Class UniqueSubjectNameConstraints
- java.lang.Object
-
- org.dogtagpki.legacy.server.policy.APolicyRule
-
- org.dogtagpki.legacy.server.policy.constraints.UniqueSubjectNameConstraints
-
- All Implemented Interfaces:
IExtendedPluginInfo
,IPolicy
,IEnrollmentPolicy
,IPolicyRule
- Direct Known Subclasses:
UniqueSubjectName
public class UniqueSubjectNameConstraints extends APolicyRule implements IEnrollmentPolicy, IExtendedPluginInfo
Checks the uniqueness of the subject name. This policy can only be used (installed) in Certificate Authority subsystem. This policy can perform pre-agent-approval checking or post-agent-approval checking based on configuration setting. In some situations, user may want to have 2 certificates with the same subject name. For example, one key for encryption, and one for signing. This policy does not deal with this case directly. But it can be easily extended to do that.NOTE: The Policy Framework has been replaced by the Profile Framework.
- Version:
- $Revision$, $Date$
-
-
Field Summary
Fields Modifier and Type Field Description static org.slf4j.Logger
logger
ICertificateAuthority
mCA
boolean
mKeyUsageExtensionChecking
boolean
mPreAgentApprovalChecking
protected static java.lang.String
PROP_KEY_USAGE_EXTENSION_CHECKING
protected static java.lang.String
PROP_PRE_AGENT_APPROVAL_CHECKING
-
Fields inherited from class org.dogtagpki.legacy.server.policy.APolicyRule
DESC, mFilterExp, mInstanceName, NAME
-
Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
HELP_TEXT, HELP_TOKEN
-
Fields inherited from interface org.dogtagpki.legacy.policy.IPolicyRule
PROP_ENABLE, PROP_IMPLNAME, PROP_PREDICATE
-
-
Constructor Summary
Constructors Constructor Description UniqueSubjectNameConstraints()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description PolicyResult
apply(IRequest req)
Applies the policy on the given Request.java.util.Vector<java.lang.String>
getDefaultParams()
Return default parameters for a policy implementation.java.lang.String[]
getExtendedPluginInfo(java.util.Locale locale)
This method returns an array of strings.java.util.Vector<java.lang.String>
getInstanceParams()
Return configured parameters for a policy rule instance.void
init(IPolicyProcessor owner, IConfigStore config)
Initializes this policy rule.-
Methods inherited from class org.dogtagpki.legacy.server.policy.APolicyRule
agentApproved, createKeyIdentifier, deferred, formSHA1KeyId, formSpkiSHA1KeyId, getDescription, getInstanceName, getName, getPredicate, setError, setError, setError, setInstanceName, setPolicyException, setPolicyException, setPredicate
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.dogtagpki.legacy.policy.IPolicyRule
getDescription, getInstanceName, getName, getPredicate, setError, setInstanceName, setPolicyException, setPredicate
-
-
-
-
Field Detail
-
logger
public static org.slf4j.Logger logger
-
PROP_PRE_AGENT_APPROVAL_CHECKING
protected static final java.lang.String PROP_PRE_AGENT_APPROVAL_CHECKING
- See Also:
- Constant Field Values
-
PROP_KEY_USAGE_EXTENSION_CHECKING
protected static final java.lang.String PROP_KEY_USAGE_EXTENSION_CHECKING
- See Also:
- Constant Field Values
-
mCA
public ICertificateAuthority mCA
-
mPreAgentApprovalChecking
public boolean mPreAgentApprovalChecking
-
mKeyUsageExtensionChecking
public boolean mKeyUsageExtensionChecking
-
-
Method Detail
-
getExtendedPluginInfo
public java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)
Description copied from interface:IExtendedPluginInfo
This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name; [,required]; ;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use" - Specified by:
getExtendedPluginInfo
in interfaceIExtendedPluginInfo
-
init
public void init(IPolicyProcessor owner, IConfigStore config) throws EBaseException
Initializes this policy rule.The entries probably are of the form: ca.Policy.rule.
.implName=UniqueSubjectName ca.Policy.rule. .enable=true ca.Policy.rule. .enable=true ca.Policy.rule. .enablePreAgentApprovalChecking=true ca.Policy.rule. .enableKeyUsageExtensionChecking=true - Specified by:
init
in interfaceIPolicyRule
- Specified by:
init
in classAPolicyRule
- Parameters:
config
- The config store reference- Throws:
EBaseException
-
apply
public PolicyResult apply(IRequest req)
Applies the policy on the given Request.- Specified by:
apply
in interfaceIPolicy
- Specified by:
apply
in interfaceIPolicyRule
- Specified by:
apply
in classAPolicyRule
- Parameters:
req
- The request on which to apply policy.- Returns:
- The policy result object.
-
getInstanceParams
public java.util.Vector<java.lang.String> getInstanceParams()
Return configured parameters for a policy rule instance.- Specified by:
getInstanceParams
in interfaceIPolicyRule
- Specified by:
getInstanceParams
in classAPolicyRule
- Returns:
- nvPairs A Vector of name/value pairs.
-
getDefaultParams
public java.util.Vector<java.lang.String> getDefaultParams()
Return default parameters for a policy implementation.- Specified by:
getDefaultParams
in interfaceIPolicyRule
- Specified by:
getDefaultParams
in classAPolicyRule
- Returns:
- nvPairs A Vector of name/value pairs.
-
-