Package com.netscape.cms.servlet.admin
Class AdminServlet
- java.lang.Object
-
- javax.servlet.GenericServlet
-
- javax.servlet.http.HttpServlet
-
- com.netscape.cms.servlet.admin.AdminServlet
-
- All Implemented Interfaces:
java.io.Serializable
,javax.servlet.Servlet
,javax.servlet.ServletConfig
- Direct Known Subclasses:
ACLAdminServlet
,AuthAdminServlet
,CAAdminServlet
,CMSAdminServlet
,JobsAdminServlet
,KRAAdminServlet
,LogAdminServlet
,OCSPAdminServlet
,PolicyAdminServlet
,PublisherAdminServlet
,RAAdminServlet
,RegistryAdminServlet
,UsrGrpAdminServlet
public class AdminServlet extends javax.servlet.http.HttpServlet
A class represents an administration servlet that is responsible to serve administrative operation such as configuration parameter updates. Since each administration servlet needs to perform authentication information parsing and response formulation, it makes sense to encapsulate the commonalities into this class. By extending this serlvet, the subclass does not need to re-implement the request parsing code (i.e. authentication information parsing). If a subsystem needs to expose configuration parameters management, it should create an administration servlet (i.e. CAAdminServlet) and register it to RemoteAdmin subsystem.public class CAAdminServlet extends AdminServlet { ... }
- Version:
- $Revision$, $Date$
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description protected Auditor
auditor
static java.lang.String
AUTHZ_MGR_BASIC
static java.lang.String
AUTHZ_MGR_LDAP
protected static java.lang.String
AUTHZ_RES_NAME
static java.lang.String
AUTHZ_SRC_LDAP
static java.lang.String
AUTHZ_SRC_TYPE
static java.lang.String
AUTHZ_SRC_XML
static java.lang.String
CERT_ATTR
static int
ERROR
static org.slf4j.Logger
logger
protected java.lang.String
mAclMethod
protected IAuthzSubsystem
mAuthz
protected EngineConfig
mConfig
protected java.lang.String
mOp
protected AuthzToken
mToken
static java.lang.String
PROP_ACL
static java.lang.String
PROP_AUTHZ_MGR
static java.lang.String
PROP_ID
static int
RESTART
static int
SUCCESS
-
Constructor Summary
Constructors Constructor Description AdminServlet()
Constructs generic administration servlet.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
audit(LogEvent event)
protected void
audit(java.lang.String msg)
Signed Audit Log This method is inherited by all extended admin servlets and is called to store messages to the signed audit log.protected java.lang.String
auditParams(javax.servlet.http.HttpServletRequest req)
Signed Audit Parameters This method is inherited by all extended admin servlets and is called to extract parameters from the HttpServletRequest and return a string of name;;value pairs separated by a '+' if more than one name;;value pair exists.protected java.lang.String
auditSubjectID()
Signed Audit Log Subject ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "SubjectID" for a signed audit log message.protected void
authenticate(javax.servlet.http.HttpServletRequest req)
Authenticates to the identity scope with the given userid and password via identity manager.boolean
authorize(IAuthToken token)
authorize a user based on its authentication credentials.protected AuthzToken
authorize(javax.servlet.http.HttpServletRequest req)
Authorize must occur after Authenticateprotected void
commit(boolean createBackup)
FileConfigStore functionality The original config file is moved to. . protected NameValuePairs
convertStringArrayToNVPairs(java.lang.String[] s)
static AuthCredentials
getAuthCreds(IAuthManager authMgr, java.security.cert.X509Certificate clientCert)
protected static IExtendedPluginInfo
getClassByNameAsExtendedPluginInfo(java.lang.String className)
protected void
getConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
Generic configuration store get operation.protected java.util.Locale
getLocale(javax.servlet.http.HttpServletRequest req)
Retrieves locale based on the request.protected java.lang.String
getParameter(javax.servlet.http.HttpServletRequest req, java.lang.String name)
void
init(javax.servlet.ServletConfig sc)
Initializes the servlet.protected void
listConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
Lists configuration store.void
outputHttpParameters(javax.servlet.http.HttpServletRequest httpReq)
protected void
sendResponse(int returnCode, java.lang.String errorMsg, NameValuePairs params, javax.servlet.http.HttpServletResponse resp)
Sends response.void
service(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
Serves HTTP admin request.protected void
setConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
Generic configuration store set operation.protected java.lang.String
URLdecode(java.lang.String s)
URL decodes the given string.-
Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service
-
-
-
-
Field Detail
-
logger
public static org.slf4j.Logger logger
-
auditor
protected Auditor auditor
-
mConfig
protected EngineConfig mConfig
-
mAuthz
protected IAuthzSubsystem mAuthz
-
mAclMethod
protected java.lang.String mAclMethod
-
mOp
protected java.lang.String mOp
-
AUTHZ_RES_NAME
protected static java.lang.String AUTHZ_RES_NAME
-
mToken
protected AuthzToken mToken
-
PROP_AUTHZ_MGR
public static final java.lang.String PROP_AUTHZ_MGR
- See Also:
- Constant Field Values
-
PROP_ACL
public static final java.lang.String PROP_ACL
- See Also:
- Constant Field Values
-
AUTHZ_MGR_BASIC
public static final java.lang.String AUTHZ_MGR_BASIC
- See Also:
- Constant Field Values
-
AUTHZ_MGR_LDAP
public static final java.lang.String AUTHZ_MGR_LDAP
- See Also:
- Constant Field Values
-
PROP_ID
public static final java.lang.String PROP_ID
- See Also:
- Constant Field Values
-
AUTHZ_SRC_TYPE
public static final java.lang.String AUTHZ_SRC_TYPE
- See Also:
- Constant Field Values
-
AUTHZ_SRC_LDAP
public static final java.lang.String AUTHZ_SRC_LDAP
- See Also:
- Constant Field Values
-
AUTHZ_SRC_XML
public static final java.lang.String AUTHZ_SRC_XML
- See Also:
- Constant Field Values
-
CERT_ATTR
public static final java.lang.String CERT_ATTR
- See Also:
- Constant Field Values
-
SUCCESS
public static int SUCCESS
-
ERROR
public static int ERROR
-
RESTART
public static int RESTART
-
-
Method Detail
-
init
public void init(javax.servlet.ServletConfig sc) throws javax.servlet.ServletException
Initializes the servlet.- Specified by:
init
in interfacejavax.servlet.Servlet
- Overrides:
init
in classjavax.servlet.GenericServlet
- Throws:
javax.servlet.ServletException
-
outputHttpParameters
public void outputHttpParameters(javax.servlet.http.HttpServletRequest httpReq)
-
service
public void service(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws javax.servlet.ServletException, java.io.IOException
Serves HTTP admin request.- Overrides:
service
in classjavax.servlet.http.HttpServlet
- Throws:
javax.servlet.ServletException
java.io.IOException
-
authenticate
protected void authenticate(javax.servlet.http.HttpServletRequest req) throws java.io.IOException
Authenticates to the identity scope with the given userid and password via identity manager.- signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only webserver env can pick up the SSL violation; CMS authMgr can pick up cert mis-match, so this event is used)
- signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication succeeded
- Throws:
java.io.IOException
- an input/output error has occurred
-
getAuthCreds
public static AuthCredentials getAuthCreds(IAuthManager authMgr, java.security.cert.X509Certificate clientCert) throws EBaseException
- Throws:
EBaseException
-
authorize
protected AuthzToken authorize(javax.servlet.http.HttpServletRequest req)
Authorize must occur after Authenticate- signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization has failed
- signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization is successful
- signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CMS that's when one accesses a role port)
- Parameters:
req
- HTTP servlet request- Returns:
- the authorization token
-
getLocale
protected java.util.Locale getLocale(javax.servlet.http.HttpServletRequest req)
Retrieves locale based on the request.
-
sendResponse
protected void sendResponse(int returnCode, java.lang.String errorMsg, NameValuePairs params, javax.servlet.http.HttpServletResponse resp) throws java.io.IOException
Sends response.- Parameters:
returnCode
- return codeerrorMsg
- localized error messageparams
- result parametersresp
- HTTP servlet response- Throws:
java.io.IOException
-
URLdecode
protected java.lang.String URLdecode(java.lang.String s)
URL decodes the given string.
-
getParameter
protected java.lang.String getParameter(javax.servlet.http.HttpServletRequest req, java.lang.String name)
-
getConfig
protected void getConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws javax.servlet.ServletException, java.io.IOException, EBaseException
Generic configuration store get operation.- Throws:
javax.servlet.ServletException
java.io.IOException
EBaseException
-
setConfig
protected void setConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws javax.servlet.ServletException, java.io.IOException, EBaseException
Generic configuration store set operation. The caller is responsible to do validiation before calling this, and commit changes after this call.- Throws:
javax.servlet.ServletException
java.io.IOException
EBaseException
-
listConfig
protected void listConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp) throws javax.servlet.ServletException, java.io.IOException, EBaseException
Lists configuration store.- Throws:
javax.servlet.ServletException
java.io.IOException
EBaseException
-
authorize
public boolean authorize(IAuthToken token) throws EBaseException
authorize a user based on its authentication credentials.- Throws:
EBaseException
-
commit
protected void commit(boolean createBackup) throws EBaseException
FileConfigStore functionality The original config file is moved to. . Commits the current properties to the configuration file. - Parameters:
createBackup
- true if a backup file should be created- Throws:
EBaseException
-
audit
protected void audit(java.lang.String msg)
Signed Audit Log This method is inherited by all extended admin servlets and is called to store messages to the signed audit log.- Parameters:
msg
- signed audit log message
-
audit
protected void audit(LogEvent event)
-
auditSubjectID
protected java.lang.String auditSubjectID()
Signed Audit Log Subject ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "SubjectID" for a signed audit log message.- Returns:
- id string containing the signed audit log message SubjectID
-
auditParams
protected java.lang.String auditParams(javax.servlet.http.HttpServletRequest req)
Signed Audit Parameters This method is inherited by all extended admin servlets and is called to extract parameters from the HttpServletRequest and return a string of name;;value pairs separated by a '+' if more than one name;;value pair exists.- Parameters:
req
- HTTP servlet request- Returns:
- a delimited string of one or more delimited name/value pairs
-
convertStringArrayToNVPairs
protected NameValuePairs convertStringArrayToNVPairs(java.lang.String[] s)
-
getClassByNameAsExtendedPluginInfo
protected static IExtendedPluginInfo getClassByNameAsExtendedPluginInfo(java.lang.String className)
-
-