Class PolicyRule

java.lang.Object
com.netscape.certsrv.request.Policy
org.dogtagpki.legacy.server.policy.PolicyRule
Direct Known Subclasses:
EnrollmentPolicy, RenewalPolicy, RevocationPolicy
public abstract class PolicyRule extends Policy
The abstract policy rule that concrete implementations will extend. NOTE: The Policy Framework has been replaced by the Profile Framework.

  • Field Details

  • Constructor Details

    • PolicyRule

      public PolicyRule()

  • Method Details

    • init

      public abstract void init(PolicyProcessor owner, ConfigStore config) throws EBaseException
      Initializes the policy rule.
      Parameters:
      config - The config store reference
      Throws:
      EBaseException

    • getDescription

      public String getDescription()
      Gets the description for this policy rule.
      Returns:
      The Description for this rule.

    • setPredicate

      public void setPredicate(IExpression exp)
      Sets a predicate expression for rule matching.
      Parameters:
      exp - The predicate expression for the rule.

    • getPredicate

      public IExpression getPredicate()
      Returns the predicate expression for the rule.
      Returns:
      The predicate expression for the rule.

    • getName

      public String getName()
      Returns the name of the policy rule.
      Returns:
      The name of the policy class.

    • setInstanceName

      public void setInstanceName(String instanceName)
      Sets the instance name for a policy rule.
      Parameters:
      instanceName - The name of the rule instance.

    • getInstanceName

      public String getInstanceName()
      Returns the name of the policy rule instance.
      Returns:
      The name of the policy rule instance if set, else the name of the rule class.

    • apply

      public abstract PolicyResult apply(Request req)
      Applies the policy on the given Request.
      Specified by:
      apply in class Policy
      Parameters:
      req - The request on which to apply policy.
      Returns:
      The policy result object.

    • getInstanceParams

      public abstract Vector<String> getInstanceParams()
      Return configured parameters for a policy rule instance.
      Returns:
      nvPairs A Vector of name/value pairs.

    • getDefaultParams

      public abstract Vector<String> getDefaultParams()
      Return default parameters for a policy implementation.
      Returns:
      nvPairs A Vector of name/value pairs.

    • setError

      public void setError(Request req, String format, Object[] params)

    • setError

      public void setError(Request req, String format, String arg1, String arg2)

    • setError

      public void setError(Request req, String format, String arg)

    • setPolicyException

      public void setPolicyException(Request req, EBaseException ex)

    • deferred

      protected PolicyResult deferred(Request req)
      determines whether a DEFERRED policy result should be returned by checking the contents of the AgentApprovals attribute. This call should be used by policy modules instead of returning PolicyResult.DEFERRED directly.

    • agentApproved

      protected boolean agentApproved(Request req)
      request has previously been approved by an agent

    • setPolicyException

      public void setPolicyException(Request req, String format, Object[] params)

    • createKeyIdentifier

      public static org.mozilla.jss.netscape.security.x509.KeyIdentifier createKeyIdentifier(org.mozilla.jss.netscape.security.x509.X509Key key) throws NoSuchAlgorithmException, InvalidKeyException
      Throws:
      NoSuchAlgorithmException
      InvalidKeyException

    • formSpkiSHA1KeyId

      protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSpkiSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) throws EBaseException
      Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key INFO. (including algorithm ID, etc.)
      Parameters:
      certInfo - cert info of the certificate.
      Returns:
      A Key identifier with the sha-1 hash of subject public key.
      Throws:
      EBaseException

    • formSHA1KeyId

      protected org.mozilla.jss.netscape.security.x509.KeyIdentifier formSHA1KeyId(org.mozilla.jss.netscape.security.x509.X509CertInfo certInfo) throws EBaseException
      Form a byte array of octet string key identifier from the sha-1 hash of the Subject Public Key BIT STRING.
      Parameters:
      certInfo - cert info of the certificate.
      Returns:
      A Key identifier with the sha-1 hash of subject public key.
      Throws:
      EBaseException