// --- BEGIN COPYRIGHT BLOCK ---
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; version 2 of the License.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License along
// with this program; if not, write to the Free Software Foundation, Inc.,
// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
//
// (C) 2007 Red Hat, Inc.
// All rights reserved.
// --- END COPYRIGHT BLOCK ---
package com.netscape.cms.servlet.admin;
import java.io.File;
import java.io.IOException;
import java.net.UnknownHostException;
import java.util.Enumeration;
import java.util.Locale;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.netscape.certsrv.apps.CMS;
import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.IConfigStore;
import com.netscape.certsrv.base.IExtendedPluginInfo;
import com.netscape.certsrv.base.ISubsystem;
import com.netscape.certsrv.ca.ICMSCRLExtensions;
import com.netscape.certsrv.ca.ICRLIssuingPoint;
import com.netscape.certsrv.ca.ICertificateAuthority;
import com.netscape.certsrv.common.Constants;
import com.netscape.certsrv.common.NameValuePairs;
import com.netscape.certsrv.common.OpDef;
import com.netscape.certsrv.common.ScopeDef;
import com.netscape.certsrv.logging.ILogger;
import com.netscape.certsrv.request.IRequestListener;
import com.netscape.cmsutil.util.Utils;
/**
* A class representings an administration servlet for Certificate
* Authority. This servlet is responsible to serve CA
* administrative operations such as configuration parameter
* updates.
*
* @version $Revision$, $Date$
*/
public class CAAdminServlet extends AdminServlet {
/**
*
*/
private static final long serialVersionUID = 6200983242040946840L;
public final static String PROP_EMAIL_TEMPLATE = "emailTemplate";
private final static String INFO = "CAAdminServlet";
private final static String LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE =
"LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE_3";
private ICertificateAuthority mCA = null;
protected static final String PROP_ENABLED = "enabled";
/**
* Constructs CA servlet.
*/
public CAAdminServlet() {
super();
}
/**
* Initializes this servlet.
*/
public void init(ServletConfig config) throws ServletException {
super.init(config);
mCA = (ICertificateAuthority) CMS.getSubsystem(CMS.SUBSYSTEM_CA);
}
/**
* Returns serlvet information.
*/
public String getServletInfo() {
return INFO;
}
/**
* Serves HTTP request. Each request is authenticated to
* the authenticate manager.
*/
public void service(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
super.service(req, resp);
//get all operational flags
String op = req.getParameter(Constants.OP_TYPE);
String scope = req.getParameter(Constants.OP_SCOPE);
//check operational flags
if ((op == null) || (scope == null)) {
sendResponse(1, "Invalid Protocol", null, resp);
return;
}
super.authenticate(req);
try {
AUTHZ_RES_NAME = "certServer.ca.configuration";
if (scope.equals(ScopeDef.SC_EXTENDED_PLUGIN_INFO)) {
try {
mOp = "read";
if ((mToken = super.authorize(req)) == null) {
sendResponse(ERROR,
CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"),
null, resp);
return;
}
getExtendedPluginInfo(req, resp);
return;
} catch (EBaseException e) {
sendResponse(ERROR, e.toString(getLocale(req)), null, resp);
}
}
if (op.equals(OpDef.OP_READ)) {
mOp = "read";
if ((mToken = super.authorize(req)) == null) {
sendResponse(ERROR,
CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"),
null, resp);
return;
}
if (scope.equals(ScopeDef.SC_GENERAL))
getGeneralConfig(req, resp);
else if (scope.equals(ScopeDef.SC_CONNECTOR))
getConnectorConfig(req, resp);
else if (scope.equals(ScopeDef.SC_CRLIPS))
getCRLIPsConfig(req, resp);
else if (scope.equals(ScopeDef.SC_CRL))
getCRLConfig(req, resp);
else if (scope.equals(ScopeDef.SC_NOTIFICATION_REQ_COMP))
getNotificationReqCompConfig(req, resp);
else if (scope.equals(ScopeDef.SC_NOTIFICATION_REV_COMP))
getNotificationRevCompConfig(req, resp);
else if (scope.equals(ScopeDef.SC_NOTIFICATION_RIQ))
getNotificationRIQConfig(req, resp);
else if (scope.equals(ScopeDef.SC_CRLEXTS_RULES))
getCRLExtsConfig(req, resp);
} else if (op.equals(OpDef.OP_MODIFY)) {
mOp = "modify";
if ((mToken = super.authorize(req)) == null) {
sendResponse(ERROR,
CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"),
null, resp);
return;
}
if (scope.equals(ScopeDef.SC_GENERAL))
setGeneralConfig(req, resp);
else if (scope.equals(ScopeDef.SC_CONNECTOR))
setConnectorConfig(req, resp);
else if (scope.equals(ScopeDef.SC_CRLIPS))
setCRLIPsConfig(req, resp);
else if (scope.equals(ScopeDef.SC_CRL))
setCRLConfig(req, resp);
else if (scope.equals(ScopeDef.SC_NOTIFICATION_REQ_COMP))
setNotificationReqCompConfig(req, resp);
else if (scope.equals(ScopeDef.SC_NOTIFICATION_REV_COMP))
setNotificationRevCompConfig(req, resp);
else if (scope.equals(ScopeDef.SC_NOTIFICATION_RIQ))
setNotificationRIQConfig(req, resp);
else if (scope.equals(ScopeDef.SC_CRLEXTS_RULES))
setCRLExtsConfig(req, resp);
} else if (op.equals(OpDef.OP_SEARCH)) {
mOp = "read";
if ((mToken = super.authorize(req)) == null) {
sendResponse(ERROR,
CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"),
null, resp);
return;
}
if (scope.equals(ScopeDef.SC_CRLEXTS_RULES))
listCRLExtsConfig(req, resp);
else if (scope.equals(ScopeDef.SC_CRLIPS))
listCRLIPsConfig(req, resp);
} else if (op.equals(OpDef.OP_ADD)) {
mOp = "modify";
if ((mToken = super.authorize(req)) == null) {
sendResponse(ERROR,
CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"),
null, resp);
return;
}
if (scope.equals(ScopeDef.SC_CRLIPS))
addCRLIPsConfig(req, resp);
} else if (op.equals(OpDef.OP_DELETE)) {
mOp = "modify";
if ((mToken = super.authorize(req)) == null) {
sendResponse(ERROR,
CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_AUTHZ_FAILED"),
null, resp);
return;
}
if (scope.equals(ScopeDef.SC_CRLIPS))
deleteCRLIPsConfig(req, resp);
} else {
sendResponse(1, "Unknown operation", null, resp);
}
} catch (Exception e) {
sendResponse(1, e.toString(), null, resp);
return;
}
}
/*==========================================================
* private methods
*==========================================================*/
/*
* handle request completion (cert issued) notification config requests
*/
private void getNotificationCompConfig(HttpServletRequest req,
HttpServletResponse resp, IConfigStore rc) throws ServletException,
IOException, EBaseException {
NameValuePairs params = new NameValuePairs();
Enumeration e = req.getParameterNames();
while (e.hasMoreElements()) {
String name = (String) e.nextElement();
if (name.equals(Constants.OP_TYPE))
continue;
if (name.equals(Constants.RS_ID))
continue;
if (name.equals(Constants.OP_SCOPE))
continue;
if (name.equals(Constants.PR_ENABLE))
continue;
params.add(name, rc.getString(name, ""));
}
params.add(Constants.PR_ENABLE,
rc.getString(PROP_ENABLED, Constants.FALSE));
sendResponse(SUCCESS, null, params, resp);
}
private void getNotificationRevCompConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
IConfigStore config = mCA.getConfigStore();
IConfigStore nc =
config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE);
IConfigStore rc = nc.getSubStore(ICertificateAuthority.PROP_CERT_REVOKED_SUBSTORE);
getNotificationCompConfig(req, resp, rc);
}
private void getNotificationReqCompConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
IConfigStore config = mCA.getConfigStore();
IConfigStore nc =
config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE);
IConfigStore rc = nc.getSubStore(ICertificateAuthority.PROP_CERT_ISSUED_SUBSTORE);
getNotificationCompConfig(req, resp, rc);
}
/*
* handle getting request in queue notification config info
*/
private void getNotificationRIQConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
NameValuePairs params = new NameValuePairs();
IConfigStore config = mCA.getConfigStore();
IConfigStore nc =
config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE);
IConfigStore riq = nc.getSubStore(ICertificateAuthority.PROP_REQ_IN_Q_SUBSTORE);
Enumeration e = req.getParameterNames();
while (e.hasMoreElements()) {
String name = (String) e.nextElement();
if (name.equals(Constants.OP_TYPE))
continue;
if (name.equals(Constants.RS_ID))
continue;
if (name.equals(Constants.OP_SCOPE))
continue;
if (name.equals(Constants.PR_ENABLE))
continue;
params.add(name, riq.getString(name, ""));
}
params.add(Constants.PR_ENABLE,
riq.getString(PROP_ENABLED, Constants.FALSE));
sendResponse(SUCCESS, null, params, resp);
}
/*
* handle setting request in queue notification config info
*/
private void setNotificationRIQConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
IConfigStore config = mCA.getConfigStore();
IConfigStore nc =
config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE);
IConfigStore riq = nc.getSubStore(ICertificateAuthority.PROP_REQ_IN_Q_SUBSTORE);
//set rest of the parameters
Enumeration e = req.getParameterNames();
while (e.hasMoreElements()) {
String name = (String) e.nextElement();
if (name.equals(Constants.OP_TYPE))
continue;
if (name.equals(Constants.RS_ID))
continue;
if (name.equals(Constants.OP_SCOPE))
continue;
if (name.equals(Constants.PR_ENABLE))
continue;
String val = req.getParameter(name);
// if it's emailTemplate, check to see if the path exists
if (name.equalsIgnoreCase(PROP_EMAIL_TEMPLATE)) {
File template = new File(val);
if ((!template.exists()) || (!template.canRead())
|| (template.isDirectory())) {
String error =
"Template: " + val + " does not exist or invalid";
log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_INVALID_PATH"));
sendResponse(ERROR,
CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PATH"),
null, resp);
return;
}
}
riq.putString(name, val);
mCA.getRequestInQListener().set(name, val);
}
// set enable flag
String enabledString = req.getParameter(Constants.PR_ENABLE);
riq.putString(PROP_ENABLED, enabledString);
mCA.getRequestInQListener().set(PROP_ENABLED, enabledString);
commit(true);
sendResponse(SUCCESS, null, null, resp);
}
/*
* handle setting request complete notification config info
*/
private void setNotificationCompConfig(HttpServletRequest req,
HttpServletResponse resp, IConfigStore rc, IRequestListener thisListener) throws ServletException,
IOException, EBaseException {
//set rest of the parameters
Enumeration e = req.getParameterNames();
while (e.hasMoreElements()) {
String name = (String) e.nextElement();
if (name.equals(Constants.OP_TYPE))
continue;
if (name.equals(Constants.RS_ID))
continue;
if (name.equals(Constants.OP_SCOPE))
continue;
if (name.equals(Constants.PR_ENABLE))
continue;
String val = req.getParameter(name);
// if it's emailTemplate, check to see if the path exists
if (name.equalsIgnoreCase(PROP_EMAIL_TEMPLATE)) {
File template = new File(val);
if ((!template.exists()) || (!template.canRead())
|| (template.isDirectory())) {
String error =
"Template: " + val + " does not exist or invalid";
log(ILogger.LL_FAILURE, CMS.getLogMessage("ADMIN_SRVLT_INVALID_PATH"));
sendResponse(ERROR,
CMS.getUserMessage(getLocale(req), "CMS_ADMIN_SRVLT_INVALID_PATH"),
null, resp);
return;
}
}
rc.putString(name, val);
thisListener.set(name, val);
}
// set enable flag
String enabledString = req.getParameter(Constants.PR_ENABLE);
rc.putString(PROP_ENABLED, enabledString);
thisListener.set(PROP_ENABLED, enabledString);
commit(true);
sendResponse(SUCCESS, null, null, resp);
}
private void setNotificationRevCompConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
IConfigStore config = mCA.getConfigStore();
IConfigStore nc =
config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE);
IConfigStore rc = nc.getSubStore(ICertificateAuthority.PROP_CERT_REVOKED_SUBSTORE);
setNotificationCompConfig(req, resp, rc, mCA.getCertRevokedListener());
}
private void setNotificationReqCompConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
IConfigStore config = mCA.getConfigStore();
IConfigStore nc =
config.getSubStore(ICertificateAuthority.PROP_NOTIFY_SUBSTORE);
IConfigStore rc = nc.getSubStore(ICertificateAuthority.PROP_CERT_ISSUED_SUBSTORE);
setNotificationCompConfig(req, resp, rc, mCA.getCertIssuedListener());
}
private void listCRLIPsConfig(HttpServletRequest req,
HttpServletResponse resp)
throws ServletException, IOException, EBaseException {
NameValuePairs params = new NameValuePairs();
Enumeration ips = mCA.getCRLIssuingPoints();
while (ips.hasMoreElements()) {
ICRLIssuingPoint ip = (ICRLIssuingPoint) ips.nextElement();
if (ip != null) {
String ipId = ip.getId();
if (ipId != null && ipId.length() > 0)
params.add(ipId, ip.getDescription());
params.add(ipId + "." + Constants.PR_ENABLED,
(Boolean.valueOf(ip.isCRLIssuingPointEnabled())).toString());
}
}
sendResponse(SUCCESS, null, params, resp);
}
private void getCRLIPsConfig(HttpServletRequest req,
HttpServletResponse resp)
throws ServletException, IOException, EBaseException {
NameValuePairs params = new NameValuePairs();
String id = req.getParameter(Constants.RS_ID);
if (id != null && id.length() > 0) {
ICRLIssuingPoint ip = mCA.getCRLIssuingPoint(id);
if (ip != null) {
Enumeration e = req.getParameterNames();
String value = "";
while (e.hasMoreElements()) {
String name = (String) e.nextElement();
if (name.equals(Constants.PR_ENABLED)) {
if (ip.isCRLIssuingPointEnabled()) {
value = Constants.TRUE;
} else {
value = Constants.FALSE;
}
}
if (name.equals(Constants.PR_ID))
value = id;
if (name.equals(Constants.PR_DESCRIPTION))
value = ip.getDescription();
if (name.equals(Constants.PR_CLASS))
value = ip.getClass().getName();
params.add(name, value);
}
}
}
sendResponse(SUCCESS, null, params, resp);
}
/**
* Add CRL issuing points configuration
*
*
*
* - signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when
* configuring CRL profile (extensions, frequency, CRL format)
*
* @param req HTTP servlet request
* @param resp HTTP servlet response
* @exception ServletException a servlet error has occurred
* @exception IOException an input/output error has occurred
* @exception EBaseException an error has occurred
*/
private void addCRLIPsConfig(HttpServletRequest req,
HttpServletResponse resp)
throws ServletException, IOException, EBaseException {
String auditMessage = null;
String auditSubjectID = auditSubjectID();
// ensure that any low-level exceptions are reported
// to the signed audit log and stored as failures
try {
NameValuePairs params = new NameValuePairs();
String ipId = req.getParameter(Constants.PR_ID);
if (ipId == null || ipId.length() == 0) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
sendResponse(ERROR, "Missing CRL IP name", null, resp);
return;
}
params.add(Constants.PR_ID, ipId);
String desc = req.getParameter(Constants.PR_DESCRIPTION);
if (desc == null) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
sendResponse(ERROR, "Missing CRL IP description", null, resp);
return;
}
params.add(Constants.PR_DESCRIPTION, desc);
String sEnable = req.getParameter(Constants.PR_ENABLED);
boolean enable = true;
if (sEnable != null && sEnable.length() > 0 &&
sEnable.equalsIgnoreCase(Constants.FALSE)) {
enable = false;
params.add(Constants.PR_ENABLED, Constants.FALSE);
} else {
params.add(Constants.PR_ENABLED, Constants.TRUE);
}
IConfigStore crlSubStore =
mCA.getConfigStore().getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE);
Enumeration crlNames = crlSubStore.getSubStoreNames();
while (crlNames.hasMoreElements()) {
String name = (String) crlNames.nextElement();
if (ipId.equals(name)) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
sendResponse(ERROR, ipId + " CRL IP already exists", null, resp);
return;
}
}
if (!mCA.addCRLIssuingPoint(crlSubStore, ipId, enable, desc)) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
sendResponse(ERROR, "Cannot add or edit CRL IP", null, resp);
return;
}
commit(true);
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.SUCCESS,
auditParams(req));
audit(auditMessage);
sendResponse(SUCCESS, null, params, resp);
} catch (EBaseException eAudit1) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
// rethrow the specific exception to be handled later
throw eAudit1;
} catch (IOException eAudit2) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
// rethrow the specific exception to be handled later
throw eAudit2;
// } catch( ServletException eAudit3 ) {
// // store a message in the signed audit log file
// auditMessage = CMS.getLogMessage(
// LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
// auditSubjectID,
// ILogger.FAILURE,
// auditParams( req ) );
//
// audit( auditMessage );
//
// // rethrow the specific exception to be handled later
// throw eAudit3;
}
}
/**
* Set CRL issuing points configuration
*
*
*
* - signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when
* configuring CRL profile (extensions, frequency, CRL format)
*
* @param req HTTP servlet request
* @param resp HTTP servlet response
* @exception ServletException a servlet error has occurred
* @exception IOException an input/output error has occurred
* @exception EBaseException an error has occurred
*/
private void setCRLIPsConfig(HttpServletRequest req,
HttpServletResponse resp)
throws ServletException, IOException, EBaseException {
String auditMessage = null;
String auditSubjectID = auditSubjectID();
// ensure that any low-level exceptions are reported
// to the signed audit log and stored as failures
try {
NameValuePairs params = new NameValuePairs();
String ipId = req.getParameter(Constants.PR_ID);
if (ipId == null || ipId.length() == 0) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
sendResponse(ERROR, "Missing CRL IP name", null, resp);
return;
}
params.add(Constants.PR_ID, ipId);
String desc = req.getParameter(Constants.PR_DESCRIPTION);
if (desc == null) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
sendResponse(ERROR, "Missing CRL IP description", null, resp);
return;
}
params.add(Constants.PR_DESCRIPTION, desc);
String sEnable = req.getParameter(Constants.PR_ENABLED);
boolean enable = true;
if (sEnable != null && sEnable.length() > 0 &&
sEnable.equalsIgnoreCase(Constants.FALSE)) {
enable = false;
params.add(Constants.PR_ENABLED, Constants.FALSE);
} else {
params.add(Constants.PR_ENABLED, Constants.TRUE);
}
IConfigStore crlSubStore =
mCA.getConfigStore().getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE);
boolean done = false;
Enumeration crlNames = crlSubStore.getSubStoreNames();
while (crlNames.hasMoreElements()) {
String name = (String) crlNames.nextElement();
if (ipId.equals(name)) {
ICRLIssuingPoint ip = mCA.getCRLIssuingPoint(ipId);
if (ip != null) {
ip.setDescription(desc);
ip.enableCRLIssuingPoint(enable);
}
IConfigStore c = crlSubStore.getSubStore(ipId);
if (c != null) {
c.putString(Constants.PR_DESCRIPTION, desc);
c.putString(Constants.PR_ENABLED,
(enable) ? Constants.TRUE : Constants.FALSE);
}
done = true;
break;
}
}
if (!done) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
sendResponse(ERROR, "Missing CRL IP " + ipId, null, resp);
return;
}
commit(true);
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.SUCCESS,
auditParams(req));
audit(auditMessage);
sendResponse(SUCCESS, null, params, resp);
} catch (EBaseException eAudit1) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
// rethrow the specific exception to be handled later
throw eAudit1;
} catch (IOException eAudit2) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
// rethrow the specific exception to be handled later
throw eAudit2;
// } catch( ServletException eAudit3 ) {
// // store a message in the signed audit log file
// auditMessage = CMS.getLogMessage(
// LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
// auditSubjectID,
// ILogger.FAILURE,
// auditParams( req ) );
//
// audit( auditMessage );
//
// // rethrow the specific exception to be handled later
// throw eAudit3;
}
}
/**
* Delete CRL issuing points configuration
*
*
*
* - signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when
* configuring CRL profile (extensions, frequency, CRL format)
*
* @param req HTTP servlet request
* @param resp HTTP servlet response
* @exception ServletException a servlet error has occurred
* @exception IOException an input/output error has occurred
* @exception EBaseException an error has occurred
*/
private void deleteCRLIPsConfig(HttpServletRequest req,
HttpServletResponse resp)
throws ServletException, IOException, EBaseException {
String auditMessage = null;
String auditSubjectID = auditSubjectID();
// ensure that any low-level exceptions are reported
// to the signed audit log and stored as failures
try {
NameValuePairs params = new NameValuePairs();
String id = req.getParameter(Constants.RS_ID);
if (id != null && id.length() > 0) {
IConfigStore crlSubStore =
mCA.getConfigStore().getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE);
boolean done = false;
Enumeration crlNames = crlSubStore.getSubStoreNames();
while (crlNames.hasMoreElements()) {
String name = (String) crlNames.nextElement();
if (id.equals(name)) {
mCA.deleteCRLIssuingPoint(crlSubStore, id);
done = true;
break;
}
}
if (!done) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
sendResponse(ERROR, "Missing CRL IP " + id, null, resp);
return;
}
commit(true);
}
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.SUCCESS,
auditParams(req));
audit(auditMessage);
sendResponse(SUCCESS, null, params, resp);
} catch (EBaseException eAudit1) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
// rethrow the specific exception to be handled later
throw eAudit1;
} catch (IOException eAudit2) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
// rethrow the specific exception to be handled later
throw eAudit2;
// } catch( ServletException eAudit3 ) {
// // store a message in the signed audit log file
// auditMessage = CMS.getLogMessage(
// LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
// auditSubjectID,
// ILogger.FAILURE,
// auditParams( req ) );
//
// audit( auditMessage );
//
// // rethrow the specific exception to be handled later
// throw eAudit3;
}
}
private void getCRLExtsConfig(HttpServletRequest req,
HttpServletResponse resp)
throws ServletException, IOException, EBaseException {
NameValuePairs params = new NameValuePairs();
String ipId = null;
Enumeration e = req.getParameterNames();
while (e.hasMoreElements()) {
String name = (String) e.nextElement();
if (name.equals(Constants.OP_TYPE))
continue;
if (name.equals(Constants.RS_ID))
continue;
if (name.equals(Constants.OP_SCOPE))
continue;
ipId = name;
}
if (ipId == null || ipId.length() <= 0) {
ipId = ICertificateAuthority.PROP_MASTER_CRL;
}
ICRLIssuingPoint ip = mCA.getCRLIssuingPoint(ipId);
ICMSCRLExtensions crlExts = ip.getCRLExtensions();
String id = req.getParameter(Constants.RS_ID);
if (id != null) {
params = crlExts.getConfigParams(id);
}
sendResponse(SUCCESS, null, params, resp);
}
/**
* Delete CRL extensions configuration
*
*
*
* - signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when
* configuring CRL profile (extensions, frequency, CRL format)
*
* @param req HTTP servlet request
* @param resp HTTP servlet response
* @exception ServletException a servlet error has occurred
* @exception IOException an input/output error has occurred
* @exception EBaseException an error has occurred
*/
private void setCRLExtsConfig(HttpServletRequest req,
HttpServletResponse resp)
throws ServletException, IOException, EBaseException {
String auditMessage = null;
String auditSubjectID = auditSubjectID();
// ensure that any low-level exceptions are reported
// to the signed audit log and stored as failures
try {
NameValuePairs params = new NameValuePairs();
String ipId = req.getParameter(Constants.PR_ID);
if (ipId == null || ipId.length() <= 0) {
ipId = ICertificateAuthority.PROP_MASTER_CRL;
}
ICRLIssuingPoint ip = mCA.getCRLIssuingPoint(ipId);
ICMSCRLExtensions crlExts = ip.getCRLExtensions();
IConfigStore config = mCA.getConfigStore();
IConfigStore crlsSubStore =
config.getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE);
IConfigStore crlSubStore = crlsSubStore.getSubStore(ipId);
IConfigStore crlExtsSubStore =
crlSubStore.getSubStore(ICertificateAuthority.PROP_CRLEXT_SUBSTORE);
String id = req.getParameter(Constants.RS_ID);
if (id != null) {
IConfigStore crlExtSubStore = crlExtsSubStore.getSubStore(id);
Enumeration e = req.getParameterNames();
while (e.hasMoreElements()) {
String name = (String) e.nextElement();
if (name.equals(Constants.OP_TYPE))
continue;
if (name.equals(Constants.RS_ID))
continue;
if (name.equals(Constants.OP_SCOPE))
continue;
if (name.equals(Constants.PR_CRLEXT_IMPL_NAME))
continue;
if (name.equals("RULENAME"))
continue;
String value = req.getParameter(name);
params.add(name, value);
}
crlExts.setConfigParams(id, params, crlExtSubStore);
commit(true);
ip.clearCRLCache();
ip.updateCRLCacheRepository();
}
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.SUCCESS,
auditParams(req));
audit(auditMessage);
sendResponse(SUCCESS, null, null, resp);
} catch (EBaseException eAudit1) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
// rethrow the specific exception to be handled later
throw eAudit1;
} catch (IOException eAudit2) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
// rethrow the specific exception to be handled later
throw eAudit2;
// } catch( ServletException eAudit3 ) {
// // store a message in the signed audit log file
// auditMessage = CMS.getLogMessage(
// LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
// auditSubjectID,
// ILogger.FAILURE,
// auditParams( req ) );
//
// audit( auditMessage );
//
// // rethrow the specific exception to be handled later
// throw eAudit3;
}
}
private void listCRLExtsConfig(HttpServletRequest req,
HttpServletResponse resp)
throws ServletException, IOException, EBaseException {
NameValuePairs params = new NameValuePairs();
String id = req.getParameter(Constants.PR_ID);
if (id == null || id.length() <= 0) {
id = ICertificateAuthority.PROP_MASTER_CRL;
}
IConfigStore config = mCA.getConfigStore();
IConfigStore crlsSubStore = config.getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE);
IConfigStore crlSubStore = crlsSubStore.getSubStore(id);
IConfigStore crlExtsSubStore = crlSubStore.getSubStore(ICertificateAuthority.PROP_CRLEXT_SUBSTORE);
if (crlExtsSubStore != null) {
Enumeration enumExts = crlExtsSubStore.getSubStoreNames();
while (enumExts.hasMoreElements()) {
String extName = (String) enumExts.nextElement();
boolean crlExtEnabled = false;
IConfigStore crlExtSubStore = crlExtsSubStore.getSubStore(extName);
Enumeration properties = crlExtSubStore.getPropertyNames();
while (properties.hasMoreElements()) {
String name = (String) properties.nextElement();
if (name.equals(Constants.PR_ENABLE)) {
crlExtEnabled = crlExtSubStore.getBoolean(name, false);
}
}
params.add(extName, extName + ";visible;" + ((crlExtEnabled) ? "enabled" : "disabled"));
}
}
sendResponse(SUCCESS, null, params, resp);
}
/**
* retrieve extended plugin info such as brief description,
* type info from CRL extensions
*/
private void getExtendedPluginInfo(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
String id = req.getParameter(Constants.RS_ID);
int colon = id.indexOf(':');
String implType = id.substring(0, colon);
String implName = id.substring(colon + 1);
NameValuePairs params =
getExtendedPluginInfo(getLocale(req), implType, implName);
sendResponse(SUCCESS, null, params, resp);
}
private NameValuePairs getExtendedPluginInfo(Locale locale, String implType, String implName) {
IExtendedPluginInfo ext_info = null;
Object impl = null;
String ipId = null;
String name = null;
Enumeration ips = mCA.getCRLIssuingPoints();
if (ips.hasMoreElements()) {
ICRLIssuingPoint ip = (ICRLIssuingPoint) ips.nextElement();
if (ip != null) {
ipId = ip.getId();
}
}
if (ipId != null) {
ICRLIssuingPoint ip = mCA.getCRLIssuingPoint(ipId);
ICMSCRLExtensions crlExts = ip.getCRLExtensions();
name = crlExts.getClassPath(implName);
}
if (name != null) {
impl = getClassByNameAsExtendedPluginInfo(name);
}
if (impl != null) {
if (impl instanceof IExtendedPluginInfo) {
ext_info = (IExtendedPluginInfo) impl;
}
}
NameValuePairs nvps = null;
if (ext_info == null) {
nvps = new NameValuePairs();
} else {
nvps = convertStringArrayToNVPairs(ext_info.getExtendedPluginInfo(locale));
}
return nvps;
}
/**
* Set CRL configuration
*
*
*
* - signed.audit LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE used when
* configuring CRL profile (extensions, frequency, CRL format)
*
* @param req HTTP servlet request
* @param resp HTTP servlet response
* @exception ServletException a servlet error has occurred
* @exception IOException an input/output error has occurred
* @exception EBaseException an error has occurred
*/
private void setCRLConfig(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException, EBaseException {
String auditMessage = null;
String auditSubjectID = auditSubjectID();
// ensure that any low-level exceptions are reported
// to the signed audit log and stored as failures
try {
NameValuePairs params = new NameValuePairs();
String id = req.getParameter(Constants.RS_ID);
if (id == null || id.length() <= 0 ||
id.equals(Constants.RS_ID_CONFIG)) {
id = ICertificateAuthority.PROP_MASTER_CRL;
}
ICRLIssuingPoint ip = mCA.getCRLIssuingPoint(id);
//Save New Settings to the config file
IConfigStore config = mCA.getConfigStore();
IConfigStore crlsSubStore = config.getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE);
IConfigStore crlSubStore = crlsSubStore.getSubStore(id);
//set reset of the parameters
Enumeration e = req.getParameterNames();
while (e.hasMoreElements()) {
String name = (String) e.nextElement();
if (name.equals(Constants.OP_TYPE))
continue;
if (name.equals(Constants.RS_ID))
continue;
if (name.equals(Constants.OP_SCOPE))
continue;
if (name.equals(Constants.PR_ENABLE))
continue;
String value = req.getParameter(name);
params.add(name, value);
crlSubStore.putString(name, value);
}
boolean noRestart = ip.updateConfig(params);
commit(true);
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.SUCCESS,
auditParams(req));
audit(auditMessage);
if (noRestart)
sendResponse(SUCCESS, null, null, resp);
else
sendResponse(RESTART, null, null, resp);
} catch (EBaseException eAudit1) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
// rethrow the specific exception to be handled later
throw eAudit1;
} catch (IOException eAudit2) {
// store a message in the signed audit log file
auditMessage = CMS.getLogMessage(
LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
auditSubjectID,
ILogger.FAILURE,
auditParams(req));
audit(auditMessage);
// rethrow the specific exception to be handled later
throw eAudit2;
// } catch( ServletException eAudit3 ) {
// // store a message in the signed audit log file
// auditMessage = CMS.getLogMessage(
// LOGGING_SIGNED_AUDIT_CONFIG_CRL_PROFILE,
// auditSubjectID,
// ILogger.FAILURE,
// auditParams( req ) );
//
// audit( auditMessage );
//
// // rethrow the specific exception to be handled later
// throw eAudit3;
}
}
private void getCRLConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
NameValuePairs params = new NameValuePairs();
String id = req.getParameter(Constants.RS_ID);
if (id == null || id.length() <= 0 ||
id.equals(Constants.RS_ID_CONFIG)) {
id = ICertificateAuthority.PROP_MASTER_CRL;
}
IConfigStore crlsSubStore =
mCA.getConfigStore().getSubStore(ICertificateAuthority.PROP_CRL_SUBSTORE);
IConfigStore crlSubStore = crlsSubStore.getSubStore(id);
Enumeration e = req.getParameterNames();
while (e.hasMoreElements()) {
String name = (String) e.nextElement();
if (name.equals(Constants.OP_TYPE))
continue;
if (name.equals(Constants.RS_ID))
continue;
if (name.equals(Constants.OP_SCOPE))
continue;
if (name.equals(Constants.PR_ENABLE))
continue;
params.add(name, crlSubStore.getString(name, ""));
}
getSigningAlgConfig(params);
sendResponse(SUCCESS, null, params, resp);
}
private void getConnectorConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
IConfigStore caConfig = mCA.getConfigStore();
IConfigStore connectorConfig = caConfig.getSubStore("connector");
IConfigStore caConnectorConfig = null;
if (isKRAConnector(req)) {
caConnectorConfig = connectorConfig.getSubStore("KRA");
} else if (isCLAConnector(req)) {
caConnectorConfig = connectorConfig.getSubStore("CLA");
}
Enumeration enum1 = req.getParameterNames();
NameValuePairs params = new NameValuePairs();
if (caConnectorConfig != null) {
while (enum1.hasMoreElements()) {
String name = (String) enum1.nextElement();
if (name.equals(Constants.RS_ID))
continue;
if (name.equals(Constants.OP_SCOPE))
continue;
if (name.equals(Constants.OP_TYPE))
continue;
params.add(name, caConnectorConfig.getString(name, ""));
}
}
sendResponse(SUCCESS, null, params, resp);
}
private void setConnectorConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
IConfigStore caConfig = mCA.getConfigStore();
IConfigStore connectorConfig = caConfig.getSubStore("connector");
IConfigStore caConnectorConfig = null;
// String nickname = CMS.getServerCertNickname();
if (isKRAConnector(req)) {
caConnectorConfig = connectorConfig.getSubStore("KRA");
} else if (isCLAConnector(req)) {
caConnectorConfig = connectorConfig.getSubStore("CLA");
}
Enumeration enum1 = req.getParameterNames();
if (caConnectorConfig != null) {
while (enum1.hasMoreElements()) {
String name = (String) enum1.nextElement();
if (name.equals(Constants.OP_TYPE))
continue;
if (name.equals(Constants.RS_ID))
continue;
if (name.equals(Constants.OP_SCOPE))
continue;
/*
if (name.equals("nickName")) {
caConnectorConfig.putString(name, nickname);
continue;
}
*/
if (name.equals("host")) {
try {
Utils.checkHost(req.getParameter("host"));
} catch (UnknownHostException e) {
sendResponse(ERROR, "Unknown Host " + req.getParameter("host"), null, resp);
return;
}
}
caConnectorConfig.putString(name, req.getParameter(name));
}
}
commit(true);
sendResponse(RESTART, null, null, resp);
}
private boolean isKRAConnector(HttpServletRequest req) {
Enumeration enum1 = req.getParameterNames();
while (enum1.hasMoreElements()) {
String key = (String) enum1.nextElement();
if (key.equals("RS_ID")) {
String val = req.getParameter(key);
if (val.equals("Data Recovery Manager Connector"))
return true;
else
return false;
}
}
return false;
}
private boolean isCLAConnector(HttpServletRequest req) {
Enumeration enum1 = req.getParameterNames();
while (enum1.hasMoreElements()) {
String key = (String) enum1.nextElement();
if (key.equals("RS_ID")) {
String val = req.getParameter(key);
if (val.equals("Clone Master Manager Connector"))
return true;
else
return false;
}
}
return false;
}
private void getGeneralConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
NameValuePairs params = new NameValuePairs();
String value = "false";
/*
ISubsystem eeGateway =
SubsystemRegistry.getInstance().get("eeGateway");
if (eeGateway != null) {
IConfigStore eeConfig = eeGateway.getConfigStore();
if (eeConfig != null)
value = eeConfig.getString("enabled", "true");
String ocspValue = "true";
ocspValue = eeConfig.getString("enableOCSP", "true");
params.add(Constants.PR_OCSP_ENABLED, ocspValue);
}
params.add(Constants.PR_EE_ENABLED, value);
*/
IConfigStore caConfig = mCA.getConfigStore();
value = caConfig.getString(ICertificateAuthority.PROP_ENABLE_PAST_CATIME, "false");
params.add(Constants.PR_VALIDITY, value);
getSigningAlgConfig(params);
getSerialConfig(params);
getMaxSerialConfig(params);
sendResponse(SUCCESS, null, params, resp);
}
private void getSigningAlgConfig(NameValuePairs params) {
params.add(Constants.PR_DEFAULT_ALGORITHM,
mCA.getDefaultAlgorithm());
String[] algorithms = mCA.getCASigningAlgorithms();
StringBuffer algorStr = new StringBuffer();
for (int i = 0; i < algorithms.length; i++) {
if (i == 0)
algorStr.append(algorithms[i]);
else {
algorStr.append(":");
algorStr.append(algorithms[i]);
}
}
params.add(Constants.PR_ALL_ALGORITHMS, algorStr.toString());
}
private void getSerialConfig(NameValuePairs params) {
params.add(Constants.PR_SERIAL,
mCA.getStartSerial());
}
private void getMaxSerialConfig(NameValuePairs params) {
params.add(Constants.PR_MAXSERIAL,
mCA.getMaxSerial());
}
private void setGeneralConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
ISubsystem eeGateway = null;
/*
ISubsystem eeGateway =
SubsystemRegistry.getInstance().get("eeGateway");
*/
IConfigStore eeConfig = null;
IConfigStore caConfig = mCA.getConfigStore();
Enumeration enum1 = req.getParameterNames();
boolean restart = false;
//mCA.setMaxSerial("");
while (enum1.hasMoreElements()) {
String key = (String) enum1.nextElement();
String value = req.getParameter(key);
if (key.equals(Constants.PR_EE_ENABLED)) {
/*
if (eeConfig != null) {
if (((EEGateway)eeGateway).isEnabled() &&
value.equals("false") ||
!((EEGateway)eeGateway).isEnabled() &&
value.equals("true")) {
restart=true;;
}
eeConfig.putString("enabled", value);
}
*/
} else if (key.equals(Constants.PR_VALIDITY)) {
mCA.setValidity(value);
} else if (key.equals(Constants.PR_DEFAULT_ALGORITHM)) {
mCA.setDefaultAlgorithm(value);
} else if (key.equals(Constants.PR_SERIAL)) {
mCA.setStartSerial(value);
} else if (key.equals(Constants.PR_MAXSERIAL)) {
mCA.setMaxSerial(value);
}
}
commit(true);
if (restart)
sendResponse(RESTART, null, null, resp);
else
sendResponse(SUCCESS, null, null, resp);
}
/**
* Retrieves configuration parameters of certificate
* authority.
*/
private synchronized void getConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
// validate
super.getConfig(mCA.getConfigStore(), req, resp);
}
/**
* Sets configuration parameters of certificate
* authority.
*/
private synchronized void setConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
super.setConfig(mCA.getConfigStore(), req, resp);
// XXX - commit changes
}
/**
* Lists configuration store parameters.
*/
private synchronized void listConfig(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
super.listConfig(mCA.getConfigStore(), req, resp);
}
/**
* Locks a request so that no one can modify it except
* owner.
*/
private synchronized void lockRequest(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
NameValuePairs params = new NameValuePairs();
// XXX
sendResponse(SUCCESS, null, params, resp);
}
/**
* Locks certificate record so that no one can
* modify it except owner.
*/
private synchronized void lockCertRecord(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
NameValuePairs params = new NameValuePairs();
sendResponse(SUCCESS, null, params, resp);
}
/**
* Modifies a cert record.
*/
private synchronized void modifyCertRecord(HttpServletRequest req,
HttpServletResponse resp) throws ServletException,
IOException, EBaseException {
NameValuePairs params = new NameValuePairs();
// XXX
sendResponse(SUCCESS, null, params, resp);
}
private void log(int level, String msg) {
if (mLogger == null)
return;
mLogger.log(ILogger.EV_SYSTEM, null, ILogger.S_OTHER,
level, "CAAdminServlet: " + msg);
}
}