[Pki-devel] [PATCH] 654 Removed unused WizardServlet.
Endi Sukma Dewata
edewata at redhat.com
Wed Oct 21 15:49:32 UTC 2015
The unused configuration wizard servlet has been removed to
simplify refactoring other codes.
The remaining references in CertUtil and ConfigurationUtils
have been removed as well.
https://fedorahosted.org/pki/ticket/1120
--
Endi S. Dewata
-------------- next part --------------
From beb5d90a69cf64e0a7646be57f5e69d7f51b13ac Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata at redhat.com>
Date: Tue, 20 Oct 2015 23:54:22 +0200
Subject: [PATCH] Removed unused WizardServlet.
The unused configuration wizard servlet has been removed to
simplify refactoring other codes.
The remaining references in CertUtil and ConfigurationUtils
have been removed as well.
https://fedorahosted.org/pki/ticket/1120
---
base/common/src/com/netscape/certsrv/apps/CMS.java | 30 +-
.../netscape/cms/servlet/csadmin/AdminPanel.java | 332 -----------
.../netscape/cms/servlet/csadmin/AuthDBPanel.java | 125 -----
.../cms/servlet/csadmin/AuthenticatePanel.java | 192 -------
.../cms/servlet/csadmin/BackupKeyCertPanel.java | 215 -------
.../cms/servlet/csadmin/CertRequestPanel.java | 375 -------------
.../com/netscape/cms/servlet/csadmin/CertUtil.java | 26 +-
.../cms/servlet/csadmin/ConfigHSMLoginPanel.java | 296 ----------
.../cms/servlet/csadmin/ConfigurationUtils.java | 6 +-
.../cms/servlet/csadmin/CreateSubsystemPanel.java | 279 ---------
.../cms/servlet/csadmin/DatabasePanel.java | 532 ------------------
.../cms/servlet/csadmin/DisplayCertChainPanel.java | 226 --------
.../netscape/cms/servlet/csadmin/DonePanel.java | 313 -----------
.../cms/servlet/csadmin/HierarchyPanel.java | 194 -------
.../cms/servlet/csadmin/ImportAdminCertPanel.java | 340 -----------
.../cms/servlet/csadmin/ImportCAChainPanel.java | 145 -----
.../netscape/cms/servlet/csadmin/ModulePanel.java | 338 -----------
.../netscape/cms/servlet/csadmin/NamePanel.java | 622 ---------------------
.../cms/servlet/csadmin/RestoreKeyCertPanel.java | 235 --------
.../cms/servlet/csadmin/SavePKCS12Panel.java | 144 -----
.../cms/servlet/csadmin/SecurityDomainPanel.java | 482 ----------------
.../netscape/cms/servlet/csadmin/SizePanel.java | 491 ----------------
.../netscape/cms/servlet/csadmin/WelcomePanel.java | 128 -----
.../cms/servlet/csadmin/WizardPanelBase.java | 306 ----------
.../netscape/cms/servlet/wizard/IWizardPanel.java | 111 ----
.../netscape/cms/servlet/wizard/WizardServlet.java | 489 ----------------
.../dogtagpki/server/rest/SystemConfigService.java | 6 +-
.../server/tps/installer/CAInfoPanel.java | 171 ------
.../server/tps/installer/DRMInfoPanel.java | 154 -----
.../server/tps/installer/TKSInfoPanel.java | 150 -----
30 files changed, 25 insertions(+), 7428 deletions(-)
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/AdminPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthDBPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/DonePanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java
delete mode 100755 base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/ModulePanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/NamePanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/SizePanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/wizard/IWizardPanel.java
delete mode 100644 base/server/cms/src/com/netscape/cms/servlet/wizard/WizardServlet.java
delete mode 100644 base/tps/src/org/dogtagpki/server/tps/installer/CAInfoPanel.java
delete mode 100644 base/tps/src/org/dogtagpki/server/tps/installer/DRMInfoPanel.java
delete mode 100644 base/tps/src/org/dogtagpki/server/tps/installer/TKSInfoPanel.java
diff --git a/base/common/src/com/netscape/certsrv/apps/CMS.java b/base/common/src/com/netscape/certsrv/apps/CMS.java
index 187b1028a849f504b6e8ebb715e42521d5846613..148e0619ab5ffbbfffcd78f750097c1153d90dd4 100644
--- a/base/common/src/com/netscape/certsrv/apps/CMS.java
+++ b/base/common/src/com/netscape/certsrv/apps/CMS.java
@@ -29,14 +29,6 @@ import java.util.Hashtable;
import java.util.Locale;
import java.util.Vector;
-import netscape.ldap.LDAPConnection;
-import netscape.ldap.LDAPException;
-import netscape.ldap.LDAPSSLSocketFactoryExt;
-import netscape.security.util.ObjectIdentifier;
-import netscape.security.x509.Extension;
-import netscape.security.x509.GeneralName;
-import netscape.security.x509.X509CertInfo;
-
import org.mozilla.jss.CryptoManager.CertificateUsage;
import org.mozilla.jss.util.PasswordCallback;
@@ -96,6 +88,14 @@ import com.netscape.certsrv.usrgrp.IUGSubsystem;
import com.netscape.cmsutil.net.ISocketFactory;
import com.netscape.cmsutil.password.IPasswordStore;
+import netscape.ldap.LDAPConnection;
+import netscape.ldap.LDAPException;
+import netscape.ldap.LDAPSSLSocketFactoryExt;
+import netscape.security.util.ObjectIdentifier;
+import netscape.security.x509.Extension;
+import netscape.security.x509.GeneralName;
+import netscape.security.x509.X509CertInfo;
+
/**
* This represents the CMS server. Plugins can access other
* public objects such as subsystems via this inteface.
@@ -1582,20 +1582,6 @@ public final class CMS {
* @exception EBaseException failed to start CMS
*/
public static void start(String path) throws EBaseException {
- //FileConfigStore mainConfig = null;
- /*
- try {
- mainConfig = new FileConfigStore(path);
- } catch (EBaseException e) {
- e.printStackTrace();
- System.out.println(
- "Error: The Server is not fully configured.\n" +
- "Finish configuring server using Configure Setup Wizard in " +
- "the Certificate Server Console.");
- System.out.println(e.toString());
- System.exit(0);
- }
- */
String classname = "com.netscape.cmscore.apps.CMSEngine";
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AdminPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/AdminPanel.java
deleted file mode 100644
index 579c54df027f981011de0e65dcc3cd92b2515a5a..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AdminPanel.java
+++ /dev/null
@@ -1,332 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.base.ISubsystem;
-import com.netscape.certsrv.property.Descriptor;
-import com.netscape.certsrv.property.IDescriptor;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.usrgrp.IUGSubsystem;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class AdminPanel extends WizardPanelBase {
-
- private static final String ADMIN_UID = "admin";
-
- public AdminPanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Administrator");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) {
- setPanelNo(panelno);
- setName("Administrator");
- setId(id);
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putString("preop.admin.email", "");
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.admin.email", "");
- if (s == null || s.equals("")) {
- return false;
- } else {
- return true;
- }
- } catch (Exception e) {
- }
-
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- Descriptor emailDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */
- null, /* no default parameter */
- "Email address for an administrator");
-
- set.add("admin_email", emailDesc);
-
- Descriptor pwdDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */
- null, /* no default parameter */
- "Administrator's password");
-
- set.add("pwd", pwdDesc);
-
- Descriptor pwdAgainDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */
- null, /* no default parameter */
- "Administrator's password again");
-
- set.add("admin_password_again", pwdAgainDesc);
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- CMS.debug("AdminPanel: display");
-
- IConfigStore cs = CMS.getConfigStore();
- String session_id = request.getParameter("session_id");
- if (session_id != null) {
- CMS.debug("NamePanel setting session id.");
- CMS.setConfigSDSessionId(session_id);
- }
-
- String type = "";
- String info = "";
- context.put("import", "true");
-
- try {
- type = cs.getString("preop.ca.type", "");
- } catch (Exception e) {
- }
-
- if (isPanelDone()) {
- try {
- context.put("admin_email", cs.getString("preop.admin.email"));
- context.put("admin_name", cs.getString("preop.admin.name"));
- context.put("admin_pwd", "");
- context.put("admin_pwd_again", "");
- context.put("admin_uid", cs.getString("preop.admin.uid"));
- } catch (Exception e) {
- }
- } else {
- String def_admin_name = "";
- try {
- def_admin_name = cs.getString("cs.type") + " Administrator of Instance " + cs.getString("instanceId");
- } catch (EBaseException e) {
- }
- context.put("admin_name", def_admin_name);
- context.put("admin_email", "");
- context.put("admin_pwd", "");
- context.put("admin_pwd_again", "");
- context.put("admin_uid", ADMIN_UID);
- }
- ISubsystem ca = CMS.getSubsystem("ca");
-
- if (ca == null) {
- context.put("ca", "false");
- } else {
- context.put("ca", "true");
- }
- context.put("caType", type);
-
- String domainname = "";
- try {
- domainname = cs.getString("securitydomain.name", "");
- } catch (EBaseException e1) {
- }
- context.put("securityDomain", domainname);
- context.put("title", "Administrator");
- context.put("panel", "admin/console/config/adminpanel.vm");
- context.put("errorString", "");
- context.put("info", info);
-
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- String pwd = HttpInput.getPassword(request, "__pwd");
- String pwd_again = HttpInput.getPassword(request, "__admin_password_again");
- String email = HttpInput.getEmail(request, "email");
- String name = HttpInput.getName(request, "name");
- String uid = HttpInput.getUID(request, "uid");
- context.put("admin_email", email);
- context.put("admin_name", name);
- context.put("admin_pwd", pwd);
- context.put("admin_pwd_again", pwd_again);
- context.put("import", "true");
-
- if (name == null || name.equals("")) {
- context.put("updateStatus", "validate-failure");
- throw new IOException("Name is empty");
- }
-
- if (email == null || email.equals("")) {
- context.put("updateStatus", "validate-failure");
- throw new IOException("Email is empty");
- }
-
- if (uid == null || uid.equals("")) {
- context.put("updateStatus", "validate-failure");
- throw new IOException("Uid is empty");
- }
-
- if (!pwd.equals(pwd_again)) {
- context.put("updateStatus", "validate-failure");
- throw new IOException("Password and password again are not the same.");
- }
-
- if (email == null || email.length() == 0) {
- context.put("updateStatus", "validate-failure");
- throw new IOException("Email address is empty string.");
- }
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request, HttpServletResponse response, Context context) throws IOException {
- IConfigStore config = CMS.getConfigStore();
- context.put("info", "");
- context.put("import", "true");
-
- String uid = HttpInput.getUID(request, "uid");
- String email = HttpInput.getEmail(request, "email");
- String name = HttpInput.getName(request, "name");
- String pwd = HttpInput.getPassword(request, "__pwd");
- String cert_request_type = HttpInput.getID(request, "cert_request_type");
- String subject = request.getParameter("subject");
- String cert_request = HttpInput.getCertRequest(request, "cert_request");
- String profileId = HttpInput.getID(request, "profileId");
-
- try {
- String type = config.getString(PRE_CA_TYPE, "");
- String subsystemtype = config.getString("cs.type", "");
- String selected_hierarchy = config.getString("preop.hierarchy.select", "");
-
- ISubsystem ca = CMS.getSubsystem("ca");
-
- if (ca == null) {
- context.put("ca", "false");
- } else {
- context.put("ca", "true");
- }
- context.put("caType", type);
-
- config.putString("preop.admin.uid", uid);
- config.putString("preop.admin.email", email);
- config.putString("preop.admin.name", name);
- ConfigurationUtils.createAdmin(uid, email, name, pwd);
-
- if (ca != null) {
- if (selected_hierarchy.equals("root")) {
- CMS.debug("AdminPanel update: " + "Root CA subsystem");
- } else {
- CMS.debug("AdminPanel update: " + "Subordinate CA subsystem");
- }
-
- ConfigurationUtils.createAdminCertificate(cert_request,
- cert_request_type, subject);
- } else {
- String ca_hostname = null;
- int ca_port = -1;
-
- CMS.debug("AdminPanel update: " + subsystemtype + " subsystem");
-
- if (type.equals("sdca")) {
- ca_hostname = config.getString("preop.ca.hostname");
- ca_port = config.getInteger("preop.ca.httpsport");
- } else {
- ca_hostname = config.getString("securitydomain.host", "");
- ca_port = config.getInteger("securitydomain.httpseeport");
- }
-
- ConfigurationUtils.submitAdminCertRequest(ca_hostname, ca_port,
- profileId, cert_request_type, cert_request, subject);
- }
-
- CMS.reinit(IUGSubsystem.ID);
- config.commit(false);
- } catch (Exception e) {
- CMS.debug("AdminPanel update(): Exception thrown " + e);
- e.printStackTrace();
- context.put("updateStatus", "failure");
- throw new IOException("Error when adding admin user" + e);
- }
-
- context.put("updateStatus", "success");
- }
-
- /**
- * If validate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
-
- context.put("title", "Administrator");
- context.put("panel", "admin/console/config/adminpanel.vm");
- ISubsystem ca = CMS.getSubsystem("ca");
- IConfigStore cs = CMS.getConfigStore();
- String type = "";
- String info = "";
-
- try {
- type = cs.getString("preop.ca.type", "");
- } catch (Exception e) {
- }
- if (ca == null && type.equals("otherca")) {
- info =
- "Since you do not join the Redhat CA network, the administrator's certificate will not be generated automatically.";
- }
- context.put("info", info);
- context.put("admin_email", request.getParameter("email"));
- context.put("admin_name", request.getParameter("name"));
- context.put("admin_pwd", "");
- context.put("admin_pwd_again", "");
- context.put("admin_uid", request.getParameter("uid"));
- }
-
- public boolean shouldSkip() {
- try {
- IConfigStore c = CMS.getConfigStore();
- String s = c.getString("preop.subsystem.select", null);
- if (s != null && s.equals("clone")) {
- return true;
- }
- } catch (EBaseException e) {
- }
-
- return false;
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthDBPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthDBPanel.java
deleted file mode 100644
index f7ee25dfe1310895aa588ac51067efdf9909ad1c..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthDBPanel.java
+++ /dev/null
@@ -1,125 +0,0 @@
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class AuthDBPanel extends WizardPanelBase {
-
- public AuthDBPanel() {
- }
-
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Authentication Directory");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Authentication Directory");
- setId(id);
- }
-
- public boolean shouldSkip() {
- return false;
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putString("preop.authdb.select", "");
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.authdb.select", "");
- if (s != null && !s.isEmpty()) {
- return true;
- }
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
- return set;
- }
-
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Authentication Directory");
- context.put("panel", "admin/console/config/authdbpanel.vm");
- IConfigStore config = CMS.getConfigStore();
-
- String basedn="";
- String host="";
- String port="";
- String secureConn="";
- try {
- String machineName = config.getString("service.machineName");
- basedn = config.getString("auths.instance.ldap1.ldap.basedn");
-
- if (basedn.contains("[")) {
- // basedn not yet set
- basedn = machineName.replaceAll("\\.", ",dc=");
- basedn = "dc=" + basedn;
- }
-
- host = config.getString("auths.instance.ldap1.ldap.ldapconn.host", "localhost");
- port = config.getString("auths.instance.ldap1.ldap.ldapconn.port","389");
- secureConn = config.getString("auths.instance.ldap1.ldap.ldapconn.secureConn", "false");
- } catch (EBaseException e) {
- e.printStackTrace();
- CMS.debug("Unable to get host, port, secureConn:" + e);
- }
-
- context.put("hostname", host);
- context.put("portStr", port);
- context.put("basedn", basedn);
- context.put("secureconn", secureConn);
- context.put("errorString", "");
- }
-
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
-
- String host = HttpInput.getHostname(request, "host");
- String port = HttpInput.getPortNumber(request, "port");
- String basedn = HttpInput.getString(request,"basedn");
- String secureConn = HttpInput.getString(request, "secureConn");
-
- if (secureConn == null || (!secureConn.equalsIgnoreCase("true"))) {
- secureConn = "false";
- }
- ConfigurationUtils.updateAuthdbInfo(basedn, host, port, secureConn);
- context.put("updateStatus", "success");
- }
-
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- }
-
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java
deleted file mode 100644
index 6700b9312120c85cd7939a29be8af0e2f0a302bc..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/AuthenticatePanel.java
+++ /dev/null
@@ -1,192 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class AuthenticatePanel extends WizardPanelBase {
-
- public AuthenticatePanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Authentication");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Authentication");
- setId(id);
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putString("preop.ca.agent.uid", "");
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.ca.agent.uid", "");
- if (s == null || s.equals("")) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- /* XXX */
-
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Authentication");
- IConfigStore config = CMS.getConfigStore();
-
- if (isPanelDone()) {
-
- try {
- String s = config.getString("preop.ca.agent.uid", "");
- String type = config.getString("preop.hierarchy.select", "");
- if (type.equals("root"))
- context.put("uid", "");
- else
- context.put("uid", s);
- } catch (Exception e) {
- CMS.debug(e.toString());
- }
- } else {
- context.put("uid", "");
- }
-
- context.put("password", "");
- context.put("panel", "admin/console/config/authenticatepanel.vm");
- context.put("errorString", "");
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore config = CMS.getConfigStore();
- String type = "";
- String catype = "";
- try {
- type = config.getString("preop.hierarchy.select", "");
- catype = config.getString("preop.ca.type", "");
- } catch (Exception e) {
- }
-
- if (type.equals("root")) {
- CMS.debug("AuthenticatePanel: This is root, no need for authentication");
- } else if (catype.equals("sdca")) {
- CMS.debug("AuthenticatePanel: This is not external CA");
- String uid = HttpInput.getUID(request, "uid");
- if (uid == null) {
- context.put("errorString", "Uid is empty");
- throw new IOException("Uid is empty");
- }
- context.put("uid", uid);
- String pwd = HttpInput.getPassword(request, "__password");
- config.putString("preop.ca.agent.uid", uid);
- config.putString("preop.ca.agent.pwd", pwd);
- String host = "";
- int httpsport = -1;
- try {
- host = config.getString("preop.ca.hostname");
- } catch (Exception e) {
- CMS.debug("AuthenticatePanel update: " + e.toString());
- context.put("errorString", "Missing hostname");
- throw new IOException("Missing hostname");
- }
-
- try {
- httpsport = config.getInteger("preop.ca.httpsport");
- } catch (Exception e) {
- CMS.debug("AuthenticatePanel update: " + e.toString());
- context.put("errorString", "Missing port");
- throw new IOException("Missing port");
- }
-
- boolean authenticated = authenticate(host, httpsport, true,
- "/ca/ee/ca/configSubsystem", "uid=" + uid + "&pwd=" + pwd);
-
- if (!authenticated) {
- context.put("errorString", "Wrong user id or password");
- throw new IOException("Wrong user id or password");
- }
-
- try {
- config.commit(false);
- } catch (EBaseException e) {
- }
- }
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("password", "");
- context.put("panel", "admin/console/config/authenticatepanel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java
deleted file mode 100644
index f29b22ae731c097ba1379586d49de0f2009cdd9d..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/BackupKeyCertPanel.java
+++ /dev/null
@@ -1,215 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class BackupKeyCertPanel extends WizardPanelBase {
-
- public BackupKeyCertPanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Export Keys and Certificates");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Export Keys and Certificates");
- setId(id);
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- /* clean up if necessary */
- try {
- @SuppressWarnings("unused")
- boolean done = cs.getBoolean("preop.backupkeycert.done"); // check for errors
- cs.putBoolean("preop.backupkeycert.done", false);
- cs.commit(false);
- } catch (Exception e) {
- }
- }
-
- public boolean shouldSkip() {
- IConfigStore cs = CMS.getConfigStore();
-
- try {
- String s = cs.getString("preop.module.token", "");
- if (s.equals("Internal Key Storage Token"))
- return false;
- } catch (Exception e) {
- }
-
- return true;
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.backupkeycert.done", "");
- if (s == null || s.equals("")) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- /* XXX */
-
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Export Keys and Certificates");
- IConfigStore config = CMS.getConfigStore();
-
- if (isPanelDone()) {
- try {
- boolean enable = config.getBoolean("preop.backupkeys.enable");
- if (enable) {
- context.put("dobackup", "checked");
- context.put("nobackup", "");
- } else {
- context.put("dobackup", "");
- context.put("nobackup", "checked");
- }
- } catch (Exception e) {
- }
- } else {
- context.put("dobackup", "");
- context.put("nobackup", "checked");
- }
-
- context.put("panel", "admin/console/config/backupkeycertpanel.vm");
- context.put("pwd", "");
- context.put("pwdagain", "");
- context.put("errorString", "");
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response, Context context) throws IOException {
- String select = HttpInput.getID(request, "choice");
- if (select.equals("backupkey")) {
- String pwd = request.getParameter("__pwd");
- String pwdAgain = request.getParameter("__pwdagain");
- if (pwd == null || pwdAgain == null || pwd.equals("") || pwdAgain.equals("")) {
- CMS.debug("BackupKeyCertPanel validate: Password is null");
- context.put("updateStatus", "validate-failure");
- throw new IOException("PK12 password is empty.");
- }
-
- if (!pwd.equals(pwdAgain)) {
- CMS.debug("BackupKeyCertPanel validate: Password and password again are not the same.");
- context.put("updateStatus", "validate-failure");
- throw new IOException("PK12 password is different from the PK12 password again.");
- }
- }
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore config = CMS.getConfigStore();
-
- try {
- String select = HttpInput.getID(request, "choice");
- String pwd = request.getParameter("__pwd");
- if (select.equals("backupkey")) {
- CMS.debug("BackupKeyCertPanel update: backup");
- config.putBoolean("preop.backupkeys.enable", true);
- ConfigurationUtils.backupKeys(pwd, null);
- } else {
- CMS.debug("BackupKeyCertPanel update: no backup");
- config.putBoolean("preop.backupkeys.enable", false);
- }
-
- config.putBoolean("preop.backupkeycert.done", true);
- config.commit(false);
- } catch (Exception e) {
- CMS.debug("BackupKeyertPanel: update(): Exception thrown " + e);
- e.printStackTrace();
- context.put("updateStatus", "failure");
- throw new IOException(e);
- }
- context.put("updateStatus", "success");
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- String select = "";
- try {
- select = HttpInput.getID(request, "choice");
- } catch (Exception e) {
- }
-
- if (select.equals("backupkey")) {
- context.put("dobackup", "checked");
- context.put("nobackup", "");
- } else {
- context.put("dobackup", "");
- context.put("nobackup", "checked");
- }
-
- context.put("pwd", "");
- context.put("pwdagain", "");
- context.put("title", "Export Keys and Certificates");
- context.put("panel", "admin/console/config/backupkeycertpanel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java
deleted file mode 100644
index 81c6e5ca3343c1915d5c219303b739c763391e9e..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertRequestPanel.java
+++ /dev/null
@@ -1,375 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.Enumeration;
-import java.util.Locale;
-import java.util.StringTokenizer;
-import java.util.Vector;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import netscape.security.util.CertPrettyPrint;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.ca.ICertificateAuthority;
-import com.netscape.certsrv.dbs.certdb.ICertificateRepository;
-import com.netscape.certsrv.property.Descriptor;
-import com.netscape.certsrv.property.IDescriptor;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-import com.netscape.cmsutil.crypto.CryptoUtil;
-
-public class CertRequestPanel extends WizardPanelBase {
- private Vector<Cert> mCerts = null;
-
- @SuppressWarnings("unused")
- private WizardServlet mServlet;
-
- public CertRequestPanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Requests & Certificates");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Requests and Certificates");
- mServlet = servlet;
- setId(id);
- }
-
- // XXX how do you do this? There could be multiple certs.
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- Descriptor certDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */
- null, /* no default parameters */
- null);
-
- set.add("cert", certDesc);
-
- return set;
- }
-
- /**
- * Show "Apply" button on frame?
- */
- public boolean showApplyButton() {
- if (isPanelDone())
- return false;
- else
- return true;
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- String list = "";
- String tokenname = "";
- try {
- list = cs.getString("preop.cert.list", "");
- tokenname = cs.getString("preop.module.token", "");
- } catch (Exception e) {
- }
-
- ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(
- ICertificateAuthority.ID);
-
- if (ca != null) {
- CMS.debug("CertRequestPanel cleanup: get certificate repository");
- BigInteger beginS = null;
- BigInteger endS = null;
- String beginNum = "";
- String endNum = "";
- try {
- beginNum = cs.getString("dbs.beginSerialNumber", "");
- endNum = cs.getString("dbs.endSerialNumber", "");
- if (!beginNum.equals(""))
- beginS = new BigInteger(beginNum, 16);
- if (!endNum.equals(""))
- endS = new BigInteger(endNum, 16);
- } catch (Exception e) {
- }
-
- ICertificateRepository cr = ca.getCertificateRepository();
- if (cr != null) {
- try {
- cr.removeCertRecords(beginS, endS);
- } catch (Exception e) {
- CMS.debug("CertRequestPanel cleanUp exception in removing all objects: " + e.toString());
- }
-
- try {
- cr.resetSerialNumber(new BigInteger(beginNum, 16));
- } catch (Exception e) {
- CMS.debug("CertRequestPanel cleanUp exception in resetting serial number: " + e.toString());
- }
- }
- }
-
- StringTokenizer st = new StringTokenizer(list, ",");
- String nickname = "";
- boolean enable = false;
- while (st.hasMoreTokens()) {
- String t = st.nextToken();
-
- try {
- enable = cs.getBoolean(PCERT_PREFIX + t + ".enable", true);
- nickname = cs.getString(PCERT_PREFIX + t + ".nickname", "");
- } catch (Exception e) {
- }
-
- if (!enable)
- continue;
-
- if (t.equals("sslserver"))
- continue;
-
- try {
- if (ConfigurationUtils.findCertificate(tokenname, nickname)) {
- CMS.debug("CertRequestPanel cleanup: deleting certificate (" + nickname + ").");
- ConfigurationUtils.deleteCert(tokenname, nickname);
- }
- } catch (Exception e) {
- CMS.debug("CertRequestPanel cleanup: failed to delete certificate ("
- + nickname + "). Exception: " + e.toString());
- }
- }
-
- try {
- @SuppressWarnings("unused")
- boolean done = cs.getBoolean("preop.CertRequestPanel.done"); // check for errors
- cs.putBoolean("preop.CertRequestPanel.done", false);
- cs.commit(false);
- } catch (Exception e) {
- }
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- boolean s = cs.getBoolean("preop.CertRequestPanel.done",
- false);
-
- if (s != true) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
-
- return false;
- }
-
- public void getCert(IConfigStore config,
- Context context, String certTag, Cert cert) {
- try {
-
- String subsystem = config.getString(PCERT_PREFIX + certTag + ".subsystem");
- String certs = config.getString(subsystem + "." + certTag + ".cert", "");
-
- if (cert != null) {
- String certf = certs;
-
- CMS.debug("CertRequestPanel getCert: certTag=" + certTag + " cert=" + certs);
-
- //get and set formated cert
- if (!certs.startsWith("...")) {
- certf = CryptoUtil.certFormat(certs);
- }
- cert.setCert(certf);
-
- //get and set cert pretty print
- byte[] certb = CryptoUtil.base64Decode(certs);
- CertPrettyPrint pp = new CertPrettyPrint(certb);
- cert.setCertpp(pp.toString(Locale.getDefault()));
- } else {
- CMS.debug("CertRequestPanel::getCert() - cert is null!");
- return;
- }
- String userfriendlyname = config.getString(
- PCERT_PREFIX + certTag + ".userfriendlyname");
-
- cert.setUserFriendlyName(userfriendlyname);
- String type = config.getString(PCERT_PREFIX + certTag + ".type");
-
- cert.setType(type);
- String dn = config.getString(PCERT_PREFIX + certTag + ".dn");
-
- cert.setDN(dn);
- } catch (Exception e) {
- CMS.debug("CertRequestPanel:getCert" + e.toString());
- } // try
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
-
- CMS.debug("CertRequestPanel: display()");
- context.put("title", "Requests and Certificates");
-
- try {
- mCerts = new Vector<Cert>();
-
- IConfigStore config = CMS.getConfigStore();
-
- String certTags = config.getString("preop.cert.list");
- String csType = config.getString("cs.type");
- StringTokenizer st = new StringTokenizer(certTags, ",");
-
- while (st.hasMoreTokens()) {
- String certTag = st.nextToken();
-
- try {
- String subsystem = config.getString(PCERT_PREFIX + certTag + ".subsystem");
- String nickname = config.getString(subsystem + "." + certTag + ".nickname");
- String tokenname = config.getString(subsystem + "." + certTag + ".tokenname");
-
- Cert c = new Cert(tokenname, nickname, certTag);
- ConfigurationUtils.handleCertRequest(config, certTag, c);
-
- String type = config.getString(PCERT_PREFIX + certTag + ".type");
- c.setType(type);
-
- boolean enable = config.getBoolean(PCERT_PREFIX + certTag + ".enable", true);
- c.setEnable(enable);
- getCert(config, context, certTag, c);
-
- c.setSubsystem(subsystem);
- mCerts.addElement(c);
-
- if (csType.equals("TPS") && certTag.equals("subsystem")) {
- // update nicknames in case they have changed
- if (!tokenname.isEmpty() && !tokenname.equals("internal")
- && !tokenname.equals("Internal Key Storage Token"))
- nickname = tokenname + ":" + nickname;
-
- config.putString("conn.ca1.clientNickname", nickname);
- config.putString("conn.drm1.clientNickname", nickname);
- config.putString("conn.tks1.clientNickname", nickname);
- }
- } catch (Exception e) {
- CMS.debug("CertRequestPanel:display() Exception caught: " + e.toString() +
- " for certTag " + certTag);
- }
- }
- } catch (Exception e) {
- CMS.debug("CertRequestPanel:display() Exception caught: " + e.toString());
- System.err.println("Exception caught: " + e.toString());
-
- } // try
-
- context.put("reqscerts", mCerts);
- context.put("status", "display");
- // context.put("status_token", "None");
- context.put("panel", "admin/console/config/certrequestpanel.vm");
-
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- CMS.debug("CertRequestPanel: in update()");
- boolean hasErr = false;
- IConfigStore config = CMS.getConfigStore();
-
- if (isPanelDone()) {
- context.put("updateStatus", "success");
- return;
- }
-
- Enumeration<Cert> c = mCerts.elements();
- while (c.hasMoreElements()) {
- Cert cert = c.nextElement();
- if (hasErr) continue;
-
- int ret=0;
- try {
- cert.setCert(HttpInput.getCert(request, cert.getCertTag()));
- cert.setCertChain(HttpInput.getCertChain(request, cert.getCertTag() + "_cc"));
-
- ret = ConfigurationUtils.handleCerts(cert);
- ConfigurationUtils.setCertPermissions(cert.getCertTag());
- } catch (Exception e) {
- CMS.debug("Exception in configuring system certificate " + cert.getCertTag() + ": " + e);
- e.printStackTrace();
- hasErr = true;
- }
- if (ret != 0) {
- CMS.debug("System certificates not configured " + cert.getCertTag());
- }
- }
- // end new
-
- if (!hasErr) {
- try {
- config.putBoolean("preop.CertRequestPanel.done", true);
- config.commit(false);
- } catch (EBaseException e) {
- e.printStackTrace();
- CMS.debug("Unable to commit changes to CS,cfg: " +e);
- }
- context.put("updateStatus", "success");
- } else {
- context.put("updateStatus", "failure");
- }
- }
-
- /**
- * If validate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Certificate Request");
- context.put("panel", "admin/console/config/certrequestpanel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java
index 36b0e4d0d44ec8987856ebaaa3f4919c4a3f7071..a3be87c76a30ec89e7b5cf9670342b92c58a36c6 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CertUtil.java
@@ -29,14 +29,6 @@ import java.util.Set;
import javax.servlet.http.HttpServletResponse;
-import netscape.security.pkcs.PKCS10;
-import netscape.security.x509.CertificateExtensions;
-import netscape.security.x509.CertificateIssuerName;
-import netscape.security.x509.X500Name;
-import netscape.security.x509.X509CertImpl;
-import netscape.security.x509.X509CertInfo;
-import netscape.security.x509.X509Key;
-
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.velocity.context.Context;
@@ -68,11 +60,19 @@ import com.netscape.cmsutil.http.HttpResponse;
import com.netscape.cmsutil.http.JssSSLSocketFactory;
import com.netscape.cmsutil.xml.XMLObject;
+import netscape.security.pkcs.PKCS10;
+import netscape.security.x509.CertificateExtensions;
+import netscape.security.x509.CertificateIssuerName;
+import netscape.security.x509.X500Name;
+import netscape.security.x509.X509CertImpl;
+import netscape.security.x509.X509CertInfo;
+import netscape.security.x509.X509Key;
+
public class CertUtil {
static final int LINE_COUNT = 76;
public static X509CertImpl createRemoteCert(String hostname,
- int port, String content, HttpServletResponse response, WizardPanelBase panel)
+ int port, String content, HttpServletResponse response)
throws IOException {
HttpClient httpclient = new HttpClient();
String c = null;
@@ -114,11 +114,7 @@ public class CertUtil {
String status = parser.getValue("Status");
CMS.debug("CertUtil createRemoteCert: status=" + status);
- if (status.equals("2")) {
- //relogin to the security domain
- panel.reloginSecurityDomain(response);
- return null;
- } else if (!status.equals("0")) {
+ if (!status.equals("0")) {
String error = parser.getValue("Error");
throw new IOException(error);
}
@@ -206,7 +202,7 @@ public class CertUtil {
}
}
-
+
// Dynamically inject the SubjectAlternativeName extension to a
// local/self-signed master CA's request for its SSL Server Certificate.
//
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java
deleted file mode 100644
index 03233042c89b77d6624a903c133555601deeca6b..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigHSMLoginPanel.java
+++ /dev/null
@@ -1,296 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.FileNotFoundException;
-import java.io.IOException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-import org.mozilla.jss.CryptoManager;
-import org.mozilla.jss.crypto.CryptoToken;
-import org.mozilla.jss.util.IncorrectPasswordException;
-import org.mozilla.jss.util.Password;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.property.Descriptor;
-import com.netscape.certsrv.property.IDescriptor;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-import com.netscape.cmsutil.password.PlainPasswordReader;
-import com.netscape.cmsutil.password.PlainPasswordWriter;
-
-public class ConfigHSMLoginPanel extends WizardPanelBase {
- private CryptoManager mCryptoManager = null;
- private String mPwdFilePath = "";
-
- public ConfigHSMLoginPanel() {
- }
-
- public void init(ServletConfig config, int panelno) throws ServletException {
- try {
- mCryptoManager = CryptoManager.getInstance();
- mPwdFilePath = CMS.getConfigStore().getString(
- "passwordFile");
- } catch (Exception e) {
- CMS.debug("ConfigHSMLoginPanel: " + e.toString());
- }
- setPanelNo(panelno);
- setName("ConfigHSMLogin");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id) throws ServletException {
- try {
- mCryptoManager = CryptoManager.getInstance();
- mPwdFilePath = CMS.getConfigStore().getString(
- "passwordFile");
- } catch (Exception e) {
- CMS.debug("ConfigHSMLoginPanel: " + e.toString());
- }
- setPanelNo(panelno);
- setName("ConfigHSMLogin");
- setId(id);
- }
-
- public void cleanUp() throws IOException {
- }
-
- public boolean isPanelDone() {
- return true;
- }
-
- public boolean isSubPanel() {
- return true;
- }
-
- public boolean isLoopbackPanel() {
- return true;
- }
-
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
-
- CMS.debug("ConfigHSMLoginPanel: in display()");
- context.put("title", "Security Module Login");
-
- // get token selected to be logged in
- String tokName = null;
- tokName = HttpInput.getTokenName(request, "SecToken");
-
- if (tokName != null) {
- CMS.debug("ConfigHSMLoginPanel: selected token name= " + tokName);
- } else {
- CMS.debug("ConfigHSMLoginPanel: missing SecToken name");
- context.put("error", "noTokenName");
- context.put("panel", "admin/console/config/config_hsmloginpanel.vm");
- return;
- }
- CryptoToken token = null;
-
- try {
- token = mCryptoManager.getTokenByName(tokName);
- } catch (Exception e) {
- CMS.debug(
- "ConfigHSMLoginPanel: getTokenByName() failed: "
- + e.toString());
- context.put("error", "tokenNotFound:" + tokName);
- context.put("panel", "admin/console/config/config_hsmloginpanel.vm");
- return;
- }
- // first see if password in password file, try to login
- PlainPasswordReader pr = new PlainPasswordReader();
-
- try {
- pr.init(mPwdFilePath);
- } catch (Exception e) {
- // is ok to not have it
- CMS.debug("ConfigHSMLoginPanel: passwrd file path: " + e.toString());
- }
- CMS.debug("ConfigHSMLoginPanel: checking if passwd in cache");
- String tokPwd = pr.getPassword("hardware-" + tokName);
-
- boolean loggedIn = false;
-
- if (tokPwd == null) {
- CMS.debug("ConfigHSMLoginPanel: passwd not in cache");
- } else {
- loggedIn = loginToken(token, tokPwd, context);
- }
-
- if (!loggedIn) {
- context.put("status", "display");
- }
- context.put("panel", "admin/console/config/config_hsmloginpanel.vm");
- context.put("SecToken", tokName);
- }
-
- // if logged in successfully, returns true
- private boolean loginToken(CryptoToken token, String tokPwd, Context context) {
- boolean rv = true;
- Password password = null;
-
- password = new Password(tokPwd.toCharArray());
-
- try {
- if (token.passwordIsInitialized()) {
- CMS.debug(
- "ConfigHSMLoginPanel: loginToken():token password is initialized");
- if (!token.isLoggedIn()) {
- CMS.debug(
- "ConfigHSMLoginPanel: loginToken():Token is not logged in, try it");
- token.login(password);
- context.put("status", "justLoggedIn");
- } else {
- CMS.debug(
- "ConfigHSMLoginPanel:Token has already logged on");
- context.put("status", "alreadyLoggedIn");
- }
- } else {
- CMS.debug(
- "ConfigHSMLoginPanel: loginToken():Token password not initialized");
- context.put("status", "tokenPasswordNotInitialized");
- rv = false;
- }
-
- } catch (IncorrectPasswordException e) {
- context.put("status", "incorrectPassword");
- context.put("errorString", e.toString());
- CMS.debug("ConfigHSMLoginPanel: loginToken():" + e.toString());
- rv = false;
- } catch (Exception e) {
- CMS.debug("ConfigHSMLoginPanel: loginToken():" + e.toString());
- context.put("errorString", e.toString());
- rv = false;
- }
- return rv;
- }
-
- // XXX how do you do this?
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- Descriptor choiceDesc = new Descriptor(IDescriptor.CHOICE, "", "", null); /* no default parameters */
-
- set.add(
- "choice", choiceDesc);
-
- return set;
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
-
- CMS.debug("ConfigHSMLoginPanel: in update()");
-
- String uTokName = null;
- String uPasswd = null;
- try {
- uTokName = HttpInput.getTokenName(request, "uTokName");
- uPasswd = HttpInput.getPassword(request, "__uPasswd");
- } catch (Exception e) {
- }
-
- if (uPasswd == null) {
- CMS.debug("ConfigHSMLoginPanel: password not found");
- context.put("error", "no password");
- context.put("panel", "admin/console/config/config_hsmloginpanel.vm");
- context.put("updateStatus", "no password");
- return;
- } else {
- CMS.debug("ConfigHSMLoginPanel: got password");
-
- CryptoToken token = null;
-
- try {
- token = mCryptoManager.getTokenByName(uTokName);
- } catch (Exception e) {
- CMS.debug(
- "ConfigHSMLoginPanel: getTokenByName() failed: "
- + e.toString());
- context.put("error", "tokenNotFound:" + uTokName);
- }
-
- try {
- if (loginToken(token, uPasswd, context) == false) {
- CMS.debug(
- "ConfigHSMLoginPanel:loginToken failed for "
- + uTokName);
- context.put("error", "tokenLoginFailed");
- context.put("updateStatus", "login failed");
- context.put("panel",
- "admin/console/config/config_hsmloginpanel.vm");
- return;
- }
- CMS.debug(
- "ConfigHSMLoginPanel: update(): just logged in successfully");
- PlainPasswordWriter pw = new PlainPasswordWriter();
-
- pw.init(mPwdFilePath);
- pw.putPassword("hardware-" + uTokName, uPasswd);
- pw.commit();
-
- } catch (FileNotFoundException e) {
- CMS.debug(
- "ConfigHSMLoginPanel: update(): Exception caught: "
- + e.toString() + " writing to " + mPwdFilePath);
- CMS.debug(
- "ConfigHSMLoginPanel: update(): password not written to cache");
- System.err.println("Exception caught: " + e.toString());
- context.put("error", "Exception:" + e.toString());
- } catch (Exception e) {
- CMS.debug(
- "ConfigHSMLoginPanel: update(): Exception caught: "
- + e.toString());
- System.err.println("Exception caught: " + e.toString());
- context.put("error", "Exception:" + e.toString());
- }
-
- } // found password
-
- context.put("panel", "admin/console/config/config_hsmloginpanel.vm");
- context.put("status", "update");
- context.put("error", "");
- context.put("updateStatus", "success");
-
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Security Module Login");
- context.put("panel", "admin/console/config/config_hsmloginpanel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
index 7b5bef567de773c0cd5b86ba6e36a1c16f444012..4d362930374f15f4f1daa88e0aa4dc606b814340 100644
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
+++ b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
@@ -2462,7 +2462,7 @@ public class ConfigurationUtils {
}
public static void configCert(HttpServletRequest request, HttpServletResponse response,
- Context context, Cert certObj, WizardPanelBase panel) throws IOException {
+ Context context, Cert certObj) throws IOException {
IConfigStore config = CMS.getConfigStore();
String caType = certObj.getType();
@@ -2545,7 +2545,7 @@ public class ConfigurationUtils {
+ "&cert_request_type=pkcs10&cert_request=" + URLEncoder.encode(pkcs10, "UTF-8")
+ "&xmlOutput=true&sessionID=" + session_id;
cert = CertUtil.createRemoteCert(sd_hostname, sd_ee_port,
- content, response, panel);
+ content, response);
if (cert == null) {
throw new IOException("Error: remote certificate is null");
}
@@ -2584,7 +2584,7 @@ public class ConfigurationUtils {
+ "&xmlOutput=true&sessionID=" + session_id
+ sslserver_extension;
cert = CertUtil.createRemoteCert(ca_hostname, ca_port,
- content, response, panel);
+ content, response);
if (cert == null) {
throw new IOException("Error: remote certificate is null");
}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java
deleted file mode 100644
index 462e054555e6db78ea568c921bae4e6cb45c5975..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/CreateSubsystemPanel.java
+++ /dev/null
@@ -1,279 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-import java.net.URL;
-import java.util.StringTokenizer;
-import java.util.Vector;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class CreateSubsystemPanel extends WizardPanelBase {
-
- public CreateSubsystemPanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Subsystem Selection");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Subsystem Type");
- setId(id);
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putString("preop.subsystem.select", "");
- cs.putString("subsystem.select", "");
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.subsystem.select", "");
- if (s == null || s.equals("")) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- /* XXX */
-
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Subsystem Type");
- IConfigStore config = CMS.getConfigStore();
-
- try {
- String session_id = request.getParameter("session_id");
- if (session_id != null) {
- CMS.debug("CreateSubsystemPanel setting session id.");
- CMS.setConfigSDSessionId(session_id);
- }
-
- if (isPanelDone()) {
- String s = config.getString("preop.subsystem.select");
- if (s.equals("new")) {
- context.put("check_newsubsystem", "checked");
- context.put("check_clonesubsystem", "");
- } else if (s.equals("clone")) {
- context.put("check_newsubsystem", "");
- context.put("check_clonesubsystem", "checked");
- }
- context.put("subsystemName", config.getString("preop.subsystem.name"));
- } else {
- context.put("check_newsubsystem", "checked");
- context.put("check_clonesubsystem", "");
- context.put("subsystemName", config.getString("preop.system.fullname"));
- }
-
- String cstype = config.getString("cs.type", "");
- context.put("cstype", cstype);
- context.put("wizardname", config.getString("preop.wizard.name"));
- context.put("systemname", config.getString("preop.system.name"));
- context.put("fullsystemname", config.getString("preop.system.fullname"));
- context.put("machineName", config.getString("machineName"));
- context.put("http_port", CMS.getEENonSSLPort());
- context.put("https_agent_port", CMS.getAgentPort());
- context.put("https_ee_port", CMS.getEESSLPort());
- context.put("https_admin_port", CMS.getAdminPort());
-
- String domainType = config.getString("preop.securitydomain.select");
- Vector<String> v = null;
- if (!domainType.equals("new")) {
- try {
- v = ConfigurationUtils.getUrlListFromSecurityDomain(config, cstype, "SecurePort");
- } catch (Exception e) {
- // note: this is OK for a new master ca in a new domain
- CMS.debug("Exception thrown when obtaining URL List from security domain:" + e);
- e.printStackTrace();
- }
- }
-
- if (v == null) {
- v = new Vector<String>();
- }
-
- StringBuffer list = new StringBuffer();
- int size = v.size();
- for (int i = 0; i < size; i++) {
- if (i == size - 1) {
- list.append(v.elementAt(i));
- } else {
- list.append(v.elementAt(i));
- list.append(",");
- }
- }
-
- config.putString("preop.master.list", list.toString());
- config.commit(false);
-
- if (list.length() == 0)
- context.put("disableClone", "true");
-
- context.put("panel", "admin/console/config/createsubsystempanel.vm");
- context.put("urls", v);
- context.put("errorString", "");
- } catch (Exception e) {
- e.printStackTrace();
- context.put("errorString", e.toString());
- CMS.debug("CreateSubsystemPanel: Exception thrown: " + e);
- }
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore config = CMS.getConfigStore();
- String select = HttpInput.getID(request, "choice");
-
- if (select == null) {
- CMS.debug("CreateSubsystemPanel: choice not found");
- context.put("updateStatus", "failure");
- throw new IOException("choice not found");
- }
-
- try {
- String cstype = config.getString("cs.type", "");
- config.putString("preop.subsystem.name", HttpInput.getName(request, "subsystemName"));
-
- if (select.equals("newsubsystem")) {
- config.putString("preop.subsystem.select", "new");
- config.putString("subsystem.select", "New");
- } else if (select.equals("clonesubsystem")) {
- config.putString("preop.subsystem.select", "clone");
- config.putString("subsystem.select", "Clone");
-
- String lists = config.getString("preop.cert.list", "");
- StringTokenizer t = new StringTokenizer(lists, ",");
- while (t.hasMoreTokens()) {
- String tag = t.nextToken();
- if (tag.equals("sslserver"))
- config.putBoolean(PCERT_PREFIX + tag + ".enable", true);
- else
- config.putBoolean(PCERT_PREFIX + tag + ".enable", false);
- }
-
- // get the masterURL
- String index = request.getParameter("urls");
- String url = "";
-
- int x = Integer.parseInt(index);
- String list = config.getString("preop.master.list", "");
- StringTokenizer tokenizer = new StringTokenizer(list, ",");
- int counter = 0;
-
- while (tokenizer.hasMoreTokens()) {
- url = tokenizer.nextToken();
- if (counter == x) break;
- counter++;
- }
-
- url = url.substring(url.indexOf("http"));
-
- URL u = new URL(url);
- String host = u.getHost();
- int https_ee_port = u.getPort();
-
- String domainXML = config.getString("preop.domainXML");
-
- // check URI and update preop.master port entries
- boolean validUri = ConfigurationUtils.isValidCloneURI(domainXML, host, https_ee_port);
- if (!validUri) {
- throw new IOException("Invalid clone URI provided. Does not match the available subsystems in " +
- "the security domain");
- }
- if (cstype.equals("CA")) {
- int https_admin_port = ConfigurationUtils.getPortFromSecurityDomain(domainXML,
- host, https_ee_port, "CA", "SecurePort", "SecureAdminPort");
-
- ConfigurationUtils.importCertChain(host, https_admin_port, "/ca/admin/ca/getCertChain", "clone");
- }
- } else {
- CMS.debug("CreateSubsystemPanel: invalid choice " + select);
- context.put("updateStatus", "failure");
- throw new IOException("invalid choice " + select);
- }
-
- config.commit(false);
- } catch (Exception e) {
- CMS.debug("CreateSubsystemPanel: Exception thrown : " + e);
- context.put("errorString", e.toString());
- context.put("updateStatus", "failure");
- throw new IOException(e);
- }
-
- context.put("updateStatus", "success");
- }
-
- /**
- * If validate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Subsystem Type");
- context.put("panel", "admin/console/config/createsubsystempanel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java
deleted file mode 100644
index 56234f7cd9a88fd1984a3a3467cbafd173e44c21..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DatabasePanel.java
+++ /dev/null
@@ -1,532 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-import java.util.Random;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.Descriptor;
-import com.netscape.certsrv.property.IDescriptor;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class DatabasePanel extends WizardPanelBase {
-
- private static final String HOST = "localhost";
- private static final String CLONE_HOST = "Enter FQDN here";
- private static final String PORT = "389";
- private static final String BINDDN = "cn=Directory Manager";
-
- private WizardServlet mServlet = null;
-
- public DatabasePanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Internal Database");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Internal Database");
- setId(id);
- mServlet = servlet;
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putBoolean("preop.Database.done", false);
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- boolean s = cs.getBoolean("preop.Database.done",
- false);
-
- if (s != true) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
-
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
- Descriptor hostDesc = new Descriptor(IDescriptor.STRING, null, null, "Host name");
- set.add("hostname", hostDesc);
-
- Descriptor portDesc = new Descriptor(IDescriptor.INTEGER, null, null, "Port");
- set.add("portStr", portDesc);
-
- Descriptor basednDesc = new Descriptor(IDescriptor.STRING, null, null, "Base DN");
- set.add("basedn", basednDesc);
-
- Descriptor binddnDesc = new Descriptor(IDescriptor.STRING, null, null, "Bind DN");
- set.add("binddn", binddnDesc);
-
- Descriptor bindpwdDesc = new Descriptor(IDescriptor.PASSWORD, null, null, "Bind Password");
- set.add("bindpwd", bindpwdDesc);
-
- Descriptor databaseDesc = new Descriptor(IDescriptor.STRING, null, null, "Database");
- set.add("database", databaseDesc);
-
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- CMS.debug("DatabasePanel: display()");
- context.put("title", "Internal Database");
- context.put("firsttime", "false");
- IConfigStore cs = CMS.getConfigStore();
- String hostname = null;
- String portStr = null;
- String basedn = null;
- String binddn = null;
- String bindpwd = "";
- String database = null;
- String errorString = "";
- String secure = "false";
- String masterReplicationPort = "";
- String cloneReplicationPort = "";
- String replicationSecurity = "";
-
- try {
- @SuppressWarnings("unused")
- String s = cs.getString("preop.database.removeData"); // check whether it's first time
- } catch (Exception e) {
- context.put("firsttime", "true");
- }
-
- String select = "";
- try {
- select = cs.getString("preop.subsystem.select", "");
- } catch (Exception e) {
- }
-
- if (isPanelDone()) {
- try {
- hostname = cs.getString("internaldb.ldapconn.host", "");
- portStr = cs.getString("internaldb.ldapconn.port", "");
- basedn = cs.getString("internaldb.basedn", "");
- binddn = cs.getString("internaldb.ldapauth.bindDN", "");
- database = cs.getString("internaldb.database", "");
- secure = cs.getString("internaldb.ldapconn.secureConn", "");
- replicationSecurity = cs.getString("internaldb.ldapconn.replicationSecurity", "None");
- masterReplicationPort = cs.getString("internaldb.ldapconn.masterReplicationPort", "");
- cloneReplicationPort = cs.getString("internaldb.ldapconn.cloneReplicationPort", "");
- errorString = cs.getString("preop.database.errorString", "");
- } catch (Exception e) {
- CMS.debug("DatabasePanel display: " + e.toString());
- }
- } else if (select.equals("clone")) {
- hostname = CLONE_HOST;
- portStr = PORT;
- try {
- basedn = cs.getString("internaldb.basedn", "");
- } catch (Exception e) {
- CMS.debug("DatabasePanel::display() - "
- + "Exception=" + e.toString());
- return;
- }
- binddn = BINDDN;
- database = basedn.substring(basedn.lastIndexOf('=') + 1);
- CMS.debug("Clone: database=" + database);
- } else {
- hostname = HOST;
- portStr = PORT;
- String instanceId = "";
- String machineName = "";
-
- try {
- instanceId = cs.getString("instanceId", "");
- machineName = cs.getString("machineName", "");
- } catch (Exception e) {
- CMS.debug("DatabasePanel display: " + e.toString());
- }
- String suffix = "dc=" + machineName + "-" + instanceId;
-
- boolean multipleEnable = false;
- try {
- multipleEnable = cs.getBoolean(
- "internaldb.multipleSuffix.enable", false);
- } catch (Exception e) {
- }
-
- if (multipleEnable)
- basedn = "ou=" + instanceId + "," + suffix;
- else
- basedn = suffix;
- binddn = BINDDN;
- database = machineName + "-" + instanceId;
- }
-
- context.put("clone", select);
- context.put("hostname", hostname);
- context.put("portStr", portStr);
- context.put("basedn", basedn);
- context.put("binddn", binddn);
- context.put("bindpwd", bindpwd);
- context.put("database", database);
- context.put("secureConn", (secure.equals("true") ? "on" : "off"));
- context.put("masterReplicationPort", masterReplicationPort);
- context.put("cloneReplicationPort", cloneReplicationPort);
- context.put("replicationSecurity", replicationSecurity);
- context.put("panel", "admin/console/config/databasepanel.vm");
- context.put("errorString", errorString);
- }
-
- public void initParams(HttpServletRequest request, Context context)
- throws IOException {
- IConfigStore config = CMS.getConfigStore();
- String select = "";
- try {
- select = config.getString("preop.subsystem.select", "");
- } catch (Exception e) {
- }
- context.put("clone", select);
- context.put("hostname", (request.getParameter("host") != null) ? request.getParameter("host") : "");
- context.put("portStr", (request.getParameter("port") != null) ? request.getParameter("port") : "");
- context.put("basedn", (request.getParameter("basedn") != null) ? request.getParameter("basedn") : "");
- context.put("binddn", (request.getParameter("binddn") != null) ? request.getParameter("binddn") : "");
- context.put("bindpwd", (request.getParameter("__bindpwd") != null) ?
- request.getParameter("__bindpwd"): "");
- context.put("database", (request.getParameter("database") != null) ?
- request.getParameter("database") : "");
- context.put("masterReplicationPort", (request.getParameter("masterReplicationPort") != null) ?
- request.getParameter("masterReplicationPort"): "");
- context.put("cloneReplicationPort", (request.getParameter("cloneReplicationPort") != null) ?
- request.getParameter("cloneReplicationPort"): "");
- context.put("replicationSecurity", (request.getParameter("replicationSecurity") != null) ?
- request.getParameter("replicationSecurity"): "None");
- }
-
- /**
- * Parses and validates the parameters in the request.
- */
- public void parseParameters(HttpServletRequest request,
- HttpServletResponse response, Context context) throws IOException {
- IConfigStore cs = CMS.getConfigStore();
-
- String select = "";
- try {
- select = cs.getString("preop.subsystem.select", "");
- } catch (Exception e) {
- }
-
- String hostname = HttpInput.getHostname(request, "host");
- if (hostname == null || hostname.length() == 0) {
- throw new IOException("hostname is empty string");
- }
- context.put("hostname", hostname);
-
- // this validates that port is an integer
- String portStr = HttpInput.getPortNumber(request, "port");
- context.put("portStr", portStr);
-
- String basedn = HttpInput.getDN(request, "basedn");
- if (basedn == null || basedn.length() == 0) {
- throw new IOException("basedn is empty string");
- }
- context.put("basedn", basedn);
-
- String binddn = HttpInput.getDN(request, "binddn");
- if (binddn == null || binddn.length() == 0) {
- throw new IOException("binddn is empty string");
- }
- context.put("binddn", binddn);
-
- String database = HttpInput.getLdapDatabase(request, "database");
- if (database == null || database.length() == 0) {
- throw new IOException("Database is empty string");
- }
- context.put("database", database);
-
- String bindpwd = HttpInput.getPassword(request, "__bindpwd");
- if (bindpwd == null || bindpwd.length() == 0) {
- throw new IOException("Bind password is empty string");
- }
- context.put("bindpwd", bindpwd);
-
- String secure = HttpInput.getCheckbox(request, "secureConn");
- context.put("secureConn", secure);
-
- String masterReplicationPort = HttpInput.getString(request, "masterReplicationPort");
- if (masterReplicationPort != null && masterReplicationPort.length() > 0) {
- try {
- Integer.parseInt(masterReplicationPort); // check for errors
- } catch (NumberFormatException e) {
- throw new IOException("Master replication port is invalid");
- }
- }
- context.put("masterReplicationPort", masterReplicationPort);
-
- String cloneReplicationPort = HttpInput.getString(request, "cloneReplicationPort");
- if (cloneReplicationPort != null && cloneReplicationPort.length() > 0) {
- try {
- Integer.parseInt(cloneReplicationPort); // check for errors
- } catch (Exception e) {
- throw new IOException("Clone replication port is invalid");
- }
- }
- context.put("cloneReplicationPort", cloneReplicationPort);
-
- String replicationSecurity = HttpInput.getString(request, "replicationSecurity");
- context.put("replicationSecurity", replicationSecurity);
-
- if (select.equals("clone")) {
- String masterhost = "";
- String masterport = "";
- String masterbasedn = "";
- String realhostname = "";
- try {
- masterhost = cs.getString("preop.internaldb.master.ldapconn.host", "");
- masterport = cs.getString("preop.internaldb.master.ldapconn.port", "");
- masterbasedn = cs.getString("preop.internaldb.master.basedn", "");
- realhostname = cs.getString("machineName", "");
- } catch (Exception e) {
- }
-
- if (masterhost.equals(realhostname) && masterport.equals(portStr)) {
- throw new IOException("Master and clone must not share the same internal database");
- }
-
- if (!masterbasedn.equals(basedn)) {
- throw new IOException("Master and clone should have the same base DN");
- }
- }
-
- context.put("errorString", "");
- cs.putString("preop.database.errorString", "");
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
-
- IConfigStore cs = CMS.getConfigStore();
- context.put("firsttime", "false");
- try {
- @SuppressWarnings("unused")
- String s = cs.getString("preop.database.removeData"); // check whether it's first time
- } catch (Exception e) {
- context.put("firsttime", "true");
- }
-
- try {
- parseParameters(request, response, context);
- } catch (IOException e) {
- context.put("errorString", e.getMessage());
- cs.putString("preop.database.errorString", e.getMessage());
- context.put("updateStatus", "validate-failure");
- throw e;
- }
-
- context.put("errorString", "");
- cs.putString("preop.database.errorString", "");
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore cs = CMS.getConfigStore();
-
- context.put("firsttime", "false");
- try {
- @SuppressWarnings("unused")
- String s = cs.getString("preop.database.removeData"); // check whether it's first time
- } catch (Exception e) {
- context.put("firsttime", "true");
- }
-
- String hostname1 = "";
- String portStr1 = "";
- String database1 = "";
- String masterPortStr = "";
- String csType = "";
- String select = "";
-
- try {
- hostname1 = cs.getString("internaldb.ldapconn.host", "");
- portStr1 = cs.getString("internaldb.ldapconn.port", "");
- database1 = cs.getString("internaldb.database", "");
- masterPortStr = cs.getString("preop.internaldb.master.ldapconn.port", "0");
- csType = cs.getString("cs.type");
- select = cs.getString("preop.subsystem.select", "");
- } catch (Exception e) {
- }
-
- try {
- parseParameters(request, response, context);
- } catch (IOException e) {
- context.put("errorString", e.getMessage());
- cs.putString("preop.database.errorString", e.getMessage());
- context.put("updateStatus", "validate-failure");
- throw e;
- }
-
- String hostname2 = (String) context.get("hostname");
- String portStr2 = (String) context.get("portStr");
- String database2 = (String) context.get("database");
- String basedn2 = (String) context.get("basedn");
- String binddn = (String) context.get("binddn");
- String secure = (String) context.get("secureConn");
- String masterReplicationPortStr = (String) context.get("masterReplicationPort");
- String cloneReplicationPortStr = (String) context.get("cloneReplicationPort");
-
- cs.putString("internaldb.ldapconn.host", hostname2);
- cs.putString("internaldb.ldapconn.port", portStr2);
- cs.putString("internaldb.database", database2);
- cs.putString("internaldb.basedn", basedn2);
- cs.putString("internaldb.ldapauth.bindDN", binddn);
- cs.putString("internaldb.ldapconn.secureConn", (secure.equals("on") ? "true" : "false"));
-
- if (csType.equals("TPS")) {
- cs.putString("tokendb.activityBaseDN", "ou=Activities," + basedn2);
- cs.putString("tokendb.baseDN", "ou=Tokens," + basedn2);
- cs.putString("tokendb.certBaseDN", "ou=Certificates," + basedn2);
- cs.putString("tokendb.userBaseDN", basedn2);
- cs.putString("tokendb.hostport", hostname2 + ":" + portStr2);
- }
-
- if ((masterReplicationPortStr == null) || (masterReplicationPortStr.length() == 0)) {
- masterReplicationPortStr = masterPortStr;
- }
- cs.putString("internaldb.ldapconn.masterReplicationPort", masterReplicationPortStr);
-
- int cloneReplicationPort = 0;
- int port = Integer.parseInt(portStr2);
- if ((cloneReplicationPortStr == null) || (cloneReplicationPortStr.length() == 0)) {
- cloneReplicationPortStr = portStr2;
- }
- cloneReplicationPort = Integer.parseInt(cloneReplicationPortStr);
- cs.putString("internaldb.ldapconn.cloneReplicationPort", cloneReplicationPortStr);
-
- String replicationSecurity = HttpInput.getString(request, "replicationSecurity");
- if ((cloneReplicationPort == port) && (secure.equals("true"))) {
- replicationSecurity = "SSL";
- } else if (replicationSecurity == null) {
- replicationSecurity = "None";
- }
- cs.putString("internaldb.ldapconn.replicationSecurity", replicationSecurity);
-
- String remove = HttpInput.getID(request, "removeData");
- cs.putString("preop.database.removeData", ((remove != null) && (!remove.equals(""))) ?
- "true" : "false");
-
- if (isPanelDone() && (remove == null || remove.equals(""))) {
- /* if user submits the same data, they just want to skip
- to the next panel, no database population is required. */
- if (hostname1.equals(hostname2) &&
- portStr1.equals(portStr2) &&
- database1.equals(database2)) {
- context.put("updateStatus", "success");
- return;
- }
- }
-
- mServlet.cleanUpFromPanel(mServlet.getPanelNo(request));
-
- try {
- /* BZ 430745 create password for replication manager */
- String replicationpwd = Integer.toString(new Random().nextInt());
-
- IConfigStore psStore = null;
- String passwordFile = null;
- passwordFile = cs.getString("passwordFile");
- psStore = CMS.createFileConfigStore(passwordFile);
- psStore.putString("internaldb", HttpInput.getPassword(request, "__bindpwd"));
- psStore.putString("replicationdb", replicationpwd);
- psStore.commit(false);
-
- ConfigurationUtils.populateDB();
-
- cs.putString("preop.internaldb.replicationpwd", replicationpwd);
- cs.putString("preop.database.removeData", "false");
-
- if (select.equals("clone")) {
- CMS.debug("Start setting up replication.");
- ConfigurationUtils.setupReplication();
- }
-
- ConfigurationUtils.reInitSubsystem(csType);
- ConfigurationUtils.populateDBManager();
- ConfigurationUtils.populateVLVIndexes();
-
- cs.putBoolean("preop.Database.done", true);
- cs.commit(false);
- } catch (Exception e) {
- e.printStackTrace();
- CMS.debug("DatabasePanel update: error in populating database " + e.toString());
- context.put("errorString", e.toString());
- cs.putString("preop.database.errorString", e.toString());
- context.put("updateStatus", "failure");
- throw new IOException(e.toString());
- }
-
- context.put("updateStatus", "success");
- }
-
- /**
- * If validate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
-
- try {
- initParams(request, context);
- } catch (IOException e) {
- }
- context.put("title", "Database");
- context.put("panel", "admin/console/config/databasepanel.vm");
- }
-
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java
deleted file mode 100644
index 702c5aa9286430f03883ca57eac7fff1f154947a..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DisplayCertChainPanel.java
+++ /dev/null
@@ -1,226 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-import java.net.URLEncoder;
-import java.util.Locale;
-import java.util.Vector;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import netscape.security.util.CertPrettyPrint;
-import netscape.security.x509.X509CertImpl;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-import com.netscape.cmsutil.crypto.CryptoUtil;
-
-public class DisplayCertChainPanel extends WizardPanelBase {
-
- public DisplayCertChainPanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Display Certificate Chain");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Display Certificate Chain");
- setId(id);
- }
-
- public boolean isSubPanel() {
- return true;
- }
-
- public boolean isPanelDone() {
- return true;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- return set;
- }
-
- public void cleanUp() throws IOException {
- }
-
- /**
- * Should we skip this panel for the configuration.
- */
- public boolean shouldSkip() {
- CMS.debug("DisplayCertChainPanel: should skip");
-
- IConfigStore cs = CMS.getConfigStore();
- // if we are root, no need to get the certificate chain.
-
- try {
- String select = cs.getString("securitydomain.select", "");
- String type = cs.getString("preop.subsystem.select", "");
- String hierarchy = cs.getString("preop.hierarchy.select", "");
-
- if (getId().equals("hierarchy") && hierarchy.equals("root"))
- return true;
-
- if (select.equals("new")) {
- return true;
- }
-
- if (type.equals("new") && getId().equals("clone"))
- return true;
-
- if (type.equals("clone") && getId().equals("ca"))
- return true;
- } catch (EBaseException e) {
- }
-
- return false;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- try {
- CMS.debug("DisplayCertChainPanel: display");
-
- // update session id
- String session_id = request.getParameter("session_id");
- if (session_id != null) {
- CMS.debug("DisplayCertChainPanel setting session id.");
- CMS.setConfigSDSessionId(session_id);
- }
-
- String type = getId();
- IConfigStore cs = CMS.getConfigStore();
- String certChainConfigName = "preop." + type + ".certchain.size";
- String certchain_size = cs.getString(certChainConfigName, "");
- int size = 0;
- Vector<String> v = new Vector<String>();
-
- if (!certchain_size.equals("")) {
- size = Integer.parseInt(certchain_size);
- for (int i = 0; i < size; i++) {
- certChainConfigName = "preop." + type + ".certchain." + i;
- String c = cs.getString(certChainConfigName, "");
- byte[] b_c = CryptoUtil.base64Decode(c);
- CertPrettyPrint pp = new CertPrettyPrint(new X509CertImpl(b_c));
-
- v.addElement(pp.toString(Locale.getDefault()));
- }
- }
-
- if (getId().equals("securitydomain")) {
- context.put("panelid", "securitydomain");
- context.put("panelname", "Security Domain Trust Verification");
- } else {
- context.put("panelid", "other");
- context.put("panelname", "Subsystem Trust Verification");
- }
- context.put("title", "Display Certificate Chain");
- context.put("panel", "admin/console/config/displaycertchainpanel.vm");
- context.put("errorString", "");
- context.put("certchain", v);
- } catch (Exception e) {
- CMS.debug("DisplayCertPanel: Exception thrown: " + e.toString());
- e.printStackTrace();
- context.put("errorString", e.toString());
- }
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
-
- if (getId().equals("securitydomain")) {
- int panel = getPanelNo() + 1;
- IConfigStore cs = CMS.getConfigStore();
- try {
- String sd_hostname = cs.getString("securitydomain.host", "");
- int sd_port = cs.getInteger("securitydomain.httpsadminport", -1);
- String cs_hostname = cs.getString("machineName", "");
- int cs_port = cs.getInteger("pkicreate.admin_secure_port", -1);
- String subsystem = cs.getString("cs.type", "");
- String urlVal = "https://" + cs_hostname + ":" + cs_port + "/" + subsystem.toLowerCase()
- + "/admin/console/config/wizard?p=" + panel + "&subsystem=" + subsystem;
- String encodedValue = URLEncoder.encode(urlVal, "UTF-8");
- String sdurl = "https://" + sd_hostname + ":" + sd_port + "/ca/admin/ca/securityDomainLogin?url="
- + encodedValue;
- response.sendRedirect(sdurl);
-
- // The user previously specified the CA Security Domain's
- // SSL Admin port in the "Security Domain Panel";
- // now retrieve this specified CA Security Domain's
- // non-SSL EE, SSL Agent, and SSL EE ports:
- String domainXML = ConfigurationUtils.getDomainXML(sd_hostname, sd_port, true);
- ConfigurationUtils.getSecurityDomainPorts(domainXML, sd_hostname, sd_port);
- cs.putString("preop.domainXML", domainXML);
- cs.commit(false);
- } catch (Exception e) {
- CMS.debug("DisplayCertChainPanel Exception=" + e.toString());
- e.printStackTrace();
- context.put("errorString", e.toString());
- context.put("updateStatus", "failure");
- throw new IOException(e);
- }
- }
- context.put("updateStatus", "success");
- }
-
- /**
- * If validate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
-
- /* This should never be called */
- context.put("title", "Display Certificate Chain");
- context.put("panel", "admin/console/config/displaycertchainpanel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DonePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/DonePanel.java
deleted file mode 100644
index d55bd82bfd3eb85bb748ef81b089158bf9edb6e4..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/DonePanel.java
+++ /dev/null
@@ -1,313 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.net.URI;
-import java.net.URISyntaxException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.ocsp.IOCSPAuthority;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-import com.netscape.cmsutil.util.Utils;
-
-public class DonePanel extends WizardPanelBase {
-
- public static final BigInteger BIG_ZERO = new BigInteger("0");
- public static final Long MINUS_ONE = Long.valueOf(-1);
- public static final String RESTART_SERVER_AFTER_CONFIGURATION =
- "restart_server_after_configuration";
- public static final String PKI_SECURITY_DOMAIN = "pki_security_domain";
-
- public DonePanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Done");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Done");
- setId(id);
- }
-
- public boolean hasSubPanel() {
- return false;
- }
-
- public void cleanUp() throws IOException {
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- /* XXX */
-
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request, HttpServletResponse response, Context context) {
- CMS.debug("DonePanel: display()");
-
- // update session id
- String session_id = request.getParameter("session_id");
- if (session_id != null) {
- CMS.debug("NamePanel setting session id.");
- CMS.setConfigSDSessionId(session_id);
- }
-
- IConfigStore cs = CMS.getConfigStore();
-
- String select = "";
- String type = "";
- String instanceId = "";
- String instanceRoot = "";
- String systemdService = "";
- String ca_host = "";
- String sdtype = "";
- int state = 0;
- try {
- type = cs.getString("cs.type", "");
- instanceId = cs.getString("instanceId");
- instanceRoot = cs.getString("instanceRoot");
- select = cs.getString("preop.subsystem.select", "");
- systemdService = cs.getString("pkicreate.systemd.servicename", "");
- ca_host = cs.getString("preop.ca.hostname", "");
- sdtype = cs.getString("securitydomain.select", "");
- state = cs.getInteger("cs.state");
- } catch (Exception e) {
- }
-
- String initDaemon = "";
- if (type.equals("CA")) {
- initDaemon = "<pki_ca_instance_name>";
- } else if (type.equals("KRA")) {
- initDaemon = "<pki_kra_instance_name>";
- } else if (type.equals("OCSP")) {
- initDaemon = "<pki_ocsp_instance_name>";
- } else if (type.equals("TKS")) {
- initDaemon = "<pki_tks_instance_name>";
- } else if (type.equals("TPS")) {
- initDaemon = "<pki_tps_instance_name>";
- }
- String os = System.getProperty("os.name");
- if (os.equalsIgnoreCase("Linux")) {
- if (!systemdService.equals("")) {
- context.put("initCommand", "/bin/systemctl");
- context.put("instanceId", systemdService);
- } else {
- context.put("initCommand", "/sbin/service " + initDaemon);
- context.put("instanceId", instanceId);
- }
- } else {
- /* default case: e. g. - ( os.equalsIgnoreCase( "SunOS" ) */
- context.put("initCommand", "/etc/init.d/" + initDaemon);
- context.put("instanceId", instanceId);
- }
- context.put("title", "Done");
- context.put("panel", "admin/console/config/donepanel.vm");
- context.put("host", CMS.getAdminHost());
- context.put("port", CMS.getAdminPort());
- context.put("systemType", type.toLowerCase());
-
- if (state == 1) {
- context.put("csstate", "1");
- return;
- } else
- context.put("csstate", "0");
-
- if (ca_host.equals(""))
- context.put("externalCA", "true");
- else
- context.put("externalCA", "false");
-
- // Create or update security domain
-
- try {
- if (sdtype.equals("new")) {
- ConfigurationUtils.createSecurityDomain();
- } else { //existing domain
- ConfigurationUtils.updateSecurityDomain();
- }
-
- cs.putString("service.securityDomainPort", CMS.getAgentPort());
- cs.putString("securitydomain.store", "ldap");
- cs.commit(false);
- } catch (Exception e) {
- CMS.debug("DonePanel - update(): Error while updating security domain: " + e);
- e.printStackTrace();
- }
-
- // push connector information to the CA
- try {
- if (type.equals("KRA") && !ca_host.equals("")) {
- ConfigurationUtils.updateConnectorInfo(CMS.getAgentHost(), CMS.getAgentPort());
- ConfigurationUtils.setupClientAuthUser();
- }
- } catch (Exception e) {
- context.put("info", "Failed to update connector information. "+e.getMessage());
- CMS.debug("DonePanel - update(): Error while pushing KRA connectot information to the CA: " + e);
- e.printStackTrace();
- }
-
- // import the CA certificate into the OCSP
- // configure the CRL Publishing to OCSP in CA
- try {
- if (type.equals("OCSP") && !ca_host.equals("")) {
- CMS.reinit(IOCSPAuthority.ID);
- ConfigurationUtils.importCACertToOCSP();
- ConfigurationUtils.updateOCSPConfig();
- ConfigurationUtils.setupClientAuthUser();
- }
- } catch (Exception e) {
- CMS.debug("DonePanel - update(): Error while configuring OCSP publishing on the CA: " + e);
- e.printStackTrace();
- }
-
- try {
- if (!select.equals("clone")) {
- if (type.equals("CA") || type.equals("KRA")) {
- ConfigurationUtils.updateNextRanges();
-
- }
- }
- } catch (Exception e) {
- CMS.debug("DonePanel - update(): Error while updating serial number next ranges: " + e);
- e.printStackTrace();
- }
-
- try {
- if (select.equals("clone") && type.equalsIgnoreCase("CA") && ConfigurationUtils.isSDHostDomainMaster(cs)) {
- // cloning a domain master CA, the clone is also master of its domain
- CMS.debug("Cloning a domain master");
- cs.putString("securitydomain.host", CMS.getEESSLHost());
- cs.putString("securitydomain.httpport", CMS.getEENonSSLPort());
- cs.putString("securitydomain.httpsadminport", CMS.getAdminPort());
- cs.putString("securitydomain.httpsagentport", CMS.getAgentPort());
- cs.putString("securitydomain.httpseeport", CMS.getEESSLPort());
- cs.putString("securitydomain.select", "new");
- }
- } catch (Exception e) {
- CMS.debug("DonePanel - update(): Error in determining if security domain host is a master CA: " + e);
- e.printStackTrace();
- }
-
- try {
- ConfigurationUtils.setupDBUser();
- } catch (Exception e) {
- e.printStackTrace();
- CMS.debug("DonePanel - update(): Unable to create or update dbuser" + e);
- }
-
- if (type.equals("TPS")) {
- try {
- String adminUID = cs.getString("preop.admin.uid", "tpsadmin");
- ConfigurationUtils.addProfilesToTPSUser(adminUID);
-
- String sd_admin_port = cs.getString("securitydomain.httpsadminport");
- String sd_host = cs.getString("securitydomain.host");
- URI secdomainURI = new URI("https://" + sd_host + ":" + sd_admin_port);
-
- // register TPS with CA
- URI caURI = new URI(cs.getString("preop.cainfo.select"));
- ConfigurationUtils.registerUser(secdomainURI, caURI, "ca");
-
- // register TPS with TKS
- URI tksURI = new URI(cs.getString("preop.tksinfo.select"));
- ConfigurationUtils.registerUser(secdomainURI, tksURI, "tks");
-
- String keyGen = cs.getString("conn.tks1.serverKeygen", "false");
- if (keyGen.equalsIgnoreCase("true")) {
- URI kraURI = new URI(cs.getString("preop.krainfo.select"));
- ConfigurationUtils.registerUser(secdomainURI, kraURI, "kra");
- String transportCert = ConfigurationUtils.getTransportCert(secdomainURI, kraURI);
- ConfigurationUtils.exportTransportCert(secdomainURI, tksURI, transportCert);
- }
- } catch (URISyntaxException e) {
- e.printStackTrace();
- CMS.debug("Invalid URI for CA, TKS or KRA: " + e);
- } catch (Exception e) {
- e.printStackTrace();
- CMS.debug("Errors in registering TPS to CA, TKS or KRA: " + e);
- }
- }
-
- cs.putInteger("cs.state", 1);
- try {
- ConfigurationUtils.removePreopConfigEntries();
- } catch (Exception e) {
- CMS.debug("DonePanel - update(): Caught exception saving preop variables: " + e);
- }
-
- // Create an empty file that designates the fact that although
- // this server instance has been configured, it has NOT yet
- // been restarted!
- String restart_server = instanceRoot + "/conf/"
- + RESTART_SERVER_AFTER_CONFIGURATION;
- if (!Utils.isNT()) {
- Utils.exec("touch " + restart_server);
- Utils.exec("chmod 00660 " + restart_server);
- }
-
- context.put("csstate", "1");
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {/* This should never be called */
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java
deleted file mode 100644
index b42bdb7de2b300ec5c3484ee9c78c91e4632533e..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/HierarchyPanel.java
+++ /dev/null
@@ -1,194 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class HierarchyPanel extends WizardPanelBase {
-
- public HierarchyPanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("PKI Hierarchy");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("PKI Hierarchy");
- setId(id);
- }
-
- public boolean shouldSkip() {
-
- // we dont need to ask the hierachy if we are
- // setting up a clone
- try {
- IConfigStore c = CMS.getConfigStore();
- String s = c.getString("preop.subsystem.select",
- null);
- if (s != null && s.equals("clone")) {
- // mark this panel as done
- c.putString("preop.hierarchy.select", "root");
- c.putString("hierarchy.select", "Clone");
- return true;
- }
- } catch (EBaseException e) {
- }
-
- return false;
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putString("preop.hierarchy.select", "");
- cs.putString("hierarchy.select", "");
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.hierarchy.select", "");
- if (s == null || s.equals("")) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- /* XXX */
-
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "PKI Hierarchy");
- IConfigStore config = CMS.getConfigStore();
-
- if (isPanelDone()) {
- try {
- String s = config.getString("preop.hierarchy.select");
-
- if (s.equals("root")) {
- context.put("check_root", "checked");
- } else if (s.equals("join")) {
- context.put("check_join", "checked");
- }
- } catch (Exception e) {
- CMS.debug(e.toString());
- }
- } else {
- context.put("check_root", "checked");
- context.put("check_join", "");
- }
-
- context.put("panel", "admin/console/config/hierarchypanel.vm");
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore config = CMS.getConfigStore();
- try {
- String cstype = config.getString("preop.subsystem.select", "");
- if (cstype.equals("clone")) {
- context.put("updateStatus", "success");
- return;
- }
- } catch (Exception e) {
- }
-
- String select = HttpInput.getID(request, "choice");
-
- if (select == null) {
- CMS.debug("HierarchyPanel: choice not found");
- context.put("updateStatus", "failure");
- throw new IOException("choice not found");
- }
-
- if (select.equals("root")) {
- config.putString("preop.hierarchy.select", "root");
- config.putString("hierarchy.select", "Root");
- config.putString("preop.ca.type", "sdca");
- try {
- config.commit(false);
- } catch (EBaseException e) {
- }
- } else if (select.equals("join")) {
- config.putString(PCERT_PREFIX + "signing.type", "remote");
- config.putString("preop.hierarchy.select", "join");
- config.putString("hierarchy.select", "Subordinate");
- } else {
- config.putString(PCERT_PREFIX + "signing.type", "remote");
- CMS.debug("HierarchyPanel: invalid choice " + select);
- context.put("updateStatus", "failure");
- throw new IOException("invalid choice " + select);
- }
- context.put("updateStatus", "success");
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java
deleted file mode 100644
index 98614ac61a768a7227433f6a9ca32d4427b28b97..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportAdminCertPanel.java
+++ /dev/null
@@ -1,340 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.BufferedReader;
-import java.io.FileReader;
-import java.io.IOException;
-import java.math.BigInteger;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import netscape.security.x509.X509CertImpl;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.ConflictingOperationException;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.base.ISubsystem;
-import com.netscape.certsrv.ca.ICertificateAuthority;
-import com.netscape.certsrv.dbs.certdb.ICertificateRepository;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.usrgrp.IUGSubsystem;
-import com.netscape.certsrv.usrgrp.IUser;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-import com.netscape.cmsutil.crypto.CryptoUtil;
-
-public class ImportAdminCertPanel extends WizardPanelBase {
-
- public ImportAdminCertPanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Import Administrator's Certificate");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Import Administrator's Certificate");
- setId(id);
- }
-
- public boolean isSubPanel() {
- return true;
- }
-
- public void cleanUp() throws IOException {
- }
-
- public boolean isPanelDone() {
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- CMS.debug("ImportAdminCertPanel: display");
- context.put("errorString", "");
- context.put("title", "Import Administrator's Certificate");
- context.put("panel", "admin/console/config/importadmincertpanel.vm");
- context.put("import", "true");
-
- IConfigStore cs = CMS.getConfigStore();
-
- String type = "";
-
- try {
- type = cs.getString("preop.ca.type", "");
- } catch (Exception e) {
- }
-
- try {
- String serialno = cs.getString("preop.admincert.serialno.0");
-
- context.put("serialNumber", serialno);
- } catch (Exception e) {
- context.put("errorString", "Failed to get serial number.");
- }
-
- context.put("caType", type);
-
- ISubsystem ca = CMS.getSubsystem("ca");
-
- if (ca == null) {
- context.put("ca", "false");
- } else {
- context.put("ca", "true");
- }
-
- String caHost = "";
- String caPort = "";
- String info = "";
-
- if (ca == null) {
- if (type.equals("otherca")) {
- try {
- // this is a non-CA system that has elected to have its certificates
- // signed by a CA outside of the security domain.
- // in this case, we submitted the cert request for the admin cert to
- // to security domain host.
- caHost = cs.getString("securitydomain.host", "");
- caPort = cs.getString("securitydomain.httpsadminport", "");
- } catch (Exception e) {
- }
- } else if (type.equals("sdca")) {
- try {
- // this is a non-CA system that submitted its certs to a CA
- // within the security domain. In this case, we submitted the cert
- // request for the admin cert to this CA
- caHost = cs.getString("preop.ca.hostname", "");
- caPort = cs.getString("preop.ca.httpsadminport", "");
- } catch (Exception e) {
- }
- }
- } else {
- // for CAs, we always generate our own admin certs
- // send our own connection details
- try {
- caHost = cs.getString("service.machineName", "");
- caPort = cs.getString("pkicreate.admin_secure_port", "");
- } catch (Exception e) {
- }
- }
-
- String pkcs7 = "";
- try {
- pkcs7 = cs.getString("preop.admincert.pkcs7", "");
- } catch (Exception e) {
- }
-
- context.put("pkcs7", pkcs7);
- context.put("caHost", caHost);
- context.put("caPort", caPort);
- context.put("info", info);
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore cs = CMS.getConfigStore();
-
- String type = "";
- String subsystemtype = "";
- String selected_hierarchy = "";
-
- try {
- type = cs.getString("preop.ca.type", "");
- subsystemtype = cs.getString("cs.type", "");
- selected_hierarchy = cs.getString("preop.hierarchy.select", "");
- } catch (Exception e) {
- }
-
- ICertificateAuthority ca = (ICertificateAuthority) CMS.getSubsystem(
- ICertificateAuthority.ID);
-
- if (ca == null) {
- context.put("ca", "false");
- } else {
- context.put("ca", "true");
- }
- context.put("caType", type);
-
- X509CertImpl certs[] = new X509CertImpl[1];
-
- // REMINDER: This panel is NOT used by "clones"
- if (ca != null) {
- String serialno = null;
-
- if (selected_hierarchy.equals("root")) {
- CMS.debug("ImportAdminCertPanel update: "
- + "Root CA subsystem - "
- + "(new Security Domain)");
- } else {
- CMS.debug("ImportAdminCertPanel update: "
- + "Subordinate CA subsystem - "
- + "(new Security Domain)");
- }
-
- try {
- serialno = cs.getString("preop.admincert.serialno.0");
- } catch (Exception e) {
- CMS.debug(
- "ImportAdminCertPanel update: Failed to get request id.");
- context.put("updateStatus", "failure");
- throw new IOException("Failed to get request id.");
- }
-
- ICertificateRepository repost = ca.getCertificateRepository();
-
- try {
- certs[0] = repost.getX509Certificate(
- new BigInteger(serialno, 16));
- } catch (Exception ee) {
- }
- } else {
- String dir = null;
-
- // REMINDER: This panel is NOT used by "clones"
- if (subsystemtype.equals("CA")) {
- if (selected_hierarchy.equals("root")) {
- CMS.debug("ImportAdminCertPanel update: "
- + "Root CA subsystem - "
- + "(existing Security Domain)");
- } else {
- CMS.debug("ImportAdminCertPanel update: "
- + "Subordinate CA subsystem - "
- + "(existing Security Domain)");
- }
- } else {
- CMS.debug("ImportAdminCertPanel update: "
- + subsystemtype
- + " subsystem");
- }
-
- try {
- dir = cs.getString("preop.admincert.b64", "");
- CMS.debug("ImportAdminCertPanel update: dir=" + dir);
- } catch (Exception ee) {
- }
-
- try {
- BufferedReader reader = new BufferedReader(
- new FileReader(dir));
- String b64 = "";
-
- StringBuffer sb = new StringBuffer();
- while (reader.ready()) {
- sb.append(reader.readLine());
- }
- b64 = sb.toString();
- reader.close();
-
- b64 = b64.trim();
- b64 = CryptoUtil.stripCertBrackets(b64);
- CMS.debug("ImportAdminCertPanel update: b64=" + b64);
- byte[] b = CryptoUtil.base64Decode(b64);
- certs[0] = new X509CertImpl(b);
- } catch (Exception e) {
- CMS.debug("ImportAdminCertPanel update: " + e.toString());
- }
- }
-
- try {
- IUGSubsystem ug = (IUGSubsystem) CMS.getSubsystem(IUGSubsystem.ID);
- String uid = cs.getString("preop.admin.uid");
- IUser user = ug.getUser(uid);
- user.setX509Certificates(certs);
- ug.addUserCert(user);
-
- } catch (ConflictingOperationException e) {
- CMS.debug("ImportAdminCertPanel update: failed to add certificate to the internal database. Exception: "
- + e.toString());
- // ignore
-
- } catch (Exception e) {
- CMS.debug(
- "ImportAdminCertPanel update: failed to add certificate. Exception: "
- + e.toString());
- context.put("updateStatus", "failure");
- throw new IOException(e.toString());
- }
-
- context.put("errorString", "");
- context.put("info", "");
- context.put("title", "Import Administrator Certificate");
- context.put("panel", "admin/console/config/importadmincertpanel.vm");
- context.put("updateStatus", "success");
- }
-
- public boolean shouldSkip() {
- try {
- IConfigStore c = CMS.getConfigStore();
- String s = c.getString("preop.subsystem.select", null);
- if (s != null && s.equals("clone")) {
- return true;
- }
- } catch (EBaseException e) {
- }
-
- return false;
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
-
- /* This should never be called */
- context.put("title", "Import Administrator Certificate");
- context.put("panel", "admin/console/config/importadmincertpanel.vm");
- context.put("info", "");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java
deleted file mode 100755
index bc4af9828b2d266827c22ff9bd9121abb0dfa76b..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ImportCAChainPanel.java
+++ /dev/null
@@ -1,145 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.base.ISubsystem;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class ImportCAChainPanel extends WizardPanelBase {
-
- public ImportCAChainPanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Import CA's Certificate Chain");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Import CA's Certificate Chain");
- setId(id);
- }
-
- public boolean isSubPanel() {
- return false;
- }
-
- public void cleanUp() throws IOException {
- }
-
- public boolean isPanelDone() {
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- CMS.debug("ImportCACertChain: display");
- context.put("errorString", "");
- context.put("title", "Import CA's Certificate Chain");
- context.put("panel", "admin/console/config/importcachainpanel.vm");
- context.put("import", "true");
-
- IConfigStore cs = CMS.getConfigStore();
- try {
- context.put("machineName", cs.getString("machineName"));
- context.put("https_port", cs.getString("pkicreate.ee_secure_port"));
- context.put("http_port", cs.getString("pkicreate.unsecure_port"));
- } catch (EBaseException e) {
- CMS.debug("ImportCACertChain:display: Exception: " + e.toString());
- context.put("errorString", "Error loading values for Import CA Certificate Panel");
- }
-
- ISubsystem ca = CMS.getSubsystem("ca");
-
- if (ca == null) {
- context.put("ca", "false");
- } else {
- context.put("ca", "true");
- }
-
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
-
- context.put("errorString", "");
- context.put("title", "Import CA's Certificate Chain");
- context.put("panel", "admin/console/config/importcachainpanel.vm");
- context.put("updateStatus", "success");
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
-
- /* This should never be called */
- IConfigStore cs = CMS.getConfigStore();
- try {
- context.put("machineName", cs.getString("machineName"));
- context.put("https_port", cs.getString("pkicreate.ee_secure_port"));
- context.put("http_port", cs.getString("pkicreate.unsecure_port"));
- context.put("title", "Import CA's Certificate Chain");
- context.put("panel", "admin/console/config/importcachainpanel.vm");
- } catch (EBaseException e) {
- }
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ModulePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/ModulePanel.java
deleted file mode 100644
index 00474615f4106ec21d262fe4a709086c5448a11e..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/ModulePanel.java
+++ /dev/null
@@ -1,338 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-import org.mozilla.jss.CryptoManager;
-import org.mozilla.jss.crypto.CryptoToken;
-import org.mozilla.jss.crypto.TokenException;
-import org.mozilla.jss.pkcs11.PK11Module;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.Descriptor;
-import com.netscape.certsrv.property.IDescriptor;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-import com.netscape.cmsutil.crypto.Module;
-
-public class ModulePanel extends WizardPanelBase {
- private CryptoManager mCryptoManager = null;
- private Vector<Module> mSupportedModules = null;
- private Vector<Module> mOtherModules = null;
- private Hashtable<String, PK11Module> mCurrModTable = new Hashtable<String, PK11Module>();
- private WizardServlet mServlet = null;
-
- public ModulePanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Key Store");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Key Store");
- setId(id);
- mServlet = servlet;
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putBoolean("preop.ModulePanel.done", false);
- }
-
- public void loadCurrModTable() {
- try {
- // getting existing modules
- mCryptoManager = CryptoManager.getInstance();
- @SuppressWarnings("unchecked")
- Enumeration<PK11Module> modules = mCryptoManager.getModules();
-
- while (modules.hasMoreElements()) {
- PK11Module mod = modules.nextElement();
-
- CMS.debug("ModulePanel: got module " + mod.getName());
- mCurrModTable.put(mod.getName(), mod);
- } // while
- } catch (Exception e) {
- CMS.debug(
- "ModulePanel: Exception caught in loadCurrModTable: "
- + e.toString());
- System.err.println("Exception caught: " + e.toString());
- }
- }
-
- /*
- * Modules not listed as supported modules
- */
- public void loadOtherModules() {
- Enumeration<PK11Module> m = mCurrModTable.elements();
-
- mOtherModules = new Vector<Module>();
- while (m.hasMoreElements()) {
- PK11Module mod = m.nextElement();
- Enumeration<Module> s = mSupportedModules.elements();
- boolean found = false;
-
- while (s.hasMoreElements()) {
- Module sm = s.nextElement();
-
- if (mod.getName().equals(sm.getCommonName())) {
- found = true;
- break;
- } else {
- found = false;
- }
- }// while
- if (!found) {
- // unsupported, use common name as user friendly name
- Module module = new Module(mod.getName(), mod.getName());
-
- loadModTokens(module, mod);
- module.setFound(true);
- mOtherModules.addElement(module);
- break;
- }
- }// while
- }
-
- /*
- * find all tokens belonging to a module and load the Module
- */
- public void loadModTokens(Module module, PK11Module mod) {
- @SuppressWarnings("unchecked")
- Enumeration<CryptoToken> tokens = mod.getTokens();
-
- while (tokens.hasMoreElements()) {
- try {
- CryptoToken token = tokens.nextElement();
-
- CMS.debug("ModulePanel: token nick name=" + token.getName());
- CMS.debug("ModulePanel: token logged in?" + token.isLoggedIn());
- CMS.debug("ModulePanel: token is present?" + token.isPresent());
- if (!token.getName().equals("Internal Crypto Services Token") &&
- !token.getName().equals("NSS Generic Crypto Services")) {
- module.addToken(token);
- } else {
- CMS.debug(
- "ModulePanel: token " + token.getName()
- + " not to be added");
- }
-
- } catch (TokenException ex) {
- CMS.debug("ModulePanel:" + ex.toString());
- }
- }
- }
-
- /*
- * Modules unsupported by the system will not be included
- */
- public void loadSupportedModules() {
-
- // getting supported security modules
- // a Vectgor of Modules
- mSupportedModules = new Vector<Module>();
- // read from conf store all supported modules
- try {
- int count = CMS.getConfigStore().getInteger(
- "preop.configModules.count");
-
- CMS.debug("ModulePanel: supported modules count= " + count);
- for (int i = 0; i < count; i++) {
- String cn = CMS.getConfigStore().getString(
- "preop.configModules.module" + i + ".commonName");
- String pn = CMS.getConfigStore().getString(
- "preop.configModules.module" + i + ".userFriendlyName");
- String img = CMS.getConfigStore().getString(
- "preop.configModules.module" + i + ".imagePath");
-
- if ((cn == null) || (cn.equals(""))) {
- break;
- }
-
- CMS.debug("ModulePanel: got from config module: " + cn);
- // create a Module object
- Module module = new Module(cn, pn, img);
-
- if (mCurrModTable.containsKey(cn)) {
- CMS.debug("ModulePanel: module found: " + cn);
- module.setFound(true);
- // add token info to module vector
- PK11Module m = mCurrModTable.get(cn);
-
- loadModTokens(module, m);
- }
-
- CMS.debug("ModulePanel: adding module " + cn);
- // add module to set
- if (!mSupportedModules.contains(module)) {
- mSupportedModules.addElement(module);
- }
- }// for
-
- } catch (Exception e) {
- CMS.debug(
- "ModulePanel: Exception caught in loadSupportedModules(): "
- + e.toString());
- System.err.println("Exception caught: " + e.toString());
- }
- }
-
- public PropertySet getUsage() {
- // it a token choice. Available tokens are discovered dynamically so
- // can't be a real CHOICE
- PropertySet set = new PropertySet();
-
- Descriptor tokenDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */
- null, /* default parameter */
- "module token selection");
-
- set.add("choice", tokenDesc);
-
- return set;
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- boolean s = cs.getBoolean("preop.ModulePanel.done",
- false);
-
- if (s != true) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
-
- return false;
- }
-
- public boolean hasSubPanel() {
- return true;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- CMS.debug("ModulePanel: display()");
- context.put("title", "Key Store");
-
- loadCurrModTable();
- loadSupportedModules();
- loadOtherModules();
-
- IConfigStore config = CMS.getConfigStore();
-
- try {
- String s = config.getString("preop.module.token",
- "Internal Key Storage Token");
-
- context.put("defTok", s);
- } catch (Exception e) {
- CMS.debug("ModulePanel:" + e.toString());
- }
-
- context.put("status", "display");
- context.put("oms", mOtherModules);
- context.put("sms", mSupportedModules);
- // context.put("status_token", "None");
- String subpanelno = String.valueOf(getPanelNo() + 1);
- CMS.debug("ModulePanel subpanelno =" + subpanelno);
- context.put("subpanelno", subpanelno);
- context.put("panel", "admin/console/config/modulepanel.vm");
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- boolean hasErr = false;
-
- try {
- // get the value of the choice
- String select = HttpInput.getID(request, "choice");
-
- if (select == null) {
- CMS.debug("ModulePanel: no choice selected");
- hasErr = true;
- throw new IOException("choice not found");
- }
-
- IConfigStore config = CMS.getConfigStore();
- String oldtokenname = config.getString("preop.module.token", "");
- if (!oldtokenname.equals(select))
- mServlet.cleanUpFromPanel(mServlet.getPanelNo(request));
-
- if (hasErr == false) {
- config.putString("preop.module.token", select);
- config.putBoolean("preop.ModulePanel.done", true);
- }
- config.commit(false);
- context.put("updateStatus", "success");
- } catch (Exception e) {
- CMS.debug("ModulePanel: Exception caught: " + e.toString());
- System.err.println("Exception caught: " + e.toString());
- context.put("updateStatus", "failure");
- }
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Security Module");
- context.put("panel", "admin/console/config/modulepanel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/NamePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/NamePanel.java
deleted file mode 100644
index 070e17e7c4a5cc2e3d8a057dde6f640752c65635..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/NamePanel.java
+++ /dev/null
@@ -1,622 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-import java.net.URL;
-import java.util.Enumeration;
-import java.util.StringTokenizer;
-import java.util.Vector;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.apache.velocity.context.Context;
-import org.xml.sax.SAXException;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.EPropertyNotFound;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.base.ISubsystem;
-import com.netscape.certsrv.ca.ICertificateAuthority;
-import com.netscape.certsrv.property.Descriptor;
-import com.netscape.certsrv.property.IDescriptor;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class NamePanel extends WizardPanelBase {
- private Vector<Cert> mCerts = null;
- private WizardServlet mServlet = null;
-
- public NamePanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Subject Names");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Subject Names");
- setId(id);
- mServlet = servlet;
- }
-
- /**
- * Returns the usage.XXX usage needs to be made dynamic
- */
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- Descriptor caDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */
- null, /* no default parameter */
- "CA Signing Certificate's DN");
-
- set.add("caDN", caDN);
-
- Descriptor sslDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */
- null, /* no default parameter */
- "SSL Server Certificate's DN");
-
- set.add("sslDN", sslDN);
-
- Descriptor subsystemDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */
- null, /* no default parameter */
- "CA Subsystem Certificate's DN");
-
- set.add("subsystemDN", subsystemDN);
-
- Descriptor ocspDN = new Descriptor(IDescriptor.STRING, null, /* no constraint */
- null, /* no default parameter */
- "OCSP Signing Certificate's DN");
-
- set.add("ocspDN", ocspDN);
-
- return set;
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- try {
- @SuppressWarnings("unused")
- boolean done = cs.getBoolean("preop.NamePanel.done"); // check for errors
- cs.putBoolean("preop.NamePanel.done", false);
- cs.commit(false);
- } catch (Exception e) {
- }
-
- String list = "";
- try {
- list = cs.getString("preop.cert.list", "");
- } catch (Exception e) {
- }
-
- StringTokenizer st = new StringTokenizer(list, ",");
- while (st.hasMoreTokens()) {
- String t = st.nextToken();
- cs.remove("preop.cert." + t + ".done");
- }
-
- try {
- cs.commit(false);
- } catch (Exception e) {
- }
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- boolean s = cs.getBoolean("preop.NamePanel.done", false);
- if (s != true) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
-
- return false;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- CMS.debug("NamePanel: display()");
- context.put("title", "Subject Names");
-
- // update session id
- String session_id = request.getParameter("session_id");
- if (session_id != null) {
- CMS.debug("NamePanel setting session id.");
- CMS.setConfigSDSessionId(session_id);
- }
-
- mCerts = new Vector<Cert>();
-
- String domainname = "";
- IConfigStore config = CMS.getConfigStore();
- String select = "";
- String hselect = "";
- String cstype = "";
- String domainType = "";
- try {
- //if CA, at the hierarchy panel, was it root or subord?
- hselect = config.getString("preop.hierarchy.select", "");
- select = config.getString("preop.subsystem.select", "");
- cstype = config.getString("cs.type", "");
- domainType = config.getString("preop.securitydomain.select", "");
- context.put("select", select);
- if (cstype.equals("CA") && hselect.equals("root")) {
- CMS.debug("NamePanel ca is root");
- context.put("isRoot", "true");
- } else {
- CMS.debug("NamePanel not ca or not root");
- context.put("isRoot", "false");
- }
- } catch (Exception e) {
- }
-
- try {
- domainname = config.getString("securitydomain.name", "");
-
- String certTags = config.getString("preop.cert.list");
- // same token for now
- String token = config.getString(PRE_CONF_CA_TOKEN);
- StringTokenizer st = new StringTokenizer(certTags, ",");
- String domaintype = config.getString("securitydomain.select");
- int count = 0;
- String host = "";
- int sd_admin_port = -1;
- if (domaintype.equals("existing")) {
- host = config.getString("securitydomain.host", "");
- sd_admin_port = config.getInteger("securitydomain.httpsadminport", -1);
- count = ConfigurationUtils.getSubsystemCount(host, sd_admin_port, true, cstype);
- }
-
- while (st.hasMoreTokens()) {
- String certTag = st.nextToken();
-
- CMS.debug("NamePanel: display() about to process certTag :" + certTag);
- String nn = config.getString(
- PCERT_PREFIX + certTag + ".nickname");
- Cert c = new Cert(token, nn, certTag);
- String userfriendlyname = config.getString(
- PCERT_PREFIX + certTag + ".userfriendlyname");
- String subsystem = config.getString(
- PCERT_PREFIX + certTag + ".subsystem");
-
- c.setUserFriendlyName(userfriendlyname);
-
- String type = config.getString(PCERT_PREFIX + certTag + ".type");
- c.setType(type);
- boolean enable = config.getBoolean(PCERT_PREFIX + certTag + ".enable", true);
- c.setEnable(enable);
-
- String cert = config.getString(subsystem + "." + certTag + ".cert", "");
- String certreq =
- config.getString(subsystem + "." + certTag + ".certreq", "");
-
- String dn = config.getString(PCERT_PREFIX + certTag + ".dn");
- boolean override = config.getBoolean(PCERT_PREFIX + certTag +
- ".cncomponent.override", true);
- //o_sd is to add o=secritydomainname
- boolean o_sd = config.getBoolean(PCERT_PREFIX + certTag +
- "o_securitydomain", true);
- domainname = config.getString("securitydomain.name", "");
- CMS.debug("NamePanel: display() override is " + override);
- CMS.debug("NamePanel: display() o_securitydomain is " + o_sd);
- CMS.debug("NamePanel: display() domainname is " + domainname);
-
- boolean dnUpdated = false;
- try {
- dnUpdated = config.getBoolean(PCERT_PREFIX + certTag + ".updatedDN");
- } catch (Exception e) {
- }
-
- try {
- @SuppressWarnings("unused")
- boolean done = config.getBoolean("preop.NamePanel.done"); // check for errors
- c.setDN(dn);
- } catch (Exception e) {
- String instanceId = config.getString("service.instanceID", "");
- if (select.equals("clone") || dnUpdated) {
- c.setDN(dn);
- } else if (count != 0 && override && (cert.equals("") || certreq.equals(""))) {
- CMS.debug("NamePanel subsystemCount = " + count);
- c.setDN(dn + " " + count +
- ((!instanceId.equals("")) ? (",OU=" + instanceId) : "") +
- ((o_sd) ? (",O=" + domainname) : ""));
- config.putBoolean(PCERT_PREFIX + certTag + ".updatedDN", true);
- } else {
- c.setDN(dn +
- ((!instanceId.equals("")) ? (",OU=" + instanceId) : "") +
- ((o_sd) ? (",O=" + domainname) : ""));
- config.putBoolean(PCERT_PREFIX + certTag + ".updatedDN", true);
- }
- }
-
- mCerts.addElement(c);
- CMS.debug(
- "NamePanel: display() added cert to mCerts: certTag "
- + certTag);
- config.putString(PCERT_PREFIX + c.getCertTag() + ".dn", c.getDN());
- }// while
- } catch (EBaseException e) {
- CMS.debug("NamePanel: display() exception caught:" + e.toString());
- } catch (Exception e) {
- CMS.debug("NamePanel: " + e.toString());
- }
-
- CMS.debug("NamePanel: Ready to get SSL EE HTTPS urls");
- Vector<String> v = null;
- if (!domainType.equals("new")) {
- try {
- v = ConfigurationUtils.getUrlListFromSecurityDomain(config, "CA", "SecurePort");
- } catch (Exception e) {
- CMS.debug("NamePanel: display(): Exception thrown in getUrlListFromSecurityDomain " + e);
- e.printStackTrace();
- }
- }
- if (v == null) {
- v = new Vector<String>();
- }
- v.addElement("External CA");
-
- StringBuffer list = new StringBuffer();
- int size = v.size();
-
- for (int i = 0; i < size; i++) {
- if (i == size - 1) {
- list.append(v.elementAt(i));
- } else {
- list.append(v.elementAt(i));
- list.append(",");
- }
- }
-
- try {
- config.putString("preop.ca.list", list.toString());
- config.commit(false);
- } catch (Exception e) {
- }
-
- context.put("urls", v);
-
- context.put("certs", mCerts);
- context.put("panel", "admin/console/config/namepanel.vm");
- context.put("errorString", "");
-
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- Enumeration<Cert> c = mCerts.elements();
-
- while (c.hasMoreElements()) {
- Cert cert = c.nextElement();
- // get the dn's and put in config
- if (cert.isEnable()) {
- String dn = HttpInput.getDN(request, cert.getCertTag());
-
- if (dn == null || dn.length() == 0) {
- context.put("updateStatus", "validate-failure");
- throw new IOException("Empty DN for " + cert.getUserFriendlyName());
- }
- }
- } // while
- }
-
- public void configCertWithTag(HttpServletRequest request,
- HttpServletResponse response,
- Context context, String tag) throws IOException {
- CMS.debug("NamePanel: configCertWithTag start");
- Enumeration<Cert> c = mCerts.elements();
- IConfigStore config = CMS.getConfigStore();
-
- while (c.hasMoreElements()) {
- Cert cert = c.nextElement();
- String ct = cert.getCertTag();
- CMS.debug("NamePanel: configCertWithTag ct=" + ct + " tag=" + tag);
- if (ct.equals(tag)) {
- try {
- String nickname = HttpInput.getNickname(request, ct + "_nick");
- if (nickname != null) {
- CMS.debug("configCertWithTag: Setting nickname for " + ct + " to " + nickname);
- config.putString(PCERT_PREFIX + ct + ".nickname", nickname);
- cert.setNickname(nickname);
- config.commit(false);
- }
- String dn = HttpInput.getDN(request, ct);
- if (dn != null) {
- config.putString(PCERT_PREFIX + ct + ".dn", dn);
- config.commit(false);
- }
- } catch (Exception e) {
- CMS.debug("NamePanel: configCertWithTag: Exception in setting nickname for "
- + ct + ": " + e.toString());
- }
-
- ConfigurationUtils.configCert(request, response, context, cert, this);
- CMS.debug("NamePanel: configCertWithTag done with tag=" + tag);
- return;
- }
- }
- CMS.debug("NamePanel: configCertWithTag done");
- }
-
- private boolean inputChanged(HttpServletRequest request)
- throws IOException {
- IConfigStore config = CMS.getConfigStore();
-
- boolean hasChanged = false;
- try {
- Enumeration<Cert> c = mCerts.elements();
-
- while (c.hasMoreElements()) {
- Cert cert = c.nextElement();
- String ct = cert.getCertTag();
- boolean enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true);
- if (!enable)
- continue;
-
- String olddn = config.getString(PCERT_PREFIX + cert.getCertTag() + ".dn", "");
- // get the dn's and put in config
- String dn = HttpInput.getDN(request, cert.getCertTag());
-
- if (!olddn.equals(dn))
- hasChanged = true;
-
- String oldnick = config.getString(PCERT_PREFIX + ct + ".nickname");
- String nick = HttpInput.getNickname(request, ct + "_nick");
- if (!oldnick.equals(nick))
- hasChanged = true;
-
- }
- } catch (Exception e) {
- }
-
- return hasChanged;
- }
-
- public String getURL(HttpServletRequest request, IConfigStore config) {
- String index = request.getParameter("urls");
- if (index == null) {
- return null;
- }
- String url = "";
- if (index.startsWith("http")) {
- // user may submit url directlry
- url = index;
- } else {
- try {
- int x = Integer.parseInt(index);
- String list = config.getString("preop.ca.list", "");
- StringTokenizer tokenizer = new StringTokenizer(list, ",");
- int counter = 0;
-
- while (tokenizer.hasMoreTokens()) {
- url = tokenizer.nextToken();
- if (counter == x) {
- break;
- }
- counter++;
- }
- } catch (Exception e) {
- }
- }
- return url;
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- CMS.debug("NamePanel: in update()");
-
- if (inputChanged(request)) {
- mServlet.cleanUpFromPanel(mServlet.getPanelNo(request));
- } else if (isPanelDone()) {
- context.put("updateStatus", "success");
- return;
- }
-
- IConfigStore config = CMS.getConfigStore();
- ISubsystem subsystem = CMS.getSubsystem(ICertificateAuthority.ID);
-
- try {
- //if CA, at the hierarchy panel, was it root or subord?
- String hselect = config.getString("preop.hierarchy.select", "");
- String cstype = config.getString("preop.subsystem.select", "");
- if (cstype.equals("clone")) {
- CMS.debug("NamePanel: clone configuration detected");
- // still need to handle SSL certificate
- configCertWithTag(request, response, context, "sslserver");
- String url = getURL(request, config);
- if (url != null && !url.equals("External CA")) {
- // preop.ca.url and admin port are required for setting KRA connector
- url = url.substring(url.indexOf("https"));
- config.putString("preop.ca.url", url);
-
- URL urlx = new URL(url);
- updateCloneSDCAInfo(request, context, urlx.getHost(), urlx.getPort());
-
- }
- ConfigurationUtils.updateCloneConfig();
- CMS.debug("NamePanel: clone configuration done");
- context.put("updateStatus", "success");
- return;
- }
-
- //if no hselect, then not CA
- if (hselect.equals("") || hselect.equals("join")) {
- String url = getURL(request, config);
-
- URL urlx = null;
-
- if (url.equals("External CA")) {
- CMS.debug("NamePanel: external CA selected");
- config.putString("preop.ca.type", "otherca");
- if (subsystem != null) {
- config.putString(PCERT_PREFIX + "signing.type", "remote");
- }
-
- config.putString("preop.ca.pkcs7", "");
- config.putInteger("preop.ca.certchain.size", 0);
- context.put("check_otherca", "checked");
- CMS.debug("NamePanel: update: this is the external CA.");
- } else {
- CMS.debug("NamePanel: local CA selected");
- url = url.substring(url.indexOf("https"));
- config.putString("preop.ca.url", url);
-
- urlx = new URL(url);
- String host = urlx.getHost();
- int port = urlx.getPort();
- String domainXML = config.getString("preop.domainXML");
- int admin_port = ConfigurationUtils.getPortFromSecurityDomain(domainXML,
- host, port, "CA", "SecurePort", "SecureAdminPort");
-
- config.putString("preop.ca.type", "sdca");
- config.putString("preop.ca.hostname", host);
- config.putInteger("preop.ca.httpsport", port);
- config.putInteger("preop.ca.httpsadminport", admin_port);
-
- context.put("check_sdca", "checked");
- context.put("sdcaHostname", host);
- context.put("sdHttpPort", port);
-
- ConfigurationUtils.importCertChain(host, admin_port, "/ca/admin/ca/getCertChain", "ca");
-
- if (subsystem != null) {
- config.putString(PCERT_PREFIX + "signing.type", "remote");
- config.putString(PCERT_PREFIX + "signing.profile", "caInstallCACert");
- }
- }
- config.commit(false);
-
- }
-
- Enumeration<Cert> c = mCerts.elements();
-
- while (c.hasMoreElements()) {
- Cert cert = c.nextElement();
- String ct = cert.getCertTag();
- boolean enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true);
- if (!enable)
- continue;
-
- boolean certDone = config.getBoolean(PCERT_PREFIX + ct + ".done", false);
- if (certDone)
- continue;
-
- // get the nicknames and put in config
- String nickname = HttpInput.getNickname(request, ct + "_nick");
- if (nickname != null) {
- CMS.debug("NamePanel: update: Setting nickname for " + ct + " to " + nickname);
- config.putString(PCERT_PREFIX + ct + ".nickname", nickname);
- cert.setNickname(nickname);
- } else {
- nickname = cert.getNickname();
- }
-
- // get the dn's and put in config
- String dn = HttpInput.getDN(request, ct);
-
- config.putString(PCERT_PREFIX + ct + ".dn", dn);
- // commit here in case it changes
- config.commit(false);
-
- ConfigurationUtils.configCert(request, response, context, cert, this);
- config.putBoolean("preop.cert." + cert.getCertTag() + ".done", true);
- config.commit(false);
-
- } // while
-
- config.putBoolean("preop.NamePanel.done", true);
- config.commit(false);
- } catch (Exception e) {
- CMS.debug("NamPanel - update(): Exception thrown : " + e);
- e.printStackTrace();
- context.put("updateStatus", "failure");
- throw new IOException(e);
- }
- context.put("updateStatus", "success");
-
- CMS.debug("NamePanel: update() done");
- }
-
- private void updateCloneSDCAInfo(HttpServletRequest request, Context context, String hostname, int httpsPort)
- throws IOException, EPropertyNotFound, EBaseException, SAXException, ParserConfigurationException {
- CMS.debug("NamePanel updateCloneSDCAInfo: selected CA hostname=" + hostname + " port=" + httpsPort);
- IConfigStore config = CMS.getConfigStore();
-
- if (hostname == null || hostname.length() == 0) {
- context.put("errorString", "Hostname is null");
- throw new IOException("Hostname is null");
- }
-
- // Retrieve the associated HTTPS Admin port so that it
- // may be stored for use with ImportAdminCertPanel
- String domainXML = config.getString("preop.domainXML");
- int https_admin_port = ConfigurationUtils.getPortFromSecurityDomain(domainXML,
- hostname, httpsPort, "CA", "SecurePort", "SecureAdminPort");
-
- config.putString("preop.ca.hostname", hostname);
- config.putInteger("preop.ca.httpsport", httpsPort);
- config.putInteger("preop.ca.httpsadminport", https_admin_port);
- }
-
- public void initParams(HttpServletRequest request, Context context)
- throws IOException {
- context.put("certs", mCerts);
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- try {
- initParams(request, context);
- } catch (IOException e) {
- }
- context.put("title", "Subject Names");
- context.put("panel", "admin/console/config/namepanel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java
deleted file mode 100644
index 243e7e839872ab7949436a2abfbb480a6802c49c..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java
+++ /dev/null
@@ -1,235 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.File;
-import java.io.IOException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class RestoreKeyCertPanel extends WizardPanelBase {
-
- public RestoreKeyCertPanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Import Keys and Certificates");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Import Keys and Certificates");
- setId(id);
- }
-
- /**
- * Should we skip this panel for the configuration.
- */
- public boolean shouldSkip() {
- CMS.debug("RestoreKeyCertPanel: should skip");
-
- IConfigStore cs = CMS.getConfigStore();
- // if we are root, no need to get the certificate chain.
-
- try {
- String select = cs.getString("preop.subsystem.select", "");
- if (select.equals("clone")) {
- return false;
- }
- } catch (EBaseException e) {
- }
-
- return true;
- }
-
- public boolean isSubPanel() {
- return true;
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- /* clean up if necessary */
- try {
- @SuppressWarnings("unused")
- boolean done = cs.getBoolean("preop.restorekeycert.done"); // check for errors
- cs.putBoolean("preop.restorekeycert.done", false);
- cs.commit(false);
- } catch (Exception e) {
- }
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.restorekeycert.done", "");
- if (s == null || s.equals("")) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- /* XXX */
-
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Import Keys and Certificates");
- IConfigStore config = CMS.getConfigStore();
-
- if (isPanelDone()) {
-
- try {
- String s = config.getString("preop.pk12.path", "");
- context.put("path", s);
- } catch (Exception e) {
- CMS.debug(e.toString());
- }
- } else {
- context.put("path", "");
- }
-
- context.put("password", "");
- context.put("panel", "admin/console/config/restorekeycertpanel.vm");
- context.put("errorString", "");
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore config = CMS.getConfigStore();
- String tokenname = "";
- try {
- tokenname = config.getString("preop.module.token", "");
- } catch (Exception e) {
- }
-
- if (!tokenname.equals("Internal Key Storage Token"))
- return;
-
- // Path can be empty. If this case, we just want to
- // get to the next panel. Customer has HSM.
- String s = HttpInput.getString(request, "path");
-
- if (s != null && !s.equals("")) {
- s = HttpInput.getPassword(request, "__password");
- if (s == null || s.equals("")) {
- CMS.debug("RestoreKeyCertPanel validate: password is empty");
- context.put("updateStatus", "validate-failure");
- throw new IOException("Empty password");
- }
- }
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore config = CMS.getConfigStore();
- try {
- ConfigurationUtils.getConfigEntriesFromMaster();
-
- String path = HttpInput.getString(request, "path");
- if (path == null || path.equals("")) {
- // skip to next panel
- config.putBoolean("preop.restorekeycert.done", true);
- config.commit(false);
- context.put("updateStatus", "success");
- return;
- }
-
- String pwd = HttpInput.getPassword(request, "__password");
-
- String tokenn = config.getString("preop.module.token");
- if (tokenn.equals("Internal Key Storage Token")) {
- String instanceRoot = config.getString("instanceRoot");
- String p12File = instanceRoot + File.separator + "alias" +
- File.separator + path;
- ConfigurationUtils.restoreCertsFromP12(p12File, pwd);
- }
-
- String subsystemtype = config.getString("preop.subsystem.select", "");
- if (subsystemtype.equals("clone")) {
- CMS.debug("RestoreKeyCertPanel: this is the clone subsystem");
- boolean cloneReady = ConfigurationUtils.isCertdbCloned();
- if (!cloneReady) {
- CMS.debug("RestoreKeyCertPanel update: clone does not have all the certificates.");
- throw new IOException("Clone is not ready");
- }
- }
-
- config.putBoolean("preop.restorekeycert.done", true);
- config.commit(false);
- } catch (Exception e) {
- CMS.debug("RestoreKeyCertPanel update: exception thrown:" + e);
- e.printStackTrace();
- context.put("errorString", e.toString());
- context.put("updateStatus", "failure");
- throw new IOException(e);
- }
-
- context.put("updateStatus", "success");
- }
-
- /**
- * If validate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Import Keys and Certificates");
- context.put("password", "");
- context.put("path", "");
- context.put("panel", "admin/console/config/restorekeycertpanel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java
deleted file mode 100644
index cdcefbfe722b07e35fb770aea306f7e7698a02e4..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SavePKCS12Panel.java
+++ /dev/null
@@ -1,144 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class SavePKCS12Panel extends WizardPanelBase {
-
- public SavePKCS12Panel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Save Keys and Certificates");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Save Keys and Certificates");
- setId(id);
- }
-
- public void cleanUp() throws IOException {
- }
-
- public boolean shouldSkip() {
- IConfigStore cs = CMS.getConfigStore();
-
- try {
- boolean enable = cs.getBoolean("preop.backupkeys.enable", false);
- if (!enable)
- return true;
- } catch (Exception e) {
- }
-
- return false;
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.backupkeycert.done", "");
- if (s == null || s.equals("")) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- return set;
- }
-
- public boolean isSubPanel() {
- return true;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Save Keys and Certificates");
- IConfigStore config = CMS.getConfigStore();
- String subsystemtype = "";
- try {
- subsystemtype = config.getString("cs.type", "");
- } catch (Exception e) {
- }
-
- subsystemtype = subsystemtype.toLowerCase();
-
- context.put("panel", "admin/console/config/savepkcs12panel.vm");
- context.put("subsystemtype", subsystemtype);
- context.put("errorString", "");
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response, Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- context.put("title", "Save Keys and Certificates");
- context.put("panel", "admin/console/config/savepkcs12panel.vm");
- context.put("updateStatus", "success");
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Save Keys and Certificates");
- context.put("panel", "admin/console/config/savepkcs12panel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java
deleted file mode 100644
index 3bc8169bb1b90df4e7211c53816cf570f53d6ad4..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SecurityDomainPanel.java
+++ /dev/null
@@ -1,482 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.util.StringTokenizer;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class SecurityDomainPanel extends WizardPanelBase {
-
- public SecurityDomainPanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("Security Domain");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Security Domain");
- setId(id);
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putString("preop.securitydomain.select", "");
- cs.putString("securitydomain.select", "");
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.securitydomain.select", "");
- if (s == null || s.equals("")) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- /* XXX */
-
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- context.put("title", "Security Domain");
- IConfigStore config = CMS.getConfigStore();
- String errorString = "";
- String default_admin_url = "";
- String name = "";
- String systemdInstanceId = "";
-
- try {
- default_admin_url = config.getString("preop.securitydomain.admin_url", "");
- name = config.getString("preop.securitydomain.name", "");
- systemdInstanceId = config.getString("service.instanceID", "");
- } catch (Exception e) {
- CMS.debug(e.toString());
- }
- if (isPanelDone()) {
- try {
- String s = config.getString("preop.securitydomain.select");
-
- if (s.equals("new")) {
- context.put("check_newdomain", "checked");
- context.put("check_existingdomain", "");
- } else if (s.equals("existing")) {
- context.put("check_newdomain", "");
- context.put("check_existingdomain", "checked");
- }
- } catch (Exception e) {
- CMS.debug(e.toString());
- }
- } else {
- context.put("check_newdomain", "checked");
- context.put("check_existingdomain", "");
- }
-
- try {
- context.put("cstype", config.getString("cs.type"));
- context.put("wizardname", config.getString("preop.wizard.name"));
- context.put("panelname", "Security Domain Configuration");
- context.put("systemname", config.getString("preop.system.name"));
- context.put("machineName", config.getString("machineName"));
- context.put("http_ee_port", CMS.getEENonSSLPort());
- context.put("https_agent_port", CMS.getAgentPort());
- context.put("https_ee_port", CMS.getEESSLPort());
- context.put("https_admin_port", CMS.getAdminPort());
- context.put("sdomainAdminURL", default_admin_url);
- } catch (EBaseException e) {
- }
-
- context.put("panel", "admin/console/config/securitydomainpanel.vm");
- context.put("errorString", errorString);
-
- // from default_admin_url, find hostname, if fully qualified, get
- // network domain name and generate default security domain name
- if (name.equals("") && (default_admin_url != null)) {
- try {
- URL u = new URL(default_admin_url);
-
- String hostname = u.getHost();
- StringTokenizer st = new StringTokenizer(hostname, ".");
- boolean first = true;
- int numTokens = st.countTokens();
- int count = 0;
- String defaultDomain = "";
- StringBuffer sb = new StringBuffer();
- while (st.hasMoreTokens()) {
- count++;
- String n = st.nextToken();
- if (first) { //skip the hostname
- first = false;
- continue;
- }
- if (count == numTokens) // skip the last element (e.g. com)
- continue;
- sb.append((defaultDomain.length() == 0) ? "" : " ");
- sb.append(capitalize(n));
- }
- defaultDomain = sb.toString() + " " + "Domain";
- name = defaultDomain;
- CMS.debug("SecurityDomainPanel: defaultDomain generated:" + name);
- } catch (MalformedURLException e) {
- errorString = "Malformed URL";
- // not being able to come up with default domain name is ok
- }
- }
- context.put("sdomainName", name);
-
- if (default_admin_url != null) {
- String r = null;
-
- try {
- // check to see if "default" security domain exists
- // on local machine
- URL u = new URL(default_admin_url);
-
- String hostname = u.getHost();
- int port = u.getPort();
- ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback();
- r = pingCS(hostname, port, true, certApprovalCallback);
- } catch (Exception e) {
- CMS.debug("SecurityDomainPanel: exception caught: "
- + e.toString());
- }
-
- if (r != null) {
- // "default" security domain exists on local machine;
- // fill "sdomainURL" in with "default" security domain
- // as an initial "guess"
- CMS.debug("SecurityDomainPanel: pingCS returns: " + r);
- context.put("sdomainURL", default_admin_url);
- } else {
- // "default" security domain does NOT exist on local machine;
- // leave "sdomainURL" blank
- CMS.debug("SecurityDomainPanel: pingCS no successful response");
- context.put("sdomainURL", "");
- }
- }
-
- // Information for "existing" Security Domain CAs
- String initDaemon = "<pki_ca_instance_name>";
- String instanceId = "<security_domain_instance_name>";
- String os = System.getProperty("os.name");
- if (os.equalsIgnoreCase("Linux")) {
- if (!systemdInstanceId.equals("")) {
- context.put("initCommand", "/usr/bin/pkidaemon");
- context.put("instanceId", "tomcat " + systemdInstanceId);
- } else {
- context.put("initCommand", "/sbin/service " + initDaemon);
- context.put("instanceId", instanceId);
- }
- } else {
- /* default case: e. g. - ( os.equalsIgnoreCase( "SunOS" ) */
- context.put("initCommand", "/etc/init.d/" + initDaemon);
- context.put("instanceId", instanceId);
- }
- }
-
- public static String capitalize(String s) {
- if (s.length() == 0) {
- return s;
- } else {
- return s.substring(0, 1).toUpperCase() + s.substring(1);
- }
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
-
- String select = HttpInput.getID(request, "choice");
- if (select.equals("newdomain")) {
- String name = HttpInput.getSecurityDomainName(request, "sdomainName");
- if (name == null || name.equals("")) {
- initParams(request, context);
- context.put("updateStatus", "validate-failure");
- throw new IOException("Missing name value for the security domain");
- }
- } else if (select.equals("existingdomain")) {
- CMS.debug("SecurityDomainPanel: validating "
- + "SSL Admin HTTPS . . .");
- String admin_url = HttpInput.getURL(request, "sdomainURL");
- if (admin_url == null || admin_url.equals("")) {
- initParams(request, context);
- context.put("updateStatus", "validate-failure");
- throw new IOException("Missing SSL Admin HTTPS url value "
- + "for the security domain");
- } else {
- String r = null;
-
- try {
- URL u = new URL(admin_url);
-
- String hostname = u.getHost();
- int admin_port = u.getPort();
- ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback();
- r = pingCS(hostname, admin_port, true,
- certApprovalCallback);
- } catch (Exception e) {
- CMS.debug("SecurityDomainPanel: exception caught: "
- + e.toString());
- context.put("updateStatus", "validate-failure");
- throw new IOException("Illegal SSL Admin HTTPS url value "
- + "for the security domain");
- }
-
- if (r != null) {
- CMS.debug("SecurityDomainPanel: pingAdminCS returns: "
- + r);
- context.put("sdomainURL", admin_url);
- } else {
- CMS.debug("SecurityDomainPanel: pingAdminCS "
- + "no successful response for SSL Admin HTTPS");
- context.put("sdomainURL", "");
- }
- }
- }
- }
-
- public void initParams(HttpServletRequest request, Context context)
- throws IOException {
- IConfigStore config = CMS.getConfigStore();
- try {
- context.put("cstype", config.getString("cs.type"));
- } catch (Exception e) {
- }
-
- String select = request.getParameter("choice");
- if (select.equals("newdomain")) {
- context.put("check_newdomain", "checked");
- context.put("check_existingdomain", "");
- } else if (select.equals("existingdomain")) {
- context.put("check_newdomain", "");
- context.put("check_existingdomain", "checked");
- }
-
- String name = request.getParameter("sdomainName");
- if (name == null)
- name = "";
- context.put("sdomainName", name);
-
- String admin_url = request.getParameter("sdomainURL");
- if (admin_url == null)
- admin_url = "";
- context.put("sdomainURL", admin_url);
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- String select = HttpInput.getID(request, "choice");
-
- if (select == null) {
- CMS.debug("SecurityDomainPanel: choice not found");
- context.put("updateStatus", "failure");
- throw new IOException("choice not found");
- }
- IConfigStore config = CMS.getConfigStore();
-
- try {
- if (select.equals("newdomain")) {
- config.putString("preop.securitydomain.select", "new");
- config.putString("securitydomain.select", "new");
- config.putString("preop.securitydomain.name", HttpInput.getDomainName(request, "sdomainName"));
- config.putString("securitydomain.name", HttpInput.getDomainName(request, "sdomainName"));
- config.putString("securitydomain.host", CMS.getEENonSSLHost());
- config.putString("securitydomain.httpport", CMS.getEENonSSLPort());
- config.putString("securitydomain.httpsagentport", CMS.getAgentPort());
- config.putString("securitydomain.httpseeport", CMS.getEESSLPort());
- config.putString("securitydomain.httpsadminport", CMS.getAdminPort());
-
- // make sure the subsystem certificate is issued locallly
- config.putString("preop.cert.subsystem.type", "local");
- config.putString("preop.cert.subsystem.profile", "subsystemCert.profile");
-
- config.commit(false);
- } else if (select.equals("existingdomain")) {
- config.putString("preop.securitydomain.select", "existing");
- config.putString("securitydomain.select", "existing");
-
- // make sure the subsystem certificate is issued by the security domain
- config.putString("preop.cert.subsystem.type", "remote");
- config.putString("preop.cert.subsystem.profile", "caInternalAuthSubsystemCert");
-
- String admin_url = HttpInput.getURL(request, "sdomainURL");
- String hostname = "";
- int admin_port = -1;
-
- if (admin_url != null) {
- URL admin_u = new URL(admin_url);
- hostname = admin_u.getHost();
- admin_port = admin_u.getPort();
- context.put("sdomainURL", admin_url);
- config.putString("securitydomain.host", hostname);
- config.putInteger("securitydomain.httpsadminport", admin_port);
- }
- config.commit(false);
-
- ConfigurationUtils.importCertChain(hostname, admin_port, "/ca/admin/ca/getCertChain", "securitydomain");
- } else {
- CMS.debug("SecurityDomainPanel: invalid choice " + select);
- throw new IOException("invalid choice " + select);
- }
-
- config.commit(false);
-
- context.put("cstype", config.getString("cs.type"));
- context.put("wizardname", config.getString("preop.wizard.name"));
- context.put("panelname", "Security Domain Configuration");
- context.put("systemname", config.getString("preop.system.name"));
- } catch (Exception e) {
- CMS.debug("SecurityDomainPanel update(): Exception thrown:" + e);
- e.printStackTrace();
- context.put("errorString", e.toString());
- context.put("updateStatus", "failure");
- throw new IOException(e);
- }
-
- context.put("updateStatus", "success");
- }
-
- /**
- * If validate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- IConfigStore config = CMS.getConfigStore();
- String default_admin_url = "";
- try {
- initParams(request, context);
- } catch (IOException e) {
- }
-
- try {
- default_admin_url = config.getString("preop.securitydomain.admin_url", "");
- } catch (Exception e) {
- }
-
- if (default_admin_url != null) {
- String r = null;
-
- try {
- // check to see if "default" security domain exists on local machine
- URL u = new URL(default_admin_url);
-
- String hostname = u.getHost();
- int port = u.getPort();
- ConfigCertApprovalCallback certApprovalCallback = new ConfigCertApprovalCallback();
- r = pingCS(hostname, port, true, certApprovalCallback);
- } catch (Exception e) {
- }
-
- if (r != null) {
- // "default" security domain exists on local machine;
- // refill "sdomainURL" in with "default" security domain
- // as an initial "guess"
- context.put("sdomainURL", default_admin_url);
- } else {
- // "default" security domain does NOT exist on local machine;
- // leave "sdomainURL" blank
- context.put("sdomainURL", "");
- }
- }
-
- try {
- context.put("machineName", config.getString("machineName"));
- context.put("http_ee_port", CMS.getEENonSSLPort());
- context.put("https_agent_port", CMS.getAgentPort());
- context.put("https_ee_port", CMS.getEESSLPort());
- context.put("https_admin_port", CMS.getAdminPort());
- context.put("sdomainAdminURL",
- config.getString("preop.securitydomain.admin_url"));
- } catch (EBaseException e) {
- }
-
- // Information for "existing" Security Domain CAs
- String initDaemon = "<pki_ca_instance_name>";
- String instanceId = "<security_domain_instance_name>";
- String os = System.getProperty("os.name");
- String systemdInstanceId = "";
-
- try {
- systemdInstanceId = config.getString("service.instanceID", "");
- } catch (Exception e) {
- CMS.debug(e.toString());
- }
-
- if (os.equalsIgnoreCase("Linux")) {
- if (!systemdInstanceId.equals("")) {
- context.put("initCommand", "/usr/bin/pkidaemon");
- context.put("instanceId", "tomcat " + systemdInstanceId);
- } else {
- context.put("initCommand", "/sbin/service " + initDaemon);
- context.put("instanceId", instanceId);
- }
- } else {
- /* default case: e. g. - ( os.equalsIgnoreCase( "SunOS" ) */
- context.put("initCommand", "/etc/init.d/" + initDaemon);
- context.put("instanceId", instanceId);
- }
-
- context.put("title", "Security Domain");
- context.put("panel", "admin/console/config/securitydomainpanel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SizePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/SizePanel.java
deleted file mode 100644
index 45a4fe106e37ab152718793760c26b76954050cc..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/SizePanel.java
+++ /dev/null
@@ -1,491 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-import java.util.Enumeration;
-import java.util.StringTokenizer;
-import java.util.Vector;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.Descriptor;
-import com.netscape.certsrv.property.IDescriptor;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class SizePanel extends WizardPanelBase {
- private Vector<Cert> mCerts = null;
- private WizardServlet mServlet = null;
-
- private String default_ecc_curve_name;
- private String default_rsa_key_size;
- private boolean mShowSigning = false;
-
- public SizePanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Key Pairs");
- setId(id);
- mServlet = servlet;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- Descriptor choiceDesc =
- new Descriptor(
- IDescriptor.CHOICE,
- "default,custom",
- null, /* no default parameter */
- "If 'default', the key size will be configured automatically. If 'custom', the key size will be set to the value of the parameter 'custom_size'.");
-
- set.add("choice", choiceDesc);
-
- Descriptor customSizeDesc = new Descriptor(IDescriptor.STRING, null, /* no constraint */
- null, /* no default parameter */
- "Custom Key Size");
-
- set.add("custom_size", customSizeDesc);
-
- return set;
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- /* clean up if necessary*/
- try {
- @SuppressWarnings("unused")
- boolean done = cs.getBoolean("preop.SizePanel.done"); // check for errors
- cs.putBoolean("preop.SizePanel.done", false);
- cs.commit(false);
- } catch (Exception e) {
- }
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- boolean s = cs.getBoolean("preop.SizePanel.done", false);
- if (s != true) {
- return false;
- } else {
- return true;
- }
- } catch (EBaseException e) {
- }
-
- return false;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- CMS.debug("SizePanel: display()");
- try {
- initParams(request, context);
- } catch (IOException e) {
- }
-
- context.put("firsttime", "false");
- String errorString = "";
- mCerts = new Vector<Cert>();
-
- IConfigStore config = CMS.getConfigStore();
- try {
- @SuppressWarnings("unused")
- boolean done = config.getBoolean("preop.SizePanel.done"); // check whether it's first time
- } catch (Exception e) {
- context.put("firsttime", "true");
- }
-
- try {
- default_ecc_curve_name = config.getString("keys.ecc.curve.default", "nistp256");
- } catch (Exception e) {
- }
-
- try {
- default_rsa_key_size = config.getString("keys.rsa.keysize.default", "2048");
- } catch (Exception e) {
- }
-
- try {
- // same token for now
- String token = config.getString(PRE_CONF_CA_TOKEN);
- String certTags = config.getString("preop.cert.list");
- String rsaCertTags = config.getString("preop.cert.rsalist", "");
- context.put("rsaTags", rsaCertTags);
- StringTokenizer st = new StringTokenizer(certTags, ",");
- mShowSigning = false;
-
- while (st.hasMoreTokens()) {
- String certTag = st.nextToken();
- String nn = config.getString(PCERT_PREFIX + certTag + ".nickname");
- Cert c = new Cert(token, nn, certTag);
-
- String s = config.getString(PCERT_PREFIX + certTag + ".keysize.select", "default");
-
- if (s.equals("default")) {
- c.setKeyOption("default");
- }
- if (s.equals("custom")) {
- c.setKeyOption("custom");
- }
-
- s = config.getString(PCERT_PREFIX + certTag + ".keysize.custom_size",
- default_rsa_key_size);
- c.setCustomKeysize(s);
-
- s = config.getString(PCERT_PREFIX + certTag + ".curvename.custom_name",
- default_ecc_curve_name);
- c.setCustomCurvename(s);
-
- boolean signingRequired = config.getBoolean(
- PCERT_PREFIX + certTag + ".signing.required",
- false);
- c.setSigningRequired(signingRequired);
- if (signingRequired)
- mShowSigning = true;
-
- String userfriendlyname = config.getString(
- PCERT_PREFIX + certTag + ".userfriendlyname");
- c.setUserFriendlyName(userfriendlyname);
- boolean enable = config.getBoolean(PCERT_PREFIX + certTag + ".enable", true);
- c.setEnable(enable);
- mCerts.addElement(c);
- }// while
- } catch (Exception e) {
- CMS.debug("SizePanel: display() " + e.toString());
- }
- CMS.debug("SizePanel: display() 1");
-
- context.put("show_signing", mShowSigning ? "true" : "false");
- context.put("certs", mCerts);
- context.put("errorString", errorString);
- context.put("default_keysize", default_rsa_key_size);
- context.put("default_ecc_curvename", default_ecc_curve_name);
- context.put("panel", "admin/console/config/sizepanel.vm");
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException, NumberFormatException {
- CMS.debug("SizePanel: update()");
- boolean hasErr = false;
- IConfigStore config = CMS.getConfigStore();
- String select1 = "";
- String val1 = null;
- boolean hasChanged = false;
- try {
- select1 = config.getString("preop.subsystem.select", "");
- } catch (Exception e) {
- }
-
- context.put("firsttime", "false");
- try {
- @SuppressWarnings("unused")
- boolean done = config.getBoolean("preop.SizePanel.done"); // check whether it's first time
- } catch (Exception e) {
- context.put("firsttime", "true");
- if (select1.equals("clone")) {
- // preset the sslserver dn for cloning case
- try {
- String val = config.getString("preop.cert.sslserver.dn", "");
- config.putString("preop.cert.sslserver.dn", val + ",o=clone");
- } catch (Exception ee) {
- }
- }
- }
-
- String token = "";
- try {
- token = config.getString(PRE_CONF_CA_TOKEN, "");
- Enumeration<Cert> c = mCerts.elements();
-
- while (c.hasMoreElements()) {
- Cert cert = c.nextElement();
- String ct = cert.getCertTag();
- boolean enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true);
- if (!enable)
- continue;
-
- String keytype = HttpInput.getKeyType(request, ct + "_keytype"); // rsa or ecc
-
- String keyalgorithm = HttpInput.getString(request, ct + "_keyalgorithm");
- if (keyalgorithm == null) {
- if (keytype != null && keytype.equals("ecc")) {
- keyalgorithm = "SHA256withEC";
- } else {
- keyalgorithm = "SHA256withRSA";
- }
- }
-
- String signingalgorithm = HttpInput.getString(request, ct + "_signingalgorithm");
- if (signingalgorithm == null) {
- signingalgorithm = keyalgorithm;
- }
-
- String select = HttpInput.getID(request, ct + "_choice");
-
- if (select == null) {
- CMS.debug("SizePanel: " + ct + "_choice not found");
- throw new IOException(
- "SizePanel: " + ct + "_choice not found");
- }
- CMS.debug("SizePanel: update() keysize choice selected:" + select);
- String oldkeysize = config.getString(PCERT_PREFIX + ct + ".keysize.size", "");
- String oldkeytype = config.getString(PCERT_PREFIX + ct + ".keytype", "");
- String oldkeyalgorithm = config.getString(PCERT_PREFIX + ct + ".keyalgorithm", "");
- String oldsigningalgorithm = config.getString(PCERT_PREFIX + ct + ".signingalgorithm", "");
- String oldcurvename = config.getString(PCERT_PREFIX + ct + ".curvename.name", "");
-
- if (select.equals("default")) {
- // XXXrenaming these...keep for now just in case
- config.putString("preop.keysize.select", "default");
- if (keytype != null && keytype.equals("ecc")) {
- config.putString("preop.curvename.custom_name", default_ecc_curve_name);
- config.putString("preop.curvename.name", default_ecc_curve_name);
- } else {
- config.putString("preop.keysize.custom_size", default_rsa_key_size);
- config.putString("preop.keysize.size", default_rsa_key_size);
- }
-
- config.putString(PCERT_PREFIX + ct + ".keytype", keytype);
- config.putString(PCERT_PREFIX + ct + ".keyalgorithm", keyalgorithm);
- config.putString(PCERT_PREFIX + ct + ".signingalgorithm", signingalgorithm);
- config.putString(PCERT_PREFIX + ct + ".keysize.select", "default");
-
- if (keytype != null && keytype.equals("ecc")) {
- config.putString(PCERT_PREFIX + ct +".curvename.custom_name",
- default_ecc_curve_name);
- config.putString(PCERT_PREFIX + ct + ".curvename.name",
- default_ecc_curve_name);
- } else {
- config.putString(PCERT_PREFIX + ct + ".keysize.custom_size",
- default_rsa_key_size);
- config.putString(PCERT_PREFIX + ct + ".keysize.size",
- default_rsa_key_size);
- }
- } else if (select.equals("custom")) {
- // XXXrenaming these...keep for now just in case
- config.putString("preop.keysize.select", "custom");
- if (keytype != null && keytype.equals("ecc")) {
- config.putString("preop.curvename.name",
- HttpInput.getString(request, ct + "_custom_curvename"));
- config.putString("preop.curvename.custom_name",
- HttpInput.getString(request, ct + "_custom_curvename"));
- } else {
- config.putString("preop.keysize.size",
- HttpInput.getKeySize(request, ct + "_custom_size", keytype));
- config.putString("preop.keysize.custom_size",
- HttpInput.getKeySize(request, ct + "_custom_size", keytype));
- }
-
- config.putString(PCERT_PREFIX + ct + ".keytype", keytype);
- config.putString(PCERT_PREFIX + ct + ".keyalgorithm", keyalgorithm);
- config.putString(PCERT_PREFIX + ct + ".signingalgorithm", signingalgorithm);
- config.putString(PCERT_PREFIX + ct + ".keysize.select", "custom");
-
- if (keytype != null && keytype.equals("ecc")) {
- config.putString(PCERT_PREFIX + ct + ".curvename.custom_name",
- HttpInput.getString(request, ct + "_custom_curvename"));
- config.putString(PCERT_PREFIX + ct + ".curvename.name",
- HttpInput.getString(request, ct + "_custom_curvename"));
- } else {
- config.putString(PCERT_PREFIX + ct + ".keysize.custom_size",
- HttpInput.getKeySize(request, ct + "_custom_size"));
- config.putString(PCERT_PREFIX + ct + ".keysize.size",
- HttpInput.getKeySize(request, ct + "_custom_size"));
- }
- } else {
- CMS.debug("SizePanel: invalid choice " + select);
- throw new IOException("invalid choice " + select);
- }
-
- String newkeysize = config.getString(PCERT_PREFIX + ct + ".keysize.size", "");
- String newkeytype = config.getString(PCERT_PREFIX + ct + ".keytype", "");
- String newkeyalgorithm = config.getString(PCERT_PREFIX + ct + ".keyalgorithm", "");
- String newsigningalgorithm = config.getString(PCERT_PREFIX + ct + ".signingalgorithm", "");
- String newcurvename = config.getString(PCERT_PREFIX + ct + ".curvename.name", "");
-
- if (!oldkeysize.equals(newkeysize) ||
- !oldkeytype.equals(newkeytype) ||
- !oldkeyalgorithm.equals(newkeyalgorithm) ||
- !oldsigningalgorithm.equals(newsigningalgorithm) ||
- !oldcurvename.equals(newcurvename))
- hasChanged = true;
- }// while
-
- try {
- config.commit(false);
- } catch (EBaseException e) {
- CMS.debug("SizePanel: update() Exception caught at config commit: " + e.toString());
- }
-
- val1 = HttpInput.getID(request, "generateKeyPair");
-
- if (hasChanged || (val1 != null && !val1.equals(""))) {
- mServlet.cleanUpFromPanel(mServlet.getPanelNo(request));
- } else if (isPanelDone()) {
- context.put("updateStatus", "success");
- return;
- }
- } catch (IOException e) {
- CMS.debug("SizePanel: update() IOException caught: " + e.toString());
- context.put("updateStatus", "failure");
- throw e;
- } catch (NumberFormatException e) {
- CMS.debug("SizePanel: update() NumberFormatException caught: " + e.toString());
- context.put("updateStatus", "failure");
- throw e;
- } catch (Exception e) {
- CMS.debug("SizePanel: update() Exception caught: " + e.toString());
- }
-
- // generate key pair
- Enumeration<Cert> c = mCerts.elements();
-
- while (c.hasMoreElements()) {
- Cert cert = c.nextElement();
- String ct = cert.getCertTag();
- String friendlyName = ct;
- boolean enable = true;
- try {
- enable = config.getBoolean(PCERT_PREFIX + ct + ".enable", true);
- friendlyName = config.getString(PCERT_PREFIX + ct + ".userfriendlyname", ct);
- } catch (Exception e) {
- }
-
- if (!enable)
- continue;
-
- try {
- String keytype = config.getString(PCERT_PREFIX + ct + ".keytype");
-
- if (keytype.equals("rsa")) {
- int keysize = config.getInteger(PCERT_PREFIX + ct + ".keysize.size");
- ConfigurationUtils.createRSAKeyPair(token, keysize, config, ct);
- } else {
- String curveName = config.getString(PCERT_PREFIX + ct + ".curvename.name", default_ecc_curve_name);
- ConfigurationUtils.createECCKeyPair(token, curveName, config, ct);
- }
- config.commit(false);
- } catch (Exception e) {
- CMS.debug(e);
- CMS.debug("SizePanel: key generation failure: " + e.toString());
- context.put("updateStatus", "failure");
- throw new IOException("key generation failure for the certificate: " + friendlyName +
- ". See the logs for details.");
- }
- } // while
-
- if (hasErr == false) {
- config.putBoolean("preop.SizePanel.done", true);
- try {
- config.commit(false);
- } catch (EBaseException e) {
- CMS.debug("SizePanel: update() Exception caught at config commit: "+ e.toString());
- }
- }
- CMS.debug("SizePanel: update() done");
- context.put("updateStatus", "success");
- }
-
- public void initParams(HttpServletRequest request, Context context)
- throws IOException {
- IConfigStore config = CMS.getConfigStore();
- String s = "";
- try {
- context.put("title", "Key Pairs");
-
- s = config.getString("preop.subsystem.select", "");
- context.put("select", s);
-
- s = config.getString("preop.hierarchy.select", "root");
- context.put("hselect", s);
-
- s = config.getString("preop.ecc.algorithm.list", "SHA256withEC,SHA1withEC,SHA384withEC,SHA512withEC");
- context.put("ecclist", s);
-
- s =
- config.getString("preop.rsa.algorithm.list",
- "SHA256withRSA,SHA1withRSA,SHA512withRSA,MD5withRSA,MD2withRSA");
- context.put("rsalist", s);
-
- s = config.getString("keys.ecc.curve.list", "nistp256");
- context.put("curvelist", s);
-
- s = config.getString("keys.ecc.curve.display.list", "nistp256");
- context.put("displaycurvelist", s);
-
- s = config.getString("pkicreate.subsystem_type");
- context.put("subsystemtype", s);
-
- } catch (Exception e) {
- CMS.debug("SizePanel(): initParams: unable to set all initial parameters:" + e);
- }
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- try {
- initParams(request, context);
- } catch (IOException e) {
- }
-
- context.put("certs", mCerts);
- context.put("show_signing", mShowSigning ? "true" : "false");
- context.put("default_keysize", default_rsa_key_size);
- context.put("default_ecc_curvename", default_ecc_curve_name);
-
- context.put("panel", "admin/console/config/sizepanel.vm");
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java
deleted file mode 100644
index b5e921822ed4dafa1a967ae8ae371beee7ec43b8..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/WelcomePanel.java
+++ /dev/null
@@ -1,128 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.IOException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class WelcomePanel extends WizardPanelBase {
-
- public WelcomePanel() {
- }
-
- /**
- * Initializes this panel.
- */
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("Welcome");
- setId(id);
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putBoolean("preop.welcome.done", false);
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- return cs.getBoolean("preop.welcome.done");
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- PropertySet set = new PropertySet();
-
- /* XXX */
-
- return set;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- IConfigStore cs = CMS.getConfigStore();
- CMS.debug("WelcomePanel: display()");
- context.put("title", "Welcome");
- try {
- context.put("cstype", cs.getString("cs.type"));
- context.put("wizardname", cs.getString("preop.wizard.name"));
- context.put("panelname",
- cs.getString("preop.system.fullname") + " Configuration Wizard");
- context.put("systemname",
- cs.getString("preop.system.name"));
- context.put("fullsystemname",
- cs.getString("preop.system.fullname"));
- context.put("productname",
- cs.getString("preop.product.name"));
- context.put("productversion",
- cs.getString("cms.product.version"));
- } catch (EBaseException e) {
- }
- context.put("panel", "admin/console/config/welcomepanel.vm");
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- try {
- cs.putBoolean("preop.welcome.done", true);
- cs.commit(false);
- } catch (EBaseException e) {
- }
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {/* This should never be called */
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java b/base/server/cms/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java
deleted file mode 100644
index 4fe64124098ce209b2ebae4376e0be70d38c6433..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java
+++ /dev/null
@@ -1,306 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.csadmin;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.net.URLEncoder;
-import java.util.Locale;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-import org.mozilla.jss.ssl.SSLCertificateApprovalCallback;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.cms.servlet.base.UserInfo;
-import com.netscape.cms.servlet.wizard.IWizardPanel;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-import com.netscape.cmsutil.xml.XMLObject;
-
-public class WizardPanelBase implements IWizardPanel {
- public static String PCERT_PREFIX = "preop.cert.";
- public static String SUCCESS = "0";
- public static String FAILURE = "1";
- public static String AUTH_FAILURE = "2";
-
- /**
- * Definition for static variables in CS.cfg
- */
- public static final String CONF_CA_CERT = "ca.signing.cert";
- public static final String CONF_CA_CERTREQ = "ca.signing.certreq";
- public static final String CONF_CA_CERTNICKNAME = "ca.signing.certnickname";
-
- public static final String PRE_CONF_ADMIN_NAME = "preop.admin.name";
- public static final String PRE_CONF_AGENT_GROUP = "preop.admin.group";
-
- /**
- * Definition for "preop" static variables in CS.cfg
- * -- "preop" config parameters should not assumed to exist after configuation
- */
-
- public static final String PRE_CONF_CA_TOKEN = "preop.module.token";
- public static final String PRE_CA_TYPE = "preop.ca.type";
- public static final String PRE_OTHER_CA = "otherca";
- public static final String PRE_ROOT_CA = "rootca";
-
- private String mName = null;
- private int mPanelNo = 0;
- private String mId = null;
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- mPanelNo = panelno;
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- mPanelNo = panelno;
- }
-
- /**
- * Cleans up this panel so that isPanelDone() will return false.
- */
- public void cleanUp() throws IOException {
- }
-
- public String getName() {
- return mName;
- }
-
- public int getPanelNo() {
- return mPanelNo;
- }
-
- public void setPanelNo(int num) {
- mPanelNo = num;
- }
-
- public void setName(String name) {
- mName = name;
- }
-
- public void setId(String id) {
- mId = id;
- }
-
- public String getId() {
- return mId;
- }
-
- public PropertySet getUsage() {
- PropertySet set = null;
-
- return set;
- }
-
- /**
- * Should we skip this panel?
- */
- public boolean shouldSkip() {
- return false;
- }
-
- /**
- * Is this panel done
- */
- public boolean isPanelDone() {
- return false;
- }
-
- /**
- * Show "Apply" button on frame?
- */
- public boolean showApplyButton() {
- return false;
- }
-
- /**
- * Is this a subPanel?
- */
- public boolean isSubPanel() {
- return false;
- }
-
- public boolean isLoopbackPanel() {
- return false;
- }
-
- /**
- * has subPanels?
- */
- public boolean hasSubPanel() {
- return false;
- }
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- }
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- }
-
- /**
- * Retrieves locale based on the request.
- */
- public Locale getLocale(HttpServletRequest req) {
- Locale locale = null;
- String lang = req.getHeader("accept-language");
-
- if (lang == null) {
- // use server locale
- locale = Locale.getDefault();
- } else {
- locale = new Locale(UserInfo.getUserLanguage(lang),
- UserInfo.getUserCountry(lang));
- }
- return locale;
- }
-
- public boolean authenticate(String hostname, int port, boolean https,
- String servlet, String uri) throws IOException {
- CMS.debug("WizardPanelBase authenticate start");
- String c = ConfigurationUtils.getHttpResponse(hostname, port, https, servlet, uri, null);
- IConfigStore cs = CMS.getConfigStore();
-
- if (c != null) {
- try {
- ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes());
- XMLObject parser = null;
-
- try {
- parser = new XMLObject(bis);
- } catch (Exception e) {
- CMS.debug("WizardPanelBase::authenticate() - "
- + "Exception=" + e.toString());
- throw new IOException(e.toString());
- }
-
- String status = parser.getValue("Status");
-
- CMS.debug("WizardPanelBase authenticate: status=" + status);
-
- if (status.equals(SUCCESS)) {
- String cookie = parser.getValue("Cookie");
- cs.putString("preop.cookie", cookie);
- return true;
- } else {
- return false;
- }
- } catch (Exception e) {
- CMS.debug("WizardPanelBase: authenticate: " + e.toString());
- throw new IOException(e.toString());
- }
- }
-
- return false;
- }
-
- public String pingCS(String hostname, int port, boolean https,
- SSLCertificateApprovalCallback certApprovalCallback)
- throws IOException {
- CMS.debug("WizardPanelBase pingCS: started");
-
- String c = ConfigurationUtils.getHttpResponse(hostname, port, https,
- "/ca/admin/ca/getStatus",
- null, null, certApprovalCallback);
-
- if (c != null) {
- try {
- ByteArrayInputStream bis = new ByteArrayInputStream(c.getBytes());
- XMLObject parser = null;
- String state = null;
-
- try {
- parser = new XMLObject(bis);
- CMS.debug("WizardPanelBase pingCS: got XML parsed");
- state = parser.getValue("State");
-
- if (state != null) {
- CMS.debug("WizardPanelBase pingCS: state=" + state);
- }
- } catch (Exception e) {
- CMS.debug("WizardPanelBase: pingCS: parser failed"
- + e.toString());
- }
-
- return state;
- } catch (Exception e) {
- CMS.debug("WizardPanelBase: pingCS: " + e.toString());
- throw new IOException(e.toString());
- }
- }
-
- CMS.debug("WizardPanelBase pingCS: stopped");
- return null;
- }
-
- public void reloginSecurityDomain(HttpServletResponse response) {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String hostname = cs.getString("securitydomain.host", "");
- int port = cs.getInteger("securitydomain.httpsadminport", -1);
- String cs_hostname = cs.getString("machineName", "");
- int cs_port = cs.getInteger("pkicreate.admin_secure_port", -1);
- int panel = getPanelNo();
- String subsystem = cs.getString("cs.type", "");
- String urlVal =
- "https://"
- + cs_hostname + ":" + cs_port + "/" + subsystem.toLowerCase()
- + "/admin/console/config/wizard?p=" + panel + "&subsystem=" + subsystem;
- String encodedValue = URLEncoder.encode(urlVal, "UTF-8");
- String sdurl = "https://" + hostname + ":" + port + "/ca/admin/ca/securityDomainLogin?url=" + encodedValue;
- response.sendRedirect(sdurl);
- } catch (Exception e) {
- CMS.debug("WizardPanelBase reloginSecurityDomain: Exception=" + e.toString());
- }
- }
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/wizard/IWizardPanel.java b/base/server/cms/src/com/netscape/cms/servlet/wizard/IWizardPanel.java
deleted file mode 100644
index d9d3ddec70b037b3d9062356964361cb2f10ba6e..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/wizard/IWizardPanel.java
+++ /dev/null
@@ -1,111 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.wizard;
-
-import java.io.IOException;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.context.Context;
-
-import com.netscape.certsrv.property.PropertySet;
-
-public interface IWizardPanel {
-
- /**
- * Initializes this panel.
- */
- public void init(ServletConfig config, int panelno)
- throws ServletException;
-
- public void init(WizardServlet servlet, ServletConfig config,
- int panelno, String id) throws ServletException;
-
- public String getName();
-
- public int getPanelNo();
-
- public void setId(String id);
-
- public String getId();
-
- public PropertySet getUsage();
-
- /**
- * Should we skip this panel to the next one?
- */
- public boolean shouldSkip();
-
- /**
- * Cleans up panel so that isPanelDone returns false
- */
- public void cleanUp() throws IOException;
-
- /**
- * Is this panel done
- */
- public boolean isPanelDone();
-
- /**
- * Show "Apply" button on frame?
- */
- public boolean showApplyButton();
-
- /**
- * Is this a subPanel?
- */
- public boolean isSubPanel();
-
- public boolean isLoopbackPanel();
-
- /**
- * has subPanels?
- */
- public boolean hasSubPanel();
-
- /**
- * Display the panel.
- */
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context);
-
- /**
- * Checks if the given parameters are valid.
- */
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException;
-
- /**
- * Commit parameter changes
- */
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException;
-
- /**
- * If validiate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context);
-}
diff --git a/base/server/cms/src/com/netscape/cms/servlet/wizard/WizardServlet.java b/base/server/cms/src/com/netscape/cms/servlet/wizard/WizardServlet.java
deleted file mode 100644
index 6deab6bc0389b2f62c23b72956d94192086999f8..0000000000000000000000000000000000000000
--- a/base/server/cms/src/com/netscape/cms/servlet/wizard/WizardServlet.java
+++ /dev/null
@@ -1,489 +0,0 @@
-// --- BEGIN COPYRIGHT BLOCK ---
-// This program is free software; you can redistribute it and/or modify
-// it under the terms of the GNU General Public License as published by
-// the Free Software Foundation; version 2 of the License.
-//
-// This program is distributed in the hope that it will be useful,
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-// GNU General Public License for more details.
-//
-// You should have received a copy of the GNU General Public License along
-// with this program; if not, write to the Free Software Foundation, Inc.,
-// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-//
-// (C) 2007 Red Hat, Inc.
-// All rights reserved.
-// --- END COPYRIGHT BLOCK ---
-package com.netscape.cms.servlet.wizard;
-
-import java.io.IOException;
-import java.util.Enumeration;
-import java.util.StringTokenizer;
-import java.util.Vector;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.velocity.Template;
-import org.apache.velocity.app.Velocity;
-import org.apache.velocity.context.Context;
-import org.apache.velocity.servlet.VelocityServlet;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.cms.servlet.csadmin.Cert;
-import com.netscape.cmsutil.crypto.Module;
-
-/**
- * wizard?p=[panel number]&op=usage <= usage in xml
- * wizard?p=[panel number]&op=display
- * wizard?p=[panel number]&op=next&...[additional parameters]...
- * wizard?p=[panel number]&op=apply
- * wizard?p=[panel number]&op=back
- * wizard?op=menu
- * return menu options
- */
- at SuppressWarnings("deprecation")
-public class WizardServlet extends VelocityServlet {
-
- /**
- *
- */
- private static final long serialVersionUID = -4513510177445656799L;
- private String name = null;
- private Vector<IWizardPanel> mPanels = new Vector<IWizardPanel>();
-
- public void init(ServletConfig config) throws ServletException {
- super.init(config);
-
- /* load sequence map */
- name = config.getInitParameter("name");
- String panels = config.getInitParameter("panels");
- StringTokenizer st = new StringTokenizer(panels, ",");
- int pno = 0;
- while (st.hasMoreTokens()) {
- String p = st.nextToken();
- StringTokenizer st1 = new StringTokenizer(p, "=");
- String id = st1.nextToken();
- String pvalue = st1.nextToken();
- try {
- IWizardPanel panel = (IWizardPanel) Class.forName(pvalue).newInstance();
- panel.init(this, config, pno, id);
- CMS.debug("WizardServlet: panel name=" + panel.getName());
- mPanels.addElement(panel);
- } catch (Exception e) {
- CMS.debug("WizardServlet: " + e.toString());
- }
- pno++;
- }
- CMS.debug("WizardServlet: done");
-
- }
-
- public void exposePanels(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- Enumeration<IWizardPanel> e = mPanels.elements();
- Vector<IWizardPanel> panels = new Vector<IWizardPanel>();
- while (e.hasMoreElements()) {
- IWizardPanel p = e.nextElement();
- panels.addElement(p);
- }
- context.put("panels", panels);
- }
-
- /**
- * Cleans up panels from a particular panel.
- */
- public void cleanUpFromPanel(int pno) throws IOException {
- /* panel number starts from zero */
- int s = mPanels.size();
- for (int i = pno; i < s; i++) {
- IWizardPanel panel = mPanels.elementAt(i);
- panel.cleanUp();
- }
- }
-
- public IWizardPanel getPanelByNo(int p) {
- IWizardPanel panel = mPanels.elementAt(p);
- if (panel.shouldSkip()) {
- panel = getPanelByNo(p + 1);
- }
- return panel;
- }
-
- public Template displayPanel(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- CMS.debug("WizardServlet: in display");
- int p = getPanelNo(request);
-
- if (p == 0) {
- CMS.debug("WizardServlet: firstpanel");
- context.put("firstpanel", Boolean.TRUE);
- }
- if (p == (mPanels.size() - 1)) {
- CMS.debug("WizardServlet: lastpanel");
- context.put("lastpanel", Boolean.TRUE);
- }
- IWizardPanel panel = getPanelByNo(p);
- CMS.debug("WizardServlet: panel=" + panel);
-
- if (panel.showApplyButton() == true)
- context.put("showApplyButton", Boolean.TRUE);
- else
- context.put("showApplyButton", Boolean.FALSE);
-
- panel.display(request, response, context);
- context.put("p", Integer.toString(panel.getPanelNo()));
-
- try {
- return Velocity.getTemplate("admin/console/config/wizard.vm");
- } catch (Exception e) {
- }
- return null;
- }
-
- public String xml_value_flatten(Object v) {
- String ret = "";
- if (v instanceof String) {
- ret += v;
- } else if (v instanceof Integer) {
- ret += ((Integer) v).toString();
- } else if (v instanceof Vector) {
- ret += "<Vector>";
- Vector<?> v1 = (Vector<?>) v;
- Enumeration<?> e = v1.elements();
- StringBuffer sb = new StringBuffer();
- while (e.hasMoreElements()) {
- sb.append(xml_value_flatten(e.nextElement()));
- }
- ret += sb.toString();
- ret += "</Vector>";
- } else if (v instanceof Module) { // for hardware token
- Module m = (Module) v;
- ret += "<Module>";
- ret += "<CommonName>" + m.getCommonName() + "</CommonName>";
- ret += "<UserFriendlyName>" + m.getUserFriendlyName() + "</UserFriendlyName>";
- ret += "<ImagePath>" + m.getImagePath() + "</ImagePath>";
- ret += "</Module>";
- } else if (v instanceof Cert) {
- Cert m = (Cert) v;
- ret += "<CertReqPair>";
- ret += "<Nickname>" + m.getNickname() + "</Nickname>";
- ret += "<Tokenname>" + m.getTokenname() + "</Tokenname>";
- ret += "<Request>" + m.getRequest() + "</Request>";
- ret += "<Certificate>" + m.getCert() + "</Certificate>";
- ret += "<Type>" + m.getType() + "</Type>";
- ret += "<DN>" + m.getDN() + "</DN>";
- ret += "<CertPP>" + m.getCertpp() + "</CertPP>";
- ret += "<KeyOption>" + m.getKeyOption() + "</KeyOption>";
- ret += "</CertReqPair>";
- } else if (v instanceof IWizardPanel) {
- IWizardPanel m = (IWizardPanel) v;
- ret += "<Panel>";
- ret += "<Id>" + m.getId() + "</Id>";
- ret += "<Name>" + m.getName() + "</Name>";
- ret += "</Panel>";
- } else {
- CMS.debug("Error: unknown type " + v.getClass().getName());
- }
- return ret;
- }
-
- public String xml_flatten(Context context) {
- StringBuffer ret = new StringBuffer();
- Object o[] = context.getKeys();
- for (int i = 0; i < o.length; i++) {
- if (o[i] instanceof String) {
- String key = (String) o[i];
- if (key.startsWith("__")) {
- continue;
- }
- ret.append("<");
- ret.append(key);
- ret.append(">");
- if (key.equals("bindpwd")) {
- ret.append("(sensitive)");
- } else {
- Object v = context.get(key);
- ret.append(xml_value_flatten(v));
- }
- ret.append("</");
- ret.append(key);
- ret.append(">");
- }
- }
- return ret.toString();
- }
-
- public int getPanelNo(HttpServletRequest request) {
- int p = 0;
-
- // panel number can be identified by either
- // panel no (p parameter) directly, or
- // panel name (panelname parameter).
- if (request.getParameter("panelname") != null) {
- String name = request.getParameter("panelname");
- for (int i = 0; i < mPanels.size(); i++) {
- IWizardPanel panel = mPanels.elementAt(i);
- if (panel.getId().equals(name)) {
- return i;
- }
- }
- } else if (request.getParameter("p") != null) {
- p = Integer.parseInt(request.getParameter("p"));
- }
- return p;
- }
-
- public String getNameFromPanelNo(int p) {
- IWizardPanel wp = mPanels.elementAt(p);
- return wp.getId();
- }
-
- public IWizardPanel getPreviousPanel(int p) {
- CMS.debug("getPreviousPanel input p=" + p);
- IWizardPanel backpanel = mPanels.elementAt(p - 1);
- if (backpanel.isSubPanel()) {
- backpanel = mPanels.elementAt(p - 1 - 1);
- }
- while (backpanel.shouldSkip()) {
- backpanel = mPanels.elementAt(backpanel.getPanelNo() - 1);
- }
- CMS.debug("getPreviousPanel output p=" + backpanel.getPanelNo());
- return backpanel;
- }
-
- public IWizardPanel getNextPanel(int p) {
- CMS.debug("getNextPanel input p=" + p);
- IWizardPanel panel = mPanels.elementAt(p);
- if (p == (mPanels.size() - 1)) {
- // p = p;
- } else if (panel.isSubPanel()) {
- if (panel.isLoopbackPanel()) {
- p = p - 1; // Login Panel is a loop back panel
- } else {
- p = p + 1;
- }
- } else if (panel.hasSubPanel()) {
- p = p + 2;
- } else {
- p = p + 1;
- }
- IWizardPanel nextpanel = getPanelByNo(p);
- CMS.debug("getNextPanel output p=" + p);
- return nextpanel;
- }
-
- public Template goApply(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- return goNextApply(request, response, context, true);
- }
-
- public Template goNext(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- return goNextApply(request, response, context, false);
- }
-
- /*
- * The parameter "stay" is used to indicate "apply" without
- * moving to the next panel
- */
- public Template goNextApply(HttpServletRequest request,
- HttpServletResponse response,
- Context context, boolean stay) {
- int p = getPanelNo(request);
- if (stay == true)
- CMS.debug("WizardServlet: in reply " + p);
- else
- CMS.debug("WizardServlet: in next " + p);
-
- IWizardPanel panel = mPanels.elementAt(p);
- try {
- panel.validate(request, response, context);
- try {
- panel.update(request, response, context);
- if (stay == true) { // "apply"
-
- if (panel.showApplyButton() == true)
- context.put("showApplyButton", Boolean.TRUE);
- else
- context.put("showApplyButton", Boolean.FALSE);
- panel.display(request, response, context);
- } else { // "next"
- IWizardPanel nextpanel = getNextPanel(p);
-
- if (nextpanel.showApplyButton() == true)
- context.put("showApplyButton", Boolean.TRUE);
- else
- context.put("showApplyButton", Boolean.FALSE);
- nextpanel.display(request, response, context);
- panel = nextpanel;
- }
- context.put("errorString", "");
- } catch (Exception e) {
- context.put("errorString", e.getMessage());
- panel.displayError(request, response, context);
- }
- } catch (IOException eee) {
- context.put("errorString", eee.getMessage());
- panel.displayError(request, response, context);
- }
- p = panel.getPanelNo();
- CMS.debug("panel no=" + p);
- CMS.debug("panel name=" + getNameFromPanelNo(p));
- CMS.debug("total number of panels=" + mPanels.size());
- context.put("p", Integer.toString(p));
- context.put("panelname", getNameFromPanelNo(p));
- if (p == 0) {
- CMS.debug("WizardServlet: firstpanel");
- context.put("firstpanel", Boolean.TRUE);
- }
- if (p == (mPanels.size() - 1)) {
- CMS.debug("WizardServlet: lastpanel");
- context.put("lastpanel", Boolean.TRUE);
- }
- // this is where we handle the xml request
- String xml = request.getParameter("xml");
- if (xml != null && xml.equals("true")) {
- CMS.debug("WizardServlet: found xml");
-
- response.setContentType("application/xml");
- String xmlstr = xml_flatten(context);
- context.put("xml", xmlstr);
- try {
- return Velocity.getTemplate("admin/console/config/xml.vm");
- } catch (Exception e) {
- CMS.debug("Failing to get template" + e);
- }
- } else {
- try {
- return Velocity.getTemplate("admin/console/config/wizard.vm");
- } catch (Exception e) {
- CMS.debug("Failing to get template" + e);
- }
- }
- return null;
- }
-
- public Template goBack(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- int p = getPanelNo(request);
- CMS.debug("WizardServlet: in back " + p);
- IWizardPanel backpanel = getPreviousPanel(p);
-
- if (backpanel.showApplyButton() == true)
- context.put("showApplyButton", Boolean.TRUE);
- else
- context.put("showApplyButton", Boolean.FALSE);
- backpanel.display(request, response, context);
- context.put("p", Integer.toString(backpanel.getPanelNo()));
- context.put("panelname", getNameFromPanelNo(backpanel.getPanelNo()));
-
- p = backpanel.getPanelNo();
-
- if (p == 0) {
- CMS.debug("WizardServlet: firstpanel");
- context.put("firstpanel", Boolean.TRUE);
- }
- if (p == (mPanels.size() - 1)) {
- CMS.debug("WizardServlet: lastpanel");
- context.put("lastpanel", Boolean.TRUE);
- }
- try {
- return Velocity.getTemplate("admin/console/config/wizard.vm");
- } catch (Exception e) {
- }
- return null;
- }
-
- public boolean authenticate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- String pin = (String) request.getSession().getAttribute("pin");
- if (pin == null) {
- try {
- response.sendRedirect("login");
- } catch (IOException e) {
- }
- return false;
- }
- return true;
- }
-
- public void outputHttpParameters(HttpServletRequest httpReq) {
- CMS.debug("WizardServlet:service() uri = " + httpReq.getRequestURI());
- Enumeration<String> paramNames = httpReq.getParameterNames();
- while (paramNames.hasMoreElements()) {
- String pn = paramNames.nextElement();
- // added this facility so that password can be hidden,
- // all sensitive parameters should be prefixed with
- // __ (double underscores); however, in the event that
- // a security parameter slips through, we perform multiple
- // additional checks to insure that it is NOT displayed
- if (pn.startsWith("__") ||
- pn.endsWith("password") ||
- pn.endsWith("passwd") ||
- pn.endsWith("pwd") ||
- pn.equalsIgnoreCase("admin_password_again") ||
- pn.equalsIgnoreCase("directoryManagerPwd") ||
- pn.equalsIgnoreCase("bindpassword") ||
- pn.equalsIgnoreCase("bindpwd") ||
- pn.equalsIgnoreCase("passwd") ||
- pn.equalsIgnoreCase("password") ||
- pn.equalsIgnoreCase("pin") ||
- pn.equalsIgnoreCase("pwd") ||
- pn.equalsIgnoreCase("pwdagain") ||
- pn.equalsIgnoreCase("uPasswd")) {
- CMS.debug("WizardServlet::service() param name='" + pn +
- "' value='(sensitive)'");
- } else {
- CMS.debug("WizardServlet::service() param name='" + pn +
- "' value='" + httpReq.getParameter(pn) + "'");
- }
- }
- }
-
- public Template handleRequest(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- CMS.debug("WizardServlet: process");
-
- if (CMS.debugOn()) {
- outputHttpParameters(request);
- }
-
- if (!authenticate(request, response, context)) {
- CMS.debug("WizardServlet: authentication failure");
- return null;
- }
-
- String op = request.getParameter("op"); /* operation */
- if (op == null) {
- op = "display";
- }
- CMS.debug("WizardServlet: op=" + op);
- CMS.debug("WizardServlet: size=" + mPanels.size());
-
- context.put("name", name);
- context.put("size", Integer.toString(mPanels.size()));
- exposePanels(request, response, context);
-
- if (op.equals("display")) {
- return displayPanel(request, response, context);
- } else if (op.equals("next")) {
- return goNext(request, response, context);
- } else if (op.equals("apply")) {
- return goApply(request, response, context);
- } else if (op.equals("back")) {
- return goBack(request, response, context);
- }
- return null;
- }
-}
diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
index 6e5414756d4365b266ce7e31fff918768ac2ad34..50b2c16f653ef588229db657b23106b3752fd621 100644
--- a/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
+++ b/base/server/cms/src/org/dogtagpki/server/rest/SystemConfigService.java
@@ -33,8 +33,6 @@ import javax.ws.rs.core.HttpHeaders;
import javax.ws.rs.core.Request;
import javax.ws.rs.core.UriInfo;
-import netscape.security.x509.X509CertImpl;
-
import org.apache.commons.lang.StringUtils;
import org.apache.commons.lang.mutable.MutableBoolean;
import org.mozilla.jss.CryptoManager;
@@ -67,6 +65,8 @@ import com.netscape.cms.servlet.csadmin.SystemCertDataFactory;
import com.netscape.cmsutil.crypto.CryptoUtil;
import com.netscape.cmsutil.util.Utils;
+import netscape.security.x509.X509CertImpl;
+
/**
* @author alee
*
@@ -445,7 +445,7 @@ public class SystemConfigService extends PKIService implements SystemConfigResou
cert.setType(cs.getString("preop.cert." + tag + ".type"));
if (!request.getStepTwo()) {
- ConfigurationUtils.configCert(null, null, null, cert, null);
+ ConfigurationUtils.configCert(null, null, null, cert);
} else {
String subsystem = cs.getString("preop.cert." + tag + ".subsystem");
diff --git a/base/tps/src/org/dogtagpki/server/tps/installer/CAInfoPanel.java b/base/tps/src/org/dogtagpki/server/tps/installer/CAInfoPanel.java
deleted file mode 100644
index 4c5371f200f37d4b547f9663983a4af803830628..0000000000000000000000000000000000000000
--- a/base/tps/src/org/dogtagpki/server/tps/installer/CAInfoPanel.java
+++ /dev/null
@@ -1,171 +0,0 @@
-package org.dogtagpki.server.tps.installer;
-
-import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.security.cert.CertificateException;
-import java.util.Vector;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.velocity.context.Context;
-import org.mozilla.jss.CryptoManager.NotInitializedException;
-import org.mozilla.jss.crypto.TokenException;
-import org.xml.sax.SAXException;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.csadmin.ConfigurationUtils;
-import com.netscape.cms.servlet.csadmin.WizardPanelBase;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class CAInfoPanel extends WizardPanelBase {
-
- public CAInfoPanel() {
- }
-
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("CA Information");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("CA Information");
- setId(id);
- }
-
- public boolean shouldSkip() {
- return false;
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putString("preop.cainfo.select", "");
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.cainfo.select", "");
- if (s != null && !s.isEmpty()) {
- return true;
- }
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- return new PropertySet();
- }
-
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- String errorString = "";
- context.put("title", "CA Information");
- context.put("panel", "admin/console/config/cainfopanel.vm");
- IConfigStore config = CMS.getConfigStore();
-
- if (isPanelDone()) {
- // TODO - put the selected URL in selection box.
- // String s = config.getString("preop.cainfo.select");
- }
-
- // get CA URLs
- Vector<String> v;
- try {
- v = null;
- v = ConfigurationUtils.getUrlListFromSecurityDomain(config, "CA", "SecurePort");
- if (v == null) {
- errorString = "No CA found. CA, TKS and optionally DRM " +
- " must be installed prior to TPS installation";
- context.put("errorString", errorString);
- context.put("preop.cainfo.errorString", errorString);
- return;
- }
-
- config.putString("preop.ca.list", StringUtils.join(v,","));
- config.commit(false);
- } catch (EBaseException | IOException | SAXException | ParserConfigurationException e) {
- e.printStackTrace();
- errorString = "Failed to get CA information from security domain. " + e;
- context.put("errorString", errorString);
- context.put("preop.cainfo.errorString", errorString);
- return;
- }
-
- context.put("urls", v);
- context.put("urls_size", v.size());
- context.put("errorString", "");
- context.put("preop.cainfo.errorString", "");
- }
-
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore config = CMS.getConfigStore();
- String subsystemNick;
- try {
- subsystemNick = config.getString("preop.cert.subsystem.nickname");
- } catch (EBaseException e1) {
- e1.printStackTrace();
- throw new IOException("Failed to get subsystem certificate nickname");
- }
-
- String url = HttpInput.getString(request, "urls");
- URI caUri = null;
- String parsedURI = url.substring(url.lastIndexOf("http"));
- try {
- caUri = new URI(parsedURI);
- } catch (URISyntaxException e) {
- throw new IOException("Invalid URI " + parsedURI);
- }
-
- // TODO: get installer from session
- TPSInstaller installer = new TPSInstaller();
- installer.configureCAConnector(caUri, subsystemNick);
-
- String host = caUri.getHost();
- int port = caUri.getPort();
-
- // Note -
- // list contains EE port. If admin port is different, it needs to
- // be obtained from security domain and used to get the cert chain
-
- /* int admin_port = ConfigurationUtils.getPortFromSecurityDomain(domainXML,
- host, port, "CA", "SecurePort", "SecureAdminPort");
- */
-
- try {
- ConfigurationUtils.importCertChain(host, port, "/ca/admin/ca/getCertChain", "ca");
- } catch (CertificateException | SAXException | ParserConfigurationException
- | NotInitializedException | TokenException | EBaseException e) {
- e.printStackTrace();
- throw new IOException("Failed to import certificate chain from CA");
- }
-
- context.put("updateStatus", "success");
- }
-
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- }
-}
diff --git a/base/tps/src/org/dogtagpki/server/tps/installer/DRMInfoPanel.java b/base/tps/src/org/dogtagpki/server/tps/installer/DRMInfoPanel.java
deleted file mode 100644
index 2237f9e5342d10127ffc7521af38c37746bdc409..0000000000000000000000000000000000000000
--- a/base/tps/src/org/dogtagpki/server/tps/installer/DRMInfoPanel.java
+++ /dev/null
@@ -1,154 +0,0 @@
-package org.dogtagpki.server.tps.installer;
-
-import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.util.Vector;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.velocity.context.Context;
-import org.xml.sax.SAXException;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.csadmin.ConfigurationUtils;
-import com.netscape.cms.servlet.csadmin.WizardPanelBase;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class DRMInfoPanel extends WizardPanelBase {
-
- public DRMInfoPanel() {
- }
-
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("DRM Information");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("DRM Information");
- setId(id);
- }
-
- public boolean shouldSkip() {
- return false;
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putString("preop.krainfo.select", "");
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.krainfo.select", "");
- if (s != null && ! s.isEmpty()) {
- return true;
- }
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- return new PropertySet();
- }
-
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- String errorString = "";
- context.put("title", "DRM Information");
- context.put("panel", "admin/console/config/drminfopanel.vm");
- IConfigStore config = CMS.getConfigStore();
-
- if (isPanelDone()) {
- //TODO - put selected entry in selection box.
- //String s = config.getString("preop.krainfo.select");
- }
-
- // get KRA URLs
- Vector<String> v = null;
- try {
- v = ConfigurationUtils.getUrlListFromSecurityDomain(config, "KRA", "SecurePort");
- if (v == null) {
- errorString = "No DRM found. CA, TKS and optionally DRM " +
- " must be installed prior to TPS installation";
- context.put("errorString", errorString);
- context.put("preop.krainfo.errorString", errorString);
- return;
- }
-
- config.putString("preop.kra.list", StringUtils.join(v,","));
- config.commit(false);
- } catch (EBaseException | IOException | SAXException | ParserConfigurationException e1) {
- e1.printStackTrace();
- errorString = "Failed to get DRM information from security domain. " + e1;
- context.put("errorString", errorString);
- context.put("preop.krainfo.errorString", errorString);
- return;
- }
-
- context.put("urls", v);
- context.put("urls_size", v.size());
- context.put("errorString", "");
- context.put("preop.krainfo.errorString", "");
- }
-
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore config = CMS.getConfigStore();
- String subsystemNick;
- try {
- subsystemNick = config.getString("preop.cert.subsystem.nickname");
- } catch (EBaseException e1) {
- e1.printStackTrace();
- throw new IOException("Failed to get subsystem certificate nickname");
- }
-
- String url = HttpInput.getString(request, "urls");
- String parsedURI = url.substring(url.lastIndexOf("http"));
- URI kraUri = null;
- try {
- kraUri = new URI(parsedURI);
- } catch (URISyntaxException e) {
- throw new IOException("Invalid URI " + parsedURI);
- }
-
- String choice = HttpInput.getString(request, "choice");
- boolean keyGen = choice.equalsIgnoreCase("keygen");
-
- // TODO: get installer from session
- TPSInstaller installer = new TPSInstaller();
- installer.configureKRAConnector(keyGen, kraUri, subsystemNick);
-
- context.put("updateStatus", "success");
- }
-
- /**
- * If validate() returns false, this method will be called.
- */
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- }
-}
diff --git a/base/tps/src/org/dogtagpki/server/tps/installer/TKSInfoPanel.java b/base/tps/src/org/dogtagpki/server/tps/installer/TKSInfoPanel.java
deleted file mode 100644
index 0c0cf62a7aa3acc7bfe5ad9f9047b8497fcf2139..0000000000000000000000000000000000000000
--- a/base/tps/src/org/dogtagpki/server/tps/installer/TKSInfoPanel.java
+++ /dev/null
@@ -1,150 +0,0 @@
-package org.dogtagpki.server.tps.installer;
-
-import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.util.Vector;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.xml.parsers.ParserConfigurationException;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.velocity.context.Context;
-import org.xml.sax.SAXException;
-
-import com.netscape.certsrv.apps.CMS;
-import com.netscape.certsrv.base.EBaseException;
-import com.netscape.certsrv.base.IConfigStore;
-import com.netscape.certsrv.property.PropertySet;
-import com.netscape.certsrv.util.HttpInput;
-import com.netscape.cms.servlet.csadmin.ConfigurationUtils;
-import com.netscape.cms.servlet.csadmin.WizardPanelBase;
-import com.netscape.cms.servlet.wizard.WizardServlet;
-
-public class TKSInfoPanel extends WizardPanelBase {
-
- public TKSInfoPanel() {
- }
-
- public void init(ServletConfig config, int panelno)
- throws ServletException {
- setPanelNo(panelno);
- setName("TKS Information");
- }
-
- public void init(WizardServlet servlet, ServletConfig config, int panelno, String id)
- throws ServletException {
- setPanelNo(panelno);
- setName("TKS Information");
- setId(id);
- }
-
- public boolean shouldSkip() {
- return false;
- }
-
- public void cleanUp() throws IOException {
- IConfigStore cs = CMS.getConfigStore();
- cs.putString("preop.tksinfo.select", "");
- }
-
- public boolean isPanelDone() {
- IConfigStore cs = CMS.getConfigStore();
- try {
- String s = cs.getString("preop.tksinfo.select", "");
- if (s != null && !s.isEmpty()) {
- return true;
- }
- } catch (EBaseException e) {
- }
- return false;
- }
-
- public PropertySet getUsage() {
- return new PropertySet();
- }
-
-
- public void display(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- String errorString = "";
- context.put("title", "TKS Information");
- context.put("panel", "admin/console/config/tksinfopanel.vm");
- IConfigStore config = CMS.getConfigStore();
-
- if (isPanelDone()) {
- // TODO - put selected URL in selection box
- // String s = config.getString("preop.tksinfo.select");
- }
-
- // get TKS URLs
- Vector<String> v = null;
- try {
- v = ConfigurationUtils.getUrlListFromSecurityDomain(config, "TKS", "SecureAdminPort");
- if (v == null) {
- errorString = "No TKS found. CA, TKS and optionally DRM " +
- " must be installed prior to TPS installation";
- context.put("errorString", errorString);
- context.put("preop.tksinfo.errorString", errorString);
- return;
- }
-
- config.putString("preop.tks.list", StringUtils.join(v,","));
- config.commit(false);
- } catch (EBaseException | IOException | SAXException | ParserConfigurationException e) {
- e.printStackTrace();
- errorString = "Failed to get TKS information from security domain. " + e;
- context.put("errorString", errorString);
- context.put("preop.tksinfo.errorString", errorString);
- return;
- }
-
- context.put("urls", v);
- context.put("urls_size", v.size());
- context.put("errorString", "");
- context.put("preop.tksinfo.errorString", "");
- }
-
- public void validate(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- }
-
- public void update(HttpServletRequest request,
- HttpServletResponse response,
- Context context) throws IOException {
- IConfigStore config = CMS.getConfigStore();
- String subsystemNick;
- try {
- subsystemNick = config.getString("preop.cert.subsystem.nickname");
- } catch (EBaseException e1) {
- e1.printStackTrace();
- throw new IOException("Failed to get subsystem certificate nickname");
- }
-
- String url = HttpInput.getString(request, "urls");
- String parsedURI = url.substring(url.lastIndexOf("http"));
- URI tksUri = null;
- try {
- tksUri = new URI(parsedURI);
- } catch (URISyntaxException e) {
- throw new IOException("Invalid URI " + parsedURI);
- }
-
- // TODO: get installer from session
- TPSInstaller installer = new TPSInstaller();
- installer.configureTKSConnector(tksUri, subsystemNick);
-
- context.put("updateStatus", "success");
- }
-
- public void displayError(HttpServletRequest request,
- HttpServletResponse response,
- Context context) {
- }
-
-}
--
2.4.3
More information about the Pki-devel
mailing list