com.netscape.cms.servlet.admin
Class AdminServlet

java.lang.Object
  extended by javax.servlet.GenericServlet
      extended by javax.servlet.http.HttpServlet
          extended by com.netscape.cms.servlet.admin.AdminServlet
All Implemented Interfaces:
java.io.Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig
Direct Known Subclasses:
ACLAdminServlet, AuthAdminServlet, CAAdminServlet, CMSAdminServlet, JobsAdminServlet, KRAAdminServlet, LogAdminServlet, OCSPAdminServlet, PolicyAdminServlet, ProfileAdminServlet, PublisherAdminServlet, RAAdminServlet, RegistryAdminServlet, UsrGrpAdminServlet

public class AdminServlet
extends javax.servlet.http.HttpServlet

A class represents an administration servlet that is responsible to serve administrative operation such as configuration parameter updates. Since each administration servlet needs to perform authentication information parsing and response formulation, it makes sense to encapsulate the commonalities into this class. By extending this serlvet, the subclass does not need to re-implement the request parsing code (i.e. authentication information parsing). If a subsystem needs to expose configuration parameters management, it should create an administration servlet (i.e. CAAdminServlet) and register it to RemoteAdmin subsystem. public class CAAdminServlet extends AdminServlet { ... }

Version:
$Revision: 1211 $, $Date: 2010-08-18 10:15:37 -0700 (Wed, 18 Aug 2010) $
See Also:
Serialized Form

Field Summary
static java.lang.String AUTHZ_CONFIG_STORE
           
static java.lang.String AUTHZ_MGR_BASIC
           
static java.lang.String AUTHZ_MGR_LDAP
           
protected static java.lang.String AUTHZ_RES_NAME
           
static java.lang.String AUTHZ_SRC_LDAP
           
static java.lang.String AUTHZ_SRC_TYPE
           
static java.lang.String AUTHZ_SRC_XML
           
static java.lang.String CERT_ATTR
           
static int ERROR
           
protected  java.lang.String mAclMethod
           
protected  IAuthzSubsystem mAuthz
           
protected  IConfigStore mConfig
           
protected  ILogger mLogger
           
protected  java.lang.String mOp
           
protected  ILogger mSignedAuditLogger
           
protected  AuthzToken mToken
           
static java.lang.String PROP_ACL
           
static java.lang.String PROP_AUTHZ_MGR
           
static java.lang.String PROP_ID
           
static int RESTART
           
static java.lang.String SIGNED_AUDIT_EMPTY_NAME_VALUE_PAIR
           
static java.lang.String SIGNED_AUDIT_NAME_VALUE_DELIMITER
           
static java.lang.String SIGNED_AUDIT_NAME_VALUE_PAIRS_DELIMITER
           
static java.lang.String SIGNED_AUDIT_OPERATION
           
static java.lang.String SIGNED_AUDIT_PASSWORD_VALUE
           
static java.lang.String SIGNED_AUDIT_RESOURCE
           
static java.lang.String SIGNED_AUDIT_RULENAME
           
static java.lang.String SIGNED_AUDIT_SCOPE
           
static int SUCCESS
           
 
Constructor Summary
AdminServlet()
          Constructs generic administration servlet.
 
Method Summary
protected  void audit(java.lang.String msg)
          Signed Audit Log This method is inherited by all extended admin servlets and is called to store messages to the signed audit log.
protected  java.lang.String auditParams(javax.servlet.http.HttpServletRequest req)
          Signed Audit Parameters This method is inherited by all extended admin servlets and is called to extract parameters from the HttpServletRequest and return a string of name;;value pairs separated by a '+' if more than one name;;value pair exists.
protected  java.lang.String auditSubjectID()
          Signed Audit Log Subject ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "SubjectID" for a signed audit log message.
protected  void authenticate(javax.servlet.http.HttpServletRequest req)
          Authenticates to the identity scope with the given userid and password via identity manager.
protected  AuthzToken authorize(javax.servlet.http.HttpServletRequest req)
          Authorize must occur after Authenticate
 boolean authorize(IAuthToken token)
          authorize a user based on its authentication credentials.
protected  void commit(boolean createBackup)
          FileConfigStore functionality The original config file is moved to ..
protected  NameValuePairs convertStringArrayToNVPairs(java.lang.String[] s)
           
static AuthCredentials getAuthCreds(IAuthManager authMgr, java.security.cert.X509Certificate clientCert)
           
protected static IExtendedPluginInfo getClassByNameAsExtendedPluginInfo(java.lang.String className)
           
protected  void getConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
          Generic configuration store get operation.
protected  java.util.Locale getLocale(javax.servlet.http.HttpServletRequest req)
          Retrieves locale based on the request.
protected  java.lang.String getParameter(javax.servlet.http.HttpServletRequest req, java.lang.String name)
           
 void init(javax.servlet.ServletConfig sc)
          Initializes the servlet.
protected  void listConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
          Lists configuration store.
 void outputHttpParameters(javax.servlet.http.HttpServletRequest httpReq)
           
protected  void sendResponse(int returnCode, java.lang.String errorMsg, NameValuePairs params, javax.servlet.http.HttpServletResponse resp)
          Sends response.
 void service(javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
          Serves HTTP admin request.
protected  void setConfig(IConfigStore config, javax.servlet.http.HttpServletRequest req, javax.servlet.http.HttpServletResponse resp)
          Generic configuration store set operation.
protected  java.lang.String URLdecode(java.lang.String s)
          URL decodes the given string.
 
Methods inherited from class javax.servlet.http.HttpServlet
doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service
 
Methods inherited from class javax.servlet.GenericServlet
destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletInfo, getServletName, init, log, log
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

mLogger

protected ILogger mLogger

mSignedAuditLogger

protected ILogger mSignedAuditLogger

mConfig

protected IConfigStore mConfig

mAuthz

protected IAuthzSubsystem mAuthz

mAclMethod

protected java.lang.String mAclMethod

mOp

protected java.lang.String mOp

AUTHZ_RES_NAME

protected static java.lang.String AUTHZ_RES_NAME

mToken

protected AuthzToken mToken

PROP_AUTHZ_MGR

public static final java.lang.String PROP_AUTHZ_MGR
See Also:
Constant Field Values

PROP_ACL

public static final java.lang.String PROP_ACL
See Also:
Constant Field Values

AUTHZ_MGR_BASIC

public static final java.lang.String AUTHZ_MGR_BASIC
See Also:
Constant Field Values

AUTHZ_MGR_LDAP

public static final java.lang.String AUTHZ_MGR_LDAP
See Also:
Constant Field Values

PROP_ID

public static final java.lang.String PROP_ID
See Also:
Constant Field Values

AUTHZ_CONFIG_STORE

public static final java.lang.String AUTHZ_CONFIG_STORE
See Also:
Constant Field Values

AUTHZ_SRC_TYPE

public static final java.lang.String AUTHZ_SRC_TYPE
See Also:
Constant Field Values

AUTHZ_SRC_LDAP

public static final java.lang.String AUTHZ_SRC_LDAP
See Also:
Constant Field Values

AUTHZ_SRC_XML

public static final java.lang.String AUTHZ_SRC_XML
See Also:
Constant Field Values

CERT_ATTR

public static final java.lang.String CERT_ATTR
See Also:
Constant Field Values

SIGNED_AUDIT_SCOPE

public static final java.lang.String SIGNED_AUDIT_SCOPE
See Also:
Constant Field Values

SIGNED_AUDIT_OPERATION

public static final java.lang.String SIGNED_AUDIT_OPERATION
See Also:
Constant Field Values

SIGNED_AUDIT_RESOURCE

public static final java.lang.String SIGNED_AUDIT_RESOURCE
See Also:
Constant Field Values

SIGNED_AUDIT_RULENAME

public static final java.lang.String SIGNED_AUDIT_RULENAME
See Also:
Constant Field Values

SIGNED_AUDIT_PASSWORD_VALUE

public static final java.lang.String SIGNED_AUDIT_PASSWORD_VALUE
See Also:
Constant Field Values

SIGNED_AUDIT_EMPTY_NAME_VALUE_PAIR

public static final java.lang.String SIGNED_AUDIT_EMPTY_NAME_VALUE_PAIR
See Also:
Constant Field Values

SIGNED_AUDIT_NAME_VALUE_DELIMITER

public static final java.lang.String SIGNED_AUDIT_NAME_VALUE_DELIMITER
See Also:
Constant Field Values

SIGNED_AUDIT_NAME_VALUE_PAIRS_DELIMITER

public static final java.lang.String SIGNED_AUDIT_NAME_VALUE_PAIRS_DELIMITER
See Also:
Constant Field Values

SUCCESS

public static int SUCCESS

ERROR

public static int ERROR

RESTART

public static int RESTART
Constructor Detail

AdminServlet

public AdminServlet()
Constructs generic administration servlet.

Method Detail

init

public void init(javax.servlet.ServletConfig sc)
          throws javax.servlet.ServletException
Initializes the servlet.

Specified by:
init in interface javax.servlet.Servlet
Overrides:
init in class javax.servlet.GenericServlet
Throws:
javax.servlet.ServletException

outputHttpParameters

public void outputHttpParameters(javax.servlet.http.HttpServletRequest httpReq)

service

public void service(javax.servlet.http.HttpServletRequest req,
                    javax.servlet.http.HttpServletResponse resp)
             throws javax.servlet.ServletException,
                    java.io.IOException
Serves HTTP admin request.

Overrides:
service in class javax.servlet.http.HttpServlet
Throws:
javax.servlet.ServletException
java.io.IOException

authenticate

protected void authenticate(javax.servlet.http.HttpServletRequest req)
                     throws java.io.IOException
Authenticates to the identity scope with the given userid and password via identity manager.

Throws:
java.io.IOException - an input/output error has occurred

getAuthCreds

public static AuthCredentials getAuthCreds(IAuthManager authMgr,
                                           java.security.cert.X509Certificate clientCert)
                                    throws EBaseException
Throws:
EBaseException

authorize

protected AuthzToken authorize(javax.servlet.http.HttpServletRequest req)
Authorize must occur after Authenticate

Parameters:
req - HTTP servlet request
Returns:
the authorization token

getLocale

protected java.util.Locale getLocale(javax.servlet.http.HttpServletRequest req)
Retrieves locale based on the request.


sendResponse

protected void sendResponse(int returnCode,
                            java.lang.String errorMsg,
                            NameValuePairs params,
                            javax.servlet.http.HttpServletResponse resp)
                     throws java.io.IOException
Sends response.

Parameters:
returnCode - return code
errorMsg - localized error message
params - result parameters
resp - HTTP servlet response
Throws:
java.io.IOException

URLdecode

protected java.lang.String URLdecode(java.lang.String s)
URL decodes the given string.


getParameter

protected java.lang.String getParameter(javax.servlet.http.HttpServletRequest req,
                                        java.lang.String name)

getConfig

protected void getConfig(IConfigStore config,
                         javax.servlet.http.HttpServletRequest req,
                         javax.servlet.http.HttpServletResponse resp)
                  throws javax.servlet.ServletException,
                         java.io.IOException,
                         EBaseException
Generic configuration store get operation.

Throws:
javax.servlet.ServletException
java.io.IOException
EBaseException

setConfig

protected void setConfig(IConfigStore config,
                         javax.servlet.http.HttpServletRequest req,
                         javax.servlet.http.HttpServletResponse resp)
                  throws javax.servlet.ServletException,
                         java.io.IOException,
                         EBaseException
Generic configuration store set operation. The caller is responsible to do validiation before calling this, and commit changes after this call.

Throws:
javax.servlet.ServletException
java.io.IOException
EBaseException

listConfig

protected void listConfig(IConfigStore config,
                          javax.servlet.http.HttpServletRequest req,
                          javax.servlet.http.HttpServletResponse resp)
                   throws javax.servlet.ServletException,
                          java.io.IOException,
                          EBaseException
Lists configuration store.

Throws:
javax.servlet.ServletException
java.io.IOException
EBaseException

authorize

public boolean authorize(IAuthToken token)
                  throws EBaseException
authorize a user based on its authentication credentials.

Throws:
EBaseException

commit

protected void commit(boolean createBackup)
               throws EBaseException
FileConfigStore functionality The original config file is moved to .. Commits the current properties to the configuration file.

Parameters:
createBackup - true if a backup file should be created
Throws:
EBaseException

audit

protected void audit(java.lang.String msg)
Signed Audit Log This method is inherited by all extended admin servlets and is called to store messages to the signed audit log.

Parameters:
msg - signed audit log message

auditSubjectID

protected java.lang.String auditSubjectID()
Signed Audit Log Subject ID This method is inherited by all extended "CMSServlet"s, and is called to obtain the "SubjectID" for a signed audit log message.

Returns:
id string containing the signed audit log message SubjectID

auditParams

protected java.lang.String auditParams(javax.servlet.http.HttpServletRequest req)
Signed Audit Parameters This method is inherited by all extended admin servlets and is called to extract parameters from the HttpServletRequest and return a string of name;;value pairs separated by a '+' if more than one name;;value pair exists.

Parameters:
req - HTTP servlet request
Returns:
a delimited string of one or more delimited name/value pairs

convertStringArrayToNVPairs

protected NameValuePairs convertStringArrayToNVPairs(java.lang.String[] s)

getClassByNameAsExtendedPluginInfo

protected static IExtendedPluginInfo getClassByNameAsExtendedPluginInfo(java.lang.String className)