Class ConnectorServlet

java.lang.Object

javax.servlet.GenericServlet

javax.servlet.http.HttpServlet

com.netscape.cms.servlet.base.CMSServlet

com.netscape.cms.servlet.connector.ConnectorServlet

All Implemented Interfaces:

Serializable, javax.servlet.Servlet, javax.servlet.ServletConfig

public class ConnectorServlet
extends CMSServlet

Connector servlet process requests from remote authority - service request or return status.

Author:

cfu - Server-Side Keygen Enrollment implementation

See Also:

• Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
static final String	INFO
static org.slf4j.Logger	logger
protected IAuthority	mAuthority
protected AuthSubsystem	mAuthSubsystem
protected javax.servlet.ServletConfig	mConfig
protected IRequestEncoder	mReqEncoder
static final String	PROP_AUTHORITY

Fields inherited from class com.netscape.cms.servlet.base.CMSServlet

ADMIN_GROUP, AUTH_FAILURE, AUTHMGR_PARAM, AUTHZ_MGR_BASIC, AUTHZ_MGR_LDAP, AUTHZ_SRC_LDAP, AUTHZ_SRC_TYPE, AUTHZ_SRC_XML, CA_AGENT_GROUP, CERT_ATTR, certAuthority, engine, ERROR_MSG_TOKEN, ERROR_TEMPLATE, EXCEPTION_TEMPLATE, FAILURE, FINAL_ERROR_MSG, FULL_ENROLLMENT_REQUEST, FULL_ENROLLMENT_RESPONSE, FULL_RESPONSE, KRA_AGENT_GROUP, mAclMethod, mAuthMgr, mAuthz, mAuthzResourceName, mDontSaveHttpParams, mFinalErrorMsg, mGetClientCert, mId, mLogCategory, mOutputTemplatePath, mRenderResult, mRequestQueue, mSaveHttpHeaders, mServletConfig, mServletContext, mTemplates, OCSP_AGENT_GROUP, PENDING_TEMPLATE, PFX_AUTH_TOKEN, PFX_HTTP_HEADER, PFX_HTTP_PARAM, PROP_ACL, PROP_AUTHMGR, PROP_AUTHORITYID, PROP_AUTHZ_MGR, PROP_CLIENTAUTH, PROP_ERROR_TEMPLATE, PROP_EXCEPTION_TEMPLATE, PROP_FINAL_ERROR_MSG, PROP_ID, PROP_PENDING_TEMPLATE, PROP_REJECTED_TEMPLATE, PROP_RESOURCEID, PROP_SUCCESS_TEMPLATE, PROP_SUCCESS_TEMPLATE_FILLER, PROP_SVC_PENDING_TEMPLATE, PROP_UNAUTHORIZED_TEMPLATE, RA_AGENT_GROUP, REJECTED_TEMPLATE, requestRepository, servletConfig, signedAuditLogger, SIMPLE_ENROLLMENT_REQUEST, SIMPLE_ENROLLMENT_RESPONSE, SUCCESS, SUCCESS_TEMPLATE, SVC_PENDING_TEMPLATE, TEMPLATE_NAME, TRUSTED_RA_GROUP, UNAUTHORIZED_TEMPLATE

Constructor Summary

Constructors

Constructor	Description
ConnectorServlet()

Method Summary

Modifier and Type	Method	Description
protected void	audit(LogEvent event)
protected void	audit(String msg)	Signed Audit Log This method is inherited by all extended "CMSServlet"s, and is called to store messages to the signed audit log.
protected String	auditProfileID()	Signed Audit Log Profile ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "ProfileID" for a signed audit log message.
protected X509Certificate	getPeerCert(javax.servlet.http.HttpServletRequest req)
String	getServletInfo()
void	init(javax.servlet.ServletConfig sc)
static boolean	isProfileRequest(IRequest request)
void	normalizeProfileRequest(IRequest request)
protected IPKIMessage	processRequest(String source, String sourceUserId, IPKIMessage msg, IAuthToken token)	Process request
void	service(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)

Methods inherited from class com.netscape.cms.servlet.base.CMSServlet

areCertsFromCA, auditGroupID, auditSubjectID, authenticate, authenticate, authenticate, authenticate, authorize, authorize, certIsRevoked, checkImportCertToNav, clientIsMSIE, clientIsNav, connectionIsSSL, doCMMFResponse, doFullResponse, formCRLEntry, generateSalt, getAuthCreds, getAuthMgr, getAuthToken, getCertRecord, getDontSaveHttpParams, getId, getLangFile, getLocale, getLocale, getRelPath, getSaveHttpHeaders, getSSLClientCertificate, getSSLClientCertificate, getTemplate, getX509Certificate, hashPassword, importCertToNav, invalidateSSLSession, isCertFromCA, isClientCertRequired, isSystemCertificate, newCMSRequest, newFillerObject, outputArgBlockAsXML, outputError, outputError, outputError, outputHttpParameters, outputResult, outputXML, process, renderException, renderFinalError, renderResult, renderTemplate, saveAuthToken, saveHttpHeaders, saveHttpParams, setDefaultTemplates, toHashtable

Methods inherited from class javax.servlet.http.HttpServlet

doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service

Methods inherited from class javax.servlet.GenericServlet

destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletName, init, log, log

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

public static org.slf4j.Logger logger

INFO

public static final String INFO

See Also:

• Constant Field Values

PROP_AUTHORITY

public static final String PROP_AUTHORITY

See Also:

• Constant Field Values

mConfig

protected javax.servlet.ServletConfig mConfig

mAuthority

protected IAuthority mAuthority

mReqEncoder

protected IRequestEncoder mReqEncoder

mAuthSubsystem

protected AuthSubsystem mAuthSubsystem

Constructor Details

ConnectorServlet

public ConnectorServlet()

Method Details

init

public void init(javax.servlet.ServletConfig sc)
          throws javax.servlet.ServletException

Specified by:

init in interface javax.servlet.Servlet

Overrides:

init in class CMSServlet

Throws:

javax.servlet.ServletException

service

public void service(javax.servlet.http.HttpServletRequest request,
 javax.servlet.http.HttpServletResponse response)
             throws javax.servlet.ServletException,
IOException

Overrides:

service in class CMSServlet

Throws:

javax.servlet.ServletException

IOException

isProfileRequest

public static boolean isProfileRequest(IRequest request)

normalizeProfileRequest

public void normalizeProfileRequest(IRequest request)

processRequest

protected IPKIMessage processRequest(String source,
 String sourceUserId,
 IPKIMessage msg,
 IAuthToken token)
                              throws EBaseException

Process request

(Certificate Request - all "agent" profile cert requests made through a connector)

(Certificate Request Processed - all automated "agent" profile based cert acceptance made through a connector)

• signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before approval process)
• signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process
• signed.audit LOGGING_SIGNED_AUDIT_INTER_BOUNDARY_SUCCESS used when inter-CIMC_Boundary data transfer is successful (this is used when data does not need to be captured)

Parameters:

source - string containing source

sourceUserId - string containing source user ID

msg - PKI message

token - the authentication token

Returns:

PKI message

Throws:

EBaseException - an error has occurred

getPeerCert

protected X509Certificate getPeerCert(javax.servlet.http.HttpServletRequest req)
                               throws EBaseException

Throws:

EBaseException

getServletInfo

public String getServletInfo()

Specified by:

getServletInfo in interface javax.servlet.Servlet

Overrides:

getServletInfo in class javax.servlet.GenericServlet

audit

protected void audit(String msg)

Signed Audit Log This method is inherited by all extended "CMSServlet"s, and is called to store messages to the signed audit log.

Overrides:

audit in class CMSServlet

Parameters:

msg - signed audit log message

audit

protected void audit(LogEvent event)

Overrides:

audit in class CMSServlet

auditProfileID

protected String auditProfileID()

Signed Audit Log Profile ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "ProfileID" for a signed audit log message.

Returns:

id string containing the signed audit log message ProfileID