From beb5d90a69cf64e0a7646be57f5e69d7f51b13ac Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Tue, 20 Oct 2015 23:54:22 +0200 Subject: [PATCH] Removed unused WizardServlet. The unused configuration wizard servlet has been removed to simplify refactoring other codes. The remaining references in CertUtil and ConfigurationUtils have been removed as well. https://fedorahosted.org/pki/ticket/1120 --- base/common/src/com/netscape/certsrv/apps/CMS.java | 30 +- .../netscape/cms/servlet/csadmin/AdminPanel.java | 332 ----------- .../netscape/cms/servlet/csadmin/AuthDBPanel.java | 125 ----- .../cms/servlet/csadmin/AuthenticatePanel.java | 192 ------- .../cms/servlet/csadmin/BackupKeyCertPanel.java | 215 ------- .../cms/servlet/csadmin/CertRequestPanel.java | 375 ------------- .../com/netscape/cms/servlet/csadmin/CertUtil.java | 26 +- .../cms/servlet/csadmin/ConfigHSMLoginPanel.java | 296 ---------- .../cms/servlet/csadmin/ConfigurationUtils.java | 6 +- .../cms/servlet/csadmin/CreateSubsystemPanel.java | 279 --------- .../cms/servlet/csadmin/DatabasePanel.java | 532 ------------------ .../cms/servlet/csadmin/DisplayCertChainPanel.java | 226 -------- .../netscape/cms/servlet/csadmin/DonePanel.java | 313 ----------- .../cms/servlet/csadmin/HierarchyPanel.java | 194 ------- .../cms/servlet/csadmin/ImportAdminCertPanel.java | 340 ----------- .../cms/servlet/csadmin/ImportCAChainPanel.java | 145 ----- .../netscape/cms/servlet/csadmin/ModulePanel.java | 338 ----------- .../netscape/cms/servlet/csadmin/NamePanel.java | 622 --------------------- .../cms/servlet/csadmin/RestoreKeyCertPanel.java | 235 -------- .../cms/servlet/csadmin/SavePKCS12Panel.java | 144 ----- .../cms/servlet/csadmin/SecurityDomainPanel.java | 482 ---------------- .../netscape/cms/servlet/csadmin/SizePanel.java | 491 ---------------- .../netscape/cms/servlet/csadmin/WelcomePanel.java | 128 ----- .../cms/servlet/csadmin/WizardPanelBase.java | 306 ---------- .../netscape/cms/servlet/wizard/IWizardPanel.java | 111 ---- .../netscape/cms/servlet/wizard/WizardServlet.java | 489 ---------------- .../dogtagpki/server/rest/SystemConfigService.java | 6 +- .../server/tps/installer/CAInfoPanel.java | 171 ------ .../server/tps/installer/DRMInfoPanel.java | 154 ----- .../server/tps/installer/TKSInfoPanel.java | 150 ----- 30 files changed, 25 insertions(+), 7428 deletions(-) delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/AdminPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthDBPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/DonePanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java delete mode 100755 base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/ModulePanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/NamePanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/SizePanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/wizard/IWizardPanel.java delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/wizard/WizardServlet.java delete mode 100644 base/tps/src/org/dogtagpki/server/tps/installer/CAInfoPanel.java delete mode 100644 base/tps/src/org/dogtagpki/server/tps/installer/DRMInfoPanel.java delete mode 100644 base/tps/src/org/dogtagpki/server/tps/installer/TKSInfoPanel.java diff --git a/base/common/src/com/netscape/certsrv/apps/CMS.java b/base/common/src/com/netscape/certsrv/apps/CMS.java index 187b1028a849f504b6e8ebb715e42521d5846613..148e0619ab5ffbbfffcd78f750097c1153d90dd4 100644 --- a/base/common/src/com/netscape/certsrv/apps/CMS.java +++ b/base/common/src/com/netscape/certsrv/apps/CMS.java @@ -29,14 +29,6 @@ import java.util.Hashtable; import java.util.Locale; import java.util.Vector; -import netscape.ldap.LDAPConnection; -import netscape.ldap.LDAPException; -import netscape.ldap.LDAPSSLSocketFactoryExt; -import netscape.security.util.ObjectIdentifier; -import netscape.security.x509.Extension; -import netscape.security.x509.GeneralName; -import netscape.security.x509.X509CertInfo; - import org.mozilla.jss.CryptoManager.CertificateUsage; import org.mozilla.jss.util.PasswordCallback; @@ -96,6 +88,14 @@ import com.netscape.certsrv.usrgrp.IUGSubsystem; import com.netscape.cmsutil.net.ISocketFactory; import com.netscape.cmsutil.password.IPasswordStore; +import netscape.ldap.LDAPConnection; +import netscape.ldap.LDAPException; +import netscape.ldap.LDAPSSLSocketFactoryExt; +import netscape.security.util.ObjectIdentifier; +import netscape.security.x509.Extension; +import netscape.security.x509.GeneralName; +import netscape.security.x509.X509CertInfo; + /** * This represents the CMS server. Plugins can access other * public objects such as subsystems via this inteface. @@ -1582,20 +1582,6 @@ public final class CMS { * @exception EBaseException failed to start CMS */ public static void start(String path) throws EBaseException { - //FileConfigStore mainConfig = null; - /* - try { - mainConfig = new FileConfigStore(path); - } catch (EBaseException e) { - e.printStackTrace(); - System.out.println( - "Error: The Server is not fully configured.\n" + - "Finish configuring server using Configure Setup Wizard in " + - "the Certificate Server Console."); - System.out.println(e.toString()); - System.exit(0); - } - */ String classname = "com.netscape.cmscore.apps.CMSEngine"; diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AdminPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/AdminPanel.java deleted file mode 100644 index 579c54df027f981011de0e65dcc3cd92b2515a5a..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AdminPanel.java +++ /dev/null @@ -1,332 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.base.ISubsystem; -import com.netscape.certsrv.property.Descriptor; -import com.netscape.certsrv.property.IDescriptor; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.usrgrp.IUGSubsystem; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class AdminPanel extends WizardPanelBase { - - private static final String ADMIN_UID = "admin"; - - public AdminPanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Administrator"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) { - setPanelNo(panelno); - setName("Administrator"); - setId(id); - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putString("preop.admin.email", ""); - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.admin.email", ""); - if (s == null || s.equals("")) { - return false; - } else { - return true; - } - } catch (Exception e) { - } - - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - Descriptor emailDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ - "Email address for an administrator"); - - set.add("admin_email", emailDesc); - - Descriptor pwdDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ - "Administrator's password"); - - set.add("pwd", pwdDesc); - - Descriptor pwdAgainDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ - "Administrator's password again"); - - set.add("admin_password_again", pwdAgainDesc); - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - CMS.debug("AdminPanel: display"); - - IConfigStore cs = CMS.getConfigStore(); - String session_id = request.getParameter("session_id"); - if (session_id != null) { - CMS.debug("NamePanel setting session id."); - CMS.setConfigSDSessionId(session_id); - } - - String type = ""; - String info = ""; - context.put("import", "true"); - - try { - type = cs.getString("preop.ca.type", ""); - } catch (Exception e) { - } - - if (isPanelDone()) { - try { - context.put("admin_email", cs.getString("preop.admin.email")); - context.put("admin_name", cs.getString("preop.admin.name")); - context.put("admin_pwd", ""); - context.put("admin_pwd_again", ""); - context.put("admin_uid", cs.getString("preop.admin.uid")); - } catch (Exception e) { - } - } else { - String def_admin_name = ""; - try { - def_admin_name = cs.getString("cs.type") + " Administrator of Instance " + cs.getString("instanceId"); - } catch (EBaseException e) { - } - context.put("admin_name", def_admin_name); - context.put("admin_email", ""); - context.put("admin_pwd", ""); - context.put("admin_pwd_again", ""); - context.put("admin_uid", ADMIN_UID); - } - ISubsystem ca = CMS.getSubsystem("ca"); - - if (ca == null) { - context.put("ca", "false"); - } else { - context.put("ca", "true"); - } - context.put("caType", type); - - String domainname = ""; - try { - domainname = cs.getString("securitydomain.name", ""); - } catch (EBaseException e1) { - } - context.put("securityDomain", domainname); - context.put("title", "Administrator"); - context.put("panel", "admin/console/config/adminpanel.vm"); - context.put("errorString", ""); - context.put("info", info); - - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - String pwd = HttpInput.getPassword(request, "__pwd"); - String pwd_again = HttpInput.getPassword(request, "__admin_password_again"); - String email = HttpInput.getEmail(request, "email"); - String name = HttpInput.getName(request, "name"); - String uid = HttpInput.getUID(request, "uid"); - context.put("admin_email", email); - context.put("admin_name", name); - context.put("admin_pwd", pwd); - context.put("admin_pwd_again", pwd_again); - context.put("import", "true"); - - if (name == null || name.equals("")) { - context.put("updateStatus", "validate-failure"); - throw new IOException("Name is empty"); - } - - if (email == null || email.equals("")) { - context.put("updateStatus", "validate-failure"); - throw new IOException("Email is empty"); - } - - if (uid == null || uid.equals("")) { - context.put("updateStatus", "validate-failure"); - throw new IOException("Uid is empty"); - } - - if (!pwd.equals(pwd_again)) { - context.put("updateStatus", "validate-failure"); - throw new IOException("Password and password again are not the same."); - } - - if (email == null || email.length() == 0) { - context.put("updateStatus", "validate-failure"); - throw new IOException("Email address is empty string."); - } - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, HttpServletResponse response, Context context) throws IOException { - IConfigStore config = CMS.getConfigStore(); - context.put("info", ""); - context.put("import", "true"); - - String uid = HttpInput.getUID(request, "uid"); - String email = HttpInput.getEmail(request, "email"); - String name = HttpInput.getName(request, "name"); - String pwd = HttpInput.getPassword(request, "__pwd"); - String cert_request_type = HttpInput.getID(request, "cert_request_type"); - String subject = request.getParameter("subject"); - String cert_request = HttpInput.getCertRequest(request, "cert_request"); - String profileId = HttpInput.getID(request, "profileId"); - - try { - String type = config.getString(PRE_CA_TYPE, ""); - String subsystemtype = config.getString("cs.type", ""); - String selected_hierarchy = config.getString("preop.hierarchy.select", ""); - - ISubsystem ca = CMS.getSubsystem("ca"); - - if (ca == null) { - context.put("ca", "false"); - } else { - context.put("ca", "true"); - } - context.put("caType", type); - - config.putString("preop.admin.uid", uid); - config.putString("preop.admin.email", email); - config.putString("preop.admin.name", name); - ConfigurationUtils.createAdmin(uid, email, name, pwd); - - if (ca != null) { - if (selected_hierarchy.equals("root")) { - CMS.debug("AdminPanel update: " + "Root CA subsystem"); - } else { - CMS.debug("AdminPanel update: " + "Subordinate CA subsystem"); - } - - ConfigurationUtils.createAdminCertificate(cert_request, - cert_request_type, subject); - } else { - String ca_hostname = null; - int ca_port = -1; - - CMS.debug("AdminPanel update: " + subsystemtype + " subsystem"); - - if (type.equals("sdca")) { - ca_hostname = config.getString("preop.ca.hostname"); - ca_port = config.getInteger("preop.ca.httpsport"); - } else { - ca_hostname = config.getString("securitydomain.host", ""); - ca_port = config.getInteger("securitydomain.httpseeport"); - } - - ConfigurationUtils.submitAdminCertRequest(ca_hostname, ca_port, - profileId, cert_request_type, cert_request, subject); - } - - CMS.reinit(IUGSubsystem.ID); - config.commit(false); - } catch (Exception e) { - CMS.debug("AdminPanel update(): Exception thrown " + e); - e.printStackTrace(); - context.put("updateStatus", "failure"); - throw new IOException("Error when adding admin user" + e); - } - - context.put("updateStatus", "success"); - } - - /** - * If validate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - - context.put("title", "Administrator"); - context.put("panel", "admin/console/config/adminpanel.vm"); - ISubsystem ca = CMS.getSubsystem("ca"); - IConfigStore cs = CMS.getConfigStore(); - String type = ""; - String info = ""; - - try { - type = cs.getString("preop.ca.type", ""); - } catch (Exception e) { - } - if (ca == null && type.equals("otherca")) { - info = - "Since you do not join the Redhat CA network, the administrator's certificate will not be generated automatically."; - } - context.put("info", info); - context.put("admin_email", request.getParameter("email")); - context.put("admin_name", request.getParameter("name")); - context.put("admin_pwd", ""); - context.put("admin_pwd_again", ""); - context.put("admin_uid", request.getParameter("uid")); - } - - public boolean shouldSkip() { - try { - IConfigStore c = CMS.getConfigStore(); - String s = c.getString("preop.subsystem.select", null); - if (s != null && s.equals("clone")) { - return true; - } - } catch (EBaseException e) { - } - - return false; - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthDBPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthDBPanel.java deleted file mode 100644 index f7ee25dfe1310895aa588ac51067efdf9909ad1c..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthDBPanel.java +++ /dev/null @@ -1,125 +0,0 @@ -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class AuthDBPanel extends WizardPanelBase { - - public AuthDBPanel() { - } - - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Authentication Directory"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Authentication Directory"); - setId(id); - } - - public boolean shouldSkip() { - return false; - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putString("preop.authdb.select", ""); - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.authdb.select", ""); - if (s != null && !s.isEmpty()) { - return true; - } - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - return set; - } - - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Authentication Directory"); - context.put("panel", "admin/console/config/authdbpanel.vm"); - IConfigStore config = CMS.getConfigStore(); - - String basedn=""; - String host=""; - String port=""; - String secureConn=""; - try { - String machineName = config.getString("service.machineName"); - basedn = config.getString("auths.instance.ldap1.ldap.basedn"); - - if (basedn.contains("[")) { - // basedn not yet set - basedn = machineName.replaceAll("\\.", ",dc="); - basedn = "dc=" + basedn; - } - - host = config.getString("auths.instance.ldap1.ldap.ldapconn.host", "localhost"); - port = config.getString("auths.instance.ldap1.ldap.ldapconn.port","389"); - secureConn = config.getString("auths.instance.ldap1.ldap.ldapconn.secureConn", "false"); - } catch (EBaseException e) { - e.printStackTrace(); - CMS.debug("Unable to get host, port, secureConn:" + e); - } - - context.put("hostname", host); - context.put("portStr", port); - context.put("basedn", basedn); - context.put("secureconn", secureConn); - context.put("errorString", ""); - } - - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - - String host = HttpInput.getHostname(request, "host"); - String port = HttpInput.getPortNumber(request, "port"); - String basedn = HttpInput.getString(request,"basedn"); - String secureConn = HttpInput.getString(request, "secureConn"); - - if (secureConn == null || (!secureConn.equalsIgnoreCase("true"))) { - secureConn = "false"; - } - ConfigurationUtils.updateAuthdbInfo(basedn, host, port, secureConn); - context.put("updateStatus", "success"); - } - - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - } - -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java deleted file mode 100644 index 6700b9312120c85cd7939a29be8af0e2f0a302bc..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java +++ /dev/null @@ -1,192 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class AuthenticatePanel extends WizardPanelBase { - - public AuthenticatePanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Authentication"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Authentication"); - setId(id); - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putString("preop.ca.agent.uid", ""); - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.ca.agent.uid", ""); - if (s == null || s.equals("")) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - /* XXX */ - - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Authentication"); - IConfigStore config = CMS.getConfigStore(); - - if (isPanelDone()) { - - try { - String s = config.getString("preop.ca.agent.uid", ""); - String type = config.getString("preop.hierarchy.select", ""); - if (type.equals("root")) - context.put("uid", ""); - else - context.put("uid", s); - } catch (Exception e) { - CMS.debug(e.toString()); - } - } else { - context.put("uid", ""); - } - - context.put("password", ""); - context.put("panel", "admin/console/config/authenticatepanel.vm"); - context.put("errorString", ""); - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore config = CMS.getConfigStore(); - String type = ""; - String catype = ""; - try { - type = config.getString("preop.hierarchy.select", ""); - catype = config.getString("preop.ca.type", ""); - } catch (Exception e) { - } - - if (type.equals("root")) { - CMS.debug("AuthenticatePanel: This is root, no need for authentication"); - } else if (catype.equals("sdca")) { - CMS.debug("AuthenticatePanel: This is not external CA"); - String uid = HttpInput.getUID(request, "uid"); - if (uid == null) { - context.put("errorString", "Uid is empty"); - throw new IOException("Uid is empty"); - } - context.put("uid", uid); - String pwd = HttpInput.getPassword(request, "__password"); - config.putString("preop.ca.agent.uid", uid); - config.putString("preop.ca.agent.pwd", pwd); - String host = ""; - int httpsport = -1; - try { - host = config.getString("preop.ca.hostname"); - } catch (Exception e) { - CMS.debug("AuthenticatePanel update: " + e.toString()); - context.put("errorString", "Missing hostname"); - throw new IOException("Missing hostname"); - } - - try { - httpsport = config.getInteger("preop.ca.httpsport"); - } catch (Exception e) { - CMS.debug("AuthenticatePanel update: " + e.toString()); - context.put("errorString", "Missing port"); - throw new IOException("Missing port"); - } - - boolean authenticated = authenticate(host, httpsport, true, - "/ca/ee/ca/configSubsystem", "uid=" + uid + "&pwd=" + pwd); - - if (!authenticated) { - context.put("errorString", "Wrong user id or password"); - throw new IOException("Wrong user id or password"); - } - - try { - config.commit(false); - } catch (EBaseException e) { - } - } - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("password", ""); - context.put("panel", "admin/console/config/authenticatepanel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java deleted file mode 100644 index f29b22ae731c097ba1379586d49de0f2009cdd9d..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java +++ /dev/null @@ -1,215 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class BackupKeyCertPanel extends WizardPanelBase { - - public BackupKeyCertPanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Export Keys and Certificates"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Export Keys and Certificates"); - setId(id); - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - /* clean up if necessary */ - try { - @SuppressWarnings("unused") - boolean done = cs.getBoolean("preop.backupkeycert.done"); // check for errors - cs.putBoolean("preop.backupkeycert.done", false); - cs.commit(false); - } catch (Exception e) { - } - } - - public boolean shouldSkip() { - IConfigStore cs = CMS.getConfigStore(); - - try { - String s = cs.getString("preop.module.token", ""); - if (s.equals("Internal Key Storage Token")) - return false; - } catch (Exception e) { - } - - return true; - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.backupkeycert.done", ""); - if (s == null || s.equals("")) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - /* XXX */ - - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Export Keys and Certificates"); - IConfigStore config = CMS.getConfigStore(); - - if (isPanelDone()) { - try { - boolean enable = config.getBoolean("preop.backupkeys.enable"); - if (enable) { - context.put("dobackup", "checked"); - context.put("nobackup", ""); - } else { - context.put("dobackup", ""); - context.put("nobackup", "checked"); - } - } catch (Exception e) { - } - } else { - context.put("dobackup", ""); - context.put("nobackup", "checked"); - } - - context.put("panel", "admin/console/config/backupkeycertpanel.vm"); - context.put("pwd", ""); - context.put("pwdagain", ""); - context.put("errorString", ""); - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, Context context) throws IOException { - String select = HttpInput.getID(request, "choice"); - if (select.equals("backupkey")) { - String pwd = request.getParameter("__pwd"); - String pwdAgain = request.getParameter("__pwdagain"); - if (pwd == null || pwdAgain == null || pwd.equals("") || pwdAgain.equals("")) { - CMS.debug("BackupKeyCertPanel validate: Password is null"); - context.put("updateStatus", "validate-failure"); - throw new IOException("PK12 password is empty."); - } - - if (!pwd.equals(pwdAgain)) { - CMS.debug("BackupKeyCertPanel validate: Password and password again are not the same."); - context.put("updateStatus", "validate-failure"); - throw new IOException("PK12 password is different from the PK12 password again."); - } - } - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore config = CMS.getConfigStore(); - - try { - String select = HttpInput.getID(request, "choice"); - String pwd = request.getParameter("__pwd"); - if (select.equals("backupkey")) { - CMS.debug("BackupKeyCertPanel update: backup"); - config.putBoolean("preop.backupkeys.enable", true); - ConfigurationUtils.backupKeys(pwd, null); - } else { - CMS.debug("BackupKeyCertPanel update: no backup"); - config.putBoolean("preop.backupkeys.enable", false); - } - - config.putBoolean("preop.backupkeycert.done", true); - config.commit(false); - } catch (Exception e) { - CMS.debug("BackupKeyertPanel: update(): Exception thrown " + e); - e.printStackTrace(); - context.put("updateStatus", "failure"); - throw new IOException(e); - } - context.put("updateStatus", "success"); - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - String select = ""; - try { - select = HttpInput.getID(request, "choice"); - } catch (Exception e) { - } - - if (select.equals("backupkey")) { - context.put("dobackup", "checked"); - context.put("nobackup", ""); - } else { - context.put("dobackup", ""); - context.put("nobackup", "checked"); - } - - context.put("pwd", ""); - context.put("pwdagain", ""); - context.put("title", "Export Keys and Certificates"); - context.put("panel", "admin/console/config/backupkeycertpanel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java deleted file mode 100644 index 81c6e5ca3343c1915d5c219303b739c763391e9e..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java +++ /dev/null @@ -1,375 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; -import java.math.BigInteger; -import java.util.Enumeration; -import java.util.Locale; -import java.util.StringTokenizer; -import java.util.Vector; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import netscape.security.util.CertPrettyPrint; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.ca.ICertificateAuthority; -import com.netscape.certsrv.dbs.certdb.ICertificateRepository; -import com.netscape.certsrv.property.Descriptor; -import com.netscape.certsrv.property.IDescriptor; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; -import com.netscape.cmsutil.crypto.CryptoUtil; - -public class CertRequestPanel extends WizardPanelBase { - private Vector mCerts = null; - - @SuppressWarnings("unused") - private WizardServlet mServlet; - - public CertRequestPanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Requests & Certificates"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Requests and Certificates"); - mServlet = servlet; - setId(id); - } - - // XXX how do you do this? There could be multiple certs. - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - Descriptor certDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameters */ - null); - - set.add("cert", certDesc); - - return set; - } - - /** - * Show "Apply" button on frame? - */ - public boolean showApplyButton() { - if (isPanelDone()) - return false; - else - return true; - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - String list = ""; - String tokenname = ""; - try { - list = cs.getString("preop.cert.list", ""); - tokenname = cs.getString("preop.module.token", ""); - } catch (Exception e) { - } - - ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem( - ICertificateAuthority.ID); - - if (ca != null) { - CMS.debug("CertRequestPanel cleanup: get certificate repository"); - BigInteger beginS = null; - BigInteger endS = null; - String beginNum = ""; - String endNum = ""; - try { - beginNum = cs.getString("dbs.beginSerialNumber", ""); - endNum = cs.getString("dbs.endSerialNumber", ""); - if (!beginNum.equals("")) - beginS = new BigInteger(beginNum, 16); - if (!endNum.equals("")) - endS = new BigInteger(endNum, 16); - } catch (Exception e) { - } - - ICertificateRepository cr = ca.getCertificateRepository(); - if (cr != null) { - try { - cr.removeCertRecords(beginS, endS); - } catch (Exception e) { - CMS.debug("CertRequestPanel cleanUp exception in removing all objects: " + e.toString()); - } - - try { - cr.resetSerialNumber(new BigInteger(beginNum, 16)); - } catch (Exception e) { - CMS.debug("CertRequestPanel cleanUp exception in resetting serial number: " + e.toString()); - } - } - } - - StringTokenizer st = new StringTokenizer(list, ","); - String nickname = ""; - boolean enable = false; - while (st.hasMoreTokens()) { - String t = st.nextToken(); - - try { - enable = cs.getBoolean(PCERT_PREFIX + t + ".enable", true); - nickname = cs.getString(PCERT_PREFIX + t + ".nickname", ""); - } catch (Exception e) { - } - - if (!enable) - continue; - - if (t.equals("sslserver")) - continue; - - try { - if (ConfigurationUtils.findCertificate(tokenname, nickname)) { - CMS.debug("CertRequestPanel cleanup: deleting certificate (" + nickname + ")."); - ConfigurationUtils.deleteCert(tokenname, nickname); - } - } catch (Exception e) { - CMS.debug("CertRequestPanel cleanup: failed to delete certificate (" - + nickname + "). Exception: " + e.toString()); - } - } - - try { - @SuppressWarnings("unused") - boolean done = cs.getBoolean("preop.CertRequestPanel.done"); // check for errors - cs.putBoolean("preop.CertRequestPanel.done", false); - cs.commit(false); - } catch (Exception e) { - } - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - boolean s = cs.getBoolean("preop.CertRequestPanel.done", - false); - - if (s != true) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - - return false; - } - - public void getCert(IConfigStore config, - Context context, String certTag, Cert cert) { - try { - - String subsystem = config.getString(PCERT_PREFIX + certTag + ".subsystem"); - String certs = config.getString(subsystem + "." + certTag + ".cert", ""); - - if (cert != null) { - String certf = certs; - - CMS.debug("CertRequestPanel getCert: certTag=" + certTag + " cert=" + certs); - - //get and set formated cert - if (!certs.startsWith("...")) { - certf = CryptoUtil.certFormat(certs); - } - cert.setCert(certf); - - //get and set cert pretty print - byte[] certb = CryptoUtil.base64Decode(certs); - CertPrettyPrint pp = new CertPrettyPrint(certb); - cert.setCertpp(pp.toString(Locale.getDefault())); - } else { - CMS.debug("CertRequestPanel::getCert() - cert is null!"); - return; - } - String userfriendlyname = config.getString( - PCERT_PREFIX + certTag + ".userfriendlyname"); - - cert.setUserFriendlyName(userfriendlyname); - String type = config.getString(PCERT_PREFIX + certTag + ".type"); - - cert.setType(type); - String dn = config.getString(PCERT_PREFIX + certTag + ".dn"); - - cert.setDN(dn); - } catch (Exception e) { - CMS.debug("CertRequestPanel:getCert" + e.toString()); - } // try - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - - CMS.debug("CertRequestPanel: display()"); - context.put("title", "Requests and Certificates"); - - try { - mCerts = new Vector(); - - IConfigStore config = CMS.getConfigStore(); - - String certTags = config.getString("preop.cert.list"); - String csType = config.getString("cs.type"); - StringTokenizer st = new StringTokenizer(certTags, ","); - - while (st.hasMoreTokens()) { - String certTag = st.nextToken(); - - try { - String subsystem = config.getString(PCERT_PREFIX + certTag + ".subsystem"); - String nickname = config.getString(subsystem + "." + certTag + ".nickname"); - String tokenname = config.getString(subsystem + "." + certTag + ".tokenname"); - - Cert c = new Cert(tokenname, nickname, certTag); - ConfigurationUtils.handleCertRequest(config, certTag, c); - - String type = config.getString(PCERT_PREFIX + certTag + ".type"); - c.setType(type); - - boolean enable = config.getBoolean(PCERT_PREFIX + certTag + ".enable", true); - c.setEnable(enable); - getCert(config, context, certTag, c); - - c.setSubsystem(subsystem); - mCerts.addElement(c); - - if (csType.equals("TPS") && certTag.equals("subsystem")) { - // update nicknames in case they have changed - if (!tokenname.isEmpty() && !tokenname.equals("internal") - && !tokenname.equals("Internal Key Storage Token")) - nickname = tokenname + ":" + nickname; - - config.putString("conn.ca1.clientNickname", nickname); - config.putString("conn.drm1.clientNickname", nickname); - config.putString("conn.tks1.clientNickname", nickname); - } - } catch (Exception e) { - CMS.debug("CertRequestPanel:display() Exception caught: " + e.toString() + - " for certTag " + certTag); - } - } - } catch (Exception e) { - CMS.debug("CertRequestPanel:display() Exception caught: " + e.toString()); - System.err.println("Exception caught: " + e.toString()); - - } // try - - context.put("reqscerts", mCerts); - context.put("status", "display"); - // context.put("status_token", "None"); - context.put("panel", "admin/console/config/certrequestpanel.vm"); - - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - CMS.debug("CertRequestPanel: in update()"); - boolean hasErr = false; - IConfigStore config = CMS.getConfigStore(); - - if (isPanelDone()) { - context.put("updateStatus", "success"); - return; - } - - Enumeration c = mCerts.elements(); - while (c.hasMoreElements()) { - Cert cert = c.nextElement(); - if (hasErr) continue; - - int ret=0; - try { - cert.setCert(HttpInput.getCert(request, cert.getCertTag())); - cert.setCertChain(HttpInput.getCertChain(request, cert.getCertTag() + "_cc")); - - ret = ConfigurationUtils.handleCerts(cert); - ConfigurationUtils.setCertPermissions(cert.getCertTag()); - } catch (Exception e) { - CMS.debug("Exception in configuring system certificate " + cert.getCertTag() + ": " + e); - e.printStackTrace(); - hasErr = true; - } - if (ret != 0) { - CMS.debug("System certificates not configured " + cert.getCertTag()); - } - } - // end new - - if (!hasErr) { - try { - config.putBoolean("preop.CertRequestPanel.done", true); - config.commit(false); - } catch (EBaseException e) { - e.printStackTrace(); - CMS.debug("Unable to commit changes to CS,cfg: " +e); - } - context.put("updateStatus", "success"); - } else { - context.put("updateStatus", "failure"); - } - } - - /** - * If validate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Certificate Request"); - context.put("panel", "admin/console/config/certrequestpanel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java index 36b0e4d0d44ec8987856ebaaa3f4919c4a3f7071..a3be87c76a30ec89e7b5cf9670342b92c58a36c6 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java @@ -29,14 +29,6 @@ import java.util.Set; import javax.servlet.http.HttpServletResponse; -import netscape.security.pkcs.PKCS10; -import netscape.security.x509.CertificateExtensions; -import netscape.security.x509.CertificateIssuerName; -import netscape.security.x509.X500Name; -import netscape.security.x509.X509CertImpl; -import netscape.security.x509.X509CertInfo; -import netscape.security.x509.X509Key; - import org.apache.commons.lang.ArrayUtils; import org.apache.commons.lang.StringUtils; import org.apache.velocity.context.Context; @@ -68,11 +60,19 @@ import com.netscape.cmsutil.http.HttpResponse; import com.netscape.cmsutil.http.JssSSLSocketFactory; import com.netscape.cmsutil.xml.XMLObject; +import netscape.security.pkcs.PKCS10; +import netscape.security.x509.CertificateExtensions; +import netscape.security.x509.CertificateIssuerName; +import netscape.security.x509.X500Name; +import netscape.security.x509.X509CertImpl; +import netscape.security.x509.X509CertInfo; +import netscape.security.x509.X509Key; + public class CertUtil { static final int LINE_COUNT = 76; public static X509CertImpl createRemoteCert(String hostname, - int port, String content, HttpServletResponse response, WizardPanelBase panel) + int port, String content, HttpServletResponse response) throws IOException { HttpClient httpclient = new HttpClient(); String c = null; @@ -114,11 +114,7 @@ public class CertUtil { String status = parser.getValue("Status"); CMS.debug("CertUtil createRemoteCert: status=" + status); - if (status.equals("2")) { - //relogin to the security domain - panel.reloginSecurityDomain(response); - return null; - } else if (!status.equals("0")) { + if (!status.equals("0")) { String error = parser.getValue("Error"); throw new IOException(error); } @@ -206,7 +202,7 @@ public class CertUtil { } } - + // Dynamically inject the SubjectAlternativeName extension to a // local/self-signed master CA's request for its SSL Server Certificate. // diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java deleted file mode 100644 index 03233042c89b77d6624a903c133555601deeca6b..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java +++ /dev/null @@ -1,296 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.FileNotFoundException; -import java.io.IOException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; -import org.mozilla.jss.CryptoManager; -import org.mozilla.jss.crypto.CryptoToken; -import org.mozilla.jss.util.IncorrectPasswordException; -import org.mozilla.jss.util.Password; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.property.Descriptor; -import com.netscape.certsrv.property.IDescriptor; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; -import com.netscape.cmsutil.password.PlainPasswordReader; -import com.netscape.cmsutil.password.PlainPasswordWriter; - -public class ConfigHSMLoginPanel extends WizardPanelBase { - private CryptoManager mCryptoManager = null; - private String mPwdFilePath = ""; - - public ConfigHSMLoginPanel() { - } - - public void init(ServletConfig config, int panelno) throws ServletException { - try { - mCryptoManager = CryptoManager.getInstance(); - mPwdFilePath = CMS.getConfigStore().getString( - "passwordFile"); - } catch (Exception e) { - CMS.debug("ConfigHSMLoginPanel: " + e.toString()); - } - setPanelNo(panelno); - setName("ConfigHSMLogin"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) throws ServletException { - try { - mCryptoManager = CryptoManager.getInstance(); - mPwdFilePath = CMS.getConfigStore().getString( - "passwordFile"); - } catch (Exception e) { - CMS.debug("ConfigHSMLoginPanel: " + e.toString()); - } - setPanelNo(panelno); - setName("ConfigHSMLogin"); - setId(id); - } - - public void cleanUp() throws IOException { - } - - public boolean isPanelDone() { - return true; - } - - public boolean isSubPanel() { - return true; - } - - public boolean isLoopbackPanel() { - return true; - } - - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - - CMS.debug("ConfigHSMLoginPanel: in display()"); - context.put("title", "Security Module Login"); - - // get token selected to be logged in - String tokName = null; - tokName = HttpInput.getTokenName(request, "SecToken"); - - if (tokName != null) { - CMS.debug("ConfigHSMLoginPanel: selected token name= " + tokName); - } else { - CMS.debug("ConfigHSMLoginPanel: missing SecToken name"); - context.put("error", "noTokenName"); - context.put("panel", "admin/console/config/config_hsmloginpanel.vm"); - return; - } - CryptoToken token = null; - - try { - token = mCryptoManager.getTokenByName(tokName); - } catch (Exception e) { - CMS.debug( - "ConfigHSMLoginPanel: getTokenByName() failed: " - + e.toString()); - context.put("error", "tokenNotFound:" + tokName); - context.put("panel", "admin/console/config/config_hsmloginpanel.vm"); - return; - } - // first see if password in password file, try to login - PlainPasswordReader pr = new PlainPasswordReader(); - - try { - pr.init(mPwdFilePath); - } catch (Exception e) { - // is ok to not have it - CMS.debug("ConfigHSMLoginPanel: passwrd file path: " + e.toString()); - } - CMS.debug("ConfigHSMLoginPanel: checking if passwd in cache"); - String tokPwd = pr.getPassword("hardware-" + tokName); - - boolean loggedIn = false; - - if (tokPwd == null) { - CMS.debug("ConfigHSMLoginPanel: passwd not in cache"); - } else { - loggedIn = loginToken(token, tokPwd, context); - } - - if (!loggedIn) { - context.put("status", "display"); - } - context.put("panel", "admin/console/config/config_hsmloginpanel.vm"); - context.put("SecToken", tokName); - } - - // if logged in successfully, returns true - private boolean loginToken(CryptoToken token, String tokPwd, Context context) { - boolean rv = true; - Password password = null; - - password = new Password(tokPwd.toCharArray()); - - try { - if (token.passwordIsInitialized()) { - CMS.debug( - "ConfigHSMLoginPanel: loginToken():token password is initialized"); - if (!token.isLoggedIn()) { - CMS.debug( - "ConfigHSMLoginPanel: loginToken():Token is not logged in, try it"); - token.login(password); - context.put("status", "justLoggedIn"); - } else { - CMS.debug( - "ConfigHSMLoginPanel:Token has already logged on"); - context.put("status", "alreadyLoggedIn"); - } - } else { - CMS.debug( - "ConfigHSMLoginPanel: loginToken():Token password not initialized"); - context.put("status", "tokenPasswordNotInitialized"); - rv = false; - } - - } catch (IncorrectPasswordException e) { - context.put("status", "incorrectPassword"); - context.put("errorString", e.toString()); - CMS.debug("ConfigHSMLoginPanel: loginToken():" + e.toString()); - rv = false; - } catch (Exception e) { - CMS.debug("ConfigHSMLoginPanel: loginToken():" + e.toString()); - context.put("errorString", e.toString()); - rv = false; - } - return rv; - } - - // XXX how do you do this? - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - Descriptor choiceDesc = new Descriptor(IDescriptor.CHOICE, "", "", null); /* no default parameters */ - - set.add( - "choice", choiceDesc); - - return set; - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) { - - CMS.debug("ConfigHSMLoginPanel: in update()"); - - String uTokName = null; - String uPasswd = null; - try { - uTokName = HttpInput.getTokenName(request, "uTokName"); - uPasswd = HttpInput.getPassword(request, "__uPasswd"); - } catch (Exception e) { - } - - if (uPasswd == null) { - CMS.debug("ConfigHSMLoginPanel: password not found"); - context.put("error", "no password"); - context.put("panel", "admin/console/config/config_hsmloginpanel.vm"); - context.put("updateStatus", "no password"); - return; - } else { - CMS.debug("ConfigHSMLoginPanel: got password"); - - CryptoToken token = null; - - try { - token = mCryptoManager.getTokenByName(uTokName); - } catch (Exception e) { - CMS.debug( - "ConfigHSMLoginPanel: getTokenByName() failed: " - + e.toString()); - context.put("error", "tokenNotFound:" + uTokName); - } - - try { - if (loginToken(token, uPasswd, context) == false) { - CMS.debug( - "ConfigHSMLoginPanel:loginToken failed for " - + uTokName); - context.put("error", "tokenLoginFailed"); - context.put("updateStatus", "login failed"); - context.put("panel", - "admin/console/config/config_hsmloginpanel.vm"); - return; - } - CMS.debug( - "ConfigHSMLoginPanel: update(): just logged in successfully"); - PlainPasswordWriter pw = new PlainPasswordWriter(); - - pw.init(mPwdFilePath); - pw.putPassword("hardware-" + uTokName, uPasswd); - pw.commit(); - - } catch (FileNotFoundException e) { - CMS.debug( - "ConfigHSMLoginPanel: update(): Exception caught: " - + e.toString() + " writing to " + mPwdFilePath); - CMS.debug( - "ConfigHSMLoginPanel: update(): password not written to cache"); - System.err.println("Exception caught: " + e.toString()); - context.put("error", "Exception:" + e.toString()); - } catch (Exception e) { - CMS.debug( - "ConfigHSMLoginPanel: update(): Exception caught: " - + e.toString()); - System.err.println("Exception caught: " + e.toString()); - context.put("error", "Exception:" + e.toString()); - } - - } // found password - - context.put("panel", "admin/console/config/config_hsmloginpanel.vm"); - context.put("status", "update"); - context.put("error", ""); - context.put("updateStatus", "success"); - - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Security Module Login"); - context.put("panel", "admin/console/config/config_hsmloginpanel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java index 7b5bef567de773c0cd5b86ba6e36a1c16f444012..4d362930374f15f4f1daa88e0aa4dc606b814340 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java +++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java @@ -2462,7 +2462,7 @@ public class ConfigurationUtils { } public static void configCert(HttpServletRequest request, HttpServletResponse response, - Context context, Cert certObj, WizardPanelBase panel) throws IOException { + Context context, Cert certObj) throws IOException { IConfigStore config = CMS.getConfigStore(); String caType = certObj.getType(); @@ -2545,7 +2545,7 @@ public class ConfigurationUtils { + "&cert_request_type=pkcs10&cert_request=" + URLEncoder.encode(pkcs10, "UTF-8") + "&xmlOutput=true&sessionID=" + session_id; cert = CertUtil.createRemoteCert(sd_hostname, sd_ee_port, - content, response, panel); + content, response); if (cert == null) { throw new IOException("Error: remote certificate is null"); } @@ -2584,7 +2584,7 @@ public class ConfigurationUtils { + "&xmlOutput=true&sessionID=" + session_id + sslserver_extension; cert = CertUtil.createRemoteCert(ca_hostname, ca_port, - content, response, panel); + content, response); if (cert == null) { throw new IOException("Error: remote certificate is null"); } diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java deleted file mode 100644 index 462e054555e6db78ea568c921bae4e6cb45c5975..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java +++ /dev/null @@ -1,279 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; -import java.net.URL; -import java.util.StringTokenizer; -import java.util.Vector; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class CreateSubsystemPanel extends WizardPanelBase { - - public CreateSubsystemPanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Subsystem Selection"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Subsystem Type"); - setId(id); - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putString("preop.subsystem.select", ""); - cs.putString("subsystem.select", ""); - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.subsystem.select", ""); - if (s == null || s.equals("")) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - /* XXX */ - - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Subsystem Type"); - IConfigStore config = CMS.getConfigStore(); - - try { - String session_id = request.getParameter("session_id"); - if (session_id != null) { - CMS.debug("CreateSubsystemPanel setting session id."); - CMS.setConfigSDSessionId(session_id); - } - - if (isPanelDone()) { - String s = config.getString("preop.subsystem.select"); - if (s.equals("new")) { - context.put("check_newsubsystem", "checked"); - context.put("check_clonesubsystem", ""); - } else if (s.equals("clone")) { - context.put("check_newsubsystem", ""); - context.put("check_clonesubsystem", "checked"); - } - context.put("subsystemName", config.getString("preop.subsystem.name")); - } else { - context.put("check_newsubsystem", "checked"); - context.put("check_clonesubsystem", ""); - context.put("subsystemName", config.getString("preop.system.fullname")); - } - - String cstype = config.getString("cs.type", ""); - context.put("cstype", cstype); - context.put("wizardname", config.getString("preop.wizard.name")); - context.put("systemname", config.getString("preop.system.name")); - context.put("fullsystemname", config.getString("preop.system.fullname")); - context.put("machineName", config.getString("machineName")); - context.put("http_port", CMS.getEENonSSLPort()); - context.put("https_agent_port", CMS.getAgentPort()); - context.put("https_ee_port", CMS.getEESSLPort()); - context.put("https_admin_port", CMS.getAdminPort()); - - String domainType = config.getString("preop.securitydomain.select"); - Vector v = null; - if (!domainType.equals("new")) { - try { - v = ConfigurationUtils.getUrlListFromSecurityDomain(config, cstype, "SecurePort"); - } catch (Exception e) { - // note: this is OK for a new master ca in a new domain - CMS.debug("Exception thrown when obtaining URL List from security domain:" + e); - e.printStackTrace(); - } - } - - if (v == null) { - v = new Vector(); - } - - StringBuffer list = new StringBuffer(); - int size = v.size(); - for (int i = 0; i < size; i++) { - if (i == size - 1) { - list.append(v.elementAt(i)); - } else { - list.append(v.elementAt(i)); - list.append(","); - } - } - - config.putString("preop.master.list", list.toString()); - config.commit(false); - - if (list.length() == 0) - context.put("disableClone", "true"); - - context.put("panel", "admin/console/config/createsubsystempanel.vm"); - context.put("urls", v); - context.put("errorString", ""); - } catch (Exception e) { - e.printStackTrace(); - context.put("errorString", e.toString()); - CMS.debug("CreateSubsystemPanel: Exception thrown: " + e); - } - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore config = CMS.getConfigStore(); - String select = HttpInput.getID(request, "choice"); - - if (select == null) { - CMS.debug("CreateSubsystemPanel: choice not found"); - context.put("updateStatus", "failure"); - throw new IOException("choice not found"); - } - - try { - String cstype = config.getString("cs.type", ""); - config.putString("preop.subsystem.name", HttpInput.getName(request, "subsystemName")); - - if (select.equals("newsubsystem")) { - config.putString("preop.subsystem.select", "new"); - config.putString("subsystem.select", "New"); - } else if (select.equals("clonesubsystem")) { - config.putString("preop.subsystem.select", "clone"); - config.putString("subsystem.select", "Clone"); - - String lists = config.getString("preop.cert.list", ""); - StringTokenizer t = new StringTokenizer(lists, ","); - while (t.hasMoreTokens()) { - String tag = t.nextToken(); - if (tag.equals("sslserver")) - config.putBoolean(PCERT_PREFIX + tag + ".enable", true); - else - config.putBoolean(PCERT_PREFIX + tag + ".enable", false); - } - - // get the masterURL - String index = request.getParameter("urls"); - String url = ""; - - int x = Integer.parseInt(index); - String list = config.getString("preop.master.list", ""); - StringTokenizer tokenizer = new StringTokenizer(list, ","); - int counter = 0; - - while (tokenizer.hasMoreTokens()) { - url = tokenizer.nextToken(); - if (counter == x) break; - counter++; - } - - url = url.substring(url.indexOf("http")); - - URL u = new URL(url); - String host = u.getHost(); - int https_ee_port = u.getPort(); - - String domainXML = config.getString("preop.domainXML"); - - // check URI and update preop.master port entries - boolean validUri = ConfigurationUtils.isValidCloneURI(domainXML, host, https_ee_port); - if (!validUri) { - throw new IOException("Invalid clone URI provided. Does not match the available subsystems in " + - "the security domain"); - } - if (cstype.equals("CA")) { - int https_admin_port = ConfigurationUtils.getPortFromSecurityDomain(domainXML, - host, https_ee_port, "CA", "SecurePort", "SecureAdminPort"); - - ConfigurationUtils.importCertChain(host, https_admin_port, "/ca/admin/ca/getCertChain", "clone"); - } - } else { - CMS.debug("CreateSubsystemPanel: invalid choice " + select); - context.put("updateStatus", "failure"); - throw new IOException("invalid choice " + select); - } - - config.commit(false); - } catch (Exception e) { - CMS.debug("CreateSubsystemPanel: Exception thrown : " + e); - context.put("errorString", e.toString()); - context.put("updateStatus", "failure"); - throw new IOException(e); - } - - context.put("updateStatus", "success"); - } - - /** - * If validate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Subsystem Type"); - context.put("panel", "admin/console/config/createsubsystempanel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java deleted file mode 100644 index 56234f7cd9a88fd1984a3a3467cbafd173e44c21..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java +++ /dev/null @@ -1,532 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; -import java.util.Random; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.Descriptor; -import com.netscape.certsrv.property.IDescriptor; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class DatabasePanel extends WizardPanelBase { - - private static final String HOST = "localhost"; - private static final String CLONE_HOST = "Enter FQDN here"; - private static final String PORT = "389"; - private static final String BINDDN = "cn=Directory Manager"; - - private WizardServlet mServlet = null; - - public DatabasePanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Internal Database"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Internal Database"); - setId(id); - mServlet = servlet; - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putBoolean("preop.Database.done", false); - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - boolean s = cs.getBoolean("preop.Database.done", - false); - - if (s != true) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - Descriptor hostDesc = new Descriptor(IDescriptor.STRING, null, null, "Host name"); - set.add("hostname", hostDesc); - - Descriptor portDesc = new Descriptor(IDescriptor.INTEGER, null, null, "Port"); - set.add("portStr", portDesc); - - Descriptor basednDesc = new Descriptor(IDescriptor.STRING, null, null, "Base DN"); - set.add("basedn", basednDesc); - - Descriptor binddnDesc = new Descriptor(IDescriptor.STRING, null, null, "Bind DN"); - set.add("binddn", binddnDesc); - - Descriptor bindpwdDesc = new Descriptor(IDescriptor.PASSWORD, null, null, "Bind Password"); - set.add("bindpwd", bindpwdDesc); - - Descriptor databaseDesc = new Descriptor(IDescriptor.STRING, null, null, "Database"); - set.add("database", databaseDesc); - - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - CMS.debug("DatabasePanel: display()"); - context.put("title", "Internal Database"); - context.put("firsttime", "false"); - IConfigStore cs = CMS.getConfigStore(); - String hostname = null; - String portStr = null; - String basedn = null; - String binddn = null; - String bindpwd = ""; - String database = null; - String errorString = ""; - String secure = "false"; - String masterReplicationPort = ""; - String cloneReplicationPort = ""; - String replicationSecurity = ""; - - try { - @SuppressWarnings("unused") - String s = cs.getString("preop.database.removeData"); // check whether it's first time - } catch (Exception e) { - context.put("firsttime", "true"); - } - - String select = ""; - try { - select = cs.getString("preop.subsystem.select", ""); - } catch (Exception e) { - } - - if (isPanelDone()) { - try { - hostname = cs.getString("internaldb.ldapconn.host", ""); - portStr = cs.getString("internaldb.ldapconn.port", ""); - basedn = cs.getString("internaldb.basedn", ""); - binddn = cs.getString("internaldb.ldapauth.bindDN", ""); - database = cs.getString("internaldb.database", ""); - secure = cs.getString("internaldb.ldapconn.secureConn", ""); - replicationSecurity = cs.getString("internaldb.ldapconn.replicationSecurity", "None"); - masterReplicationPort = cs.getString("internaldb.ldapconn.masterReplicationPort", ""); - cloneReplicationPort = cs.getString("internaldb.ldapconn.cloneReplicationPort", ""); - errorString = cs.getString("preop.database.errorString", ""); - } catch (Exception e) { - CMS.debug("DatabasePanel display: " + e.toString()); - } - } else if (select.equals("clone")) { - hostname = CLONE_HOST; - portStr = PORT; - try { - basedn = cs.getString("internaldb.basedn", ""); - } catch (Exception e) { - CMS.debug("DatabasePanel::display() - " - + "Exception=" + e.toString()); - return; - } - binddn = BINDDN; - database = basedn.substring(basedn.lastIndexOf('=') + 1); - CMS.debug("Clone: database=" + database); - } else { - hostname = HOST; - portStr = PORT; - String instanceId = ""; - String machineName = ""; - - try { - instanceId = cs.getString("instanceId", ""); - machineName = cs.getString("machineName", ""); - } catch (Exception e) { - CMS.debug("DatabasePanel display: " + e.toString()); - } - String suffix = "dc=" + machineName + "-" + instanceId; - - boolean multipleEnable = false; - try { - multipleEnable = cs.getBoolean( - "internaldb.multipleSuffix.enable", false); - } catch (Exception e) { - } - - if (multipleEnable) - basedn = "ou=" + instanceId + "," + suffix; - else - basedn = suffix; - binddn = BINDDN; - database = machineName + "-" + instanceId; - } - - context.put("clone", select); - context.put("hostname", hostname); - context.put("portStr", portStr); - context.put("basedn", basedn); - context.put("binddn", binddn); - context.put("bindpwd", bindpwd); - context.put("database", database); - context.put("secureConn", (secure.equals("true") ? "on" : "off")); - context.put("masterReplicationPort", masterReplicationPort); - context.put("cloneReplicationPort", cloneReplicationPort); - context.put("replicationSecurity", replicationSecurity); - context.put("panel", "admin/console/config/databasepanel.vm"); - context.put("errorString", errorString); - } - - public void initParams(HttpServletRequest request, Context context) - throws IOException { - IConfigStore config = CMS.getConfigStore(); - String select = ""; - try { - select = config.getString("preop.subsystem.select", ""); - } catch (Exception e) { - } - context.put("clone", select); - context.put("hostname", (request.getParameter("host") != null) ? request.getParameter("host") : ""); - context.put("portStr", (request.getParameter("port") != null) ? request.getParameter("port") : ""); - context.put("basedn", (request.getParameter("basedn") != null) ? request.getParameter("basedn") : ""); - context.put("binddn", (request.getParameter("binddn") != null) ? request.getParameter("binddn") : ""); - context.put("bindpwd", (request.getParameter("__bindpwd") != null) ? - request.getParameter("__bindpwd"): ""); - context.put("database", (request.getParameter("database") != null) ? - request.getParameter("database") : ""); - context.put("masterReplicationPort", (request.getParameter("masterReplicationPort") != null) ? - request.getParameter("masterReplicationPort"): ""); - context.put("cloneReplicationPort", (request.getParameter("cloneReplicationPort") != null) ? - request.getParameter("cloneReplicationPort"): ""); - context.put("replicationSecurity", (request.getParameter("replicationSecurity") != null) ? - request.getParameter("replicationSecurity"): "None"); - } - - /** - * Parses and validates the parameters in the request. - */ - public void parseParameters(HttpServletRequest request, - HttpServletResponse response, Context context) throws IOException { - IConfigStore cs = CMS.getConfigStore(); - - String select = ""; - try { - select = cs.getString("preop.subsystem.select", ""); - } catch (Exception e) { - } - - String hostname = HttpInput.getHostname(request, "host"); - if (hostname == null || hostname.length() == 0) { - throw new IOException("hostname is empty string"); - } - context.put("hostname", hostname); - - // this validates that port is an integer - String portStr = HttpInput.getPortNumber(request, "port"); - context.put("portStr", portStr); - - String basedn = HttpInput.getDN(request, "basedn"); - if (basedn == null || basedn.length() == 0) { - throw new IOException("basedn is empty string"); - } - context.put("basedn", basedn); - - String binddn = HttpInput.getDN(request, "binddn"); - if (binddn == null || binddn.length() == 0) { - throw new IOException("binddn is empty string"); - } - context.put("binddn", binddn); - - String database = HttpInput.getLdapDatabase(request, "database"); - if (database == null || database.length() == 0) { - throw new IOException("Database is empty string"); - } - context.put("database", database); - - String bindpwd = HttpInput.getPassword(request, "__bindpwd"); - if (bindpwd == null || bindpwd.length() == 0) { - throw new IOException("Bind password is empty string"); - } - context.put("bindpwd", bindpwd); - - String secure = HttpInput.getCheckbox(request, "secureConn"); - context.put("secureConn", secure); - - String masterReplicationPort = HttpInput.getString(request, "masterReplicationPort"); - if (masterReplicationPort != null && masterReplicationPort.length() > 0) { - try { - Integer.parseInt(masterReplicationPort); // check for errors - } catch (NumberFormatException e) { - throw new IOException("Master replication port is invalid"); - } - } - context.put("masterReplicationPort", masterReplicationPort); - - String cloneReplicationPort = HttpInput.getString(request, "cloneReplicationPort"); - if (cloneReplicationPort != null && cloneReplicationPort.length() > 0) { - try { - Integer.parseInt(cloneReplicationPort); // check for errors - } catch (Exception e) { - throw new IOException("Clone replication port is invalid"); - } - } - context.put("cloneReplicationPort", cloneReplicationPort); - - String replicationSecurity = HttpInput.getString(request, "replicationSecurity"); - context.put("replicationSecurity", replicationSecurity); - - if (select.equals("clone")) { - String masterhost = ""; - String masterport = ""; - String masterbasedn = ""; - String realhostname = ""; - try { - masterhost = cs.getString("preop.internaldb.master.ldapconn.host", ""); - masterport = cs.getString("preop.internaldb.master.ldapconn.port", ""); - masterbasedn = cs.getString("preop.internaldb.master.basedn", ""); - realhostname = cs.getString("machineName", ""); - } catch (Exception e) { - } - - if (masterhost.equals(realhostname) && masterport.equals(portStr)) { - throw new IOException("Master and clone must not share the same internal database"); - } - - if (!masterbasedn.equals(basedn)) { - throw new IOException("Master and clone should have the same base DN"); - } - } - - context.put("errorString", ""); - cs.putString("preop.database.errorString", ""); - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - - IConfigStore cs = CMS.getConfigStore(); - context.put("firsttime", "false"); - try { - @SuppressWarnings("unused") - String s = cs.getString("preop.database.removeData"); // check whether it's first time - } catch (Exception e) { - context.put("firsttime", "true"); - } - - try { - parseParameters(request, response, context); - } catch (IOException e) { - context.put("errorString", e.getMessage()); - cs.putString("preop.database.errorString", e.getMessage()); - context.put("updateStatus", "validate-failure"); - throw e; - } - - context.put("errorString", ""); - cs.putString("preop.database.errorString", ""); - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore cs = CMS.getConfigStore(); - - context.put("firsttime", "false"); - try { - @SuppressWarnings("unused") - String s = cs.getString("preop.database.removeData"); // check whether it's first time - } catch (Exception e) { - context.put("firsttime", "true"); - } - - String hostname1 = ""; - String portStr1 = ""; - String database1 = ""; - String masterPortStr = ""; - String csType = ""; - String select = ""; - - try { - hostname1 = cs.getString("internaldb.ldapconn.host", ""); - portStr1 = cs.getString("internaldb.ldapconn.port", ""); - database1 = cs.getString("internaldb.database", ""); - masterPortStr = cs.getString("preop.internaldb.master.ldapconn.port", "0"); - csType = cs.getString("cs.type"); - select = cs.getString("preop.subsystem.select", ""); - } catch (Exception e) { - } - - try { - parseParameters(request, response, context); - } catch (IOException e) { - context.put("errorString", e.getMessage()); - cs.putString("preop.database.errorString", e.getMessage()); - context.put("updateStatus", "validate-failure"); - throw e; - } - - String hostname2 = (String) context.get("hostname"); - String portStr2 = (String) context.get("portStr"); - String database2 = (String) context.get("database"); - String basedn2 = (String) context.get("basedn"); - String binddn = (String) context.get("binddn"); - String secure = (String) context.get("secureConn"); - String masterReplicationPortStr = (String) context.get("masterReplicationPort"); - String cloneReplicationPortStr = (String) context.get("cloneReplicationPort"); - - cs.putString("internaldb.ldapconn.host", hostname2); - cs.putString("internaldb.ldapconn.port", portStr2); - cs.putString("internaldb.database", database2); - cs.putString("internaldb.basedn", basedn2); - cs.putString("internaldb.ldapauth.bindDN", binddn); - cs.putString("internaldb.ldapconn.secureConn", (secure.equals("on") ? "true" : "false")); - - if (csType.equals("TPS")) { - cs.putString("tokendb.activityBaseDN", "ou=Activities," + basedn2); - cs.putString("tokendb.baseDN", "ou=Tokens," + basedn2); - cs.putString("tokendb.certBaseDN", "ou=Certificates," + basedn2); - cs.putString("tokendb.userBaseDN", basedn2); - cs.putString("tokendb.hostport", hostname2 + ":" + portStr2); - } - - if ((masterReplicationPortStr == null) || (masterReplicationPortStr.length() == 0)) { - masterReplicationPortStr = masterPortStr; - } - cs.putString("internaldb.ldapconn.masterReplicationPort", masterReplicationPortStr); - - int cloneReplicationPort = 0; - int port = Integer.parseInt(portStr2); - if ((cloneReplicationPortStr == null) || (cloneReplicationPortStr.length() == 0)) { - cloneReplicationPortStr = portStr2; - } - cloneReplicationPort = Integer.parseInt(cloneReplicationPortStr); - cs.putString("internaldb.ldapconn.cloneReplicationPort", cloneReplicationPortStr); - - String replicationSecurity = HttpInput.getString(request, "replicationSecurity"); - if ((cloneReplicationPort == port) && (secure.equals("true"))) { - replicationSecurity = "SSL"; - } else if (replicationSecurity == null) { - replicationSecurity = "None"; - } - cs.putString("internaldb.ldapconn.replicationSecurity", replicationSecurity); - - String remove = HttpInput.getID(request, "removeData"); - cs.putString("preop.database.removeData", ((remove != null) && (!remove.equals(""))) ? - "true" : "false"); - - if (isPanelDone() && (remove == null || remove.equals(""))) { - /* if user submits the same data, they just want to skip - to the next panel, no database population is required. */ - if (hostname1.equals(hostname2) && - portStr1.equals(portStr2) && - database1.equals(database2)) { - context.put("updateStatus", "success"); - return; - } - } - - mServlet.cleanUpFromPanel(mServlet.getPanelNo(request)); - - try { - /* BZ 430745 create password for replication manager */ - String replicationpwd = Integer.toString(new Random().nextInt()); - - IConfigStore psStore = null; - String passwordFile = null; - passwordFile = cs.getString("passwordFile"); - psStore = CMS.createFileConfigStore(passwordFile); - psStore.putString("internaldb", HttpInput.getPassword(request, "__bindpwd")); - psStore.putString("replicationdb", replicationpwd); - psStore.commit(false); - - ConfigurationUtils.populateDB(); - - cs.putString("preop.internaldb.replicationpwd", replicationpwd); - cs.putString("preop.database.removeData", "false"); - - if (select.equals("clone")) { - CMS.debug("Start setting up replication."); - ConfigurationUtils.setupReplication(); - } - - ConfigurationUtils.reInitSubsystem(csType); - ConfigurationUtils.populateDBManager(); - ConfigurationUtils.populateVLVIndexes(); - - cs.putBoolean("preop.Database.done", true); - cs.commit(false); - } catch (Exception e) { - e.printStackTrace(); - CMS.debug("DatabasePanel update: error in populating database " + e.toString()); - context.put("errorString", e.toString()); - cs.putString("preop.database.errorString", e.toString()); - context.put("updateStatus", "failure"); - throw new IOException(e.toString()); - } - - context.put("updateStatus", "success"); - } - - /** - * If validate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - - try { - initParams(request, context); - } catch (IOException e) { - } - context.put("title", "Database"); - context.put("panel", "admin/console/config/databasepanel.vm"); - } - -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java deleted file mode 100644 index 702c5aa9286430f03883ca57eac7fff1f154947a..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java +++ /dev/null @@ -1,226 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; -import java.net.URLEncoder; -import java.util.Locale; -import java.util.Vector; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import netscape.security.util.CertPrettyPrint; -import netscape.security.x509.X509CertImpl; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.cms.servlet.wizard.WizardServlet; -import com.netscape.cmsutil.crypto.CryptoUtil; - -public class DisplayCertChainPanel extends WizardPanelBase { - - public DisplayCertChainPanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Display Certificate Chain"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Display Certificate Chain"); - setId(id); - } - - public boolean isSubPanel() { - return true; - } - - public boolean isPanelDone() { - return true; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - return set; - } - - public void cleanUp() throws IOException { - } - - /** - * Should we skip this panel for the configuration. - */ - public boolean shouldSkip() { - CMS.debug("DisplayCertChainPanel: should skip"); - - IConfigStore cs = CMS.getConfigStore(); - // if we are root, no need to get the certificate chain. - - try { - String select = cs.getString("securitydomain.select", ""); - String type = cs.getString("preop.subsystem.select", ""); - String hierarchy = cs.getString("preop.hierarchy.select", ""); - - if (getId().equals("hierarchy") && hierarchy.equals("root")) - return true; - - if (select.equals("new")) { - return true; - } - - if (type.equals("new") && getId().equals("clone")) - return true; - - if (type.equals("clone") && getId().equals("ca")) - return true; - } catch (EBaseException e) { - } - - return false; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - try { - CMS.debug("DisplayCertChainPanel: display"); - - // update session id - String session_id = request.getParameter("session_id"); - if (session_id != null) { - CMS.debug("DisplayCertChainPanel setting session id."); - CMS.setConfigSDSessionId(session_id); - } - - String type = getId(); - IConfigStore cs = CMS.getConfigStore(); - String certChainConfigName = "preop." + type + ".certchain.size"; - String certchain_size = cs.getString(certChainConfigName, ""); - int size = 0; - Vector v = new Vector(); - - if (!certchain_size.equals("")) { - size = Integer.parseInt(certchain_size); - for (int i = 0; i < size; i++) { - certChainConfigName = "preop." + type + ".certchain." + i; - String c = cs.getString(certChainConfigName, ""); - byte[] b_c = CryptoUtil.base64Decode(c); - CertPrettyPrint pp = new CertPrettyPrint(new X509CertImpl(b_c)); - - v.addElement(pp.toString(Locale.getDefault())); - } - } - - if (getId().equals("securitydomain")) { - context.put("panelid", "securitydomain"); - context.put("panelname", "Security Domain Trust Verification"); - } else { - context.put("panelid", "other"); - context.put("panelname", "Subsystem Trust Verification"); - } - context.put("title", "Display Certificate Chain"); - context.put("panel", "admin/console/config/displaycertchainpanel.vm"); - context.put("errorString", ""); - context.put("certchain", v); - } catch (Exception e) { - CMS.debug("DisplayCertPanel: Exception thrown: " + e.toString()); - e.printStackTrace(); - context.put("errorString", e.toString()); - } - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - - if (getId().equals("securitydomain")) { - int panel = getPanelNo() + 1; - IConfigStore cs = CMS.getConfigStore(); - try { - String sd_hostname = cs.getString("securitydomain.host", ""); - int sd_port = cs.getInteger("securitydomain.httpsadminport", -1); - String cs_hostname = cs.getString("machineName", ""); - int cs_port = cs.getInteger("pkicreate.admin_secure_port", -1); - String subsystem = cs.getString("cs.type", ""); - String urlVal = "https://" + cs_hostname + ":" + cs_port + "/" + subsystem.toLowerCase() - + "/admin/console/config/wizard?p=" + panel + "&subsystem=" + subsystem; - String encodedValue = URLEncoder.encode(urlVal, "UTF-8"); - String sdurl = "https://" + sd_hostname + ":" + sd_port + "/ca/admin/ca/securityDomainLogin?url=" - + encodedValue; - response.sendRedirect(sdurl); - - // The user previously specified the CA Security Domain's - // SSL Admin port in the "Security Domain Panel"; - // now retrieve this specified CA Security Domain's - // non-SSL EE, SSL Agent, and SSL EE ports: - String domainXML = ConfigurationUtils.getDomainXML(sd_hostname, sd_port, true); - ConfigurationUtils.getSecurityDomainPorts(domainXML, sd_hostname, sd_port); - cs.putString("preop.domainXML", domainXML); - cs.commit(false); - } catch (Exception e) { - CMS.debug("DisplayCertChainPanel Exception=" + e.toString()); - e.printStackTrace(); - context.put("errorString", e.toString()); - context.put("updateStatus", "failure"); - throw new IOException(e); - } - } - context.put("updateStatus", "success"); - } - - /** - * If validate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - - /* This should never be called */ - context.put("title", "Display Certificate Chain"); - context.put("panel", "admin/console/config/displaycertchainpanel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DonePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/DonePanel.java deleted file mode 100644 index d55bd82bfd3eb85bb748ef81b089158bf9edb6e4..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DonePanel.java +++ /dev/null @@ -1,313 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; -import java.math.BigInteger; -import java.net.URI; -import java.net.URISyntaxException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.ocsp.IOCSPAuthority; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.cms.servlet.wizard.WizardServlet; -import com.netscape.cmsutil.util.Utils; - -public class DonePanel extends WizardPanelBase { - - public static final BigInteger BIG_ZERO = new BigInteger("0"); - public static final Long MINUS_ONE = Long.valueOf(-1); - public static final String RESTART_SERVER_AFTER_CONFIGURATION = - "restart_server_after_configuration"; - public static final String PKI_SECURITY_DOMAIN = "pki_security_domain"; - - public DonePanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Done"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Done"); - setId(id); - } - - public boolean hasSubPanel() { - return false; - } - - public void cleanUp() throws IOException { - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - /* XXX */ - - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, HttpServletResponse response, Context context) { - CMS.debug("DonePanel: display()"); - - // update session id - String session_id = request.getParameter("session_id"); - if (session_id != null) { - CMS.debug("NamePanel setting session id."); - CMS.setConfigSDSessionId(session_id); - } - - IConfigStore cs = CMS.getConfigStore(); - - String select = ""; - String type = ""; - String instanceId = ""; - String instanceRoot = ""; - String systemdService = ""; - String ca_host = ""; - String sdtype = ""; - int state = 0; - try { - type = cs.getString("cs.type", ""); - instanceId = cs.getString("instanceId"); - instanceRoot = cs.getString("instanceRoot"); - select = cs.getString("preop.subsystem.select", ""); - systemdService = cs.getString("pkicreate.systemd.servicename", ""); - ca_host = cs.getString("preop.ca.hostname", ""); - sdtype = cs.getString("securitydomain.select", ""); - state = cs.getInteger("cs.state"); - } catch (Exception e) { - } - - String initDaemon = ""; - if (type.equals("CA")) { - initDaemon = "<pki_ca_instance_name>"; - } else if (type.equals("KRA")) { - initDaemon = "<pki_kra_instance_name>"; - } else if (type.equals("OCSP")) { - initDaemon = "<pki_ocsp_instance_name>"; - } else if (type.equals("TKS")) { - initDaemon = "<pki_tks_instance_name>"; - } else if (type.equals("TPS")) { - initDaemon = "<pki_tps_instance_name>"; - } - String os = System.getProperty("os.name"); - if (os.equalsIgnoreCase("Linux")) { - if (!systemdService.equals("")) { - context.put("initCommand", "/bin/systemctl"); - context.put("instanceId", systemdService); - } else { - context.put("initCommand", "/sbin/service " + initDaemon); - context.put("instanceId", instanceId); - } - } else { - /* default case: e. g. - ( os.equalsIgnoreCase( "SunOS" ) */ - context.put("initCommand", "/etc/init.d/" + initDaemon); - context.put("instanceId", instanceId); - } - context.put("title", "Done"); - context.put("panel", "admin/console/config/donepanel.vm"); - context.put("host", CMS.getAdminHost()); - context.put("port", CMS.getAdminPort()); - context.put("systemType", type.toLowerCase()); - - if (state == 1) { - context.put("csstate", "1"); - return; - } else - context.put("csstate", "0"); - - if (ca_host.equals("")) - context.put("externalCA", "true"); - else - context.put("externalCA", "false"); - - // Create or update security domain - - try { - if (sdtype.equals("new")) { - ConfigurationUtils.createSecurityDomain(); - } else { //existing domain - ConfigurationUtils.updateSecurityDomain(); - } - - cs.putString("service.securityDomainPort", CMS.getAgentPort()); - cs.putString("securitydomain.store", "ldap"); - cs.commit(false); - } catch (Exception e) { - CMS.debug("DonePanel - update(): Error while updating security domain: " + e); - e.printStackTrace(); - } - - // push connector information to the CA - try { - if (type.equals("KRA") && !ca_host.equals("")) { - ConfigurationUtils.updateConnectorInfo(CMS.getAgentHost(), CMS.getAgentPort()); - ConfigurationUtils.setupClientAuthUser(); - } - } catch (Exception e) { - context.put("info", "Failed to update connector information. "+e.getMessage()); - CMS.debug("DonePanel - update(): Error while pushing KRA connectot information to the CA: " + e); - e.printStackTrace(); - } - - // import the CA certificate into the OCSP - // configure the CRL Publishing to OCSP in CA - try { - if (type.equals("OCSP") && !ca_host.equals("")) { - CMS.reinit(IOCSPAuthority.ID); - ConfigurationUtils.importCACertToOCSP(); - ConfigurationUtils.updateOCSPConfig(); - ConfigurationUtils.setupClientAuthUser(); - } - } catch (Exception e) { - CMS.debug("DonePanel - update(): Error while configuring OCSP publishing on the CA: " + e); - e.printStackTrace(); - } - - try { - if (!select.equals("clone")) { - if (type.equals("CA") || type.equals("KRA")) { - ConfigurationUtils.updateNextRanges(); - - } - } - } catch (Exception e) { - CMS.debug("DonePanel - update(): Error while updating serial number next ranges: " + e); - e.printStackTrace(); - } - - try { - if (select.equals("clone") && type.equalsIgnoreCase("CA") && ConfigurationUtils.isSDHostDomainMaster(cs)) { - // cloning a domain master CA, the clone is also master of its domain - CMS.debug("Cloning a domain master"); - cs.putString("securitydomain.host", CMS.getEESSLHost()); - cs.putString("securitydomain.httpport", CMS.getEENonSSLPort()); - cs.putString("securitydomain.httpsadminport", CMS.getAdminPort()); - cs.putString("securitydomain.httpsagentport", CMS.getAgentPort()); - cs.putString("securitydomain.httpseeport", CMS.getEESSLPort()); - cs.putString("securitydomain.select", "new"); - } - } catch (Exception e) { - CMS.debug("DonePanel - update(): Error in determining if security domain host is a master CA: " + e); - e.printStackTrace(); - } - - try { - ConfigurationUtils.setupDBUser(); - } catch (Exception e) { - e.printStackTrace(); - CMS.debug("DonePanel - update(): Unable to create or update dbuser" + e); - } - - if (type.equals("TPS")) { - try { - String adminUID = cs.getString("preop.admin.uid", "tpsadmin"); - ConfigurationUtils.addProfilesToTPSUser(adminUID); - - String sd_admin_port = cs.getString("securitydomain.httpsadminport"); - String sd_host = cs.getString("securitydomain.host"); - URI secdomainURI = new URI("https://" + sd_host + ":" + sd_admin_port); - - // register TPS with CA - URI caURI = new URI(cs.getString("preop.cainfo.select")); - ConfigurationUtils.registerUser(secdomainURI, caURI, "ca"); - - // register TPS with TKS - URI tksURI = new URI(cs.getString("preop.tksinfo.select")); - ConfigurationUtils.registerUser(secdomainURI, tksURI, "tks"); - - String keyGen = cs.getString("conn.tks1.serverKeygen", "false"); - if (keyGen.equalsIgnoreCase("true")) { - URI kraURI = new URI(cs.getString("preop.krainfo.select")); - ConfigurationUtils.registerUser(secdomainURI, kraURI, "kra"); - String transportCert = ConfigurationUtils.getTransportCert(secdomainURI, kraURI); - ConfigurationUtils.exportTransportCert(secdomainURI, tksURI, transportCert); - } - } catch (URISyntaxException e) { - e.printStackTrace(); - CMS.debug("Invalid URI for CA, TKS or KRA: " + e); - } catch (Exception e) { - e.printStackTrace(); - CMS.debug("Errors in registering TPS to CA, TKS or KRA: " + e); - } - } - - cs.putInteger("cs.state", 1); - try { - ConfigurationUtils.removePreopConfigEntries(); - } catch (Exception e) { - CMS.debug("DonePanel - update(): Caught exception saving preop variables: " + e); - } - - // Create an empty file that designates the fact that although - // this server instance has been configured, it has NOT yet - // been restarted! - String restart_server = instanceRoot + "/conf/" - + RESTART_SERVER_AFTER_CONFIGURATION; - if (!Utils.isNT()) { - Utils.exec("touch " + restart_server); - Utils.exec("chmod 00660 " + restart_server); - } - - context.put("csstate", "1"); - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) {/* This should never be called */ - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java deleted file mode 100644 index b42bdb7de2b300ec5c3484ee9c78c91e4632533e..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java +++ /dev/null @@ -1,194 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class HierarchyPanel extends WizardPanelBase { - - public HierarchyPanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("PKI Hierarchy"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("PKI Hierarchy"); - setId(id); - } - - public boolean shouldSkip() { - - // we dont need to ask the hierachy if we are - // setting up a clone - try { - IConfigStore c = CMS.getConfigStore(); - String s = c.getString("preop.subsystem.select", - null); - if (s != null && s.equals("clone")) { - // mark this panel as done - c.putString("preop.hierarchy.select", "root"); - c.putString("hierarchy.select", "Clone"); - return true; - } - } catch (EBaseException e) { - } - - return false; - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putString("preop.hierarchy.select", ""); - cs.putString("hierarchy.select", ""); - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.hierarchy.select", ""); - if (s == null || s.equals("")) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - /* XXX */ - - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "PKI Hierarchy"); - IConfigStore config = CMS.getConfigStore(); - - if (isPanelDone()) { - try { - String s = config.getString("preop.hierarchy.select"); - - if (s.equals("root")) { - context.put("check_root", "checked"); - } else if (s.equals("join")) { - context.put("check_join", "checked"); - } - } catch (Exception e) { - CMS.debug(e.toString()); - } - } else { - context.put("check_root", "checked"); - context.put("check_join", ""); - } - - context.put("panel", "admin/console/config/hierarchypanel.vm"); - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore config = CMS.getConfigStore(); - try { - String cstype = config.getString("preop.subsystem.select", ""); - if (cstype.equals("clone")) { - context.put("updateStatus", "success"); - return; - } - } catch (Exception e) { - } - - String select = HttpInput.getID(request, "choice"); - - if (select == null) { - CMS.debug("HierarchyPanel: choice not found"); - context.put("updateStatus", "failure"); - throw new IOException("choice not found"); - } - - if (select.equals("root")) { - config.putString("preop.hierarchy.select", "root"); - config.putString("hierarchy.select", "Root"); - config.putString("preop.ca.type", "sdca"); - try { - config.commit(false); - } catch (EBaseException e) { - } - } else if (select.equals("join")) { - config.putString(PCERT_PREFIX + "signing.type", "remote"); - config.putString("preop.hierarchy.select", "join"); - config.putString("hierarchy.select", "Subordinate"); - } else { - config.putString(PCERT_PREFIX + "signing.type", "remote"); - CMS.debug("HierarchyPanel: invalid choice " + select); - context.put("updateStatus", "failure"); - throw new IOException("invalid choice " + select); - } - context.put("updateStatus", "success"); - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java deleted file mode 100644 index 98614ac61a768a7227433f6a9ca32d4427b28b97..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java +++ /dev/null @@ -1,340 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.BufferedReader; -import java.io.FileReader; -import java.io.IOException; -import java.math.BigInteger; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import netscape.security.x509.X509CertImpl; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.ConflictingOperationException; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.base.ISubsystem; -import com.netscape.certsrv.ca.ICertificateAuthority; -import com.netscape.certsrv.dbs.certdb.ICertificateRepository; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.usrgrp.IUGSubsystem; -import com.netscape.certsrv.usrgrp.IUser; -import com.netscape.cms.servlet.wizard.WizardServlet; -import com.netscape.cmsutil.crypto.CryptoUtil; - -public class ImportAdminCertPanel extends WizardPanelBase { - - public ImportAdminCertPanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Import Administrator's Certificate"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Import Administrator's Certificate"); - setId(id); - } - - public boolean isSubPanel() { - return true; - } - - public void cleanUp() throws IOException { - } - - public boolean isPanelDone() { - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - CMS.debug("ImportAdminCertPanel: display"); - context.put("errorString", ""); - context.put("title", "Import Administrator's Certificate"); - context.put("panel", "admin/console/config/importadmincertpanel.vm"); - context.put("import", "true"); - - IConfigStore cs = CMS.getConfigStore(); - - String type = ""; - - try { - type = cs.getString("preop.ca.type", ""); - } catch (Exception e) { - } - - try { - String serialno = cs.getString("preop.admincert.serialno.0"); - - context.put("serialNumber", serialno); - } catch (Exception e) { - context.put("errorString", "Failed to get serial number."); - } - - context.put("caType", type); - - ISubsystem ca = CMS.getSubsystem("ca"); - - if (ca == null) { - context.put("ca", "false"); - } else { - context.put("ca", "true"); - } - - String caHost = ""; - String caPort = ""; - String info = ""; - - if (ca == null) { - if (type.equals("otherca")) { - try { - // this is a non-CA system that has elected to have its certificates - // signed by a CA outside of the security domain. - // in this case, we submitted the cert request for the admin cert to - // to security domain host. - caHost = cs.getString("securitydomain.host", ""); - caPort = cs.getString("securitydomain.httpsadminport", ""); - } catch (Exception e) { - } - } else if (type.equals("sdca")) { - try { - // this is a non-CA system that submitted its certs to a CA - // within the security domain. In this case, we submitted the cert - // request for the admin cert to this CA - caHost = cs.getString("preop.ca.hostname", ""); - caPort = cs.getString("preop.ca.httpsadminport", ""); - } catch (Exception e) { - } - } - } else { - // for CAs, we always generate our own admin certs - // send our own connection details - try { - caHost = cs.getString("service.machineName", ""); - caPort = cs.getString("pkicreate.admin_secure_port", ""); - } catch (Exception e) { - } - } - - String pkcs7 = ""; - try { - pkcs7 = cs.getString("preop.admincert.pkcs7", ""); - } catch (Exception e) { - } - - context.put("pkcs7", pkcs7); - context.put("caHost", caHost); - context.put("caPort", caPort); - context.put("info", info); - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore cs = CMS.getConfigStore(); - - String type = ""; - String subsystemtype = ""; - String selected_hierarchy = ""; - - try { - type = cs.getString("preop.ca.type", ""); - subsystemtype = cs.getString("cs.type", ""); - selected_hierarchy = cs.getString("preop.hierarchy.select", ""); - } catch (Exception e) { - } - - ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem( - ICertificateAuthority.ID); - - if (ca == null) { - context.put("ca", "false"); - } else { - context.put("ca", "true"); - } - context.put("caType", type); - - X509CertImpl certs[] = new X509CertImpl[1]; - - // REMINDER: This panel is NOT used by "clones" - if (ca != null) { - String serialno = null; - - if (selected_hierarchy.equals("root")) { - CMS.debug("ImportAdminCertPanel update: " - + "Root CA subsystem - " - + "(new Security Domain)"); - } else { - CMS.debug("ImportAdminCertPanel update: " - + "Subordinate CA subsystem - " - + "(new Security Domain)"); - } - - try { - serialno = cs.getString("preop.admincert.serialno.0"); - } catch (Exception e) { - CMS.debug( - "ImportAdminCertPanel update: Failed to get request id."); - context.put("updateStatus", "failure"); - throw new IOException("Failed to get request id."); - } - - ICertificateRepository repost = ca.getCertificateRepository(); - - try { - certs[0] = repost.getX509Certificate( - new BigInteger(serialno, 16)); - } catch (Exception ee) { - } - } else { - String dir = null; - - // REMINDER: This panel is NOT used by "clones" - if (subsystemtype.equals("CA")) { - if (selected_hierarchy.equals("root")) { - CMS.debug("ImportAdminCertPanel update: " - + "Root CA subsystem - " - + "(existing Security Domain)"); - } else { - CMS.debug("ImportAdminCertPanel update: " - + "Subordinate CA subsystem - " - + "(existing Security Domain)"); - } - } else { - CMS.debug("ImportAdminCertPanel update: " - + subsystemtype - + " subsystem"); - } - - try { - dir = cs.getString("preop.admincert.b64", ""); - CMS.debug("ImportAdminCertPanel update: dir=" + dir); - } catch (Exception ee) { - } - - try { - BufferedReader reader = new BufferedReader( - new FileReader(dir)); - String b64 = ""; - - StringBuffer sb = new StringBuffer(); - while (reader.ready()) { - sb.append(reader.readLine()); - } - b64 = sb.toString(); - reader.close(); - - b64 = b64.trim(); - b64 = CryptoUtil.stripCertBrackets(b64); - CMS.debug("ImportAdminCertPanel update: b64=" + b64); - byte[] b = CryptoUtil.base64Decode(b64); - certs[0] = new X509CertImpl(b); - } catch (Exception e) { - CMS.debug("ImportAdminCertPanel update: " + e.toString()); - } - } - - try { - IUGSubsystem ug = (IUGSubsystem) CMS.getSubsystem(IUGSubsystem.ID); - String uid = cs.getString("preop.admin.uid"); - IUser user = ug.getUser(uid); - user.setX509Certificates(certs); - ug.addUserCert(user); - - } catch (ConflictingOperationException e) { - CMS.debug("ImportAdminCertPanel update: failed to add certificate to the internal database. Exception: " - + e.toString()); - // ignore - - } catch (Exception e) { - CMS.debug( - "ImportAdminCertPanel update: failed to add certificate. Exception: " - + e.toString()); - context.put("updateStatus", "failure"); - throw new IOException(e.toString()); - } - - context.put("errorString", ""); - context.put("info", ""); - context.put("title", "Import Administrator Certificate"); - context.put("panel", "admin/console/config/importadmincertpanel.vm"); - context.put("updateStatus", "success"); - } - - public boolean shouldSkip() { - try { - IConfigStore c = CMS.getConfigStore(); - String s = c.getString("preop.subsystem.select", null); - if (s != null && s.equals("clone")) { - return true; - } - } catch (EBaseException e) { - } - - return false; - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - - /* This should never be called */ - context.put("title", "Import Administrator Certificate"); - context.put("panel", "admin/console/config/importadmincertpanel.vm"); - context.put("info", ""); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java deleted file mode 100755 index bc4af9828b2d266827c22ff9bd9121abb0dfa76b..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java +++ /dev/null @@ -1,145 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.base.ISubsystem; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class ImportCAChainPanel extends WizardPanelBase { - - public ImportCAChainPanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Import CA's Certificate Chain"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Import CA's Certificate Chain"); - setId(id); - } - - public boolean isSubPanel() { - return false; - } - - public void cleanUp() throws IOException { - } - - public boolean isPanelDone() { - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - CMS.debug("ImportCACertChain: display"); - context.put("errorString", ""); - context.put("title", "Import CA's Certificate Chain"); - context.put("panel", "admin/console/config/importcachainpanel.vm"); - context.put("import", "true"); - - IConfigStore cs = CMS.getConfigStore(); - try { - context.put("machineName", cs.getString("machineName")); - context.put("https_port", cs.getString("pkicreate.ee_secure_port")); - context.put("http_port", cs.getString("pkicreate.unsecure_port")); - } catch (EBaseException e) { - CMS.debug("ImportCACertChain:display: Exception: " + e.toString()); - context.put("errorString", "Error loading values for Import CA Certificate Panel"); - } - - ISubsystem ca = CMS.getSubsystem("ca"); - - if (ca == null) { - context.put("ca", "false"); - } else { - context.put("ca", "true"); - } - - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - - context.put("errorString", ""); - context.put("title", "Import CA's Certificate Chain"); - context.put("panel", "admin/console/config/importcachainpanel.vm"); - context.put("updateStatus", "success"); - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - - /* This should never be called */ - IConfigStore cs = CMS.getConfigStore(); - try { - context.put("machineName", cs.getString("machineName")); - context.put("https_port", cs.getString("pkicreate.ee_secure_port")); - context.put("http_port", cs.getString("pkicreate.unsecure_port")); - context.put("title", "Import CA's Certificate Chain"); - context.put("panel", "admin/console/config/importcachainpanel.vm"); - } catch (EBaseException e) { - } - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ModulePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ModulePanel.java deleted file mode 100644 index 00474615f4106ec21d262fe4a709086c5448a11e..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ModulePanel.java +++ /dev/null @@ -1,338 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; -import java.util.Enumeration; -import java.util.Hashtable; -import java.util.Vector; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; -import org.mozilla.jss.CryptoManager; -import org.mozilla.jss.crypto.CryptoToken; -import org.mozilla.jss.crypto.TokenException; -import org.mozilla.jss.pkcs11.PK11Module; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.Descriptor; -import com.netscape.certsrv.property.IDescriptor; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; -import com.netscape.cmsutil.crypto.Module; - -public class ModulePanel extends WizardPanelBase { - private CryptoManager mCryptoManager = null; - private Vector mSupportedModules = null; - private Vector mOtherModules = null; - private Hashtable mCurrModTable = new Hashtable(); - private WizardServlet mServlet = null; - - public ModulePanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Key Store"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Key Store"); - setId(id); - mServlet = servlet; - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putBoolean("preop.ModulePanel.done", false); - } - - public void loadCurrModTable() { - try { - // getting existing modules - mCryptoManager = CryptoManager.getInstance(); - @SuppressWarnings("unchecked") - Enumeration modules = mCryptoManager.getModules(); - - while (modules.hasMoreElements()) { - PK11Module mod = modules.nextElement(); - - CMS.debug("ModulePanel: got module " + mod.getName()); - mCurrModTable.put(mod.getName(), mod); - } // while - } catch (Exception e) { - CMS.debug( - "ModulePanel: Exception caught in loadCurrModTable: " - + e.toString()); - System.err.println("Exception caught: " + e.toString()); - } - } - - /* - * Modules not listed as supported modules - */ - public void loadOtherModules() { - Enumeration m = mCurrModTable.elements(); - - mOtherModules = new Vector(); - while (m.hasMoreElements()) { - PK11Module mod = m.nextElement(); - Enumeration s = mSupportedModules.elements(); - boolean found = false; - - while (s.hasMoreElements()) { - Module sm = s.nextElement(); - - if (mod.getName().equals(sm.getCommonName())) { - found = true; - break; - } else { - found = false; - } - }// while - if (!found) { - // unsupported, use common name as user friendly name - Module module = new Module(mod.getName(), mod.getName()); - - loadModTokens(module, mod); - module.setFound(true); - mOtherModules.addElement(module); - break; - } - }// while - } - - /* - * find all tokens belonging to a module and load the Module - */ - public void loadModTokens(Module module, PK11Module mod) { - @SuppressWarnings("unchecked") - Enumeration tokens = mod.getTokens(); - - while (tokens.hasMoreElements()) { - try { - CryptoToken token = tokens.nextElement(); - - CMS.debug("ModulePanel: token nick name=" + token.getName()); - CMS.debug("ModulePanel: token logged in?" + token.isLoggedIn()); - CMS.debug("ModulePanel: token is present?" + token.isPresent()); - if (!token.getName().equals("Internal Crypto Services Token") && - !token.getName().equals("NSS Generic Crypto Services")) { - module.addToken(token); - } else { - CMS.debug( - "ModulePanel: token " + token.getName() - + " not to be added"); - } - - } catch (TokenException ex) { - CMS.debug("ModulePanel:" + ex.toString()); - } - } - } - - /* - * Modules unsupported by the system will not be included - */ - public void loadSupportedModules() { - - // getting supported security modules - // a Vectgor of Modules - mSupportedModules = new Vector(); - // read from conf store all supported modules - try { - int count = CMS.getConfigStore().getInteger( - "preop.configModules.count"); - - CMS.debug("ModulePanel: supported modules count= " + count); - for (int i = 0; i < count; i++) { - String cn = CMS.getConfigStore().getString( - "preop.configModules.module" + i + ".commonName"); - String pn = CMS.getConfigStore().getString( - "preop.configModules.module" + i + ".userFriendlyName"); - String img = CMS.getConfigStore().getString( - "preop.configModules.module" + i + ".imagePath"); - - if ((cn == null) || (cn.equals(""))) { - break; - } - - CMS.debug("ModulePanel: got from config module: " + cn); - // create a Module object - Module module = new Module(cn, pn, img); - - if (mCurrModTable.containsKey(cn)) { - CMS.debug("ModulePanel: module found: " + cn); - module.setFound(true); - // add token info to module vector - PK11Module m = mCurrModTable.get(cn); - - loadModTokens(module, m); - } - - CMS.debug("ModulePanel: adding module " + cn); - // add module to set - if (!mSupportedModules.contains(module)) { - mSupportedModules.addElement(module); - } - }// for - - } catch (Exception e) { - CMS.debug( - "ModulePanel: Exception caught in loadSupportedModules(): " - + e.toString()); - System.err.println("Exception caught: " + e.toString()); - } - } - - public PropertySet getUsage() { - // it a token choice. Available tokens are discovered dynamically so - // can't be a real CHOICE - PropertySet set = new PropertySet(); - - Descriptor tokenDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* default parameter */ - "module token selection"); - - set.add("choice", tokenDesc); - - return set; - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - boolean s = cs.getBoolean("preop.ModulePanel.done", - false); - - if (s != true) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - - return false; - } - - public boolean hasSubPanel() { - return true; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - CMS.debug("ModulePanel: display()"); - context.put("title", "Key Store"); - - loadCurrModTable(); - loadSupportedModules(); - loadOtherModules(); - - IConfigStore config = CMS.getConfigStore(); - - try { - String s = config.getString("preop.module.token", - "Internal Key Storage Token"); - - context.put("defTok", s); - } catch (Exception e) { - CMS.debug("ModulePanel:" + e.toString()); - } - - context.put("status", "display"); - context.put("oms", mOtherModules); - context.put("sms", mSupportedModules); - // context.put("status_token", "None"); - String subpanelno = String.valueOf(getPanelNo() + 1); - CMS.debug("ModulePanel subpanelno =" + subpanelno); - context.put("subpanelno", subpanelno); - context.put("panel", "admin/console/config/modulepanel.vm"); - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - boolean hasErr = false; - - try { - // get the value of the choice - String select = HttpInput.getID(request, "choice"); - - if (select == null) { - CMS.debug("ModulePanel: no choice selected"); - hasErr = true; - throw new IOException("choice not found"); - } - - IConfigStore config = CMS.getConfigStore(); - String oldtokenname = config.getString("preop.module.token", ""); - if (!oldtokenname.equals(select)) - mServlet.cleanUpFromPanel(mServlet.getPanelNo(request)); - - if (hasErr == false) { - config.putString("preop.module.token", select); - config.putBoolean("preop.ModulePanel.done", true); - } - config.commit(false); - context.put("updateStatus", "success"); - } catch (Exception e) { - CMS.debug("ModulePanel: Exception caught: " + e.toString()); - System.err.println("Exception caught: " + e.toString()); - context.put("updateStatus", "failure"); - } - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Security Module"); - context.put("panel", "admin/console/config/modulepanel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/NamePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/NamePanel.java deleted file mode 100644 index 070e17e7c4a5cc2e3d8a057dde6f640752c65635..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/NamePanel.java +++ /dev/null @@ -1,622 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; -import java.net.URL; -import java.util.Enumeration; -import java.util.StringTokenizer; -import java.util.Vector; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.velocity.context.Context; -import org.xml.sax.SAXException; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.EPropertyNotFound; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.base.ISubsystem; -import com.netscape.certsrv.ca.ICertificateAuthority; -import com.netscape.certsrv.property.Descriptor; -import com.netscape.certsrv.property.IDescriptor; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class NamePanel extends WizardPanelBase { - private Vector mCerts = null; - private WizardServlet mServlet = null; - - public NamePanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Subject Names"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Subject Names"); - setId(id); - mServlet = servlet; - } - - /** - * Returns the usage.XXX usage needs to be made dynamic - */ - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - Descriptor caDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ - "CA Signing Certificate's DN"); - - set.add("caDN", caDN); - - Descriptor sslDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ - "SSL Server Certificate's DN"); - - set.add("sslDN", sslDN); - - Descriptor subsystemDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ - "CA Subsystem Certificate's DN"); - - set.add("subsystemDN", subsystemDN); - - Descriptor ocspDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ - "OCSP Signing Certificate's DN"); - - set.add("ocspDN", ocspDN); - - return set; - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - try { - @SuppressWarnings("unused") - boolean done = cs.getBoolean("preop.NamePanel.done"); // check for errors - cs.putBoolean("preop.NamePanel.done", false); - cs.commit(false); - } catch (Exception e) { - } - - String list = ""; - try { - list = cs.getString("preop.cert.list", ""); - } catch (Exception e) { - } - - StringTokenizer st = new StringTokenizer(list, ","); - while (st.hasMoreTokens()) { - String t = st.nextToken(); - cs.remove("preop.cert." + t + ".done"); - } - - try { - cs.commit(false); - } catch (Exception e) { - } - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - boolean s = cs.getBoolean("preop.NamePanel.done", false); - if (s != true) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - - return false; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - CMS.debug("NamePanel: display()"); - context.put("title", "Subject Names"); - - // update session id - String session_id = request.getParameter("session_id"); - if (session_id != null) { - CMS.debug("NamePanel setting session id."); - CMS.setConfigSDSessionId(session_id); - } - - mCerts = new Vector(); - - String domainname = ""; - IConfigStore config = CMS.getConfigStore(); - String select = ""; - String hselect = ""; - String cstype = ""; - String domainType = ""; - try { - //if CA, at the hierarchy panel, was it root or subord? - hselect = config.getString("preop.hierarchy.select", ""); - select = config.getString("preop.subsystem.select", ""); - cstype = config.getString("cs.type", ""); - domainType = config.getString("preop.securitydomain.select", ""); - context.put("select", select); - if (cstype.equals("CA") && hselect.equals("root")) { - CMS.debug("NamePanel ca is root"); - context.put("isRoot", "true"); - } else { - CMS.debug("NamePanel not ca or not root"); - context.put("isRoot", "false"); - } - } catch (Exception e) { - } - - try { - domainname = config.getString("securitydomain.name", ""); - - String certTags = config.getString("preop.cert.list"); - // same token for now - String token = config.getString(PRE_CONF_CA_TOKEN); - StringTokenizer st = new StringTokenizer(certTags, ","); - String domaintype = config.getString("securitydomain.select"); - int count = 0; - String host = ""; - int sd_admin_port = -1; - if (domaintype.equals("existing")) { - host = config.getString("securitydomain.host", ""); - sd_admin_port = config.getInteger("securitydomain.httpsadminport", -1); - count = ConfigurationUtils.getSubsystemCount(host, sd_admin_port, true, cstype); - } - - while (st.hasMoreTokens()) { - String certTag = st.nextToken(); - - CMS.debug("NamePanel: display() about to process certTag :" + certTag); - String nn = config.getString( - PCERT_PREFIX + certTag + ".nickname"); - Cert c = new Cert(token, nn, certTag); - String userfriendlyname = config.getString( - PCERT_PREFIX + certTag + ".userfriendlyname"); - String subsystem = config.getString( - PCERT_PREFIX + certTag + ".subsystem"); - - c.setUserFriendlyName(userfriendlyname); - - String type = config.getString(PCERT_PREFIX + certTag + ".type"); - c.setType(type); - boolean enable = config.getBoolean(PCERT_PREFIX + certTag + ".enable", true); - c.setEnable(enable); - - String cert = config.getString(subsystem + "." + certTag + ".cert", ""); - String certreq = - config.getString(subsystem + "." + certTag + ".certreq", ""); - - String dn = config.getString(PCERT_PREFIX + certTag + ".dn"); - boolean override = config.getBoolean(PCERT_PREFIX + certTag + - ".cncomponent.override", true); - //o_sd is to add o=secritydomainname - boolean o_sd = config.getBoolean(PCERT_PREFIX + certTag + - "o_securitydomain", true); - domainname = config.getString("securitydomain.name", ""); - CMS.debug("NamePanel: display() override is " + override); - CMS.debug("NamePanel: display() o_securitydomain is " + o_sd); - CMS.debug("NamePanel: display() domainname is " + domainname); - - boolean dnUpdated = false; - try { - dnUpdated = config.getBoolean(PCERT_PREFIX + certTag + ".updatedDN"); - } catch (Exception e) { - } - - try { - @SuppressWarnings("unused") - boolean done = config.getBoolean("preop.NamePanel.done"); // check for errors - c.setDN(dn); - } catch (Exception e) { - String instanceId = config.getString("service.instanceID", ""); - if (select.equals("clone") || dnUpdated) { - c.setDN(dn); - } else if (count != 0 && override && (cert.equals("") || certreq.equals(""))) { - CMS.debug("NamePanel subsystemCount = " + count); - c.setDN(dn + " " + count + - ((!instanceId.equals("")) ? (",OU=" + instanceId) : "") + - ((o_sd) ? (",O=" + domainname) : "")); - config.putBoolean(PCERT_PREFIX + certTag + ".updatedDN", true); - } else { - c.setDN(dn + - ((!instanceId.equals("")) ? (",OU=" + instanceId) : "") + - ((o_sd) ? (",O=" + domainname) : "")); - config.putBoolean(PCERT_PREFIX + certTag + ".updatedDN", true); - } - } - - mCerts.addElement(c); - CMS.debug( - "NamePanel: display() added cert to mCerts: certTag " - + certTag); - config.putString(PCERT_PREFIX + c.getCertTag() + ".dn", c.getDN()); - }// while - } catch (EBaseException e) { - CMS.debug("NamePanel: display() exception caught:" + e.toString()); - } catch (Exception e) { - CMS.debug("NamePanel: " + e.toString()); - } - - CMS.debug("NamePanel: Ready to get SSL EE HTTPS urls"); - Vector v = null; - if (!domainType.equals("new")) { - try { - v = ConfigurationUtils.getUrlListFromSecurityDomain(config, "CA", "SecurePort"); - } catch (Exception e) { - CMS.debug("NamePanel: display(): Exception thrown in getUrlListFromSecurityDomain " + e); - e.printStackTrace(); - } - } - if (v == null) { - v = new Vector(); - } - v.addElement("External CA"); - - StringBuffer list = new StringBuffer(); - int size = v.size(); - - for (int i = 0; i < size; i++) { - if (i == size - 1) { - list.append(v.elementAt(i)); - } else { - list.append(v.elementAt(i)); - list.append(","); - } - } - - try { - config.putString("preop.ca.list", list.toString()); - config.commit(false); - } catch (Exception e) { - } - - context.put("urls", v); - - context.put("certs", mCerts); - context.put("panel", "admin/console/config/namepanel.vm"); - context.put("errorString", ""); - - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - Enumeration c = mCerts.elements(); - - while (c.hasMoreElements()) { - Cert cert = c.nextElement(); - // get the dn's and put in config - if (cert.isEnable()) { - String dn = HttpInput.getDN(request, cert.getCertTag()); - - if (dn == null || dn.length() == 0) { - context.put("updateStatus", "validate-failure"); - throw new IOException("Empty DN for " + cert.getUserFriendlyName()); - } - } - } // while - } - - public void configCertWithTag(HttpServletRequest request, - HttpServletResponse response, - Context context, String tag) throws IOException { - CMS.debug("NamePanel: configCertWithTag start"); - Enumeration c = mCerts.elements(); - IConfigStore config = CMS.getConfigStore(); - - while (c.hasMoreElements()) { - Cert cert = c.nextElement(); - String ct = cert.getCertTag(); - CMS.debug("NamePanel: configCertWithTag ct=" + ct + " tag=" + tag); - if (ct.equals(tag)) { - try { - String nickname = HttpInput.getNickname(request, ct + "_nick"); - if (nickname != null) { - CMS.debug("configCertWithTag: Setting nickname for " + ct + " to " + nickname); - config.putString(PCERT_PREFIX + ct + ".nickname", nickname); - cert.setNickname(nickname); - config.commit(false); - } - String dn = HttpInput.getDN(request, ct); - if (dn != null) { - config.putString(PCERT_PREFIX + ct + ".dn", dn); - config.commit(false); - } - } catch (Exception e) { - CMS.debug("NamePanel: configCertWithTag: Exception in setting nickname for " - + ct + ": " + e.toString()); - } - - ConfigurationUtils.configCert(request, response, context, cert, this); - CMS.debug("NamePanel: configCertWithTag done with tag=" + tag); - return; - } - } - CMS.debug("NamePanel: configCertWithTag done"); - } - - private boolean inputChanged(HttpServletRequest request) - throws IOException { - IConfigStore config = CMS.getConfigStore(); - - boolean hasChanged = false; - try { - Enumeration c = mCerts.elements(); - - while (c.hasMoreElements()) { - Cert cert = c.nextElement(); - String ct = cert.getCertTag(); - boolean enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true); - if (!enable) - continue; - - String olddn = config.getString(PCERT_PREFIX + cert.getCertTag() + ".dn", ""); - // get the dn's and put in config - String dn = HttpInput.getDN(request, cert.getCertTag()); - - if (!olddn.equals(dn)) - hasChanged = true; - - String oldnick = config.getString(PCERT_PREFIX + ct + ".nickname"); - String nick = HttpInput.getNickname(request, ct + "_nick"); - if (!oldnick.equals(nick)) - hasChanged = true; - - } - } catch (Exception e) { - } - - return hasChanged; - } - - public String getURL(HttpServletRequest request, IConfigStore config) { - String index = request.getParameter("urls"); - if (index == null) { - return null; - } - String url = ""; - if (index.startsWith("http")) { - // user may submit url directlry - url = index; - } else { - try { - int x = Integer.parseInt(index); - String list = config.getString("preop.ca.list", ""); - StringTokenizer tokenizer = new StringTokenizer(list, ","); - int counter = 0; - - while (tokenizer.hasMoreTokens()) { - url = tokenizer.nextToken(); - if (counter == x) { - break; - } - counter++; - } - } catch (Exception e) { - } - } - return url; - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - CMS.debug("NamePanel: in update()"); - - if (inputChanged(request)) { - mServlet.cleanUpFromPanel(mServlet.getPanelNo(request)); - } else if (isPanelDone()) { - context.put("updateStatus", "success"); - return; - } - - IConfigStore config = CMS.getConfigStore(); - ISubsystem subsystem = CMS.getSubsystem(ICertificateAuthority.ID); - - try { - //if CA, at the hierarchy panel, was it root or subord? - String hselect = config.getString("preop.hierarchy.select", ""); - String cstype = config.getString("preop.subsystem.select", ""); - if (cstype.equals("clone")) { - CMS.debug("NamePanel: clone configuration detected"); - // still need to handle SSL certificate - configCertWithTag(request, response, context, "sslserver"); - String url = getURL(request, config); - if (url != null && !url.equals("External CA")) { - // preop.ca.url and admin port are required for setting KRA connector - url = url.substring(url.indexOf("https")); - config.putString("preop.ca.url", url); - - URL urlx = new URL(url); - updateCloneSDCAInfo(request, context, urlx.getHost(), urlx.getPort()); - - } - ConfigurationUtils.updateCloneConfig(); - CMS.debug("NamePanel: clone configuration done"); - context.put("updateStatus", "success"); - return; - } - - //if no hselect, then not CA - if (hselect.equals("") || hselect.equals("join")) { - String url = getURL(request, config); - - URL urlx = null; - - if (url.equals("External CA")) { - CMS.debug("NamePanel: external CA selected"); - config.putString("preop.ca.type", "otherca"); - if (subsystem != null) { - config.putString(PCERT_PREFIX + "signing.type", "remote"); - } - - config.putString("preop.ca.pkcs7", ""); - config.putInteger("preop.ca.certchain.size", 0); - context.put("check_otherca", "checked"); - CMS.debug("NamePanel: update: this is the external CA."); - } else { - CMS.debug("NamePanel: local CA selected"); - url = url.substring(url.indexOf("https")); - config.putString("preop.ca.url", url); - - urlx = new URL(url); - String host = urlx.getHost(); - int port = urlx.getPort(); - String domainXML = config.getString("preop.domainXML"); - int admin_port = ConfigurationUtils.getPortFromSecurityDomain(domainXML, - host, port, "CA", "SecurePort", "SecureAdminPort"); - - config.putString("preop.ca.type", "sdca"); - config.putString("preop.ca.hostname", host); - config.putInteger("preop.ca.httpsport", port); - config.putInteger("preop.ca.httpsadminport", admin_port); - - context.put("check_sdca", "checked"); - context.put("sdcaHostname", host); - context.put("sdHttpPort", port); - - ConfigurationUtils.importCertChain(host, admin_port, "/ca/admin/ca/getCertChain", "ca"); - - if (subsystem != null) { - config.putString(PCERT_PREFIX + "signing.type", "remote"); - config.putString(PCERT_PREFIX + "signing.profile", "caInstallCACert"); - } - } - config.commit(false); - - } - - Enumeration c = mCerts.elements(); - - while (c.hasMoreElements()) { - Cert cert = c.nextElement(); - String ct = cert.getCertTag(); - boolean enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true); - if (!enable) - continue; - - boolean certDone = config.getBoolean(PCERT_PREFIX + ct + ".done", false); - if (certDone) - continue; - - // get the nicknames and put in config - String nickname = HttpInput.getNickname(request, ct + "_nick"); - if (nickname != null) { - CMS.debug("NamePanel: update: Setting nickname for " + ct + " to " + nickname); - config.putString(PCERT_PREFIX + ct + ".nickname", nickname); - cert.setNickname(nickname); - } else { - nickname = cert.getNickname(); - } - - // get the dn's and put in config - String dn = HttpInput.getDN(request, ct); - - config.putString(PCERT_PREFIX + ct + ".dn", dn); - // commit here in case it changes - config.commit(false); - - ConfigurationUtils.configCert(request, response, context, cert, this); - config.putBoolean("preop.cert." + cert.getCertTag() + ".done", true); - config.commit(false); - - } // while - - config.putBoolean("preop.NamePanel.done", true); - config.commit(false); - } catch (Exception e) { - CMS.debug("NamPanel - update(): Exception thrown : " + e); - e.printStackTrace(); - context.put("updateStatus", "failure"); - throw new IOException(e); - } - context.put("updateStatus", "success"); - - CMS.debug("NamePanel: update() done"); - } - - private void updateCloneSDCAInfo(HttpServletRequest request, Context context, String hostname, int httpsPort) - throws IOException, EPropertyNotFound, EBaseException, SAXException, ParserConfigurationException { - CMS.debug("NamePanel updateCloneSDCAInfo: selected CA hostname=" + hostname + " port=" + httpsPort); - IConfigStore config = CMS.getConfigStore(); - - if (hostname == null || hostname.length() == 0) { - context.put("errorString", "Hostname is null"); - throw new IOException("Hostname is null"); - } - - // Retrieve the associated HTTPS Admin port so that it - // may be stored for use with ImportAdminCertPanel - String domainXML = config.getString("preop.domainXML"); - int https_admin_port = ConfigurationUtils.getPortFromSecurityDomain(domainXML, - hostname, httpsPort, "CA", "SecurePort", "SecureAdminPort"); - - config.putString("preop.ca.hostname", hostname); - config.putInteger("preop.ca.httpsport", httpsPort); - config.putInteger("preop.ca.httpsadminport", https_admin_port); - } - - public void initParams(HttpServletRequest request, Context context) - throws IOException { - context.put("certs", mCerts); - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - try { - initParams(request, context); - } catch (IOException e) { - } - context.put("title", "Subject Names"); - context.put("panel", "admin/console/config/namepanel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java deleted file mode 100644 index 243e7e839872ab7949436a2abfbb480a6802c49c..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java +++ /dev/null @@ -1,235 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.File; -import java.io.IOException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class RestoreKeyCertPanel extends WizardPanelBase { - - public RestoreKeyCertPanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Import Keys and Certificates"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Import Keys and Certificates"); - setId(id); - } - - /** - * Should we skip this panel for the configuration. - */ - public boolean shouldSkip() { - CMS.debug("RestoreKeyCertPanel: should skip"); - - IConfigStore cs = CMS.getConfigStore(); - // if we are root, no need to get the certificate chain. - - try { - String select = cs.getString("preop.subsystem.select", ""); - if (select.equals("clone")) { - return false; - } - } catch (EBaseException e) { - } - - return true; - } - - public boolean isSubPanel() { - return true; - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - /* clean up if necessary */ - try { - @SuppressWarnings("unused") - boolean done = cs.getBoolean("preop.restorekeycert.done"); // check for errors - cs.putBoolean("preop.restorekeycert.done", false); - cs.commit(false); - } catch (Exception e) { - } - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.restorekeycert.done", ""); - if (s == null || s.equals("")) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - /* XXX */ - - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Import Keys and Certificates"); - IConfigStore config = CMS.getConfigStore(); - - if (isPanelDone()) { - - try { - String s = config.getString("preop.pk12.path", ""); - context.put("path", s); - } catch (Exception e) { - CMS.debug(e.toString()); - } - } else { - context.put("path", ""); - } - - context.put("password", ""); - context.put("panel", "admin/console/config/restorekeycertpanel.vm"); - context.put("errorString", ""); - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore config = CMS.getConfigStore(); - String tokenname = ""; - try { - tokenname = config.getString("preop.module.token", ""); - } catch (Exception e) { - } - - if (!tokenname.equals("Internal Key Storage Token")) - return; - - // Path can be empty. If this case, we just want to - // get to the next panel. Customer has HSM. - String s = HttpInput.getString(request, "path"); - - if (s != null && !s.equals("")) { - s = HttpInput.getPassword(request, "__password"); - if (s == null || s.equals("")) { - CMS.debug("RestoreKeyCertPanel validate: password is empty"); - context.put("updateStatus", "validate-failure"); - throw new IOException("Empty password"); - } - } - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore config = CMS.getConfigStore(); - try { - ConfigurationUtils.getConfigEntriesFromMaster(); - - String path = HttpInput.getString(request, "path"); - if (path == null || path.equals("")) { - // skip to next panel - config.putBoolean("preop.restorekeycert.done", true); - config.commit(false); - context.put("updateStatus", "success"); - return; - } - - String pwd = HttpInput.getPassword(request, "__password"); - - String tokenn = config.getString("preop.module.token"); - if (tokenn.equals("Internal Key Storage Token")) { - String instanceRoot = config.getString("instanceRoot"); - String p12File = instanceRoot + File.separator + "alias" + - File.separator + path; - ConfigurationUtils.restoreCertsFromP12(p12File, pwd); - } - - String subsystemtype = config.getString("preop.subsystem.select", ""); - if (subsystemtype.equals("clone")) { - CMS.debug("RestoreKeyCertPanel: this is the clone subsystem"); - boolean cloneReady = ConfigurationUtils.isCertdbCloned(); - if (!cloneReady) { - CMS.debug("RestoreKeyCertPanel update: clone does not have all the certificates."); - throw new IOException("Clone is not ready"); - } - } - - config.putBoolean("preop.restorekeycert.done", true); - config.commit(false); - } catch (Exception e) { - CMS.debug("RestoreKeyCertPanel update: exception thrown:" + e); - e.printStackTrace(); - context.put("errorString", e.toString()); - context.put("updateStatus", "failure"); - throw new IOException(e); - } - - context.put("updateStatus", "success"); - } - - /** - * If validate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Import Keys and Certificates"); - context.put("password", ""); - context.put("path", ""); - context.put("panel", "admin/console/config/restorekeycertpanel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java deleted file mode 100644 index cdcefbfe722b07e35fb770aea306f7e7698a02e4..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java +++ /dev/null @@ -1,144 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class SavePKCS12Panel extends WizardPanelBase { - - public SavePKCS12Panel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Save Keys and Certificates"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Save Keys and Certificates"); - setId(id); - } - - public void cleanUp() throws IOException { - } - - public boolean shouldSkip() { - IConfigStore cs = CMS.getConfigStore(); - - try { - boolean enable = cs.getBoolean("preop.backupkeys.enable", false); - if (!enable) - return true; - } catch (Exception e) { - } - - return false; - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.backupkeycert.done", ""); - if (s == null || s.equals("")) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - return set; - } - - public boolean isSubPanel() { - return true; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Save Keys and Certificates"); - IConfigStore config = CMS.getConfigStore(); - String subsystemtype = ""; - try { - subsystemtype = config.getString("cs.type", ""); - } catch (Exception e) { - } - - subsystemtype = subsystemtype.toLowerCase(); - - context.put("panel", "admin/console/config/savepkcs12panel.vm"); - context.put("subsystemtype", subsystemtype); - context.put("errorString", ""); - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - context.put("title", "Save Keys and Certificates"); - context.put("panel", "admin/console/config/savepkcs12panel.vm"); - context.put("updateStatus", "success"); - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Save Keys and Certificates"); - context.put("panel", "admin/console/config/savepkcs12panel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java deleted file mode 100644 index 3bc8169bb1b90df4e7211c53816cf570f53d6ad4..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java +++ /dev/null @@ -1,482 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; -import java.net.MalformedURLException; -import java.net.URL; -import java.util.StringTokenizer; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class SecurityDomainPanel extends WizardPanelBase { - - public SecurityDomainPanel() { - } - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("Security Domain"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Security Domain"); - setId(id); - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putString("preop.securitydomain.select", ""); - cs.putString("securitydomain.select", ""); - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.securitydomain.select", ""); - if (s == null || s.equals("")) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - /* XXX */ - - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - context.put("title", "Security Domain"); - IConfigStore config = CMS.getConfigStore(); - String errorString = ""; - String default_admin_url = ""; - String name = ""; - String systemdInstanceId = ""; - - try { - default_admin_url = config.getString("preop.securitydomain.admin_url", ""); - name = config.getString("preop.securitydomain.name", ""); - systemdInstanceId = config.getString("service.instanceID", ""); - } catch (Exception e) { - CMS.debug(e.toString()); - } - if (isPanelDone()) { - try { - String s = config.getString("preop.securitydomain.select"); - - if (s.equals("new")) { - context.put("check_newdomain", "checked"); - context.put("check_existingdomain", ""); - } else if (s.equals("existing")) { - context.put("check_newdomain", ""); - context.put("check_existingdomain", "checked"); - } - } catch (Exception e) { - CMS.debug(e.toString()); - } - } else { - context.put("check_newdomain", "checked"); - context.put("check_existingdomain", ""); - } - - try { - context.put("cstype", config.getString("cs.type")); - context.put("wizardname", config.getString("preop.wizard.name")); - context.put("panelname", "Security Domain Configuration"); - context.put("systemname", config.getString("preop.system.name")); - context.put("machineName", config.getString("machineName")); - context.put("http_ee_port", CMS.getEENonSSLPort()); - context.put("https_agent_port", CMS.getAgentPort()); - context.put("https_ee_port", CMS.getEESSLPort()); - context.put("https_admin_port", CMS.getAdminPort()); - context.put("sdomainAdminURL", default_admin_url); - } catch (EBaseException e) { - } - - context.put("panel", "admin/console/config/securitydomainpanel.vm"); - context.put("errorString", errorString); - - // from default_admin_url, find hostname, if fully qualified, get - // network domain name and generate default security domain name - if (name.equals("") && (default_admin_url != null)) { - try { - URL u = new URL(default_admin_url); - - String hostname = u.getHost(); - StringTokenizer st = new StringTokenizer(hostname, "."); - boolean first = true; - int numTokens = st.countTokens(); - int count = 0; - String defaultDomain = ""; - StringBuffer sb = new StringBuffer(); - while (st.hasMoreTokens()) { - count++; - String n = st.nextToken(); - if (first) { //skip the hostname - first = false; - continue; - } - if (count == numTokens) // skip the last element (e.g. com) - continue; - sb.append((defaultDomain.length() == 0) ? "" : " "); - sb.append(capitalize(n)); - } - defaultDomain = sb.toString() + " " + "Domain"; - name = defaultDomain; - CMS.debug("SecurityDomainPanel: defaultDomain generated:" + name); - } catch (MalformedURLException e) { - errorString = "Malformed URL"; - // not being able to come up with default domain name is ok - } - } - context.put("sdomainName", name); - - if (default_admin_url != null) { - String r = null; - - try { - // check to see if "default" security domain exists - // on local machine - URL u = new URL(default_admin_url); - - String hostname = u.getHost(); - int port = u.getPort(); - ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); - r = pingCS(hostname, port, true, certApprovalCallback); - } catch (Exception e) { - CMS.debug("SecurityDomainPanel: exception caught: " - + e.toString()); - } - - if (r != null) { - // "default" security domain exists on local machine; - // fill "sdomainURL" in with "default" security domain - // as an initial "guess" - CMS.debug("SecurityDomainPanel: pingCS returns: " + r); - context.put("sdomainURL", default_admin_url); - } else { - // "default" security domain does NOT exist on local machine; - // leave "sdomainURL" blank - CMS.debug("SecurityDomainPanel: pingCS no successful response"); - context.put("sdomainURL", ""); - } - } - - // Information for "existing" Security Domain CAs - String initDaemon = "<pki_ca_instance_name>"; - String instanceId = "<security_domain_instance_name>"; - String os = System.getProperty("os.name"); - if (os.equalsIgnoreCase("Linux")) { - if (!systemdInstanceId.equals("")) { - context.put("initCommand", "/usr/bin/pkidaemon"); - context.put("instanceId", "tomcat " + systemdInstanceId); - } else { - context.put("initCommand", "/sbin/service " + initDaemon); - context.put("instanceId", instanceId); - } - } else { - /* default case: e. g. - ( os.equalsIgnoreCase( "SunOS" ) */ - context.put("initCommand", "/etc/init.d/" + initDaemon); - context.put("instanceId", instanceId); - } - } - - public static String capitalize(String s) { - if (s.length() == 0) { - return s; - } else { - return s.substring(0, 1).toUpperCase() + s.substring(1); - } - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - - String select = HttpInput.getID(request, "choice"); - if (select.equals("newdomain")) { - String name = HttpInput.getSecurityDomainName(request, "sdomainName"); - if (name == null || name.equals("")) { - initParams(request, context); - context.put("updateStatus", "validate-failure"); - throw new IOException("Missing name value for the security domain"); - } - } else if (select.equals("existingdomain")) { - CMS.debug("SecurityDomainPanel: validating " - + "SSL Admin HTTPS . . ."); - String admin_url = HttpInput.getURL(request, "sdomainURL"); - if (admin_url == null || admin_url.equals("")) { - initParams(request, context); - context.put("updateStatus", "validate-failure"); - throw new IOException("Missing SSL Admin HTTPS url value " - + "for the security domain"); - } else { - String r = null; - - try { - URL u = new URL(admin_url); - - String hostname = u.getHost(); - int admin_port = u.getPort(); - ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); - r = pingCS(hostname, admin_port, true, - certApprovalCallback); - } catch (Exception e) { - CMS.debug("SecurityDomainPanel: exception caught: " - + e.toString()); - context.put("updateStatus", "validate-failure"); - throw new IOException("Illegal SSL Admin HTTPS url value " - + "for the security domain"); - } - - if (r != null) { - CMS.debug("SecurityDomainPanel: pingAdminCS returns: " - + r); - context.put("sdomainURL", admin_url); - } else { - CMS.debug("SecurityDomainPanel: pingAdminCS " - + "no successful response for SSL Admin HTTPS"); - context.put("sdomainURL", ""); - } - } - } - } - - public void initParams(HttpServletRequest request, Context context) - throws IOException { - IConfigStore config = CMS.getConfigStore(); - try { - context.put("cstype", config.getString("cs.type")); - } catch (Exception e) { - } - - String select = request.getParameter("choice"); - if (select.equals("newdomain")) { - context.put("check_newdomain", "checked"); - context.put("check_existingdomain", ""); - } else if (select.equals("existingdomain")) { - context.put("check_newdomain", ""); - context.put("check_existingdomain", "checked"); - } - - String name = request.getParameter("sdomainName"); - if (name == null) - name = ""; - context.put("sdomainName", name); - - String admin_url = request.getParameter("sdomainURL"); - if (admin_url == null) - admin_url = ""; - context.put("sdomainURL", admin_url); - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - String select = HttpInput.getID(request, "choice"); - - if (select == null) { - CMS.debug("SecurityDomainPanel: choice not found"); - context.put("updateStatus", "failure"); - throw new IOException("choice not found"); - } - IConfigStore config = CMS.getConfigStore(); - - try { - if (select.equals("newdomain")) { - config.putString("preop.securitydomain.select", "new"); - config.putString("securitydomain.select", "new"); - config.putString("preop.securitydomain.name", HttpInput.getDomainName(request, "sdomainName")); - config.putString("securitydomain.name", HttpInput.getDomainName(request, "sdomainName")); - config.putString("securitydomain.host", CMS.getEENonSSLHost()); - config.putString("securitydomain.httpport", CMS.getEENonSSLPort()); - config.putString("securitydomain.httpsagentport", CMS.getAgentPort()); - config.putString("securitydomain.httpseeport", CMS.getEESSLPort()); - config.putString("securitydomain.httpsadminport", CMS.getAdminPort()); - - // make sure the subsystem certificate is issued locallly - config.putString("preop.cert.subsystem.type", "local"); - config.putString("preop.cert.subsystem.profile", "subsystemCert.profile"); - - config.commit(false); - } else if (select.equals("existingdomain")) { - config.putString("preop.securitydomain.select", "existing"); - config.putString("securitydomain.select", "existing"); - - // make sure the subsystem certificate is issued by the security domain - config.putString("preop.cert.subsystem.type", "remote"); - config.putString("preop.cert.subsystem.profile", "caInternalAuthSubsystemCert"); - - String admin_url = HttpInput.getURL(request, "sdomainURL"); - String hostname = ""; - int admin_port = -1; - - if (admin_url != null) { - URL admin_u = new URL(admin_url); - hostname = admin_u.getHost(); - admin_port = admin_u.getPort(); - context.put("sdomainURL", admin_url); - config.putString("securitydomain.host", hostname); - config.putInteger("securitydomain.httpsadminport", admin_port); - } - config.commit(false); - - ConfigurationUtils.importCertChain(hostname, admin_port, "/ca/admin/ca/getCertChain", "securitydomain"); - } else { - CMS.debug("SecurityDomainPanel: invalid choice " + select); - throw new IOException("invalid choice " + select); - } - - config.commit(false); - - context.put("cstype", config.getString("cs.type")); - context.put("wizardname", config.getString("preop.wizard.name")); - context.put("panelname", "Security Domain Configuration"); - context.put("systemname", config.getString("preop.system.name")); - } catch (Exception e) { - CMS.debug("SecurityDomainPanel update(): Exception thrown:" + e); - e.printStackTrace(); - context.put("errorString", e.toString()); - context.put("updateStatus", "failure"); - throw new IOException(e); - } - - context.put("updateStatus", "success"); - } - - /** - * If validate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - IConfigStore config = CMS.getConfigStore(); - String default_admin_url = ""; - try { - initParams(request, context); - } catch (IOException e) { - } - - try { - default_admin_url = config.getString("preop.securitydomain.admin_url", ""); - } catch (Exception e) { - } - - if (default_admin_url != null) { - String r = null; - - try { - // check to see if "default" security domain exists on local machine - URL u = new URL(default_admin_url); - - String hostname = u.getHost(); - int port = u.getPort(); - ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback(); - r = pingCS(hostname, port, true, certApprovalCallback); - } catch (Exception e) { - } - - if (r != null) { - // "default" security domain exists on local machine; - // refill "sdomainURL" in with "default" security domain - // as an initial "guess" - context.put("sdomainURL", default_admin_url); - } else { - // "default" security domain does NOT exist on local machine; - // leave "sdomainURL" blank - context.put("sdomainURL", ""); - } - } - - try { - context.put("machineName", config.getString("machineName")); - context.put("http_ee_port", CMS.getEENonSSLPort()); - context.put("https_agent_port", CMS.getAgentPort()); - context.put("https_ee_port", CMS.getEESSLPort()); - context.put("https_admin_port", CMS.getAdminPort()); - context.put("sdomainAdminURL", - config.getString("preop.securitydomain.admin_url")); - } catch (EBaseException e) { - } - - // Information for "existing" Security Domain CAs - String initDaemon = "<pki_ca_instance_name>"; - String instanceId = "<security_domain_instance_name>"; - String os = System.getProperty("os.name"); - String systemdInstanceId = ""; - - try { - systemdInstanceId = config.getString("service.instanceID", ""); - } catch (Exception e) { - CMS.debug(e.toString()); - } - - if (os.equalsIgnoreCase("Linux")) { - if (!systemdInstanceId.equals("")) { - context.put("initCommand", "/usr/bin/pkidaemon"); - context.put("instanceId", "tomcat " + systemdInstanceId); - } else { - context.put("initCommand", "/sbin/service " + initDaemon); - context.put("instanceId", instanceId); - } - } else { - /* default case: e. g. - ( os.equalsIgnoreCase( "SunOS" ) */ - context.put("initCommand", "/etc/init.d/" + initDaemon); - context.put("instanceId", instanceId); - } - - context.put("title", "Security Domain"); - context.put("panel", "admin/console/config/securitydomainpanel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SizePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/SizePanel.java deleted file mode 100644 index 45a4fe106e37ab152718793760c26b76954050cc..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SizePanel.java +++ /dev/null @@ -1,491 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; -import java.util.Enumeration; -import java.util.StringTokenizer; -import java.util.Vector; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.Descriptor; -import com.netscape.certsrv.property.IDescriptor; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class SizePanel extends WizardPanelBase { - private Vector mCerts = null; - private WizardServlet mServlet = null; - - private String default_ecc_curve_name; - private String default_rsa_key_size; - private boolean mShowSigning = false; - - public SizePanel() { - } - - /** - * Initializes this panel. - */ - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Key Pairs"); - setId(id); - mServlet = servlet; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - Descriptor choiceDesc = - new Descriptor( - IDescriptor.CHOICE, - "default,custom", - null, /* no default parameter */ - "If 'default', the key size will be configured automatically. If 'custom', the key size will be set to the value of the parameter 'custom_size'."); - - set.add("choice", choiceDesc); - - Descriptor customSizeDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */ - null, /* no default parameter */ - "Custom Key Size"); - - set.add("custom_size", customSizeDesc); - - return set; - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - /* clean up if necessary*/ - try { - @SuppressWarnings("unused") - boolean done = cs.getBoolean("preop.SizePanel.done"); // check for errors - cs.putBoolean("preop.SizePanel.done", false); - cs.commit(false); - } catch (Exception e) { - } - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - boolean s = cs.getBoolean("preop.SizePanel.done", false); - if (s != true) { - return false; - } else { - return true; - } - } catch (EBaseException e) { - } - - return false; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - CMS.debug("SizePanel: display()"); - try { - initParams(request, context); - } catch (IOException e) { - } - - context.put("firsttime", "false"); - String errorString = ""; - mCerts = new Vector(); - - IConfigStore config = CMS.getConfigStore(); - try { - @SuppressWarnings("unused") - boolean done = config.getBoolean("preop.SizePanel.done"); // check whether it's first time - } catch (Exception e) { - context.put("firsttime", "true"); - } - - try { - default_ecc_curve_name = config.getString("keys.ecc.curve.default", "nistp256"); - } catch (Exception e) { - } - - try { - default_rsa_key_size = config.getString("keys.rsa.keysize.default", "2048"); - } catch (Exception e) { - } - - try { - // same token for now - String token = config.getString(PRE_CONF_CA_TOKEN); - String certTags = config.getString("preop.cert.list"); - String rsaCertTags = config.getString("preop.cert.rsalist", ""); - context.put("rsaTags", rsaCertTags); - StringTokenizer st = new StringTokenizer(certTags, ","); - mShowSigning = false; - - while (st.hasMoreTokens()) { - String certTag = st.nextToken(); - String nn = config.getString(PCERT_PREFIX + certTag + ".nickname"); - Cert c = new Cert(token, nn, certTag); - - String s = config.getString(PCERT_PREFIX + certTag + ".keysize.select", "default"); - - if (s.equals("default")) { - c.setKeyOption("default"); - } - if (s.equals("custom")) { - c.setKeyOption("custom"); - } - - s = config.getString(PCERT_PREFIX + certTag + ".keysize.custom_size", - default_rsa_key_size); - c.setCustomKeysize(s); - - s = config.getString(PCERT_PREFIX + certTag + ".curvename.custom_name", - default_ecc_curve_name); - c.setCustomCurvename(s); - - boolean signingRequired = config.getBoolean( - PCERT_PREFIX + certTag + ".signing.required", - false); - c.setSigningRequired(signingRequired); - if (signingRequired) - mShowSigning = true; - - String userfriendlyname = config.getString( - PCERT_PREFIX + certTag + ".userfriendlyname"); - c.setUserFriendlyName(userfriendlyname); - boolean enable = config.getBoolean(PCERT_PREFIX + certTag + ".enable", true); - c.setEnable(enable); - mCerts.addElement(c); - }// while - } catch (Exception e) { - CMS.debug("SizePanel: display() " + e.toString()); - } - CMS.debug("SizePanel: display() 1"); - - context.put("show_signing", mShowSigning ? "true" : "false"); - context.put("certs", mCerts); - context.put("errorString", errorString); - context.put("default_keysize", default_rsa_key_size); - context.put("default_ecc_curvename", default_ecc_curve_name); - context.put("panel", "admin/console/config/sizepanel.vm"); - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException, NumberFormatException { - CMS.debug("SizePanel: update()"); - boolean hasErr = false; - IConfigStore config = CMS.getConfigStore(); - String select1 = ""; - String val1 = null; - boolean hasChanged = false; - try { - select1 = config.getString("preop.subsystem.select", ""); - } catch (Exception e) { - } - - context.put("firsttime", "false"); - try { - @SuppressWarnings("unused") - boolean done = config.getBoolean("preop.SizePanel.done"); // check whether it's first time - } catch (Exception e) { - context.put("firsttime", "true"); - if (select1.equals("clone")) { - // preset the sslserver dn for cloning case - try { - String val = config.getString("preop.cert.sslserver.dn", ""); - config.putString("preop.cert.sslserver.dn", val + ",o=clone"); - } catch (Exception ee) { - } - } - } - - String token = ""; - try { - token = config.getString(PRE_CONF_CA_TOKEN, ""); - Enumeration c = mCerts.elements(); - - while (c.hasMoreElements()) { - Cert cert = c.nextElement(); - String ct = cert.getCertTag(); - boolean enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true); - if (!enable) - continue; - - String keytype = HttpInput.getKeyType(request, ct + "_keytype"); // rsa or ecc - - String keyalgorithm = HttpInput.getString(request, ct + "_keyalgorithm"); - if (keyalgorithm == null) { - if (keytype != null && keytype.equals("ecc")) { - keyalgorithm = "SHA256withEC"; - } else { - keyalgorithm = "SHA256withRSA"; - } - } - - String signingalgorithm = HttpInput.getString(request, ct + "_signingalgorithm"); - if (signingalgorithm == null) { - signingalgorithm = keyalgorithm; - } - - String select = HttpInput.getID(request, ct + "_choice"); - - if (select == null) { - CMS.debug("SizePanel: " + ct + "_choice not found"); - throw new IOException( - "SizePanel: " + ct + "_choice not found"); - } - CMS.debug("SizePanel: update() keysize choice selected:" + select); - String oldkeysize = config.getString(PCERT_PREFIX + ct + ".keysize.size", ""); - String oldkeytype = config.getString(PCERT_PREFIX + ct + ".keytype", ""); - String oldkeyalgorithm = config.getString(PCERT_PREFIX + ct + ".keyalgorithm", ""); - String oldsigningalgorithm = config.getString(PCERT_PREFIX + ct + ".signingalgorithm", ""); - String oldcurvename = config.getString(PCERT_PREFIX + ct + ".curvename.name", ""); - - if (select.equals("default")) { - // XXXrenaming these...keep for now just in case - config.putString("preop.keysize.select", "default"); - if (keytype != null && keytype.equals("ecc")) { - config.putString("preop.curvename.custom_name", default_ecc_curve_name); - config.putString("preop.curvename.name", default_ecc_curve_name); - } else { - config.putString("preop.keysize.custom_size", default_rsa_key_size); - config.putString("preop.keysize.size", default_rsa_key_size); - } - - config.putString(PCERT_PREFIX + ct + ".keytype", keytype); - config.putString(PCERT_PREFIX + ct + ".keyalgorithm", keyalgorithm); - config.putString(PCERT_PREFIX + ct + ".signingalgorithm", signingalgorithm); - config.putString(PCERT_PREFIX + ct + ".keysize.select", "default"); - - if (keytype != null && keytype.equals("ecc")) { - config.putString(PCERT_PREFIX + ct +".curvename.custom_name", - default_ecc_curve_name); - config.putString(PCERT_PREFIX + ct + ".curvename.name", - default_ecc_curve_name); - } else { - config.putString(PCERT_PREFIX + ct + ".keysize.custom_size", - default_rsa_key_size); - config.putString(PCERT_PREFIX + ct + ".keysize.size", - default_rsa_key_size); - } - } else if (select.equals("custom")) { - // XXXrenaming these...keep for now just in case - config.putString("preop.keysize.select", "custom"); - if (keytype != null && keytype.equals("ecc")) { - config.putString("preop.curvename.name", - HttpInput.getString(request, ct + "_custom_curvename")); - config.putString("preop.curvename.custom_name", - HttpInput.getString(request, ct + "_custom_curvename")); - } else { - config.putString("preop.keysize.size", - HttpInput.getKeySize(request, ct + "_custom_size", keytype)); - config.putString("preop.keysize.custom_size", - HttpInput.getKeySize(request, ct + "_custom_size", keytype)); - } - - config.putString(PCERT_PREFIX + ct + ".keytype", keytype); - config.putString(PCERT_PREFIX + ct + ".keyalgorithm", keyalgorithm); - config.putString(PCERT_PREFIX + ct + ".signingalgorithm", signingalgorithm); - config.putString(PCERT_PREFIX + ct + ".keysize.select", "custom"); - - if (keytype != null && keytype.equals("ecc")) { - config.putString(PCERT_PREFIX + ct + ".curvename.custom_name", - HttpInput.getString(request, ct + "_custom_curvename")); - config.putString(PCERT_PREFIX + ct + ".curvename.name", - HttpInput.getString(request, ct + "_custom_curvename")); - } else { - config.putString(PCERT_PREFIX + ct + ".keysize.custom_size", - HttpInput.getKeySize(request, ct + "_custom_size")); - config.putString(PCERT_PREFIX + ct + ".keysize.size", - HttpInput.getKeySize(request, ct + "_custom_size")); - } - } else { - CMS.debug("SizePanel: invalid choice " + select); - throw new IOException("invalid choice " + select); - } - - String newkeysize = config.getString(PCERT_PREFIX + ct + ".keysize.size", ""); - String newkeytype = config.getString(PCERT_PREFIX + ct + ".keytype", ""); - String newkeyalgorithm = config.getString(PCERT_PREFIX + ct + ".keyalgorithm", ""); - String newsigningalgorithm = config.getString(PCERT_PREFIX + ct + ".signingalgorithm", ""); - String newcurvename = config.getString(PCERT_PREFIX + ct + ".curvename.name", ""); - - if (!oldkeysize.equals(newkeysize) || - !oldkeytype.equals(newkeytype) || - !oldkeyalgorithm.equals(newkeyalgorithm) || - !oldsigningalgorithm.equals(newsigningalgorithm) || - !oldcurvename.equals(newcurvename)) - hasChanged = true; - }// while - - try { - config.commit(false); - } catch (EBaseException e) { - CMS.debug("SizePanel: update() Exception caught at config commit: " + e.toString()); - } - - val1 = HttpInput.getID(request, "generateKeyPair"); - - if (hasChanged || (val1 != null && !val1.equals(""))) { - mServlet.cleanUpFromPanel(mServlet.getPanelNo(request)); - } else if (isPanelDone()) { - context.put("updateStatus", "success"); - return; - } - } catch (IOException e) { - CMS.debug("SizePanel: update() IOException caught: " + e.toString()); - context.put("updateStatus", "failure"); - throw e; - } catch (NumberFormatException e) { - CMS.debug("SizePanel: update() NumberFormatException caught: " + e.toString()); - context.put("updateStatus", "failure"); - throw e; - } catch (Exception e) { - CMS.debug("SizePanel: update() Exception caught: " + e.toString()); - } - - // generate key pair - Enumeration c = mCerts.elements(); - - while (c.hasMoreElements()) { - Cert cert = c.nextElement(); - String ct = cert.getCertTag(); - String friendlyName = ct; - boolean enable = true; - try { - enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true); - friendlyName = config.getString(PCERT_PREFIX + ct + ".userfriendlyname", ct); - } catch (Exception e) { - } - - if (!enable) - continue; - - try { - String keytype = config.getString(PCERT_PREFIX + ct + ".keytype"); - - if (keytype.equals("rsa")) { - int keysize = config.getInteger(PCERT_PREFIX + ct + ".keysize.size"); - ConfigurationUtils.createRSAKeyPair(token, keysize, config, ct); - } else { - String curveName = config.getString(PCERT_PREFIX + ct + ".curvename.name", default_ecc_curve_name); - ConfigurationUtils.createECCKeyPair(token, curveName, config, ct); - } - config.commit(false); - } catch (Exception e) { - CMS.debug(e); - CMS.debug("SizePanel: key generation failure: " + e.toString()); - context.put("updateStatus", "failure"); - throw new IOException("key generation failure for the certificate: " + friendlyName + - ". See the logs for details."); - } - } // while - - if (hasErr == false) { - config.putBoolean("preop.SizePanel.done", true); - try { - config.commit(false); - } catch (EBaseException e) { - CMS.debug("SizePanel: update() Exception caught at config commit: "+ e.toString()); - } - } - CMS.debug("SizePanel: update() done"); - context.put("updateStatus", "success"); - } - - public void initParams(HttpServletRequest request, Context context) - throws IOException { - IConfigStore config = CMS.getConfigStore(); - String s = ""; - try { - context.put("title", "Key Pairs"); - - s = config.getString("preop.subsystem.select", ""); - context.put("select", s); - - s = config.getString("preop.hierarchy.select", "root"); - context.put("hselect", s); - - s = config.getString("preop.ecc.algorithm.list", "SHA256withEC,SHA1withEC,SHA384withEC,SHA512withEC"); - context.put("ecclist", s); - - s = - config.getString("preop.rsa.algorithm.list", - "SHA256withRSA,SHA1withRSA,SHA512withRSA,MD5withRSA,MD2withRSA"); - context.put("rsalist", s); - - s = config.getString("keys.ecc.curve.list", "nistp256"); - context.put("curvelist", s); - - s = config.getString("keys.ecc.curve.display.list", "nistp256"); - context.put("displaycurvelist", s); - - s = config.getString("pkicreate.subsystem_type"); - context.put("subsystemtype", s); - - } catch (Exception e) { - CMS.debug("SizePanel(): initParams: unable to set all initial parameters:" + e); - } - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - try { - initParams(request, context); - } catch (IOException e) { - } - - context.put("certs", mCerts); - context.put("show_signing", mShowSigning ? "true" : "false"); - context.put("default_keysize", default_rsa_key_size); - context.put("default_ecc_curvename", default_ecc_curve_name); - - context.put("panel", "admin/console/config/sizepanel.vm"); - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java deleted file mode 100644 index b5e921822ed4dafa1a967ae8ae371beee7ec43b8..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java +++ /dev/null @@ -1,128 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.IOException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class WelcomePanel extends WizardPanelBase { - - public WelcomePanel() { - } - - /** - * Initializes this panel. - */ - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("Welcome"); - setId(id); - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putBoolean("preop.welcome.done", false); - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - return cs.getBoolean("preop.welcome.done"); - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - PropertySet set = new PropertySet(); - - /* XXX */ - - return set; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - IConfigStore cs = CMS.getConfigStore(); - CMS.debug("WelcomePanel: display()"); - context.put("title", "Welcome"); - try { - context.put("cstype", cs.getString("cs.type")); - context.put("wizardname", cs.getString("preop.wizard.name")); - context.put("panelname", - cs.getString("preop.system.fullname") + " Configuration Wizard"); - context.put("systemname", - cs.getString("preop.system.name")); - context.put("fullsystemname", - cs.getString("preop.system.fullname")); - context.put("productname", - cs.getString("preop.product.name")); - context.put("productversion", - cs.getString("cms.product.version")); - } catch (EBaseException e) { - } - context.put("panel", "admin/console/config/welcomepanel.vm"); - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore cs = CMS.getConfigStore(); - try { - cs.putBoolean("preop.welcome.done", true); - cs.commit(false); - } catch (EBaseException e) { - } - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) {/* This should never be called */ - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java deleted file mode 100644 index 4fe64124098ce209b2ebae4376e0be70d38c6433..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java +++ /dev/null @@ -1,306 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.csadmin; - -import java.io.ByteArrayInputStream; -import java.io.IOException; -import java.net.URLEncoder; -import java.util.Locale; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; -import org.mozilla.jss.ssl.SSLCertificateApprovalCallback; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.cms.servlet.base.UserInfo; -import com.netscape.cms.servlet.wizard.IWizardPanel; -import com.netscape.cms.servlet.wizard.WizardServlet; -import com.netscape.cmsutil.xml.XMLObject; - -public class WizardPanelBase implements IWizardPanel { - public static String PCERT_PREFIX = "preop.cert."; - public static String SUCCESS = "0"; - public static String FAILURE = "1"; - public static String AUTH_FAILURE = "2"; - - /** - * Definition for static variables in CS.cfg - */ - public static final String CONF_CA_CERT = "ca.signing.cert"; - public static final String CONF_CA_CERTREQ = "ca.signing.certreq"; - public static final String CONF_CA_CERTNICKNAME = "ca.signing.certnickname"; - - public static final String PRE_CONF_ADMIN_NAME = "preop.admin.name"; - public static final String PRE_CONF_AGENT_GROUP = "preop.admin.group"; - - /** - * Definition for "preop" static variables in CS.cfg - * -- "preop" config parameters should not assumed to exist after configuation - */ - - public static final String PRE_CONF_CA_TOKEN = "preop.module.token"; - public static final String PRE_CA_TYPE = "preop.ca.type"; - public static final String PRE_OTHER_CA = "otherca"; - public static final String PRE_ROOT_CA = "rootca"; - - private String mName = null; - private int mPanelNo = 0; - private String mId = null; - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException { - mPanelNo = panelno; - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - mPanelNo = panelno; - } - - /** - * Cleans up this panel so that isPanelDone() will return false. - */ - public void cleanUp() throws IOException { - } - - public String getName() { - return mName; - } - - public int getPanelNo() { - return mPanelNo; - } - - public void setPanelNo(int num) { - mPanelNo = num; - } - - public void setName(String name) { - mName = name; - } - - public void setId(String id) { - mId = id; - } - - public String getId() { - return mId; - } - - public PropertySet getUsage() { - PropertySet set = null; - - return set; - } - - /** - * Should we skip this panel? - */ - public boolean shouldSkip() { - return false; - } - - /** - * Is this panel done - */ - public boolean isPanelDone() { - return false; - } - - /** - * Show "Apply" button on frame? - */ - public boolean showApplyButton() { - return false; - } - - /** - * Is this a subPanel? - */ - public boolean isSubPanel() { - return false; - } - - public boolean isLoopbackPanel() { - return false; - } - - /** - * has subPanels? - */ - public boolean hasSubPanel() { - return false; - } - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - } - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - } - - /** - * Retrieves locale based on the request. - */ - public Locale getLocale(HttpServletRequest req) { - Locale locale = null; - String lang = req.getHeader("accept-language"); - - if (lang == null) { - // use server locale - locale = Locale.getDefault(); - } else { - locale = new Locale(UserInfo.getUserLanguage(lang), - UserInfo.getUserCountry(lang)); - } - return locale; - } - - public boolean authenticate(String hostname, int port, boolean https, - String servlet, String uri) throws IOException { - CMS.debug("WizardPanelBase authenticate start"); - String c = ConfigurationUtils.getHttpResponse(hostname, port, https, servlet, uri, null); - IConfigStore cs = CMS.getConfigStore(); - - if (c != null) { - try { - ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); - XMLObject parser = null; - - try { - parser = new XMLObject(bis); - } catch (Exception e) { - CMS.debug("WizardPanelBase::authenticate() - " - + "Exception=" + e.toString()); - throw new IOException(e.toString()); - } - - String status = parser.getValue("Status"); - - CMS.debug("WizardPanelBase authenticate: status=" + status); - - if (status.equals(SUCCESS)) { - String cookie = parser.getValue("Cookie"); - cs.putString("preop.cookie", cookie); - return true; - } else { - return false; - } - } catch (Exception e) { - CMS.debug("WizardPanelBase: authenticate: " + e.toString()); - throw new IOException(e.toString()); - } - } - - return false; - } - - public String pingCS(String hostname, int port, boolean https, - SSLCertificateApprovalCallback certApprovalCallback) - throws IOException { - CMS.debug("WizardPanelBase pingCS: started"); - - String c = ConfigurationUtils.getHttpResponse(hostname, port, https, - "/ca/admin/ca/getStatus", - null, null, certApprovalCallback); - - if (c != null) { - try { - ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes()); - XMLObject parser = null; - String state = null; - - try { - parser = new XMLObject(bis); - CMS.debug("WizardPanelBase pingCS: got XML parsed"); - state = parser.getValue("State"); - - if (state != null) { - CMS.debug("WizardPanelBase pingCS: state=" + state); - } - } catch (Exception e) { - CMS.debug("WizardPanelBase: pingCS: parser failed" - + e.toString()); - } - - return state; - } catch (Exception e) { - CMS.debug("WizardPanelBase: pingCS: " + e.toString()); - throw new IOException(e.toString()); - } - } - - CMS.debug("WizardPanelBase pingCS: stopped"); - return null; - } - - public void reloginSecurityDomain(HttpServletResponse response) { - IConfigStore cs = CMS.getConfigStore(); - try { - String hostname = cs.getString("securitydomain.host", ""); - int port = cs.getInteger("securitydomain.httpsadminport", -1); - String cs_hostname = cs.getString("machineName", ""); - int cs_port = cs.getInteger("pkicreate.admin_secure_port", -1); - int panel = getPanelNo(); - String subsystem = cs.getString("cs.type", ""); - String urlVal = - "https://" - + cs_hostname + ":" + cs_port + "/" + subsystem.toLowerCase() - + "/admin/console/config/wizard?p=" + panel + "&subsystem=" + subsystem; - String encodedValue = URLEncoder.encode(urlVal, "UTF-8"); - String sdurl = "https://" + hostname + ":" + port + "/ca/admin/ca/securityDomainLogin?url=" + encodedValue; - response.sendRedirect(sdurl); - } catch (Exception e) { - CMS.debug("WizardPanelBase reloginSecurityDomain: Exception=" + e.toString()); - } - } -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/wizard/IWizardPanel.java b/base/server/cms/src/com/netscape/cms/servlet/wizard/IWizardPanel.java deleted file mode 100644 index d9d3ddec70b037b3d9062356964361cb2f10ba6e..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/wizard/IWizardPanel.java +++ /dev/null @@ -1,111 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.wizard; - -import java.io.IOException; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.context.Context; - -import com.netscape.certsrv.property.PropertySet; - -public interface IWizardPanel { - - /** - * Initializes this panel. - */ - public void init(ServletConfig config, int panelno) - throws ServletException; - - public void init(WizardServlet servlet, ServletConfig config, - int panelno, String id) throws ServletException; - - public String getName(); - - public int getPanelNo(); - - public void setId(String id); - - public String getId(); - - public PropertySet getUsage(); - - /** - * Should we skip this panel to the next one? - */ - public boolean shouldSkip(); - - /** - * Cleans up panel so that isPanelDone returns false - */ - public void cleanUp() throws IOException; - - /** - * Is this panel done - */ - public boolean isPanelDone(); - - /** - * Show "Apply" button on frame? - */ - public boolean showApplyButton(); - - /** - * Is this a subPanel? - */ - public boolean isSubPanel(); - - public boolean isLoopbackPanel(); - - /** - * has subPanels? - */ - public boolean hasSubPanel(); - - /** - * Display the panel. - */ - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context); - - /** - * Checks if the given parameters are valid. - */ - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException; - - /** - * Commit parameter changes - */ - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException; - - /** - * If validiate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context); -} diff --git a/base/server/cms/src/com/netscape/cms/servlet/wizard/WizardServlet.java b/base/server/cms/src/com/netscape/cms/servlet/wizard/WizardServlet.java deleted file mode 100644 index 6deab6bc0389b2f62c23b72956d94192086999f8..0000000000000000000000000000000000000000 --- a/base/server/cms/src/com/netscape/cms/servlet/wizard/WizardServlet.java +++ /dev/null @@ -1,489 +0,0 @@ -// --- BEGIN COPYRIGHT BLOCK --- -// This program is free software; you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation; version 2 of the License. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License along -// with this program; if not, write to the Free Software Foundation, Inc., -// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -// -// (C) 2007 Red Hat, Inc. -// All rights reserved. -// --- END COPYRIGHT BLOCK --- -package com.netscape.cms.servlet.wizard; - -import java.io.IOException; -import java.util.Enumeration; -import java.util.StringTokenizer; -import java.util.Vector; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.velocity.Template; -import org.apache.velocity.app.Velocity; -import org.apache.velocity.context.Context; -import org.apache.velocity.servlet.VelocityServlet; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.cms.servlet.csadmin.Cert; -import com.netscape.cmsutil.crypto.Module; - -/** - * wizard?p=[panel number]&op=usage <= usage in xml - * wizard?p=[panel number]&op=display - * wizard?p=[panel number]&op=next&...[additional parameters]... - * wizard?p=[panel number]&op=apply - * wizard?p=[panel number]&op=back - * wizard?op=menu - * return menu options - */ -@SuppressWarnings("deprecation") -public class WizardServlet extends VelocityServlet { - - /** - * - */ - private static final long serialVersionUID = -4513510177445656799L; - private String name = null; - private Vector mPanels = new Vector(); - - public void init(ServletConfig config) throws ServletException { - super.init(config); - - /* load sequence map */ - name = config.getInitParameter("name"); - String panels = config.getInitParameter("panels"); - StringTokenizer st = new StringTokenizer(panels, ","); - int pno = 0; - while (st.hasMoreTokens()) { - String p = st.nextToken(); - StringTokenizer st1 = new StringTokenizer(p, "="); - String id = st1.nextToken(); - String pvalue = st1.nextToken(); - try { - IWizardPanel panel = (IWizardPanel) Class.forName(pvalue).newInstance(); - panel.init(this, config, pno, id); - CMS.debug("WizardServlet: panel name=" + panel.getName()); - mPanels.addElement(panel); - } catch (Exception e) { - CMS.debug("WizardServlet: " + e.toString()); - } - pno++; - } - CMS.debug("WizardServlet: done"); - - } - - public void exposePanels(HttpServletRequest request, - HttpServletResponse response, - Context context) { - Enumeration e = mPanels.elements(); - Vector panels = new Vector(); - while (e.hasMoreElements()) { - IWizardPanel p = e.nextElement(); - panels.addElement(p); - } - context.put("panels", panels); - } - - /** - * Cleans up panels from a particular panel. - */ - public void cleanUpFromPanel(int pno) throws IOException { - /* panel number starts from zero */ - int s = mPanels.size(); - for (int i = pno; i < s; i++) { - IWizardPanel panel = mPanels.elementAt(i); - panel.cleanUp(); - } - } - - public IWizardPanel getPanelByNo(int p) { - IWizardPanel panel = mPanels.elementAt(p); - if (panel.shouldSkip()) { - panel = getPanelByNo(p + 1); - } - return panel; - } - - public Template displayPanel(HttpServletRequest request, - HttpServletResponse response, - Context context) { - CMS.debug("WizardServlet: in display"); - int p = getPanelNo(request); - - if (p == 0) { - CMS.debug("WizardServlet: firstpanel"); - context.put("firstpanel", Boolean.TRUE); - } - if (p == (mPanels.size() - 1)) { - CMS.debug("WizardServlet: lastpanel"); - context.put("lastpanel", Boolean.TRUE); - } - IWizardPanel panel = getPanelByNo(p); - CMS.debug("WizardServlet: panel=" + panel); - - if (panel.showApplyButton() == true) - context.put("showApplyButton", Boolean.TRUE); - else - context.put("showApplyButton", Boolean.FALSE); - - panel.display(request, response, context); - context.put("p", Integer.toString(panel.getPanelNo())); - - try { - return Velocity.getTemplate("admin/console/config/wizard.vm"); - } catch (Exception e) { - } - return null; - } - - public String xml_value_flatten(Object v) { - String ret = ""; - if (v instanceof String) { - ret += v; - } else if (v instanceof Integer) { - ret += ((Integer) v).toString(); - } else if (v instanceof Vector) { - ret += ""; - Vector v1 = (Vector) v; - Enumeration e = v1.elements(); - StringBuffer sb = new StringBuffer(); - while (e.hasMoreElements()) { - sb.append(xml_value_flatten(e.nextElement())); - } - ret += sb.toString(); - ret += ""; - } else if (v instanceof Module) { // for hardware token - Module m = (Module) v; - ret += ""; - ret += "" + m.getCommonName() + ""; - ret += "" + m.getUserFriendlyName() + ""; - ret += "" + m.getImagePath() + ""; - ret += ""; - } else if (v instanceof Cert) { - Cert m = (Cert) v; - ret += ""; - ret += "" + m.getNickname() + ""; - ret += "" + m.getTokenname() + ""; - ret += "" + m.getRequest() + ""; - ret += "" + m.getCert() + ""; - ret += "" + m.getType() + ""; - ret += "" + m.getDN() + ""; - ret += "" + m.getCertpp() + ""; - ret += "" + m.getKeyOption() + ""; - ret += ""; - } else if (v instanceof IWizardPanel) { - IWizardPanel m = (IWizardPanel) v; - ret += ""; - ret += "" + m.getId() + ""; - ret += "" + m.getName() + ""; - ret += ""; - } else { - CMS.debug("Error: unknown type " + v.getClass().getName()); - } - return ret; - } - - public String xml_flatten(Context context) { - StringBuffer ret = new StringBuffer(); - Object o[] = context.getKeys(); - for (int i = 0; i < o.length; i++) { - if (o[i] instanceof String) { - String key = (String) o[i]; - if (key.startsWith("__")) { - continue; - } - ret.append("<"); - ret.append(key); - ret.append(">"); - if (key.equals("bindpwd")) { - ret.append("(sensitive)"); - } else { - Object v = context.get(key); - ret.append(xml_value_flatten(v)); - } - ret.append(""); - } - } - return ret.toString(); - } - - public int getPanelNo(HttpServletRequest request) { - int p = 0; - - // panel number can be identified by either - // panel no (p parameter) directly, or - // panel name (panelname parameter). - if (request.getParameter("panelname") != null) { - String name = request.getParameter("panelname"); - for (int i = 0; i < mPanels.size(); i++) { - IWizardPanel panel = mPanels.elementAt(i); - if (panel.getId().equals(name)) { - return i; - } - } - } else if (request.getParameter("p") != null) { - p = Integer.parseInt(request.getParameter("p")); - } - return p; - } - - public String getNameFromPanelNo(int p) { - IWizardPanel wp = mPanels.elementAt(p); - return wp.getId(); - } - - public IWizardPanel getPreviousPanel(int p) { - CMS.debug("getPreviousPanel input p=" + p); - IWizardPanel backpanel = mPanels.elementAt(p - 1); - if (backpanel.isSubPanel()) { - backpanel = mPanels.elementAt(p - 1 - 1); - } - while (backpanel.shouldSkip()) { - backpanel = mPanels.elementAt(backpanel.getPanelNo() - 1); - } - CMS.debug("getPreviousPanel output p=" + backpanel.getPanelNo()); - return backpanel; - } - - public IWizardPanel getNextPanel(int p) { - CMS.debug("getNextPanel input p=" + p); - IWizardPanel panel = mPanels.elementAt(p); - if (p == (mPanels.size() - 1)) { - // p = p; - } else if (panel.isSubPanel()) { - if (panel.isLoopbackPanel()) { - p = p - 1; // Login Panel is a loop back panel - } else { - p = p + 1; - } - } else if (panel.hasSubPanel()) { - p = p + 2; - } else { - p = p + 1; - } - IWizardPanel nextpanel = getPanelByNo(p); - CMS.debug("getNextPanel output p=" + p); - return nextpanel; - } - - public Template goApply(HttpServletRequest request, - HttpServletResponse response, - Context context) { - return goNextApply(request, response, context, true); - } - - public Template goNext(HttpServletRequest request, - HttpServletResponse response, - Context context) { - return goNextApply(request, response, context, false); - } - - /* - * The parameter "stay" is used to indicate "apply" without - * moving to the next panel - */ - public Template goNextApply(HttpServletRequest request, - HttpServletResponse response, - Context context, boolean stay) { - int p = getPanelNo(request); - if (stay == true) - CMS.debug("WizardServlet: in reply " + p); - else - CMS.debug("WizardServlet: in next " + p); - - IWizardPanel panel = mPanels.elementAt(p); - try { - panel.validate(request, response, context); - try { - panel.update(request, response, context); - if (stay == true) { // "apply" - - if (panel.showApplyButton() == true) - context.put("showApplyButton", Boolean.TRUE); - else - context.put("showApplyButton", Boolean.FALSE); - panel.display(request, response, context); - } else { // "next" - IWizardPanel nextpanel = getNextPanel(p); - - if (nextpanel.showApplyButton() == true) - context.put("showApplyButton", Boolean.TRUE); - else - context.put("showApplyButton", Boolean.FALSE); - nextpanel.display(request, response, context); - panel = nextpanel; - } - context.put("errorString", ""); - } catch (Exception e) { - context.put("errorString", e.getMessage()); - panel.displayError(request, response, context); - } - } catch (IOException eee) { - context.put("errorString", eee.getMessage()); - panel.displayError(request, response, context); - } - p = panel.getPanelNo(); - CMS.debug("panel no=" + p); - CMS.debug("panel name=" + getNameFromPanelNo(p)); - CMS.debug("total number of panels=" + mPanels.size()); - context.put("p", Integer.toString(p)); - context.put("panelname", getNameFromPanelNo(p)); - if (p == 0) { - CMS.debug("WizardServlet: firstpanel"); - context.put("firstpanel", Boolean.TRUE); - } - if (p == (mPanels.size() - 1)) { - CMS.debug("WizardServlet: lastpanel"); - context.put("lastpanel", Boolean.TRUE); - } - // this is where we handle the xml request - String xml = request.getParameter("xml"); - if (xml != null && xml.equals("true")) { - CMS.debug("WizardServlet: found xml"); - - response.setContentType("application/xml"); - String xmlstr = xml_flatten(context); - context.put("xml", xmlstr); - try { - return Velocity.getTemplate("admin/console/config/xml.vm"); - } catch (Exception e) { - CMS.debug("Failing to get template" + e); - } - } else { - try { - return Velocity.getTemplate("admin/console/config/wizard.vm"); - } catch (Exception e) { - CMS.debug("Failing to get template" + e); - } - } - return null; - } - - public Template goBack(HttpServletRequest request, - HttpServletResponse response, - Context context) { - int p = getPanelNo(request); - CMS.debug("WizardServlet: in back " + p); - IWizardPanel backpanel = getPreviousPanel(p); - - if (backpanel.showApplyButton() == true) - context.put("showApplyButton", Boolean.TRUE); - else - context.put("showApplyButton", Boolean.FALSE); - backpanel.display(request, response, context); - context.put("p", Integer.toString(backpanel.getPanelNo())); - context.put("panelname", getNameFromPanelNo(backpanel.getPanelNo())); - - p = backpanel.getPanelNo(); - - if (p == 0) { - CMS.debug("WizardServlet: firstpanel"); - context.put("firstpanel", Boolean.TRUE); - } - if (p == (mPanels.size() - 1)) { - CMS.debug("WizardServlet: lastpanel"); - context.put("lastpanel", Boolean.TRUE); - } - try { - return Velocity.getTemplate("admin/console/config/wizard.vm"); - } catch (Exception e) { - } - return null; - } - - public boolean authenticate(HttpServletRequest request, - HttpServletResponse response, - Context context) { - String pin = (String) request.getSession().getAttribute("pin"); - if (pin == null) { - try { - response.sendRedirect("login"); - } catch (IOException e) { - } - return false; - } - return true; - } - - public void outputHttpParameters(HttpServletRequest httpReq) { - CMS.debug("WizardServlet:service() uri = " + httpReq.getRequestURI()); - Enumeration paramNames = httpReq.getParameterNames(); - while (paramNames.hasMoreElements()) { - String pn = paramNames.nextElement(); - // added this facility so that password can be hidden, - // all sensitive parameters should be prefixed with - // __ (double underscores); however, in the event that - // a security parameter slips through, we perform multiple - // additional checks to insure that it is NOT displayed - if (pn.startsWith("__") || - pn.endsWith("password") || - pn.endsWith("passwd") || - pn.endsWith("pwd") || - pn.equalsIgnoreCase("admin_password_again") || - pn.equalsIgnoreCase("directoryManagerPwd") || - pn.equalsIgnoreCase("bindpassword") || - pn.equalsIgnoreCase("bindpwd") || - pn.equalsIgnoreCase("passwd") || - pn.equalsIgnoreCase("password") || - pn.equalsIgnoreCase("pin") || - pn.equalsIgnoreCase("pwd") || - pn.equalsIgnoreCase("pwdagain") || - pn.equalsIgnoreCase("uPasswd")) { - CMS.debug("WizardServlet::service() param name='" + pn + - "' value='(sensitive)'"); - } else { - CMS.debug("WizardServlet::service() param name='" + pn + - "' value='" + httpReq.getParameter(pn) + "'"); - } - } - } - - public Template handleRequest(HttpServletRequest request, - HttpServletResponse response, - Context context) { - CMS.debug("WizardServlet: process"); - - if (CMS.debugOn()) { - outputHttpParameters(request); - } - - if (!authenticate(request, response, context)) { - CMS.debug("WizardServlet: authentication failure"); - return null; - } - - String op = request.getParameter("op"); /* operation */ - if (op == null) { - op = "display"; - } - CMS.debug("WizardServlet: op=" + op); - CMS.debug("WizardServlet: size=" + mPanels.size()); - - context.put("name", name); - context.put("size", Integer.toString(mPanels.size())); - exposePanels(request, response, context); - - if (op.equals("display")) { - return displayPanel(request, response, context); - } else if (op.equals("next")) { - return goNext(request, response, context); - } else if (op.equals("apply")) { - return goApply(request, response, context); - } else if (op.equals("back")) { - return goBack(request, response, context); - } - return null; - } -} diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java index 6e5414756d4365b266ce7e31fff918768ac2ad34..50b2c16f653ef588229db657b23106b3752fd621 100644 --- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java +++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java @@ -33,8 +33,6 @@ import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Request; import javax.ws.rs.core.UriInfo; -import netscape.security.x509.X509CertImpl; - import org.apache.commons.lang.StringUtils; import org.apache.commons.lang.mutable.MutableBoolean; import org.mozilla.jss.CryptoManager; @@ -67,6 +65,8 @@ import com.netscape.cms.servlet.csadmin.SystemCertDataFactory; import com.netscape.cmsutil.crypto.CryptoUtil; import com.netscape.cmsutil.util.Utils; +import netscape.security.x509.X509CertImpl; + /** * @author alee * @@ -445,7 +445,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou cert.setType(cs.getString("preop.cert." + tag + ".type")); if (!request.getStepTwo()) { - ConfigurationUtils.configCert(null, null, null, cert, null); + ConfigurationUtils.configCert(null, null, null, cert); } else { String subsystem = cs.getString("preop.cert." + tag + ".subsystem"); diff --git a/base/tps/src/org/dogtagpki/server/tps/installer/CAInfoPanel.java b/base/tps/src/org/dogtagpki/server/tps/installer/CAInfoPanel.java deleted file mode 100644 index 4c5371f200f37d4b547f9663983a4af803830628..0000000000000000000000000000000000000000 --- a/base/tps/src/org/dogtagpki/server/tps/installer/CAInfoPanel.java +++ /dev/null @@ -1,171 +0,0 @@ -package org.dogtagpki.server.tps.installer; - -import java.io.IOException; -import java.net.URI; -import java.net.URISyntaxException; -import java.security.cert.CertificateException; -import java.util.Vector; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.lang.StringUtils; -import org.apache.velocity.context.Context; -import org.mozilla.jss.CryptoManager.NotInitializedException; -import org.mozilla.jss.crypto.TokenException; -import org.xml.sax.SAXException; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.csadmin.ConfigurationUtils; -import com.netscape.cms.servlet.csadmin.WizardPanelBase; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class CAInfoPanel extends WizardPanelBase { - - public CAInfoPanel() { - } - - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("CA Information"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("CA Information"); - setId(id); - } - - public boolean shouldSkip() { - return false; - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putString("preop.cainfo.select", ""); - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.cainfo.select", ""); - if (s != null && !s.isEmpty()) { - return true; - } - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - return new PropertySet(); - } - - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - String errorString = ""; - context.put("title", "CA Information"); - context.put("panel", "admin/console/config/cainfopanel.vm"); - IConfigStore config = CMS.getConfigStore(); - - if (isPanelDone()) { - // TODO - put the selected URL in selection box. - // String s = config.getString("preop.cainfo.select"); - } - - // get CA URLs - Vector v; - try { - v = null; - v = ConfigurationUtils.getUrlListFromSecurityDomain(config, "CA", "SecurePort"); - if (v == null) { - errorString = "No CA found. CA, TKS and optionally DRM " + - " must be installed prior to TPS installation"; - context.put("errorString", errorString); - context.put("preop.cainfo.errorString", errorString); - return; - } - - config.putString("preop.ca.list", StringUtils.join(v,",")); - config.commit(false); - } catch (EBaseException | IOException | SAXException | ParserConfigurationException e) { - e.printStackTrace(); - errorString = "Failed to get CA information from security domain. " + e; - context.put("errorString", errorString); - context.put("preop.cainfo.errorString", errorString); - return; - } - - context.put("urls", v); - context.put("urls_size", v.size()); - context.put("errorString", ""); - context.put("preop.cainfo.errorString", ""); - } - - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore config = CMS.getConfigStore(); - String subsystemNick; - try { - subsystemNick = config.getString("preop.cert.subsystem.nickname"); - } catch (EBaseException e1) { - e1.printStackTrace(); - throw new IOException("Failed to get subsystem certificate nickname"); - } - - String url = HttpInput.getString(request, "urls"); - URI caUri = null; - String parsedURI = url.substring(url.lastIndexOf("http")); - try { - caUri = new URI(parsedURI); - } catch (URISyntaxException e) { - throw new IOException("Invalid URI " + parsedURI); - } - - // TODO: get installer from session - TPSInstaller installer = new TPSInstaller(); - installer.configureCAConnector(caUri, subsystemNick); - - String host = caUri.getHost(); - int port = caUri.getPort(); - - // Note - - // list contains EE port. If admin port is different, it needs to - // be obtained from security domain and used to get the cert chain - - /* int admin_port = ConfigurationUtils.getPortFromSecurityDomain(domainXML, - host, port, "CA", "SecurePort", "SecureAdminPort"); - */ - - try { - ConfigurationUtils.importCertChain(host, port, "/ca/admin/ca/getCertChain", "ca"); - } catch (CertificateException | SAXException | ParserConfigurationException - | NotInitializedException | TokenException | EBaseException e) { - e.printStackTrace(); - throw new IOException("Failed to import certificate chain from CA"); - } - - context.put("updateStatus", "success"); - } - - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - } -} diff --git a/base/tps/src/org/dogtagpki/server/tps/installer/DRMInfoPanel.java b/base/tps/src/org/dogtagpki/server/tps/installer/DRMInfoPanel.java deleted file mode 100644 index 2237f9e5342d10127ffc7521af38c37746bdc409..0000000000000000000000000000000000000000 --- a/base/tps/src/org/dogtagpki/server/tps/installer/DRMInfoPanel.java +++ /dev/null @@ -1,154 +0,0 @@ -package org.dogtagpki.server.tps.installer; - -import java.io.IOException; -import java.net.URI; -import java.net.URISyntaxException; -import java.util.Vector; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.lang.StringUtils; -import org.apache.velocity.context.Context; -import org.xml.sax.SAXException; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.csadmin.ConfigurationUtils; -import com.netscape.cms.servlet.csadmin.WizardPanelBase; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class DRMInfoPanel extends WizardPanelBase { - - public DRMInfoPanel() { - } - - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("DRM Information"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("DRM Information"); - setId(id); - } - - public boolean shouldSkip() { - return false; - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putString("preop.krainfo.select", ""); - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.krainfo.select", ""); - if (s != null && ! s.isEmpty()) { - return true; - } - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - return new PropertySet(); - } - - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - String errorString = ""; - context.put("title", "DRM Information"); - context.put("panel", "admin/console/config/drminfopanel.vm"); - IConfigStore config = CMS.getConfigStore(); - - if (isPanelDone()) { - //TODO - put selected entry in selection box. - //String s = config.getString("preop.krainfo.select"); - } - - // get KRA URLs - Vector v = null; - try { - v = ConfigurationUtils.getUrlListFromSecurityDomain(config, "KRA", "SecurePort"); - if (v == null) { - errorString = "No DRM found. CA, TKS and optionally DRM " + - " must be installed prior to TPS installation"; - context.put("errorString", errorString); - context.put("preop.krainfo.errorString", errorString); - return; - } - - config.putString("preop.kra.list", StringUtils.join(v,",")); - config.commit(false); - } catch (EBaseException | IOException | SAXException | ParserConfigurationException e1) { - e1.printStackTrace(); - errorString = "Failed to get DRM information from security domain. " + e1; - context.put("errorString", errorString); - context.put("preop.krainfo.errorString", errorString); - return; - } - - context.put("urls", v); - context.put("urls_size", v.size()); - context.put("errorString", ""); - context.put("preop.krainfo.errorString", ""); - } - - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore config = CMS.getConfigStore(); - String subsystemNick; - try { - subsystemNick = config.getString("preop.cert.subsystem.nickname"); - } catch (EBaseException e1) { - e1.printStackTrace(); - throw new IOException("Failed to get subsystem certificate nickname"); - } - - String url = HttpInput.getString(request, "urls"); - String parsedURI = url.substring(url.lastIndexOf("http")); - URI kraUri = null; - try { - kraUri = new URI(parsedURI); - } catch (URISyntaxException e) { - throw new IOException("Invalid URI " + parsedURI); - } - - String choice = HttpInput.getString(request, "choice"); - boolean keyGen = choice.equalsIgnoreCase("keygen"); - - // TODO: get installer from session - TPSInstaller installer = new TPSInstaller(); - installer.configureKRAConnector(keyGen, kraUri, subsystemNick); - - context.put("updateStatus", "success"); - } - - /** - * If validate() returns false, this method will be called. - */ - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - } -} diff --git a/base/tps/src/org/dogtagpki/server/tps/installer/TKSInfoPanel.java b/base/tps/src/org/dogtagpki/server/tps/installer/TKSInfoPanel.java deleted file mode 100644 index 0c0cf62a7aa3acc7bfe5ad9f9047b8497fcf2139..0000000000000000000000000000000000000000 --- a/base/tps/src/org/dogtagpki/server/tps/installer/TKSInfoPanel.java +++ /dev/null @@ -1,150 +0,0 @@ -package org.dogtagpki.server.tps.installer; - -import java.io.IOException; -import java.net.URI; -import java.net.URISyntaxException; -import java.util.Vector; - -import javax.servlet.ServletConfig; -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.xml.parsers.ParserConfigurationException; - -import org.apache.commons.lang.StringUtils; -import org.apache.velocity.context.Context; -import org.xml.sax.SAXException; - -import com.netscape.certsrv.apps.CMS; -import com.netscape.certsrv.base.EBaseException; -import com.netscape.certsrv.base.IConfigStore; -import com.netscape.certsrv.property.PropertySet; -import com.netscape.certsrv.util.HttpInput; -import com.netscape.cms.servlet.csadmin.ConfigurationUtils; -import com.netscape.cms.servlet.csadmin.WizardPanelBase; -import com.netscape.cms.servlet.wizard.WizardServlet; - -public class TKSInfoPanel extends WizardPanelBase { - - public TKSInfoPanel() { - } - - public void init(ServletConfig config, int panelno) - throws ServletException { - setPanelNo(panelno); - setName("TKS Information"); - } - - public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) - throws ServletException { - setPanelNo(panelno); - setName("TKS Information"); - setId(id); - } - - public boolean shouldSkip() { - return false; - } - - public void cleanUp() throws IOException { - IConfigStore cs = CMS.getConfigStore(); - cs.putString("preop.tksinfo.select", ""); - } - - public boolean isPanelDone() { - IConfigStore cs = CMS.getConfigStore(); - try { - String s = cs.getString("preop.tksinfo.select", ""); - if (s != null && !s.isEmpty()) { - return true; - } - } catch (EBaseException e) { - } - return false; - } - - public PropertySet getUsage() { - return new PropertySet(); - } - - - public void display(HttpServletRequest request, - HttpServletResponse response, - Context context) { - String errorString = ""; - context.put("title", "TKS Information"); - context.put("panel", "admin/console/config/tksinfopanel.vm"); - IConfigStore config = CMS.getConfigStore(); - - if (isPanelDone()) { - // TODO - put selected URL in selection box - // String s = config.getString("preop.tksinfo.select"); - } - - // get TKS URLs - Vector v = null; - try { - v = ConfigurationUtils.getUrlListFromSecurityDomain(config, "TKS", "SecureAdminPort"); - if (v == null) { - errorString = "No TKS found. CA, TKS and optionally DRM " + - " must be installed prior to TPS installation"; - context.put("errorString", errorString); - context.put("preop.tksinfo.errorString", errorString); - return; - } - - config.putString("preop.tks.list", StringUtils.join(v,",")); - config.commit(false); - } catch (EBaseException | IOException | SAXException | ParserConfigurationException e) { - e.printStackTrace(); - errorString = "Failed to get TKS information from security domain. " + e; - context.put("errorString", errorString); - context.put("preop.tksinfo.errorString", errorString); - return; - } - - context.put("urls", v); - context.put("urls_size", v.size()); - context.put("errorString", ""); - context.put("preop.tksinfo.errorString", ""); - } - - public void validate(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - } - - public void update(HttpServletRequest request, - HttpServletResponse response, - Context context) throws IOException { - IConfigStore config = CMS.getConfigStore(); - String subsystemNick; - try { - subsystemNick = config.getString("preop.cert.subsystem.nickname"); - } catch (EBaseException e1) { - e1.printStackTrace(); - throw new IOException("Failed to get subsystem certificate nickname"); - } - - String url = HttpInput.getString(request, "urls"); - String parsedURI = url.substring(url.lastIndexOf("http")); - URI tksUri = null; - try { - tksUri = new URI(parsedURI); - } catch (URISyntaxException e) { - throw new IOException("Invalid URI " + parsedURI); - } - - // TODO: get installer from session - TPSInstaller installer = new TPSInstaller(); - installer.configureTKSConnector(tksUri, subsystemNick); - - context.put("updateStatus", "success"); - } - - public void displayError(HttpServletRequest request, - HttpServletResponse response, - Context context) { - } - -} -- 2.4.3