diff options
Diffstat (limited to 'pki/base/common/src')
98 files changed, 532 insertions, 239 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/acls/ACL.java b/pki/base/common/src/com/netscape/certsrv/acls/ACL.java index c98135ea..508793dd 100644 --- a/pki/base/common/src/com/netscape/certsrv/acls/ACL.java +++ b/pki/base/common/src/com/netscape/certsrv/acls/ACL.java @@ -26,7 +26,8 @@ import java.util.Vector; * enforcer can verify the ACLs with the current * context to see if the corresponding resource is accessible. * <P> - * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. However, in case of multiple <code>ACLEntry</code>, a subject must pass ALL of the <code>ACLEntry</code> evaluation for permission to be granted + * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. However, in case of multiple <code>ACLEntry</code> + * , a subject must pass ALL of the <code>ACLEntry</code> evaluation for permission to be granted * <P> * * @version $Revision$, $Date$ diff --git a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java index 70e4b7c0..8b52b392 100644 --- a/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java +++ b/pki/base/common/src/com/netscape/certsrv/authorization/IAuthzManager.java @@ -64,7 +64,8 @@ public interface IAuthzManager { * own authorization information before full operation. It is supposed * to be called from the authzMgrAccessInit() method of the AuthzSubsystem. * <p> - * The accessInfo format is determined by each individual authzmgr. For example, for BasicAclAuthz, The accessInfo is the resACLs, whose format should conform to the following: + * The accessInfo format is determined by each individual authzmgr. For example, for BasicAclAuthz, The accessInfo + * is the resACLs, whose format should conform to the following: * * <pre> * <resource ID>:right-1[,right-n]:[allow,deny](right(s))<evaluatorType>=<value>:<comment for this resource acl diff --git a/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java b/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java index e0fb0ba4..f161b5e8 100644 --- a/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java +++ b/pki/base/common/src/com/netscape/certsrv/jobs/IJobCron.java @@ -20,9 +20,13 @@ package com.netscape.certsrv.jobs; /** * class representing one Job cron information * <p> - * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in an "item"...which includes both numbers and '-' separated ranges. A cron string in the configuration takes the following format: <i>minute (0-59), hour (0-23), day of the month (1-31), month of the year (1-12), day of the week (0-6 with 0=Sunday)</i> + * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in + * an "item"...which includes both numbers and '-' separated ranges. A cron string in the configuration takes the + * following format: <i>minute (0-59), hour (0-23), day of the month (1-31), month of the year (1-12), day of the week + * (0-6 with 0=Sunday)</i> * <p> - * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5 In this example, the job "rnJob1" will be executed from Monday through Friday, at 11:30am and 11:30pm. + * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5 In this example, the job "rnJob1" will be executed from Monday + * through Friday, at 11:30am and 11:30pm. * <p> * * @version $Revision$, $Date$ diff --git a/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java b/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java index e4daffbe..f4184853 100644 --- a/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java +++ b/pki/base/common/src/com/netscape/certsrv/jobs/IJobsScheduler.java @@ -30,8 +30,12 @@ import com.netscape.certsrv.base.ISubsystem; * if there is any job to be done, if so, a thread is created to execute * the job(s). * <p> - * The interval <b>jobsScheduler.interval</b> in the configuration is specified as number of minutes. If not set, the default is 1 minute. Note that the cron specification for each job CAN NOT be finer than the granularity of the Scheduler daemon interval. For example, if the daemon interval is set to 5 minute, a job cron for every minute at 7am on each Tuesday (e.g. * 7 * * 2) will result in the execution of the job thread only once every 5 minutes during that hour. <b>The inteval value is - * recommended at 1 minute, setting it otherwise has the potential of forever missing the beat</b>. Use with caution. + * The interval <b>jobsScheduler.interval</b> in the configuration is specified as number of minutes. If not set, the + * default is 1 minute. Note that the cron specification for each job CAN NOT be finer than the granularity of the + * Scheduler daemon interval. For example, if the daemon interval is set to 5 minute, a job cron for every minute at 7am + * on each Tuesday (e.g. * 7 * * 2) will result in the execution of the job thread only once every 5 minutes during that + * hour. <b>The inteval value is recommended at 1 minute, setting it otherwise has the potential of forever missing the + * beat</b>. Use with caution. * * @version $Revision$, $Date$ */ diff --git a/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java b/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java index b8973792..13748f2d 100644 --- a/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java +++ b/pki/base/common/src/com/netscape/certsrv/kra/IKeyService.java @@ -103,8 +103,10 @@ public interface IKeyService { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST used whenever a user private key recovery request is made (this is when the DRM receives the request) - * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used whenever a user private key recovery request is processed (this is when the DRM processes the request) + * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST used whenever a user private key recovery request is + * made (this is when the DRM receives the request) + * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_REQUEST_PROCESSED used whenever a user private key recovery + * request is processed (this is when the DRM processes the request) * </ul> * * @param reqID request id diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java b/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java index 7d3d7ff7..189530f7 100644 --- a/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java +++ b/pki/base/common/src/com/netscape/certsrv/profile/IEnrollProfile.java @@ -22,9 +22,11 @@ import com.netscape.certsrv.request.IRequest; /** * This interface represents an enrollment profile. * <p> - * An enrollment profile contains a list of enrollment specific input plugins, default policies, constriant policies and output plugins. + * An enrollment profile contains a list of enrollment specific input plugins, default policies, constriant policies and + * output plugins. * <p> - * This interface also defines a set of enrollment specific attribute names that can be used to retrieve values from an enrollment request. + * This interface also defines a set of enrollment specific attribute names that can be used to retrieve values from an + * enrollment request. * <p> * * @version $Revision$, $Date$ diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java b/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java index bf1aefcf..469d6dde 100644 --- a/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java +++ b/pki/base/common/src/com/netscape/certsrv/profile/IPolicyDefault.java @@ -31,13 +31,18 @@ import com.netscape.certsrv.request.IRequest; * the request with additional values. * <p> * - * During request submission process, a default policy is invoked to populate the default values in the request. The default values will later on be used for execution. The default values are like the parameters for the request. + * During request submission process, a default policy is invoked to populate the default values in the request. The + * default values will later on be used for execution. The default values are like the parameters for the request. * <p> * - * This policy is called in 2 places. For automated enrollment request, this policy is invoked to populate the HTTP parameters into the request. For request that cannot be executed immediately, this policy will be invoked again right after the agent's approval. + * This policy is called in 2 places. For automated enrollment request, this policy is invoked to populate the HTTP + * parameters into the request. For request that cannot be executed immediately, this policy will be invoked again right + * after the agent's approval. * <p> * - * Each default policy may contain zero or more properties that describe the default value. For example, a X509 Key can be described by its key type, key length, and key data. The properties help to describe the default value into human readable values. + * Each default policy may contain zero or more properties that describe the default value. For example, a X509 Key can + * be described by its key type, key length, and key data. The properties help to describe the default value into human + * readable values. * <p> * * @version $Revision$, $Date$ diff --git a/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java b/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java index 779bf6a8..0cd39c09 100644 --- a/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java +++ b/pki/base/common/src/com/netscape/certsrv/profile/IProfile.java @@ -46,7 +46,8 @@ import com.netscape.cms.profile.common.ProfilePolicy; * The output policy is for building the result page. * <p> * - * Each profile can have multiple policy set. Each set is composed of zero or more default policies and zero or more constraint policies. + * Each profile can have multiple policy set. Each set is composed of zero or more default policies and zero or more + * constraint policies. * <p> * * @version $Revision$, $Date$ diff --git a/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java b/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java index ddb1dae2..48738d81 100644 --- a/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java +++ b/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java @@ -39,7 +39,8 @@ public class AgentApprovals /** * Adds an approval to approval's list. * <p> - * If an approval is already present for this user, it is updated with a new date. Otherwise a new value is inserted. + * If an approval is already present for this user, it is updated with a new date. Otherwise a new value is + * inserted. * * @param userName user name of the approving agent */ diff --git a/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java b/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java index 4d23c903..9998abee 100644 --- a/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java +++ b/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java @@ -38,7 +38,8 @@ public interface IPolicy { * determine whether the request can be processed immediately, * or should be held pending manual approval. * <p> - * The policy can update fields in the request, to add additional values or to restrict the values to pre-determined ranges. + * The policy can update fields in the request, to add additional values or to restrict the values to pre-determined + * ranges. * <p> * * @param request diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequest.java b/pki/base/common/src/com/netscape/certsrv/request/IRequest.java index 60c332c9..aaedd9b1 100644 --- a/pki/base/common/src/com/netscape/certsrv/request/IRequest.java +++ b/pki/base/common/src/com/netscape/certsrv/request/IRequest.java @@ -188,7 +188,8 @@ public interface IRequest { * assigned by the originator of the request (for example, * the EE servlet or the RA servlet. * <p> - * The sourceId should be unique so that it can be used to retrieve request later without knowing the locally assigned primary id (RequestID) + * The sourceId should be unique so that it can be used to retrieve request later without knowing the locally + * assigned primary id (RequestID) * <p> * * @return diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java index 5c5d13a6..a8f5f733 100644 --- a/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java +++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java @@ -59,7 +59,8 @@ public interface IRequestQueue { * except for the sourceID of the original request * (remote authority's request Id). * <p> - * The cloned request that is returned is LOCKED. The caller MUST release the request object by calling releaseRequest(). + * The cloned request that is returned is LOCKED. The caller MUST release the request object by calling + * releaseRequest(). * * @param r request to be cloned * @return cloned request @@ -112,7 +113,8 @@ public interface IRequestQueue { * only valid for requests with status BEGIN. An error is * generated for other cases. * <p> - * This call might be used by agent servlets that want to copy a previous request, and resubmit it. By putting it into PENDING state, the normal agent screens can be used for further processing. + * This call might be used by agent servlets that want to copy a previous request, and resubmit it. By putting it + * into PENDING state, the normal agent screens can be used for further processing. * * @param req * the request to mark PENDING @@ -127,7 +129,8 @@ public interface IRequestQueue { * except for the sourceID of the original request * (remote authority's request Id). * <p> - * The cloned request that is returned is LOCKED. The caller MUST release the request object by calling releaseRequest(). + * The cloned request that is returned is LOCKED. The caller MUST release the request object by calling + * releaseRequest(). * * @param r request to be cloned * @return cloned request mark PENDING @@ -141,9 +144,11 @@ public interface IRequestQueue { * <p> * This call will fail if: the request is not in PENDING state the policy modules do not accept the request * <p> - * If the policy modules reject the request, then the request will remain in the PENDING state. Messages from the policy module can be display to the agent to indicate the source of the problem. + * If the policy modules reject the request, then the request will remain in the PENDING state. Messages from the + * policy module can be display to the agent to indicate the source of the problem. * <p> - * The request processing code adds an AgentApproval to this request that contains the authentication id of the agent. This data is retrieved from the Session object (qv). + * The request processing code adds an AgentApproval to this request that contains the authentication id of the + * agent. This data is retrieved from the Session object (qv). * * @param request * the request that is being approved @@ -157,7 +162,8 @@ public interface IRequestQueue { * <p> * This call will fail if: the request is not in PENDING state * <p> - * The agent servlet (or other application) may wish to store AgentMessage values to indicate the reason for the action + * The agent servlet (or other application) may wish to store AgentMessage values to indicate the reason for the + * action * * @param request * the request that is being rejected @@ -171,7 +177,8 @@ public interface IRequestQueue { * <p> * This call will fail if: the request is not in PENDING state * <p> - * The agent servlet (or other application) may wish to store AgentMessage values to indicate the reason for the action + * The agent servlet (or other application) may wish to store AgentMessage values to indicate the reason for the + * action * * @param request * the request that is being canceled @@ -199,7 +206,8 @@ public interface IRequestQueue { * queue. The caller should use the RequestIds to locate * each request by calling findRequest(). * <p> - * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search object. + * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search + * object. * * @return request list */ @@ -211,7 +219,8 @@ public interface IRequestQueue { * requests could be listed by specifying RequestStatus.PENDING * as the <i>status</i> argument * <p> - * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search object. + * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search + * object. * * @param status request status * @return request list @@ -222,7 +231,8 @@ public interface IRequestQueue { * Returns an enumerator that lists all RequestIds for requests * that match the filter. * <p> - * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search object. + * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search + * object. * * @param filter search filter * @return request list @@ -233,7 +243,8 @@ public interface IRequestQueue { * Returns an enumerator that lists all RequestIds for requests * that match the filter. * <p> - * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search object. + * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search + * object. * * @param filter search filter * @param maxSize max size to return @@ -245,7 +256,8 @@ public interface IRequestQueue { * Returns an enumerator that lists all RequestIds for requests * that match the filter. * <p> - * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search object. + * NOTE: This interface will not be useful for large databases. This needs to be replace by a VLV (paged) search + * object. * * @param filter search filter * @param maxSize max size to return diff --git a/pki/base/common/src/com/netscape/cms/authentication/AVAPattern.java b/pki/base/common/src/com/netscape/cms/authentication/AVAPattern.java index eaaea5ef..6a8bbcbf 100644 --- a/pki/base/common/src/com/netscape/cms/authentication/AVAPattern.java +++ b/pki/base/common/src/com/netscape/cms/authentication/AVAPattern.java @@ -40,7 +40,8 @@ import com.netscape.certsrv.authentication.ECompSyntaxErr; * subject name from ldap attributes and dn. * <p> * - * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name. + * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If + * empty or not set, the ldap entry DN will be used as the certificate subject name. * <p> * * The syntax is diff --git a/pki/base/common/src/com/netscape/cms/authentication/CMCAuth.java b/pki/base/common/src/com/netscape/cms/authentication/CMCAuth.java index 0e747dbe..8fb84842 100644 --- a/pki/base/common/src/com/netscape/cms/authentication/CMCAuth.java +++ b/pki/base/common/src/com/netscape/cms/authentication/CMCAuth.java @@ -220,7 +220,8 @@ public class CMCAuth implements IAuthManager, IExtendedPluginInfo, * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CMC_SIGNED_REQUEST_SIG_VERIFY used when CMC (agent-pre-signed) cert requests or revocation requests are submitted and signature is verified + * <li>signed.audit LOGGING_SIGNED_AUDIT_CMC_SIGNED_REQUEST_SIG_VERIFY used when CMC (agent-pre-signed) cert + * requests or revocation requests are submitted and signature is verified * </ul> * * @param authCred Authentication credentials, CRED_UID and CRED_CMC. diff --git a/pki/base/common/src/com/netscape/cms/authentication/DNPattern.java b/pki/base/common/src/com/netscape/cms/authentication/DNPattern.java index 21280f0f..653a950a 100644 --- a/pki/base/common/src/com/netscape/cms/authentication/DNPattern.java +++ b/pki/base/common/src/com/netscape/cms/authentication/DNPattern.java @@ -32,7 +32,8 @@ import com.netscape.certsrv.base.EBaseException; * subject name from ldap attributes and dn. * <p> * - * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name. + * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If + * empty or not set, the ldap entry DN will be used as the certificate subject name. * <p> * * The syntax is diff --git a/pki/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java b/pki/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java index 4b6e4aa3..da8d5bd5 100644 --- a/pki/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java +++ b/pki/base/common/src/com/netscape/cms/authentication/DirBasedAuthentication.java @@ -173,7 +173,8 @@ public abstract class DirBasedAuthentication * dnpattern - dn pattern. * </pre> * <p> - * <i><b>dnpattern</b></i> is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name. + * <i><b>dnpattern</b></i> is a string representing a subject name pattern to formulate from the directory + * attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name. * <p> * The syntax is * diff --git a/pki/base/common/src/com/netscape/cms/authentication/RDNPattern.java b/pki/base/common/src/com/netscape/cms/authentication/RDNPattern.java index 3542570a..02a8f143 100644 --- a/pki/base/common/src/com/netscape/cms/authentication/RDNPattern.java +++ b/pki/base/common/src/com/netscape/cms/authentication/RDNPattern.java @@ -33,7 +33,8 @@ import com.netscape.certsrv.base.EBaseException; * subject name from ldap attributes and dn. * <p> * - * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If empty or not set, the ldap entry DN will be used as the certificate subject name. + * dnpattern is a string representing a subject name pattern to formulate from the directory attributes and entry dn. If + * empty or not set, the ldap entry DN will be used as the certificate subject name. * <p> * * The syntax is diff --git a/pki/base/common/src/com/netscape/cms/authorization/AAclAuthz.java b/pki/base/common/src/com/netscape/cms/authorization/AAclAuthz.java index a4eac090..dcce8277 100644 --- a/pki/base/common/src/com/netscape/cms/authorization/AAclAuthz.java +++ b/pki/base/common/src/com/netscape/cms/authorization/AAclAuthz.java @@ -40,7 +40,8 @@ import com.netscape.cmsutil.util.Utils; * An abstract class represents an authorization manager that governs the * access of internal resources such as servlets. * It parses in the ACLs associated with each protected - * resources, and provides protected method <CODE>checkPermission</CODE> for code that needs to verify access before performing + * resources, and provides protected method <CODE>checkPermission</CODE> for code that needs to verify access before + * performing * actions. * <P> * Here is a sample resourceACLS for a resource @@ -52,7 +53,8 @@ import com.netscape.cmsutil.util.Utils; * allow (execute) group="Administrators"; * </PRE> * - * To perform permission checking, code call authz mgr authorize() method to verify access. See AuthzMgr for calling example. + * To perform permission checking, code call authz mgr authorize() method to verify access. See AuthzMgr for calling + * example. * <P> * default "evaluators" are used to evaluate the "group=.." or "user=.." rules. See evaluator for more info * @@ -234,12 +236,19 @@ public abstract class AAclAuthz { * marked as privileged, this methods will simply * return. * <P> - * note that if a resource does not exist in the aclResources entry, but a higher level node exist, it will still be evaluated. The highest level node's acl determines the permission. If the higher level node doesn't contain any acl information, then it's passed down to the lower node. If a node has no aci in its resourceACLs, then it's considered passed. + * note that if a resource does not exist in the aclResources entry, but a higher level node exist, it will still be + * evaluated. The highest level node's acl determines the permission. If the higher level node doesn't contain any + * acl information, then it's passed down to the lower node. If a node has no aci in its resourceACLs, then it's + * considered passed. * <p> - * example: certServer.common.users, if failed permission check for "certServer", then it's considered failed, and there is no need to continue the check. If passed permission check for "certServer", then it's considered passed, and no need to continue the check. If certServer contains no aci then "certServer.common" will be checked for permission instead. If down to the leaf level, the node still contains no aci, then it's considered passed. If at the leaf level, no such resource exist, or - * no acis, it's considered passed. + * example: certServer.common.users, if failed permission check for "certServer", then it's considered failed, and + * there is no need to continue the check. If passed permission check for "certServer", then it's considered passed, + * and no need to continue the check. If certServer contains no aci then "certServer.common" will be checked for + * permission instead. If down to the leaf level, the node still contains no aci, then it's considered passed. If at + * the leaf level, no such resource exist, or no acis, it's considered passed. * <p> - * If there are multiple aci's for a resource, ALL aci's will be checked, and only if all passed permission checks, will the eventual access be granted. + * If there are multiple aci's for a resource, ALL aci's will be checked, and only if all passed permission checks, + * will the eventual access be granted. * * @param name resource name * @param perm permission requested @@ -293,9 +302,13 @@ public abstract class AAclAuthz { * Checks if the permission is granted or denied in * the current execution context. * <P> - * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. However, in case of multiple <code>ACLEntry</code>, a subject must pass ALL of the <code>ACLEntry</code> evaluation for permission to be granted + * An <code>ACL</code> may contain one or more <code>ACLEntry</code>. However, in case of multiple + * <code>ACLEntry</code>, a subject must pass ALL of the <code>ACLEntry</code> evaluation for permission to be + * granted * <P> - * negative ("deny") aclEntries are treated differently than positive ("allow") statements. If a negative aclEntries fails the acl check, the permission check will return "false" right away; while in the case of a positive aclEntry, if the the aclEntry fails the acl check, the next aclEntry will be evaluated. + * negative ("deny") aclEntries are treated differently than positive ("allow") statements. If a negative aclEntries + * fails the acl check, the permission check will return "false" right away; while in the case of a positive + * aclEntry, if the the aclEntry fails the acl check, the next aclEntry will be evaluated. * * @param name resource name * @param perm permission requested @@ -447,12 +460,19 @@ public abstract class AAclAuthz { * marked as privileged, this methods will simply * return. * <P> - * note that if a resource does not exist in the aclResources entry, but a higher level node exist, it will still be evaluated. The highest level node's acl determines the permission. If the higher level node doesn't contain any acl information, then it's passed down to the lower node. If a node has no aci in its resourceACLs, then it's considered passed. + * note that if a resource does not exist in the aclResources entry, but a higher level node exist, it will still be + * evaluated. The highest level node's acl determines the permission. If the higher level node doesn't contain any + * acl information, then it's passed down to the lower node. If a node has no aci in its resourceACLs, then it's + * considered passed. * <p> - * example: certServer.common.users, if failed permission check for "certServer", then it's considered failed, and there is no need to continue the check. If passed permission check for "certServer", then it's considered passed, and no need to continue the check. If certServer contains no aci then "certServer.common" will be checked for permission instead. If down to the leaf level, the node still contains no aci, then it's considered passed. If at the leaf level, no such resource exist, or - * no acis, it's considered passed. + * example: certServer.common.users, if failed permission check for "certServer", then it's considered failed, and + * there is no need to continue the check. If passed permission check for "certServer", then it's considered passed, + * and no need to continue the check. If certServer contains no aci then "certServer.common" will be checked for + * permission instead. If down to the leaf level, the node still contains no aci, then it's considered passed. If at + * the leaf level, no such resource exist, or no acis, it's considered passed. * <p> - * If there are multiple aci's for a resource, ALL aci's will be checked, and only if all passed permission checks, will the eventual access be granted. + * If there are multiple aci's for a resource, ALL aci's will be checked, and only if all passed permission checks, + * will the eventual access be granted. * * @param authToken authentication token gotten from authentication * @param name resource name diff --git a/pki/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java b/pki/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java index b2318e7e..df24f275 100644 --- a/pki/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java +++ b/pki/base/common/src/com/netscape/cms/authorization/DirAclAuthz.java @@ -254,7 +254,9 @@ public class DirAclAuthz extends AAclAuthz /** * update acls. when memory update is done, flush to ldap. * <p> - * Currently, it is possible that when the memory is updated successfully, and the ldap isn't, the memory upates lingers. The result is that the changes will only be done on ldap at the next update, or when the system shuts down, another flush will be attempted. + * Currently, it is possible that when the memory is updated successfully, and the ldap isn't, the memory upates + * lingers. The result is that the changes will only be done on ldap at the next update, or when the system shuts + * down, another flush will be attempted. * * @param id is the resource id * @param rights The allowable rights for this resource diff --git a/pki/base/common/src/com/netscape/cms/logging/LogFile.java b/pki/base/common/src/com/netscape/cms/logging/LogFile.java index 979b0c2c..75ca1e53 100644 --- a/pki/base/common/src/com/netscape/cms/logging/LogFile.java +++ b/pki/base/common/src/com/netscape/cms/logging/LogFile.java @@ -697,7 +697,8 @@ public class LogFile implements ILogEventListener, IExtendedPluginInfo { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_SIGNING used when a signature on the audit log is generated (same as "flush" time) + * <li>signed.audit LOGGING_SIGNED_AUDIT_SIGNING used when a signature on the audit log is generated (same as + * "flush" time) * </ul> * * @exception IOException for input/output problems diff --git a/pki/base/common/src/com/netscape/cms/logging/RollingLogFile.java b/pki/base/common/src/com/netscape/cms/logging/RollingLogFile.java index 78353448..e085937e 100644 --- a/pki/base/common/src/com/netscape/cms/logging/RollingLogFile.java +++ b/pki/base/common/src/com/netscape/cms/logging/RollingLogFile.java @@ -285,7 +285,8 @@ public class RollingLogFile extends LogFile { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_DELETE used AFTER audit log expires (authorization should not allow, but in case authorization gets compromised make sure it is written AFTER the log expiration happens) + * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_DELETE used AFTER audit log expires (authorization should not allow, + * but in case authorization gets compromised make sure it is written AFTER the log expiration happens) * </ul> * * @param expirationSeconds The number of seconds since the expired files diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java b/pki/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java index c9e9401a..b7a24bd6 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/AgentPolicy.java @@ -58,7 +58,9 @@ public class AgentPolicy extends APolicyRule * * The entries may be of the form: * - * ra.Policy.rule.<ruleName>.implName=AgentPolicy ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com ra.Policy.rule.<ruleName>.class=xxxx ra.Policy.rule.<ruleName>.params.* + * ra.Policy.rule.<ruleName>.implName=AgentPolicy ra.Policy.rule.<ruleName>.enable=true + * ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com ra.Policy.rule.<ruleName>.class=xxxx + * ra.Policy.rule.<ruleName>.params.* * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java index 5ad1f6c4..9ad32208 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/DSAKeyConstraints.java @@ -95,7 +95,10 @@ public class DSAKeyConstraints extends APolicyRule * Initializes this policy rule. * <P> * - * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=DSAKeyConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.minSize=512 ra.Policy.rule.<ruleName>.maxSize=1024 ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com + * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=DSAKeyConstraints + * ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.minSize=512 + * ra.Policy.rule.<ruleName>.maxSize=1024 ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == + * netscape.com * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java b/pki/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java index fd143646..f341dd22 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/DefaultRevocation.java @@ -56,7 +56,8 @@ public class DefaultRevocation extends APolicyRule * * The entries may be of the form: * - * ra.Policy.rule.<ruleName>.implName=DefaultRevocation ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com + * ra.Policy.rule.<ruleName>.implName=DefaultRevocation ra.Policy.rule.<ruleName>.enable=true + * ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java index c523ae9f..14cd9ece 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/KeyAlgorithmConstraints.java @@ -87,7 +87,9 @@ public class KeyAlgorithmConstraints extends APolicyRule * Initializes this policy rule. * <P> * - * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=KeyAlgorithmConstraints ra.Policy.rule.<ruleName>.algorithms=RSA,DSA ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate=ou==Sales + * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=KeyAlgorithmConstraints + * ra.Policy.rule.<ruleName>.algorithms=RSA,DSA ra.Policy.rule.<ruleName>.enable=true + * ra.Policy.rule.<ruleName>.predicate=ou==Sales * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java b/pki/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java index 1abc5bda..b9348760 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/ManualAuthentication.java @@ -56,7 +56,8 @@ public class ManualAuthentication extends APolicyRule * * The entries may be of the form: * - * ra.Policy.rule.<ruleName>.implName=ManualAuthentication ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com + * ra.Policy.rule.<ruleName>.implName=ManualAuthentication ra.Policy.rule.<ruleName>.enable=true + * ra.Policy.rule.<ruleName>.predicate= ou == engineering AND o == netscape.com * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java index 57176950..d6dde414 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/RSAKeyConstraints.java @@ -100,7 +100,9 @@ public class RSAKeyConstraints extends APolicyRule * * The entries probably are of the form: * - * ra.Policy.rule.<ruleName>.implName=RSAKeyConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.minSize=512 ra.Policy.rule.<ruleName>.maxSize=2048 ra.Policy.rule.<ruleName>.predicate=ou==Marketing + * ra.Policy.rule.<ruleName>.implName=RSAKeyConstraints ra.Policy.rule.<ruleName>.enable=true + * ra.Policy.rule.<ruleName>.minSize=512 ra.Policy.rule.<ruleName>.maxSize=2048 + * ra.Policy.rule.<ruleName>.predicate=ou==Marketing * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java index 5dd42170..f3926d5e 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalConstraints.java @@ -97,7 +97,8 @@ public class RenewalConstraints extends APolicyRule * * The entries probably are of the form: * - * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.allowExpiredCerts=true + * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true + * ra.Policy.rule.<ruleName>.allowExpiredCerts=true * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java index dc61edd4..73164e69 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/RenewalValidityConstraints.java @@ -115,7 +115,9 @@ public class RenewalValidityConstraints extends APolicyRule * * The entries probably are of the form: * - * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.minValidity=30 ra.Policy.rule.<ruleName>.maxValidity=180 ra.Policy.rule.<ruleName>.renewalInterval=15 ra.Policy.rule.<ruleName>.predicate=ou==Sales + * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true + * ra.Policy.rule.<ruleName>.minValidity=30 ra.Policy.rule.<ruleName>.maxValidity=180 + * ra.Policy.rule.<ruleName>.renewalInterval=15 ra.Policy.rule.<ruleName>.predicate=ou==Sales * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java index b18e4b7f..d4859195 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/RevocationConstraints.java @@ -91,7 +91,8 @@ public class RevocationConstraints extends APolicyRule * * The entries probably are of the form: * - * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.allowExpiredCerts=true + * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true + * ra.Policy.rule.<ruleName>.allowExpiredCerts=true * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java index 9e8e127b..77f0baa3 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/SigningAlgorithmConstraints.java @@ -94,7 +94,9 @@ public class SigningAlgorithmConstraints extends APolicyRule * Initializes this policy rule. * <P> * - * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=SigningAlgorithmConstraints ra.Policy.rule.<ruleName>.algorithms=SHA-1WithRSA, SHA-1WithDSA ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate=ou==Sales + * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=SigningAlgorithmConstraints + * ra.Policy.rule.<ruleName>.algorithms=SHA-1WithRSA, SHA-1WithDSA ra.Policy.rule.<ruleName>.enable=true + * ra.Policy.rule.<ruleName>.predicate=ou==Sales * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java index d2b4f71b..06492da7 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/SubCANameConstraints.java @@ -78,7 +78,9 @@ public class SubCANameConstraints extends APolicyRule implements IEnrollmentPoli * Initializes this policy rule. * <P> * - * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=KeyAlgorithmConstraints ra.Policy.rule.<ruleName>.algorithms=RSA,DSA ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.predicate=ou==Sales + * The entries probably are of the form ra.Policy.rule.<ruleName>.implName=KeyAlgorithmConstraints + * ra.Policy.rule.<ruleName>.algorithms=RSA,DSA ra.Policy.rule.<ruleName>.enable=true + * ra.Policy.rule.<ruleName>.predicate=ou==Sales * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java index e78924e3..778be16b 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/UniqueSubjectNameConstraints.java @@ -107,7 +107,9 @@ public class UniqueSubjectNameConstraints extends APolicyRule * * The entries probably are of the form: * - * ca.Policy.rule.<ruleName>.implName=UniqueSubjectName ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.enablePreAgentApprovalChecking=true ca.Policy.rule.<ruleName>.enableKeyUsageExtensionChecking=true + * ca.Policy.rule.<ruleName>.implName=UniqueSubjectName ca.Policy.rule.<ruleName>.enable=true + * ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.enablePreAgentApprovalChecking=true + * ca.Policy.rule.<ruleName>.enableKeyUsageExtensionChecking=true * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java b/pki/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java index ef35f5e6..1ebf9a0b 100644 --- a/pki/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java +++ b/pki/base/common/src/com/netscape/cms/policy/constraints/ValidityConstraints.java @@ -118,7 +118,9 @@ public class ValidityConstraints extends APolicyRule * * The entries probably are of the form: * - * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true ra.Policy.rule.<ruleName>.minValidity=30 ra.Policy.rule.<ruleName>.maxValidity=180 ra.Policy.rule.<ruleName>.predicate=ou==Sales + * ra.Policy.rule.<ruleName>.implName=ValidityConstraints ra.Policy.rule.<ruleName>.enable=true + * ra.Policy.rule.<ruleName>.minValidity=30 ra.Policy.rule.<ruleName>.maxValidity=180 + * ra.Policy.rule.<ruleName>.predicate=ou==Sales * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java index 3fe6f3a2..2619890a 100644 --- a/pki/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java +++ b/pki/base/common/src/com/netscape/cms/policy/extensions/AuthInfoAccessExt.java @@ -137,7 +137,8 @@ public class AuthInfoAccessExt extends APolicyRule implements * * The entries may be of the form: * - * ca.Policy.rule.<ruleName>.implName=AuthInfoAccessExt ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.predicate= + * ca.Policy.rule.<ruleName>.implName=AuthInfoAccessExt ca.Policy.rule.<ruleName>.enable=true + * ca.Policy.rule.<ruleName>.predicate= * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java index 6ce18724..7b2df56d 100644 --- a/pki/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java +++ b/pki/base/common/src/com/netscape/cms/policy/extensions/BasicConstraintsExt.java @@ -96,7 +96,8 @@ public class BasicConstraintsExt extends APolicyRule * <p> * The entries may be of the form: * - * ca.Policy.rule.<ruleName>.implName=BasicConstraintsExtImpl ca.Policy.rule.<ruleName>.pathLen=<n>, -1 for undefined. ca.Policy.rule.<ruleName>.enable=true + * ca.Policy.rule.<ruleName>.implName=BasicConstraintsExtImpl ca.Policy.rule.<ruleName>.pathLen=<n>, -1 for + * undefined. ca.Policy.rule.<ruleName>.enable=true * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java index 576ef0c9..8fde4cbc 100644 --- a/pki/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java +++ b/pki/base/common/src/com/netscape/cms/policy/extensions/CertificatePoliciesExt.java @@ -93,7 +93,8 @@ public class CertificatePoliciesExt extends APolicyRule * * The entries may be of the form: * - * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= ca.Policy.rule.<ruleName>.enable=true + * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= + * ca.Policy.rule.<ruleName>.enable=true * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java index f17151ae..b385923a 100644 --- a/pki/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java +++ b/pki/base/common/src/com/netscape/cms/policy/extensions/CertificateScopeOfUseExt.java @@ -103,7 +103,8 @@ public class CertificateScopeOfUseExt extends APolicyRule implements * * The entries may be of the form: * - * ca.Policy.rule.<ruleName>.implName=AuthInfoAccessExt ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.predicate= + * ca.Policy.rule.<ruleName>.implName=AuthInfoAccessExt ca.Policy.rule.<ruleName>.enable=true + * ca.Policy.rule.<ruleName>.predicate= * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java b/pki/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java index 10cf5323..4d23c953 100644 --- a/pki/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java +++ b/pki/base/common/src/com/netscape/cms/policy/extensions/GenericASN1Ext.java @@ -334,7 +334,8 @@ public class GenericASN1Ext extends APolicyRule implements * * The entries may be of the form: * - * ca.Policy.rule.<ruleName>.implName=genericASNExt ca.Policy.rule.<ruleName>.enable=true ca.Policy.rule.<ruleName>.predicate= + * ca.Policy.rule.<ruleName>.implName=genericASNExt ca.Policy.rule.<ruleName>.enable=true + * ca.Policy.rule.<ruleName>.predicate= * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java index e3cb7ddc..36199856 100644 --- a/pki/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java +++ b/pki/base/common/src/com/netscape/cms/policy/extensions/NSCCommentExt.java @@ -91,7 +91,8 @@ public class NSCCommentExt extends APolicyRule * <p> * The entries may be of the form: * - * ca.Policy.rule.<ruleName>.implName=NSCCommentExtImpl ca.Policy.rule.<ruleName>.displayText=<n> ca.Policy.rule.<ruleName>.commentFile=<n> ca.Policy.rule.<ruleName>.enable=false + * ca.Policy.rule.<ruleName>.implName=NSCCommentExtImpl ca.Policy.rule.<ruleName>.displayText=<n> + * ca.Policy.rule.<ruleName>.commentFile=<n> ca.Policy.rule.<ruleName>.enable=false * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java index 4fd38077..d0db5708 100644 --- a/pki/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java +++ b/pki/base/common/src/com/netscape/cms/policy/extensions/NameConstraintsExt.java @@ -92,7 +92,8 @@ public class NameConstraintsExt extends APolicyRule * * The entries may be of the form: * - * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= ca.Policy.rule.<ruleName>.enable=true + * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= + * ca.Policy.rule.<ruleName>.enable=true * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java index a3324b67..2ca21c29 100644 --- a/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java +++ b/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyConstraintsExt.java @@ -93,7 +93,8 @@ public class PolicyConstraintsExt extends APolicyRule * * The entries may be of the form: * - * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= ca.Policy.rule.<ruleName>.enable=true + * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= + * ca.Policy.rule.<ruleName>.enable=true * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java index d0f10e64..21f19b45 100644 --- a/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java +++ b/pki/base/common/src/com/netscape/cms/policy/extensions/PolicyMappingsExt.java @@ -87,7 +87,8 @@ public class PolicyMappingsExt extends APolicyRule * * The entries may be of the form: * - * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= ca.Policy.rule.<ruleName>.enable=true + * ca.Policy.rule.<ruleName>.predicate=certType==ca ca.Policy.rule.<ruleName>.implName= + * ca.Policy.rule.<ruleName>.enable=true * * @param config The config store reference */ diff --git a/pki/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java b/pki/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java index 532da695..f7450aa3 100644 --- a/pki/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java +++ b/pki/base/common/src/com/netscape/cms/policy/extensions/SubjAltNameExt.java @@ -51,7 +51,9 @@ import com.netscape.cms.policy.APolicyRule; * * Adds the subject alternative name extension depending on the certificate type requested. * - * Two forms are supported. 1) For S/MIME certificates, email addresses are copied from data stored in the request by the authentication component. Both 'e' and 'altEmail' are supported so that both the primary address and alternative forms may be certified. Only the primary goes in the subjectName position (which should be phased out). + * Two forms are supported. 1) For S/MIME certificates, email addresses are copied from data stored in the request by + * the authentication component. Both 'e' and 'altEmail' are supported so that both the primary address and alternative + * forms may be certified. Only the primary goes in the subjectName position (which should be phased out). * * e mailAlternateAddress * <P> diff --git a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java index 94894297..49203c05 100644 --- a/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java +++ b/pki/base/common/src/com/netscape/cms/profile/common/EnrollProfile.java @@ -1235,11 +1235,13 @@ public abstract class EnrollProfile extends BasicProfile * Populate input * <P> * - * (either all "agent" profile cert requests NOT made through a connector, or all "EE" profile cert requests NOT made through a connector) + * (either all "agent" profile cert requests NOT made through a connector, or all "EE" profile cert requests NOT + * made through a connector) * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before approval process) + * <li>signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before + * approval process) * </ul> * * @param ctx profile context diff --git a/pki/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java b/pki/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java index 6eb42c24..26dc46f4 100644 --- a/pki/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java +++ b/pki/base/common/src/com/netscape/cms/publish/mappers/MapAVAPattern.java @@ -46,7 +46,8 @@ import com.netscape.certsrv.request.IRequest; * request attributes and cert subject name. * <p> * - * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and request attributes . If empty or not set, the certificate subject name will be used as the ldap dn. + * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and + * request attributes . If empty or not set, the certificate subject name will be used as the ldap dn. * <p> * * The syntax is @@ -97,7 +98,8 @@ import com.netscape.certsrv.request.IRequest; * <p> * </pre> * - * If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk that a wrong dn will be mapped into. + * If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk + * that a wrong dn will be mapped into. * * @version $Revision$, $Date$ */ diff --git a/pki/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java b/pki/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java index 463c9e4d..7a9025b1 100644 --- a/pki/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java +++ b/pki/base/common/src/com/netscape/cms/publish/mappers/MapDNPattern.java @@ -35,7 +35,8 @@ import com.netscape.certsrv.request.IRequest; * request attributes and cert subject name. * <p> * - * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and request attributes . If empty or not set, the certificate subject name will be used as the ldap dn. + * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and + * request attributes . If empty or not set, the certificate subject name will be used as the ldap dn. * <p> * * The syntax is @@ -73,7 +74,8 @@ import com.netscape.certsrv.request.IRequest; * <p> * </pre> * - * If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk that a wrong dn will be mapped into. + * If an request attribute or subject DN component does not exist, the attribute is skipped. There is potential risk + * that a wrong dn will be mapped into. * * @version $Revision$, $Date$ */ diff --git a/pki/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java b/pki/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java index fafa660a..c1688345 100644 --- a/pki/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java +++ b/pki/base/common/src/com/netscape/cms/publish/mappers/MapRDNPattern.java @@ -34,7 +34,8 @@ import com.netscape.certsrv.request.IRequest; * request attributes and cert subject name. * <p> * - * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and request attributes . If empty or not set, the certificate subject name will be used as the ldap dn. + * dnpattern is a string representing a ldap dn pattern to formulate from the certificate subject name attributes and + * request attributes . If empty or not set, the certificate subject name will be used as the ldap dn. * <p> * * The syntax is @@ -72,7 +73,8 @@ import com.netscape.certsrv.request.IRequest; * <p> * </pre> * - * If an request attribute or subject DN component does not exist, the attribute is skipped.There is potential risk that a wrong dn will be mapped into. + * If an request attribute or subject DN component does not exist, the attribute is skipped.There is potential risk that + * a wrong dn will be mapped into. * * @version $Revision$, $Date$ */ diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java index 1d68d3bc..72838eb5 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/AdminServlet.java @@ -278,7 +278,8 @@ public class AdminServlet extends HttpServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only webserver env can pick up the SSL violation; CMS authMgr can pick up cert mis-match, so this event is used) + * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only + * webserver env can pick up the SSL violation; CMS authMgr can pick up cert mis-match, so this event is used) * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication succeeded * </ul> * @@ -615,7 +616,8 @@ public class AdminServlet extends HttpServlet { * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization has failed * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization is successful - * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CMS that's when one accesses a role port) + * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CMS that's when one + * accesses a role port) * </ul> * * @param req HTTP servlet request diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java index 4a059106..fa3933ed 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CAAdminServlet.java @@ -518,7 +518,8 @@ public class CAAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, frequency, CRL format) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, + * frequency, CRL format) * </ul> * * @param req HTTP servlet request @@ -673,7 +674,8 @@ public class CAAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, frequency, CRL format) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, + * frequency, CRL format) * </ul> * * @param req HTTP servlet request @@ -833,7 +835,8 @@ public class CAAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, frequency, CRL format) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, + * frequency, CRL format) * </ul> * * @param req HTTP servlet request @@ -974,7 +977,8 @@ public class CAAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, frequency, CRL format) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, + * frequency, CRL format) * </ul> * * @param req HTTP servlet request @@ -1191,7 +1195,8 @@ public class CAAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, frequency, CRL format) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when configuring CRL profile (extensions, + * frequency, CRL format) * </ul> * * @param req HTTP servlet request diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java index 7bd6c4eb..6d590485 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/CMSAdminServlet.java @@ -518,7 +518,8 @@ public final class CMSAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION used when configuring encryption (cert settings and SSL cipher preferences) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ENCRYPTION used when configuring encryption (cert settings and SSL + * cipher preferences) * </ul> * * @exception ServletException a servlet error has occurred @@ -1476,7 +1477,8 @@ public final class CMSAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to import CA certs into the certificate database + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to + * import CA certs into the certificate database * </ul> * * @exception ServletException a servlet error has occurred @@ -1903,7 +1905,8 @@ public final class CMSAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to import CA certs into the certificate database + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to + * import CA certs into the certificate database * </ul> * * @exception ServletException a servlet error has occurred @@ -2322,7 +2325,8 @@ public final class CMSAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to import a CA cross-signed certificate into the database + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Certificate Setup Wizard" is used to + * import a CA cross-signed certificate into the database * </ul> * * @exception ServletException a servlet error has occurred @@ -3075,7 +3079,8 @@ public final class CMSAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Manage Certificate" is used to edit the trustness of certs and deletion of certs + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_TRUSTED_PUBLIC_KEY used when "Manage Certificate" is used to edit + * the trustness of certs and deletion of certs * </ul> * * @exception ServletException a servlet error has occurred diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java index 25679224..dadbf408 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/LogAdminServlet.java @@ -1422,8 +1422,11 @@ public class LogAdminServlet extends AdminServlet { * * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_SIGNED_AUDIT used when configuring signedAudit - * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE used when log file name (including any path changes) for any of audit, system, transaction, or other customized log file change is attempted (authorization should not allow, but make sure it's written after the attempt) - * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE used when log expiration time change is attempted (authorization should not allow, but make sure it's written after the attempt) + * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_PATH_CHANGE used when log file name (including any path changes) for + * any of audit, system, transaction, or other customized log file change is attempted (authorization should not + * allow, but make sure it's written after the attempt) + * <li>signed.audit LOGGING_SIGNED_AUDIT_LOG_EXPIRATION_CHANGE used when log expiration time change is attempted + * (authorization should not allow, but make sure it's written after the attempt) * </ul> * * @param req HTTP servlet request diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java index a968b5b3..338a5823 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/OCSPAdminServlet.java @@ -229,7 +229,8 @@ public class OCSPAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under Online Certificate Status Manager) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under + * Online Certificate Status Manager) * </ul> * * @param req HTTP servlet request @@ -318,7 +319,8 @@ public class OCSPAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under Online Certificate Status Manager) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under + * Online Certificate Status Manager) * </ul> * * @param req HTTP servlet request @@ -466,7 +468,8 @@ public class OCSPAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under Online Certificate Status Manager) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_OCSP_PROFILE used when configuring OCSP profile (everything under + * Online Certificate Status Manager) * </ul> * * @param req HTTP servlet request diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java index e2193cd6..f34a8277 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/PolicyAdminServlet.java @@ -483,7 +483,8 @@ public class PolicyAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and + * extensions * </ul> * * @param req HTTP servlet request @@ -604,7 +605,8 @@ public class PolicyAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and + * extensions * </ul> * * @param req HTTP servlet request @@ -710,7 +712,8 @@ public class PolicyAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and + * extensions * </ul> * * @param req HTTP servlet request @@ -849,7 +852,8 @@ public class PolicyAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and + * extensions * </ul> * * @param req HTTP servlet request @@ -1005,7 +1009,8 @@ public class PolicyAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and + * extensions * </ul> * * @param req HTTP servlet request @@ -1095,7 +1100,8 @@ public class PolicyAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and extensions + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_POLICY used when configuring cert policy constraints and + * extensions * </ul> * * @param req HTTP servlet request diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java index 0e20d579..cbc40699 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/ProfileAdminServlet.java @@ -400,7 +400,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -544,7 +545,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -670,7 +672,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -797,7 +800,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -917,7 +921,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -1034,7 +1039,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -1151,7 +1157,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -1288,7 +1295,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -1427,7 +1435,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -1559,7 +1568,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -1678,7 +1688,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -1798,7 +1809,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -2281,7 +2293,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -2418,7 +2431,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request @@ -2581,7 +2595,8 @@ public class ProfileAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings and cert profile; obsoletes extensions and constraints policies) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CERT_PROFILE used when configuring cert profile (general settings + * and cert profile; obsoletes extensions and constraints policies) * </ul> * * @param req HTTP servlet request diff --git a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java index 65c00583..8481fffe 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/admin/UsrGrpAdminServlet.java @@ -650,11 +650,13 @@ public class UsrGrpAdminServlet extends AdminServlet { * Adds a new user to LDAP server * <P> * - * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#user-admin + * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under + * users/groups) * </ul> * * @param req HTTP servlet request @@ -975,11 +977,13 @@ public class UsrGrpAdminServlet extends AdminServlet { * Adds a certificate to a user * <P> * - * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#user-admin + * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under + * users/groups) * </ul> * * @param req HTTP servlet request @@ -1327,14 +1331,16 @@ public class UsrGrpAdminServlet extends AdminServlet { * Removes a certificate for a user * <P> * - * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#user-admin + * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> * * In this method, "certDN" is actually a combination of version, serialNumber, issuerDN, and SubjectDN. * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under + * users/groups) * </ul> * * @param req HTTP servlet request @@ -1471,11 +1477,13 @@ public class UsrGrpAdminServlet extends AdminServlet { * itself. * <P> * - * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#user-admin + * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under + * users/groups) * </ul> * * @param req HTTP servlet request @@ -1639,11 +1647,13 @@ public class UsrGrpAdminServlet extends AdminServlet { * Adds a new group in local scope. * <P> * - * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#group + * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under + * users/groups) * </ul> * * @param req HTTP servlet request @@ -1777,11 +1787,13 @@ public class UsrGrpAdminServlet extends AdminServlet { * removes a group * <P> * - * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#group + * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#group * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under + * users/groups) * </ul> * * @param req HTTP servlet request @@ -1885,7 +1897,8 @@ public class UsrGrpAdminServlet extends AdminServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under + * users/groups) * </ul> * * @param req HTTP servlet request @@ -2117,11 +2130,13 @@ public class UsrGrpAdminServlet extends AdminServlet { * Modifies an existing user in local scope. * <P> * - * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ ui/admin-protocol-definition.html#user-admin + * Request/Response Syntax: http://warp.mcom.com/server/certificate/columbo/design/ + * ui/admin-protocol-definition.html#user-admin * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under users/groups) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CONFIG_ROLE used when configuring role information (anything under + * users/groups) * </ul> * * @param req HTTP servlet request diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java index 9c5c4ea2..d45535fd 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/CMSServlet.java @@ -1680,7 +1680,8 @@ public abstract class CMSServlet extends HttpServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only webserver env can pick up the SSL violation; CS authMgr can pick up cert mis-match, so this event is used) + * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only + * webserver env can pick up the SSL violation; CS authMgr can pick up cert mis-match, so this event is used) * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication succeeded * </ul> * @@ -1881,7 +1882,8 @@ public abstract class CMSServlet extends HttpServlet { * <ul> * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization has failed * <li>signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization is successful - * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CS that's when one accesses a role port) + * <li>signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CS that's when one + * accesses a role port) * </ul> * * @param authzMgrName string representing the name of the authorization diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java index f7f31b19..2308318e 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/DynamicVariablesServlet.java @@ -42,7 +42,8 @@ import com.netscape.certsrv.base.IConfigStore; * Return some javascript to the request which contains the list of * dynamic data in the CMS system. * <p> - * This allows the requestor (browser) to make decisions about what to present in the UI, depending on how CMS is configured + * This allows the requestor (browser) to make decisions about what to present in the UI, depending on how CMS is + * configured * * @version $Revision$, $Date$ */ @@ -119,19 +120,23 @@ public class DynamicVariablesServlet extends CMSServlet { * <li><strong>AuthMgr</strong> - the authentication manager to use to authenticate the request * <li><strong>GetClientCert</strong> - whether to request client auth for this request * <li><strong>authority</strong> - the authority (ca, ra, drm) to return to the client - * <li><strong>dynamicVariables</strong> - a string of the form: serverdate=serverdate(),subsystemname=subsystemname(), http=http(),authmgrs=authmgrs(),clacrlurl=clacrlurl() + * <li><strong>dynamicVariables</strong> - a string of the form: + * serverdate=serverdate(),subsystemname=subsystemname(), http=http(),authmgrs=authmgrs(),clacrlurl=clacrlurl() * </ul> * The dynamicVariables string is parsed by splitting on commas. * When services, the HTTP request provides a piece of javascript * code as follows. * <p> - * Each sub expression "lhs=rhs()" forms a javascript statement of the form <i>lhs=xxx;</i> Where lhs is xxx is the result of 'evaluating' the rhs. The possible values for the rhs() function are: + * Each sub expression "lhs=rhs()" forms a javascript statement of the form <i>lhs=xxx;</i> Where lhs is xxx is the + * result of 'evaluating' the rhs. The possible values for the rhs() function are: * <ul> - * <li><strong>serverdate()</strong> - the timestamp of the server (used to ensure that the client clock is set correctly) + * <li><strong>serverdate()</strong> - the timestamp of the server (used to ensure that the client clock is set + * correctly) * <li><strong>subsystemname()</strong> * <li><strong>http()</strong> - "true" or "false" - is this an http connection (as opposed to https) * <li>authmgrs() - a comma separated list of authentication managers - * <li>clacrlurl() - the URL to get the CRL from, in the case of a Clone CA. This is defined in the CMS configuration parameter 'cloning.cloneMasterCrlUrl' + * <li>clacrlurl() - the URL to get the CRL from, in the case of a Clone CA. This is defined in the CMS + * configuration parameter 'cloning.cloneMasterCrlUrl' * </ul> * * @see javax.servlet.Servlet#init(ServletConfig) diff --git a/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java b/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java index f8625ce3..58ad4eab 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/base/SystemInfoServlet.java @@ -57,7 +57,8 @@ public class SystemInfoServlet extends HttpServlet { * value of the 'op' HTTP parameter. * <UL> * <LI>op = <i>undefined</i> - display a menu with links to the other functionality of this servlet - * <li>op = gc - tell the JVM that we want to do a garbage collection and to run finalizers (@see java.lang.Runtime.getRuntime#gc() ) + * <li>op = gc - tell the JVM that we want to do a garbage collection and to run finalizers (@see + * java.lang.Runtime.getRuntime#gc() ) * <li>op = general - display information about memory, and other JVM informatino * <li>op = thread - display details about each thread. * </UL> diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java index f716a647..461fa0b9 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/CMCRevReqServlet.java @@ -324,8 +324,10 @@ public class CMCRevReqServlet extends CMSServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - "revocation") is made (before approval process) - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is changed (revoked, expired, on-hold, off-hold) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - + * "revocation") is made (before approval process) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is + * changed (revoked, expired, on-hold, off-hold) * </ul> * * @param argSet CMS template parameters diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java index d66aec81..36746106 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DisplayBySerial.java @@ -125,7 +125,8 @@ public class DisplayBySerial extends CMSServlet { /** * Serves HTTP request. The format of this request is as follows: * <ul> - * <li>http.param serialNumber Decimal serial number of certificate to display (or hex if serialNumber preceded by 0x) + * <li>http.param serialNumber Decimal serial number of certificate to display (or hex if serialNumber preceded by + * 0x) * </ul> */ public void process(CMSRequest cmsReq) throws EBaseException { diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java index 0a68a8c8..dd739e37 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevoke.java @@ -378,12 +378,15 @@ public class DoRevoke extends CMSServlet { * (Certificate Request - either an "agent" cert status change request, or an "EE" cert status change request) * <P> * - * (Certificate Request Processed - either an "agent" cert status change request, or an "EE" cert status change request) + * (Certificate Request Processed - either an "agent" cert status change request, or an "EE" cert status change + * request) * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - "revocation") is made (before approval process) - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is changed (revoked, expired, on-hold, off-hold) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - + * "revocation") is made (before approval process) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is + * changed (revoked, expired, on-hold, off-hold) * </ul> * * @param argSet CMS template parameters diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java index bb432e37..844dca74 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DoRevokeTPS.java @@ -284,12 +284,15 @@ public class DoRevokeTPS extends CMSServlet { * (Certificate Request - either an "agent" cert status change request, or an "EE" cert status change request) * <P> * - * (Certificate Request Processed - either an "agent" cert status change request, or an "EE" cert status change request) + * (Certificate Request Processed - either an "agent" cert status change request, or an "EE" cert status change + * request) * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - "revocation") is made (before approval process) - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is changed (revoked, expired, on-hold, off-hold) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - + * "revocation") is made (before approval process) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is + * changed (revoked, expired, on-hold, off-hold) * </ul> * * @param argSet CMS template parameters diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java index bafafb8f..656d36f8 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevoke.java @@ -111,7 +111,9 @@ public class DoUnrevoke extends CMSServlet { /** * Process the HTTP request. * <ul> - * <li>http.param serialNumber Decimal serial number of certificate to unrevoke. The certificate must be revoked with a revovcation reason 'on hold' for this operation to succeed. The serial number may be expressed as a hex number by prefixing '0x' to the serialNumber string + * <li>http.param serialNumber Decimal serial number of certificate to unrevoke. The certificate must be revoked + * with a revovcation reason 'on hold' for this operation to succeed. The serial number may be expressed as a hex + * number by prefixing '0x' to the serialNumber string * </ul> * * @param cmsReq the object holding the request and response information @@ -220,8 +222,10 @@ public class DoUnrevoke extends CMSServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - "revocation") is made (before approval process) - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is changed (taken off-hold) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - + * "revocation") is made (before approval process) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is + * changed (taken off-hold) * </ul> * * @param argSet CMS template parameters diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java b/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java index 1e18c3c4..3af743a9 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/DoUnrevokeTPS.java @@ -111,7 +111,9 @@ public class DoUnrevokeTPS extends CMSServlet { /** * Process the HTTP request. * <ul> - * <li>http.param serialNumber Decimal serial number of certificate to unrevoke. The certificate must be revoked with a revovcation reason 'on hold' for this operation to succeed. The serial number may be expressed as a hex number by prefixing '0x' to the serialNumber string + * <li>http.param serialNumber Decimal serial number of certificate to unrevoke. The certificate must be revoked + * with a revovcation reason 'on hold' for this operation to succeed. The serial number may be expressed as a hex + * number by prefixing '0x' to the serialNumber string * </ul> * * @param cmsReq the object holding the request and response information @@ -229,8 +231,10 @@ public class DoUnrevokeTPS extends CMSServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - "revocation") is made (before approval process) - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is changed (taken off-hold) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST used when a cert status change request (e. g. - + * "revocation") is made (before approval process) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_STATUS_CHANGE_REQUEST_PROCESSED used when a certificate status is + * changed (taken off-hold) * </ul> * * @param serialNumbers the serial number of the certificate diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java b/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java index b95a6ff1..7b3fb2f7 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/EnrollServlet.java @@ -315,9 +315,12 @@ public class EnrollServlet extends CMSServlet { /** * Process the HTTP request. * <UL> - * <LI>If the request is coming through the admin port, it is only allowed to continue if 'admin enrollment' is enabled in the CMS.cfg file - * <LI>If the CMS.cfg parameter useThreadNaming is true, the current thread is renamed with more information about the current request ID - * <LI>The request is preprocessed, then processed further in one of the cert request processor classes: KeyGenProcessor, PKCS10Processor, CMCProcessor, CRMFProcessor + * <LI>If the request is coming through the admin port, it is only allowed to continue if 'admin enrollment' is + * enabled in the CMS.cfg file + * <LI>If the CMS.cfg parameter useThreadNaming is true, the current thread is renamed with more information about + * the current request ID + * <LI>The request is preprocessed, then processed further in one of the cert request processor classes: + * KeyGenProcessor, PKCS10Processor, CMCProcessor, CRMFProcessor * </UL> * * @param cmsReq the object holding the request and response information @@ -691,15 +694,20 @@ public class EnrollServlet extends CMSServlet { * Process X509 certificate enrollment request * <P> * - * (Certificate Request - either an "admin" cert request for an admin certificate, an "agent" cert request for "bulk enrollment", or an "EE" standard cert request) + * (Certificate Request - either an "admin" cert request for an admin certificate, an "agent" cert request for + * "bulk enrollment", or an "EE" standard cert request) * <P> * - * (Certificate Request Processed - either an automated "admin" non-profile based CA admin cert acceptance, an automated "admin" non-profile based CA admin cert rejection, an automated "EE" non-profile based cert acceptance, or an automated "EE" non-profile based cert rejection) + * (Certificate Request Processed - either an automated "admin" non-profile based CA admin cert acceptance, an + * automated "admin" non-profile based CA admin cert rejection, an automated "EE" non-profile based cert acceptance, + * or an automated "EE" non-profile based cert rejection) * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST used when a non-profile cert request is made (before approval process) - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process + * <li>signed.audit LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST used when a non-profile cert request is made + * (before approval process) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been + * through the approval process * </ul> * * @param cmsReq a certificate enrollment request diff --git a/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java b/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java index 8e2fa69f..8a818f5e 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java +++ b/pki/base/common/src/com/netscape/cms/servlet/cert/ListCerts.java @@ -192,8 +192,10 @@ public class ListCerts extends CMSServlet { * <ul> * <li>http.param maxCount Number of certificates to show * <li>http.param queryFilter and ldap style filter specifying the certificates to show - * <li>http.param querySentinelDown the serial number of the first certificate to show (default decimal, or hex if prefixed with 0x) when paging down - * <li>http.param querySentinelUp the serial number of the first certificate to show (default decimal, or hex if prefixed with 0x) when paging up + * <li>http.param querySentinelDown the serial number of the first certificate to show (default decimal, or hex if + * prefixed with 0x) when paging down + * <li>http.param querySentinelUp the serial number of the first certificate to show (default decimal, or hex if + * prefixed with 0x) when paging up * <li>http.param direction "up", "down", "begin", or "end" * </ul> */ diff --git a/pki/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java b/pki/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java index 8d1c78cd..b2c43b3f 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/connector/ConnectorServlet.java @@ -406,9 +406,12 @@ public class ConnectorServlet extends CMSServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before approval process) - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process - * <li>signed.audit LOGGING_SIGNED_AUDIT_INTER_BOUNDARY_SUCCESS used when inter-CIMC_Boundary data transfer is successful (this is used when data does not need to be captured) + * <li>signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before + * approval process) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been + * through the approval process + * <li>signed.audit LOGGING_SIGNED_AUDIT_INTER_BOUNDARY_SUCCESS used when inter-CIMC_Boundary data transfer is + * successful (this is used when data does not need to be captured) * </ul> * * @param source string containing source diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java b/pki/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java index dad21487..a40edee8 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java +++ b/pki/base/common/src/com/netscape/cms/servlet/key/GrantAsyncRecovery.java @@ -187,7 +187,8 @@ public class GrantAsyncRecovery extends CMSServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN used whenever DRM agents login as recovery agents to approve key recovery requests + * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN used whenever DRM agents login as recovery agents + * to approve key recovery requests * </ul> * * @param argSet CMS template parameters diff --git a/pki/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java b/pki/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java index a7069644..a7b256e8 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java +++ b/pki/base/common/src/com/netscape/cms/servlet/key/GrantRecovery.java @@ -193,7 +193,8 @@ public class GrantRecovery extends CMSServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN used whenever DRM agents login as recovery agents to approve key recovery requests + * <li>signed.audit LOGGING_SIGNED_AUDIT_KEY_RECOVERY_AGENT_LOGIN used whenever DRM agents login as recovery agents + * to approve key recovery requests * </ul> * * @param argSet CMS template parameters diff --git a/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java b/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java index 93936ca1..52efb145 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCAServlet.java @@ -98,9 +98,12 @@ public class AddCAServlet extends CMSServlet { /** * Process the HTTP request. * <ul> - * <li>http.param cert ca certificate. The format is base-64, DER encoded, wrapped with -----BEGIN CERTIFICATE-----, -----END CERTIFICATE----- strings - * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST used when a CA is attempted to be added to the OCSP responder - * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST_PROCESSED used when an add CA request to the OCSP Responder is processed + * <li>http.param cert ca certificate. The format is base-64, DER encoded, wrapped with -----BEGIN CERTIFICATE-----, + * -----END CERTIFICATE----- strings + * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST used when a CA is attempted to be added to the OCSP + * responder + * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_ADD_CA_REQUEST_PROCESSED used when an add CA request to the OCSP + * Responder is processed * </ul> * * @param cmsReq the object holding the request and response information diff --git a/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java b/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java index 8a3ea60b..2dec0e1f 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/ocsp/AddCRLServlet.java @@ -105,10 +105,13 @@ public class AddCRLServlet extends CMSServlet { * <P> * * <ul> - * <li>http.param crl certificate revocation list, base-64, DER encoded wrapped in -----BEGIN CERTIFICATE REVOCATION LIST-----, -----END CERTIFICATE REVOCATION LIST----- strings + * <li>http.param crl certificate revocation list, base-64, DER encoded wrapped in -----BEGIN CERTIFICATE REVOCATION + * LIST-----, -----END CERTIFICATE REVOCATION LIST----- strings * <li>http.param noui if true, use minimal hardcoded text response - * <li>signed.audit LOGGING_SIGNED_AUDIT_CRL_RETRIEVAL used when CRLs are retrieved by the OCSP Responder ("agent" or "EE") - * <li>signed.audit LOGGING_SIGNED_AUDIT_CRL_VALIDATION used when CRL is retrieved and validation process occurs ("agent" or "EE") + * <li>signed.audit LOGGING_SIGNED_AUDIT_CRL_RETRIEVAL used when CRLs are retrieved by the OCSP Responder ("agent" + * or "EE") + * <li>signed.audit LOGGING_SIGNED_AUDIT_CRL_VALIDATION used when CRL is retrieved and validation process occurs + * ("agent" or "EE") * </ul> * * @param cmsReq the object holding the request and response information diff --git a/pki/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java b/pki/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java index 60579863..8d2c5a28 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/ocsp/CheckCertServlet.java @@ -100,7 +100,8 @@ public class CheckCertServlet extends CMSServlet { /** * Process the HTTP request. * <ul> - * <li>http.param cert certificate to check. Base64, DER encoded, wrapped in -----BEGIN CERTIFICATE-----, -----END CERTIFICATE----- strings + * <li>http.param cert certificate to check. Base64, DER encoded, wrapped in -----BEGIN CERTIFICATE-----, -----END + * CERTIFICATE----- strings * </ul> * * @param cmsReq the object holding the request and response information diff --git a/pki/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java b/pki/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java index d747bd4b..ab92a7c6 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/ocsp/RemoveCAServlet.java @@ -89,8 +89,11 @@ public class RemoveCAServlet extends CMSServlet { * Process the HTTP request. * <ul> * <li>http.param ca id. The format is string. - * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST used when a CA is attempted to be removed from the OCSP responder - * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS and LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE are used when a remove CA request to the OCSP Responder is processed successfully or not. + * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST used when a CA is attempted to be removed from the + * OCSP responder + * <li>signed.audit LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_SUCCESS and + * LOGGING_SIGNED_AUDIT_OCSP_REMOVE_CA_REQUEST_PROCESSED_FAILURE are used when a remove CA request to the OCSP + * Responder is processed successfully or not. * </ul> * * @param cmsReq the object holding the request and response information diff --git a/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java b/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java index 2232bcfb..641017cc 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java +++ b/pki/base/common/src/com/netscape/cms/servlet/processors/CRMFProcessor.java @@ -90,7 +90,8 @@ public class CRMFProcessor extends PKIProcessor { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION used when proof of possession is checked during certificate enrollment + * <li>signed.audit LOGGING_SIGNED_AUDIT_PROOF_OF_POSSESSION used when proof of possession is checked during + * certificate enrollment * </ul> * * @param certReqMsg the certificate request message diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java index dafdb33d..ebd0b6c0 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileApproveServlet.java @@ -85,7 +85,8 @@ public class ProfileApproveServlet extends ProfileServlet { * * <ul> * <li>http.param profileId the id of the profile to change - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_PROFILE_APPROVAL used when an agent approves/disapproves a cert profile set by the administrator for automatic approval + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_PROFILE_APPROVAL used when an agent approves/disapproves a cert + * profile set by the administrator for automatic approval * </ul> * * @param cmsReq the object holding the request and response information diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java index ede2416e..8a8d65d9 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileProcessServlet.java @@ -551,7 +551,8 @@ public class ProfileProcessServlet extends ProfileServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been + * through the approval process * </ul> * * @param request the servlet request @@ -607,7 +608,8 @@ public class ProfileProcessServlet extends ProfileServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been + * through the approval process * </ul> * * @param request the servlet request @@ -663,7 +665,8 @@ public class ProfileProcessServlet extends ProfileServlet { * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been + * through the approval process * </ul> * * @param request the servlet request diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java index d1ee896a..04a2c55d 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitCMCServlet.java @@ -213,12 +213,14 @@ public class ProfileSubmitCMCServlet extends ProfileServlet { * Process the HTTP request * <P> * - * (Certificate Request Processed - either an automated "EE" profile based cert acceptance, or an automated "EE" profile based cert rejection) + * (Certificate Request Processed - either an automated "EE" profile based cert acceptance, or an automated "EE" + * profile based cert rejection) * <P> * * <ul> * <li>http.param profileId ID of profile to use to process request - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been + * through the approval process * </ul> * * @param cmsReq the object holding the request and response information diff --git a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java index 2899bec5..39071a53 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java +++ b/pki/base/common/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java @@ -440,12 +440,14 @@ public class ProfileSubmitServlet extends ProfileServlet { * Process the HTTP request * <P> * - * (Certificate Request Processed - either an automated "EE" profile based cert acceptance, or an automated "EE" profile based cert rejection) + * (Certificate Request Processed - either an automated "EE" profile based cert acceptance, or an automated "EE" + * profile based cert rejection) * <P> * * <ul> * <li>http.param profileId ID of profile to use to process request - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been + * through the approval process * </ul> * * @param cmsReq the object holding the request and response information diff --git a/pki/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java b/pki/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java index a6f1b068..80f900cc 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java +++ b/pki/base/common/src/com/netscape/cms/servlet/request/CheckRequest.java @@ -138,7 +138,8 @@ public class CheckRequest extends CMSServlet { * Process the HTTP request. * <ul> * <li>http.param requestId ID of the request to check - * <li>http.param format if 'id', then check the request based on the request ID parameter. If set to CMC, then use the 'queryPending' parameter. + * <li>http.param format if 'id', then check the request based on the request ID parameter. If set to CMC, then use + * the 'queryPending' parameter. * <li>http.param queryPending query formatted as a CMC request * </ul> * diff --git a/pki/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java b/pki/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java index fa92442f..d3682dbf 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java +++ b/pki/base/common/src/com/netscape/cms/servlet/request/ProcessCertReq.java @@ -368,12 +368,15 @@ public class ProcessCertReq extends CMSServlet { * (Certificate Request - an "agent" cert request for "cloning") * <P> * - * (Certificate Request Processed - either a manual "agent" non-profile based cert acceptance, a manual "agent" non-profile based cert cancellation, or a manual "agent" non-profile based cert rejection) + * (Certificate Request Processed - either a manual "agent" non-profile based cert acceptance, a manual "agent" + * non-profile based cert cancellation, or a manual "agent" non-profile based cert rejection) * <P> * * <ul> - * <li>signed.audit LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST used when a non-profile cert request is made (before approval process) - * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process + * <li>signed.audit LOGGING_SIGNED_AUDIT_NON_PROFILE_CERT_REQUEST used when a non-profile cert request is made + * (before approval process) + * <li>signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been + * through the approval process * </ul> * * @param cmsReq a certificate enrollment request diff --git a/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java b/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java index 3a12819f..3cb27046 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java +++ b/pki/base/common/src/com/netscape/cms/servlet/request/QueryReq.java @@ -210,10 +210,13 @@ public class QueryReq extends CMSServlet { /** * Process the HTTP request. * <ul> - * <li>http.param reqState request state (one of showAll, showWaiting, showInService, showCancelled, showRejected, showCompleted) + * <li>http.param reqState request state (one of showAll, showWaiting, showInService, showCancelled, showRejected, + * showCompleted) * <li>http.param reqType - * <li>http.param seqNumFromDown request ID to start at (decimal, or hex if when paging down seqNumFromDown starts with 0x) - * <li>http.param seqNumFromUp request ID to start at (decimal, or hex if when paging up seqNumFromUp starts with 0x) + * <li>http.param seqNumFromDown request ID to start at (decimal, or hex if when paging down seqNumFromDown starts + * with 0x) + * <li>http.param seqNumFromUp request ID to start at (decimal, or hex if when paging up seqNumFromUp starts with + * 0x) * <li>http.param maxCount maximum number of records to show * <li>http.param totalCount total number of records in set of pages * <li>http.param direction "up", "down", "begin", or "end" diff --git a/pki/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java b/pki/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java index 66bc508d..1a1aaa63 100644 --- a/pki/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/authorization/AuthzSubsystem.java @@ -186,7 +186,8 @@ public class AuthzSubsystem implements IAuthzSubsystem { * to be called during the init() method of a servlet. * * @param authzMgrName The authorization manager name - * @param accessInfo the access information to be initialized. currently it's acl string in the format specified in the authorization manager + * @param accessInfo the access information to be initialized. currently it's acl string in the format specified in + * the authorization manager */ public void authzMgrAccessInit(String authzMgrInstName, String accessInfo) throws EAuthzMgrNotFound, EBaseException { diff --git a/pki/base/common/src/com/netscape/cmscore/base/FileConfigStore.java b/pki/base/common/src/com/netscape/cmscore/base/FileConfigStore.java index 1278ed4f..8aac76e7 100644 --- a/pki/base/common/src/com/netscape/cmscore/base/FileConfigStore.java +++ b/pki/base/common/src/com/netscape/cmscore/base/FileConfigStore.java @@ -148,7 +148,8 @@ public class FileConfigStore extends PropConfigStore implements /** * Saves in-memory properties to a specified file. * <P> - * Note that the superclass's save is synchronized. It means no properties can be altered (inserted) at the saving time. + * Note that the superclass's save is synchronized. It means no properties can be altered (inserted) at the saving + * time. * <P> * * @param fileName filename diff --git a/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java b/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java index 9bc2a0f0..7b1c6bae 100644 --- a/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java +++ b/pki/base/common/src/com/netscape/cmscore/base/SimpleProperties.java @@ -36,10 +36,14 @@ import java.util.Hashtable; * or loaded from a stream. Each key and its corresponding value in * the property list is a string. * <p> - * A property list can contain another property list as its "defaults"; this second property list is searched if the property key is not found in the original property list. + * A property list can contain another property list as its "defaults"; this second property list is searched if the + * property key is not found in the original property list. * - * Because <code>Properties</code> inherits from <code>Hashtable</code>, the <code>put</code> and <code>putAll</code> methods can be applied to a <code>Properties</code> object. Their use is strongly discouraged as they allow the caller to insert entries whose keys or values are not <code>Strings</code>. The <code>setProperty</code> method should be used instead. If the <code>store</code> or <code>save</code> method is called on a "compromised" <code>Properties</code> object that contains a non- - * <code>String</code> key or value, the call will fail. + * Because <code>Properties</code> inherits from <code>Hashtable</code>, the <code>put</code> and <code>putAll</code> + * methods can be applied to a <code>Properties</code> object. Their use is strongly discouraged as they allow the + * caller to insert entries whose keys or values are not <code>Strings</code>. The <code>setProperty</code> method + * should be used instead. If the <code>store</code> or <code>save</code> method is called on a "compromised" + * <code>Properties</code> object that contains a non- <code>String</code> key or value, the call will fail. * */ public class SimpleProperties extends Hashtable<String, String> { @@ -95,15 +99,29 @@ public class SimpleProperties extends Hashtable<String, String> { /** * Reads a property list (key and element pairs) from the input stream. * <p> - * Every property occupies one line of the input stream. Each line is terminated by a line terminator (<code>\n</code> or <code>\r</code> or <code>\r\n</code>). Lines from the input stream are processed until end of file is reached on the input stream. + * Every property occupies one line of the input stream. Each line is terminated by a line terminator ( + * <code>\n</code> or <code>\r</code> or <code>\r\n</code>). Lines from the input stream are processed until end of + * file is reached on the input stream. * <p> - * A line that contains only whitespace or whose first non-whitespace character is an ASCII <code>#</code> or <code>!</code> is ignored (thus, <code>#</code> or <code>!</code> indicate comment lines). + * A line that contains only whitespace or whose first non-whitespace character is an ASCII <code>#</code> or + * <code>!</code> is ignored (thus, <code>#</code> or <code>!</code> indicate comment lines). * <p> - * Every line other than a blank line or a comment line describes one property to be added to the table (except that if a line ends with \, then the following line, if it exists, is treated as a continuation line, as described below). The key consists of all the characters in the line starting with the first non-whitespace character and up to, but not including, the first ASCII <code>=</code>, <code>:</code>, or whitespace character. All of the key termination characters may be included in - * the key by preceding them with a \. Any whitespace after the key is skipped; if the first non-whitespace character after the key is <code>=</code> or <code>:</code>, then it is ignored and any whitespace characters after it are also skipped. All remaining characters on the line become part of the associated element string. Within the element string, the ASCII escape sequences <code>\t</code>, <code>\n</code>, <code>\r</code>, <code>\\</code>, <code>\"</code>, <code>\'</code>, - * <code>\  </code>  (a backslash and a space), and <code>\\u</code><i>xxxx</i> are recognized and converted to single characters. Moreover, if the last character on the line is <code>\</code>, then the next line is treated as a continuation of the current line; the <code>\</code> and line terminator are simply discarded, and any leading whitespace characters on the continuation line are also discarded and are not part of the element string. + * Every line other than a blank line or a comment line describes one property to be added to the table (except that + * if a line ends with \, then the following line, if it exists, is treated as a continuation line, as described + * below). The key consists of all the characters in the line starting with the first non-whitespace character and + * up to, but not including, the first ASCII <code>=</code>, <code>:</code>, or whitespace character. All of the key + * termination characters may be included in the key by preceding them with a \. Any whitespace after the key is + * skipped; if the first non-whitespace character after the key is <code>=</code> or <code>:</code>, then it is + * ignored and any whitespace characters after it are also skipped. All remaining characters on the line become part + * of the associated element string. Within the element string, the ASCII escape sequences <code>\t</code>, + * <code>\n</code>, <code>\r</code>, <code>\\</code>, <code>\"</code>, <code>\'</code>, <code>\  </code>  (a + * backslash and a space), and <code>\\u</code><i>xxxx</i> are recognized and converted to single characters. + * Moreover, if the last character on the line is <code>\</code>, then the next line is treated as a continuation of + * the current line; the <code>\</code> and line terminator are simply discarded, and any leading whitespace + * characters on the continuation line are also discarded and are not part of the element string. * <p> - * As an example, each of the following four lines specifies the key <code>"Truth"</code> and the associated element value <code>"Beauty"</code>: + * As an example, each of the following four lines specifies the key <code>"Truth"</code> and the associated element + * value <code>"Beauty"</code>: * <p> * * <pre> @@ -128,7 +146,9 @@ public class SimpleProperties extends Hashtable<String, String> { * "apple, banana, pear, cantaloupe, watermelon,kiwi, mango" * </pre> * - * Note that a space appears before each <code>\</code> so that a space will appear after each comma in the final result; the <code>\</code>, line terminator, and leading whitespace on the continuation line are merely discarded and are <i>not</i> replaced by one or more other characters. + * Note that a space appears before each <code>\</code> so that a space will appear after each comma in the final + * result; the <code>\</code>, line terminator, and leading whitespace on the continuation line are merely discarded + * and are <i>not</i> replaced by one or more other characters. * <p> * As a third example, the line: * <p> @@ -261,19 +281,33 @@ public class SimpleProperties extends Hashtable<String, String> { } /** - * Writes this property list (key and element pairs) in this <code>Properties</code> table to the output stream in a format suitable + * Writes this property list (key and element pairs) in this <code>Properties</code> table to the output stream in a + * format suitable * for loading into a <code>Properties</code> table using the <code>load</code> method. * <p> - * Properties from the defaults table of this <code>Properties</code> table (if any) are <i>not</i> written out by this method. + * Properties from the defaults table of this <code>Properties</code> table (if any) are <i>not</i> written out by + * this method. * <p> - * If the header argument is not null, then an ASCII <code>#</code> character, the header string, and a line separator are first written to the output stream. Thus, the <code>header</code> can serve as an identifying comment. + * If the header argument is not null, then an ASCII <code>#</code> character, the header string, and a line + * separator are first written to the output stream. Thus, the <code>header</code> can serve as an identifying + * comment. * <p> - * Next, a comment line is always written, consisting of an ASCII <code>#</code> character, the current date and time (as if produced by the <code>toString</code> method of <code>Date</code> for the current time), and a line separator as generated by the Writer. + * Next, a comment line is always written, consisting of an ASCII <code>#</code> character, the current date and + * time (as if produced by the <code>toString</code> method of <code>Date</code> for the current time), and a line + * separator as generated by the Writer. * <p> - * Then every entry in this <code>Properties</code> table is written out, one per line. For each entry the key string is written, then an ASCII <code>=</code>, then the associated element string. Each character of the element string is examined to see whether it should be rendered as an escape sequence. The ASCII characters <code>\</code>, tab, newline, and carriage return are written as <code>\\</code>, <code>\t</code>, <code>\n</code>, and <code>\r</code>, respectively. Characters less - * than <code>\u0020</code> and characters greater than <code>\u007E</code> are written as <code>\\u</code><i>xxxx</i> for the appropriate hexadecimal value <i>xxxx</i>. Space characters, but not embedded or trailing space characters, are written with a preceding <code>\</code>. The key and value characters <code>#</code>, <code>!</code>, <code>=</code>, and <code>:</code> are written with a preceding slash to ensure that they are properly loaded. + * Then every entry in this <code>Properties</code> table is written out, one per line. For each entry the key + * string is written, then an ASCII <code>=</code>, then the associated element string. Each character of the + * element string is examined to see whether it should be rendered as an escape sequence. The ASCII characters + * <code>\</code>, tab, newline, and carriage return are written as <code>\\</code>, <code>\t</code>, + * <code>\n</code>, and <code>\r</code>, respectively. Characters less than <code>\u0020</code> and characters + * greater than <code>\u007E</code> are written as <code>\\u</code><i>xxxx</i> for the appropriate hexadecimal value + * <i>xxxx</i>. Space characters, but not embedded or trailing space characters, are written with a preceding + * <code>\</code>. The key and value characters <code>#</code>, <code>!</code>, <code>=</code>, and <code>:</code> + * are written with a preceding slash to ensure that they are properly loaded. * <p> - * After the entries have been written, the output stream is flushed. The output stream remains open after this method returns. + * After the entries have been written, the output stream is flushed. The output stream remains open after this + * method returns. * * @param out an output stream. * @param header a description of the property list. @@ -307,7 +341,8 @@ public class SimpleProperties extends Hashtable<String, String> { /** * Searches for the property with the specified key in this property list. * If the key is not found in this property list, the default property list, - * and its defaults, recursively, are then checked. The method returns <code>null</code> if the property is not found. + * and its defaults, recursively, are then checked. The method returns <code>null</code> if the property is not + * found. * * @param key the property key. * @return the value in this property list with the specified key value. diff --git a/pki/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java b/pki/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java index b5e89d5d..bbf75713 100644 --- a/pki/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/cert/OidLoaderSubsystem.java @@ -119,7 +119,8 @@ public class OidLoaderSubsystem implements ISubsystem { * subsystem specified in the configuration * store. * <P> - * Note that individual subsystem should be initialized in a separated thread if it has dependency on the initialization of other subsystems. + * Note that individual subsystem should be initialized in a separated thread if it has dependency on the + * initialization of other subsystems. * <P> * * @param owner owner of this subsystem diff --git a/pki/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java b/pki/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java index f85d9016..4f6d6c63 100644 --- a/pki/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/cert/X500NameSubsystem.java @@ -106,7 +106,8 @@ public class X500NameSubsystem implements ISubsystem { * X500Name.attr.attribute-name.class=value converter class * </pre> * - * The value converter class converts a string to a ASN.1 value. It must implement netscape.security.x509.AVAValueConverter interface. Converter classes provided in CMS are: + * The value converter class converts a string to a ASN.1 value. It must implement + * netscape.security.x509.AVAValueConverter interface. Converter classes provided in CMS are: * * <pre> * netscape.security.x509.PrintableConverter - diff --git a/pki/base/common/src/com/netscape/cmscore/jobs/CronItem.java b/pki/base/common/src/com/netscape/cmscore/jobs/CronItem.java index a4ed727d..91574c6c 100644 --- a/pki/base/common/src/com/netscape/cmscore/jobs/CronItem.java +++ b/pki/base/common/src/com/netscape/cmscore/jobs/CronItem.java @@ -27,7 +27,8 @@ import com.netscape.certsrv.logging.ILogger; /** * class representing one Job cron item * <p> - * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in an "item"...which includes both numbers and '-' separated ranges. + * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in + * an "item"...which includes both numbers and '-' separated ranges. * <p> * for each of the 5 cron fields, it's represented as a CronItem * diff --git a/pki/base/common/src/com/netscape/cmscore/jobs/CronRange.java b/pki/base/common/src/com/netscape/cmscore/jobs/CronRange.java index 99696b82..af5ae2a5 100644 --- a/pki/base/common/src/com/netscape/cmscore/jobs/CronRange.java +++ b/pki/base/common/src/com/netscape/cmscore/jobs/CronRange.java @@ -20,9 +20,11 @@ package com.netscape.cmscore.jobs; /** * class representing one Job cron element * <p> - * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in an "item"...which includes both numbers and '-' separated ranges. + * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in + * an "item"...which includes both numbers and '-' separated ranges. * <p> - * an Element can contain either an integer number or a range specified as CronRange. In case of integer numbers, begin and end are of the same value + * an Element can contain either an integer number or a range specified as CronRange. In case of integer numbers, begin + * and end are of the same value * * @author cfu * @version $Revision$, $Date$ diff --git a/pki/base/common/src/com/netscape/cmscore/jobs/JobCron.java b/pki/base/common/src/com/netscape/cmscore/jobs/JobCron.java index f3f3ff95..164c1250 100644 --- a/pki/base/common/src/com/netscape/cmscore/jobs/JobCron.java +++ b/pki/base/common/src/com/netscape/cmscore/jobs/JobCron.java @@ -30,9 +30,13 @@ import com.netscape.certsrv.logging.ILogger; /** * class representing one Job cron information * <p> - * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in an "item"...which includes both numbers and '-' separated ranges. A cron string in the configuration takes the following format: <i>minute (0-59), hour (0-23), day of the month (1-31), month of the year (1-12), day of the week (0-6 with 0=Sunday)</i> + * here, an "item" refers to one of the 5 fields in a cron string; "element" refers to any comma-deliminated element in + * an "item"...which includes both numbers and '-' separated ranges. A cron string in the configuration takes the + * following format: <i>minute (0-59), hour (0-23), day of the month (1-31), month of the year (1-12), day of the week + * (0-6 with 0=Sunday)</i> * <p> - * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5 In this example, the job "rnJob1" will be executed from Monday through Friday, at 11:30am and 11:30pm. + * e.g. jobsScheduler.job.rnJob1.cron=30 11,23 * * 1-5 In this example, the job "rnJob1" will be executed from Monday + * through Friday, at 11:30am and 11:30pm. * <p> * * @author cfu diff --git a/pki/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java b/pki/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java index 38ec4a79..654f3e49 100644 --- a/pki/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java +++ b/pki/base/common/src/com/netscape/cmscore/jobs/JobsScheduler.java @@ -41,8 +41,12 @@ import com.netscape.cmscore.util.Debug; * if there is any job to be done, if so, a thread is created to execute * the job(s). * <p> - * The interval <b>jobsScheduler.interval</b> in the configuration is specified as number of minutes. If not set, the default is 1 minute. Note that the cron specification for each job CAN NOT be finer than the granularity of the Scheduler daemon interval. For example, if the daemon interval is set to 5 minute, a job cron for every minute at 7am on each Tuesday (e.g. * 7 * * 2) will result in the execution of the job thread only once every 5 minutes during that hour. <b>The inteval value is - * recommended at 1 minute, setting it otherwise has the potential of forever missing the beat</b>. Use with caution. + * The interval <b>jobsScheduler.interval</b> in the configuration is specified as number of minutes. If not set, the + * default is 1 minute. Note that the cron specification for each job CAN NOT be finer than the granularity of the + * Scheduler daemon interval. For example, if the daemon interval is set to 5 minute, a job cron for every minute at 7am + * on each Tuesday (e.g. * 7 * * 2) will result in the execution of the job thread only once every 5 minutes during that + * hour. <b>The inteval value is recommended at 1 minute, setting it otherwise has the potential of forever missing the + * beat</b>. Use with caution. * * @author cfu * @see JobCron @@ -86,7 +90,9 @@ public class JobsScheduler implements Runnable, IJobsScheduler { * read from the config file all implementations of Jobs, * register and initialize them * <p> - * the config params have the following formats: jobScheduler.impl.[implementation name].class=[package name] jobScheduler.job.[job name].pluginName=[implementation name] jobScheduler.job.[job name].cron=[crontab format] jobScheduler.job.[job name].[any job specific params]=[values] + * the config params have the following formats: jobScheduler.impl.[implementation name].class=[package name] + * jobScheduler.job.[job name].pluginName=[implementation name] jobScheduler.job.[job name].cron=[crontab format] + * jobScheduler.job.[job name].[any job specific params]=[values] * * @param config jobsScheduler configStore */ diff --git a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java index 57f5a76c..580658ea 100644 --- a/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java +++ b/pki/base/common/src/com/netscape/cmscore/ldap/LdapPredicateParser.java @@ -213,7 +213,8 @@ public class LdapPredicateParser { * catch (Exception e){e.printStackTrace();} * String[] array = { "ou == people AND certtype == client", * "ou == servergroup AND certtype == server", - * "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com", + * "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com" + * , * }; * for (int i = 0; i < array.length; i++) * { diff --git a/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java b/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java index 2423773a..c9cc2599 100644 --- a/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java +++ b/pki/base/common/src/com/netscape/cmscore/policy/GenericPolicyProcessor.java @@ -1308,7 +1308,8 @@ public class GenericPolicyProcessor implements IPolicyProcessor { * * <subsystemId>.Policy.undeletablePolicies=<comma separated rule names> * Example: - * ra.Policy.undeletablePolicies=DirAuthRule, DefaultUserNameRule, DefaultServerNameRule, DefaultValidityRule, DefaultRenewalValidityRule + * ra.Policy.undeletablePolicies=DirAuthRule, DefaultUserNameRule, DefaultServerNameRule, DefaultValidityRule, + * DefaultRenewalValidityRule * * The predicates if any associated with them may be configured as * follows: @@ -1336,7 +1337,8 @@ public class GenericPolicyProcessor implements IPolicyProcessor { * We do n't need to burn in DirAuthRule. We need to configure all * other rules except the DirAuthRule as follows: * - * ra.Policy.undeletablePolicies = DefaultUserNameRule, DefaultServerNameRule, DefaultValidityRule, DefaultRenewalValidityRule + * ra.Policy.undeletablePolicies = DefaultUserNameRule, DefaultServerNameRule, DefaultValidityRule, + * DefaultRenewalValidityRule * * The following predicates are necessary: * diff --git a/pki/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java b/pki/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java index af69e6a8..ebdeba4c 100644 --- a/pki/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java +++ b/pki/base/common/src/com/netscape/cmscore/policy/PolicyPredicateParser.java @@ -213,7 +213,8 @@ public class PolicyPredicateParser { * catch (Exception e){e.printStackTrace();} * String[] array = { "ou == people AND certtype == client", * "ou == servergroup AND certtype == server", - * "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com", + * "uid == jdoes, ou==people, o==airius.com OR ou == people AND certType == client OR certType == server AND cn == needles.mcom.com" + * , * }; * for (int i = 0; i < array.length; i++) * { diff --git a/pki/base/common/src/com/netscape/cmscore/request/ARequestQueue.java b/pki/base/common/src/com/netscape/cmscore/request/ARequestQueue.java index 32cadfbe..905b279f 100644 --- a/pki/base/common/src/com/netscape/cmscore/request/ARequestQueue.java +++ b/pki/base/common/src/com/netscape/cmscore/request/ARequestQueue.java @@ -69,9 +69,11 @@ import com.netscape.certsrv.request.RequestStatus; * <p> * !Put state machine description here! * <p> - * This class defines several abstract protected functions that need to be defined by the concrete implementation. In particular, this class does not implement the operations for storing requests persistantly. + * This class defines several abstract protected functions that need to be defined by the concrete implementation. In + * particular, this class does not implement the operations for storing requests persistantly. * <p> - * This class also provides several accessor functions for setting fields in the IRequest object. These functions are provided as an aid to saving and restoring the state in the database. + * This class also provides several accessor functions for setting fields in the IRequest object. These functions are + * provided as an aid to saving and restoring the state in the database. * <p> * This class also implements the locking operations specified by the IRequestQueue interface. * <p> @@ -90,7 +92,8 @@ public abstract class ARequestQueue /** * Create a new (unique) RequestId. (abstract) * <p> - * This method must be implemented by the specialized class to generate a new id from data in the persistant store. This id is used to create a new request object. + * This method must be implemented by the specialized class to generate a new id from data in the persistant store. + * This id is used to create a new request object. * <p> * * @return @@ -107,7 +110,8 @@ public abstract class ARequestQueue * <p> * This function is called to create the in-memory version of a request object. * <p> - * The implementation of this object can use the createRequest member function to create a new instance of an IRequest, and use the setRequestStatus, setCreationTime and setModificationTime functions to set those values. + * The implementation of this object can use the createRequest member function to create a new instance of an + * IRequest, and use the setRequestStatus, setCreationTime and setModificationTime functions to set those values. * <p> * * @param id @@ -155,7 +159,9 @@ public abstract class ARequestQueue * Get complete list of RequestId values found i this * queue. * <p> - * This method can form the basis for creating other types of search/list operations (although there are probably more efficient ways of doing this. ARequestQueue implements default versions of some of the searching by using this method as a basis. + * This method can form the basis for creating other types of search/list operations (although there are probably + * more efficient ways of doing this. ARequestQueue implements default versions of some of the searching by using + * this method as a basis. * <p> * TODO: return IRequestList -or- just use listRequests as the basic engine. * <p> @@ -501,7 +507,8 @@ public abstract class ARequestQueue /** * Implements IRequestQueue.listRequests * <p> - * Should be overridden by the specialized class if a more efficient method is available for implementing this operation. + * Should be overridden by the specialized class if a more efficient method is available for implementing this + * operation. * <P> * * @see IRequestQueue#listRequests @@ -513,7 +520,8 @@ public abstract class ARequestQueue /** * Implements IRequestQueue.listRequestsByStatus * <p> - * Should be overridden by the specialized class if a more efficient method is available for implementing this operation. + * Should be overridden by the specialized class if a more efficient method is available for implementing this + * operation. * <P> * * @see IRequestQueue#listRequestsByStatus diff --git a/pki/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java b/pki/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java index ee625594..862ddaa6 100644 --- a/pki/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/request/RequestSubsystem.java @@ -36,7 +36,8 @@ import com.netscape.cmscore.dbs.DBSubsystem; * <p> * This class is reponsible for managing storage of request objects in the local database. * <p> - * TODO: review this It provides: + registration of LDAP/JAVA mapping classes with the DBSubsystem + creation of RequestQueue storage in the database + retrieval of existing RequestQueue objects from the database + * TODO: review this It provides: + registration of LDAP/JAVA mapping classes with the DBSubsystem + creation of + * RequestQueue storage in the database + retrieval of existing RequestQueue objects from the database * <p> * * @author thayes diff --git a/pki/base/common/src/com/netscape/cmscore/util/ProfileSubsystem.java b/pki/base/common/src/com/netscape/cmscore/util/ProfileSubsystem.java index 614cc524..3ee2d3ab 100644 --- a/pki/base/common/src/com/netscape/cmscore/util/ProfileSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/util/ProfileSubsystem.java @@ -87,7 +87,8 @@ public class ProfileSubsystem extends Frame implements ISubsystem, Runnable { * subsystem specified in the configuration * store. * <P> - * Note that individual subsystem should be initialized in a separated thread if it has dependency on the initialization of other subsystems. + * Note that individual subsystem should be initialized in a separated thread if it has dependency on the + * initialization of other subsystems. * <P> * * @param owner owner of this subsystem diff --git a/pki/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java b/pki/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java index aabd8172..57eb53f2 100644 --- a/pki/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java +++ b/pki/base/common/src/com/netscape/cmscore/util/StatsSubsystem.java @@ -69,7 +69,8 @@ public class StatsSubsystem implements IStatsSubsystem { * subsystem specified in the configuration * store. * <P> - * Note that individual subsystem should be initialized in a separated thread if it has dependency on the initialization of other subsystems. + * Note that individual subsystem should be initialized in a separated thread if it has dependency on the + * initialization of other subsystems. * <P> * * @param owner owner of this subsystem |