Class ConnectorServlet

java.lang.Object

jakarta.servlet.GenericServlet

jakarta.servlet.http.HttpServlet

com.netscape.cms.servlet.base.CMSServlet

com.netscape.cms.servlet.connector.ConnectorServlet

All Implemented Interfaces:

jakarta.servlet.Servlet, jakarta.servlet.ServletConfig, Serializable

public class ConnectorServlet
extends CMSServlet

Connector servlet process requests from remote authority - service request or return status.

Author:

cfu - Server-Side Keygen Enrollment implementation

See Also:

• Serialized Form

Field Summary

Fields

Modifier and Type	Field	Description
static final String	INFO
static org.slf4j.Logger	logger
protected IAuthority	mAuthority
protected AuthSubsystem	mAuthSubsystem
protected jakarta.servlet.ServletConfig	mConfig
protected HttpRequestEncoder	mReqEncoder
static final String	PROP_AUTHORITY

Fields inherited from class CMSServlet

ADMIN_GROUP, AUTH_FAILURE, AUTHMGR_PARAM, AUTHZ_MGR_BASIC, AUTHZ_MGR_LDAP, CA_AGENT_GROUP, CERT_ATTR, ERROR_MSG_TOKEN, ERROR_TEMPLATE, EXCEPTION_TEMPLATE, FAILURE, FINAL_ERROR_MSG, FULL_ENROLLMENT_REQUEST, FULL_ENROLLMENT_RESPONSE, FULL_RESPONSE, IMPORT_CERT, IMPORT_CERT_MIME_TYPE, IMPORT_CHAIN, KRA_AGENT_GROUP, mAclMethod, mAuthMgr, mAuthz, mAuthzResourceName, mDontSaveHttpParams, mFinalErrorMsg, mGetClientCert, mId, mOutputTemplatePath, mRenderResult, mRequestQueue, mSaveHttpHeaders, mTemplates, NS_X509_EMAIL_CERT, NS_X509_USER_CERT, OCSP_AGENT_GROUP, PENDING_TEMPLATE, PFX_AUTH_TOKEN, PFX_HTTP_HEADER, PFX_HTTP_PARAM, PROP_ACL, PROP_AUTHMGR, PROP_AUTHORITYID, PROP_AUTHZ_MGR, PROP_CLIENTAUTH, PROP_ERROR_TEMPLATE, PROP_EXCEPTION_TEMPLATE, PROP_FINAL_ERROR_MSG, PROP_ID, PROP_PENDING_TEMPLATE, PROP_PENDING_TEMPLATE_FILLER, PROP_REJECTED_TEMPLATE, PROP_RESOURCEID, PROP_SUCCESS_TEMPLATE, PROP_SUCCESS_TEMPLATE_FILLER, PROP_SVC_PENDING_TEMPLATE, PROP_UNAUTHORIZED_TEMPLATE, RA_AGENT_GROUP, REJECTED_TEMPLATE, requestRepository, servletConfig, servletContext, SIMPLE_ENROLLMENT_REQUEST, SIMPLE_ENROLLMENT_RESPONSE, SUCCESS, SUCCESS_TEMPLATE, SVC_PENDING_TEMPLATE, TEMPLATE_NAME, TRUSTED_RA_GROUP, UNAUTHORIZED_TEMPLATE

Fields inherited from class jakarta.servlet.http.HttpServlet

LEGACY_DO_HEAD

Constructor Summary

Constructors

Constructor	Description
ConnectorServlet()

Method Summary

Modifier and Type	Method	Description
protected String	auditProfileID()	Signed Audit Log Profile ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "ProfileID" for a signed audit log message.
protected X509Certificate	getPeerCert(jakarta.servlet.http.HttpServletRequest req)
String	getServletInfo()
void	init(jakarta.servlet.ServletConfig sc)
static boolean	isProfileRequest(Request request)
void	normalizeProfileRequest(Request request)
protected IPKIMessage	processRequest(String source, String sourceUserId, IPKIMessage msg, AuthToken token)	Process request
void	service(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)
void	serviceImpl(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response)

Methods inherited from class CMSServlet

auditGroupID, auditSubjectID, authenticate, authenticate, authenticate, authenticate, authorize, authorize, clientIsMSIE, clientIsNav, connectionIsSSL, doCMMFResponse, doFullResponse, formCRLEntry, getAuthCreds, getAuthMgr, getAuthToken, getCMSEngine, getDontSaveHttpParams, getId, getLangFile, getLocale, getLocale, getSaveHttpHeaders, getSSLClientCertificate, getSSLClientCertificate, getTemplate, hashPassword, initializeAuthz, invalidateSSLSession, isClientCertRequired, newCMSRequest, newFillerObject, outputArgBlockAsXML, outputError, outputError, outputError, outputHttpParameters, outputResult, outputXML, process, renderException, renderFinalError, renderResult, renderTemplate, saveAuthToken, saveHttpHeaders, saveHttpParams, setDefaultTemplates, toHashtable

Methods inherited from class jakarta.servlet.http.HttpServlet

doDelete, doGet, doHead, doOptions, doPost, doPut, doTrace, getLastModified, service

Methods inherited from class jakarta.servlet.GenericServlet

destroy, getInitParameter, getInitParameterNames, getServletConfig, getServletContext, getServletName, init, log, log

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

logger

public static org.slf4j.Logger logger

INFO

public static final String INFO

See Also:

• Constant Field Values

PROP_AUTHORITY

public static final String PROP_AUTHORITY

See Also:

• Constant Field Values

mConfig

protected jakarta.servlet.ServletConfig mConfig

mAuthority

protected IAuthority mAuthority

mReqEncoder

protected HttpRequestEncoder mReqEncoder

mAuthSubsystem

protected AuthSubsystem mAuthSubsystem

Constructor Details

ConnectorServlet

public ConnectorServlet()

Method Details

init

public void init(jakarta.servlet.ServletConfig sc)
          throws jakarta.servlet.ServletException

Specified by:

init in interface jakarta.servlet.Servlet

Overrides:

init in class CMSServlet

Throws:

jakarta.servlet.ServletException

service

public void service(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)
             throws jakarta.servlet.ServletException,
IOException

Overrides:

service in class CMSServlet

Throws:

jakarta.servlet.ServletException

IOException

serviceImpl

public void serviceImpl(jakarta.servlet.http.HttpServletRequest request,
 jakarta.servlet.http.HttpServletResponse response)
                 throws jakarta.servlet.ServletException,
IOException

Throws:

jakarta.servlet.ServletException

IOException

isProfileRequest

public static boolean isProfileRequest(Request request)

normalizeProfileRequest

public void normalizeProfileRequest(Request request)

processRequest

protected IPKIMessage processRequest(String source,
 String sourceUserId,
 IPKIMessage msg,
 AuthToken token)
                              throws EBaseException

Process request

(Certificate Request - all "agent" profile cert requests made through a connector)

(Certificate Request Processed - all automated "agent" profile based cert acceptance made through a connector)

• signed.audit LOGGING_SIGNED_AUDIT_PROFILE_CERT_REQUEST used when a profile cert request is made (before approval process)
• signed.audit LOGGING_SIGNED_AUDIT_CERT_REQUEST_PROCESSED used when a certificate request has just been through the approval process
• signed.audit LOGGING_SIGNED_AUDIT_INTER_BOUNDARY_SUCCESS used when inter-CIMC_Boundary data transfer is successful (this is used when data does not need to be captured)

Parameters:

source - string containing source

sourceUserId - string containing source user ID

msg - PKI message

token - the authentication token

Returns:

PKI message

Throws:

EBaseException - an error has occurred

getPeerCert

protected X509Certificate getPeerCert(jakarta.servlet.http.HttpServletRequest req)
                               throws EBaseException

Throws:

EBaseException

getServletInfo

public String getServletInfo()

Specified by:

getServletInfo in interface jakarta.servlet.Servlet

Overrides:

getServletInfo in class jakarta.servlet.GenericServlet

auditProfileID

protected String auditProfileID()

Signed Audit Log Profile ID This method is inherited by all extended "EnrollProfile"s, and is called to obtain the "ProfileID" for a signed audit log message.

Returns:

id string containing the signed audit log message ProfileID