diff options
| author | Fraser Tweedale <ftweedal@redhat.com> | 2016-05-10 13:03:15 +1000 |
|---|---|---|
| committer | Fraser Tweedale <ftweedal@redhat.com> | 2016-05-10 13:46:26 +1000 |
| commit | 70d751e837cbf375ebd068169e591cd4a971f472 (patch) | |
| tree | 1586a7621473dd6400d3edf18c22a2a0c21166ec /base/server/cms/src/com | |
| parent | 4f7b36b0dcd3c09047325ebcb42d554093c9a756 (diff) | |
| download | pki-70d751e837cbf375ebd068169e591cd4a971f472.tar.gz pki-70d751e837cbf375ebd068169e591cd4a971f472.tar.xz pki-70d751e837cbf375ebd068169e591cd4a971f472.zip | |
Support certificate search by issuer DN.
Now that Dogtag can host multiple CAs in a single instance, add a
certificate search parameter for limiting searches to a particular
issuer.
Fixes: https://fedorahosted.org/pki/ticket/2321
Diffstat (limited to 'base/server/cms/src/com')
| -rw-r--r-- | base/server/cms/src/com/netscape/cms/servlet/cert/FilterBuilder.java | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/base/server/cms/src/com/netscape/cms/servlet/cert/FilterBuilder.java b/base/server/cms/src/com/netscape/cms/servlet/cert/FilterBuilder.java index be44c47b5..55f32d27e 100644 --- a/base/server/cms/src/com/netscape/cms/servlet/cert/FilterBuilder.java +++ b/base/server/cms/src/com/netscape/cms/servlet/cert/FilterBuilder.java @@ -42,6 +42,7 @@ public class FilterBuilder { public String buildFilter() { + buildIssuerDNFilter(); buildSerialNumberRangeFilter(); buildSubjectFilter(); buildStatusFilter(); @@ -70,6 +71,15 @@ public class FilterBuilder { } } + private void buildIssuerDNFilter() { + String issuerDN = request.getIssuerDN(); + if (issuerDN != null && !issuerDN.isEmpty()) { + filters.add( + "(" + ICertRecord.ATTR_X509CERT_ISSUER + + "=" + LDAPUtil.escapeFilter(issuerDN) + ")"); + } + } + private void buildSerialNumberRangeFilter() { String serialFrom = request.getSerialFrom(); |