KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > ejbca > core > protocol > ws > EjbcaWS


1 package org.ejbca.core.protocol.ws;
2
3 import java.io.IOException JavaDoc;
4 import java.math.BigInteger JavaDoc;
5 import java.rmi.RemoteException JavaDoc;
6 import java.security.InvalidAlgorithmParameterException JavaDoc;
7 import java.security.InvalidKeyException JavaDoc;
8 import java.security.KeyPair JavaDoc;
9 import java.security.KeyStoreException JavaDoc;
10 import java.security.NoSuchAlgorithmException JavaDoc;
11 import java.security.NoSuchProviderException JavaDoc;
12 import java.security.cert.CertificateEncodingException JavaDoc;
13 import java.security.cert.CertificateException JavaDoc;
14 import java.security.cert.CertificateExpiredException JavaDoc;
15 import java.security.cert.CertificateNotYetValidException JavaDoc;
16 import java.security.cert.X509Certificate JavaDoc;
17 import java.security.spec.InvalidKeySpecException JavaDoc;
18 import java.util.ArrayList JavaDoc;
19 import java.util.Collection JavaDoc;
20 import java.util.Iterator JavaDoc;
21 import java.util.List JavaDoc;
22
23 import javax.annotation.Resource;
24 import javax.ejb.CreateException JavaDoc;
25 import javax.ejb.EJBException JavaDoc;
26 import javax.ejb.FinderException JavaDoc;
27 import javax.ejb.ObjectNotFoundException JavaDoc;
28 import javax.ejb.RemoveException JavaDoc;
29 import javax.jws.WebService;
30 import javax.naming.Context JavaDoc;
31 import javax.naming.InitialContext JavaDoc;
32 import javax.naming.NamingException JavaDoc;
33 import javax.servlet.http.HttpServletRequest JavaDoc;
34 import javax.xml.ws.WebServiceContext;
35 import javax.xml.ws.handler.MessageContext;
36
37 import org.apache.log4j.Logger;
38 import org.ejbca.core.EjbcaException;
39 import org.ejbca.core.ejb.authorization.IAuthorizationSessionLocal;
40 import org.ejbca.core.ejb.authorization.IAuthorizationSessionLocalHome;
41 import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocal;
42 import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocalHome;
43 import org.ejbca.core.ejb.ca.sign.ISignSessionLocal;
44 import org.ejbca.core.ejb.ca.sign.ISignSessionLocalHome;
45 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocal;
46 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocalHome;
47 import org.ejbca.core.ejb.hardtoken.IHardTokenSessionLocal;
48 import org.ejbca.core.ejb.hardtoken.IHardTokenSessionLocalHome;
49 import org.ejbca.core.ejb.ra.IUserAdminSessionLocal;
50 import org.ejbca.core.ejb.ra.IUserAdminSessionLocalHome;
51 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocal;
52 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocalHome;
53 import org.ejbca.core.model.SecConst;
54 import org.ejbca.core.model.approval.ApprovalException;
55 import org.ejbca.core.model.approval.WaitingForApprovalException;
56 import org.ejbca.core.model.authorization.AuthorizationDeniedException;
57 import org.ejbca.core.model.authorization.AvailableAccessRules;
58 import org.ejbca.core.model.ca.AuthLoginException;
59 import org.ejbca.core.model.ca.AuthStatusException;
60 import org.ejbca.core.model.ca.IllegalKeyException;
61 import org.ejbca.core.model.ca.caadmin.CADoesntExistsException;
62 import org.ejbca.core.model.ca.crl.RevokedCertInfo;
63 import org.ejbca.core.model.log.Admin;
64 import org.ejbca.core.model.ra.NotFoundException;
65 import org.ejbca.core.model.ra.UserDataVO;
66 import org.ejbca.core.model.ra.raadmin.UserDoesntFullfillEndEntityProfile;
67 import org.ejbca.core.protocol.PKCS10RequestMessage;
68 import org.ejbca.core.protocol.ws.objects.Certificate;
69 import org.ejbca.core.protocol.ws.objects.KeyStore;
70 import org.ejbca.core.protocol.ws.objects.RevokeStatus;
71 import org.ejbca.core.protocol.ws.objects.UserDataVOWS;
72 import org.ejbca.core.protocol.ws.objects.UserMatch;
73 import org.ejbca.ui.web.RequestHelper;
74 import org.ejbca.util.CertTools;
75 import org.ejbca.util.KeyTools;
76 import org.ejbca.util.query.IllegalQueryException;
77 import org.ejbca.util.query.Query;
78
79 /**
80  * Interface the the EJBCA RA WebService. Contains the following methods:
81  *
82  * editUser : Edits/adds userdata
83  * findUser : Retrieves the userdata for a given user.
84  * findCerts : Retrieves the certificates generated for a user.
85  * pkcs10Req : Generates a certificate using the given userdata and the public key from the PKCS10
86  * pkcs12Req : Generates a PKCS12 keystore (with the private key) using the given userdata
87  * revokeCert : Revokes the given certificate.
88  * revokeUser : Revokes all certificates for a given user, it's also possible to delete the user.
89  * revokeToken : Revokes all certificates placed on a given hard token
90  * checkRevokationStatus : Checks the revokation status of a certificate.
91  *
92  * Observere: All methods have to be called using client authenticated https
93  * otherwise will a AuthorizationDenied Exception be thrown.
94  *
95  * @author Philip Vendil
96  * $Id: EjbcaWS.java,v 1.3 2006/10/31 08:21:28 anatom Exp $
97  */

98
99 @WebService
100 public class EjbcaWS {
101     @Resource
102     private WebServiceContext wsContext;
103     
104     /** The maximum number of rows returned in array responses. */
105     private static final int MAXNUMBEROFROWS = 100;
106     
107     private static final Logger log = Logger.getLogger(EjbcaWS.class);
108     /**
109      * Method that should be used to edit/add a user to the EJBCA database,
110      * if the user doesn't already exists it will be added othervise it will be
111      * overwritten.
112      *
113      * Observe: if the user doesn't already exists, it's status will always be set to 'New'.
114      *
115      * Authorization requirements: the client certificate must have the following priviledges set
116      * - Administrator flag set
117      * - /administrator
118      * - /ra_functionality/create_end_entity and/or edit_end_entity
119      * - /ra_functionality/<end entity profile of user>/create_end_entity and/or edit_end_entity
120      * - /ca/<ca of user>
121      *
122      * @param userdata contains all the information about the user about to be added.
123      * @param clearPwd indicates it the password should be stored in cleartext, requeried
124      * when creating server generated keystores.
125      * @throws EjbcaException
126      */

127     public void editUser(UserDataVOWS userdata)
128             throws AuthorizationDeniedException, UserDoesntFullfillEndEntityProfile, EjbcaException, ApprovalException, WaitingForApprovalException {
129                 
130         try{
131           Admin admin = getAdmin();
132           UserDataVO userdatavo = convertUserDataVOWS(admin, userdata);
133           
134           int caid = userdatavo.getCAId();
135           getAuthorizationSession().isAuthorizedNoLog(admin,AvailableAccessRules.CAPREFIX +caid);
136           
137           if(getUserAdminSession().findUser(admin, userdatavo.getUsername()) != null){
138               log.debug("User " + userdata.getUsername() + " exists, update the userdata." );
139               getUserAdminSession().changeUser(admin,userdatavo,userdata.getClearPwd());
140           }else{
141               log.debug(" New User " + userdata.getUsername() + ", adding userdata." );
142               getUserAdminSession().addUser(admin,userdatavo,userdata.getClearPwd());
143           }
144         }catch(UserDoesntFullfillEndEntityProfile e){
145             throw e;
146         } catch (ClassCastException JavaDoc e) {
147             log.error("EJBCA WebService error, editUser : ", e);
148             throw new EjbcaException(e.getMessage());
149         } catch (AuthorizationDeniedException e) {
150             throw e;
151         } catch (CreateException JavaDoc e) {
152             log.error("EJBCA WebService error, editUser : ", e);
153             throw new EjbcaException(e.getMessage());
154         } catch (NamingException JavaDoc e) {
155             log.error("EJBCA WebService error, editUser : ", e);
156             throw new EjbcaException(e.getMessage());
157         } catch (FinderException JavaDoc e) {
158             log.error("EJBCA WebService error, editUser : ",e);
159             throw new EjbcaException(e.getMessage());
160         }
161     }
162     
163     
164     /**
165      * Retreives information about a user in the database.
166      *
167      * Authorization requirements: the client certificate must have the following priviledges set
168      * - Administrator flag set
169      * - /administrator
170      * - /ra_functionality/view_end_entity
171      * - /ra_functionality/<end entity profile of matching users>/view_end_entity
172      * - /ca/<ca of matching users>
173      *
174      * @param username, the unique username to search for
175      * @return a array of UserDataVOWS objects (Max 100) containing the information about the user or null if user doesn't exists.
176      * @throws AuthorizationDeniedException if client isn't authorized to request
177      * @throws IllegalQueryException if query isn't valid
178      * @throws EjbcaException
179      */

180     
181     public List JavaDoc<UserDataVOWS> findUser(UserMatch usermatch) throws AuthorizationDeniedException, IllegalQueryException, EjbcaException {
182         ArrayList JavaDoc<UserDataVOWS> retval = null;
183         try{
184           Admin admin = getAdmin();
185           
186           Query query = convertUserMatch(admin, usermatch);
187           
188           Collection JavaDoc result = getUserAdminSession().query(admin, query, null,null, MAXNUMBEROFROWS);
189           
190           if(result.size() > 0){
191             retval = new ArrayList JavaDoc<UserDataVOWS>();
192             Iterator JavaDoc iter = result.iterator();
193             for(int i=0; i<result.size();i++){
194                 UserDataVO userdata = (UserDataVO) iter.next();
195                 retval.add(convertUserDataVO(admin,userdata));
196             }
197           }
198           
199         }catch(AuthorizationDeniedException e){
200             throw e;
201         } catch (ClassCastException JavaDoc e) {
202             log.error("EJBCA WebService error, findUser : ",e);
203             throw new EjbcaException(e.getMessage());
204         } catch (CreateException JavaDoc e) {
205             log.error("EJBCA WebService error, findUser : ",e);
206             throw new EjbcaException(e.getMessage());
207         } catch (NamingException JavaDoc e) {
208             log.error("EJBCA WebService error, findUser : ",e);
209             throw new EjbcaException(e.getMessage());
210         }
211         return retval;
212
213     }
214
215     /**
216      * Retreives a collection of certificates generated for a user.
217      *
218      * Authorization requirements: the client certificate must have the following priviledges set
219      * - Administrator flag set
220      * - /administrator
221      * - /ra_functionality/view_end_entity
222      * - /ra_functionality/<end entity profile of the user>/view_end_entity
223      * - /ca/<ca of user>
224      *
225      * @param username a unique username
226      * @param onlyValid only return valid certs not revoked or expired ones.
227      * @return a collection of X509Certificates or null if no certificates could be found
228      * @throws AuthorizationDeniedException if client isn't authorized to request
229      * @throws NotFoundException if user cannot be found
230      * @throws EjbcaException
231      */

232     
233     public List JavaDoc<Certificate JavaDoc> findCerts(String JavaDoc username, boolean onlyValid)
234             throws AuthorizationDeniedException, NotFoundException JavaDoc, EjbcaException {
235         
236         List JavaDoc<Certificate JavaDoc> retval = null;
237         try{
238             Admin admin = getAdmin();
239             getUserAdminSession().findUser(admin,username);
240             
241             Collection JavaDoc certs = getCertStoreSession().findCertificatesByUsername(admin,username);
242             
243             if(onlyValid){
244                 certs = returnOnlyValidCertificates(admin,certs);
245             }
246             
247             certs = returnOnlyAuthorizedCertificates(admin,certs);
248             
249             if(certs.size() > 0){
250               retval = new ArrayList JavaDoc<Certificate JavaDoc>();
251               Iterator JavaDoc iter = certs.iterator();
252               for(int i=0; i < certs.size(); i++){
253                   retval.add(new Certificate JavaDoc((java.security.cert.Certificate JavaDoc) iter.next()));
254               }
255             }
256         }catch(AuthorizationDeniedException e){
257             throw e;
258         } catch (ClassCastException JavaDoc e) {
259             log.error("EJBCA WebService error, findCerts : ",e);
260             throw new EjbcaException(e.getMessage());
261         } catch (CreateException JavaDoc e) {
262             log.error("EJBCA WebService error, findCerts : ",e);
263             throw new EjbcaException(e.getMessage());
264         } catch (NamingException JavaDoc e) {
265             log.error("EJBCA WebService error, findCerts : ",e);
266             throw new EjbcaException(e.getMessage());
267         } catch (FinderException JavaDoc e) {
268             throw new NotFoundException JavaDoc(e.getMessage());
269         } catch (CertificateEncodingException JavaDoc e) {
270             log.error("EJBCA WebService error, findCerts : ",e);
271             throw new EjbcaException(e.getMessage());
272         }
273         return retval;
274     }
275
276
277     /**
278      * Method to use to generate a certificate for a user. The method must be preceded by
279      * a editUser call, either to set the userstatus to 'new' or to add nonexisting users.
280      *
281      * Observe, the user must first have added/set the status to new with edituser command
282      *
283      * Authorization requirements: the client certificate must have the following priviledges set
284      * - Administrator flag set
285      * - /administrator
286      * - /ra_functionality/view_end_entity
287      * - /ra_functionality/<end entity profile of the user>/view_end_entity
288      * - /ca_functionality/create_certificate
289      * - /ca/<ca of user>
290      *
291      * @param username the unique username
292      * @param password the password sent with editUser call
293      * @param pkcs10 the PKCS10 (only the public key is used.)
294      * @param hardTokenSN If the certificate should be connected with a hardtoken, it is
295      * possible to map it by give the hardTokenSN here, this will simplyfy revokation of a tokens
296      * certificates. Use null if no hardtokenSN should be assiciated with the certificate.
297      * @return the generated certificate.
298      * @throws AuthorizationDeniedException if client isn't authorized to request
299      * @throws NotFoundException if user cannot be found
300      */

301     
302     public Certificate JavaDoc pkcs10Req(String JavaDoc username, String JavaDoc password,
303             String JavaDoc pkcs10, String JavaDoc hardTokenSN) throws AuthorizationDeniedException, NotFoundException JavaDoc, EjbcaException {
304         
305         Certificate JavaDoc retval = null;
306         
307         try{
308               Admin admin = getAdmin();
309               
310               // check CAID
311
UserDataVO userdata = getUserAdminSession().findUser(admin,username);
312               if(userdata == null){
313                   throw new NotFoundException JavaDoc("Error: User " + username + " doesn't exist");
314               }
315               int caid = userdata.getCAId();
316               getAuthorizationSession().isAuthorizedNoLog(admin,AvailableAccessRules.CAPREFIX +caid);
317               
318               getAuthorizationSession().isAuthorizedNoLog(admin,AvailableAccessRules.REGULAR_CREATECERTIFICATE);
319               
320               // Check tokentype
321
if(userdata.getTokenType() != SecConst.TOKEN_SOFT_BROWSERGEN){
322                   throw new EjbcaException("Error: Wrong Token Type of user, must be 'USERGENERATED' for PKCS10 requests");
323               }
324               
325               PKCS10RequestMessage pkcs10req=RequestHelper.genPKCS10RequestMessageFromPEM(pkcs10.getBytes());
326               
327               java.security.cert.Certificate JavaDoc cert = getSignSession().createCertificate(admin,username,password, pkcs10req.getRequestPublicKey());
328               retval = new Certificate JavaDoc(cert);
329                         
330               if(hardTokenSN != null){
331                   getHardTokenSession().addHardTokenCertificateMapping(admin,hardTokenSN,(X509Certificate JavaDoc) cert);
332               }
333               
334             }catch(AuthorizationDeniedException ade){
335                 throw ade;
336             } catch (ClassCastException JavaDoc e) {
337                 log.error("EJBCA WebService error, pkcs10Req : ",e);
338                 throw new EjbcaException(e.getMessage());
339             } catch (CreateException JavaDoc e) {
340                 log.error("EJBCA WebService error, pkcs10Req : ",e);
341                 throw new EjbcaException(e.getMessage());
342             } catch (NamingException JavaDoc e) {
343                 log.error("EJBCA WebService error, pkcs10Req : ",e);
344                 throw new EjbcaException(e.getMessage());
345             } catch (InvalidKeyException JavaDoc e) {
346                 log.error("EJBCA WebService error, pkcs10Req : ",e);
347                 throw new EjbcaException(e.getMessage());
348             } catch (ObjectNotFoundException JavaDoc e) {
349                 throw new NotFoundException JavaDoc(e.getMessage());
350             } catch (AuthStatusException e) {
351                 log.error("EJBCA WebService error, pkcs10Req : ",e);
352                 throw new EjbcaException(e.getMessage());
353             } catch (AuthLoginException e) {
354                 log.error("EJBCA WebService error, pkcs10Req : ",e);
355                 throw new EjbcaException(e.getMessage());
356             } catch (IllegalKeyException e) {
357                 log.error("EJBCA WebService error, pkcs10Req : ",e);
358                 throw new EjbcaException(e.getMessage());
359             } catch (CADoesntExistsException e) {
360                 log.error("EJBCA WebService error, pkcs10Req : ",e);
361                 throw new EjbcaException(e.getMessage());
362             } catch (NoSuchAlgorithmException JavaDoc e) {
363                 log.error("EJBCA WebService error, pkcs10Req : ",e);
364                 throw new EjbcaException(e.getMessage());
365             } catch (NoSuchProviderException JavaDoc e) {
366                 log.error("EJBCA WebService error, pkcs10Req : ",e);
367                 throw new EjbcaException(e.getMessage());
368             } catch (CertificateEncodingException JavaDoc e) {
369                 log.error("EJBCA WebService error, pkcs10Req : ",e);
370                 throw new EjbcaException(e.getMessage());
371             } catch (FinderException JavaDoc e) {
372                 new NotFoundException JavaDoc(e.getMessage());
373             }
374
375         return retval;
376     
377     }
378
379     /**
380      * Method to use to generate a server generated keystore. The method must be preceded by
381      * a editUser call, either to set the userstatus to 'new' or to add nonexisting users and
382      * the users token should be set to SecConst.TOKEN_SOFT_P12.
383      *
384      * Authorization requirements: the client certificate must have the following priviledges set
385      * - Administrator flag set
386      * - /administrator
387      * - /ra_functionality/view_end_entity
388      * - /ra_functionality/<end entity profile of the user>/view_end_entity
389      * - /ca_functionality/create_certificate
390      * - /ca/<ca of user>
391      *
392      * @param username the unique username
393      * @param password the password sent with editUser call
394      * @param hardTokenSN If the certificate should be connected with a hardtoken, it is
395      * possible to map it by give the hardTokenSN here, this will simplyfy revokation of a tokens
396      * certificates. Use null if no hardtokenSN should be assiciated with the certificate.
397      * @param keyspec that the generated key should have, examples are 1024 for RSA or prime192v1 for ECDSA.
398      * @param keyalg that the generated key should have, RSA, ECDSA. Use one of the constants in CATokenConstants.org.ejbca.core.model.ca.catoken.KEYALGORITHM_XX.
399      * @return the generated keystore
400      * @throws AuthorizationDeniedException if client isn't authorized to request
401      * @throws NotFoundException if user cannot be found
402      */

403     
404     public KeyStore pkcs12Req(String JavaDoc username, String JavaDoc password, String JavaDoc hardTokenSN, String JavaDoc keyspec, String JavaDoc keyalg) throws AuthorizationDeniedException, NotFoundException JavaDoc, EjbcaException {
405         KeyStore retval = null;
406         
407         try{
408               Admin admin = getAdmin();
409               
410               // check CAID
411
UserDataVO userdata = getUserAdminSession().findUser(admin,username);
412               if(userdata == null){
413                   throw new NotFoundException JavaDoc("Error: User " + username + " doesn't exist");
414               }
415               int caid = userdata.getCAId();
416               getAuthorizationSession().isAuthorized(admin,AvailableAccessRules.CAPREFIX +caid);
417
418               getAuthorizationSession().isAuthorizedNoLog(admin,AvailableAccessRules.REGULAR_CREATECERTIFICATE);
419               
420               // Check tokentype
421
if(userdata.getTokenType() != SecConst.TOKEN_SOFT_P12){
422                   throw new EjbcaException("Error: Wrong Token Type of user, must be 'P12' for PKCS12 requests");
423               }
424               
425               KeyPair JavaDoc keys = KeyTools.genKeys(keyspec, keyalg);
426               // Generate Certificate
427
X509Certificate JavaDoc cert = (X509Certificate JavaDoc) getSignSession().createCertificate(admin,username,password, keys.getPublic());
428               
429               // Generate Keystore
430
// Fetch CA Cert Chain.
431
Collection JavaDoc chain = getCAAdminSession().getCAInfo(admin, caid).getCertificateChain();
432               String JavaDoc alias = CertTools.getPartFromDN(CertTools.getSubjectDN(cert), "CN");
433               if (alias == null){
434                   alias = username;
435               }
436               java.security.KeyStore JavaDoc pkcs12 = KeyTools.createP12(alias, keys.getPrivate(), cert, chain);
437
438               retval = new KeyStore(pkcs12, password);
439               
440               if(hardTokenSN != null){
441                   getHardTokenSession().addHardTokenCertificateMapping(admin,hardTokenSN,cert);
442               }
443               
444             }catch(AuthorizationDeniedException ade){
445                 throw ade;
446             } catch (ClassCastException JavaDoc e) {
447                 log.error("EJBCA WebService error, pkcs12Req : ",e);
448                 throw new EjbcaException(e.getMessage());
449             } catch (CreateException JavaDoc e) {
450                 log.error("EJBCA WebService error, pkcs12Req : ",e);
451                 throw new EjbcaException(e.getMessage());
452             } catch (NamingException JavaDoc e) {
453                 log.error("EJBCA WebService error, pkcs12Req : ",e);
454                 throw new EjbcaException(e.getMessage());
455             } catch (ObjectNotFoundException JavaDoc e) {
456                 log.error("EJBCA WebService error, pkcs12Req : ",e);
457                 throw new EjbcaException(e.getMessage());
458             } catch (AuthStatusException e) {
459                 log.error("EJBCA WebService error, pkcs12Req : ",e);
460                 throw new EjbcaException(e.getMessage());
461             } catch (AuthLoginException e) {
462                 log.error("EJBCA WebService error, pkcs12Req : ",e);
463                 throw new EjbcaException(e.getMessage());
464             } catch (IllegalKeyException e) {
465                 log.error("EJBCA WebService error, pkcs12Req : ",e);
466                 throw new EjbcaException(e.getMessage());
467             } catch (InvalidAlgorithmParameterException JavaDoc e) {
468                 log.error("EJBCA WebService error, pkcs12Req : ",e);
469                 throw new EjbcaException(e.getMessage());
470             } catch (CADoesntExistsException e) {
471                 log.error("EJBCA WebService error, pkcs12Req : ",e);
472                 throw new EjbcaException(e.getMessage());
473             } catch (NoSuchAlgorithmException JavaDoc e) {
474                 log.error("EJBCA WebService error, pkcs12Req : ",e);
475                 throw new EjbcaException(e.getMessage());
476             } catch (NoSuchProviderException JavaDoc e) {
477                 log.error("EJBCA WebService error, pkcs12Req : ",e);
478                 throw new EjbcaException(e.getMessage());
479             } catch (CertificateEncodingException JavaDoc e) {
480                 log.error("EJBCA WebService error, pkcs12Req : ",e);
481                 throw new EjbcaException(e.getMessage());
482             } catch (FinderException JavaDoc e) {
483                 new NotFoundException JavaDoc(e.getMessage());
484             } catch (KeyStoreException JavaDoc e) {
485                 log.error("EJBCA WebService error, pkcs12Req : ",e);
486                 throw new EjbcaException(e.getMessage());
487             } catch (CertificateException JavaDoc e) {
488                 log.error("EJBCA WebService error, pkcs12Req : ",e);
489                 throw new EjbcaException(e.getMessage());
490             } catch (InvalidKeySpecException JavaDoc e) {
491                 log.error("EJBCA WebService error, pkcs12Req : ",e);
492                 throw new EjbcaException(e.getMessage());
493             } catch (IOException JavaDoc e) {
494                 log.error("EJBCA WebService error, pkcs12Req : ",e);
495                 throw new EjbcaException(e.getMessage());
496             }
497             
498             return retval;
499
500     }
501
502     /**
503      * Method used to revoke a certificate.
504      *
505      * * Authorization requirements: the client certificate must have the following priviledges set
506      * - Administrator flag set
507      * - /administrator
508      * - /ra_functionality/revoke_end_entity
509      * - /ra_functionality/<end entity profile of the user owning the cert>/revoke_end_entity
510      * - /ca/<ca of certificate>
511      *
512      * @param issuerDN of the certificate to revoke
513      * @param certificateSN of the certificate to revoke
514      * @param reason for revokation, one of RevokedCertInfo.REVOKATION_REASON_ constants
515      * @throws AuthorizationDeniedException if client isn't authorized.
516      * @throws NotFoundException if certificate doesn't exist
517      */

518     
519     public void revokeCert(String JavaDoc issuerDN, String JavaDoc certificateSN, int reason) throws AuthorizationDeniedException, NotFoundException JavaDoc, EjbcaException {
520         
521         try{
522             Admin admin = getAdmin();
523             BigInteger JavaDoc serno = new BigInteger JavaDoc(certificateSN,16);
524             String JavaDoc username = getCertStoreSession().findUsernameByCertSerno(admin,serno,issuerDN);
525             
526             // check that admin is autorized to CA
527
int caid = CertTools.stringToBCDNString(issuerDN).hashCode();
528             getAuthorizationSession().isAuthorizedNoLog(admin,AvailableAccessRules.CAPREFIX +caid);
529             
530             getUserAdminSession().revokeCert(admin,serno, issuerDN, username, reason);
531             
532             }catch(AuthorizationDeniedException e){
533                 throw e;
534             } catch (ClassCastException JavaDoc e) {
535                 log.error("EJBCA WebService error, revokeCert : ",e);
536                 throw new EjbcaException(e.getMessage());
537             } catch (CreateException JavaDoc e) {
538                 log.error("EJBCA WebService error, revokeCert : ",e);
539                 throw new EjbcaException(e.getMessage());
540             } catch (NamingException JavaDoc e) {
541                 log.error("EJBCA WebService error, revokeCert : ",e);
542                 throw new EjbcaException(e.getMessage());
543             } catch (FinderException JavaDoc e) {
544                 throw new NotFoundException JavaDoc(e.getMessage());
545             }
546     }
547
548     /**
549      * Method used to revoke all a users certificates. It is also possible to delete
550      * a user after all certificates have been revoked.
551      *
552      * Authorization requirements: the client certificate must have the following priviledges set
553      * - Administrator flag set
554      * - /administrator
555      * - /ra_functionality/revoke_end_entity
556      * - /ra_functionality/<end entity profile of the user>/revoke_end_entity
557      * - /ca/<ca of users certificate>
558      *
559      * @param username unique username i EJBCA
560      * @param reasonfor revokation, one of RevokedCertInfo.REVOKATION_REASON_ constants
561      * @param deleteUser deletes the users after all the certificates have been revoked.
562      * @throws AuthorizationDeniedException if client isn't authorized.
563      * @throws NotFoundException if user doesn't exist
564      */

565     public void revokeUser(String JavaDoc username, int reason, boolean deleteUser)
566             throws AuthorizationDeniedException, NotFoundException JavaDoc, EjbcaException {
567
568         try{
569             Admin admin = getAdmin();
570             
571             // check CAID
572
UserDataVO userdata = getUserAdminSession().findUser(admin,username);
573             if(userdata == null){
574                 throw new NotFoundException JavaDoc("Error: User " + username + " doesn't exist");
575             }
576             int caid = userdata.getCAId();
577             getAuthorizationSession().isAuthorizedNoLog(admin,AvailableAccessRules.CAPREFIX +caid);
578             
579             getUserAdminSession().revokeUser(admin,username,reason);
580             if(deleteUser){
581                 getUserAdminSession().deleteUser(admin,username);
582             }
583         }catch(AuthorizationDeniedException e){
584             throw e;
585         } catch (ClassCastException JavaDoc e) {
586             log.error("EJBCA WebService error, revokeUser : ",e);
587             throw new EjbcaException(e.getMessage());
588         } catch (CreateException JavaDoc e) {
589             log.error("EJBCA WebService error, revokeUser : ",e);
590             throw new EjbcaException(e.getMessage());
591         } catch (NamingException JavaDoc e) {
592             log.error("EJBCA WebService error, revokeUser : ",e);
593             throw new EjbcaException(e.getMessage());
594         } catch (FinderException JavaDoc e) {
595             throw new NotFoundException JavaDoc(e.getMessage());
596         } catch (NotFoundException JavaDoc e) {
597             throw e;
598         } catch (RemoveException JavaDoc e) {
599             log.error("EJBCA WebService error, revokeUser : ",e);
600             throw new EjbcaException(e.getMessage());
601         }
602     }
603
604     /**
605      * Method used to revoke all certificates mapped to one hardtoken.
606      *
607      * Authorization requirements: the client certificate must have the following priviledges set
608      * - Administrator flag set
609      * - /administrator
610      * - /ra_functionality/revoke_end_entity
611      * - /ra_functionality/<end entity profile of the user owning the token>/revoke_end_entity
612      * - /ca/<ca of certificates on token>
613      *
614      * @param hardTokenSN of the hardTokenSN
615      * @param reasonfor revokation, one of RevokedCertInfo.REVOKATION_REASON_ constants
616      * @throws AuthorizationDeniedException if client isn't authorized.
617      * @throws NotFoundException if token doesn't exist
618      */

619     
620     public void revokeToken(String JavaDoc hardTokenSN, int reason)
621             throws RemoteException JavaDoc, AuthorizationDeniedException, NotFoundException JavaDoc, EjbcaException {
622
623         try{
624             Admin admin = getAdmin();
625             Collection JavaDoc certs = getHardTokenSession().findCertificatesInHardToken(admin,hardTokenSN);
626             Iterator JavaDoc iter = certs.iterator();
627             String JavaDoc username = null;
628             while(iter.hasNext()){
629                 X509Certificate JavaDoc next = (X509Certificate JavaDoc) iter.next();
630                 if(username == null){
631                     username = getCertStoreSession().findUsernameByCertSerno(admin,next.getSerialNumber(),next.getIssuerDN().toString());
632                 }
633                 
634                 // check that admin is autorized to CA
635
int caid = CertTools.stringToBCDNString(next.getIssuerDN().toString()).hashCode();
636                 getAuthorizationSession().isAuthorizedNoLog(admin,AvailableAccessRules.CAPREFIX +caid);
637                 
638                 getUserAdminSession().revokeCert(admin,next.getSerialNumber(),next.getIssuerDN().toString(),username,reason);
639             }
640         }catch(AuthorizationDeniedException e){
641             throw e;
642         } catch (ClassCastException JavaDoc e) {
643             log.error("EJBCA WebService error, revokeToken : ",e);
644             throw new EjbcaException(e.getMessage());
645         } catch (CreateException JavaDoc e) {
646             log.error("EJBCA WebService error, revokeToken : ",e);
647             throw new EjbcaException(e.getMessage());
648         } catch (NamingException JavaDoc e) {
649             log.error("EJBCA WebService error, revokeToken : ",e);
650             throw new EjbcaException(e.getMessage());
651         } catch (FinderException JavaDoc e) {
652             throw new NotFoundException JavaDoc(e.getMessage());
653         }
654     }
655
656     /**
657      * Method returning the revokestatus for given user
658      *
659      * Authorization requirements: the client certificate must have the following priviledges set
660      * - Administrator flag set
661      * - /administrator
662      * - /ca/<ca of certificate>
663      *
664      * @param issuerDN
665      * @param certificateSN a hexadecimal string
666      * @return the revokestatus of null i certificate doesn't exists.
667      * @throws AuthorizationDeniedException if client isn't authorized.
668      * @see org.ejbca.core.protocol.ws.RevokeStatus
669      */

670     
671     public RevokeStatus checkRevokationStatus(String JavaDoc issuerDN, String JavaDoc certificateSN) throws AuthorizationDeniedException, EjbcaException {
672         RevokeStatus retval = null;
673
674         try{
675           Admin admin = getAdmin();
676           
677           // check that admin is autorized to CA
678
int caid = CertTools.stringToBCDNString(issuerDN).hashCode();
679           getAuthorizationSession().isAuthorizedNoLog(admin,AvailableAccessRules.CAPREFIX +caid);
680           
681           RevokedCertInfo certinfo = getCertStoreSession().isRevoked(admin,issuerDN,new BigInteger JavaDoc(certificateSN,16));
682           retval = new RevokeStatus(certinfo,issuerDN);
683         }catch(AuthorizationDeniedException ade){
684             throw ade;
685         } catch (ClassCastException JavaDoc e) {
686             log.error("EJBCA WebService error, checkRevokationStatus : ",e);
687             throw new EjbcaException(e.getMessage());
688         } catch (CreateException JavaDoc e) {
689             log.error("EJBCA WebService error, checkRevokationStatus : ",e);
690             throw new EjbcaException(e.getMessage());
691         } catch (NamingException JavaDoc e) {
692             log.error("EJBCA WebService error, checkRevokationStatus : ",e);
693             throw new EjbcaException(e.getMessage());
694         }
695         return retval;
696
697     }
698
699
700     private Admin getAdmin() throws AuthorizationDeniedException, ClassCastException JavaDoc, CreateException JavaDoc, NamingException JavaDoc{
701           MessageContext msgContext = wsContext.getMessageContext();
702           HttpServletRequest JavaDoc request = (HttpServletRequest JavaDoc) msgContext.get(MessageContext.SERVLET_REQUEST);
703           X509Certificate JavaDoc[] certificates = (X509Certificate JavaDoc[]) request.getAttribute("javax.servlet.request.X509Certificate");
704           
705           if(certificates == null){
706               throw new AuthorizationDeniedException("Error no client certificate recieved used for authentication.");
707           }
708           
709           Admin admin = new Admin(certificates[0]);
710             // Check that user have the administrator flag set.
711
getUserAdminSession().checkIfCertificateBelongToAdmin(admin, certificates[0].getSerialNumber(), certificates[0].getIssuerDN().toString());
712           getAuthorizationSession().isAuthorizedNoLog(admin,AvailableAccessRules.ROLE_ADMINISTRATOR);
713           
714             
715           RevokedCertInfo revokeResult = getCertStoreSession().isRevoked(new Admin(Admin.TYPE_INTERNALUSER),CertTools.stringToBCDNString(certificates[0].getIssuerDN().toString()), certificates[0].getSerialNumber());
716           if(revokeResult == null || revokeResult.getReason() != RevokedCertInfo.NOT_REVOKED){
717               throw new AuthorizationDeniedException("Error Signer certificate doesn't exist or is revoked.");
718           }
719           
720           return admin;
721     }
722
723     private UserDataVO convertUserDataVOWS(Admin admin, UserDataVOWS userdata) throws EjbcaException, ClassCastException JavaDoc, CreateException JavaDoc, NamingException JavaDoc{
724            
725         int caid = getCAAdminSession().getCAInfo(admin,userdata.getCaName()).getCAId();
726         if(caid == 0){
727             throw new EjbcaException("Error CA " + userdata.getCaName() + " doesn't exists.");
728         }
729         
730         int endentityprofileid = getRAAdminSession().getEndEntityProfileId(admin,userdata.getEndEntityProfileName());
731         if(endentityprofileid == 0){
732             throw new EjbcaException("Error End Entity profile " + userdata.getEndEntityProfileName() + " doesn't exists.");
733         }
734
735         int certificateprofileid = getCertStoreSession().getCertificateProfileId(admin,userdata.getCertificateProfileName());
736         if(certificateprofileid == 0){
737             throw new EjbcaException("Error Certificate profile " + userdata.getCertificateProfileName() + " doesn't exists.");
738         }
739         
740         int hardtokenissuerid = 0;
741         if(userdata.getHardTokenIssuerName() != null){
742            hardtokenissuerid = getHardTokenSession().getHardTokenIssuerId(admin,userdata.getHardTokenIssuerName());
743            if(hardtokenissuerid == 0){
744               throw new EjbcaException("Error Hard Token Issuer " + userdata.getHardTokenIssuerName() + " doesn't exists.");
745            }
746         }
747         
748         int tokenid = getTokenId(admin,userdata.getTokenType());
749         if(tokenid == 0){
750             throw new EjbcaException("Error Token Type " + userdata.getTokenType() + " doesn't exists.");
751         }
752         
753         UserDataVO userdatavo = new UserDataVO(userdata.getUsername(),
754                 userdata.getSubjectDN(),
755                 caid,
756                 userdata.getSubjectAltName(),
757                 userdata.getEmail(),
758                 userdata.getStatus(),
759                 userdata.getType(),
760                 endentityprofileid,
761                 certificateprofileid,
762                 null,
763                 null,
764                 tokenid,
765                 hardtokenissuerid,
766                 null);
767         
768         userdatavo.setPassword(userdata.getPassword());
769         
770         return userdatavo;
771     }
772     
773     private UserDataVOWS convertUserDataVO(Admin admin, UserDataVO userdata) throws EjbcaException, ClassCastException JavaDoc, CreateException JavaDoc, NamingException JavaDoc{
774         
775         String JavaDoc caname = getCAAdminSession().getCAInfo(admin,userdata.getCAId()).getName();
776         if(caname == null){
777             throw new EjbcaException("Error CA id " + userdata.getCAId() + " doesn't exists.");
778         }
779         
780         String JavaDoc endentityprofilename = getRAAdminSession().getEndEntityProfileName(admin,userdata.getEndEntityProfileId());
781         if(endentityprofilename == null){
782             throw new EjbcaException("Error End Entity profile id " + userdata.getEndEntityProfileId() + " doesn't exists.");
783         }
784
785         String JavaDoc certificateprofilename = getCertStoreSession().getCertificateProfileName(admin,userdata.getCertificateProfileId());
786         if(certificateprofilename == null){
787             throw new EjbcaException("Error Certificate profile id" + userdata.getCertificateProfileId() + " doesn't exists.");
788         }
789         
790         String JavaDoc hardtokenissuername = null;
791         if(userdata.getHardTokenIssuerId() != 0){
792            hardtokenissuername = getHardTokenSession().getHardTokenIssuerAlias(admin,userdata.getHardTokenIssuerId());
793            if(hardtokenissuername == null){
794               throw new EjbcaException("Error Hard Token Issuer id " + userdata.getHardTokenIssuerId() + " doesn't exists.");
795            }
796         }
797         
798         String JavaDoc tokenname = getTokenName(admin,userdata.getTokenType());
799         if(tokenname == null){
800             throw new EjbcaException("Error Token Type id " + userdata.getTokenType() + " doesn't exists.");
801         }
802         return new UserDataVOWS(userdata.getUsername(),null,false,userdata.getDN(),caname,userdata.getSubjectAltName(),userdata.getEmail(),userdata.getStatus(),tokenname,endentityprofilename,certificateprofilename,hardtokenissuername);
803     }
804     
805     /**
806      * Method that converts profilenames etc to corresponding Id's
807      * @param admin
808      * @param usermatch a usermatch containing names of profiles
809      * @return a query containg id's of profiles.
810      * @throws NumberFormatException
811      * @throws ClassCastException
812      * @throws CreateException
813      * @throws NamingException
814      */

815     private Query convertUserMatch(Admin admin, UserMatch usermatch) throws NumberFormatException JavaDoc, ClassCastException JavaDoc, CreateException JavaDoc, NamingException JavaDoc{
816         Query retval = new Query(Query.TYPE_USERQUERY);
817         
818         switch(usermatch.getMatchwith()){
819           case UserMatch.MATCH_WITH_ENDENTITYPROFILE:
820               String JavaDoc endentityprofilename = Integer.toString(getRAAdminSession().getEndEntityProfileId(admin,usermatch.getMatchvalue()));
821               retval.add(usermatch.getMatchwith(),usermatch.getMatchtype(),endentityprofilename);
822               break;
823           case UserMatch.MATCH_WITH_CERTIFICATEPROFILE:
824               String JavaDoc certificateprofilename = Integer.toString(getCertStoreSession().getCertificateProfileId(admin,usermatch.getMatchvalue()));
825               retval.add(usermatch.getMatchwith(),usermatch.getMatchtype(),certificateprofilename);
826               break;
827           case UserMatch.MATCH_WITH_CA:
828               String JavaDoc caname = Integer.toString(getCAAdminSession().getCAInfo(admin,usermatch.getMatchvalue()).getCAId());
829               retval.add(usermatch.getMatchwith(),usermatch.getMatchtype(),caname);
830               break;
831           case UserMatch.MATCH_WITH_TOKEN:
832               String JavaDoc tokenname = Integer.toString(getTokenId(admin,usermatch.getMatchvalue()));
833               retval.add(usermatch.getMatchwith(),usermatch.getMatchtype(),tokenname);
834               break;
835           default:
836               retval.add(usermatch.getMatchwith(),usermatch.getMatchtype(),usermatch.getMatchvalue());
837               break;
838         }
839         
840         
841         return retval;
842     }
843     
844     /**
845      * Help metod returning a subset of certificates containing only valid certificates
846      * expiredate and revokation status is checked.
847      * @throws NamingException
848      * @throws CreateException
849      * @throws ClassCastException
850      */

851     private Collection JavaDoc returnOnlyValidCertificates(Admin admin, Collection JavaDoc certs) throws ClassCastException JavaDoc, CreateException JavaDoc, NamingException JavaDoc {
852        ArrayList JavaDoc<X509Certificate JavaDoc> retval = new ArrayList JavaDoc<X509Certificate JavaDoc>();
853        
854        Iterator JavaDoc iter = certs.iterator();
855        while(iter.hasNext()){
856            X509Certificate JavaDoc next = (X509Certificate JavaDoc) iter.next();
857            
858            RevokedCertInfo info = getCertStoreSession().isRevoked(admin,next.getIssuerDN().toString(),next.getSerialNumber());
859            if(info.getReason() == RevokedCertInfo.NOT_REVOKED){
860                try{
861                    next.checkValidity();
862                    retval.add(next);
863                }catch(CertificateExpiredException JavaDoc e){
864                }catch (CertificateNotYetValidException JavaDoc e) {
865                }
866            }
867        }
868     
869        return retval;
870     }
871     
872     private Collection JavaDoc returnOnlyAuthorizedCertificates(Admin admin, Collection JavaDoc certs) {
873         ArrayList JavaDoc<X509Certificate JavaDoc> retval = new ArrayList JavaDoc<X509Certificate JavaDoc>();
874         
875         Iterator JavaDoc iter = certs.iterator();
876         while(iter.hasNext()){
877             X509Certificate JavaDoc next = (X509Certificate JavaDoc) iter.next();
878             
879             try{
880                 // check that admin is autorized to CA
881
int caid = CertTools.stringToBCDNString(next.getIssuerDN().toString()).hashCode();
882                 getAuthorizationSession().isAuthorizedNoLog(admin,AvailableAccessRules.CAPREFIX +caid);
883                 retval.add(next);
884             }catch(AuthorizationDeniedException ade){
885                 log.debug("findCerts : not authorized to certificate " + next.getSerialNumber().toString(16));
886             }
887         }
888         
889         return retval;
890     }
891     
892     
893     private final String JavaDoc[] softtokennames = {UserDataVOWS.TOKEN_TYPE_USERGENERATED,UserDataVOWS.TOKEN_TYPE_P12,
894                                              UserDataVOWS.TOKEN_TYPE_JKS,UserDataVOWS.TOKEN_TYPE_PEM};
895     private final int[] softtokenids = {SecConst.TOKEN_SOFT_BROWSERGEN,
896             SecConst.TOKEN_SOFT_P12, SecConst.TOKEN_SOFT_JKS, SecConst.TOKEN_SOFT_PEM};
897     
898     private int getTokenId(Admin admin, String JavaDoc tokenname){
899         int returnval = 0;
900         
901         // First check for soft token type
902
for(int i=0;i< softtokennames.length;i++){
903             if(softtokennames[i].equals(tokenname)){
904                 returnval = softtokenids[i];
905                 break;
906             }
907         }
908
909         if (returnval == 0) {
910              returnval = getHardTokenSession().getHardTokenProfileId(admin , tokenname);
911         }
912
913         return returnval;
914     }
915     
916     private String JavaDoc getTokenName(Admin admin, int tokenid){
917         String JavaDoc returnval = null;
918         
919         // First check for soft token type
920
for(int i=0;i< softtokenids.length;i++){
921             if(softtokenids[i] == tokenid){
922                 returnval = softtokennames[i];
923                 break;
924             }
925         }
926
927         if (returnval == null) {
928              returnval = getHardTokenSession().getHardTokenProfileName(admin , tokenid);
929         }
930
931         return returnval;
932     }
933     
934     private ICAAdminSessionLocal caadminsession = null;
935     private ICAAdminSessionLocal getCAAdminSession() throws ClassCastException JavaDoc, CreateException JavaDoc, NamingException JavaDoc{
936         if(caadminsession == null){
937             Context JavaDoc context = new InitialContext JavaDoc();
938             caadminsession = ((ICAAdminSessionLocalHome) javax.rmi.PortableRemoteObject.narrow(context.lookup(
939             "CAAdminSessionLocal"), ICAAdminSessionLocalHome.class)).create();
940         }
941         return caadminsession;
942     }
943     
944     private IRaAdminSessionLocal raadminsession = null;
945     private IRaAdminSessionLocal getRAAdminSession() throws ClassCastException JavaDoc, CreateException JavaDoc, NamingException JavaDoc{
946         if(raadminsession == null){
947           Context JavaDoc context = new InitialContext JavaDoc();
948           raadminsession = ((IRaAdminSessionLocalHome) javax.rmi.PortableRemoteObject.narrow(context.lookup(
949           "RaAdminSessionLocal"), IRaAdminSessionLocalHome.class)).create();
950         }
951         return raadminsession;
952     }
953     
954     private ICertificateStoreSessionLocal certificatestoresession = null;
955     private ICertificateStoreSessionLocal getCertStoreSession() throws ClassCastException JavaDoc, CreateException JavaDoc, NamingException JavaDoc{
956         if(certificatestoresession == null){
957             Context JavaDoc context = new InitialContext JavaDoc();
958             certificatestoresession = ((ICertificateStoreSessionLocalHome) javax.rmi.PortableRemoteObject.narrow(context.lookup(
959             "CertificateStoreSessionLocal"), ICertificateStoreSessionLocalHome.class)).create();
960         }
961         return certificatestoresession;
962     }
963     
964     private ISignSessionLocal signsession = null;
965     private ISignSessionLocal getSignSession() throws ClassCastException JavaDoc, CreateException JavaDoc, NamingException JavaDoc{
966         if(signsession == null){
967             Context JavaDoc context = new InitialContext JavaDoc();
968             signsession = ((ISignSessionLocalHome) javax.rmi.PortableRemoteObject.narrow(context.lookup(
969             "SignSessionLocal"), ISignSessionLocalHome.class)).create();
970         }
971         return signsession;
972     }
973     
974     private IUserAdminSessionLocal usersession = null;
975     private IUserAdminSessionLocal getUserAdminSession() {
976         try{
977             if(usersession == null){
978                 Context JavaDoc context = new InitialContext JavaDoc();
979                 usersession = ((IUserAdminSessionLocalHome) javax.rmi.PortableRemoteObject.narrow(context.lookup(
980                 "UserAdminSessionLocal"), IUserAdminSessionLocalHome.class)).create();
981             }
982         }catch(Exception JavaDoc e) {
983             log.error("Error instancing User Admin Session Bean",e);
984             throw new EJBException JavaDoc(e);
985         }
986         return usersession;
987     }
988     
989     private IHardTokenSessionLocal hardtokensession = null;
990     private IHardTokenSessionLocal getHardTokenSession() {
991         try{
992             if(hardtokensession == null){
993                 Context JavaDoc context = new InitialContext JavaDoc();
994                 hardtokensession = ((IHardTokenSessionLocalHome) javax.rmi.PortableRemoteObject.narrow(context.lookup(
995                 "HardTokenSessionLocal"), IHardTokenSessionLocalHome.class)).create();
996             }
997         }catch(Exception JavaDoc e) {
998             log.error("Error instancing Hard Token Session Bean",e);
999             throw new EJBException JavaDoc(e);
1000        }
1001        return hardtokensession;
1002    }
1003    
1004    private IAuthorizationSessionLocal authsession = null;
1005    private IAuthorizationSessionLocal getAuthorizationSession() {
1006        try{
1007            if(authsession == null){
1008                Context JavaDoc context = new InitialContext JavaDoc();
1009                authsession = ((IAuthorizationSessionLocalHome) javax.rmi.PortableRemoteObject.narrow(context.lookup(
1010                "AuthorizationSessionLocal"), IAuthorizationSessionLocalHome.class)).create();
1011            }
1012        }catch(Exception JavaDoc e) {
1013            log.error("Error instancing Authorization Session Bean",e);
1014            throw new EJBException JavaDoc(e);
1015        }
1016        return authsession;
1017    }
1018
1019
1020}
1021
Popular Tags