KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > ejbca > ui > web > admin > cainterface > CAInterfaceBean


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/

13  
14 package org.ejbca.ui.web.admin.cainterface;
15
16 import java.io.ByteArrayOutputStream JavaDoc;
17 import java.rmi.RemoteException JavaDoc;
18 import java.security.cert.Certificate JavaDoc;
19 import java.security.cert.X509Certificate JavaDoc;
20 import java.util.Collection JavaDoc;
21 import java.util.Collections JavaDoc;
22 import java.util.Comparator JavaDoc;
23 import java.util.HashMap JavaDoc;
24 import java.util.Iterator JavaDoc;
25 import java.util.List JavaDoc;
26 import java.util.TreeMap JavaDoc;
27
28 import javax.ejb.CreateException JavaDoc;
29 import javax.naming.InitialContext JavaDoc;
30 import javax.naming.NamingException JavaDoc;
31 import javax.servlet.http.HttpServletRequest JavaDoc;
32
33 import org.bouncycastle.asn1.DEROutputStream;
34 import org.bouncycastle.jce.PKCS10CertificationRequest;
35 import org.ejbca.core.ejb.ServiceLocator;
36 import org.ejbca.core.ejb.authorization.IAuthorizationSessionLocal;
37 import org.ejbca.core.ejb.authorization.IAuthorizationSessionLocalHome;
38 import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocal;
39 import org.ejbca.core.ejb.ca.caadmin.ICAAdminSessionLocalHome;
40 import org.ejbca.core.ejb.ca.crl.ICreateCRLSessionHome;
41 import org.ejbca.core.ejb.ca.publisher.IPublisherSessionLocal;
42 import org.ejbca.core.ejb.ca.publisher.IPublisherSessionLocalHome;
43 import org.ejbca.core.ejb.ca.sign.ISignSessionLocal;
44 import org.ejbca.core.ejb.ca.sign.ISignSessionLocalHome;
45 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocal;
46 import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocalHome;
47 import org.ejbca.core.ejb.hardtoken.IHardTokenSessionLocal;
48 import org.ejbca.core.ejb.hardtoken.IHardTokenSessionLocalHome;
49 import org.ejbca.core.ejb.ra.IUserAdminSessionLocal;
50 import org.ejbca.core.ejb.ra.IUserAdminSessionLocalHome;
51 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocal;
52 import org.ejbca.core.ejb.ra.raadmin.IRaAdminSessionLocalHome;
53 import org.ejbca.core.model.ca.caadmin.CAInfo;
54 import org.ejbca.core.model.ca.catoken.CATokenOfflineException;
55 import org.ejbca.core.model.ca.certificateprofiles.CertificateProfile;
56 import org.ejbca.core.model.ca.crl.RevokedCertInfo;
57 import org.ejbca.core.model.ca.store.CRLInfo;
58 import org.ejbca.core.model.ca.store.CertReqHistory;
59 import org.ejbca.core.model.ca.store.CertificateInfo;
60 import org.ejbca.core.model.log.Admin;
61 import org.ejbca.ui.web.RequestHelper;
62 import org.ejbca.ui.web.admin.configuration.EjbcaWebBean;
63 import org.ejbca.ui.web.admin.configuration.InformationMemory;
64 import org.ejbca.ui.web.admin.rainterface.CertificateView;
65 import org.ejbca.ui.web.admin.rainterface.RevokedInfoView;
66 import org.ejbca.util.Base64;
67 import org.ejbca.util.CertTools;
68
69
70 /**
71  * A class used as an interface between CA jsp pages and CA ejbca functions.
72  *
73  * @author Philip Vendil
74  * @version $Id: CAInterfaceBean.java,v 1.5 2006/10/31 08:24:11 anatom Exp $
75  */

76 public class CAInterfaceBean implements java.io.Serializable JavaDoc {
77
78
79     /** Creates a new instance of CaInterfaceBean */
80     public CAInterfaceBean() {
81     }
82
83     // Public methods
84
public void initialize(HttpServletRequest JavaDoc request, EjbcaWebBean ejbcawebbean) throws Exception JavaDoc{
85
86       if(!initialized){
87         administrator = new Admin(((X509Certificate JavaDoc[]) request.getAttribute( "javax.servlet.request.X509Certificate" ))[0]);
88         ServiceLocator locator = ServiceLocator.getInstance();
89         ICertificateStoreSessionLocalHome certificatesessionhome = (ICertificateStoreSessionLocalHome) locator.getLocalHome(ICertificateStoreSessionLocalHome.COMP_NAME);
90         certificatesession = certificatesessionhome.create();
91         
92         ICAAdminSessionLocalHome caadminsessionhome = (ICAAdminSessionLocalHome) locator.getLocalHome(ICAAdminSessionLocalHome.COMP_NAME);
93         caadminsession = caadminsessionhome.create();
94         
95         IAuthorizationSessionLocalHome authorizationsessionhome = (IAuthorizationSessionLocalHome) locator.getLocalHome(IAuthorizationSessionLocalHome.COMP_NAME);
96         authorizationsession = authorizationsessionhome.create();
97         
98         IUserAdminSessionLocalHome adminsessionhome = (IUserAdminSessionLocalHome) locator.getLocalHome(IUserAdminSessionLocalHome.COMP_NAME);
99         adminsession = adminsessionhome.create();
100
101         IRaAdminSessionLocalHome raadminsessionhome = (IRaAdminSessionLocalHome) locator.getLocalHome(IRaAdminSessionLocalHome.COMP_NAME);
102         raadminsession = raadminsessionhome.create();
103         
104         ISignSessionLocalHome home = (ISignSessionLocalHome)locator.getLocalHome(ISignSessionLocalHome.COMP_NAME );
105         signsession = home.create();
106         
107         IHardTokenSessionLocalHome hardtokensessionhome = (IHardTokenSessionLocalHome)locator.getLocalHome(IHardTokenSessionLocalHome.COMP_NAME);
108         hardtokensession = hardtokensessionhome.create();
109         
110         IPublisherSessionLocalHome publishersessionhome = (IPublisherSessionLocalHome) locator.getLocalHome(IPublisherSessionLocalHome.COMP_NAME);
111         publishersession = publishersessionhome.create();
112         
113         
114         this.informationmemory = ejbcawebbean.getInformationMemory();
115           
116         certificateprofiles = new CertificateProfileDataHandler(administrator, certificatesession, authorizationsession, informationmemory);
117         cadatahandler = new CADataHandler(administrator, caadminsession, adminsession, raadminsession, certificatesession, authorizationsession, signsession, ejbcawebbean);
118         publisherdatahandler = new PublisherDataHandler(administrator, publishersession, authorizationsession,
119                                                         caadminsession, certificatesession, informationmemory);
120         initialized =true;
121       }
122     }
123
124     public CertificateView[] getCACertificates(int caid) {
125       CertificateView[] returnval = null;
126       
127       Collection JavaDoc chain = signsession.getCertificateChain(administrator, caid);
128       
129       returnval = new CertificateView[chain.size()];
130       Iterator JavaDoc iter = chain.iterator();
131       int i=0;
132       while(iter.hasNext()){
133         Certificate JavaDoc next = (Certificate JavaDoc) iter.next();
134         RevokedInfoView revokedinfo = null;
135         RevokedCertInfo revinfo = certificatesession.isRevoked(administrator, CertTools.getIssuerDN((X509Certificate JavaDoc) next), ((X509Certificate JavaDoc) next).getSerialNumber());
136         if(revinfo != null && revinfo.getReason() != RevokedCertInfo.NOT_REVOKED)
137           revokedinfo = new RevokedInfoView(revinfo);
138         returnval[i] = new CertificateView((X509Certificate JavaDoc) next, revokedinfo,null);
139         i++;
140       }
141
142       return returnval;
143     }
144     
145     /**
146      * Method that returns a HashMap connecting available CAIds (Integer) to CA Names (String).
147      *
148      */

149     
150     public HashMap JavaDoc getCAIdToNameMap(){
151       return informationmemory.getCAIdToNameMap();
152     }
153
154     /**
155      * Return the name of the CA based on its ID
156      * @param caId the ca ID
157      * @return the name of the CA or null if it does not exists.
158      */

159     public String JavaDoc getName(Integer JavaDoc caId) {
160         return (String JavaDoc)informationmemory.getCAIdToNameMap().get(caId);
161     }
162
163     public Collection JavaDoc getAuthorizedCAs(){
164       return informationmemory.getAuthorizedCAIds();
165     }
166       
167       
168     public TreeMap JavaDoc getEditCertificateProfileNames() {
169       return informationmemory.getEditCertificateProfileNames();
170     }
171
172     /** Returns the profile name from id proxied */
173     public String JavaDoc getCertificateProfileName(int profileid) {
174       return this.informationmemory.getCertificateProfileNameProxy().getCertificateProfileName(profileid);
175     }
176     
177     public int getCertificateProfileId(String JavaDoc profilename){
178       return certificateprofiles.getCertificateProfileId(profilename);
179     }
180
181
182     public CertificateProfile getCertificateProfile(String JavaDoc name) throws Exception JavaDoc{
183       return certificateprofiles.getCertificateProfile(name);
184     }
185
186     public CertificateProfile getCertificateProfile(int id) throws Exception JavaDoc{
187       return certificateprofiles.getCertificateProfile(id);
188     }
189
190     public void addCertificateProfile(String JavaDoc name) throws Exception JavaDoc{
191        CertificateProfile profile = new CertificateProfile();
192        profile.setAvailableCAs(informationmemory.getAuthorizedCAIds());
193        
194        certificateprofiles.addCertificateProfile(name, profile);
195               
196     }
197
198    
199     public void changeCertificateProfile(String JavaDoc name, CertificateProfile profile) throws Exception JavaDoc {
200        certificateprofiles.changeCertificateProfile(name, profile);
201     }
202     
203     /** Returns false if certificate type is used by any user or in profiles. */
204     public boolean removeCertificateProfile(String JavaDoc name) throws Exception JavaDoc{
205
206         boolean certificateprofileused = false;
207         int certificateprofileid = certificatesession.getCertificateProfileId(administrator, name);
208         CertificateProfile certprofile = this.certificatesession.getCertificateProfile(administrator, name);
209         
210         if(certprofile.getType() == CertificateProfile.TYPE_ENDENTITY){
211           // Check if any users or profiles use the certificate id.
212
certificateprofileused = adminsession.checkForCertificateProfileId(administrator, certificateprofileid)
213                                 || raadminsession.existsCertificateProfileInEndEntityProfiles(administrator, certificateprofileid)
214                                 || hardtokensession.existsCertificateProfileInHardTokenProfiles(administrator, certificateprofileid);
215         }else{
216            certificateprofileused = caadminsession.exitsCertificateProfileInCAs(administrator, certificateprofileid);
217         }
218             
219           
220         if(!certificateprofileused){
221           certificateprofiles.removeCertificateProfile(name);
222         }
223
224         return !certificateprofileused;
225     }
226
227     public void renameCertificateProfile(String JavaDoc oldname, String JavaDoc newname) throws Exception JavaDoc{
228        certificateprofiles.renameCertificateProfile(oldname, newname);
229     }
230
231     public void cloneCertificateProfile(String JavaDoc originalname, String JavaDoc newname) throws Exception JavaDoc{
232       certificateprofiles.cloneCertificateProfile(originalname, newname);
233     }
234       
235     public void createCRL(String JavaDoc issuerdn) throws RemoteException JavaDoc, NamingException JavaDoc, CreateException JavaDoc, CATokenOfflineException {
236       InitialContext JavaDoc jndicontext = new InitialContext JavaDoc();
237       ICreateCRLSessionHome home = (ICreateCRLSessionHome)javax.rmi.PortableRemoteObject.narrow( jndicontext.lookup("CreateCRLSession") , ICreateCRLSessionHome.class );
238       home.create().run(administrator, issuerdn);
239     }
240
241     public int getLastCRLNumber(String JavaDoc issuerdn) {
242       return certificatesession.getLastCRLNumber(administrator, issuerdn);
243     }
244     
245     public CRLInfo getLastCRLInfo(String JavaDoc issuerdn) {
246       return certificatesession.getLastCRLInfo(administrator, issuerdn);
247     }
248
249     /* Returns certificateprofiles as a CertificateProfiles object */
250     public CertificateProfileDataHandler getCertificateProfileDataHandler(){
251       return certificateprofiles;
252     }
253     
254     public HashMap JavaDoc getAvailablePublishers() {
255       return publishersession.getPublisherIdToNameMap(administrator);
256     }
257     
258     public PublisherDataHandler getPublisherDataHandler() {
259         return this.publisherdatahandler;
260     }
261     
262     public CADataHandler getCADataHandler(){
263       return cadatahandler;
264     }
265     
266     public CAInfoView getCAInfo(String JavaDoc name) throws Exception JavaDoc{
267       return cadatahandler.getCAInfo(name);
268     }
269
270     public CAInfoView getCAInfo(int caid) throws Exception JavaDoc{
271       return cadatahandler.getCAInfo(caid);
272     }
273     
274     public void saveRequestInfo(CAInfo cainfo){
275         this.cainfo = cainfo;
276     }
277     
278     public CAInfo getRequestInfo(){
279         return this.cainfo;
280     }
281     
282     public void savePKCS10RequestData(PKCS10CertificationRequest request){
283         this.request = request;
284     }
285     
286     public PKCS10CertificationRequest getPKCS10RequestData(){
287         return this.request;
288     }
289     
290     public String JavaDoc getPKCS10RequestDataAsString() throws Exception JavaDoc{
291       String JavaDoc returnval = null;
292       if(request != null ){
293                                               
294         ByteArrayOutputStream JavaDoc bOut = new ByteArrayOutputStream JavaDoc();
295         DEROutputStream dOut = new DEROutputStream(bOut);
296         dOut.writeObject(request);
297         dOut.close();
298               
299         returnval = RequestHelper.BEGIN_CERTIFICATE_REQUEST_WITH_NL
300                        + new String JavaDoc(Base64.encode(bOut.toByteArray()))
301                        + RequestHelper.END_CERTIFICATE_REQUEST_WITH_NL;
302         
303       }
304       return returnval;
305    }
306     
307    public void saveProcessedCertificate(Certificate JavaDoc cert){
308        this.processedcert =cert;
309    }
310     
311    public Certificate JavaDoc getProcessedCertificate(){
312        return this.processedcert;
313    }
314     
315    public String JavaDoc getProcessedCertificateAsString() throws Exception JavaDoc{
316      String JavaDoc returnval = null;
317      if(request != null ){
318         byte[] b64cert = Base64.encode(this.processedcert.getEncoded());
319         returnval = RequestHelper.BEGIN_CERTIFICATE_WITH_NL;
320         returnval += new String JavaDoc(b64cert);
321         returnval += RequestHelper.END_CERTIFICATE_WITH_NL;
322      }
323      return returnval;
324   }
325    
326    public String JavaDoc republish(CertificateView certificatedata){
327     String JavaDoc returnval = "CERTREPUBLISHFAILED";
328     
329     CertReqHistory certreqhist = certificatesession.getCertReqHistory(administrator,certificatedata.getSerialNumberBigInt(), certificatedata.getIssuerDN());
330     if(certreqhist != null){
331       CertificateProfile certprofile = certificatesession.getCertificateProfile(administrator,certreqhist.getUserDataVO().getCertificateProfileId());
332       if(certprofile != null){
333         CertificateInfo certinfo = certificatesession.getCertificateInfo(administrator, CertTools.getFingerprintAsString(certificatedata.getCertificate()));
334         if(certprofile.getPublisherList().size() > 0){
335             if(publishersession.storeCertificate(administrator, certprofile.getPublisherList(), certificatedata.getCertificate(), certreqhist.getUserDataVO().getUsername(), certreqhist.getUserDataVO().getPassword(),
336                     certinfo.getCAFingerprint(), certinfo.getStatus() , certinfo.getType(), certinfo.getRevocationDate().getTime(), certinfo.getRevocationReason(), certreqhist.getUserDataVO().getExtendedinformation())){
337                 returnval = "CERTREPUBLISHEDSUCCESS";
338             }
339         }else{
340             returnval = "NOPUBLISHERSDEFINED";
341         }
342         
343       }else{
344         returnval = "CERTPROFILENOTFOUND";
345       }
346     }
347     return returnval;
348    }
349    
350    /** Class used to sort CertReq History by users modfifytime, with latest first*/
351    private class CertReqUserCreateComparator implements Comparator JavaDoc{
352
353     public int compare(Object JavaDoc arg0, Object JavaDoc arg1) {
354         return 0 - (((CertReqHistory) arg0).getUserDataVO().getTimeModified().compareTo(
355                       ((CertReqHistory) arg1).getUserDataVO().getTimeModified()));
356     }
357        
358    }
359    
360    /**
361     * Returns a List of CertReqHistUserData from the certreqhist database in an collection sorted by timestamp.
362     *
363     */

364    public List JavaDoc getCertReqUserDatas(String JavaDoc username){
365        List JavaDoc history = this.certificatesession.getCertReqHistory(administrator, username);
366        
367        // Sort it by timestamp, newest first;
368
Collections.sort(history, new CertReqUserCreateComparator());
369            
370        return history;
371    }
372     
373     // Private methods
374

375     // Private fields
376
private ICertificateStoreSessionLocal certificatesession;
377     private ICAAdminSessionLocal caadminsession;
378     private IAuthorizationSessionLocal authorizationsession;
379     private IUserAdminSessionLocal adminsession;
380     private IRaAdminSessionLocal raadminsession;
381     private ISignSessionLocal signsession;
382     private IHardTokenSessionLocal hardtokensession;
383     private IPublisherSessionLocal publishersession;
384     private CertificateProfileDataHandler certificateprofiles;
385     private CADataHandler cadatahandler;
386     private PublisherDataHandler publisherdatahandler;
387     private boolean initialized;
388     private Admin administrator;
389     private InformationMemory informationmemory;
390     private CAInfo cainfo;
391     transient private PKCS10CertificationRequest request;
392     private Certificate JavaDoc processedcert;
393     
394 }
395
Popular Tags