Bugzilla bug #502694.

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@594 c9f7a03b-bd48-0410-a16d-cbbf54688b0b

1 files changed, 20 insertions, 0 deletions

diff --git a/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java b/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java
index 1a101ed53..0438bcbd2 100644
--- a/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java
+++ b/pki/base/ca/src/com/netscape/ca/CertificateAuthority.java
@@ -173,6 +173,10 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori
 
     private boolean mByName = true;
 
+    private boolean mUseNonces = true;
+    private int mMaxNonces = 100;
+    private Nonces mNonces = null;
+
     /**
      * Constructs a CA subsystem.
      */
@@ -245,6 +249,15 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori
        return maxNumberOfPublishingThreads;
     }
 
+
+    public boolean noncesEnabled() {
+        return mUseNonces;
+    }
+
+    public Nonces getNonces() {
+        return mNonces;
+    }
+
     /**
      * Initializes this CA subsystem.
      * <P>
@@ -279,6 +292,13 @@ public class CertificateAuthority implements ICertificateAuthority, ICertAuthori
         // init web gateway.
         initWebGateway();
 
+        mUseNonces = mConfig.getBoolean("enableNonces", true);
+        mMaxNonces = mConfig.getInteger("maxNumberOfNonces", 100);
+        if (mUseNonces) {
+            mNonces = new Nonces(mMaxNonces);
+            CMS.debug("CertificateAuthority init: Nonces enabled. ("+mNonces.size()+")");
+        }
+
         // init request queue and related modules.
         CMS.debug("CertificateAuthority init: initRequestQueue");
         initRequestQueue();