Package com.netscape.cms.servlet.cert
Class RevocationProcessor
- java.lang.Object
-
- com.netscape.cms.servlet.processors.Processor
-
- com.netscape.cms.servlet.processors.CAProcessor
-
- com.netscape.cms.servlet.cert.CertProcessor
-
- com.netscape.cms.servlet.cert.RevocationProcessor
-
public class RevocationProcessor extends CertProcessor
- Author:
- Endi S. Dewata
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
OFF_HOLD
static java.lang.String
ON_HOLD
static java.lang.String
REVOKE
-
Fields inherited from class com.netscape.cms.servlet.processors.CAProcessor
ACL_INFO, ACL_METHOD, aclMethod, ARG_ERROR_CODE, ARG_ERROR_REASON, ARG_OP, ARG_OUTPUT_CONSTRAINT, ARG_OUTPUT_ID, ARG_OUTPUT_LIST, ARG_OUTPUT_NAME, ARG_OUTPUT_SYNTAX, ARG_OUTPUT_VAL, ARG_PROFILE, ARG_PROFILE_APPROVED_BY, ARG_PROFILE_DESC, ARG_PROFILE_ENABLED_BY, ARG_PROFILE_IS_ENABLED, ARG_PROFILE_IS_VISIBLE, ARG_PROFILE_NAME, ARG_PROFILE_REMOTE_ADDR, ARG_PROFILE_REMOTE_HOST, ARG_PROFILE_SET_ID, ARG_RENEWAL_PROFILE_ID, ARG_REQUEST_CREATION_TIME, ARG_REQUEST_ID, ARG_REQUEST_LIST, ARG_REQUEST_MODIFICATION_TIME, ARG_REQUEST_NONCE, ARG_REQUEST_NOTES, ARG_REQUEST_OWNER, ARG_REQUEST_STATUS, ARG_REQUEST_TYPE, ARG_REQUESTS, AUTH_ID, AUTH_MGR, authMgr, authz, AUTHZ_MGR, AUTHZ_RESOURCE_NAME, authzResourceName, CERT_ATTR, certdb, GET_CLIENT_CERT, getClientCert, HDR_LANG, PROFILE_ID, PROFILE_SUB_ID, profileID, profileSubId, ps, queue, statEvents, ug, ul
-
-
Constructor Summary
Constructors Constructor Description RevocationProcessor(java.lang.String id, java.util.Locale locale)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addCertificate(X509CertImpl cert)
void
addCertificateToRevoke(X509CertImpl cert)
void
addSerialNumberToUnrevoke(java.math.BigInteger serialNumber)
void
auditChangeRequest(java.lang.String status)
void
auditChangeRequestProcessed(java.lang.String status)
void
createCRLExtension()
void
createRevocationRequest()
void
createUnrevocationRequest()
ICertificateAuthority
getAuthority()
ICertRecord
getCertificateRecord(CertId id)
ICertRecord
getCertificateRecord(java.math.BigInteger serialNumber)
ICertRecord[]
getCertificateRecords(java.math.BigInteger[] serialNumbers)
java.util.Collection<X509CertImpl>
getCertificates()
X509CertImpl[]
getCertificates(ICertRecord[] records)
java.lang.String
getComments()
java.lang.String
getInitiative()
java.util.Date
getInvalidityDate()
IRequest
getRequest()
RequestStatus
getRequestStatus()
java.lang.String
getRequestType()
RevocationReason
getRevocationReason()
CertId
getSerialNumber()
long
getStartTime()
boolean
isMemberOfSubsystemGroup(java.security.cert.X509Certificate clientCert)
boolean
isSystemCertificate(java.security.cert.X509Certificate cert)
A system certificate such as the CA signing certificate should not be allowed to delete.void
logRevoke(IRequest revocationRequest, java.security.cert.X509Certificate cert, java.lang.String status, java.lang.String message)
void
logUnrevoke(IRequest unrevocationRequest, java.security.cert.X509Certificate cert, java.lang.String status)
void
processRevocationRequest()
void
processUnrevocationRequest()
void
setAuthority(ICertificateAuthority authority)
void
setComments(java.lang.String comments)
void
setInitiative(java.lang.String initiative)
void
setInvalidityDate(java.util.Date invalidityDate)
void
setRequestStatus(RequestStatus requestStatus)
void
setRequestType(java.lang.String requestType)
void
setRevocationReason(RevocationReason revocationReason)
void
setSerialNumber(CertId serialNumber)
void
setStartTime(long startTime)
void
validateCertificateToRevoke(java.lang.String subjectDN, ICertRecord targetRecord, boolean revokingCACert)
-
Methods inherited from class com.netscape.cms.servlet.cert.CertProcessor
codeToReason, populateRequests, setCredentialsIntoContext, submitRequests
-
Methods inherited from class com.netscape.cms.servlet.processors.CAProcessor
auditGroupID, auditGroups, auditRequesterID, auditSubjectID, authenticate, authenticate, authenticate, authenticate, authenticate, authorize, authorize, authorize, endAllEvents, endTiming, getOriginalRequest, getProfileID, getProfileSubsystem, getRequest, getSSLClientCertificate, printParameterValues, saveAuthToken, startTiming, toHashtable, validateNonce
-
Methods inherited from class com.netscape.cms.servlet.processors.Processor
getParams, getUserMessage, log
-
-
-
-
Field Detail
-
REVOKE
public static final java.lang.String REVOKE
- See Also:
- Constant Field Values
-
ON_HOLD
public static final java.lang.String ON_HOLD
- See Also:
- Constant Field Values
-
OFF_HOLD
public static final java.lang.String OFF_HOLD
- See Also:
- Constant Field Values
-
-
Constructor Detail
-
RevocationProcessor
public RevocationProcessor(java.lang.String id, java.util.Locale locale) throws EPropertyNotFound, EBaseException
- Throws:
EPropertyNotFound
EBaseException
-
-
Method Detail
-
getAuthority
public ICertificateAuthority getAuthority()
-
setAuthority
public void setAuthority(ICertificateAuthority authority)
-
getStartTime
public long getStartTime()
-
setStartTime
public void setStartTime(long startTime)
-
getInitiative
public java.lang.String getInitiative()
-
setInitiative
public void setInitiative(java.lang.String initiative)
-
getSerialNumber
public CertId getSerialNumber()
-
setSerialNumber
public void setSerialNumber(CertId serialNumber)
-
getRevocationReason
public RevocationReason getRevocationReason()
-
setRevocationReason
public void setRevocationReason(RevocationReason revocationReason)
-
getInvalidityDate
public java.util.Date getInvalidityDate()
-
setInvalidityDate
public void setInvalidityDate(java.util.Date invalidityDate)
-
getComments
public java.lang.String getComments()
-
setComments
public void setComments(java.lang.String comments)
-
getRequestType
public java.lang.String getRequestType()
-
setRequestType
public void setRequestType(java.lang.String requestType)
-
getRequestStatus
public RequestStatus getRequestStatus()
-
setRequestStatus
public void setRequestStatus(RequestStatus requestStatus)
-
addCertificate
public void addCertificate(X509CertImpl cert)
-
getCertificates
public java.util.Collection<X509CertImpl> getCertificates()
-
getRequest
public IRequest getRequest()
-
isMemberOfSubsystemGroup
public boolean isMemberOfSubsystemGroup(java.security.cert.X509Certificate clientCert)
-
validateCertificateToRevoke
public void validateCertificateToRevoke(java.lang.String subjectDN, ICertRecord targetRecord, boolean revokingCACert) throws EBaseException
- Throws:
EBaseException
-
addCertificateToRevoke
public void addCertificateToRevoke(X509CertImpl cert)
-
addSerialNumberToUnrevoke
public void addSerialNumberToUnrevoke(java.math.BigInteger serialNumber) throws EBaseException
- Throws:
EBaseException
-
getCertificateRecords
public ICertRecord[] getCertificateRecords(java.math.BigInteger[] serialNumbers) throws EBaseException
- Throws:
EBaseException
-
getCertificateRecord
public ICertRecord getCertificateRecord(CertId id) throws EBaseException
- Throws:
EBaseException
-
getCertificateRecord
public ICertRecord getCertificateRecord(java.math.BigInteger serialNumber) throws EBaseException
- Throws:
EBaseException
-
getCertificates
public X509CertImpl[] getCertificates(ICertRecord[] records) throws EBaseException
- Throws:
EBaseException
-
createCRLExtension
public void createCRLExtension() throws java.io.IOException
- Throws:
java.io.IOException
-
createRevocationRequest
public void createRevocationRequest() throws EBaseException
- Throws:
EBaseException
-
processRevocationRequest
public void processRevocationRequest() throws EBaseException
- Throws:
EBaseException
-
createUnrevocationRequest
public void createUnrevocationRequest() throws EBaseException
- Throws:
EBaseException
-
processUnrevocationRequest
public void processUnrevocationRequest() throws EBaseException
- Throws:
EBaseException
-
isSystemCertificate
public boolean isSystemCertificate(java.security.cert.X509Certificate cert) throws EBaseException
A system certificate such as the CA signing certificate should not be allowed to delete. The main purpose is to avoid revoking the self signed CA certificate accidentally.- Throws:
EBaseException
-
logRevoke
public void logRevoke(IRequest revocationRequest, java.security.cert.X509Certificate cert, java.lang.String status, java.lang.String message)
-
logUnrevoke
public void logUnrevoke(IRequest unrevocationRequest, java.security.cert.X509Certificate cert, java.lang.String status)
-
auditChangeRequest
public void auditChangeRequest(java.lang.String status)
-
auditChangeRequestProcessed
public void auditChangeRequestProcessed(java.lang.String status)
-
-