fix: move switch to organisation context to separate page

[gigi.git] / src / club / wpia / gigi / Gigi.java

diff --git a/src/club/wpia/gigi/Gigi.java b/src/club/wpia/gigi/Gigi.java
index 2c61c0717d38492a81101b9ba834a532bb2eab23..035f1a6f5430997139c9c8060212cddd5ee8494b 100644 (file)
--- a/src/club/wpia/gigi/Gigi.java
+++ b/src/club/wpia/gigi/Gigi.java
@@ -3,6 +3,7 @@ package club.wpia.gigi;
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.io.UnsupportedEncodingException;
+import java.math.BigInteger;
 import java.security.KeyStore;
 import java.security.cert.X509Certificate;
 import java.util.Calendar;
@@ -66,9 +67,11 @@ import club.wpia.gigi.pages.admin.support.SupportEnterTicketPage;
 import club.wpia.gigi.pages.admin.support.SupportUserDetailsPage;
 import club.wpia.gigi.pages.error.AccessDenied;
 import club.wpia.gigi.pages.error.PageNotFound;
+import club.wpia.gigi.pages.main.CertStatusRequestPage;
 import club.wpia.gigi.pages.main.KeyCompromisePage;
 import club.wpia.gigi.pages.main.RegisterPage;
 import club.wpia.gigi.pages.orga.CreateOrgPage;
+import club.wpia.gigi.pages.orga.SwitchOrganisation;
 import club.wpia.gigi.pages.orga.ViewOrgPage;
 import club.wpia.gigi.pages.statistics.StatisticsRoles;
 import club.wpia.gigi.pages.wot.Points;
@@ -141,17 +144,18 @@ public final class Gigi extends HttpServlet {
             putPage(StatisticsRoles.PATH, new StatisticsRoles(), mainMenu);
             putPage("/about", new AboutPage(), mainMenu);
             putPage(RegisterPage.PATH, new RegisterPage(), mainMenu);
+            putPage(CertStatusRequestPage.PATH, new CertStatusRequestPage(), mainMenu);
             putPage(KeyCompromisePage.PATH, new KeyCompromisePage(), mainMenu);
 
             putPage(Verify.PATH, new Verify(), null);
             Menu certificates = createMenu("Certificates");
             putPage(Certificates.PATH + "/*", new Certificates(false), certificates);
             putPage(CertificateAdd.PATH, new CertificateAdd(), certificates);
-            putPage(MailOverview.DEFAULT_PATH, new MailOverview(), certificates);
-            putPage(DomainOverview.PATH, new DomainOverview(), certificates);
-            putPage(EditDomain.PATH + "*", new EditDomain(), null);
 
             Menu wot = createMenu("Verification");
+            putPage(MailOverview.DEFAULT_PATH, new MailOverview(), wot);
+            putPage(DomainOverview.PATH, new DomainOverview(), wot);
+            putPage(EditDomain.PATH + "*", new EditDomain(), null);
             putPage(VerifyPage.PATH + "/*", new VerifyPage(), wot);
             putPage(Points.PATH, new Points(false), wot);
             putPage(RequestTTPPage.PATH, new RequestTTPPage(), wot);
@@ -161,6 +165,7 @@ public final class Gigi extends HttpServlet {
             putPage(TTPAdminPage.PATH + "/*", new TTPAdminPage(), admMenu);
             putPage(CreateOrgPage.DEFAULT_PATH, new CreateOrgPage(), orgAdm);
             putPage(ViewOrgPage.DEFAULT_PATH + "/*", new ViewOrgPage(), orgAdm);
+            putPage(SwitchOrganisation.PATH, new SwitchOrganisation(), orgAdm);
 
             Menu support = createMenu("Support Console");
             putPage(SupportEnterTicketPage.PATH, new SupportEnterTicketPage(), support);
@@ -357,11 +362,11 @@ public final class Gigi extends HttpServlet {
             return;
         }
         HttpSession hs = req.getSession();
-        String clientSerial = (String) hs.getAttribute(CERT_SERIAL);
+        BigInteger clientSerial = (BigInteger) hs.getAttribute(CERT_SERIAL);
         if (clientSerial != null) {
             X509Certificate[] cert = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
             if (cert == null || cert[0] == null//
-                    || !cert[0].getSerialNumber().toString(16).toLowerCase().equals(clientSerial) //
+                    || !cert[0].getSerialNumber().equals(clientSerial) //
                     || !cert[0].getIssuerDN().equals(hs.getAttribute(CERT_ISSUER))) {
                 hs.invalidate();
                 resp.sendError(403, "Certificate mismatch.");