public class Configurator
extends java.lang.Object
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
AUTH_FAILURE |
static java.math.BigInteger |
BIG_ZERO |
static ConfigCertApprovalCallback |
certApprovalCallback |
protected IConfigStore |
cs |
static java.lang.String |
DBUSER |
static java.lang.String |
ECC_INTERNAL_ADMIN_CERT_PROFILE |
static java.lang.String |
ECC_INTERNAL_SERVER_CERT_PROFILE |
static java.lang.String |
ECC_INTERNAL_SUBSYSTEM_CERT_PROFILE |
protected com.netscape.cmscore.apps.CMSEngine |
engine |
static java.lang.String |
FAILURE |
static org.slf4j.Logger |
logger |
static java.lang.Long |
MINUS_ONE |
static java.lang.String |
RSA_INTERNAL_ADMIN_CERT_PROFILE |
static java.lang.String |
RSA_INTERNAL_SERVER_CERT_PROFILE |
static java.lang.String |
RSA_INTERNAL_SUBSYSTEM_CERT_PROFILE |
protected com.netscape.cmscore.apps.ServerXml |
serverXml |
static java.lang.String |
SUCCESS |
Constructor and Description |
---|
Configurator(com.netscape.cmscore.apps.CMSEngine engine) |
Modifier and Type | Method and Description |
---|---|
void |
backupKeys(java.lang.String pwd,
java.lang.String fname) |
void |
configCert(Cert certObj) |
void |
configureCACertChain(ConfigurationRequest data,
DomainInfo domainInfo) |
DomainInfo |
configureSecurityDomain(ConfigurationRequest request) |
void |
configureSubsystem(ConfigurationRequest request,
DomainInfo domainInfo) |
org.mozilla.jss.netscape.security.x509.X509CertImpl |
createAdminCertificate(AdminSetupRequest request) |
void |
createAdminCertificate(java.lang.String certRequest,
java.lang.String certRequestType,
java.lang.String subject) |
void |
createAdminUser(AdminSetupRequest request) |
void |
createCertRecord(Cert cert) |
java.security.KeyPair |
createECCKeyPair(org.mozilla.jss.crypto.CryptoToken token,
java.lang.String curveName,
java.lang.String ct) |
void |
createPKCS7(org.mozilla.jss.netscape.security.x509.X509CertImpl cert) |
java.security.KeyPair |
createRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token,
int keysize,
java.lang.String ct) |
void |
createSecurityDomain() |
boolean |
deleteDir(java.io.File dir) |
void |
deleteEntries(netscape.ldap.LDAPSearchResults res,
netscape.ldap.LDAPConnection conn,
java.lang.String[] excludedDNs) |
void |
deleteEntry(netscape.ldap.LDAPConnection conn,
java.lang.String dn,
java.lang.String[] excludedDNs) |
void |
deleteExistingCerts() |
void |
deleteSubtree(netscape.ldap.LDAPConnection conn,
java.lang.String dn) |
void |
enableUSNPlugin() |
void |
finalizeConfiguration(FinalizeConfigRequest request)
save variables needed for cloning and remove preops
|
void |
generateCertRequest(java.lang.String certTag,
Cert cert) |
static java.lang.String |
get(java.lang.String hostname,
int port,
boolean secure,
java.lang.String path,
java.lang.String clientnickname,
org.mozilla.jss.ssl.SSLCertificateApprovalCallback certApprovalCallback) |
java.lang.String |
getCertChain(java.lang.String host,
int port,
java.lang.String serverPath) |
void |
getConfigEntriesFromMaster() |
java.lang.String |
getContentValue(java.lang.String body,
java.lang.String header) |
void |
getDatabaseGroups(java.util.Collection<java.lang.String> groups) |
java.util.ArrayList<java.lang.String> |
getDynSubsystemNames() |
org.mozilla.jss.netscape.security.x509.X509Key |
getECCX509Key(java.lang.String certTag) |
java.lang.String |
getInstallToken(java.lang.String sdhost,
int sdport,
java.lang.String user,
java.lang.String passwd) |
java.util.ArrayList<java.lang.String> |
getMasterCertKeyList() |
java.lang.String |
getNickname(java.lang.String certTag) |
java.lang.String |
getOldCookie(java.lang.String sdhost,
int sdport,
java.lang.String user,
java.lang.String passwd) |
int |
getPortFromSecurityDomain(DomainInfo domainInfo,
java.lang.String hostname,
int port,
java.lang.String csType,
java.lang.String givenTag,
java.lang.String wantedTag) |
org.mozilla.jss.netscape.security.x509.X509Key |
getRSAX509Key(java.lang.String certTag) |
void |
getSecurityDomainPorts(DomainInfo domainInfo,
java.lang.String hostname,
int port) |
java.lang.String |
getSubsystemCert() |
java.lang.String |
getSubsystemCert(java.lang.String host,
int port,
boolean https) |
java.lang.String |
getSystemCertProfileID(java.lang.String keyType,
java.lang.String tag,
java.lang.String defaultName) |
byte[] |
getX509Cert(java.lang.String nickname,
java.util.Vector<java.util.Vector<java.lang.Object>> cert_collection) |
org.mozilla.jss.crypto.X509Certificate |
getX509CertFromToken(byte[] cert) |
void |
handleCert(Cert cert) |
void |
importAndSetCertPermissionsFromHSM() |
void |
importCert(java.lang.String subsystem,
java.lang.String tag,
java.lang.String tokenname,
java.lang.String nickname,
org.mozilla.jss.netscape.security.x509.X509CertImpl impl) |
void |
importCertChain(java.lang.String certchain,
java.lang.String tag) |
void |
importKeyCert(org.mozilla.jss.util.Password password,
java.util.Vector<java.util.Vector<java.lang.Object>> pkeyinfo_collection,
java.util.Vector<java.util.Vector<java.lang.Object>> cert_collection) |
void |
importLDIFS(java.lang.String param,
netscape.ldap.LDAPConnection conn) |
void |
importLDIFS(java.lang.String param,
netscape.ldap.LDAPConnection conn,
boolean suppressErrors) |
void |
initializeDatabase(DatabaseSetupRequest request) |
boolean |
isAuditSigningCert(java.lang.String name) |
boolean |
isCASigningCert(java.lang.String name) |
boolean |
isSDHostDomainMaster() |
boolean |
isValidCloneURI(DomainInfo domainInfo,
java.lang.String cloneHost,
int clonePort) |
byte[] |
loadCertRequest(java.lang.String subsystem,
java.lang.String tag) |
java.security.KeyPair |
loadKeyPair(java.lang.String nickname,
java.lang.String token) |
void |
populateDB() |
void |
populateDBManager() |
void |
populateVLVIndexes() |
static java.lang.String |
post(java.lang.String hostname,
int port,
boolean secure,
java.lang.String path,
javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String> content,
java.lang.String clientnickname,
org.mozilla.jss.ssl.SSLCertificateApprovalCallback certApprovalCallback) |
void |
registerUser(java.net.URI secdomainURI,
java.net.URI targetURI,
java.lang.String targetType) |
void |
reinitSubsystems() |
void |
releaseConnection(netscape.ldap.LDAPConnection conn) |
void |
removeOldDBUsers(java.lang.String subjectDN) |
void |
restoreCertsFromP12(java.lang.String p12File,
java.lang.String p12Pass) |
void |
setConfigStore(IConfigStore cs) |
void |
setServerXml(com.netscape.cmscore.apps.ServerXml serverXml) |
void |
setSigningAlgorithm(java.lang.String ct,
java.lang.String keyAlgo) |
void |
setSubsystemEnabled(java.lang.String id,
boolean enabled)
Set whether the given subsystem is enabled.
|
void |
setupAdmin(AdminSetupRequest request,
AdminSetupResponse response) |
void |
setupClientAuthUser() |
void |
setupDatabaseUser() |
void |
setupSecurityDomain(java.lang.String type) |
void |
storeKeyPair(java.lang.String tag,
java.security.KeyPair pair) |
java.lang.String |
submitAdminCertRequest(java.lang.String ca_hostname,
int ca_port,
java.lang.String profileId,
java.lang.String certRequestType,
java.lang.String certRequest,
java.lang.String subjectDN) |
void |
updateAdminUserCert(AdminSetupRequest request,
org.mozilla.jss.netscape.security.x509.X509CertImpl adminCert) |
void |
updateConfig(Cert cert) |
boolean |
updateConfigEntries(java.lang.String hostname,
int port,
boolean https,
java.lang.String servlet,
javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String> content) |
void |
updateDomainXML(java.lang.String hostname,
int port,
boolean https,
java.lang.String servlet,
javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String> content,
boolean useClientAuth) |
void |
updateNextRanges() |
void |
updateNumberRange(java.lang.String hostname,
int eePort,
int adminPort,
boolean https,
javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String> content,
java.lang.String type) |
void |
updateSecurityDomain() |
void |
verifySystemCertificates() |
public static final org.slf4j.Logger logger
public static final java.lang.String ECC_INTERNAL_SERVER_CERT_PROFILE
public static final java.lang.String RSA_INTERNAL_SERVER_CERT_PROFILE
public static final java.lang.String ECC_INTERNAL_SUBSYSTEM_CERT_PROFILE
public static final java.lang.String RSA_INTERNAL_SUBSYSTEM_CERT_PROFILE
public static final java.lang.String ECC_INTERNAL_ADMIN_CERT_PROFILE
public static final java.lang.String RSA_INTERNAL_ADMIN_CERT_PROFILE
public static java.lang.String SUCCESS
public static java.lang.String FAILURE
public static java.lang.String AUTH_FAILURE
public static final java.math.BigInteger BIG_ZERO
public static final java.lang.Long MINUS_ONE
public static final java.lang.String DBUSER
public static ConfigCertApprovalCallback certApprovalCallback
protected com.netscape.cmscore.apps.CMSEngine engine
protected IConfigStore cs
protected com.netscape.cmscore.apps.ServerXml serverXml
public static java.lang.String get(java.lang.String hostname, int port, boolean secure, java.lang.String path, java.lang.String clientnickname, org.mozilla.jss.ssl.SSLCertificateApprovalCallback certApprovalCallback) throws java.lang.Exception
java.lang.Exception
public static java.lang.String post(java.lang.String hostname, int port, boolean secure, java.lang.String path, javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String> content, java.lang.String clientnickname, org.mozilla.jss.ssl.SSLCertificateApprovalCallback certApprovalCallback) throws java.lang.Exception
java.lang.Exception
public void setConfigStore(IConfigStore cs)
public void setServerXml(com.netscape.cmscore.apps.ServerXml serverXml) throws java.lang.Exception
java.lang.Exception
public DomainInfo configureSecurityDomain(ConfigurationRequest request) throws java.lang.Exception
java.lang.Exception
public void configureCACertChain(ConfigurationRequest data, DomainInfo domainInfo) throws java.lang.Exception
java.lang.Exception
public java.lang.String getCertChain(java.lang.String host, int port, java.lang.String serverPath) throws java.lang.Exception
java.lang.Exception
public void importCertChain(java.lang.String certchain, java.lang.String tag) throws java.lang.Exception
java.lang.Exception
public java.lang.String getInstallToken(java.lang.String sdhost, int sdport, java.lang.String user, java.lang.String passwd) throws java.lang.Exception
java.lang.Exception
public java.lang.String getOldCookie(java.lang.String sdhost, int sdport, java.lang.String user, java.lang.String passwd) throws java.lang.Exception
java.lang.Exception
public java.lang.String getContentValue(java.lang.String body, java.lang.String header)
public void getSecurityDomainPorts(DomainInfo domainInfo, java.lang.String hostname, int port) throws java.lang.Exception
java.lang.Exception
public boolean isValidCloneURI(DomainInfo domainInfo, java.lang.String cloneHost, int clonePort) throws java.lang.Exception
java.lang.Exception
public void configureSubsystem(ConfigurationRequest request, DomainInfo domainInfo) throws java.lang.Exception
java.lang.Exception
public void getConfigEntriesFromMaster() throws java.lang.Exception
java.lang.Exception
public void updateNumberRange(java.lang.String hostname, int eePort, int adminPort, boolean https, javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String> content, java.lang.String type) throws java.lang.Exception
java.lang.Exception
public boolean updateConfigEntries(java.lang.String hostname, int port, boolean https, java.lang.String servlet, javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String> content) throws java.lang.Exception
java.lang.Exception
public void restoreCertsFromP12(java.lang.String p12File, java.lang.String p12Pass) throws java.lang.Exception
java.lang.Exception
public void verifySystemCertificates() throws java.lang.Exception
java.lang.Exception
public void importKeyCert(org.mozilla.jss.util.Password password, java.util.Vector<java.util.Vector<java.lang.Object>> pkeyinfo_collection, java.util.Vector<java.util.Vector<java.lang.Object>> cert_collection) throws java.lang.Exception
java.lang.Exception
public void importAndSetCertPermissionsFromHSM() throws EBaseException, org.mozilla.jss.NotInitializedException, java.io.IOException, java.security.cert.CertificateEncodingException, org.mozilla.jss.NicknameConflictException, org.mozilla.jss.UserCertConflictException, org.mozilla.jss.crypto.NoSuchItemOnTokenException, org.mozilla.jss.crypto.TokenException
EBaseException
org.mozilla.jss.NotInitializedException
java.io.IOException
java.security.cert.CertificateEncodingException
org.mozilla.jss.NicknameConflictException
org.mozilla.jss.UserCertConflictException
org.mozilla.jss.crypto.NoSuchItemOnTokenException
org.mozilla.jss.crypto.TokenException
public org.mozilla.jss.crypto.X509Certificate getX509CertFromToken(byte[] cert) throws java.io.IOException, java.security.cert.CertificateException, org.mozilla.jss.NotInitializedException
java.io.IOException
java.security.cert.CertificateException
org.mozilla.jss.NotInitializedException
public boolean isCASigningCert(java.lang.String name) throws EBaseException
EBaseException
public boolean isAuditSigningCert(java.lang.String name) throws EPropertyNotFound, EBaseException
EPropertyNotFound
EBaseException
public void deleteExistingCerts() throws org.mozilla.jss.NotInitializedException, EBaseException, org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedException
EBaseException
org.mozilla.jss.crypto.TokenException
public java.util.ArrayList<java.lang.String> getMasterCertKeyList() throws EBaseException
EBaseException
public byte[] getX509Cert(java.lang.String nickname, java.util.Vector<java.util.Vector<java.lang.Object>> cert_collection) throws java.security.cert.CertificateException
java.security.cert.CertificateException
public void initializeDatabase(DatabaseSetupRequest request) throws EBaseException
EBaseException
public void reinitSubsystems() throws EBaseException
EBaseException
public void releaseConnection(netscape.ldap.LDAPConnection conn)
public void enableUSNPlugin() throws java.io.IOException, EBaseException
java.io.IOException
EBaseException
public void populateDB() throws java.io.IOException, EBaseException
java.io.IOException
EBaseException
public void importLDIFS(java.lang.String param, netscape.ldap.LDAPConnection conn) throws EPropertyNotFound, java.io.IOException, EBaseException
EPropertyNotFound
java.io.IOException
EBaseException
public void importLDIFS(java.lang.String param, netscape.ldap.LDAPConnection conn, boolean suppressErrors) throws java.io.IOException, EPropertyNotFound, EBaseException
java.io.IOException
EPropertyNotFound
EBaseException
public void deleteSubtree(netscape.ldap.LDAPConnection conn, java.lang.String dn) throws EBaseException
EBaseException
public void deleteEntries(netscape.ldap.LDAPSearchResults res, netscape.ldap.LDAPConnection conn, java.lang.String[] excludedDNs) throws netscape.ldap.LDAPException
netscape.ldap.LDAPException
public void deleteEntry(netscape.ldap.LDAPConnection conn, java.lang.String dn, java.lang.String[] excludedDNs) throws netscape.ldap.LDAPException
netscape.ldap.LDAPException
public boolean deleteDir(java.io.File dir)
public void populateDBManager() throws java.lang.Exception
java.lang.Exception
public void populateVLVIndexes() throws java.lang.Exception
java.lang.Exception
public java.security.KeyPair loadKeyPair(java.lang.String nickname, java.lang.String token) throws java.lang.Exception
java.lang.Exception
public void storeKeyPair(java.lang.String tag, java.security.KeyPair pair) throws org.mozilla.jss.crypto.TokenException, EBaseException
org.mozilla.jss.crypto.TokenException
EBaseException
public java.security.KeyPair createECCKeyPair(org.mozilla.jss.crypto.CryptoToken token, java.lang.String curveName, java.lang.String ct) throws java.security.NoSuchAlgorithmException, org.mozilla.jss.NoSuchTokenException, org.mozilla.jss.crypto.TokenException, org.mozilla.jss.NotInitializedException, EPropertyNotFound, EBaseException
java.security.NoSuchAlgorithmException
org.mozilla.jss.NoSuchTokenException
org.mozilla.jss.crypto.TokenException
org.mozilla.jss.NotInitializedException
EPropertyNotFound
EBaseException
public java.security.KeyPair createRSAKeyPair(org.mozilla.jss.crypto.CryptoToken token, int keysize, java.lang.String ct) throws java.lang.Exception
java.lang.Exception
public void setSigningAlgorithm(java.lang.String ct, java.lang.String keyAlgo) throws EPropertyNotFound, EBaseException
EPropertyNotFound
EBaseException
public void configCert(Cert certObj) throws java.lang.Exception
java.lang.Exception
public void updateConfig(Cert cert) throws EBaseException, java.io.IOException
EBaseException
java.io.IOException
public java.lang.String getNickname(java.lang.String certTag) throws EBaseException
EBaseException
public int getPortFromSecurityDomain(DomainInfo domainInfo, java.lang.String hostname, int port, java.lang.String csType, java.lang.String givenTag, java.lang.String wantedTag) throws java.lang.Exception
java.lang.Exception
public byte[] loadCertRequest(java.lang.String subsystem, java.lang.String tag) throws java.lang.Exception
java.lang.Exception
public void generateCertRequest(java.lang.String certTag, Cert cert) throws java.lang.Exception
java.lang.Exception
public org.mozilla.jss.netscape.security.x509.X509Key getECCX509Key(java.lang.String certTag) throws EPropertyNotFound, EBaseException, java.security.InvalidKeyException
EPropertyNotFound
EBaseException
java.security.InvalidKeyException
public org.mozilla.jss.netscape.security.x509.X509Key getRSAX509Key(java.lang.String certTag) throws EPropertyNotFound, EBaseException, java.security.InvalidKeyException
EPropertyNotFound
EBaseException
java.security.InvalidKeyException
public void createCertRecord(Cert cert) throws java.lang.Exception
java.lang.Exception
public void handleCert(Cert cert) throws java.lang.Exception
java.lang.Exception
public void importCert(java.lang.String subsystem, java.lang.String tag, java.lang.String tokenname, java.lang.String nickname, org.mozilla.jss.netscape.security.x509.X509CertImpl impl) throws java.lang.Exception
java.lang.Exception
public org.mozilla.jss.netscape.security.x509.X509CertImpl createAdminCertificate(AdminSetupRequest request) throws java.lang.Exception
java.lang.Exception
public void updateAdminUserCert(AdminSetupRequest request, org.mozilla.jss.netscape.security.x509.X509CertImpl adminCert) throws java.lang.Exception
java.lang.Exception
public void backupKeys(java.lang.String pwd, java.lang.String fname) throws java.lang.Exception
java.lang.Exception
public void createAdminCertificate(java.lang.String certRequest, java.lang.String certRequestType, java.lang.String subject) throws java.lang.Exception
java.lang.Exception
public void createPKCS7(org.mozilla.jss.netscape.security.x509.X509CertImpl cert) throws java.io.IOException
java.io.IOException
public void setupAdmin(AdminSetupRequest request, AdminSetupResponse response) throws java.lang.Exception
java.lang.Exception
public void createAdminUser(AdminSetupRequest request) throws java.lang.Exception
java.lang.Exception
public java.lang.String submitAdminCertRequest(java.lang.String ca_hostname, int ca_port, java.lang.String profileId, java.lang.String certRequestType, java.lang.String certRequest, java.lang.String subjectDN) throws java.lang.Exception
java.lang.Exception
public void setupSecurityDomain(java.lang.String type) throws java.lang.Exception
java.lang.Exception
public void createSecurityDomain() throws java.lang.Exception
java.lang.Exception
public void updateSecurityDomain() throws java.lang.Exception
java.lang.Exception
public boolean isSDHostDomainMaster() throws java.lang.Exception
java.lang.Exception
public void updateDomainXML(java.lang.String hostname, int port, boolean https, java.lang.String servlet, javax.ws.rs.core.MultivaluedMap<java.lang.String,java.lang.String> content, boolean useClientAuth) throws java.lang.Exception
java.lang.Exception
public void setupClientAuthUser() throws java.lang.Exception
java.lang.Exception
public java.lang.String getSubsystemCert(java.lang.String host, int port, boolean https) throws java.lang.Exception
java.lang.Exception
public void setupDatabaseUser() throws java.lang.Exception
java.lang.Exception
public void getDatabaseGroups(java.util.Collection<java.lang.String> groups) throws java.lang.Exception
java.lang.Exception
public void registerUser(java.net.URI secdomainURI, java.net.URI targetURI, java.lang.String targetType) throws java.lang.Exception
java.lang.Exception
public void removeOldDBUsers(java.lang.String subjectDN) throws EBaseException, netscape.ldap.LDAPException
EBaseException
netscape.ldap.LDAPException
public java.lang.String getSubsystemCert() throws EBaseException, org.mozilla.jss.NotInitializedException, org.mozilla.jss.crypto.ObjectNotFoundException, org.mozilla.jss.crypto.TokenException, java.security.cert.CertificateEncodingException, java.io.IOException
EBaseException
org.mozilla.jss.NotInitializedException
org.mozilla.jss.crypto.ObjectNotFoundException
org.mozilla.jss.crypto.TokenException
java.security.cert.CertificateEncodingException
java.io.IOException
public void updateNextRanges() throws EBaseException, netscape.ldap.LDAPException
EBaseException
netscape.ldap.LDAPException
public void finalizeConfiguration(FinalizeConfigRequest request) throws java.lang.Exception
EBaseException
java.lang.Exception
public void setSubsystemEnabled(java.lang.String id, boolean enabled) throws EBaseException
id
- The subsystem ID.enabled
- Whether the subsystem is enabledEBaseException
public java.util.ArrayList<java.lang.String> getDynSubsystemNames() throws EBaseException
EBaseException
public java.lang.String getSystemCertProfileID(java.lang.String keyType, java.lang.String tag, java.lang.String defaultName)