Package org.ejbca.core.model.ra.raadmin

Examples of org.ejbca.core.model.ra.raadmin.EndEntityProfile

215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
        certificateProfileSession.addCertificateProfile(administrator, certprofilename2, profile2);

        final int profile1Id = certificateProfileSession.getCertificateProfileId(administrator, certprofilename1);
        final int profile2Id = certificateProfileSession.getCertificateProfileId(administrator, certprofilename2);

        final EndEntityProfile endentityprofile = new EndEntityProfile(true);

        endentityprofile.setValue(EndEntityProfile.AVAILCAS, 0, "" + caid);
        endentityprofile.setValue(EndEntityProfile.AVAILCERTPROFILES, 0, "" + SecConst.CERTPROFILE_FIXED_ENDUSER + ";" + profile1Id + ";" + profile2Id);

        endentityprofile.setUse(EndEntityProfile.KEYRECOVERABLE, 0, true);

        endEntityProfileSession.addEndEntityProfile(administrator, endentityprofilename, endentityprofile);
        final int endEntityProfileId = endEntityProfileSession.getEndEntityProfileId(administrator, endentityprofilename);

        final String pwd = "foo123";
View Full Code Here
111
112
113
114
115
116
117
118
119
120
121
122
    if (StringUtils.equals(caName, "ProfileDefault")) {
      if (LOG.isDebugEnabled()) {
        LOG.debug("Using default CA from End Entity Profile CA when adding users in RA mode.");
      }
      // get default CA id from end entity profile
      final EndEntityProfile eeProfile = endEntityProfileSession.getEndEntityProfile(admin, eeProfileId);
      ret = eeProfile.getDefaultCA();
      if (ret == -1) {
        LOG.error("No default CA id for end entity profile: "+eeProfileId);
      } else {
        if (LOG.isDebugEnabled()) {
          LOG.debug("Using CA with id: "+ret);
View Full Code Here
207
208
209
210
211
212
213
214
215
216
217
    @Override
    public void addUserFromWS(Admin admin, UserDataVO userdata, boolean clearpwd) throws AuthorizationDeniedException, UserDoesntFullfillEndEntityProfile,
      PersistenceException, WaitingForApprovalException, CADoesntExistsException, EjbcaException {
        int profileId = userdata.getEndEntityProfileId();
        EndEntityProfile profile = endEntityProfileSession.getEndEntityProfile(admin, profileId);
        if (profile.getAllowMergeDnWebServices()) {
            userdata = UserDataFiller.fillUserDataWithDefaultValues(userdata, profile);
        }
        addUser(admin, userdata, clearpwd);
    }
View Full Code Here
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
        userDataVO.setDN(dn);
        userDataVO.setSubjectAltName(altName);
        userDataVO.setEmail(email);
        final int type = userDataVO.getType();
        String newpassword = userDataVO.getPassword();
        EndEntityProfile profile = null// Only look this up if we need it..
        if (userDataVO.getPassword() == null) {
          profile = endEntityProfileSession.getEndEntityProfile(admin, endEntityProfileId);
          if (profile.useAutoGeneratedPasswd()) {
                // special case used to signal regeneration of password
                newpassword = profile.getAutoGeneratedPasswd();
          }
        }
        if (globalConfiguration.getEnableEndEntityProfileLimitations()) {
          if (profile==null) {
            profile = endEntityProfileSession.getEndEntityProfile(admin, endEntityProfileId);
          }
            // Check if user fulfills it's profile.
            try {
              final String dirattrs = userDataVO.getExtendedinformation() != null ? userDataVO.getExtendedinformation().getSubjectDirectoryAttributes() : null;
                profile.doesUserFullfillEndEntityProfile(username, userDataVO.getPassword(), dn, altName, dirattrs,
                    email, userDataVO.getCertificateProfileId(), clearpwd,
                        (type & SecConst.USER_KEYRECOVERABLE) != 0, (type & SecConst.USER_SENDNOTIFICATION) != 0, userDataVO.getTokenType(), userDataVO
                                .getHardTokenIssuerId(), caid, userDataVO.getExtendedinformation());
            } catch (UserDoesntFullfillEndEntityProfile e) {
                final String msg = intres.getLocalizedMessage("ra.errorfullfillprofile", endEntityProfileName, dn, e.getMessage());
View Full Code Here
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
            final String msg = intres.getLocalizedMessage("ra.erroreditentity", username);
            logSession.log(admin, caid, LogConstants.MODULE_RA, new Date(), username, null, LogConstants.EVENT_ERROR_CHANGEDENDENTITY, msg);
            log.error(msg);
            throw new EJBException(msg);
        }
        final EndEntityProfile profile = endEntityProfileSession.getEndEntityProfile(admin, endEntityProfileId);
        // if required, we merge the existing user dn into the dn provided by the web service.
        if (fromWebService && profile.getAllowMergeDnWebServices()) {
            if (userData != null) {
                if (userData.getSubjectDN() != null) {
                    final Map<String, String> dnMap = new HashMap<String, String>();
                    if (profile.getUse(DnComponents.DNEMAIL, 0)) {
                        dnMap.put(DnComponents.DNEMAIL, userDataVO.getEmail());
                    }
                    try {
                        dn = (new DistinguishedName(userData.getSubjectDN())).mergeDN(new DistinguishedName(dn), true, dnMap).toString();
                    } catch (InvalidNameException e) {
                        log.debug("Invalid dn. We make it empty");
                        dn = "";
                    }
                }
                if (userData.getSubjectAltName() != null) {
                    final Map<String, String> dnMap = new HashMap<String, String>();
                    if (profile.getUse(DnComponents.RFC822NAME, 0)) {
                        dnMap.put(DnComponents.RFC822NAME, userDataVO.getEmail());
                    }
                    try {
                        // SubjectAltName is not mandatory so
                        if (altName == null) {
                            altName = "";
                        }
                        altName = (new DistinguishedName(userData.getSubjectAltName())).mergeDN(new DistinguishedName(altName), true, dnMap).toString();
                    } catch (InvalidNameException e) {
                        log.debug("Invalid altName. We make it empty");
                        altName = "";
                    }
                }
            }
        }
        String newpassword = userDataVO.getPassword();
        if (profile.useAutoGeneratedPasswd() && newpassword != null) {
            // special case used to signal regeneraton of password
            newpassword = profile.getAutoGeneratedPasswd();
        }

        final int type = userDataVO.getType();
        final ExtendedInformation ei = userDataVO.getExtendedinformation();
        // Check if user fulfills it's profile.
        if (globalConfiguration.getEnableEndEntityProfileLimitations()) {
            try {
              String dirattrs = null;
              if (ei != null) {
                dirattrs = ei.getSubjectDirectoryAttributes();
              }
            // It is only meaningful to verify the password if we change it in some way, and if we are not autogenerating it
              if (!profile.useAutoGeneratedPasswd() && StringUtils.isNotEmpty(newpassword)) {
                  profile.doesUserFullfillEndEntityProfile(username, userDataVO.getPassword(), dn, altName, dirattrs, userDataVO.getEmail(),
                      userDataVO.getCertificateProfileId(), clearpwd, (type & SecConst.USER_KEYRECOVERABLE) != 0, (type & SecConst.USER_SENDNOTIFICATION) != 0,
                      userDataVO.getTokenType(), userDataVO.getHardTokenIssuerId(), caid, ei);
              } else {
                  profile.doesUserFullfillEndEntityProfileWithoutPassword(username, dn, altName, dirattrs, userDataVO.getEmail(),
                      userDataVO.getCertificateProfileId(), (type & SecConst.USER_KEYRECOVERABLE) != 0, (type & SecConst.USER_SENDNOTIFICATION) != 0,
                      userDataVO.getTokenType(), userDataVO.getHardTokenIssuerId(), caid, ei);
              }
            } catch (UserDoesntFullfillEndEntityProfile e) {
                final String msg = intres.getLocalizedMessage("ra.errorfullfillprofile", Integer.valueOf(endEntityProfileId), dn, e.getMessage());
View Full Code Here
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
        }
        final int caid = data.getCaId();
        final String dn = data.getSubjectDN();
        final int endEntityProfileId = data.getEndEntityProfileId();

        final EndEntityProfile profile = endEntityProfileSession.getEndEntityProfile(admin, endEntityProfileId);

        if (profile.useAutoGeneratedPasswd()) {
            newpasswd = profile.getAutoGeneratedPasswd();
        }
        if (getGlobalConfiguration(admin).getEnableEndEntityProfileLimitations()) {
            // Check if user fulfills it's profile.
            try {
                profile.doesPasswordFulfillEndEntityProfile(password, true);
            } catch (UserDoesntFullfillEndEntityProfile ufe) {
                final String msg = intres.getLocalizedMessage("ra.errorfullfillprofile", Integer.valueOf(endEntityProfileId), dn, ufe.getMessage());
                logSession.log(admin, caid, LogConstants.MODULE_RA, new Date(), username, null, LogConstants.EVENT_INFO_CHANGEDENDENTITY, msg);
                throw ufe;
            }
View Full Code Here
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
        }

        // Make check if we should send notifications at all
        if (((data.getType() & SecConst.USER_SENDNOTIFICATION) != 0)) {
            int profileId = data.getEndEntityProfileId();
            EndEntityProfile profile = endEntityProfileSession.getEndEntityProfile(admin, profileId);
            Collection<UserNotification> l = profile.getUserNotifications();
            if (log.isDebugEnabled()) {
                log.debug("Number of user notifications: " + l.size());
            }
            Iterator<UserNotification> i = l.iterator();
            String rcptemail = useremail; // Default value
View Full Code Here
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
     */
    private void resetRequestCounter(final Admin admin, final boolean onlyRemoveNoUpdate, final ExtendedInformation ei, final String username, final int endEntityProfileId) {
        if (log.isTraceEnabled()) {
            log.trace(">resetRequestCounter(" + username + ", " + onlyRemoveNoUpdate + ")");
        }
        final EndEntityProfile prof = endEntityProfileSession.getEndEntityProfile(admin, endEntityProfileId);
        String value = null;
        if (prof != null) {
          if (prof.getUse(EndEntityProfile.ALLOWEDREQUESTS, 0)) {
            value = prof.getValue(EndEntityProfile.ALLOWEDREQUESTS, 0);
          }
        } else {
          if (log.isDebugEnabled()) {
            log.debug("Can not fetch entity profile with id " + endEntityProfileId);
          }
View Full Code Here
TOP

Related Classes of org.ejbca.core.model.ra.raadmin.EndEntityProfile

  • org.apache.commons.lang.time.FastDateFormat
  • org.cesecore.core.ejb.ra.raadmin.EndEntityProfileSessionBean
  • org.ejbca.core.ejb.ca.crl.CreateCRLSessionTest
  • org.ejbca.core.ejb.ca.sign.CustomCertSerialnumberTest
  • org.ejbca.core.ejb.ca.sign.ExtendedKeyUsageTest
  • org.ejbca.core.ejb.ca.sign.SignSessionTest
  • org.ejbca.core.ejb.ra.AddLotsofCertsPerUserTest
  • org.ejbca.core.ejb.ra.CertificateRequestSessionBean
  • org.ejbca.core.ejb.ra.raadmin.EndEntityProfileData
  • org.ejbca.core.ejb.ra.UserAdminSessionBean
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.