String email, final int certificateprofileid, final boolean keyrecoverable, final boolean sendnotification, final int tokentype,
final int hardwaretokenissuerid, final int caid, final ExtendedInformation ei) throws UserDoesntFullfillEndEntityProfile {
if (log.isTraceEnabled()) {
log.trace(">doesUserFullfillEndEntityProfileWithoutPassword()");
}
final DNFieldExtractor subjectdnfields = new DNFieldExtractor(dn, DNFieldExtractor.TYPE_SUBJECTDN);
if (subjectdnfields.isIllegal()) {
throw new UserDoesntFullfillEndEntityProfile("Subject DN is illegal.");
}
final DNFieldExtractor subjectaltnames = new DNFieldExtractor(subjectaltname, DNFieldExtractor.TYPE_SUBJECTALTNAME);
if (subjectaltnames.isIllegal()) {
throw new UserDoesntFullfillEndEntityProfile("Subject alt names are illegal.");
}
final DNFieldExtractor subjectdirattrs = new DNFieldExtractor(subjectdirattr, DNFieldExtractor.TYPE_SUBJECTDIRATTR);
if (subjectdirattrs.isIllegal()) {
throw new UserDoesntFullfillEndEntityProfile("Subject directory attributes are illegal.");
}
// Check that no other than supported dn fields exists in the subject dn.
if (subjectdnfields.existsOther()) {
throw new UserDoesntFullfillEndEntityProfile("Unsupported Subject DN Field found in:" + dn);
}
if (subjectaltnames.existsOther()) {
throw new UserDoesntFullfillEndEntityProfile("Unsupported Subject Alternate Name Field found in:" + subjectaltname );
}
if (subjectdirattrs.existsOther()) {
throw new UserDoesntFullfillEndEntityProfile("Unsupported Subject Directory Attribute Field found in:" + subjectdirattr );
}
checkIfAllRequiredFieldsExists(subjectdnfields, subjectaltnames, subjectdirattrs, username, email);
// Make sure that there are enough fields to cover all required in profile
checkIfForIllegalNumberOfFields(subjectdnfields, subjectaltnames, subjectdirattrs);
// Check contents of username.
checkIfDataFullfillProfile(USERNAME,0,username, "Username",null);
// Check Email address.
if (email == null) {
email = "";
}
checkIfDomainFullfillProfile(EMAIL,0,email,"Email");
// Make sure that every value has a corresponding field in the entity profile
checkIfFieldsMatch(subjectdnfields, DNFieldExtractor.TYPE_SUBJECTDN, email);
checkIfFieldsMatch(subjectaltnames, DNFieldExtractor.TYPE_SUBJECTALTNAME, email);
// Check contents of Subject Directory Attributes fields.
final HashMap<Integer,Integer> subjectdirattrnumbers = subjectdirattrs.getNumberOfFields();
final Integer[] dirattrids = DNFieldExtractor.getUseFields(DNFieldExtractor.TYPE_SUBJECTDIRATTR);
for (final Integer dirattrid : dirattrids) {
final int nof = subjectdirattrnumbers.get(dirattrid).intValue();
for (int j=0; j<nof; j++) {
checkForIllegalChars(subjectdirattrs.getField(dirattrid.intValue(),j));
switch (dirattrid.intValue()) {
case DNFieldExtractor.COUNTRYOFCITIZENSHIP:
checkIfISO3166FullfillProfile(DnComponents.COUNTRYOFCITIZENSHIP,j,subjectdirattrs.getField(dirattrid.intValue(),j),"COUNTRYOFCITIZENSHIP");
break;
case DNFieldExtractor.COUNTRYOFRESIDENCE:
checkIfISO3166FullfillProfile(DnComponents.COUNTRYOFRESIDENCE,j,subjectdirattrs.getField(dirattrid.intValue(),j),"COUNTRYOFRESIDENCE");
break;
case DNFieldExtractor.DATEOFBIRTH:
checkIfDateFullfillProfile(DnComponents.DATEOFBIRTH,j,subjectdirattrs.getField(dirattrid.intValue(),j),"DATEOFBIRTH");
break;
case DNFieldExtractor.GENDER:
checkIfGenderFullfillProfile(DnComponents.GENDER,j,subjectdirattrs.getField(dirattrid.intValue(),j),"GENDER");
break;
default:
checkIfDataFullfillProfile(DnComponents.dnIdToProfileName(dirattrid.intValue()),j,subjectdirattrs.getField(dirattrid.intValue(),j), DnComponents.getErrTextFromDnId(dirattrid.intValue()), email);
}
}
}
// Check for keyrecoverable flag.
if (!getUse(KEYRECOVERABLE,0) && keyrecoverable) {