Class CMSServlet

    • Constructor Summary

      Constructors 
      Constructor Description
      CMSServlet()  
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected boolean areCertsFromCA​(java.security.cert.X509Certificate[] certs)
      handy routine for checking if a list of certs is from this CA.
      protected void audit​(com.netscape.certsrv.logging.LogEvent event)  
      protected void audit​(java.lang.String msg)
      Signed Audit Log This method is inherited by all extended "CMSServlet"s, and is called to store messages to the signed audit log.
      protected java.lang.String auditGroupID()
      Signed Audit Log Group ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "gid" for a signed audit log message.
      protected java.lang.String auditSubjectID()
      Signed Audit Log Subject ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "SubjectID" for a signed audit log message.
      com.netscape.certsrv.authentication.IAuthToken authenticate​(CMSRequest req)  
      com.netscape.certsrv.authentication.IAuthToken authenticate​(CMSRequest req, java.lang.String authMgrName)  
      com.netscape.certsrv.authentication.IAuthToken authenticate​(javax.servlet.http.HttpServletRequest httpReq)  
      com.netscape.certsrv.authentication.IAuthToken authenticate​(javax.servlet.http.HttpServletRequest httpReq, java.lang.String authMgrName)
      Authentication
      AuthzToken authorize​(java.lang.String authzMgrName, com.netscape.certsrv.authentication.IAuthToken authToken, java.lang.String resource, java.lang.String operation)
      Authorize must occur after Authenticate
      AuthzToken authorize​(java.lang.String authzMgrName, java.lang.String resource, com.netscape.certsrv.authentication.IAuthToken authToken, java.lang.String exp)  
      protected boolean certIsRevoked​(java.math.BigInteger serialNum)
      check if a certificate (serial number) is revoked on a CA.
      protected boolean checkImportCertToNav​(javax.servlet.http.HttpServletResponse httpResp, IArgBlock httpParams, org.mozilla.jss.netscape.security.x509.X509CertImpl cert)  
      static boolean clientIsMSIE​(javax.servlet.http.HttpServletRequest httpReq)
      handy routine to check if client is msie based on user-agent.
      static boolean clientIsNav​(javax.servlet.http.HttpServletRequest httpReq)
      handy routine to check if client is navigator based on user-agent.
      protected static boolean connectionIsSSL​(javax.servlet.http.HttpServletRequest httpReq)  
      static boolean doCMMFResponse​(IArgBlock httpParams)  
      static boolean doFullResponse​(IArgBlock httpParams)  
      protected org.mozilla.jss.netscape.security.x509.RevokedCertImpl formCRLEntry​(java.math.BigInteger serialNo, org.mozilla.jss.netscape.security.x509.RevocationReason reason)
      make a CRL entry from a serial number and revocation reason.
      static java.lang.String generateSalt()  
      static AuthCredentials getAuthCreds​(AuthManager authMgr, IArgBlock argBlock, java.security.cert.X509Certificate clientCert)
      construct a authentication credentials to pass into authentication manager.
      java.lang.String getAuthMgr()  
      protected com.netscape.certsrv.authentication.IAuthToken getAuthToken​(com.netscape.certsrv.request.IRequest req)  
      protected com.netscape.certsrv.dbs.certdb.ICertRecord getCertRecord​(java.math.BigInteger serialNo)
      handy routine for getting a cert record given a serial number.
      protected void getDontSaveHttpParams​(javax.servlet.ServletConfig sc)
      get http parameters not to save from configuration.
      java.lang.String getId()  
      static java.io.File getLangFile​(javax.servlet.http.HttpServletRequest req, java.io.File realpathFile, java.util.Locale[] locale)  
      static java.util.Locale getLocale​(java.lang.String lang)  
      protected java.util.Locale getLocale​(javax.servlet.http.HttpServletRequest req)
      Retrieves locale based on the request.
      protected java.lang.String getRelPath​(IAuthority authority)
      handy routine for getting agent's relative path
      protected void getSaveHttpHeaders​(javax.servlet.ServletConfig sc)
      get http headers to save from configuration.
      protected java.security.cert.X509Certificate getSSLClientCertificate​(javax.servlet.http.HttpServletRequest httpReq)
      get ssl client authenticated certificate
      protected java.security.cert.X509Certificate getSSLClientCertificate​(javax.servlet.http.HttpServletRequest httpReq, boolean clientCertRequired)  
      protected CMSTemplate getTemplate​(java.lang.String templateName, javax.servlet.http.HttpServletRequest httpReq, java.util.Locale[] locale)
      get a template based on result status.
      protected java.security.cert.X509Certificate getX509Certificate​(java.math.BigInteger serialNo)
      handy routine for getting a certificate from the certificate repository.
      protected java.lang.String hashPassword​(java.lang.String pwd)  
      void importCertToNav​(javax.servlet.http.HttpServletResponse httpResp, org.mozilla.jss.netscape.security.x509.X509CertImpl cert, java.lang.String contentType, boolean importCAChain)
      handy routine to import cert to old navigator in nav mime type.
      void init​(javax.servlet.ServletConfig sc)  
      protected static void invalidateSSLSession​(javax.servlet.http.HttpServletRequest httpReq)
      Invalidates a SSL Session.
      protected boolean isCertFromCA​(java.security.cert.X509Certificate cert)
      handy routine for validating if a cert is from this CA.
      boolean isClientCertRequired()  
      protected boolean isSystemCertificate​(java.math.BigInteger serialNo)
      A system certificate such as the CA signing certificate should not be allowed to delete.
      protected CMSRequest newCMSRequest()
      Create a new CMSRequest object.
      protected ICMSTemplateFiller newFillerObject​(java.lang.String fillerClass)
      instantiate a new filler from a class name,
      protected void outputArgBlockAsXML​(XMLObject xmlObj, org.w3c.dom.Node parent, java.lang.String argBlockName, IArgBlock argBlock)  
      protected void outputError​(javax.servlet.http.HttpServletResponse httpResp, java.lang.String errorString)  
      protected void outputError​(javax.servlet.http.HttpServletResponse httpResp, java.lang.String errorString, java.lang.String requestId)  
      protected void outputError​(javax.servlet.http.HttpServletResponse httpResp, java.lang.String status, java.lang.String errorString, java.lang.String requestId)  
      void outputHttpParameters​(javax.servlet.http.HttpServletRequest httpReq)  
      protected void outputResult​(javax.servlet.http.HttpServletResponse httpResp, java.lang.String contentType, byte[] content)  
      protected void outputXML​(javax.servlet.http.HttpServletResponse httpResp, CMSTemplateParams params)  
      protected void process​(CMSRequest cmsRequest)
      process an HTTP request.
      protected void renderException​(CMSRequest cmsReq, EBaseException e)
      Output exception (unexpected error) template This is different from other templates in that if an exception occurs while rendering the exception a message is printed out directly.
      void renderFinalError​(CMSRequest cmsReq, java.lang.Exception ex)  
      protected void renderResult​(CMSRequest cmsReq)
      Output a template.
      protected void renderTemplate​(CMSRequest cmsReq, java.lang.String templateName, ICMSTemplateFiller filler)  
      protected static void saveAuthToken​(com.netscape.certsrv.authentication.IAuthToken token, com.netscape.certsrv.request.IRequest req)  
      protected void saveHttpHeaders​(javax.servlet.http.HttpServletRequest httpReq, com.netscape.certsrv.request.IRequest req)
      save http headers in a IRequest.
      protected void saveHttpParams​(IArgBlock httpParams, com.netscape.certsrv.request.IRequest req)
      save http headers in a IRequest.
      void service​(javax.servlet.http.HttpServletRequest httpReq, javax.servlet.http.HttpServletResponse httpResp)  
      protected void setDefaultTemplates​(javax.servlet.ServletConfig sc)
      set default templates.
      static java.util.Hashtable<java.lang.String,​java.lang.String> toHashtable​(javax.servlet.http.HttpServletRequest req)  
      • Methods inherited from class javax.servlet.http.HttpServlet

        doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service
      • Methods inherited from class javax.servlet.GenericServlet

        destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • logger

        public static org.slf4j.Logger logger
      • signedAuditLogger

        protected static Logger signedAuditLogger
      • PROP_AUTHORITYID

        public static final java.lang.String PROP_AUTHORITYID
        See Also:
        Constant Field Values
      • PROP_FINAL_ERROR_MSG

        public static final java.lang.String PROP_FINAL_ERROR_MSG
        See Also:
        Constant Field Values
      • PROP_UNAUTHORIZED_TEMPLATE

        protected static final java.lang.String PROP_UNAUTHORIZED_TEMPLATE
        See Also:
        Constant Field Values
      • UNAUTHORIZED_TEMPLATE

        protected static final java.lang.String UNAUTHORIZED_TEMPLATE
        See Also:
        Constant Field Values
      • PROP_SUCCESS_TEMPLATE

        protected static final java.lang.String PROP_SUCCESS_TEMPLATE
        See Also:
        Constant Field Values
      • SUCCESS_TEMPLATE

        protected static final java.lang.String SUCCESS_TEMPLATE
        See Also:
        Constant Field Values
      • PROP_PENDING_TEMPLATE

        protected static final java.lang.String PROP_PENDING_TEMPLATE
        See Also:
        Constant Field Values
      • PENDING_TEMPLATE

        protected static final java.lang.String PENDING_TEMPLATE
        See Also:
        Constant Field Values
      • PROP_SVC_PENDING_TEMPLATE

        protected static final java.lang.String PROP_SVC_PENDING_TEMPLATE
        See Also:
        Constant Field Values
      • SVC_PENDING_TEMPLATE

        protected static final java.lang.String SVC_PENDING_TEMPLATE
        See Also:
        Constant Field Values
      • PROP_REJECTED_TEMPLATE

        protected static final java.lang.String PROP_REJECTED_TEMPLATE
        See Also:
        Constant Field Values
      • REJECTED_TEMPLATE

        protected static final java.lang.String REJECTED_TEMPLATE
        See Also:
        Constant Field Values
      • PROP_ERROR_TEMPLATE

        protected static final java.lang.String PROP_ERROR_TEMPLATE
        See Also:
        Constant Field Values
      • PROP_EXCEPTION_TEMPLATE

        protected static final java.lang.String PROP_EXCEPTION_TEMPLATE
        See Also:
        Constant Field Values
      • EXCEPTION_TEMPLATE

        protected static final java.lang.String EXCEPTION_TEMPLATE
        See Also:
        Constant Field Values
      • PROP_SUCCESS_TEMPLATE_FILLER

        protected static final java.lang.String PROP_SUCCESS_TEMPLATE_FILLER
        See Also:
        Constant Field Values
      • KRA_AGENT_GROUP

        protected static final java.lang.String KRA_AGENT_GROUP
        See Also:
        Constant Field Values
      • OCSP_AGENT_GROUP

        protected static final java.lang.String OCSP_AGENT_GROUP
        See Also:
        Constant Field Values
      • TRUSTED_RA_GROUP

        protected static final java.lang.String TRUSTED_RA_GROUP
        See Also:
        Constant Field Values
      • servletConfig

        protected javax.servlet.ServletConfig servletConfig
      • mRenderResult

        protected boolean mRenderResult
      • mFinalErrorMsg

        protected java.lang.String mFinalErrorMsg
      • mTemplates

        protected java.util.Hashtable<java.lang.Integer,​CMSLoadTemplate> mTemplates
      • mServletConfig

        protected javax.servlet.ServletConfig mServletConfig
      • mServletContext

        protected javax.servlet.ServletContext mServletContext
      • mDontSaveHttpParams

        protected java.util.Vector<java.lang.String> mDontSaveHttpParams
      • mSaveHttpHeaders

        protected java.util.Vector<java.lang.String> mSaveHttpHeaders
      • mId

        protected java.lang.String mId
      • mRequestQueue

        protected com.netscape.certsrv.request.IRequestQueue mRequestQueue
      • mLogCategory

        protected com.netscape.certsrv.logging.LogSource mLogCategory
      • mGetClientCert

        protected java.lang.String mGetClientCert
      • mAuthMgr

        protected java.lang.String mAuthMgr
      • mAclMethod

        protected java.lang.String mAclMethod
      • mAuthzResourceName

        protected java.lang.String mAuthzResourceName
      • mOutputTemplatePath

        protected java.lang.String mOutputTemplatePath
      • SIMPLE_ENROLLMENT_REQUEST

        public static final java.lang.String SIMPLE_ENROLLMENT_REQUEST
        See Also:
        Constant Field Values
      • SIMPLE_ENROLLMENT_RESPONSE

        public static final java.lang.String SIMPLE_ENROLLMENT_RESPONSE
        See Also:
        Constant Field Values
      • FULL_ENROLLMENT_REQUEST

        public static final java.lang.String FULL_ENROLLMENT_REQUEST
        See Also:
        Constant Field Values
      • FULL_ENROLLMENT_RESPONSE

        public static final java.lang.String FULL_ENROLLMENT_RESPONSE
        See Also:
        Constant Field Values
      • FULL_RESPONSE

        public static java.lang.String FULL_RESPONSE
        handy routine to check if client want full enrollment response
    • Constructor Detail

      • CMSServlet

        public CMSServlet()
    • Method Detail

      • toHashtable

        public static java.util.Hashtable<java.lang.String,​java.lang.String> toHashtable​(javax.servlet.http.HttpServletRequest req)
      • init

        public void init​(javax.servlet.ServletConfig sc)
                  throws javax.servlet.ServletException
        Specified by:
        init in interface javax.servlet.Servlet
        Overrides:
        init in class javax.servlet.GenericServlet
        Throws:
        javax.servlet.ServletException
      • getId

        public java.lang.String getId()
      • getAuthMgr

        public java.lang.String getAuthMgr()
      • isClientCertRequired

        public boolean isClientCertRequired()
      • outputHttpParameters

        public void outputHttpParameters​(javax.servlet.http.HttpServletRequest httpReq)
      • service

        public void service​(javax.servlet.http.HttpServletRequest httpReq,
                            javax.servlet.http.HttpServletResponse httpResp)
                     throws javax.servlet.ServletException,
                            java.io.IOException
        Overrides:
        service in class javax.servlet.http.HttpServlet
        Throws:
        javax.servlet.ServletException
        java.io.IOException
      • newCMSRequest

        protected CMSRequest newCMSRequest()
        Create a new CMSRequest object. This should be overriden by servlets implementing different types of request
        Returns:
        a new CMSRequest object
      • process

        protected void process​(CMSRequest cmsRequest)
                        throws java.lang.Exception
        process an HTTP request. Servlets must override this with their own implementation
        Throws:
        EBaseException - if the servlet was unable to satisfactorily process the request
        java.lang.Exception
      • renderResult

        protected void renderResult​(CMSRequest cmsReq)
                             throws java.io.IOException
        Output a template. If an error occurs while outputing the template the exception template is used to display the error.
        Parameters:
        cmsReq - the CS request
        Throws:
        java.io.IOException
      • outputArgBlockAsXML

        protected void outputArgBlockAsXML​(XMLObject xmlObj,
                                           org.w3c.dom.Node parent,
                                           java.lang.String argBlockName,
                                           IArgBlock argBlock)
      • outputXML

        protected void outputXML​(javax.servlet.http.HttpServletResponse httpResp,
                                 CMSTemplateParams params)
      • renderTemplate

        protected void renderTemplate​(CMSRequest cmsReq,
                                      java.lang.String templateName,
                                      ICMSTemplateFiller filler)
                               throws java.io.IOException
        Throws:
        java.io.IOException
      • renderException

        protected void renderException​(CMSRequest cmsReq,
                                       EBaseException e)
                                throws java.io.IOException
        Output exception (unexpected error) template This is different from other templates in that if an exception occurs while rendering the exception a message is printed out directly. If the message gets an error an IOException is thrown. In others if an exception occurs while rendering the template the exception template (this) is called.

        Parameters:
        cmsReq - the CS request to pass to template filler if any.
        e - the unexpected exception
        Throws:
        java.io.IOException
      • renderFinalError

        public void renderFinalError​(CMSRequest cmsReq,
                                     java.lang.Exception ex)
                              throws java.io.IOException
        Throws:
        java.io.IOException
      • invalidateSSLSession

        protected static void invalidateSSLSession​(javax.servlet.http.HttpServletRequest httpReq)
        Invalidates a SSL Session. So client auth will happen again.
      • getSSLClientCertificate

        protected java.security.cert.X509Certificate getSSLClientCertificate​(javax.servlet.http.HttpServletRequest httpReq)
                                                                      throws EBaseException
        get ssl client authenticated certificate
        Throws:
        EBaseException
      • getSSLClientCertificate

        protected java.security.cert.X509Certificate getSSLClientCertificate​(javax.servlet.http.HttpServletRequest httpReq,
                                                                             boolean clientCertRequired)
                                                                      throws EBaseException
        Throws:
        EBaseException
      • getTemplate

        protected CMSTemplate getTemplate​(java.lang.String templateName,
                                          javax.servlet.http.HttpServletRequest httpReq,
                                          java.util.Locale[] locale)
                                   throws EBaseException,
                                          java.io.IOException
        get a template based on result status.
        Throws:
        EBaseException
        java.io.IOException
      • getDontSaveHttpParams

        protected void getDontSaveHttpParams​(javax.servlet.ServletConfig sc)
        get http parameters not to save from configuration.
      • getSaveHttpHeaders

        protected void getSaveHttpHeaders​(javax.servlet.ServletConfig sc)
        get http headers to save from configuration.
      • saveHttpHeaders

        protected void saveHttpHeaders​(javax.servlet.http.HttpServletRequest httpReq,
                                       com.netscape.certsrv.request.IRequest req)
                                throws EBaseException
        save http headers in a IRequest.
        Throws:
        EBaseException
      • saveHttpParams

        protected void saveHttpParams​(IArgBlock httpParams,
                                      com.netscape.certsrv.request.IRequest req)
        save http headers in a IRequest.
      • getCertRecord

        protected com.netscape.certsrv.dbs.certdb.ICertRecord getCertRecord​(java.math.BigInteger serialNo)
        handy routine for getting a cert record given a serial number.
      • isCertFromCA

        protected boolean isCertFromCA​(java.security.cert.X509Certificate cert)
        handy routine for validating if a cert is from this CA. mAuthority must be a CA.
      • areCertsFromCA

        protected boolean areCertsFromCA​(java.security.cert.X509Certificate[] certs)
        handy routine for checking if a list of certs is from this CA. mAuthortiy must be a CA.
      • getX509Certificate

        protected java.security.cert.X509Certificate getX509Certificate​(java.math.BigInteger serialNo)
        handy routine for getting a certificate from the certificate repository. mAuthority must be a CA.
      • newFillerObject

        protected ICMSTemplateFiller newFillerObject​(java.lang.String fillerClass)
        instantiate a new filler from a class name,
        Returns:
        null if can't be instantiated, new instance otherwise.
      • setDefaultTemplates

        protected void setDefaultTemplates​(javax.servlet.ServletConfig sc)
        set default templates. subclasses can override, and should override at least the success template
      • clientIsNav

        public static boolean clientIsNav​(javax.servlet.http.HttpServletRequest httpReq)
        handy routine to check if client is navigator based on user-agent.
      • clientIsMSIE

        public static boolean clientIsMSIE​(javax.servlet.http.HttpServletRequest httpReq)
        handy routine to check if client is msie based on user-agent.
      • doCMMFResponse

        public static boolean doCMMFResponse​(IArgBlock httpParams)
      • doFullResponse

        public static boolean doFullResponse​(IArgBlock httpParams)
      • checkImportCertToNav

        protected boolean checkImportCertToNav​(javax.servlet.http.HttpServletResponse httpResp,
                                               IArgBlock httpParams,
                                               org.mozilla.jss.netscape.security.x509.X509CertImpl cert)
                                        throws EBaseException
        Returns:
        false if import cert directly set to false.
        Throws:
        EBaseException
      • importCertToNav

        public void importCertToNav​(javax.servlet.http.HttpServletResponse httpResp,
                                    org.mozilla.jss.netscape.security.x509.X509CertImpl cert,
                                    java.lang.String contentType,
                                    boolean importCAChain)
                             throws EBaseException
        handy routine to import cert to old navigator in nav mime type.
        Throws:
        EBaseException
      • saveAuthToken

        protected static void saveAuthToken​(com.netscape.certsrv.authentication.IAuthToken token,
                                            com.netscape.certsrv.request.IRequest req)
      • getAuthToken

        protected com.netscape.certsrv.authentication.IAuthToken getAuthToken​(com.netscape.certsrv.request.IRequest req)
      • connectionIsSSL

        protected static boolean connectionIsSSL​(javax.servlet.http.HttpServletRequest httpReq)
      • getRelPath

        protected java.lang.String getRelPath​(IAuthority authority)
        handy routine for getting agent's relative path
      • isSystemCertificate

        protected boolean isSystemCertificate​(java.math.BigInteger serialNo)
                                       throws EBaseException
        A system certificate such as the CA signing certificate should not be allowed to delete. The main purpose is to avoid revoking the self signed CA certificate accidentially.
        Throws:
        EBaseException
      • formCRLEntry

        protected org.mozilla.jss.netscape.security.x509.RevokedCertImpl formCRLEntry​(java.math.BigInteger serialNo,
                                                                                      org.mozilla.jss.netscape.security.x509.RevocationReason reason)
                                                                               throws EBaseException
        make a CRL entry from a serial number and revocation reason.
        Returns:
        a RevokedCertImpl that can be entered in a CRL.
        Throws:
        EBaseException
      • certIsRevoked

        protected boolean certIsRevoked​(java.math.BigInteger serialNum)
                                 throws EBaseException
        check if a certificate (serial number) is revoked on a CA.
        Returns:
        true if cert is marked revoked in the CA's database.
        Throws:
        EBaseException
      • generateSalt

        public static java.lang.String generateSalt()
      • hashPassword

        protected java.lang.String hashPassword​(java.lang.String pwd)
      • getLangFile

        public static java.io.File getLangFile​(javax.servlet.http.HttpServletRequest req,
                                               java.io.File realpathFile,
                                               java.util.Locale[] locale)
                                        throws java.io.IOException
        Parameters:
        req - http servlet request
        realpathFile - the file to get.
        locale - array of at least one to be filled with locale found.
        Throws:
        java.io.IOException
      • getLocale

        public static java.util.Locale getLocale​(java.lang.String lang)
      • authenticate

        public com.netscape.certsrv.authentication.IAuthToken authenticate​(javax.servlet.http.HttpServletRequest httpReq)
                                                                    throws EBaseException
        Throws:
        EBaseException
      • authenticate

        public com.netscape.certsrv.authentication.IAuthToken authenticate​(javax.servlet.http.HttpServletRequest httpReq,
                                                                           java.lang.String authMgrName)
                                                                    throws EBaseException
        Authentication

        • signed.audit LOGGING_SIGNED_AUDIT_AUTH_FAIL used when authentication fails (in case of SSL-client auth, only webserver env can pick up the SSL violation; CS authMgr can pick up cert mis-match, so this event is used)
        • signed.audit LOGGING_SIGNED_AUDIT_AUTH_SUCCESS used when authentication succeeded
        Throws:
        EBaseException - an error has occurred
      • authorize

        public AuthzToken authorize​(java.lang.String authzMgrName,
                                    java.lang.String resource,
                                    com.netscape.certsrv.authentication.IAuthToken authToken,
                                    java.lang.String exp)
                             throws EBaseException
        Throws:
        EBaseException
      • authorize

        public AuthzToken authorize​(java.lang.String authzMgrName,
                                    com.netscape.certsrv.authentication.IAuthToken authToken,
                                    java.lang.String resource,
                                    java.lang.String operation)
                             throws EBaseException
        Authorize must occur after Authenticate

        • signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization has failed
        • signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization is successful
        • signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CS that's when one accesses a role port)
        Parameters:
        authzMgrName - string representing the name of the authorization manager
        authToken - the authentication token
        resource - a string representing the ACL resource id as defined in the ACL resource list
        operation - a string representing one of the operations as defined within the ACL statement (e. g. - "read" for an ACL statement containing "(read,write)")
        Returns:
        the authorization token
        Throws:
        EBaseException - an error has occurred
      • audit

        protected void audit​(java.lang.String msg)
        Signed Audit Log This method is inherited by all extended "CMSServlet"s, and is called to store messages to the signed audit log.

        Parameters:
        msg - signed audit log message
      • audit

        protected void audit​(com.netscape.certsrv.logging.LogEvent event)
      • auditSubjectID

        protected java.lang.String auditSubjectID()
        Signed Audit Log Subject ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "SubjectID" for a signed audit log message.

        Returns:
        id string containing the signed audit log message SubjectID
      • auditGroupID

        protected java.lang.String auditGroupID()
        Signed Audit Log Group ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "gid" for a signed audit log message.

        Returns:
        id string containing the signed audit log message SubjectID
      • getLocale

        protected java.util.Locale getLocale​(javax.servlet.http.HttpServletRequest req)
        Retrieves locale based on the request.
      • outputResult

        protected void outputResult​(javax.servlet.http.HttpServletResponse httpResp,
                                    java.lang.String contentType,
                                    byte[] content)
      • outputError

        protected void outputError​(javax.servlet.http.HttpServletResponse httpResp,
                                   java.lang.String errorString)
      • outputError

        protected void outputError​(javax.servlet.http.HttpServletResponse httpResp,
                                   java.lang.String errorString,
                                   java.lang.String requestId)
      • outputError

        protected void outputError​(javax.servlet.http.HttpServletResponse httpResp,
                                   java.lang.String status,
                                   java.lang.String errorString,
                                   java.lang.String requestId)