Package org.dogtagpki.legacy.server.policy

Class APolicyRule

  • All Implemented Interfaces:
    IPolicy, IPolicyRule
    Direct Known Subclasses:
    ManualAuthentication
    public abstract class APolicyRule
extends java.lang.Object
implements IPolicyRule
    The abstract policy rule that concrete implementations will extend. 

     NOTE:  The Policy Framework has been replaced by the Profile Framework.

    Version:
    $Revision$, $Date$

    • Constructor Summary

      Constructors 
      Constructor Description
      APolicyRule()  

    • Method Summary

      All Methods Static Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      protected boolean agentApproved​(IRequest req)
      request has previously been approved by an agent
      abstract PolicyResult apply​(IRequest req)
      Applies the policy on the given Request.
      static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier​(org.mozilla.jss.netscape.security.x509.X509Key key)  
      protected PolicyResult deferred​(IRequest req)
      determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute.
      protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSHA1KeyId​(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
      Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.
      protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSpkiSHA1KeyId​(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
      Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO.
      abstract java.util.Vector<java.lang.String> getDefaultParams()
      Return default parameters for a policy implementation.
      java.lang.String getDescription()
      Gets the description for this policy rule.
      java.lang.String getInstanceName()
      Returns the name of the policy rule instance.
      abstract java.util.Vector<java.lang.String> getInstanceParams()
      Return configured parameters for a policy rule instance.
      java.lang.String getName()
      Returns the name of the policy rule.
      IExpression getPredicate()
      Returns the predicate expression for the rule.
      abstract void init​(IPolicyProcessor owner, IConfigStore config)
      Initializes the policy rule.
      void setError​(IRequest req, java.lang.String format, java.lang.Object[] params)  
      void setError​(IRequest req, java.lang.String format, java.lang.String arg)  
      void setError​(IRequest req, java.lang.String format, java.lang.String arg1, java.lang.String arg2)  
      void setInstanceName​(java.lang.String instanceName)
      Sets the instance name for a policy rule.
      void setPolicyException​(IRequest req, EBaseException ex)  
      void setPolicyException​(IRequest req, java.lang.String format, java.lang.Object[] params)  
      void setPredicate​(IExpression exp)
      Sets a predicate expression for rule matching.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Field Detail

      • logger

        public static org.slf4j.Logger logger

      • NAME

        protected java.lang.String NAME

      • DESC

        protected java.lang.String DESC

      • mInstanceName

        protected java.lang.String mInstanceName

    • Constructor Detail

      • APolicyRule

        public APolicyRule()

    • Method Detail

      • getDescription

        public java.lang.String getDescription()
        Gets the description for this policy rule.

        Specified by:
        getDescription in interface IPolicyRule
        Returns:
        The Description for this rule.

      • setPredicate

        public void setPredicate​(IExpression exp)
        Sets a predicate expression for rule matching.

        Specified by:
        setPredicate in interface IPolicyRule
        Parameters:
        exp - The predicate expression for the rule.

      • getPredicate

        public IExpression getPredicate()
        Returns the predicate expression for the rule.

        Specified by:
        getPredicate in interface IPolicyRule
        Returns:
        The predicate expression for the rule.

      • getName

        public java.lang.String getName()
        Returns the name of the policy rule.

        Specified by:
        getName in interface IPolicyRule
        Returns:
        The name of the policy class.

      • setInstanceName

        public void setInstanceName​(java.lang.String instanceName)
        Sets the instance name for a policy rule.

        Specified by:
        setInstanceName in interface IPolicyRule
        Parameters:
        instanceName - The name of the rule instance.

      • getInstanceName

        public java.lang.String getInstanceName()
        Returns the name of the policy rule instance.

        Specified by:
        getInstanceName in interface IPolicyRule
        Returns:
        The name of the policy rule instance if set, else the name of the rule class.

      • apply

        public abstract PolicyResult apply​(IRequest req)
        Applies the policy on the given Request.

        Specified by:
        apply in interface IPolicy
        Specified by:
        apply in interface IPolicyRule
        Parameters:
        req - The request on which to apply policy.
        Returns:
        The policy result object.

      • getInstanceParams

        public abstract java.util.Vector<java.lang.String> getInstanceParams()
        Return configured parameters for a policy rule instance.
        Specified by:
        getInstanceParams in interface IPolicyRule
        Returns:
        nvPairs A Vector of name/value pairs.

      • getDefaultParams

        public abstract java.util.Vector<java.lang.String> getDefaultParams()
        Return default parameters for a policy implementation.
        Specified by:
        getDefaultParams in interface IPolicyRule
        Returns:
        nvPairs A Vector of name/value pairs.

      • setError

        public void setError​(IRequest req,
                     java.lang.String format,
                     java.lang.Object[] params)
        Specified by:
        setError in interface IPolicyRule

      • setError

        public void setError​(IRequest req,
                     java.lang.String format,
                     java.lang.String arg1,
                     java.lang.String arg2)

      • setError

        public void setError​(IRequest req,
                     java.lang.String format,
                     java.lang.String arg)

      • deferred

        protected PolicyResult deferred​(IRequest req)
        determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute. This call should be used by policy modules instead of returning PolicyResult.DEFERRED directly.

      • agentApproved

        protected boolean agentApproved​(IRequest req)
        request has previously been approved by an agent

      • setPolicyException

        public void setPolicyException​(IRequest req,
                               java.lang.String format,
                               java.lang.Object[] params)

      • createKeyIdentifier

        public static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier​(org.mozilla.jss.netscape.security.x509.X509Key key)
                                                                                throws java.security.NoSuchAlgorithmException,
                                                                                       java.security.InvalidKeyException
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException

      • formSpkiSHA1KeyId

        protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSpkiSHA1KeyId​(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
                                                                          throws EBaseException
        Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO. (including algorithm ID, etc.)

        Parameters:
        certInfo - cert info of the certificate.
        Returns:
        A Key identifier with the sha-1 hash of subject public key.
        Throws:
        EBaseException

      • formSHA1KeyId

        protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSHA1KeyId​(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
                                                                      throws EBaseException
        Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.

        Parameters:
        certInfo - cert info of the certificate.
        Returns:
        A Key identifier with the sha-1 hash of subject public key.
        Throws:
        EBaseException