Package org.ejbca.core.model.ra

Examples of org.ejbca.core.model.ra.ExtendedInformation

204
205
206
207
208
209
210
211
212
213
214
215
    p10.setPassword("foo123");

    UserDataVO user = new UserDataVO("foo3", "C=SE,O=AnaTom,CN=foo3", rsacaid, null, "foo@anatom.se", SecConst.USER_ENDUSER, fooEEProfileId, fooCertProfileId,
        SecConst.TOKEN_SOFT_BROWSERGEN, 0, null);
    user.setPassword("foo123");
    ExtendedInformation ei = new ExtendedInformation();
    ei.setCertificateSerialNumber(serno);
    user.setExtendedinformation(ei);

    IResponseMessage resp = null;
    try {
      resp = certificateRequestSession.processCertReq(admin, user, p10, org.ejbca.core.protocol.X509ResponseMessage.class);
View Full Code Here
240
241
242
243
244
245
246
247
248
249
250
251
    certificateProfileSession.changeCertificateProfile(admin, "FOOCERTPROFILE", fooCertProfile);

    UserDataVO user = new UserDataVO("foo", "C=SE,O=AnaTom,CN=foo", rsacaid, null, "foo@anatom.se", SecConst.USER_ENDUSER, fooEEProfileId, fooCertProfileId,
        SecConst.TOKEN_SOFT_BROWSERGEN, 0, null);
    user.setPassword("foo123");
    ExtendedInformation ei = new ExtendedInformation();
    ei.setCertificateSerialNumber(serno);
    user.setExtendedinformation(ei);
    try {
      certificateRequestSession.processCertReq(admin, user, p10, org.ejbca.core.protocol.X509ResponseMessage.class);
      assertTrue("This method should throw exception", false);
    } catch (EjbcaException e) {
View Full Code Here
248
249
250
251
252
253
254
255
256
257
258
                        + ", type: " + publishType);
            }
            PublisherQueueVolatileData voldata = pqd.getVolatileData();
            String username = null;
            String password = null;
            ExtendedInformation ei = null;
            String userDataDN = null;
            if (voldata != null) {
                username = voldata.getUsername();
                password = voldata.getPassword();
                ei = voldata.getExtendedInformation();
View Full Code Here
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
            // special case used to signal regeneraton of password
            newpassword = profile.getAutoGeneratedPasswd();
        }

        final int type = userDataVO.getType();
        final ExtendedInformation ei = userDataVO.getExtendedinformation();
        // Check if user fulfills it's profile.
        if (globalConfiguration.getEnableEndEntityProfileLimitations()) {
            try {
              String dirattrs = null;
              if (ei != null) {
                dirattrs = ei.getSubjectDirectoryAttributes();
              }
            // It is only meaningful to verify the password if we change it in some way, and if we are not autogenerating it
              if (!profile.useAutoGeneratedPasswd() && StringUtils.isNotEmpty(newpassword)) {
                  profile.doesUserFullfillEndEntityProfile(username, userDataVO.getPassword(), dn, altName, dirattrs, userDataVO.getEmail(),
                      userDataVO.getCertificateProfileId(), clearpwd, (type & SecConst.USER_KEYRECOVERABLE) != 0, (type & SecConst.USER_SENDNOTIFICATION) != 0,
                      userDataVO.getTokenType(), userDataVO.getHardTokenIssuerId(), caid, ei);
              } else {
                  profile.doesUserFullfillEndEntityProfileWithoutPassword(username, dn, altName, dirattrs, userDataVO.getEmail(),
                      userDataVO.getCertificateProfileId(), (type & SecConst.USER_KEYRECOVERABLE) != 0, (type & SecConst.USER_SENDNOTIFICATION) != 0,
                      userDataVO.getTokenType(), userDataVO.getHardTokenIssuerId(), caid, ei);
              }
            } catch (UserDoesntFullfillEndEntityProfile e) {
                final String msg = intres.getLocalizedMessage("ra.errorfullfillprofile", Integer.valueOf(endEntityProfileId), dn, e.getMessage());
                logSession.log(admin, caid, LogConstants.MODULE_RA, new Date(), username, null, LogConstants.EVENT_INFO_CHANGEDENDENTITY, msg);
                throw e;
            }
        }
        // Check if approvals is required.
        final int numOfApprovalsRequired = getNumOfApprovalRequired(admin, CAInfo.REQ_APPROVAL_ADDEDITENDENTITY, caid, userDataVO.getCertificateProfileId());
        if (numOfApprovalsRequired > 0) {
            final UserDataVO orguserdata = userData.toUserDataVO();
            final EditEndEntityApprovalRequest ar = new EditEndEntityApprovalRequest(userDataVO, clearpwd, orguserdata, admin, null, numOfApprovalsRequired, caid, endEntityProfileId);
            if (ApprovalExecutorUtil.requireApproval(ar, NONAPPROVABLECLASSNAMES_CHANGEUSER)) {
                approvalSession.addApprovalRequest(admin, ar, getGlobalConfiguration(admin));
                throw new WaitingForApprovalException(intres.getLocalizedMessage("ra.approvaledit"));
            }
        }
        // Check if the subjectDN serialnumber already exists.
        if (caAdminSession.getCAInfoOrThrowException(admin, caid).isDoEnforceUniqueSubjectDNSerialnumber()) {
            if (!isSubjectDnSerialnumberUnique(caid, dn, username)) {
              throw new EjbcaException(ErrorCode.SUBJECTDN_SERIALNUMBER_ALREADY_EXISTS, "Error: SubjectDN Serialnumber already exists.");
            }
        }
        try {
            userData.setDN(dn);
            userData.setSubjectAltName(altName);
            userData.setSubjectEmail(userDataVO.getEmail());
            userData.setCaId(caid);
            userData.setType(type);
            userData.setEndEntityProfileId(endEntityProfileId);
            userData.setCertificateProfileId(userDataVO.getCertificateProfileId());
            userData.setTokenType(userDataVO.getTokenType());
            userData.setHardTokenIssuerId(userDataVO.getHardTokenIssuerId());
            userData.setCardNumber(userDataVO.getCardNumber());
            final int newstatus = userDataVO.getStatus();
            final int oldstatus = userData.getStatus();
            if (oldstatus == UserDataConstants.STATUS_KEYRECOVERY && newstatus != UserDataConstants.STATUS_KEYRECOVERY && newstatus != UserDataConstants.STATUS_INPROCESS) {
                keyRecoverySession.unmarkUser(admin, username);
            }
            if (ei != null) {
              final String requestCounter = ei.getCustomData(ExtendedInformation.CUSTOM_REQUESTCOUNTER);
              if (StringUtils.equals(requestCounter, "0") && newstatus == UserDataConstants.STATUS_NEW && oldstatus != UserDataConstants.STATUS_NEW) {
                // If status is set to new, we should re-set the allowed request counter to the default values
                // But we only do this if no value is specified already, i.e. 0 or null
                resetRequestCounter(admin, false, ei, username, endEntityProfileId);
              } else {
View Full Code Here
656
657
658
659
660
661
662
663
664
665
666
      int caid = LogConstants.INTERNALCAID;
      final UserData data1 = UserData.findByUsername(entityManager, username);
      if (data1 != null) {
        caid = data1.getCaId();
        assertAuthorizedToCA(admin, caid, username, LogConstants.EVENT_INFO_CHANGEDENDENTITY);
        final ExtendedInformation ei = data1.getExtendedInformation();
        if (ei != null) {
          resetRemainingLoginAttemptsInternal(admin, ei, username, caid);
          data1.setTimeModified(new Date().getTime());
          data1.setExtendedInformation(ei);
        }
View Full Code Here
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
    int counter = Integer.MAX_VALUE;
        UserData data1 = UserData.findByUsername(entityManager, username);
        if (data1 != null) {
            caid = data1.getCaId();
            assertAuthorizedToCA(admin, caid, username, LogConstants.EVENT_INFO_CHANGEDENDENTITY);
            final ExtendedInformation ei = data1.getExtendedInformation();
            if (ei != null) {
              counter = ei.getRemainingLoginAttempts();
              // If we get to 0 we must set status to generated
              if (counter == 0) {
                // if it isn't already
                if (data1.getStatus() != UserDataConstants.STATUS_GENERATED) {
                  data1.setStatus(UserDataConstants.STATUS_GENERATED);
                  final String msg = intres.getLocalizedMessage("ra.decreasedloginattemptscounter", username, counter);
                  logSession.log(admin, caid, LogConstants.MODULE_RA, new Date(), username, null, LogConstants.EVENT_INFO_CHANGEDENDENTITY, msg);
                  resetRemainingLoginAttemptsInternal(admin, ei, username, caid);
                data1.setTimeModified(new Date().getTime());
                data1.setExtendedInformation(ei);
                }
              } else if (counter != -1) {
                if (log.isDebugEnabled()) {
                  log.debug("Found a remaining login counter with value " + counter);
                }
                ei.setRemainingLoginAttempts(--counter);
                data1.setExtendedInformation(ei);
                String msg = intres.getLocalizedMessage("ra.decreasedloginattemptscounter", username, counter);
                logSession.log(admin, caid, LogConstants.MODULE_RA, new Date(), username, null, LogConstants.EVENT_INFO_CHANGEDENDENTITY, msg);
              } else {
                if (log.isDebugEnabled()) {
View Full Code Here
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
            assertAuthorizedToCA(admin, caid, username, LogConstants.EVENT_INFO_CHANGEDENDENTITY);
            if (getGlobalConfiguration(admin).getEnableEndEntityProfileLimitations()) {
              assertAuthorizedToEndEntityProfile(admin, data1.getEndEntityProfileId(), AccessRulesConstants.EDIT_RIGHTS, caid, username, LogConstants.EVENT_INFO_CHANGEDENDENTITY);
            }
            // Do the work of decreasing the counter
            ExtendedInformation ei = data1.getExtendedInformation();
            if (ei != null) {
                String counterstr = ei.getCustomData(ExtendedInformation.CUSTOM_REQUESTCOUNTER);
                boolean serialNumberCleared = false;
                if (StringUtils.isNotEmpty(counterstr)) {
                    try {
                        counter = Integer.valueOf(counterstr);
                        if (log.isDebugEnabled()) {
                            log.debug("Found a counter with value " + counter);
                        }
                        // decrease the counter, if we get to 0 we must set
                        // status to generated
                        counter--;
                        if (counter >= 0) {
                            ei.setCustomData(ExtendedInformation.CUSTOM_REQUESTCOUNTER, String.valueOf(counter));
                            ei.setCertificateSerialNumber(null);// cert serial number should also be cleared after successful command.
                            data1.setExtendedInformation(ei);
                            serialNumberCleared = true;
                            final Date now = new Date();
                            if (counter > 0) { // if 0 then update when changing type
                                data1.setTimeModified(now.getTime());
                            }
                            String msg = intres.getLocalizedMessage("ra.decreasedentityrequestcounter", username, counter);
                            logSession.log(admin, caid, LogConstants.MODULE_RA, now, username, null, LogConstants.EVENT_INFO_CHANGEDENDENTITY,
                                    msg);
                        } else {
                            if (log.isDebugEnabled()) {
                                log.debug("Counter value was already 0, not decreased in db.");
                            }
                        }
                    } catch (NumberFormatException e) {
                        String msg = intres.getLocalizedMessage("ra.errorrequestcounterinvalid", username, counterstr, e.getMessage());
                        log.error(msg, e);
                    }
                } else {
                    if (log.isDebugEnabled()) {
                        log.debug("No (optional) request counter exists for end entity: " + username);
                    }
                }
                if (!serialNumberCleared && ei.certificateSerialNumber() != null) {
                    ei.setCertificateSerialNumber(null);// cert serial number should also be cleared after successful command.
                    data1.setExtendedInformation(ei);
                }
            } else {
                if (log.isDebugEnabled()) {
                    log.debug("No extended information exists for user: " + data1.getUsername());
View Full Code Here
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
            if (data1 != null) {
                assertAuthorizedToCA(admin, caid, username, LogConstants.EVENT_INFO_CHANGEDENDENTITY);
                if (getGlobalConfiguration(admin).getEnableEndEntityProfileLimitations()) {
                  assertAuthorizedToEndEntityProfile(admin, data1.getEndEntityProfileId(), AccessRulesConstants.EDIT_RIGHTS, caid, username, LogConstants.EVENT_INFO_CHANGEDENDENTITY);
                }
                final ExtendedInformation ei = data1.getExtendedInformation();
                if (ei == null) {
                    if (log.isDebugEnabled()) {
                        log.debug("No extended information exists for user: " + data1.getUsername());
                    }
                } else {
                    ei.setCertificateSerialNumber(null);
                    data1.setExtendedInformation(ei);                 
                }
            } else {
                String msg = intres.getLocalizedMessage("ra.errorentitynotexist", username);
                logSession.log(admin, caid, LogConstants.MODULE_RA, new Date(), username, null, LogConstants.EVENT_INFO_CHANGEDENDENTITY, msg);
View Full Code Here
936
937
938
939
940
941
942
943
944
945
946
        if (data1.getStatus() == UserDataConstants.STATUS_KEYRECOVERY
                && !(status == UserDataConstants.STATUS_KEYRECOVERY || status == UserDataConstants.STATUS_INPROCESS || status == UserDataConstants.STATUS_INITIALIZED)) {
            keyRecoverySession.unmarkUser(admin, username);
        }
        if ((status == UserDataConstants.STATUS_NEW) && (data1.getStatus() != UserDataConstants.STATUS_NEW)) {
          final ExtendedInformation ei = data1.getExtendedInformation();
          if (ei != null) {
            // If status is set to new, when it is not already new, we should
            // re-set the allowed request counter to the default values
            resetRequestCounter(admin, false, ei, username, endEntityProfileId);
            // Reset remaining login counter
View Full Code Here
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
        }
        // Revoke certificate in database and all publishers
        certificateStoreSession.setRevokeStatus(admin, issuerdn, certserno, revocationdate, publishers, reason, userDataDN);
        if (XkmsConfiguration.getEnabled() && data != null) {
          // Reset the revocation code identifier used in XKMS
          final ExtendedInformation inf = data.getExtendedInformation();
          if (inf != null && inf.getRevocationCodeIdentifier() != null) {
            inf.setRevocationCodeIdentifier(null);
            data.setExtendedInformation(inf);
          }
        }
        if (log.isTraceEnabled()) {
            log.trace("<revokeCert()");
View Full Code Here
TOP

Related Classes of org.ejbca.core.model.ra.ExtendedInformation

  • org.apache.commons.lang.time.FastDateFormat
  • org.ejbca.core.ejb.ca.auth.AuthenticationSessionTest
  • org.ejbca.core.ejb.ca.caadmin.CAAdminSessionBean
  • org.ejbca.core.ejb.ca.crl.CreateCRLSessionTest
  • org.ejbca.core.ejb.ca.publisher.PublisherQueueSessionBean
  • org.ejbca.core.ejb.ca.publisher.PublisherQueueTest
  • org.ejbca.core.ejb.ca.sign.CustomCertSerialnumberTest
  • org.ejbca.core.ejb.ca.sign.RSASignSessionBean
  • org.ejbca.core.ejb.ca.sign.SignSessionTest
  • org.ejbca.core.ejb.ra.AddLotsofCertsPerUserTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.