}
// Create a username and password and register the new user in EJBCA
final UsernameGenerator gen = UsernameGenerator.getInstance(this.usernameGenParams);
// Don't convert this DN to an ordered EJBCA DN string with CertTools.stringToBCDNString because we don't want double escaping of some characters
final IRequestMessage req = this.extendedUserDataHandler!=null ? this.extendedUserDataHandler.processRequestMessage(crmfreq, certProfileName) : crmfreq;
final X509Name dnname = req.getRequestX509Name();
if (LOG.isDebugEnabled()) {
LOG.debug("Creating username from base dn: "+dnname.toString());
}
final String username = gen.generateUsername(dnname.toString());
final String pwd;
if (StringUtils.equals(this.userPwdParams, "random")) {
if (LOG.isDebugEnabled()) {
LOG.debug("Setting 12 char random user password.");
}
final IPasswordGenerator pwdgen = PasswordGeneratorFactory.getInstance(PasswordGeneratorFactory.PASSWORDTYPE_ALLPRINTABLE);
pwd = pwdgen.getNewPassword(12, 12);
} else {
if (LOG.isDebugEnabled()) {
LOG.debug("Setting fixed user password from config.");
}
pwd = this.userPwdParams;
}
// AltNames may be in the request template
final String altNames = req.getRequestAltNames();
final String email;
final List<String> emails = CertTools.getEmailFromDN(altNames);
emails.addAll(CertTools.getEmailFromDN(dnname.toString()));
if (!emails.isEmpty()) {
email = emails.get(0); // Use rfc822name or first SubjectDN email address as user email address if available
} else {
email = null;
}
final ExtendedInformation ei;
if (this.allowCustomCertSerno) {
// Don't even try to parse out the field if it is not allowed
BigInteger customCertSerno = crmfreq.getSubjectCertSerialNo();
if (customCertSerno != null) {
// If we have a custom certificate serial number in the request, we will pass it on to the UserData object
ei = new ExtendedInformation();
ei.setCertificateSerialNumber(customCertSerno);
if (LOG.isDebugEnabled()) {
LOG.debug("Custom certificate serial number: "+customCertSerno.toString(16));
}
} else {
ei = null;
}
} else {
ei = null;
}
final UserDataVO userdata = new UserDataVO(username, dnname.toString(), caId, altNames, email, UserDataConstants.STATUS_NEW, SecConst.USER_ENDUSER, eeProfileId, certProfileId, null, null, SecConst.TOKEN_SOFT_BROWSERGEN, 0, ei);
userdata.setPassword(pwd);
// Set so we have the right params in the call to processCertReq.
// Username and pwd in the UserDataVO and the IRequestMessage must match
crmfreq.setUsername(username);
crmfreq.setPassword(pwd);