diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/usrgrp')
5 files changed, 285 insertions, 304 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java b/pki/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java index 4bf348ff..8f4cd884 100644 --- a/pki/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java +++ b/pki/base/common/src/com/netscape/cmscore/usrgrp/CertDNCertUserLocator.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.usrgrp; - import java.security.cert.X509Certificate; import netscape.ldap.LDAPException; @@ -30,13 +29,12 @@ import com.netscape.certsrv.usrgrp.ICertUserLocator; import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; - /** * This interface defines a strategy on how to match * the incoming certificate(s) with the certificate(s) - * in the scope. It matches the "certdn" field which contains + * in the scope. It matches the "certdn" field which contains * the subject dn of the certificate - * + * * @author cfu * @version $Revision$, $Date$ */ @@ -54,9 +52,9 @@ public class CertDNCertUserLocator implements ICertUserLocator { * Retrieves description. */ public String getDescription() { - return "A subject is authenticated if its first" + - " certificate can be matched with one of the" + - " certificate in the scope"; + return "A subject is authenticated if its first" + + " certificate can be matched with one of the" + + " certificate in the scope"; } /** @@ -72,7 +70,7 @@ public class CertDNCertUserLocator implements ICertUserLocator { return null; String filter = LDAP_ATTR_CERTDN + "=" + - certificates[0].getSubjectDN(); + certificates[0].getSubjectDN(); return mUG.findUsersByCert(filter); } diff --git a/pki/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java b/pki/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java index a7aeeb1e..871a3843 100644 --- a/pki/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java +++ b/pki/base/common/src/com/netscape/cmscore/usrgrp/ExactMatchCertUserLocator.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.usrgrp; - import java.security.cert.X509Certificate; import netscape.ldap.LDAPException; @@ -30,13 +29,12 @@ import com.netscape.certsrv.usrgrp.ICertUserLocator; import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.certsrv.usrgrp.IUser; - /** * This interface defines a strategy on how to match * the incoming certificate(s) with the certificate(s) - * in the scope. It matches the "description" field which contains a + * in the scope. It matches the "description" field which contains a * stringied certificate. - * + * * @author thomask * @author cfu * @version $Revision$, $Date$ @@ -54,9 +52,9 @@ public class ExactMatchCertUserLocator implements ICertUserLocator { * Retrieves description. */ public String getDescription() { - return "A subject is authenticated if its first" + - " certificate can be matched with one of the" + - " certificate in the scope"; + return "A subject is authenticated if its first" + + " certificate can be matched with one of the" + + " certificate in the scope"; } /** @@ -78,7 +76,7 @@ public class ExactMatchCertUserLocator implements ICertUserLocator { } String filter = "description=" + - mUG.getCertificateString(certificates[pos]); + mUG.getCertificateString(certificates[pos]); return mUG.findUsersByCert(filter); } diff --git a/pki/base/common/src/com/netscape/cmscore/usrgrp/Group.java b/pki/base/common/src/com/netscape/cmscore/usrgrp/Group.java index d91eedf9..eee2afb4 100644 --- a/pki/base/common/src/com/netscape/cmscore/usrgrp/Group.java +++ b/pki/base/common/src/com/netscape/cmscore/usrgrp/Group.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.usrgrp; - import java.util.Enumeration; import java.util.Vector; @@ -26,10 +25,9 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.usrgrp.IGroup; import com.netscape.certsrv.usrgrp.IUsrGrp; - /** * A class represents a group. - * + * * @author cfu * @version $Revision$, $Date$ */ @@ -91,7 +89,7 @@ public class Group implements IGroup { } @SuppressWarnings("unchecked") - public void set(String name, Object object) throws EBaseException { + public void set(String name, Object object) throws EBaseException { if (name.equals(ATTR_NAME)) { throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } else if (name.equals(ATTR_ID)) { diff --git a/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java index 6b25410e..bf560619 100644 --- a/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.usrgrp; - import java.security.cert.CertificateEncodingException; import java.security.cert.X509Certificate; import java.util.Enumeration; @@ -53,12 +52,11 @@ import com.netscape.certsrv.usrgrp.IUsrGrp; import com.netscape.cmscore.ldapconn.LdapBoundConnFactory; import com.netscape.cmscore.util.Debug; - /** * This class defines low-level LDAP usr/grp management * usr/grp information is located remotely on another * LDAP server. - * + * * @author thomask * @author cfu * @version $Revision$, $Date$ @@ -122,8 +120,8 @@ public final class UGSubsystem implements IUGSubsystem { /** * Connects to LDAP server. */ - public void init(ISubsystem owner, IConfigStore config) - throws EBaseException { + public void init(ISubsystem owner, IConfigStore config) + throws EBaseException { mLogger = CMS.getLogger(); mConfig = config; @@ -150,7 +148,7 @@ public final class UGSubsystem implements IUGSubsystem { // register admin servlet } - + /** * Disconnects usr/grp manager from the LDAP */ @@ -164,7 +162,7 @@ public final class UGSubsystem implements IUGSubsystem { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LDAP_SHUT", e.toString())); } } - + public IUser createUser(String id) { return new User(this, id); } @@ -212,16 +210,16 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); // read DN - LDAPSearchResults res = - ldapconn.search(userid, - LDAPv2.SCOPE_SUB, "(objectclass=*)", null, false); + LDAPSearchResults res = + ldapconn.search(userid, + LDAPv2.SCOPE_SUB, "(objectclass=*)", null, false); Enumeration<IUser> e = buildUsers(res); if (e.hasMoreElements()) { return (IUser) e.nextElement(); } } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -245,9 +243,9 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); String filter = LDAP_ATTR_USER_CERT_STRING + "=" + getCertificateString(cert); - LDAPSearchResults res = - ldapconn.search(getUserBaseDN(), - LDAPConnection.SCOPE_SUB, filter, null, false); + LDAPSearchResults res = + ldapconn.search(getUserBaseDN(), + LDAPConnection.SCOPE_SUB, filter, null, false); Enumeration<IUser> e = buildUsers(res); return (User) e.nextElement(); @@ -259,12 +257,12 @@ public final class UGSubsystem implements IUGSubsystem { } log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER", e.toString())); } catch (ELdapException e) { - String errMsg = - "find User: Could not get connection to internaldb. Error " + e; + String errMsg = + "find User: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_INTERNAL_DB", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } return null; @@ -272,7 +270,7 @@ public final class UGSubsystem implements IUGSubsystem { /** * Searchs for identities that matches the certificate locater - * generated filter. + * generated filter. */ public IUser findUsersByCert(String filter) throws EUsrGrpException, LDAPException { @@ -290,8 +288,9 @@ public final class UGSubsystem implements IUGSubsystem { hasSlash = up.indexOf('\\'); while (hasSlash != -1) { - stripped += up.substring(0, hasSlash) + - "\\5c";; + stripped += up.substring(0, hasSlash) + + "\\5c"; + ; up = up.substring(hasSlash + 1); hasSlash = up.indexOf('\\'); } @@ -303,7 +302,7 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); LDAPSearchResults res = ldapconn.search(getUserBaseDN(), - LDAPv2.SCOPE_SUB, "(" + filter + ")", + LDAPv2.SCOPE_SUB, "(" + filter + ")", null, false); Enumeration<IUser> e = buildUsers(res); @@ -317,13 +316,13 @@ public final class UGSubsystem implements IUGSubsystem { } log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER_BY_CERT", e.toString())); } catch (ELdapException e) { - String errMsg = - "find Users By Cert: " + - "Could not get connection to internaldb. Error " + e; + String errMsg = + "find Users By Cert: " + + "Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USER_BY_CERT", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } @@ -343,7 +342,7 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); LDAPSearchResults res = ldapconn.search(getUserBaseDN(), - LDAPv2.SCOPE_SUB, "(uid=" + filter + ")", + LDAPv2.SCOPE_SUB, "(uid=" + filter + ")", null, false); Enumeration<IUser> e = buildUsers(res); @@ -357,12 +356,12 @@ public final class UGSubsystem implements IUGSubsystem { } log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USERS", e.toString())); } catch (ELdapException e) { - String errMsg = - "find Users: Could not get connection to internaldb. Error " + e; + String errMsg = + "find Users: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_USERS", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } @@ -447,11 +446,12 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * builds a User instance. Sets only uid for user entry retrieved - * from LDAP server. for listing efficiency only. + * builds a User instance. Sets only uid for user entry retrieved + * from LDAP server. for listing efficiency only. + * * @return the User entity. */ - protected IUser lbuildUser(LDAPEntry entry) throws EUsrGrpException { + protected IUser lbuildUser(LDAPEntry entry) throws EUsrGrpException { IUser id = createUser(this, (String) entry.getAttribute("uid").getStringValues().nextElement()); LDAPAttribute cnAttr = entry.getAttribute("cn"); @@ -462,16 +462,16 @@ public final class UGSubsystem implements IUGSubsystem { if (cn != null) { id.setFullName(cn); } - + } LDAPAttribute certAttr = - entry.getAttribute(LDAP_ATTR_USER_CERT); + entry.getAttribute(LDAP_ATTR_USER_CERT); if (certAttr != null) { Vector<X509Certificate> certVector = new Vector<X509Certificate>(); @SuppressWarnings("unchecked") - Enumeration<byte[]> e = certAttr.getByteValues(); + Enumeration<byte[]> e = certAttr.getByteValues(); try { for (; e != null && e.hasMoreElements();) { @@ -503,8 +503,9 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * builds a User instance. Set all attributes retrieved from + * builds a User instance. Set all attributes retrieved from * LDAP server and set them on User. + * * @return the User entity. */ protected IUser buildUser(LDAPEntry entry) throws EUsrGrpException { @@ -524,9 +525,9 @@ public final class UGSubsystem implements IUGSubsystem { if (userdn != null) { id.setUserDN(userdn); - } else { // the impossible + } else { // the impossible String errMsg = "buildUser(): user DN not found: " + - userdn; + userdn; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_BUILD_USER")); @@ -546,10 +547,10 @@ public final class UGSubsystem implements IUGSubsystem { if (mailAttr != null) { @SuppressWarnings("unchecked") - Enumeration<String> en = mailAttr.getStringValues(); + Enumeration<String> en = mailAttr.getStringValues(); if (en != null && en.hasMoreElements()) { - String mail = en.nextElement(); + String mail = en.nextElement(); if (mail != null) { id.setEmail(mail); @@ -573,7 +574,7 @@ public final class UGSubsystem implements IUGSubsystem { if (phoneAttr != null) { @SuppressWarnings("unchecked") - Enumeration<String> en = phoneAttr.getStringValues(); + Enumeration<String> en = phoneAttr.getStringValues(); if (en != null && en.hasMoreElements()) { String phone = (String) en.nextElement(); @@ -589,20 +590,20 @@ public final class UGSubsystem implements IUGSubsystem { LDAPAttribute userTypeAttr = entry.getAttribute("usertype"); - if (userTypeAttr == null) + if (userTypeAttr == null) id.setUserType(""); else { @SuppressWarnings("unchecked") - Enumeration<String> en = userTypeAttr.getStringValues(); + Enumeration<String> en = userTypeAttr.getStringValues(); if (en != null && en.hasMoreElements()) { String userType = (String) en.nextElement(); - if ((userType != null) && (! userType.equals("undefined"))) + if ((userType != null) && (!userType.equals("undefined"))) id.setUserType(userType); else id.setUserType(""); - + } } @@ -612,7 +613,7 @@ public final class UGSubsystem implements IUGSubsystem { id.setState(""); else { @SuppressWarnings("unchecked") - Enumeration<String> en = userStateAttr.getStringValues(); + Enumeration<String> en = userStateAttr.getStringValues(); if (en != null && en.hasMoreElements()) { String userState = (String) en.nextElement(); @@ -621,17 +622,17 @@ public final class UGSubsystem implements IUGSubsystem { id.setState(userState); else id.setState(""); - + } } LDAPAttribute certAttr = - entry.getAttribute(LDAP_ATTR_USER_CERT); + entry.getAttribute(LDAP_ATTR_USER_CERT); if (certAttr != null) { Vector<X509Certificate> certVector = new Vector<X509Certificate>(); @SuppressWarnings("unchecked") - Enumeration<byte[]> e = certAttr.getByteValues(); + Enumeration<byte[]> e = certAttr.getByteValues(); try { for (; e != null && e.hasMoreElements();) { @@ -667,24 +668,22 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Adds identity. Certificates handled by a separate call to - * addUserCert() + * Adds identity. Certificates handled by a separate call to + * addUserCert() */ public void addUser(IUser identity) throws EUsrGrpException, LDAPException { User id = (User) identity; if (id == null) { - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL")); } if (id.getUserID() == null) { - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL_NO_UID")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_USER_FAIL_NO_UID")); } LDAPAttributeSet attrs = new LDAPAttributeSet(); - String oc[] = {"top", "person", "organizationalPerson", + String oc[] = { "top", "person", "organizationalPerson", "inetOrgPerson", "cmsuser" }; attrs.add(new LDAPAttribute("objectclass", oc)); @@ -695,29 +694,29 @@ public final class UGSubsystem implements IUGSubsystem { if (id.getPhone() != null) { // DS syntax checking requires a value for PrintableString syntax - if (! id.getPhone().equals("")) { + if (!id.getPhone().equals("")) { attrs.add(new LDAPAttribute("telephonenumber", id.getPhone())); } } - attrs.add(new LDAPAttribute("userpassword", + attrs.add(new LDAPAttribute("userpassword", id.getPassword())); if (id.getUserType() != null) { // DS syntax checking requires a value for Directory String syntax // but usertype is a MUST attribute, so we need to add something here // if it is undefined. - - if (! id.getUserType().equals("")) { - attrs.add(new LDAPAttribute("usertype", id.getUserType())); + + if (!id.getUserType().equals("")) { + attrs.add(new LDAPAttribute("usertype", id.getUserType())); } else { - attrs.add(new LDAPAttribute("usertype", "undefined")); + attrs.add(new LDAPAttribute("usertype", "undefined")); } } if (id.getState() != null) { // DS syntax checking requires a value for Directory String syntax - if (! id.getState().equals("")) { + if (!id.getState().equals("")) { attrs.add(new LDAPAttribute("userstate", id.getState())); } } @@ -729,9 +728,9 @@ public final class UGSubsystem implements IUGSubsystem { String adminId = (String) sessionContext.get(SessionContext.USER_ID); mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.ADDUSERFORMAT, - new Object[] {adminId, id.getUserID()} - ); + AuditFormat.LEVEL, AuditFormat.ADDUSERFORMAT, + new Object[] { adminId, id.getUserID() } + ); LDAPConnection ldapconn = null; @@ -739,12 +738,12 @@ public final class UGSubsystem implements IUGSubsystem { ldapconn = getConn(); ldapconn.add(entry); } catch (ELdapException e) { - String errMsg = - "add User: Could not get connection to internaldb. Error " + e; + String errMsg = + "add User: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -764,15 +763,15 @@ public final class UGSubsystem implements IUGSubsystem { LDAPModificationSet addCert = new LDAPModificationSet(); if ((cert = user.getX509Certificates()) != null) { - LDAPAttribute attrCertStr = new - LDAPAttribute(LDAP_ATTR_USER_CERT_STRING); + LDAPAttribute attrCertStr = new + LDAPAttribute(LDAP_ATTR_USER_CERT_STRING); /* LDAPAttribute attrCertDNStr = new LDAPAttribute(LDAP_ATTR_CERTDN); */ - LDAPAttribute attrCertBin = new - LDAPAttribute(LDAP_ATTR_USER_CERT); + LDAPAttribute attrCertBin = new + LDAPAttribute(LDAP_ATTR_USER_CERT); try { attrCertBin.addValue(cert[0].getEncoded()); @@ -792,17 +791,17 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); ldapconn.modify("uid=" + user.getUserID() + - "," + getUserBaseDN(), addCert); + "," + getUserBaseDN(), addCert); // for audit log SessionContext sessionContext = SessionContext.getContext(); String adminId = (String) sessionContext.get(SessionContext.USER_ID); mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.ADDUSERCERTFORMAT, - new Object[] {adminId, user.getUserID(), - cert[0].getSubjectDN().toString(), - cert[0].getSerialNumber().toString(16)} - ); + AuditFormat.LEVEL, AuditFormat.ADDUSERCERTFORMAT, + new Object[] { adminId, user.getUserID(), + cert[0].getSubjectDN().toString(), + cert[0].getSerialNumber().toString(16) } + ); } catch (LDAPException e) { if (Debug.ON) { @@ -816,13 +815,13 @@ public final class UGSubsystem implements IUGSubsystem { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", e.toString())); throw e; } catch (ELdapException e) { - String errMsg = - "add User Cert: " + - "Could not get connection to internaldb. Error " + e; + String errMsg = + "add User Cert: " + + "Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -832,8 +831,8 @@ public final class UGSubsystem implements IUGSubsystem { /** * Removes a user certificate for a user entry - * given a user certificate DN (actually, a combination of version, - * serialNumber, issuerDN, and SubjectDN), and it gets removed + * given a user certificate DN (actually, a combination of version, + * serialNumber, issuerDN, and SubjectDN), and it gets removed */ public void removeUserCert(IUser identity) throws EUsrGrpException { User user = (User) identity; @@ -854,21 +853,19 @@ public final class UGSubsystem implements IUGSubsystem { X509Certificate[] certs = ldapUser.getX509Certificates(); if (certs == null) { - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); } String delCertdn = user.getCertDN(); if (delCertdn == null) { - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); } LDAPAttribute certAttr = new - LDAPAttribute(LDAP_ATTR_USER_CERT); - LDAPAttribute certAttrS = new - LDAPAttribute(LDAP_ATTR_USER_CERT_STRING); + LDAPAttribute(LDAP_ATTR_USER_CERT); + LDAPAttribute certAttrS = new + LDAPAttribute(LDAP_ATTR_USER_CERT_STRING); //LDAPAttribute certDNAttrS = new LDAPAttribute(LDAP_ATTR_CERTDN); @@ -902,60 +899,59 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); ldapconn.modify("uid=" + user.getUserID() + - "," + getUserBaseDN(), attrs); + "," + getUserBaseDN(), attrs); certCount++; // for audit log SessionContext sessionContext = SessionContext.getContext(); String adminId = (String) sessionContext.get(SessionContext.USER_ID); - mLogger.log(ILogger.EV_AUDIT, - ILogger.S_USRGRP, - AuditFormat.LEVEL, - AuditFormat.REMOVEUSERCERTFORMAT, - new Object[] {adminId, user.getUserID(), - certs[0].getSubjectDN().toString(), - certs[i].getSerialNumber().toString(16)} - ); + mLogger.log(ILogger.EV_AUDIT, + ILogger.S_USRGRP, + AuditFormat.LEVEL, + AuditFormat.REMOVEUSERCERTFORMAT, + new Object[] { adminId, user.getUserID(), + certs[0].getSubjectDN().toString(), + certs[i].getSerialNumber().toString(16) } + ); } catch (LDAPException e) { String errMsg = "removeUserCert():" + e; if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { - errMsg = + errMsg = "removeUserCert: " + "Internal DB is unavailable"; } log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", e.toString())); throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_MOD_USER_FAIL")); } catch (ELdapException e) { - String errMsg = - "remove User Cert: " + - "Could not get connection to internaldb. Error " + e; + String errMsg = + "remove User Cert: " + + "Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } } if (certCount == 0) { - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_CERT_NOT_FOUND")); } return; } - public void removeUserFromGroup(IGroup grp, String userid) - throws EUsrGrpException { - + public void removeUserFromGroup(IGroup grp, String userid) + throws EUsrGrpException { + LDAPConnection ldapconn = null; try { ldapconn = getConn(); - String groupDN = "cn=" + grp.getGroupID() + - "," + getGroupBaseDN(); + String groupDN = "cn=" + grp.getGroupID() + + "," + getGroupBaseDN(); LDAPAttribute memberAttr = new LDAPAttribute( "uniquemember", "uid=" + userid + "," + getUserBaseDN()); LDAPModification singleChange = new LDAPModification( @@ -972,12 +968,12 @@ public final class UGSubsystem implements IUGSubsystem { throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_REMOVE_USER_FAIL")); } catch (ELdapException e) { - String errMsg = - "removeUserFromGroup: Could not get connection to internaldb. Error " + e; + String errMsg = + "removeUserFromGroup: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER_FROM_GROUP", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -1000,9 +996,9 @@ public final class UGSubsystem implements IUGSubsystem { String adminId = (String) sessionContext.get(SessionContext.USER_ID); mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.REMOVEUSERFORMAT, - new Object[] {adminId, userid} - ); + AuditFormat.LEVEL, AuditFormat.REMOVEUSERFORMAT, + new Object[] { adminId, userid } + ); } catch (LDAPException e) { String errMsg = "removeUser()" + e.toString(); @@ -1014,25 +1010,25 @@ public final class UGSubsystem implements IUGSubsystem { throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_REMOVE_USER_FAIL")); } catch (ELdapException e) { - String errMsg = - "remove User: Could not get connection to internaldb. Error " + e; + String errMsg = + "remove User: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_USER", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } /** - * modifies user attributes. Certs are handled separately + * modifies user attributes. Certs are handled separately */ public void modifyUser(IUser identity) throws EUsrGrpException { User user = (User) identity; String st = null; /** - X509Certificate certs[] = null; + * X509Certificate certs[] = null; **/ LDAPModificationSet attrs = new LDAPModificationSet(); @@ -1045,10 +1041,10 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); if ((st = user.getFullName()) != null) { - attrs.add(LDAPModification.REPLACE, - new LDAPAttribute("sn", st)); - attrs.add(LDAPModification.REPLACE, - new LDAPAttribute("cn", st)); + attrs.add(LDAPModification.REPLACE, + new LDAPAttribute("sn", st)); + attrs.add(LDAPModification.REPLACE, + new LDAPAttribute("cn", st)); } if ((st = user.getEmail()) != null) { LDAPAttribute ld = new LDAPAttribute("mail", st); @@ -1057,37 +1053,37 @@ public final class UGSubsystem implements IUGSubsystem { } if ((st = user.getPassword()) != null && (!st.equals(""))) { attrs.add(LDAPModification.REPLACE, - new LDAPAttribute("userpassword", st)); + new LDAPAttribute("userpassword", st)); } if ((st = user.getPhone()) != null) { - if (! st.equals("")) { + if (!st.equals("")) { attrs.add(LDAPModification.REPLACE, - new LDAPAttribute("telephonenumber", st)); + new LDAPAttribute("telephonenumber", st)); } else { try { LDAPModification singleChange = new LDAPModification( - LDAPModification.DELETE, new LDAPAttribute("telephonenumber")); + LDAPModification.DELETE, new LDAPAttribute("telephonenumber")); ldapconn.modify("uid=" + user.getUserID() + - "," + getUserBaseDN(), singleChange); + "," + getUserBaseDN(), singleChange); } catch (LDAPException e) { if (e.getLDAPResultCode() != LDAPException.NO_SUCH_ATTRIBUTE) { CMS.debug("modifyUser: Error in deleting telephonenumber"); throw e; } } - } + } } if ((st = user.getState()) != null) { - if (! st.equals("")) { + if (!st.equals("")) { attrs.add(LDAPModification.REPLACE, - new LDAPAttribute("userstate", st)); + new LDAPAttribute("userstate", st)); } else { try { LDAPModification singleChange = new LDAPModification( - LDAPModification.DELETE, new LDAPAttribute("userstate")); + LDAPModification.DELETE, new LDAPAttribute("userstate")); ldapconn.modify("uid=" + user.getUserID() + - "," + getUserBaseDN(), singleChange); + "," + getUserBaseDN(), singleChange); } catch (LDAPException e) { if (e.getLDAPResultCode() != LDAPException.NO_SUCH_ATTRIBUTE) { CMS.debug("modifyUser: Error in deleting userstate"); @@ -1095,45 +1091,45 @@ public final class UGSubsystem implements IUGSubsystem { } } } - } + } /** - if ((certs = user.getCertificates()) != null) { - LDAPAttribute attrCertStr = new - LDAPAttribute("description"); - LDAPAttribute attrCertBin = new - LDAPAttribute(LDAP_ATTR_USER_CERT); - for (int i = 0 ; i < certs.length; i++) { - attrCertBin.addValue(certs[i].getEncoded()); - attrCertStr.addValue(getCertificateString(certs[i])); - } - attrs.add(attrCertStr); - - if (user.getCertOp() == OpDef.ADD) { - attrs.add(LDAPModification.ADD, attrCertBin); - } else if (user.getCertOp() == OpDef.DELETE) { - attrs.add(LDAPModification.DELETE, attrCertBin); - } else { - throw new EUsrGrpException(UsrGrpResources.USR_MOD_ILL_CERT_OP); - } - } + * if ((certs = user.getCertificates()) != null) { + * LDAPAttribute attrCertStr = new + * LDAPAttribute("description"); + * LDAPAttribute attrCertBin = new + * LDAPAttribute(LDAP_ATTR_USER_CERT); + * for (int i = 0 ; i < certs.length; i++) { + * attrCertBin.addValue(certs[i].getEncoded()); + * attrCertStr.addValue(getCertificateString(certs[i])); + * } + * attrs.add(attrCertStr); + * + * if (user.getCertOp() == OpDef.ADD) { + * attrs.add(LDAPModification.ADD, attrCertBin); + * } else if (user.getCertOp() == OpDef.DELETE) { + * attrs.add(LDAPModification.DELETE, attrCertBin); + * } else { + * throw new EUsrGrpException(UsrGrpResources.USR_MOD_ILL_CERT_OP); + * } + * } **/ ldapconn.modify("uid=" + user.getUserID() + - "," + getUserBaseDN(), attrs); + "," + getUserBaseDN(), attrs); // for audit log SessionContext sessionContext = SessionContext.getContext(); String adminId = (String) sessionContext.get(SessionContext.USER_ID); mLogger.log(ILogger.EV_AUDIT, ILogger.S_USRGRP, - AuditFormat.LEVEL, AuditFormat.MODIFYUSERFORMAT, - new Object[] {adminId, user.getUserID()} - ); + AuditFormat.LEVEL, AuditFormat.MODIFYUSERFORMAT, + new Object[] { adminId, user.getUserID() } + ); } catch (Exception e) { //e.printStackTrace(); throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_MOD_USER_FAIL")); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -1161,15 +1157,15 @@ public final class UGSubsystem implements IUGSubsystem { try { ldapconn = getConn(); - LDAPSearchResults res = - ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB, - "(&(objectclass=groupofuniquenames)(cn=" + filter + "))", - null, false); + LDAPSearchResults res = + ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB, + "(&(objectclass=groupofuniquenames)(cn=" + filter + "))", + null, false); return buildGroups(res); } catch (LDAPException e) { - String errMsg = - "findGroups: could not find group " + filter + ". Error " + e; + String errMsg = + "findGroups: could not find group " + filter + ". Error " + e; if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { errMsg = "findGroups: " + "Internal DB is unavailable"; @@ -1177,13 +1173,13 @@ public final class UGSubsystem implements IUGSubsystem { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_GROUPS", e.toString())); return null; } catch (ELdapException e) { - String errMsg = - "find Groups: Could not get connection to internaldb. Error " + e; + String errMsg = + "find Groups: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_FIND_GROUPS", e.toString())); return null; } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } @@ -1197,10 +1193,10 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * List groups. more efficient than find Groups. only retrieves - * group names and description. + * List groups. more efficient than find Groups. only retrieves + * group names and description. */ - public Enumeration<IGroup> listGroups(String filter) throws EUsrGrpException { + public Enumeration<IGroup> listGroups(String filter) throws EUsrGrpException { if (filter == null) { return null; } @@ -1214,10 +1210,10 @@ public final class UGSubsystem implements IUGSubsystem { attrs[1] = "description"; ldapconn = getConn(); - LDAPSearchResults res = - ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB, - "(&(objectclass=groupofuniquenames)(cn=" + filter + "))", - attrs, false); + LDAPSearchResults res = + ldapconn.search(getGroupBaseDN(), LDAPv2.SCOPE_SUB, + "(&(objectclass=groupofuniquenames)(cn=" + filter + "))", + attrs, false); return buildGroups(res); } catch (LDAPException e) { @@ -1228,12 +1224,12 @@ public final class UGSubsystem implements IUGSubsystem { } log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString())); } catch (ELdapException e) { - String errMsg = - "list Groups: Could not get connection to internaldb. Error " + e; + String errMsg = + "list Groups: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_LIST_GROUPS", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } return null; @@ -1243,14 +1239,14 @@ public final class UGSubsystem implements IUGSubsystem { * builds an instance of a Group entry */ protected IGroup buildGroup(LDAPEntry entry) { - String groupName = (String)entry.getAttribute("cn").getStringValues().nextElement(); + String groupName = (String) entry.getAttribute("cn").getStringValues().nextElement(); IGroup grp = createGroup(this, groupName); - + LDAPAttribute grpDesc = entry.getAttribute("description"); if (grpDesc != null) { @SuppressWarnings("unchecked") - Enumeration<String> en = grpDesc.getStringValues(); + Enumeration<String> en = grpDesc.getStringValues(); if (en != null && en.hasMoreElements()) { String desc = (String) en.nextElement(); @@ -1282,7 +1278,7 @@ public final class UGSubsystem implements IUGSubsystem { } @SuppressWarnings("unchecked") - Enumeration<String> e = attr.getStringValues(); + Enumeration<String> e = attr.getStringValues(); while (e.hasMoreElements()) { String v = (String) e.nextElement(); @@ -1296,12 +1292,12 @@ public final class UGSubsystem implements IUGSubsystem { * 2. presence and sequence of equal sign and comma * 3. absence of equal sign between previously found equal sign and comma * 4. absence of non white space characters between uid string and equal sign - */ + */ int i = -1; int j = -1; - if (v == null || v.length() < 3 || (!(v.substring(0,3)).equalsIgnoreCase("uid")) || - ((i = v.indexOf('=')) < 0) || ((j = v.indexOf(',')) < 0) || i > j || - (v.substring(i+1, j)).indexOf('=') > -1 || ((v.substring(3, i)).trim()).length() > 0) { + if (v == null || v.length() < 3 || (!(v.substring(0, 3)).equalsIgnoreCase("uid")) || + ((i = v.indexOf('=')) < 0) || ((j = v.indexOf(',')) < 0) || i > j || + (v.substring(i + 1, j)).indexOf('=') > -1 || ((v.substring(3, i)).trim()).length() > 0) { log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_BAD_GROUP_MEMBER", groupName, v)); } else { grp.addMemberName(v.substring(v.indexOf('=') + 1, v.indexOf(','))); @@ -1331,7 +1327,7 @@ public final class UGSubsystem implements IUGSubsystem { if (name == null) { return null; } - + LDAPConnection ldapconn = null; try { @@ -1372,7 +1368,7 @@ public final class UGSubsystem implements IUGSubsystem { return false; } @SuppressWarnings("unchecked") - Enumeration<String> en = attr.getStringValues(); + Enumeration<String> en = attr.getStringValues(); for (; en.hasMoreElements();) { String v = (String) en.nextElement(); @@ -1390,13 +1386,12 @@ public final class UGSubsystem implements IUGSubsystem { return false; } - public boolean isMemberOf(String userid, String groupname) - { + public boolean isMemberOf(String userid, String groupname) { try { - IUser user = getUser(userid); - return isMemberOfLdapGroup(user.getUserDN(), groupname); + IUser user = getUser(userid); + return isMemberOfLdapGroup(user.getUserDN(), groupname); } catch (Exception e) { - /* do nothing */ + /* do nothing */ } return false; } @@ -1406,75 +1401,70 @@ public final class UGSubsystem implements IUGSubsystem { * (now runs an ldap search to find the user, instead of * fetching the entire group entry) */ - public boolean isMemberOf(IUser id, String name) { - if (id == null) { - log(ILogger.LL_WARN, "isMemberOf(): id is null"); - return false; + public boolean isMemberOf(IUser id, String name) { + if (id == null) { + log(ILogger.LL_WARN, "isMemberOf(): id is null"); + return false; } - if (name == null) { - log(ILogger.LL_WARN, "isMemberOf(): name is null"); - return false; + if (name == null) { + log(ILogger.LL_WARN, "isMemberOf(): name is null"); + return false; } - Debug.trace("UGSubsystem.isMemberOf() using new lookup code"); - return isMemberOfLdapGroup(id.getUserDN(),name); + Debug.trace("UGSubsystem.isMemberOf() using new lookup code"); + return isMemberOfLdapGroup(id.getUserDN(), name); } - /** * checks if the given user DN is in the specified group * by running an ldap search for the user in the group */ - protected boolean isMemberOfLdapGroup(String userid,String groupname) - { - String basedn = "cn="+groupname+",ou=groups,"+mBaseDN; + protected boolean isMemberOfLdapGroup(String userid, String groupname) { + String basedn = "cn=" + groupname + ",ou=groups," + mBaseDN; LDAPConnection ldapconn = null; - boolean founduser=false; + boolean founduser = false; try { - // the group could potentially have many thousands - // of members, (many values of the uniquemember - // attribute). So, we don't want to fetch this - // list each time. We'll just fetch the CN. - String attrs[]= new String[1]; - attrs[0] = "cn"; + // the group could potentially have many thousands + // of members, (many values of the uniquemember + // attribute). So, we don't want to fetch this + // list each time. We'll just fetch the CN. + String attrs[] = new String[1]; + attrs[0] = "cn"; ldapconn = getConn(); - - String filter = "(uniquemember="+userid+")"; - Debug.trace("authorization search base: "+basedn); - Debug.trace("authorization search filter: "+filter); + String filter = "(uniquemember=" + userid + ")"; + Debug.trace("authorization search base: " + basedn); + Debug.trace("authorization search filter: " + filter); LDAPSearchResults res = - ldapconn.search(basedn, LDAPv2.SCOPE_BASE, - filter, - attrs, false); - // If the result had at least one entry, we know - // that the filter matched, and so the user correctly - // authenticated. - if (res.hasMoreElements()) { - // actually read the entry - LDAPEntry entry = (LDAPEntry)res.nextElement(); - founduser=true; - } - Debug.trace("authorization result: "+founduser); - } catch (LDAPException e) { - String errMsg = - "isMemberOfLdapGroup: could not find group "+groupname+". Error "+e; - if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { - errMsg = "isMemberOfLdapGroup: "+"Internal DB is unavailable"; - } - Debug.trace("authorization exception: "+errMsg); - // too chatty in system log - // log(ILogger.LL_FAILURE, errMsg); - } - catch (ELdapException e) { - String errMsg = - "isMemberOfLdapGroup: Could not get connection to internaldb. Error "+e; - Debug.trace("authorization exception: "+errMsg); + ldapconn.search(basedn, LDAPv2.SCOPE_BASE, + filter, + attrs, false); + // If the result had at least one entry, we know + // that the filter matched, and so the user correctly + // authenticated. + if (res.hasMoreElements()) { + // actually read the entry + LDAPEntry entry = (LDAPEntry) res.nextElement(); + founduser = true; + } + Debug.trace("authorization result: " + founduser); + } catch (LDAPException e) { + String errMsg = + "isMemberOfLdapGroup: could not find group " + groupname + ". Error " + e; + if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE) { + errMsg = "isMemberOfLdapGroup: " + "Internal DB is unavailable"; + } + Debug.trace("authorization exception: " + errMsg); + // too chatty in system log + // log(ILogger.LL_FAILURE, errMsg); + } catch (ELdapException e) { + String errMsg = + "isMemberOfLdapGroup: Could not get connection to internaldb. Error " + e; + Debug.trace("authorization exception: " + errMsg); log(ILogger.LL_FAILURE, errMsg); - } - finally { + } finally { if (ldapconn != null) returnConn(ldapconn); } @@ -1495,7 +1485,7 @@ public final class UGSubsystem implements IUGSubsystem { try { LDAPAttributeSet attrs = new LDAPAttributeSet(); - String oc[] = {"top", "groupOfUniqueNames"}; + String oc[] = { "top", "groupOfUniqueNames" }; attrs.add(new LDAPAttribute("objectclass", oc)); attrs.add(new LDAPAttribute("cn", group.getGroupID())); @@ -1509,8 +1499,8 @@ public final class UGSubsystem implements IUGSubsystem { String name = (String) e.nextElement(); // DOES NOT SUPPORT NESTED GROUPS... - attrMembers.addValue("uid=" + name + "," + - getUserBaseDN()); + attrMembers.addValue("uid=" + name + "," + + getUserBaseDN()); } attrs.add(attrMembers); } @@ -1529,19 +1519,19 @@ public final class UGSubsystem implements IUGSubsystem { throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_GROUP_FAIL")); } catch (ELdapException e) { - String errMsg = - "add Group: Could not get connection to internaldb. Error " + e; + String errMsg = + "add Group: Could not get connection to internaldb. Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_ADD_GROUP", e.toString())); throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ADD_GROUP_FAIL")); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } } /** - * Removes a group. Can't remove SUPER_CERT_ADMINS + * Removes a group. Can't remove SUPER_CERT_ADMINS */ public void removeGroup(String name) throws EUsrGrpException { if (name == null) { @@ -1566,9 +1556,9 @@ public final class UGSubsystem implements IUGSubsystem { throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_REMOVE_GROUP_FAIL")); } catch (ELdapException e) { - String errMsg = - "remove Group: Could not get connection to internaldb. " + - "Error " + e; + String errMsg = + "remove Group: Could not get connection to internaldb. " + + "Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_GROUP", e.toString())); } finally { @@ -1594,8 +1584,8 @@ public final class UGSubsystem implements IUGSubsystem { String desc = grp.getDescription(); if (desc != null) { - mod.add(LDAPModification.REPLACE, - new LDAPAttribute("description", desc)); + mod.add(LDAPModification.REPLACE, + new LDAPAttribute("description", desc)); } Enumeration<String> e = grp.getMemberNames(); @@ -1605,8 +1595,8 @@ public final class UGSubsystem implements IUGSubsystem { String name = (String) e.nextElement(); // DOES NOT SUPPORT NESTED GROUPS... - attrMembers.addValue("uid=" + name + "," + - getUserBaseDN()); + attrMembers.addValue("uid=" + name + "," + + getUserBaseDN()); } mod.add(LDAPModification.REPLACE, attrMembers); } else { @@ -1614,14 +1604,13 @@ public final class UGSubsystem implements IUGSubsystem { mod.add(LDAPModification.DELETE, attrMembers); } else { // not allowed - throw new - EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ILL_GRP_MOD")); + throw new EUsrGrpException(CMS.getUserMessage("CMS_USRGRP_ILL_GRP_MOD")); } } ldapconn = getConn(); ldapconn.modify("cn=" + grp.getGroupID() + - "," + getGroupBaseDN(), mod); + "," + getGroupBaseDN(), mod); } catch (LDAPException e) { String errMsg = " modifyGroup()" + e.toString(); @@ -1641,18 +1630,18 @@ public final class UGSubsystem implements IUGSubsystem { } /** - * Evalutes the given context with the attribute + * Evalutes the given context with the attribute * critieria. */ - public boolean evaluate(String type, IUser id, - String op, String value) { + public boolean evaluate(String type, IUser id, + String op, String value) { if (op.equals("=")) { if (type.equalsIgnoreCase("user")) { if (isMatched(value, id.getName())) return true; } if (type.equalsIgnoreCase("group")) { - return isMemberOf(id, value); + return isMemberOf(id, value); } } return false; @@ -1682,20 +1671,20 @@ public final class UGSubsystem implements IUGSubsystem { return entry.getDN(); } } catch (ELdapException e) { - String errMsg = - "convertUIDtoDN: Could not get connection to internaldb. " + - "Error " + e; + String errMsg = + "convertUIDtoDN: Could not get connection to internaldb. " + + "Error " + e; log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_CONVERT_UID", e.toString())); } finally { - if (ldapconn != null) + if (ldapconn != null) returnConn(ldapconn); } return null; } /** - * Checks if the given DNs are the same after + * Checks if the given DNs are the same after * normalization. */ protected boolean isMatched(String dn1, String dn2) { @@ -1723,7 +1712,7 @@ public final class UGSubsystem implements IUGSubsystem { } // note that it did not represent a certificate fully return "-1;" + cert.getSerialNumber().toString() + - ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); } public String getCertificateString(X509Certificate cert) { @@ -1733,7 +1722,7 @@ public final class UGSubsystem implements IUGSubsystem { // note that it did not represent a certificate fully return cert.getVersion() + ";" + cert.getSerialNumber().toString() + - ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); + ";" + cert.getIssuerDN() + ";" + cert.getSubjectDN(); } /** @@ -1751,13 +1740,13 @@ public final class UGSubsystem implements IUGSubsystem { } protected LDAPConnection getConn() throws ELdapException { - if (mLdapConnFactory == null) + if (mLdapConnFactory == null) return null; return mLdapConnFactory.getConn(); } protected void returnConn(LDAPConnection conn) { - if (mLdapConnFactory != null) + if (mLdapConnFactory != null) mLdapConnFactory.returnConn(conn); } @@ -1765,7 +1754,7 @@ public final class UGSubsystem implements IUGSubsystem { if (mLogger == null) return; mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_USRGRP, - level, "UGSubsystem: " + msg); + level, "UGSubsystem: " + msg); } public ICertUserLocator getCertUserLocator() { diff --git a/pki/base/common/src/com/netscape/cmscore/usrgrp/User.java b/pki/base/common/src/com/netscape/cmscore/usrgrp/User.java index 5133eb23..e48b8fcb 100644 --- a/pki/base/common/src/com/netscape/cmscore/usrgrp/User.java +++ b/pki/base/common/src/com/netscape/cmscore/usrgrp/User.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.usrgrp; - import java.security.cert.X509Certificate; import java.util.Enumeration; import java.util.Vector; @@ -27,10 +26,9 @@ import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.usrgrp.IUser; import com.netscape.certsrv.usrgrp.IUsrGrp; - /** * A class represents a user. - * + * * @author cfu * @version $Revision$, $Date$ */ @@ -189,7 +187,7 @@ public class User implements IUser { throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_ATTRIBUTE", name)); } } - + public Object get(String name) throws EBaseException { if (name.equals(ATTR_NAME)) { return getName(); |