diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/ldap')
10 files changed, 736 insertions, 807 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java index c41f361e..8f62aa0b 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapAndExpression.java @@ -17,32 +17,31 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import com.netscape.certsrv.base.SessionContext; import com.netscape.certsrv.ldap.ELdapException; import com.netscape.certsrv.publish.ILdapExpression; import com.netscape.certsrv.request.IRequest; - /** - * This class represents an expression of the form - * <var1 op val1 AND var2 op va2>. - * + * This class represents an expression of the form <var1 op val1 AND var2 op + * va2>. + * * Expressions are used as predicates for publishing rule selection. - * + * * @author mzhao * @version $Revision$, $Date$ */ public class LdapAndExpression implements ILdapExpression { private ILdapExpression mExp1; private ILdapExpression mExp2; + public LdapAndExpression(ILdapExpression exp1, ILdapExpression exp2) { mExp1 = exp1; mExp2 = exp2; } public boolean evaluate(SessionContext sc) - throws ELdapException { + throws ELdapException { // If an expression is missing we assume applicability. if (mExp1 == null && mExp2 == null) return true; @@ -50,12 +49,13 @@ public class LdapAndExpression implements ILdapExpression { return mExp1.evaluate(sc) && mExp2.evaluate(sc); else if (mExp1 == null) return mExp2.evaluate(sc); - else // (if mExp2 == null) + else + // (if mExp2 == null) return mExp1.evaluate(sc); } public boolean evaluate(IRequest req) - throws ELdapException { + throws ELdapException { // If an expression is missing we assume applicability. if (mExp1 == null && mExp2 == null) return true; @@ -63,7 +63,8 @@ public class LdapAndExpression implements ILdapExpression { return mExp1.evaluate(req) && mExp2.evaluate(req); else if (mExp1 == null) return mExp2.evaluate(req); - else // (if mExp2 == null) + else + // (if mExp2 == null) return mExp1.evaluate(req); } @@ -71,4 +72,3 @@ public class LdapAndExpression implements ILdapExpression { return mExp1.toString() + " AND " + mExp2.toString(); } } - diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java index 7574bf1b..56fa230e 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapConnModule.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import netscape.ldap.LDAPConnection; import com.netscape.certsrv.apps.CMS; @@ -34,7 +33,6 @@ import com.netscape.cmscore.ldapconn.LdapAuthInfo; import com.netscape.cmscore.ldapconn.LdapBoundConnFactory; import com.netscape.cmscore.ldapconn.LdapConnInfo; - public class LdapConnModule implements ILdapConnModule { protected IConfigStore mConfig = null; protected LdapBoundConnFactory mLdapConnFactory = null; @@ -42,7 +40,7 @@ public class LdapConnModule implements ILdapConnModule { private boolean mInited = false; /** - * instantiate connection factory. + * instantiate connection factory. */ public static final String PROP_LDAP = "ldap"; @@ -58,22 +56,22 @@ public class LdapConnModule implements ILdapConnModule { protected ISubsystem mPubProcessor; public void init(ISubsystem p, - IConfigStore config) - throws EBaseException { + IConfigStore config) + throws EBaseException { CMS.debug("LdapConnModule: init called"); if (mInited) { CMS.debug("LdapConnModule: already initialized. return."); - return; + return; } CMS.debug("LdapConnModule: init begins"); mPubProcessor = p; mConfig = config; /* - mLdapConnFactory = new LdapBoundConnFactory(); - mLdapConnFactory.init(mConfig.getSubStore("ldap")); - */ + * mLdapConnFactory = new LdapBoundConnFactory(); + * mLdapConnFactory.init(mConfig.getSubStore("ldap")); + */ // support publishing dirsrv with different pwd than internaldb IConfigStore ldap = mConfig.getSubStore("ldap"); @@ -85,16 +83,16 @@ public class LdapConnModule implements ILdapConnModule { ILdapConnInfo connInfo = CMS.getLdapConnInfo(ldapconn); LdapAuthInfo authInfo = - new LdapAuthInfo(authinfo, ldapconn.getString("host"), - ldapconn.getInteger("port"), connInfo.getSecure()); + new LdapAuthInfo(authinfo, ldapconn.getString("host"), + ldapconn.getInteger("port"), connInfo.getSecure()); int minConns = mConfig.getInteger(ILdapBoundConnFactory.PROP_MINCONNS, 3); int maxConns = mConfig.getInteger(ILdapBoundConnFactory.PROP_MAXCONNS, 15); // must get authInfo from the config, don't default to internaldb!!! - CMS.debug("Creating LdapBoundConnFactory for LdapConnModule."); + CMS.debug("Creating LdapBoundConnFactory for LdapConnModule."); mLdapConnFactory = - new LdapBoundConnFactory(minConns, maxConns, (LdapConnInfo)connInfo, authInfo); + new LdapBoundConnFactory(minConns, maxConns, (LdapConnInfo) connInfo, authInfo); mInited = true; @@ -102,15 +100,14 @@ public class LdapConnModule implements ILdapConnModule { } /** - * Returns the internal ldap connection factory. - * This can be useful to get a ldap connection to the - * ldap publishing directory without having to get it again from the - * config file. Note that this means sharing a ldap connection pool - * with the ldap publishing module so be sure to return connections to pool. - * Use ILdapConnFactory.getConn() to get a Ldap connection to the ldap - * publishing directory. - * Use ILdapConnFactory.returnConn() to return the connection. - * + * Returns the internal ldap connection factory. This can be useful to get a + * ldap connection to the ldap publishing directory without having to get it + * again from the config file. Note that this means sharing a ldap + * connection pool with the ldap publishing module so be sure to return + * connections to pool. Use ILdapConnFactory.getConn() to get a Ldap + * connection to the ldap publishing directory. Use + * ILdapConnFactory.returnConn() to return the connection. + * * @see com.netscape.certsrv.ldap.ILdapBoundConnFactory * @see com.netscape.certsrv.ldap.ILdapConnFactory */ @@ -127,9 +124,8 @@ public class LdapConnModule implements ILdapConnModule { } public void log(int level, String msg) { - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_LDAP, level, - "LdapPublishModule: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_LDAP, level, + "LdapPublishModule: " + msg); } - -} +} diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java index aaf9f35d..1264c4ce 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapOrExpression.java @@ -17,51 +17,52 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import com.netscape.certsrv.base.SessionContext; import com.netscape.certsrv.ldap.ELdapException; import com.netscape.certsrv.publish.ILdapExpression; import com.netscape.certsrv.request.IRequest; - /** - * This class represents an Or expression of the form - * (var1 op val1 OR var2 op val2). - * + * This class represents an Or expression of the form (var1 op val1 OR var2 op + * val2). + * * Expressions are used as predicates for publishing rule selection. - * + * * @author mzhao * @version $Revision$, $Date$ */ public class LdapOrExpression implements ILdapExpression { private ILdapExpression mExp1; private ILdapExpression mExp2; + public LdapOrExpression(ILdapExpression exp1, ILdapExpression exp2) { mExp1 = exp1; mExp2 = exp2; } public boolean evaluate(SessionContext sc) - throws ELdapException { + throws ELdapException { if (mExp1 == null && mExp2 == null) return true; else if (mExp1 != null && mExp2 != null) return mExp1.evaluate(sc) || mExp2.evaluate(sc); else if (mExp1 != null && mExp2 == null) return mExp1.evaluate(sc); - else // (mExp1 == null && mExp2 != null) + else + // (mExp1 == null && mExp2 != null) return mExp2.evaluate(sc); } public boolean evaluate(IRequest req) - throws ELdapException { + throws ELdapException { if (mExp1 == null && mExp2 == null) return true; else if (mExp1 != null && mExp2 != null) return mExp1.evaluate(req) || mExp2.evaluate(req); else if (mExp1 != null && mExp2 == null) return mExp1.evaluate(req); - else // (mExp1 == null && mExp2 != null) + else + // (mExp1 == null && mExp2 != null) return mExp2.evaluate(req); } @@ -72,8 +73,8 @@ public class LdapOrExpression implements ILdapExpression { return mExp1.toString() + " OR " + mExp2.toString(); else if (mExp1 != null && mExp2 == null) return mExp1.toString(); - else // (mExp1 == null && mExp2 != null) + else + // (mExp1 == null && mExp2 != null) return mExp2.toString(); } } - diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java index 3ac8f750..8c6be490 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.util.Enumeration; import java.util.Hashtable; import java.util.Vector; @@ -29,19 +28,16 @@ import com.netscape.certsrv.ldap.ELdapException; import com.netscape.certsrv.publish.ILdapExpression; import com.netscape.cmscore.util.Debug; - /** * Default implementation of predicate parser. - * + * * Limitations: - * - * 1. Currently parentheses are not suported. - * 2. Only ==, != <, >, <= and >= operators are supported. - * 3. The only boolean operators supported are AND and OR. AND takes precedence - * over OR. Example: a AND b OR e OR c AND d - * is treated as (a AND b) OR e OR (c AND d) - * 4. If this is n't adequate, roll your own. - * + * + * 1. Currently parentheses are not suported. 2. Only ==, != <, >, <= and >= + * operators are supported. 3. The only boolean operators supported are AND and + * OR. AND takes precedence over OR. Example: a AND b OR e OR c AND d is treated + * as (a AND b) OR e OR (c AND d) 4. If this is n't adequate, roll your own. + * * @author mzhao * @version $Revision$, $Date$ */ @@ -57,22 +53,23 @@ public class LdapPredicateParser { /** * Parse the predicate expression and return a vector of expressions. - * - * @param predicateExp The predicate expression as read from the config file. - * @return expVector The vector of expressions. + * + * @param predicateExp The predicate expression as read from the config + * file. + * @return expVector The vector of expressions. */ public static ILdapExpression parse(String predicateExpression) - throws ELdapException { - if (predicateExpression == null || - predicateExpression.length() == 0) + throws ELdapException { + if (predicateExpression == null || + predicateExpression.length() == 0) return null; PredicateTokenizer pt = new PredicateTokenizer(predicateExpression); if (pt == null || !pt.hasMoreTokens()) return null; - // The first token cannot be an operator. We are not dealing with - // reverse-polish notation. + // The first token cannot be an operator. We are not dealing with + // reverse-polish notation. String token = pt.nextToken(); boolean opANDSeen; boolean opORSeen; @@ -92,7 +89,7 @@ public class LdapPredicateParser { int curType = getOP(token); if ((prevType != EXPRESSION && curType != EXPRESSION) || - (prevType == EXPRESSION && curType == EXPRESSION)) { + (prevType == EXPRESSION && curType == EXPRESSION)) { malformed = true; break; } @@ -103,7 +100,8 @@ public class LdapPredicateParser { continue; } - // If the previous type was an OR token, add the current expression to + // If the previous type was an OR token, add the current expression + // to // the expression set; if (prevType == OP_OR) { expSet.addElement(current); @@ -122,8 +120,8 @@ public class LdapPredicateParser { if (Debug.ON) Debug.trace("Malformed expression: " + predicateExpression); throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_BAD_LDAP_EXPRESSION", - predicateExpression)); + CMS.getUserMessage("CMS_LDAP_BAD_LDAP_EXPRESSION", + predicateExpression)); } // Form an LdapOrExpression @@ -135,7 +133,7 @@ public class LdapPredicateParser { if (size == 0) return null; LdapOrExpression orExp = new - LdapOrExpression((ILdapExpression) expSet.elementAt(0), null); + LdapOrExpression((ILdapExpression) expSet.elementAt(0), null); for (int i = 1; i < size; i++) orExp = new LdapOrExpression(orExp, @@ -153,7 +151,7 @@ public class LdapPredicateParser { } private static ILdapExpression parseExpression(String input) - throws ELdapException { + throws ELdapException { // If the expression has multiple parts separated by commas // we need to construct an AND expression. Else we will return a // simple expression. @@ -166,8 +164,8 @@ public class LdapPredicateParser { while (commaIndex > 0) { LdapSimpleExpression exp = (LdapSimpleExpression) - LdapSimpleExpression.parse(input.substring(currentIndex, - commaIndex)); + LdapSimpleExpression.parse(input.substring(currentIndex, + commaIndex)); expVector.addElement(exp); currentIndex = commaIndex + 1; @@ -175,7 +173,7 @@ public class LdapPredicateParser { } if (currentIndex < (input.length() - 1)) { LdapSimpleExpression exp = (LdapSimpleExpression) - LdapSimpleExpression.parse(input.substring(currentIndex)); + LdapSimpleExpression.parse(input.substring(currentIndex)); expVector.addElement(exp); } @@ -194,79 +192,40 @@ public class LdapPredicateParser { public static void main(String[] args) { /** - AttributeSet req = new AttributeSet(); - try - { - req.set("ou", "people"); - req.set("cn", "John Doe"); - req.set("uid", "jdoes"); - req.set("o", "airius.com"); - req.set("certtype", "client"); - req.set("request", "issuance"); - req.set("id", new Integer(10)); - req.set("dualcerts", new Boolean(true)); - - Vector v = new Vector(); - v.addElement("one"); - v.addElement("two"); - v.addElement("three"); - req.set("count", v); - } - catch (Exception e){e.printStackTrace();} - String[] array = { "ou == people AND certtype == client", - "ou == servergroup AND certtype == server", - "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com", - }; - for (int i = 0; i < array.length; i++) - { - System.out.println(); - System.out.println("String: " + array[i]); - ILdapExpression exp = null; - try - { - exp = parse(array[i]); - if (exp != null) - { - System.out.println("Parsed Expression: " + exp); - boolean result = exp.evaluate(req); - System.out.println("Result: " + result); - } - } - catch (Exception e) {e.printStackTrace(); } - } - - - try - { - BufferedReader rdr = new BufferedReader( - new FileReader(args[0])); - String line; - while((line=rdr.readLine()) != null) - { - System.out.println(); - System.out.println("Line Read: " + line); - ILdapExpression exp = null; - try - { - exp = parse(line); - if (exp != null) - { - System.out.println(exp); - boolean result = exp.evaluate(req); - System.out.println("Result: " + result); - } - - }catch (Exception e){e.printStackTrace();} - } - } - catch (Exception e){e.printStackTrace(); } - + * AttributeSet req = new AttributeSet(); try { req.set("ou", "people"); + * req.set("cn", "John Doe"); req.set("uid", "jdoes"); req.set("o", + * "airius.com"); req.set("certtype", "client"); req.set("request", + * "issuance"); req.set("id", new Integer(10)); req.set("dualcerts", new + * Boolean(true)); + * + * Vector v = new Vector(); v.addElement("one"); v.addElement("two"); + * v.addElement("three"); req.set("count", v); } catch (Exception + * e){e.printStackTrace();} String[] array = { + * "ou == people AND certtype == client", + * "ou == servergroup AND certtype == server", + * "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com" + * , }; for (int i = 0; i < array.length; i++) { System.out.println(); + * System.out.println("String: " + array[i]); ILdapExpression exp = + * null; try { exp = parse(array[i]); if (exp != null) { + * System.out.println("Parsed Expression: " + exp); boolean result = + * exp.evaluate(req); System.out.println("Result: " + result); } } catch + * (Exception e) {e.printStackTrace(); } } + * + * + * try { BufferedReader rdr = new BufferedReader( new + * FileReader(args[0])); String line; while((line=rdr.readLine()) != + * null) { System.out.println(); System.out.println("Line Read: " + + * line); ILdapExpression exp = null; try { exp = parse(line); if (exp + * != null) { System.out.println(exp); boolean result = + * exp.evaluate(req); System.out.println("Result: " + result); } + * + * }catch (Exception e){e.printStackTrace();} } } catch (Exception + * e){e.printStackTrace(); } **/ } } - class PredicateTokenizer { String input; int currentIndex; @@ -348,30 +307,30 @@ class PredicateTokenizer { } } - class AttributeSet implements IAttrSet { /** * */ private static final long serialVersionUID = -3155846653754028803L; Hashtable ht = new Hashtable(); + public AttributeSet() { } public void delete(String name) - throws EBaseException { + throws EBaseException { Object ob = ht.get(name); ht.remove(ob); } public Object get(String name) - throws EBaseException { + throws EBaseException { return ht.get(name); } public void set(String name, Object ob) - throws EBaseException { + throws EBaseException { ht.put(name, ob); } diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java index e9839f59..6fba2c37 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPublishModule.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.io.IOException; import java.math.BigInteger; import java.security.cert.X509CRL; @@ -56,7 +55,6 @@ import com.netscape.cmscore.dbs.CertRecord; import com.netscape.cmscore.ldapconn.LdapBoundConnFactory; import com.netscape.cmscore.util.Debug; - public class LdapPublishModule implements ILdapPublishModule { protected IConfigStore mConfig = null; protected LdapBoundConnFactory mLdapConnFactory = null; @@ -64,28 +62,24 @@ public class LdapPublishModule implements ILdapPublishModule { private boolean mInited = false; protected ICertAuthority mAuthority = null; - /** - * hashtable of cert types to cert mappers and publishers. - * cert types are client, server, ca, subca, ra, crl, etc. - * XXX the cert types need to be consistently used. - * for each, the mapper may be null, in which case the full subject - * name is used to map the cert. - * for crl, if the mapper is null the ca mapper is used. if that - * is null, the full issuer name is used. - * XXX if we support crl issuing points the issuing point should be used - * to publish the crl. - * When publishers are null, the certs are not published. + /** + * hashtable of cert types to cert mappers and publishers. cert types are + * client, server, ca, subca, ra, crl, etc. XXX the cert types need to be + * consistently used. for each, the mapper may be null, in which case the + * full subject name is used to map the cert. for crl, if the mapper is null + * the ca mapper is used. if that is null, the full issuer name is used. XXX + * if we support crl issuing points the issuing point should be used to + * publish the crl. When publishers are null, the certs are not published. */ - protected Hashtable mMappers = new Hashtable(); + protected Hashtable mMappers = new Hashtable(); /** - * handlers for request types (events) - * values implement IRequestListener + * handlers for request types (events) values implement IRequestListener */ protected Hashtable mEventHandlers = new Hashtable(); /** - * instantiate connection factory. + * instantiate connection factory. */ public static final String ATTR_LDAPPUBLISH_STATUS = "LdapPublishStatus"; public static final String PROP_LDAP = "ldap"; @@ -100,12 +94,10 @@ public class LdapPublishModule implements ILdapPublishModule { public LdapPublishModule() { } - public void init(ISubsystem sub, IConfigStore config) throws EBaseException - { - } + public void init(ISubsystem sub, IConfigStore config) throws EBaseException { + } - public void set(String name, String val) - { + public void set(String name, String val) { } public LdapPublishModule(LdapBoundConnFactory factory) { @@ -116,8 +108,8 @@ public class LdapPublishModule implements ILdapPublishModule { protected IPublisherProcessor mPubProcessor; public void init(ICertAuthority authority, IPublisherProcessor p, - IConfigStore config) - throws EBaseException { + IConfigStore config) + throws EBaseException { if (mInited) return; @@ -133,9 +125,9 @@ public class LdapPublishModule implements ILdapPublishModule { mAuthority.registerRequestListener(this); } - public void init(ICertAuthority authority, IConfigStore config) - throws EBaseException { - if (mInited) + public void init(ICertAuthority authority, IConfigStore config) + throws EBaseException { + if (mInited) return; mAuthority = authority; @@ -150,15 +142,14 @@ public class LdapPublishModule implements ILdapPublishModule { } /** - * Returns the internal ldap connection factory. - * This can be useful to get a ldap connection to the - * ldap publishing directory without having to get it again from the - * config file. Note that this means sharing a ldap connection pool - * with the ldap publishing module so be sure to return connections to pool. - * Use ILdapConnFactory.getConn() to get a Ldap connection to the ldap - * publishing directory. - * Use ILdapConnFactory.returnConn() to return the connection. - * + * Returns the internal ldap connection factory. This can be useful to get a + * ldap connection to the ldap publishing directory without having to get it + * again from the config file. Note that this means sharing a ldap + * connection pool with the ldap publishing module so be sure to return + * connections to pool. Use ILdapConnFactory.getConn() to get a Ldap + * connection to the ldap publishing directory. Use + * ILdapConnFactory.returnConn() to return the connection. + * * @see com.netscape.certsrv.ldap.ILdapBoundConnFactory * @see com.netscape.certsrv.ldap.ILdapConnFactory */ @@ -167,8 +158,8 @@ public class LdapPublishModule implements ILdapPublishModule { } /** - * Returns the connection factory to the publishing directory. - * Must return the connection once you return + * Returns the connection factory to the publishing directory. Must return + * the connection once you return */ protected LdapMappers getMappers(String certType) { @@ -179,16 +170,16 @@ public class LdapPublishModule implements ILdapPublishModule { } else { mappers = (LdapMappers) mMappers.get(certType); } - return mappers; + return mappers; } protected void initMappers(IConfigStore config) - throws EBaseException { + throws EBaseException { IConfigStore types = mConfig.getSubStore(PROP_TYPE); if (types == null || types.size() <= 0) { // nothing configured. - if (Debug.ON) + if (Debug.ON) System.out.println("No ldap publishing configurations."); return; } @@ -198,9 +189,9 @@ public class LdapPublishModule implements ILdapPublishModule { String certType = (String) substores.nextElement(); IConfigStore current = types.getSubStore(certType); - if (current == null || current.size() <= 0) { + if (current == null || current.size() <= 0) { CMS.debug( - "No ldap publish configuration for " + certType + " found."); + "No ldap publish configuration for " + certType + " found."); continue; } ILdapPlugin mapper = null, publisher = null; @@ -212,53 +203,53 @@ public class LdapPublishModule implements ILdapPublishModule { mapperClassName = mapperConf.getString(PROP_CLASS, null); if (mapperClassName != null && mapperClassName.length() > 0) { CMS.debug( - "mapper " + mapperClassName + " for " + certType); + "mapper " + mapperClassName + " for " + certType); mapper = (ILdapPlugin) Class.forName(mapperClassName).newInstance(); mapper.init(mapperConf); } publisherConf = current.getSubStore(PROP_PUBLISHER); publisherClassName = publisherConf.getString(PROP_CLASS, null); - if (publisherClassName != null && - publisherClassName.length() > 0) { + if (publisherClassName != null && + publisherClassName.length() > 0) { CMS.debug( - "publisher " + publisherClassName + " for " + certType); + "publisher " + publisherClassName + " for " + certType); publisher = (ILdapPlugin) Class.forName(publisherClassName).newInstance(); publisher.init(publisherConf); } mMappers.put(certType, new LdapMappers(mapper, publisher)); } catch (ClassNotFoundException e) { - String missingClass = mapperClassName + - ((publisherClassName == null) ? "" : - (" or " + publisherClassName)); + String missingClass = mapperClassName + + ((publisherClassName == null) ? "" : + (" or " + publisherClassName)); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_FIND_CLASS", missingClass)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_FIND_CLASS", missingClass)); throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_CLASS_NOT_FOUND", missingClass)); + CMS.getUserMessage("CMS_LDAP_CLASS_NOT_FOUND", missingClass)); } catch (InstantiationException e) { - String badInstance = mapperClassName + - ((publisherClassName == null) ? "" : - (" or " + publisherClassName)); + String badInstance = mapperClassName + + ((publisherClassName == null) ? "" : + (" or " + publisherClassName)); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_INST_CLASS", - badInstance ,certType)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_INST_CLASS", + badInstance, certType)); throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_INSTANTIATING_CLASS_FAILED", badInstance)); + CMS.getUserMessage("CMS_LDAP_INSTANTIATING_CLASS_FAILED", badInstance)); } catch (IllegalAccessException e) { - String badInstance = mapperClassName + - ((publisherClassName == null) ? "" : - (" or " + publisherClassName)); + String badInstance = mapperClassName + + ((publisherClassName == null) ? "" : + (" or " + publisherClassName)); - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_INSUFFICIENT_CREDENTIALS", badInstance, certType)); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_INSUFFICIENT_CREDENTIALS", badInstance, certType)); throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_INSUFFICIENT_CREDENTIALS", certType)); + CMS.getUserMessage("CMS_LDAP_INSUFFICIENT_CREDENTIALS", certType)); } catch (EBaseException e) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_INIT_ERROR", certType, e.toString())); + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_INIT_ERROR", certType, e.toString())); throw e; } } @@ -266,14 +257,14 @@ public class LdapPublishModule implements ILdapPublishModule { } protected void initHandlers() { - mEventHandlers.put(IRequest.ENROLLMENT_REQUEST, - new HandleEnrollment(this)); + mEventHandlers.put(IRequest.ENROLLMENT_REQUEST, + new HandleEnrollment(this)); mEventHandlers.put(IRequest.RENEWAL_REQUEST, - new HandleRenewal(this)); - mEventHandlers.put(IRequest.REVOCATION_REQUEST, - new HandleRevocation(this)); - mEventHandlers.put(IRequest.UNREVOCATION_REQUEST, - new HandleUnrevocation(this)); + new HandleRenewal(this)); + mEventHandlers.put(IRequest.REVOCATION_REQUEST, + new HandleRevocation(this)); + mEventHandlers.put(IRequest.UNREVOCATION_REQUEST, + new HandleUnrevocation(this)); } public void accept(IRequest r) { @@ -284,14 +275,14 @@ public class LdapPublishModule implements ILdapPublishModule { if (handler == null) { CMS.debug( - "Nothing to publish for request type " + type); + "Nothing to publish for request type " + type); return; } handler.accept(r); } public void publish(String certType, X509Certificate cert) - throws ELdapException { + throws ELdapException { // get mapper and publisher for cert type. LdapMappers mappers = getMappers(certType); @@ -299,15 +290,15 @@ public class LdapPublishModule implements ILdapPublishModule { CMS.debug("publisher for " + certType + " is null"); return; } - publish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, cert); + publish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, cert); // set the ldap published flag. setPublishedFlag(cert.getSerialNumber(), true); } public void unpublish(String certType, X509Certificate cert) - throws ELdapException { + throws ELdapException { // get mapper and publisher for cert type. LdapMappers mappers = getMappers(certType); @@ -315,19 +306,19 @@ public class LdapPublishModule implements ILdapPublishModule { CMS.debug("publisher for " + certType + " is null"); return; } - unpublish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, cert); + unpublish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, cert); // set the ldap published flag. setPublishedFlag(cert.getSerialNumber(), false); } /** - * set published flag - true when published, false when unpublished. - * not exist means not published. + * set published flag - true when published, false when unpublished. not + * exist means not published. */ public void setPublishedFlag(BigInteger serialNo, boolean published) { - if (!(mAuthority instanceof ICertificateAuthority)) + if (!(mAuthority instanceof ICertificateAuthority)) return; ICertificateAuthority ca = (ICertificateAuthority) mAuthority; @@ -340,18 +331,18 @@ public class LdapPublishModule implements ILdapPublishModule { metaInfo = new MetaInfo(); } metaInfo.set( - CertRecord.META_LDAPPUBLISH, String.valueOf(published)); + CertRecord.META_LDAPPUBLISH, String.valueOf(published)); ModificationSet modSet = new ModificationSet(); - modSet.add(ICertRecord.ATTR_META_INFO, - Modification.MOD_REPLACE, metaInfo); + modSet.add(ICertRecord.ATTR_META_INFO, + Modification.MOD_REPLACE, metaInfo); certdb.modifyCertificateRecord(serialNo, modSet); } catch (EBaseException e) { // not fatal. just log warning. - log(ILogger.LL_WARN, - "Cannot mark cert 0x" + serialNo.toString(16) + " published as " + published + - " in the ldap directory. Cert Record not found. Error: " + - e.getMessage()); + log(ILogger.LL_WARN, + "Cannot mark cert 0x" + serialNo.toString(16) + " published as " + published + + " in the ldap directory. Cert Record not found. Error: " + + e.getMessage()); } } @@ -364,8 +355,8 @@ public class LdapPublishModule implements ILdapPublishModule { } public void publish(ILdapMapper mapper, ILdapPublisher publisher, - X509Certificate cert) - throws ELdapException { + X509Certificate cert) + throws ELdapException { LDAPConnection conn = null; try { @@ -376,17 +367,17 @@ public class LdapPublishModule implements ILdapPublishModule { if (mapper == null) { // use the cert's subject name exactly dirdn = cert.getSubjectDN().toString(); CMS.debug( - "no mapper found. Using subject name exactly." + - cert.getSubjectDN()); + "no mapper found. Using subject name exactly." + + cert.getSubjectDN()); } else { result = mapper.map(conn, cert); dirdn = result; - if (dirdn == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_PUBLISH_NOT_MATCH", - cert.getSerialNumber().toString(16), - cert.getSubjectDN().toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", + if (dirdn == null) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_PUBLISH_NOT_MATCH", + cert.getSerialNumber().toString(16), + cert.getSubjectDN().toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", cert.getSubjectDN().toString())); } } @@ -399,8 +390,8 @@ public class LdapPublishModule implements ILdapPublishModule { } public void unpublish(ILdapMapper mapper, ILdapPublisher publisher, - X509Certificate cert) - throws ELdapException { + X509Certificate cert) + throws ELdapException { LDAPConnection conn = null; try { @@ -413,12 +404,12 @@ public class LdapPublishModule implements ILdapPublishModule { } else { result = mapper.map(conn, cert); dirdn = result; - if (dirdn == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_PUBLISH_NOT_MATCH", - cert.getSerialNumber().toString(16), - cert.getSubjectDN().toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", + if (dirdn == null) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_PUBLISH_NOT_MATCH", + cert.getSerialNumber().toString(16), + cert.getSubjectDN().toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", cert.getSubjectDN().toString())); } } @@ -431,11 +422,11 @@ public class LdapPublishModule implements ILdapPublishModule { } /** - * publishes a crl by mapping the issuer name in the crl to an entry - * and publishing it there. entry must be a certificate authority. + * publishes a crl by mapping the issuer name in the crl to an entry and + * publishing it there. entry must be a certificate authority. */ - public void publish(X509CRLImpl crl) - throws ELdapException { + public void publish(X509CRLImpl crl) + throws ELdapException { ILdapCrlMapper mapper = null; ILdapPublisher publisher = null; @@ -458,17 +449,17 @@ public class LdapPublishModule implements ILdapPublishModule { } else { result = ((ILdapMapper) mappers.mapper).map(conn, crl); dn = result; - if (dn == null) { + if (dn == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_CRL_NOT_MATCH")); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", crl.getIssuerDN().toString())); } } ((ILdapPublisher) mappers.publisher).publish(conn, dn, crl); } catch (ELdapException e) { - //e.printStackTrace(); + // e.printStackTrace(); CMS.debug( - "Error publishing CRL to " + dn + ": " + e); + "Error publishing CRL to " + dn + ": " + e); throw e; } catch (IOException e) { CMS.debug("Error publishing CRL to " + dn + ": " + e); @@ -481,11 +472,11 @@ public class LdapPublishModule implements ILdapPublishModule { } /** - * publishes a crl by mapping the issuer name in the crl to an entry - * and publishing it there. entry must be a certificate authority. + * publishes a crl by mapping the issuer name in the crl to an entry and + * publishing it there. entry must be a certificate authority. */ - public void publish(String dn, X509CRL crl) - throws ELdapException { + public void publish(String dn, X509CRL crl) + throws ELdapException { LdapMappers mappers = getMappers(PROP_TYPE_CRL); if (mappers == null || mappers.publisher == null) { @@ -500,7 +491,7 @@ public class LdapPublishModule implements ILdapPublishModule { ((ILdapPublisher) mappers.publisher).publish(conn, dn, crl); } catch (ELdapException e) { CMS.debug( - "Error publishing CRL to " + dn + ": " + e.toString()); + "Error publishing CRL to " + dn + ": " + e.toString()); throw e; } finally { if (conn != null) { @@ -510,23 +501,22 @@ public class LdapPublishModule implements ILdapPublishModule { } public void log(int level, String msg) { - mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_LDAP, level, - "LdapPublishModule: " + msg); + mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_LDAP, level, + "LdapPublishModule: " + msg); } - -} +} class LdapMappers { public LdapMappers(ILdapPlugin aMapper, ILdapPlugin aPublisher) { mapper = aMapper; publisher = aPublisher; } + public ILdapPlugin mapper = null; public ILdapPlugin publisher = null; } - class HandleEnrollment implements IRequestListener { LdapPublishModule mModule = null; @@ -534,49 +524,47 @@ class HandleEnrollment implements IRequestListener { mModule = module; } - public void set(String name, String val) - { + public void set(String name, String val) { } - public void init(ISubsystem sub, IConfigStore config) throws EBaseException - { + public void init(ISubsystem sub, IConfigStore config) throws EBaseException { } public void accept(IRequest r) { CMS.debug( - "handling publishing for enrollment request id " + - r.getRequestId()); + "handling publishing for enrollment request id " + + r.getRequestId()); // in case it's not meant for us if (r.getExtDataInInteger(IRequest.RESULT) == null) return; - // check if request failed. + // check if request failed. if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) { CMS.debug("Request errored. " + - "Nothing to publish for enrollment request id " + - r.getRequestId()); + "Nothing to publish for enrollment request id " + + r.getRequestId()); return; } CMS.debug("Checking publishing for request " + - r.getRequestId()); + r.getRequestId()); // check if issued certs is set. X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs == null || certs.length == 0 || certs[0] == null) { CMS.debug( - "No certs to publish for request id " + r.getRequestId()); + "No certs to publish for request id " + r.getRequestId()); return; } // get mapper and publisher for client certs. - LdapMappers mappers = - mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); + LdapMappers mappers = + mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); if (mappers == null || mappers.publisher == null) { CMS.debug( - "In publishing: No publisher for type " + - LdapPublishModule.PROP_TYPE_CLIENT); + "In publishing: No publisher for type " + + LdapPublishModule.PROP_TYPE_CLIENT); return; } @@ -586,18 +574,18 @@ class HandleEnrollment implements IRequestListener { for (int i = 0; i < certs.length; i++) { try { - if (certs[i] == null) + if (certs[i] == null) continue; - mModule.publish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, certs[i]); + mModule.publish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, certs[i]); results[i] = IRequest.RES_SUCCESS; CMS.debug( - "Published cert serial no 0x" + certs[i].getSerialNumber().toString(16)); + "Published cert serial no 0x" + certs[i].getSerialNumber().toString(16)); mModule.setPublishedFlag(certs[i].getSerialNumber(), true); } catch (ELdapException e) { - mModule.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - certs[i].getSerialNumber().toString(16),e.toString())); + mModule.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", + certs[i].getSerialNumber().toString(16), e.toString())); results[i] = IRequest.RES_ERROR; } r.setExtData("ldapPublishStatus", results); @@ -605,40 +593,38 @@ class HandleEnrollment implements IRequestListener { } } - class HandleRenewal implements IRequestListener { private LdapPublishModule mModule = null; + public HandleRenewal(LdapPublishModule module) { mModule = module; } - public void init(ISubsystem sub, IConfigStore config) throws EBaseException - { - } + public void init(ISubsystem sub, IConfigStore config) throws EBaseException { + } - public void set(String name, String val) - { + public void set(String name, String val) { } public void accept(IRequest r) { - // Note we do not remove old certs from directory during renewal + // Note we do not remove old certs from directory during renewal X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs == null || certs.length == 0) { CMS.debug("no certs to publish for renewal " + - "request " + r.getRequestId()); + "request " + r.getRequestId()); return; } Integer results[] = new Integer[certs.length]; X509CertImpl cert = null; // get mapper and publisher for cert type. - LdapMappers mappers = - mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); + LdapMappers mappers = + mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); if (mappers == null || mappers.publisher == null) { CMS.debug( - "publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + " is null"); + "publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + " is null"); return; } @@ -646,46 +632,44 @@ class HandleRenewal implements IRequestListener { for (int i = 0; i < certs.length; i++) { cert = (X509CertImpl) certs[i]; - if (cert == null) + if (cert == null) continue; // there was an error issuing this cert. try { - mModule.publish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, cert); + mModule.publish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, cert); results[i] = IRequest.RES_SUCCESS; - mModule.log(ILogger.LL_INFO, - "Published cert serial no 0x" + cert.getSerialNumber().toString(16)); + mModule.log(ILogger.LL_INFO, + "Published cert serial no 0x" + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mModule.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - cert.getSerialNumber().toString(16), e.getMessage())); + mModule.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", + cert.getSerialNumber().toString(16), e.getMessage())); results[i] = IRequest.RES_ERROR; } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - class HandleRevocation implements IRequestListener { private LdapPublishModule mModule = null; + public HandleRevocation(LdapPublishModule module) { mModule = module; } - public void init(ISubsystem sub, IConfigStore config) throws EBaseException - { - } + public void init(ISubsystem sub, IConfigStore config) throws EBaseException { + } - public void set(String name, String val) - { + public void set(String name, String val) { } public void accept(IRequest r) { CMS.debug( - "Handle publishing for revoke request id " + r.getRequestId()); + "Handle publishing for revoke request id " + r.getRequestId()); // get fields in request. X509CertImpl[] revcerts = r.getExtDataInCertArray(IRequest.OLD_CERTS); @@ -693,18 +677,18 @@ class HandleRevocation implements IRequestListener { if (revcerts == null || revcerts.length == 0 || revcerts[0] == null) { // no certs in revoke. CMS.debug( - "Nothing to unpublish for revocation " + - "request " + r.getRequestId()); + "Nothing to unpublish for revocation " + + "request " + r.getRequestId()); return; } // get mapper and publisher for cert type. - LdapMappers mappers = - mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); + LdapMappers mappers = + mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); if (mappers == null || mappers.publisher == null) { CMS.debug( - "publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + " is null"); + "publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + " is null"); return; } @@ -716,41 +700,40 @@ class HandleRevocation implements IRequestListener { results[i] = IRequest.RES_ERROR; try { - mModule.unpublish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, cert); + mModule.unpublish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, cert); results[i] = IRequest.RES_SUCCESS; CMS.debug( - "Unpublished cert serial no 0x" + cert.getSerialNumber().toString(16)); + "Unpublished cert serial no 0x" + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mModule.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", - cert.getSerialNumber().toString(16), e.getMessage())); + mModule.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", + cert.getSerialNumber().toString(16), e.getMessage())); } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - class HandleUnrevocation implements IRequestListener { private LdapPublishModule mModule = null; + public HandleUnrevocation(LdapPublishModule module) { mModule = module; } - public void set(String name, String val) - { + public void set(String name, String val) { + } + + public void init(ISubsystem sub, IConfigStore config) throws EBaseException { } - public void init(ISubsystem sub, IConfigStore config) throws EBaseException - { - } public void accept(IRequest r) { CMS.debug( - "Handle publishing for unrevoke request id " + r.getRequestId()); + "Handle publishing for unrevoke request id " + r.getRequestId()); // get fields in request. X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.OLD_CERTS); @@ -758,18 +741,18 @@ class HandleUnrevocation implements IRequestListener { if (certs == null || certs.length == 0 || certs[0] == null) { // no certs in unrevoke. CMS.debug( - "Nothing to publish for unrevocation " + - "request " + r.getRequestId()); + "Nothing to publish for unrevocation " + + "request " + r.getRequestId()); return; } // get mapper and publisher for cert type. - LdapMappers mappers = - mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); + LdapMappers mappers = + mModule.getMappers(LdapPublishModule.PROP_TYPE_CLIENT); if (mappers == null || mappers.publisher == null) { CMS.debug( - "publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + " is null"); + "publisher for " + LdapPublishModule.PROP_TYPE_CLIENT + " is null"); return; } @@ -779,22 +762,21 @@ class HandleUnrevocation implements IRequestListener { for (int i = 0; i < certs.length; i++) { results[i] = IRequest.RES_ERROR; try { - mModule.publish((ILdapMapper) mappers.mapper, - (ILdapPublisher) mappers.publisher, certs[i]); + mModule.publish((ILdapMapper) mappers.mapper, + (ILdapPublisher) mappers.publisher, certs[i]); results[i] = IRequest.RES_SUCCESS; CMS.debug( - "Unpublished cert serial no 0x" + certs[i].getSerialNumber().toString(16)); + "Unpublished cert serial no 0x" + certs[i].getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mModule.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", - certs[i].getSerialNumber().toString(16), e.getMessage())); + mModule.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", + certs[i].getSerialNumber().toString(16), e.getMessage())); } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java index 6c1e1e8a..f67124a0 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapRequestListener.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.math.BigInteger; import java.security.cert.Certificate; import java.util.Hashtable; @@ -42,13 +41,12 @@ import com.netscape.certsrv.request.IRequestListener; import com.netscape.certsrv.request.RequestId; import com.netscape.cmscore.dbs.CertRecord; - public class LdapRequestListener implements IRequestListener { private boolean mInited = false; /** - * handlers for request types (events) - * each handler implement IRequestListener + * handlers for request types (events) each handler implement + * IRequestListener */ private Hashtable mRequestListeners = new Hashtable(); @@ -57,23 +55,23 @@ public class LdapRequestListener implements IRequestListener { public LdapRequestListener() { } - public void set(String name, String val) - { - } + public void set(String name, String val) { + } public void init(ISubsystem sys, IConfigStore config) throws EBaseException { - if (mInited) return; + if (mInited) + return; - mPublisherProcessor = (IPublisherProcessor)sys; + mPublisherProcessor = (IPublisherProcessor) sys; mRequestListeners.put(IRequest.ENROLLMENT_REQUEST, - new LdapEnrollmentListener(mPublisherProcessor)); + new LdapEnrollmentListener(mPublisherProcessor)); mRequestListeners.put(IRequest.RENEWAL_REQUEST, - new LdapRenewalListener(mPublisherProcessor)); + new LdapRenewalListener(mPublisherProcessor)); mRequestListeners.put(IRequest.REVOCATION_REQUEST, - new LdapRevocationListener(mPublisherProcessor)); + new LdapRevocationListener(mPublisherProcessor)); mRequestListeners.put(IRequest.UNREVOCATION_REQUEST, - new LdapUnrevocationListener(mPublisherProcessor)); + new LdapUnrevocationListener(mPublisherProcessor)); mInited = true; } @@ -86,33 +84,33 @@ public class LdapRequestListener implements IRequestListener { if (r.getExtDataInInteger(IRequest.RESULT) == null) return null; - // check if request failed. + // check if request failed. if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) { CMS.debug("Request errored. " + - "Nothing to publish for enrollment request id " + - r.getRequestId()); + "Nothing to publish for enrollment request id " + + r.getRequestId()); return null; } CMS.debug("Checking publishing for request " + - r.getRequestId()); + r.getRequestId()); // check if issued certs is set. X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs == null || certs.length == 0 || certs[0] == null) { CMS.debug( - "No certs to publish for request id " + - r.getRequestId()); + "No certs to publish for request id " + + r.getRequestId()); return null; } obj.setCerts(certs); return obj; } else if (type.equals(IRequest.RENEWAL_REQUEST)) { - // Note we do not remove old certs from directory during renewal + // Note we do not remove old certs from directory during renewal X509CertImpl[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs == null || certs.length == 0) { CMS.debug("no certs to publish for renewal " + - "request " + r.getRequestId()); + "request " + r.getRequestId()); return null; } obj.setCerts(certs); @@ -123,8 +121,8 @@ public class LdapRequestListener implements IRequestListener { if (revcerts == null || revcerts.length == 0 || revcerts[0] == null) { // no certs in revoke. CMS.debug( - "Nothing to unpublish for revocation " + - "request " + r.getRequestId()); + "Nothing to unpublish for revocation " + + "request " + r.getRequestId()); return null; } obj.setCerts(revcerts); @@ -135,16 +133,16 @@ public class LdapRequestListener implements IRequestListener { if (certs == null || certs.length == 0 || certs[0] == null) { // no certs in unrevoke. CMS.debug( - "Nothing to publish for unrevocation " + - "request " + r.getRequestId()); + "Nothing to publish for unrevocation " + + "request " + r.getRequestId()); return null; } obj.setCerts(certs); return obj; } else { CMS.debug("Request errored. " + - "Nothing to publish for request id " + - r.getRequestId()); + "Nothing to publish for request id " + + r.getRequestId()); return null; } @@ -157,7 +155,7 @@ public class LdapRequestListener implements IRequestListener { if (handler == null) { CMS.debug( - "Nothing to publish for request type " + type); + "Nothing to publish for request type " + type); return; } handler.accept(r); @@ -165,7 +163,6 @@ public class LdapRequestListener implements IRequestListener { } - class LdapEnrollmentListener implements IRequestListener { IPublisherProcessor mProcessor = null; @@ -176,51 +173,50 @@ class LdapEnrollmentListener implements IRequestListener { public void init(ISubsystem sys, IConfigStore config) throws EBaseException { } - public void set(String name, String val) - { + public void set(String name, String val) { } public void accept(IRequest r) { CMS.debug( - "LdapRequestListener handling publishing for enrollment request id " + - r.getRequestId()); + "LdapRequestListener handling publishing for enrollment request id " + + r.getRequestId()); String profileId = r.getExtDataInString("profileId"); if (profileId == null) { - // in case it's not meant for us - if (r.getExtDataInInteger(IRequest.RESULT) == null) - return; + // in case it's not meant for us + if (r.getExtDataInInteger(IRequest.RESULT) == null) + return; // check if request failed. - if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) { - CMS.debug("Request errored. " + - "Nothing to publish for enrollment request id " + - r.getRequestId()); - return; - } - } + if ((r.getExtDataInInteger(IRequest.RESULT)).equals(IRequest.RES_ERROR)) { + CMS.debug("Request errored. " + + "Nothing to publish for enrollment request id " + + r.getRequestId()); + return; + } + } CMS.debug("Checking publishing for request " + - r.getRequestId()); + r.getRequestId()); // check if issued certs is set. Certificate[] certs = null; if (profileId == null) { - certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); - } else { - certs = new Certificate[1]; - certs[0] = r.getExtDataInCert(IEnrollProfile.REQUEST_ISSUED_CERT); - } + certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); + } else { + certs = new Certificate[1]; + certs[0] = r.getExtDataInCert(IEnrollProfile.REQUEST_ISSUED_CERT); + } if (certs == null || certs.length == 0 || certs[0] == null) { CMS.debug( - "No certs to publish for request id " + r.getRequestId()); + "No certs to publish for request id " + r.getRequestId()); return; } - + if (certs[0] instanceof X509CertImpl) acceptX509(r, certs); } - + public void acceptX509(IRequest r, Certificate[] certs) { Integer results[] = new Integer[certs.length]; boolean error = false; @@ -228,58 +224,57 @@ class LdapEnrollmentListener implements IRequestListener { for (int i = 0; i < certs.length; i++) { X509CertImpl xcert = (X509CertImpl) certs[i]; - if (xcert == null) + if (xcert == null) continue; try { mProcessor.publishCert(xcert, r); - + results[i] = IRequest.RES_SUCCESS; CMS.debug( - "acceptX509: Published cert serial no 0x" + - xcert.getSerialNumber().toString(16)); - //mProcessor.setPublishedFlag(xcert.getSerialNumber(), true); + "acceptX509: Published cert serial no 0x" + + xcert.getSerialNumber().toString(16)); + // mProcessor.setPublishedFlag(xcert.getSerialNumber(), true); } catch (ELdapException e) { - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - xcert.getSerialNumber().toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", + xcert.getSerialNumber().toString(16), e.toString())); results[i] = IRequest.RES_ERROR; error = true; } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - class LdapRenewalListener implements IRequestListener { private IPublisherProcessor mProcessor = null; public LdapRenewalListener(IPublisherProcessor processor) { mProcessor = processor; } + public void init(ISubsystem sys, IConfigStore config) throws EBaseException { } - public void set(String name, String val) - { + public void set(String name, String val) { } public void accept(IRequest r) { - // Note we do not remove old certs from directory during renewal + // Note we do not remove old certs from directory during renewal Certificate[] certs = r.getExtDataInCertArray(IRequest.ISSUED_CERTS); if (certs == null || certs.length == 0) { CMS.debug("no certs to publish for renewal " + - "request " + r.getRequestId()); + "request " + r.getRequestId()); return; } - + if (certs[0] instanceof X509CertImpl) acceptX509(r, certs); } - + public void acceptX509(IRequest r, Certificate[] certs) { X509CertImpl cert = null; @@ -288,45 +283,44 @@ class LdapRenewalListener implements IRequestListener { for (int i = 0; i < certs.length; i++) { cert = (X509CertImpl) certs[i]; - if (cert == null) + if (cert == null) continue; // there was an error issuing this cert. try { mProcessor.publishCert(cert, r); results[i] = IRequest.RES_SUCCESS; - mProcessor.log(ILogger.LL_INFO, - "Published cert serial no 0x" + - cert.getSerialNumber().toString(16)); + mProcessor.log(ILogger.LL_INFO, + "Published cert serial no 0x" + + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - cert.getSerialNumber().toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", + cert.getSerialNumber().toString(16), e.toString())); results[i] = IRequest.RES_ERROR; } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - class LdapRevocationListener implements IRequestListener { private IPublisherProcessor mProcessor = null; public LdapRevocationListener(IPublisherProcessor processor) { mProcessor = processor; } + public void init(ISubsystem sys, IConfigStore config) throws EBaseException { } - public void set(String name, String val) - { + public void set(String name, String val) { } public void accept(IRequest r) { CMS.debug( - "Handle publishing for revoke request id " + r.getRequestId()); + "Handle publishing for revoke request id " + r.getRequestId()); // get fields in request. Certificate[] certs = r.getExtDataInCertArray(IRequest.OLD_CERTS); @@ -334,15 +328,15 @@ class LdapRevocationListener implements IRequestListener { if (certs == null || certs.length == 0 || certs[0] == null) { // no certs in revoke. CMS.debug( - "Nothing to unpublish for revocation " + - "request " + r.getRequestId()); + "Nothing to unpublish for revocation " + + "request " + r.getRequestId()); return; } - + if (certs[0] instanceof X509CertImpl) acceptX509(r, certs); } - + public void acceptX509(IRequest r, Certificate[] revcerts) { boolean error = false; Integer results[] = new Integer[revcerts.length]; @@ -356,15 +350,15 @@ class LdapRevocationListener implements IRequestListener { // We need the enrollment request to sort out predicate BigInteger serial = cert.getSerialNumber(); ICertRecord certRecord = null; - IAuthority auth = (IAuthority)mProcessor.getAuthority(); + IAuthority auth = (IAuthority) mProcessor.getAuthority(); if (auth == null || - !(auth instanceof ICertificateAuthority)) { + !(auth instanceof ICertificateAuthority)) { mProcessor.log(ILogger.LL_WARN, - "Trying to get a certificate from non certificate authority."); + "Trying to get a certificate from non certificate authority."); } else { ICertificateRepository certdb = - (ICertificateRepository) ((ICertificateAuthority) auth).getCertificateRepository(); + (ICertificateRepository) ((ICertificateAuthority) auth).getCertificateRepository(); if (certdb == null) { mProcessor.log(ILogger.LL_WARN, "Cert DB is null for " + auth); @@ -373,72 +367,72 @@ class LdapRevocationListener implements IRequestListener { certRecord = (ICertRecord) certdb.readCertificateRecord(serial); } catch (EBaseException e) { mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_GET_CERT_RECORD", - serial.toString(16), e.toString())); + CMS.getLogMessage("CMSCORE_LDAP_GET_CERT_RECORD", + serial.toString(16), e.toString())); } } } MetaInfo metaInfo = null; String ridString = null; - + if (certRecord != null) - metaInfo = + metaInfo = (MetaInfo) certRecord.get(ICertRecord.ATTR_META_INFO); if (metaInfo == null) { - mProcessor.log(ILogger.LL_FAILURE, - "failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" + - serial.toString(16)); + mProcessor.log(ILogger.LL_FAILURE, + "failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" + + serial.toString(16)); } else { ridString = (String) metaInfo.get(ICertRecord.META_REQUEST_ID); } - + IRequest req = null; if (ridString != null) { RequestId rid = new RequestId(ridString); - + req = auth.getRequestQueue().findRequest(rid); - } + } mProcessor.unpublishCert(cert, req); results[i] = IRequest.RES_SUCCESS; CMS.debug( - "Unpublished cert serial no 0x" + - cert.getSerialNumber().toString(16)); + "Unpublished cert serial no 0x" + + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", - cert.getSerialNumber().toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_UNPUBLISH", + cert.getSerialNumber().toString(16), e.toString())); } catch (EBaseException e) { error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND", - cert.getSerialNumber().toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND", + cert.getSerialNumber().toString(16), e.toString())); } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - class LdapUnrevocationListener implements IRequestListener { private IPublisherProcessor mProcessor = null; public LdapUnrevocationListener(IPublisherProcessor processor) { mProcessor = processor; } + public void init(ISubsystem sys, IConfigStore config) throws EBaseException { } - public void set(String name, String val) - { + + public void set(String name, String val) { } public void accept(IRequest r) { CMS.debug( - "Handle publishing for unrevoke request id " + r.getRequestId()); + "Handle publishing for unrevoke request id " + r.getRequestId()); // get fields in request. Certificate[] certs = r.getExtDataInCertArray(IRequest.OLD_CERTS); @@ -446,15 +440,15 @@ class LdapUnrevocationListener implements IRequestListener { if (certs == null || certs.length == 0 || certs[0] == null) { // no certs in unrevoke. CMS.debug( - "Nothing to publish for unrevocation " + - "request " + r.getRequestId()); + "Nothing to publish for unrevocation " + + "request " + r.getRequestId()); return; } - + if (certs[0] instanceof X509CertImpl) acceptX509(r, certs); } - + public void acceptX509(IRequest r, Certificate[] certs) { boolean error = false; Integer results[] = new Integer[certs.length]; @@ -467,15 +461,15 @@ class LdapUnrevocationListener implements IRequestListener { // We need the enrollment request to sort out predicate BigInteger serial = xcert.getSerialNumber(); ICertRecord certRecord = null; - IAuthority auth = (IAuthority)mProcessor.getAuthority(); + IAuthority auth = (IAuthority) mProcessor.getAuthority(); if (auth == null || - !(auth instanceof ICertificateAuthority)) { + !(auth instanceof ICertificateAuthority)) { mProcessor.log(ILogger.LL_WARN, - "Trying to get a certificate from non certificate authority."); + "Trying to get a certificate from non certificate authority."); } else { ICertificateRepository certdb = (ICertificateRepository) - ((ICertificateAuthority) auth).getCertificateRepository(); + ((ICertificateAuthority) auth).getCertificateRepository(); if (certdb == null) { mProcessor.log(ILogger.LL_WARN, "Cert DB is null for " + auth); @@ -484,52 +478,51 @@ class LdapUnrevocationListener implements IRequestListener { certRecord = (ICertRecord) certdb.readCertificateRecord(serial); } catch (EBaseException e) { mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_GET_CERT_RECORD", serial.toString(16), e.toString())); + CMS.getLogMessage("CMSCORE_LDAP_GET_CERT_RECORD", serial.toString(16), e.toString())); } } } MetaInfo metaInfo = null; String ridString = null; - + if (certRecord != null) - metaInfo = + metaInfo = (MetaInfo) certRecord.get(CertRecord.ATTR_META_INFO); if (metaInfo == null) { - mProcessor.log(ILogger.LL_FAILURE, - "Failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" + - serial.toString(16)); + mProcessor.log(ILogger.LL_FAILURE, + "Failed getting CertRecord.ATTR_META_INFO for cert serial number 0x" + + serial.toString(16)); } else { ridString = (String) metaInfo.get(CertRecord.META_REQUEST_ID); } - + IRequest req = null; if (ridString != null) { RequestId rid = new RequestId(ridString); - + req = auth.getRequestQueue().findRequest(rid); - } + } mProcessor.publishCert(xcert, req); results[i] = IRequest.RES_SUCCESS; CMS.debug( - "Published cert serial no 0x" + - xcert.getSerialNumber().toString(16)); + "Published cert serial no 0x" + + xcert.getSerialNumber().toString(16)); } catch (ELdapException e) { error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", - xcert.getSerialNumber().toString(16), e.toString())); + mProcessor.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_PUBLISH", + xcert.getSerialNumber().toString(16), e.toString())); } catch (EBaseException e) { error = true; - mProcessor.log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND", - xcert.getSerialNumber().toString(16), e.toString())); - } + mProcessor.log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_CERT_NOT_FIND", + xcert.getSerialNumber().toString(16), e.toString())); + } } r.setExtData("ldapPublishStatus", results); r.setExtData("ldapPublishOverAllStatus", - (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); + (error == true ? IRequest.RES_ERROR : IRequest.RES_SUCCESS)); } } - diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRule.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapRule.java index 233cbf87..53da0f35 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapRule.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapRule.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.util.Enumeration; import java.util.Locale; import java.util.Vector; @@ -30,8 +29,7 @@ import com.netscape.certsrv.publish.ILdapRule; import com.netscape.certsrv.publish.IPublisherProcessor; import com.netscape.cmscore.util.Debug; - -/** +/** * The publishing rule that links mapper and publisher together. */ public class LdapRule implements ILdapRule, IExtendedPluginInfo { @@ -43,15 +41,15 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { private IPublisherProcessor mProcessor = null; - private static String[] epi_params = null; // extendedpluginInfo + private static String[] epi_params = null; // extendedpluginInfo public IConfigStore getConfigStore() { return mConfig; } public String[] getExtendedPluginInfo(Locale locale) { - //dont know why it's null here. - //if (mProcessor == null) System.out.println("p null"); + // dont know why it's null here. + // if (mProcessor == null) System.out.println("p null"); if (Debug.ON) { Debug.trace("LdapRule: getExtendedPluginInfo() - returning epi_params:"); @@ -61,7 +59,7 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { } return epi_params; } - + public void init(IPublisherProcessor processor, IConfigStore config) throws EBaseException { mConfig = config; @@ -72,14 +70,14 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { String map = NOMAPPER; for (; mappers.hasMoreElements();) { - String name = mappers.nextElement(); + String name = mappers.nextElement(); map = map + "," + name; } String publish = ""; for (; publishers.hasMoreElements();) { - String name = publishers.nextElement(); + String name = publishers.nextElement(); publish = publish + "," + name; } @@ -94,7 +92,7 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { // Read the predicate expression if any associated // with the rule - String exp = config.getString(IPublisherProcessor.PROP_PREDICATE, null); + String exp = config.getString(IPublisherProcessor.PROP_PREDICATE, null); if (exp != null) exp = exp.trim(); @@ -103,14 +101,13 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { setPredicate(filterExp); } - //if (mProcessor == null) System.out.println("null"); + // if (mProcessor == null) System.out.println("null"); } /** - * The init method in ILdapPlugin - * It can not set set mapper,publisher choice for console dynamicly - * Should not use this method to init. + * The init method in ILdapPlugin It can not set set mapper,publisher choice + * for console dynamicly Should not use this method to init. */ public void init(IConfigStore config) throws EBaseException { mConfig = config; @@ -125,7 +122,7 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { // Read the predicate expression if any associated // with the rule - String exp = config.getString(IPublisherProcessor.PROP_PREDICATE, null); + String exp = config.getString(IPublisherProcessor.PROP_PREDICATE, null); if (exp != null) exp = exp.trim(); @@ -169,8 +166,8 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { * Returns the current instance parameters. */ public Vector<String> getInstanceParams() { - //if (mProcessor == null) System.out.println("xxxxnull"); - //dont know why the processor was null in getExtendedPluginInfo() + // if (mProcessor == null) System.out.println("xxxxnull"); + // dont know why the processor was null in getExtendedPluginInfo() Enumeration<String> mappers = mProcessor.getMapperInsts().keys(); Enumeration<String> publishers = mProcessor.getPublisherInsts().keys(); String map = NOMAPPER; @@ -189,31 +186,34 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { } /* - mExtendedPluginInfo = new NameValuePairs(); - mExtendedPluginInfo.add("type","choice(client,server,objSignClient,smime,ca,crl);The publishing object type"); - mExtendedPluginInfo.add("mapper","choice("+map+");Use the mapper to find the ldap dn \nto publish the certificate or crl"); - mExtendedPluginInfo.add("publisher","choice("+publish+");Use the publisher to publish the certificate or crl a directory etc"); - mExtendedPluginInfo.add("enable","boolean;"); - mExtendedPluginInfo.add("predicate","string;"); + * mExtendedPluginInfo = new NameValuePairs(); + * mExtendedPluginInfo.add("type", + * "choice(client,server,objSignClient,smime,ca,crl);The publishing object type" + * ); mExtendedPluginInfo.add("mapper","choice("+map+ + * ");Use the mapper to find the ldap dn \nto publish the certificate or crl" + * ); mExtendedPluginInfo.add("publisher","choice("+publish+ + * ");Use the publisher to publish the certificate or crl a directory etc" + * ); mExtendedPluginInfo.add("enable","boolean;"); + * mExtendedPluginInfo.add("predicate","string;"); */ Vector<String> v = new Vector<String>(); try { - v.addElement(IPublisherProcessor.PROP_TYPE + "=" + - mConfig.getString(IPublisherProcessor.PROP_TYPE, "")); - v.addElement(IPublisherProcessor.PROP_PREDICATE + "=" + - mConfig.getString(IPublisherProcessor.PROP_PREDICATE, - "")); - v.addElement(IPublisherProcessor.PROP_ENABLE + "=" + - mConfig.getString(IPublisherProcessor.PROP_ENABLE, - "")); - v.addElement(IPublisherProcessor.PROP_MAPPER + "=" + - mConfig.getString(IPublisherProcessor.PROP_MAPPER, - "")); - v.addElement(IPublisherProcessor.PROP_PUBLISHER + "=" + - mConfig.getString(IPublisherProcessor.PROP_PUBLISHER, - "")); + v.addElement(IPublisherProcessor.PROP_TYPE + "=" + + mConfig.getString(IPublisherProcessor.PROP_TYPE, "")); + v.addElement(IPublisherProcessor.PROP_PREDICATE + "=" + + mConfig.getString(IPublisherProcessor.PROP_PREDICATE, + "")); + v.addElement(IPublisherProcessor.PROP_ENABLE + "=" + + mConfig.getString(IPublisherProcessor.PROP_ENABLE, + "")); + v.addElement(IPublisherProcessor.PROP_MAPPER + "=" + + mConfig.getString(IPublisherProcessor.PROP_MAPPER, + "")); + v.addElement(IPublisherProcessor.PROP_PUBLISHER + "=" + + mConfig.getString(IPublisherProcessor.PROP_PUBLISHER, + "")); } catch (EBaseException e) { } return v; @@ -222,8 +222,8 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { /** * Sets a predicate expression for rule matching. * <P> - * - * @param exp The predicate expression for the rule. + * + * @param exp The predicate expression for the rule. */ public void setPredicate(ILdapExpression exp) { mFilterExp = exp; @@ -232,7 +232,7 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { /** * Returns the predicate expression for the rule. * <P> - * + * * @return The predicate expression for the rule. */ public ILdapExpression getPredicate() { @@ -242,7 +242,7 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { public String getMapper() { try { String map = - mConfig.getString(IPublisherProcessor.PROP_MAPPER, ""); + mConfig.getString(IPublisherProcessor.PROP_MAPPER, ""); if (map != null) map = map.trim(); @@ -275,10 +275,10 @@ public class LdapRule implements ILdapRule, IExtendedPluginInfo { public boolean enabled() { try { - boolean enable = - mConfig.getBoolean(IPublisherProcessor.PROP_ENABLE, false); + boolean enable = + mConfig.getBoolean(IPublisherProcessor.PROP_ENABLE, false); - //System.out.println(enable); + // System.out.println(enable); return enable; } catch (EBaseException e) { } diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java index a2a7e558..1c9b074d 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapSimpleExpression.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.util.Enumeration; import java.util.Vector; @@ -28,13 +27,12 @@ import com.netscape.certsrv.publish.ILdapExpression; import com.netscape.certsrv.request.IRequest; import com.netscape.cmscore.util.AssertionException; - /** - * This class represents an expression of the form var = val, - * var != val, var < val, var > val, var <= val, var >= val. - * + * This class represents an expression of the form var = val, var != val, var < + * val, var > val, var <= val, var >= val. + * * Expressions are used as predicates for publishing rule selection. - * + * * @author mzhao * @version $Revision$, $Date$ */ @@ -47,11 +45,11 @@ public class LdapSimpleExpression implements ILdapExpression { private boolean hasWildCard; public static final char WILDCARD_CHAR = '*'; - // This is just for indicating a null expression. + // This is just for indicating a null expression. public static LdapSimpleExpression NULL_EXPRESSION = new LdapSimpleExpression("null", OP_EQUAL, "null"); public static ILdapExpression parse(String input) - throws ELdapException { + throws ELdapException { // Get the index of operator // Debug.trace("LdapSimpleExpression::input: " + input); String var = null; @@ -73,7 +71,7 @@ public class LdapSimpleExpression implements ILdapExpression { comps = parseForLT(input); if (comps == null) throw new ELdapException(CMS.getUserMessage("CMS_LDAP_BAD_LDAP_EXPRESSION", input)); - + String pfx = null; String rawVar = comps.getAttr(); int dotIdx = rawVar.indexOf('.'); @@ -119,23 +117,23 @@ public class LdapSimpleExpression implements ILdapExpression { } public boolean evaluate(SessionContext sc) - throws ELdapException { + throws ELdapException { Object givenVal; try { // Try exact case first. givenVal = (String) sc.get(mVar); - }catch (Exception e) { + } catch (Exception e) { givenVal = (String) null; } // It is kind of a problem here if all letters are in - // lowercase or in upperCase - for example in the case + // lowercase or in upperCase - for example in the case // of directory attributes. if (givenVal == null) { try { givenVal = (String) sc.get(mVar.toLowerCase()); - }catch (Exception e) { + } catch (Exception e) { givenVal = (String) null; } } @@ -143,12 +141,13 @@ public class LdapSimpleExpression implements ILdapExpression { if (givenVal == null) { try { givenVal = (String) sc.get(mVar.toUpperCase()); - }catch (Exception e) { + } catch (Exception e) { givenVal = (String) null; } } - // Debug.trace("mVar: " + mVar + ",Given Value: " + givenVal + ", Value to compare with: " + mVal); + // Debug.trace("mVar: " + mVar + ",Given Value: " + givenVal + + // ", Value to compare with: " + mVal); boolean result = false; result = matchValue(givenVal); @@ -158,7 +157,7 @@ public class LdapSimpleExpression implements ILdapExpression { } public boolean evaluate(IRequest req) - throws ELdapException { + throws ELdapException { boolean result = false; // mPfx and mVar are looked up case-indendently if (mPfx != null) { @@ -170,7 +169,7 @@ public class LdapSimpleExpression implements ILdapExpression { } private boolean matchVector(Vector value) - throws ELdapException { + throws ELdapException { boolean result = false; Enumeration e = (Enumeration) value.elements(); @@ -183,7 +182,7 @@ public class LdapSimpleExpression implements ILdapExpression { } private boolean matchStringArray(String[] value) - throws ELdapException { + throws ELdapException { boolean result = false; for (int i = 0; i < value.length; i++) { @@ -195,7 +194,7 @@ public class LdapSimpleExpression implements ILdapExpression { } private boolean matchValue(Object value) - throws ELdapException { + throws ELdapException { boolean result; // There is nothing to compare with! @@ -219,7 +218,7 @@ public class LdapSimpleExpression implements ILdapExpression { } private boolean matchStringValue(String givenVal) - throws ELdapException { + throws ELdapException { boolean result; switch (mOp) { @@ -260,7 +259,7 @@ public class LdapSimpleExpression implements ILdapExpression { } private boolean matchIntegerValue(Integer intVal) - throws ELdapException { + throws ELdapException { boolean result; int storedVal; int givenVal = intVal.intValue(); @@ -303,12 +302,11 @@ public class LdapSimpleExpression implements ILdapExpression { } private boolean matchBooleanValue(Boolean givenVal) - throws ELdapException { + throws ELdapException { boolean result; Boolean storedVal; - if (!(mVal.equalsIgnoreCase("true") || - mVal.equalsIgnoreCase("false"))) + if (!(mVal.equalsIgnoreCase("true") || mVal.equalsIgnoreCase("false"))) throw new ELdapException(CMS.getUserMessage("CMS_LDAP_INVALID_ATTR_VALUE", mVal)); storedVal = new Boolean(mVal); @@ -359,7 +357,7 @@ public class LdapSimpleExpression implements ILdapExpression { op = ILdapExpression.LE_STR; break; } - if (mPfx != null && mPfx.length() > 0) + if (mPfx != null && mPfx.length() > 0) return mPfx + "." + mVar + " " + op + " " + mVal; else return mVar + " " + op + " " + mVal; @@ -450,7 +448,6 @@ public class LdapSimpleExpression implements ILdapExpression { } } - class ExpressionComps { String attr; int op; @@ -474,4 +471,3 @@ class ExpressionComps { return val; } } - diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/PublishObject.java b/pki/base/common/src/com/netscape/cmscore/ldap/PublishObject.java index fc2ace23..940330d6 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/PublishObject.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/PublishObject.java @@ -17,11 +17,9 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import netscape.security.x509.X509CRLImpl; import netscape.security.x509.X509CertImpl; - /** * The object to publish or unpublish: a certificate or a CRL */ @@ -32,7 +30,7 @@ public class PublishObject { private String mObjectType = null; private X509CertImpl mCert = null; private X509CertImpl[] mCerts = null; - private X509CRLImpl mCRL = null; + private X509CRLImpl mCRL = null; private int mIndex = 0; public PublishObject() { diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java b/pki/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java index 57e39aef..68519be2 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.ldap; - import java.math.BigInteger; import java.security.cert.X509CRL; import java.security.cert.X509Certificate; @@ -61,9 +60,8 @@ import com.netscape.certsrv.request.IRequestNotifier; import com.netscape.cmscore.dbs.CertRecord; import com.netscape.cmscore.util.Debug; - public class PublisherProcessor implements - IPublisherProcessor, IXcertPublisherProcessor { + IPublisherProcessor, IXcertPublisherProcessor { public Hashtable<String, PublisherPlugin> mPublisherPlugins = new Hashtable<String, PublisherPlugin>(); public Hashtable<String, PublisherProxy> mPublisherInsts = new Hashtable<String, PublisherProxy>(); @@ -73,7 +71,7 @@ public class PublisherProcessor implements public Hashtable<String, ILdapRule> mRuleInsts = new Hashtable<String, ILdapRule>(); /** - protected PublishRuleSet mRuleSet = null; + * protected PublishRuleSet mRuleSet = null; **/ protected LdapConnModule mLdapConnModule = null; @@ -94,7 +92,7 @@ public class PublisherProcessor implements public String getId() { return mId; } - + public void setId(String id) { mId = id; } @@ -104,7 +102,7 @@ public class PublisherProcessor implements } public void init(ISubsystem authority, IConfigStore config) - throws EBaseException { + throws EBaseException { mConfig = config; mAuthority = (ICertAuthority) authority; @@ -124,20 +122,20 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("loaded publisher plugins"); - // load publisher instances + // load publisher instances c = publisherConfig.getSubStore(PROP_INSTANCE); Enumeration<String> instances = c.getSubStoreNames(); while (instances.hasMoreElements()) { String insName = (String) instances.nextElement(); - String implName = c.getString(insName + "." + + String implName = c.getString(insName + "." + PROP_PLUGIN); PublisherPlugin plugin = - (PublisherPlugin) mPublisherPlugins.get(implName); + (PublisherPlugin) mPublisherPlugins.get(implName); - if (plugin == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_PLUGIN_NOT_FIND", implName)); + if (plugin == null) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_PLUGIN_NOT_FIND", implName)); throw new ELdapException(implName); } String className = plugin.getClassPath(); @@ -149,8 +147,8 @@ public class PublisherProcessor implements try { publisherInst = (ILdapPublisher) Class.forName(className).newInstance(); - IConfigStore pConfig = - c.getSubStore(insName); + IConfigStore pConfig = + c.getSubStore(insName); publisherInst.init(pConfig); isEnable = true; @@ -188,8 +186,8 @@ public class PublisherProcessor implements } // add publisher instance to list. - mPublisherInsts.put(insName, new - PublisherProxy(isEnable, publisherInst)); + mPublisherInsts.put(insName, new + PublisherProxy(isEnable, publisherInst)); log(ILogger.LL_INFO, "publisher instance " + insName + " added"); if (Debug.ON) Debug.trace("loaded publisher instance " + insName + " impl " + implName); @@ -210,19 +208,19 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("loaded mapper plugins"); - // load mapper instances + // load mapper instances c = mapperConfig.getSubStore(PROP_INSTANCE); instances = c.getSubStoreNames(); while (instances.hasMoreElements()) { String insName = (String) instances.nextElement(); - String implName = c.getString(insName + "." + + String implName = c.getString(insName + "." + PROP_PLUGIN); MapperPlugin plugin = - (MapperPlugin) mMapperPlugins.get(implName); + (MapperPlugin) mMapperPlugins.get(implName); - if (plugin == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_MAPPER_NOT_FIND", implName)); + if (plugin == null) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_MAPPER_NOT_FIND", implName)); throw new ELdapException(implName); } String className = plugin.getClassPath(); @@ -230,15 +228,15 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("loaded mapper className=" + className); - // Instantiate and init the mapper + // Instantiate and init the mapper boolean isEnable = false; ILdapMapper mapperInst = null; try { mapperInst = (ILdapMapper) Class.forName(className).newInstance(); - IConfigStore mConfig = - c.getSubStore(insName); + IConfigStore mConfig = + c.getSubStore(insName); mapperInst.init(mConfig); isEnable = true; @@ -294,19 +292,19 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("loaded rule plugins"); - // load rule instances + // load rule instances c = ruleConfig.getSubStore(PROP_INSTANCE); instances = c.getSubStoreNames(); while (instances.hasMoreElements()) { String insName = (String) instances.nextElement(); - String implName = c.getString(insName + "." + + String implName = c.getString(insName + "." + PROP_PLUGIN); RulePlugin plugin = - (RulePlugin) mRulePlugins.get(implName); + (RulePlugin) mRulePlugins.get(implName); - if (plugin == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); + if (plugin == null) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); throw new ELdapException(implName); } String className = plugin.getClassPath(); @@ -314,7 +312,7 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("loaded rule className=" + className); - // Instantiate and init the rule + // Instantiate and init the rule IConfigStore mConfig = null; try { @@ -330,8 +328,8 @@ public class PublisherProcessor implements if (Debug.ON) Debug.trace("ADDING RULE " + insName + " " + ruleInst); mRuleInsts.put(insName, ruleInst); - log(ILogger.LL_INFO, "rule instance " + - insName + " added"); + log(ILogger.LL_INFO, "rule instance " + + insName + " added"); } catch (ClassNotFoundException e) { String errMsg = "PublisherProcessor:: init()-" + e.toString(); @@ -351,8 +349,8 @@ public class PublisherProcessor implements if (mConfig == null) { throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); } - mConfig.putString(ILdapRule.PROP_ENABLE, - "false"); + mConfig.putString(ILdapRule.PROP_ENABLE, + "false"); log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_SKIP_RULE", insName, e.toString())); // Let the server continue if it is a // mis-configuration. But the instance @@ -372,40 +370,40 @@ public class PublisherProcessor implements /** * Retrieves LDAP connection module. * <P> - * + * * @return LDAP connection instance */ public ILdapConnModule getLdapConnModule() { return mLdapConnModule; } - + public void setLdapConnModule(ILdapConnModule m) { - mLdapConnModule = (LdapConnModule)m; + mLdapConnModule = (LdapConnModule) m; } - + /** * init ldap connection */ private void initLdapConn(IConfigStore ldapConfig) - throws EBaseException { + throws EBaseException { IConfigStore c = ldapConfig; try { - //c = authConfig.getSubStore(PROP_LDAP_PUBLISH_SUBSTORE); + // c = authConfig.getSubStore(PROP_LDAP_PUBLISH_SUBSTORE); if (c != null && c.size() > 0) { mLdapConnModule = new LdapConnModule(); mLdapConnModule.init(this, c); CMS.debug("LdapPublishing connection inited"); } else { - log(ILogger.LL_FAILURE, - "No Ldap Module configuration found"); + log(ILogger.LL_FAILURE, + "No Ldap Module configuration found"); throw new ELdapException( - CMS.getUserMessage("CMS_LDAP_NO_LDAP_PUBLISH_CONFIG_FOUND")); + CMS.getUserMessage("CMS_LDAP_NO_LDAP_PUBLISH_CONFIG_FOUND")); } } catch (ELdapException e) { - log(ILogger.LL_FAILURE, - "Ldap Publishing Module failed with " + e); + log(ILogger.LL_FAILURE, + "Ldap Publishing Module failed with " + e); throw new ELdapException(CMS.getUserMessage("CMS_LDAP_INIT_LDAP_PUBLISH_MODULE_FAILED", e.toString())); } } @@ -434,9 +432,9 @@ public class PublisherProcessor implements CMS.debug("PublisherProcessor: startup: Publishing Queue Enabled: " + isPublishingQueueEnabled + " Priority Level: " + publishingQueuePriorityLevel + " Maximum Number of Threads: " + maxNumberOfPublishingThreads + - " Page Size: "+ publishingQueuePageSize); - IRequestNotifier reqNotifier = ((ICertificateAuthority)mAuthority).getRequestNotifier(); - reqNotifier.setPublishingQueue (isPublishingQueueEnabled, + " Page Size: " + publishingQueuePageSize); + IRequestNotifier reqNotifier = ((ICertificateAuthority) mAuthority).getRequestNotifier(); + reqNotifier.setPublishingQueue(isPublishingQueueEnabled, publishingQueuePriorityLevel, maxNumberOfPublishingThreads, publishingQueuePageSize, @@ -452,11 +450,11 @@ public class PublisherProcessor implements mLdapConnModule.getLdapConnFactory().reset(); } if (mLdapRequestListener != null) { - //mLdapRequestListener.shutdown(); + // mLdapRequestListener.shutdown(); mAuthority.removeRequestListener(mLdapRequestListener); } - } catch (Exception e) { - // ignore + } catch (Exception e) { + // ignore } } @@ -484,12 +482,12 @@ public class PublisherProcessor implements return mPublisherInsts; } - //certType can be client,server,ca,crl,smime - //XXXshould make it static to make it faster + // certType can be client,server,ca,crl,smime + // XXXshould make it static to make it faster public Enumeration<ILdapRule> getRules(String publishingType) { Vector<ILdapRule> rules = new Vector<ILdapRule>(); Enumeration<String> e = mRuleInsts.keys(); - + while (e.hasMoreElements()) { String name = (String) e.nextElement(); @@ -502,7 +500,7 @@ public class PublisherProcessor implements Debug.trace("rule name is " + name); } - //this is the only rule we support now + // this is the only rule we support now LdapRule rule = (LdapRule) (mRuleInsts.get(name)); if (rule.enabled() && rule.getType().equals(publishingType)) { @@ -532,7 +530,7 @@ public class PublisherProcessor implements Vector<ILdapRule> rules = new Vector<ILdapRule>(); Enumeration<String> e = mRuleInsts.keys(); - + while (e.hasMoreElements()) { String name = (String) e.nextElement(); @@ -545,7 +543,7 @@ public class PublisherProcessor implements Debug.trace("rule name is " + name); } - //this is the only rule we support now + // this is the only rule we support now LdapRule rule = (LdapRule) (mRuleInsts.get(name)); if (rule.enabled() && rule.getType().equals(publishingType)) { @@ -562,17 +560,14 @@ public class PublisherProcessor implements rules.addElement(rule); if (Debug.ON) Debug.trace("added rule " + name + " for " + publishingType + - " request: " + req.getRequestId()); + " request: " + req.getRequestId()); } } return rules.elements(); } /** - public PublishRuleSet getPublishRuleSet() - { - return mRuleSet; - } + * public PublishRuleSet getPublishRuleSet() { return mRuleSet; } **/ public Vector<String> getMapperDefaultParams(String implName) throws @@ -582,13 +577,13 @@ public class PublisherProcessor implements if (plugin == null) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_MAPPER_NOT_FIND", implName)); + CMS.getLogMessage("CMSCORE_LDAP_MAPPER_NOT_FIND", implName)); throw new ELdapException(implName); } - + // XXX can find an instance of this plugin in existing // mapper instances to avoid instantiation just for this. - + // a temporary instance ILdapMapper mapperInst = null; String className = plugin.getClassPath(); @@ -632,17 +627,17 @@ public class PublisherProcessor implements ELdapException { // is this a registered implname? PublisherPlugin plugin = (PublisherPlugin) - mPublisherPlugins.get(implName); + mPublisherPlugins.get(implName); if (plugin == null) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_PLUGIN_NOT_FIND", implName)); + CMS.getLogMessage("CMSCORE_LDAP_PLUGIN_NOT_FIND", implName)); throw new ELdapException(implName); } - + // XXX can find an instance of this plugin in existing // publisher instantces to avoid instantiation just for this. - + // a temporary instance ILdapPublisher publisherInst = null; String className = plugin.getClassPath(); @@ -667,7 +662,7 @@ public class PublisherProcessor implements public boolean isMapperInstanceEnable(String insName) { MapperProxy proxy = (MapperProxy) - mMapperInsts.get(insName); + mMapperInsts.get(insName); if (proxy == null) { return false; @@ -696,7 +691,7 @@ public class PublisherProcessor implements public boolean isPublisherInstanceEnable(String insName) { PublisherProxy proxy = (PublisherProxy) - mPublisherInsts.get(insName); + mPublisherInsts.get(insName); if (proxy == null) { return false; @@ -706,20 +701,20 @@ public class PublisherProcessor implements public ILdapPublisher getActivePublisherInstance(String insName) { PublisherProxy proxy = (PublisherProxy) - mPublisherInsts.get(insName); + mPublisherInsts.get(insName); if (proxy == null) { return null; } if (proxy.isEnable()) return proxy.getPublisher(); - else + else return null; } public ILdapPublisher getPublisherInstance(String insName) { PublisherProxy proxy = (PublisherProxy) - mPublisherInsts.get(insName); + mPublisherInsts.get(insName); if (proxy == null) { return null; @@ -746,13 +741,13 @@ public class PublisherProcessor implements if (plugin == null) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); + CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); throw new ELdapException(implName); } - + // XXX can find an instance of this plugin in existing // rule instantces to avoid instantiation just for this. - + // a temporary instance ILdapRule ruleInst = null; String className = plugin.getClassPath(); @@ -760,7 +755,7 @@ public class PublisherProcessor implements try { ruleInst = (ILdapRule) Class.forName(className).newInstance(); - + Vector<String> v = ruleInst.getDefaultParams(); return v; @@ -783,13 +778,13 @@ public class PublisherProcessor implements if (plugin == null) { log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); + CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); throw new ELdapException(implName); } - + // XXX can find an instance of this plugin in existing // rule instantces to avoid instantiation just for this. - + // a temporary instance ILdapRule ruleInst = null; String className = plugin.getClassPath(); @@ -814,11 +809,11 @@ public class PublisherProcessor implements } /** - * set published flag - true when published, false when unpublished. - * not exist means not published. + * set published flag - true when published, false when unpublished. not + * exist means not published. */ public void setPublishedFlag(BigInteger serialNo, boolean published) { - if (!(mAuthority instanceof ICertificateAuthority)) + if (!(mAuthority instanceof ICertificateAuthority)) return; ICertificateAuthority ca = (ICertificateAuthority) mAuthority; @@ -831,19 +826,19 @@ public class PublisherProcessor implements metaInfo = new MetaInfo(); } metaInfo.set( - CertRecord.META_LDAPPUBLISH, String.valueOf(published)); + CertRecord.META_LDAPPUBLISH, String.valueOf(published)); ModificationSet modSet = new ModificationSet(); - modSet.add(ICertRecord.ATTR_META_INFO, - Modification.MOD_REPLACE, metaInfo); + modSet.add(ICertRecord.ATTR_META_INFO, + Modification.MOD_REPLACE, metaInfo); certdb.modifyCertificateRecord(serialNo, modSet); } catch (EBaseException e) { // not fatal. just log warning. - log(ILogger.LL_WARN, - "Cannot mark cert 0x" + serialNo.toString(16) + " published as " + published + - " in the ldap directory. Cert Record not found. Error: " + - e.toString() + - " Don't be alarmed if it's a subordinate ca or clone's ca siging cert. Otherwise your internal db may be corrupted."); + log(ILogger.LL_WARN, + "Cannot mark cert 0x" + serialNo.toString(16) + " published as " + published + + " in the ldap directory. Cert Record not found. Error: " + + e.toString() + + " Don't be alarmed if it's a subordinate ca or clone's ca siging cert. Otherwise your internal db may be corrupted."); } } @@ -851,7 +846,7 @@ public class PublisherProcessor implements * Publish ca cert, UpdateDir.java, jobs, request listeners */ public void publishCACert(X509Certificate cert) - throws ELdapException { + throws ELdapException { boolean error = false; String errorRule = ""; @@ -860,7 +855,7 @@ public class PublisherProcessor implements CMS.debug("PublishProcessor::publishCACert"); - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules(PROP_LOCAL_CA); if (rules == null || !rules.hasMoreElements()) { @@ -869,23 +864,27 @@ public class PublisherProcessor implements return; } else { Debug.trace(CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOUND", PROP_LOCAL_CA)); - //log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOUND", PROP_LOCAL_CA)); - //throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_RULE_MATCHED", PROP_LOCAL_CA)); + // log(ILogger.LL_FAILURE, + // CMS.getLogMessage("CMSCORE_LDAP_NO_RULE_FOUND", + // PROP_LOCAL_CA)); + // throw new + // ELdapException(CMS.getUserMessage("CMS_LDAP_NO_RULE_MATCHED", + // PROP_LOCAL_CA)); return; } } while (rules.hasMoreElements()) { LdapRule rule = (LdapRule) rules.nextElement(); - if( rule == null ) { - CMS.debug( "PublisherProcessor::publishCACert() - " - + "rule is null!" ); - throw new ELdapException( "rule is null" ); + if (rule == null) { + CMS.debug("PublisherProcessor::publishCACert() - " + + "rule is null!"); + throw new ELdapException("rule is null"); } log(ILogger.LL_INFO, "publish certificate type=" + PROP_LOCAL_CA + - " rule=" + rule.getInstanceName() + " publisher=" + - rule.getPublisher()); + " rule=" + rule.getInstanceName() + " publisher=" + + rule.getPublisher()); try { ILdapMapper mapper = null; @@ -893,16 +892,19 @@ public class PublisherProcessor implements String mapperName = rule.getMapper(); if (mapperName != null && - !mapperName.trim().equals("")) { + !mapperName.trim().equals("")) { mapper = getActiveMapperInstance(mapperName); } - publishNow(mapper, getActivePublisherInstance(rule.getPublisher()), null/* NO REQUEsT */, cert); - log(ILogger.LL_INFO, "published certificate using rule=" + - rule.getInstanceName()); + publishNow(mapper, getActivePublisherInstance(rule.getPublisher()), null/* + * NO + * REQUEsT + */, cert); + log(ILogger.LL_INFO, "published certificate using rule=" + + rule.getInstanceName()); } catch (Exception e) { // continue publishing even publisher has errors - //log(ILogger.LL_WARN, e.toString()); + // log(ILogger.LL_WARN, e.toString()); CMS.debug("PublisherProcessor::publishCACert returned error: " + e.toString()); error = true; errorRule = errorRule + " " + rule.getInstanceName() + @@ -913,24 +915,22 @@ public class PublisherProcessor implements if (!error) { setPublishedFlag(cert.getSerialNumber(), true); } else { - throw new - ELdapException(CMS.getUserMessage("CMS_LDAP_PUBLISH_FAILED", errorRule)); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_PUBLISH_FAILED", errorRule)); } } /** - * This function is never called. CMS does not unpublish - * CA certificate. + * This function is never called. CMS does not unpublish CA certificate. */ public void unpublishCACert(X509Certificate cert) - throws ELdapException { + throws ELdapException { boolean error = false; String errorRule = ""; if (!enabled()) return; - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules(PROP_LOCAL_CA); if (rules == null || !rules.hasMoreElements()) { @@ -946,32 +946,35 @@ public class PublisherProcessor implements while (rules.hasMoreElements()) { LdapRule rule = (LdapRule) rules.nextElement(); - if( rule == null ) { - CMS.debug( "PublisherProcessor::unpublishCACert() - " - + "rule is null!" ); - throw new ELdapException( "rule is null" ); + if (rule == null) { + CMS.debug("PublisherProcessor::unpublishCACert() - " + + "rule is null!"); + throw new ELdapException("rule is null"); } try { log(ILogger.LL_INFO, "unpublish certificate type=" + - PROP_LOCAL_CA + " rule=" + rule.getInstanceName() + - " publisher=" + rule.getPublisher()); + PROP_LOCAL_CA + " rule=" + rule.getInstanceName() + + " publisher=" + rule.getPublisher()); ILdapMapper mapper = null; String mapperName = rule.getMapper(); if (mapperName != null && - !mapperName.trim().equals("")) { + !mapperName.trim().equals("")) { mapper = getActiveMapperInstance(mapperName); } - unpublishNow(mapper, getActivePublisherInstance(rule.getPublisher()), null/* NO REQUEST */, cert); - log(ILogger.LL_INFO, "unpublished certificate using rule=" + - rule.getInstanceName()); + unpublishNow(mapper, getActivePublisherInstance(rule.getPublisher()), null/* + * NO + * REQUEST + */, cert); + log(ILogger.LL_INFO, "unpublished certificate using rule=" + + rule.getInstanceName()); } catch (Exception e) { // continue publishing even publisher has errors - //log(ILogger.LL_WARN, e.toString()); + // log(ILogger.LL_WARN, e.toString()); error = true; errorRule = errorRule + " " + rule.getInstanceName(); } @@ -989,15 +992,15 @@ public class PublisherProcessor implements * Publish crossCertificatePair */ public void publishXCertPair(byte[] pair) - throws ELdapException { + throws ELdapException { boolean error = false; String errorRule = ""; if (!enabled()) return; - CMS.debug("PublisherProcessor: in publishXCertPair()"); + CMS.debug("PublisherProcessor: in publishXCertPair()"); - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules(PROP_XCERT); if (rules == null || !rules.hasMoreElements()) { @@ -1012,31 +1015,34 @@ public class PublisherProcessor implements while (rules.hasMoreElements()) { LdapRule rule = (LdapRule) rules.nextElement(); - if( rule == null ) { - CMS.debug( "PublisherProcessor::publishXCertPair() - " - + "rule is null!" ); - throw new ELdapException( "rule is null" ); + if (rule == null) { + CMS.debug("PublisherProcessor::publishXCertPair() - " + + "rule is null!"); + throw new ELdapException("rule is null"); } log(ILogger.LL_INFO, "publish certificate type=" + PROP_XCERT + - " rule=" + rule.getInstanceName() + " publisher=" + - rule.getPublisher()); + " rule=" + rule.getInstanceName() + " publisher=" + + rule.getPublisher()); try { ILdapMapper mapper = null; String mapperName = rule.getMapper(); if (mapperName != null && - !mapperName.trim().equals("")) { + !mapperName.trim().equals("")) { mapper = getActiveMapperInstance(mapperName); } - publishNow(mapper, getActivePublisherInstance(rule.getPublisher()), null/* NO REQUEsT */, pair); - log(ILogger.LL_INFO, "published Xcertificates using rule=" + - rule.getInstanceName()); + publishNow(mapper, getActivePublisherInstance(rule.getPublisher()), null/* + * NO + * REQUEsT + */, pair); + log(ILogger.LL_INFO, "published Xcertificates using rule=" + + rule.getInstanceName()); } catch (Exception e) { // continue publishing even publisher has errors - //log(ILogger.LL_WARN, e.toString()); + // log(ILogger.LL_WARN, e.toString()); error = true; errorRule = errorRule + " " + rule.getInstanceName() + " error:" + e.toString(); @@ -1047,11 +1053,11 @@ public class PublisherProcessor implements } /** - * Publishs regular user certificate based on the criteria - * set in the request. + * Publishs regular user certificate based on the criteria set in the + * request. */ public void publishCert(X509Certificate cert, IRequest req) - throws ELdapException { + throws ELdapException { boolean error = false; String errorRule = ""; @@ -1059,10 +1065,10 @@ public class PublisherProcessor implements if (!enabled()) return; - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules("certs", req); - // Bugscape #52306 - Remove superfluous log messages on failure + // Bugscape #52306 - Remove superfluous log messages on failure if (rules == null || !rules.hasMoreElements()) { CMS.debug("Publishing: can't find publishing rule,exiting routine."); @@ -1074,10 +1080,10 @@ public class PublisherProcessor implements LdapRule rule = (LdapRule) rules.nextElement(); try { - log(ILogger.LL_INFO, - "publish certificate (with request) type=" + - "certs" + " rule=" + rule.getInstanceName() + - " publisher=" + rule.getPublisher()); + log(ILogger.LL_INFO, + "publish certificate (with request) type=" + + "certs" + " rule=" + rule.getInstanceName() + + " publisher=" + rule.getPublisher()); ILdapPublisher p = getActivePublisherInstance(rule.getPublisher()); ILdapMapper m = null; String mapperName = rule.getMapper(); @@ -1086,11 +1092,11 @@ public class PublisherProcessor implements m = getActiveMapperInstance(mapperName); } publishNow(m, p, req, cert); - log(ILogger.LL_INFO, "published certificate using rule=" + - rule.getInstanceName()); + log(ILogger.LL_INFO, "published certificate using rule=" + + rule.getInstanceName()); } catch (Exception e) { // continue publishing even publisher has errors - //log(ILogger.LL_WARN, e.toString()); + // log(ILogger.LL_WARN, e.toString()); error = true; errorRule = errorRule + " " + rule.getInstanceName(); } @@ -1099,24 +1105,23 @@ public class PublisherProcessor implements if (!error) { setPublishedFlag(cert.getSerialNumber(), true); } else { - CMS.debug("PublishProcessor::publishCert : " + CMS.getUserMessage("CMS_LDAP_PUBLISH_FAILED",errorRule)); + CMS.debug("PublishProcessor::publishCert : " + CMS.getUserMessage("CMS_LDAP_PUBLISH_FAILED", errorRule)); throw new ELdapException(CMS.getUserMessage("CMS_LDAP_PUBLISH_FAILED", errorRule)); } } /** - * Unpublish user certificate. This is used by - * UnpublishExpiredJob. + * Unpublish user certificate. This is used by UnpublishExpiredJob. */ public void unpublishCert(X509Certificate cert, IRequest req) - throws ELdapException { + throws ELdapException { boolean error = false; String errorRule = ""; if (!enabled()) return; - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules("certs", req); if (rules == null || !rules.hasMoreElements()) { @@ -1128,34 +1133,34 @@ public class PublisherProcessor implements while (rules.hasMoreElements()) { LdapRule rule = (LdapRule) rules.nextElement(); - if( rule == null ) { - CMS.debug( "PublisherProcessor::unpublishCert() - " - + "rule is null!" ); - throw new ELdapException( "rule is null" ); + if (rule == null) { + CMS.debug("PublisherProcessor::unpublishCert() - " + + "rule is null!"); + throw new ELdapException("rule is null"); } try { - log(ILogger.LL_INFO, - "unpublish certificate (with request) type=" + - "certs" + " rule=" + rule.getInstanceName() + - " publisher=" + rule.getPublisher()); + log(ILogger.LL_INFO, + "unpublish certificate (with request) type=" + + "certs" + " rule=" + rule.getInstanceName() + + " publisher=" + rule.getPublisher()); ILdapMapper mapper = null; String mapperName = rule.getMapper(); if (mapperName != null && - !mapperName.trim().equals("")) { + !mapperName.trim().equals("")) { mapper = getActiveMapperInstance(mapperName); } unpublishNow(mapper, getActivePublisherInstance(rule.getPublisher()), - req, cert); - log(ILogger.LL_INFO, "unpublished certificate using rule=" + - rule.getInstanceName()); + req, cert); + log(ILogger.LL_INFO, "unpublished certificate using rule=" + + rule.getInstanceName()); } catch (Exception e) { // continue publishing even publisher has errors - //log(ILogger.LL_WARN, e.toString()); + // log(ILogger.LL_WARN, e.toString()); error = true; errorRule = errorRule + " " + rule.getInstanceName(); } @@ -1170,16 +1175,15 @@ public class PublisherProcessor implements } /** - * publishes a crl by mapping the issuer name in the crl to an entry - * and publishing it there. entry must be a certificate authority. - * Note that this is used by cmsgateway/cert/UpdateDir.java + * publishes a crl by mapping the issuer name in the crl to an entry and + * publishing it there. entry must be a certificate authority. Note that + * this is used by cmsgateway/cert/UpdateDir.java */ - public void publishCRL(X509CRLImpl crl, String crlIssuingPointId) - throws ELdapException { + public void publishCRL(X509CRLImpl crl, String crlIssuingPointId) + throws ELdapException { boolean error = false; String errorRule = ""; - if (!enabled()) return; ILdapMapper mapper = null; @@ -1207,53 +1211,53 @@ public class PublisherProcessor implements String result = null; LdapRule rule = (LdapRule) rules.nextElement(); - log(ILogger.LL_INFO, "publish crl rule=" + - rule.getInstanceName() + " publisher=" + - rule.getPublisher()); + log(ILogger.LL_INFO, "publish crl rule=" + + rule.getInstanceName() + " publisher=" + + rule.getPublisher()); try { String mapperName = rule.getMapper(); if (mapperName != null && - !mapperName.trim().equals("")) { + !mapperName.trim().equals("")) { mapper = getActiveMapperInstance(mapperName); } if (mapper == null || mapper.getImplName().equals("NoMap")) { dn = ((X500Name) crl.getIssuerDN()).toLdapDNString(); - }else { - + } else { + result = ((ILdapMapper) mapper).map(conn, crl); dn = result; if (!mCreateOwnDNEntry) { - if (dn == null) { + if (dn == null) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_MAPPER_NOT_MAP", rule.getMapper())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", - crl.getIssuerDN().toString())); - + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", + crl.getIssuerDN().toString())); + } } } publisher = getActivePublisherInstance(rule.getPublisher()); if (publisher != null) { - if(publisher instanceof com.netscape.cms.publish.publishers.FileBasedPublisher) - ((com.netscape.cms.publish.publishers.FileBasedPublisher)publisher).setIssuingPointId(crlIssuingPointId); + if (publisher instanceof com.netscape.cms.publish.publishers.FileBasedPublisher) + ((com.netscape.cms.publish.publishers.FileBasedPublisher) publisher).setIssuingPointId(crlIssuingPointId); publisher.publish(conn, dn, crl); log(ILogger.LL_INFO, "published crl using rule=" + rule.getInstanceName()); } // continue publishing even publisher has errors - }catch (Exception e) { - //e.printStackTrace(); + } catch (Exception e) { + // e.printStackTrace(); CMS.debug( - "Error publishing CRL to " + dn + ": " + e); + "Error publishing CRL to " + dn + ": " + e); error = true; errorRule = errorRule + " " + rule.getInstanceName(); CMS.debug("PublisherProcessor::publishCRL: error: " + e.toString()); } } - }catch (ELdapException e) { - //e.printStackTrace(); + } catch (ELdapException e) { + // e.printStackTrace(); CMS.debug( - "Error publishing CRL to " + dn + ": " + e); + "Error publishing CRL to " + dn + ": " + e); throw e; } finally { if (conn != null) { @@ -1265,17 +1269,17 @@ public class PublisherProcessor implements } /** - * publishes a crl by mapping the issuer name in the crl to an entry - * and publishing it there. entry must be a certificate authority. + * publishes a crl by mapping the issuer name in the crl to an entry and + * publishing it there. entry must be a certificate authority. */ - public void publishCRL(String dn, X509CRL crl) - throws ELdapException { + public void publishCRL(String dn, X509CRL crl) + throws ELdapException { boolean error = false; String errorRule = ""; if (!enabled()) return; - // get mapper and publisher for cert type. + // get mapper and publisher for cert type. Enumeration<ILdapRule> rules = getRules(PROP_LOCAL_CRL); if (rules == null || !rules.hasMoreElements()) { @@ -1295,25 +1299,25 @@ public class PublisherProcessor implements LdapRule rule = (LdapRule) rules.nextElement(); log(ILogger.LL_INFO, "publish crl dn=" + dn + " rule=" + - rule.getInstanceName() + " publisher=" + - rule.getPublisher()); + rule.getInstanceName() + " publisher=" + + rule.getPublisher()); try { publisher = getActivePublisherInstance(rule.getPublisher()); if (publisher != null) { publisher.publish(conn, dn, crl); log(ILogger.LL_INFO, "published crl using rule=" + rule.getInstanceName()); } - }catch (Exception e) { + } catch (Exception e) { CMS.debug( - "Error publishing CRL to " + dn + ": " + e.toString()); + "Error publishing CRL to " + dn + ": " + e.toString()); error = true; errorRule = errorRule + " " + rule.getInstanceName(); - CMS.debug("PublisherProcessor::publishCRL: error: " + e.toString()); - } + CMS.debug("PublisherProcessor::publishCRL: error: " + e.toString()); + } } } catch (ELdapException e) { CMS.debug( - "Error publishing CRL to " + dn + ": " + e.toString()); + "Error publishing CRL to " + dn + ": " + e.toString()); throw e; } finally { if (conn != null) { @@ -1325,7 +1329,7 @@ public class PublisherProcessor implements } private void publishNow(ILdapMapper mapper, ILdapPublisher publisher, - IRequest r, Object obj) throws ELdapException { + IRequest r, Object obj) throws ELdapException { if (!enabled()) return; CMS.debug("PublisherProcessor: in publishNow()"); @@ -1340,16 +1344,16 @@ public class PublisherProcessor implements if (mLdapConnModule != null) { try { conn = mLdapConnModule.getConn(); - } catch(ELdapException e) { + } catch (ELdapException e) { throw e; - } + } } try { if ((mapper instanceof com.netscape.cms.publish.mappers.LdapCertSubjMap) && - ((com.netscape.cms.publish.mappers.LdapCertSubjMap)mapper).useAllEntries()) { - dirdn = ((com.netscape.cms.publish.mappers.LdapCertSubjMap)mapper).mapAll(conn, r, obj); + ((com.netscape.cms.publish.mappers.LdapCertSubjMap) mapper).useAllEntries()) { + dirdn = ((com.netscape.cms.publish.mappers.LdapCertSubjMap) mapper).mapAll(conn, r, obj); } else { - dirdn = mapper.map(conn, r, obj); + dirdn = mapper.map(conn, r, obj); } } catch (Throwable e1) { CMS.debug("Error mapping: mapper=" + mapper + " error=" + e1.toString()); @@ -1361,26 +1365,26 @@ public class PublisherProcessor implements try { if (dirdn instanceof Vector) { - @SuppressWarnings("unchecked") - Vector<String> dirdnVector = (Vector<String>)dirdn; + @SuppressWarnings("unchecked") + Vector<String> dirdnVector = (Vector<String>) dirdn; int n = dirdnVector.size(); for (int i = 0; i < n; i++) { publisher.publish(conn, dirdnVector.elementAt(i), cert); } - } else if (dirdn instanceof String || + } else if (dirdn instanceof String || publisher instanceof com.netscape.cms.publish.publishers.FileBasedPublisher) { - publisher.publish(conn, (String)dirdn, cert); + publisher.publish(conn, (String) dirdn, cert); } } catch (Throwable e1) { CMS.debug("PublisherProcessor::publishNow : publisher=" + publisher + " error=" + e1.toString()); throw e1; } - log(ILogger.LL_INFO, "published certificate serial number: 0x" + - cert.getSerialNumber().toString(16)); + log(ILogger.LL_INFO, "published certificate serial number: 0x" + + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { throw e; } catch (Throwable e) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", e.toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", e.toString())); } finally { if (conn != null) { mLdapConnModule.returnConn(conn); @@ -1388,16 +1392,16 @@ public class PublisherProcessor implements } } - // for crosscerts + // for crosscerts private void publishNow(ILdapMapper mapper, ILdapPublisher publisher, - IRequest r, byte[] bytes) throws ELdapException { + IRequest r, byte[] bytes) throws ELdapException { if (!enabled()) return; - CMS.debug("PublisherProcessor: in publishNow() for xcerts"); + CMS.debug("PublisherProcessor: in publishNow() for xcerts"); - // use ca cert publishing map and rule + // use ca cert publishing map and rule ICertificateAuthority ca = (ICertificateAuthority) mAuthority; - X509Certificate caCert = (X509Certificate) ca.getCACert(); + X509Certificate caCert = (X509Certificate) ca.getCACert(); LDAPConnection conn = null; @@ -1411,8 +1415,8 @@ public class PublisherProcessor implements conn = mLdapConnModule.getConn(); } try { - dirdn = mapper.map(conn, r, (Object) caCert); - CMS.debug("PublisherProcessor: dirdn="+dirdn); + dirdn = mapper.map(conn, r, (Object) caCert); + CMS.debug("PublisherProcessor: dirdn=" + dirdn); } catch (Throwable e1) { CMS.debug("Error mapping: mapper=" + mapper + " error=" + e1.toString()); @@ -1421,7 +1425,7 @@ public class PublisherProcessor implements } try { - CMS.debug("PublisherProcessor: publisher impl name="+publisher.getImplName()); + CMS.debug("PublisherProcessor: publisher impl name=" + publisher.getImplName()); publisher.publish(conn, dirdn, bytes); } catch (Throwable e1) { @@ -1432,7 +1436,7 @@ public class PublisherProcessor implements } catch (ELdapException e) { throw e; } catch (Throwable e) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", e.toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_NO_MATCH", e.toString())); } finally { if (conn != null) { mLdapConnModule.returnConn(conn); @@ -1441,7 +1445,7 @@ public class PublisherProcessor implements } private void unpublishNow(ILdapMapper mapper, ILdapPublisher publisher, - IRequest r, Object obj) throws ELdapException { + IRequest r, Object obj) throws ELdapException { if (!enabled()) return; LDAPConnection conn = null; @@ -1455,13 +1459,13 @@ public class PublisherProcessor implements if (mLdapConnModule != null) { conn = mLdapConnModule.getConn(); } - dirdn = mapper.map(conn, r, obj); + dirdn = mapper.map(conn, r, obj); } X509Certificate cert = (X509Certificate) obj; publisher.unpublish(conn, dirdn, cert); - log(ILogger.LL_INFO, "unpublished certificate serial number: 0x" + - cert.getSerialNumber().toString(16)); + log(ILogger.LL_INFO, "unpublished certificate serial number: 0x" + + cert.getSerialNumber().toString(16)); } catch (ELdapException e) { throw e; } finally { @@ -1498,8 +1502,8 @@ public class PublisherProcessor implements } public boolean isClone() { - if ((mAuthority instanceof ICertificateAuthority) && - ((ICertificateAuthority) mAuthority).isClone()) + if ((mAuthority instanceof ICertificateAuthority) && + ((ICertificateAuthority) mAuthority).isClone()) return true; else return false; @@ -1511,7 +1515,7 @@ public class PublisherProcessor implements public void log(int level, String msg) { if (mLogger == null) return; - mLogger.log(ILogger.EV_SYSTEM, - ILogger.S_LDAP, level, "Publishing: " + msg); + mLogger.log(ILogger.EV_SYSTEM, + ILogger.S_LDAP, level, "Publishing: " + msg); } } |