summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/certsrv/request
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/certsrv/request')
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java538
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/AgentApproval.java64
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java156
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java31
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/INotify.java41
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IPolicy.java53
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IRequest.java729
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IRequestList.java58
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IRequestListener.java55
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java133
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java414
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IRequestRecord.java113
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java53
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java105
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java50
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/IService.java48
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/PolicyMessage.java41
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/PolicyResult.java36
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/RequestId.java72
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/RequestStatus.java171
-rw-r--r--pki/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java56
21 files changed, 3017 insertions, 0 deletions
diff --git a/pki/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java b/pki/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java
new file mode 100644
index 000000000..a2704eed1
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/ARequestNotifier.java
@@ -0,0 +1,538 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+import java.util.*;
+import java.math.*;
+
+import com.netscape.certsrv.base.EBaseException;
+import com.netscape.certsrv.apps.*;
+import com.netscape.certsrv.request.*;
+import com.netscape.certsrv.ldap.*;
+import com.netscape.certsrv.logging.ILogger;
+import com.netscape.certsrv.ca.ICertificateAuthority;
+import com.netscape.certsrv.publish.IPublisherProcessor;
+
+/**
+ * The ARequestNotifier class implements the IRequestNotifier interface,
+ * which notifies all registered request listeners.
+ *
+ * @version $Revision$, $Date$
+ */
+public class ARequestNotifier implements IRequestNotifier {
+ private Hashtable mListeners = new Hashtable();
+ private Vector mNotifierThreads = new Vector();
+ private Vector mRequests = new Vector();
+ private int mMaxRequests = 100;
+ private boolean mSearchForRequests = false;
+ private int mMaxThreads = 1;
+ private ICertificateAuthority mCA = null;
+ private boolean mIsPublishingQueueEnabled = false;
+ private int mPublishingQueuePriority = 0;
+ private int mMaxPublishingQueuePageSize = 1;
+ private IRequestQueue mRequestQueue = null;
+ private String mPublishingStatus = null;
+ private int mSavePublishingStatus = 0;
+ private int mSavePublishingCounter = 0;
+
+
+ public ARequestNotifier() {
+ mPublishingQueuePriority = Thread.currentThread().getPriority();
+ }
+
+ public ARequestNotifier (ICertificateAuthority ca) {
+ mCA = ca;
+ if (mCA != null) mRequestQueue = mCA.getRequestQueue();
+ }
+
+ public void setPublishingQueue (boolean isPublishingQueueEnabled,
+ int publishingQueuePriorityLevel,
+ int maxNumberOfPublishingThreads,
+ int publishingQueuePageSize,
+ int savePublishingStatus) {
+ CMS.debug("setPublishingQueue: Publishing Queue Enabled: " + isPublishingQueueEnabled+
+ " Priority Level: " + publishingQueuePriorityLevel+
+ " Maximum Number of Threads: " + maxNumberOfPublishingThreads+
+ " Page Size: "+ publishingQueuePageSize);
+ mIsPublishingQueueEnabled = isPublishingQueueEnabled;
+ mMaxThreads = maxNumberOfPublishingThreads;
+ mMaxRequests = publishingQueuePageSize;
+ mSavePublishingStatus = savePublishingStatus;
+
+ // Publishing Queue Priority Levels: 2 - maximum, 1 - higher, 0 - normal, -1 - lower, -2 - minimum
+ if (publishingQueuePriorityLevel > 1) {
+ mPublishingQueuePriority = Thread.MAX_PRIORITY;
+ } else if (publishingQueuePriorityLevel > 0) {
+ mPublishingQueuePriority = (Thread.currentThread().getPriority() + Thread.MAX_PRIORITY) / 2;
+ } else if (publishingQueuePriorityLevel < -1) {
+ mPublishingQueuePriority = Thread.MIN_PRIORITY;
+ } else if (publishingQueuePriorityLevel < 0) {
+ mPublishingQueuePriority = (Thread.currentThread().getPriority() + Thread.MIN_PRIORITY) / 2;
+ } else {
+ mPublishingQueuePriority = Thread.currentThread().getPriority();
+ }
+
+ if (mCA != null && mRequestQueue == null) mRequestQueue = mCA.getRequestQueue();
+ if (mIsPublishingQueueEnabled && mSavePublishingStatus > 0 && mRequestQueue != null) {
+ mPublishingStatus = mRequestQueue.getPublishingStatus();
+ BigInteger status = new BigInteger("-2");
+ try {
+ status = new BigInteger(mPublishingStatus);
+ if (status.compareTo(BigInteger.ZERO) > -1) {
+ recoverPublishingQueue(mPublishingStatus);
+ }
+ } catch (Exception e) {
+ }
+ }
+
+ }
+
+ /**
+ * Registers a request listener.
+ *
+ * @param listener listener to be registered
+ */
+ public void registerListener(IRequestListener listener) {
+ // XXX should check for duplicates here or allow listeners
+ // to register twice and call twice ?
+ mListeners.put(listener.getClass().getName(), listener);
+ }
+
+ /**
+ * Registers a request listener.
+ *
+ * @param name listener name
+ * @param listener listener to be registered
+ */
+ public void registerListener(String name, IRequestListener listener) {
+ mListeners.put(name, listener);
+ }
+
+ /**
+ * Removes listener from the list of registered listeners.
+ *
+ * @param listener listener to be removed from the list
+ */
+ public void removeListener(IRequestListener listener) {
+ // XXX should check for duplicates here or allow listeners
+ // to register twice and call twice ?
+ mListeners.remove(listener.getClass().getName());
+ }
+
+ /**
+ * Gets list of listener names.
+ *
+ * @return enumeration of listener names
+ */
+ public Enumeration getListenerNames() {
+ return mListeners.keys();
+ }
+
+ /**
+ * Removes listener from the list of registered listeners.
+ *
+ * @param name listener name to be removed from the list
+ */
+ public void removeListener(String name) {
+ mListeners.remove(name);
+ }
+
+ /**
+ * Gets listener from the list of registered listeners.
+ *
+ * @param name listener name
+ * @return listener
+ */
+ public IRequestListener getListener(String name) {
+ return (IRequestListener) mListeners.get(name);
+ }
+
+ /**
+ * Gets list of listeners.
+ *
+ * @return enumeration of listeners
+ */
+ public Enumeration getListeners() {
+ return mListeners.elements();
+ }
+
+
+ private Object publishingCounterMonitor = new Object();
+
+ public void updatePublishingStatus(String id) {
+ if (mRequestQueue != null) {
+ synchronized (publishingCounterMonitor) {
+ if (mSavePublishingCounter == 0) {
+ CMS.debug("updatePublishingStatus requestId: "+id);
+ mRequestQueue.setPublishingStatus(id);
+ }
+ mSavePublishingCounter++;
+ CMS.debug("updatePublishingStatus mSavePublishingCounter: "+mSavePublishingCounter+
+ " mSavePublishingStatus: "+mSavePublishingStatus);
+ if (mSavePublishingCounter >= mSavePublishingStatus) {
+ mSavePublishingCounter = 0;
+ }
+ }
+ } else {
+ CMS.debug("updatePublishingStatus mRequestQueue == null");
+ }
+ }
+
+ /**
+ * Gets request from publishing queue.
+ *
+ * @return request
+ */
+ public synchronized IRequest getRequest() {
+ IRequest r = null;
+ String id = null;
+
+ CMS.debug("getRequest mRequests=" + mRequests.size() + " mSearchForRequests=" + mSearchForRequests);
+ if (mSearchForRequests && mRequests.size() == 1) {
+ id = (String)mRequests.elementAt(0);
+ if (mCA != null && mRequestQueue == null) mRequestQueue = mCA.getRequestQueue();
+ if (id != null && mRequestQueue != null) {
+ CMS.debug("getRequest request id=" + id);
+ IRequestVirtualList list = mRequestQueue.getPagedRequestsByFilter(
+ new RequestId(id),
+ "(requeststate=complete)", mMaxRequests, "requestId");
+ int s = list.getSize() - list.getCurrentIndex();
+ CMS.debug("getRequest list size: "+s);
+ for (int i = 0; i < s; i++) {
+ r = null;
+ try {
+ r = list.getElementAt(i);
+ } catch (Exception e) {
+ // handled below
+ }
+ if (r == null) {
+ continue;
+ }
+ String requestType = r.getRequestType();
+ if (requestType == null) {
+ continue;
+ }
+ if (!(requestType.equals(IRequest.ENROLLMENT_REQUEST) ||
+ requestType.equals(IRequest.RENEWAL_REQUEST) ||
+ requestType.equals(IRequest.REVOCATION_REQUEST) ||
+ requestType.equals(IRequest.CMCREVOKE_REQUEST) ||
+ requestType.equals(IRequest.UNREVOCATION_REQUEST))) {
+ continue;
+ }
+ if (i == 0 && id.equals(r.getRequestId().toString())) {
+ if (s == 1) {
+ break;
+ } else {
+ continue;
+ }
+ }
+ if (mRequests.size() < mMaxRequests) {
+ mRequests.addElement(r.getRequestId().toString());
+ CMS.debug("getRequest added "+r.getRequestType()+" request "+r.getRequestId().toString()+
+ " to mRequests: " + mRequests.size()+" ("+mMaxRequests+")");
+ } else {
+ break;
+ }
+ }
+ CMS.debug("getRequest done with adding requests to mRequests: " + mRequests.size());
+ } else {
+ CMS.debug("getRequest has no access to the request queue");
+ }
+ }
+ if (mRequests.size() > 0) {
+ id = (String)mRequests.elementAt(0);
+ if (id != null) {
+ CMS.debug("getRequest getting request: " + id);
+ if (mCA != null && mRequestQueue == null) mRequestQueue = mCA.getRequestQueue();
+ if (mRequestQueue != null) {
+ try {
+ r = mRequestQueue.findRequest(new RequestId(id));
+ mRequests.remove(0);
+ CMS.debug("getRequest request "+ id + ((r != null)?" found":" not found"));
+ //updatePublishingStatus(id);
+ } catch (EBaseException e) {
+ CMS.debug("getRequest EBaseException " + e.toString());
+ }
+ } else {
+ CMS.debug("getRequest has no access to the request queue");
+ }
+ }
+ if (mRequests.size() == 0) {
+ mSearchForRequests = false;
+ }
+ }
+ CMS.debug("getRequest mRequests=" + mRequests.size() + " mSearchForRequests=" + mSearchForRequests + " done");
+
+ return r;
+ }
+
+ /**
+ * Gets number of requests in publishing queue.
+ *
+ * @return number of requests in publishing queue
+ */
+ public int getNumberOfRequests() {
+ return mRequests.size();
+ }
+
+ /**
+ * Checks if publishing queue is enabled.
+ *
+ * @return true if publishing queue is enabled, false otherwise
+ */
+ public boolean isPublishingQueueEnabled() {
+ return mIsPublishingQueueEnabled;
+ }
+
+ /**
+ * Removes a notifier thread from the pool of publishing queue threads.
+ *
+ * @param notifierThread Thread
+ */
+ public void removeNotifierThread(Thread notifierThread) {
+ if (mNotifierThreads.size() > 0) {
+ mNotifierThreads.remove(notifierThread);
+ if (mNotifierThreads.size() == 0) {
+ mRequestQueue.setPublishingStatus("-1");
+ }
+ }
+ CMS.debug("Number of publishing threads: " + mNotifierThreads.size());
+ }
+
+ /**
+ * Notifies all registered listeners about request.
+ *
+ * @param r request
+ */
+ public void notify(IRequest r) {
+ CMS.debug("ARequestNotifier notify mIsPublishingQueueEnabled="+mIsPublishingQueueEnabled+
+ " mMaxThreads="+mMaxThreads);
+ if (mIsPublishingQueueEnabled) {
+ addToNotify(r);
+ } else if (mMaxThreads == 0) {
+ Enumeration listeners = mListeners.elements();
+ if (listeners != null && r != null) {
+ while (listeners.hasMoreElements()) {
+ IRequestListener l = (IRequestListener) listeners.nextElement();
+ CMS.debug("RunListeners: IRequestListener = " + l.getClass().getName());
+ l.accept(r);
+ }
+ }
+ } else {
+ // spawn a seperate thread to call the listeners and return.
+ try {
+ new Thread(new RunListeners(r, mListeners.elements())).start();
+ } catch (Throwable e) {
+
+ /*
+ CMS.getLogger().log(
+ ILogger.EV_SYSTEM, ILogger.S_REQQUEUE, ILogger.LL_FAILURE,
+ "Could not run listeners for request " + r.getRequestId() +
+ ". Error " + e + ";" + e.getMessage());
+ */
+ }
+ }
+ }
+
+ /**
+ * Checks for available publishing connections
+ *
+ * @return true if there are available publishing connections, false otherwise
+ */
+ private boolean checkAvailablePublishingConnections() {
+ boolean availableConnections = false;
+
+ IPublisherProcessor pp = null;
+ if (mCA != null) pp = mCA.getPublisherProcessor();
+ if (pp != null && pp.enabled()) {
+ ILdapConnModule ldapConnModule = pp.getLdapConnModule();
+ if (ldapConnModule != null) {
+ ILdapConnFactory ldapConnFactory = ldapConnModule.getLdapConnFactory();
+ if (ldapConnFactory != null) {
+ CMS.debug("checkAvailablePublishingConnections maxConn: " + ldapConnFactory.maxConn() +
+ " totalConn: " + ldapConnFactory.totalConn());
+ if (ldapConnFactory.maxConn() > ldapConnFactory.totalConn()) {
+ availableConnections = true;
+ }
+ } else {
+ CMS.debug("checkAvailablePublishingConnections ldapConnFactory is not accessible");
+ }
+ } else {
+ CMS.debug("checkAvailablePublishingConnections ldapConnModule is not accessible");
+ }
+ } else {
+ CMS.debug("checkAvailablePublishingConnections PublisherProcessor is not " +
+ ((pp != null)?"enabled":"accessible"));
+ }
+
+ return availableConnections;
+ }
+
+ /**
+ * Checks if more publishing threads can be added.
+ *
+ * @return true if more publishing threads can be added, false otherwise
+ */
+ private boolean morePublishingThreads() {
+ boolean moreThreads = false;
+
+ if (mNotifierThreads.size() == 0) {
+ moreThreads = true;
+ } else if (mNotifierThreads.size() < mMaxThreads) {
+ CMS.debug("morePublishingThreads ("+mRequests.size()+">"+
+ ((mMaxRequests * mNotifierThreads.size()) / mMaxThreads)+
+ " "+"("+mMaxRequests+"*"+mNotifierThreads.size()+"):"+mMaxThreads);
+ // gradually add new publishing threads
+ if (mRequests.size() > ((mMaxRequests * mNotifierThreads.size()) / mMaxThreads)) {
+ // check for available publishing connections
+ if (checkAvailablePublishingConnections()) {
+ moreThreads = true;
+ }
+ }
+ }
+ CMS.debug("morePublishingThreads moreThreads: " + moreThreads);
+
+ return moreThreads;
+ }
+
+
+ /**
+ * Notifies all registered listeners about request.
+ *
+ * @param r request
+ */
+ public synchronized void addToNotify(IRequest r) {
+ if (!mSearchForRequests) {
+ if (mRequests.size() < mMaxRequests) {
+ mRequests.addElement(r.getRequestId().toString());
+ CMS.debug("addToNotify extended buffer to "+mRequests.size()+"("+mMaxRequests+")"+
+ " requests by adding request "+r.getRequestId().toString());
+ if (morePublishingThreads()) {
+ try {
+ Thread notifierThread = new Thread(new RunListeners((IRequestNotifier)this));
+ if (notifierThread != null) {
+ mNotifierThreads.addElement(notifierThread);
+ CMS.debug("Number of publishing threads: " + mNotifierThreads.size());
+ if (mPublishingQueuePriority > 0) {
+ notifierThread.setPriority(mPublishingQueuePriority);
+ }
+ notifierThread.start();
+ }
+ } catch (Throwable e) {
+ CMS.debug("addToNotify exception: " + e.toString());
+ }
+ }
+ } else {
+ mSearchForRequests = true;
+ }
+ }
+ }
+
+
+ /**
+ * Recovers publishing queue.
+ *
+ * @param id request request
+ */
+ public void recoverPublishingQueue(String id) {
+ CMS.debug("recoverPublishingQueue mRequests.size()="+mRequests.size()+"("+mMaxRequests+")"+
+ " requests by adding request "+id);
+ if (mRequests.size() == 0) {
+ mRequests.addElement(id);
+ CMS.debug("recoverPublishingQueue extended buffer to "+mRequests.size()+"("+mMaxRequests+")"+
+ " requests by adding request "+id);
+ if (morePublishingThreads()) {
+ mSearchForRequests = true;
+ try {
+ Thread notifierThread = new Thread(new RunListeners((IRequestNotifier)this));
+ if (notifierThread != null) {
+ mNotifierThreads.addElement(notifierThread);
+ CMS.debug("Number of publishing threads: " + mNotifierThreads.size());
+ if (mPublishingQueuePriority > 0) {
+ notifierThread.setPriority(mPublishingQueuePriority);
+ }
+ notifierThread.start();
+ }
+ } catch (Throwable e) {
+ CMS.debug("recoverPublishingQueue exception: " + e.toString());
+ }
+ }
+ }
+ }
+}
+
+
+/**
+ * The RunListeners class implements Runnable interface.
+ * This class executes notification of registered listeners.
+ */
+class RunListeners implements Runnable {
+ IRequest mRequest = null;
+ Enumeration mListeners = null;
+ IRequestNotifier mRequestNotifier = null;
+
+ /**
+ * RunListeners class constructor.
+ *
+ * @param r request
+ * @param listeners list of listeners
+ */
+ public RunListeners(IRequest r, Enumeration listeners) {
+ mRequest = r;
+ mListeners = listeners;
+ }
+
+ /**
+ * RunListeners class constructor.
+ *
+ * @param r request
+ * @param listeners list of listeners
+ */
+ public RunListeners(IRequestNotifier requestNotifier) {
+ mRequestNotifier = requestNotifier;
+ mListeners = mRequestNotifier.getListeners();
+ }
+
+ /**
+ * RunListeners thread implementation.
+ */
+ public void run() {
+ CMS.debug("RunListeners::"+((mRequestNotifier != null && mRequestNotifier.getNumberOfRequests() > 0)?" Queue: "+mRequestNotifier.getNumberOfRequests():" noQueue")+
+ " "+((mRequest != null)?" SingleRequest":" noSingleRequest"));
+ do {
+ if (mRequestNotifier != null) mRequest = (IRequest)mRequestNotifier.getRequest();
+ if (mListeners != null && mRequest != null) {
+ while (mListeners.hasMoreElements()) {
+ IRequestListener l = (IRequestListener) mListeners.nextElement();
+ CMS.debug("RunListeners: IRequestListener = " + l.getClass().getName());
+ l.accept(mRequest);
+ }
+ if (mRequestNotifier != null) {
+ CMS.debug("RunListeners: mRequest = " + mRequest.getRequestId().toString());
+ mRequestNotifier.updatePublishingStatus(mRequest.getRequestId().toString());
+ }
+ }
+ CMS.debug("RunListeners: "+((mRequestNotifier != null && mRequestNotifier.getNumberOfRequests() > 0)?" Queue: "+mRequestNotifier.getNumberOfRequests():" noQueue")+
+ " "+((mRequest != null)?" SingleRequest":" noSingleRequest"));
+ if (mRequestNotifier != null) mListeners = mRequestNotifier.getListeners();
+ } while (mRequestNotifier != null && mRequestNotifier.getNumberOfRequests() > 0);
+
+ if (mRequestNotifier != null) mRequestNotifier.removeNotifierThread(Thread.currentThread());
+ }
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/AgentApproval.java b/pki/base/common/src/com/netscape/certsrv/request/AgentApproval.java
new file mode 100644
index 000000000..5e41b54f2
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/AgentApproval.java
@@ -0,0 +1,64 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+import java.io.Serializable;
+
+import java.util.Date;
+
+
+/**
+ * The AgentApproval class contains the record of a
+ * single agent approval.
+ *
+ * @version $Revision$, $Date$
+ */
+public class AgentApproval
+ implements Serializable {
+
+ /**
+ * Returns the approving agent's user name.
+ *
+ * @return an identifier for the agent
+ */
+ public String getUserName() {
+ return mUserName;
+ }
+
+ /**
+ * Returns the date of the approval
+ *
+ * @return date and time of the approval
+ */
+ public Date getDate() {
+ return mDate;
+ }
+
+ /**
+ * AgentApproval class constructor
+ *
+ * @param userName user name of the approving agent
+ */
+ AgentApproval(String userName) {
+ mUserName = userName;
+ }
+
+ String mUserName;
+ Date mDate = new Date(); /* CMS.getCurrentDate(); */
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java b/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java
new file mode 100644
index 000000000..9bd7fa857
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/AgentApprovals.java
@@ -0,0 +1,156 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+import java.io.Serializable;
+
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.Vector;
+
+
+/**
+ * A collection of AgentApproval objects.
+ * <single-threaded>
+ *
+ * @version $Revision$, $Date$
+ */
+public class AgentApprovals
+ implements Serializable {
+
+ /**
+ * Adds an approval to approval's list.
+ * <p>
+ * If an approval is already present for this user,
+ * it is updated with a new date. Otherwise a new
+ * value is inserted.
+ *
+ * @param userName user name of the approving agent
+ */
+ public void addApproval(String userName) {
+ AgentApproval a = findApproval(userName);
+
+ // update existing approval
+ if (a != null) {
+ a.mDate = new Date(); /* CMS.getCurrentDate(); */
+ return;
+ }
+
+ a = new AgentApproval(userName);
+ mVector.addElement(a);
+ }
+
+ /**
+ * Removes an approval from approval's list.
+ * <p>
+ * If there is no approval for this userName, this
+ * call does nothing.
+ *
+ * @param userName user name of the approving agent
+ */
+ public void removeApproval(String userName) {
+ AgentApproval a = findApproval(userName);
+
+ if (a != null)
+ mVector.removeElement(a);
+ }
+
+ /**
+ * Finds an existing AgentApproval for the named user.
+ *
+ * @param userName user name of the approving agent
+ * @return an AgentApproval object
+ */
+ public AgentApproval findApproval(String userName) {
+ AgentApproval a = null;
+
+ // search
+ for (int i = 0; i < mVector.size(); i++) {
+ a = (AgentApproval) mVector.elementAt(i);
+
+ if (a.mUserName.equals(userName)) break;
+ }
+
+ return a;
+ }
+
+ /**
+ * Returns an enumeration of the agent approvals
+ *
+ * @return an enumeration of the agent approvals
+ */
+ public Enumeration elements() {
+ return mVector.elements();
+ }
+
+ /**
+ * Returns the AgentApprovals as a Vector of strings.
+ * Each entry in the vector is of the format:
+ * epoch;username
+ * where epoch is the date.getTime()
+ * <p>
+ * This is used for serialization in Request.setExtData().
+ * @return The string vector.
+ */
+ public Vector toStringVector() {
+ Vector retval = new Vector(mVector.size());
+ for (int i = 0; i < mVector.size(); i++) {
+ AgentApproval a = (AgentApproval) mVector.elementAt(i);
+ retval.add(a.getDate().getTime() + ";" + a.getUserName());
+ }
+
+ return retval;
+ }
+
+ /**
+ * Recreates an AgentApprovals instance from a Vector of strings that
+ * was created by toStringVector().
+ * @param stringVector The vector of strings to translate
+ * @return the AgentApprovals instance or null if it can't be translated.
+ */
+ public static AgentApprovals fromStringVector(Vector stringVector) {
+ if (stringVector == null) {
+ return null;
+ }
+ AgentApprovals approvals = new AgentApprovals();
+ for (int i = 0; i < stringVector.size(); i++) {
+ try {
+ String approvalString = (String)stringVector.get(i);
+ String[] parts = approvalString.split(";", 2);
+ if (parts.length != 2) {
+ return null;
+ }
+ Long epoch = new Long(parts[0]);
+ Date date = new Date(epoch.longValue());
+
+ AgentApproval approval = new AgentApproval(parts[1]);
+ approval.mDate = date;
+
+ approvals.mVector.add(approval);
+ } catch (ClassCastException e) {
+ return null;
+ } catch (NumberFormatException e) {
+ return null;
+ }
+ }
+ return approvals;
+ }
+
+ protected Vector mVector = new Vector();
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java b/pki/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java
new file mode 100644
index 000000000..e7036d1ec
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IEnrollmentRequest.java
@@ -0,0 +1,31 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+/**
+ * An example of a more specialized request interface.
+ * This version (currently) doesn't supply any additional
+ * data, but is implementated only for testing and
+ * demonstration purposes.
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IEnrollmentRequest
+ extends IRequest {
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/INotify.java b/pki/base/common/src/com/netscape/certsrv/request/INotify.java
new file mode 100644
index 000000000..d4ff15b7c
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/INotify.java
@@ -0,0 +1,41 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+/**
+ * The INotify interface defines operations that are invoked
+ * when a request is completely processed. A class implementing
+ * this interface may be registered with a IRequestQueue.
+ * The interface will be invoked when a request is completely
+ * serviced by the IService object.
+ *
+ * @version $Revision$ $Date$
+ */
+public interface INotify {
+
+ /**
+ * Provides notification that a request has been completed.
+ * The implementation may use values stored in the IRequest
+ * object, and may implement any type publishing (such as email
+ * or writing values into a directory)
+ *
+ * @param request the request that is completed.
+ */
+ public void notify(IRequest request);
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java b/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java
new file mode 100644
index 000000000..d74a32a43
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IPolicy.java
@@ -0,0 +1,53 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+/**
+ * Interface to a policy. The policy evaluates the request for
+ * correctness and completeness. It may change or add to values
+ * stored in the request. The policy object also decides
+ * whether a request should be queue to await approval by
+ * an agent.
+ * FUTURE: In this case, the policy should set the
+ * 'agentGroup' entry in the request to indicate the group
+ * of agents allowed to perform further processing. If none
+ * is set, a default value ("defaultAgentGroup") will be
+ * set instead.
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IPolicy {
+
+ /**
+ * Applies the policy check to the request. The policy should
+ * determine whether the request can be processed immediately,
+ * or should be held pending manual approval.
+ * <p>
+ * The policy can update fields in the request, to add additional values
+ * or to restrict the values to pre-determined ranges.
+ * <p>
+ * @param request
+ * the request to check
+ * @return
+ * a result code indicating the result of the evaluation. The
+ * processor will determine the next request processing step based
+ * on this value
+ */
+ PolicyResult apply(IRequest request);
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequest.java b/pki/base/common/src/com/netscape/certsrv/request/IRequest.java
new file mode 100644
index 000000000..f54352ce1
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequest.java
@@ -0,0 +1,729 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+//import java.io.Serializable;
+
+import com.netscape.certsrv.authentication.AuthToken;
+import com.netscape.certsrv.authentication.IAuthToken;
+import com.netscape.certsrv.base.EBaseException;
+import com.netscape.certsrv.base.IAttrSet;
+import netscape.security.x509.RevokedCertImpl;
+import netscape.security.x509.X509CertImpl;
+import netscape.security.x509.X509CertInfo;
+import netscape.security.x509.CertificateExtensions;
+import netscape.security.x509.CertificateSubjectName;
+
+import java.math.BigInteger;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Locale;
+import java.util.Vector;
+
+
+/**
+ * An interface that defines abilities of request objects,
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IRequest {
+
+ public static final String REQ_VERSION = "requestVersion";
+
+ public static final String REQ_STATUS = "requestStatus";
+ public static final String REQ_TYPE = "requestType";
+ public static final String REQ_FORMAT = "requestFormat";
+
+ // request type values.
+ public static final String ENROLLMENT_REQUEST = "enrollment";
+ public static final String RENEWAL_REQUEST = "renewal";
+ public static final String REVOCATION_REQUEST = "revocation";
+ public static final String CMCREVOKE_REQUEST = "CMCRevReq";
+ public static final String UNREVOCATION_REQUEST = "unrevocation";
+ public static final String KEYARCHIVAL_REQUEST = "archival";
+ public static final String KEYRECOVERY_REQUEST = "recovery";
+ public static final String KEY_RECOVERY_REQUEST = "keyRecovery";
+ public static final String KEY_ARCHIVAL_REQUEST = "keyArchival";
+ public static final String GETCACHAIN_REQUEST = "getCAChain";
+ public static final String GETREVOCATIONINFO_REQUEST = "getRevocationInfo";
+ public static final String GETCRL_REQUEST = "getCRL";
+ public static final String GETCERTS_REQUEST = "getCertificates";
+ public static final String REVOCATION_CHECK_CHALLENGE_REQUEST = "revocationChallenge";
+ public static final String GETCERT_STATUS_REQUEST = "getCertStatus";
+ public static final String GETCERTS_FOR_CHALLENGE_REQUEST = "getCertsForChallenge";
+ public static final String CLA_CERT4CRL_REQUEST = "cert4crl";
+ public static final String CLA_UNCERT4CRL_REQUEST = "uncert4crl";
+ public static final String NETKEY_KEYGEN_REQUEST = "netkeyKeygen";
+ public static final String NETKEY_KEYRECOVERY_REQUEST = "netkeyKeyRecovery";
+
+ public static final String REQUESTOR_NAME = "csrRequestorName";
+ public static final String REQUESTOR_PHONE = "csrRequestorPhone";
+ public static final String REQUESTOR_EMAIL = "csrRequestorEmail";
+ public static final String REQUESTOR_COMMENTS = "csrRequestorComments";
+
+ // request attributes for all
+ public static final String AUTH_TOKEN = "AUTH_TOKEN";
+ public static final String HTTP_PARAMS = "HTTP_PARAMS";
+ public static final String HTTP_HEADERS = "HTTP_HEADERS";
+ // Params added by agents on agent approval page
+ public static final String AGENT_PARAMS = "AGENT_PARAMS";
+ // server attributes: attributes generated by server modules.
+ public static final String SERVER_ATTRS = "SERVER_ATTRS";
+
+ public static final String RESULT = "Result"; // service result.
+ public static final Integer RES_SUCCESS = Integer.valueOf(1); // result value
+ public static final Integer RES_ERROR = Integer.valueOf(2); // result value
+ public static final String REMOTE_SERVICE_AUTHORITY = "RemServiceAuthority";
+ public static final String SVCERRORS = "serviceErrors";
+ public static final String REMOTE_STATUS = "remoteStatus";
+ public static final String REMOTE_REQID = "remoteReqID";
+ public static final String CERT_STATUS = "certStatus";
+
+ // enrollment request attributes (from http request)
+ public static final String CERT_TYPE = "certType";
+ public static final String CRMF_REQID = "crmfReqId";
+ public static final String PKCS10_REQID = "pkcs10ReqId";
+ // CMC request attributes
+ public static final String CMC_REQIDS = "cmcReqIds";
+ public static final String CMC_TRANSID = "transactionId";
+ public static final String CMC_SENDERNONCE = "senderNonce";
+ public static final String CMC_RECIPIENTNONCE = "recipientNonce";
+ public static final String CMC_REGINFO = "regInfo";
+
+ // enrollment request attributes (generated internally)
+ // also used for renewal
+ public static final String CERT_INFO = "CERT_INFO";
+ public static final String ISSUED_CERTS = "issuedCerts";
+ public static final String
+ REQUEST_TRUSTEDMGR_PRIVILEGE = "requestTrustedManagerPrivilege";
+ public static final String FINGERPRINTS = "fingerprints";
+
+ // enrollment request values
+ public static final String SERVER_CERT = "server";
+ public static final String CLIENT_CERT = "client";
+ public static final String CA_CERT = "ca";
+ public static final String RA_CERT = "ra";
+ public static final String OCSP_CERT = "ocsp";
+ public static final String OBJECT_SIGNING_CERT = "objSignClient";
+ public static final String OTHER_CERT = "other";
+ public static final String ROUTER_CERT = "router"; // deprecated
+ public static final String CEP_CERT = "CEP-Request";
+
+ // renewal request attributes. (internally set)
+ // also used for revocation
+ public static final String OLD_CERTS = "OLD_CERTS";
+ public static final String OLD_SERIALS = "OLD_SERIALS";
+ public static final String ISSUERDN = "issuerDN";
+
+ // revocation request attributes (internally set)
+ public static final String REVOKED_CERTS = "revokedCerts";
+ public static final String REVOKED_REASON = "revocationReason";
+ // CCA -> CLA request attributes
+ public static final String REVOKED_CERT_RECORDS = "revokedCertRecs";
+ // crl update status after a revocation.
+ public final static String CRL_UPDATE_STATUS = "crlUpdateStatus";
+ public final static String CRL_UPDATE_ERROR = "crlUpdateError";
+ public final static String CRL_PUBLISH_STATUS = "crlPublishStatus";
+ public final static String CRL_PUBLISH_ERROR = "crlPublishError";
+ public static final String REQUESTOR_TYPE = "requestorType";
+
+ // Netkey request attributes
+ public final static String NETKEY_ATTR_CUID = "CUID";
+ public final static String NETKEY_ATTR_USERID = "USERID";
+ public final static String NETKEY_ATTR_DRMTRANS_DES_KEY = "drm_trans_desKey";
+ public final static String NETKEY_ATTR_ARCHIVE_FLAG ="archive";
+ public final static String NETKEY_ATTR_SERVERSIDE_MUSCLE_FLAG ="serverSideMuscle";
+ public final static String NETKEY_ATTR_ENC_PRIVKEY_FLAG ="encryptPrivKey";
+ public final static String NETKEY_ATTR_USER_CERT = "cert";
+ public final static String NETKEY_ATTR_KEY_SIZE = "keysize";
+
+ // requestor type values.
+ public static final String REQUESTOR_EE = "EE";
+ public static final String REQUESTOR_RA = "RA";
+ public static final String REQUESTOR_NETKEY_RA = "NETKEY_RA";
+ public static final String REQUESTOR_KRA = "KRA";
+ public static final String REQUESTOR_AGENT = "Agent";
+
+ // others (internally set)
+ public final static String CACERTCHAIN = "CACertChain";
+ public final static String CRL = "CRL";
+ public final static String DOGETCACHAIN = "doGetCAChain";
+ public final static String CERT_FILTER = "certFilter";
+
+ // used by policy
+ public static final String ERRORS = "errors";
+ public static final String SMIME = "SMIME";
+ public static final String OBJECT_SIGNING = "ObjectSigning";
+ public static final String SSL_CLIENT = "SSLClient";
+
+ /**
+ * Gets the primary identifier for this request.
+ *
+ * @return request id
+ */
+ RequestId getRequestId();
+
+ /**
+ * Gets the current state of this request.
+ *
+ * @return request status
+ */
+ RequestStatus getRequestStatus();
+
+ /**
+ * Gets the "sourceId" for the request. The sourceId is
+ * assigned by the originator of the request (for example,
+ * the EE servlet or the RA servlet.
+ * <p>
+ * The sourceId should be unique so that it can be used
+ * to retrieve request later without knowing the locally
+ * assigned primary id (RequestID)
+ * <p>
+ * @return
+ * the sourceId value (or null if none has been set)
+ */
+ public String getSourceId();
+
+ /**
+ * Sets the "sourceId" for this request. The request must be updated
+ * in the database for this change to take effect. This can be done
+ * by calling IRequestQueue.update() or by performing one of the
+ * other operations like processRequest or approveRequest.
+ *
+ * @param id source id for this request
+ */
+ public void setSourceId(String id);
+
+ /**
+ * Gets the current owner of this request.
+ *
+ * @return request owner
+ */
+ public String getRequestOwner();
+
+ /**
+ * Sets the current owner of this request.
+ *
+ * @param owner
+ * The new owner of this request. If this value is set to null
+ * there will be no current owner
+ */
+ public void setRequestOwner(String owner);
+
+ /**
+ * Gets the type of this request.
+ *
+ * @return request type
+ */
+ public String getRequestType();
+
+ /**
+ * Sets the type or this request.
+ *
+ * @param type request type
+ */
+ public void setRequestType(String type);
+
+ /**
+ * Gets the version of this request.
+ *
+ * @return request version
+ */
+ public String getRequestVersion();
+
+ /**
+ * Gets the time this request was created.
+ *
+ * @return request creation time
+ */
+ Date getCreationTime();
+
+ /**
+ * Gets the time this request was last modified (defined
+ * as updated in the queue) (See IRequestQueue.update)
+ *
+ * @return request last modification time
+ */
+ Date getModificationTime();
+
+ /*
+ * Attribute names for performing searches.
+ */
+ public final static String ATTR_REQUEST_OWNER = "requestOwner";
+ public final static String ATTR_REQUEST_STATUS = "requestStatus";
+ public final static String ATTR_SOURCE_ID = "requestSourceId";
+ public final static String ATTR_REQUEST_TYPE = "requestType";
+
+ /*
+ * Other attributes stored in the attribute set
+ */
+ public final static String UPDATED_BY = "updatedBy";
+ // String error messages
+ public static final String ERROR = "Error";
+
+ /**
+ * Copies meta attributes (excluding request Id, etc.) of another request
+ * to this request.
+ *
+ * @param req another request
+ */
+ public void copyContents(IRequest req);
+
+ /**
+ * Gets context of this request.
+ *
+ * @return request context
+ */
+ public String getContext();
+
+ /**
+ * Sets context of this request.
+ *
+ * @param ctx request context
+ */
+ public void setContext(String ctx);
+
+ /**
+ * Sets status of this request.
+ *
+ * @param s request status
+ */
+ public void setRequestStatus(RequestStatus s);
+
+ /**
+ * Gets status of connector transfer.
+ *
+ * @return status of connector transfer
+ */
+ public boolean isSuccess();
+
+ /**
+ * Gets localized error message from connector transfer.
+ *
+ * @param locale request locale
+ * @return error message from connector transfer
+ */
+ public String getError(Locale locale);
+
+
+ /**************************************************************
+ * ExtData data methods:
+ *
+ * These methods should be used in place of the mAttrData methods
+ * deprecated above.
+ *
+ * These methods all store Strings in LDAP. This means they can no longer
+ * be used as a garbage dump for all sorts of objects. A limited number
+ * of helper methods are provided for Vectors/Arrays/Hashtables but the
+ * keys and values for all of these should be Strings.
+ *
+ * The keys are used in the LDAP attribute names, and so much obey LDAP
+ * key syntax rules: A-Za-z0-9 and hyphen.
+ */
+
+ /**
+ * Sets an Extended Data string-key string-value pair.
+ * All keys are lower cased because LDAP does not preserve case.
+ *
+ * @param key The extended data key
+ * @param value The extended data value
+ * @return false if key is invalid.
+ */
+ public boolean setExtData(String key, String value);
+
+ /**
+ * Sets an Extended Data string-key string-value pair.
+ * The key and hashtable keys are all lowercased because LDAP does not
+ * preserve case.
+ *
+ * @param key The extended data key
+ * @param value The extended data value
+ * the Hashtable contains an illegal key.
+ * @return false if the key or hashtable keys are invalid
+ */
+ public boolean setExtData(String key, Hashtable value);
+
+ /**
+ * Checks whether the key is storing a simple String value, or a complex
+ * (Vector/hashtable) structure.
+ * @param key The key to check for.
+ * @return True if the key maps to a string. False if it maps to a
+ * hashtable.
+ */
+ public boolean isSimpleExtDataValue(String key);
+
+ /**
+ * Returns the String value stored for the String key. Returns null
+ * if not found. Throws exception if key stores a complex data structure
+ * (Vector/Hashtable).
+ * @param key The key to lookup (case-insensitive)
+ * @return The value associated with the key. null if not found or if the
+ * key is associated with a non-string value.
+ */
+ public String getExtDataInString(String key);
+
+ /**
+ * Returns the Hashtable value for the String key. Returns null if not
+ * found. Throws exception if the key stores a String value.
+ *
+ * The Hashtable returned is actually a subclass of Hashtable that
+ * lowercases all keys used to access the hashtable. Its purpose is to
+ * to make lookups seemless, but be aware it is not a normal hashtable and
+ * might behave strangely in some cases (e.g., iterating keys)
+ *
+ * @param key The key to lookup (case-insensitive)
+ * @return The hashtable value associated with the key. null if not found
+ * or if the key is associated with a string-value.
+ */
+ public Hashtable getExtDataInHashtable(String key);
+
+ /**
+ * Returns all the keys stored in ExtData
+ * @return Enumeration of all the keys.
+ */
+ public Enumeration getExtDataKeys();
+
+ /**
+ * Stores an array of Strings in ExtData.
+ * The indices of the array are used as subkeys.
+ * @param key the ExtData key
+ * @param values the array of string values to store
+ * @return False if the key is invalid
+ */
+ public boolean setExtData(String key, String[] values);
+
+ /**
+ * Retrieves an array of Strings stored with the key.
+ * This only works if the data was stored as an array. If the data
+ * is not correct, this method will return null.
+ * @param key The ExtData key
+ * @return The value. Null if not found or the data isn't an array.
+ */
+ public String[] getExtDataInStringArray(String key);
+
+ /**
+ * Removes the value of an extdata attribute.
+ *
+ * @param type key to delete
+ */
+ void deleteExtData(String type);
+
+ /*****************************
+ * Helper methods for ExtData
+ ****************************/
+
+ /**
+ * Helper method to add subkey/value pair to a ExtData hashtable.
+ * If the hashtable it exists, the subkey/value are added to it. Otherwise
+ * a new hashtable is created.
+ *
+ * The key and subkey are lowercased because LDAP does not preserve case.
+ *
+ * @param key The top level key
+ * @param subkey The hashtable data key
+ * @param value The hashtable value
+ * @return False if the key or subkey are invalid
+ */
+ public boolean setExtData(String key, String subkey, String value);
+
+ /**
+ * Helper method to retrieve an individual value from a Hashtable value.
+ * @param key the ExtData key
+ * @param subkey the key in the Hashtable value (case insensitive)
+ * @return the value corresponding to the key/subkey
+ */
+ public String getExtDataInString(String key, String subkey);
+
+ /**
+ * Helper method to store an Integer value. It converts the integer value
+ * to a String and stores it.
+ *
+ * @param key the ExtData key
+ * @param value the Integer to store (as a String)
+ * @return False if the key or value are invalid
+ */
+ public boolean setExtData(String key, Integer value);
+
+ /**
+ * Retrieves an integer value. Returns null if not found or
+ * the value can't be represented as an Integer.
+ *
+ * @param key The ExtData key to lookup
+ * @return The integer value or null if not possible.
+ */
+ public Integer getExtDataInInteger(String key);
+
+ /**
+ * Stores an array of Integers
+ * @param key The extdata key
+ * @param values The array of Integers to store
+ * @return false if the key is invalid
+ */
+ public boolean setExtData(String key, Integer[] values);
+
+ /**
+ * Retrieves an array of Integers
+ * @param key The extdata key
+ * @return The array of Integers or null on error.
+ */
+ public Integer[] getExtDataInIntegerArray(String key);
+
+ /**
+ * Helper method to store a BigInteger value. It converts the integer value
+ * to a String and stores it.
+ *
+ * @param key the ExtData key
+ * @param value the BigInteger to store (as a String)
+ * @return False if the key or value are invalid
+ */
+ public boolean setExtData(String key, BigInteger value);
+
+ /**
+ * Retrieves a BigInteger value. Returns null if not found or
+ * the value can't be represented as a BigInteger.
+ *
+ * @param key The ExtData key to lookup
+ * @return The integer value or null if not possible.
+ */
+ public BigInteger getExtDataInBigInteger(String key);
+
+ /**
+ * Stores an array of BigIntegers
+ * @param key The extdata key
+ * @param values The array of BigIntegers to store
+ * @return false if the key is invalid
+ */
+ public boolean setExtData(String key, BigInteger[] values);
+
+ /**
+ * Retrieves an array of BigIntegers
+ * @param key The extdata key
+ * @return The array of BigIntegers or null on error.
+ */
+ public BigInteger[] getExtDataInBigIntegerArray(String key);
+
+ /**
+ * Helper method to store an exception.
+ * It actually stores the e.toString() value.
+ *
+ * @param key The ExtData key to store under
+ * @param e The throwable to store
+ * @return False if the key is invalid.
+ */
+ public boolean setExtData(String key, Throwable e);
+
+ /**
+ * Stores a byte array as base64 encoded text
+ * @param key The ExtData key
+ * @param data The byte array to store
+ * @return False if the key is invalid.
+ */
+ public boolean setExtData(String key, byte[] data);
+
+ /**
+ * Retrieves the data, which should be base64 encoded as a byte array.
+ * @param key The ExtData key
+ * @return The data, or null if an error occurs.
+ */
+ public byte[] getExtDataInByteArray(String key);
+
+ /**
+ * Stores a X509CertImpl as base64 encoded text using the getEncode()
+ * method.
+ * @param key The ExtData key
+ * @param data certificate
+ * @return False if the key is invalid.
+ */
+ public boolean setExtData(String key, X509CertImpl data);
+
+ /**
+ * Retrieves the data, which should be base64 encoded as a byte array.
+ * @param key The ExtData key
+ * @return The data, or null if an error occurs.
+ */
+ public X509CertImpl getExtDataInCert(String key);
+
+ /**
+ * Stores an array of X509CertImpls as a base64 encoded text.
+ * @param key The ExtData key
+ * @param data The array of certs to store
+ * @return False if the key or data is invalid.
+ */
+ public boolean setExtData(String key, X509CertImpl[] data);
+
+ /**
+ * Retrieves an array of X509CertImpl.
+ * @param key The ExtData key
+ * @return Array of certs, or null if not found or invalid data.
+ */
+ public X509CertImpl[] getExtDataInCertArray(String key);
+
+ /**
+ * Stores a X509CertInfo as base64 encoded text using the getEncodedInfo()
+ * method.
+ * @param key The ExtData key
+ * @param data certificate
+ * @return False if the key is invalid.
+ */
+ public boolean setExtData(String key, X509CertInfo data);
+
+ /**
+ * Retrieves the data, which should be base64 encoded as a byte array.
+ * @param key The ExtData key
+ * @return The data, or null if an error occurs.
+ */
+ public X509CertInfo getExtDataInCertInfo(String key);
+
+ /**
+ * Stores an array of X509CertInfos as a base64 encoded text.
+ * @param key The ExtData key
+ * @param data The array of cert infos to store
+ * @return False if the key or data is invalid.
+ */
+ public boolean setExtData(String key, X509CertInfo[] data);
+
+ /**
+ * Retrieves an array of X509CertInfo.
+ * @param key The ExtData key
+ * @return Array of cert infos, or null if not found or invalid data.
+ */
+ public X509CertInfo[] getExtDataInCertInfoArray(String key);
+
+ /**
+ * Stores an array of RevokedCertImpls as a base64 encoded text.
+ * @param key The ExtData key
+ * @param data The array of cert infos to store
+ * @return False if the key or data is invalid.
+ */
+ public boolean setExtData(String key, RevokedCertImpl[] data);
+
+ /**
+ * Retrieves an array of RevokedCertImpl.
+ * @param key The ExtData key
+ * @return Array of cert infos, or null if not found or invalid data.
+ */
+ public RevokedCertImpl[] getExtDataInRevokedCertArray(String key);
+
+ /**
+ * Stores the contents of the String Vector in ExtData.
+ * TODO - as soon as we're allowed to use JDK5 this should be changed
+ * to use Vector<String> data.
+ *
+ * Note that modifications to the Vector are not automatically reflected
+ * after it is stored. You must call set() again to make the changes.
+ *
+ * @param key The extdata key to store
+ * @param data A vector of Strings to store
+ * @return False on key error or invalid data.
+ */
+ public boolean setExtData(String key, Vector data);
+
+ /**
+ * Returns a vector of strings for the key.
+ * Note that the returned vector, if modified, does not make changes
+ * in ExtData. You must call setExtData() to propogate changes back
+ * into ExtData.
+ *
+ * @param key The extdata key
+ * @return A Vector of strings, or null on error.
+ */
+ public Vector getExtDataInStringVector(String key);
+
+ /**
+ * Gets boolean value for given type or default value
+ * if attribute is absent.
+ *
+ * @param type attribute type
+ * @param defVal default attribute value
+ * @return attribute value
+ */
+ boolean getExtDataInBoolean(String type, boolean defVal);
+
+
+ /**
+ * Gets extdata boolean value for given type or default value
+ * if attribute is absent for this request with this prefix.
+ *
+ * @param prefix request prefix
+ * @param type attribute type
+ * @param defVal default attribute value
+ * @return attribute value
+ */
+ public boolean getExtDataInBoolean(String prefix, String type, boolean defVal);
+
+
+ /**
+ * Stores an AuthToken the same as a Hashtable.
+ * @param key The ExtData key
+ * @param data The authtoken to store
+ * @return False if the key or data is invalid.
+ */
+ public boolean setExtData(String key, IAuthToken data);
+
+ /**
+ * Retrieves an authtoken.
+ * @param key The ExtData key
+ * @return AuthToken, or null if not found or invalid data.
+ */
+ public IAuthToken getExtDataInAuthToken(String key);
+
+ /**
+ * Stores a CertificateExtensions in extdata.
+ * @param key The ExtData key
+ * @param data The CertificateExtensions to store
+ * @return False if the key or data is invalid.
+ */
+ public boolean setExtData(String key, CertificateExtensions data);
+
+ /**
+ * Retrieves the CertificateExtensions associated with the key.
+ * @param key The ExtData key
+ * @return the object, or null if not found or invalid data.
+ */
+ public CertificateExtensions getExtDataInCertExts(String key);
+
+ /**
+ * Stores a CertificateSubjectName in extdata.
+ * @param key The ExtData key
+ * @param data The CertificateSubjectName to store
+ * @return False if the key or data is invalid.
+ */
+ public boolean setExtData(String key, CertificateSubjectName data);
+
+ /**
+ * Retrieves the CertificateSubjectName associated with the key.
+ * @param key The ExtData key
+ * @return the object, or null if not found or invalid data.
+ */
+ public CertificateSubjectName getExtDataInCertSubjectName(String key);
+
+ /**
+ * This method returns an IAttrSet wrapper for the IRequest.
+ * Use of this method is strongly discouraged. It provides extremely
+ * limited functionality, and is only provided for the two places IRequest
+ * is being used as such in the code. If you are considering using this
+ * method, please don't.
+ *
+ * @return IAttrSet wrapper with basic "get" functionality.
+ * @deprecated
+ */
+ public IAttrSet asIAttrSet();
+
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestList.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestList.java
new file mode 100644
index 000000000..a01ceb8cd
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestList.java
@@ -0,0 +1,58 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+import java.util.Enumeration;
+
+
+/**
+ * An interface providing a list of RequestIds that match
+ * some criteria. It could be a list of all elements in a
+ * queue, or just some defined sub-set.
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IRequestList
+ extends Enumeration {
+
+ /**
+ * Gets the next RequestId from this list. null is
+ * returned when there are no more elements in the list.
+ * <p>
+ * Callers should be sure there is another element in the
+ * list by calling hasMoreElements first.
+ * <p>
+ * @return next request id
+ */
+ RequestId nextRequestId();
+
+ /**
+ * Gets next request from the list.
+ *
+ * @return next request
+ */
+ public Object nextRequest();
+
+ /**
+ * Gets next request Object from the list.
+ *
+ * @return next request
+ */
+ public IRequest nextRequestObject();
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestListener.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestListener.java
new file mode 100644
index 000000000..29adf3a0f
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestListener.java
@@ -0,0 +1,55 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+import com.netscape.certsrv.base.*;
+import com.netscape.certsrv.request.*;
+
+
+/**
+ * An interface that defines abilities of request listener,
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IRequestListener {
+
+ /**
+ * Initializes request listener for the specific subsystem
+ * and configuration store.
+ *
+ * @param sub subsystem
+ * @param config configuration store
+ */
+ public void init(ISubsystem sub, IConfigStore config) throws EBaseException;
+
+ /**
+ * Accepts request.
+ *
+ * @param request request
+ */
+ public void accept(IRequest request);
+
+ /**
+ * Sets attribute.
+ *
+ * @param name attribute name
+ * @param val attribute value
+ */
+ public void set(String name, String val);
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java
new file mode 100644
index 000000000..7cf31557f
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestNotifier.java
@@ -0,0 +1,133 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+import java.util.*;
+import com.netscape.certsrv.request.*;
+
+
+/**
+ * IRequestNotifier interface defines methods to register listeners,
+ *
+ * @version $Revision$, $Date$
+ */
+public interface IRequestNotifier extends INotify {
+
+ /**
+ * Registers a request listener.
+ *
+ * @param listener listener to be registered
+ */
+ public void registerListener(IRequestListener listener);
+
+ /**
+ * Registers a request listener.
+ *
+ * @param name listener name
+ * @param listener listener to be registered
+ */
+ public void registerListener(String name, IRequestListener listener);
+
+ /**
+ * Removes listener from the list of registered listeners.
+ *
+ * @param listener listener to be removed from the list
+ */
+ public void removeListener(IRequestListener listener);
+
+ /**
+ * Removes listener from the list of registered listeners.
+ *
+ * @param name listener name to be removed from the list
+ */
+ public void removeListener(String name);
+
+ /**
+ * Gets list of listener names.
+ *
+ * @return enumeration of listener names
+ */
+ public Enumeration getListenerNames();
+
+ /**
+ * Gets listener from the list of registered listeners.
+ *
+ * @param name listener name
+ * @return listener
+ */
+ public IRequestListener getListener(String name);
+
+ /**
+ * Gets list of listeners.
+ *
+ * @return enumeration of listeners
+ */
+ public Enumeration getListeners();
+
+ /**
+ * Gets request from publishing queue.
+ *
+ * @return request
+ */
+ public IRequest getRequest();
+
+ /**
+ * Gets number of requests in publishing queue.
+ *
+ * @return number of requests in publishing queue
+ */
+ public int getNumberOfRequests();
+
+ /**
+ * Checks if publishing queue is enabled.
+ *
+ * @return true if publishing queue is enabled, false otherwise
+ */
+ public boolean isPublishingQueueEnabled();
+
+ /**
+ * Removes a notifier thread from the pool of publishing queue threads.
+ *
+ * @param notifierThread Thread
+ */
+ public void removeNotifierThread(Thread notifierThread);
+
+ /**
+ * Notifies all registered listeners about request.
+ *
+ * @param r request
+ */
+ public void addToNotify(IRequest r);
+
+ /**
+ * Sets publishing queue parameters.
+ *
+ * @param isPublishingQueueEnabled publishing queue switch
+ * @param publishingQueuePriorityLevel publishing queue priority level
+ * @param maxNumberOfPublishingThreads maximum number of publishing threads
+ * @param publishingQueuePageSize publishing queue page size
+ */
+ public void setPublishingQueue (boolean isPublishingQueueEnabled,
+ int publishingQueuePriorityLevel,
+ int maxNumberOfPublishingThreads,
+ int publishingQueuePageSize,
+ int savePublishingStatus);
+
+ public void updatePublishingStatus(String id);
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java
new file mode 100644
index 000000000..9b2edf9b4
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestQueue.java
@@ -0,0 +1,414 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+import java.math.*;
+import java.util.Enumeration;
+import com.netscape.certsrv.dbs.repository.IRepository;
+
+import com.netscape.certsrv.base.EBaseException;
+
+
+/**
+ * The IRequestQueue interface defines the operations on
+ * a collection of requests within the certificate server.
+ * There are may several collections, such as KRA, RA and CA
+ * requests. Each of these request collection has a defined
+ * set of policies, a notification service (for request
+ * completion) and a service routine. The request queue
+ * provides an interface for creating and viewing requests,
+ * as well as performing operations on them.
+ * <p>
+ * @version $Revision$ $Date$
+ */
+public interface IRequestQueue {
+
+ /**
+ * Creates a new request object. A request id is
+ * assigned to it - see IRequest.getRequestId, and
+ * the status is set to RequestStatus.BEGIN
+ * <p>
+ * The request is LOCKED. The caller MUST release the
+ * request object by calling releaseRequest().
+ * <p>
+ * TODO: provide other required values (such as type
+ * and sourceId)
+ *
+ * @param requestType request type
+ * @return new request
+ * @exception EBaseException failed to create new request
+ */
+ public IRequest newRequest(String requestType)
+ throws EBaseException;
+
+ /**
+ * Clones a request object. A new request id is assigned
+ * and all attributes of the request is copied to cloned request,
+ * except for the sourceID of the original request
+ * (remote authority's request Id).
+ * <p>
+ * The cloned request that is returned is LOCKED. The caller MUST
+ * release the request object by calling releaseRequest().
+ *
+ * @param r request to be cloned
+ * @return cloned request
+ * @exception EBaseException failed to clone request
+ */
+ public IRequest cloneRequest(IRequest r)
+ throws EBaseException;
+
+ /**
+ * Gets the Request corresponding to id.
+ * Returns null if the id does not correspond
+ * to a valid request id.
+ * <p>
+ * Errors may be generated for other conditions.
+ *
+ * @param id request id
+ * @return found request
+ * @exception EBaseException failed to access request queue
+ */
+ public IRequest findRequest(RequestId id)
+ throws EBaseException;
+
+ /**
+ * Begins processing for this request. This call
+ * is valid only on requests with status BEGIN
+ * An error is generated for other cases.
+ *
+ * @param req request to be processed
+ * @exception EBaseException failed to process request
+ */
+ public void processRequest(IRequest req)
+ throws EBaseException;
+
+ /**
+ * Sets request scheduler.
+ *
+ * @param scheduler request scheduler
+ */
+ public void setRequestScheduler(IRequestScheduler scheduler);
+
+ /**
+ * Gets request scheduler.
+ *
+ * @return request scheduler
+ */
+ public IRequestScheduler getRequestScheduler();
+
+ /**
+ * Puts a new request into the PENDING state. This call is
+ * only valid for requests with status BEGIN. An error is
+ * generated for other cases.
+ * <p>
+ * This call might be used by agent servlets that want to
+ * copy a previous request, and resubmit it. By putting it
+ * into PENDING state, the normal agent screens can be used
+ * for further processing.
+ *
+ * @param req
+ * the request to mark PENDING
+ * @exception EBaseException failed to mark request as pending
+ */
+ public void markRequestPending(IRequest req)
+ throws EBaseException;
+
+ /**
+ * Clones a request object and mark it pending. A new request id is assigned
+ * and all attributes of the request is copied to cloned request,
+ * except for the sourceID of the original request
+ * (remote authority's request Id).
+ * <p>
+ * The cloned request that is returned is LOCKED. The caller MUST
+ * release the request object by calling releaseRequest().
+ *
+ * @param r request to be cloned
+ * @return cloned request mark PENDING
+ * @exception EBaseException failed to clone or mark request
+ */
+ public IRequest cloneAndMarkPending(IRequest r)
+ throws EBaseException;
+
+ /**
+ * Approves a request. The request must be locked.
+ * <p>
+ * This call will fail if:
+ * the request is not in PENDING state
+ * the policy modules do not accept the request
+ * <p>
+ * If the policy modules reject the request, then the request
+ * will remain in the PENDING state. Messages from the policy
+ * module can be display to the agent to indicate the source
+ * of the problem.
+ * <p>
+ * The request processing code adds an AgentApproval to this
+ * request that contains the authentication id of the agent. This
+ * data is retrieved from the Session object (qv).
+ *
+ * @param request
+ * the request that is being approved
+ * @exception EBaseException failed to approve request
+ */
+ public void approveRequest(IRequest request)
+ throws EBaseException;
+
+ /**
+ * Rejects a request. The request must be locked.
+ * <p>
+ * This call will fail if:
+ * the request is not in PENDING state
+ * <p>
+ * The agent servlet (or other application) may wish to store
+ * AgentMessage values to indicate the reason for the action
+ *
+ * @param request
+ * the request that is being rejected
+ * @exception EBaseException failed to reject request
+ */
+ public void rejectRequest(IRequest request)
+ throws EBaseException;
+
+ /**
+ * Cancels a request. The request must be locked.
+ * <p>
+ * This call will fail if:
+ * the request is not in PENDING state
+ * <p>
+ * The agent servlet (or other application) may wish to store
+ * AgentMessage values to indicate the reason for the action
+ *
+ * @param request
+ * the request that is being canceled
+ * @exception EBaseException failed to cancel request
+ */
+ public void cancelRequest(IRequest request)
+ throws EBaseException;
+
+ /**
+ * Updates the request in the permanent data store.
+ * <p>
+ * This call can be made after changing a value like source
+ * id or owner, to force the new value to be written.
+ * <p>
+ * The request must be locked to make this call.
+ *
+ * @param request
+ * the request that is being updated
+ * @exception EBaseException failed to update request
+ */
+ public void updateRequest(IRequest request)
+ throws EBaseException;
+
+ /**
+ * Returns an enumerator that lists all RequestIds in the
+ * queue. The caller should use the RequestIds to locate
+ * each request by calling findRequest().
+ * <p>
+ * NOTE: This interface will not be useful for large databases.
+ * This needs to be replace by a VLV (paged) search object.
+ *
+ * @return request list
+ */
+ public IRequestList listRequests();
+
+ /**
+ * Returns an enumerator that lists all RequestIds for requests
+ * that are in the given status. For example, all the PENDING
+ * requests could be listed by specifying RequestStatus.PENDING
+ * as the <i>status</i> argument
+ * <p>
+ * NOTE: This interface will not be useful for large databases.
+ * This needs to be replace by a VLV (paged) search object.
+ *
+ * @param status request status
+ * @return request list
+ */
+ public IRequestList listRequestsByStatus(RequestStatus status);
+
+ /**
+ * Returns an enumerator that lists all RequestIds for requests
+ * that match the filter.
+ * <p>
+ * NOTE: This interface will not be useful for large databases.
+ * This needs to be replace by a VLV (paged) search object.
+ *
+ * @param filter search filter
+ * @return request list
+ */
+ public IRequestList listRequestsByFilter(String filter);
+
+ /**
+ * Returns an enumerator that lists all RequestIds for requests
+ * that match the filter.
+ * <p>
+ * NOTE: This interface will not be useful for large databases.
+ * This needs to be replace by a VLV (paged) search object.
+ *
+ * @param filter search filter
+ * @param maxSize max size to return
+ * @return request list
+ */
+ public IRequestList listRequestsByFilter(String filter, int maxSize);
+
+ /**
+ * Returns an enumerator that lists all RequestIds for requests
+ * that match the filter.
+ * <p>
+ * NOTE: This interface will not be useful for large databases.
+ * This needs to be replace by a VLV (paged) search object.
+ *
+ * @param filter search filter
+ * @param maxSize max size to return
+ * @param timeLimit timeout value for the search
+ * @return request list
+ */
+ public IRequestList listRequestsByFilter(String filter, int maxSize, int timeLimit);
+
+ /**
+ * Gets requests that are pending on handling by the service
+ * <p>
+ * @return list of pending requests
+ */
+ // public IRequestList listServicePendingRequests();
+
+ /**
+ * Locates a request from the SourceId.
+ *
+ * @param id
+ * a unique identifier for the record that is based on the source
+ * of the request, and possibly an identify assigned by the source.
+ * @return
+ * The requestid corresponding to this source id. null is
+ * returned if the source id does not exist.
+ */
+ public RequestId findRequestBySourceId(String id);
+
+ /**
+ * Locates all requests with a particular SourceId.
+ * <p>
+ * @param id
+ * an identifier for the record that is based on the source
+ * of the request
+ * @return
+ * A list of requests corresponding to this source id. null is
+ * returned if the source id does not exist.
+ */
+ public IRequestList findRequestsBySourceId(String id);
+
+ /**
+ * Releases the LOCK on a request obtained from findRequest() or
+ * newRequest()
+ * <p>
+ * @param r request
+ */
+ public void releaseRequest(IRequest r);
+
+ /**
+ * Marks as serviced after destination authority has serviced request.
+ * Used by connector.
+ *
+ * @param r request
+ */
+ public void markAsServiced(IRequest r);
+
+ /**
+ * Resends requests
+ */
+ public void recover();
+
+ /**
+ * Gets a pageable list of IRequest entries in this queue.
+ *
+ * @param pageSize page size
+ * @return request list
+ */
+ public IRequestVirtualList getPagedRequests(int pageSize);
+
+ /**
+ * Gets a pageable list of IRequest entries in this queue.
+ *
+ * @param filter search filter
+ * @param pageSize page size
+ * @param sortKey the attributes to sort by
+ * @return request list
+ */
+ public IRequestVirtualList getPagedRequestsByFilter(String filter,
+ int pageSize,
+ String sortKey);
+ /**
+ * Gets a pageable list of IRequest entries in this queue.
+ *
+ * @param fromId request id to start with
+ * @param filter search filter
+ * @param pageSize page size
+ * @param sortKey the attributes to sort by
+ * @return request list
+ */
+ public IRequestVirtualList getPagedRequestsByFilter(RequestId fromId,
+ String filter,
+ int pageSize,
+ String sortKey);
+
+ /**
+ * Gets a pageable list of IRequest entries in this queue. This
+ * jumps right to the end of the list
+ *
+ * @param fromId request id to start with
+ * @param jumpToEnd jump to end of list (set fromId to null)
+ * @param filter search filter
+ * @param pageSize page size
+ * @param sortKey the attributes to sort by
+ * @return request list
+ */
+ public IRequestVirtualList getPagedRequestsByFilter(RequestId fromId,
+ boolean jumpToEnd, String filter,
+ int pageSize,
+ String sortKey);
+
+
+ /**
+ * Retrieves the notifier for pending request.
+ *
+ * @return notifier for pending request
+ */
+ public INotify getPendingNotify();
+
+
+ public BigInteger getLastRequestIdInRange(BigInteger reqId_low_bound, BigInteger reqId_upper_bound);
+
+ /**
+ * Resets serial number.
+ */
+ public void resetSerialNumber(BigInteger serial) throws EBaseException;
+
+ /**
+ * Removes all objects with this repository.
+ */
+ public void removeAllObjects() throws EBaseException;
+
+ /**
+ * Gets request repository.
+ *
+ * @return request repository
+ */
+ public IRepository getRequestRepository();
+
+ public String getPublishingStatus();
+
+ public void setPublishingStatus(String status);
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestRecord.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestRecord.java
new file mode 100644
index 000000000..a04c6b342
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestRecord.java
@@ -0,0 +1,113 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+import java.util.Enumeration;
+import com.netscape.certsrv.base.EBaseException;
+import com.netscape.certsrv.dbs.IDBObj;
+import com.netscape.certsrv.request.RequestId;
+
+
+/**
+ * A request record is the stored version of a request.
+ * It has a set of attributes that are mapped into LDAP
+ * attributes for actual directory operations.
+ * <p>
+ * @version $Revision$ $Date$
+ */
+public interface IRequestRecord
+ extends IDBObj {
+ //
+ // The names of the attributes stored in this record
+ //
+
+ // RequestId - identifies the record
+ public final static String ATTR_REQUEST_ID = "requestId";
+
+ // RequestStatus - indicates the current state
+ public final static String ATTR_REQUEST_STATE = "requestState";
+
+ // CreateTime - indicates the current state
+ public final static String ATTR_CREATE_TIME = "requestCreateTime";
+
+ // ModifyTime - indicates the current state
+ public final static String ATTR_MODIFY_TIME = "requestModifyTime";
+
+ // SourceId - indicates the current state
+ public final static String ATTR_SOURCE_ID = "requestSourceId";
+
+ // SourceId - indicates the current state
+ public final static String ATTR_REQUEST_OWNER = "requestOwner";
+
+ public final static String ATTR_REQUEST_TYPE = "requestType";
+
+ // Placeholder for ExtAttr data. this attribute is not in LDAP, but
+ // is used to trigger the ExtAttrDynMapper during conversion between LDAP
+ // and the RequestRecord.
+ public final static String ATTR_EXT_DATA = "requestExtData";
+
+ /**
+ * Gets the request id.
+ *
+ * @return request id
+ */
+ public RequestId getRequestId();
+
+ /**
+ * Gets attribute names of the request.
+ *
+ * @return list of attribute names
+ */
+ public Enumeration getAttrNames();
+
+ /**
+ * Gets the request attribute value by the name.
+ *
+ * @param name attribute name
+ * @return attribute value
+ */
+ public Object get(String name);
+
+ /**
+ * Sets new attribute for the request.
+ *
+ * @param name attribute name
+ * @param o attribute value
+ */
+ public void set(String name, Object o);
+
+ /**
+ * Removes attribute from the request.
+ *
+ * @param name attribute name
+ */
+ public void delete(String name)
+ throws EBaseException;
+
+ /**
+ * Gets attribute list of the request.
+ *
+ * @return attribute list
+ */
+ public Enumeration getElements();
+
+ // IDBObj.getSerializableAttrNames
+ //public Enumeration getSerializableAttrNames();
+
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java
new file mode 100644
index 000000000..ecb2e0fa3
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestScheduler.java
@@ -0,0 +1,53 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+//import java.io.Serializable;
+
+import java.util.Date;
+import java.util.Enumeration;
+
+import com.netscape.certsrv.base.EBaseException;
+import com.netscape.certsrv.base.IAttrSet;
+
+
+/**
+ * This is an interface to a request scheduler that prioritizes
+ * the threads based on the request processing order.
+ * The request that enters the request queue first should
+ * be processed first.
+ *
+ * @version $Revision$ $Date$
+ */
+public interface IRequestScheduler {
+
+ /**
+ * Request entered the request queue processing.
+ *
+ * @param r request
+ */
+ public void requestIn(IRequest r);
+
+ /**
+ * Request exited the request queue processing.
+ *
+ * @param r request
+ */
+ public void requestOut(IRequest r);
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java
new file mode 100644
index 000000000..c32c66985
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestSubsystem.java
@@ -0,0 +1,105 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+import com.netscape.certsrv.base.EBaseException;
+
+
+/**
+ * This interface defines storage of request objects
+ * in the local database.
+ * <p>
+ * @version $Revision$, $Date$
+ */
+public interface IRequestSubsystem {
+ public static final String SUB_ID = "request";
+
+ /**
+ * Creates a new request queue.
+ * (Currently unimplemented. Just use getRequestQueue to create
+ * an in-memory queue.)
+ * <p>
+ * @param name The name of the queue object. This name can be used
+ * in getRequestQueue to retrieve the queue later.
+ * @exception EBaseException failed to create request queue
+ */
+ public void createRequestQueue(String name)
+ throws EBaseException;
+
+ /**
+ * Retrieves a request queue. This operation should only be done
+ * once on each queue. For example, the RA subsystem should retrieve
+ * its queue, and store it somewhere for use by related services, and
+ * servlets.
+ * <p>
+ * WARNING: retrieving the same queue twice with result in multi-thread
+ * race conditions.
+ * <p>
+ * @param name
+ * the name of the request queue. (Ex: "ca" "ra")
+ * @param p
+ * A policy enforcement module. This object is called to make
+ * adjustments to the request, and decide whether it needs agent
+ * approval.
+ * @param s
+ * The service object. This object actually performs the request
+ * after it is finalized and approved.
+ * @param n
+ * A notifier object (optional). The notify() method of this object
+ * is invoked when the request is completed (COMPLETE, REJECTED or
+ * CANCELED states).
+ * @exception EBaseException failed to retrieve request queue
+ */
+ public IRequestQueue
+ getRequestQueue(String name, int increment, IPolicy p, IService s, INotify n)
+ throws EBaseException;
+
+ /**
+ * Retrieves a request queue. This operation should only be done
+ * once on each queue. For example, the RA subsystem should retrieve
+ * its queue, and store it somewhere for use by related services, and
+ * servlets.
+ * <p>
+ * WARNING: retrieving the same queue twice with result in multi-thread
+ * race conditions.
+ * <p>
+ * @param name
+ * the name of the request queue. (Ex: "ca" "ra")
+ * @param p
+ * A policy enforcement module. This object is called to make
+ * adjustments to the request, and decide whether it needs agent
+ * approval.
+ * @param s
+ * The service object. This object actually performs the request
+ * after it is finalized and approved.
+ * @param n
+ * A notifier object (optional). The notify() method of this object
+ * is invoked when the request is completed (COMPLETE, REJECTED or
+ * CANCELED states).
+ * @param pendingNotifier
+ * A notifier object (optional). Like the 'n' argument, except the
+ * notification happens if the request is made PENDING. May be the
+ * same as the 'n' argument if desired.
+ * @exception EBaseException failed to retrieve request queue
+ */
+ public IRequestQueue
+ getRequestQueue(String name, int increment, IPolicy p, IService s, INotify n,
+ INotify pendingNotifier)
+ throws EBaseException;
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java b/pki/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java
new file mode 100644
index 000000000..4d877a775
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IRequestVirtualList.java
@@ -0,0 +1,50 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+/**
+ * This interface defines access to request virtual list.
+ * <p>
+ * @version $Revision$, $Date$
+ */
+public interface IRequestVirtualList {
+
+ /**
+ * Gets the total size of the result set. Elements of the
+ * list are numbered from 0..(size-1)
+ *
+ * @return size of the result set
+ */
+ int getSize();
+
+ /**
+ * Gets the element at the specified index
+ *
+ * @param index index of the element
+ * @return specified request
+ */
+ IRequest getElementAt(int index);
+
+ /**
+ * Gets the current index
+ *
+ * @return current index
+ */
+ int getCurrentIndex();
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/IService.java b/pki/base/common/src/com/netscape/certsrv/request/IService.java
new file mode 100644
index 000000000..aeaf757a6
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/IService.java
@@ -0,0 +1,48 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+import com.netscape.certsrv.base.EBaseException;
+
+
+/**
+ * This interface defines how requests are serviced.
+ * This covers certificate generation, revocation, renewals,
+ * revocation checking, and much more.
+ * <p>
+ * @version $Revision$, $Date$
+ */
+public interface IService {
+
+ /**
+ * Performs the service (such as certificate generation)
+ * represented by this request.
+ * <p>
+ * @param request
+ * The request that needs service. The service may use
+ * attributes stored in the request, and may update the
+ * values, or store new ones.
+ * @return
+ * an indication of whether this request is still pending.
+ * 'false' means the request will wait for further notification.
+ * @exception EBaseException indicates major processing failure.
+ */
+ boolean serviceRequest(IRequest request)
+ throws EBaseException;
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/PolicyMessage.java b/pki/base/common/src/com/netscape/certsrv/request/PolicyMessage.java
new file mode 100644
index 000000000..6c750903d
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/PolicyMessage.java
@@ -0,0 +1,41 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+import com.netscape.certsrv.base.EBaseException;
+
+
+/**
+ * A (localizable) message recorded by a policy module that describes
+ * the reason for rejecting a request.
+ * <p>
+ * @version $Revision$, $Date$
+ */
+public class PolicyMessage
+ extends EBaseException {
+
+ /**
+ * Class constructor that registers policy message.
+ * <p>
+ * @param message message string
+ */
+ public PolicyMessage(String message) {
+ super(message);
+ }
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/PolicyResult.java b/pki/base/common/src/com/netscape/certsrv/request/PolicyResult.java
new file mode 100644
index 000000000..2750e3d82
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/PolicyResult.java
@@ -0,0 +1,36 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+/**
+ * This class defines results for policy actions.
+ *
+ * @version $Revision$, $Date$
+ */
+public final class PolicyResult {
+ public final static PolicyResult REJECTED = new PolicyResult();
+ public final static PolicyResult DEFERRED = new PolicyResult();
+ public final static PolicyResult ACCEPTED = new PolicyResult();
+
+ /**
+ * Class constructor.
+ */
+ private PolicyResult() {
+ }
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/RequestId.java b/pki/base/common/src/com/netscape/certsrv/request/RequestId.java
new file mode 100644
index 000000000..01bd65d3b
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/RequestId.java
@@ -0,0 +1,72 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+/**
+ * The RequestId class represents the identifier for a particular
+ * request within a request queue. This identifier may be used to
+ * retrieve the request object itself from the request queue.
+ * <p>
+ * @version $Revision$ $Date$
+ */
+public final class RequestId {
+
+ /**
+ * Creates a new RequestId from its string representation.
+ * <p>
+ * @param id
+ * a string containing the decimal (base 10) value for the identifier.
+ */
+ public RequestId(String id) {
+ mString = id;
+ }
+
+ /**
+ * Converts the RequestId into its string representation. The string
+ * form can be stored in a database (such as the LDAP directory)
+ * <p>
+ * @return
+ * a string containing the decimal (base 10) value for the identifier.
+ */
+ public String toString() {
+ return mString;
+ }
+
+ /**
+ * Implements Object.hashCode.
+ * <p>
+ * @return hash code of the object
+ */
+ public int hashCode() {
+ return mString.hashCode();
+ }
+
+ /**
+ * Implements Object.equals.
+ * <p>
+ * @param obj object to compare
+ * @return true if objects are equal
+ */
+ public boolean equals(Object obj) {
+ return mString.equals(obj);
+ }
+
+ // instance variables
+ private final String mString;
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/RequestStatus.java b/pki/base/common/src/com/netscape/certsrv/request/RequestStatus.java
new file mode 100644
index 000000000..ad3b91e78
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/RequestStatus.java
@@ -0,0 +1,171 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request;
+
+
+/**
+ * The RequestStatus class represents the current state of a request
+ * in a request queue. The state of the request changes as actions
+ * are performed on it.
+ *
+ * The request is created in the BEGIN state, then general progresses
+ * through the PENDING, APPROVED, SVC_PENDING, and COMPLETE states.
+ * Some requests may bypass the PENDING state if no agent action is
+ * required.
+ *
+ * Requests may be CANCELED (not implemented) or REJECTED. These are
+ * error conditions, and usually result because the request was invalid
+ * or was not approved by an agent.
+ *
+ * @version $Revision$ $Date$
+ */
+public final class RequestStatus {
+ public static String BEGIN_STRING = "begin";
+ public static String PENDING_STRING = "pending";
+ public static String APPROVED_STRING = "approved";
+ public static String SVC_PENDING_STRING = "svc_pending";
+ public static String CANCELED_STRING = "canceled";
+ public static String REJECTED_STRING = "rejected";
+ public static String COMPLETE_STRING = "complete";
+
+ /**
+ * The initial state of a request. Requests in this state have not
+ * been review by policy.
+ *
+ * While in this state the source of the request (usually the servlet,
+ * but it could be some other protocol module, such as email)
+ * should populate the request with data need to service it.
+ */
+ public static RequestStatus BEGIN = new RequestStatus(BEGIN_STRING);
+
+ /**
+ * The state of a request that is waiting for action by an agent.
+ * When the agent approves or rejects the request, process will
+ * continue as appropriate.
+ *
+ * In this state there may be PolicyMessages present that indicate
+ * the reason for the pending status.
+ */
+ public static RequestStatus PENDING = new RequestStatus(PENDING_STRING);
+
+ /**
+ * The state of a request that has been approved by an agent, or
+ * automatically by the policy engine, but have not been successfully
+ * transmitted to the service module.
+ *
+ * These requests are resent to the service during the recovery
+ * process that runs at server startup.
+ */
+ public static RequestStatus APPROVED = new RequestStatus(APPROVED_STRING);
+
+ /**
+ * The state of a request that has been sent to the service, but
+ * has not been fully processed. The service will invoke the
+ * serviceComplete() method to cause processing to continue.
+ */
+ public static RequestStatus SVC_PENDING =
+ new RequestStatus(SVC_PENDING_STRING);
+
+ /**
+ * Not implemented. This is intended to be a final state that is
+ * reached when a request is removed from the processing queue without
+ * normal notification occurring. (see REJECTED)
+ */
+ public static RequestStatus CANCELED = new RequestStatus(CANCELED_STRING);
+
+ /**
+ * The state of a request after it is rejected. When a request is
+ * rejected, the notifier is called prior to making the finl status
+ * change.
+ *
+ * Rejected requests may have PolicyMessages indicating the reason for
+ * the rejection, or AgentMessages, which allow the agent to give
+ * reasons for the action.
+ */
+ public static RequestStatus REJECTED = new RequestStatus(REJECTED_STRING);
+
+ /**
+ * The normal final state of a request. The completion status attribute
+ * gives other information about the request. The request is not
+ * necessarily successful, but may indicated that service processing
+ * did not succeed.
+ */
+ public static RequestStatus COMPLETE = new RequestStatus(COMPLETE_STRING);
+
+ /**
+ * Converts a string name for a request status into the
+ * request status enum object.
+ * <p>
+ * @param s
+ * The string representation of the state.
+ * @return
+ * request status
+ */
+ public static RequestStatus fromString(String s) {
+ if (s.equals(BEGIN_STRING)) return BEGIN;
+ if (s.equals(PENDING_STRING)) return PENDING;
+ if (s.equals(APPROVED_STRING)) return APPROVED;
+ if (s.equals(SVC_PENDING_STRING)) return SVC_PENDING;
+ if (s.equals(CANCELED_STRING)) return CANCELED;
+ if (s.equals(REJECTED_STRING)) return REJECTED;
+ if (s.equals(COMPLETE_STRING)) return COMPLETE;
+
+ return null;
+ }
+
+ /**
+ * Returns the string form of the RequestStatus, which may be used
+ * to record the status in a database.
+ *
+ * @return request status
+ */
+ public String toString() {
+ return mString;
+ }
+
+ /**
+ * Class constructor. Creates request status from the string.
+ *
+ * @param string string describing request status
+ */
+ private RequestStatus(String string) {
+ mString = string;
+ }
+
+ private String mString;
+
+ /**
+ * Compares request status with specified string.
+ *
+ * @param string string describing request status
+ */
+ public boolean equals(String string) {
+ if (string.equals(mString)) return true;
+ else return false;
+ }
+
+ /**
+ * Compares current request status with request status.
+ *
+ * @param rs request status
+ */
+ public boolean equals(RequestStatus rs) {
+ if (mString.equals(rs.mString)) return true;
+ else return false;
+ }
+}
diff --git a/pki/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java b/pki/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java
new file mode 100644
index 000000000..17367befd
--- /dev/null
+++ b/pki/base/common/src/com/netscape/certsrv/request/ldap/IRequestMod.java
@@ -0,0 +1,56 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.certsrv.request.ldap;
+
+import java.util.Date;
+
+import com.netscape.certsrv.request.RequestId;
+import com.netscape.certsrv.request.RequestStatus;
+import com.netscape.certsrv.request.IRequest;
+
+/**
+ * This interface defines how to update request record.
+ * <p>
+ * @version $Revision$, $Date$
+ */
+public interface IRequestMod
+{
+ /**
+ * Modifies request status.
+ *
+ * @param r request
+ * @param s request status
+ */
+ void modRequestStatus(IRequest r, RequestStatus s);
+
+ /**
+ * Modifies request creation time.
+ *
+ * @param r request
+ * @param d date
+ */
+ void modCreationTime(IRequest r, Date d);
+
+ /**
+ * Modifies request modification time.
+ *
+ * @param r request
+ * @param d date
+ */
+ void modModificationTime(IRequest r, Date d);
+}
generated by cgit (git 2.34.1) at 2024-04-27 19:18:45 +0000