}
RAInterfaceBean rabean = getRaBean(request);
// Decompose the PKCS#10 request, and create the user.
PKCS10RequestMessage p10 = new PKCS10RequestMessage(buffer);
String dn = p10.getCertificationRequest().getCertificationRequestInfo().getSubject().toString();
String username = request.getParameter("username");
if (username == null || username.trim().length() == 0) {
username = dn;
}
// Strip dangerous chars
username = StringTools.strip(username);
// need null check here?
// Before doing anything else, check if the user name is unique and ok.
username = checkUsername(rabean, username);
UserView newuser = new UserView();
newuser.setUsername(username);
newuser.setSubjectDN(dn);
newuser.setTokenType(SecConst.TOKEN_SOFT_BROWSERGEN);
newuser.setKeyRecoverable(false);
String email = CertTools.getPartFromDN(dn, "E"); // BC says VeriSign
if (email == null) {
email = CertTools.getPartFromDN(dn, "EMAILADDRESS");
} else {
newuser.setEmail(email);
}
String tmp = null;
int eProfileId = SecConst.EMPTY_ENDENTITYPROFILE;
if ((tmp = request.getParameter("entityprofile")) != null) {
int reqId = rabean.getEndEntityProfileId(tmp);
if (reqId == 0) {
throw new ServletException("No such end entity profile: " + tmp);
}
eProfileId = reqId;
}
newuser.setEndEntityProfileId(eProfileId);
int cProfileId = SecConst.CERTPROFILE_FIXED_ENDUSER;
if ((tmp = request.getParameter("certificateprofile")) != null) {
CAInterfaceBean cabean = getCaBean(request);
int reqId = cabean.getCertificateProfileId(tmp);
if (reqId == 0) {
throw new ServletException("No such certificate profile: " + tmp);
}
cProfileId = reqId;
}
newuser.setCertificateProfileId(cProfileId);
int caid = 0;
if ((tmp = request.getParameter("ca")) != null) {
// TODO: get requested CA to sign with
}
newuser.setCAId(caid);
String password = request.getParameter("password");
if (password == null) {
password = "";
}
newuser.setPassword(password);
newuser.setClearTextPassword(false);
try {
rabean.addUser(newuser);
} catch (Exception e) {
throw new ServletException("Error adding user: " + e.toString(), e);
}
byte[] pkcs7;
try {
p10.setUsername(username);
p10.setPassword(password);
IResponseMessage resp = signSession.createCertificate(admin, p10, org.ejbca.core.protocol.X509ResponseMessage.class, null);
Certificate cert = CertTools.getCertfromByteArray(resp.getResponseMessage());
pkcs7 = signSession.createPKCS7(admin, cert, true);
} catch (EjbcaException e) {
// EJBCA did not accept any of all parameters in the request.