KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > geronimo > console > ca > ConfirmClientCertHandler


1 /**
2  *
3  * Licensed to the Apache Software Foundation (ASF) under one or more
4  * contributor license agreements. See the NOTICE file distributed with
5  * this work for additional information regarding copyright ownership.
6  * The ASF licenses this file to You under the Apache License, Version 2.0
7  * (the "License"); you may not use this file except in compliance with
8  * the License. You may obtain a copy of the License at
9  *
10  * http://www.apache.org/licenses/LICENSE-2.0
11  *
12  * Unless required by applicable law or agreed to in writing, software
13  * distributed under the License is distributed on an "AS IS" BASIS,
14  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15  * See the License for the specific language governing permissions and
16  * limitations under the License.
17  */
18 package org.apache.geronimo.console.ca;
19
20 import java.io.ByteArrayInputStream JavaDoc;
21 import java.io.IOException JavaDoc;
22 import java.math.BigInteger JavaDoc;
23 import java.security.PublicKey JavaDoc;
24 import java.text.DateFormat JavaDoc;
25 import java.text.SimpleDateFormat JavaDoc;
26 import java.util.Date JavaDoc;
27 import java.util.Map JavaDoc;
28 import java.util.Properties JavaDoc;
29
30 import javax.portlet.ActionRequest;
31 import javax.portlet.ActionResponse;
32 import javax.portlet.PortletException;
33 import javax.portlet.RenderRequest;
34 import javax.portlet.RenderResponse;
35 import javax.security.auth.x500.X500Principal JavaDoc;
36
37 import org.apache.commons.logging.Log;
38 import org.apache.commons.logging.LogFactory;
39 import org.apache.geronimo.console.MultiPageModel;
40 import org.apache.geronimo.management.geronimo.CertificationAuthority;
41 import org.apache.geronimo.util.CaUtils;
42 import org.apache.geronimo.util.asn1.x509.X509Name;
43
44 /**
45  * Handler for Confirm Client Certificate Issue screen.
46  *
47  * @version $Rev: 476291 $ $Date: 2006-11-17 15:05:24 -0500 (Fri, 17 Nov 2006) $
48  */
49 public class ConfirmClientCertHandler extends BaseCAHandler {
50     private final static Log log = LogFactory.getLog(ConfirmClientCertHandler.class);
51     public ConfirmClientCertHandler() {
52         super(CONFIRM_CLIENT_CERT_MODE, "/WEB-INF/view/ca/confirmClientCert.jsp");
53     }
54
55     public String JavaDoc actionBeforeView(ActionRequest request, ActionResponse response, MultiPageModel model) throws PortletException, IOException JavaDoc {
56         String JavaDoc[] params = {ERROR_MSG, INFO_MSG, "subject", "publickey", "algorithm", "validFrom", "validTo", "sNo", "pkcs10certreq", "requestId"};
57         for(int i = 0; i < params.length; ++i) {
58             String JavaDoc value = request.getParameter(params[i]);
59             if(value != null) response.setRenderParameter(params[i], value);
60         }
61         return getMode();
62     }
63
64     public void renderView(RenderRequest request, RenderResponse response, MultiPageModel model) throws PortletException, IOException JavaDoc {
65         String JavaDoc[] params = {ERROR_MSG, INFO_MSG, "subject", "publickey", "algorithm", "validFrom", "validTo", "sNo", "pkcs10certreq", "requestId"};
66         for(int i = 0; i < params.length; ++i) {
67             String JavaDoc value = request.getParameter(params[i]);
68             if(value != null) request.setAttribute(params[i], value);
69         }
70     }
71
72     public String JavaDoc actionAfterView(ActionRequest request, ActionResponse response, MultiPageModel model) throws PortletException, IOException JavaDoc {
73         String JavaDoc errorMsg = null;
74         try {
75             CertificationAuthority ca = getCertificationAuthority(request);
76             if(ca == null) {
77                 throw new Exception JavaDoc("CA is not running. CA may not have been initialized!!");
78             }
79             BigInteger JavaDoc sNo = new BigInteger JavaDoc(request.getParameter("sNo"));
80             if(ca.isCertificateIssued(sNo)) {
81                 // A certificate with the serial number has already been issued.
82 // This may happen if the user clicks on "Issue Certificate" button a second time
83 log.warn("Second request to issue certificate with serial number'"+sNo+"'. A certificate has already been issued.");
84                 response.setRenderParameter("sNo", sNo.toString());
85                 response.setRenderParameter(INFO_MSG, "A certificate with the serial number '"+sNo+"' has already been issued. "
86                         +"You may be seeing this message since you have clicked on 'Issue Certificate' button a second time.");
87                 return VIEW_CERT_MODE;
88             }
89
90             X509Name subject = null;
91             PublicKey JavaDoc publickey = null;
92             // Process the CSR text to get subject details
93 String JavaDoc pkcs10certreq = null, certreq = null;
94             String JavaDoc challenge = null;
95             String JavaDoc requestId = request.getParameter("requestId");
96             if(requestId != null && !requestId.equals("")) {
97                 // Certificate request is being processed using a previously stored request in CertificateRequestStore
98 String JavaDoc certreqText = getCertificateRequestStore(request).getRequest(requestId);
99                 if(certreqText.startsWith(CaUtils.CERT_REQ_HEADER)) {
100                     // A PKCS 10 Certificate Request
101 pkcs10certreq = certreqText;
102                 } else {
103                     // Possibly a CSR received through web browser
104 certreq = certreqText;
105                 }
106             } else {
107                 // No request id is found. Get the PKCS10 request submitted through form input
108 pkcs10certreq = request.getParameter("pkcs10certreq");
109             }
110             
111             if(pkcs10certreq != null && !"".equals(pkcs10certreq)) {
112                 // Process PKCS 10 Certificate Request text to get Subject name and public-key
113 Map JavaDoc certReqMap = CaUtils.processPKCS10Request(pkcs10certreq);
114                 subject = (X509Name) certReqMap.get(CaUtils.CERT_REQ_SUBJECT);
115                 publickey = (PublicKey JavaDoc) certReqMap.get(CaUtils.CERT_REQ_PUBLICKEY_OBJ);
116             } else {
117                 // This is a custom request containing SPKAC and X509Name attributes received through web browser
118 Properties JavaDoc csrProps = new Properties JavaDoc();
119                 csrProps.load(new ByteArrayInputStream JavaDoc(certreq.getBytes()));
120                 String JavaDoc spkac = csrProps.getProperty("SPKAC");
121                 String JavaDoc cn = csrProps.getProperty("CN");
122                 String JavaDoc ou = csrProps.getProperty("OU");
123                 String JavaDoc o = csrProps.getProperty("O");
124                 String JavaDoc l = csrProps.getProperty("L");
125                 String JavaDoc st = csrProps.getProperty("ST");
126                 String JavaDoc c = csrProps.getProperty("C");
127                 subject = CaUtils.getX509Name(cn, ou, o, l, st, c);
128                 Map JavaDoc certReqMap = CaUtils.processSPKAC(spkac);
129                 publickey = (PublicKey JavaDoc) certReqMap.get(CaUtils.CERT_REQ_PUBLICKEY_OBJ);
130                 challenge = (String JavaDoc) certReqMap.get(CaUtils.PKAC_CHALLENGE);
131             }
132
133             // Dates have already been validated in the previous screen
134 String JavaDoc validFrom = request.getParameter("validFrom");
135             String JavaDoc validTo = request.getParameter("validTo");
136             DateFormat JavaDoc df = new SimpleDateFormat JavaDoc("MM/dd/yyyy");
137             Date JavaDoc validFromDate = df.parse(validFrom);
138             Date JavaDoc validToDate = df.parse(validTo);
139             String JavaDoc algorithm = request.getParameter("algorithm");
140             // Issue certificate
141 ca.issueCertificate(new X500Principal JavaDoc(subject.getEncoded()), publickey, sNo, validFromDate, validToDate, algorithm);
142             // Store the challenge phrase against the issued certificate serial number
143 if(challenge != null && !challenge.equals("")) {
144                 getCertificateStore(request).setCertificateChallenge(sNo, challenge);
145             }
146             
147             if(requestId != null && !requestId.equals("")) {
148                 // This request was processed using a requestId from CertificateRequestStore. Delete the fulfilled request.
149 getCertificateRequestStore(request).setRequestFulfilled(requestId, sNo);
150                 // The confirmation page will show a link to the "Requests to be fulfilled" page.
151 response.setRenderParameter("linkToListRequests", "true");
152             }
153
154             // Set the serial number and forward to view certificate page
155 response.setRenderParameter("sNo", sNo.toString());
156             response.setRenderParameter(INFO_MSG, "Certificate Issued successfully. This Certificate details can also be viewed using the serial number '"
157                     +sNo+"' with the 'View Issued Certificate' link provided in the CA home screen.");
158             log.info("Certificate with serial number '"+sNo+"' issued to "+subject);
159             return VIEW_CERT_MODE;
160         } catch(Exception JavaDoc e) {
161             errorMsg = e.toString();
162             log.error("Errors in issuing certificate.", e);
163         }
164         // An error occurred. Go back to previous screen to let the user correct the errors.
165 response.setRenderParameter(ERROR_MSG, errorMsg);
166         return CERT_REQ_DETAILS_MODE+BEFORE_ACTION;
167     }
168 }
169
Popular Tags