[Pki-devel] [PATCH] 676 Fixed LDAP error handling in TokenService.
Endi Sukma Dewata
edewata at redhat.com
Thu Feb 4 04:34:50 UTC 2016
The DBSSession has been modified to attach the LDAPException
to the EDBException. The TokenService will catch the EDBException
and obtain the orignal LDAPException. This way the TokenService
can obtain the LDAP error code and throw the proper exception
the client.
https://fedorahosted.org/pki/ticket/1646
--
Endi S. Dewata
-------------- next part --------------
From 8df1b6ae34a985acca8e72819be3a026433699f7 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata at redhat.com>
Date: Thu, 4 Feb 2016 03:09:45 +0100
Subject: [PATCH] Fixed LDAP error handling in TokenService.
The DBSSession has been modified to attach the LDAPException
to the EDBException. The TokenService will catch the EDBException
and obtain the orignal LDAPException. This way the TokenService
can obtain the LDAP error code and throw the proper exception
the client.
https://fedorahosted.org/pki/ticket/1646
---
.../netscape/certsrv/dbs/EDBNotAvailException.java | 4 ++
.../src/com/netscape/cmscore/dbs/DBSSession.java | 28 ++++++------
.../dogtagpki/server/tps/rest/TokenService.java | 53 ++++++++++++++++++++++
3 files changed, 71 insertions(+), 14 deletions(-)
diff --git a/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java b/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
index a7df8bac74e44917a495ab17e44da02348996eb6..1b18359898e64b2659f3cafc7893bd300a0315c9 100644
--- a/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
+++ b/base/common/src/com/netscape/certsrv/dbs/EDBNotAvailException.java
@@ -37,4 +37,8 @@ public class EDBNotAvailException extends EDBException {
public EDBNotAvailException(String errorString) {
super(errorString);
}
+
+ public EDBNotAvailException(String errorString, Exception e) {
+ super(errorString, e);
+ }
}
diff --git a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSSession.java b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSSession.java
index ad1be6602dc296ae16dddddb75a81b5de8f8c190..2bfd5f2da4457ba4124b21da5aa520fcf352bec6 100644
--- a/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSSession.java
+++ b/base/server/cmscore/src/com/netscape/cmscore/dbs/DBSSession.java
@@ -19,18 +19,6 @@ package com.netscape.cmscore.dbs;
import java.util.Enumeration;
-import netscape.ldap.LDAPAttribute;
-import netscape.ldap.LDAPAttributeSet;
-import netscape.ldap.LDAPConnection;
-import netscape.ldap.LDAPEntry;
-import netscape.ldap.LDAPException;
-import netscape.ldap.LDAPModification;
-import netscape.ldap.LDAPModificationSet;
-import netscape.ldap.LDAPSearchConstraints;
-import netscape.ldap.LDAPSearchResults;
-import netscape.ldap.LDAPv2;
-import netscape.ldap.controls.LDAPPersistSearchControl;
-
import com.netscape.certsrv.apps.CMS;
import com.netscape.certsrv.base.EBaseException;
import com.netscape.certsrv.base.ISubsystem;
@@ -46,6 +34,18 @@ import com.netscape.certsrv.dbs.Modification;
import com.netscape.certsrv.dbs.ModificationSet;
import com.netscape.certsrv.logging.ILogger;
+import netscape.ldap.LDAPAttribute;
+import netscape.ldap.LDAPAttributeSet;
+import netscape.ldap.LDAPConnection;
+import netscape.ldap.LDAPEntry;
+import netscape.ldap.LDAPException;
+import netscape.ldap.LDAPModification;
+import netscape.ldap.LDAPModificationSet;
+import netscape.ldap.LDAPSearchConstraints;
+import netscape.ldap.LDAPSearchResults;
+import netscape.ldap.LDAPv2;
+import netscape.ldap.controls.LDAPPersistSearchControl;
+
/**
* A class represents the database session. Operations
* can be performed with a session.
@@ -119,9 +119,9 @@ public class DBSSession implements IDBSSession {
} catch (LDAPException e) {
if (e.getLDAPResultCode() == LDAPException.UNAVAILABLE)
throw new EDBNotAvailException(
- CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE"));
+ CMS.getUserMessage("CMS_DBS_INTERNAL_DIR_UNAVAILABLE"), e);
throw new EDBException(CMS.getUserMessage("CMS_DBS_LDAP_OP_FAILURE",
- name + " " + e.toString()));
+ name + ": " + e.getMessage()), e);
}
}
diff --git a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
index 92ca882fd5c49a33c9fd3be28834db7dc1571f37..1a3a4e96a94350356fa8ccb2ff7e9c5f0b85ff8a 100644
--- a/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
+++ b/base/tps/src/org/dogtagpki/server/tps/rest/TokenService.java
@@ -45,12 +45,16 @@ import com.netscape.certsrv.apps.CMS;
import com.netscape.certsrv.base.BadRequestException;
import com.netscape.certsrv.base.IConfigStore;
import com.netscape.certsrv.base.PKIException;
+import com.netscape.certsrv.dbs.EDBException;
+import com.netscape.certsrv.ldap.LDAPExceptionConverter;
import com.netscape.certsrv.tps.token.TokenCollection;
import com.netscape.certsrv.tps.token.TokenData;
import com.netscape.certsrv.tps.token.TokenResource;
import com.netscape.certsrv.tps.token.TokenStatus;
import com.netscape.cms.servlet.base.PKIService;
+import netscape.ldap.LDAPException;
+
/**
* @author Endi S. Dewata
*/
@@ -280,6 +284,13 @@ public class TokenService extends PKIService implements TokenResource {
return createOKResponse(response);
+ } catch (EDBException e) {
+ Throwable t = e.getCause();
+ if (t != null && t instanceof LDAPException) {
+ throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ }
+ throw new PKIException(e);
+
} catch (PKIException e) {
throw e;
@@ -302,6 +313,13 @@ public class TokenService extends PKIService implements TokenResource {
return createOKResponse(createTokenData(database.getRecord(tokenID)));
+ } catch (EDBException e) {
+ Throwable t = e.getCause();
+ if (t != null && t instanceof LDAPException) {
+ throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ }
+ throw new PKIException(e);
+
} catch (PKIException e) {
throw e;
@@ -348,6 +366,13 @@ public class TokenService extends PKIService implements TokenResource {
subsystem.tdb.tdbActivity(ActivityDatabase.OP_ADD, tokenRecord,
ipAddress, msg, "failure", remoteUser);
+ if (e instanceof EDBException) {
+ Throwable t = e.getCause();
+ if (t != null && t instanceof LDAPException) {
+ throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ }
+ }
+
if (e instanceof PKIException) {
throw (PKIException)e;
}
@@ -395,6 +420,13 @@ public class TokenService extends PKIService implements TokenResource {
ipAddress, msg, "failure",
remoteUser);
+ if (e instanceof EDBException) {
+ Throwable t = e.getCause();
+ if (t != null && t instanceof LDAPException) {
+ throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ }
+ }
+
if (e instanceof PKIException) {
throw (PKIException)e;
}
@@ -489,6 +521,13 @@ public class TokenService extends PKIService implements TokenResource {
ipAddress, msg, "failure",
remoteUser);
+ if (e instanceof EDBException) {
+ Throwable t = e.getCause();
+ if (t != null && t instanceof LDAPException) {
+ throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ }
+ }
+
if (e instanceof PKIException) {
throw (PKIException)e;
}
@@ -546,6 +585,13 @@ public class TokenService extends PKIService implements TokenResource {
ipAddress, msg, "failure",
remoteUser);
+ if (e instanceof EDBException) {
+ Throwable t = e.getCause();
+ if (t != null && t instanceof LDAPException) {
+ throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ }
+ }
+
if (e instanceof PKIException) {
throw (PKIException)e;
}
@@ -589,6 +635,13 @@ public class TokenService extends PKIService implements TokenResource {
ipAddress, msg, "failure",
remoteUser);
+ if (e instanceof EDBException) {
+ Throwable t = e.getCause();
+ if (t != null && t instanceof LDAPException) {
+ throw LDAPExceptionConverter.toPKIException((LDAPException)t);
+ }
+ }
+
if (e instanceof PKIException) {
throw (PKIException)e;
}
--
2.4.3
More information about the Pki-devel
mailing list