LDAPStore (pki-common)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.netscape.cms.ocsp
Class LDAPStore

java.lang.Object
  com.netscape.cms.ocsp.LDAPStore

All Implemented Interfaces:: IExtendedPluginInfo, ISubsystem, IDefStore, IOCSPStore

public class LDAPStore
extends java.lang.Object
implements IDefStore, IExtendedPluginInfo
extends java.lang.Object
implements IDefStore, IExtendedPluginInfo

This is the LDAP OCSP store. It reads CA certificate and revocation list attributes from the CA entry.

Version:: $Revision: 1304 $, $Date: 2010-09-20 16:38:55 -0700 (Mon, 20 Sep 2010) $

Field Summary
`protected java.util.Hashtable`	`mReqCounts`

Fields inherited from interface com.netscape.certsrv.base.IExtendedPluginInfo
`HELP_TEXT, HELP_TOKEN`

Constructor Summary
`LDAPStore()` Constructs the default store.

Method Summary
`void`	`addCRLIssuingPoint(java.lang.String name, ICRLIssuingPointRecord rec)` This method adds a CRL issuing point
`void`	`addRepository(java.lang.String name, java.lang.String thisUpdate, IRepositoryRecord rec)` This method adds a request to the default OCSP store repository.
`ICRLIssuingPointRecord`	`createCRLIssuingPointRecord(java.lang.String name, java.math.BigInteger crlNumber, java.lang.Long crlSize, java.util.Date thisUpdate, java.util.Date nextUpdate)` This method creates a CRL issuing point record.
`IRepositoryRecord`	`createRepositoryRecord()` This method creates a an OCSP default store repository record.
`void`	`deleteCRLIssuingPointRecord(java.lang.String id)` This method deletes a CRL issuing point record
`NameValuePairs`	`getConfigParameters()` Provides configuration parameters.
`IConfigStore`	`getConfigStore()` Returns the root configuration storage of this system.
`java.lang.String[]`	`getExtendedPluginInfo(java.util.Locale locale)` This method returns an array of strings.
`java.lang.String`	`getId()` Retrieves the name of this subsystem.
`long`	`getReqCount(java.lang.String id)` This method retrieves the number of OCSP requests since startup.
`int`	`getStateCount()` This method retrieves the number of CRL updates since startup.
`boolean`	`includeNextUpdate()`
`void`	`incReqCount(java.lang.String id)`
`void`	`init(ISubsystem owner, IConfigStore config)` Fetch CA certificate and CRL from LDAP server.
`boolean`	`isNotFoundGood()` This method checks to see if the OCSP response should return good when the certificate is not found.
`boolean`	`isNotFoundGood1()`
`netscape.security.x509.X509CertImpl`	`locateCACert(netscape.ldap.LDAPConnection conn, java.lang.String baseDN)` Locates the CA certificate.
`netscape.security.x509.X509CRLImpl`	`locateCRL(netscape.ldap.LDAPConnection conn, java.lang.String baseDN)` Locates the CRL.
`void`	`log(int level, java.lang.String msg)`
`ICRLIssuingPointRecord`	`readCRLIssuingPoint(java.lang.String name)` This method attempts to read the CRL issuing point.
`java.util.Enumeration`	`searchAllCRLIssuingPointRecord(int maxSize)` This method searches all CRL issuing points.
`java.util.Enumeration`	`searchCRLIssuingPointRecord(java.lang.String filter, int maxSize)` This method searches all CRL issuing points constrained by the specified filtering mechanism.
`void`	`setConfigParameters(NameValuePairs pairs)` This method stores the configuration parameters specified by the passed-in Name Value pairs object.
`void`	`setId(java.lang.String id)` Sets specific to this subsystem.
`void`	`shutdown()` Stops this system.
`void`	`startup()` Notifies this subsystem if owner is in running mode.
`void`	`updateCRL(java.security.cert.X509CRL crl)` This method updates the specified CRL.
`void`	`updateCRLHash(netscape.security.x509.X509CertImpl caCert, netscape.security.x509.X509CRLImpl crl)`
`com.netscape.cmsutil.ocsp.OCSPResponse`	`validate(com.netscape.cmsutil.ocsp.OCSPRequest request)` Validate an OCSP request.
`boolean`	`waitOnCRLUpdate()` This method specifies whether or not to wait for the Certificate Revocation List (CRL) to be updated.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

mReqCounts

protected java.util.Hashtable mReqCounts

Constructor Detail

LDAPStore

public LDAPStore()

Constructs the default store.

Method Detail

getExtendedPluginInfo

public java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)

Description copied from interface: IExtendedPluginInfo

This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name ;[,required];;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"

Specified by:: getExtendedPluginInfo in interface IExtendedPluginInfo

init

public void init(ISubsystem owner,
                 IConfigStore config)
          throws EBaseException

Fetch CA certificate and CRL from LDAP server.

Specified by:: init in interface ISubsystem

Parameters:: owner - owner of this subsystem; config - configuration store
Throws:: EBaseException - failed to initialize

locateCACert

public netscape.security.x509.X509CertImpl locateCACert(netscape.ldap.LDAPConnection conn,
                                                        java.lang.String baseDN)
                                                 throws EBaseException

Locates the CA certificate.

Throws:: EBaseException

locateCRL

public netscape.security.x509.X509CRLImpl locateCRL(netscape.ldap.LDAPConnection conn,
                                                    java.lang.String baseDN)
                                             throws EBaseException

Locates the CRL.

Throws:: EBaseException

updateCRLHash

public void updateCRLHash(netscape.security.x509.X509CertImpl caCert,
                          netscape.security.x509.X509CRLImpl crl)
                   throws EBaseException

Throws:: EBaseException

log

public void log(int level,
                java.lang.String msg)

startup

public void startup()
             throws EBaseException

Description copied from interface: ISubsystem

Notifies this subsystem if owner is in running mode.

Specified by:: startup in interface ISubsystem

Throws:: EBaseException - failed to start up

shutdown

public void shutdown()

Description copied from interface: ISubsystem

Stops this system. The owner may call shutdown anytime after initialization.

Specified by:: shutdown in interface ISubsystem

getConfigStore

public IConfigStore getConfigStore()

Description copied from interface: ISubsystem

Returns the root configuration storage of this system.

Specified by:: getConfigStore in interface ISubsystem

Returns:: configuration store of this subsystem

setId

public void setId(java.lang.String id)
           throws EBaseException

Description copied from interface: ISubsystem

Sets specific to this subsystem.

Specified by:: setId in interface ISubsystem

Parameters:: id - subsystem identifier
Throws:: EBaseException - failed to set id

getId

public java.lang.String getId()

Description copied from interface: ISubsystem

Retrieves the name of this subsystem.

Specified by:: getId in interface ISubsystem

Returns:: subsystem identifier

validate

public com.netscape.cmsutil.ocsp.OCSPResponse validate(com.netscape.cmsutil.ocsp.OCSPRequest request)
                                                throws EBaseException

Validate an OCSP request.

Specified by:: validate in interface IOCSPStore

Parameters:: request - an OCSP request
Returns:: OCSPResponse the OCSP response associated with the specified OCSP request
Throws:: EBaseException - an error associated with the inability to process the supplied OCSP request