1 13 14 package org.ejbca.ui.web.admin.cainterface; 15 16 import java.io.IOException ; 17 import java.math.BigInteger ; 18 import java.security.cert.X509Certificate ; 19 20 import javax.servlet.ServletConfig ; 21 import javax.servlet.ServletException ; 22 import javax.servlet.http.HttpServlet ; 23 import javax.servlet.http.HttpServletRequest ; 24 import javax.servlet.http.HttpServletResponse ; 25 26 import org.apache.log4j.Logger; 27 import org.ejbca.core.model.authorization.AvailableAccessRules; 28 import org.ejbca.ui.web.RequestHelper; 29 import org.ejbca.ui.web.admin.configuration.EjbcaWebBean; 30 import org.ejbca.ui.web.admin.rainterface.CertificateView; 31 import org.ejbca.ui.web.admin.rainterface.RAInterfaceBean; 32 import org.ejbca.ui.web.pub.ServletUtils; 33 import org.ejbca.util.Base64; 34 35 36 57 public class EndEntityCertServlet extends HttpServlet { 58 59 private static final Logger log = Logger.getLogger(EndEntityCertServlet.class); 60 61 private static final String COMMAND_PROPERTY_NAME = "cmd"; 62 private static final String COMMAND_NSCERT = "nscert"; 63 private static final String COMMAND_IECERT = "iecert"; 64 private static final String COMMAND_CERT = "cert"; 65 66 private static final String ISSUER_PROPERTY = "issuer"; 67 private static final String CERTIFICATEDN_PROPERTY = "certificatesn"; 68 69 public void init(ServletConfig config) throws ServletException { 70 super.init(config); 71 } 72 73 public void doPost(HttpServletRequest req, HttpServletResponse res) 74 throws IOException , ServletException { 75 log.debug(">doPost()"); 76 doGet(req, res); 77 log.debug("<doPost()"); 78 } 80 public void doGet(HttpServletRequest req, HttpServletResponse res) throws java.io.IOException , ServletException { 81 log.debug(">doGet()"); 82 EjbcaWebBean ejbcawebbean= (org.ejbca.ui.web.admin.configuration.EjbcaWebBean) 84 req.getSession().getAttribute("ejbcawebbean"); 85 86 RAInterfaceBean rabean = (org.ejbca.ui.web.admin.rainterface.RAInterfaceBean) 87 req.getSession().getAttribute("rabean"); 88 if ( ejbcawebbean == null ){ 89 try { 90 ejbcawebbean = (org.ejbca.ui.web.admin.configuration.EjbcaWebBean) java.beans.Beans.instantiate(this.getClass().getClassLoader(), "org.ejbca.ui.web.admin.configuration.EjbcaWebBean"); 91 } catch (ClassNotFoundException exc) { 92 throw new ServletException (exc.getMessage()); 93 }catch (Exception exc) { 94 throw new ServletException (" Cannot create bean of class "+"org.ejbca.ui.web.admin.configuration.EjbcaWebBean", exc); 95 } 96 req.getSession().setAttribute("ejbcawebbean", ejbcawebbean); 97 } 98 99 if ( rabean == null ){ 100 try { 101 rabean = (org.ejbca.ui.web.admin.rainterface.RAInterfaceBean) java.beans.Beans.instantiate(this.getClass().getClassLoader(), "org.ejbca.ui.web.admin.rainterface.RAInterfaceBean"); 102 } catch (ClassNotFoundException exc) { 103 throw new ServletException (exc.getMessage()); 104 }catch (Exception exc) { 105 throw new ServletException (" Cannot create bean of class "+"org.ejbca.ui.web.admin.rainterface.RAInterfaceBean", exc); 106 } 107 req.getSession().setAttribute("rabean", ejbcawebbean); 108 } 109 110 try{ 111 ejbcawebbean.initialize(req,AvailableAccessRules.REGULAR_VIEWCERTIFICATE); 112 rabean.initialize(req,ejbcawebbean); 113 } catch(Exception e){ 114 throw new java.io.IOException ("Authorization Denied"); 115 } 116 117 RequestHelper.setDefaultCharacterEncoding(req); 118 String issuerdn = req.getParameter(ISSUER_PROPERTY); 119 String certificatesn = req.getParameter(CERTIFICATEDN_PROPERTY); 120 121 String command; 122 log.debug("Got request from "+req.getRemoteAddr()); 124 command = req.getParameter(COMMAND_PROPERTY_NAME); 125 if (command == null) 126 command = ""; 127 if ((command.equalsIgnoreCase(COMMAND_NSCERT) || command.equalsIgnoreCase(COMMAND_IECERT) || command.equalsIgnoreCase(COMMAND_CERT)) 128 && issuerdn != null && certificatesn != null) { 129 130 BigInteger certsn = new BigInteger (certificatesn,16); 131 132 134 try { 135 rabean.loadCertificates(certsn, issuerdn); 136 137 CertificateView certview = rabean.getCertificate(0); 138 139 X509Certificate cert = certview.getCertificate(); 140 byte[] enccert = cert.getEncoded(); 141 ServletUtils.removeCacheHeaders(res); 143 if (command.equalsIgnoreCase(COMMAND_NSCERT)) { 144 res.setContentType("application/x-x509-ca-cert"); 145 res.setContentLength(enccert.length); 146 res.getOutputStream().write(enccert); 147 log.debug("Sent CA cert to NS client, len="+enccert.length+"."); 148 } else if (command.equalsIgnoreCase(COMMAND_IECERT)) { 149 res.setHeader("Content-disposition", "attachment; filename=" + certview.getUsername() + ".crt"); 150 res.setContentType("application/octet-stream"); 151 res.setContentLength(enccert.length); 152 res.getOutputStream().write(enccert); 153 log.debug("Sent CA cert to IE client, len="+enccert.length+"."); 154 } else if (command.equalsIgnoreCase(COMMAND_CERT)) { 155 byte[] b64cert = Base64.encode(enccert); 156 String out = RequestHelper.BEGIN_CERTIFICATE_WITH_NL; 157 out += new String (b64cert); 158 out += RequestHelper.END_CERTIFICATE_WITH_NL; 159 res.setHeader("Content-disposition", "attachment; filename=" + certview.getUsername() + ".pem"); 160 res.setContentType("application/octet-stream"); 161 res.setContentLength(out.length()); 162 res.getOutputStream().write(out.getBytes()); 163 log.debug("Sent CA cert to client, len="+out.length()+"."); 164 } else { 165 res.setContentType("text/plain"); 166 res.getOutputStream().println("Commands="+COMMAND_NSCERT+" || "+COMMAND_IECERT+" || "+COMMAND_CERT); 167 return; 168 } 169 } catch (Exception e) { 170 log.error("Error getting certificates: ", e); 171 res.sendError(HttpServletResponse.SC_NOT_FOUND, "Error getting certificates."); 172 return; 173 } 174 } 175 else { 176 res.setContentType("text/plain"); 177 res.sendError(HttpServletResponse.SC_BAD_REQUEST, "Bad Request format"); 178 return; 179 } 180 181 } 183 } 184 | Popular Tags |