public class SubjAltNameExt extends APolicyRule implements IEnrollmentPolicy, IExtendedPluginInfo
Subject Alternative Name extension policy in CMS 4.1. Adds the subject alternative name extension depending on the certificate type requested. Two forms are supported. 1) For S/MIME certificates, email addresses are copied from data stored in the request by the authentication component. Both 'e' and 'altEmail' are supported so that both the primary address and alternative forms may be certified. Only the primary goes in the subjectName position (which should be phased out). e mailAlternateAddress
NOTE: The Policy Framework has been replaced by the Profile Framework.
Modifier and Type | Field and Description |
---|---|
protected boolean |
mAllowAgentOverride
Deprecated.
|
protected boolean |
mAllowEEOverride
Deprecated.
|
protected boolean |
mCritical
Deprecated.
|
protected boolean |
mEnableManualValues
Deprecated.
|
protected static java.lang.String |
PROP_AGENT_OVERR
Deprecated.
|
protected static java.lang.String |
PROP_CRITICAL
Deprecated.
|
protected static java.lang.String |
PROP_EE_OVERR
Deprecated.
|
protected static java.lang.String |
PROP_ENABLE_MANUAL_VALUES
Deprecated.
|
DESC, mFilterExp, mInstanceName, mLogger, NAME
PROP_ENABLE, PROP_IMPLNAME, PROP_PREDICATE
HELP_TEXT, HELP_TOKEN
Constructor and Description |
---|
SubjAltNameExt()
Deprecated.
|
Modifier and Type | Method and Description |
---|---|
protected void |
addValues(IAuthToken tok,
java.lang.String attrName,
java.util.Vector v)
Deprecated.
Add attribute values from an LDAP attribute to a vector
|
PolicyResult |
apply(IRequest req)
Deprecated.
Adds the subject alternative names extension if not set already.
|
PolicyResult |
applyCert(IRequest req,
netscape.security.x509.X509CertInfo certInfo)
Deprecated.
|
protected netscape.security.x509.CertificateExtensions |
createCertificateExtensions(netscape.security.x509.X509CertInfo certInfo)
Deprecated.
Create a new SET of extensions in the certificate info
object.
|
protected IAuthToken |
findAuthToken(IRequest req,
java.lang.String authMgrName)
Deprecated.
Find a particular authentication token by manager name.
|
java.util.Vector |
getDefaultParams()
Deprecated.
Return default parameters for a policy implementation.
|
protected java.util.Vector |
getEmailList(IAuthToken tok)
Deprecated.
Generate a String Vector containing all the email addresses
found in this Authentication token
|
java.lang.String[] |
getExtendedPluginInfo(java.util.Locale locale)
Deprecated.
This method returns an array of strings.
|
java.util.Vector |
getInstanceParams()
Deprecated.
Return configured parameters for a policy rule instance.
|
void |
init(ISubsystem owner,
IConfigStore config)
Deprecated.
Initializes this policy rule.
|
protected netscape.security.x509.SubjectAlternativeNameExtension |
mkExt(java.util.Vector emails)
Deprecated.
Make a Subject name extension given a list of email addresses
|
agentApproved, createKeyIdentifier, deferred, formSHA1KeyId, formSpkiSHA1KeyId, getDescription, getInstanceName, getName, getPredicate, log, setError, setError, setError, setInstanceName, setPolicyException, setPolicyException, setPredicate
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
getDescription, getInstanceName, getName, getPredicate, setError, setInstanceName, setPolicyException, setPredicate
protected static final java.lang.String PROP_AGENT_OVERR
protected static final java.lang.String PROP_EE_OVERR
protected static final java.lang.String PROP_ENABLE_MANUAL_VALUES
protected static final java.lang.String PROP_CRITICAL
protected boolean mAllowAgentOverride
protected boolean mAllowEEOverride
protected boolean mEnableManualValues
protected boolean mCritical
public java.lang.String[] getExtendedPluginInfo(java.util.Locale locale)
IExtendedPluginInfo
getExtendedPluginInfo
in interface IExtendedPluginInfo
public void init(ISubsystem owner, IConfigStore config) throws EBaseException
The entries may be of the form:
ra.Policy.rule.
init
in interface IPolicyRule
init
in class APolicyRule
config
- The config store referenceEBaseException
public PolicyResult apply(IRequest req)
apply
in interface IPolicyRule
apply
in interface IPolicy
apply
in class APolicyRule
req
- The request on which to apply policy.public PolicyResult applyCert(IRequest req, netscape.security.x509.X509CertInfo certInfo)
protected IAuthToken findAuthToken(IRequest req, java.lang.String authMgrName)
protected java.util.Vector getEmailList(IAuthToken tok)
protected void addValues(IAuthToken tok, java.lang.String attrName, java.util.Vector v)
protected netscape.security.x509.SubjectAlternativeNameExtension mkExt(java.util.Vector emails) throws java.io.IOException
java.io.IOException
protected netscape.security.x509.CertificateExtensions createCertificateExtensions(netscape.security.x509.X509CertInfo certInfo) throws java.io.IOException, java.security.cert.CertificateException
java.io.IOException
java.security.cert.CertificateException
public java.util.Vector getInstanceParams()
getInstanceParams
in interface IPolicyRule
getInstanceParams
in class APolicyRule
public java.util.Vector getDefaultParams()
getDefaultParams
in interface IPolicyRule
getDefaultParams
in class APolicyRule