Class APolicyRule

java.lang.Object
org.dogtagpki.legacy.server.policy.APolicyRule
All Implemented Interfaces:
IPolicy, IPolicyRule
Direct Known Subclasses:
ManualAuthentication
public abstract class APolicyRule extends Object implements IPolicyRule
The abstract policy rule that concrete implementations will extend. 

 NOTE:  The Policy Framework has been replaced by the Profile Framework.

Version:
$Revision$, $Date$

  • Field Details

    • logger

      public static org.slf4j.Logger logger

    • NAME

      protected String NAME

    • DESC

      protected String DESC

    • mFilterExp

      protected IExpression mFilterExp

    • mInstanceName

      protected String mInstanceName

  • Constructor Details

    • APolicyRule

      public APolicyRule()

  • Method Details

    • init

      public abstract void init(IPolicyProcessor owner, IConfigStore config) throws EBaseException
      Initializes the policy rule.

      Specified by:
      init in interface IPolicyRule
      Parameters:
      config - The config store reference
      Throws:
      EBaseException

    • getDescription

      public String getDescription()
      Gets the description for this policy rule.

      Specified by:
      getDescription in interface IPolicyRule
      Returns:
      The Description for this rule.

    • setPredicate

      public void setPredicate(IExpression exp)
      Sets a predicate expression for rule matching.

      Specified by:
      setPredicate in interface IPolicyRule
      Parameters:
      exp - The predicate expression for the rule.

    • getPredicate

      public IExpression getPredicate()
      Returns the predicate expression for the rule.

      Specified by:
      getPredicate in interface IPolicyRule
      Returns:
      The predicate expression for the rule.

    • getName

      public String getName()
      Returns the name of the policy rule.

      Specified by:
      getName in interface IPolicyRule
      Returns:
      The name of the policy class.

    • setInstanceName

      public void setInstanceName(String instanceName)
      Sets the instance name for a policy rule.

      Specified by:
      setInstanceName in interface IPolicyRule
      Parameters:
      instanceName - The name of the rule instance.

    • getInstanceName

      public String getInstanceName()
      Returns the name of the policy rule instance.

      Specified by:
      getInstanceName in interface IPolicyRule
      Returns:
      The name of the policy rule instance if set, else the name of the rule class.

    • apply

      public abstract PolicyResult apply(IRequest req)
      Applies the policy on the given Request.

      Specified by:
      apply in interface IPolicy
      Specified by:
      apply in interface IPolicyRule
      Parameters:
      req - The request on which to apply policy.
      Returns:
      The policy result object.

    • getInstanceParams

      public abstract Vector<String> getInstanceParams()
      Return configured parameters for a policy rule instance.
      Specified by:
      getInstanceParams in interface IPolicyRule
      Returns:
      nvPairs A Vector of name/value pairs.

    • getDefaultParams

      public abstract Vector<String> getDefaultParams()
      Return default parameters for a policy implementation.
      Specified by:
      getDefaultParams in interface IPolicyRule
      Returns:
      nvPairs A Vector of name/value pairs.

    • setError

      public void setError(IRequest req, String format, Object[] params)
      Specified by:
      setError in interface IPolicyRule

    • setError

      public void setError(IRequest req, String format, String arg1, String arg2)

    • setError

      public void setError(IRequest req, String format, String arg)

    • setPolicyException

      public void setPolicyException(IRequest req, EBaseException ex)
      Specified by:
      setPolicyException in interface IPolicyRule

    • deferred

      protected PolicyResult deferred(IRequest req)
      determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute. This call should be used by policy modules instead of returning PolicyResult.DEFERRED directly.

    • agentApproved

      protected boolean agentApproved(IRequest req)
      request has previously been approved by an agent

    • setPolicyException

      public void setPolicyException(IRequest req, String format, Object[] params)

    • createKeyIdentifier

      public static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier(org.mozilla.jss.netscape.security.x509.X509Key key) throws NoSuchAlgorithmException, InvalidKeyException
      Throws:
      NoSuchAlgorithmException
      InvalidKeyException

    • formSpkiSHA1KeyId

      protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSpkiSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) throws EBaseException
      Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO. (including algorithm ID, etc.)

      Parameters:
      certInfo - cert info of the certificate.
      Returns:
      A Key identifier with the sha-1 hash of subject public key.
      Throws:
      EBaseException

    • formSHA1KeyId

      protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) throws EBaseException
      Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.

      Parameters:
      certInfo - cert info of the certificate.
      Returns:
      A Key identifier with the sha-1 hash of subject public key.
      Throws:
      EBaseException