState("1"); + user.setUserType(""); + user.setEmail(""); + user.setPhone(""); + user.setPassword(""); + + ugsys.addUser(user); + CMS.debug("RegisterUser created user " + uid); + auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, ILogger.SUCCESS, auditParams); - audit(auditMessage); - } - - // extract all line separators - StringBuffer sb = new StringBuffer(); - for (int i = 0; i < certsString.length(); i++) { - if (!Character.isWhitespace(certsString.charAt(i))) { - sb.append(certsString.charAt(i)); - } - } - certsString = sb.toString(); - - auditParams = "Scope;;certs+Operation;;OP_ADD+source;;RegisterUser" + - "+Resource;;"+ uid + - "+cert;;"+certsString; - - user.setX509Certificates(certs); - if (!foundByCert) { - ugsys.addUserCert(user); - CMS.debug("RegisterUser added user certificate"); - auditMessage = CMS.getLogMessage( + audit(auditMessage); + } + + // extract all line separators + StringBuffer sb = new StringBuffer(); + for (int i = 0; i < certsString.length(); i++) { + if (!Character.isWhitespace(certsString.charAt(i))) { + sb.append(certsString.charAt(i)); + } + } + certsString = sb.toString(); + + auditParams = "Scope;;certs+Operation;;OP_ADD+source;;RegisterUser" + + "+Resource;;" + uid + + "+cert;;" + certsString; + + user.setX509Certificates(certs); + if (!foundByCert) { + ugsys.addUserCert(user); + CMS.debug("RegisterUser added user certificate"); + auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, ILogger.SUCCESS, auditParams); - audit(auditMessage); - } else - CMS.debug("RegisterUser no need to add user certificate"); - } catch (Exception eee) { + audit(auditMessage); + } else + CMS.debug("RegisterUser no need to add user certificate"); + } catch (Exception eee) { CMS.debug("RegisterUser error " + eee.toString()); auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_ROLE, @@ -249,20 +248,19 @@ public class RegisterUser extends CMSServlet { return; } - // add user to the group auditParams = "Scope;;groups+Operation;;OP_MODIFY+source;;RegisterUser" + - "+Resource;;"+ mGroupName; + "+Resource;;" + mGroupName; try { Enumeration groups = ugsys.findGroups(mGroupName); - IGroup group = (IGroup)groups.nextElement(); + IGroup group = (IGroup) groups.nextElement(); auditParams += "+user;;"; Enumeration members = group.getMemberNames(); while (members.hasMoreElements()) { auditParams += (String) members.nextElement(); if (members.hasMoreElements()) { - auditParams +=","; + auditParams += ","; } } @@ -280,15 +278,15 @@ public class RegisterUser extends CMSServlet { audit(auditMessage); } - } catch (Exception e) { - auditMessage = CMS.getLogMessage( + } catch (Exception e) { + auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, ILogger.FAILURE, auditParams); - audit(auditMessage); - } + audit(auditMessage); + } // send success status back to the requestor try { @@ -305,12 +303,13 @@ public class RegisterUser extends CMSServlet { } } - protected void setDefaultTemplates(ServletConfig sc) {} + protected void setDefaultTemplates(ServletConfig sc) { + } protected void renderTemplate( CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler) - throws IOException {// do nothing - } + throws IOException {// do nothing + } protected void renderResult(CMSRequest cmsReq) throws IOException {// do nothing, ie, it will not return the default javascript. } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java index 76f5a749..cc62fede 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.FileInputStream; @@ -76,19 +75,20 @@ import com.netscape.cms.servlet.wizard.WizardServlet; public class RestoreKeyCertPanel extends WizardPanelBase { - public RestoreKeyCertPanel() {} + public RestoreKeyCertPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Import Keys and Certificates"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Import Keys and Certificates"); setId(id); @@ -99,18 +99,18 @@ public class RestoreKeyCertPanel extends WizardPanelBase { */ public boolean shouldSkip() { CMS.debug("RestoreKeyCertPanel: should skip"); - + IConfigStore cs = CMS.getConfigStore(); // if we are root, no need to get the certificate chain. - + try { - String select = cs.getString("preop.subsystem.select",""); + String select = cs.getString("preop.subsystem.select", ""); if (select.equals("clone")) { return false; } } catch (EBaseException e) { } - + return true; } @@ -138,15 +138,16 @@ public class RestoreKeyCertPanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + /* XXX */ - + return set; } @@ -160,7 +161,7 @@ public class RestoreKeyCertPanel extends WizardPanelBase { IConfigStore config = CMS.getConfigStore(); if (isPanelDone()) { - + try { String s = config.getString("preop.pk12.path", ""); String type = config.getString("preop.subsystem.select", ""); @@ -201,7 +202,6 @@ public class RestoreKeyCertPanel extends WizardPanelBase { // throw new IOException("Path is empty"); // } - if (s != null && !s.equals("")) { s = HttpInput.getPassword(request, "__password"); if (s == null || s.equals("")) { @@ -217,15 +217,14 @@ public class RestoreKeyCertPanel extends WizardPanelBase { */ public void update(HttpServletRequest request, HttpServletResponse response, - Context context) throws IOException - { + Context context) throws IOException { IConfigStore config = CMS.getConfigStore(); String path = HttpInput.getString(request, "path"); if (path == null || path.equals("")) { - // skip to next panel + // skip to next panel config.putBoolean("preop.restorekeycert.done", true); try { - config.commit(false); + config.commit(false); } catch (EBaseException e) { } getConfigEntriesFromMaster(request, response, context); @@ -233,7 +232,7 @@ public class RestoreKeyCertPanel extends WizardPanelBase { return; } String pwd = HttpInput.getPassword(request, "__password"); - + String tokenn = ""; String instanceRoot = ""; @@ -246,7 +245,7 @@ public class RestoreKeyCertPanel extends WizardPanelBase { if (tokenn.equals("Internal Key Storage Token")) { byte b[] = new byte[1000000]; FileInputStream fis = new FileInputStream(instanceRoot + "/alias/" + path); - while (fis.available() > 0) + while (fis.available() > 0) fis.read(b); fis.close(); @@ -256,10 +255,10 @@ public class RestoreKeyCertPanel extends WizardPanelBase { PFX pfx = null; boolean verifypfx = false; try { - pfx = (PFX)(new PFX.Template()).decode(bis); - verifypfx = pfx.verifyAuthSafes(password, reason); + pfx = (PFX) (new PFX.Template()).decode(bis); + verifypfx = pfx.verifyAuthSafes(password, reason); } catch (Exception e) { - CMS.debug("RestoreKeyCertPanel update: Exception="+e.toString()); + CMS.debug("RestoreKeyCertPanel update: Exception=" + e.toString()); } if (verifypfx) { @@ -267,50 +266,50 @@ public class RestoreKeyCertPanel extends WizardPanelBase { AuthenticatedSafes safes = pfx.getAuthSafes(); Vector pkeyinfo_collection = new Vector(); Vector cert_collection = new Vector(); - for (int i=0; i<safes.getSize(); i++) { + for (int i = 0; i < safes.getSize(); i++) { try { - SEQUENCE scontent = safes.getSafeContentsAt(null, i); - for (int j=0; j<scontent.size(); j++) { - SafeBag bag = (SafeBag)scontent.elementAt(j); + SEQUENCE scontent = safes.getSafeContentsAt(null, i); + for (int j = 0; j < scontent.size(); j++) { + SafeBag bag = (SafeBag) scontent.elementAt(j); OBJECT_IDENTIFIER oid = bag.getBagType(); if (oid.equals(SafeBag.PKCS8_SHROUDED_KEY_BAG)) { - EncryptedPrivateKeyInfo privkeyinfo = - (EncryptedPrivateKeyInfo)bag.getInterpretedBagContent(); + EncryptedPrivateKeyInfo privkeyinfo = + (EncryptedPrivateKeyInfo) bag.getInterpretedBagContent(); PasswordConverter passConverter = new PasswordConverter(); PrivateKeyInfo pkeyinfo = privkeyinfo.decrypt(password, new PasswordConverter()); Vector pkeyinfo_v = new Vector(); pkeyinfo_v.addElement(pkeyinfo); SET bagAttrs = bag.getBagAttributes(); - for (int k=0; k<bagAttrs.size(); k++) { - Attribute attrs = (Attribute)bagAttrs.elementAt(k); + for (int k = 0; k < bagAttrs.size(); k++) { + Attribute attrs = (Attribute) bagAttrs.elementAt(k); OBJECT_IDENTIFIER aoid = attrs.getType(); if (aoid.equals(SafeBag.FRIENDLY_NAME)) { SET val = attrs.getValues(); - ANY ss = (ANY)val.elementAt(0); + ANY ss = (ANY) val.elementAt(0); ByteArrayInputStream bbis = new ByteArrayInputStream(ss.getEncoded()); - BMPString sss = (BMPString)(new BMPString.Template()).decode(bbis); + BMPString sss = (BMPString) (new BMPString.Template()).decode(bbis); String s = sss.toString(); pkeyinfo_v.addElement(s); } } pkeyinfo_collection.addElement(pkeyinfo_v); } else if (oid.equals(SafeBag.CERT_BAG)) { - CertBag cbag = (CertBag)bag.getInterpretedBagContent(); - OCTET_STRING str = (OCTET_STRING)cbag.getInterpretedCert(); + CertBag cbag = (CertBag) bag.getInterpretedBagContent(); + OCTET_STRING str = (OCTET_STRING) cbag.getInterpretedCert(); byte[] x509cert = str.toByteArray(); Vector cert_v = new Vector(); cert_v.addElement(x509cert); SET bagAttrs = bag.getBagAttributes(); - + if (bagAttrs != null) { - for (int k=0; k<bagAttrs.size(); k++) { - Attribute attrs = (Attribute)bagAttrs.elementAt(k); + for (int k = 0; k < bagAttrs.size(); k++) { + Attribute attrs = (Attribute) bagAttrs.elementAt(k); OBJECT_IDENTIFIER aoid = attrs.getType(); if (aoid.equals(SafeBag.FRIENDLY_NAME)) { SET val = attrs.getValues(); - ANY ss = (ANY)val.elementAt(0); + ANY ss = (ANY) val.elementAt(0); ByteArrayInputStream bbis = new ByteArrayInputStream(ss.getEncoded()); - BMPString sss = (BMPString)(new BMPString.Template()).decode(bbis); + BMPString sss = (BMPString) (new BMPString.Template()).decode(bbis); String s = sss.toString(); cert_v.addElement(s); } @@ -321,10 +320,10 @@ public class RestoreKeyCertPanel extends WizardPanelBase { } } } catch (Exception e) { - CMS.debug("RestoreKeyCertPanel update: Exception="+e.toString()); + CMS.debug("RestoreKeyCertPanel update: Exception=" + e.toString()); } } - + importkeycert(pkeyinfo_collection, cert_collection); } else { context.put("updateStatus", "failure"); @@ -342,7 +341,7 @@ public class RestoreKeyCertPanel extends WizardPanelBase { cstype = toLowerCaseSubsystemType(cstype); if (subsystemtype.equals("clone")) { - CMS.debug("RestoreKeyCertPanel: this is the clone subsystem"); + CMS.debug("RestoreKeyCertPanel: this is the clone subsystem"); boolean cloneReady = isCertdbCloned(request, context); if (!cloneReady) { CMS.debug("RestoreKeyCertPanel update: clone does not have all the certificates."); @@ -363,7 +362,7 @@ public class RestoreKeyCertPanel extends WizardPanelBase { } private void getConfigEntriesFromMaster(HttpServletRequest request, - HttpServletResponse response, Context context) throws IOException { + HttpServletResponse response, Context context) throws IOException { try { IConfigStore config = CMS.getConfigStore(); String cstype = ""; @@ -388,14 +387,14 @@ public class RestoreKeyCertPanel extends WizardPanelBase { String content = ""; if (cstype.equals("ca") || cstype.equals("kra")) { - content = "type=request&xmlOutput=true&sessionID="+session_id; + content = "type=request&xmlOutput=true&sessionID=" + session_id; CMS.debug("http content=" + content); updateNumberRange(master_hostname, master_ee_port, true, content, "request", response); - content = "type=serialNo&xmlOutput=true&sessionID="+session_id; + content = "type=serialNo&xmlOutput=true&sessionID=" + session_id; updateNumberRange(master_hostname, master_ee_port, true, content, "serialNo", response); - content = "type=replicaId&xmlOutput=true&sessionID="+session_id; + content = "type=replicaId&xmlOutput=true&sessionID=" + session_id; updateNumberRange(master_hostname, master_ee_port, true, content, "replicaId", response); } @@ -406,7 +405,7 @@ public class RestoreKeyCertPanel extends WizardPanelBase { } StringBuffer c1 = new StringBuffer(); - StringBuffer s1 = new StringBuffer(); + StringBuffer s1 = new StringBuffer(); StringTokenizer tok = new StringTokenizer(list, ","); while (tok.hasMoreTokens()) { String t1 = tok.nextToken(); @@ -438,8 +437,7 @@ public class RestoreKeyCertPanel extends WizardPanelBase { c1.append(t1); c1.append(".pubkey.encoded"); - - if (s1.length()!=0) + if (s1.length() != 0) s1.append(","); s1.append(cstype); @@ -449,18 +447,18 @@ public class RestoreKeyCertPanel extends WizardPanelBase { if (!cstype.equals("ca")) { c1.append(",cloning.ca.hostname,cloning.ca.httpport,cloning.ca.httpsport,cloning.ca.list,cloning.ca.pkcs7,cloning.ca.type"); - } + } if (cstype.equals("ca")) { /* get ca connector details */ - if (s1.length()!=0) + if (s1.length() != 0) s1.append(","); s1.append("ca.connector.KRA"); } - content = "op=get&names=cloning.token,instanceId,internaldb.basedn,internaldb.ldapauth.password,internaldb.replication.password,internaldb.ldapconn.host,internaldb.ldapconn.port,internaldb.ldapauth.bindDN"+c1.toString()+"&substores="+s1.toString()+"&xmlOutput=true&sessionID="+session_id; + content = "op=get&names=cloning.token,instanceId,internaldb.basedn,internaldb.ldapauth.password,internaldb.replication.password,internaldb.ldapconn.host,internaldb.ldapconn.port,internaldb.ldapauth.bindDN" + c1.toString() + "&substores=" + s1.toString() + "&xmlOutput=true&sessionID=" + session_id; boolean success = updateConfigEntries(master_hostname, master_port, true, - "/"+cstype+"/admin/"+cstype+"/getConfigEntries", content, config, response); + "/" + cstype + "/admin/" + cstype + "/getConfigEntries", content, config, response); if (!success) { context.put("errorString", "Failed to get configuration entries from the master"); throw new IOException("Failed to get configuration entries from the master"); @@ -473,7 +471,7 @@ public class RestoreKeyCertPanel extends WizardPanelBase { } catch (IOException eee) { throw eee; } catch (Exception eee) { - CMS.debug("RestoreKeyCertPanel: update exception caught:"+eee.toString()); + CMS.debug("RestoreKeyCertPanel: update exception caught:" + eee.toString()); } } catch (IOException ee) { @@ -491,38 +489,38 @@ public class RestoreKeyCertPanel extends WizardPanelBase { String s = st.nextToken(); if (s.equals("sslserver")) continue; - String name = "preop.master."+s+".nickname"; + String name = "preop.master." + s + ".nickname"; String nickname = cs.getString(name, ""); CryptoManager cm = CryptoManager.getInstance(); X509Certificate xcert = null; try { xcert = cm.findCertByNickname(nickname); } catch (Exception ee) { - CMS.debug("RestoreKeyCertPanel deleteExistingCerts: Exception="+ee.toString()); + CMS.debug("RestoreKeyCertPanel deleteExistingCerts: Exception=" + ee.toString()); } CryptoToken ct = cm.getInternalKeyStorageToken(); CryptoStore store = ct.getCryptoStore(); try { store.deleteCert(xcert); } catch (Exception ee) { - CMS.debug("RestoreKeyCertPanel deleteExistingCerts: Exception="+ee.toString()); + CMS.debug("RestoreKeyCertPanel deleteExistingCerts: Exception=" + ee.toString()); } } } catch (Exception e) { - CMS.debug("RestoreKeyCertPanel deleteExistingCerts: Exception="+e.toString()); - } + CMS.debug("RestoreKeyCertPanel deleteExistingCerts: Exception=" + e.toString()); + } } private org.mozilla.jss.crypto.PrivateKey.Type getPrivateKeyType(PublicKey pubkey) { - CMS.debug("Key Algorithm '"+pubkey.getAlgorithm()+"'"); - if (pubkey.getAlgorithm().equals("EC")) { - return org.mozilla.jss.crypto.PrivateKey.Type.EC; - } - return org.mozilla.jss.crypto.PrivateKey.Type.RSA; + CMS.debug("Key Algorithm '" + pubkey.getAlgorithm() + "'"); + if (pubkey.getAlgorithm().equals("EC")) { + return org.mozilla.jss.crypto.PrivateKey.Type.EC; + } + return org.mozilla.jss.crypto.PrivateKey.Type.RSA; } - private void importkeycert(Vector pkeyinfo_collection, - Vector cert_collection) throws IOException { + private void importkeycert(Vector pkeyinfo_collection, + Vector cert_collection) throws IOException { CryptoManager cm = null; try { cm = CryptoManager.getInstance(); @@ -532,12 +530,12 @@ public class RestoreKeyCertPanel extends WizardPanelBase { // delete all existing certificates first deleteExistingCerts(); - for (int i=0; i<pkeyinfo_collection.size(); i++) { + for (int i = 0; i < pkeyinfo_collection.size(); i++) { try { - Vector pkeyinfo_v = (Vector)pkeyinfo_collection.elementAt(i); - PrivateKeyInfo pkeyinfo = (PrivateKeyInfo)pkeyinfo_v.elementAt(0); - String nickname = (String)pkeyinfo_v.elementAt(1); - byte[] x509cert = getX509Cert(nickname, cert_collection); + Vector pkeyinfo_v = (Vector) pkeyinfo_collection.elementAt(i); + PrivateKeyInfo pkeyinfo = (PrivateKeyInfo) pkeyinfo_v.elementAt(0); + String nickname = (String) pkeyinfo_v.elementAt(1); + byte[] x509cert = getX509Cert(nickname, cert_collection); X509Certificate cert = cm.importCACertPackage(x509cert); ByteArrayOutputStream bos = new ByteArrayOutputStream(); pkeyinfo.encode(bos); @@ -550,32 +548,32 @@ public class RestoreKeyCertPanel extends WizardPanelBase { try { store.deleteCert(cert); } catch (Exception ee) { - CMS.debug("RestoreKeyCertPanel importKeyCert: Exception="+ee.toString()); + CMS.debug("RestoreKeyCertPanel importKeyCert: Exception=" + ee.toString()); } KeyGenerator kg = token.getKeyGenerator(KeyGenAlgorithm.DES3); SymmetricKey sk = kg.generate(); - byte iv[] = {0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1}; + byte iv[] = { 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1 }; IVParameterSpec param = new IVParameterSpec(iv); Cipher c = token.getCipherContext(EncryptionAlgorithm.DES3_CBC_PAD); c.initEncrypt(sk, param); byte[] encpkey = c.doFinal(pkey); - + KeyWrapper wrapper = token.getKeyWrapper(KeyWrapAlgorithm.DES3_CBC_PAD); wrapper.initUnwrap(sk, param); org.mozilla.jss.crypto.PrivateKey pp = wrapper.unwrapPrivate(encpkey, getPrivateKeyType(publickey), publickey); } catch (Exception e) { - CMS.debug("RestoreKeyCertPanel importkeycert: Exception="+e.toString()); + CMS.debug("RestoreKeyCertPanel importkeycert: Exception=" + e.toString()); } } - for (int i=0; i<cert_collection.size(); i++) { + for (int i = 0; i < cert_collection.size(); i++) { try { - Vector cert_v = (Vector)cert_collection.elementAt(i); - byte[] cert = (byte[])cert_v.elementAt(0); + Vector cert_v = (Vector) cert_collection.elementAt(i); + byte[] cert = (byte[]) cert_v.elementAt(0); if (cert_v.size() > 1) { - String name = (String)cert_v.elementAt(1); + String name = (String) cert_v.elementAt(1); // we need to delete the trusted CA certificate if it is // the same as the ca signing certificate if (isCASigningCert(name)) { @@ -586,10 +584,10 @@ public class RestoreKeyCertPanel extends WizardPanelBase { CMS.debug("RestoreKeyCertPanel deleteCert: this is pk11store"); if (store instanceof PK11Store) { try { - PK11Store pk11store = (PK11Store)store; + PK11Store pk11store = (PK11Store) store; pk11store.deleteCertOnly(certchain); } catch (Exception ee) { - CMS.debug("RestoreKeyCertPanel importKeyCert: Exception="+ee.toString()); + CMS.debug("RestoreKeyCertPanel importKeyCert: Exception=" + ee.toString()); } } } @@ -598,18 +596,18 @@ public class RestoreKeyCertPanel extends WizardPanelBase { X509Certificate xcert = cm.importUserCACertPackage(cert, name); if (name.startsWith("caSigningCert")) { // we need to change the trust attribute to CT - InternalCertificate icert = (InternalCertificate)xcert; - icert.setSSLTrust(InternalCertificate.TRUSTED_CA - | InternalCertificate.TRUSTED_CLIENT_CA - | InternalCertificate.VALID_CA); + InternalCertificate icert = (InternalCertificate) xcert; + icert.setSSLTrust(InternalCertificate.TRUSTED_CA + | InternalCertificate.TRUSTED_CLIENT_CA + | InternalCertificate.VALID_CA); } else if (name.startsWith("auditSigningCert")) { - InternalCertificate icert = (InternalCertificate)xcert; + InternalCertificate icert = (InternalCertificate) xcert; icert.setObjectSigningTrust(InternalCertificate.USER | InternalCertificate.VALID_PEER | InternalCertificate.TRUSTED_PEER); } } else cm.importCACertPackage(cert); } catch (Exception e) { - CMS.debug("RestoreKeyCertPanel importkeycert: Exception="+e.toString()); + CMS.debug("RestoreKeyCertPanel importkeycert: Exception=" + e.toString()); } } } @@ -628,15 +626,15 @@ public class RestoreKeyCertPanel extends WizardPanelBase { return false; } - private X509Certificate getX509CertFromToken(byte[] cert) - throws IOException { + private X509Certificate getX509CertFromToken(byte[] cert) + throws IOException { try { X509CertImpl impl = new X509CertImpl(cert); String issuer_impl = impl.getIssuerDN().toString(); BigInteger serial_impl = impl.getSerialNumber(); CryptoManager cm = CryptoManager.getInstance(); X509Certificate[] permcerts = cm.getPermCerts(); - for (int i=0; i<permcerts.length; i++) { + for (int i = 0; i < permcerts.length; i++) { String issuer_p = permcerts[i].getSubjectDN().toString(); BigInteger serial_p = permcerts[i].getSerialNumber(); if (issuer_p.equals(issuer_impl) && serial_p.compareTo(serial_impl) == 0) { @@ -644,25 +642,25 @@ public class RestoreKeyCertPanel extends WizardPanelBase { } } } catch (Exception e) { - CMS.debug("RestoreKeyCertPanel getX509CertFromToken: Exception="+e.toString()); + CMS.debug("RestoreKeyCertPanel getX509CertFromToken: Exception=" + e.toString()); } return null; } - private byte[] getX509Cert(String nickname, Vector cert_collection) - throws IOException { - for (int i=0; i<cert_collection.size(); i++) { - Vector v = (Vector)cert_collection.elementAt(i); - byte[] b = (byte[])v.elementAt(0); + private byte[] getX509Cert(String nickname, Vector cert_collection) + throws IOException { + for (int i = 0; i < cert_collection.size(); i++) { + Vector v = (Vector) cert_collection.elementAt(i); + byte[] b = (byte[]) v.elementAt(0); X509CertImpl impl = null; try { impl = new X509CertImpl(b); } catch (Exception e) { - CMS.debug("RestoreKeyCertPanel getX509Cert: Exception="+e.toString()); - throw new IOException( e.toString() ); + CMS.debug("RestoreKeyCertPanel getX509Cert: Exception=" + e.toString()); + throw new IOException(e.toString()); } - Principal subjectdn = impl.getSubjectDN(); + Principal subjectdn = impl.getSubjectDN(); if (LDAPDN.equals(subjectdn.toString(), nickname)) return b; } @@ -674,9 +672,8 @@ public class RestoreKeyCertPanel extends WizardPanelBase { * If validiate() returns false, this method will be called. */ public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) - { + HttpServletResponse response, + Context context) { context.put("title", "Import Keys and Certificates"); context.put("password", ""); context.put("path", ""); @@ -684,7 +681,7 @@ public class RestoreKeyCertPanel extends WizardPanelBase { } private boolean isCertdbCloned(HttpServletRequest request, - Context context) { + Context context) { IConfigStore config = CMS.getConfigStore(); String certList = ""; try { @@ -698,13 +695,13 @@ public class RestoreKeyCertPanel extends WizardPanelBase { String tokenname = config.getString("preop.module.token", ""); CryptoToken tok = cm.getTokenByName(tokenname); CryptoStore store = tok.getCryptoStore(); - String name1 = "preop.master."+token+".nickname"; + String name1 = "preop.master." + token + ".nickname"; String nickname = config.getString(name1, ""); if (!tokenname.equals("Internal Key Storage Token") && - !tokenname.equals("internal")) - nickname = tokenname+":"+nickname; + !tokenname.equals("internal")) + nickname = tokenname + ":" + nickname; - CMS.debug("RestoreKeyCertPanel isCertdbCloned: "+nickname); + CMS.debug("RestoreKeyCertPanel isCertdbCloned: " + nickname); X509Certificate cert = cm.findCertByNickname(nickname); if (cert == null) return false; diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java index 854e8f10..0c066268 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java @@ -34,19 +34,20 @@ import com.netscape.cms.servlet.wizard.WizardServlet; public class SavePKCS12Panel extends WizardPanelBase { - public SavePKCS12Panel() {} + public SavePKCS12Panel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Save Keys and Certificates"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Save Keys and Certificates"); setId(id); @@ -60,11 +61,11 @@ public class SavePKCS12Panel extends WizardPanelBase { try { boolean enable = cs.getBoolean("preop.backupkeys.enable", false); - if (!enable) + if (!enable) return true; } catch (Exception e) { } - + return false; } @@ -77,13 +78,14 @@ public class SavePKCS12Panel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + return set; } @@ -116,7 +118,7 @@ public class SavePKCS12Panel extends WizardPanelBase { * Checks if the given parameters are valid. */ public void validate(HttpServletRequest request, - HttpServletResponse response, Context context) throws IOException { + HttpServletResponse response, Context context) throws IOException { } /** @@ -134,9 +136,8 @@ public class SavePKCS12Panel extends WizardPanelBase { * If validiate() returns false, this method will be called. */ public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) - { + HttpServletResponse response, + Context context) { context.put("title", "Save Keys and Certificates"); context.put("panel", "admin/console/config/savepkcs12panel.vm"); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainLogin.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainLogin.java index 3a5d82d1..42165b08 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainLogin.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainLogin.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.net.URL; import java.net.URLDecoder; @@ -59,9 +58,9 @@ public class SecurityDomainLogin extends BaseServlet { int index = url.indexOf("subsystem="); String subsystem = ""; if (index > 0) { - subsystem = url.substring(index+10); + subsystem = url.substring(index + 10); int index1 = subsystem.indexOf("&"); - if (index1 > 0) + if (index1 > 0) subsystem = subsystem.substring(0, index1); } context.put("sd_uid", ""); @@ -70,14 +69,14 @@ public class SecurityDomainLogin extends BaseServlet { context.put("host", u.getHost()); context.put("sdhost", CMS.getEESSLHost()); if (subsystem.equals("KRA")) { - subsystem = "DRM"; + subsystem = "DRM"; } context.put("subsystem", subsystem); // The "securitydomain.name" property ONLY resides in the "CS.cfg" // associated with the CS subsystem hosting the security domain. IConfigStore cs = CMS.getConfigStore(); String sdname = cs.getString("securitydomain.name", ""); - context.put("name", sdname); + context.put("name", sdname); template = Velocity.getTemplate("admin/console/config/securitydomainloginpanel.vm"); } catch (Exception e) { System.err.println("Exception caught: " + e.getMessage()); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java index 90a6aeb0..7e45f019 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.net.MalformedURLException; import java.net.URL; @@ -39,19 +38,20 @@ import com.netscape.cms.servlet.wizard.WizardServlet; public class SecurityDomainPanel extends WizardPanelBase { - public SecurityDomainPanel() {} + public SecurityDomainPanel() { + } /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException { + public void init(ServletConfig config, int panelno) + throws ServletException { setPanelNo(panelno); setName("Security Domain"); } public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + throws ServletException { setPanelNo(panelno); setName("Security Domain"); setId(id); @@ -72,15 +72,16 @@ public class SecurityDomainPanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + /* XXX */ - + return set; } @@ -136,7 +137,8 @@ public class SecurityDomainPanel extends WizardPanelBase { context.put("https_ee_port", CMS.getEESSLPort()); context.put("https_admin_port", CMS.getAdminPort()); context.put("sdomainAdminURL", default_admin_url); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } context.put("panel", "admin/console/config/securitydomainpanel.vm"); context.put("errorString", errorString); @@ -163,12 +165,12 @@ public class SecurityDomainPanel extends WizardPanelBase { } if (count == numTokens) // skip the last element (e.g. com) continue; - sb.append((defaultDomain.length()==0)? "":" "); + sb.append((defaultDomain.length() == 0) ? "" : " "); sb.append(capitalize(n)); } - defaultDomain = sb.toString() + " "+ "Domain"; + defaultDomain = sb.toString() + " " + "Domain"; name = defaultDomain; - CMS.debug("SecurityDomainPanel: defaultDomain generated:"+ name); + CMS.debug("SecurityDomainPanel: defaultDomain generated:" + name); } catch (MalformedURLException e) { errorString = "Malformed URL"; // not being able to come up with default domain name is ok @@ -176,54 +178,53 @@ public class SecurityDomainPanel extends WizardPanelBase { } context.put("sdomainName", name); - if( default_admin_url != null ) { + if (default_admin_url != null) { String r = null; try { // check to see if "default" security domain exists // on local machine - URL u = new URL( default_admin_url ); + URL u = new URL(default_admin_url); String hostname = u.getHost(); int port = u.getPort(); - ConfigCertApprovalCallback - certApprovalCallback = new ConfigCertApprovalCallback(); - r = pingCS( hostname, port, true, certApprovalCallback ); + ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); + r = pingCS(hostname, port, true, certApprovalCallback); } catch (Exception e) { - CMS.debug( "SecurityDomainPanel: exception caught: " - + e.toString() ); + CMS.debug("SecurityDomainPanel: exception caught: " + + e.toString()); } - - if( r != null ) { + + if (r != null) { // "default" security domain exists on local machine; // fill "sdomainURL" in with "default" security domain // as an initial "guess" - CMS.debug( "SecurityDomainPanel: pingCS returns: "+r ); - context.put( "sdomainURL", default_admin_url ); + CMS.debug("SecurityDomainPanel: pingCS returns: " + r); + context.put("sdomainURL", default_admin_url); } else { // "default" security domain does NOT exist on local machine; // leave "sdomainURL" blank - CMS.debug( "SecurityDomainPanel: pingCS no successful response" ); - context.put( "sdomainURL", "" ); + CMS.debug("SecurityDomainPanel: pingCS no successful response"); + context.put("sdomainURL", ""); } } // Information for "existing" Security Domain CAs String initDaemon = "pki-cad"; String instanceId = "<security_domain_instance_name>"; - String os = System.getProperty( "os.name" ); - if( os.equalsIgnoreCase( "Linux" ) ) { - if (! systemdService.equals("")) { - context.put( "initCommand", "/usr/bin/pkicontrol" ); - context.put( "instanceId", "ca " + systemdService ); + String os = System.getProperty("os.name"); + if (os.equalsIgnoreCase("Linux")) { + if (!systemdService.equals("")) { + context.put("initCommand", "/usr/bin/pkicontrol"); + context.put("instanceId", "ca " + systemdService); } else { - context.put( "initCommand", "/sbin/service " + initDaemon ); - context.put( "instanceId", instanceId ); + context.put("initCommand", "/sbin/service " + initDaemon); + context.put("instanceId", instanceId); } } else { /* default case: e. g. - ( os.equalsIgnoreCase( "SunOS" ) */ - context.put( "initCommand", "/etc/init.d/" + initDaemon ); - context.put( "instanceId", instanceId ); + context.put("initCommand", "/etc/init.d/" + initDaemon); + context.put("instanceId", instanceId); } } @@ -231,7 +232,7 @@ public class SecurityDomainPanel extends WizardPanelBase { if (s.length() == 0) { return s; } else { - return s.substring(0,1).toUpperCase() + s.substring(1); + return s.substring(0, 1).toUpperCase() + s.substring(1); } } @@ -241,7 +242,7 @@ public class SecurityDomainPanel extends WizardPanelBase { public void validate(HttpServletRequest request, HttpServletResponse response, Context context) throws IOException { - + String select = HttpInput.getID(request, "choice"); if (select.equals("newdomain")) { String name = HttpInput.getSecurityDomainName(request, "sdomainName"); @@ -251,50 +252,48 @@ public class SecurityDomainPanel extends WizardPanelBase { throw new IOException("Missing name value for the security domain"); } } else if (select.equals("existingdomain")) { - CMS.debug( "SecurityDomainPanel: validating " - + "SSL Admin HTTPS . . ." ); - String admin_url = HttpInput.getURL( request, "sdomainURL" ); - if( admin_url == null || admin_url.equals("") ) { - initParams( request, context ); + CMS.debug("SecurityDomainPanel: validating " + + "SSL Admin HTTPS . . ."); + String admin_url = HttpInput.getURL(request, "sdomainURL"); + if (admin_url == null || admin_url.equals("")) { + initParams(request, context); context.put("updateStatus", "validate-failure"); - throw new IOException( "Missing SSL Admin HTTPS url value " - + "for the security domain" ); + throw new IOException("Missing SSL Admin HTTPS url value " + + "for the security domain"); } else { String r = null; try { - URL u = new URL( admin_url ); + URL u = new URL(admin_url); String hostname = u.getHost(); int admin_port = u.getPort(); - ConfigCertApprovalCallback - certApprovalCallback = new ConfigCertApprovalCallback(); - r = pingCS( hostname, admin_port, true, - certApprovalCallback ); - } catch( Exception e ) { - CMS.debug( "SecurityDomainPanel: exception caught: " - + e.toString() ); + ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); + r = pingCS(hostname, admin_port, true, + certApprovalCallback); + } catch (Exception e) { + CMS.debug("SecurityDomainPanel: exception caught: " + + e.toString()); context.put("updateStatus", "validate-failure"); - throw new IOException( "Illegal SSL Admin HTTPS url value " - + "for the security domain" ); + throw new IOException("Illegal SSL Admin HTTPS url value " + + "for the security domain"); } if (r != null) { CMS.debug("SecurityDomainPanel: pingAdminCS returns: " - + r ); - context.put( "sdomainURL", admin_url ); + + r); + context.put("sdomainURL", admin_url); } else { - CMS.debug( "SecurityDomainPanel: pingAdminCS " - + "no successful response for SSL Admin HTTPS" ); - context.put( "sdomainURL", "" ); + CMS.debug("SecurityDomainPanel: pingAdminCS " + + "no successful response for SSL Admin HTTPS"); + context.put("sdomainURL", ""); } } } } - public void initParams(HttpServletRequest request, Context context) - throws IOException - { + public void initParams(HttpServletRequest request, Context context) + throws IOException { IConfigStore config = CMS.getConfigStore(); try { context.put("cstype", config.getString("cs.type")); @@ -306,7 +305,7 @@ public class SecurityDomainPanel extends WizardPanelBase { context.put("check_newdomain", "checked"); context.put("check_existingdomain", ""); } else if (select.equals("existingdomain")) { - context.put("check_newdomain", ""); + context.put("check_newdomain", ""); context.put("check_existingdomain", "checked"); } @@ -340,29 +339,30 @@ public class SecurityDomainPanel extends WizardPanelBase { if (select.equals("newdomain")) { config.putString("preop.securitydomain.select", "new"); config.putString("securitydomain.select", "new"); - config.putString("preop.securitydomain.name", - HttpInput.getDomainName(request, "sdomainName")); - config.putString("securitydomain.name", - HttpInput.getDomainName(request, "sdomainName")); - config.putString("securitydomain.host", - CMS.getEENonSSLHost()); - config.putString("securitydomain.httpport", - CMS.getEENonSSLPort()); - config.putString("securitydomain.httpsagentport", - CMS.getAgentPort()); - config.putString("securitydomain.httpseeport", - CMS.getEESSLPort()); - config.putString("securitydomain.httpsadminport", - CMS.getAdminPort()); + config.putString("preop.securitydomain.name", + HttpInput.getDomainName(request, "sdomainName")); + config.putString("securitydomain.name", + HttpInput.getDomainName(request, "sdomainName")); + config.putString("securitydomain.host", + CMS.getEENonSSLHost()); + config.putString("securitydomain.httpport", + CMS.getEENonSSLPort()); + config.putString("securitydomain.httpsagentport", + CMS.getAgentPort()); + config.putString("securitydomain.httpseeport", + CMS.getEESSLPort()); + config.putString("securitydomain.httpsadminport", + CMS.getAdminPort()); // make sure the subsystem certificate is issued by the security // domain config.putString("preop.cert.subsystem.type", "local"); config.putString("preop.cert.subsystem.profile", "subsystemCert.profile"); - + try { config.commit(false); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } String instanceRoot = ""; try { @@ -383,31 +383,32 @@ public class SecurityDomainPanel extends WizardPanelBase { String hostname = ""; int admin_port = -1; - if( admin_url != null ) { + if (admin_url != null) { try { - URL admin_u = new URL( admin_url ); + URL admin_u = new URL(admin_url); hostname = admin_u.getHost(); admin_port = admin_u.getPort(); - } catch( MalformedURLException e ) { + } catch (MalformedURLException e) { errorString = "Malformed SSL Admin HTTPS URL"; context.put("updateStatus", "failure"); - throw new IOException( errorString ); + throw new IOException(errorString); } - context.put( "sdomainURL", admin_url ); - config.putString( "securitydomain.host", hostname ); - config.putInteger( "securitydomain.httpsadminport", - admin_port ); + context.put("sdomainURL", admin_url); + config.putString("securitydomain.host", hostname); + config.putInteger("securitydomain.httpsadminport", + admin_port); } try { config.commit(false); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); - updateCertChain( config, "securitydomain", hostname, admin_port, - true, context, certApprovalCallback ); + updateCertChain(config, "securitydomain", hostname, admin_port, + true, context, certApprovalCallback); } else { CMS.debug("SecurityDomainPanel: invalid choice " + select); errorString = "Invalid choice"; @@ -425,7 +426,8 @@ public class SecurityDomainPanel extends WizardPanelBase { context.put("wizardname", config.getString("preop.wizard.name")); context.put("panelname", "Security Domain Configuration"); context.put("systemname", config.getString("preop.system.name")); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } context.put("errorString", errorString); context.put("updateStatus", "success"); @@ -446,32 +448,33 @@ public class SecurityDomainPanel extends WizardPanelBase { try { default_admin_url = config.getString("preop.securitydomain.admin_url", ""); - } catch (Exception e) {} + } catch (Exception e) { + } - if( default_admin_url != null ) { + if (default_admin_url != null) { String r = null; try { // check to see if "default" security domain exists // on local machine - URL u = new URL( default_admin_url ); + URL u = new URL(default_admin_url); String hostname = u.getHost(); int port = u.getPort(); - ConfigCertApprovalCallback - certApprovalCallback = new ConfigCertApprovalCallback(); - r = pingCS( hostname, port, true, certApprovalCallback ); - } catch (Exception e) {} - - if( r != null ) { + ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); + r = pingCS(hostname, port, true, certApprovalCallback); + } catch (Exception e) { + } + + if (r != null) { // "default" security domain exists on local machine; // refill "sdomainURL" in with "default" security domain // as an initial "guess" - context.put( "sdomainURL", default_admin_url ); + context.put("sdomainURL", default_admin_url); } else { // "default" security domain does NOT exist on local machine; // leave "sdomainURL" blank - context.put( "sdomainURL", "" ); + context.put("sdomainURL", ""); } } @@ -483,19 +486,20 @@ public class SecurityDomainPanel extends WizardPanelBase { context.put("https_admin_port", CMS.getAdminPort()); context.put("sdomainAdminURL", config.getString("preop.securitydomain.admin_url")); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } // Information for "existing" Security Domain CAs String initDaemon = "pki-cad"; String instanceId = "<security_domain_instance_name>"; - String os = System.getProperty( "os.name" ); - if( os.equalsIgnoreCase( "Linux" ) ) { - context.put( "initCommand", "/sbin/service " + initDaemon ); - context.put( "instanceId", instanceId ); + String os = System.getProperty("os.name"); + if (os.equalsIgnoreCase("Linux")) { + context.put("initCommand", "/sbin/service " + initDaemon); + context.put("instanceId", instanceId); } else { /* default case: e. g. - ( os.equalsIgnoreCase( "SunOS" ) */ - context.put( "initCommand", "/etc/init.d/" + initDaemon ); - context.put( "instanceId", instanceId ); + context.put("initCommand", "/etc/init.d/" + initDaemon); + context.put("instanceId", instanceId); } context.put("title", "Security Domain"); diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainSessionTable.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainSessionTable.java index 75cc0fb6..d15ca5ad 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainSessionTable.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SecurityDomainSessionTable.java @@ -27,8 +27,8 @@ import com.netscape.certsrv.base.ISecurityDomainSessionTable; /** * This object stores the values for IP, uid and group based on the cookie id. */ -public class SecurityDomainSessionTable - implements ISecurityDomainSessionTable { +public class SecurityDomainSessionTable + implements ISecurityDomainSessionTable { private Hashtable<String, Vector<Comparable<?>>> m_sessions; private long m_timeToLive; @@ -38,8 +38,8 @@ public class SecurityDomainSessionTable m_timeToLive = timeToLive; } - public int addEntry(String sessionId, String ip, - String uid, String group) { + public int addEntry(String sessionId, String ip, + String uid, String group) { Vector<Comparable<?>> v = new Vector<Comparable<?>>(); v.addElement(ip); v.addElement(uid); @@ -67,28 +67,28 @@ public class SecurityDomainSessionTable public String getIP(String sessionId) { Vector<Comparable<?>> v = m_sessions.get(sessionId); if (v != null) - return (String)v.elementAt(0); + return (String) v.elementAt(0); return null; } public String getUID(String sessionId) { Vector<Comparable<?>> v = m_sessions.get(sessionId); if (v != null) - return (String)v.elementAt(1); + return (String) v.elementAt(1); return null; } public String getGroup(String sessionId) { Vector<Comparable<?>> v = m_sessions.get(sessionId); if (v != null) - return (String)v.elementAt(2); + return (String) v.elementAt(2); return null; } public long getBeginTime(String sessionId) { Vector<Comparable<?>> v = m_sessions.get(sessionId); - if (v != null) { - Long n = (Long)v.elementAt(3); + if (v != null) { + Long n = (Long) v.elementAt(3); if (n != null) return n.longValue(); } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SessionTimer.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SessionTimer.java index c3a1e325..49cadb9c 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SessionTimer.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SessionTimer.java @@ -29,7 +29,7 @@ public class SessionTimer extends TimerTask { private ISecurityDomainSessionTable m_sessiontable = null; private ILogger mSignedAuditLogger = CMS.getSignedAuditLogger(); private final static String LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE = - "LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE_1"; + "LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE_1"; public SessionTimer(ISecurityDomainSessionTable table) { super(); @@ -39,15 +39,15 @@ public class SessionTimer extends TimerTask { public void run() { Enumeration keys = m_sessiontable.getSessionIds(); while (keys.hasMoreElements()) { - String sessionId = (String)keys.nextElement(); + String sessionId = (String) keys.nextElement(); long beginTime = m_sessiontable.getBeginTime(sessionId); Date nowDate = new Date(); long nowTime = nowDate.getTime(); long timeToLive = m_sessiontable.getTimeToLive(); - if ((nowTime-beginTime) > timeToLive) { + if ((nowTime - beginTime) > timeToLive) { m_sessiontable.removeEntry(sessionId); CMS.debug("SessionTimer run: successfully remove the session id entry from the table."); - + // audit message String auditParams = "operation;;expire_token+token;;" + sessionId; String auditMessage = CMS.getLogMessage( @@ -62,9 +62,7 @@ public class SessionTimer extends TimerTask { ILogger.LL_SECURITY, auditMessage); - } } } } - diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java index 0e6a507a..a008d259 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/SizePanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.security.KeyPair; import java.security.NoSuchAlgorithmException; @@ -54,13 +53,14 @@ public class SizePanel extends WizardPanelBase { private String default_rsa_key_size; private boolean mShowSigning = false; - public SizePanel() {} + public SizePanel() { + } /** * Initializes this panel. */ - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) + throws ServletException { setPanelNo(panelno); setName("Key Pairs"); setId(id); @@ -69,19 +69,19 @@ public class SizePanel extends WizardPanelBase { public PropertySet getUsage() { PropertySet set = new PropertySet(); - + Descriptor choiceDesc = new Descriptor(IDescriptor.CHOICE, "default,custom", null, /* no default parameter */ "If 'default', the key size will be configured automatically. If 'custom', the key size will be set to the value of the parameter 'custom_size'."); set.add("choice", choiceDesc); - + Descriptor customSizeDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ null, /* no default parameter */ "Custom Key Size"); set.add("custom_size", customSizeDesc); - + return set; } @@ -105,7 +105,8 @@ public class SizePanel extends WizardPanelBase { } else { return true; } - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } @@ -118,7 +119,7 @@ public class SizePanel extends WizardPanelBase { Context context) { CMS.debug("SizePanel: display()"); try { - initParams(request, context); + initParams(request, context); } catch (IOException e) { } @@ -134,12 +135,12 @@ public class SizePanel extends WizardPanelBase { } try { - default_ecc_curve_name = config.getString("keys.ecc.curve.default", "nistp256"); + default_ecc_curve_name = config.getString("keys.ecc.curve.default", "nistp256"); } catch (Exception e) { } try { - default_rsa_key_size = config.getString("keys.rsa.keysize.default", "2048"); + default_rsa_key_size = config.getString("keys.rsa.keysize.default", "2048"); } catch (Exception e) { } @@ -180,12 +181,13 @@ public class SizePanel extends WizardPanelBase { PCERT_PREFIX + certTag + ".signing.required", false); c.setSigningRequired(signingRequired); - if (signingRequired) mShowSigning = true; + if (signingRequired) + mShowSigning = true; String userfriendlyname = config.getString( PCERT_PREFIX + certTag + ".userfriendlyname"); c.setUserFriendlyName(userfriendlyname); - boolean enable = config.getBoolean(PCERT_PREFIX+certTag+".enable", true); + boolean enable = config.getBoolean(PCERT_PREFIX + certTag + ".enable", true); c.setEnable(enable); mCerts.addElement(c); }// while @@ -236,13 +238,13 @@ public class SizePanel extends WizardPanelBase { if (select1.equals("clone")) { // preset the sslserver dn for cloning case try { - String val = config.getString("preop.cert.sslserver.dn", ""); - config.putString("preop.cert.sslserver.dn", val+",o=clone"); + String val = config.getString("preop.cert.sslserver.dn", ""); + config.putString("preop.cert.sslserver.dn", val + ",o=clone"); } catch (Exception ee) { } } } - + String token = ""; try { token = config.getString(PRE_CONF_CA_TOKEN, ""); @@ -251,7 +253,7 @@ public class SizePanel extends WizardPanelBase { while (c.hasMoreElements()) { Cert cert = (Cert) c.nextElement(); String ct = cert.getCertTag(); - boolean enable = config.getBoolean(PCERT_PREFIX+ct+".enable", true); + boolean enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true); if (!enable) continue; @@ -280,28 +282,28 @@ public class SizePanel extends WizardPanelBase { } CMS.debug( "SizePanel: update() keysize choice selected:" + select); - String oldkeysize = - config.getString(PCERT_PREFIX+ct+".keysize.size", ""); - String oldkeytype = - config.getString(PCERT_PREFIX + ct + ".keytype", ""); - String oldkeyalgorithm = - config.getString(PCERT_PREFIX + ct + ".keyalgorithm", ""); - String oldsigningalgorithm = - config.getString(PCERT_PREFIX + ct + ".signingalgorithm", ""); + String oldkeysize = + config.getString(PCERT_PREFIX + ct + ".keysize.size", ""); + String oldkeytype = + config.getString(PCERT_PREFIX + ct + ".keytype", ""); + String oldkeyalgorithm = + config.getString(PCERT_PREFIX + ct + ".keyalgorithm", ""); + String oldsigningalgorithm = + config.getString(PCERT_PREFIX + ct + ".signingalgorithm", ""); String oldcurvename = - config.getString(PCERT_PREFIX + ct + ".curvename.name", ""); + config.getString(PCERT_PREFIX + ct + ".curvename.name", ""); if (select.equals("default")) { // XXXrenaming these...keep for now just in case config.putString("preop.keysize.select", "default"); if (keytype != null && keytype.equals("ecc")) { - config.putString("preop.curvename.custom_name", - default_ecc_curve_name); - config.putString("preop.curvename.name", default_ecc_curve_name); + config.putString("preop.curvename.custom_name", + default_ecc_curve_name); + config.putString("preop.curvename.name", default_ecc_curve_name); } else { - config.putString("preop.keysize.custom_size", - default_rsa_key_size); - config.putString("preop.keysize.size", default_rsa_key_size); + config.putString("preop.keysize.custom_size", + default_rsa_key_size); + config.putString("preop.keysize.size", default_rsa_key_size); } config.putString(PCERT_PREFIX + ct + ".keytype", keytype); @@ -311,31 +313,31 @@ public class SizePanel extends WizardPanelBase { "default"); if (keytype != null && keytype.equals("ecc")) { - config.putString(PCERT_PREFIX + ct + - ".curvename.custom_name", - default_ecc_curve_name); - config.putString(PCERT_PREFIX + ct + ".curvename.name", - default_ecc_curve_name); + config.putString(PCERT_PREFIX + ct + + ".curvename.custom_name", + default_ecc_curve_name); + config.putString(PCERT_PREFIX + ct + ".curvename.name", + default_ecc_curve_name); } else { - config.putString(PCERT_PREFIX + ct + - ".keysize.custom_size", - default_rsa_key_size); - config.putString(PCERT_PREFIX + ct + ".keysize.size", - default_rsa_key_size); + config.putString(PCERT_PREFIX + ct + + ".keysize.custom_size", + default_rsa_key_size); + config.putString(PCERT_PREFIX + ct + ".keysize.size", + default_rsa_key_size); } } else if (select.equals("custom")) { // XXXrenaming these...keep for now just in case config.putString("preop.keysize.select", "custom"); if (keytype != null && keytype.equals("ecc")) { - config.putString("preop.curvename.name", - HttpInput.getString(request, ct + "_custom_curvename")); + config.putString("preop.curvename.name", + HttpInput.getString(request, ct + "_custom_curvename")); config.putString("preop.curvename.custom_name", - HttpInput.getString(request, ct + "_custom_curvename")); + HttpInput.getString(request, ct + "_custom_curvename")); } else { - config.putString("preop.keysize.size", - HttpInput.getKeySize(request, ct + "_custom_size", keytype)); + config.putString("preop.keysize.size", + HttpInput.getKeySize(request, ct + "_custom_size", keytype)); config.putString("preop.keysize.custom_size", - HttpInput.getKeySize(request, ct + "_custom_size", keytype)); + HttpInput.getKeySize(request, ct + "_custom_size", keytype)); } config.putString(PCERT_PREFIX + ct + ".keytype", keytype); @@ -346,42 +348,42 @@ public class SizePanel extends WizardPanelBase { if (keytype != null && keytype.equals("ecc")) { config.putString(PCERT_PREFIX + ct + ".curvename.custom_name", - HttpInput.getString(request, ct + "_custom_curvename")); + HttpInput.getString(request, ct + "_custom_curvename")); config.putString(PCERT_PREFIX + ct + ".curvename.name", - HttpInput.getString(request, ct + "_custom_curvename")); + HttpInput.getString(request, ct + "_custom_curvename")); } else { config.putString(PCERT_PREFIX + ct + ".keysize.custom_size", - HttpInput.getKeySize(request, ct + "_custom_size")); + HttpInput.getKeySize(request, ct + "_custom_size")); config.putString(PCERT_PREFIX + ct + ".keysize.size", - HttpInput.getKeySize(request, ct + "_custom_size")); + HttpInput.getKeySize(request, ct + "_custom_size")); } } else { CMS.debug("SizePanel: invalid choice " + select); throw new IOException("invalid choice " + select); } - String newkeysize = - config.getString(PCERT_PREFIX+ct+".keysize.size", ""); - String newkeytype = - config.getString(PCERT_PREFIX + ct + ".keytype", ""); - String newkeyalgorithm = - config.getString(PCERT_PREFIX + ct + ".keyalgorithm", ""); - String newsigningalgorithm = - config.getString(PCERT_PREFIX + ct + ".signingalgorithm", ""); - String newcurvename = - config.getString(PCERT_PREFIX+ct+".curvename.name", ""); - - if (!oldkeysize.equals(newkeysize) || - !oldkeytype.equals(newkeytype) || - !oldkeyalgorithm.equals(newkeyalgorithm) || - !oldsigningalgorithm.equals(newsigningalgorithm) || - !oldcurvename.equals(newcurvename)) + String newkeysize = + config.getString(PCERT_PREFIX + ct + ".keysize.size", ""); + String newkeytype = + config.getString(PCERT_PREFIX + ct + ".keytype", ""); + String newkeyalgorithm = + config.getString(PCERT_PREFIX + ct + ".keyalgorithm", ""); + String newsigningalgorithm = + config.getString(PCERT_PREFIX + ct + ".signingalgorithm", ""); + String newcurvename = + config.getString(PCERT_PREFIX + ct + ".curvename.name", ""); + + if (!oldkeysize.equals(newkeysize) || + !oldkeytype.equals(newkeytype) || + !oldkeyalgorithm.equals(newkeyalgorithm) || + !oldsigningalgorithm.equals(newsigningalgorithm) || + !oldcurvename.equals(newcurvename)) hasChanged = true; }// while try { config.commit(false); - } catch (EBaseException e) { + } catch (EBaseException e) { CMS.debug("SizePanel: update() Exception caught at config commit: " + e.toString()); } @@ -393,7 +395,7 @@ public class SizePanel extends WizardPanelBase { context.put("updateStatus", "success"); return; } - } catch (IOException e) { + } catch (IOException e) { CMS.debug("SizePanel: update() IOException caught: " + e.toString()); context.put("updateStatus", "failure"); throw e; @@ -401,7 +403,7 @@ public class SizePanel extends WizardPanelBase { CMS.debug("SizePanel: update() NumberFormatException caught: " + e.toString()); context.put("updateStatus", "failure"); throw e; - } catch (Exception e) { + } catch (Exception e) { CMS.debug("SizePanel: update() Exception caught: " + e.toString()); } @@ -414,7 +416,7 @@ public class SizePanel extends WizardPanelBase { String friendlyName = ct; boolean enable = true; try { - enable = config.getBoolean(PCERT_PREFIX+ct+".enable", true); + enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true); friendlyName = config.getString(PCERT_PREFIX + ct + ".userfriendlyname", ct); } catch (Exception e) { } @@ -425,15 +427,15 @@ public class SizePanel extends WizardPanelBase { try { String keytype = config.getString(PCERT_PREFIX + ct + ".keytype"); String keyalgorithm = config.getString(PCERT_PREFIX + ct + ".keyalgorithm"); - + if (keytype.equals("rsa")) { int keysize = config.getInteger( - PCERT_PREFIX + ct + ".keysize.size"); + PCERT_PREFIX + ct + ".keysize.size"); createRSAKeyPair(token, keysize, config, ct); } else { String curveName = config.getString( - PCERT_PREFIX + ct + ".curvename.name", default_ecc_curve_name); + PCERT_PREFIX + ct + ".curvename.name", default_ecc_curve_name); createECCKeyPair(token, curveName, config, ct); } config.commit(false); @@ -441,31 +443,30 @@ public class SizePanel extends WizardPanelBase { CMS.debug(e); CMS.debug("SizePanel: key generation failure: " + e.toString()); context.put("updateStatus", "failure"); - throw new IOException("key generation failure for the certificate: " + friendlyName + + throw new IOException("key generation failure for the certificate: " + friendlyName + ". See the logs for details."); } } // while if (hasErr == false) { - config.putBoolean("preop.SizePanel.done", true); - try { - config.commit(false); - } catch (EBaseException e) { - CMS.debug( - "SizePanel: update() Exception caught at config commit: " - + e.toString()); - } - } + config.putBoolean("preop.SizePanel.done", true); + try { + config.commit(false); + } catch (EBaseException e) { + CMS.debug( + "SizePanel: update() Exception caught at config commit: " + + e.toString()); + } + } CMS.debug("SizePanel: update() done"); context.put("updateStatus", "success"); } - public void createECCKeyPair(String token, String curveName, IConfigStore config, String ct) - throws NoSuchAlgorithmException, NoSuchTokenException, TokenException, CryptoManager.NotInitializedException - { - CMS.debug("Generating ECC key pair with curvename="+ curveName + - ", token="+token); + public void createECCKeyPair(String token, String curveName, IConfigStore config, String ct) + throws NoSuchAlgorithmException, NoSuchTokenException, TokenException, CryptoManager.NotInitializedException { + CMS.debug("Generating ECC key pair with curvename=" + curveName + + ", token=" + token); KeyPair pair = null; /* * default ssl server cert to ECDHE unless stated otherwise @@ -488,48 +489,48 @@ public class SizePanel extends WizardPanelBase { // ECDHE needs "SIGN" but no "DERIVE" org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage usages_mask[] = { - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage.DERIVE + org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage.DERIVE }; // ECDH needs "DERIVE" but no any kind of "SIGN" org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage ECDH_usages_mask[] = { - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage.SIGN, - org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage.SIGN_RECOVER, + org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage.SIGN, + org.mozilla.jss.crypto.KeyPairGeneratorSpi.Usage.SIGN_RECOVER, }; do { - if (ct.equals("sslserver") && sslType.equalsIgnoreCase("ECDH")) { - CMS.debug("SizePanel: createECCKeypair: sslserver cert for ECDH. Make sure server.xml is set properly with -TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,+TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"); - pair = CryptoUtil.generateECCKeyPair(token, curveName, - null, - ECDH_usages_mask); - } else { - if (ct.equals("sslserver")) { - CMS.debug("SizePanel: createECCKeypair: sslserver cert for ECDHE. Make sure server.xml is set properly with +TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"); - } - pair = CryptoUtil.generateECCKeyPair(token, curveName, - null, - usages_mask); - } - - // XXX - store curve , w - byte id[] = ((org.mozilla.jss.crypto.PrivateKey) pair.getPrivate()).getUniqueID(); - String kid = CryptoUtil.byte2string(id); - config.putString(PCERT_PREFIX + ct + ".privkey.id", kid); - - // try to locate the private key - org.mozilla.jss.crypto.PrivateKey privk = - CryptoUtil.findPrivateKeyFromID(CryptoUtil.string2byte(kid)); - if (privk == null) { - CMS.debug("Found bad ECC key id " + kid); - pair = null; + if (ct.equals("sslserver") && sslType.equalsIgnoreCase("ECDH")) { + CMS.debug("SizePanel: createECCKeypair: sslserver cert for ECDH. Make sure server.xml is set properly with -TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,+TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"); + pair = CryptoUtil.generateECCKeyPair(token, curveName, + null, + ECDH_usages_mask); + } else { + if (ct.equals("sslserver")) { + CMS.debug("SizePanel: createECCKeypair: sslserver cert for ECDHE. Make sure server.xml is set properly with +TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,-TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"); + } + pair = CryptoUtil.generateECCKeyPair(token, curveName, + null, + usages_mask); + } + + // XXX - store curve , w + byte id[] = ((org.mozilla.jss.crypto.PrivateKey) pair.getPrivate()).getUniqueID(); + String kid = CryptoUtil.byte2string(id); + config.putString(PCERT_PREFIX + ct + ".privkey.id", kid); + + // try to locate the private key + org.mozilla.jss.crypto.PrivateKey privk = + CryptoUtil.findPrivateKeyFromID(CryptoUtil.string2byte(kid)); + if (privk == null) { + CMS.debug("Found bad ECC key id " + kid); + pair = null; } } while (pair == null); - CMS.debug("Public key class " + pair.getPublic().getClass().getName()); + CMS.debug("Public key class " + pair.getPublic().getClass().getName()); byte encoded[] = pair.getPublic().getEncoded(); config.putString(PCERT_PREFIX + ct + ".pubkey.encoded", - CryptoUtil.byte2string(encoded)); + CryptoUtil.byte2string(encoded)); String keyAlgo = ""; try { @@ -537,25 +538,24 @@ public class SizePanel extends WizardPanelBase { } catch (Exception e1) { } - setSigningAlgorithm(ct, keyAlgo, config); + setSigningAlgorithm(ct, keyAlgo, config); } - public void createRSAKeyPair(String token, int keysize, IConfigStore config, String ct) - throws NoSuchAlgorithmException, NoSuchTokenException, TokenException, CryptoManager.NotInitializedException - { + public void createRSAKeyPair(String token, int keysize, IConfigStore config, String ct) + throws NoSuchAlgorithmException, NoSuchTokenException, TokenException, CryptoManager.NotInitializedException { /* generate key pair */ KeyPair pair = null; do { - pair = CryptoUtil.generateRSAKeyPair(token, keysize); - byte id[] = ((org.mozilla.jss.crypto.PrivateKey) pair.getPrivate()).getUniqueID(); - String kid = CryptoUtil.byte2string(id); - config.putString(PCERT_PREFIX + ct + ".privkey.id", kid); - // try to locate the private key - org.mozilla.jss.crypto.PrivateKey privk = - CryptoUtil.findPrivateKeyFromID(CryptoUtil.string2byte(kid)); - if (privk == null) { - CMS.debug("Found bad RSA key id " + kid); - pair = null; + pair = CryptoUtil.generateRSAKeyPair(token, keysize); + byte id[] = ((org.mozilla.jss.crypto.PrivateKey) pair.getPrivate()).getUniqueID(); + String kid = CryptoUtil.byte2string(id); + config.putString(PCERT_PREFIX + ct + ".privkey.id", kid); + // try to locate the private key + org.mozilla.jss.crypto.PrivateKey privk = + CryptoUtil.findPrivateKeyFromID(CryptoUtil.string2byte(kid)); + if (privk == null) { + CMS.debug("Found bad RSA key id " + kid); + pair = null; } } while (pair == null); @@ -563,9 +563,9 @@ public class SizePanel extends WizardPanelBase { byte exponent[] = ((RSAPublicKey) pair.getPublic()).getPublicExponent().toByteArray(); config.putString(PCERT_PREFIX + ct + ".pubkey.modulus", - CryptoUtil.byte2string(modulus)); + CryptoUtil.byte2string(modulus)); config.putString(PCERT_PREFIX + ct + ".pubkey.exponent", - CryptoUtil.byte2string(exponent)); + CryptoUtil.byte2string(exponent)); String keyAlgo = ""; try { @@ -573,41 +573,40 @@ public class SizePanel extends WizardPanelBase { } catch (Exception e1) { } - setSigningAlgorithm(ct, keyAlgo, config); + setSigningAlgorithm(ct, keyAlgo, config); } public void setSigningAlgorithm(String ct, String keyAlgo, IConfigStore config) { String systemType = ""; try { - systemType = config.getString("preop.system.name"); + systemType = config.getString("preop.system.name"); } catch (Exception e1) { } if (systemType.equalsIgnoreCase("CA")) { - if (ct.equals("signing")) { - config.putString("ca.signing.defaultSigningAlgorithm", + if (ct.equals("signing")) { + config.putString("ca.signing.defaultSigningAlgorithm", keyAlgo); - config.putString("ca.crl.MasterCRL.signingAlgorithm", + config.putString("ca.crl.MasterCRL.signingAlgorithm", keyAlgo); - } else if (ct.equals("ocsp_signing")) { - config.putString("ca.ocsp_signing.defaultSigningAlgorithm", + } else if (ct.equals("ocsp_signing")) { + config.putString("ca.ocsp_signing.defaultSigningAlgorithm", keyAlgo); - } + } } else if (systemType.equalsIgnoreCase("OCSP")) { - if (ct.equals("signing")) { - config.putString("ocsp.signing.defaultSigningAlgorithm", + if (ct.equals("signing")) { + config.putString("ocsp.signing.defaultSigningAlgorithm", keyAlgo); - } + } } else if (systemType.equalsIgnoreCase("KRA") || - systemType.equalsIgnoreCase("DRM")) { - if (ct.equals("transport")) { + systemType.equalsIgnoreCase("DRM")) { + if (ct.equals("transport")) { config.putString("kra.transportUnit.signingAlgorithm", keyAlgo); - } + } } } public void initParams(HttpServletRequest request, Context context) - throws IOException - { + throws IOException { IConfigStore config = CMS.getConfigStore(); String s = ""; try { @@ -646,7 +645,7 @@ public class SizePanel extends WizardPanelBase { HttpServletResponse response, Context context) { try { - initParams(request, context); + initParams(request, context); } catch (IOException e) { } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java index cf59e07c..2372b309 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/TokenAuthenticate.java @@ -51,6 +51,7 @@ public class TokenAuthenticate extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -58,13 +59,14 @@ public class TokenAuthenticate extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. + * * @param cmsReq the object holding the request and response information */ protected void process(CMSRequest cmsReq) throws EBaseException { HttpServletRequest httpReq = cmsReq.getHttpReq(); HttpServletResponse httpResp = cmsReq.getHttpResp(); - IConfigStore config = CMS.getConfigStore(); + IConfigStore config = CMS.getConfigStore(); String sessionId = httpReq.getParameter("sessionID"); CMS.debug("TokenAuthentication: sessionId=" + sessionId); @@ -85,9 +87,9 @@ public class TokenAuthenticate extends CMSServlet { CMS.debug("TokenAuthentication: found session"); if (checkIP) { String hostname = table.getIP(sessionId); - if (! hostname.equals(givenHost)) { - CMS.debug("TokenAuthentication: hostname=" + hostname + " and givenHost=" - + givenHost + " are different"); + if (!hostname.equals(givenHost)) { + CMS.debug("TokenAuthentication: hostname=" + hostname + " and givenHost=" + + givenHost + " are different"); CMS.debug("TokenAuthenticate authenticate failed, wrong hostname."); outputError(httpResp, "Error: Failed Authentication"); return; diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java index cf699c61..bba1f378 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateConnector.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.util.Enumeration; import java.util.Locale; @@ -45,7 +44,6 @@ import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ICMSTemplateFiller; import com.netscape.cmsutil.xml.XMLObject; - public class UpdateConnector extends CMSServlet { /** @@ -62,6 +60,7 @@ public class UpdateConnector extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -71,7 +70,7 @@ public class UpdateConnector extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. */ protected void process(CMSRequest cmsReq) throws EBaseException { CMS.debug("UpdateConnector: processing..."); @@ -85,9 +84,9 @@ public class UpdateConnector extends CMSServlet { CMS.debug("UpdateConnector authentication successful."); } catch (Exception e) { CMS.debug("UpdateConnector: authentication failed."); - log(ILogger.LL_FAILURE, + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSGW_ERR_BAD_SERV_OUT_STREAM", "", - e.toString())); + e.toString())); outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); return; } @@ -100,19 +99,19 @@ public class UpdateConnector extends CMSServlet { AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, - "modify"); + authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, + "modify"); CMS.debug("UpdateConnector authorization successful."); } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, "Error: Not authorized"); return; } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, - "Error: Encountered problem during authorization."); + "Error: Encountered problem during authorization."); return; } @@ -125,7 +124,7 @@ public class UpdateConnector extends CMSServlet { Enumeration list = httpReq.getParameterNames(); while (list.hasMoreElements()) { - String name = (String)list.nextElement(); + String name = (String) list.nextElement(); String val = httpReq.getParameter(name); if (name != null && name.startsWith("ca.connector")) { CMS.debug("Adding connector update name=" + name + " val=" + val); @@ -134,24 +133,24 @@ public class UpdateConnector extends CMSServlet { CMS.debug("Skipping connector update name=" + name + " val=" + val); } } - - try { + + try { String nickname = cs.getString("ca.subsystem.nickname", ""); String tokenname = cs.getString("ca.subsystem.tokenname", ""); if (!tokenname.equals("Internal Key Storage Token")) - nickname = tokenname+":"+nickname; + nickname = tokenname + ":" + nickname; cs.putString("ca.connector.KRA.nickName", nickname); cs.commit(false); } catch (Exception e) { } // start the connector - try { + try { ICertificateAuthority ca = (ICertificateAuthority) - CMS.getSubsystem("ca"); - ICAService caService = (ICAService)ca.getCAService(); + CMS.getSubsystem("ca"); + ICAService caService = (ICAService) ca.getCAService(); IConnector kraConnector = caService.getConnector( - cs.getSubStore("ca.connector.KRA")); + cs.getSubStore("ca.connector.KRA")); caService.setKRAConnector(kraConnector); kraConnector.start(); } catch (Exception e) { @@ -173,12 +172,13 @@ public class UpdateConnector extends CMSServlet { } } - protected void setDefaultTemplates(ServletConfig sc) {} + protected void setDefaultTemplates(ServletConfig sc) { + } protected void renderTemplate( CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler) - throws IOException {// do nothing - } + throws IOException {// do nothing + } protected void renderResult(CMSRequest cmsReq) throws IOException {// do nothing, ie, it will not return the default javascript. } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java index c9fe27ef..0476e26d 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateDomainXML.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; @@ -55,7 +54,6 @@ import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ICMSTemplateFiller; import com.netscape.cmsutil.xml.XMLObject; - public class UpdateDomainXML extends CMSServlet { /** @@ -65,9 +63,9 @@ public class UpdateDomainXML extends CMSServlet { private final static String SUCCESS = "0"; private final static String FAILED = "1"; private final static String LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE = - "LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE_1"; + "LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE_1"; private final static String LOGGING_SIGNED_AUDIT_CONFIG_ROLE = - "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3"; + "LOGGING_SIGNED_AUDIT_CONFIG_ROLE_3"; public UpdateDomainXML() { super(); @@ -75,6 +73,7 @@ public class UpdateDomainXML extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -101,20 +100,19 @@ public class UpdateDomainXML extends CMSServlet { status = FAILED; CMS.debug("Failed to delete entry" + e.toString()); } - } catch (Exception e) { - CMS.debug("Failed to delete entry" + e.toString()); - } finally { + } catch (Exception e) { + CMS.debug("Failed to delete entry" + e.toString()); + } finally { try { - if ((conn != null) && (connFactory!= null)) { + if ((conn != null) && (connFactory != null)) { CMS.debug("Releasing ldap connection"); connFactory.returnConn(conn); } - } - catch (Exception e) { + } catch (Exception e) { CMS.debug("Error releasing the ldap connection" + e.toString()); } - } - return status; + } + return status; } private String modify_ldap(String dn, LDAPModification mod) { @@ -135,23 +133,21 @@ public class UpdateDomainXML extends CMSServlet { status = FAILED; CMS.debug("Failed to modify entry" + e.toString()); } - } catch (Exception e) { + } catch (Exception e) { CMS.debug("Failed to modify entry" + e.toString()); - } finally { + } finally { try { - if ((conn != null) && (connFactory!= null)) { + if ((conn != null) && (connFactory != null)) { CMS.debug("Releasing ldap connection"); connFactory.returnConn(conn); } - } - catch (Exception e) { + } catch (Exception e) { CMS.debug("Error releasing the ldap connection" + e.toString()); } - } - return status; + } + return status; } - private String add_to_ldap(LDAPEntry entry, String dn) { CMS.debug("UpdateDomainXML: add_to_ldap: starting"); String status = SUCCESS; @@ -172,37 +168,35 @@ public class UpdateDomainXML extends CMSServlet { conn.delete(dn); conn.add(entry); } catch (LDAPException ee) { - CMS.debug("UpdateDomainXML: Error when replacing existing entry "+ee.toString()); + CMS.debug("UpdateDomainXML: Error when replacing existing entry " + ee.toString()); status = FAILED; } } else { - CMS.debug("UpdateDomainXML: Failed to update ldap domain info. Exception: "+e.toString()); + CMS.debug("UpdateDomainXML: Failed to update ldap domain info. Exception: " + e.toString()); status = FAILED; } } catch (Exception e) { CMS.debug("Failed to add entry" + e.toString()); } finally { try { - if ((conn != null) && (connFactory!= null)) { + if ((conn != null) && (connFactory != null)) { CMS.debug("Releasing ldap connection"); connFactory.returnConn(conn); } - } - catch (Exception e) { + } catch (Exception e) { CMS.debug("Error releasing the ldap connection" + e.toString()); } - } - return status; + } + return status; } - - /** - * Process the HTTP request. + * Process the HTTP request. * <ul> * <li>http.param op 'downloadBIN' - return the binary certificate chain * <li>http.param op 'displayIND' - display pretty-print of certificate chain components * </ul> + * * @param cmsReq the object holding the request and response information */ protected void process(CMSRequest cmsReq) throws EBaseException { @@ -219,7 +213,7 @@ public class UpdateDomainXML extends CMSServlet { authToken = authenticate(cmsReq); } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, AUTH_FAILURE, "Error: Not authenticated"); return; } @@ -233,19 +227,19 @@ public class UpdateDomainXML extends CMSServlet { AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, - "modify"); + authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, + "modify"); } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, AUTH_FAILURE, "Error: Not authorized"); return; } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, - AUTH_FAILURE, - "Error: Encountered problem during authorization."); + AUTH_FAILURE, + "Error: Encountered problem during authorization."); return; } if (authzToken == null) { @@ -272,7 +266,7 @@ public class UpdateDomainXML extends CMSServlet { String missing = ""; if ((host == null) || host.equals("")) { missing += " host "; - } + } if ((name == null) || name.equals("")) { missing += " name "; } @@ -286,20 +280,20 @@ public class UpdateDomainXML extends CMSServlet { clone = "false"; } - if (! missing.equals("")) { - CMS.debug("UpdateDomainXML process: required parameters:" + missing + + if (!missing.equals("")) { + CMS.debug("UpdateDomainXML process: required parameters:" + missing + "not provided in request"); - outputError(httpResp, "Error: required parameters: " + missing + + outputError(httpResp, "Error: required parameters: " + missing + "not provided in request"); return; } String auditMessage = null; String auditSubjectID = auditSubjectID(); - String auditParams = "host;;"+host+"+name;;"+name+"+sport;;"+sport+ - "+clone;;"+clone+"+type;;"+type; + String auditParams = "host;;" + host + "+name;;" + name + "+sport;;" + sport + + "+clone;;" + clone + "+type;;" + type; if (operation != null) { - auditParams += "+operation;;"+operation; + auditParams += "+operation;;" + operation; } else { auditParams += "+operation;;add"; } @@ -312,8 +306,7 @@ public class UpdateDomainXML extends CMSServlet { try { basedn = cs.getString("internaldb.basedn"); secstore = cs.getString("securitydomain.store"); - } - catch (Exception e) { + } catch (Exception e) { CMS.debug("Unable to determine security domain name or basedn. Please run the domaininfo migration script"); } @@ -326,7 +319,7 @@ public class UpdateDomainXML extends CMSServlet { String listName = type + "List"; String cn = host + ":"; - if ((adminsport!= null) && (adminsport != "")) { + if ((adminsport != null) && (adminsport != "")) { cn += adminsport; } else { cn += sport; @@ -361,64 +354,63 @@ public class UpdateDomainXML extends CMSServlet { attrs.add(new LDAPAttribute("clone", clone.toUpperCase())); attrs.add(new LDAPAttribute("SubsystemName", name)); entry = new LDAPEntry(dn, attrs); - - if ((operation != null) && (operation.equals("remove"))) { - status = remove_from_ldap(dn); - String adminUserDN; - if ((agentsport != null) && (!agentsport.equals(""))) { - adminUserDN = "uid=" + type + "-" + host + "-" + agentsport + ",ou=People," + basedn; - } else { - adminUserDN = "uid=" + type + "-" + host + "-" + sport + ",ou=People," + basedn; - } - String userAuditParams = "Scope;;users+Operation;;OP_DELETE+source;;UpdateDomainXML" + - "+resource;;"+adminUserDN; - if (status.equals(SUCCESS)) { - // remove the user for this subsystem's admin - status2 = remove_from_ldap(adminUserDN); - if (status2.equals(SUCCESS)) { - auditMessage = CMS.getLogMessage( + + if ((operation != null) && (operation.equals("remove"))) { + status = remove_from_ldap(dn); + String adminUserDN; + if ((agentsport != null) && (!agentsport.equals(""))) { + adminUserDN = "uid=" + type + "-" + host + "-" + agentsport + ",ou=People," + basedn; + } else { + adminUserDN = "uid=" + type + "-" + host + "-" + sport + ",ou=People," + basedn; + } + String userAuditParams = "Scope;;users+Operation;;OP_DELETE+source;;UpdateDomainXML" + + "+resource;;" + adminUserDN; + if (status.equals(SUCCESS)) { + // remove the user for this subsystem's admin + status2 = remove_from_ldap(adminUserDN); + if (status2.equals(SUCCESS)) { + auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, ILogger.SUCCESS, userAuditParams); - audit(auditMessage); + audit(auditMessage); - // remove this user from the subsystem group - userAuditParams = "Scope;;groups+Operation;;OP_DELETE_USER" + + // remove this user from the subsystem group + userAuditParams = "Scope;;groups+Operation;;OP_DELETE_USER" + "+source;;UpdateDomainXML" + - "+resource;;Subsystem Group+user;;"+adminUserDN; - dn = "cn=Subsystem Group, ou=groups," + basedn; - LDAPModification mod = new LDAPModification(LDAPModification.DELETE, + "+resource;;Subsystem Group+user;;" + adminUserDN; + dn = "cn=Subsystem Group, ou=groups," + basedn; + LDAPModification mod = new LDAPModification(LDAPModification.DELETE, new LDAPAttribute("uniqueMember", adminUserDN)); - status2 = modify_ldap(dn, mod); - if (status2.equals(SUCCESS)) { - auditMessage = CMS.getLogMessage( + status2 = modify_ldap(dn, mod); + if (status2.equals(SUCCESS)) { + auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, ILogger.SUCCESS, userAuditParams); - } else { - auditMessage = CMS.getLogMessage( + } else { + auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, ILogger.FAILURE, userAuditParams); - } - audit(auditMessage); - } else { // error deleting user - auditMessage = CMS.getLogMessage( + } + audit(auditMessage); + } else { // error deleting user + auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_ROLE, auditSubjectID, ILogger.FAILURE, userAuditParams); - audit(auditMessage); - } + audit(auditMessage); } + } } else { - status = add_to_ldap(entry, dn); + status = add_to_ldap(entry, dn); } - } - else { + } else { // update the domain.xml file String path = CMS.getConfigStore().getString("instanceRoot", "") + "/conf/domain.xml"; @@ -430,7 +422,7 @@ public class UpdateDomainXML extends CMSServlet { CMS.debug("UpdateDomainXML: Inserting new domain info"); XMLObject parser = new XMLObject(new FileInputStream(path)); Node n = parser.getContainer(list); - int count =0; + int count = 0; if ((operation != null) && (operation.equals("remove"))) { // delete node @@ -444,11 +436,11 @@ public class UpdateDomainXML extends CMSServlet { Vector v_host = parser.getValuesFromContainer(nn, "Host"); Vector v_adminport = parser.getValuesFromContainer(nn, "SecureAdminPort"); if ((v_name.elementAt(0).equals(name)) && (v_host.elementAt(0).equals(host)) - && (v_adminport.elementAt(0).equals(adminsport))) { - Node parent = nn.getParentNode(); - Node remNode = parent.removeChild(nn); - count --; - break; + && (v_adminport.elementAt(0).equals(adminsport))) { + Node parent = nn.getParentNode(); + Node remNode = parent.removeChild(nn); + count--; + break; } } } else { @@ -463,33 +455,33 @@ public class UpdateDomainXML extends CMSServlet { parser.addItemToContainer(parent, "UnSecurePort", httpport); parser.addItemToContainer(parent, "DomainManager", domainmgr.toUpperCase()); parser.addItemToContainer(parent, "Clone", clone.toUpperCase()); - count ++; + count++; } //update count String countS = ""; NodeList nlist = n.getChildNodes(); Node countnode = null; - for (int i=0; i<nlist.getLength(); i++) { - Element nn = (Element)nlist.item(i); + for (int i = 0; i < nlist.getLength(); i++) { + Element nn = (Element) nlist.item(i); String tagname = nn.getTagName(); if (tagname.equals("SubsystemCount")) { countnode = nn; NodeList nlist1 = nn.getChildNodes(); Node nn1 = nlist1.item(0); - countS = nn1.getNodeValue(); + countS = nn1.getNodeValue(); break; } } - CMS.debug("UpdateDomainXML process: SubsystemCount="+countS); + CMS.debug("UpdateDomainXML process: SubsystemCount=" + countS); try { - count += Integer.parseInt(countS); + count += Integer.parseInt(countS); } catch (Exception ee) { } Node nn2 = n.removeChild(countnode); - parser.addItemToContainer(n, "SubsystemCount", ""+count); + parser.addItemToContainer(n, "SubsystemCount", "" + count); // recreate domain.xml CMS.debug("UpdateDomainXML: Recreating domain.xml"); @@ -503,7 +495,7 @@ public class UpdateDomainXML extends CMSServlet { } } - + if (status.equals(SUCCESS)) { auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_SECURITY_DOMAIN_UPDATE, @@ -520,11 +512,11 @@ public class UpdateDomainXML extends CMSServlet { } audit(auditMessage); - if (status.equals(SUCCESS) && status2.equals(SUCCESS)) { - status = SUCCESS; - } else { - status = FAILED; - } + if (status.equals(SUCCESS) && status2.equals(SUCCESS)) { + status = SUCCESS; + } else { + status = FAILED; + } try { // send success status back to the requestor @@ -537,22 +529,24 @@ public class UpdateDomainXML extends CMSServlet { outputResult(httpResp, "application/xml", cb); } catch (Exception e) { - CMS.debug("UpdateDomainXML: Failed to send the XML output" + e.toString()); + CMS.debug("UpdateDomainXML: Failed to send the XML output" + e.toString()); } } protected String securityDomainXMLtoLDAP(String xmltag) { - if (xmltag.equals("Host")) return "host"; - else return xmltag; + if (xmltag.equals("Host")) + return "host"; + else + return xmltag; } - - protected void setDefaultTemplates(ServletConfig sc) {} + protected void setDefaultTemplates(ServletConfig sc) { + } protected void renderTemplate( CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler) - throws IOException {// do nothing - } + throws IOException {// do nothing + } protected void renderResult(CMSRequest cmsReq) throws IOException {// do nothing, ie, it will not return the default javascript. } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java index 0a1787aa..894afa5f 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateNumberRange.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import java.math.BigInteger; import java.util.Locale; @@ -45,7 +44,6 @@ import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ICMSTemplateFiller; import com.netscape.cmsutil.xml.XMLObject; - public class UpdateNumberRange extends CMSServlet { /** @@ -56,7 +54,7 @@ public class UpdateNumberRange extends CMSServlet { private final static String FAILED = "1"; private final static String AUTH_FAILURE = "2"; private final static String LOGGING_SIGNED_AUDIT_CONFIG_SERIAL_NUMBER = - "LOGGING_SIGNED_AUDIT_CONFIG_SERIAL_NUMBER_1"; + "LOGGING_SIGNED_AUDIT_CONFIG_SERIAL_NUMBER_1"; public UpdateNumberRange() { super(); @@ -64,6 +62,7 @@ public class UpdateNumberRange extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -73,11 +72,12 @@ public class UpdateNumberRange extends CMSServlet { } /** - * Process the HTTP request. + * Process the HTTP request. * <ul> * <li>http.param op 'downloadBIN' - return the binary certificate chain * <li>http.param op 'displayIND' - display pretty-print of certificate chain components * </ul> + * * @param cmsReq the object holding the request and response information */ protected void process(CMSRequest cmsReq) throws EBaseException { @@ -96,18 +96,18 @@ public class UpdateNumberRange extends CMSServlet { AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, - "modify"); + authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, + "modify"); } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, "Error: Not authorized"); return; } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, - "Error: Encountered problem during authorization."); + "Error: Encountered problem during authorization."); return; } if (authzToken == null) { @@ -131,13 +131,13 @@ public class UpdateNumberRange extends CMSServlet { BigInteger oneNum = new BigInteger("1"); String endNumConfig = null; String cloneNumConfig = null; - String nextEndConfig = null; + String nextEndConfig = null; int radix = 10; IRepository repo = null; if (cstype.equals("KRA")) { IKeyRecoveryAuthority kra = (IKeyRecoveryAuthority) CMS.getSubsystem( - IKeyRecoveryAuthority.ID); + IKeyRecoveryAuthority.ID); if (type.equals("request")) { repo = kra.getRequestQueue().getRequestRepository(); } else if (type.equals("serialNo")) { @@ -147,7 +147,7 @@ public class UpdateNumberRange extends CMSServlet { } } else { // CA ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem( - ICertificateAuthority.ID); + ICertificateAuthority.ID); if (type.equals("request")) { repo = ca.getRequestQueue().getRequestRepository(); } else if (type.equals("serialNo")) { @@ -161,22 +161,22 @@ public class UpdateNumberRange extends CMSServlet { // This needs to be done beforehand to ensure that we always have enough // replica numbers if (type.equals("replicaId")) { - CMS.debug("Checking replica number ranges"); - repo.checkRanges(); + CMS.debug("Checking replica number ranges"); + repo.checkRanges(); } - + if (type.equals("request")) { radix = 10; endNumConfig = "dbs.endRequestNumber"; cloneNumConfig = "dbs.requestCloneTransferNumber"; nextEndConfig = "dbs.nextEndRequestNumber"; } else if (type.equals("serialNo")) { - radix=16; + radix = 16; endNumConfig = "dbs.endSerialNumber"; cloneNumConfig = "dbs.serialCloneTransferNumber"; nextEndConfig = "dbs.nextEndSerialNumber"; } else if (type.equals("replicaId")) { - radix=10; + radix = 10; endNumConfig = "dbs.endReplicaNumber"; cloneNumConfig = "dbs.replicaCloneTransferNumber"; nextEndConfig = "dbs.nextEndReplicaNumber"; @@ -192,11 +192,11 @@ public class UpdateNumberRange extends CMSServlet { String nextEndNumStr = cs.getString(nextEndConfig, ""); BigInteger endNum2 = new BigInteger(nextEndNumStr, radix); CMS.debug("Transferring from the end of on-deck range"); - String newValStr = endNum2.subtract(decrement).toString(radix); - repo.setNextMaxSerial(newValStr); - cs.putString(nextEndConfig, newValStr); - beginNum = endNum2.subtract(decrement).add(oneNum); - endNum = endNum2; + String newValStr = endNum2.subtract(decrement).toString(radix); + repo.setNextMaxSerial(newValStr); + cs.putString(nextEndConfig, newValStr); + beginNum = endNum2.subtract(decrement).add(oneNum); + endNum = endNum2; } else { CMS.debug("Transferring from the end of the current range"); String newValStr = beginNum.subtract(oneNum).toString(radix); @@ -204,10 +204,9 @@ public class UpdateNumberRange extends CMSServlet { cs.putString(endNumConfig, newValStr); } - - if( beginNum == null ) { - CMS.debug( "UpdateNumberRange::process() - " + - "beginNum is null!" ); + if (beginNum == null) { + CMS.debug("UpdateNumberRange::process() - " + + "beginNum is null!"); auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_SERIAL_NUMBER, auditSubjectID, @@ -219,7 +218,7 @@ public class UpdateNumberRange extends CMSServlet { // Enable serial number management in master for certs and requests if (type.equals("replicaId")) { - repo.setEnableSerialMgmt(true); + repo.setEnableSerialMgmt(true); } // insert info @@ -248,7 +247,7 @@ public class UpdateNumberRange extends CMSServlet { audit(auditMessage); } catch (Exception e) { - CMS.debug("UpdateNumberRange: Failed to update number range. Exception: "+e.toString()); + CMS.debug("UpdateNumberRange: Failed to update number range. Exception: " + e.toString()); auditMessage = CMS.getLogMessage( LOGGING_SIGNED_AUDIT_CONFIG_SERIAL_NUMBER, @@ -261,12 +260,13 @@ public class UpdateNumberRange extends CMSServlet { } } - protected void setDefaultTemplates(ServletConfig sc) {} + protected void setDefaultTemplates(ServletConfig sc) { + } protected void renderTemplate( CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler) - throws IOException {// do nothing - } + throws IOException {// do nothing + } protected void renderResult(CMSRequest cmsReq) throws IOException {// do nothing, ie, it will not return the default javascript. } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java index 2339c4c7..2d3e33f9 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java @@ -40,7 +40,6 @@ import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.ICMSTemplateFiller; import com.netscape.cmsutil.xml.XMLObject; - public class UpdateOCSPConfig extends CMSServlet { /** @@ -57,6 +56,7 @@ public class UpdateOCSPConfig extends CMSServlet { /** * initialize the servlet. + * * @param sc servlet configuration, read from the web.xml file */ public void init(ServletConfig sc) throws ServletException { @@ -81,18 +81,18 @@ public class UpdateOCSPConfig extends CMSServlet { AuthzToken authzToken = null; try { - authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, - "modify"); + authzToken = authorize(mAclMethod, authToken, mAuthzResourceName, + "modify"); } catch (EAuthzAccessDenied e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, "Error: Not authorized"); return; } catch (Exception e) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); + CMS.getLogMessage("ADMIN_SRVLT_AUTH_FAILURE", e.toString())); outputError(httpResp, - "Error: Encountered problem during authorization."); + "Error: Encountered problem during authorization."); return; } if (authzToken == null) { @@ -108,31 +108,31 @@ public class UpdateOCSPConfig extends CMSServlet { nickname = cs.getString("ca.subsystem.nickname", ""); String tokenname = cs.getString("ca.subsystem.tokenname", ""); if (!tokenname.equals("internal") && !tokenname.equals("Internal Key Storage Token")) - nickname = tokenname+":"+nickname; + nickname = tokenname + ":" + nickname; } catch (Exception e) { } - CMS.debug("UpdateOCSPConfig process: nickname="+nickname); + CMS.debug("UpdateOCSPConfig process: nickname=" + nickname); String ocsphost = httpReq.getParameter("ocsp_host"); String ocspport = httpReq.getParameter("ocsp_port"); try { cs.putString("ca.publish.enable", "true"); - cs.putString("ca.publish.publisher.instance.OCSPPublisher.host", - ocsphost); - cs.putString("ca.publish.publisher.instance.OCSPPublisher.port", - ocspport); - cs.putString("ca.publish.publisher.instance.OCSPPublisher.nickName", - nickname); + cs.putString("ca.publish.publisher.instance.OCSPPublisher.host", + ocsphost); + cs.putString("ca.publish.publisher.instance.OCSPPublisher.port", + ocspport); + cs.putString("ca.publish.publisher.instance.OCSPPublisher.nickName", + nickname); cs.putString("ca.publish.publisher.instance.OCSPPublisher.path", - "/ocsp/agent/ocsp/addCRL"); + "/ocsp/agent/ocsp/addCRL"); cs.putString("ca.publish.publisher.instance.OCSPPublisher.pluginName", "OCSPPublisher"); cs.putString("ca.publish.publisher.instance.OCSPPublisher.enableClientAuth", "true"); cs.putString("ca.publish.rule.instance.ocsprule.enable", "true"); cs.putString("ca.publish.rule.instance.ocsprule.mapper", "NoMap"); cs.putString("ca.publish.rule.instance.ocsprule.pluginName", "Rule"); - cs.putString("ca.publish.rule.instance.ocsprule.publisher", - "OCSPPublisher"); + cs.putString("ca.publish.rule.instance.ocsprule.publisher", + "OCSPPublisher"); cs.putString("ca.publish.rule.instance.ocsprule.type", "crl"); cs.commit(false); // insert info @@ -147,17 +147,18 @@ public class UpdateOCSPConfig extends CMSServlet { outputResult(httpResp, "application/xml", cb); } catch (Exception e) { - CMS.debug("UpdateOCSPConfig: Failed to update OCSP configuration. Exception: "+e.toString()); + CMS.debug("UpdateOCSPConfig: Failed to update OCSP configuration. Exception: " + e.toString()); outputError(httpResp, "Error: Failed to update OCSP configuration."); } } - protected void setDefaultTemplates(ServletConfig sc) {} + protected void setDefaultTemplates(ServletConfig sc) { + } protected void renderTemplate( CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler) - throws IOException {// do nothing - } + throws IOException {// do nothing + } protected void renderResult(CMSRequest cmsReq) throws IOException {// do nothing, ie, it will not return the default javascript. } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java index 7b1c9959..4224c4eb 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.IOException; import javax.servlet.ServletConfig; @@ -35,13 +34,14 @@ import com.netscape.cms.servlet.wizard.WizardServlet; public class WelcomePanel extends WizardPanelBase { - public WelcomePanel() {} + public WelcomePanel() { + } /** * Initializes this panel. */ - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { + public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) + throws ServletException { setPanelNo(panelno); setName("Welcome"); setId(id); @@ -52,19 +52,20 @@ public class WelcomePanel extends WizardPanelBase { cs.putBoolean("preop.welcome.done", false); } - public boolean isPanelDone() { + public boolean isPanelDone() { IConfigStore cs = CMS.getConfigStore(); try { return cs.getBoolean("preop.welcome.done"); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } return false; } public PropertySet getUsage() { PropertySet set = new PropertySet(); - + /* XXX */ - + return set; } @@ -80,7 +81,7 @@ public class WelcomePanel extends WizardPanelBase { try { context.put("cstype", cs.getString("cs.type")); context.put("wizardname", cs.getString("preop.wizard.name")); - context.put("panelname", + context.put("panelname", cs.getString("preop.system.fullname") + " Configuration Wizard"); context.put("systemname", cs.getString("preop.system.name")); @@ -90,7 +91,8 @@ public class WelcomePanel extends WizardPanelBase { cs.getString("preop.product.name")); context.put("productversion", cs.getString("preop.product.version")); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } context.put("panel", "admin/console/config/welcomepanel.vm"); } @@ -112,7 +114,8 @@ public class WelcomePanel extends WizardPanelBase { try { cs.putBoolean("preop.welcome.done", true); cs.commit(false); - } catch (EBaseException e) {} + } catch (EBaseException e) { + } } /** @@ -120,5 +123,6 @@ public class WelcomePanel extends WizardPanelBase { */ public void displayError(HttpServletRequest request, HttpServletResponse response, - Context context) {/* This should never be called */} + Context context) {/* This should never be called */ + } } diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/WelcomeServlet.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/WelcomeServlet.java index 06eb63ff..f5a96bc8 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/WelcomeServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/WelcomeServlet.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -25,7 +24,6 @@ import org.apache.velocity.Template; import org.apache.velocity.app.Velocity; import org.apache.velocity.context.Context; - public class WelcomeServlet extends BaseServlet { /** diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java index a2a7d5df..c7910bc8 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cms.servlet.csadmin; - import java.io.ByteArrayInputStream; import java.io.IOException; import java.net.ConnectException; @@ -95,15 +94,13 @@ public class WizardPanelBase implements IWizardPanel { /** * Initializes this panel. */ - public void init(ServletConfig config, int panelno) - throws ServletException - { + public void init(ServletConfig config, int panelno) + throws ServletException { mPanelNo = panelno; } - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException - { + public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) + throws ServletException { mPanelNo = panelno; } @@ -142,7 +139,7 @@ public class WizardPanelBase implements IWizardPanel { return set; } - + /** * Should we skip this panel? */ @@ -187,7 +184,8 @@ public class WizardPanelBase implements IWizardPanel { */ public void display(HttpServletRequest request, HttpServletResponse response, - Context context) {} + Context context) { + } /** * Checks if the given parameters are valid. @@ -202,14 +200,16 @@ public class WizardPanelBase implements IWizardPanel { */ public void update(HttpServletRequest request, HttpServletResponse response, - Context context) throws IOException {} + Context context) throws IOException { + } /** * If validiate() returns false, this method will be called. */ public void displayError(HttpServletRequest request, HttpServletResponse response, - Context context) {} + Context context) { + } /** * Retrieves locale based on the request. @@ -233,7 +233,8 @@ public class WizardPanelBase implements IWizardPanel { try { instanceID = config.getString("instanceId", ""); - } catch (Exception e) {} + } catch (Exception e) { + } String nickname = certTag + "Cert cert-" + instanceID; String preferredNickname = null; @@ -241,7 +242,8 @@ public class WizardPanelBase implements IWizardPanel { try { preferredNickname = config.getString( PCERT_PREFIX + certTag + ".nickname", null); - } catch (Exception e) {} + } catch (Exception e) { + } if (preferredNickname != null) { nickname = preferredNickname; @@ -250,7 +252,7 @@ public class WizardPanelBase implements IWizardPanel { } public void updateDomainXML(String hostname, int port, boolean https, - String servlet, String uri) throws IOException { + String servlet, String uri) throws IOException { CMS.debug("WizardPanelBase updateDomainXML start hostname=" + hostname + " port=" + port); IConfigStore cs = CMS.getConfigStore(); String nickname = ""; @@ -258,17 +260,18 @@ public class WizardPanelBase implements IWizardPanel { try { nickname = cs.getString("preop.cert.subsystem.nickname", ""); tokenname = cs.getString("preop.module.token", ""); - } catch (Exception e) {} + } catch (Exception e) { + } if (!tokenname.equals("") && - !tokenname.equals("Internal Key Storage Token") && - !tokenname.equals("internal")) { - nickname = tokenname+":"+nickname; + !tokenname.equals("Internal Key Storage Token") && + !tokenname.equals("internal")) { + nickname = tokenname + ":" + nickname; } CMS.debug("WizardPanelBase updateDomainXML nickname=" + nickname); CMS.debug("WizardPanelBase: start sending updateDomainXML request"); - String c = getHttpResponse(hostname, port, https, servlet, uri, nickname); + String c = getHttpResponse(hostname, port, https, servlet, uri, nickname); CMS.debug("WizardPanelBase: done sending updateDomainXML request"); if (c != null) { @@ -278,9 +281,9 @@ public class WizardPanelBase implements IWizardPanel { try { obj = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::updateDomainXML() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::updateDomainXML() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = obj.getValue("Status"); @@ -291,7 +294,7 @@ public class WizardPanelBase implements IWizardPanel { } else { String error = obj.getValue("Error"); throw new IOException(error); - } + } } catch (IOException e) { CMS.debug("WizardPanelBase: updateDomainXML: " + e.toString()); throw e; @@ -302,8 +305,8 @@ public class WizardPanelBase implements IWizardPanel { } } - public int getSubsystemCount( String hostname, int https_admin_port, - boolean https, String type ) + public int getSubsystemCount(String hostname, int https_admin_port, + boolean https, String type) throws IOException { CMS.debug("WizardPanelBase getSubsystemCount start"); String c = getDomainXML(hostname, https_admin_port, true); @@ -311,12 +314,12 @@ public class WizardPanelBase implements IWizardPanel { try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject obj = new XMLObject(bis); - String containerName = type+"List"; + String containerName = type + "List"; Node n = obj.getContainer(containerName); NodeList nlist = n.getChildNodes(); String countS = ""; - for (int i=0; i<nlist.getLength(); i++) { - Element nn = (Element)nlist.item(i); + for (int i = 0; i < nlist.getLength(); i++) { + Element nn = (Element) nlist.item(i); String tagname = nn.getTagName(); if (tagname.equals("SubsystemCount")) { NodeList nlist1 = nn.getChildNodes(); @@ -325,7 +328,7 @@ public class WizardPanelBase implements IWizardPanel { break; } } - CMS.debug("WizardPanelBase getSubsystemCount: SubsystemCount="+countS); + CMS.debug("WizardPanelBase getSubsystemCount: SubsystemCount=" + countS); int num = 0; if (countS != null && !countS.equals("")) { @@ -337,7 +340,7 @@ public class WizardPanelBase implements IWizardPanel { return num; } catch (Exception e) { - CMS.debug("WizardPanelBase: getSubsystemCount: "+e.toString()); + CMS.debug("WizardPanelBase: getSubsystemCount: " + e.toString()); throw new IOException(e.toString()); } } @@ -345,12 +348,12 @@ public class WizardPanelBase implements IWizardPanel { return -1; } - public String getDomainXML( String hostname, int https_admin_port, - boolean https ) + public String getDomainXML(String hostname, int https_admin_port, + boolean https) throws IOException { CMS.debug("WizardPanelBase getDomainXML start"); - String c = getHttpResponse( hostname, https_admin_port, https, - "/ca/admin/ca/getDomainXML", null, null ); + String c = getHttpResponse(hostname, https_admin_port, https, + "/ca/admin/ca/getDomainXML", null, null); if (c != null) { try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); @@ -359,9 +362,9 @@ public class WizardPanelBase implements IWizardPanel { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::getDomainXML() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::getDomainXML() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -374,12 +377,12 @@ public class WizardPanelBase implements IWizardPanel { CMS.debug( "WizardPanelBase getDomainXML: domainInfo=" + domainInfo); - return domainInfo; + return domainInfo; } else { String error = parser.getValue("Error"); throw new IOException(error); - } + } } catch (IOException e) { CMS.debug("WizardPanelBase: getDomainXML: " + e.toString()); throw e; @@ -392,29 +395,29 @@ public class WizardPanelBase implements IWizardPanel { return null; } - public String getSubsystemCert(String host, int port, boolean https) - throws IOException { + public String getSubsystemCert(String host, int port, boolean https) + throws IOException { CMS.debug("WizardPanelBase getSubsystemCert start"); - String c = getHttpResponse(host, port, https, - "/ca/admin/ca/getSubsystemCert", null, null); + String c = getHttpResponse(host, port, https, + "/ca/admin/ca/getSubsystemCert", null, null); if (c != null) { try { - ByteArrayInputStream bis = - new ByteArrayInputStream(c.getBytes()); + ByteArrayInputStream bis = + new ByteArrayInputStream(c.getBytes()); XMLObject parser = null; try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::getSubsystemCert() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::getSubsystemCert() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); if (status.equals(SUCCESS)) { String s = parser.getValue("Cert"); return s; } else - return null; + return null; } catch (Exception e) { } } @@ -423,10 +426,10 @@ public class WizardPanelBase implements IWizardPanel { } public void updateConnectorInfo(String host, int port, boolean https, - String content) throws IOException { + String content) throws IOException { CMS.debug("WizardPanelBase updateConnectorInfo start"); - String c = getHttpResponse(host, port, https, - "/ca/admin/ca/updateConnector", content, null); + String c = getHttpResponse(host, port, https, + "/ca/admin/ca/updateConnector", content, null); if (c != null) { try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); @@ -435,9 +438,9 @@ public class WizardPanelBase implements IWizardPanel { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::updateConnectorInfo() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::updateConnectorInfo() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -447,7 +450,7 @@ public class WizardPanelBase implements IWizardPanel { if (!status.equals(SUCCESS)) { String error = parser.getValue("Error"); throw new IOException(error); - } + } } catch (IOException e) { CMS.debug("WizardPanelBase: updateConnectorInfo: " + e.toString()); throw e; @@ -458,16 +461,16 @@ public class WizardPanelBase implements IWizardPanel { } } - public String getCertChainUsingSecureAdminPort( String hostname, + public String getCertChainUsingSecureAdminPort(String hostname, int https_admin_port, boolean https, ConfigCertApprovalCallback - certApprovalCallback ) + certApprovalCallback) throws IOException { CMS.debug("WizardPanelBase getCertChainUsingSecureAdminPort start"); - String c = getHttpResponse( hostname, https_admin_port, https, + String c = getHttpResponse(hostname, https_admin_port, https, "/ca/admin/ca/getCertChain", null, null, - certApprovalCallback ); + certApprovalCallback); if (c != null) { try { @@ -477,9 +480,9 @@ public class WizardPanelBase implements IWizardPanel { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::getCertChainUsingSecureAdminPort() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::getCertChainUsingSecureAdminPort() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -493,12 +496,12 @@ public class WizardPanelBase implements IWizardPanel { CMS.debug( "WizardPanelBase getCertChainUsingSecureAdminPort: certchain=" + certchain); - return certchain; + return certchain; } else { String error = parser.getValue("Error"); throw new IOException(error); - } + } } catch (IOException e) { CMS.debug("WizardPanelBase: getCertChainUsingSecureAdminPort: " + e.toString()); throw e; @@ -511,16 +514,16 @@ public class WizardPanelBase implements IWizardPanel { return null; } - public String getCertChainUsingSecureEEPort( String hostname, + public String getCertChainUsingSecureEEPort(String hostname, int https_ee_port, boolean https, ConfigCertApprovalCallback - certApprovalCallback ) + certApprovalCallback) throws IOException { CMS.debug("WizardPanelBase getCertChainUsingSecureEEPort start"); - String c = getHttpResponse( hostname, https_ee_port, https, + String c = getHttpResponse(hostname, https_ee_port, https, "/ca/ee/ca/getCertChain", null, null, - certApprovalCallback ); + certApprovalCallback); if (c != null) { try { @@ -530,9 +533,9 @@ public class WizardPanelBase implements IWizardPanel { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::getCertChainUsingSecureEEPort() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::getCertChainUsingSecureEEPort() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -546,12 +549,12 @@ public class WizardPanelBase implements IWizardPanel { CMS.debug( "WizardPanelBase getCertChainUsingSecureEEPort: certchain=" + certchain); - return certchain; + return certchain; } else { String error = parser.getValue("Error"); throw new IOException(error); - } + } } catch (IOException e) { CMS.debug("WizardPanelBase: getCertChainUsingSecureEEPort: " + e.toString()); throw e; @@ -565,8 +568,8 @@ public class WizardPanelBase implements IWizardPanel { } public boolean updateConfigEntries(String hostname, int port, boolean https, - String servlet, String uri, IConfigStore config, - HttpServletResponse response) throws IOException { + String servlet, String uri, IConfigStore config, + HttpServletResponse response) throws IOException { CMS.debug("WizardPanelBase updateConfigEntries start"); String c = getHttpResponse(hostname, port, https, servlet, uri, null); @@ -578,9 +581,9 @@ public class WizardPanelBase implements IWizardPanel { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::updateConfigEntries() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::updateConfigEntries() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -594,11 +597,11 @@ public class WizardPanelBase implements IWizardPanel { } catch (Exception e) { CMS.debug("WizardPanelBase::updateConfigEntries() - unable to get cs.type: " + e.toString()); } - - Document doc = parser.getDocument(); + + Document doc = parser.getDocument(); NodeList list = doc.getElementsByTagName("name"); int len = list.getLength(); - for (int i=0; i<len; i++) { + for (int i = 0; i < len; i++) { Node n = list.item(i); NodeList nn = n.getChildNodes(); String name = nn.item(0).getNodeValue(); @@ -606,14 +609,14 @@ public class WizardPanelBase implements IWizardPanel { nn = parent.getChildNodes(); int len1 = nn.getLength(); String v = ""; - for (int j=0; j<len1; j++) { + for (int j = 0; j < len1; j++) { Node nv = nn.item(j); String val = nv.getNodeName(); if (val.equals("value")) { NodeList n2 = nv.getChildNodes(); if (n2.getLength() > 0) - v = n2.item(0).getNodeValue(); - break; + v = n2.item(0).getNodeValue(); + break; } } @@ -625,7 +628,7 @@ public class WizardPanelBase implements IWizardPanel { config.putString("preop.internaldb.master.binddn", v); } else if (name.equals("internaldb.basedn")) { config.putString(name, v); - config.putString("preop.internaldb.master.basedn", v); + config.putString("preop.internaldb.master.basedn", v); } else if (name.equals("internaldb.ldapauth.password")) { config.putString("preop.internaldb.master.bindpwd", v); } else if (name.equals("internaldb.replication.password")) { @@ -649,7 +652,7 @@ public class WizardPanelBase implements IWizardPanel { config.putString("preop.master.storage.nickname", v); config.putString("kra.storageUnit.nickName", v); config.putString("preop.cert.storage.nickname", v); - } else if (name.equals("cloning.audit_signing.nickname")) { + } else if (name.equals("cloning.audit_signing.nickname")) { config.putString("preop.master.audit_signing.nickname", v); config.putString("preop.cert.audit_signing.nickname", v); config.putString(name, v); @@ -686,7 +689,7 @@ public class WizardPanelBase implements IWizardPanel { String error = parser.getValue("Error"); throw new IOException(error); - } + } } catch (IOException e) { CMS.debug("WizardPanelBase: updateConfigEntries: " + e.toString()); throw e; @@ -713,9 +716,9 @@ public class WizardPanelBase implements IWizardPanel { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::authenticate() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::authenticate() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -729,7 +732,7 @@ public class WizardPanelBase implements IWizardPanel { } else { String error = parser.getValue("Error"); return false; - } + } } catch (Exception e) { CMS.debug("WizardPanelBase: authenticate: " + e.toString()); throw new IOException(e.toString()); @@ -739,12 +742,12 @@ public class WizardPanelBase implements IWizardPanel { return false; } - public void updateOCSPConfig(String hostname, int port, boolean https, - String content, HttpServletResponse response) - throws IOException { + public void updateOCSPConfig(String hostname, int port, boolean https, + String content, HttpServletResponse response) + throws IOException { CMS.debug("WizardPanelBase updateOCSPConfig start"); - String c = getHttpResponse(hostname, port, https, - "/ca/ee/ca/updateOCSPConfig", content, null); + String c = getHttpResponse(hostname, port, https, + "/ca/ee/ca/updateOCSPConfig", content, null); if (c == null || c.equals("")) { CMS.debug("WizardPanelBase updateOCSPConfig: content is null."); throw new IOException("The server you want to contact is not available"); @@ -756,9 +759,9 @@ public class WizardPanelBase implements IWizardPanel { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::updateOCSPConfig() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::updateOCSPConfig() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -774,7 +777,7 @@ public class WizardPanelBase implements IWizardPanel { String error = parser.getValue("Error"); throw new IOException(error); - } + } } catch (IOException e) { CMS.debug("WizardPanelBase updateOCSPConfig: " + e.toString()); throw e; @@ -785,10 +788,10 @@ public class WizardPanelBase implements IWizardPanel { } } - public void updateNumberRange(String hostname, int port, boolean https, - String content, String type, HttpServletResponse response) - throws IOException { - CMS.debug("WizardPanelBase updateNumberRange start host=" + hostname + + public void updateNumberRange(String hostname, int port, boolean https, + String content, String type, HttpServletResponse response) + throws IOException { + CMS.debug("WizardPanelBase updateNumberRange start host=" + hostname + " port=" + port); IConfigStore cs = CMS.getConfigStore(); String cstype = ""; @@ -798,13 +801,13 @@ public class WizardPanelBase implements IWizardPanel { } cstype = toLowerCaseSubsystemType(cstype); - String c = getHttpResponse(hostname, port, https, - "/"+cstype+"/ee/"+cstype+"/updateNumberRange", content, null); + String c = getHttpResponse(hostname, port, https, + "/" + cstype + "/ee/" + cstype + "/updateNumberRange", content, null); if (c == null || c.equals("")) { CMS.debug("WizardPanelBase updateNumberRange: content is null."); throw new IOException("The server you want to contact is not available"); } else { - CMS.debug("content="+c); + CMS.debug("content=" + c); try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); XMLObject parser = null; @@ -812,9 +815,9 @@ public class WizardPanelBase implements IWizardPanel { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::updateNumberRange() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::updateNumberRange() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -843,7 +846,7 @@ public class WizardPanelBase implements IWizardPanel { String error = parser.getValue("Error"); throw new IOException(error); - } + } } catch (IOException e) { CMS.debug("WizardPanelBase: updateNumberRange: " + e.toString()); CMS.debug(e); @@ -856,9 +859,9 @@ public class WizardPanelBase implements IWizardPanel { } } - public int getPort(String hostname, int port, boolean https, - String portServlet, boolean sport) - throws IOException { + public int getPort(String hostname, int port, boolean https, + String portServlet, boolean sport) + throws IOException { CMS.debug("WizardPanelBase getPort start"); String c = getHttpResponse(hostname, port, https, portServlet, "secure=" + sport, null); @@ -871,9 +874,9 @@ public class WizardPanelBase implements IWizardPanel { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::getPort() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::getPort() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -889,7 +892,7 @@ public class WizardPanelBase implements IWizardPanel { String error = parser.getValue("Error"); throw new IOException(error); - } + } } catch (IOException e) { CMS.debug("WizardPanelBase: getPort: " + e.toString()); throw e; @@ -903,14 +906,14 @@ public class WizardPanelBase implements IWizardPanel { } public String getHttpResponse(String hostname, int port, boolean secure, - String uri, String content, String clientnickname) throws IOException { + String uri, String content, String clientnickname) throws IOException { return getHttpResponse(hostname, port, secure, uri, content, clientnickname, null); } - public String getHttpResponse(String hostname, int port, boolean secure, - String uri, String content, String clientnickname, - SSLCertificateApprovalCallback certApprovalCallback) - throws IOException { + public String getHttpResponse(String hostname, int port, boolean secure, + String uri, String content, String clientnickname, + SSLCertificateApprovalCallback certApprovalCallback) + throws IOException { HttpClient httpclient = null; String c = null; @@ -960,8 +963,8 @@ public class WizardPanelBase implements IWizardPanel { return c; } - public boolean isSDHostDomainMaster (IConfigStore config) { - String dm="false"; + public boolean isSDHostDomainMaster(IConfigStore config) { + String dm = "false"; try { String hostname = config.getString("securitydomain.host"); int httpsadminport = config.getInteger("securitydomain.httpsadminport"); @@ -971,40 +974,40 @@ public class WizardPanelBase implements IWizardPanel { CMS.debug("Getting DomainMaster from security domain"); - ByteArrayInputStream bis = new ByteArrayInputStream( c.getBytes() ); - XMLObject parser = new XMLObject( bis ); + ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); + XMLObject parser = new XMLObject(bis); Document doc = parser.getDocument(); - NodeList nodeList = doc.getElementsByTagName( "CA" ); + NodeList nodeList = doc.getElementsByTagName("CA"); int len = nodeList.getLength(); - for( int i = 0; i < len; i++ ) { + for (int i = 0; i < len; i++) { Vector v_hostname = - parser.getValuesFromContainer( nodeList.item(i), - "Host" ); + parser.getValuesFromContainer(nodeList.item(i), + "Host"); Vector v_https_admin_port = - parser.getValuesFromContainer( nodeList.item(i), - "SecureAdminPort" ); + parser.getValuesFromContainer(nodeList.item(i), + "SecureAdminPort"); Vector v_domain_mgr = - parser.getValuesFromContainer( nodeList.item(i), - "DomainManager" ); + parser.getValuesFromContainer(nodeList.item(i), + "DomainManager"); - if( v_hostname.elementAt( 0 ).equals( hostname ) && - v_https_admin_port.elementAt( 0 ).equals( Integer.toString(httpsadminport) ) ) { - dm = v_domain_mgr.elementAt( 0 ).toString(); + if (v_hostname.elementAt(0).equals(hostname) && + v_https_admin_port.elementAt(0).equals(Integer.toString(httpsadminport))) { + dm = v_domain_mgr.elementAt(0).toString(); break; } } } catch (Exception e) { - CMS.debug( e.toString() ); + CMS.debug(e.toString()); } return dm.equalsIgnoreCase("true"); } - - public Vector getMasterUrlListFromSecurityDomain( IConfigStore config, + + public Vector getMasterUrlListFromSecurityDomain(IConfigStore config, String type, - String portType ) { + String portType) { Vector v = new Vector(); try { @@ -1026,13 +1029,13 @@ public class WizardPanelBase implements IWizardPanel { list = "TKSList"; } - CMS.debug( "Getting " + portType + " from Security Domain ..." ); - if( !portType.equals( "UnSecurePort" ) && - !portType.equals( "SecureAgentPort" ) && - !portType.equals( "SecurePort" ) && - !portType.equals( "SecureAdminPort" ) ) { - CMS.debug( "getPortFromSecurityDomain: " + - "unknown port type " + portType ); + CMS.debug("Getting " + portType + " from Security Domain ..."); + if (!portType.equals("UnSecurePort") && + !portType.equals("SecureAgentPort") && + !portType.equals("SecurePort") && + !portType.equals("SecureAdminPort")) { + CMS.debug("getPortFromSecurityDomain: " + + "unknown port type " + portType); return v; } @@ -1050,8 +1053,8 @@ public class WizardPanelBase implements IWizardPanel { CMS.debug("Len " + len); for (int i = 0; i < len; i++) { Vector v_clone = parser.getValuesFromContainer(nodeList.item(i), - "Clone"); - String clone = (String)v_clone.elementAt(0); + "Clone"); + String clone = (String) v_clone.elementAt(0); if (clone.equalsIgnoreCase("true")) continue; Vector v_name = parser.getValuesFromContainer(nodeList.item(i), @@ -1061,11 +1064,11 @@ public class WizardPanelBase implements IWizardPanel { Vector v_port = parser.getValuesFromContainer(nodeList.item(i), portType); - v.addElement( v_name.elementAt(0) + v.addElement(v_name.elementAt(0) + " - https://" + v_host.elementAt(0) + ":" - + v_port.elementAt(0) ); + + v_port.elementAt(0)); } } catch (Exception e) { CMS.debug(e.toString()); @@ -1074,9 +1077,9 @@ public class WizardPanelBase implements IWizardPanel { return v; } - public Vector getUrlListFromSecurityDomain( IConfigStore config, + public Vector getUrlListFromSecurityDomain(IConfigStore config, String type, - String portType ) { + String portType) { Vector v = new Vector(); try { @@ -1098,13 +1101,13 @@ public class WizardPanelBase implements IWizardPanel { list = "TKSList"; } - CMS.debug( "Getting " + portType + " from Security Domain ..." ); - if( !portType.equals( "UnSecurePort" ) && - !portType.equals( "SecureAgentPort" ) && - !portType.equals( "SecurePort" ) && - !portType.equals( "SecureAdminPort" ) ) { - CMS.debug( "getPortFromSecurityDomain: " + - "unknown port type " + portType ); + CMS.debug("Getting " + portType + " from Security Domain ..."); + if (!portType.equals("UnSecurePort") && + !portType.equals("SecureAgentPort") && + !portType.equals("SecurePort") && + !portType.equals("SecureAdminPort")) { + CMS.debug("getPortFromSecurityDomain: " + + "unknown port type " + portType); return v; } @@ -1132,17 +1135,17 @@ public class WizardPanelBase implements IWizardPanel { if (v_host.elementAt(0).equals(hostname) && v_admin_port.elementAt(0).equals(new Integer(httpsadminport).toString())) { // add security domain CA to the beginning of list - v.add( 0, v_name.elementAt(0) + v.add(0, v_name.elementAt(0) + " - https://" + v_host.elementAt(0) + ":" - + v_port.elementAt(0) ); + + v_port.elementAt(0)); } else { - v.addElement( v_name.elementAt(0) + v.addElement(v_name.elementAt(0) + " - https://" + v_host.elementAt(0) + ":" - + v_port.elementAt(0) ); + + v_port.elementAt(0)); } } } catch (Exception e) { @@ -1154,155 +1157,155 @@ public class WizardPanelBase implements IWizardPanel { // Given an HTTPS Hostname and EE port, // retrieve the associated HTTPS Admin port - public String getSecurityDomainAdminPort( IConfigStore config, + public String getSecurityDomainAdminPort(IConfigStore config, String hostname, String https_ee_port, - String cstype ) { + String cstype) { String https_admin_port = new String(); try { - String sd_hostname = config.getString( "securitydomain.host" ); + String sd_hostname = config.getString("securitydomain.host"); int sd_httpsadminport = - config.getInteger( "securitydomain.httpsadminport" ); + config.getInteger("securitydomain.httpsadminport"); - CMS.debug( "Getting domain.xml from CA ..." ); - String c = getDomainXML( sd_hostname, sd_httpsadminport, true ); + CMS.debug("Getting domain.xml from CA ..."); + String c = getDomainXML(sd_hostname, sd_httpsadminport, true); - CMS.debug( "Getting associated HTTPS Admin port from " + + CMS.debug("Getting associated HTTPS Admin port from " + "HTTPS Hostname '" + hostname + - "' and EE port '" + https_ee_port + "'" ); - ByteArrayInputStream bis = new ByteArrayInputStream( c.getBytes() ); - XMLObject parser = new XMLObject( bis ); + "' and EE port '" + https_ee_port + "'"); + ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); + XMLObject parser = new XMLObject(bis); Document doc = parser.getDocument(); - NodeList nodeList = doc.getElementsByTagName( cstype.toUpperCase() ); + NodeList nodeList = doc.getElementsByTagName(cstype.toUpperCase()); int len = nodeList.getLength(); - for( int i = 0; i < len; i++ ) { + for (int i = 0; i < len; i++) { Vector v_hostname = - parser.getValuesFromContainer( nodeList.item(i), - "Host" ); + parser.getValuesFromContainer(nodeList.item(i), + "Host"); Vector v_https_ee_port = - parser.getValuesFromContainer( nodeList.item(i), - "SecurePort" ); + parser.getValuesFromContainer(nodeList.item(i), + "SecurePort"); Vector v_https_admin_port = - parser.getValuesFromContainer( nodeList.item(i), - "SecureAdminPort" ); + parser.getValuesFromContainer(nodeList.item(i), + "SecureAdminPort"); - if( v_hostname.elementAt( 0 ).equals( hostname ) && - v_https_ee_port.elementAt( 0 ).equals( https_ee_port ) ) { + if (v_hostname.elementAt(0).equals(hostname) && + v_https_ee_port.elementAt(0).equals(https_ee_port)) { https_admin_port = - v_https_admin_port.elementAt( 0 ).toString(); + v_https_admin_port.elementAt(0).toString(); break; } } } catch (Exception e) { - CMS.debug( e.toString() ); + CMS.debug(e.toString()); } - return( https_admin_port ); + return (https_admin_port); } - public String getSecurityDomainPort( IConfigStore config, - String portType ) { + public String getSecurityDomainPort(IConfigStore config, + String portType) { String port = new String(); try { - String hostname = config.getString( "securitydomain.host" ); + String hostname = config.getString("securitydomain.host"); int httpsadminport = - config.getInteger( "securitydomain.httpsadminport" ); - - CMS.debug( "Getting domain.xml from CA ..." ); - String c = getDomainXML( hostname, httpsadminport, true ); - - CMS.debug( "Getting " + portType + " from Security Domain ..." ); - if( !portType.equals( "UnSecurePort" ) && - !portType.equals( "SecureAgentPort" ) && - !portType.equals( "SecurePort" ) && - !portType.equals( "SecureAdminPort" ) ) { - CMS.debug( "getPortFromSecurityDomain: " + - "unknown port type " + portType ); + config.getInteger("securitydomain.httpsadminport"); + + CMS.debug("Getting domain.xml from CA ..."); + String c = getDomainXML(hostname, httpsadminport, true); + + CMS.debug("Getting " + portType + " from Security Domain ..."); + if (!portType.equals("UnSecurePort") && + !portType.equals("SecureAgentPort") && + !portType.equals("SecurePort") && + !portType.equals("SecureAdminPort")) { + CMS.debug("getPortFromSecurityDomain: " + + "unknown port type " + portType); return ""; } - ByteArrayInputStream bis = new ByteArrayInputStream( c.getBytes() ); - XMLObject parser = new XMLObject( bis ); + ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); + XMLObject parser = new XMLObject(bis); Document doc = parser.getDocument(); - NodeList nodeList = doc.getElementsByTagName( "CA" ); + NodeList nodeList = doc.getElementsByTagName("CA"); int len = nodeList.getLength(); - for( int i = 0; i < len; i++ ) { + for (int i = 0; i < len; i++) { Vector v_admin_port = - parser.getValuesFromContainer( nodeList.item(i), - "SecureAdminPort" ); + parser.getValuesFromContainer(nodeList.item(i), + "SecureAdminPort"); Vector v_port = null; - if( portType.equals( "UnSecurePort" ) ) { - v_port = parser.getValuesFromContainer( nodeList.item(i), - "UnSecurePort" ); - } else if( portType.equals( "SecureAgentPort" ) ) { - v_port = parser.getValuesFromContainer( nodeList.item(i), - "SecureAgentPort" ); - } else if( portType.equals( "SecurePort" ) ) { - v_port = parser.getValuesFromContainer( nodeList.item(i), - "SecurePort" ); - } else if( portType.equals( "SecureAdminPort" ) ) { - v_port = parser.getValuesFromContainer( nodeList.item(i), - "SecureAdminPort" ); + if (portType.equals("UnSecurePort")) { + v_port = parser.getValuesFromContainer(nodeList.item(i), + "UnSecurePort"); + } else if (portType.equals("SecureAgentPort")) { + v_port = parser.getValuesFromContainer(nodeList.item(i), + "SecureAgentPort"); + } else if (portType.equals("SecurePort")) { + v_port = parser.getValuesFromContainer(nodeList.item(i), + "SecurePort"); + } else if (portType.equals("SecureAdminPort")) { + v_port = parser.getValuesFromContainer(nodeList.item(i), + "SecureAdminPort"); } - if( ( v_port != null ) && - ( v_admin_port.elementAt( 0 ).equals( - Integer.toString( httpsadminport ) ) ) ) { - port = v_port.elementAt( 0 ).toString(); + if ((v_port != null) && + (v_admin_port.elementAt(0).equals( + Integer.toString(httpsadminport)))) { + port = v_port.elementAt(0).toString(); break; } } } catch (Exception e) { - CMS.debug( e.toString() ); + CMS.debug(e.toString()); } - return( port ); + return (port); } - public String pingCS( String hostname, int port, boolean https, - SSLCertificateApprovalCallback certApprovalCallback ) - throws IOException { - CMS.debug( "WizardPanelBase pingCS: started" ); + public String pingCS(String hostname, int port, boolean https, + SSLCertificateApprovalCallback certApprovalCallback) + throws IOException { + CMS.debug("WizardPanelBase pingCS: started"); - String c = getHttpResponse( hostname, port, https, - "/ca/admin/ca/getStatus", - null, null, certApprovalCallback ); + String c = getHttpResponse(hostname, port, https, + "/ca/admin/ca/getStatus", + null, null, certApprovalCallback); - if( c != null ) { + if (c != null) { try { ByteArrayInputStream bis = new - ByteArrayInputStream( c.getBytes() ); + ByteArrayInputStream(c.getBytes()); XMLObject parser = null; String state = null; try { - parser = new XMLObject( bis ); - CMS.debug( "WizardPanelBase pingCS: got XML parsed" ); - state = parser.getValue( "State" ); + parser = new XMLObject(bis); + CMS.debug("WizardPanelBase pingCS: got XML parsed"); + state = parser.getValue("State"); - if( state != null ) { - CMS.debug( "WizardPanelBase pingCS: state=" + state ); + if (state != null) { + CMS.debug("WizardPanelBase pingCS: state=" + state); } } catch (Exception e) { - CMS.debug( "WizardPanelBase: pingCS: parser failed" - + e.toString() ); + CMS.debug("WizardPanelBase: pingCS: parser failed" + + e.toString()); } return state; - } catch( Exception e ) { - CMS.debug( "WizardPanelBase: pingCS: " + e.toString() ); - throw new IOException( e.toString() ); + } catch (Exception e) { + CMS.debug("WizardPanelBase: pingCS: " + e.toString()); + throw new IOException(e.toString()); } } - CMS.debug( "WizardPanelBase pingCS: stopped" ); + CMS.debug("WizardPanelBase pingCS: stopped"); return null; } @@ -1311,7 +1314,7 @@ public class WizardPanelBase implements IWizardPanel { if (s.equals("CA")) { x = "ca"; } else if (s.equals("KRA")) { - x = "kra"; + x = "kra"; } else if (s.equals("OCSP")) { x = "ocsp"; } else if (s.equals("TKS")) { @@ -1321,14 +1324,14 @@ public class WizardPanelBase implements IWizardPanel { return x; } - public void getTokenInfo(IConfigStore config, String type, String host, - int https_ee_port, boolean https, Context context, - ConfigCertApprovalCallback certApprovalCallback) throws IOException { + public void getTokenInfo(IConfigStore config, String type, String host, + int https_ee_port, boolean https, Context context, + ConfigCertApprovalCallback certApprovalCallback) throws IOException { CMS.debug("WizardPanelBase getTokenInfo start"); - String uri = "/"+type+"/ee/"+type+"/getTokenInfo"; - CMS.debug("WizardPanelBase getTokenInfo: uri="+uri); + String uri = "/" + type + "/ee/" + type + "/getTokenInfo"; + CMS.debug("WizardPanelBase getTokenInfo: uri=" + uri); String c = getHttpResponse(host, https_ee_port, https, uri, null, null, - certApprovalCallback); + certApprovalCallback); if (c != null) { try { ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); @@ -1337,9 +1340,9 @@ public class WizardPanelBase implements IWizardPanel { try { parser = new XMLObject(bis); } catch (Exception e) { - CMS.debug( "WizardPanelBase::getTokenInfo() - " - + "Exception="+e.toString() ); - throw new IOException( e.toString() ); + CMS.debug("WizardPanelBase::getTokenInfo() - " + + "Exception=" + e.toString()); + throw new IOException(e.toString()); } String status = parser.getValue("Status"); @@ -1350,7 +1353,7 @@ public class WizardPanelBase implements IWizardPanel { Document doc = parser.getDocument(); NodeList list = doc.getElementsByTagName("name"); int len = list.getLength(); - for (int i=0; i<len; i++) { + for (int i = 0; i < len; i++) { Node n = list.item(i); NodeList nn = n.getChildNodes(); String name = nn.item(0).getNodeValue(); @@ -1358,17 +1361,17 @@ public class WizardPanelBase implements IWizardPanel { nn = parent.getChildNodes(); int len1 = nn.getLength(); String v = ""; - for (int j=0; j<len1; j++) { + for (int j = 0; j < len1; j++) { Node nv = nn.item(j); String val = nv.getNodeName(); if (val.equals("value")) { NodeList n2 = nv.getChildNodes(); if (n2.getLength() > 0) v = n2.item(0).getNodeValue(); - break; + break; } } - if (name.equals("cloning.signing.nickname")) { + if (name.equals("cloning.signing.nickname")) { config.putString("preop.master.signing.nickname", v); config.putString(type + ".cert.signing.nickname", v); config.putString(name, v); @@ -1406,19 +1409,20 @@ public class WizardPanelBase implements IWizardPanel { } // reset nicknames for system cert verification - String token = config.getString("preop.module.token", + String token = config.getString("preop.module.token", "Internal Key Storage Token"); - if (! token.equals("Internal Key Storage Token")) { + if (!token.equals("Internal Key Storage Token")) { String certlist = config.getString("preop.cert.list"); StringTokenizer t1 = new StringTokenizer(certlist, ","); while (t1.hasMoreTokens()) { String tag = t1.nextToken(); - if (tag.equals("sslserver")) continue; - config.putString(type + ".cert." + tag + ".nickname", - token + ":" + - config.getString(type + ".cert." + tag + ".nickname", "")); - } + if (tag.equals("sslserver")) + continue; + config.putString(type + ".cert." + tag + ".nickname", + token + ":" + + config.getString(type + ".cert." + tag + ".nickname", "")); + } } } else { String error = parser.getValue("Error"); @@ -1431,7 +1435,7 @@ public class WizardPanelBase implements IWizardPanel { CMS.debug("WizardPanelBase: getTokenInfo: " + e.toString()); throw new IOException(e.toString()); } - } + } } public void importCertChain(String id) throws IOException { @@ -1442,31 +1446,32 @@ public class WizardPanelBase implements IWizardPanel { try { pkcs7 = config.getString(configName, ""); - } catch (Exception e) {} + } catch (Exception e) { + } if (pkcs7.length() > 0) { try { CryptoUtil.importCertificateChain(pkcs7); } catch (Exception e) { - CMS.debug("DisplayCertChainPanel importCertChain: Exception: "+e.toString()); + CMS.debug("DisplayCertChainPanel importCertChain: Exception: " + e.toString()); } } } public void updateCertChain(IConfigStore config, String name, String host, - int https_admin_port, boolean https, Context context) throws IOException { - updateCertChain( config, name, host, https_admin_port, - https, context, null ); + int https_admin_port, boolean https, Context context) throws IOException { + updateCertChain(config, name, host, https_admin_port, + https, context, null); } public void updateCertChain(IConfigStore config, String name, String host, - int https_admin_port, boolean https, Context context, - ConfigCertApprovalCallback certApprovalCallback) throws IOException { - String certchain = getCertChainUsingSecureAdminPort( host, + int https_admin_port, boolean https, Context context, + ConfigCertApprovalCallback certApprovalCallback) throws IOException { + String certchain = getCertChainUsingSecureAdminPort(host, https_admin_port, https, - certApprovalCallback ); - config.putString("preop."+name+".pkcs7", certchain); + certApprovalCallback); + config.putString("preop." + name + ".pkcs7", certchain); byte[] decoded = CryptoUtil.base64Decode(certchain); java.security.cert.X509Certificate[] b_certchain = null; @@ -1475,7 +1480,7 @@ public class WizardPanelBase implements IWizardPanel { b_certchain = CryptoUtil.getX509CertificateFromPKCS7(decoded); } catch (Exception e) { context.put("errorString", - "Failed to get the certificate chain."); + "Failed to get the certificate chain."); return; } @@ -1483,7 +1488,7 @@ public class WizardPanelBase implements IWizardPanel { if (b_certchain != null) { size = b_certchain.length; } - config.putInteger("preop."+name+".certchain.size", size); + config.putInteger("preop." + name + ".certchain.size", size); for (int i = 0; i < size; i++) { byte[] bb = null; @@ -1491,11 +1496,11 @@ public class WizardPanelBase implements IWizardPanel { bb = b_certchain[i].getEncoded(); } catch (Exception e) { context.put("errorString", - "Failed to get the der-encoded certificate chain."); + "Failed to get the der-encoded certificate chain."); return; } - config.putString("preop."+name+".certchain." + i, - CryptoUtil.normalizeCertStr(CryptoUtil.base64Encode(bb))); + config.putString("preop." + name + ".certchain." + i, + CryptoUtil.normalizeCertStr(CryptoUtil.base64Encode(bb))); } try { @@ -1504,16 +1509,16 @@ public class WizardPanelBase implements IWizardPanel { } } - public void updateCertChainUsingSecureEEPort( IConfigStore config, + public void updateCertChainUsingSecureEEPort(IConfigStore config, String name, String host, int https_ee_port, boolean https, - Context context, - ConfigCertApprovalCallback certApprovalCallback ) throws IOException { - String certchain = getCertChainUsingSecureEEPort( host, https_ee_port, + Context context, + ConfigCertApprovalCallback certApprovalCallback) throws IOException { + String certchain = getCertChainUsingSecureEEPort(host, https_ee_port, https, certApprovalCallback); - config.putString("preop."+name+".pkcs7", certchain); + config.putString("preop." + name + ".pkcs7", certchain); byte[] decoded = CryptoUtil.base64Decode(certchain); java.security.cert.X509Certificate[] b_certchain = null; @@ -1522,7 +1527,7 @@ public class WizardPanelBase implements IWizardPanel { b_certchain = CryptoUtil.getX509CertificateFromPKCS7(decoded); } catch (Exception e) { context.put("errorString", - "Failed to get the certificate chain."); + "Failed to get the certificate chain."); return; } @@ -1530,7 +1535,7 @@ public class WizardPanelBase implements IWizardPanel { if (b_certchain != null) { size = b_certchain.length; } - config.putInteger("preop."+name+".certchain.size", size); + config.putInteger("preop." + name + ".certchain.size", size); for (int i = 0; i < size; i++) { byte[] bb = null; @@ -1538,11 +1543,11 @@ public class WizardPanelBase implements IWizardPanel { bb = b_certchain[i].getEncoded(); } catch (Exception e) { context.put("errorString", - "Failed to get the der-encoded certificate chain."); + "Failed to get the der-encoded certificate chain."); return; } - config.putString("preop."+name+".certchain." + i, - CryptoUtil.normalizeCertStr(CryptoUtil.base64Encode(bb))); + config.putString("preop." + name + ".certchain." + i, + CryptoUtil.normalizeCertStr(CryptoUtil.base64Encode(bb))); } try { @@ -1558,26 +1563,26 @@ public class WizardPanelBase implements IWizardPanel { CryptoStore store = tok.getCryptoStore(); String fullnickname = nickname; if (!tokenname.equals("") && - !tokenname.equals("Internal Key Storage Token") && - !tokenname.equals("internal")) - fullnickname = tokenname+":"+nickname; + !tokenname.equals("Internal Key Storage Token") && + !tokenname.equals("internal")) + fullnickname = tokenname + ":" + nickname; - CMS.debug("WizardPanelBase deleteCert: nickname="+fullnickname); + CMS.debug("WizardPanelBase deleteCert: nickname=" + fullnickname); org.mozilla.jss.crypto.X509Certificate cert = cm.findCertByNickname(fullnickname); if (store instanceof PK11Store) { CMS.debug("WizardPanelBase deleteCert: this is pk11store"); - PK11Store pk11store = (PK11Store)store; + PK11Store pk11store = (PK11Store) store; pk11store.deleteCertOnly(cert); CMS.debug("WizardPanelBase deleteCert: cert deleted successfully"); } } catch (Exception e) { - CMS.debug("WizardPanelBase deleteCert: Exception="+e.toString()); + CMS.debug("WizardPanelBase deleteCert: Exception=" + e.toString()); } } public void deleteEntries(LDAPSearchResults res, LDAPConnection conn, - String dn, String[] entries) { + String dn, String[] entries) { String[] attrs = null; LDAPSearchConstraints cons = null; String filter = "objectclass=*"; @@ -1595,23 +1600,23 @@ public class WizardPanelBase implements IWizardPanel { } } } catch (Exception ee) { - CMS.debug("WizardPanelBase deleteEntries: Exception="+ee.toString()); + CMS.debug("WizardPanelBase deleteEntries: Exception=" + ee.toString()); } } public void deleteEntry(LDAPConnection conn, String dn, String[] entries) { try { - for (int i=0; i<entries.length; i++) { + for (int i = 0; i < entries.length; i++) { if (LDAPDN.equals(dn, entries[i])) { - CMS.debug("WizardPanelBase deleteEntry: entry with this dn "+dn+" is not deleted."); + CMS.debug("WizardPanelBase deleteEntry: entry with this dn " + dn + " is not deleted."); return; } } - CMS.debug("WizardPanelBase deleteEntry: deleting dn="+dn); + CMS.debug("WizardPanelBase deleteEntry: deleting dn=" + dn); conn.delete(dn); } catch (Exception e) { - CMS.debug("WizardPanelBase deleteEntry: Exception="+e.toString()); + CMS.debug("WizardPanelBase deleteEntry: Exception=" + e.toString()); } } @@ -1624,12 +1629,12 @@ public class WizardPanelBase implements IWizardPanel { int cs_port = cs.getInteger("pkicreate.admin_secure_port", -1); int panel = getPanelNo(); String subsystem = cs.getString("cs.type", ""); - String urlVal = "https://"+cs_hostname+":"+cs_port+"/"+toLowerCaseSubsystemType(subsystem)+"/admin/console/config/wizard?p="+panel+"&subsystem="+subsystem; + String urlVal = "https://" + cs_hostname + ":" + cs_port + "/" + toLowerCaseSubsystemType(subsystem) + "/admin/console/config/wizard?p=" + panel + "&subsystem=" + subsystem; String encodedValue = URLEncoder.encode(urlVal, "UTF-8"); - String sdurl = "https://"+hostname+":"+port+"/ca/admin/ca/securityDomainLogin?url="+encodedValue; + String sdurl = "https://" + hostname + ":" + port + "/ca/admin/ca/securityDomainLogin?url=" + encodedValue; response.sendRedirect(sdurl); } catch (Exception e) { - CMS.debug("WizardPanelBase reloginSecurityDomain: Exception="+e.toString()); + CMS.debug("WizardPanelBase reloginSecurityDomain: Exception=" + e.toString()); } } } |