Class LdapCrlPublisher

    • Field Detail

      • logger

        public static org.slf4j.Logger logger
      • LDAP_CACERT_ATTR

        public static final java.lang.String LDAP_CACERT_ATTR
        See Also:
        Constant Field Values
      • LDAP_CRL_OBJECTCLASS

        public static final java.lang.String LDAP_CRL_OBJECTCLASS
        See Also:
        Constant Field Values
      • mCrlAttr

        protected java.lang.String mCrlAttr
      • mCrlObjectClass

        protected java.lang.String mCrlObjectClass
      • mObjAdded

        protected java.lang.String mObjAdded
      • mObjDeleted

        protected java.lang.String mObjDeleted
      • mLdapPublishTimelimit_ms

        protected int mLdapPublishTimelimit_ms
    • Constructor Detail

      • LdapCrlPublisher

        public LdapCrlPublisher()
        constructs ldap crl publisher with default values
      • LdapCrlPublisher

        public LdapCrlPublisher​(java.lang.String crlAttr,
                                java.lang.String crlObjectClass)
    • Method Detail

      • getDescription

        public java.lang.String getDescription()
        Description copied from interface: ILdapPublisher
        Returns the description of the publisher.
        Specified by:
        getDescription in interface ILdapPublisher
      • getExtendedPluginInfo

        public java.lang.String[] getExtendedPluginInfo​(java.util.Locale locale)
        Description copied from interface: IExtendedPluginInfo
        This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name ;[,required];;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"
        Specified by:
        getExtendedPluginInfo in interface IExtendedPluginInfo
      • getInstanceParams

        public java.util.Vector<java.lang.String> getInstanceParams()
        Description copied from interface: ILdapPublisher
        Returns the current instance parameters.
        Specified by:
        getInstanceParams in interface ILdapPublisher
      • getDefaultParams

        public java.util.Vector<java.lang.String> getDefaultParams()
        Description copied from interface: ILdapPublisher
        Returns the initial default parameters.
        Specified by:
        getDefaultParams in interface ILdapPublisher
      • getCRLObjectclass

        public java.lang.String getCRLObjectclass()
        Gets the CA object class to convert to.
      • publish

        public void publish​(netscape.ldap.LDAPConnection conn,
                            java.lang.String dn,
                            java.lang.Object crlObj)
                     throws ELdapException
        Replaces the CRL in the certificateRevocationList attribute. CRL's are published as a DER encoded blob.
        Specified by:
        publish in interface ILdapPublisher
        Parameters:
        conn - a Ldap connection (null for non-LDAP publishing)
        dn - dn of the ldap entry to publish cert (null for non-LDAP publishing)
        crlObj - object to publish (java.security.cert.X509Certificate or, java.security.cert.X509CRL)
        Throws:
        ELdapException - publish failed.
      • unpublish

        public void unpublish​(netscape.ldap.LDAPConnection conn,
                              java.lang.String dn,
                              java.lang.Object crlObj)
                       throws ELdapException
        There shouldn't be a need to call this. CRLs are always replaced but this is implemented anyway in case there is ever a reason to remove a global CRL.
        Specified by:
        unpublish in interface ILdapPublisher
        Parameters:
        conn - the Ldap connection (null for non-LDAP publishing)
        dn - dn of the ldap entry to unpublish cert (null for non-LDAP publishing)
        crlObj - object to unpublish (java.security.cert.X509Certificate)
        Throws:
        ELdapException - unpublish failed.