AdminServlet (pki-javadoc)

java.lang.Object
- javax.servlet.GenericServlet
- - javax.servlet.http.HttpServlet
  - - com.netscape.cms.servlet.admin.AdminServlet

All Implemented Interfaces:

java.io.Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig

Direct Known Subclasses:

ACLAdminServlet, AuthAdminServlet, CAAdminServlet, CMSAdminServlet, JobsAdminServlet, KRAAdminServlet, LogAdminServlet, OCSPAdminServlet, PolicyAdminServlet, ProfileAdminServlet, PublisherAdminServlet, RAAdminServlet, RegistryAdminServlet, UsrGrpAdminServlet
```
public class AdminServlet
extends javax.servlet.http.HttpServlet
```
A class represents an administration servlet that is responsible to serve administrative operation such as configuration parameter updates. Since each administration servlet needs to perform authentication information parsing and response formulation, it makes sense to encapsulate the commonalities into this class. By extending this serlvet, the subclass does not need to re-implement the request parsing code (i.e. authentication information parsing). If a subsystem needs to expose configuration parameters management, it should create an administration servlet (i.e. CAAdminServlet) and register it to RemoteAdmin subsystem. public class CAAdminServlet extends AdminServlet { ... }

Version:

$Revision$, $Date$

See Also:

Serialized Form

Field Summary

Fields
Modifier and Type	Field and Description
`protected IAuditor`	`auditor`
`static java.lang.String`	`AUTHZ_CONFIG_STORE`
`static java.lang.String`	`AUTHZ_MGR_BASIC`
`static java.lang.String`	`AUTHZ_MGR_LDAP`
`protected static java.lang.String`	`AUTHZ_RES_NAME`
`static java.lang.String`	`AUTHZ_SRC_LDAP`
`static java.lang.String`	`AUTHZ_SRC_TYPE`
`static java.lang.String`	`AUTHZ_SRC_XML`
`static java.lang.String`	`CERT_ATTR`
`static int`	`ERROR`
`protected java.lang.String`	`mAclMethod`
`protected IAuthzSubsystem`	`mAuthz`
`protected IConfigStore`	`mConfig`
`protected ILogger`	`mLogger`
`protected java.lang.String`	`mOp`
`protected AuthzToken`	`mToken`
`static java.lang.String`	`PROP_ACL`
`static java.lang.String`	`PROP_AUTHZ_MGR`
`static java.lang.String`	`PROP_ID`
`static int`	`RESTART`
`static int`	`SUCCESS`

Constructor Summary

Constructors
Constructor and Description

AdminServlet()
Constructs generic administration servlet.

Constructors
Constructor and Description
`AdminServlet()` Constructs generic administration servlet.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`audit(java.lang.String msg)` Signed Audit Log This method is inherited by all extended admin servlets and is called to store messages to the signed audit log.
`protected java.lang.String`	`auditParams(javax.servlet.http.HttpServletRequest req)` Signed Audit Parameters This method is inherited by all extended admin servlets and is called to extract parameters from the HttpServletRequest and return a string of name;;value pairs separated by a '+' if more than one name;;value pair exists.
`protected java.lang.String`	`auditSubjectID()` Signed Audit Log Subject ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "SubjectID" for a signed audit log message.
`protected void`	`authenticate(javax.servlet.http.HttpServletRequest req)` Authenticates to the identity scope with the given userid and password via identity manager.
`protected AuthzToken`	`authorize(javax.servlet.http.HttpServletRequest req)` Authorize must occur after Authenticate
`boolean`	`authorize(IAuthToken token)` authorize a user based on its authentication credentials.
`protected void`	`commit(boolean createBackup)` FileConfigStore functionality The original config file is moved to ..
`protected NameValuePairs`	`convertStringArrayToNVPairs(java.lang.String[] s)`
`static AuthCredentials`	`getAuthCreds(IAuthManager authMgr, java.security.cert.X509Certificate clientCert)`
`protected static IExtendedPluginInfo`	`getClassByNameAsExtendedPluginInfo(java.lang.String className)`
`protected void`	`getConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)` Generic configuration store get operation.
`protected java.util.Locale`	`getLocale(javax.servlet.http.HttpServletRequest req)` Retrieves locale based on the request.
`protected java.lang.String`	`getParameter(javax.servlet.http.HttpServletRequest req, java.lang.String name)`
`void`	`init(javax.servlet.ServletConfig sc)` Initializes the servlet.
`protected void`	`listConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)` Lists configuration store.
`void`	`outputHttpParameters(javax.servlet.http.HttpServletRequest httpReq)`
`protected void`	`sendResponse(int returnCode, java.lang.String errorMsg, NameValuePairs params, javax.servlet.http.HttpServletResponse resp)` Sends response.
`void`	`service(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)` Serves HTTP admin request.
`protected void`	`setConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)` Generic configuration store set operation.
`protected java.lang.String`	`URLdecode(java.lang.String s)` URL decodes the given string.

Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service

Methods inherited from class javax.servlet.GenericServlet
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

mLogger
```
protected ILogger mLogger
```

auditor
```
protected IAuditor auditor
```

mConfig
```
protected IConfigStore mConfig
```

mAuthz
```
protected IAuthzSubsystem mAuthz
```

mAclMethod
```
protected java.lang.String mAclMethod
```

mOp
```
protected java.lang.String mOp
```

AUTHZ_RES_NAME

protected static java.lang.String AUTHZ_RES_NAME

mToken
```
protected AuthzToken mToken
```

PROP_AUTHZ_MGR

public static final java.lang.String PROP_AUTHZ_MGR

See Also:: Constant Field Values

PROP_ACL

public static final java.lang.String PROP_ACL

See Also:: Constant Field Values

AUTHZ_MGR_BASIC

public static final java.lang.String AUTHZ_MGR_BASIC

See Also:: Constant Field Values

AUTHZ_MGR_LDAP

public static final java.lang.String AUTHZ_MGR_LDAP

See Also:: Constant Field Values

PROP_ID

public static final java.lang.String PROP_ID

See Also:: Constant Field Values

AUTHZ_CONFIG_STORE

public static final java.lang.String AUTHZ_CONFIG_STORE

See Also:: Constant Field Values

AUTHZ_SRC_TYPE

public static final java.lang.String AUTHZ_SRC_TYPE

See Also:: Constant Field Values

AUTHZ_SRC_LDAP

public static final java.lang.String AUTHZ_SRC_LDAP

See Also:: Constant Field Values

AUTHZ_SRC_XML

public static final java.lang.String AUTHZ_SRC_XML

See Also:: Constant Field Values

CERT_ATTR

public static final java.lang.String CERT_ATTR

See Also:: Constant Field Values

SUCCESS
```
public static int SUCCESS
```

ERROR
```
public static int ERROR
```

RESTART
```
public static int RESTART
```

Constructor Detail
- AdminServlet
```
public AdminServlet()
```
  Constructs generic administration servlet.

Method Detail
- init
```
public void init(javax.servlet.ServletConfig sc)
          throws javax.servlet.ServletException
```
  Initializes the servlet.
  
  Specified by:
  
  init in interface javax.servlet.Servlet
  
  Overrides:
  
  init in class javax.servlet.GenericServlet
  
  Throws:
  
  javax.servlet.ServletException
- outputHttpParameters
```
public void outputHttpParameters(javax.servlet.http.HttpServletRequest httpReq)
```
- service
```
public void service(javax.servlet.http.HttpServletRequest req,
                    javax.servlet.http.HttpServletResponse resp)
             throws javax.servlet.ServletException,
                    java.io.IOException
```
  Serves HTTP admin request.
  
  Overrides:
  
  service in class javax.servlet.http.HttpServlet
  
  Throws:
  
  javax.servlet.ServletException
  
  java.io.IOException
- authenticate
```
protected void authenticate(javax.servlet.http.HttpServletRequest req)
                     throws java.io.IOException
```
  Authenticates to the identity scope with the given userid and password via identity manager.
  - signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only webserver env can pick up the SSL violation; CMS authMgr can pick up cert mis-match, so this event is used)
  - signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication succeeded
  Throws:
  
  java.io.IOException - an input/output error has occurred
- getAuthCreds
```
public static AuthCredentials getAuthCreds(IAuthManager authMgr,
                                           java.security.cert.X509Certificate clientCert)
                                    throws EBaseException
```
  Throws:
  
  EBaseException
- authorize
```
protected AuthzToken authorize(javax.servlet.http.HttpServletRequest req)
```
  Authorize must occur after Authenticate
  - signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization has failed
  - signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization is successful
  - signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CMS that's when one accesses a role port)
  Parameters:
  
  req - HTTP servlet request
  
  Returns:
  
  the authorization token
- getLocale
```
protected java.util.Locale getLocale(javax.servlet.http.HttpServletRequest req)
```
  Retrieves locale based on the request.
- sendResponse
```
protected void sendResponse(int returnCode,
                            java.lang.String errorMsg,
                            NameValuePairs params,
                            javax.servlet.http.HttpServletResponse resp)
                     throws java.io.IOException
```
  Sends response.
  
  Parameters:
  
  returnCode - return code
  
  errorMsg - localized error message
  
  params - result parameters
  
  resp - HTTP servlet response
  
  Throws:
  
  java.io.IOException
- URLdecode
```
protected java.lang.String URLdecode(java.lang.String s)
```
  URL decodes the given string.
- getParameter
```
protected java.lang.String getParameter(javax.servlet.http.HttpServletRequest req,
                                        java.lang.String name)
```
- getConfig
```
protected void getConfig(IConfigStore config,
                         javax.servlet.http.HttpServletRequest req,
                         javax.servlet.http.HttpServletResponse resp)
                  throws javax.servlet.ServletException,
                         java.io.IOException,
                         EBaseException
```
  Generic configuration store get operation.
  
  Throws:
  
  javax.servlet.ServletException
  
  java.io.IOException
  
  EBaseException
- setConfig
```
protected void setConfig(IConfigStore config,
                         javax.servlet.http.HttpServletRequest req,
                         javax.servlet.http.HttpServletResponse resp)
                  throws javax.servlet.ServletException,
                         java.io.IOException,
                         EBaseException
```
  Generic configuration store set operation. The caller is responsible to do validiation before calling this, and commit changes after this call.
  
  Throws:
  
  javax.servlet.ServletException
  
  java.io.IOException
  
  EBaseException
- listConfig
```
protected void listConfig(IConfigStore config,
                          javax.servlet.http.HttpServletRequest req,
                          javax.servlet.http.HttpServletResponse resp)
                   throws javax.servlet.ServletException,
                          java.io.IOException,
                          EBaseException
```
  Lists configuration store.
  
  Throws:
  
  javax.servlet.ServletException
  
  java.io.IOException
  
  EBaseException
- authorize
```
public boolean authorize(IAuthToken token)
                  throws EBaseException
```
  authorize a user based on its authentication credentials.
  
  Throws:
  
  EBaseException
- commit
```
protected void commit(boolean createBackup)
               throws EBaseException
```
  FileConfigStore functionality The original config file is moved to .. Commits the current properties to the configuration file.
  
  Parameters:
  
  createBackup - true if a backup file should be created
  
  Throws:
  
  EBaseException
- audit
```
protected void audit(java.lang.String msg)
```
  Signed Audit Log This method is inherited by all extended admin servlets and is called to store messages to the signed audit log.
  
  Parameters:
  
  msg - signed audit log message
- auditSubjectID
```
protected java.lang.String auditSubjectID()
```
  Signed Audit Log Subject ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "SubjectID" for a signed audit log message.
  
  Returns:
  
  id string containing the signed audit log message SubjectID
- auditParams
```
protected java.lang.String auditParams(javax.servlet.http.HttpServletRequest req)
```
  Signed Audit Parameters This method is inherited by all extended admin servlets and is called to extract parameters from the HttpServletRequest and return a string of name;;value pairs separated by a '+' if more than one name;;value pair exists.
  
  Parameters:
  
  req - HTTP servlet request
  
  Returns:
  
  a delimited string of one or more delimited name/value pairs
- convertStringArrayToNVPairs
```
protected NameValuePairs convertStringArrayToNVPairs(java.lang.String[] s)
```
- getClassByNameAsExtendedPluginInfo
```
protected static IExtendedPluginInfo getClassByNameAsExtendedPluginInfo(java.lang.String className)
```

Class AdminServlet

Field Summary

Constructor Summary

Method Summary

Methods inherited from class javax.servlet.http.HttpServlet

Methods inherited from class javax.servlet.GenericServlet

Methods inherited from class java.lang.Object

Field Detail

mLogger

auditor

mConfig

mAuthz

mAclMethod

mOp

AUTHZ_RES_NAME

mToken

PROP_AUTHZ_MGR

PROP_ACL

AUTHZ_MGR_BASIC

AUTHZ_MGR_LDAP

PROP_ID

AUTHZ_CONFIG_STORE

AUTHZ_SRC_TYPE

AUTHZ_SRC_LDAP

AUTHZ_SRC_XML

CERT_ATTR

SUCCESS

ERROR

RESTART

Constructor Detail

AdminServlet

Method Detail

init

outputHttpParameters

service

authenticate

getAuthCreds

authorize

getLocale

sendResponse

URLdecode

getParameter

getConfig

setConfig

listConfig

authorize

commit

audit

auditSubjectID

auditParams

convertStringArrayToNVPairs

getClassByNameAsExtendedPluginInfo