Package com.netscape.cms.servlet.processors

Class CAProcessor

    • Method Detail

      • getProfileID

        public java.lang.String getProfileID()

      • startTiming

        public void startTiming​(java.lang.String event)
        Stats - to be moved to Stats module

      • endTiming

        public void endTiming​(java.lang.String event)

      • endAllEvents

        public void endAllEvents()

      • printParameterValues

        protected void printParameterValues​(java.util.HashMap<java.lang.String,​java.lang.String> data)

      • getSSLClientCertificate

        public static java.security.cert.X509Certificate getSSLClientCertificate​(javax.servlet.http.HttpServletRequest httpReq)
                                                                  throws EBaseException
        get ssl client authenticated certificate
        Throws:
        EBaseException

      • toHashtable

        protected static java.util.Hashtable<java.lang.String,​java.lang.String> toHashtable​(javax.servlet.http.HttpServletRequest req)

      • authorize

        public AuthzToken authorize​(java.lang.String authzMgrName,
                            IAuthToken authToken,
                            java.lang.String resource,
                            java.lang.String operation)
        Authorize must occur after Authenticate

        • signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_FAIL used when authorization has failed
        • signed.audit LOGGING_SIGNED_AUDIT_AUTHZ_SUCCESS used when authorization is successful
        • signed.audit LOGGING_SIGNED_AUDIT_ROLE_ASSUME used when user assumes a role (in current CS that's when one accesses a role port)
        Parameters:
        authzMgrName - string representing the name of the authorization manager
        authToken - the authentication token
        resource - a string representing the ACL resource id as defined in the ACL resource list
        operation - a string representing one of the operations as defined within the ACL statement (e. g. - "read" for an ACL statement containing "(read,write)")
        Returns:
        the authorization token
        Throws:
        EBaseException - an error has occurred

      • auditRequesterID

        protected java.lang.String auditRequesterID​(IRequest request)
        Signed Audit Log Requester ID This method is called to obtain the "RequesterID" for a signed audit log message.

        Parameters:
        request - the actual request
        Returns:
        id string containing the signed audit log message RequesterID

      • auditSubjectID

        protected java.lang.String auditSubjectID()

      • auditGroupID

        protected java.lang.String auditGroupID()

      • auditGroups

        protected java.lang.String auditGroups​(java.lang.String SubjectID)
        Signed Audit Groups This method is called to extract all "groups" associated with the "auditSubjectID()".

        Parameters:
        SubjectID - string containing the signed audit log message SubjectID
        Returns:
        a delimited string of groups associated with the "auditSubjectID()"

      • validateNonce

        public void validateNonce​(javax.servlet.http.HttpServletRequest servletRequest,
                          java.lang.String name,
                          java.lang.Object id,
                          java.lang.Long nonce)
                   throws EBaseException
        Throws:
        EBaseException