Field Detail

• logger

  public static org.slf4j.Logger logger

• mReqCounts

  protected java.util.Hashtable<java.lang.String,java.lang.Long> mReqCounts

Constructor Detail

• LDAPStore

  public LDAPStore()

  Constructs the default store.

Method Detail

• getExtendedPluginInfo

  public java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)

  Description copied from interface: IExtendedPluginInfo
  This method returns an array of strings. Each element of the array represents a configurable parameter, or some other meta-info (such as help-token) there is an entry indexed on that parameter name ;[,required];;... Where: type_info is either 'string', 'number', 'boolean', 'password' or 'choice(ch1,ch2,ch3,...)' If the marker 'required' is included after the type_info, the parameter will has some visually distinctive marking in the UI. 'description' is a short sentence describing the parameter 'choice' is rendered as a drop-down list. The first parameter in the list will be activated by default 'boolean' is rendered as a checkbox. The resulting parameter will be either 'true' or 'false' 'string' allows any characters 'number' allows only numbers 'password' is rendered as a password field (the characters are replaced with *'s when being types. This parameter is not passed through to the plugin. It is instead inserted directly into the password cache keyed on the instance name. The value of the parameter 'bindPWPrompt' (see example below) is set to the key. In addition to the configurable parameters, the following magic parameters may be defined: HELP_TOKEN;helptoken - a pointer to the online manual section for this plugin HELP_TEXT;helptext - a general help string describing the plugin For example: "username;string;The username you wish to login as" "bindPWPrompt;password;Enter password to bind as above user with" "algorithm;choice(RSA,DSA);Which algorithm do you want to use" "enable;boolean;Do you want to run this plugin" "port;number;Which port number do you want to use"

  Specified by:

  getExtendedPluginInfo in interface IExtendedPluginInfo

• init

  public void init(IOCSPAuthority owner,
                   IConfigStore config)
            throws EBaseException

  Fetch CA certificate and CRL from LDAP server.

  Specified by:

  init in interface IOCSPStore

  Throws:

  EBaseException

• locateCACert

  public org.mozilla.jss.netscape.security.x509.X509CertImpl locateCACert(netscape.ldap.LDAPConnection conn,
                                                                          java.lang.String baseDN)
                                                                   throws EBaseException

  Locates the CA certificate.

  Throws:

  EBaseException

• locateCRL

  public org.mozilla.jss.netscape.security.x509.X509CRLImpl locateCRL(netscape.ldap.LDAPConnection conn,
                                                                      java.lang.String baseDN)
                                                               throws EBaseException

  Locates the CRL.

  Throws:

  EBaseException

• updateCRLHash

  public void updateCRLHash(org.mozilla.jss.netscape.security.x509.X509CertImpl caCert,
                            org.mozilla.jss.netscape.security.x509.X509CRLImpl crl)
                     throws EBaseException

  Throws:

  EBaseException

• startup

  public void startup()
               throws EBaseException

  Specified by:

  startup in interface IOCSPStore

  Throws:

  EBaseException

• shutdown

  public void shutdown()

  Specified by:

  shutdown in interface IOCSPStore

• getConfigStore

  public IConfigStore getConfigStore()

• setId

  public void setId(java.lang.String id)
             throws EBaseException

  Throws:

  EBaseException

• getId

  public java.lang.String getId()

• validate

  public OCSPResponse validate(OCSPRequest request)
                        throws EBaseException

  Validate an OCSP request.

  Specified by:

  validate in interface IOCSPStore

  Parameters:

  request - an OCSP request

  Returns:

  OCSPResponse the OCSP response associated with the specified OCSP request

  Throws:

  EBaseException - an error associated with the inability to process the supplied OCSP request

• getStateCount

  public int getStateCount()

  Description copied from interface: IDefStore
  This method retrieves the number of CRL updates since startup.

  Specified by:

  getStateCount in interface IDefStore

  Returns:

  count the number of OCSP default stores

• getReqCount

  public long getReqCount(java.lang.String id)

  Description copied from interface: IDefStore
  This method retrieves the number of OCSP requests since startup.

  Specified by:

  getReqCount in interface IDefStore

  Parameters:

  id - a string associated with an OCSP request

  Returns:

  count the number of this type of OCSP requests

• createRepositoryRecord

  public IRepositoryRecord createRepositoryRecord()

  Description copied from interface: IDefStore
  This method creates a an OCSP default store repository record.

  Specified by:

  createRepositoryRecord in interface IDefStore

  Returns:

  IRepositoryRecord an instance of the repository record object

• addRepository

  public void addRepository(java.lang.String name,
                            java.lang.String thisUpdate,
                            IRepositoryRecord rec)
                     throws EBaseException

  Description copied from interface: IDefStore
  This method adds a request to the default OCSP store repository.

  Specified by:

  addRepository in interface IDefStore

  Parameters:

  name - a string representing the name of this request

  thisUpdate - the current request

  rec - an instance of the repository record object

  Throws:

  EBaseException - occurs when there is an error attempting to add this request to the repository

• waitOnCRLUpdate

  public boolean waitOnCRLUpdate()

  Description copied from interface: IDefStore
  This method specifies whether or not to wait for the Certificate Revocation List (CRL) to be updated.

  Specified by:

  waitOnCRLUpdate in interface IDefStore

  Returns:

  boolean true or false

• updateCRL

  public void updateCRL(java.security.cert.X509CRL crl)
                 throws EBaseException

  Description copied from interface: IDefStore
  This method updates the specified CRL.

  Specified by:

  updateCRL in interface IDefStore

  Parameters:

  crl - the CRL to be updated

  Throws:

  EBaseException - occurs when the CRL cannot be updated

• readCRLIssuingPoint

  public ICRLIssuingPointRecord readCRLIssuingPoint(java.lang.String name)
                                             throws EBaseException

  Description copied from interface: IDefStore
  This method attempts to read the CRL issuing point.

  Specified by:

  readCRLIssuingPoint in interface IDefStore

  Parameters:

  name - the name of the CRL to be read

  Returns:

  ICRLIssuingPointRecord the CRL issuing point

  Throws:

  EBaseException - occurs when the specified CRL cannot be located

• searchAllCRLIssuingPointRecord

  public java.util.Enumeration<ICRLIssuingPointRecord> searchAllCRLIssuingPointRecord(int maxSize)
                                                                               throws EBaseException

  Description copied from interface: IDefStore
  This method searches all CRL issuing points.

  Specified by:

  searchAllCRLIssuingPointRecord in interface IDefStore

  Parameters:

  maxSize - specifies the largest number of hits from the search

  Returns:

  Enumeration a list of the CRL issuing points

  Throws:

  EBaseException - occurs when no CRL issuing point exists

• searchCRLIssuingPointRecord

  public java.util.Enumeration<ICRLIssuingPointRecord> searchCRLIssuingPointRecord(java.lang.String filter,
                                                                                   int maxSize)
                                                                            throws EBaseException

  Description copied from interface: IDefStore
  This method searches all CRL issuing points constrained by the specified filtering mechanism.

  Specified by:

  searchCRLIssuingPointRecord in interface IDefStore

  Parameters:

  filter - a string which constrains the search

  maxSize - specifies the largest number of hits from the search

  Returns:

  Enumeration a list of the CRL issuing points

  Throws:

  EBaseException - occurs when no CRL issuing point exists

• createCRLIssuingPointRecord

  public ICRLIssuingPointRecord createCRLIssuingPointRecord(java.lang.String name,
                                                            java.math.BigInteger crlNumber,
                                                            java.lang.Long crlSize,
                                                            java.util.Date thisUpdate,
                                                            java.util.Date nextUpdate)

  Description copied from interface: IDefStore
  This method creates a CRL issuing point record.

  Specified by:

  createCRLIssuingPointRecord in interface IDefStore

  Parameters:

  name - a string representation of this CRL issuing point record

  crlNumber - the number of this CRL issuing point record

  crlSize - the size of this CRL issuing point record

  thisUpdate - the time for this CRL issuing point record

  nextUpdate - the time for the next CRL issuing point record

  Returns:

  ICRLIssuingPointRecord this CRL issuing point record

• addCRLIssuingPoint

  public void addCRLIssuingPoint(java.lang.String name,
                                 ICRLIssuingPointRecord rec)
                          throws EBaseException

  Description copied from interface: IDefStore
  This method adds a CRL issuing point

  Specified by:

  addCRLIssuingPoint in interface IDefStore

  Parameters:

  name - a string representation of this CRL issuing point record

  rec - this CRL issuing point record

  Throws:

  EBaseException - occurs when the specified CRL issuing point record cannot be added

• deleteCRLIssuingPointRecord

  public void deleteCRLIssuingPointRecord(java.lang.String id)
                                   throws EBaseException

  Description copied from interface: IDefStore
  This method deletes a CRL issuing point record

  Specified by:

  deleteCRLIssuingPointRecord in interface IDefStore

  Parameters:

  id - a string representation of this CRL issuing point record

  Throws:

  EBaseException - occurs when the specified CRL issuing point record cannot be deleted

• isNotFoundGood

  public boolean isNotFoundGood()

  Description copied from interface: IDefStore
  This method checks to see if the OCSP response should return good when the certificate is not found.

  Specified by:

  isNotFoundGood in interface IDefStore

  Returns:

  boolean true or false

• includeNextUpdate

  public boolean includeNextUpdate()
                            throws EBaseException

  Throws:

  EBaseException

• isNotFoundGood1

  public boolean isNotFoundGood1()
                          throws EBaseException

  Throws:

  EBaseException

• incReqCount

  public void incReqCount(java.lang.String id)

• getConfigParameters

  public NameValuePairs getConfigParameters()

  Provides configuration parameters.

  Specified by:

  getConfigParameters in interface IOCSPStore

  Returns:

  NameValuePairs all configuration items

• setConfigParameters

  public void setConfigParameters(NameValuePairs pairs)
                           throws EBaseException

  Description copied from interface: IOCSPStore
  This method stores the configuration parameters specified by the passed-in Name Value pairs object.

  Specified by:

  setConfigParameters in interface IOCSPStore

  Parameters:

  pairs - a name-value pair object

  Throws:

  EBaseException - an illegal name-value pair