diff options
Diffstat (limited to 'base/common/src/com/netscape/certsrv/policy')
18 files changed, 1264 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/certsrv/policy/EPolicyException.java b/base/common/src/com/netscape/certsrv/policy/EPolicyException.java new file mode 100644 index 000000000..f32f4f64f --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/EPolicyException.java @@ -0,0 +1,169 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +import java.util.Locale; + +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.MessageFormatter; + +/** + * This class represents Exceptions used by the policy package. + * The policies themselves do not raise exceptions but use them + * to format error messages. + * + * Adapted from EBasException + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + * @see java.text.MessageFormat + */ +public class EPolicyException extends EBaseException { + + /** + * + */ + private static final long serialVersionUID = -1969940775036388085L; + /** + * Resource class name. + */ + private static final String POLICY_RESOURCES = PolicyResources.class.getName(); + + /** + * Constructs a base exception. + * <P> + * + * @param msgFormat exception details + */ + public EPolicyException(String msgFormat) { + super(msgFormat); + mParams = null; + } + + /** + * Constructs a base exception with a parameter. For example, + * + * <PRE> + * new EPolicyException("failed to load {0}", fileName); + * </PRE> + * <P> + * + * @param msgFormat exception details in message string format + * @param param message string parameter + */ + public EPolicyException(String msgFormat, String param) { + super(msgFormat); + mParams = new String[1]; + mParams[0] = param; + } + + /** + * Constructs a base exception with two String parameters. For example, + * <P> + * + * @param msgFormat exception details in message string format + * @param param1 message string parameter + * @param param2 message string parameter + */ + public EPolicyException(String msgFormat, String param1, String param2) { + super(msgFormat); + mParams = new String[2]; + mParams[0] = param1; + mParams[1] = param2; + } + + /** + * Constructs a base exception. It can be used to carry + * a system exception that may contain information about + * the context. For example, + * + * <PRE> + * try { + * ... + * } catch (IOExeption e) { + * throw new EPolicyException("Encountered System Error {0}", e); + * } + * </PRE> + * <P> + * + * @param msgFormat exception details in message string format + * @param param system exception + */ + public EPolicyException(String msgFormat, Exception param) { + super(msgFormat); + mParams = new Exception[1]; + mParams[0] = param; + } + + /** + * Constructs a base exception with a list of parameters + * that will be substituted into the message format. + * <P> + * + * @param msgFormat exception details in message string format + * @param params list of message format parameters + */ + public EPolicyException(String msgFormat, Object params[]) { + super(msgFormat); + mParams = params; + } + + /** + * Returns a list of parameters. + * <P> + * + * @return list of message format parameters + */ + public Object[] getParameters() { + return mParams; + } + + /** + * Returns localized exception string. This method should + * only be called if a localized string is necessary. + * <P> + * + * @return details message + */ + public String toString() { + return toString(Locale.getDefault()); + } + + /** + * Returns the string based on the given locale. + * <P> + * + * @param locale locale + * @return details message + */ + public String toString(Locale locale) { + return MessageFormatter.getLocalizedString(locale, getBundleName(), + super.getMessage(), mParams); + } + + protected String getBundleName() { + return POLICY_RESOURCES; + } + +} diff --git a/base/common/src/com/netscape/certsrv/policy/IEnrollmentPolicy.java b/base/common/src/com/netscape/certsrv/policy/IEnrollmentPolicy.java new file mode 100644 index 000000000..7c789932a --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IEnrollmentPolicy.java @@ -0,0 +1,35 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +/** + * Interface for an enrollment policy rule. This provides general + * typing for rules so that a policy processor can group rules + * based on a particular type. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IEnrollmentPolicy extends IPolicyRule { +} diff --git a/base/common/src/com/netscape/certsrv/policy/IExpression.java b/base/common/src/com/netscape/certsrv/policy/IExpression.java new file mode 100644 index 000000000..4075e8683 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IExpression.java @@ -0,0 +1,61 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +import com.netscape.certsrv.request.IRequest; + +/** + * Interface for a policy expression. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IExpression { + public static final int OP_EQUAL = 1; + public static final int OP_NEQUAL = 2; + public static final int OP_GT = 3; + public static final int OP_LT = 4; + public static final int OP_GE = 5; + public static final int OP_LE = 6; + public static final String EQUAL_STR = "=="; + public static final String NEQUAL_STR = "!="; + public static final String GT_STR = ">"; + public static final String GE_STR = ">="; + public static final String LT_STR = "<"; + public static final String LE_STR = "<="; + + /** + * Evaluate the Expression. + * + * @param req The PKIRequest on which we are applying the condition. + * @return The return value. + */ + boolean evaluate(IRequest req) + throws EPolicyException; + + /** + * Convert to a string. + */ + public String toString(); +} diff --git a/base/common/src/com/netscape/certsrv/policy/IGeneralNameAsConstraintsConfig.java b/base/common/src/com/netscape/certsrv/policy/IGeneralNameAsConstraintsConfig.java new file mode 100644 index 000000000..78ec31198 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IGeneralNameAsConstraintsConfig.java @@ -0,0 +1,53 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +import java.util.Vector; + +import netscape.security.x509.GeneralName; + +/** + * Class that can be used to form general names from configuration file. + * Used by policies and extension commands. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IGeneralNameAsConstraintsConfig { + + /** + * Retrieves instance parameters. + * + * @param params parameters + */ + public void getInstanceParams(Vector<String> params); + + /** + * Retrieves the general name. + * + * @return general name + */ + public GeneralName getGeneralName(); + +} diff --git a/base/common/src/com/netscape/certsrv/policy/IGeneralNameConfig.java b/base/common/src/com/netscape/certsrv/policy/IGeneralNameConfig.java new file mode 100644 index 000000000..193269bbd --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IGeneralNameConfig.java @@ -0,0 +1,67 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +import java.util.Vector; + +import netscape.security.x509.GeneralName; + +import com.netscape.certsrv.base.EBaseException; + +/** + * Class that can be used to form general names from configuration file. + * Used by policies and extension commands. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IGeneralNameConfig { + + /** + * Forms a general name from string. + * + * @param value general name in string + * @return general name object + * @exception EBaseException failed to form general name + */ + public GeneralName formGeneralName(String value) + throws EBaseException; + + /** + * Forms general names from the given value. + * + * @param value general name in string + * @return a vector of general names + * @exception EBaseException failed to form general name + */ + public Vector<GeneralName> formGeneralNames(Object value) + throws EBaseException; + + /** + * Retrieves the instance parameters. + * + * @param params parameters + */ + public void getInstanceParams(Vector<String> params); +} diff --git a/base/common/src/com/netscape/certsrv/policy/IGeneralNameUtil.java b/base/common/src/com/netscape/certsrv/policy/IGeneralNameUtil.java new file mode 100644 index 000000000..102b25ccd --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IGeneralNameUtil.java @@ -0,0 +1,77 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +/** + * Class that can be used to form general names from configuration file. + * Used by policies and extension commands. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IGeneralNameUtil { + + public static final String PROP_NUM_GENERALNAMES = "numGeneralNames"; + public static final String PROP_GENERALNAME = "generalName"; + public static final String PROP_GENNAME_CHOICE = "generalNameChoice"; + public static final String PROP_GENNAME_VALUE = "generalNameValue"; + public static final String GENNAME_CHOICE_RFC822NAME = "rfc822Name"; + public static final String GENNAME_CHOICE_DIRECTORYNAME = "directoryName"; + public static final String GENNAME_CHOICE_DNSNAME = "dNSName"; + public static final String GENNAME_CHOICE_X400ADDRESS = "x400Address"; + public static final String GENNAME_CHOICE_EDIPARTYNAME = "ediPartyName"; + public static final String GENNAME_CHOICE_URL = "URL"; + public static final String GENNAME_CHOICE_IPADDRESS = "iPAddress"; + public static final String GENNAME_CHOICE_REGISTEREDID = "OID"; + public static final String GENNAME_CHOICE_OTHERNAME = "otherName"; + + /** + * Default number of general names. + */ + public static final int DEF_NUM_GENERALNAMES = 8; + + /** + * Default extended plugin info. + */ + public static String NUM_GENERALNAMES_INFO = + "number;The total number of alternative names or identities permitted in the extension."; + public static String GENNAME_CHOICE_INFO = + "choice(" + + IGeneralNameUtil.GENNAME_CHOICE_RFC822NAME + "," + + IGeneralNameUtil.GENNAME_CHOICE_DIRECTORYNAME + "," + + IGeneralNameUtil.GENNAME_CHOICE_DNSNAME + "," + + IGeneralNameUtil.GENNAME_CHOICE_EDIPARTYNAME + "," + + IGeneralNameUtil.GENNAME_CHOICE_URL + "," + + IGeneralNameUtil.GENNAME_CHOICE_IPADDRESS + "," + + IGeneralNameUtil.GENNAME_CHOICE_REGISTEREDID + "," + + IGeneralNameUtil.GENNAME_CHOICE_OTHERNAME + ");" + + "GeneralName choice. See RFC 2459 appendix B2 on GeneralName."; + public static String GENNAME_VALUE_INFO = + "string;Value according to the GeneralName choice."; + + public static String PROP_NUM_GENERALNAMES_INFO = PROP_NUM_GENERALNAMES + ";" + NUM_GENERALNAMES_INFO; + public static String PROP_GENNAME_CHOICE_INFO = PROP_GENNAME_CHOICE + ";" + GENNAME_CHOICE_INFO; + public static String PROP_GENNAME_VALUE_INFO = PROP_GENNAME_VALUE + ";" + GENNAME_VALUE_INFO; + +} diff --git a/base/common/src/com/netscape/certsrv/policy/IGeneralNamesAsConstraintsConfig.java b/base/common/src/com/netscape/certsrv/policy/IGeneralNamesAsConstraintsConfig.java new file mode 100644 index 000000000..aeb7867e3 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IGeneralNamesAsConstraintsConfig.java @@ -0,0 +1,53 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +import java.util.Vector; + +import netscape.security.x509.GeneralNames; + +/** + * Class that can be used to form general names from configuration file. + * Used by policies and extension commands. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IGeneralNamesAsConstraintsConfig { + + /** + * Retrieves a list of configured general names. + * + * @return a list of general names + */ + public GeneralNames getGeneralNames(); + + /** + * Retrieves instance parameters. + * + * @param params instance parameters + */ + public void getInstanceParams(Vector<String> params); + +} diff --git a/base/common/src/com/netscape/certsrv/policy/IGeneralNamesConfig.java b/base/common/src/com/netscape/certsrv/policy/IGeneralNamesConfig.java new file mode 100644 index 000000000..2074b9d19 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IGeneralNamesConfig.java @@ -0,0 +1,52 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +import java.util.Vector; + +import netscape.security.x509.GeneralNames; + +/** + * Class that can be used to form general names from configuration file. + * Used by policies and extension commands. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IGeneralNamesConfig { + + /** + * Retrieves a list of configured general names. + * + * @return general names + */ + public GeneralNames getGeneralNames(); + + /** + * Retrieves the instance parameters. + * + * @param params instance parameters + */ + public void getInstanceParams(Vector<String> params); +} diff --git a/base/common/src/com/netscape/certsrv/policy/IKeyArchivalPolicy.java b/base/common/src/com/netscape/certsrv/policy/IKeyArchivalPolicy.java new file mode 100644 index 000000000..14a29256f --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IKeyArchivalPolicy.java @@ -0,0 +1,33 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +/** + * Interface for a key recovery policy rule. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IKeyArchivalPolicy extends IPolicyRule { +} diff --git a/base/common/src/com/netscape/certsrv/policy/IKeyRecoveryPolicy.java b/base/common/src/com/netscape/certsrv/policy/IKeyRecoveryPolicy.java new file mode 100644 index 000000000..6de615673 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IKeyRecoveryPolicy.java @@ -0,0 +1,33 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +/** + * Interface for a key recovery policy rule. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IKeyRecoveryPolicy extends IPolicyRule { +} diff --git a/base/common/src/com/netscape/certsrv/policy/IPolicyPredicateParser.java b/base/common/src/com/netscape/certsrv/policy/IPolicyPredicateParser.java new file mode 100644 index 000000000..0992beaeb --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IPolicyPredicateParser.java @@ -0,0 +1,43 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +/** + * Interface for policy predicate parsers. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IPolicyPredicateParser { + + /** + * Parse the predicate expression and return a vector of expressions. + * + * @param predicateExpression The predicate expression as read from the + * config file. + * @return expVector The vector of expressions. + */ + IExpression parse(String predicateExpression) + throws EPolicyException; +} diff --git a/base/common/src/com/netscape/certsrv/policy/IPolicyProcessor.java b/base/common/src/com/netscape/certsrv/policy/IPolicyProcessor.java new file mode 100644 index 000000000..11927a03f --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IPolicyProcessor.java @@ -0,0 +1,196 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +import java.util.Enumeration; +import java.util.Hashtable; +import java.util.Vector; + +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.ISubsystem; + +/** + * A generic interface for a policy processor. By making a processor + * extend the policy interface, we make even the processor a rule - + * which makes sense because a processor may be based on some rule + * such as evaluate all policies before returning the final result or + * return as soon as one of the policies return a failure and so on. + * + * By making both processor and policy rules implement a common + * interface, one can write rules that are processors as well. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IPolicyProcessor extends ISubsystem, + com.netscape.certsrv.request.IPolicy { + + public final static String PROP_DEF_POLICIES = "systemPolicies"; + public final static String PROP_UNDELETABLE_POLICIES = "undeletablePolicies"; + public final static String PROP_ENABLE = "enable"; + public final static String PROP_RULE = "rule"; + public final static String PROP_CLASS = "class"; + public final static String PROP_IMPL_NAME = "implName"; + public final static String PROP_PREDICATE = "predicate"; + public final static String PROP_IMPL = "impl"; + public final static String PROP_ORDER = "order"; + + public ISubsystem getAuthority(); + + /** + * Returns the policy substore id. + * + * @return storeID The policy store id used by this processor. + */ + String getPolicySubstoreId(); + + /** + * Returns information on Policy impls. + * + * @return An enumeration of strings describing the information + * about policy implementations. Currently only the + * the implementation id is expected. + */ + Enumeration<String> getPolicyImplsInfo(); + + /** + * Returns the rule implementations registered with this processor. + * + * @return An Enumeration of uninitialized IPolicyRule + * objects. + */ + Enumeration<IPolicyRule> getPolicyImpls(); + + /** + * Returns an implementation identified by a given id. + * + * @param id The implementation id. + * @return The uninitialized instance of the policy rule. + */ + IPolicyRule getPolicyImpl(String id); + + /** + * Returns configuration for an implmentation. + * + * @param id The implementation id. + * @return A vector of name/value pairs in the form of + * name=value. + */ + Vector<String> getPolicyImplConfig(String id); + + /** + * Deletes a policy implementation identified by an impl id. + * + * + * @param id The impl id of the policy to be deleted. + * There shouldn't be any active instance for this + * implementation. + * @exception EBaseException is thrown if an error occurs in deletion. + */ + void deletePolicyImpl(String id) + throws EBaseException; + + /** + * Adds a policy implementation identified by an impl id. + * + * @param id The impl id of the policy to be added. + * The id should be unique. + * @param classPath The fully qualified path for the implementation. + * @exception EBaseException is thrown if an error occurs in addition. + */ + void addPolicyImpl(String id, String classPath) + throws EBaseException; + + /** + * Returns information on Policy instances. + * + * @return An Enumeration of Strings describing the information + * about policy rule instances. + */ + Enumeration<String> getPolicyInstancesInfo(); + + /** + * Returns policy instances registered with this processor. + * + * @return An Enumeration of policy instances. + */ + Enumeration<IPolicyRule> getPolicyInstances(); + + /** + * Returns instance configuration for a given instance id. + * + * @param id The rule id. + * @return A vector of name/value pairs in the form of + * name=value. + */ + Vector<String> getPolicyInstanceConfig(String id); + + /** + * Returns instance configuration for a given instance id. + * + * @param id The rule id. + * @return the policy instance identified by the id. + */ + IPolicyRule getPolicyInstance(String id); + + /** + * Deletes a policy instance identified by an instance id. + * + * @param id The instance id of the policy to be deleted. + * @exception EBaseException is thrown if an error occurs in deletion. + */ + void deletePolicyInstance(String id) + throws EBaseException; + + /** + * Adds a policy instance + * + * @param id The impl id of the policy to be added. + * The id should be unique. + * @param ht a Hashtable of config params. + * @exception EBaseException is thrown if an error occurs in addition. + */ + void addPolicyInstance(String id, Hashtable<String, String> ht) + throws EBaseException; + + /** + * Modifies a policy instance + * + * @param id The impl id of the policy to be modified. + * The policy instance with this id should be present. + * @param ht a Hashtable of config params. + * @exception EBaseException is thrown if an error occurs in addition. + */ + void modifyPolicyInstance(String id, Hashtable<String, String> ht) + throws EBaseException; + + /** + * Modifies policy ordering. + * + * @param policyOrderStr The comma separated list of instance ids. + * + */ + void changePolicyInstanceOrdering(String policyOrderStr) + throws EBaseException; +} diff --git a/base/common/src/com/netscape/certsrv/policy/IPolicyRule.java b/base/common/src/com/netscape/certsrv/policy/IPolicyRule.java new file mode 100644 index 000000000..7f7f888f6 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IPolicyRule.java @@ -0,0 +1,128 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +import java.util.Vector; + +import com.netscape.certsrv.base.EBaseException; +import com.netscape.certsrv.base.IConfigStore; +import com.netscape.certsrv.base.ISubsystem; +import com.netscape.certsrv.request.IRequest; +import com.netscape.certsrv.request.PolicyResult; + +/** + * Interface for a policy rule. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IPolicyRule + extends com.netscape.certsrv.request.IPolicy { + public static final String PROP_ENABLE = "enable"; + public static final String PROP_PREDICATE = "predicate"; + public static final String PROP_IMPLNAME = "implName"; + + /** + * Initializes the policy rule. + * <P> + * + * @param config The config store reference + */ + void init(ISubsystem owner, IConfigStore config) + throws EBaseException; + + /** + * Gets the description for this policy rule. + * <P> + * + * @return The Description for this rule. + */ + String getDescription(); + + /** + * Returns the name of the policy rule class. + * <P> + * + * @return The name of the policy class. + */ + String getName(); + + /** + * Returns the name of the policy rule instance. + * <P> + * + * @return The name of the policy rule instance. If none + * is set the name of the implementation will be returned. + * + */ + String getInstanceName(); + + /** + * Sets a predicate expression for rule matching. + * <P> + * + * @param exp The predicate expression for the rule. + */ + void setPredicate(IExpression exp); + + /** + * Returns the predicate expression for the rule. + * <P> + * + * @return The predicate expression for the rule. + */ + IExpression getPredicate(); + + /** + * Applies the policy on the given Request. This may modify + * the request appropriately. + * <P> + * + * @param req The request on which to apply policy. + * @return The PolicyResult object. + */ + PolicyResult apply(IRequest req); + + /** + * Return configured parameters for a policy rule instance. + * + * @return nvPairs A Vector of name/value pairs. Each name/value + * pair is constructed as a String in name=value format. + */ + public Vector<String> getInstanceParams(); + + /** + * Return default parameters for a policy implementation. + * + * @return nvPairs A Vector of name/value pairs. Each name/value + * pair is constructed as a String in name=value. + */ + public Vector<String> getDefaultParams(); + + public void setError(IRequest req, String format, Object[] params); + + public void setInstanceName(String instanceName); + + public void setPolicyException(IRequest req, EBaseException ex); +} diff --git a/base/common/src/com/netscape/certsrv/policy/IPolicySet.java b/base/common/src/com/netscape/certsrv/policy/IPolicySet.java new file mode 100644 index 000000000..a9fb6a2d2 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IPolicySet.java @@ -0,0 +1,105 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +import java.util.Enumeration; + +import com.netscape.certsrv.request.IRequest; +import com.netscape.certsrv.request.PolicyResult; + +/** + * Represents a set of policy rules. Policy rules are ordered from + * lowest priority to highest priority. The priority assignment for rules + * is not enforced by this interface. Various implementation may + * use different mechanisms such as a linear ordering of rules + * in a configuration file or explicit assignment of priority levels ..etc. + * The policy system initialization needs to deal with reading the rules, sorting + * them in increasing order of priority and presenting an ordered vector of rules + * via the IPolicySet interface. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IPolicySet { + + /** + * Returns the name of the rule set. + * <P> + * + * @return The name of the rule set. + */ + String getName(); + + /** + * Returns the no of rules in a set. + * <P> + * + * @return the no of rules. + */ + int count(); + + /** + * Add a policy rule. + * <P> + * + * @param ruleName The name of the rule to be added. + * @param rule The rule to be added. + */ + void addRule(String ruleName, IPolicyRule rule); + + /** + * Removes a policy rule identified by the given name. + * + * @param ruleName The name of the rule to be removed. + */ + void removeRule(String ruleName); + + /** + * Returns the rule identified by a given name. + * <P> + * + * @param ruleName The name of the rule to be return. + * @return The rule identified by the given name or null if none exists. + */ + IPolicyRule getRule(String ruleName); + + /** + * Returns an enumeration of rules. + * <P> + * + * @return An enumeration of rules. + */ + Enumeration<IPolicyRule> getRules(); + + /** + * Apply policy rules on a request. This call may modify + * the request content. + * + * @param req The request to apply policies on. + * + * <P> + * @return The policy result. + */ + PolicyResult apply(IRequest req); +} diff --git a/base/common/src/com/netscape/certsrv/policy/IRenewalPolicy.java b/base/common/src/com/netscape/certsrv/policy/IRenewalPolicy.java new file mode 100644 index 000000000..28f56fe73 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IRenewalPolicy.java @@ -0,0 +1,33 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +/** + * Interface for a renewal policy rule. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IRenewalPolicy extends IPolicyRule { +} diff --git a/base/common/src/com/netscape/certsrv/policy/IRevocationPolicy.java b/base/common/src/com/netscape/certsrv/policy/IRevocationPolicy.java new file mode 100644 index 000000000..7e6084c76 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/IRevocationPolicy.java @@ -0,0 +1,33 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +/** + * Interface for a revocation policy rule. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface IRevocationPolicy extends IPolicyRule { +} diff --git a/base/common/src/com/netscape/certsrv/policy/ISubjAltNameConfig.java b/base/common/src/com/netscape/certsrv/policy/ISubjAltNameConfig.java new file mode 100644 index 000000000..0fee01be2 --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/ISubjAltNameConfig.java @@ -0,0 +1,48 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +/** + * Class that can be used to form general names from configuration file. + * Used by policies and extension commands. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + */ +public interface ISubjAltNameConfig extends IGeneralNameConfig { + + /** + * Retrieves configuration prefix. + * + * @return prefix + */ + public String getPfx(); + + /** + * Retrieves configuration attribute. + * + * @return attribute + */ + public String getAttr(); +} diff --git a/base/common/src/com/netscape/certsrv/policy/PolicyResources.java b/base/common/src/com/netscape/certsrv/policy/PolicyResources.java new file mode 100644 index 000000000..d330b719f --- /dev/null +++ b/base/common/src/com/netscape/certsrv/policy/PolicyResources.java @@ -0,0 +1,45 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2007 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- +package com.netscape.certsrv.policy; + +import java.util.ListResourceBundle; + +/** + * Error messages for Policies. + * <P> + * + * <PRE> + * NOTE: The Policy Framework has been replaced by the Profile Framework. + * </PRE> + * <P> + * + * @deprecated + * @version $Revision$, $Date$ + * @see java.util.ListResourceBundle + */ +public class PolicyResources extends ListResourceBundle { + + /** + * Returns the content of this resource. + */ + public Object[][] getContents() { + return contents; + } + + static final Object[][] contents = {}; +} |