Class NSCertTypeExt

    • Field Detail

      • logger

        public static org.slf4j.Logger logger
      • PROP_SET_DEFAULT_BITS

        protected static final java.lang.String PROP_SET_DEFAULT_BITS
        See Also:
        Constant Field Values
      • DEF_SET_DEFAULT_BITS

        protected static final boolean DEF_SET_DEFAULT_BITS
        See Also:
        Constant Field Values
      • DEF_SET_DEFAULT_BITS_VAL

        protected static final java.lang.String DEF_SET_DEFAULT_BITS_VAL
      • DEF_BITS

        protected static final boolean[] DEF_BITS
      • PROP_AGENT_OVERR

        protected static final java.lang.String PROP_AGENT_OVERR
        See Also:
        Constant Field Values
      • mAllowAgentOverride

        protected boolean mAllowAgentOverride
      • mAllowEEOverride

        protected boolean mAllowEEOverride
      • mCritical

        protected boolean mCritical
      • mCAPathLen

        protected int mCAPathLen
      • mSetDefaultBits

        protected boolean mSetDefaultBits
    • Constructor Detail

      • NSCertTypeExt

        public NSCertTypeExt()
    • Method Detail

      • apply

        public PolicyResult apply​(IRequest req)
        Adds the ns cert type if not set already. reads ns cert type choices from form. If no choices from form will defaults to all.

        Specified by:
        apply in interface IPolicy
        Specified by:
        apply in interface IPolicyRule
        Specified by:
        apply in class APolicyRule
        Parameters:
        req - The request on which to apply policy.
        Returns:
        The policy result object.
      • applyCert

        public PolicyResult applyCert​(IRequest req,
                                      org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
      • extensionIsGood

        protected boolean extensionIsGood​(org.mozilla.jss.netscape.security.extensions.NSCertTypeExtension nsCertTypeExt,
                                          IRequest req)
                                   throws java.io.IOException,
                                          java.security.cert.CertificateException
        check if ns cert type extension is set correctly, correct bits if not. if not authorized to set extension, bits will be replaced.
        Throws:
        java.io.IOException
        java.security.cert.CertificateException
      • getBitsFromRequest

        protected boolean[] getBitsFromRequest​(IRequest req,
                                               boolean setDefault)
        Gets ns cert type bits from request. If none set, use cert type to determine correct bits. If no cert type, use default.
      • getNSCertTypeBits

        protected boolean[] getNSCertTypeBits​(IRequest req)
        get ns cert type bits from actual sets in the request
      • getCertTypeBits

        protected boolean[] getCertTypeBits​(IRequest req)
        get cert type bits according to cert type.
      • mergeBits

        public void mergeBits​(org.mozilla.jss.netscape.security.extensions.NSCertTypeExtension nsCertTypeExt,
                              boolean[] bits)
        merge bits with those set from form. make sure required minimum is set. Agent or auth can set others. XXX form shouldn't set the extension
      • getInstanceParams

        public java.util.Vector<java.lang.String> getInstanceParams()
        Return configured parameters for a policy rule instance.
        Specified by:
        getInstanceParams in interface IPolicyRule
        Specified by:
        getInstanceParams in class APolicyRule
        Returns:
        nvPairs A Vector of name/value pairs.
      • getExtendedPluginInfo

        public java.lang.String[] getExtendedPluginInfo​(java.util.Locale locale)
        Description copied from interface: IExtendedPluginInfo
        This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name ;[,required];;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"
        Specified by:
        getExtendedPluginInfo in interface IExtendedPluginInfo
      • getDefaultParams

        public java.util.Vector<java.lang.String> getDefaultParams()
        Return default parameters for a policy implementation.
        Specified by:
        getDefaultParams in interface IPolicyRule
        Specified by:
        getDefaultParams in class APolicyRule
        Returns:
        nvPairs A Vector of name/value pairs.