Remove CMSEngine dependency in LdapConnFactory

The LdapConnFactory has been modified to no longer dependent
on CMSEngine. Instead, the CMSEngine will provide methods to
create an LDAP connection factory that is already configured
with the engine's auditor, socket listener, and cert approval
callback.

All code that were calling LdapConnFactory.setCMSEngine() has
been modified to call the new methods, except for DBSubsystem
and UGSubsystem since they are also used by CLIs which do not
have a CMSEngine instance.

These changes will eventually allow LdapConnFactory to be used
outside of PKI server environment.

base/ca/src/main/java/com/netscape/cms/authentication/SharedSecret.java

@@ -50,7 +50,6 @@
 import com.netscape.cmscore.dbs.CertificateRepository;
 import com.netscape.cmscore.ldapconn.LDAPConfig;
 import com.netscape.cmscore.ldapconn.LdapBoundConnFactory;
-import com.netscape.cmscore.ldapconn.PKISocketConfig;
 import com.netscape.cmsutil.crypto.CryptoUtil;
 
 import netscape.ldap.LDAPAttribute;
@@ -240,23 +239,14 @@ public void initLdapConn(AuthManagerConfig config)
         String method = "SharedSecret.initLdapConn";
         String msg = "";
 
-        CAEngine caEngine = (CAEngine) engine;
-        CAEngineConfig cs = caEngine.getConfig();
-
         shrTokLdapConfigStore = config.getLDAPConfig();
         if (shrTokLdapConfigStore == null) {
             msg = method + "config substore ldap null";
             logger.error(msg);
             throw new EBaseException(msg);
         }
 
-        PKISocketConfig socketConfig = cs.getSocketConfig();
-
-        LdapBoundConnFactory connFactory = new LdapBoundConnFactory("SharedSecret");
-        connFactory.setCMSEngine(engine);
-        connFactory.init(socketConfig, shrTokLdapConfigStore, engine.getPasswordStore());
-
-        shrTokLdapFactory = connFactory;
+        shrTokLdapFactory = engine.createLdapBoundConnFactory("SharedSecret", shrTokLdapConfigStore);
     }
 
     /**

base/ca/src/main/java/com/netscape/cms/profile/def/nsNKeySubjectNameDefault.java

@@ -36,7 +36,6 @@
 import com.netscape.cmscore.base.ConfigStore;
 import com.netscape.cmscore.ldapconn.LDAPConfig;
 import com.netscape.cmscore.ldapconn.LdapAnonConnFactory;
-import com.netscape.cmscore.ldapconn.PKISocketConfig;
 import com.netscape.cmscore.request.Request;
 
 import netscape.ldap.LDAPAttribute;
@@ -269,9 +268,6 @@ public void ldapInit()
         logger.debug("nsNKeySubjectNameDefault: ldapInit(): begin");
 
         CAEngine engine = CAEngine.getInstance();
-        CAEngineConfig cs = engine.getConfig();
-
-        PKISocketConfig socketConfig = cs.getSocketConfig();
 
         try {
             // cfu - XXX do more error handling here later
@@ -280,9 +276,7 @@ public void ldapInit()
             mLdapConfig = mParamsConfig.getSubStore(PROP_LDAP, LDAPConfig.class);
             mBaseDN = mParamsConfig.getString(CONFIG_LDAP_BASEDN, null);
 
-            mConnFactory = new LdapAnonConnFactory("nsNKeySubjectNameDefault");
-            mConnFactory.setCMSEngine(engine);
-            mConnFactory.init(socketConfig, mLdapConfig);
+            mConnFactory = engine.createLdapAnonConnFactory("nsNKeySubjectNameDefault", mLdapConfig);
 
             /* initialize dn pattern */
             String pattern = mParamsConfig.getString(CONFIG_DNPATTERN, null);

base/ca/src/main/java/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java

@@ -36,7 +36,6 @@
 import com.netscape.cmscore.base.ConfigStore;
 import com.netscape.cmscore.ldapconn.LDAPConfig;
 import com.netscape.cmscore.ldapconn.LdapAnonConnFactory;
-import com.netscape.cmscore.ldapconn.PKISocketConfig;
 import com.netscape.cmscore.request.Request;
 import com.netscape.cmsutil.ldap.LDAPUtil;
 
@@ -287,9 +286,6 @@ public void ldapInit()
         logger.debug("nsTokenUserKeySubjectNameDefault: ldapInit(): begin");
 
         CAEngine engine = CAEngine.getInstance();
-        CAEngineConfig cs = engine.getConfig();
-
-        PKISocketConfig socketConfig = cs.getSocketConfig();
 
         try {
             // cfu - XXX do more error handling here later
@@ -303,9 +299,7 @@ public void ldapInit()
 
             mBaseDN = mParamsConfig.getString(CONFIG_LDAP_BASEDN, null);
 
-            mConnFactory = new LdapAnonConnFactory("nsTokenUserKeySubjectNameDefault");
-            mConnFactory.setCMSEngine(engine);
-            mConnFactory.init(socketConfig, mLdapConfig);
+            mConnFactory = engine.createLdapAnonConnFactory("nsTokenUserKeySubjectNameDefault", mLdapConfig);
 
             /* initialize dn pattern */
             String pattern = mParamsConfig.getString(CONFIG_DNPATTERN, null);

base/ca/src/main/java/com/netscape/cmscore/cert/CrossCertPairSubsystem.java

@@ -26,7 +26,6 @@
 import java.util.Enumeration;
 
 import org.dogtagpki.server.ca.CAEngine;
-import org.dogtagpki.server.ca.CAEngineConfig;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.Subsystem;
@@ -36,7 +35,6 @@
 import com.netscape.cmscore.ldap.CAPublisherProcessor;
 import com.netscape.cmscore.ldapconn.LDAPConfig;
 import com.netscape.cmscore.ldapconn.LdapBoundConnFactory;
-import com.netscape.cmscore.ldapconn.PKISocketConfig;
 
 import netscape.ldap.LDAPAttribute;
 import netscape.ldap.LDAPConnection;
@@ -104,7 +102,6 @@ public void init(ConfigStore config) throws Exception {
         logger.debug("CrossCertPairSubsystem: initializing");
 
         CAEngine caEngine = (CAEngine) engine;
-        CAEngineConfig cs = caEngine.getConfig();
 
         try {
             mConfig = config;
@@ -122,11 +119,7 @@ public void init(ConfigStore config) throws Exception {
 
             mBaseDN = ldapConfig.getBaseDN();
 
-            mLdapConnFactory = new LdapBoundConnFactory("CrossCertPairSubsystem");
-            mLdapConnFactory.setCMSEngine(engine);
-
-            PKISocketConfig socketConfig = cs.getSocketConfig();
-            mLdapConnFactory.init(socketConfig, ldapConfig, engine.getPasswordStore());
+            mLdapConnFactory = engine.createLdapBoundConnFactory("CrossCertPairSubsystem", ldapConfig);
 
         } catch (EBaseException e) {
             logger.error("CrossCertPairSubsystem: Unable to initialize subsystem: " + e.getMessage(), e);

base/ca/src/main/java/com/netscape/cmscore/ldap/LdapConnModule.java

@@ -18,7 +18,6 @@
 package com.netscape.cmscore.ldap;
 
 import org.dogtagpki.server.ca.CAEngine;
-import org.dogtagpki.server.ca.CAEngineConfig;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.ldap.ELdapException;
@@ -30,7 +29,6 @@
 import com.netscape.cmscore.ldapconn.LdapAuthInfo;
 import com.netscape.cmscore.ldapconn.LdapBoundConnFactory;
 import com.netscape.cmscore.ldapconn.LdapConnInfo;
-import com.netscape.cmscore.ldapconn.PKISocketConfig;
 import com.netscape.cmsutil.password.PasswordStore;
 
 import netscape.ldap.LDAPConnection;
@@ -78,9 +76,7 @@ public void init(ConfigStore config) throws EBaseException {
         logger.debug("LdapConnModule: init begins");
 
         CAEngine engine = CAEngine.getInstance();
-        CAEngineConfig cs = engine.getConfig();
 
-        PKISocketConfig socketConfig = cs.getSocketConfig();
         PasswordStore passwordStore = engine.getPasswordStore();
 
         mConfig = config;
@@ -110,9 +106,7 @@ public void init(ConfigStore config) throws EBaseException {
         // must get authInfo from the config, don't default to internaldb!!!
 
         logger.debug("Creating LdapBoundConnFactory for LdapConnModule.");
-        mLdapConnFactory = new LdapBoundConnFactory("LDAPConnModule", minConns, maxConns, connInfo, authInfo);
-        mLdapConnFactory.setCMSEngine(engine);
-        mLdapConnFactory.init(socketConfig, passwordStore);
+        mLdapConnFactory = engine.createLdapBoundConnFactory("LDAPConnModule", minConns, maxConns, connInfo, authInfo);
 
         mInited = true;
 

base/ca/src/main/java/com/netscape/cmscore/ldap/LdapPublishModule.java

@@ -25,7 +25,6 @@
 import java.util.Hashtable;
 
 import org.dogtagpki.server.ca.CAEngine;
-import org.dogtagpki.server.ca.CAEngineConfig;
 import org.mozilla.jss.netscape.security.x509.X500Name;
 import org.mozilla.jss.netscape.security.x509.X509CRLImpl;
 import org.mozilla.jss.netscape.security.x509.X509CertImpl;
@@ -47,7 +46,6 @@
 import com.netscape.cmscore.dbs.CertificateRepository;
 import com.netscape.cmscore.ldapconn.LDAPConfig;
 import com.netscape.cmscore.ldapconn.LdapBoundConnFactory;
-import com.netscape.cmscore.ldapconn.PKISocketConfig;
 import com.netscape.cmscore.request.Request;
 
 import netscape.ldap.LDAPConnection;
@@ -124,18 +122,14 @@ public void init(CertificateAuthority authority, CAPublisherProcessor p, ConfigS
             return;
 
         CAEngine engine = CAEngine.getInstance();
-        CAEngineConfig cs = engine.getConfig();
 
         mAuthority = authority;
         mPubProcessor = p;
         mConfig = config;
 
-        PKISocketConfig socketConfig = cs.getSocketConfig();
         LDAPConfig ldapCfg = mConfig.getSubStore("ldap", LDAPConfig.class);
 
-        mLdapConnFactory = new LdapBoundConnFactory("LdapPublishModule");
-        mLdapConnFactory.setCMSEngine(engine);
-        mLdapConnFactory.init(socketConfig, ldapCfg, engine.getPasswordStore());
+        mLdapConnFactory = engine.createLdapBoundConnFactory("LdapPublishModule", ldapCfg);
 
         // initMappers(config);
         initHandlers();
@@ -148,17 +142,13 @@ public void init(CertificateAuthority authority, ConfigStore config) throws EBas
             return;
 
         CAEngine engine = CAEngine.getInstance();
-        CAEngineConfig cs = engine.getConfig();
 
         mAuthority = authority;
         mConfig = config;
 
-        PKISocketConfig socketConfig = cs.getSocketConfig();
         LDAPConfig ldapCfg = mConfig.getSubStore("ldap", LDAPConfig.class);
 
-        mLdapConnFactory = new LdapBoundConnFactory("LdapPublishModule");
-        mLdapConnFactory.setCMSEngine(engine);
-        mLdapConnFactory.init(socketConfig, ldapCfg, engine.getPasswordStore());
+        mLdapConnFactory = engine.createLdapBoundConnFactory("LdapPublishModule", ldapCfg);
 
         initMappers(config);
         initHandlers();

base/ca/src/main/java/com/netscape/cmscore/profile/LDAPProfileSubsystem.java

@@ -41,7 +41,6 @@
 import com.netscape.cmscore.base.LDAPConfigStorage;
 import com.netscape.cmscore.ldapconn.LDAPConfig;
 import com.netscape.cmscore.ldapconn.LdapBoundConnFactory;
-import com.netscape.cmscore.ldapconn.PKISocketConfig;
 import com.netscape.cmscore.registry.PluginInfo;
 import com.netscape.cmscore.registry.PluginRegistry;
 import com.netscape.cmsutil.ldap.LDAPUtil;
@@ -99,12 +98,9 @@ public void init(ConfigStore config) throws Exception {
         CAEngine caEngine = (CAEngine) engine;
         CAEngineConfig cs = caEngine.getConfig();
 
-        PKISocketConfig socketConfig = cs.getSocketConfig();
         LDAPConfig dbCfg = cs.getInternalDBConfig();
 
-        dbFactory = new LdapBoundConnFactory("LDAPProfileSubsystem");
-        dbFactory.setCMSEngine(engine);
-        dbFactory.init(socketConfig, dbCfg, engine.getPasswordStore());
+        dbFactory = engine.createLdapBoundConnFactory("LDAPProfileSubsystem", dbCfg);
 
         mConfig = config;
 

base/ca/src/main/java/org/dogtagpki/legacy/server/policy/constraints/AttributePresentConstraints.java

@@ -25,7 +25,6 @@
 import org.dogtagpki.legacy.policy.PolicyProcessor;
 import org.dogtagpki.legacy.server.policy.APolicyRule;
 import org.dogtagpki.server.ca.CAEngine;
-import org.dogtagpki.server.ca.CAEngineConfig;
 
 import com.netscape.certsrv.base.EBaseException;
 import com.netscape.certsrv.base.IExtendedPluginInfo;
@@ -34,7 +33,6 @@
 import com.netscape.cmscore.base.ConfigStore;
 import com.netscape.cmscore.ldapconn.LDAPConfig;
 import com.netscape.cmscore.ldapconn.LdapBoundConnFactory;
-import com.netscape.cmscore.ldapconn.PKISocketConfig;
 import com.netscape.cmscore.request.Request;
 
 import netscape.ldap.LDAPAttribute;
@@ -244,7 +242,6 @@ protected void getBooleanConfigParam(ConfigStore config, String paramName) {
     public void init(PolicyProcessor owner, ConfigStore config) throws EBaseException {
 
         CAEngine engine = CAEngine.getInstance();
-        CAEngineConfig cs = engine.getConfig();
 
         mConfig = config;
 
@@ -264,12 +261,9 @@ public void init(PolicyProcessor owner, ConfigStore config) throws EBaseExceptio
         getStringConfigParam(mConfig, PROP_ATTR);
         getStringConfigParam(mConfig, PROP_VALUE);
 
-        PKISocketConfig socketConfig = cs.getSocketConfig();
         mLdapConfig = mConfig.getSubStore(PROP_LDAP, LDAPConfig.class);
 
-        mConnFactory = new LdapBoundConnFactory("AttributePresentConstraints");
-        mConnFactory.setCMSEngine(engine);
-        mConnFactory.init(socketConfig, mLdapConfig, engine.getPasswordStore());
+        mConnFactory = engine.createLdapBoundConnFactory("AttributePresentConstraints", mLdapConfig);
 
         mCheckAttrLdapConnection = mConnFactory.getConn();
     }

base/ca/src/main/java/org/dogtagpki/server/ca/CAEngine.java

@@ -99,7 +99,6 @@
 import com.netscape.cmscore.ldap.PublishingConfig;
 import com.netscape.cmscore.ldapconn.LDAPConfig;
 import com.netscape.cmscore.ldapconn.LdapBoundConnFactory;
-import com.netscape.cmscore.ldapconn.PKISocketConfig;
 import com.netscape.cmscore.listeners.ListenerPlugin;
 import com.netscape.cmscore.profile.ProfileSubsystem;
 import com.netscape.cmscore.request.CertRequestRepository;
@@ -206,14 +205,9 @@ public CAEngineConfig getConfig() {
     @Override
     public void initDatabase() throws Exception {
 
-        connectionFactory = new LdapBoundConnFactory("CertificateAuthority");
-        connectionFactory.setCMSEngine(this);
-
-        CAEngineConfig config = getConfig();
-        PKISocketConfig socketConfig = config.getSocketConfig();
         LDAPConfig ldapConfig = config.getInternalDBConfig();
 
-        connectionFactory.init(socketConfig, ldapConfig, getPasswordStore());
+        connectionFactory = createLdapBoundConnFactory("CertificateAuthority", ldapConfig);
     }
 
     public CertRequestRepository getCertRequestRepository() {

base/server/src/main/java/com/netscape/certsrv/ldap/LdapConnFactory.java

@@ -20,7 +20,6 @@
 import org.mozilla.jss.ssl.SSLCertificateApprovalCallback;
 import org.mozilla.jss.ssl.SSLSocketListener;
 
-import com.netscape.cmscore.apps.CMSEngine;
 import com.netscape.cmscore.ldapconn.LdapConnInfo;
 import com.netscape.cmscore.ldapconn.PKISocketConfig;
 import com.netscape.cmscore.logging.Auditor;
@@ -70,7 +69,6 @@ public abstract class LdapConnFactory {
      */
     protected boolean mDefErrorIfDown;
 
-    protected CMSEngine engine;
     protected Auditor auditor;
     protected SSLSocketListener socketListener;
     protected SSLCertificateApprovalCallback approvalCallback;
@@ -82,17 +80,28 @@ public LdapConnInfo getConnInfo() {
         return mConnInfo;
     }
 
-    public CMSEngine getCMSEngine() {
-        return engine;
+    public Auditor getAuditor() {
+        return auditor;
     }
 
-    public void setCMSEngine(CMSEngine engine) {
-        this.engine = engine;
-        if (engine == null) return;
+    public void setAuditor(Auditor auditor) {
+        this.auditor = auditor;
+    }
+
+    public SSLSocketListener getSocketListener() {
+        return socketListener;
+    }
+
+    public void setSocketListener(SSLSocketListener socketListener) {
+        this.socketListener = socketListener;
+    }
+
+    public SSLCertificateApprovalCallback getApprovalCallback() {
+        return approvalCallback;
+    }
 
-        auditor = engine.getAuditor();
-        socketListener = engine.getClientSocketListener();
-        approvalCallback = engine.getApprovalCallback();
+    public void setApprovalCallback(SSLCertificateApprovalCallback approvalCallback) {
+        this.approvalCallback = approvalCallback;
     }
 
     /**