diff options
author | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-01-05 16:58:25 +0000 |
---|---|---|
committer | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-01-05 16:58:25 +0000 |
commit | 12037cf9cf935bda5259e531b11a876ff2b41098 (patch) | |
tree | 2dd9029e94369398638d8467ddd895acae80cfb3 /pki/base/kra/src/com/netscape/kra/KeyRecoveryAuthority.java | |
parent | dca02910f6de3f9631589ee3c12c229fa58629c8 (diff) | |
download | pki-12037cf9cf935bda5259e531b11a876ff2b41098.tar.gz pki-12037cf9cf935bda5259e531b11a876ff2b41098.tar.xz pki-12037cf9cf935bda5259e531b11a876ff2b41098.zip |
BZ472006 Serial number management
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@168 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/kra/src/com/netscape/kra/KeyRecoveryAuthority.java')
-rw-r--r-- | pki/base/kra/src/com/netscape/kra/KeyRecoveryAuthority.java | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/pki/base/kra/src/com/netscape/kra/KeyRecoveryAuthority.java b/pki/base/kra/src/com/netscape/kra/KeyRecoveryAuthority.java index 9ca87dd0c..c55a949c0 100644 --- a/pki/base/kra/src/com/netscape/kra/KeyRecoveryAuthority.java +++ b/pki/base/kra/src/com/netscape/kra/KeyRecoveryAuthority.java @@ -35,6 +35,7 @@ import com.netscape.certsrv.base.*; import com.netscape.certsrv.dbs.*; import com.netscape.certsrv.usrgrp.*; import com.netscape.certsrv.dbs.keydb.*; +import com.netscape.certsrv.dbs.replicadb.*; import com.netscape.cmscore.dbs.*; import com.netscape.certsrv.policy.*; import com.netscape.certsrv.kra.*; @@ -73,6 +74,7 @@ public class KeyRecoveryAuthority implements IAuthority, IKeyService, IKeyRecove private static final String PARAM_AGENT = "agent"; private final static String KEY_RESP_NAME = "keyRepository"; + private static final String PROP_REPLICAID_DN = "dbs.replicadn"; private Hashtable mRequestProcessor = new Hashtable(); @@ -89,6 +91,7 @@ public class KeyRecoveryAuthority implements IAuthority, IKeyService, IKeyRecove protected Hashtable mAutoRecovery = new Hashtable(); protected boolean mAutoRecoveryOn = false; protected KeyRepository mKeyDB = null; + protected ReplicaIDRepository mReplicaRepot = null; protected IRequestNotifier mNotify = null; protected IRequestNotifier mPNotify = null; protected ISubsystem mOwner = null; @@ -348,6 +351,11 @@ public class KeyRecoveryAuthority implements IAuthority, IKeyService, IKeyRecove mRequestQueue = reqSub.getRequestQueue(getId(), reqdb_inc, mPolicy, service, mNotify, mPNotify); + // set KeyStatusUpdateInterval to be 10 minutes if serial management is enabled. + mKeyDB.setKeyStatusUpdateInterval( + mRequestQueue.getRequestRepository(), + mConfig.getInteger("keyStatusUpdateInterval", 10 * 60)); + // init request scheduler if configured String schedulerClass = mConfig.getString("requestSchedulerClass", null); @@ -363,6 +371,16 @@ public class KeyRecoveryAuthority implements IAuthority, IKeyService, IKeyRecove } } initNotificationListeners(); + + String replicaReposDN = mConfig.getString(PROP_REPLICAID_DN, null); + if (replicaReposDN == null) { + replicaReposDN = "ou=Replica," + getDBSubsystem().getBaseDN(); + } + + mReplicaRepot = new ReplicaIDRepository( + DBSubsystem.getInstance(), 1, replicaReposDN); + CMS.debug("Replica Repot inited"); + } public CryptoToken getKeygenToken() { @@ -418,6 +436,10 @@ public class KeyRecoveryAuthority implements IAuthority, IKeyService, IKeyRecove mTransportKeyUnit.shutdown(); mStorageKeyUnit.shutdown(); + if (mKeyDB != null) { + mKeyDB.shutdown(); + mKeyDB = null; + } getLogger().log(ILogger.EV_SYSTEM, ILogger.S_KRA, ILogger.LL_INFO, mName.toString() + " is stopped"); mInitialized = false; @@ -1056,6 +1078,17 @@ public class KeyRecoveryAuthority implements IAuthority, IKeyService, IKeyRecove } /** + * Retrieves replica repository. + * <P> + * + * @return replica repository + */ + public IReplicaIDRepository getReplicaRepository() { + return mReplicaRepot; + } + + + /** * Retrieves the DN of this escrow authority. * <P> * |