>From b936584aa94affa4d477b0265caa79a7059ad4a7 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Mon, 28 Sep 2015 10:40:32 +0200 Subject: [PATCH] Relocated legacy cert enrollment methods. The EnrollmentProcessor.processEnrollment() and RenewalProcessor. processRenewal() methods that take CMSRequest object have been moved into ProfileSubmitServlet because they are only used by the legacy servlet. https://fedorahosted.org/pki/ticket/1463 --- .../cms/servlet/cert/EnrollmentProcessor.java | 23 +------- .../cms/servlet/cert/RenewalProcessor.java | 24 +------- .../cms/servlet/processors/CAProcessor.java | 12 +++- .../cms/servlet/profile/ProfileSubmitServlet.java | 66 +++++++++++++++++++--- 4 files changed, 73 insertions(+), 52 deletions(-) diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java index e5b9a14df99f29da8ad5c4f76c088c98ff766540..c1faabf399043593425f3294de606674d2ecf422 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java +++ b/base/server/cms/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java @@ -29,8 +29,8 @@ import com.netscape.certsrv.base.BadRequestDataException; import com.netscape.certsrv.base.EBaseException; import com.netscape.certsrv.base.EPropertyNotFound; import com.netscape.certsrv.base.SessionContext; -import com.netscape.certsrv.cert.CertEnrollmentRequest; import com.netscape.certsrv.ca.AuthorityID; +import com.netscape.certsrv.cert.CertEnrollmentRequest; import com.netscape.certsrv.profile.IEnrollProfile; import com.netscape.certsrv.profile.IProfile; import com.netscape.certsrv.profile.IProfileAuthenticator; @@ -39,7 +39,6 @@ import com.netscape.certsrv.profile.IProfileInput; import com.netscape.certsrv.profile.ProfileAttribute; import com.netscape.certsrv.profile.ProfileInput; import com.netscape.certsrv.request.IRequest; -import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.profile.SSLClientCertProvider; import com.netscape.cmsutil.ldap.LDAPUtil; @@ -84,26 +83,6 @@ public class EnrollmentProcessor extends CertProcessor { } /** - * Called by the legacy servlets to access the Processor function - * @param request - * @return - * @throws EBaseException - */ - public HashMap processEnrollment(CMSRequest cmsReq) throws EBaseException { - HttpServletRequest req = cmsReq.getHttpReq(); - String profileId = (this.profileID == null) ? req.getParameter("profileId") : this.profileID; - IProfile profile = ps.getProfile(profileId); - - if (profile == null) { - CMS.debug(CMS.getUserMessage(locale, "CMS_PROFILE_NOT_FOUND", CMSTemplate.escapeJavaScriptStringHTML(profileId))); - throw new BadRequestDataException(CMS.getUserMessage(locale, "CMS_PROFILE_NOT_FOUND",CMSTemplate.escapeJavaScriptStringHTML(profileId))); - } - - CertEnrollmentRequest data = CertEnrollmentRequestFactory.create(cmsReq, profile, locale); - return processEnrollment(data, cmsReq.getHttpReq(), null); - } - - /** * Process the HTTP request *

* diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/RenewalProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/cert/RenewalProcessor.java index efd1d7b0cf799dc399257502cb3f4e3196174b50..5ebbbff8fb3fd70fe4e1ebecbdce7c978d37a7a4 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/cert/RenewalProcessor.java +++ b/base/server/cms/src/com/netscape/cms/servlet/cert/RenewalProcessor.java @@ -26,9 +26,6 @@ import java.util.Locale; import javax.servlet.http.HttpServletRequest; -import netscape.security.x509.BasicConstraintsExtension; -import netscape.security.x509.X509CertImpl; - import org.apache.commons.lang.StringUtils; import com.netscape.certsrv.apps.CMS; @@ -45,33 +42,18 @@ import com.netscape.certsrv.profile.IProfileAuthenticator; import com.netscape.certsrv.profile.IProfileContext; import com.netscape.certsrv.profile.IProfileInput; import com.netscape.certsrv.request.IRequest; -import com.netscape.cms.servlet.common.CMSRequest; import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.profile.SSLClientCertProvider; +import netscape.security.x509.BasicConstraintsExtension; +import netscape.security.x509.X509CertImpl; + public class RenewalProcessor extends CertProcessor { public RenewalProcessor(String id, Locale locale) throws EPropertyNotFound, EBaseException { super(id, locale); } - public HashMap processRenewal(CMSRequest cmsReq) throws EBaseException { - HttpServletRequest req = cmsReq.getHttpReq(); - String profileId = (this.profileID == null) ? req.getParameter("profileId") : this.profileID; - IProfile profile = ps.getProfile(profileId); - if (profile == null) { - throw new BadRequestDataException(CMS.getUserMessage(locale, "CMS_PROFILE_NOT_FOUND", - CMSTemplate.escapeJavaScriptStringHTML(profileId))); - } - - CertEnrollmentRequest data = CertEnrollmentRequestFactory.create(cmsReq, profile, locale); - - //only used in renewal - data.setSerialNum(req.getParameter("serial_num")); - - return processRenewal(data, req); - } - /* * Renewal - Renewal is retrofitted into the Profile Enrollment * Framework. The authentication and authorization are taken from diff --git a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java index b9af84bc9b5b878f895707c266b1df1fa5b1e26f..5f6f45cb8a2dc4ada2f61fdd808a30fad9358cc2 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java +++ b/base/server/cms/src/com/netscape/cms/servlet/processors/CAProcessor.java @@ -34,8 +34,6 @@ import java.util.StringTokenizer; import javax.servlet.http.HttpServletRequest; -import netscape.security.x509.X509CertImpl; - import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.authentication.AuthToken; import com.netscape.certsrv.authentication.IAuthToken; @@ -69,6 +67,8 @@ import com.netscape.cms.servlet.common.CMSGateway; import com.netscape.cms.servlet.common.ServletUtils; import com.netscape.cmsutil.util.Utils; +import netscape.security.x509.X509CertImpl; + public class CAProcessor extends Processor { public final static String ARG_AUTH_TOKEN = "auth_token"; @@ -196,6 +196,14 @@ public class CAProcessor extends Processor { } } + public String getProfileID() { + return profileID; + } + + public IProfileSubsystem getProfileSubsystem() { + return ps; + } + /****************************************** * Stats - to be moved to Stats module ******************************************/ diff --git a/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java b/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java index 3f8d4c4791ed3fa49b1e0f3af68b62eba207de0c..c26853db5a40b6c69bc0ede23d8b6b848fd019cf 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java +++ b/base/server/cms/src/com/netscape/cms/servlet/profile/ProfileSubmitServlet.java @@ -26,9 +26,6 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import netscape.security.x509.X509CertImpl; -import netscape.security.x509.X509CertInfo; - import org.w3c.dom.Node; import com.netscape.certsrv.apps.CMS; @@ -36,21 +33,28 @@ import com.netscape.certsrv.authentication.EAuthException; import com.netscape.certsrv.authorization.EAuthzException; import com.netscape.certsrv.base.BadRequestDataException; import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.cert.CertEnrollmentRequest; import com.netscape.certsrv.profile.EProfileException; import com.netscape.certsrv.profile.IEnrollProfile; import com.netscape.certsrv.profile.IProfile; import com.netscape.certsrv.profile.IProfileOutput; +import com.netscape.certsrv.profile.IProfileSubsystem; import com.netscape.certsrv.property.IDescriptor; import com.netscape.certsrv.request.IRequest; import com.netscape.certsrv.template.ArgList; import com.netscape.certsrv.template.ArgSet; +import com.netscape.cms.servlet.cert.CertEnrollmentRequestFactory; import com.netscape.cms.servlet.cert.EnrollmentProcessor; import com.netscape.cms.servlet.cert.RenewalProcessor; import com.netscape.cms.servlet.common.CMSRequest; +import com.netscape.cms.servlet.common.CMSTemplate; import com.netscape.cms.servlet.processors.CAProcessor; import com.netscape.cmsutil.util.Cert; import com.netscape.cmsutil.xml.XMLObject; +import netscape.security.x509.X509CertImpl; +import netscape.security.x509.X509CertInfo; + /** * This servlet submits end-user request into the profile framework. * @@ -114,12 +118,10 @@ public class ProfileSubmitServlet extends ProfileServlet { try { if ((renewal != null) && (renewal.equalsIgnoreCase("true"))) { CMS.debug("ProfileSubmitServlet: isRenewal true"); - RenewalProcessor processor = new RenewalProcessor("caProfileSubmit", locale); - results = processor.processRenewal(cmsReq); + results = processRenewal(cmsReq); } else { CMS.debug("ProfileSubmitServlet: isRenewal false"); - EnrollmentProcessor processor = new EnrollmentProcessor("caProfileSubmit", locale); - results = processor.processEnrollment(cmsReq); + results = processEnrollment(cmsReq); } } catch (BadRequestDataException e) { CMS.debug("ProfileSubmitServlet: bad data provided in processing request: " + e.toString()); @@ -199,6 +201,56 @@ public class ProfileSubmitServlet extends ProfileServlet { } } + public HashMap processEnrollment(CMSRequest cmsReq) throws EBaseException { + + HttpServletRequest request = cmsReq.getHttpReq(); + Locale locale = getLocale(request); + + EnrollmentProcessor processor = new EnrollmentProcessor("caProfileSubmit", locale); + + String profileId = processor.getProfileID() == null ? request.getParameter("profileId") : processor.getProfileID(); + CMS.debug("ProfileSubmitServlet: profile: " + profileId); + + IProfileSubsystem ps = processor.getProfileSubsystem(); + IProfile profile = ps.getProfile(profileId); + + if (profile == null) { + CMS.debug("ProfileSubmitServlet: Profile " + profileId + " not found"); + throw new BadRequestDataException(CMS.getUserMessage(locale, "CMS_PROFILE_NOT_FOUND", + CMSTemplate.escapeJavaScriptStringHTML(profileId))); + } + + CertEnrollmentRequest data = CertEnrollmentRequestFactory.create(cmsReq, profile, locale); + return processor.processEnrollment(data, request, null); + } + + public HashMap processRenewal(CMSRequest cmsReq) throws EBaseException { + + HttpServletRequest request = cmsReq.getHttpReq(); + Locale locale = getLocale(request); + + RenewalProcessor processor = new RenewalProcessor("caProfileSubmit", locale); + + String profileId = processor.getProfileID() == null ? request.getParameter("profileId") : processor.getProfileID(); + CMS.debug("ProfileSubmitServlet: profile: " + profileId); + + IProfileSubsystem ps = processor.getProfileSubsystem(); + IProfile profile = ps.getProfile(profileId); + + if (profile == null) { + CMS.debug("ProfileSubmitServlet: Profile " + profileId + " not found"); + throw new BadRequestDataException(CMS.getUserMessage(locale, "CMS_PROFILE_NOT_FOUND", + CMSTemplate.escapeJavaScriptStringHTML(profileId))); + } + + CertEnrollmentRequest data = CertEnrollmentRequestFactory.create(cmsReq, profile, locale); + + //only used in renewal + data.setSerialNum(request.getParameter("serial_num")); + + return processor.processRenewal(data, request); + } + private void setOutputIntoArgs(IProfile profile, ArgList outputlist, Locale locale, IRequest req) { Enumeration outputIds = profile.getProfileOutputIds(); -- 2.4.3