Package com.netscape.cms.servlet.csadmin
Class Configurator
- java.lang.Object
-
- com.netscape.cms.servlet.csadmin.Configurator
-
public class Configurator extends java.lang.Object
Utility class for functions to be used by the RESTful installer.- Author:
- alee
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
AUTH_FAILURE
static java.math.BigInteger
BIG_ZERO
static ConfigCertApprovalCallback
certApprovalCallback
protected EngineConfig
cs
static java.lang.String
DBUSER
static java.lang.String
ECC_INTERNAL_ADMIN_CERT_PROFILE
protected CMSEngine
engine
static java.lang.String
FAILURE
static org.slf4j.Logger
logger
static java.lang.Long
MINUS_ONE
static java.lang.String
RSA_INTERNAL_ADMIN_CERT_PROFILE
protected ServerXml
serverXml
static java.lang.String
SUCCESS
-
Constructor Summary
Constructors Constructor Description Configurator(CMSEngine engine)
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description org.mozilla.jss.netscape.security.x509.X509CertImpl
configCert(CertificateSetupRequest request, java.security.KeyPair keyPair, Cert certObj)
org.mozilla.jss.netscape.security.x509.X509CertImpl
createAdminCertificate(AdminSetupRequest request)
void
createAdminCertificate(java.lang.String certRequest, java.lang.String certRequestType, java.lang.String subject)
void
createAdminUser(AdminSetupRequest request)
static PKIClient
createClient(java.lang.String serverURL, java.lang.String clientnickname, org.mozilla.jss.ssl.SSLCertificateApprovalCallback certApprovalCallback)
java.security.KeyPair
createECCKeyPair(org.mozilla.jss.crypto.CryptoToken token, java.lang.String curveName, java.lang.String ct)
org.mozilla.jss.netscape.security.pkcs.PKCS7
createPKCS7(org.mozilla.jss.netscape.security.x509.X509CertImpl cert)
IRequest
createRequest(java.lang.String tag, CertInfoProfile profile, org.mozilla.jss.netscape.security.x509.X509Key x509key, org.mozilla.jss.netscape.security.x509.X509CertInfo info)
java.security.KeyPair
createRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keysize, java.lang.String ct)
void
createSecurityDomain()
boolean
deleteDir(java.io.File dir)
void
finalizeConfiguration(FinalizeConfigRequest request)
save variables needed for cloning and remove preopsvoid
generateCertRequest(java.lang.String certTag, java.security.KeyPair keyPair, Cert cert)
java.lang.String
getContentValue(java.lang.String body, java.lang.String header)
void
getDatabaseGroups(java.util.Collection<java.lang.String> groups)
SecurityDomainHost
getHostInfo(DomainInfo domainInfo, java.lang.String csType, java.lang.String hostname, int securePort)
java.lang.String
getInstallToken(java.lang.String sdhost, int sdport, java.lang.String user, java.lang.String passwd)
java.lang.String
getNickname(java.lang.String certTag)
java.lang.String
getOldCookie(java.lang.String sdhost, int sdport, java.lang.String user, java.lang.String passwd)
java.lang.String
getSubsystemCert()
org.mozilla.jss.netscape.security.x509.X509CertImpl
getSubsystemCert(java.lang.String host, int port)
void
handleCert(Cert cert)
void
importAndSetCertPermissionsFromHSM()
void
importCert(java.lang.String subsystem, java.lang.String tag, java.lang.String tokenname, java.lang.String nickname, org.mozilla.jss.netscape.security.x509.X509CertImpl impl)
void
importLDIFS(LDAPConfigurator ldapConfigurator, java.lang.String param)
void
importLDIFS(LDAPConfigurator ldapConfigurator, java.lang.String param, boolean ignoreErrors)
boolean
isSDHostDomainMaster(DomainInfo domainInfo)
java.security.KeyPair
loadKeyPair(java.lang.String nickname, java.lang.String token)
void
registerUser(FinalizeConfigRequest request, java.net.URI secdomainURI, java.net.URI targetURI, java.lang.String targetType)
void
reinitSubsystems()
void
releaseConnection(netscape.ldap.LDAPConnection conn)
void
removeOldDBUsers(java.lang.String subjectDN)
void
setConfigStore(EngineConfig cs)
void
setServerXml(ServerXml serverXml)
void
setSubsystemEnabled(java.lang.String id, boolean enabled)
Set whether the given subsystem is enabled.void
setupAdminUser(AdminSetupRequest request, org.mozilla.jss.netscape.security.x509.X509CertImpl cert)
void
setupClientAuthUser()
void
setupClone(CloneSetupRequest request)
void
setupDatabase(DatabaseSetupRequest request)
void
setupDatabaseUser()
void
setupReplication(CloneSetupRequest request)
int
setupReplicationAgreements(LDAPConfigurator masterConfigurator, LDAPConfigurator replicaConfigurator, java.lang.String masterAgreementName, java.lang.String replicaAgreementName, java.lang.String masterHostname, java.lang.String replicaHostname, int masterReplicationPort, int replicaReplicationPort, java.lang.String masterReplicationPassword, java.lang.String replicaReplicationPassword, java.lang.String replicationSecurity, int replicaID)
void
setupSecurityDomain(SecurityDomainSetupRequest request)
void
setupSubsystemUser(org.mozilla.jss.netscape.security.x509.X509CertImpl cert)
void
setupUser(java.lang.String id, org.mozilla.jss.netscape.security.x509.X509CertImpl cert, java.lang.String groupName)
org.mozilla.jss.netscape.security.x509.X509CertImpl
submitAdminCertRequest(AdminSetupRequest request, java.lang.String ca_hostname, int ca_port, java.lang.String profileId, java.lang.String subjectDN)
void
updateAdminUserCert(AdminSetupRequest request, org.mozilla.jss.netscape.security.x509.X509CertImpl adminCert)
void
updateDomainXML(java.lang.String hostname, int port, boolean https, java.lang.String servlet, javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String> content, boolean useClientAuth)
void
updateNextRanges()
void
updateSecurityDomain(SecurityDomainSetupRequest request)
void
verifySystemCertificates()
-
-
-
Field Detail
-
logger
public static final org.slf4j.Logger logger
-
ECC_INTERNAL_ADMIN_CERT_PROFILE
public static final java.lang.String ECC_INTERNAL_ADMIN_CERT_PROFILE
- See Also:
- Constant Field Values
-
RSA_INTERNAL_ADMIN_CERT_PROFILE
public static final java.lang.String RSA_INTERNAL_ADMIN_CERT_PROFILE
- See Also:
- Constant Field Values
-
SUCCESS
public static java.lang.String SUCCESS
-
FAILURE
public static java.lang.String FAILURE
-
AUTH_FAILURE
public static java.lang.String AUTH_FAILURE
-
BIG_ZERO
public static final java.math.BigInteger BIG_ZERO
-
MINUS_ONE
public static final java.lang.Long MINUS_ONE
-
DBUSER
public static final java.lang.String DBUSER
- See Also:
- Constant Field Values
-
certApprovalCallback
public static ConfigCertApprovalCallback certApprovalCallback
-
engine
protected CMSEngine engine
-
cs
protected EngineConfig cs
-
serverXml
protected ServerXml serverXml
-
-
Constructor Detail
-
Configurator
public Configurator(CMSEngine engine)
-
-
Method Detail
-
createClient
public static PKIClient createClient(java.lang.String serverURL, java.lang.String clientnickname, org.mozilla.jss.ssl.SSLCertificateApprovalCallback certApprovalCallback) throws java.lang.Exception
- Throws:
java.lang.Exception
-
setConfigStore
public void setConfigStore(EngineConfig cs)
-
setServerXml
public void setServerXml(ServerXml serverXml) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getInstallToken
public java.lang.String getInstallToken(java.lang.String sdhost, int sdport, java.lang.String user, java.lang.String passwd) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getOldCookie
public java.lang.String getOldCookie(java.lang.String sdhost, int sdport, java.lang.String user, java.lang.String passwd) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getContentValue
public java.lang.String getContentValue(java.lang.String body, java.lang.String header)
-
getHostInfo
public SecurityDomainHost getHostInfo(DomainInfo domainInfo, java.lang.String csType, java.lang.String hostname, int securePort) throws java.lang.Exception
- Throws:
java.lang.Exception
-
setupClone
public void setupClone(CloneSetupRequest request) throws java.lang.Exception
- Throws:
java.lang.Exception
-
verifySystemCertificates
public void verifySystemCertificates() throws java.lang.Exception
- Throws:
java.lang.Exception
-
importAndSetCertPermissionsFromHSM
public void importAndSetCertPermissionsFromHSM() throws EBaseException, org.mozilla.jss.NotInitializedException, java.io.IOException, java.security.cert.CertificateEncodingException, org.mozilla.jss.NicknameConflictException, org.mozilla.jss.UserCertConflictException, org.mozilla.jss.crypto.NoSuchItemOnTokenException, org.mozilla.jss.crypto.TokenException
- Throws:
EBaseException
org.mozilla.jss.NotInitializedException
java.io.IOException
java.security.cert.CertificateEncodingException
org.mozilla.jss.NicknameConflictException
org.mozilla.jss.UserCertConflictException
org.mozilla.jss.crypto.NoSuchItemOnTokenException
org.mozilla.jss.crypto.TokenException
-
setupDatabase
public void setupDatabase(DatabaseSetupRequest request) throws java.lang.Exception
- Throws:
java.lang.Exception
-
reinitSubsystems
public void reinitSubsystems() throws EBaseException
- Throws:
EBaseException
-
setupReplication
public void setupReplication(CloneSetupRequest request) throws java.lang.Exception
- Throws:
java.lang.Exception
-
setupReplicationAgreements
public int setupReplicationAgreements(LDAPConfigurator masterConfigurator, LDAPConfigurator replicaConfigurator, java.lang.String masterAgreementName, java.lang.String replicaAgreementName, java.lang.String masterHostname, java.lang.String replicaHostname, int masterReplicationPort, int replicaReplicationPort, java.lang.String masterReplicationPassword, java.lang.String replicaReplicationPassword, java.lang.String replicationSecurity, int replicaID) throws java.lang.Exception
- Throws:
java.lang.Exception
-
releaseConnection
public void releaseConnection(netscape.ldap.LDAPConnection conn)
-
importLDIFS
public void importLDIFS(LDAPConfigurator ldapConfigurator, java.lang.String param) throws java.lang.Exception
- Throws:
java.lang.Exception
-
importLDIFS
public void importLDIFS(LDAPConfigurator ldapConfigurator, java.lang.String param, boolean ignoreErrors) throws java.lang.Exception
- Throws:
java.lang.Exception
-
deleteDir
public boolean deleteDir(java.io.File dir)
-
loadKeyPair
public java.security.KeyPair loadKeyPair(java.lang.String nickname, java.lang.String token) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createECCKeyPair
public java.security.KeyPair createECCKeyPair(org.mozilla.jss.crypto.CryptoToken token, java.lang.String curveName, java.lang.String ct) throws java.security.NoSuchAlgorithmException, org.mozilla.jss.NoSuchTokenException, org.mozilla.jss.crypto.TokenException, org.mozilla.jss.NotInitializedException, EPropertyNotFound, EBaseException
- Throws:
java.security.NoSuchAlgorithmException
org.mozilla.jss.NoSuchTokenException
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedException
EPropertyNotFound
EBaseException
-
createRSAKeyPair
public java.security.KeyPair createRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keysize, java.lang.String ct) throws java.lang.Exception
- Throws:
java.lang.Exception
-
configCert
public org.mozilla.jss.netscape.security.x509.X509CertImpl configCert(CertificateSetupRequest request, java.security.KeyPair keyPair, Cert certObj) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getNickname
public java.lang.String getNickname(java.lang.String certTag) throws EBaseException
- Throws:
EBaseException
-
generateCertRequest
public void generateCertRequest(java.lang.String certTag, java.security.KeyPair keyPair, Cert cert) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createRequest
public IRequest createRequest(java.lang.String tag, CertInfoProfile profile, org.mozilla.jss.netscape.security.x509.X509Key x509key, org.mozilla.jss.netscape.security.x509.X509CertInfo info) throws java.lang.Exception
- Throws:
java.lang.Exception
-
handleCert
public void handleCert(Cert cert) throws java.lang.Exception
- Throws:
java.lang.Exception
-
importCert
public void importCert(java.lang.String subsystem, java.lang.String tag, java.lang.String tokenname, java.lang.String nickname, org.mozilla.jss.netscape.security.x509.X509CertImpl impl) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createAdminCertificate
public org.mozilla.jss.netscape.security.x509.X509CertImpl createAdminCertificate(AdminSetupRequest request) throws java.lang.Exception
- Throws:
java.lang.Exception
-
updateAdminUserCert
public void updateAdminUserCert(AdminSetupRequest request, org.mozilla.jss.netscape.security.x509.X509CertImpl adminCert) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createAdminCertificate
public void createAdminCertificate(java.lang.String certRequest, java.lang.String certRequestType, java.lang.String subject) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createPKCS7
public org.mozilla.jss.netscape.security.pkcs.PKCS7 createPKCS7(org.mozilla.jss.netscape.security.x509.X509CertImpl cert) throws java.io.IOException
- Throws:
java.io.IOException
-
setupAdminUser
public void setupAdminUser(AdminSetupRequest request, org.mozilla.jss.netscape.security.x509.X509CertImpl cert) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createAdminUser
public void createAdminUser(AdminSetupRequest request) throws java.lang.Exception
- Throws:
java.lang.Exception
-
submitAdminCertRequest
public org.mozilla.jss.netscape.security.x509.X509CertImpl submitAdminCertRequest(AdminSetupRequest request, java.lang.String ca_hostname, int ca_port, java.lang.String profileId, java.lang.String subjectDN) throws java.lang.Exception
- Throws:
java.lang.Exception
-
setupSecurityDomain
public void setupSecurityDomain(SecurityDomainSetupRequest request) throws java.lang.Exception
- Throws:
java.lang.Exception
-
createSecurityDomain
public void createSecurityDomain() throws java.lang.Exception
- Throws:
java.lang.Exception
-
updateSecurityDomain
public void updateSecurityDomain(SecurityDomainSetupRequest request) throws java.lang.Exception
- Throws:
java.lang.Exception
-
isSDHostDomainMaster
public boolean isSDHostDomainMaster(DomainInfo domainInfo) throws java.lang.Exception
- Throws:
java.lang.Exception
-
updateDomainXML
public void updateDomainXML(java.lang.String hostname, int port, boolean https, java.lang.String servlet, javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String> content, boolean useClientAuth) throws java.lang.Exception
- Throws:
java.lang.Exception
-
setupSubsystemUser
public void setupSubsystemUser(org.mozilla.jss.netscape.security.x509.X509CertImpl cert) throws java.lang.Exception
- Throws:
java.lang.Exception
-
setupClientAuthUser
public void setupClientAuthUser() throws java.lang.Exception
- Throws:
java.lang.Exception
-
setupUser
public void setupUser(java.lang.String id, org.mozilla.jss.netscape.security.x509.X509CertImpl cert, java.lang.String groupName) throws java.lang.Exception
- Throws:
java.lang.Exception
-
getSubsystemCert
public org.mozilla.jss.netscape.security.x509.X509CertImpl getSubsystemCert(java.lang.String host, int port) throws java.lang.Exception
- Throws:
java.lang.Exception
-
setupDatabaseUser
public void setupDatabaseUser() throws java.lang.Exception
- Throws:
java.lang.Exception
-
getDatabaseGroups
public void getDatabaseGroups(java.util.Collection<java.lang.String> groups) throws java.lang.Exception
- Throws:
java.lang.Exception
-
registerUser
public void registerUser(FinalizeConfigRequest request, java.net.URI secdomainURI, java.net.URI targetURI, java.lang.String targetType) throws java.lang.Exception
- Throws:
java.lang.Exception
-
removeOldDBUsers
public void removeOldDBUsers(java.lang.String subjectDN) throws EBaseException, netscape.ldap.LDAPException
- Throws:
EBaseException
netscape.ldap.LDAPException
-
getSubsystemCert
public java.lang.String getSubsystemCert() throws EBaseException, org.mozilla.jss.NotInitializedException, org.mozilla.jss.crypto.ObjectNotFoundException, org.mozilla.jss.crypto.TokenException, java.security.cert.CertificateEncodingException, java.io.IOException
- Throws:
EBaseException
org.mozilla.jss.NotInitializedException
org.mozilla.jss.crypto.ObjectNotFoundException
org.mozilla.jss.crypto.TokenException
java.security.cert.CertificateEncodingException
java.io.IOException
-
updateNextRanges
public void updateNextRanges() throws EBaseException, netscape.ldap.LDAPException
- Throws:
EBaseException
netscape.ldap.LDAPException
-
finalizeConfiguration
public void finalizeConfiguration(FinalizeConfigRequest request) throws java.lang.Exception
save variables needed for cloning and remove preops- Throws:
EBaseException
java.lang.Exception
-
setSubsystemEnabled
public void setSubsystemEnabled(java.lang.String id, boolean enabled) throws EBaseException
Set whether the given subsystem is enabled.- Parameters:
id
- The subsystem ID.enabled
- Whether the subsystem is enabled- Throws:
EBaseException
-
-