Package com.netscape.cms.ocsp

Class LDAPStore

    • Field Detail

      • logger

        public static org.slf4j.Logger logger

      • mReqCounts

        protected java.util.Hashtable<java.lang.String,​java.lang.Long> mReqCounts

    • Constructor Detail

      • LDAPStore

        public LDAPStore()
        Constructs the default store.

    • Method Detail

      • getExtendedPluginInfo

        public java.lang.String[] getExtendedPluginInfo​(java.util.Locale locale)
        Description copied from interface: IExtendedPluginInfo
        This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name ;[,required];;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"
        Specified by:
        getExtendedPluginInfo in interface IExtendedPluginInfo

      • locateCACert

        public org.mozilla.jss.netscape.security.x509.X509CertImpl locateCACert​(netscape.ldap.LDAPConnection conn,
                                                                        java.lang.String baseDN)
                                                                 throws EBaseException
        Locates the CA certificate.
        Throws:
        EBaseException

      • locateCRL

        public org.mozilla.jss.netscape.security.x509.X509CRLImpl locateCRL​(netscape.ldap.LDAPConnection conn,
                                                                    java.lang.String baseDN)
                                                             throws EBaseException
        Locates the CRL.
        Throws:
        EBaseException

      • updateCRLHash

        public void updateCRLHash​(org.mozilla.jss.netscape.security.x509.X509CertImpl caCert,
                          org.mozilla.jss.netscape.security.x509.X509CRLImpl crl)
                   throws EBaseException
        Throws:
        EBaseException

      • getId

        public java.lang.String getId()

      • validate

        public OCSPResponse validate​(OCSPRequest request)
                      throws EBaseException
        Validate an OCSP request.
        Specified by:
        validate in interface IOCSPStore
        Parameters:
        request - an OCSP request
        Returns:
        OCSPResponse the OCSP response associated with the specified OCSP request
        Throws:
        EBaseException - an error associated with the inability to process the supplied OCSP request

      • getStateCount

        public int getStateCount()
        Description copied from interface: IDefStore
        This method retrieves the number of CRL updates since startup.

        Specified by:
        getStateCount in interface IDefStore
        Returns:
        count the number of OCSP default stores

      • getReqCount

        public long getReqCount​(java.lang.String id)
        Description copied from interface: IDefStore
        This method retrieves the number of OCSP requests since startup.

        Specified by:
        getReqCount in interface IDefStore
        Parameters:
        id - a string associated with an OCSP request
        Returns:
        count the number of this type of OCSP requests

      • createRepositoryRecord

        public IRepositoryRecord createRepositoryRecord()
        Description copied from interface: IDefStore
        This method creates a an OCSP default store repository record.

        Specified by:
        createRepositoryRecord in interface IDefStore
        Returns:
        IRepositoryRecord an instance of the repository record object

      • addRepository

        public void addRepository​(java.lang.String name,
                          java.lang.String thisUpdate,
                          IRepositoryRecord rec)
                   throws EBaseException
        Description copied from interface: IDefStore
        This method adds a request to the default OCSP store repository.

        Specified by:
        addRepository in interface IDefStore
        Parameters:
        name - a string representing the name of this request
        thisUpdate - the current request
        rec - an instance of the repository record object
        Throws:
        EBaseException - occurs when there is an error attempting to add this request to the repository

      • waitOnCRLUpdate

        public boolean waitOnCRLUpdate()
        Description copied from interface: IDefStore
        This method specifies whether or not to wait for the Certificate Revocation List (CRL) to be updated.

        Specified by:
        waitOnCRLUpdate in interface IDefStore
        Returns:
        boolean true or false

      • updateCRL

        public void updateCRL​(java.security.cert.X509CRL crl)
               throws EBaseException
        Description copied from interface: IDefStore
        This method updates the specified CRL.

        Specified by:
        updateCRL in interface IDefStore
        Parameters:
        crl - the CRL to be updated
        Throws:
        EBaseException - occurs when the CRL cannot be updated

      • readCRLIssuingPoint

        public ICRLIssuingPointRecord readCRLIssuingPoint​(java.lang.String name)
                                           throws EBaseException
        Description copied from interface: IDefStore
        This method attempts to read the CRL issuing point.

        Specified by:
        readCRLIssuingPoint in interface IDefStore
        Parameters:
        name - the name of the CRL to be read
        Returns:
        ICRLIssuingPointRecord the CRL issuing point
        Throws:
        EBaseException - occurs when the specified CRL cannot be located

      • searchAllCRLIssuingPointRecord

        public java.util.Enumeration<ICRLIssuingPointRecord> searchAllCRLIssuingPointRecord​(int maxSize)
                                                                             throws EBaseException
        Description copied from interface: IDefStore
        This method searches all CRL issuing points.

        Specified by:
        searchAllCRLIssuingPointRecord in interface IDefStore
        Parameters:
        maxSize - specifies the largest number of hits from the search
        Returns:
        Enumeration a list of the CRL issuing points
        Throws:
        EBaseException - occurs when no CRL issuing point exists

      • searchCRLIssuingPointRecord

        public java.util.Enumeration<ICRLIssuingPointRecord> searchCRLIssuingPointRecord​(java.lang.String filter,
                                                                                 int maxSize)
                                                                          throws EBaseException
        Description copied from interface: IDefStore
        This method searches all CRL issuing points constrained by the specified filtering mechanism.

        Specified by:
        searchCRLIssuingPointRecord in interface IDefStore
        Parameters:
        filter - a string which constrains the search
        maxSize - specifies the largest number of hits from the search
        Returns:
        Enumeration a list of the CRL issuing points
        Throws:
        EBaseException - occurs when no CRL issuing point exists

      • createCRLIssuingPointRecord

        public ICRLIssuingPointRecord createCRLIssuingPointRecord​(java.lang.String name,
                                                          java.math.BigInteger crlNumber,
                                                          java.lang.Long crlSize,
                                                          java.util.Date thisUpdate,
                                                          java.util.Date nextUpdate)
        Description copied from interface: IDefStore
        This method creates a CRL issuing point record.

        Specified by:
        createCRLIssuingPointRecord in interface IDefStore
        Parameters:
        name - a string representation of this CRL issuing point record
        crlNumber - the number of this CRL issuing point record
        crlSize - the size of this CRL issuing point record
        thisUpdate - the time for this CRL issuing point record
        nextUpdate - the time for the next CRL issuing point record
        Returns:
        ICRLIssuingPointRecord this CRL issuing point record

      • addCRLIssuingPoint

        public void addCRLIssuingPoint​(java.lang.String name,
                               ICRLIssuingPointRecord rec)
                        throws EBaseException
        Description copied from interface: IDefStore
        This method adds a CRL issuing point

        Specified by:
        addCRLIssuingPoint in interface IDefStore
        Parameters:
        name - a string representation of this CRL issuing point record
        rec - this CRL issuing point record
        Throws:
        EBaseException - occurs when the specified CRL issuing point record cannot be added

      • deleteCRLIssuingPointRecord

        public void deleteCRLIssuingPointRecord​(java.lang.String id)
                                 throws EBaseException
        Description copied from interface: IDefStore
        This method deletes a CRL issuing point record

        Specified by:
        deleteCRLIssuingPointRecord in interface IDefStore
        Parameters:
        id - a string representation of this CRL issuing point record
        Throws:
        EBaseException - occurs when the specified CRL issuing point record cannot be deleted

      • isNotFoundGood

        public boolean isNotFoundGood()
        Description copied from interface: IDefStore
        This method checks to see if the OCSP response should return good when the certificate is not found.

        Specified by:
        isNotFoundGood in interface IDefStore
        Returns:
        boolean true or false

      • incReqCount

        public void incReqCount​(java.lang.String id)

      • setConfigParameters

        public void setConfigParameters​(NameValuePairs pairs)
                         throws EBaseException
        Description copied from interface: IOCSPStore
        This method stores the configuration parameters specified by the passed-in Name Value pairs object.

        Specified by:
        setConfigParameters in interface IOCSPStore
        Parameters:
        pairs - a name-value pair object
        Throws:
        EBaseException - an illegal name-value pair