Class APolicyRule

java.lang.Object
org.dogtagpki.legacy.server.policy.APolicyRule
All Implemented Interfaces:
IPolicy, IPolicyRule
Direct Known Subclasses:
ManualAuthentication

public abstract class APolicyRule extends Object implements IPolicyRule
The abstract policy rule that concrete implementations will extend.

 NOTE:  The Policy Framework has been replaced by the Profile Framework.
 

Version:
$Revision$, $Date$
  • Field Details

    • logger

      public static org.slf4j.Logger logger
    • NAME

      protected String NAME
    • DESC

      protected String DESC
    • mFilterExp

      protected IExpression mFilterExp
    • mInstanceName

      protected String mInstanceName
  • Constructor Details

    • APolicyRule

      public APolicyRule()
  • Method Details

    • init

      public abstract void init(PolicyProcessor owner, ConfigStore config) throws EBaseException
      Initializes the policy rule.

      Specified by:
      init in interface IPolicyRule
      Parameters:
      config - The config store reference
      Throws:
      EBaseException
    • getDescription

      public String getDescription()
      Gets the description for this policy rule.

      Specified by:
      getDescription in interface IPolicyRule
      Returns:
      The Description for this rule.
    • setPredicate

      public void setPredicate(IExpression exp)
      Sets a predicate expression for rule matching.

      Specified by:
      setPredicate in interface IPolicyRule
      Parameters:
      exp - The predicate expression for the rule.
    • getPredicate

      public IExpression getPredicate()
      Returns the predicate expression for the rule.

      Specified by:
      getPredicate in interface IPolicyRule
      Returns:
      The predicate expression for the rule.
    • getName

      public String getName()
      Returns the name of the policy rule.

      Specified by:
      getName in interface IPolicyRule
      Returns:
      The name of the policy class.
    • setInstanceName

      public void setInstanceName(String instanceName)
      Sets the instance name for a policy rule.

      Specified by:
      setInstanceName in interface IPolicyRule
      Parameters:
      instanceName - The name of the rule instance.
    • getInstanceName

      public String getInstanceName()
      Returns the name of the policy rule instance.

      Specified by:
      getInstanceName in interface IPolicyRule
      Returns:
      The name of the policy rule instance if set, else the name of the rule class.
    • apply

      public abstract PolicyResult apply(Request req)
      Applies the policy on the given Request.

      Specified by:
      apply in interface IPolicy
      Specified by:
      apply in interface IPolicyRule
      Parameters:
      req - The request on which to apply policy.
      Returns:
      The policy result object.
    • getInstanceParams

      public abstract Vector<String> getInstanceParams()
      Return configured parameters for a policy rule instance.
      Specified by:
      getInstanceParams in interface IPolicyRule
      Returns:
      nvPairs A Vector of name/value pairs.
    • getDefaultParams

      public abstract Vector<String> getDefaultParams()
      Return default parameters for a policy implementation.
      Specified by:
      getDefaultParams in interface IPolicyRule
      Returns:
      nvPairs A Vector of name/value pairs.
    • setError

      public void setError(Request req, String format, Object[] params)
      Specified by:
      setError in interface IPolicyRule
    • setError

      public void setError(Request req, String format, String arg1, String arg2)
    • setError

      public void setError(Request req, String format, String arg)
    • setPolicyException

      public void setPolicyException(Request req, EBaseException ex)
      Specified by:
      setPolicyException in interface IPolicyRule
    • deferred

      protected PolicyResult deferred(Request req)
      determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute. This call should be used by policy modules instead of returning PolicyResult.DEFERRED directly.

    • agentApproved

      protected boolean agentApproved(Request req)
      request has previously been approved by an agent
    • setPolicyException

      public void setPolicyException(Request req, String format, Object[] params)
    • createKeyIdentifier

      public static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier(org.mozilla.jss.netscape.security.x509.X509Key key) throws NoSuchAlgorithmException, InvalidKeyException
      Throws:
      NoSuchAlgorithmException
      InvalidKeyException
    • formSpkiSHA1KeyId

      protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSpkiSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) throws EBaseException
      Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO. (including algorithm ID, etc.)

      Parameters:
      certInfo - cert info of the certificate.
      Returns:
      A Key identifier with the sha-1 hash of subject public key.
      Throws:
      EBaseException
    • formSHA1KeyId

      protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) throws EBaseException
      Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.

      Parameters:
      certInfo - cert info of the certificate.
      Returns:
      A Key identifier with the sha-1 hash of subject public key.
      Throws:
      EBaseException