Class APolicyRule
- java.lang.Object
-
- org.dogtagpki.legacy.server.policy.APolicyRule
-
- All Implemented Interfaces:
IPolicy
,IPolicyRule
- Direct Known Subclasses:
ManualAuthentication
public abstract class APolicyRule extends java.lang.Object implements IPolicyRule
The abstract policy rule that concrete implementations will extend.NOTE: The Policy Framework has been replaced by the Profile Framework.
- Version:
- $Revision$, $Date$
-
-
Field Summary
Fields Modifier and Type Field Description protected java.lang.String
DESC
static org.slf4j.Logger
logger
protected IExpression
mFilterExp
protected java.lang.String
mInstanceName
protected java.lang.String
NAME
-
Fields inherited from interface org.dogtagpki.legacy.policy.IPolicyRule
PROP_ENABLE, PROP_IMPLNAME, PROP_PREDICATE
-
-
Constructor Summary
Constructors Constructor Description APolicyRule()
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected boolean
agentApproved(IRequest req)
request has previously been approved by an agentabstract PolicyResult
apply(IRequest req)
Applies the policy on the given Request.static org.mozilla.jss.netscape.security.x509.KeyIdentifier
createKeyIdentifier(org.mozilla.jss.netscape.security.x509.X509Key key)
protected PolicyResult
deferred(IRequest req)
determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute.protected org.mozilla.jss.netscape.security.x509.KeyIdentifier
formSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.protected org.mozilla.jss.netscape.security.x509.KeyIdentifier
formSpkiSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo)
Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO.abstract java.util.Vector<java.lang.String>
getDefaultParams()
Return default parameters for a policy implementation.java.lang.String
getDescription()
Gets the description for this policy rule.java.lang.String
getInstanceName()
Returns the name of the policy rule instance.abstract java.util.Vector<java.lang.String>
getInstanceParams()
Return configured parameters for a policy rule instance.java.lang.String
getName()
Returns the name of the policy rule.IExpression
getPredicate()
Returns the predicate expression for the rule.abstract void
init(IPolicyProcessor owner, IConfigStore config)
Initializes the policy rule.void
setError(IRequest req, java.lang.String format, java.lang.Object[] params)
void
setError(IRequest req, java.lang.String format, java.lang.String arg)
void
setError(IRequest req, java.lang.String format, java.lang.String arg1, java.lang.String arg2)
void
setInstanceName(java.lang.String instanceName)
Sets the instance name for a policy rule.void
setPolicyException(IRequest req, EBaseException ex)
void
setPolicyException(IRequest req, java.lang.String format, java.lang.Object[] params)
void
setPredicate(IExpression exp)
Sets a predicate expression for rule matching.
-
-
-
Field Detail
-
logger
public static org.slf4j.Logger logger
-
NAME
protected java.lang.String NAME
-
DESC
protected java.lang.String DESC
-
mFilterExp
protected IExpression mFilterExp
-
mInstanceName
protected java.lang.String mInstanceName
-
-
Method Detail
-
init
public abstract void init(IPolicyProcessor owner, IConfigStore config) throws EBaseException
Initializes the policy rule.- Specified by:
init
in interfaceIPolicyRule
- Parameters:
config
- The config store reference- Throws:
EBaseException
-
getDescription
public java.lang.String getDescription()
Gets the description for this policy rule.- Specified by:
getDescription
in interfaceIPolicyRule
- Returns:
- The Description for this rule.
-
setPredicate
public void setPredicate(IExpression exp)
Sets a predicate expression for rule matching.- Specified by:
setPredicate
in interfaceIPolicyRule
- Parameters:
exp
- The predicate expression for the rule.
-
getPredicate
public IExpression getPredicate()
Returns the predicate expression for the rule.- Specified by:
getPredicate
in interfaceIPolicyRule
- Returns:
- The predicate expression for the rule.
-
getName
public java.lang.String getName()
Returns the name of the policy rule.- Specified by:
getName
in interfaceIPolicyRule
- Returns:
- The name of the policy class.
-
setInstanceName
public void setInstanceName(java.lang.String instanceName)
Sets the instance name for a policy rule.- Specified by:
setInstanceName
in interfaceIPolicyRule
- Parameters:
instanceName
- The name of the rule instance.
-
getInstanceName
public java.lang.String getInstanceName()
Returns the name of the policy rule instance.- Specified by:
getInstanceName
in interfaceIPolicyRule
- Returns:
- The name of the policy rule instance if set, else the name of the rule class.
-
apply
public abstract PolicyResult apply(IRequest req)
Applies the policy on the given Request.- Specified by:
apply
in interfaceIPolicy
- Specified by:
apply
in interfaceIPolicyRule
- Parameters:
req
- The request on which to apply policy.- Returns:
- The policy result object.
-
getInstanceParams
public abstract java.util.Vector<java.lang.String> getInstanceParams()
Return configured parameters for a policy rule instance.- Specified by:
getInstanceParams
in interfaceIPolicyRule
- Returns:
- nvPairs A Vector of name/value pairs.
-
getDefaultParams
public abstract java.util.Vector<java.lang.String> getDefaultParams()
Return default parameters for a policy implementation.- Specified by:
getDefaultParams
in interfaceIPolicyRule
- Returns:
- nvPairs A Vector of name/value pairs.
-
setError
public void setError(IRequest req, java.lang.String format, java.lang.Object[] params)
- Specified by:
setError
in interfaceIPolicyRule
-
setError
public void setError(IRequest req, java.lang.String format, java.lang.String arg1, java.lang.String arg2)
-
setError
public void setError(IRequest req, java.lang.String format, java.lang.String arg)
-
setPolicyException
public void setPolicyException(IRequest req, EBaseException ex)
- Specified by:
setPolicyException
in interfaceIPolicyRule
-
deferred
protected PolicyResult deferred(IRequest req)
determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute. This call should be used by policy modules instead of returning PolicyResult.DEFERRED directly.
-
agentApproved
protected boolean agentApproved(IRequest req)
request has previously been approved by an agent
-
setPolicyException
public void setPolicyException(IRequest req, java.lang.String format, java.lang.Object[] params)
-
createKeyIdentifier
public static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier(org.mozilla.jss.netscape.security.x509.X509Key key) throws java.security.NoSuchAlgorithmException, java.security.InvalidKeyException
- Throws:
java.security.NoSuchAlgorithmException
java.security.InvalidKeyException
-
formSpkiSHA1KeyId
protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSpkiSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) throws EBaseException
Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO. (including algorithm ID, etc.)- Parameters:
certInfo
- cert info of the certificate.- Returns:
- A Key identifier with the sha-1 hash of subject public key.
- Throws:
EBaseException
-
formSHA1KeyId
protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) throws EBaseException
Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.- Parameters:
certInfo
- cert info of the certificate.- Returns:
- A Key identifier with the sha-1 hash of subject public key.
- Throws:
EBaseException
-
-