GetCRLServlet


1   /*************************************************************************
2    *                                                                       *
3    *  EJBCA: The OpenSource Certificate Authority                          *
4    *                                                                       *
5    *  This software is free software; you can redistribute it and/or       *
6    *  modify it under the terms of the GNU Lesser General Public           *
7    *  License as published by the Free Software Foundation; either         *
8    *  version 2.1 of the License, or any later version.                    *
9    *                                                                       *
10   *  See terms of license at gnu.org.                                     *
11   *                                                                       *
12   *************************************************************************/
13   
14  package org.ejbca.ui.web.admin.cainterface;
15  
16  import java.io.IOException  ;
17  import java.security.cert.X509CRL  ;
18  import java.security.cert.X509Certificate  ;
19  
20  import javax.servlet.ServletConfig  ;
21  import javax.servlet.ServletException  ;
22  import javax.servlet.http.HttpServlet  ;
23  import javax.servlet.http.HttpServletRequest  ;
24  import javax.servlet.http.HttpServletResponse  ;
25  
26  import org.apache.log4j.Logger;
27  import org.ejbca.core.ejb.ServiceLocator;
28  import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocal;
29  import org.ejbca.core.ejb.ca.store.ICertificateStoreSessionLocalHome;
30  import org.ejbca.core.model.InternalResources;
31  import org.ejbca.core.model.log.Admin;
32  import org.ejbca.ui.web.RequestHelper;
33  import org.ejbca.ui.web.admin.configuration.EjbcaWebBean;
34  import org.ejbca.ui.web.pub.ServletUtils;
35  import org.ejbca.util.CertTools;
36  
37  /**
38   * Servlet used to distribute  CRLs.<br>
39   *
40   * The servlet is called with method GET or POST and syntax
41   * <code>command=&lt;command&gt;</code>.
42   * <p>The follwing commands are supported:<br>
43   * <ul>
44   * <li>crl - gets the latest CRL.
45   *
46   * @version $Id: GetCRLServlet.java,v 1.4 2006/12/13 10:35:30 anatom Exp $
47   * 
48   * @web.servlet name = "GetCRL"
49   *              display-name = "GetCRLServlet"
50   *              description="Used to retrive CA certificate request and Processed CA Certificates from AdminWeb GUI"
51   *              load-on-startup = "99"
52   *
53   * @web.servlet-mapping url-pattern = "/ca/getcrl/getcrl"
54   *
55   */
56  public class GetCRLServlet extends HttpServlet   {
57  
58      private static final Logger log = Logger.getLogger(GetCRLServlet.class);
59      /** Internal localization of logs and errors */
60      private static final InternalResources intres = InternalResources.getInstance();
61  
62      private static final String   COMMAND_PROPERTY_NAME = "cmd";
63      private static final String   COMMAND_CRL = "crl";
64      private static final String   ISSUER_PROPERTY = "issuer";
65  
66      private ICertificateStoreSessionLocalHome storehome = null;
67  
68      private synchronized ICertificateStoreSessionLocalHome getStoreHome() throws IOException   {
69          try{
70              if(storehome == null){
71                storehome = (ICertificateStoreSessionLocalHome)ServiceLocator.getInstance().getLocalHome(ICertificateStoreSessionLocalHome.COMP_NAME);
72              }
73            } catch(Exception   e){
74               throw new java.io.IOException  ("Authorization Denied");
75            }
76            return storehome;
77      }
78        
79  
80      public void init(ServletConfig   config) throws ServletException   {
81          super.init(config);
82      }
83  
84      public void doPost(HttpServletRequest   req, HttpServletResponse   res)
85          throws IOException  , ServletException   {
86          log.debug(">doPost()");
87          doGet(req, res);
88          log.debug("<doPost()");
89      } //doPost
90  
91      public void doGet(HttpServletRequest   req,  HttpServletResponse   res) throws java.io.IOException  , ServletException   {
92          log.debug(">doGet()");
93  
94          // Check if authorized
95          EjbcaWebBean ejbcawebbean= (org.ejbca.ui.web.admin.configuration.EjbcaWebBean)
96                                     req.getSession().getAttribute("ejbcawebbean");
97          if ( ejbcawebbean == null ){
98            try {
99              ejbcawebbean = (org.ejbca.ui.web.admin.configuration.EjbcaWebBean) java.beans.Beans.instantiate(this.getClass().getClassLoader(), "org.ejbca.ui.web.admin.configuration.EjbcaWebBean");
100            } catch (ClassNotFoundException   exc) {
101                throw new ServletException  (exc.getMessage());
102            }catch (Exception   exc) {
103                throw new ServletException   (" Cannot create bean of class "+"org.ejbca.ui.web.admin.configuration.EjbcaWebBean", exc);
104            }
105            req.getSession().setAttribute("ejbcawebbean", ejbcawebbean);
106         }
107 
108         try{
109           ejbcawebbean.initialize(req, "/ca_functionality/basic_functions");
110         } catch(Exception   e){
111            throw new java.io.IOException  ("Authorization Denied");
112         }
113 
114         RequestHelper.setDefaultCharacterEncoding(req);
115         String   issuerdn = null; 
116         if(req.getParameter(ISSUER_PROPERTY) != null){
117           issuerdn = java.net.URLDecoder.decode(req.getParameter(ISSUER_PROPERTY),"UTF-8");
118         }
119         
120         String   command;
121         // Keep this for logging.
122         String   remoteAddr = req.getRemoteAddr();
123         command = req.getParameter(COMMAND_PROPERTY_NAME);
124         if (command == null)
125             command = "";
126         if (command.equalsIgnoreCase(COMMAND_CRL) && issuerdn != null) {
127             try {
128                 Admin admin = new Admin(((X509Certificate  []) req.getAttribute( "javax.servlet.request.X509Certificate" ))[0]);
129                 ICertificateStoreSessionLocal store = getStoreHome().create();
130                 byte[] crl = store.getLastCRL(admin, issuerdn);
131                 X509CRL   x509crl = CertTools.getCRLfromByteArray(crl);
132                 String   dn = CertTools.getIssuerDN(x509crl);
133                 String   filename = CertTools.getPartFromDN(dn,"CN")+".crl";
134                 // We must remove cache headers for IE
135                 ServletUtils.removeCacheHeaders(res);
136                 res.setHeader("Content-disposition", "attachment; filename=" +  filename);
137                 res.setContentType("application/pkix-crl");
138                 res.setContentLength(crl.length);
139                 res.getOutputStream().write(crl);
140                 String   iMsg = intres.getLocalizedMessage("certreq.sentlatestcrl", remoteAddr);
141                 log.info(iMsg);
142             } catch (Exception   e) {
143                 String   errMsg = intres.getLocalizedMessage("certreq.errorsendcrl", remoteAddr, e.getMessage());
144                 log.error(errMsg, e);
145                 res.sendError(HttpServletResponse.SC_NOT_FOUND, errMsg);
146                 return;
147             }
148         }
149 
150     } // doGet
151 
152 }
153
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags