Class APolicyRule

    • Field Summary

      Fields 
      Modifier and Type Field Description
      protected java.lang.String DESC  
      static org.slf4j.Logger logger  
      protected org.dogtagpki.legacy.policy.IExpression mFilterExp  
      protected java.lang.String mInstanceName  
      protected java.lang.String NAME  
      • Fields inherited from interface org.dogtagpki.legacy.policy.IPolicyRule

        PROP_ENABLE, PROP_IMPLNAME, PROP_PREDICATE
    • Constructor Summary

      Constructors 
      Constructor Description
      APolicyRule()  
    • Method Summary

      All Methods Static Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      protected boolean agentApproved​(com.netscape.certsrv.request.IRequest req)
      request has previously been approved by an agent
      abstract com.netscape.certsrv.request.PolicyResult apply​(com.netscape.certsrv.request.IRequest req)
      Applies the policy on the given Request.
      static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier​(org.mozilla.jss.netscape.security.x509.X509Key key)  
      protected com.netscape.certsrv.request.PolicyResult deferred​(com.netscape.certsrv.request.IRequest req)
      determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute.
      protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSHA1KeyId​(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
      Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.
      protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSpkiSHA1KeyId​(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
      Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO.
      abstract java.util.Vector<java.lang.String> getDefaultParams()
      Return default parameters for a policy implementation.
      java.lang.String getDescription()
      Gets the description for this policy rule.
      java.lang.String getInstanceName()
      Returns the name of the policy rule instance.
      abstract java.util.Vector<java.lang.String> getInstanceParams()
      Return configured parameters for a policy rule instance.
      java.lang.String getName()
      Returns the name of the policy rule.
      org.dogtagpki.legacy.policy.IExpression getPredicate()
      Returns the predicate expression for the rule.
      abstract void init​(org.dogtagpki.legacy.policy.IPolicyProcessor owner, IConfigStore config)
      Initializes the policy rule.
      void setError​(com.netscape.certsrv.request.IRequest req, java.lang.String format, java.lang.Object[] params)  
      void setError​(com.netscape.certsrv.request.IRequest req, java.lang.String format, java.lang.String arg)  
      void setError​(com.netscape.certsrv.request.IRequest req, java.lang.String format, java.lang.String arg1, java.lang.String arg2)  
      void setInstanceName​(java.lang.String instanceName)
      Sets the instance name for a policy rule.
      void setPolicyException​(com.netscape.certsrv.request.IRequest req, EBaseException ex)  
      void setPolicyException​(com.netscape.certsrv.request.IRequest req, java.lang.String format, java.lang.Object[] params)  
      void setPredicate​(org.dogtagpki.legacy.policy.IExpression exp)
      Sets a predicate expression for rule matching.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • logger

        public static org.slf4j.Logger logger
      • NAME

        protected java.lang.String NAME
      • DESC

        protected java.lang.String DESC
      • mFilterExp

        protected org.dogtagpki.legacy.policy.IExpression mFilterExp
      • mInstanceName

        protected java.lang.String mInstanceName
    • Constructor Detail

      • APolicyRule

        public APolicyRule()
    • Method Detail

      • init

        public abstract void init​(org.dogtagpki.legacy.policy.IPolicyProcessor owner,
                                  IConfigStore config)
                           throws EBaseException
        Initializes the policy rule.

        Specified by:
        init in interface org.dogtagpki.legacy.policy.IPolicyRule
        Parameters:
        config - The config store reference
        Throws:
        EBaseException
      • getDescription

        public java.lang.String getDescription()
        Gets the description for this policy rule.

        Specified by:
        getDescription in interface org.dogtagpki.legacy.policy.IPolicyRule
        Returns:
        The Description for this rule.
      • setPredicate

        public void setPredicate​(org.dogtagpki.legacy.policy.IExpression exp)
        Sets a predicate expression for rule matching.

        Specified by:
        setPredicate in interface org.dogtagpki.legacy.policy.IPolicyRule
        Parameters:
        exp - The predicate expression for the rule.
      • getPredicate

        public org.dogtagpki.legacy.policy.IExpression getPredicate()
        Returns the predicate expression for the rule.

        Specified by:
        getPredicate in interface org.dogtagpki.legacy.policy.IPolicyRule
        Returns:
        The predicate expression for the rule.
      • getName

        public java.lang.String getName()
        Returns the name of the policy rule.

        Specified by:
        getName in interface org.dogtagpki.legacy.policy.IPolicyRule
        Returns:
        The name of the policy class.
      • setInstanceName

        public void setInstanceName​(java.lang.String instanceName)
        Sets the instance name for a policy rule.

        Specified by:
        setInstanceName in interface org.dogtagpki.legacy.policy.IPolicyRule
        Parameters:
        instanceName - The name of the rule instance.
      • getInstanceName

        public java.lang.String getInstanceName()
        Returns the name of the policy rule instance.

        Specified by:
        getInstanceName in interface org.dogtagpki.legacy.policy.IPolicyRule
        Returns:
        The name of the policy rule instance if set, else the name of the rule class.
      • apply

        public abstract com.netscape.certsrv.request.PolicyResult apply​(com.netscape.certsrv.request.IRequest req)
        Applies the policy on the given Request.

        Specified by:
        apply in interface com.netscape.certsrv.request.IPolicy
        Specified by:
        apply in interface org.dogtagpki.legacy.policy.IPolicyRule
        Parameters:
        req - The request on which to apply policy.
        Returns:
        The policy result object.
      • getInstanceParams

        public abstract java.util.Vector<java.lang.String> getInstanceParams()
        Return configured parameters for a policy rule instance.
        Specified by:
        getInstanceParams in interface org.dogtagpki.legacy.policy.IPolicyRule
        Returns:
        nvPairs A Vector of name/value pairs.
      • getDefaultParams

        public abstract java.util.Vector<java.lang.String> getDefaultParams()
        Return default parameters for a policy implementation.
        Specified by:
        getDefaultParams in interface org.dogtagpki.legacy.policy.IPolicyRule
        Returns:
        nvPairs A Vector of name/value pairs.
      • setError

        public void setError​(com.netscape.certsrv.request.IRequest req,
                             java.lang.String format,
                             java.lang.Object[] params)
        Specified by:
        setError in interface org.dogtagpki.legacy.policy.IPolicyRule
      • setError

        public void setError​(com.netscape.certsrv.request.IRequest req,
                             java.lang.String format,
                             java.lang.String arg1,
                             java.lang.String arg2)
      • setError

        public void setError​(com.netscape.certsrv.request.IRequest req,
                             java.lang.String format,
                             java.lang.String arg)
      • setPolicyException

        public void setPolicyException​(com.netscape.certsrv.request.IRequest req,
                                       EBaseException ex)
        Specified by:
        setPolicyException in interface org.dogtagpki.legacy.policy.IPolicyRule
      • deferred

        protected com.netscape.certsrv.request.PolicyResult deferred​(com.netscape.certsrv.request.IRequest req)
        determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute. This call should be used by policy modules instead of returning PolicyResult.DEFERRED directly.

      • agentApproved

        protected boolean agentApproved​(com.netscape.certsrv.request.IRequest req)
        request has previously been approved by an agent
      • setPolicyException

        public void setPolicyException​(com.netscape.certsrv.request.IRequest req,
                                       java.lang.String format,
                                       java.lang.Object[] params)
      • createKeyIdentifier

        public static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier​(org.mozilla.jss.netscape.security.x509.X509Key key)
                                                                                        throws java.security.NoSuchAlgorithmException,
                                                                                               java.security.InvalidKeyException
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException
      • formSpkiSHA1KeyId

        protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSpkiSHA1KeyId​(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
                                                                                  throws EBaseException
        Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO. (including algorithm ID, etc.)

        Parameters:
        certInfo - cert info of the certificate.
        Returns:
        A Key identifier with the sha-1 hash of subject public key.
        Throws:
        EBaseException
      • formSHA1KeyId

        protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSHA1KeyId​(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
                                                                              throws EBaseException
        Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.

        Parameters:
        certInfo - cert info of the certificate.
        Returns:
        A Key identifier with the sha-1 hash of subject public key.
        Throws:
        EBaseException