Class CMSServlet

java.lang.Object
javax.servlet.GenericServlet
javax.servlet.http.HttpServlet
com.netscape.cms.servlet.base.CMSServlet
All Implemented Interfaces:
Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig
Direct Known Subclasses:
CheckIdentity, CloneServlet, ConnectorServlet, DirAuthServlet, DisableEnrollResult, DisplayHashUserEnroll, DisplayHtmlServlet, DownloadPKCS12, DynamicVariablesServlet, EnableEnrollResult, GetConfigEntries, GetCookie, GetOCSPInfo, GetStats, GetStatus, IndexServlet, MainPageServlet, OCSPServlet, PortsServlet, ProcessReq, QueryReq, RegisterUser, RemoteAuthConfig, SearchReqs, TokenAuthenticate, UpdateDomainXML, UpdateNumberRange

public abstract class CMSServlet extends javax.servlet.http.HttpServlet
This is the base class of all CS servlet.
Version:
$Revision$, $Date$
See Also:
  • Field Details

  • Constructor Details

    • CMSServlet

      public CMSServlet()
  • Method Details

    • toHashtable

      public static Hashtable<String,String> toHashtable(javax.servlet.http.HttpServletRequest req)
    • getCMSEngine

      public CMSEngine getCMSEngine()
    • initializeAuthz

      public String initializeAuthz(javax.servlet.ServletConfig sc, AuthzSubsystem authz, String id) throws EBaseException
      Throws:
      EBaseException
    • init

      public void init(javax.servlet.ServletConfig sc) throws javax.servlet.ServletException
      Specified by:
      init in interface javax.servlet.Servlet
      Overrides:
      init in class javax.servlet.GenericServlet
      Throws:
      javax.servlet.ServletException
    • getId

      public String getId()
    • getAuthMgr

      public String getAuthMgr()
    • isClientCertRequired

      public boolean isClientCertRequired()
    • outputHttpParameters

      public void outputHttpParameters(javax.servlet.http.HttpServletRequest httpReq)
    • service

      public void service(javax.servlet.http.HttpServletRequest httpReq, javax.servlet.http.HttpServletResponse httpResp) throws javax.servlet.ServletException, IOException
      Overrides:
      service in class javax.servlet.http.HttpServlet
      Throws:
      javax.servlet.ServletException
      IOException
    • newCMSRequest

      protected CMSRequest newCMSRequest()
      Create a new CMSRequest object. This should be overriden by servlets implementing different types of request
      Returns:
      a new CMSRequest object
    • process

      protected void process(CMSRequest cmsRequest) throws Exception
      process an HTTP request. Servlets must override this with their own implementation
      Throws:
      EBaseException - if the servlet was unable to satisfactorily process the request
      Exception
    • renderResult

      protected void renderResult(CMSRequest cmsReq) throws IOException
      Output a template. If an error occurs while outputing the template the exception template is used to display the error.
      Parameters:
      cmsReq - the CS request
      Throws:
      IOException
    • outputArgBlockAsXML

      protected void outputArgBlockAsXML(XMLObject xmlObj, Node parent, String argBlockName, ArgBlock argBlock)
    • outputXML

      protected void outputXML(javax.servlet.http.HttpServletResponse httpResp, CMSTemplateParams params)
    • renderTemplate

      protected void renderTemplate(CMSRequest cmsReq, String templateName, ICMSTemplateFiller filler) throws IOException
      Throws:
      IOException
    • renderException

      protected void renderException(CMSRequest cmsReq, EBaseException e) throws IOException
      Output exception (unexpected error) template This is different from other templates in that if an exception occurs while rendering the exception a message is printed out directly. If the message gets an error an IOException is thrown. In others if an exception occurs while rendering the template the exception template (this) is called.

      Parameters:
      cmsReq - the CS request to pass to template filler if any.
      e - the unexpected exception
      Throws:
      IOException
    • renderFinalError

      public void renderFinalError(CMSRequest cmsReq, Exception ex) throws IOException
      Throws:
      IOException
    • invalidateSSLSession

      protected static void invalidateSSLSession(javax.servlet.http.HttpServletRequest httpReq)
      Invalidates a SSL Session. So client auth will happen again.
    • getAuthCreds

      public static AuthCredentials getAuthCreds(AuthManager authMgr, ArgBlock argBlock, X509Certificate clientCert) throws EBaseException
      construct a authentication credentials to pass into authentication manager.
      Throws:
      EBaseException
    • getSSLClientCertificate

      protected X509Certificate getSSLClientCertificate(javax.servlet.http.HttpServletRequest httpReq) throws EBaseException
      get ssl client authenticated certificate
      Throws:
      EBaseException
    • getSSLClientCertificate

      protected X509Certificate getSSLClientCertificate(javax.servlet.http.HttpServletRequest httpReq, boolean clientCertRequired) throws EBaseException
      Throws:
      EBaseException
    • getTemplate

      protected CMSTemplate getTemplate(String templateName, javax.servlet.http.HttpServletRequest httpReq, Locale[] locale) throws EBaseException, IOException
      get a template based on result status.
      Throws:
      EBaseException
      IOException
    • getDontSaveHttpParams

      protected void getDontSaveHttpParams(javax.servlet.ServletConfig sc)
      get http parameters not to save from configuration.
    • getSaveHttpHeaders

      protected void getSaveHttpHeaders(javax.servlet.ServletConfig sc)
      get http headers to save from configuration.
    • saveHttpHeaders

      protected void saveHttpHeaders(javax.servlet.http.HttpServletRequest httpReq, Request req) throws EBaseException
      save http headers in a Request.
      Throws:
      EBaseException
    • saveHttpParams

      protected void saveHttpParams(ArgBlock httpParams, Request req)
      save http headers in a Request.
    • newFillerObject

      protected ICMSTemplateFiller newFillerObject(String fillerClass)
      instantiate a new filler from a class name,
      Returns:
      null if can't be instantiated, new instance otherwise.
    • setDefaultTemplates

      protected void setDefaultTemplates(javax.servlet.ServletConfig sc)
      set default templates. subclasses can override, and should override at least the success template
    • clientIsNav

      public static boolean clientIsNav(javax.servlet.http.HttpServletRequest httpReq)
      handy routine to check if client is navigator based on user-agent.
    • clientIsMSIE

      public static boolean clientIsMSIE(javax.servlet.http.HttpServletRequest httpReq)
      handy routine to check if client is msie based on user-agent.
    • doCMMFResponse

      public static boolean doCMMFResponse(ArgBlock httpParams)
    • doFullResponse

      public static boolean doFullResponse(ArgBlock httpParams)
    • saveAuthToken

      protected static void saveAuthToken(AuthToken token, Request req)
    • getAuthToken

      protected AuthToken getAuthToken(Request req)
    • connectionIsSSL

      protected static boolean connectionIsSSL(javax.servlet.http.HttpServletRequest httpReq)
    • formCRLEntry

      protected org.mozilla.jss.netscape.security.x509.RevokedCertImpl formCRLEntry(BigInteger serialNo, org.mozilla.jss.netscape.security.x509.RevocationReason reason) throws EBaseException
      make a CRL entry from a serial number and revocation reason.
      Returns:
      a RevokedCertImpl that can be entered in a CRL.
      Throws:
      EBaseException
    • hashPassword

      protected String hashPassword(String pwd)
    • getLangFile

      public static File getLangFile(javax.servlet.http.HttpServletRequest req, File realpathFile, Locale[] locale) throws IOException
      Parameters:
      req - http servlet request
      realpathFile - the file to get.
      locale - array of at least one to be filled with locale found.
      Throws:
      IOException
    • getLocale

      public static Locale getLocale(String lang)
    • authenticate

      public AuthToken authenticate(CMSRequest req) throws EBaseException
      Throws:
      EBaseException
    • authenticate

      public AuthToken authenticate(javax.servlet.http.HttpServletRequest httpReq) throws EBaseException
      Throws:
      EBaseException
    • authenticate

      public AuthToken authenticate(CMSRequest req, String authMgrName) throws EBaseException
      Throws:
      EBaseException
    • authenticate

      public AuthToken authenticate(javax.servlet.http.HttpServletRequest httpReq, String authMgrName) throws EBaseException
      Authentication

      • signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only webserver env can pick up the SSL violation; CS authMgr can pick up cert mis-match, so this event is used)
      • signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication succeeded
      Throws:
      EBaseException - an error has occurred
    • authorize

      public AuthzToken authorize(String authzMgrName, String resource, AuthToken authToken, String exp) throws EBaseException
      Throws:
      EBaseException
    • authorize

      public AuthzToken authorize(String authzMgrName, AuthToken authToken, String resource, String operation) throws EBaseException
      Authorize must occur after Authenticate

      • signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization has failed
      • signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization is successful
      • signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CS that's when one accesses a role port)
      Parameters:
      authzMgrName - string representing the name of the authorization manager
      authToken - the authentication token
      resource - a string representing the ACL resource id as defined in the ACL resource list
      operation - a string representing one of the operations as defined within the ACL statement (e. g. - "read" for an ACL statement containing "(read,write)")
      Returns:
      the authorization token
      Throws:
      EBaseException - an error has occurred
    • auditSubjectID

      protected String auditSubjectID()
      Signed Audit Log Subject ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "SubjectID" for a signed audit log message.

      Returns:
      id string containing the signed audit log message SubjectID
    • auditGroupID

      protected String auditGroupID()
      Signed Audit Log Group ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "gid" for a signed audit log message.

      Returns:
      id string containing the signed audit log message SubjectID
    • getLocale

      protected Locale getLocale(javax.servlet.http.HttpServletRequest req)
      Retrieves locale based on the request.
    • outputResult

      protected void outputResult(javax.servlet.http.HttpServletResponse httpResp, String contentType, byte[] content)
    • outputError

      protected void outputError(javax.servlet.http.HttpServletResponse httpResp, String errorString)
    • outputError

      protected void outputError(javax.servlet.http.HttpServletResponse httpResp, String errorString, String requestId)
    • outputError

      protected void outputError(javax.servlet.http.HttpServletResponse httpResp, String status, String errorString, String requestId)