Index: pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java =================================================================== --- pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java (revision 2439) +++ pki/base/common/src/com/netscape/cms/servlet/csadmin/UpdateOCSPConfig.java (working copy) @@ -33,6 +33,8 @@ import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.authentication.*; import com.netscape.certsrv.authorization.*; +import com.netscape.certsrv.publish.*; +import com.netscape.certsrv.ca.*; import com.netscape.cms.servlet.*; import com.netscape.cmsutil.xml.*; import org.w3c.dom.*; @@ -115,24 +117,22 @@ String ocsphost = httpReq.getParameter("ocsp_host"); String ocspport = httpReq.getParameter("ocsp_port"); + String ocspname = ocsphost.replace('.', '-')+"-"+ocspport; + String publisherPrefix = "ca.publish.publisher.instance.OCSPPublisher-"+ocspname; + String rulePrefix = "ca.publish.rule.instance.ocsprule-"+ocspname; try { cs.putString("ca.publish.enable", "true"); - cs.putString("ca.publish.publisher.instance.OCSPPublisher.host", - ocsphost); - cs.putString("ca.publish.publisher.instance.OCSPPublisher.port", - ocspport); - cs.putString("ca.publish.publisher.instance.OCSPPublisher.nickName", - nickname); - cs.putString("ca.publish.publisher.instance.OCSPPublisher.path", - "/ocsp/agent/ocsp/addCRL"); - cs.putString("ca.publish.publisher.instance.OCSPPublisher.pluginName", "OCSPPublisher"); - cs.putString("ca.publish.publisher.instance.OCSPPublisher.enableClientAuth", "true"); - cs.putString("ca.publish.rule.instance.ocsprule.enable", "true"); - cs.putString("ca.publish.rule.instance.ocsprule.mapper", "NoMap"); - cs.putString("ca.publish.rule.instance.ocsprule.pluginName", "Rule"); - cs.putString("ca.publish.rule.instance.ocsprule.publisher", - "OCSPPublisher"); - cs.putString("ca.publish.rule.instance.ocsprule.type", "crl"); + cs.putString(publisherPrefix+".host", ocsphost); + cs.putString(publisherPrefix+".port", ocspport); + cs.putString(publisherPrefix+".nickName", nickname); + cs.putString(publisherPrefix+".path", "/ocsp/agent/ocsp/addCRL"); + cs.putString(publisherPrefix+".pluginName", "OCSPPublisher"); + cs.putString(publisherPrefix+".enableClientAuth", "true"); + cs.putString(rulePrefix+".enable", "true"); + cs.putString(rulePrefix+".mapper", "NoMap"); + cs.putString(rulePrefix+".pluginName", "Rule"); + cs.putString(rulePrefix+".publisher", "OCSPPublisher-"+ocspname); + cs.putString(rulePrefix+".type", "crl"); cs.commit(false); // insert info CMS.debug("UpdateOCSPConfig: Sending response"); @@ -145,6 +145,16 @@ byte[] cb = xmlObj.toByteArray(); outputResult(httpResp, "application/xml", cb); + + ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem("ca"); + IPublisherProcessor pp = ca.getPublisherProcessor(); + IConfigStore c = cs.getSubStore("ca.publish.publisher.instance"); + CMS.debug("UpdateOCSPConfig process: adding publisher instance: OCSPPublisher-"+ocspname); + pp.addPublisherInstance("OCSPPublisher-"+ocspname, c); + c = cs.getSubStore("ca.publish.rule.instance"); + CMS.debug("UpdateOCSPConfig process: adding rule instance: ocsprule-"+ocspname); + pp.addRuleInstance("ocsprule-"+ocspname, c); + CMS.debug("UpdateOCSPConfig process: publishing processor updated"); } catch (Exception e) { CMS.debug("UpdateOCSPConfig: Failed to update OCSP configuration. Exception: "+e.toString()); outputError(httpResp, "Error: Failed to update OCSP configuration."); Index: pki/base/common/src/com/netscape/certsrv/publish/IPublisherProcessor.java =================================================================== --- pki/base/common/src/com/netscape/certsrv/publish/IPublisherProcessor.java (revision 2439) +++ pki/base/common/src/com/netscape/certsrv/publish/IPublisherProcessor.java (working copy) @@ -83,6 +83,14 @@ public Hashtable getRuleInsts(); /** + * Adds rule instance to the instance list. + * @param insName rule instance name + * @param c config store + */ + public void addRuleInstance(String insName, IConfigStore c) throws + EBaseException; + + /** * * Returns Hashtable of mapper plugins. */ @@ -108,6 +116,14 @@ public Hashtable getPublisherInsts(); /** + * Adds publisher instance to the instance list. + * @param insName publisher instance name + * @param c config store + */ + public void addPublisherInstance(String insName, IConfigStore c) throws + EBaseException; + + /** * * Returns list of rules based on publishing type. * @param publishingType Type for which to retrieve rule list. Index: pki/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java =================================================================== --- pki/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java (revision 2439) +++ pki/base/common/src/com/netscape/cmscore/ldap/PublisherProcessor.java (working copy) @@ -91,6 +91,143 @@ return mConfig; } + public void addPublisherInstance(String insName, IConfigStore c) + throws EBaseException { + + String implName = c.getString(insName + "." + + PROP_PLUGIN); + PublisherPlugin plugin = + (PublisherPlugin) mPublisherPlugins.get(implName); + + if (plugin == null) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_PLUGIN_NOT_FIND", implName)); + throw new ELdapException(implName); + } + String className = plugin.getClassPath(); + + // Instantiate and init the publisher. + boolean isEnable = false; + ILdapPublisher publisherInst = null; + + try { + publisherInst = (ILdapPublisher) + Class.forName(className).newInstance(); + IConfigStore pConfig = + c.getSubStore(insName); + + publisherInst.init(pConfig); + isEnable = true; + + } catch (ClassNotFoundException e) { + String errMsg = "PublisherProcessor:: init()-" + e.toString(); + + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + } catch (IllegalAccessException e) { + String errMsg = "PublisherProcessor:: init()-" + e.toString(); + + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + } catch (InstantiationException e) { + String errMsg = "PublisherProcessor: init()-" + e.toString(); + + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + } catch (Throwable e) { + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_SKIP_PUBLISHER", insName, e.toString())); + // Let the server continue if it is a + // mis-configuration. But the instance + // will be skipped. This give another + // chance to the user to re-configure + // the server via console. + } + + if (publisherInst == null) { + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + } + + if (insName == null) { + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", insName)); + } + + // add publisher instance to list. + mPublisherInsts.put(insName, new + PublisherProxy(isEnable, publisherInst)); + log(ILogger.LL_INFO, "publisher instance " + insName + " added"); + if (Debug.ON) + Debug.trace("loaded publisher instance " + insName + " impl " + implName); + + } + + public void addRuleInstance(String insName, IConfigStore c) + throws EBaseException { + + String implName = c.getString(insName + "." + + PROP_PLUGIN); + RulePlugin plugin = + (RulePlugin) mRulePlugins.get(implName); + + if (plugin == null) { + log(ILogger.LL_FAILURE, + CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); + throw new ELdapException(implName); + } + String className = plugin.getClassPath(); + + if (Debug.ON) + Debug.trace("loaded rule className=" + className); + + // Instantiate and init the rule + IConfigStore mConfig = null; + + try { + ILdapRule ruleInst = null; + + ruleInst = (ILdapRule) + Class.forName(className).newInstance(); + mConfig = c.getSubStore(insName); + ruleInst.init(this, mConfig); + ruleInst.setInstanceName(insName); + + // add manager instance to list. + if (Debug.ON) + Debug.trace("ADDING RULE " + insName + " " + ruleInst); + mRuleInsts.put(insName, ruleInst); + log(ILogger.LL_INFO, "rule instance " + + insName + " added"); + } catch (ClassNotFoundException e) { + String errMsg = "PublisherProcessor:: init()-" + e.toString(); + + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + } catch (IllegalAccessException e) { + String errMsg = "PublisherProcessor:: init()-" + e.toString(); + + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + } catch (InstantiationException e) { + String errMsg = "PublisherProcessor: init()-" + e.toString(); + + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + } catch (Throwable e) { + if (mConfig == null) { + throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); + } + mConfig.putString(ILdapRule.PROP_ENABLE, + "false"); + log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_SKIP_RULE", insName, e.toString())); + // Let the server continue if it is a + // mis-configuration. But the instance + // will be skipped. This give another + // chance to the user to re-configure + // the server via console. + } + if (Debug.ON) + Debug.trace("loaded rule instance " + insName + " impl " + implName); + } + public void init(ISubsystem authority, IConfigStore config) throws EBaseException { mConfig = config; @@ -118,69 +255,7 @@ while (instances.hasMoreElements()) { String insName = (String) instances.nextElement(); - String implName = c.getString(insName + "." + - PROP_PLUGIN); - PublisherPlugin plugin = - (PublisherPlugin) mPublisherPlugins.get(implName); - - if (plugin == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_PLUGIN_NOT_FIND", implName)); - throw new ELdapException(implName); - } - String className = plugin.getClassPath(); - - // Instantiate and init the publisher. - boolean isEnable = false; - ILdapPublisher publisherInst = null; - - try { - publisherInst = (ILdapPublisher) - Class.forName(className).newInstance(); - IConfigStore pConfig = - c.getSubStore(insName); - - publisherInst.init(pConfig); - isEnable = true; - - } catch (ClassNotFoundException e) { - String errMsg = "PublisherProcessor:: init()-" + e.toString(); - - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); - } catch (IllegalAccessException e) { - String errMsg = "PublisherProcessor:: init()-" + e.toString(); - - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); - } catch (InstantiationException e) { - String errMsg = "PublisherProcessor: init()-" + e.toString(); - - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); - } catch (Throwable e) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_SKIP_PUBLISHER", insName, e.toString())); - // Let the server continue if it is a - // mis-configuration. But the instance - // will be skipped. This give another - // chance to the user to re-configure - // the server via console. - } - - if (publisherInst == null) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); - } - - if (insName == null) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", insName)); - } - - // add publisher instance to list. - mPublisherInsts.put(insName, new - PublisherProxy(isEnable, publisherInst)); - log(ILogger.LL_INFO, "publisher instance " + insName + " added"); - if (Debug.ON) - Debug.trace("loaded publisher instance " + insName + " impl " + implName); + addPublisherInstance(insName, c); } // load mapper implementation @@ -287,69 +362,7 @@ instances = c.getSubStoreNames(); while (instances.hasMoreElements()) { String insName = (String) instances.nextElement(); - String implName = c.getString(insName + "." + - PROP_PLUGIN); - RulePlugin plugin = - (RulePlugin) mRulePlugins.get(implName); - - if (plugin == null) { - log(ILogger.LL_FAILURE, - CMS.getLogMessage("CMSCORE_LDAP_RULE_NOT_FIND", implName)); - throw new ELdapException(implName); - } - String className = plugin.getClassPath(); - - if (Debug.ON) - Debug.trace("loaded rule className=" + className); - - // Instantiate and init the rule - IConfigStore mConfig = null; - - try { - ILdapRule ruleInst = null; - - ruleInst = (ILdapRule) - Class.forName(className).newInstance(); - mConfig = c.getSubStore(insName); - ruleInst.init(this, mConfig); - ruleInst.setInstanceName(insName); - - // add manager instance to list. - if (Debug.ON) - Debug.trace("ADDING RULE " + insName + " " + ruleInst); - mRuleInsts.put(insName, ruleInst); - log(ILogger.LL_INFO, "rule instance " + - insName + " added"); - } catch (ClassNotFoundException e) { - String errMsg = "PublisherProcessor:: init()-" + e.toString(); - - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); - } catch (IllegalAccessException e) { - String errMsg = "PublisherProcessor:: init()-" + e.toString(); - - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); - } catch (InstantiationException e) { - String errMsg = "PublisherProcessor: init()-" + e.toString(); - - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_PUBLISHER_INIT_FAILED", e.toString())); - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); - } catch (Throwable e) { - if (mConfig == null) { - throw new ELdapException(CMS.getUserMessage("CMS_LDAP_FAIL_LOAD_CLASS", className)); - } - mConfig.putString(ILdapRule.PROP_ENABLE, - "false"); - log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_LDAP_SKIP_RULE", insName, e.toString())); - // Let the server continue if it is a - // mis-configuration. But the instance - // will be skipped. This give another - // chance to the user to re-configure - // the server via console. - } - if (Debug.ON) - Debug.trace("loaded rule instance " + insName + " impl " + implName); + addRuleInstance(insName, c); } startup();