Package org.dogtagpki.legacy.server.policy

Class APolicyRule

    • Field Detail

      • NAME

        protected java.lang.String NAME

      • DESC

        protected java.lang.String DESC

      • mInstanceName

        protected java.lang.String mInstanceName

      • mLogger

        protected Logger mLogger

    • Constructor Detail

      • APolicyRule

        public APolicyRule()

    • Method Detail

      • getDescription

        public java.lang.String getDescription()
        Gets the description for this policy rule.

        Specified by:
        getDescription in interface IPolicyRule
        Returns:
        The Description for this rule.

      • setPredicate

        public void setPredicate​(IExpression exp)
        Sets a predicate expression for rule matching.

        Specified by:
        setPredicate in interface IPolicyRule
        Parameters:
        exp - The predicate expression for the rule.

      • getPredicate

        public IExpression getPredicate()
        Returns the predicate expression for the rule.

        Specified by:
        getPredicate in interface IPolicyRule
        Returns:
        The predicate expression for the rule.

      • getName

        public java.lang.String getName()
        Returns the name of the policy rule.

        Specified by:
        getName in interface IPolicyRule
        Returns:
        The name of the policy class.

      • setInstanceName

        public void setInstanceName​(java.lang.String instanceName)
        Sets the instance name for a policy rule.

        Specified by:
        setInstanceName in interface IPolicyRule
        Parameters:
        instanceName - The name of the rule instance.

      • getInstanceName

        public java.lang.String getInstanceName()
        Returns the name of the policy rule instance.

        Specified by:
        getInstanceName in interface IPolicyRule
        Returns:
        The name of the policy rule instance if set, else the name of the rule class.

      • apply

        public abstract PolicyResult apply​(IRequest req)
        Applies the policy on the given Request.

        Specified by:
        apply in interface IPolicy
        Specified by:
        apply in interface IPolicyRule
        Parameters:
        req - The request on which to apply policy.
        Returns:
        The policy result object.

      • getInstanceParams

        public abstract java.util.Vector<java.lang.String> getInstanceParams()
        Return configured parameters for a policy rule instance.
        Specified by:
        getInstanceParams in interface IPolicyRule
        Returns:
        nvPairs A Vector of name/value pairs.

      • getDefaultParams

        public abstract java.util.Vector<java.lang.String> getDefaultParams()
        Return default parameters for a policy implementation.
        Specified by:
        getDefaultParams in interface IPolicyRule
        Returns:
        nvPairs A Vector of name/value pairs.

      • setError

        public void setError​(IRequest req,
                     java.lang.String format,
                     java.lang.Object[] params)
        Specified by:
        setError in interface IPolicyRule

      • setError

        public void setError​(IRequest req,
                     java.lang.String format,
                     java.lang.String arg1,
                     java.lang.String arg2)

      • setError

        public void setError​(IRequest req,
                     java.lang.String format,
                     java.lang.String arg)

      • deferred

        protected PolicyResult deferred​(IRequest req)
        determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute. This call should be used by policy modules instead of returning PolicyResult.DEFERRED directly.

      • agentApproved

        protected boolean agentApproved​(IRequest req)
        request has previously been approved by an agent

      • setPolicyException

        public void setPolicyException​(IRequest req,
                               java.lang.String format,
                               java.lang.Object[] params)

      • log

        protected void log​(int level,
                   java.lang.String msg)
        log a message for this policy rule.

      • createKeyIdentifier

        public static KeyIdentifier createKeyIdentifier​(X509Key key)
                                         throws java.security.NoSuchAlgorithmException,
                                                java.security.InvalidKeyException
        Throws:
        java.security.NoSuchAlgorithmException
        java.security.InvalidKeyException

      • formSpkiSHA1KeyId

        protected KeyIdentifier formSpkiSHA1KeyId​(X509CertInfo certInfo)
                                   throws EBaseException
        Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO. (including algorithm ID, etc.)

        Parameters:
        certInfo - cert info of the certificate.
        Returns:
        A Key identifier with the sha-1 hash of subject public key.
        Throws:
        EBaseException

      • formSHA1KeyId

        protected KeyIdentifier formSHA1KeyId​(X509CertInfo certInfo)
                               throws EBaseException
        Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.

        Parameters:
        certInfo - cert info of the certificate.
        Returns:
        A Key identifier with the sha-1 hash of subject public key.
        Throws:
        EBaseException