1 18 package org.apache.geronimo.console.ca; 19 20 import java.io.ByteArrayInputStream ; 21 import java.io.IOException ; 22 import java.math.BigInteger ; 23 import java.security.PublicKey ; 24 import java.text.DateFormat ; 25 import java.text.SimpleDateFormat ; 26 import java.util.Date ; 27 import java.util.Map ; 28 import java.util.Properties ; 29 30 import javax.portlet.ActionRequest; 31 import javax.portlet.ActionResponse; 32 import javax.portlet.PortletException; 33 import javax.portlet.RenderRequest; 34 import javax.portlet.RenderResponse; 35 import javax.security.auth.x500.X500Principal ; 36 37 import org.apache.commons.logging.Log; 38 import org.apache.commons.logging.LogFactory; 39 import org.apache.geronimo.console.MultiPageModel; 40 import org.apache.geronimo.management.geronimo.CertificationAuthority; 41 import org.apache.geronimo.util.CaUtils; 42 import org.apache.geronimo.util.asn1.x509.X509Name; 43 44 49 public class ConfirmClientCertHandler extends BaseCAHandler { 50 private final static Log log = LogFactory.getLog(ConfirmClientCertHandler.class); 51 public ConfirmClientCertHandler() { 52 super(CONFIRM_CLIENT_CERT_MODE, "/WEB-INF/view/ca/confirmClientCert.jsp"); 53 } 54 55 public String actionBeforeView(ActionRequest request, ActionResponse response, MultiPageModel model) throws PortletException, IOException { 56 String [] params = {ERROR_MSG, INFO_MSG, "subject", "publickey", "algorithm", "validFrom", "validTo", "sNo", "pkcs10certreq", "requestId"}; 57 for(int i = 0; i < params.length; ++i) { 58 String value = request.getParameter(params[i]); 59 if(value != null) response.setRenderParameter(params[i], value); 60 } 61 return getMode(); 62 } 63 64 public void renderView(RenderRequest request, RenderResponse response, MultiPageModel model) throws PortletException, IOException { 65 String [] params = {ERROR_MSG, INFO_MSG, "subject", "publickey", "algorithm", "validFrom", "validTo", "sNo", "pkcs10certreq", "requestId"}; 66 for(int i = 0; i < params.length; ++i) { 67 String value = request.getParameter(params[i]); 68 if(value != null) request.setAttribute(params[i], value); 69 } 70 } 71 72 public String actionAfterView(ActionRequest request, ActionResponse response, MultiPageModel model) throws PortletException, IOException { 73 String errorMsg = null; 74 try { 75 CertificationAuthority ca = getCertificationAuthority(request); 76 if(ca == null) { 77 throw new Exception ("CA is not running. CA may not have been initialized!!"); 78 } 79 BigInteger sNo = new BigInteger (request.getParameter("sNo")); 80 if(ca.isCertificateIssued(sNo)) { 81 log.warn("Second request to issue certificate with serial number'"+sNo+"'. A certificate has already been issued."); 84 response.setRenderParameter("sNo", sNo.toString()); 85 response.setRenderParameter(INFO_MSG, "A certificate with the serial number '"+sNo+"' has already been issued. " 86 +"You may be seeing this message since you have clicked on 'Issue Certificate' button a second time."); 87 return VIEW_CERT_MODE; 88 } 89 90 X509Name subject = null; 91 PublicKey publickey = null; 92 String pkcs10certreq = null, certreq = null; 94 String challenge = null; 95 String requestId = request.getParameter("requestId"); 96 if(requestId != null && !requestId.equals("")) { 97 String certreqText = getCertificateRequestStore(request).getRequest(requestId); 99 if(certreqText.startsWith(CaUtils.CERT_REQ_HEADER)) { 100 pkcs10certreq = certreqText; 102 } else { 103 certreq = certreqText; 105 } 106 } else { 107 pkcs10certreq = request.getParameter("pkcs10certreq"); 109 } 110 111 if(pkcs10certreq != null && !"".equals(pkcs10certreq)) { 112 Map certReqMap = CaUtils.processPKCS10Request(pkcs10certreq); 114 subject = (X509Name) certReqMap.get(CaUtils.CERT_REQ_SUBJECT); 115 publickey = (PublicKey ) certReqMap.get(CaUtils.CERT_REQ_PUBLICKEY_OBJ); 116 } else { 117 Properties csrProps = new Properties (); 119 csrProps.load(new ByteArrayInputStream (certreq.getBytes())); 120 String spkac = csrProps.getProperty("SPKAC"); 121 String cn = csrProps.getProperty("CN"); 122 String ou = csrProps.getProperty("OU"); 123 String o = csrProps.getProperty("O"); 124 String l = csrProps.getProperty("L"); 125 String st = csrProps.getProperty("ST"); 126 String c = csrProps.getProperty("C"); 127 subject = CaUtils.getX509Name(cn, ou, o, l, st, c); 128 Map certReqMap = CaUtils.processSPKAC(spkac); 129 publickey = (PublicKey ) certReqMap.get(CaUtils.CERT_REQ_PUBLICKEY_OBJ); 130 challenge = (String ) certReqMap.get(CaUtils.PKAC_CHALLENGE); 131 } 132 133 String validFrom = request.getParameter("validFrom"); 135 String validTo = request.getParameter("validTo"); 136 DateFormat df = new SimpleDateFormat ("MM/dd/yyyy"); 137 Date validFromDate = df.parse(validFrom); 138 Date validToDate = df.parse(validTo); 139 String algorithm = request.getParameter("algorithm"); 140 ca.issueCertificate(new X500Principal (subject.getEncoded()), publickey, sNo, validFromDate, validToDate, algorithm); 142 if(challenge != null && !challenge.equals("")) { 144 getCertificateStore(request).setCertificateChallenge(sNo, challenge); 145 } 146 147 if(requestId != null && !requestId.equals("")) { 148 getCertificateRequestStore(request).setRequestFulfilled(requestId, sNo); 150 response.setRenderParameter("linkToListRequests", "true"); 152 } 153 154 response.setRenderParameter("sNo", sNo.toString()); 156 response.setRenderParameter(INFO_MSG, "Certificate Issued successfully. This Certificate details can also be viewed using the serial number '" 157 +sNo+"' with the 'View Issued Certificate' link provided in the CA home screen."); 158 log.info("Certificate with serial number '"+sNo+"' issued to "+subject); 159 return VIEW_CERT_MODE; 160 } catch(Exception e) { 161 errorMsg = e.toString(); 162 log.error("Errors in issuing certificate.", e); 163 } 164 response.setRenderParameter(ERROR_MSG, errorMsg); 166 return CERT_REQ_DETAILS_MODE+BEFORE_ACTION; 167 } 168 } 169 | Popular Tags |